Hyperledger Irohaããã¥ã¡ã³ããŒã·ã§ã³Â¶
ããããïŒ Hyperledger IrohaïŒããã¯ïŒã¯ããã¶ã³ãã³ãã©ãŒã«ããã¬ã©ã³ããªã³ã³ã»ã³ãµã¹ã«é©åããããŒããã·ã§ã³ããŒã¹ã®ãããã¯ãã§ãŒã³ãå®çŸããããšã§ãä¿¡é Œæ§ãé«ããå®å šã§ãé«éãªã¢ããªã±ãŒã·ã§ã³ãäœæããããã®ã·ã³ãã«ãªæ§é ã«èšèšããããããã¯ãã§ãŒã³ãã©ãããã©ãŒã ã§ãã ç¡æã§ãªãŒãã³ãœãŒã¹ã§ãLinuxãMac OSäžã§åäœããããŸããŸãªã¢ãã€ã«çšãšãã¹ã¯ãããçšã©ã€ãã©ãªãå©çšã§ããŸãã
Hyperledger Irohaã®ãœãŒã¹ã³ãŒããšææ°ã®ãªãªãŒã¹ã¯ã`GitHub page <https://github.com/hyperledger/iroha>`_ããããŠã³ããŒãã§ããŸãã
ãã®ããã¥ã¡ã³ããŒã·ã§ã³ã§ã¯ãã€ãããããã¯ãŒã¯ã®ã€ã³ã¹ããŒã«ãå°å ¥ãããã³èµ·åãã¢ããªã±ãŒã·ã§ã³ã®äœææ¹æ³ã説æãããŠããŸãã ãŸããçŸåšã©ã®ãŠãŒã¹ã±ãŒã¹ã·ããªãªãå®çŸå¯èœã§ããã®ãã確èªãããŸãä»åŸã©ã®ãããªãã®ãå®è£ äºå®ãªã®ãã«ã€ããŠã確èªããŸãã
Hyperledger Irohaã¯ãªãŒãã³ãœãŒã¹ãããžã§ã¯ãã§ããããããããžã§ã¯ããžã®å¯ä»ã«é¢ããããšããäœæ¥ããã»ã¹ã«ã€ããŠã説æããŸãã
泚é
å€éšAPIããã¥ã¡ã³ãã®ããå¥åã®ãŠã§ããµã€ã`Iroha API <https://hyperledger.github.io/iroha-api>` _ããããŸãã çŸåšããã®ããã¯ãããžã§ã¯ãã®ããã¥ã¡ã³ããŒã·ã§ã³ã¯ç§»è¡æ®µéã«ãããå°æ¥çã«ã¯RTDïŒRead the DocsïŒã ããç¶æã»æŽæ°ãããããã«ãªã£ãŠããŸãã
ããã¯ã®æŠèŠÂ¶
ããã¯ã®äž»ãªç¹é·ã¯äœã§ããïŒÂ¶
- ç°¡åãªå°å ¥ãšã¡ã³ããã³ã¹
- éçºè åãã®ããŸããŸãªã©ã€ãã©ãª
- 圹å²ã«åºã¥ããã¢ã¯ã»ã¹å¶é
- ã³ãã³ããšã¯ãšãªã®åé¢ã«ãã£ãŠè¡ãããã¢ãžã¥ãŒã«åèšèš
- è³ç£ãšã¢ã€ãã³ãã£ãã£ç®¡ç
å質ã¢ãã«ã§ç§ãã¡ã¯ä»¥äžã®ç¹ã«éç¹ã眮ããŠããŸãïŒ
- ä¿¡é Œæ§ïŒèé害æ§ãå埩æ§ïŒ
- ããã©ãŒãã³ã¹å¹çïŒãšãããæéæåãšãªãœãŒã¹ã®äœ¿çšå¹çïŒ
- ãŠãŒã¶ããªãã£ïŒåŠç¿å¯èœæ§ããŠãŒã¶ãŒã»ãšã©ãŒä¿è·ã劥åœæ§ã®è©äŸ¡å¯èœæ§ïŒ
Irohaã¯ã©ãã§äœ¿ããŸããïŒÂ¶
Hyperledger Irohaã¯ãããžã¿ã«ã¢ã»ãããIDãããã³ã·ãªã¢ã«åãããããŒã¿ã管çããéã«æ±çšçã«äœ¿çšã§ããããŒããã·ã§ã³åãããã¯ãã§ãŒã³ã·ã¹ãã ã§ãã éè¡é決æžãäžå€®éè¡ã®ããžã¿ã«é貚ã決æžã·ã¹ãã ãåœå IDãããã³ç©æµåéãªã©ã®ã¢ããªã±ãŒã·ã§ã³ãšããŠåœ¹ç«ã¡ãŸãã
詳现ã¯ããŠãŒã¹ã±ãŒã¹ã·ããªãª<http://iroha.readthedocs.io/en/latest/use_cases/> `_ãåç §ããŠãã ããã
BitcoinãEthereumãšã¯ã©ã®ãããªç¹ãéãã®ã§ããïŒÂ¶
BitcoinãšEthereumã¯ã誰ããåå ããã¹ãŠã®ããŒã¿ã«ã¢ã¯ã»ã¹ã§ãããããŒããã·ã§ã³ã¬ã¹åã¬ãžã£ãŒã«ãªãããã«èšèšãããŠããŸãã ãŸããã·ã¹ãã ãšçžäºäœçšããããã«ç¬èªã®æå·åé貚ããããŸãã
ã€ããã«ã¯åºæã®æå·é貚ã¯ãããŸããã ãã®ä»£ããã«ãäŒæ¥ã®ããŒãºãæºããããã·ã¹ãã å ã§ã®éä¿¡ãèš±å¯ã«åºã¥ããŠè¡ããããããã«ãªã£ãŠããŸããã€ãŸããã¢ã¯ã»ã¹æš©ãæã€ãŠãŒã¶ãŒã ããã·ã¹ãã ãšããåãã§ããŸãã ããã«ããã¹ãŠã®ããŒã¿ãžã®ã¢ã¯ã»ã¹ãå¶åŸ¡ã§ããããã«ãã¯ãšãªïŒæ å ±ç §äŒïŒãèš±å¯ã«åºã¥ãè¡ãããããã«ãããŠããŸãã
ç¹ã«Ethereumãšã®äž»ãªéãã®1ã€ã¯ãHyperledger Irohaã§ã¯ã·ã¹ãã ã«çµã¿èŸŒãŸããã³ãã³ããçšããŠãããžã¿ã«ã¢ã»ããã®äœæã転éãšãã£ãå ±éæ©èœãå®è¡ã§ããããšã§ãã ããã«ãããã¹ããŒãã³ã³ãã©ã¯ãã®èšè¿°ããã¹ããšãã£ãé¢åã§é£ããäœæ¥ã®å¿ èŠããªããªããéçºè ã¯åçŽãªã¿ã¹ã¯ãããè¿ éãã€äœãªã¹ã¯ã§è¡ãããšãã§ããŸãã
ãã®ä»ã®Hyperledgerãã¬ãŒã ã¯ãŒã¯ãä»ã®ããŒããã·ã§ã³ã»ãããã¯ãã§ãŒã³ãšã¯ã©ã®ããã«éããŸããïŒÂ¶
ã€ããã«ã¯ãé«æ§èœã§åŸ ã¡æéãå°ãªããã€ååŒãã¡ã€ããªãã£ãå¯èœã«ããããã¶ã³ãã³ãã©ãŒã«ããã¬ã©ã³ãã»ã³ã³ã»ã³ãµã¹ã¢ã«ãŽãªãºã ïŒYAC [ïŒf1] _ïŒãæ¡çšãããŠããŸãã ãã®ä»ã®ãã¬ãŒã ã¯ãŒã¯ã¯ããã«ã¢ãåæã®ãããªã®ç¢ºççåæ圢æã«éç¹ã眮ããã®ãããã¶ã³ãã³ãã©ãŒã«ããã¬ã©ã³ã¹ã®ç¹æ§ãç ç²ã«ãããŠãããããŸãã
ãŸãIrohaã®çµã¿èŸŒã¿ã³ãã³ãã§ã¯ãããžã¿ã«è³ç£ã®äœæãã¢ã«ãŠã³ãç»é²ãã¢ã«ãŠã³ãéã®è³ç£ç§»è»¢ãšãã£ãå ±éã¿ã¹ã¯ãå®è¡ããã®ãéåžžã«ç°¡åã§ãããããä»ã®ãã©ãããã©ãŒã ãšæ¯èŒããŠã倧ããªå©ç¹ã§ãã ããã«ãæ»æã®ãã¯ãã«ãçããã·ã¹ãã ã®å šäœçãªã»ãã¥ãªãã£æ°ŽæºãåäžãããŸããããã¯ã·ã¹ãã æ©èœãåæ¢ãããç®æãå°ãªãããã§ãã
æåŸã«ãIrohaã¯åŒ·åãªæš©éã·ã¹ãã ãæã€å¯äžã®åæ£åå°åž³ã§ããããã¹ãŠã®ã³ãã³ããã¯ãšãªãããã³ãããã¯ãŒã¯ãžã®åå ã«å¯Ÿããæš©éãèšå®ã§ããŸãã
[1] | Yet Another Consensus |
ã©ã®ãããªã¢ããªã±ãŒã·ã§ã³ããããã¯ããšé¢é£ããŠæ§ç¯ã§ããŸããïŒÂ¶
ã¿ãªããŸã®ã¢ããªã±ãŒã·ã§ã³ã«ãããã¯ãã§ãŒã³ã®åãããããããã«ã¯ãã¯ããã«ãã®ã¢ããªã±ãŒã·ã§ã³ãIrohaãã¢ãšã©ã®ããã«é£æºããã®ããèããªããã°ãªããŸããããã®ããã«ãŸãã¯ããã«ãã©ã³ã¶ã¯ã·ã§ã³ãšã¯ãšãªãæ£ç¢ºã«äœã§ãããããã¢ããªã±ãŒã·ã§ã³ã®ãŠãŒã¶ãŒãIrohaãšã©ã®ããã«ãããšãããã®ãã説æããŠããé `ã³ã¢ã³ã³ã»ããã»ã¯ã·ã§ã³<http://iroha.readthedocs.io/en/latest/core_concepts/>` _ããããŸãã®ã§ããããåç §ããŠã¿ãŠãã ããã
ãŸããã·ã¹ãã éçºè ãé»å眲åãã³ãã³ããšãã£ãIrohaã®æ§æèŠçŽ ãäœæããããã®ããŒã«ãæäŸããŠããã¯ã©ã€ã¢ã³ãã©ã€ãã©ãªãããã€ãçšæãããŠããŸãã
ã¯ããã¶
ãã®ã¬ã€ãã§ã¯ãåºæ¬çãªããã¯ãããã¯ãŒã¯ãäœæããç«ã¡äžããããã€ãã®ãã©ã³ã¶ã¯ã·ã§ã³ãäœæããå°åž³ã«èšé²ãããããŒã¿ã確èªããŸãã åçŽã«ããããã«ãDockerãå©çšããŸãã
泚é
Ledger is the synonym for a blockchain, and Hyperledger Iroha is known also as Distributed Ledger Technology framework â which in essence is the same as "blockchain framework". You can check the rest of terminology used in the éèŠäºé section.
åæãšãªãç°å¢Â¶
For this guide, you need a machine with Docker
installed.
You can read how to install it on a Docker's website.
泚é
Of course you can build Iroha from scratch, modify its code and launch a customized node! If you are curious how to do that â you can check Building Iroha section. In this guide we will use a standard distribution of Iroha available as a docker image.
ããã¯ããŒããèµ·åãã¶
Dockerãããã¯ãŒã¯ãäœæãã¶
Irohaãåäœããããã«ã¯ PostgreSQL ããŒã¿ããŒã¹ãå¿ èŠã§ãã PostgresãšIrohaçšã®ã³ã³ãããåãä»®æ³ãããã¯ãŒã¯äžã§å®è¡ãããæ£åžžã«éä¿¡ãè¡ãããããã«ããããããŸãã¯Dockerãããã¯ãŒã¯ã®äœæããå§ããŸãããã æ¬ã¬ã€ãã§ã¯ããiroha-networkããšåŒãã§ããŸãããä»»æã®ååã䜿çšããããšãã§ããŸããä»»æã®ååã䜿çšããããã«ã¯ãã¿ãŒããã«äžã§æ¬¡ã®ã³ãã³ããå®è¡ããŸãã
docker network create iroha-network
PostgreSQLã®ã³ã³ãããèµ·åãã¶
ã§ã¯æ¬¡ã«ãã³ã³ããå ã§PostgreSQLãå®è¡ãããããŸã§ã«äœæãããããã¯ãŒã¯ã«æ¥ç¶ããéä¿¡çšããŒããå ¬éããŸãããããã®ã¹ãããã以äžã«ç€ºããŸãã
docker run --name some-postgres \
-e POSTGRES_USER=postgres \
-e POSTGRES_PASSWORD=mysecretpassword \
-p 5432:5432 \
--network=iroha-network \
-d postgres:9.5 \
-c 'max_prepared_transactions=100'
泚é
If you already have Postgres running on a host system on default port (5432),
then you should pick another free port that will be occupied.
For example, 5433: -p 5433:5432
Blockstoreãäœæãã¶
Before we run Iroha container, we may create a persistent volume to store files, storing blocks for the chain. It is done via the following command:
docker volume create blockstore
Preparing the configuration files¶
泚é
To keep things simple, in this guide we will create a network containing only a single node. To understand how to run several peers, follow ããã¯ãéçšã»å°å ¥ãã
Now we need to configure our Iroha network. This includes creating a configuration file, generating keypairs for a users, writing a list of peers and creating a genesis block.
Don't be scared away â we have prepared an example configuration for this guide, so you can start testing Iroha node now. In order to get those files, you need to clone the Iroha repository from Github or copy them manually (cloning is faster, though).
git clone -b master https://github.com/hyperledger/iroha --depth=1
ãã³ã
--depth=1
option allows us to download only the latest commit and
save some time and bandwidth. If you want to get a full commit history, you
can omit this option.
There is a guide on how to set up the parameters and tune them with respect to your environment and load expectations: èšå®. We don't need to do this at the moment.
Irohaã³ã³ãããèµ·åãã¶
We are almost ready to launch our Iroha container. You just need to know the path to configuration files (from the step above).
Let's start Iroha node in Docker container with the following command:
docker run --name iroha \
-d \
-p 50051:50051 \
-v $(pwd)/iroha/example:/opt/iroha_data \
-v blockstore:/tmp/block_store \
--network=iroha-network \
-e KEY='node0' \
hyperledger/iroha:latest
If you started the node successfully you would see the container id in the same console where you started the container.
Let's look in details what this command does:
docker run --name iroha \
creates a containeriroha
-d \
runs container in the background-p 50051:50051 \
exposes a port for communication with a client (we will use this later)-v YOUR_PATH_TO_CONF_FILES:/opt/iroha_data \
is how we pass our configuration files to docker container. The example directory is indicated in the code block above.-v blockstore:/tmp/block_store \
adds persistent block storage (Docker volume) to a container, so that the blocks aren't lost after we stop the container--network=iroha-network \
adds our container to previously creatediroha-network
for communication with PostgreSQL server-e KEY='node0' \
- here please indicate a key name that will identify the node allowing it to confirm operations. The keys should be placed in the directory with configuration files mentioned above.hyperledger/iroha:latest
is a reference to the image pointing to the latest release
You can check the logs by running docker logs iroha
.
You can try using one of sample guides in order to send some transactions to Iroha and query its state.
