In Hyperledger Fabric, What is difference between "Org1MSP.member", "Org1MSP.peer", "Org1MSP.admin","Org1MSP.client" in endorsement policy?

Question

We are using Hyperledger fabric to develop an application.

In the endorsement policies, we are seeing multiple options like below

• Org1MSP.member
• Org1MSP.peer
• Org1MSP.client
• Org1MSP.admin.

What is the difference and what benefits it is giving in chaincode endorsement validation?

Also, what is the setting to start the peer's nodes as either

• member
• peer
• client
• admin and where to do that?

Please help us understand.

Answer 1

What is the difference and what benefits it is giving in chaincode endorsement validation?

In your organization you will have roles, and every role will have their privileges. For policy endorsement, there are only 4 types of roles: member, client, peer and admin And the endorsement policy can be:

OR('Org1.admin', AND('Org1.member', 'Org1.member'))

That mean, a chaincode transaction previusly instantiated in the Org1, can be endorsement by one admin or two members of the Org1. In a Fabric Enviorment, you can set wich peers can validated and endorsement transaction, and with the MSP provided by Fabric CA, you set witch role will be have your peer. You can read more about that here.

Also, what is the setting to start the peer's nodes as either member, peer, client, admin and where to do that?

In Fabric CA you can register and enroll new identities in your Org. Every identity has a role and an attributes, for example, you as admin of Amazon.ProgramingDepartment, you can register me and giving me a role and the attributes to enroll new users in the ProgrammingDepartment. This work the same thing for peers, you can enroll new peer identity and give it a role (member, admin, client and peer). You can read more about that here.

I hope I have helped at least a little bit, Hyperledger Fabric has a complex government to give the system the maximum security.