Certificate Credentialing Service using Blockchain technology-Hyperledger Fabric.
In this blog, you can explore the application of blockchain technology in credentialing services. Although there exist many methods to authenticate certificates, here we will concentrate on the ways to validate certificates with the help of blockchain technology. Also, we will discuss the different frameworks available and determine which framework is more suitable for our use case. We will also have a small sneak peek into the architecture for the credentialing system using Hyperledger Fabric and set up a small Hyperledger Fabric test network.
Verification of certificates is generally done manually or with the help of a centralized database. Manual verification can be a cumbersome process and a centralized database can pose the risk of immutability and trust when multiple stakeholders are present.
Imagine a course for a particular skill that is being offered by multiple organizations. These organizations need to follow a certain set of protocols to issue the certificate to an individual, but there exist no methods to track the process of certification nor any process to validate or authenticate the certificates.
Our approach:
Why blockchain?
As every block is encrypted, blockchain is hackproof and provides high security. It is faster compared to the traditional document verification process. It is easy to distinguish between the original and high-quality duplicate data(document). One more important aspect is that we can easily trace the history of the document.
Below are the points that favor blockchain technology over conventional methods.
- Immutable: Blockchain’s fundamental characteristic is immutability, which means once data is stored, it cannot be altered or deleted, making the certificates tamper-proof.
- Decentralization: Blockchain is decentralized, making nobody the owner of the data, Certificates are stored across a distributed network of nodes, making it challenging to forge certificates.
- Transparency: Since everything is available in the network and nobody owns it, it is easy for a third person to come and verify the certificates.
- Timestamping: Since the certificate can be time-stamped, we can track the exact time of issue of the certificate.
- Security: Complex cryptographic functions are used to hash the data, making it more secure.
- Automatable: We can automate processes like certificate issuance and verification with the help of smart contracts, which can reduce the need for manual verification.
There are three types of blockchain networks. They are — Public Blockchains, Private Blockchains, and Consortium Blockchains.
Now we went through the types of blockchains to decide which one would be apt for our requirements.
Public blockchains are open and permissionless networks that anyone can join and participate in without any restrictions. This immediately let us down as privacy was a big concern and we wanted the network to be limited to only the stakeholders. We understood that Private or Consortium Blockchain networks were the one that fits our requirement and started researching in that direction.
Different Blockchain tools
Since blockchain development is a relatively new field, we had to do a small research before concluding Hyperledger Fabric as our tool of choice.
The tools that were under our consideration and their features are listed below.
- Avalance
Avalanche is an open-source blockchain platform that aims to provide high scalability, and fast transaction finality which is mainly designed for finance-based applications.
Avalanche is in its early evolution days and has some major issues with decentralization, so we decided to not go ahead with Avalanche.
2. Ethereum
Ethereum is a popular blockchain platform, with supports smart contracts and can be used to create decentralized applications. It supports permission access and has an extensive developer community to support it.
Ethereum seemed to be the one we were searching for until we came across the pricing. Developing a blockchain in Ethereum can be costly so we set it aside to look for other tools.
3. BNB Chain
Launched by the cryptocurrency exchange Binance, BNB Smart Chain (BSC), previously Binance Smart Chain, is a blockchain network. It supports smart contracts and decentralized applications (DApps). BSC uses a Proof of Staked Authority (PoSA) consensus mechanism.
BNB Chain has limited functionality and lack of adoption and it has a lot of interventions from the Binance organization.
4. Multichain
Multichain is an open-source blockchain platform that enables developers to build, deploy, and manage private and public blockchain networks. It has good customizability and scalability. Multichain seemed fit for the use case, but it lacked community support, and use cases were fewer.
Why Hyperledger Fabric?
Hyperledger Fabric is an open-source, permissioned blockchain platform developed by the Linux Foundation’s Hyperledger project. It is designed to provide a framework for building enterprise-grade, distributed ledger applications with a focus on privacy, scalability, and modularity.
Here are some points that went well for getting it considered.
1. Privacy and Permissioned Network: Hyperledger Fabric allows the creation of permissioned networks, where participants must be authorized to join the network. This makes it suitable for enterprise use cases that require controlled access to the blockchain.
2. Modularity and Flexibility: Fabric’s modular architecture allows developers to plug in various components and consensus algorithms, making it flexible and customizable.
3. Private Transactions: Private transactions are possible in Fabric, which allows data to be shared only among intended members.
4. High Scalability: Fabric is good at scalability, and it can handle a high number of transactions per second.
5. Performance: Credentialing applications often involve many transactions and require quick verification times. Hyperledger Fabric’s consensus mechanisms, such as its pluggable architecture and support for private data collections, contribute to its high performance and scalability.
6. Support for Smart Contracts: Fabric supports smart contracts written in popular programming languages like Go and JavaScript requirements.
Apart from these, AWS has an easily accessible AWS-hosted Hyperledger Fabric tutorial and a track and trace workshop that is based on Hyperledger Fabric which is very useful to get started with Hyperledger Fabric. These points convinced us to go ahead with Hyperledger Fabric for the Project.
Architecture
Hyperledger Fabric, a permissioned blockchain technology, will be used to build the blockchain network. A group of peer nodes, an orderer node, and a certificate authority (CA) node make up the network. Peer nodes will keep a copy of the ledger on hand and run chaincode to update the ledger’s state. The transactions will be sorted by the orderer node, which will also add additional blocks to the ledger. The CA node will handle network participant identities and dispense certificates.