Try other guides¶
ãŠãŒã¹ã±ãŒã¹äŸÂ¶
Hyperledger Irohaã§éçšã»å°å ¥ã§ããå€ãã®ãŠãŒã¹ã±ãŒã¹äŸãšå ·äœçãªå©ç¹ãæããŠããŸãã Hyperledger Irohaã䜿çšãããããã®ã¢ããªã±ãŒã·ã§ã³ããŠãŒã¹ã±ãŒã¹äŸããéçºè ãã¯ãªãšã€ã¿ãŒã«ãã£ãŠããã«é©æ°ãããããããšãé¡ã£ãŠããŸãã
æè²ããã«ã¹ã±ã¢åéã«ããã蚌æžÂ¶
ãã€ããŒã¬ãžã£ãŒããã¯ïŒHyperledger IrohaïŒã¯ã倧åŠãåŠæ ¡ãå»çæ©é¢ãªã©ããŸããŸãªèªèšŒãå¿ èŠãšããæ©é¢ã®ã·ã¹ãã ãžçµã¿èŸŒãããšãã§ããŸãã Hyperledger Irohaã§çšããããæè»ãªæš©éã¢ãã«ã«ãã£ãŠãã¢ã€ãã³ãã£ãã£èªèšŒã蚌æžäœæã蚌ææžã®ä»äžãå¯èœã«ãªããŸãã ãŠãŒã¶ãŒã¢ã«ãŠã³ãã«æ瀺çããã³æé»çãªæ å ±ãæ ŒçŽããããšã«ãããããŸããŸãªè©å€ã»ä¿¡çšããã³IDã·ã¹ãã ãæ§ç¯ããããšãã§ããŸãã
Hyperledger Irohaã䜿çšããããšã«ãããåæè²æ©é¢ãŸãã¯å»ç蚌ææžããç¹å®ã®èªèšŒæ©é¢ã«ãã£ãŠçºè¡ããããšããããšã確èªããããšãã§ããŸãã ããŒã¿ã®äžå€æ§ãšæ確ãªæ€èšŒèŠåã«ãã£ãŠãåœã®èšŒææžã®äœ¿çšãå€§å¹ ã«æžãããå¥åº·ãšæè²åéãžéææ§ãæäŸããŸã
äŸÂ¶
äŸãã°ãHyperledger Irohaäžã«ãç é¢ããã¡ã€ã³ãšããŠç»é²ãããå»çæ©é¢ãæ³åããŠã¿ãŠãã ããã ãã®ãã¡ã€ã³ã«ã¯ãèªå®ããç»é²ãããåŸæ¥å¡ãããŸããå»åž«ãçæ³å£«ãçè·åž«ãªã©ããããããããããã®åœ¹å²ãæã£ãŠããŸãã ç é¢ã®åæ£è ã¯ããããã®ã¢ã«ãŠã³ããä¿æããŠããããããã«éå»ã®ãã¹ãŠã®ç æŽãèšèŒãããŠããŸããåå»çèšé²ã¯ã è¡æ¶²æ€æ»çµæã®ããã«ãJSON key/valuesãšããŠåæ£è ã®å£åº§ã«å®å šãã€æ©å¯çã«ä¿ç®¡ãããŸãã ãç é¢ããã¡ã€ã³ã®ã«ãŒã«ã¯ãèªå®ãããå»çåŸäºè ãšãŠãŒã¶ãŒã ããå人æ å ±ã«ã¢ã¯ã»ã¹ã§ããããã«å®çŸ©ãããŠããŸãã ã¯ãšãªã«ãã£ãŠè¿ãããå»çããŒã¿ã¯ãä¿¡é Œã§ãããœãŒã¹ããååŸããããã®ã§ããã®ãã確èªãããŸãã
ç é¢ã¯ãäŸãã°ç¹å®ã®å°åå ã§ã«ã®ã¿å人æ å ±ãä¿åãããšãã£ãããã«ããã®å Žæã«ãããå人æ å ±ä¿è·ã«é¢ããæ³çèŠåã«åŸã£ãŠãç¹å®ã®å Žæã«çµã°ããŸãïŒããã©ã€ãã·ãŒèŠåã_ïŒã Hyperledger Irohaã®ãã«ããã¡ã€ã³ã¢ãããŒãã§ã¯ãæ³çã«ãŒã«ã«éåãç¯ããã«è€æ°ã®åœã éã§ã®æ å ±å ±æãå¯èœã«ããŸãã äŸãã°ã "makoto @ hospital"ãšãããŠãŒã¶ãä»ã®åœã®å»çæ©é¢ãšå人ã®ç æŽãå ±æããããšã決å®ããå ŽåããŠãŒã¶ã¯ `` can_get_my_acc_detail``ã§èš±å¯ããäžã§ `` grant``ã³ãã³ãã䜿çšããŠè¡ãããšãã§ããŸãã
å»çæ©é¢ã§ã®ã±ãŒã¹ãšåæ§ã«ãHyperledger Irohaã«ç»é²ããã倧åŠæ©é¢ã«ã¯ãåæ¥çã«æ å ±ãéä¿¡ã»å ¬éããæš©éãæã€ããšãã§ããŸãã åæ¥èšŒæžãŸãã¯èšŒææžã¯ãããã°èªå®ããã倧åŠã®çœ²åä»ãã®åæ¥èšŒæã§ãã ããããæ¹æ³ãå©çšãããšãæ¡çšããã»ã¹ãç°¡çŽ åããã®ã«ã圹ç«ã¡ãäŸãã°éçšäž»ã¯æ¡çšåè£è ããããŸã§ç²åŸããã¹ãã«ãèœåã«é¢ããæ å ±ãåŸãããã«Hyperledger Irohaã«åãåãããè¡ããŸãã
åœééã®è³ç£ç§»è»¢ïŒæåïŒÂ¶
Hyperledger Irohaã¯ããã«ããµã€ã³ã¢ã«ãŠã³ããšã¢ãããã¯ãšã¯ã¹ãã§ã³ãžæ©èœãçšããŠãè¿ éãã€æ確ãªååŒç°å¢ãããã³æ±ºæžèŠåãæäŸããŸãã è³ç£ç®¡çã«ãããŠã¯ãäžå€®éäžçã«ç®¡çãããã·ã¹ãã ã®ããã«ç°¡åã§ãå¿ èŠãªã»ãã¥ãªãã£ä¿èšŒãæäŸããŸãã è³ç£ã®äœæã移転ã«å¿ èŠãªã«ãŒã«ãšã³ãã³ããç°¡çŽ åããããšã§ãã·ã¹ãã å ãžã®äŸµå ¥éå£ãäœãæããåæã«é«ãã»ãã¥ãªãã£æ°Žæºãä¿èšŒãç¶æããŸãã
äŸÂ¶
ããšãã°[ïŒf1] _ã®ããã«ããããŠãŒã¶ãŒã¯è»ã®æææš©ãè²æž¡ããããšããå ŽåããããããããŸããããŠãŒã¶ãŒã®``haruto``ã¯``sora``ãšãããã©ã³ãåã®è»ïŒè³ç£ïŒã«å¯Ÿããæææš©ãç»é²ãããŠããŸããé¢é£ãããã©ã¡ãŒã¿ãŒã¯ããããã {"id": "34322069732074686520616E73776572", "color": "red", "size": "small"}``ã§ãã ãã®æææš©ã¯ãã·ã¹ãã ã®åºç€ãšãªãããŒã¿ããŒã¹ã«åºå®çã«èšé²ãããŠãããåã
ã®æ€èšŒãã¢ã«ãã®åããèšé²ãããŠããŸãã è³ç£ã®ç§»è»¢ãè¡ãããã«ããŠãŒã¶ãŒ``haruto``ã¯ãå¥ã®ãŠãŒã¶ãŒ``haru``å®ãŠã«ãªãã¡ãŒãè¡ããŸããã€ãŸã``haru``å®ãŠã«è»ã®èå¥åãã転éãããã®ãšã
haru``ãã `` haruto``ãž `` usd``ã®ããŒã¯ã³ãã転éããããšãã2ã€ã®ã³ãã³ããå«ãŸããè€æ°çœ²åãã©ã³ã¶ã¯ã·ã§ã³ãçæããŸãã``haru``ã¯ãã«ã眲åãã©ã³ã¶ã¯ã·ã§ã³ã«çœ²åããããšã§``haruto``ããã®ãªãã¡ãŒãåãåããŸãããã®å Žåããã®ãã©ã³ã¶ã¯ã·ã§ã³ã¯ã·ã¹ãã å
ã§ã³ããããããŸãïŒã¢ãããã¯ãšã¯ã¹ãã§ã³ãžæ©èœïŒã
Hypeledger Irohaèªäœã«ããŒã¯ã³ã¯çµã¿èŸŒãŸããŠããŸããããããŸããŸãªè³ç£ãšããããä¿æããã¯ãªãšã€ã¿ãŒã®ã¿ã€ããæ±ãããšãã§ããŸãã ããããã¢ãããŒãã«ãã£ãŠãåæ£åã®äº€æåžå Žãæ§ç¯ããããšãå¯èœã«ãªããŸãã äŸãã°ããã®ã·ã¹ãã äžã§ç°ãªãåœã«ãããäžå€®éè¡ãããããã®è³ç£ãçºè¡ãããšãã£ãããšãã§ããŸãã
[1] | çŸæ®µéã§ã¯å®è£ ãããŠããŸãã |
éèæ¥åã«ãããã¢ããªã±ãŒã·ã§ã³Â¶
Hyperleger Irohaã¯ãç£æ»æ¥åã§éåžžã«åœ¹ç«ã¡ãŸãã åæ å ±ã¯ããããã®ããžãã¹ã«ãŒã«ã«ãã£ãŠæ€èšŒãããç°ãªããããã¯ãŒã¯åå è ã«ãã£ãŠåžžæ管çãããŸãã ããã€ãã®æå·åæ©èœãšå ±ã«ãã¢ã¯ã»ã¹å¶åŸ¡ã«é¢ããã«ãŒã«ã«ãã£ãŠææã®ãã©ã€ãã·ãŒãç¶æãããŸãã ã¢ã¯ã»ã¹å¶åŸ¡ã«ãŒã«ã¯ããŠãŒã¶ãŒã¬ãã«ããã¡ã€ã³ã¬ãã«ãŸãã¯ã·ã¹ãã ã¬ãã«ãšãã£ãç°ãªãã¬ãã«ã§å®çŸ©ããããšãã§ããŸãã ãŠãŒã¶ãŒã¬ãã«ã§ã¯ãç¹å®å人åãã®ãã©ã€ãã·ãŒã«ãŒã«ãå®çŸ©ãããŠããŸãã ãã¡ã€ã³ãŸãã¯ã·ã¹ãã ã¬ãã«ã§ã®ã¢ã¯ã»ã¹ã«ãŒã«ãå®çŸ©ããããšããã¡ã€ã³å ã®ãã¹ãŠã®ãŠãŒã¶ãŒã«ããããé©çšãããŸãã Hyperledger Irohaã§ã¯ãå圹å²ããšã«ç¹å®ã®æš©éãä»äžããããšãã£ã圹å²ããŒã¹ã®äŸ¿å©ãªã¢ã¯ã»ã¹å¶åŸ¡ã«ãŒã«ãæäŸãããŠããŸãã
ãã©ã³ã¶ã¯ã·ã§ã³ã¯ãããŒã«ã«ããŒã¿ããŒã¹ã䜿çšããŠè¿œè·¡ã§ããŸãã Iroha-API Auditorã䜿çšãããšãããŒã¿ã«å¯ŸããŠã¯ãšãªãå®è¡ããåæãå®è¡ããç¹å®ã®ç£æ»ãœãããŠã§ã¢ã®æ©èœãè¡ãããšãã§ããŸãã Hyperledger IrohaïŒããã¯ïŒã¯ãåæãœãããŠã§ã¢ãå±éããäžã§ããŸããŸãªã·ããªãªããµããŒãããŠããŸããããŒã«ã«ã³ã³ãã¥ãŒã¿äžã§ã®å®è¡ããç¹å®ã®ããã«ãŠã§ã¢ã§ã³ãŒããå®è¡ããããšãã§ããŸãã ããããã¢ãããŒãã«ãããHadoopãApacheãªã©ã®ããã°ããŒã¿ã¢ããªã±ãŒã·ã§ã³åæãè¡ãããšãã§ããŸãã Hypeledger Irohaã¯ãããŒã¿ã®å®å šæ§ãšæ©å¯æ§ãä¿èšŒãã圹å²ãæãããŸãïŒã¯ãšãªæš©éã®å¶éã«ããïŒã
äŸÂ¶
ããšãã°ãç£æ»ã¯éèã¢ããªã±ãŒã·ã§ã³ã«ãããŠåœ¹ç«ã€ãããããŸããã ç£æ»åœ¹ã¢ã«ãŠã³ãã¯ããŠãŒã¶ãŒãæ©ãŸãããšãªãããã¡ã€ã³å ã®ãŠãŒã¶ãŒé¢é£æ å ±ã«ã¢ã¯ã»ã¹ããæš©éãæãããç£æ»åœ¹ãã®åœ¹å²ãæ ããŸãã ã¢ã«ãŠã³ããã€ãžã£ãã¯ã®ç¢ºçãæžãããç£æ»äººãæªæã®ããã¯ãšãªãéä¿¡ããã®ãé²ããããç£æ»äººã¯éåžžãè€æ°çœ²åã¢ã«ãŠã³ããšããŠå®çŸ©ãããŸããã€ãŸããç£æ»äººã¯è€æ°ã®ç°ãªãIDããã®çœ²åãæã€ã¯ãšãªã®ã¿ãäœæããããšãã§ããŸãã ç£æ»äººã¯ãå£åº§ããŒã¿ããã³æ®é«æ å ±ãååŸããã ãã§ãªãããŠãŒã¶ãŒã®å šååŒæ å ±ãååŸã§ããŸãïŒäŸãã°ã ãã¡ã€ã³ "konoha"å ã®ãŠãŒã¶ãŒ "haruto"ãè¡ã£ããã¹ãŠã®ç§»è»¢ååŒãšãã£ãå ·åïŒã ã€ããã®åããŒãã¯ãåæãœãããŠã§ã¢ãšé£æºããŠ100äžãŠãŒã¶ãŒã®ããŒã¿ãå¹ççã«åæããããšãã§ããŸãã
è€æ°çœ²åååŒã¯ãHyperledger Irohaã®åŒ·åãªããŒã«ã§ãããæ¢åã®çšå¶ãæ··ä¹±ãããå¯èœæ§ããããŸãã ç¹å®ã®ãã¡ã€ã³å ã®åãã©ã³ã¶ã¯ã·ã§ã³ã¯ããŠãŒã¶ãŒããã®çœ²åïŒäŸãã°ãè³ç£ã®è²æž¡ã®éïŒãšèª²çšæš©éãæããç¹æ®ãªããŒãïŒèª²çšããŒãïŒããã®ç¬¬2眲åãå«ãã ãã«ã眲åãã©ã³ã¶ã¯ã·ã§ã³ãšããŠæ±ãããšãã§ããŸãã 課çšããŒãã«ã¯ãIroha-APIã䜿çšããŠæžãããç¹å¥ãªæ€èšŒã«ãŒã«ãèŠå®ãããŠããŸããäŸãã°ãåå売äžã®éã«å çåºã¯çšéãæ¯æããªããã°ãªããªãããã«ãããšãã£ãäºæ¡ã§ãã ã€ãŸããæå¹ãšã¿ãªãããè³Œå ¥ååŒã«ã¯ãåºèãžã®ééïŒååè³Œå ¥ïŒãšæ¿åºãžã®ééïŒçŽçšïŒã®2ã€ã®ã³ãã³ããå«ãŸããŠããå¿ èŠããããŸãã
ã¢ã€ãã³ãã£ãã£ãããžã¡ã³ã¶
Hyperledger Irohaã«ã¯ãID管çã®ããã®æ¬è³ªçãªãµããŒãããããŸãã ã·ã¹ãã å ã®åãŠãŒã¶ãŒã¯ãå人æ å ±ãé¢é£ã¥ãããããã€äžæã«èå¥ãããã¢ã«ãŠã³ããä¿æããåååŒã¯ãã®éœåºŠçœ²åãããç¹å®ã®ãŠãŒã¶ãŒã«é¢é£ä»ããããŸãã ããããããšã§ãHyperledger Irohaã¯KYCïŒæ¬äººç¢ºèªïŒæ©èœãæã€ããŸããŸãªã¢ããªã±ãŒã·ã§ã³ã«æé©ãªãœãªã¥ãŒã·ã§ã³ãæäŸããŸãã
äŸÂ¶
äŸãã°ãä¿éºäŒç€Ÿã«ããããŠãŒã¹ã±ãŒã¹ã§ã¯ãååŸæ å ±ã®çå®æ§ãå¿é ããããšãªãããŠãŒã¶ãŒã®ååŒæ å ±ãç §äŒãããšãã£ã䟿å©ãªããšãå¯èœã«ãªããŸããäžæ¹ãŠãŒã¶ãŒã¯ãèªèšŒãããå人æ å ±ããããã¯ãã§ãŒã³ã«ç»é²ããŠããããšã§ãä¿éºè«æ±åŠçã«èŠããæéãççž®ããããšãã£ã䟿çã享åããããšãã§ããŸãã ãŠãŒã¶ãŒãããŒã³ãçµã¿ãããšãã£ãç¶æ³ãæ³åããŠã¿ãŠãã ãããçŸåšã®ããŒã³äºå審æ»ã¯ãåå ¥ãåå ¥ç¶æ³ã®åéããã³ãããã®æ å ±æ€èšŒã«å€å€§ãªæéããããããŠããŸãã Hyperledger Irohaã®åãŠãŒã¶ãŒã¯ãä¿æè³ç£ãè·äœãåµåç¶æ³ãªã©ã®èªèšŒæžã¿å人æ å ±ãé¢é£ã¥ããããã¢ã«ãŠã³ããä¿æããŠããŸãããŠãŒã¶ãŒã®æåŸãåå ¥ç¶æ³ãšèšããæ å ±ã¯ã `` GetAccountTransactions`ã®ã¯ãšãªãŒã䜿çšããŠãä¿æè³ç£ã¯ `` GetAccountAssets``ã®ã¯ãšãªãŒã§ããŠãŒã¶ãŒã®è·äœã«é¢ããããšæ å ±ã¯`` GetAccountDetail``ã䜿çšããŠè¿œè·¡ã»ç®¡çããããšãã§ããŸããåã¯ãšãªã¯æ€èšŒæžã¿ã®æ å ±ãè¿ããããããŒã³å¯©æ»ã«èŠããåŠçæéãåçã«ççž®ãããŸããå人æ å ±ãå ±æãããããŠãŒã¶ãŒã«ã€ã³ã»ã³ãã£ããäžããããã«ãããŸããŸãªäŒæ¥ãããããã®ããžãã¹ããã»ã¹ãèãåºãããšãã§ããŸããäŸãã°ãä¿éºäŒç€Ÿã¯ãã£ãããã¹ãè¡ã£ãŠãããŠãŒã¶ãŒã«å¯ŸããŠããŒãã¹å²åŒãé©çšããããšãã§ããŸãããã£ãããã¹ã¢ããªã±ãŒã·ã§ã³ã¯ãå人ã®æŽ»å蚌æãã·ã¹ãã ã«ããã·ã¥ããããšãã§ããŸãããŠãŒã¶ãŒã¯äºåŸçã«ã `` can_get_my_acc_detail``ã§æ å ±å ±æèš±å¯ãäžãã `` GrantPermission``ã§ä¿éºäŒç€Ÿãšæ å ±ãå ±æããããšãã§ããŸãã
ãµãã©ã€ãã§ãŒã³Â¶
åæ£ã·ã¹ãã ã®ã¬ããã³ã¹ãšæ³èŠå¶ãã·ã¹ãã ã³ãŒããšããŠèŠå®ããããšã¯ããããããµãã©ã€ãã§ãŒã³ã·ã¹ãã ã«ãããŠäžå¯æ¬ ãªçµã¿åããã§ãã Hyperledger Irohaã§äœ¿çšãããèªèšŒã·ã¹ãã ã§ã¯ãç©ççãªã¢ã€ãã ã®ããŒã¯ã³åãšãããã®ã·ã¹ãã ãžã®åã蟌ã¿ãå¯èœã§ãã åé ç®ã«ã¯ãäœãããã€ãã©ãã§ããªãããšãã£ãé¢é£æ å ±ãä»ããããŠããŸãã
èš±å¯ã·ã¹ãã ãšå®å šãã€ãã®æ°ãå¶éãããäž»èŠãªã³ãã³ã矀ã¯ãæ»æãã¯ãã«ãçããåºæ¬çãªãã©ã€ãã·ãŒãæäŸããŸãã åãã©ã³ã¶ã¯ã·ã§ã³ã¯ããã·ã¥å€ãæã¡ãäœæè ã®èšŒææžãŸãã¯èšŒææžã«ãã£ãŠã·ã¹ãã å ã§è¿œè·¡ã§ããŸãã
äŸÂ¶
é£ååéã«ããããµãã©ã€ãã§ãŒã³ã¯ã蟲家ãé£åå庫ãé£æååºã顧客ãªã©ãè€æ°ã®ç°ãªã人ãã¡ãå ±æããã·ã¹ãã ã§ãã ãã®æçµçãªç®æšã¯ã蟲家ã®çãã顧客ã®ããŒãã«ã«é£åãé éããããšã§ãã 補åã¯å€ãã®æ®µéãçµãŠãå段éã«ãããŠå ±æ空éã«èšé²ãããŸãã 顧客ã¯ãã¢ãã€ã«ããã€ã¹ãä»ããŠã€ããã¯ãšãªãåã蟌ãŸãã補åã³ãŒããèªã¿åããŸãã ã³ãŒãã«å«ãŸããã€ããã®ã¯ãšãªæ å ±ã«ãã£ãŠãå šæ®µéã補åæ å ±ãããŠèŸ²å®¶ã«é¢ããæ å ±ãå«ãå šå±¥æŽãæäŸãããŸãã
äŸãã°ããgangreenãã¯ç»é²èŸ²å®¶ã®ã²ãšã€ã§ãããããããšããè³ç£ã®çç£è ã§ãããã€ããã·ã¹ãã å ã§ã®ããããããšããé ç®æ å ±ãšå®éã®ããããé¢é£ä»ãããèšãæããã°ãç©ççãªåç©ãããŒã¯ã³åããä¿èšŒäººã§ãã è³ç£ã®æ°èŠäœæãšé åžã«é¢ããããã»ã¹ã¯ããããã¯ãŒã¯åå è ã«ãšã£ãŠå®å šãªéææ§ãå®çŸãããŸããããããŠã ã€ããäžã®ãããããã¯å€æ°ã®ãã³ããŒãéãæ ã«åºãŠãã€ãã«äžäººã®ãŠãŒã¶ãŒããã£ããã«å±ããããŸãã
ããã¯ã§ã¯ãè€éãªã¹ããŒãã³ã³ãã©ã¯ããäœæããã«ãæ°ããªã¢ã»ããã®äœæããCreateAssetããšããåäžã®ã³ãã³ãã«ãã£ãŠéçŽããåçŽåããŸããã Hyperledger Irohaã®äž»ãªå©ç¹ã®1ã€ã¯ãéçºè ãã¢ããªã±ãŒã·ã§ã³ãæäŸããããšã§çãŸãã䟡å€ã«éäžã§ããããã«ãªãããšã§ãã
Fund Management¶
With the support of multisignature transactions it is possible to maintain a fund by many managers. In that scheme investment can only be made after the confirmation of the quorum participants.
äŸÂ¶
The fund assets should be held at one account.
Its signatories should be fund managers, who are dealing with investments and portfolio distributions.
That can be added via AddSignatory
command.
All of the assets should be held within one account, which signatories represent the fund managers.
Thus the concrete exchanges can be performed with the multisignature transaction so that everyone will decide on a particular financial decision.
The one may confirm a deal by sending the original transaction and one of managers' signature.
Iroha will maintain the transaction sending so that the deal will not be completed until it receives the required number of confirmation, which is parametrized with the transaction quorum parameter.
