Sdk Hyperledger结构背书策略检查器失败_Sdk_Hyperledger

Sdk Hyperledger结构背书策略检查器失败

sdk

Sdk Hyperledger结构背书策略检查器失败,sdk,hyperledger,Sdk,Hyperledger,根据对等角色和顺序，策略检查器中可能出现故障 Peer roles: org1peer1:member org1peer2:member org2peer1:admin org2peer2:member` 节点sdk e2eUtils.js中指定的背书策略 'endorsement-policy': { identities: [ { role: { name: 'member', mspId: ORGS['org1'].mspid }}, { role: { name: 'member',

根据对等角色和顺序，策略检查器中可能出现故障

Peer roles:
org1peer1:member
org1peer2:member
org2peer1:admin
org2peer2:member`

节点sdk e2eUtils.js中指定的背书策略

'endorsement-policy': {
identities: [
{ role: { name: 'member', mspId: ORGS['org1'].mspid }},
{ role: { name: 'member', mspId: ORGS['org2'].mspid }},
{ role: { name: 'admin', mspId: ORGS['org1'].mspid }},
{ role: { name: 'admin', mspId: ORGS['org2'].mspid }}
],
policy: {
'2-of': [
  { 'signed-by': 1},
  { 'signed-by': 3}
]
}
}

send endorsement responses with order (Org2Member,Org2Admin) -> SUCCESS
send endorsement responses with order (Org2Admin, Org2Member) -> ENDORSEMENT_POLICY_FAILURE
only send proposal to Org2Admin, and make another copy of response from Org2Admin, to make it (Org2Admin, Org2Admin) -> SUCCESS

使用e2eUtils.js中的节点sdk e2e func invokeChaincode调用事务

'endorsement-policy': {
identities: [
{ role: { name: 'member', mspId: ORGS['org1'].mspid }},
{ role: { name: 'member', mspId: ORGS['org2'].mspid }},
{ role: { name: 'admin', mspId: ORGS['org1'].mspid }},
{ role: { name: 'admin', mspId: ORGS['org2'].mspid }}
],
policy: {
'2-of': [
  { 'signed-by': 1},
  { 'signed-by': 3}
]
}
}

send endorsement responses with order (Org2Member,Org2Admin) -> SUCCESS
send endorsement responses with order (Org2Admin, Org2Member) -> ENDORSEMENT_POLICY_FAILURE
only send proposal to Org2Admin, and make another copy of response from Org2Admin, to make it (Org2Admin, Org2Admin) -> SUCCESS

问题在于订单或添加同行的重要性。我们希望添加对等点的顺序不会影响背书结果。

背书策略检查器当背书策略要求同一组织的“管理员”和“成员”负责人，某些有效背书可能无法通过保单检查

为了说明这一点，让我们使用以下示例：

您有两个签注：在org1（E1）中作为成员的签注者1和在org1（E2）中作为管理员的签注者2
您有背书策略：“和（org1.member，org1.admin）” 或者在node.js SDK使用的JSON格式中指定时：
{ “身份”：[ {“角色”：{“名称”：“成员”，“mspId”：“org1”}， {“角色”：{“名称”：“管理员”，“mspId”：“org1”}]， “2-of”：[ {“签名人”：0}， {“签字人”：1 ] }

策略检查器的当前行为取决于顺序背书政策中的两个MSP负责人。以下是目前的执行情况：

If the policy is similar to the code illustrated above, where the "member"
role is put ahead of the "admin" role of the same organization. AND the
policy requires both roles to be satisfied. Then the policy check will fail.

If the order of the endorsements inside the ProposalResponsePayload is
flipped. Meaning that E2 comes before E1, then the policy check will succeed.

However, if the "admin" role is put ahead of the "member" role, then the
policy check always succeeds regardless of the order of the endorsements."

解决问题

始终在策略中的成员标识之前指定管理员标识同一个组织，无论代言人的顺序如何，该组织始终有效

有关更多技术细节，请参阅