In the above diagram, LMS or Learning Management system is the issuer who creates the certificates. The credential verifier is the end user who uses the portal to verify the certificates. Both the LMS and end user will interact with the credentialing service, which will communicate with the blockchain network. A credential database will keep track of the certificates generated. Here, Hyperledger Fabric is the framework used to set up the network.
Below listed are the different components of the service.
- Certification Authority: The CA node will handle identities and issue certificates using the Fabric-CA component of Hyperledger Fabric. The CA will be set up to sign certificates and enable safe communication between network users using a public key infrastructure (PKI). To access the network, users must first sign up and authenticate with the CA node.
- Web Server: The Fabric SDK will be used to connect the web server to the blockchain network. The web server will be created using a backend technology like Node.js. The SDK offers APIs for communicating with the blockchain network, including calling chaincode and requesting ledger queries. A database like MongoDB will house user and certificate information on the web server.
- Frontend: The frontend part can be made as per our requirement, the APIs can be fetched via REST or GraphQL methods, and the AWS workshop which is mentioned above uses GraphQL to fetch the data
- LMS Dashboard: The Dashboard component will be implemented using frontend frameworks and will communicate with the web server using APIs. The web server will invoke chaincode to issue certificates and store them on the blockchain network. The Dashboard allows the issuer to select and issue certificates.
- End-user/customer Dashboard: The end-user component will be implemented using frontend frameworks. APIs will be used to connect to the web server. The end user’s certificate will be retrieved from the ledger by the web server and saved in the database. A list of certificates will be shown on the customer dashboard, and they can be viewed and shared by the customer with others.
- Verification Portal: APIs will be used to connect the Verification Portal component to the web server. To confirm the validity of the certificate, the web server will query the ledger and return the outcome to the verification portal. The verification portal will show the verifier the results of the verification.
Future Scope
In the future, we can explore the concept of leaderboards and gamification elements within the platform, like once the user completes the certification, they will be rewarded with some points. We can implement this as a single domain or URL for anyone, whether it’s an end user or an organizational user, or a third-party employer, Anyone can verify the credentials with the help of a single URL.
Setting Up a Test Network
Now, let’s set up a Hyperledger Fabric test network.
Prerequisites
Hyperledger Fabric has some prerequisites. Make sure you have downloaded all of them. A Linux system is suggested, as Hyperledger is built by the Linux Foundation. But you can use any environment. For this blog, we will be using a Linux system and NodeJS for chaincode development.
Git
Install the latest version of git if it is not already installed.
$ sudo apt-get install gitcURL
Install the latest version of cURL if it is not already installed.
$ sudo apt-get install curlDocker
Install the latest version of Docker if it is not already installed.
sudo apt-get -y install docker-composeOnce installed, confirm that the latest versions of both Docker and Docker Compose executables were installed.
$ docker --version
Docker version 19.03.12, build 48a66213fe
$ docker-compose --version
docker-compose version 1.27.2, build 18f557f9Make sure the Docker daemon is running.
sudo systemctl start dockerMake sure you have downloaded all the prerequisites.
Install Fabric and Fabric Samples
In order to install fabric samples, we have to clone the repo, download the Docker containers, etc. Hyperledger Fabric has provided a script that will download all the required files for us. Determine a location on your machine where you want to place the fabric samples repository and enter that directory in a terminal window.
Run the following curl command
curl -sSL https://bit.ly/2ysbOFE | bash -s -- 2.2.13 1.5.6Once the downloading is complete, you will see the screen below.
Start the Network:
Now that we have downloaded the fabric samples, It’s time to check the installation and whether the network is working or not. we are using the most popular chaincode provided by the Hyperledger Fabric which is FabCar. It consists of two organizations, with one peer for each organization and one certificate authority for each organization. and one orderer. If you wish to change the organization names or channel names, head over to the test-network folder in the fabric samples and edit the configtx.yaml file. We will keep the default names here.
Head over to the directory where you downloaded the fabric samples.
Navigate to fabcar chaincode.
List down the files available.
Here, chaincode is written in different programming languages and two scripts, startFabric.sh and networkDown.sh. Read the content inside startFabric.sh by running the following command.
cat startFabric.sh
The startFabric.sh script initially looks for the language chaincode you want to run. If nothing is mentioned, it will take the default language as GO, then it will shut down if any network is running and later it will start the test network and deploy the chaincode.
Start the network by running the following command. Make sure that you are inside the fabcar directory.
./startFabric.sh javascriptYou will see the script will create two organizations, peers for each organization, certificate authorities, and the database for peers.
Later, the script will deploy the default chaincode provided by the fabric samples. In the next blog, we will be writing our own chain code.
Make sure your network is up and running by executing the following command.
docker psYou will see the screen below.
Stop the Network.
Make Sure to Stop the Network by running the following command.
./networkDown.shOutro
In this blog, we have discussed the technologies available for developing a credentialing service, with their merits and demerits. Also, we have done a high-level discussion on the service architecture with Hyperledger Fabric.
Although we have discussed certificate verification in this blog, we can leverage the immutability and decentralized property of blockchains and extend it to other similar applications. We also discussed on how to setup a test network on Hyperledger Fabric. The addition, updation, and deletion of data is done to the network with the help of a chaincode. We can develop chaincodes according to our requirements and business needs.
In the upcoming blog, we will explain chaincode, write chaincode for creating and querying certificates, and explain how to deploy it to our test network and invoke it.