éèŠäºé ¶
ãããã¯ãã¯ãªããããã¯ãŒã¯äžã§åãã®ã§ããããã ã·ã¹ãã ã®å éšãšå€éšã®ãªããžã§ã¯ããã©ã®ããã«ããã°ç解ã§ããã®ã§ããããã ãããã¯ãŒã¯äžã®ãã¢ã¯ã©ã®ããã«ååããŠãããã¯ãã§ãŒã³ã«å ¥ããã¹ãããŒã¿ã決å®ããã®ã§ããããã æ¬ã»ã¯ã·ã§ã³ã§ã¯ãããããããã¯ã·ã¹ãã ã®åºæ¬çãªéšåãèŠãŠãããŸãããã
èŠå
ããã¥ã¡ã³ãã¯åžžã«æŽæ°ããããã®ã»ã¯ã·ã§ã³ãä»åŸæ¹åãããäºå®ã§ãã å 容ãç·šéãããŠããéã¯çšèªéããŒãžã確èªããŠãã ããã
Sections¶
Account (ã¢ã«ãŠã³ããå£åº§)¶
æå®ãããäžé£ã®ã¢ã¯ã·ã§ã³ãå®è¡ã§ããIrohaãšã³ãã£ãã£ã åã¢ã«ãŠã³ãã¯æ¢åã® ãã¡ã€ã³<#domain> __ã®ããããã«å±ããŸãã
ã¢ã«ãŠã³ãã«ã¯ããã€ãã® role <#role> __ïŒnoneã«ããããšãã§ããŸãïŒããããŸããããã¯æš©éã®éåã§ãã ä»äžå¯èœãªã¢ã¯ã»ã¹æš©<ïŒgrantable-permission> __ã ããã¢ã«ãŠã³ãã«çŽæ¥å²ãåœãŠãããŸãã
Ametsuchi¶
Irohaã®ã¹ãã¬ãŒãžã³ã³ããŒãã³ããååŒãããã¯ãšããããã¯ããçæãããç¶æ ãä¿åããŸããããã¯ããWorld State View <ïŒworld-state-view>ããšåŒã°ããŸãã ã¯ã©ã€ã¢ã³ã<#client> __ãAmetsuchiãšçŽæ¥å¯Ÿè©±ããæ¹æ³ã¯ãããŸããã
AssetïŒè³ç£ãã¢ã»ããïŒÂ¶
æ°ããããååã䟡å€ãåã¢ã»ããã¯ãã·ã¹ãã å ã®æ¢åã® ãã¡ã€ã³<#domain> __ã«é¢é£ã¥ããããŠããŸãã ããšãã°ãè³ç£ïŒã¢ã»ããïŒã¯é貚åäœãéã®å»¶ã¹æ£ãäžåç£ãªã©ãããŸããŸãªçš®é¡ã®åäœãè¡šãããšãã§ããŸãã
Block (ãããã¯)¶
ãã©ã³ã¶ã¯ã·ã§ã³ããŒã¿ã¯ãããã¯ãšåŒã°ãããã¡ã€ã«ã«æ°žç¶çã«èšé²ãããŸãã ãããã¯ã¯ãæéã®çµéãšãšãã«é£ç¶çã»ç·åœ¢çã«[ïŒf1] _ã«ç·šæãããŠãããŸãããããã¯ãã§ãŒã³ãšãåŒã°ããŸãã
ãããã¯ã¯ãIroha peers <#peer> __ã«ãããæå·çœ²åã§çœ²åããã consensus <ïŒconssensus> __äžã«ããã¯ããŒãïŒãã¢ïŒããã®ãããã¯ã«æ祚ããŸãã 眲åå¯èœãªã³ã³ãã³ãã¯ãã€ããŒããšåŒã°ããããããããã¯ã®æ§é ã¯æ¬¡ã®ããã«ãªããŸãã
Outside payload
- ããžã¿ã«çœ²å - ãã¢ãäœæãã眲åãåæ圢æã©ãŠã³ãã§ãããã¯ãžã®æ祚ã«äœ¿çšããã
Inside payload
- é«ã - ãããã¯ãã§ãŒã³å ã«ãããåœè©²ãããã¯ãŸã§ã®ãããã¯æ°
- ã¿ã€ã ã¹ã¿ã³ã - ãããã¯çææãã¢ã«ãã£ãŠå»ãŸããUNIXæéïŒããªç§åäœïŒ
- array of transactions, which successfully passed validation and consensus step
- hash of a previous block in the chain
- rejected transactions hashes â array of transaction hashes, which did not pass stateful validation step; this field is optional
Block Creator¶
stateless <#stateless-validation>`__æ€èšŒãš`stateful <#stateful-validation>`__æ€èšŒãå®äºããäžé£ã®ãã©ã³ã¶ã¯ã·ã§ã³ãããªããããã¯ãäœæããã·ã¹ãã ã³ã³ããŒãã³ãã§ãäœæããããããã¯ã¯ãã®åŸ`ã³ã³ã»ã³ãµã¹<#consensus> __ãžäŒæãããŸãã
Client¶
ã€ããã䜿çšããã¢ããªã±ãŒã·ã§ã³ã¯ãã¹ãŠã¯ã©ã€ã¢ã³ããšããŠæ±ãããŸãã
Irohaã®ç¹åŸŽã¯ãã¯ã©ã€ã¢ã³ãããã¢ãããã¯ãŒã¯ãšéä¿¡ããéã«åçŽãªã¯ã©ã€ã¢ã³ã/ãµãŒããŒåã«ãããæœè±¡åã䜿çšããŠããããšã§ãããããã¯ãã§ãŒã³é¢é£ã·ã¹ãã ã«ç¹æã®æœè±¡åã䜿çšããŠããŸããã ããšãã°Bitcoinã·ã¹ãã ã§ã¯ãã¯ã©ã€ã¢ã³ãããããã¯ãæ€èšŒããå¿ èŠããããŸããããã€ããŒã¬ãžã£ãŒFabricã§ã¯è€æ°ã®ãã¢ãããŒãªã³ã°ããŠãã©ã³ã¶ã¯ã·ã§ã³ããããã¯ã«åã蟌ããããã®ã確èªããå¿ èŠããããŸãããIrohaã§ã¯ã¯ã©ã€ã¢ã³ãã¯åäžã®ãµãŒããŒãšã®éä¿¡æãšåæ§ã«ããããã®Irohaãã¢ãšçžäºéä¿¡ããŸãã
ã³ãã³ã¶
ã³ãã³ãã¯`state <ïŒworld-state-view>` __ãå€æŽããæå³ã瀺ããŸãã ããšãã°ãIrohaã§æ°ãã role <#role> __ãäœæããã«ã¯ã Create role <../ api / commands.htmlïŒcreate-role> __ã³ãã³ããéä¿¡ããå¿ èŠããããŸãã
ã³ã³ã»ã³ãµã¹ (åæ)¶
èšç®æ©ç§åŠã®åéã«ãããã³ã³ã»ã³ãµã¹ã¢ã«ãŽãªãºã ãšã¯ãåæ£ããã»ã¹ãã·ã¹ãã å ã§ç¹å®ã®åäžããŒã¿å€ã«å¯Ÿããåæ圢æã«äœ¿çšãããããã»ã¹ãæå³ããŸãã ã³ã³ã»ã³ãµã¹ã¢ã«ãŽãªãºã ã¯ãè€æ°ãã€ä¿¡é Œã§ããªãããŒããå«ããããã¯ãŒã¯ã«ãããŠä¿¡é Œæ§ãéæããããã«èšèšãããŠããŸãã ãåæ圢æåé¡ããšããŠç¥ãããŠãããã®åé¡ã解決ããããšã¯ãåæ£ã³ã³ãã¥ãŒãã£ã³ã°ãšãã«ããšãŒãžã§ã³ãã·ã¹ãã ã«ãããŠéèŠãªããšã§ãã
*ã¢ã«ãŽãªãºã ãšããŠã®ã³ã³ã»ã³ãµã¹ *
ãããã¯ãŒã¯å ã®ãã¢éã§ãããã¯ãžã®åæãéæããããã®ã¢ã«ãŽãªãºã ã ãããã·ã¹ãã ã«çµã¿èŸŒãããšã«ãããä¿¡é Œæ§ãåäžããŸãã
ã·ã¹ãã æ§æéšåãšããŠã®ã³ã³ã»ã³ãµã¹
ãã¢ãããã¯ãŒã¯å ã® peer <#peer> __ã®éã§äžè²«ããç¶æ (state)ãç¶æããŸãã Irohaã¯Yet Another ConsensusïŒYACïŒãšããç¬èªã®ã³ã³ã»ã³ãµã¹ã¢ã«ãŽãªãºã ã䜿çšããŠããŸãã ãã®ã¢ã«ãŽãªãºã ã®ç¹åŸŽã¯ãã¹ã±ãŒã©ããªãã£ïŒæ¡åŒµæ§ïŒãããã©ãŒãã³ã¹ïŒåŠçèœåïŒãããã³ Byzantine fault tolerance <https://en.wikipedia.org/wiki/Byzantine_fault_tolerance> _ã§ãã ããæ¬ èœããŠãããããã¯ããã£ãå Žåãããã㯠Synchronizer <#synchronizer> __çµç±ã§å¥ã®ãã¢ããããŠã³ããŒããããŸãã ã³ãããããããããã¯ã¯ `Ametsuchi <#ametsuchi>`ãããã¯ã¹ãã¬ãŒãžã«æ ŒçŽãããŸãã
ãã¡ã€ã³Â¶
accounts <#account> __ãš assets <#asset> __ãã°ã«ãŒãåããããã«ãå称ãäžãæœè±¡åãããã®ã
Ordering Gate (æ€èšŒäœæ¥ã®èŠæ±çµè·¯)¶
Peer Communication Service <ïŒpeer-communication-service> __ãã Ordering Service <ïŒordering-service>`ãž`ãã©ã³ã¶ã¯ã·ã§ã³<#transaction> __ãæž¡ãIrohaã®å éšã³ã³ããŒãã³ãã Ordering Gateã¯ãæçµçã«Ordering Serviceãã proposals <#proposal> __ãåãåãããããã«å¯ŸããŠ`` Stateful validation <ïŒstateful-validation> __ãè¡ãããã« Simulator <#simulator> `__ã«éããŸãã
Ordering Service¶
stateless validation <ïŒstateless-validation> __ãééãããã®ãšããŠæž¡ããã`ãã©ã³ã¶ã¯ã·ã§ã³<#transaction>` __ ã`proposal <#proposal>` __ãšããŠçµã¿åãããäœæ¥ãæ ãIrohaã®å éšã³ã³ããŒãã³ãã§ãã ããããŒã¶ã«ã®äœæã¯ã次ã®ããããã®ã€ãã³ãã«ãã£ãŠåŒãèµ·ããããŸãã
- ååŒåéã®ããã®æéãå¶éãè¶ ããå Žåã
- ãªãŒããŒãªã³ã°ãµãŒãã¹ãã1ã€ã®ããããŒã¶ã«ã«èš±å¯ãããæ倧ååŒéãåãåã£ãå Žåã
äž¡æ¹ã®ãã©ã¡ãŒã¿ïŒã¿ã€ã ã¢ãŠããšããããŒã¶ã«ã«ä»äžããæ倧ãµã€ãºïŒã¯èšå®å¯èœã§ãïŒ ç°å¢ãã©ã¡ãŒã¿<../guides/configuration.htmlïŒç°å¢åºæãã©ã¡ãŒã¿> _ã®ããŒãžãã確èªãã ããïŒã
äž¡æ¹ã®ããªã¬ãŒã«å ±éããåææ¡ä»¶ã¯ãå°ãªããšã1ã€ã®ãã©ã³ã¶ã¯ã·ã§ã³ããªãŒããªã³ã°ãµãŒãã¹ã«å°éããŠãããšããããšã§ãã ãã以å€ã®å ŽåãããããŒã¶ã«ã¯äœæãããŸããã
ãã¢ïŒãããã¯ãŒã¯ããŒãïŒÂ¶
Irohaãããã¯ãŒã¯ãæ§æããããŒãã ãã¢ã¯ ã³ã³ã»ã³ãµã¹<#consensus> _圢æããã»ã¹ã«åå ããŠããŸãã
ãã¢ééä¿¡ãµãŒãã¹ (PCS)¶
ã€ããã®å éšæ§æèŠçŽ ã®ïŒã€ - é³¥å± <#torii> __ããéãããŠãã transaction <#transaction> __ã`Ordering Gate <ïŒordering-gate>`ãžéä¿¡ããŸãã PCSã®äž»ãªç®çã¯ãã³ã³ã»ã³ãµã¹ã®å®è£ ãšãã以å€ã«ãããçžäºéä¿¡ã®è€éããé ãããšã§ãã
æš©é (Permission)¶
ã³ãã³ãã®å®è¡æš©éãäžããã«ãŒã«ã§ãããããã«å称ãä»ããããŠããŸãã Permission **㯠account <#account> __ã«çŽæ¥ä»äžããããšã¯ã§ããŸããã代ããã«ãã¢ã«ãŠã³ãã«ã¯æš©éã®éåäœã§ããããŒã«ã圹å²ãäžããããŠããŸãã
ä»äžå¯èœãªæš©é¶
äžããããæš©éã ãã`account <#account>` __ã«äžããããŸãã ä»äžããããšã®ã§ããæš©éãæã€ã¢ã«ãŠã³ãã¯ãå¥ã®ã¢ã«ãŠã³ãã«ä»£ãã£ãŠç¹å®ã®ã¢ã¯ã·ã§ã³ãå®è¡ã§ããŸãã ããšãã°a@domain1ãšããã¢ã«ãŠã³ããb@domain2ãšããã¢ã«ãŠã³ãã«å¯ŸããŠãã¢ã»ããã転éã§ããããã«ããæš©éãb@domain2ã«äžãããšãb@domain2ã¯a@domain1ã®ã¢ã»ããã誰ã«ã§ã転éããããšãã§ããŸãã
ããããŒã¶ã«ïŒæ°èŠãããã¯ã®ææ¡ïŒÂ¶
stateless validation <ïŒstateless-validation> __ã ããééããäžé£ã® transactions <#transaction> __
ã¯ãšãªãŒïŒåãåããïŒÂ¶
ã€ãããžã®ãªã¯ãšã¹ãã¯ã `state <#world-state-view>`__ãå€æŽããŸããã æ å ±ã®ç §äŒãå®è¡ããããšã«ãããã¯ã©ã€ã¢ã³ãã¯ç¶æ ã«é¢ããç §äŒãããæ å ±ïŒäŸãã°ã圌ã®å£åº§ã®æ®é«ãååŒå±¥æŽãªã©ïŒãåŸãããšãã§ããŸãã
Quorum¶
In the context of transactions signing, quorum number is a minimum amount of signatures required to consider a transaction signed. The default value is 1. Each account can link additional public keys and increase own quorum number.
åœ¹å² (Role)¶
permissions <#permission> __(è€æ°å¯) ãã°ã«ãŒãåããã圹å²ãšããŠæœè±¡åããããã®ã
Signatory¶
Represents an entity that can confirm multisignature transactions for some account. It can be attached to account via AddSignatory and detached via RemoveSignatory.
ã·ãã¥ã¬ãŒã¿ãŒ (Simulator)¶
`Verified Proposal Creator <#verified-proposal-creator>`__ãåç §ããŠãã ããã
ã·ã³ã¯ããã€ã¶ãŒÂ¶
`consensus <#consensus>`__ã®äžéšã§ãã äžè¶³ããŠãããããã¯ã `peers' <#peer>`__ã«è¿œå ããŸããïŒä»ã®ãã¢ããããŠã³ããŒãããŸãïŒ
ToriiïŒé³¥å± ïŒÂ¶
â© clients <#client> __ã®ãšã³ããªãã€ã³ãã gRPCããã©ã³ã¹ããŒãå±€ã§äœ¿çšããŸãã Irohaãšéä¿¡ããã«ã¯ã Commands <../ api / commands.html> __ãš Queries <../ api / queries.html> __ã®é ã§èšè¿°ãããŠããgRPCãšã³ããã€ã³ãã䜿çšããããã¯ã©ã€ã¢ã³ãã©ã€ãã©ãª <../ guides / libraries.html> `__ã䜿çšããŠãã ããã
ãã©ã³ã¶ã¯ã·ã§ã³Â¶
å°åž³ã«ååçïŒatomicallyïŒã«é©çšãããé åºä»ãããã commands <#command> __ã§ãã ãã©ã³ã¶ã¯ã·ã§ã³å ã«ç¡å¹ãªã³ãã³ããå«ãŸããŠãããšãæ€èšŒåŠçäžã«ãã©ã³ã¶ã¯ã·ã§ã³å šäœãæåŠãããŸãã
Transaction Structure¶
Payload stores all transaction fields, except signatures:
- Time of creation (unix time, in milliseconds)
- Account ID of transaction creator (username@domain)
- Quorum field (indicates required number of signatures)
- Repeated commands which are described in details in commands section
- Batch meta information (optional part). See Batch of Transactions for details
Signatures contain one or many signatures (ed25519 public key + signature)
Reduced Transaction Hash¶
Reduced hash is calculated over transaction payload excluding batch meta information. Used in Batch of Transactions.
Transaction Statuses¶
Hyperledger Iroha supports both push and pull interaction mode with a client. A client that uses pull mode requests status updates about transactions from Iroha peer by sending transaction hashes and awaiting a response. In contrary push interaction is done over the listening of an event stream for each transaction. In any of these modes, the set of transaction statuses is the same:
Transaction Status Set¶
- NOT_RECEIVED: requested peer does not have this transaction.
- ENOUGH_SIGNATURES_COLLECTED: this is a multisignature transaction which has enough signatures and is going to be validated by the peer.
- MST_PENDING: this transaction is a multisignature transaction which has to be signed by more keys (as requested in quorum field).
- MST_EXPIRED: this transaction is a multisignature transaction which is no longer valid and is going to be deleted by this peer.
- STATELESS_VALIDATION_FAILED: the transaction was formed with some fields, not meeting stateless validation constraints. This status is returned to a client, who formed transaction, right after the transaction was sent. It would also return the reason â what rule was violated.
- STATELESS_VALIDATION_SUCCESS: the transaction has successfully passed stateless validation. This status is returned to a client, who formed transaction, right after the transaction was sent.
- STATEFUL_VALIDATION_FAILED: the transaction has commands, which violate validation rules, checking state of the chain (e.g. asset balance, account permissions, etc.). It would also return the reason â what rule was violated.
- STATEFUL_VALIDATION_SUCCESS: the transaction has successfully passed stateful validation.
- COMMITTED: the transaction is the part of a block, which gained enough votes and is in the block store at the moment.
- REJECTED: this exact transaction was rejected by the peer during stateful validation step in previous consensus rounds. Rejected transactions' hashes are stored in block store. This is required in order to prevent replay attacks.
Pending Transactions¶
Any transaction that has lesser signatures at the moment than quorum of transaction creator account is considered as pending. Pending transaction will be submitted for stateful validation as soon as multisignature mechanism will collect required amount of signatures for quorum.
Transaction that already has quorum of signatures can also be considered as pending in cases when the transaction is a part of batch of transactions and there is a not fully signed transaction.
Batch of Transactions¶
Transactions batch is a feature that allows sending several transactions to Iroha at once preserving their order.
Each transaction within a batch includes batch meta information. Batch meta contains batch type identifier (atomic or ordered) and a list of reduced hashes of all transactions within a batch. The order of hashes prescribes transactions sequence.
Batch can contain transactions created by different accounts. Any transaction within a batch can require single or multiple signatures (depends on quorum set for an account of transaction creator). At least one transaction inside a batch should have at least one signature to let the batch pass stateless validation.
Atomic Batch¶
All the transactions within an atomic batch should pass stateful validation for the batch to be applied to a ledger.
Ordered Batch¶
Ordered batch preserves only the sequence of transactions applying to a ledger. All the transactions that able to pass stateful validation within a batch will be applied to a ledger. Validation failure of one transaction would NOT directly imply the failure of the whole batch.
Multisignature Transactions¶
A transaction which has the quorum greater than one is considered as multisignature (also called mst). To achieve stateful validity the confirmation is required by the signatories of the creator account. These participants need to send the same transaction with their signature.
æ€èšŒäœæ¥ïŒValidatorïŒÂ¶
æ€èšŒã«ã¯ã¹ããŒãã¬ã¹ãšã¹ããŒããã«ã®2çš®é¡ããããŸãã
ã¹ããŒãã¬ã¹æ€èšŒ (Sateless Validation)¶
Torii <#torii> __ã§å®è¡ãããŸãã é»å眲åãå«ããªããžã§ã¯ããæ£ããæ§æãããŠãããåŠããã§ãã¯ããŸãã
ã¹ããŒããã«æ€èšŒ (Sateful Validation)¶
Verified Proposal Creator<#verified-proposal-creator> __ã§å®è¡ãããŸãã World State View <ïŒworld-state-view> __ã«å¯ŸããŠæ€èšŒãè¡ãããŸãã
Verified Proposal Creator¶
åä¿¡ããã`proposal <#proposal>` __ã«æ ŒçŽãããŠãã`ãã©ã³ã¶ã¯ã·ã§ã³<#transaction>` __ã«å¯ŸããŠã¹ããŒããã«æ€èšŒ<#stateful-validation> _ãå®è¡ããIrohaã®å éšã³ã³ããŒãã³ãã§ãã ã¹ããŒããã«æ€èšŒãééãããã©ã³ã¶ã¯ã·ã§ã³ãããšã«ãæ€èšŒæžã¿ããããŒã¶ã«ïŒãããã¯ã®ææ¡ïŒ**ãäœæããã `Block Creator <ïŒblock-creator> __ã«æž¡ãããŸãã ã¹ããŒããã«æ€èšŒããã¹ããªãã£ããã©ã³ã¶ã¯ã·ã§ã³ã¯ãã¹ãŠç Žæ£ããããããã¯ããããŒã¶ã«ã«ã¯å«ãŸããŸããã
World State View¶
WSVã¯çŸåšã®ã·ã¹ãã ç¶æ ãåæ ããã¹ãããã·ã§ãããšæããããšãã§ããŸãã ããšãã°ãWSVã«ã¯çŸåšaccount <#account> __ãæã£ãŠãã`assets <#asset>` __ã®éã«é¢ããæ å ±ãä¿æãããŠããŸãããtransaction <#transaction> __ ãããŒã«é¢ããå±¥æŽæ å ±ã¯èšé²ãããŠããŸããã
[1] | https://en.bitcoin.it/wiki/Block |
Entity-relationship model¶
Each Hyperledger Iroha peer has a state, called "World State View", which is represented by a set of entities and relations between them. To explain you more which entities exist in the system and what are the relations, this sections includes ER diagram and an explanation of its components.
ER diagram¶
Peer¶
- address â network address and internal port, is used for synchronization, consensus, and communication with the ordering service
- public_key â key, which will be used for signing blocks during consensus process
Asset¶
- asset_id â identifier of asset, formatted as asset_name#domain_id
- domain_id â identifier of domain, where the asset was created, references existing domain
- precision â size of fractional part
- data â JSON with arbitrary structure of asset description
Signatory¶
- public_key â a public key
Domain¶
- domain_id â identifier of a domain
- default_role â a default role per user created in the domain, references existing role
Role¶
- role_id â identifier of role
RoleHasPermissions¶
- role_id â identifier of role, references existing role
- permission_id â an id of predefined role
Account¶
- account_id â identifier of account, formatted as account_name@domain_id
- domain_id â identifier of domain where the account was created, references existing domain
- quorum â number of signatories required for creation of valid transaction from this account
- transaction_count â counter of transactions created by this account
- data â key-value storage for any information, related to the account. Size is limited to 268435455 bytes (0x0FFFFFFF) (PostgreSQL JSONB field).
