问题
I have a requirement that, any number of customers can log into one company site and they will upload some documents for identity proofs, And the company can verify the documents by opening and accepts if documents are fine otherwise reject of documents are fake. When the user login again into the site, he has to see whether the uploaded docs are approved/rejected by company.
How do we achieve this requirement in hyperledger fabric 1.0 and How the user details are restricted from other users even though we are using distributed ledger?
Can anyone suggest me the solutions for this?
回答1:
I guess one approach would be that the company has a chaincode that has access to (either hardcoded or by some other means) a public key that its corresponding private key is unavailable to the channel in which the users are using.
The user submits in a transaction:
Its document
An AES key - generated by the user and passed via the transient map.
The chaincode, then:
Encrypts the document with the AES key
Stores the encrypted (with AES) document in the chaincode
Stores the encrypted AES key (with the company's public key)
Now, the company has the private key - so it can decrypt the public key of each user and then decrypt the document.
That's a high level solution. If you have questions on the details feel free to add a question in a comment, or ping me in chat.hyperledger.org (name is same as username here)
来源:https://stackoverflow.com/questions/46339422/user-level-restriction-in-hyperledger-fabric-1-0