fabric-private-chaincode icon indicating copy to clipboard operation
fabric-private-chaincode copied to clipboard

Published 20 hours ago verified publisher icon hyperledger

Design TLCC API

Open mbrandenburger opened this issue 4 years ago • 0 comments

Description

This work item summaries the new TLCC API exposed to a chaincode enclave based on the recent design diagrams.

New APIs

  • get/validate creator
  • can_endorse (not, though, while essential for key distribution, it is non-essential/nice-to-have only call during enclave creation and is need only once we move beyond designed peer, ie., beyond MVP. note in the UML diagrams, can_endorse is also used by ercc but that doesn't need involving the trusted ledger enclave and probably can be implemented in ercc based straight on the existing lscc).

Besides that, we also have to establish a proper secure channel between ecc and tlcc with corresponding session handling and secure binding of tlcc mrenclave into ecc, verifiable by ercc. See #14 for that.

Link to feature or bug

  • Secure get_creator implementation #357
  • Chaincode enclave / tlcc binding. #14
  • Do TLCC cc2scc calls require reflection in r/w set of transactions? #361

Link to dependent issues

  • Enclave creation and registration #404

mbrandenburger avatar Jul 20 '20 12:07 mbrandenburger