AccountHasSignatory¶
- account_id â identifier of account, references existing account
- public_key â a public key (which is also called signatory), references existing signatory
AccountHasAsset¶
- account_id â identifier of account, references existing account
- asset_id â identifier of asset, references existing asset
- amount â an amount of the asset, belonging to the account
AccountHasRoles¶
- account_id â identifier of account, references existing account
- role_id â identifier of role, references existing role
AccountHasGrantablePermissions¶
- account_id â identifier of account, references existing account. This account gives grantable permission to perform operation over itself to permittee.
- permittee_account_id â identifier of account, references existing account. This account is given permission to perform operation over account_id.
- permission_id â identifier of grantable_permission
ã¬ã€ããšå®è¡æ¹æ³Â¶
Building Iroha¶
In this guide we will learn how to install all dependencies, required to build Iroha and how to build it.
泚é
You don't need to build Iroha to start using it. Instead, you can download prepared Docker image from the Hub, this process explained in details in the ã¯ããã page of this documentation.
Preparing the Environment¶
In order to successfully build Iroha, we need to configure the environment. There are several ways to do it and we will describe all of them.
Currently, we support Unix-like systems (we are basically targeting popular Linux distros and macOS). If you happen to have Windows or you don't want to spend time installing all dependencies you might want to consider using Docker environment. Also, Windows users might consider using WSL
Technically Iroha can be built under Windows natively in experimental mode. This guide covers that way too. All the stages related to native Windows build are separated from the main flow due to its significant differences.
ãã³ã
Having troubles? Check FAQ section or communicate to us directly, in case you were stuck on something. We don't expect this to happen, but some issues with an environment are possible.
Docker¶
泚é
You don't need Docker to run Iroha, it is just one of the possible choices.
First of all, you need to install docker
and docker-compose
. You can
read how to install it on the
Docker's website
泚é
Please, use the latest available docker daemon and docker-compose.
Then you should clone the Iroha repository to the directory of your choice.
git clone -b master https://github.com/hyperledger/iroha --depth=1
ãã³ã
--depth=1
option allows us to download only latest commit and
save some time and bandwidth. If you want to get a full commit history, you
can omit this option.
After it, you need to run the development environment. Run the
scripts/run-iroha-dev.sh
script:
bash scripts/run-iroha-dev.sh
ãã³ã
Please make sure that Docker is running before executing the script.
macOS users could find a Docker icon in system tray, Linux user could use
systemctl start docker
After you execute this script, following things happen:
1. The script checks if you don't have containers with Iroha already running. Successful completion finishes with the new container shell.
2. The script will download hyperledger/iroha:develop-build
and postgres
images.
hyperledger/iroha:develop-build
image contains all development dependencies and is
based on top of ubuntu:16.04
. postgres
image is required for starting
and running Iroha.
- Two containers are created and launched.
4. The user is attached to the interactive environment for development and
testing with iroha
folder mounted from the host machine. Iroha folder
is mounted to /opt/iroha
in Docker container.
Now your are ready to build Iroha! Please go to Building Iroha section.
Linux¶
Boost¶
Iroha requires Boost of at least 1.65 version.
To install Boost libraries (libboost-all-dev
), use current release from Boost webpage. The only
dependencies are thread, system and filesystem, so use
./bootstrap.sh --with-libraries=thread,system,filesystem
when you are building
the project.
Other Dependencies¶
To build Iroha, you need following packages:
build-essential
automake
libtool
libssl-dev
zlib1g-dev
libc6-dbg
golang
git
tar
gzip
ca-certificates
wget
curl
file
unzip
python
cmake
Use this code to install dependencies on Debian-based Linux distro.
apt-get update; \
apt-get -y --no-install-recommends install \
build-essential automake libtool \
libssl-dev zlib1g-dev \
libc6-dbg golang \
git tar gzip ca-certificates \
wget curl file unzip \
python cmake
泚é
If you are willing to actively develop Iroha and to build shared libraries, please consider installing the latest release of CMake.
macOS¶
If you want to build it from scratch and actively develop it, please use this code to install all dependencies with Homebrew.
xcode-select --install
brew install cmake boost postgres grpc autoconf automake libtool golang soci
ãã³ã
To install the Homebrew itself please run
ruby -e "$(curl -fsSL https://raw.githubusercontent.com/homebrew/install/master/install)"
Windows¶
All the listed commands are desinged for building 64-bit version of Iroha.
Chocolatey Package Manager¶
First of all you need chocolatey package manager installed. Please refer the guide for chocoloatey installation.
Build Toolset¶
Install CMake, Git, Microsoft compilers via chocolatey being in Administrative mode of command prompt:
choco install cmake git visualstudio2017-workload-vctools
ãã³ã
Despite PostgreSQL is not a build dependency it is recommended to install Postgres now for the testing later.
choco install postgresql
# Don't forget the password you set!
Vcpkg Dependency Manager¶
Although Vcpkg is aimed to control dependency hell among the C++ libraries, unfortunately, we cannot install its default version. The first problem is that Iroha dependency called SOCI is not able to work with the latest Boost. The second reason - Vcpkg does not provide Postgres related libraries for Debug build.
The solution is to use Vcpkg from a pull request (until it is merged):
git clone https://github.com/Microsoft/vcpkg.git --depth=1
cd vcpkg
git fetch origin pull/6328/head:vcpkg_for_iroha
git checkout vcpkg_for_iroha
Then follow Vcpkg installation guide:
# execute in Power shell
.\bootstrap-vcpkg.bat
.\vcpkg.exe integrate install
After the installation of vcpkg you will be provided with a CMake build parameter like
-DCMAKE_TOOLCHAIN_FILE=C:/path/to/vcpkg/scripts/buildsystems/vcpkg.cmake
.
Save it somewhere for the later use.
Vcpkg Packages¶
Install C++ dependencies via vcpkg:
# Execute this from cmd.exe NOT from Power Shell
vcpkg.exe install ^
protobuf:x64-windows ^
grpc:x64-windows ^
tbb:x64-windows ^
gtest:x64-windows ^
gflags:x64-windows ^
soci[boost,postgresql]:x64-windows ^
boost-filesystem:x64-windows ^
boost-system:x64-windows ^
boost-thread:x64-windows ^
boost-variant:x64-windows ^
boost-multiprecision:x64-windows ^
boost-bimap:x64-windows ^
boost-format:x64-windows ^
boost-circular-buffer:x64-windows ^
boost-assign:x64-windows ^
boost-uuid:x64-windows ^
boost-accumulators:x64-windows ^
boost-property-tree:x64-windows ^
boost-process:x64-windows
泚é
If you plan to build 32-bit version of Iroha -
you will need to install all the mentioned librares above
prefixed with x86
term instead of x64
.
Build Process¶
Cloning the Repository¶
Clone the Iroha repository to the directory of your choice.
git clone -b master https://github.com/hyperledger/iroha
cd iroha
ãã³ã
If you have installed the prerequisites with Docker, you don't need
to clone Iroha again, because when you run run-iroha-dev.sh
it attaches
to Iroha source code folder. Feel free to edit source code files with your
host environment and build it within docker container.
Building Iroha¶
Building on Windows differs from the main flow and the guide is here.
To build Iroha, use those commands
mkdir build; cd build; cmake ..; make -j$(nproc)
Alternatively, you can use these shorthand parameters (they are not documented though)
cmake -H. -Bbuild;
cmake --build build -- -j$(nproc)
泚é
On macOS $(nproc)
variable does not work. Check the number of
logical cores with sysctl -n hw.ncpu
and put it explicitly in the command
above, e.g. cmake --build build -- -j4
CMake Parameters¶
We use CMake to build platform-dependent build files. It has numerous flags
for configuring the final build. Note that besides the listed parameters
cmake's variables can be useful as well. Also as long as this page can be
deprecated (or just not complete) you can browse custom flags via
cmake -L
, cmake-gui
, or ccmake
.
ãã³ã
You can specify parameters at the cmake configuring stage (e.g cmake -DTESTING=ON).
Main Parameters¶
Parameter | Possible values | Default | Description |
---|---|---|---|
TESTING | ON/OFF | ON | Enables or disables build of the tests |
BENCHMARKING | OFF | Enables or disables build of the Google Benchmarks library | |
COVERAGE | OFF | Enables or disables lcov setting for code coverage generation |
Packaging Specific Parameters¶
Parameter | Possible values | Default | Description |
---|---|---|---|
ENABLE_LIBS_PACKAGING | ON/OFF | ON | Enables or disables all types of packaging |
PACKAGE_ZIP | OFF | Enables or disables zip packaging | |
PACKAGE_TGZ | OFF | Enables or disables tar.gz packaging | |
PACKAGE_RPM | OFF | Enables or disables rpm packaging | |
PACKAGE_DEB | OFF | Enables or disables deb packaging |
Running Tests (optional)¶
After building Iroha, it is a good idea to run tests to check the operability of the daemon. You can run tests with this code:
cmake --build build --target test
Alternatively, you can run following command in the build
folder
cd build
ctest . --output-on-failure
泚é
Some of the tests will fail without PostgreSQL storage running,
so if you are not using scripts/run-iroha-dev.sh
script please run Docker
container or create a local connection with following parameters:
docker run --name some-postgres \
-e POSTGRES_USER=postgres \
-e POSTGRES_PASSWORD=mysecretpassword \
-p 5432:5432 \
-d postgres:9.5
Building Iroha on Windows¶
Configure the CMake project using configuration parameter acquired from vcpkg.
cmake -HC:\path\to\iroha -BC:\path\to\build ^
-DCMAKE_TOOLCHAIN_FILE=C:\path\to\vcpkg\scripts\buildsystems\vcpkg.cmake ^
-G "Visual Studio 15 2017 Win64" -T host=x64
泚é
To build a 32-bit version of Iroha change -G "Visual Studio 15 2017 Win64"
to -G "Visual Studio 15 2017"
泚é
-T host=x64
indicates only the fact that 64-bit system is used as a host,
where Iroha is going to be compiled.
Build irohad
and iroha-cli
:
cmake --build C:\path\to\build --target irohad
cmake --build C:\path\to\build --target iroha-cli
Running Iroha on Windows¶
Set the correct path and PostgreSQL password in config-win.sample
C:\path\to\irohad.exe ^
--config C:\path\to\iroha\example\config-win.sample ^
--genesis_block C:\path\to\iroha\example\genesis-win.block ^
--keypair_name C:\path\to\iroha\example\node0
As we stated before Windows build support is on experimental stage, that is why there no much details regarding the process. If you want to explore the maximum of Windows-related works around Iroha please take a look at these pull requests: 1, 2, 3.
èšå®Â¶
ãã®ã»ã¯ã·ã§ã³ã§ã¯ãIrohaã®èšå®æ¹æ³ã説æããŸãã ãŸããexample/config.sampleããèŠãŠã¿ãŸãããã
1 2 3 4 5 6 7 8 9 10 11 12 13 | {
"block_store_path": "/tmp/block_store/",
"torii_port": 50051,
"internal_port": 10001,
"pg_opt": "host=localhost port=5432 user=postgres password=mysecretpassword",
"max_proposal_size": 10,
"proposal_delay": 5000,
"vote_delay": 5000,
"mst_enable" : false,
"mst_expiration_time" : 1440,
"max_rounds_delay": 3000,
"stale_stream_max_rounds": 2
}
|
ã芧ã®éããèšå®ãã¡ã€ã«ã¯æå¹ãª `json`ã®æ§é äœã§ãã ããã§ã¯ãè¡ããšã«åãã©ã¡ãŒã¿ãäœãæå³ããã®ããèŠãŠãããŸãããã
éçšæã®ãã©ã¡ãŒã¿ãŒÂ¶
- `block_store_path`ã¯ããããã¯ãæ ŒçŽãããŠãããã©ã«ããžã®ãã¹ãèšå®ããŸãã
- `torii_port`ã¯ãå€éšéä¿¡çšã®ããŒããèšå®ããŸãã ã¯ãšãªãŒãšãã©ã³ã¶ã¯ã·ã§ã³ãããã«éãããŸãã
- `internal_port`ã¯ãå éšéä¿¡çšã®ããŒããèšå®ããŸããå éšéä¿¡ã«ã¯ã泚æãµãŒãã¹ïŒordering serviceïŒãã³ã³ã»ã³ãµã¹ïŒconsensusïŒããããã¯ããŒããŒïŒblock loaderïŒããããŸãã
- pg_optã¯ãPostgreSQLã®èªèšŒæ å ±ã®èšå®ã«äœ¿çšãããŸããèªèšŒæ å ±ã«ã¯ããã¹ãåãããŒãããŠãŒã¶åããã¹ã¯ãŒãããããŸãã
log
is an optional parameter controlling log output verbosity and format (see below).
ç°å¢èšå®çšãã©ã¡ãŒã¿ãŒÂ¶
`max_proposal_size`ã¯1ã€ã®ããããŒã¶ã«ã«å ¥ããããšãã§ãããã©ã³ã¶ã¯ã·ã§ã³ã®æ倧æ°ã§ããããããã¯å šãŠ1ã€ã®ãããã¯ã«æ ŒçŽãããŸãã ãããã£ãŠããã®å€ãå€æŽããããšã«ãã£ãŠãæ°èŠäœæããããããã¯ã®ãµã€ãºãå®çŸ©ãããŸãã ã¯ããã¯ã10ãã«èšå®ããŠãããšè¯ãã§ãããã ãã ããç§éååŒéãå€ãå Žåã«ã¯ããã®å€ã倧ããããããšããå§ãããŸãã
proposal_delay
is a timeout in milliseconds that a peer waits a response from the orderding service with a proposal.`vote_delay`ã¯ã次ã®ãã¢ïŒãããã¯ãŒã¯ããŒãïŒã«æ祚ãéããŸã§ã®åŸ ã¡æéïŒããªç§ïŒã§ãã æé©ãªå€ã¯ããããã¯ãŒã¯å ã®ããã¯ãã¢æ°ã«å€§ããäŸåããŸãïŒããŒãæ°ãå€ãã»ã©ããvote_delayãã«ã¯é·ãå€ãå¿ èŠïŒã ã¯ããã¯100ã1000ããªç§ã§èšå®ããããšããå§ãããŸãã
mst_enable
enables or disables multisignature transaction network transport in Iroha. Note that MST engine always works for any peer even when the flag is set tofalse
. The flag only allows sharing information about MST transactions among the peers.mst_expiration_time
is an optional parameter specifying the time period in which a not fully signed transaction (or a batch) is considered expired (in minutes). The default value is 1440.max_rounds_delay
is an optional parameter specifying the maximum delay between two consensus rounds (in milliseconds). The default value is 3000. When Iroha is idle, it gradually increases the delay to reduce CPU, network and logging load. However too long delay may be unwanted when first transactions arrive after a long idle time. This parameter allows users to find an optimal value in a tradeoff between resource consumption and the delay of getting back to work after an idle period.stale_stream_max_rounds
is an optional parameter specifying the maximum amount of rounds to keep an open status stream while no status update is reported. The default value is 2. Increasing this value reduces the amount of times a client must reconnect to track a transaction if for some reason it is not updated with new rounds. However large values increase the average number of connected clients during each round."initial_peers
is an optional parameter specifying list of peers a node will use after startup instead of peers from genesis block. It could be useful when you add a new node to the network where the most of initial peers may become malicious. Peers list should be provided as a JSON array:"initial_peers" : [{"address":"127.0.0.1:10001", "public_key": "bddd58404d1315e0eb27902c5d7c8eb0602c16238f005773df406bc191308929"}]
Logging¶
In Iroha logging can be adjusted as granularly as you want. Each component has its own logging configuration with properties inherited from its parent, able to be overridden through config file. This means all the component loggers are organized in a tree with a single root. The relevant section of the configuration file contains the overriding values:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | "log": {
"level": "info",
"patterns": {
"debug": "don't panic, it's %v.",
"error": "MAMA MIA! %v!!!"
},
"children": {
"KeysManager": {
"level": "trace"
},
"Irohad": {
"children": {
"Storage": {
"level": "trace",
"patterns": {
"debug": "thread %t: %v."
}
}
}
}
}
}
|
Every part of this config section is optional.
level
sets the verbosity. Available values are (in decreasing verbosity order):trace
- print everythingdebug
info
warning
error
critical
- print only critical messages
patterns
controls the formatting of each log string for different verbosity levels. Each value overrides the less verbose levels too. So in the example above, the "don't panic" pattern also applies to info and warning levels, and the trace level pattern is the only one that is not initialized in the config (it will be set to default hardcoded value).children
describes the overrides of child nodes. The keys are the names of the components, and the values have the same syntax and semantics as the root log configuration.
ããã¯ãéçšã»å°å ¥ãã¶
Hyperledger Irohaã¯ãèŠç¹ãšç®çã«å¿ããŠããŸããŸãªæ¹æ³ã§ã·ã¹ãã ãå°å ¥ããããšãã§ããŸãã åäžããŒãã§ãããã€ãããŠããå Žåãããã°ãè€æ°ã®ããŒããããŒã«ã«ãã·ã³äžã®è€æ°ã®ã³ã³ããã§å®è¡ãããå Žåãããããã¯ãŒã¯å šäœã«åæ£ããŠããå ŽåããããŸãã ãã®ããŒãžã§ã¯ãããŸããŸãªå°å ¥ã·ããªãªã«ã€ããŠèª¬æããåããŠã€ãããè©ŠããŠãŠãŒã¶ãŒã®çããã®ããã®ããŠããŒã¬ã€ããšããŠåœ¹ç«ã€ããã«æå³ãããŠããŸãã
ïŒã€ã®ã€ã³ã¹ã¿ã³ã¹äžã§å®è¡ãã¶
äžè¬çã«ããŸãã€ãããããŒã«ã«ã§å®è¡ããŠAPIãè©Šãããã®æ©èœãè©ŠããããšèããŠããŸãã ããã¯ããŒã«ã«ãŸãã¯ã³ã³ããç°å¢ïŒDockerïŒã§è¡ãããšãã§ããŸãã äž¡æ¹ã®ã±ãŒã¹ãè©ŠããŠã¿ãŸããããã¢ã³ã³ããŒãã³ãã®éçšãç°¡çŽ åããããã«ãããªãã®ãã·ã³ã«Dockerãã€ã³ã¹ããŒã«ããããšããå§ãããŸãã
ããŒã«ã«ç°å¢Â¶
ããŒã«ã«ç°å¢ã§ã¯ãããŒã¢ã³ããã»ã¹ãšPostgresãã³ã³ãããªãã§éçšããããšãæ³å®ããŠããŸãã Dockerã䜿ãããªãããšã奜ãŸããªãå Žåã«åœ¹ç«ã¡ãŸãããæ©èœããã£ããè©ŠããŠã¿ãããšãããšãã«äŸ¿å©ãªæ¹æ³ã§ãã
postgresãµãŒããŒãèµ·åããã¶
postgresãµãŒããŒãããŒã«ã«ã§å®è¡ããã«ã¯ãpostgres ãŠã§ããµã€ã<https://www.postgresql.org/docs/current/static/server-start.html> __ã«ç§»åãããã®ããŒãžã®èª¬æã«åŸã£ãŠãã ããã äžè¬ã«ãpostgresãµãŒããŒã¯ãã·ã¹ãã ã®èµ·åæã«èªåçã«å®è¡ãããŸããããã®ç¹ã«ã€ããŠã¯ã·ã¹ãã èšå®ã§ç¢ºèªããŠãã ããã
ããã¯ããŒã¢ã³(irohad)ãå®è¡ãã¶
ããããå ã«é²ãåã«ã以äžã®åææ¡ä»¶ãæºããããŠããªããã°ãªããŸããïŒ
- PostgresãµãŒããŒãèµ·åãããå®è¡ãããŠãã
- irohad Iroha daemonã®ãã€ããªåœ¢åŒãæ§ç¯ãããå©çšå¯èœãªç¶æ ã«ãã
- genesis blockãèšå®ãã¡ã€ã«ãçæãããŠãã
- èšå®ãã¡ã€ã«ã§æå¹ãªpostgresæ¥ç¶ã®èšå®ããªãããŠãã
- ãã¢ã®éµãã¢ãçæãããŠãã
- ãããããã®ãã¢ã®ããšã«ã€ãããã¯ãããŠå®è¡ããæ°ãããã§ãŒã³ãããããäœæããŠãã
ãã³ã
äžèšã®åææ¡ä»¶ãªã¹ããšäžèŽããŠããªããã®ããããŸããïŒ ãã®ææžã®äžã®ã»ã¯ã·ã§ã³ããåé¡ã«å¯ŸåŠãããã®é ãåç §ããŠãã ããã
å šãŠã®æ¡ä»¶ãæŽãã°ãããšã¯ä»¥äžã®ãã©ã¡ãŒã¿ãŒãçšããŠããŒã¢ã³ããã»ã¹ãèµ·åãããã ãã§ãïŒ
ãã©ã¡ãŒã¿ãŒ | æå³ |
config | Postgresãžã®æ¥ç¶ãšã·ã¹ãã ã調æŽããããã®å€ãå«ãèšå®ãã¡ã€ã« |
genesis_block | å°åž³äžã®ïŒã€ç®ã®ããã㯠|
keypair_name | ãã¡ã€ã«æ¡åŒµåãªãã®ç§å¯éµã»å ¬ééµãã¡ã€ã«åããããã¯ã«çœ²åããéã«ãã¢ã«ãã£ãŠäœ¿çšããããã®ã |
泚æ
Specifying a new genesis block using --genesis_block with blocks already present in ledger requires --overwrite_ledger flag to be set. The daemon will fail otherwise.
