A deeper look at Hyperledger-Fabric version 1.0.0-alpha2

Rumor has it that the Beta release of Fabric will be released soon. Hence, it is important to note that everything discussed here might change in the final product. Nevertheless, it is good to examine the product at early stage and check the priorities and the motives behind the product as it matures.

I got a chance to dig deeper into fabric. This time just out of curiosity I decided to dissect the cryptographic elements of Fabric specifically the implementation of the Elliptic Curve. Basic level math is required to understand this article. I will keep it very simple. If you decide to skip through few paragraphs you might still be OK.

let’s consider a linear equation where y = ax + b. This is called linear because if you plot such an equation you get a straight line.
y = ax + b is a template. You need to plug in the values for “a” and “b” in order to plot the equation e.g. y = 7x + 2
In this scenario we gave the value a = 7 and b = 2.
We can set some additional artificial rules to this equations by lets say limiting the value of x to a number P where -P < x < P. Every time the absolute value of x is greater than or equal to P we divide it by P and assign the remainder of the division back to x. Since the remainder is being assigned back that means that the absolute value of x could never be greater or equal to P. We do this to confine the value of x.

An elliptic curve on the other hand has the form of

This equation does not plot a straight line, it plots a curve which has interesting characteristics. This curve is symmetrical to the x-axis. This allows for projecting the point x at any value against the x axis and insuring that it will end up landing on the curve on the other side. What is more interesting, is that this projection translates to addition.

Like the linear equation you need to plug in values for “a” and “b” to be able to plot a curve

Cryptographers, not only assign values to a and b, they set some artificial rules to the equations like the number P we talked about above in the linear equations. In the case of the Elliptic Curve to be used for cryptography we need to set the following numbers.

a, b, P, n, and G(x,y) as a starting point.

The assignment of these numbers in cryptography is called secp256k1

We are done with the math here. This article is about the institutions behind these numbers and their relations to the implementations of several blockchain technologies.

In the US these numbers are assigned by NIST (National Institute of Standards and Technology).

If you have been following the news about cryptography you must have heard about the RSA dilemma with the NIST numbers which opened a backdoor to the NSA.

A subsidy of Blackberry in Canada called Certicom assign different numbers to the equation. Now anyone who used Blackberry before knows about the tight security of the device.

Fabric is written in Go Lang which is designed by Google engineers. There is a native implementation of the elliptic curve and the secp256K1 numbers it uses are supplied by NIST.

The implementation of Satochi’s BitCoin uses Certicom numbers. Although Ethereum is written in Go Language they’ve gone through the pain to wrap around BitCoin libraries and use Certicom numbers as well.

When Vitalik Buterin got asked about it, his answer was to keep backward compatibility with bitcoin.

Fabric on the other hand just uses Google implementation of secp256K1. As far as we know the secp256k1 assignment at NIST is clean. The information above is just something I believe every Fabric implementer should know since cryptography is a big part of this technology. You can follow the Ethereum route and plug in BitCoins implementation, however you will loose compatibility with other nodes on the network but you will gain compatibility with BitCoin and Ethereum. If you own all the nodes within your organization and your Fabric implementation is private, then you should be fine.

 

Advertisements