ããã¯ããŒã¢ã³ãå®è¡ããéã®ã³ãã³ãäŸã¯ã
irohad --config example/config.sample --genesis_block example/genesis.block --keypair_name example/node0
泚æ
ããäžæŠããŒã¢ã³ãåæ¢ããããæ¢åã®ãã§ãŒã³ã䜿çšãããå Žåã¯ããžã§ãã·ã¹ãããã¯ã®ãã©ã¡ãŒã¿ãæž¡ããªãã§ãã ããã
Docker¶
DockerãçšããªããïŒã€ã®ã€ã³ã¹ã¿ã³ã¹äžã§ããã¯ããŒããå®è¡ããããå Žåã¯ããŸãIrohaã®ã€ã¡ãŒãžããã«ããŠãã ããïŒ
docker pull hyperledger/iroha:latest
ãã³ã
ææ°ã®å®å®çã¯*latest*ã¿ã°ããææ°ã®éçºçã¯*develop*ããŠãã ãã
次ã«ãæ£åžžã«ã€ã¡ãŒãžãå®è¡ããããã®ç°å¢ã¥ãããããå¿ èŠããããŸãã
dockerãããã¯ãŒã¯ãæ§ç¯ãã¶
PostgresãšIrohaã®ã³ã³ããã¯ãããããçžäºã«å©çšã§ããããã«ãåãä»®æ³ãããã¯ãŒã¯äžã§å®è¡ããå¿ èŠããããŸãã 次ã®ã³ãã³ããå ¥åããŠãããã¯ãŒã¯ãäœæããŸãïŒãããã¯ãŒã¯ã«ã¯ä»»æã®ååã䜿çšã§ããŸãããäŸã§ã¯* iroha-network * nameã䜿çšããŠããŸãïŒã
docker network create iroha-network
ã³ã³ããå ã§Postgresqlãå®è¡ããã¶
åæ§ã«ãpostgresãµãŒããŒãå®è¡ããŠããããŸã§ã«äœæãããããã¯ãŒã¯ã«æ¥ç¶ããéä¿¡çšã«ããŒããå ¬éããŸãã
docker run --name some-postgres \
-e POSTGRES_USER=postgres \
-e POSTGRES_PASSWORD=mysecretpassword \
-p 5432:5432 \
--network=iroha-network \
-d postgres:9.5
ãããã¯ã®èšé²ã»ä¿åçšã®ããªã¥ãŒã ãäœæãã¶
ã³ã³ããå ã§irohaããŒã¢ã³ãå®è¡ããåã«ããã¡ã€ã«ãæ ŒçŽããæ°žç¶ããªã¥ãŒã ãäœæãããã§ãŒã³ã®ãããã¯ãæ ŒçŽããå¿ èŠããããŸãã ãããã¯æ¬¡ã®ã³ãã³ãã§è¡ããŸãã
docker volume create blockstore
Dockerã³ã³ããã§ããã¯ããŒã¢ã³ãå®è¡ãã¶
- äžèšã®æ¡ä»¶ãå¿ é ã§ãïŒ
- PostgreSQLã®ãµãŒããŒãåãdockerãããã¯ãŒã¯ã§å®è¡ããŠãã
- åãµãŒããŒã«configãã¡ã€ã«åã³ããŒãã¢ãæã£ãŠãããã©ã«ãããã
- ãããããã®ãã¢ã®ããšã«ã€ãããã¯ãããŠå®è¡ããæ°ãããã§ãŒã³ãããããäœæããŠãã
äžèšã®æ¡ä»¶ãå¶ããããäžèšã®ã³ãã³ããå®è¡ããŠãã ãã
docker run --name iroha \
# External port
-p 50051:50051 \
# Folder with configuration files
-v ~/Developer/iroha/example:/opt/iroha_data \
# Blockstore volume
-v blockstore:/tmp/block_store \
# Postgres settings
-e POSTGRES_HOST='some-postgres' \
-e POSTGRES_PORT='5432' \
-e POSTGRES_PASSWORD='mysecretpassword' \
-e POSTGRES_USER='postgres' \
# Node keypair name
-e KEY='node0' \
# Docker network name
--network=iroha-network \
hyperledger/iroha:latest
ãã¢ã®ãããã¯ãŒã¯ãèµ·åãã¶
ãã¢ãããã¯ãŒã¯ãèšå®ããã«ã¯ããã®ã»ã¯ã·ã§ã³ã§èª¬æããã«ãŒãã³ãå®è¡ããŠãã ããã ãã®ããŒãžã§ã³ã§ã¯ãæåã§ã®éçšèšå®ãå¯èœã§ããŸãAnsible Playbookã«ãã£ãŠèªååãããŠããŸãã ã»ãã¥ãªãã£åºæºããã®ä»ã®èŠä»¶ãæºãããªãã·ã§ã³ãéžæããŠãã ããã
æåã§è¡ãæ¹æ³Â¶
æåã§ã®å®è¡ã§ã¯ãèªååãããæ¯æŽãªãã«ã€ããã»ãã¢ã»ãããã¯ãŒã¯ãã»ããã¢ãããããŸãã åäžã®ããŒã«ã«ã€ã³ã¹ã¿ã³ã¹ãå®è¡ããããã»ã¹ãšäŒŒãŠããŸãããéãã¯ãžã§ãã·ã¹ãããã¯ã«è€æ°ã®ãã¢ãå«ãŸããŠããããšã§ããè€æ°ã®ãã¢ãå«ããããã¯ãäœæããå Žåããããã¯å¿ èŠã«å¿ããŠã«ã¹ã¿ãã€ãºããå¿ èŠãããå Žåã¯ããåé¡ã«å¯ŸåŠãããã®é ãåç §ããŠãã ããã
èªåã§è¡ãæ¹æ³Â¶
åé¡ã解決ãã¶
â"Please, help me, because IâŠ"
Do not have Iroha daemon binary¶
You can build Iroha daemon binary from sources. You can get binaries here
Do not have a genesis block¶
Create genesis block by generating it via iroha-cli or manually, using the example and checking out permissions
Do not have a keypair for a peer¶
In order to create a keypair for an account or a peer, use iroha-cli binary by passing the name of the peer with --new_account option. For example:
./iroha-cli --account_name newuser@test --new_account
ã¯ã©ã€ã¢ã³ãã»ã©ã€ãã©ãªÂ¶
Javaã©ã€ãã©ãªÂ¶
Client library of Iroha written completely in Java 8, which includes:
- SDK to work with Iroha API
- async wrapper over Iroha API
- testcontainers wrapper for convenient integration testing with Iroha
- examples in Java and Groovy
Both options are described in the following sections. Please check readme file in project's repo.
ã³ãŒãäŸÂ¶
import iroha.protocol.BlockOuterClass;
import iroha.protocol.Primitive.RolePermission;
import java.math.BigDecimal;
import java.security.KeyPair;
import java.util.Arrays;
import jp.co.soramitsu.crypto.ed25519.Ed25519Sha3;
import jp.co.soramitsu.iroha.testcontainers.IrohaContainer;
import jp.co.soramitsu.iroha.testcontainers.PeerConfig;
import jp.co.soramitsu.iroha.testcontainers.detail.GenesisBlockBuilder;
import lombok.val;
public class Example1 {
private static final String bankDomain = "bank";
private static final String userRole = "user";
private static final String usdName = "usd";
private static final Ed25519Sha3 crypto = new Ed25519Sha3();
private static final KeyPair peerKeypair = crypto.generateKeypair();
private static final KeyPair useraKeypair = crypto.generateKeypair();
private static final KeyPair userbKeypair = crypto.generateKeypair();
private static String user(String name) {
return String.format("%s@%s", name, bankDomain);
}
private static final String usd = String.format("%s#%s", usdName, bankDomain);
/**
* <pre>
* Our initial state cosists of:
* - domain "bank", with default role "user" - can transfer assets and can query their amount
* - asset usd#bank with precision 2
* - user_a@bank, which has 100 usd
* - user_b@bank, which has 0 usd
* </pre>
*/
private static BlockOuterClass.Block getGenesisBlock() {
return new GenesisBlockBuilder()
// first transaction
.addTransaction(
// transactions in genesis block can have no creator
Transaction.builder(null)
// by default peer is listening on port 10001
.addPeer("0.0.0.0:10001", peerKeypair.getPublic())
// create default "user" role
.createRole(userRole,
Arrays.asList(
RolePermission.can_transfer,
RolePermission.can_get_my_acc_ast,
RolePermission.can_get_my_txs,
RolePermission.can_receive
)
)
.createDomain(bankDomain, userRole)
// create user A
.createAccount("user_a", bankDomain, useraKeypair.getPublic())
// create user B
.createAccount("user_b", bankDomain, userbKeypair.getPublic())
// create usd#bank with precision 2
.createAsset(usdName, bankDomain, 2)
// transactions in genesis block can be unsigned
.build() // returns ipj model Transaction
.build() // returns unsigned protobuf Transaction
)
// we want to increase user_a balance by 100 usd
.addTransaction(
Transaction.builder(user("user_a"))
.addAssetQuantity(usd, new BigDecimal("100"))
.build()
.build()
)
.build();
}
public static PeerConfig getPeerConfig() {
PeerConfig config = PeerConfig.builder()
.genesisBlock(getGenesisBlock())
.build();
// don't forget to add peer keypair to config
config.withPeerKeyPair(peerKeypair);
return config;
}
/**
* Custom facade over GRPC Query
*/
public static int getBalance(IrohaAPI api, String userId, KeyPair keyPair) {
// build protobuf query, sign it
val q = Query.builder(userId, 1)
.getAccountAssets(userId)
.buildSigned(keyPair);
// execute query, get response
val res = api.query(q);
// get list of assets from our response
val assets = res.getAccountAssetsResponse().getAccountAssetsList();
// find usd asset
val assetUsdOptional = assets
.stream()
.filter(a -> a.getAssetId().equals(usd))
.findFirst();
// numbers are small, so we use int here for simplicity
return assetUsdOptional
.map(a -> Integer.parseInt(a.getBalance()))
.orElse(0);
}
public static void main(String[] args) {
// for simplicity, we will create Iroha peer in place
IrohaContainer iroha = new IrohaContainer()
.withPeerConfig(getPeerConfig());
// start the peer. blocking call
iroha.start();
// create API wrapper
IrohaAPI api = new IrohaAPI(iroha.getToriiAddress());
// transfer 100 usd from user_a to user_b
val tx = Transaction.builder("user_a@bank")
.transferAsset("user_a@bank", "user_b@bank", usd, "For pizza", "10")
.sign(useraKeypair)
.build();
// create transaction observer
// here you can specify any kind of handlers on transaction statuses
val observer = TransactionStatusObserver.builder()
// executed when stateless or stateful validation is failed
.onTransactionFailed(t -> System.out.println(String.format(
"transaction %s failed with msg: %s",
t.getTxHash(),
t.getErrOrCmdName()
)))
// executed when got any exception in handlers or grpc
.onError(e -> System.out.println("Failed with exception: " + e))
// executed when we receive "committed" status
.onTransactionCommitted((t) -> System.out.println("Committed :)"))
// executed when transfer is complete (failed or succeed) and observable is closed
.onComplete(() -> System.out.println("Complete"))
.build();
// blocking send.
// use .subscribe() for async sending
api.transaction(tx)
.blockingSubscribe(observer);
/// now lets query balances
val balanceUserA = getBalance(api, user("user_a"), useraKeypair);
val balanceUserB = getBalance(api, user("user_b"), userbKeypair);
// ensure we got correct balances
assert balanceUserA == 90;
assert balanceUserB == 10;
}
}
Javascript library¶
This library provides functions which will help you to interact with Hyperledger Iroha from your JS program.
Commands¶
For usage of any command you need to provide commandOptions
as a first argument.
const commandOptions = {
privateKeys: ['f101537e319568c765b2cc89698325604991dca57b9716b58016b253506cab70'], // Array of private keys in hex format
creatorAccountId: '', // Account id, ex. admin@test
quorum: 1,
commandService: null
}
As second argument you need to provide object that contains properties for required command.
// Example usage of setAccountDetail
const commandService = new CommandService_v1Client(
'127.0.0.1:50051',
grpc.credentials.createInsecure()
)
const adminPriv = 'f101537e319568c765b2cc89698325604991dca57b9716b58016b253506cab70'
commands.setAccountDetail({
privateKeys: [adminPriv],
creatorAccountId: 'admin@test',
quorum: 1,
commandService
}, {
accountId: 'admin@test',
key: 'jason',
value: 'statham'
})
Queries¶
For usage of any query you need to provide queryOptions
as a first argument.
const queryOptions = {
privateKey: 'f101537e319568c765b2cc89698325604991dca57b9716b58016b253506cab70', // Private key in hex format
creatorAccountId: '', // Account id, ex. admin@test
queryService: null
}
As second argument you need to provide object that contains properties for required query.
// Example usage of getAccountDetail
const queryService = new QueryService_v1Client(
'127.0.0.1:50051',
grpc.credentials.createInsecure()
)
const adminPriv = 'f101537e319568c765b2cc89698325604991dca57b9716b58016b253506cab70'
queries.getAccountDetail({
privateKey: adminPriv,
creatorAccountId: 'admin@test',
queryService
}, {
accountId: 'admin@test'
})
Example code¶
import grpc from 'grpc'
import {
QueryService_v1Client,
CommandService_v1Client
} from '../iroha-helpers/lib/proto/endpoint_grpc_pb'
import { commands, queries } from 'iroha-helpers'
const IROHA_ADDRESS = 'localhost:50051'
const adminPriv =
'f101537e319568c765b2cc89698325604991dca57b9716b58016b253506cab70'
const commandService = new CommandService_v1Client(
IROHA_ADDRESS,
grpc.credentials.createInsecure()
)
const queryService = new QueryService_v1Client(
IROHA_ADDRESS,
grpc.credentials.createInsecure()
)
Promise.all([
commands.setAccountDetail({
privateKeys: [adminPriv],
creatorAccountId: 'admin@test',
quorum: 1,
commandService
}, {
accountId: 'admin@test',
key: 'jason',
value: 'statham'
}),
queries.getAccountDetail({
privateKey: adminPriv,
creatorAccountId: 'admin@test',
queryService
}, {
accountId: 'admin@test'
})
])
.then(a => console.log(a))
.catch(e => console.error(e))
Pythonã©ã€ãã©ãªÂ¶
å ¥æå ¶
A supported python library for Iroha is available at its own Hyperledger iroha-python repo. Python 3+ is supported.
You can also install Python library via pip:
pip install iroha
ã³ãŒãäŸÂ¶
from iroha import Iroha, IrohaCrypto, IrohaGrpc
iroha = Iroha('alice@test')
net = IrohaGrpc('127.0.0.1:50051')
alice_key = IrohaCrypto.private_key()
alice_tx = iroha.transaction(
[iroha.command(
'TransferAsset',
src_account_id='alice@test',
dest_account_id='bob@test',
asset_id='bitcoin#test',
description='test',
amount='1'
)]
)
IrohaCrypto.sign_transaction(alice_tx, alice_key)
net.send_tx(alice_tx)
for status in net.tx_status_stream(alice_tx):
print(status)
iOS Swift Library¶
The library was created to provide convenient interface for iOS applications to communicate with Iroha blockchain including sending transactions/query, streaming transaction statuses and block commits.
Where to get¶
Iroha iOS library is available through CocoaPods. To install it, simply add the following line to your Podfile:
pod 'IrohaCommunication'
Also you can download the source code for the library in its repo
How to use¶
For new Iroha users we recommend to checkout iOS example project. It tries to establish connection with Iroha peer which should be also run locally on your computer to create new account and send some asset quantity to it. To run the project, please, go through steps below:
- Follow instructions from Iroha documentation to setup and run iroha peer in Docker container.
- Clone iroha-ios repository.
- cd Example directory and run pod install.
- Open IrohaCommunication.xcworkspace in XCode
- Build and Run IrohaExample target.
- Consider logs to see if the scenario completed successfully.
Feel free to experiment with example project and don't hesitate to ask any questions in Rocket.Chat.
Installing Dependencies¶
This page contains references and guides about installation of various tools you may need during build of different targets of Iroha project.
泚é
Please note that most likely you do not need to install all the listed tools. Some of them are required only for building specific versions of Iroha Client Library.
Automake¶
Installation on Ubuntu¶
sudo apt install automake
automake --version
# automake (GNU automake) 1.15
CMake¶
Minimum required version is 3.11.4, but we recommend to install the latest available version (3.12.0 at the moment).
Installation on Ubuntu¶
Since Ubuntu repositories contain unsuitable version of CMake, you need to install the new one manually. Here is how to build and install CMake from sources.
wget https://cmake.org/files/v3.11/cmake-3.11.4.tar.gz
tar -xvzf cmake-3.11.4.tar.gz
cd cmake-3.11.4/
./configure
make
sudo make install
cmake --version
# cmake version 3.11.4
Installation on macOS¶
brew install cmake
cmake --version
# cmake version 3.12.1
Python¶
Installation on Ubuntu¶
For Python 2:
sudo apt install python-dev
python --version
# Python 2.7.12
For Python 3:
sudo apt install python3-dev
python3 --version
# Python 3.5.2
Installation on macOS¶
For Python 2:
brew install python
python --version
# Python 2.7.12
For Python 3:
brew install python3
python3 --version
# Python 3.5.2
PIP¶
Installation on Ubuntu¶
For Python 2:
sudo apt install python-pip
pip --version
# pip 8.1.1 from /usr/lib/python2.7/dist-packages (python 2.7)
For Python 3:
sudo apt install python3-pip
pip3 --version
# pip 8.1.1 from /usr/lib/python3/dist-packages (python 3.5)
Installation on macOS¶
For Python 2:
sudo easy_install pip
pip --version
# pip 9.0.3 from /usr/local/lib/python2.7/site-packages (python 2.7)
For Python 3:
wget https://bootstrap.pypa.io/get-pip.py
sudo python3 get-pip.py
python3 -m pip --version
# pip 9.0.3 from /usr/local/Cellar/python/3.6.4_4/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages (python 3.6)
Boost¶
Installation on Ubuntu¶
git clone https://github.com/boostorg/boost /tmp/boost;
(cd /tmp/boost ; git submodule update --init --recursive);
(cd /tmp/boost ; /tmp/boost/bootstrap.sh);
(cd /tmp/boost ; /tmp/boost/b2 headers);
(cd /tmp/boost ; /tmp/boost/b2 cxxflags="-std=c++14" install);
ldconfig;
rm -rf /tmp/boost
Installation on macOS¶
brew install boost
Protobuf¶
Installation on macOS¶
CMAKE_BUILD_TYPE="Release"
git clone https://github.com/google/protobuf /tmp/protobuf;
(cd /tmp/protobuf ; git checkout 106ffc04be1abf3ff3399f54ccf149815b287dd9);
cmake \
-DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE} \
-Dprotobuf_BUILD_TESTS=OFF \
-Dprotobuf_BUILD_SHARED_LIBS=ON \
-H/tmp/protobuf/cmake \
-B/tmp/protobuf/.build;
cmake --build /tmp/protobuf/.build --target install;
ldconfig;
rm -rf /tmp/protobuf
Deploying Iroha on Kubernetes cluster¶
By following this guide you will be able to deploy a Kubernetes cluster from scratch on AWS cloud using Terraform and Kubespray, and deploy a network of Iroha nodes on it.
Prerequisites¶
- machine running Linux (tested on Ubuntu 16.04) or MacOS
- Python 3.3+
- boto3
- Ansible 2.4+
- ed25519-cli utility for key generation. Statically linked binary (for x86_64 platform) can be found in deploy/ansible/playbooks/iroha-k8s/scripts directory. You may need to compile it yourself.
You do not need the items below if you already have a working Kubernetes (k8s) cluster. You can skip to Generating Iroha configs chapter.
- Terraform 0.11.8+
- AWS account for deploying a k8s cluster on EC2
Preparation¶
You need to obtain AWS key for managing resources. We recommend to create a separate IAM user for that. Go to your AWS console, head to "My Security Credentials" menu and create a user in "Users" section. Assign "AmazonEC2FullAccess" and "AmazonVPCFullAccess" policies to that user. Click "Create access key" on Security credentials tab. Take a note for values of Access key ID and Secret key. Set these values as environment variables in your console:
export AWS_ACCESS_KEY_ID='<The value of Access key ID>'
export AWS_SECRET_ACCESS_KEY='<The value of Secret key>'
Checkout the source tree from Github:
git clone https://github.com/hyperledger/iroha && cd iroha
Setting up cloud infrastructure¶
We use Hashicorp's Terraform infrastructure management tool for automated deployment of AWS EC2 nodes in multiple regions. Kubespray Ansible module is used for setting up a production-grade k8s cluster.
Terraform module creates 3 AWS instances in 3 different regions: eu-west-1, eu-west-2, eu-west-3 by default. Instance type is c5.large. There is a separate VPC created in every region. All created VPCs are then connected using VPC peering connection. That is to create a seamless network for k8s cluster.
There are several configurable options: number of nodes in each region and its role in k8s cluster (kube-master or kube-node). They can be set either in variables.tf file or via environment variables (using the same variable name but prefixed with TF_VAR. See more in Terraform docs). More options can be configured by tuning parameters in module's variables.tf file.
You must set up SSH key in deploy/tf/k8s/variables.tf as well. Replace public key with your own. It will added on each created EC2 instance.
Navigate to deploy/tf/k8s directory. Terraform needs to download required modules first:
pushd deploy/tf/k8s && terraform init
Then run module execution:
terraform apply && popd
Review the execution plan and type yes to approve. Upon completion you should see an output similar to this:
Apply complete! Resources: 39 added, 0 changed, 0 destroyed.
We are now ready to deploy k8s cluster. Wait a couple of minutes before instances are initialized.
Setting up k8s cluster¶
There is an Ansible role for setting up k8s cluster. It is an external module called Kubespray. It is stored as a submodule in Hyperledger Iroha repository. This means it needs to be initialized first:
git submodule init && git submodule update
This command will download Kubespray from master repository.
Install required dependencies:
pip3 install -r deploy/ansible/kubespray/requirements.txt
Proceed to actual cluster deployment. Make sure you replaced key-file parameter with an actual path to SSH private key that was used previously during Terraform configuration. REGIONS variable corresponds to default list of regions used on a previous step. Modify it accordingly in case you added or removed any. Inventory file is a Python script that returns Ansible-compatible list of hosts filtered by tag.
pushd deploy/ansible && REGIONS="eu-west-1,eu-west-2,eu-west-3" VPC_VISIBILITY="public" ansible-playbook -u ubuntu -b --ssh-extra-args="-o IdentitiesOnly=yes" --key-file=<PATH_TO_SSH_KEY> -i inventory/kubespray-aws-inventory.py kubespray/cluster.yml
popd
Upon successful completion you will have working k8s cluster.
Generating Iroha configs¶
In order for Iroha to work properly it requires to generate a key pair for each node, genesis block and configuration file. This is usually a tedious and error-prone procedure, especially for a large number of nodes. We automated it with Ansible role. You can skip to Deploying Iroha on the cluster chapter if you want to quick start using default configs for k8s cluster with 4 Iroha replicas.
Generate configuration files for N Iroha nodes. replicas variable controls the number of N:
pushd deploy/ansible && ansible-playbook -e 'replicas=7' playbooks/iroha-k8s/iroha-deploy.yml
popd
You should find files created in deploy/ansible/roles/iroha-k8s/files/conf.
Deploying Iroha on the cluster¶
Make sure you have configuration files in deploy/ansible/roles/iroha-k8s/files. Specifically, non-empty conf directory and k8s-iroha.yaml file.
There are two options for managing k8s cluster: logging into either of master node and executing commands there or configure remote management. We will cover the second option here as the first one is trivial.
In case you set up cluster using Kubespray, you can find admin.conf file on either of master node in /etc/kubernetes directory. Copy this file on the control machine (the one you will be running kubectl command from). Make sure server parameter in this file points to external IP address or DNS name of a master node. Usually, there is a private IP address of the node (in case of AWS). Make sure kubectl utility is installed (check out the docs for instructions).
Replace the default kubectl configuration:
export KUBECONFIG=<PATH_TO_admin.conf>
We can now control the remote k8s cluster
k8s-iroha.yaml pod specification file requires the creation of a config-map first. This is a special resource that is mounted in the init container of each pod, and contains the configuration and genesis block files required to run Iroha.
kubectl create configmap iroha-config --from-file=deploy/ansible/roles/iroha-k8s/files/conf/
Each peer will have their public and private keys stored in a Kubernetes secret which is mounted in the init container and copied over for Iroha to use. Peers will only be able read their assigned secret when running Iroha.
kubectl create -f deploy/ansible/roles/iroha-k8s/files/k8s-peer-keys.yaml
Deploy Iroha network pod specification:
kubectl create -f deploy/ansible/roles/iroha-k8s/files/k8s-iroha.yaml
Wait a moment before each node downloads and starts Docker containers. Executing kubectl get pods command should eventually return a list of deployed pods each in Running state.
ãã³ã
Pods do not expose ports externally. You need to connect to Iroha instance by its hostname (iroha-0, iroha-1, etc). For that you have to have a running pod in the same network.
Iroha installation security tips¶
This guide is intended to secure Iroha installation. Most of the steps from this guide may seem obvious but it helps to avoid possible security problems in the future.
Physical security¶
In case the servers are located locally (physically accessible), a number of security measures have to be applied. Skip these steps if cloud hosting is used.
Establish organisational policy and/or access control system such that only authorized personnel has access to the server room. Next, set BIOS/firmware password and configure boot order to prevent unauthorized booting from alternate media. Make sure the bootloader is password protected if there is such a functionality. Also, it is good to have a CCTV monitoring in place.
Deployment¶
First, verify that official repository is used for downloading source code and Docker images. Change any default passwords that are used during installation, e.g., password for connecting to postgres. Iroha repository contains examples of private and public keys - never use it in production. Moreover, verify that new keypairs are generated in a safe environment and only administrator has access to those keypairs (or at least minimise the number of people). After deploying keys to Iroha peers delete private keys from the host that was used to perform deployment, i.e. private keys should reside only inside Iroha peers. Create an encrypted backup of private keys before deleting them and limit the access to it.
Network configuration¶
Iroha listens on ports 50051 and 10001. Firewall settings must allow incoming/outgoing connections to/from these ports. If possible, disable or remove any other network services with listening ports (FTP, DNS, LDAP, SMB, DHCP, NFS, SNMP, etc). Ideally, Iroha should be as much isolated as possible in terms of networking.
Currently, there is no traffic encryption in Iroha, we strongly recommend using VPN or Calico for setting up Docker overlay network, i.e. any mechanism that allows encrypting communication between peers. Docker swarm encrypts communications by default, but remember to open necessary ports in the firewall configuration. In case VPN is used, verify that VPN key is unavailable to other users.
If SSH is used, disable root login. Apart from that, disable password authentication and use only keys. It might be helpful to set up SSH log level to INFO as well.
If IPv6 is not used, it might be a good idea to disable it.
Updates¶
Install the latest operating system security patches and update it regularly. If Iroha is running in Docker containers, update Docker regularly. While being optional, it is considered a good practice to test updates on a separate server before installing to production.
Logging and monitoring¶
- Collect and ship logs to a dedicated machine using an agent (e.g., Filebeat).
- Collect logs from all Iroha peers in a central point (e.g., Logstash).
- Transfer logging and monitoring information via an encrypted channel (e.g., https).
- Set up an authentication mechanism to prevent third parties from accessing logs.
- Set up an authentication mechanism to prevent third parties from submitting logs.
- Log all administrator access.
OS hardening¶
The following steps assume Docker is used for running Iroha.
- Enable and configure Docker Content Trust.
- Allow only trusted users to control Docker daemon.
- Set up a limit for Docker container resources.
ããã¯ïŒHyperledger IrohaïŒã®APIãªãã¡ã¬ã³ã¹Â¶
APIã»ã¯ã·ã§ã³ã§ã¯ãå®éã«ããã¯ã§ã®åäœãèŠãªãããããã¯ãæ§æããèŠçŽ ã«ã€ããŠèŠãŠãããŸãã ã·ã¹ãã ãæã€ã³ãã³ããã¯ãšãªã®çš®é¡ãããã³ãã©ã³ã¹ããŒãå±€ãšã¢ããªã±ãŒã·ã§ã³å±€ã«ãããã¯ã©ã€ã¢ã³ãã©ã€ãã©ãªãæŠèŠ³ããŸãã
å©çšå¯èœãªã³ãã³ãäžèŠ§Â¶
ã³ãã³ãã¯ãã·ã¹ãã å ã®ãšã³ãã£ãã£ïŒã¢ã»ãããã¢ã«ãŠã³ãïŒã«å¯Ÿããç¹å®ã®ã¢ã¯ã·ã§ã³ãå®è¡ããããšã«ãããã·ã¹ãã ã®ç¶æ ïŒWorld State ViewãšåŒã°ããïŒãå€æŽãããŸãã ã¢ã¯ã·ã§ã³ãå®è¡ããã«ã¯ãã³ãã³ãããã©ã³ã¶ã¯ã·ã§ã³ã«å«ããå¿ èŠããããŸãã
該åœè³ç£ã®éãè¿œå ãã¶
ç®ç¶
è³ç£éãè¿œå ããã³ãã³ãïŒadd asset quantityïŒã®ç®çã¯ãååŒäœæè ã®ã¢ã«ãŠã³ãå ã®è³ç£éãå¢ããããšã§ãã ãŠãŒã¹ã±ãŒã¹ã®ã·ããªãªã§ã¯ãã·ã¹ãã å ã®å€æŽå¯èœãªè³ç£ã®æ°ãå¢ããããšã§ããããããã¯ååïŒäŸãã°ã貚幣ãéãªã©ïŒã«å¯Ÿããæš©å©ãšããŠæ©èœããŸãã
ã¹ããŒã ¶
message AddAssetQuantity {
string asset_id = 1;
string amount = 2;
}
泚é
Please note that due to a known issue you would not get any exception if you pass invalid precision value. Valid range is: 0 <= precision <= 255
æ§é ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
è³ç£ID | è³ç£ã®ID | <asset_name>#<domain_id> | usd#morgan |
é | è¿œå ãã¹ãè³ç£éïŒæ£æ°ïŒ | >0 | 200.02 |
æ€èšŒÂ¶
- è³ç£ãšã¢ã«ãŠã³ãããªããã°ãªããŸãã
- è¿œå ãããæ°éã®ç²ŸåºŠã¯ãè³ç£ç²ŸåºŠãšåãã§ããå¿ èŠããããŸã
- ãã©ã³ã¶ã¯ã·ã§ã³ã®äœæè ã¯ãè³ç£ãçºè¡ããæš©éãæããŠããå¿ èŠããããŸã
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not add asset quantity | Internal error happened | Try again or contact developers |
2 | No such permissions | Command's creator does not have permission to add asset quantity | Grant the necessary permission |
3 | No such asset | Cannot find asset with such name or such precision | Make sure asset id and precision are correct |
4 | Summation overflow | Resulting amount of asset is greater than the system can support | Make sure that resulting amount is less than 2^256 |
ãã¢ïŒããŒãïŒãè¿œå ãã¶
ç®ç¶
add peerã³ãã³ãã®ç®çã¯ããã¢ãããã¯ãŒã¯ã«åããŠãã¢ãè¿œå ãããäºå®ãå°åž³ã«æžã蟌ãããšã§ãã AddPeerãå®è¡ããããã©ã³ã¶ã¯ã·ã§ã³ãã³ããããããåŸãã³ã³ã»ã³ãµã¹ããã³åæã³ã³ããŒãã³ãããããã®äºå®ãé©çšãå§ããŸãã
ã¹ããŒã ¶
message AddPeer {
Peer peer = 1;
}
message Peer {
string address = 1;
bytes peer_key = 2;
}
æ§é ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
ã¢ãã¬ã¹ | ãããã¯ãŒã¯å ã®è§£æ±ºå¯èœãªã¢ãã¬ã¹ïŒIPv4ãIPv6ããã¡ã€ã³åãªã©ïŒ | 解決å¯èœãªã¯ãã§ã | 192.168.1.1:50541 |
ãã¢ãä¿æããéµ | ãã¢ã®å ¬ééµïŒæ祚æã®ãµã€ã³ãªããã³ããããã¡ãã»ãŒãžã®æåŠãšãã£ãåæ圢æã¢ã«ãŽãªãºã ã§äœ¿çšãããŸãïŒ | ed25519 å ¬ééµ | 292a8714694095edce6be799398ed5d6244cd7be37eb813106b217d850d261f2 |
æ€èšŒÂ¶
- Peer key is unique (there is no other peer with such public key)
- ãã©ã³ã¶ã¯ã·ã§ã³ã®äœæè ã«ã¯CanAddPeerã®æš©éãæãã圹å²ãäžããããŠããŸã
- ãã®ãããªãããã¯ãŒã¯ã¢ãã¬ã¹ã¯ãŸã è¿œå ãããŠããŸãã
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not add peer | Internal error happened | Try again or contact developers |
2 | No such permissions | Command's creator does not have permission to add peer | Grant the necessary permission |
眲åè ãè¿œå ãã¶
ç®ç¶
眲åè¿œå ã®ããã®ã³ãã³ãã®ç®çã¯ãã¢ã«ãŠã³ãã«èå¥åãäžããããšã§ãã ãããèå¥åã¯ãä»ã®ç«¯æ«ã®å ¬ééµãŸãã¯ãŠãŒã¶ã®å ¬ééµãçšããããŸãã
ã¹ããŒã ¶
message AddSignatory {
string account_id = 1;
bytes public_key = 2;
}
æ§é ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
ã¢ã«ãŠã³ãID | æ°ããªçœ²åè ãè¿œå ããã¢ã«ãŠã³ã | <account_name>@<domain_id> | makoto@soramitsu |
å ¬ééµ | ã¢ã«ãŠã³ãã«è¿œå ãã眲åè | ed25519 å ¬ééµ | 359f925e4eeecfdd6aa1abc0b79a6a121a5dd63bb612b603247ea4f8ad160156 |
æ€èšŒÂ¶
ïŒã€ã®äºäŸïŒ
ã±ãŒã¹1ïŒCanAddSignatoryã®æš©éãæããååŒäœæè ãã眲åãèªåã®ã¢ã«ãŠã³ãã«è¿œå ããããšèããŠããŸãã
ã±ãŒã¹2. CanAddSignatoryããã©ã³ã¶ã¯ã·ã§ã³äœæè ã«ä»äžãããŸãã
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not add signatory | Internal error happened | Try again or contact developers |
2 | No such permissions | Command's creator does not have permission to add signatory | Grant the necessary permission |
3 | No such account | Cannot find account to add signatory to | Make sure account id is correct |
4 | Signatory already exists | Account already has such signatory attached | Choose another signatory |
圹å²ãè¿œå ãã¶
ç®ç¶
AppendRoleïŒåœ¹å²ã®è¿œå ïŒã³ãã³ãã®ç®çã¯ãã·ã¹ãã å ã§æ¢ã«ååšãã圹å²ãããã¢ã«ãŠã³ããæ ãããšãã§ããããã«ããããšã§ãããã®åœ¹å²ïŒRoleïŒãšã¯ãã¢ã«ãŠã³ããã·ã¹ãã å ã§ã®ç¹å®ã®ã¢ã¯ã·ã§ã³ïŒã³ãã³ãåã¯ã¯ãšãªïŒãå®è¡ããããã«å¿ èŠãªæš©éã§ãã
ã¹ããŒã ¶
message AppendRole {
string account_id = 1;
string role_name = 2;
}
æ§é ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
ã¢ã«ãŠã³ãID | 圹å²ãè¿œå ããIDãŸãã¯ã¢ã«ãŠã³ã | æ¢ã«ååšãã | makoto@soramitsu |
Role name (圹å²å) | ã·ã¹ãã å ã§ãã§ã«èŠå®ããã圹å²å | æ¢ã«ååšãã | 貚幣ã®çºè¡è |
æ€èšŒÂ¶
- 圹å²ã¯ã·ã¹ãã ã«ååšããŠããã¯ãã§ã
- ååŒã®äœæè ã¯åœ¹å²ãè¿œå ããæš©éãå¿ èŠã§ãïŒCanAppendRoleïŒ
- Account, which appends role, has set of permissions in his roles that is a superset of appended role (in other words no-one can append role that is more powerful than what transaction creator is)
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not append role | Internal error happened | Try again or contact developers |
2 | No such permissions | Command's creator does not have permission to append role | Grant the necessary permission |
3 | No such account | Cannot find account to append role to | Make sure account id is correct |
4 | No such role | Cannot find role with such name | Make sure role id is correct |
ã¢ã«ãŠã³ããæ°èŠäœæãã¶
ç®ç¶
CreateAccountã³ãã³ãã®ç®çã¯ããã©ã³ã¶ã¯ã·ã§ã³ãã¯ãšãªã®éä¿¡ã眲åè ãå人æ å ±ããã³èå¥åãæ ŒçŽããããšãã§ãããšã³ãã£ãã£ãã·ã¹ãã å ã«äœæããããšã§ãã
ã¹ããŒã ¶
message CreateAccount {
string account_name = 1;
string domain_id = 2;
bytes public_key = 3;
}
æ§é ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
Account nameïŒã¢ã«ãŠã³ãåïŒ | ãã¡ã€ã³å ã§äžæã®ã¢ã«ãŠã³ãå | [a-z_0-9]{1,32} | morgan_stanley |
ãã¡ã€ã³ID | é¢ä¿ããã¿ãŒã²ãããã¡ã€ã³ | ã¢ã«ãŠã³ãã®åã«äœæããå¿ èŠããããŸã | america |
å ¬ééµ | ã¢ã«ãŠã³ãã«è¿œå ããæåã®å ¬ééµ | ed25519 å ¬ééµ | 407e57f50ca48969b08ba948171bb2435e035d82cec417e18e4a38f5fb113f83 |
æ€èšŒÂ¶
- ååŒäœæè ã«ã¯ã¢ã«ãŠã³ããäœæããæš©éããããŸã
- domain_idãšããŠæž¡ããããã¡ã€ã³ã¯ããã§ã«ã·ã¹ãã å ã§äœæãããŠããŸã
- ãã®ãããªå ¬ééµã¯ãã¢ã«ãŠã³ãã®æåã®å ¬ééµãšããŠè¿œå ãããŠããªããããŸãã¯ãã«ã眲åã¢ã«ãŠã³ãã«è¿œå ãããŠããŸãã
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not create account | Internal error happened | Try again or contact developers |
2 | No such permissions | Command's creator either does not have permission to create account or tries to create account in a more privileged domain, than the one creator is in | Grant the necessary permission or choose another domain |
3 | No such domain | Cannot find domain with such name | Make sure domain id is correct |
4 | Account already exists | Account with such name already exists in that domain | Choose another name |
ã¢ã»ãããçºè¡ãã¶
ç®ç¶
create assetã³ãã³ãã®ç®çã¯ããã¡ã€ã³å ã§äžæã®æ°èŠã¢ã»ãããäœæããããšã§ãã è³ç£ãšã¯ãååã®å¯ç®è¡šçŸã§ãã
ã¹ããŒã ¶
message CreateAsset {
string asset_name = 1;
string domain_id = 2;
uint32 precision = 3;
}
泚é
Please note that due to a known issue you would not get any exception if you pass invalid precision value. Valid range is: 0 <= precision <= 255
æ§é ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
Asset name (è³ç£å) | ãã¡ã€ã³å ã§äžæã®ã¢ã»ããå | [a-z_0-9]{1,32} | soracoin |
ãã¡ã€ã³ID | é¢ä¿ããã¿ãŒã²ãããã¡ã€ã³ | RFC1035 [1], RFC1123 [2] | japan |
Precision (粟床) | ã³ã³ã/ãããã«åŸã«ã€ã¥ãæ¡æ° | 0 <= precision <= 255 | 2 |
æ€èšŒÂ¶
- ãã©ã³ã¶ã¯ã·ã§ã³äœæè ã«ã¢ã»ãããäœæããæš©éããããŸã
- ã¢ã»ããåã¯ãã¡ã€ã³å ã§äžæã§ã
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not create asset | Internal error happened | Try again or contact developers |
2 | No such permissions | Command's creator does not have permission to create asset | Grant the necessary permission |
3 | No such domain | Cannot find domain with such name | Make sure domain id is correct |
4 | Asset already exists | Asset with such name already exists | Choose another name |
ãã¡ã€ã³ãäœæãã¶
ç®ç¶
CreateDomainã³ãã³ãã®ç®çã¯ãã€ãããããã¯ãŒã¯ã«æ°ãããã¡ã€ã³ãäœæããããšã§ããã¡ã€ã³ã¯è€æ°ã®ã¢ã«ãŠã³ãã§æ§æãããã²ãšã€ã®ã°ã«ãŒãã§ãã
ã¹ããŒã ¶
message CreateDomain {
string domain_id = 1;
string default_role = 2;
}
æ§é ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
ãã¡ã€ã³ID | äœæããããã¡ã€ã³ã®ID | äžæã«åºå¥ããããRFC1035 [1], RFC1123 [2] | japan05 |
ããã©ã«ãã§ã®åœ¹å² | ãã¡ã€ã³å ã§äœæããããŠãŒã¶ãŒã®åœ¹å² | æ¢ã«ã·ã¹ãã å ã«ååšããåœ¹å² | User |
æ€èšŒÂ¶
- ãã¡ã€ã³IDãäžæ
- ãã©ã³ã¶ã¯ã·ã§ã³ã§ãã®ã³ãã³ããéä¿¡ããã¢ã«ãŠã³ãã¯ããã¡ã€ã³ã®äœææš©éãæãã圹å²ãæã£ãŠããããš
- æ¢ã«äœæãããŠãããŠãŒã¶ãŒã«å²ãåœãŠããã圹å²ããã·ã¹ãã å ã«ååšããããš
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not create domain | Internal error happened | Try again or contact developers |
2 | No such permissions | Command's creator does not have permission to create domain | Grant the necessary permission |
3 | Domain already exists | Domain with such name already exists | Choose another domain name |
4 | No default role found | Role, which is provided as a default one for the domain, is not found | Make sure the role you provided exists or create it |
圹å²ãäœæãã¶
ç®ç¶
CreateRoleã³ãã³ãã®ç®çã¯ãäžé£ã®æš©éã®äžããæ°ãã圹å²ãã·ã¹ãã å ã«è¿œå ããããšã§ãã ã€ããã®ãã¢ãããã¯ãŒã¯ã®ç®¡çã»éå¶æ åœè ã¯ãç°ãªãæš©éã圹å²ã«çµã¿åãããããšã§ãã«ã¹ã¿ãã€ãºãããã»ãã¥ãªãã£ã¢ãã«ãæ§ç¯ããããšãã§ããŸãã
ã¹ããŒã ¶
message CreateRole {
string role_name = 1;
repeated RolePermission permissions = 2;
}
æ§é ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
Role name (圹å²å) | äœæãã圹å²ã®å称 | [a-z_0-9]{1,32} | User |
RolePermission | æ¢åã®æš©éã®é å | æž¡ãããäžé£ã®ã¢ã¯ã»ã¹èš±å¯ã¯ãæ¢åã®ã¢ã¯ã»ã¹èš±å¯ã«å šãŠå«ãŸããŠããããš | {can_receive, can_transfer} |
æ€èšŒÂ¶
- æž¡ãããäžé£ã®ã¢ã¯ã»ã¹èš±å¯ã¯ãæ¢åã®ã¢ã¯ã»ã¹èš±å¯ã«å šãŠå«ãŸããŠããããš
- ã²ãšã€ä»¥äžã®æš©éãèšå®ãããŠããããš
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not create role | Internal error happened | Try again or contact developers |
2 | No such permissions | Command's creator does not have permission to create role | Grant the necessary permission |
3 | Role already exists | Role with such name already exists | Choose another role name |
圹å²ãåãé¢ã¶
ç®ç¶
DetachRoleã³ãã³ãã®ç®çã¯ãã¢ã«ãŠã³ãã«ä»äžããã圹å²ããç¹å®ã®åœ¹å²ãåãé¢ãããšã§ãã ãã®ã³ãã³ããå®è¡ããããšã«ããããŠãŒã¶ã®ã·ã¹ãã ã§å®è¡å¯èœãªã¢ã¯ã·ã§ã³ã®æ°ãæžããããšãã§ããŸãã
ã¹ããŒã ¶
message DetachRole {
string account_id = 1;
string role_name = 2;
}
æ§é ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
ã¢ã«ãŠã³ãID | 圹å²ãåé€ãããã¢ã«ãŠã³ãã®ID | æ¢ã«ååšãã | makoto@soramitsu |
Role name (圹å²å) | åé€ãã圹å²ã®å称 | æ¢åã®åœ¹å²ã§ããããš | User |
æ€èšŒÂ¶
- åé€ããã圹å²ãã·ã¹ãã ã«ååšãã
- ã¢ã«ãŠã³ããåé€ããã圹å²ãæã£ãŠãã
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not detach role | Internal error happened | Try again or contact developers |
2 | No such permissions | Command's creator does not have permission to detach role | Grant the necessary permission |
3 | No such account | Cannot find account to detach role from | Make sure account id is correct |
4 | No such role in account's roles | Account with such id does not have role with such name | Make sure account-role pair is correct |
5 | No such role | Role with such name does not exist | Make sure role id is correct |
æš©éãäžãã¶
ç®ç¶
GrantPermissionã³ãã³ãã®ç®çã¯ãååŒã®éä¿¡è ã®ã¢ã«ãŠã³ãã«å¯ŸããŠç¹å®ã®ã¢ã¯ã·ã§ã³ãå®è¡ããæš©éãå¥ã®ã¢ã«ãŠã³ãã«äžããããšã§ãïŒèªåã®ã¢ã«ãŠã³ãã«å¯ŸããŠäœããè¡ãæš©éãä»è ã«äžããïŒã
ã¹ããŒã ¶
message GrantPermission {
string account_id = 1;
GrantablePermission permission = 2;
}
æ§é ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
ã¢ã«ãŠã³ãID | id of the account to which the rights are granted | æ¢ã«ååšãã | makoto@soramitsu |
GrantablePermission name | name of grantable permission | èš±å¯ãæåŠããã | CanTransferAssets |
æ€èšŒÂ¶
- ã¢ã«ãŠã³ããååšãã
- ãã©ã³ã¶ã¯ã·ã§ã³ã®äœæè ããã®èš±å¯ãäžããããšãã§ãã
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not grant permission | Internal error happened | Try again or contact developers |
2 | No such permissions | Command's creator does not have permission to grant permission | Grant the necessary permission |
3 | No such account | Cannot find account to grant permission to | Make sure account id is correct |
眲åè ãåé€ãã¶
ç®ç¶
RemoveSignatoryã³ãã³ãã®ç®çã¯ãç¹å®ã®IDãšé¢é£ä»ããããå ¬ééµããã®ã¢ã«ãŠã³ãããåé€ããããšã§ã
ã¹ããŒã ¶
message RemoveSignatory {
string account_id = 1;
bytes public_key = 2;
}
æ§é ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
ã¢ã«ãŠã³ãID | id of the account to which the rights are granted | æ¢ã«ååšãã | makoto@soramitsu |
å ¬ééµ | åé€ãã眲åè | ed25519 å ¬ééµ | 407e57f50ca48969b08ba948171bb2435e035d82cec417e18e4a38f5fb113f83 |
æ€èšŒÂ¶
- 眲åè ã®åé€ãå®è¡ãããåŸã«ã** sizeïŒsignatoriesïŒ> = quorum **ã®äžå€åŒãæç«ãããã©ããã調ã¹ãå¿ èŠããããŸã
- 眲åè ãåé€ããã以åã«ã¢ã«ãŠã³ãã«è¿œå ãããŠããå¿ èŠããããŸã
ïŒã€ã®äºäŸïŒ
ã±ãŒã¹1ïŒãã©ã³ã¶ã¯ã·ã§ã³ã®äœæè ã眲åè ãã¢ã«ãŠã³ãããåé€ãããå ŽåãCanRemoveSignatoryã®å®è¡æš©éãåŸãŠããããš
ã±ãŒã¹2. CanRemoveSignatoryããã©ã³ã¶ã¯ã·ã§ã³äœæè ã«ä»äžãããŠããããš
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not remove signatory | Internal error happened | Try again or contact developers |
2 | No such permissions | Command's creator does not have permission to remove signatory from his account | Grant the necessary permission |
3 | No such account | Cannot find account to remove signatory from | Make sure account id is correct |
4 | No such signatory | Cannot find signatory with such public key | Make sure public key is correct |
5 | Quorum does not allow to remove signatory | After removing the signatory account will be left with less signatories, than its quorum allows | Reduce the quorum |
æš©éãåãæ¶ã¶
ç®ç¶
RevokePermissionã³ãã³ãã®ç®çã¯ãäžããããŠããæš©éããããã¯ãŒã¯å ã®å¥ã®ã¢ã«ãŠã³ãããåãæ¶ãããšã§ãã
ã¹ããŒã ¶
message RevokePermission {
string account_id = 1;
GrantablePermission permission = 2;
}
æ§é ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
ã¢ã«ãŠã³ãID | id of the account to which the rights are granted | æ¢ã«ååšãã | makoto@soramitsu |
GrantablePermission name | name of grantable permission | å®è¡æš©éãäžããããŠããããš | CanTransferAssets |
æ€èšŒÂ¶
ãã©ã³ã¶ã¯ã·ã§ã³ã®äœæè ã¯ã以åã«ãã®æš©éãã¿ãŒã²ããã¢ã«ãŠã³ãã«ä»äžããŠããå¿ èŠããããŸã
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not revoke permission | Internal error happened | Try again or contact developers |
2 | No such permissions | Command's creator does not have permission to revoke permission | Grant the necessary permission |
3 | No such account | Cannot find account to revoke permission from | Make sure account id is correct |
ã¢ã«ãŠã³ãã®è©³çŽ°ãèšå®ãã¶
ç®ç¶
SetAccountDetailã³ãã³ãã®ç®çã¯ãç¹å®ã®ã¢ã«ãŠã³ãã®ããŒããªã¥ãŒæ å ±ãèšå®ããããšã§ã
èŠå
If there was a value for a given key already in the storage then it will be replaced with the new value
ã¹ããŒã ¶
message SetAccountDetail{
string account_id = 1;
string key = 2;
string value = 3;
}
æ§é ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
ã¢ã«ãŠã³ãID | id of the account to which the key-value information was set | æ¢ã«ååšãã | makoto@soramitsu |
Key | èšå®ãããããŒã«é¢ããæ å ± | [A-Za-z0-9_]{1,64} | Name |
Value | 察å¿ããããŒã®å€ | †4096 | Makoto |
æ€èšŒÂ¶
ïŒã€ã®äºäŸïŒ
ã±ãŒã¹1.ååŒã®äœæè ãå£åº§ã®è©³çŽ°æ å ±ãèšå®ãããå Žåã«ããã®äœæè ãCanSetAccountInfoã®å®è¡æš©éãåŸãŠãã
ã±ãŒã¹2. CanSetAccountInfoããã©ã³ã¶ã¯ã·ã§ã³äœæè ã«ä»äžãããå Žå
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not set account detail | Internal error happened | Try again or contact developers |
2 | No such permissions | Command's creator does not have permission to set account detail for another account | Grant the necessary permission |
3 | No such account | Cannot find account to set account detail to | Make sure account id is correct |
ã¢ã«ãŠã³ãã®å®è¶³æ°ãèšå®ãã¶
ç®ç¶
SetAccountQuorumã³ãã³ãã®ç®çã¯ããã©ã³ã¶ã¯ã·ã§ã³ãäœæãããŠãŒã¶ãŒã®èº«å ã確èªããããã«å¿ èŠãªçœ²åè ã®å®è¶³æ°ãèšå®ããããšã§ãã ãŠãŒã¹ã»ã±ãŒã¹ã»ã·ããªãªã«ãããŠã¯ãåäžã¢ã«ãŠã³ãã§ç°ãªããŠãŒã¶ãŒæ°ãèšå®ãããã©ã³ã¶ã¯ã·ã§ã³ããµã€ã³ãªãããããšã§ãã
ã¹ããŒã ¶
message SetAccountQuorum {
string account_id = 1;
uint32 quorum = 2;
}
æ§é ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
ã¢ã«ãŠã³ãID | å®è¶³æ°ãèšå®ããã¢ã«ãŠã³ãã®ID | æ¢ã«ååšãã | makoto@soramitsu |
Quorum | number of signatories needed to be included within a transaction from this account | 0 < quorum †public-key set up to account †128 | 5 |
æ€èšŒÂ¶
å®è¶³æ°ãèšå®ããããšã**size(signatories) >= quorum**ã®äžå€åŒãæç«ãããã©ããããã§ãã¯ãããŸãã
ïŒã€ã®äºäŸïŒ
ã±ãŒã¹1.ãã©ã³ã¶ã¯ã·ã§ã³äœæè ãã¢ã«ãŠã³ãã®å®è¶³æ°ãèšå®ãããã€ãã®ãŠãŒã¶ãŒãCanRemoveSignatoryæš©éãæã£ãŠããå Žå
ã±ãŒã¹2. CanRemoveSignatoryããã©ã³ã¶ã¯ã·ã§ã³äœæè ã«ä»äžãããŠããããš
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not set quorum | Internal error happened | Try again or contact developers |
2 | No such permissions | Command's creator does not have permission to set quorum for his account | Grant the necessary permission |
3 | No such account | Cannot find account to set quorum to | Make sure account id is correct |
4 | No signatories on account | Cannot find any signatories attached to the account | Add some signatories before setting quorum |
5 | New quorum is incorrect | New quorum size is less than account's signatories amount | Choose another value or add more signatories |
è³ç£éãæžãã¶
ç®ç¶
SubtractAssetQuantityã³ãã³ãã®ç®çã¯ãååŒã®äœæè ã®ã¢ã«ãŠã³ãå ã®è³ç£éãæžããããã§ããAddAssetQuantityã³ãã³ãã®éã®æäœã«ãªããŸãã
ã¹ããŒã ¶
message SubtractAssetQuantity {
string asset_id = 1;
string amount = 2;
}
泚é
Please note that due to a known issue you would not get any exception if you pass invalid precision value. Valid range is: 0 <= precision <= 255
æ§é ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
è³ç£ID | è³ç£ã®ID | <asset_name>#<domain_id> | usd#morgan |
é | å·®ãåŒãè³ç£éïŒæ£æ°ïŒ | >0 | 200 |
æ€èšŒÂ¶
- è³ç£ãšã¢ã«ãŠã³ãããªããã°ãªããŸãã
- è¿œå ãããæ°éã®ç²ŸåºŠã¯ãè³ç£ç²ŸåºŠãšåãã§ããå¿ èŠããããŸã
- ãã©ã³ã¶ã¯ã·ã§ã³ã®äœæè ã¯ãè³ç£ãåŒãåºãæš©éãæã€åœ¹å²ãæã€å¿ èŠããããŸã
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not subtract asset quantity | Internal error happened | Try again or contact developers |
2 | No such permissions | Command's creator does not have permission to subtract asset quantity | Grant the necessary permission |
3 | No such asset found | Cannot find asset with such name or precision in account's assets | Make sure asset name and precision are correct |
4 | Not enough balance | Account's balance is too low to perform the operation | Add asset to account or choose lower value to subtract |
è³ç£ã移転ããã¶
ç®ç¶
TransferAssetã³ãã³ãã®ç®çã¯ããã¢ãããã¯ãŒã¯å ã®ã¢ã«ãŠã³ãéã§è³ç£ãå ±æããããšã§ãã移転å ã¢ã«ãŠã³ããè³ç£ã移転å ã¿ãŒã²ããã¢ã«ãŠã³ãã«è»¢éããæ¹æ³ã§ãã
ã¹ããŒã ¶
message TransferAsset {
string src_account_id = 1;
string dest_account_id = 2;
string asset_id = 3;
string description = 4;
string amount = 5;
}
æ§é ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
Source account ID (移転å å£åº§) | ID of the account to withdraw the asset from | æ¢ã«ååšãã | makoto@soramitsu |
Destination account ID (移転å å£åº§) | ID of the account to send the asset to | æ¢ã«ååšãã | alex@california |
è³ç£ID | ID of the asset to transfer | æ¢ã«ååšãã | usd#usa |
説æ | Message to attach to the transfer | æ倧64æåãŸã§ | here's my money take it |
é | 移転ããè³ç£ã®éïŒéé¡ãªã©ïŒ | 0 <= precision <= 255 | 200.20 |
æ€èšŒÂ¶
- 移転å ã¢ã«ãŠã³ãã®AccountHasAssetã«åœè©²ã¢ã»ãããããããš
- 移転ããéïŒéé¡ãªã©ïŒãæ£æ°ã§ã粟床ãè³ç£å®çŸ©é ç®ãšäžèŽããããš
- ãœãŒã¹ã¢ã«ãŠã³ãã«è»¢éããè³ç£ãååã«ããããŒãã§ã¯ãªãããš
- éä¿¡å ã¢ã«ãŠã³ãããéã転éããããšãã§ããå®å ã¢ã«ãŠã³ãããéãåãåãããšãã§ããïŒããããã«ãããã®æš©éãä»äžãããŠããããšïŒ
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not transfer asset | Internal error happened | Try again or contact developers |
2 | No such permissions | Command's creator does not have permission to transfer asset from his account | Grant the necessary permission |
3 | No such source account | Cannot find account with such id to transfer money from | Make sure source account id is correct |
4 | No such destination account | Cannot find account with such id to transfer money to | Make sure destination account id is correct |
5 | No such asset found | Cannot find such asset | Make sure asset name and precision are correct |
6 | Not enough balance | Source account's balance is too low to perform the operation | Add asset to account or choose lower value to subtract |
7 | Too much asset to transfer | Resulting value of asset amount overflows destination account's amount | Make sure final value is less than 2^256 |
[1] | (1, 2, 3) https://www.ietf.org/rfc/rfc1035.txt |
[2] | (1, 2) https://www.ietf.org/rfc/rfc1123.txt |
ã¯ãšãªã®äžèŠ§Â¶
ã¯ãšãªãšã¯ãWorld State Viewã®ç¹å®ã®éšåïŒãããã¯ãã§ãŒã³ã®çŽè¿ã®ç¶æ ïŒã«ã€ããŠã®æ å ±ãåãåããããããšã§ãã ã¯ãšãªèªäœã¯ãããã¯ãã§ãŒã³ã®å 容ãå€æŽããããšã¯ã§ããŸãããã¯ãšãªãåä¿¡ããããŒããã¯ãšãªãåŠçãããã®çŽåŸã«ã¯ã©ã€ã¢ã³ãã«å¯ŸããŠå¿çãè¿ãããŸãã
æ€èšŒÂ¶
å šã¯ãšãªã«å¯Ÿããæ€èšŒã«ã¯æ¬¡ã®ãã®ãå«ãŸããŸãã
- ã¿ã€ã ã¹ã¿ã³ã - éå»ïŒãã¢ã»ã¿ã€ã ã®24æéåïŒãŸãã¯å°æ¥ïŒãã¢ã»ã¿ã€ã ã®5åå ã®ç¯å²ïŒã§ãã£ãŠã¯ãªããŸããã
- ã¯ãšãªãŒçæè ã®çœ²å - ã¯ãšãªãŒäœæè ã®èº«å 確èªã®ããã«äœ¿çšãããŸã
- ã¯ãšãªã«ãŠã³ã¿ - ã¯ãšãªäœæè ããéãããåŸç¶ã®ã¯ãšãªããšã«å¢åãããŠããããã®åºŠã«ãã®å€ããã§ãã¯ãããŸã
- åœ¹å² - ã¯ãšãªäœæè ã®åœ¹å²ã«å¿ããŠãã¯ãšãªã§åãåããã§ããæ å ±ã®ç¯å²ã¯ãåãã¢ã«ãŠã³ãããã¡ã€ã³å ã®ã¢ã«ãŠã³ãããããã¯ãã§ãŒã³å šäœã«é¢ä¿ããããããã¯å šãèš±å¯ãããªãããã«èšå®ããããšãå¯èœã§ã
Get Account¶
ç®ç¶
GetAccountã¯ãšãªã®ç®çã¯ãã¢ã«ãŠã³ãã®ç¶æ ãååŸããããšã§ãã
ãªã¯ãšã¹ãã»ã¹ããŒã¶
message GetAccount {
string account_id = 1;
}
RequestïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
ã¢ã«ãŠã³ãID | ç¶æ ãåãåãããã¢ã«ãŠã³ãã®ID | <account_name>@<domain_id> | alex@morgan |
ResponseïŒå³è¡šïŒÂ¶
message AccountResponse {
Account account = 1;
repeated string account_roles = 2;
}
message Account {
string account_id = 1;
string domain_id = 2;
uint32 quorum = 3;
string json_data = 4;
}
ResponseïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
ã¢ã«ãŠã³ãID | ã¢ã«ãŠã³ãID | <account_name>@<domain_id> | alex@morgan |
ãã¡ã€ã³ID | ã¢ã«ãŠã³ããäœæããããã¡ã€ã³ | RFC1035 [1], RFC1123 [2] | morgan |
Quorum | ãã©ã³ã¶ã¯ã·ã§ã³ãæå¹ãªãã®ã«ããããã«å¿ èŠãªçœ²åè æ° | 0 < quorum †128 | 5 |
JSON data | Key-Valueã¢ã«ãŠã³ãæ å ± | JSON | { genesis: {name: alex} } |
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not get account | Internal error happened | Try again or contact developers |
2 | No such permissions | Query's creator does not have any of the permissions to get account | Grant the necessary permission: individual, global or domain one |
3 | Invalid signatures | Signatures of this query did not pass validation | Add more signatures and make sure query's signatures are a subset of account's signatories |
Get Block¶
ç®ç¶
Purpose of get block query is to get a specific block, using its height as an identifier
ãªã¯ãšã¹ãã»ã¹ããŒã¶
message GetBlock {
uint64 height = 1;
}
RequestïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
Height | height of the block to be retrieved | 0 < height < 2^64 | 42 |
ResponseïŒå³è¡šïŒÂ¶
message BlockResponse {
Block block = 1;
}
ResponseïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
Block | the retrieved block | block structure | block |
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not get block | Internal error happened | Try again or contact developers |
2 | No such permissions | Query's creator does not have a permission to get block | Grant the necessary permission |
3 | Invalid height | Supplied height is not uint_64 or greater than the ledger's height | Check the height and try again |
Get Signatories¶
ç®ç¶
GetSignatoriesã¯ãšãªã®ç®çã¯ã眲åè ãååŸããããšã§ãã眲åè ã¯ãã¢ã«ãŠã³ãã®IDãšããŠæ©èœããŸãã
ãªã¯ãšã¹ãã»ã¹ããŒã¶
message GetSignatories {
string account_id = 1;
}
RequestïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
ã¢ã«ãŠã³ãID | 眲åè ãèŠæ±ããã¢ã«ãŠã³ãã®ID | <account_name>@<domain_id> | alex@morgan |
ResponseïŒå³è¡šïŒÂ¶
message SignatoriesResponse {
repeated bytes keys = 1;
}
ResponseïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
Keys | å ¬ééµã®é å | ed25519 | 292a8714694095edce6be799398ed5d6244cd7be37eb813106b217d850d261f2 |
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not get signatories | Internal error happened | Try again or contact developers |
2 | No such permissions | Query's creator does not have any of the permissions to get signatories | Grant the necessary permission: individual, global or domain one |
3 | Invalid signatures | Signatures of this query did not pass validation | Add more signatures and make sure query's signatures are a subset of account's signatories |
Get Transactions¶
ç®ç¶
GetTransactions is used for retrieving information about transactions, based on their hashes. .. note:: This query is valid if and only if all the requested hashes are correct: corresponding transactions exist, and the user has a permission to retrieve them
ãªã¯ãšã¹ãã»ã¹ããŒã¶
message GetTransactions {
repeated bytes tx_hashes = 1;
}
RequestïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
ãã©ã³ã¶ã¯ã·ã§ã³ããã·ã¥ | ããã·ã¥ã®é å | 32ãã€ãé·ã®ããã·ã¥ã®é å | {hash1, hash2âŠ} |
ResponseïŒå³è¡šïŒÂ¶
message TransactionsResponse {
repeated Transaction transactions = 1;
}
ResponseïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
Transactions | ãã©ã³ã¶ã¯ã·ã§ã³ã®é å | ã³ãããããããã©ã³ã¶ã¯ã·ã§ã³ | {tx1, tx2âŠ} |
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not get transactions | Internal error happened | Try again or contact developers |
2 | No such permissions | Query's creator does not have any of the permissions to get transactions | Grant the necessary permission: individual, global or domain one |
3 | Invalid signatures | Signatures of this query did not pass validation | Add more signatures and make sure query's signatures are a subset of account's signatories |
4 | Invalid hash | At least one of the supplied hashes either does not exist in user's transaction list or creator of the query does not have permissions to see it | Check the supplied hashes and try again |
Get Pending Transactions¶
ç®ç¶
GetPendingTransactions is used for retrieving a list of pending (not fully signed) multisignature transactions or batches of transactions issued by account of query creator.
ãªã¯ãšã¹ãã»ã¹ããŒã¶
message GetPendingTransactions {
}
ResponseïŒå³è¡šïŒÂ¶
message TransactionsResponse {
repeated Transaction transactions = 1;
}
ResponseïŒå éšæ§é ïŒÂ¶
The response contains a list of pending transactions.
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
Transactions | an array of pending transactions | Pending transactions | {tx1, tx2âŠ} |
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not get pending transactions | Internal error happened | Try again or contact developers |
2 | No such permissions | Query's creator does not have any of the permissions to get pending transactions | Grant the necessary permission: individual, global or domain one |
3 | Invalid signatures | Signatures of this query did not pass validation | Add more signatures and make sure query's signatures are a subset of account's signatories |
Get Account Transactions¶
ç®ç¶
In a case when a list of transactions per account is needed, GetAccountTransactions query can be formed.
泚é
This query uses pagination for quicker and more convenient query responses.
ãªã¯ãšã¹ãã»ã¹ããŒã¶
message TxPaginationMeta {
uint32 page_size = 1;
oneof opt_first_tx_hash {
string first_tx_hash = 2;
}
}
message GetAccountTransactions {
string account_id = 1;
TxPaginationMeta pagination_meta = 2;
}
RequestïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
ã¢ã«ãŠã³ãID | ãã©ã³ã¶ã¯ã·ã§ã³æ å ±ããªã¯ãšã¹ãããã¢ã«ãŠã³ãID | <account_name>@<domain_id> | makoto@soramitsu |
Page size | size of the page to be returned by the query, if the response contains fewer transactions than a page size, then next tx hash will be empty in response | page_size > 0 | 5 |
First tx hash | hash of the first transaction in the page. If that field is not set â then the first transactions are returned | hash in hex format | bddd58404d1315e0eb27902c5d7c8eb0602c16238f005773df406bc191308929 |
ResponseïŒå³è¡šïŒÂ¶
message TransactionsPageResponse {
repeated Transaction transactions = 1;
uint32 all_transactions_size = 2;
oneof next_page_tag {
string next_tx_hash = 3;
}
}
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not get account transactions | Internal error happened | Try again or contact developers |
2 | No such permissions | Query's creator does not have any of the permissions to get account transactions | Grant the necessary permission: individual, global or domain one |
3 | Invalid signatures | Signatures of this query did not pass validation | Add more signatures and make sure query's signatures are a subset of account's signatories |
4 | Invalid pagination hash | Supplied hash does not appear in any of the user's transactions | Make sure hash is correct and try again |
5 | Invalid account id | User with such account id does not exist | Make sure account id is correct |
ResponseïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
Transactions | æå®ãããã¢ã«ãŠã³ãã«é¢é£ãããã©ã³ã¶ã¯ã·ã§ã³ã®é å | ã³ãããããããã©ã³ã¶ã¯ã·ã§ã³ | {tx1, tx2âŠ} |
All transactions size | total number of transactions created by the given account | 100 | |
Next transaction hash | hash pointing to the next transaction after the last transaction in the page. Empty if a page contains the last transaction for the given account | bddd58404d1315e0eb27902c5d7c8eb0602c16238f005773df406bc191308929 |
Get Account Asset Transactions¶
ç®ç¶
GetAccountAssetTransactions query returns all transactions associated with given account and asset.
泚é
This query uses pagination for query responses.
ãªã¯ãšã¹ãã»ã¹ããŒã¶
message TxPaginationMeta {
uint32 page_size = 1;
oneof opt_first_tx_hash {
string first_tx_hash = 2;
}
}
message GetAccountAssetTransactions {
string account_id = 1;
string asset_id = 2;
TxPaginationMeta pagination_meta = 3;
}
RequestïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
ã¢ã«ãŠã³ãID | ãã©ã³ã¶ã¯ã·ã§ã³æ å ±ããªã¯ãšã¹ãããã¢ã«ãŠã³ãID | <account_name>@<domain_id> | makoto@soramitsu |
è³ç£ID | ãã®ã¢ã»ããã«é¢é£ãããã©ã³ã¶ã¯ã·ã§ã³ããã£ã«ã¿ããããã«æå®ããã¢ã»ããID | <asset_name>#<domain_id> | jpy#japan |
Page size | size of the page to be returned by the query, if the response contains fewer transactions than a page size, then next tx hash will be empty in response | page_size > 0 | 5 |
First tx hash | hash of the first transaction in the page. If that field is not set â then the first transactions are returned | hash in hex format | bddd58404d1315e0eb27902c5d7c8eb0602c16238f005773df406bc191308929 |
ResponseïŒå³è¡šïŒÂ¶
message TransactionsPageResponse {
repeated Transaction transactions = 1;
uint32 all_transactions_size = 2;
oneof next_page_tag {
string next_tx_hash = 3;
}
}
ResponseïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
Transactions | ç¹å®ã®ã¢ã«ãŠã³ããšè³ç£ã«é¢é£ãããã©ã³ã¶ã¯ã·ã§ã³ã®é å | ã³ãããããããã©ã³ã¶ã¯ã·ã§ã³ | {tx1, tx2âŠ} |
All transactions size | total number of transactions for given account and asset | 100 | |
Next transaction hash | hash pointing to the next transaction after the last transaction in the page. Empty if a page contains the last transaction for given account and asset | bddd58404d1315e0eb27902c5d7c8eb0602c16238f005773df406bc191308929 |
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not get account asset transactions | Internal error happened | Try again or contact developers |
2 | No such permissions | Query's creator does not have any of the permissions to get account asset transactions | Grant the necessary permission: individual, global or domain one |
3 | Invalid signatures | Signatures of this query did not pass validation | Add more signatures and make sure query's signatures are a subset of account's signatories |
4 | Invalid pagination hash | Supplied hash does not appear in any of the user's transactions | Make sure hash is correct and try again |
5 | Invalid account id | User with such account id does not exist | Make sure account id is correct |
6 | Invalid asset id | Asset with such asset id does not exist | Make sure asset id is correct |
Get Account Assets¶
ç®ç¶
To get the state of all assets in an account (a balance), GetAccountAssets query can be used.
ãªã¯ãšã¹ãã»ã¹ããŒã¶
message GetAccountAssets {
string account_id = 1;
}
RequestïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
ã¢ã«ãŠã³ãID | æ®é«æ å ±ãè«æ±ããã¢ã«ãŠã³ãID | <account_name>@<domain_id> | makoto@soramitsu |
ResponseïŒå³è¡šïŒÂ¶
message AccountAssetResponse {
repeated AccountAsset acct_assets = 1;
}
message AccountAsset {
string asset_id = 1;
string account_id = 2;
string balance = 3;
}
ResponseïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
è³ç£ID | æ®é«ç¢ºèªã«äœ¿çšãããè³ç£ã®èå¥å | <asset_name>#<domain_id> | jpy#japan |
ã¢ã«ãŠã³ãID | æ®é«ãæã€ã¢ã«ãŠã³ã | <account_name>@<domain_id> | makoto@soramitsu |
Balance | è³ç£æ®é« | No less than 0 | 200.20 |
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not get account assets | Internal error happened | Try again or contact developers |
2 | No such permissions | Query's creator does not have any of the permissions to get account assets | Grant the necessary permission: individual, global or domain one |
3 | Invalid signatures | Signatures of this query did not pass validation | Add more signatures and make sure query's signatures are a subset of account's signatories |
Get Account Detail¶
ç®ç¶
To get details of the account, GetAccountDetail query can be used. Account details are key-value pairs, splitted into writers categories. Writers are accounts, that added the corresponding account detail. Example of such structure is:
{
"account@a_domain": {
"age": 18,
"hobbies": "crypto"
},
"account@b_domain": {
"age": 20,
"sports": "basketball"
}
}
Here, one can see four account details - "age", "hobbies" and "sports" - added by two writers - "account@a_domain" and "account@b_domain". All of these details, obviously, are about the same account.
ãªã¯ãšã¹ãã»ã¹ããŒã¶
message GetAccountDetail {
oneof opt_account_id {
string account_id = 1;
}
oneof opt_key {
string key = 2;
}
oneof opt_writer {
string writer = 3;
}
}
泚é
Pay attention, that all fields are optional. Reasons will be described later.
RequestïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
ã¢ã«ãŠã³ãID | account id to get details from | <account_name>@<domain_id> | account@domain |
Key | key, under which to get details | string | age |
Writer | account id of writer | <account_name>@<domain_id> | account@domain |
ResponseïŒå³è¡šïŒÂ¶
message AccountDetailResponse {
string detail = 1;
}
ResponseïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
Detail | key-value pairs with account details | JSON | see below |
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not get account detail | Internal error happened | Try again or contact developers |
2 | No such permissions | Query's creator does not have any of the permissions to get account detail | Grant the necessary permission: individual, global or domain one |
3 | Invalid signatures | Signatures of this query did not pass validation | Add more signatures and make sure query's signatures are a subset of account's signatories |
Usage Examples¶
Again, let's consider the example of details from the beginning and see how different variants of GetAccountDetail queries will change the resulting response.
{
"account@a_domain": {
"age": 18,
"hobbies": "crypto"
},
"account@b_domain": {
"age": 20,
"sports": "basketball"
}
}
account_id is not set
If account_id is not set - other fields can be empty or not - it will automatically be substituted with query creator's account, which will lead to one of the next cases.
only account_id is set
In this case, all details about that account are going to be returned, leading to the following response:
{
"account@a_domain": {
"age": 18,
"hobbies": "crypto"
},
"account@b_domain": {
"age": 20,
"sports": "basketball"
}
}
account_id and key are set
Here, details added by all writers under the key are going to be returned. For example, if we asked for the key "age", that's the response we would get:
{
"account@a_domain": {
"age": 18
},
"account@b_domain": {
"age": 20
}
}
account_id and writer are set
Now, the response will contain all details about this account, added by one specific writer. For example, if we asked for writer "account@b_domain", we would get:
{
"account@b_domain": {
"age": 20,
"sports": "basketball"
}
}
account_id, key and writer are set
Finally, if all three field are set, result will contain details, added the specific writer and under the specific key, for example, if we asked for key "age" and writer "account@a_domain", we would get:
{
"account@a_domain": {
"age": 18
}
}
Get Asset Info¶
ç®ç¶
In order to get information on the given asset (as for now - its precision), user can send GetAssetInfo query.
ãªã¯ãšã¹ãã»ã¹ããŒã¶
message GetAssetInfo {
string asset_id = 1;
}
RequestïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
è³ç£ID | é¢é£æ å ±ãç¥ãããã®è³ç£ID | <asset_name>#<domain_id> | jpy#japan |
ResponseïŒå³è¡šïŒÂ¶
message Asset {
string asset_id = 1;
string domain_id = 2;
uint32 precision = 3;
}
泚é
Please note that due to a known issue you would not get any exception if you pass invalid precision value. Valid range is: 0 <= precision <= 255
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not get asset info | Internal error happened | Try again or contact developers |
2 | No such permissions | Query's creator does not have any of the permissions to get asset info | Grant the necessary permission: individual, global or domain one |
3 | Invalid signatures | Signatures of this query did not pass validation | Add more signatures and make sure query's signatures are a subset of account's signatories |
ResponseïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
è³ç£ID | æ®é«ç¢ºèªã«äœ¿çšãããè³ç£ã®èå¥å | <asset_name>#<domain_id> | jpy#japan |
ãã¡ã€ã³ID | ãã®ã¢ã»ããã«é¢é£ãããã¡ã€ã³ | RFC1035 [1], RFC1123 [2] | japan |
Precision (粟床) | ã³ã³ãã®åŸã®æ¡æ° | 0 <= precision <= 255 | 2 |
Get Roles¶
ç®ç¶
ã·ã¹ãã å ã®ååšããããŸããŸãªåœ¹å²ã«é¢ããæ å ±ãåŸãããã«ã¯ããŠãŒã¶ã¯ãIrohaãããã¯ãŒã¯ã« `GetRoles`ã¯ãšãªãéãããšãã§ããŸãã
ãªã¯ãšã¹ãã»ã¹ããŒã¶
message GetRoles {
}
ResponseïŒå³è¡šïŒÂ¶
message RolesResponse {
repeated string roles = 1;
}
ResponseïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
Roles | ãããã¯ãŒã¯å ã«äœæããã圹å²ã®é å | ã·ã¹ãã å ã§èŠå®ãããŠãã圹å²ïŒããŒã«ïŒ | {MoneyCreator, User, Admin, âŠ} |
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not get roles | Internal error happened | Try again or contact developers |
2 | No such permissions | Query's creator does not have any of the permissions to get roles | Grant the necessary permission: individual, global or domain one |
3 | Invalid signatures | Signatures of this query did not pass validation | Add more signatures and make sure query's signatures are a subset of account's signatories |
Get Role Permissions¶
ç®ç¶
ã·ã¹ãã å ã®åœ¹å²ããšã«å©çšå¯èœã«ãªã£ãŠããæš©éãåŸãããã«ããŠãŒã¶ãŒã¯Irohaãããã¯ãŒã¯ã« `GetRolePermissions`ã¯ãšãªãéãããšãã§ããŸãã
ãªã¯ãšã¹ãã»ã¹ããŒã¶
message GetRolePermissions {
string role_id = 1;
}
RequestïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
Role ID | æš©éãä»äžããåœ¹å² | ã·ã¹ãã å ã§æ¢ã«èŠå®ãããŠããåœ¹å² | 貚幣ã®çºè¡è |
ResponseïŒå³è¡šïŒÂ¶
message RolePermissionsResponse {
repeated string permissions = 1;
}
ResponseïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
Permissions | 圹å²ã«é¢é£ããæš©é (é å) | ããŒã«ã«é¢é£ããã¢ã¯ã»ã¹æš© (æåå) | {can_add_asset_qty, âŠ} |
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not get role permissions | Internal error happened | Try again or contact developers |
2 | No such permissions | Query's creator does not have any of the permissions to get role permissions | Grant the necessary permission: individual, global or domain one |
3 | Invalid signatures | Signatures of this query did not pass validation | Add more signatures and make sure query's signatures are a subset of account's signatories |
[1] | (1, 2) https://www.ietf.org/rfc/rfc1035.txt |
[2] | (1, 2) https://www.ietf.org/rfc/rfc1123.txt |
FetchCommits¶
ç®ç¶
To get new blocks as soon as they are committed, a user can invoke FetchCommits RPC call to Iroha network.
ãªã¯ãšã¹ãã»ã¹ããŒã¶
No request arguments are needed
ResponseïŒå³è¡šïŒÂ¶
message BlockQueryResponse {
oneof response {
BlockResponse block_response = 1;
BlockErrorResponse block_error_response = 2;
}
}
Please note that it returns a stream of BlockQueryResponse.
ResponseïŒå éšæ§é ïŒÂ¶
ãã£ãŒã«ã | 説æ | å¶çŽ | äŸ |
---|---|---|---|
Block | Iroha block | only committed blocks | { 'block_v1': ....} |
Possible Stateful Validation Errors¶
Code | Error Name | 説æ | How to solve |
---|---|---|---|
1 | Could not get block streaming | Internal error happened | Try again or contact developers |
2 | No such permissions | Query's creator does not have any of the permissions to get blocks | Grant the necessary permission: individual, global or domain one |
3 | Invalid signatures | Signatures of this query did not pass validation | Add more signatures and make sure query's signatures are a subset of account's signatories |
äŸÂ¶
You can check an example how to use this query here: https://github.com/x3medima17/twitter
ã¡ã³ããã³ã¹Â¶
æ¬é ã§ã¯ãããŒããŠã§ã¢èŠä»¶ããããã€ã¡ã³ãããã»ã¹ã®è©³çŽ°ãã»ãã¥ãªãã£é¢é£é ç®ãèšå®ãã¡ã€ã«ã«é¢ããŠãã¹ãŠèª¬æããŸãããããã®èª¬æã¯ãéçºã»éçšæ åœè ããããã¯ã·ã¹ãã ã®çŽ°éšãŸã§æãäžããŠã¿ãŠã¿ãã人ã«åœ¹ç«ã¡ãŸãã
Permissions¶
Hyperledger Iroha uses a role-based access control system to limit actions of its users. This system greatly helps to implement use cases involving user groups having different access levels â ranging from the weak users, who can't even receive asset transfer to the super-users. The beauty of our permission system is that you don't have to have a super-user in your Iroha setup or use all the possible permissions: you can create segregated and lightweight roles.
Maintenance of the system involves setting up roles and permissions, that are included in the roles. This might be done at the initial step of system deployment â in genesis block, or later when Iroha network is up and running, roles can be changed (if there is a role that can do that :)
This section will help you to understand permissions and give you an idea of how to create roles including certain permissions. Each permission is provided with an example written in Python that demonstrates the way of transaction or query creation, which require specific permission. Every example uses commons.py module, which listing is available at Supplementary Sources section.
List of Permissions¶
Permission Name | Category | Type |
---|---|---|
can_create_account | Account | Command |
can_set_detail | Account | Command |
can_set_my_account_detail grantable |
Account | Command |
can_create_asset | Asset | Command |
can_receive | Asset | Command |
can_transfer | Asset | Command |
can_transfer_my_assets grantable |
Asset | Command |
can_add_asset_qty | Asset Quantity | Command |
can_subtract_asset_qty | Asset Quantity | Command |
can_add_domain_asset_qty | Asset Quantity | Command |
can_subtract_domain_asset_qty | Asset Quantity | Command |
can_create_domain | Domain | Command |
can_grant_can_add_my_signatory | Grant | Command |
can_grant_can_remove_my_signatory | Grant | Command |
can_grant_can_set_my_account_detail | Grant | Command |
can_grant_can_set_my_quorum | Grant | Command |
can_grant_can_transfer_my_assets | Grant | Command |
can_add_peer | Peer | Command |
can_append_role | Role | Command |
can_create_role | Role | Command |
can_detach_role | Role | Command |
can_add_my_signatory grantable |
Signatory | Command |
can_add_signatory | Signatory | Command |
can_remove_my_signatory grantable |
Signatory | Command |
can_remove_signatory | Signatory | Command |
can_set_my_quorum grantable |
Signatory | Command |
can_set_quorum | Signatory | Command |
can_get_all_acc_detail | Account | Query |
can_get_all_accounts | Account | Query |
can_get_domain_acc_detail | Account | Query |
can_get_domain_accounts | Account | Query |
can_get_my_acc_detail | Account | Query |
can_get_my_account | Account | Query |
can_get_all_acc_ast | Account Asset | Query |
can_get_domain_acc_ast | Account Asset | Query |
can_get_my_acc_ast | Account Asset | Query |
can_get_all_acc_ast_txs | Account Asset Transaction | Query |
can_get_domain_acc_ast_txs | Account Asset Transaction | Query |
can_get_my_acc_ast_txs | Account Asset Transaction | Query |
can_get_all_acc_txs | Account Transaction | Query |
can_get_domain_acc_txs | Account Transaction | Query |
can_get_my_acc_txs | Account Transaction | Query |
can_read_assets | Asset | Query |
can_get_blocks | Block Stream | Query |
can_get_roles | Role | Query |
can_get_all_signatories | Signatory | Query |
can_get_domain_signatories | Signatory | Query |
can_get_my_signatories | Signatory | Query |
can_get_all_txs | Transaction | Query |
can_get_my_txs | Transaction | Query |
Supplementary Sources¶
Ansible¶
泚æ
Contents are missing for now. Please check deploy/ansible folder and README.md file in it.