/private-data-collections-on-fabric

Follow a pill through the medical supply chain using private data collections for data privacy between organizations

Primary LanguageGoApache License 2.0Apache-2.0

Private Data Collections on Hyperledger Fabric

In the Medical Supply Chain, there are multiple entities such as the drug manufacturers, wholesellers, pharmacies and patients. These entities share data about the pill as it moves through the chain. However, there are cases where entities want to keep some data about the pill hidden from the other entities. Consider the instance where a manufacturer have negotiated different price rates with the wholesellers. They wouldn't want the different wholesellers to be able to see the various drug rates negotiated. Having all entities on the same channel of the blockchain would inherently make every transaction between any two entities, visible to every other entity. With the introduction of private data collections, certain data parts associated with a given transaction, can be kept private from other entities.

In this pattern, we showcase 1 manufacturer, 2 wholesalers, 1 pharmacy and 1 patient connected on the same channel on a blockchain ledger. The manufacturer generates a new drug pill, and sells it at different prices to the two wholesellers. Only the manufacturer and the patient have visibility to the two negotiated prices for this example.

This code pattern is for developers who want to learn how to use the private data collections feature introduced into Hyperledger Fabric. When you have completed it, you will understand how to:

  • Create multiple organizations with the IBM Blockchain Platform.
  • Create a VueJS web app that has multiple dashboards on a Single Page Application, which can communicate in realtime with each other.
  • Create a NodeJS server that is deployed to Kubernetes on IBM Cloud.
  • Use private data collections to enforce data privacy between organizations on the same channel.

Architecture flow

Architecture flow

  1. The blockchain operator creates a IBM Kubernetes Service cluster and an IBM Blockchain Platform 2.0 service.
  2. The IBM Blockchain Platform 2.0 creates a Hyperledger Fabric network on an IBM Kubernetes Service, and the operator installs and instantiates the smart contract on the network.
  3. The Node.js application server uses the Fabric SDK to interact with the deployed network on IBM Blockchain Platform 2.0.
  4. The React UI uses the Node.js application API to interact and submit transactions to the network.
  5. The user interacts with the supply chain application web interface to update and query the blockchain ledger and state.

Included components

  • IBM Blockchain Platform gives you total control of your blockchain network with a user interface that can simplify and accelerate your journey to deploy and manage blockchain components on the IBM Cloud Kubernetes Service.
  • IBM Cloud Kubernetes Service creates a cluster of compute hosts and deploys highly available containers. A Kubernetes cluster lets you securely manage the resources that you need to quickly deploy, update, and scale applications.

Featured technologies

  • Nodejs is an open-source, cross-platform JavaScript run-time environment that executes JavaScript code server-side.
  • Vuejs is a progressive framework for building user interfaces.
  • Bootstrap is a free and open-source front-end Web framework. It contains HTML and CSS-based design templates for typography, forms, buttons, navigation and other interface components, as well as optional JavaScript extensions.
  • Docker is a computer program that performs operating-system-level virtualization, also known as Containerization.

Prerequisites

Steps (Cloud Network)

  1. Create IBM Cloud services
  2. Build a network - Certificate Authority
  3. Build a network - Create MSP Definitions
  4. Build a network - Create Peers
  5. Build a network - Create Orderer
  6. Build a network - Create and Join Channel
  7. Deploy Smart Contract on the network
  8. Connect application to the network
  9. Enroll App Admin Identities
  10. Run the application

Important Note: This pattern is more advanced because it uses four organizations. For this reason, you will likely have to get a paid kubernetes cluster to run this pattern on the cloud, since a free cluster will not have the CPU/storage necessary to deploy all of the pods that we need to run this pattern. There are other patterns that leverage a free Kubernetes cluster (and only two organizations), so if you want to try that one out first, go here.

Step 1. Create IBM Cloud services

  • Create the IBM Cloud Kubernetes Service. You can find the service in the Catalog.

  • Once you reach the create a new cluster page you will need to do the following:

    • Choose standard cluster type
    • Fill out cluster name
    • choose Geography: North America
    • Choose Location and availability: Multizone
    • Choose Metro: Dallas
    • Choose Worker nodes: Dallas 10 only
    • Choose Master service endpoint: Both private & public endpoints
    • Choose Default worker pool
    • Choose Master service endpoint: Both private & public endpoints
    • Choose Flavor
    • Choose Encrypt local disk Yes
    • Choose Worker nodes 3
    • Click on create cluster. The cluster takes around 15-20 minutes to provision, so please be patient!

  • After your kubernetes cluster is up and running, you can deploy your IBM Blockchain Platform V2 Beta on the cluster. The service walks through few steps and finds your cluster on the IBM Cloud to deploy the service on.

  • Once the Blockchain Platform is deployed on the Kubernetes cluster, you can launch the console to start operating on your blockchain network.

Step 2. Build a network - Certificate Authority

We will build a network as provided by the IBM Blockchain Platform documentation. This will include creating a channel with a single peer organization with its own MSP and CA (Certificate Authority), and an orderer organization with its own MSP and CA. We will create the respective identities to deploy peers and operate nodes.

  • Create your manufacturer organization CA

    • Click Add Certificate Authority.
    • Click IBM Cloud under Create Certificate Authority and Next.
    • Give it a Display name of Manufacturer CA.
    • Specify an Admin ID of admin and Admin Secret of adminpw.

  • Create your wholesaler1 organization CA

    • Click Add Certificate Authority.
    • Click IBM Cloud under Create Certificate Authority and Next.
    • Give it a Display name of W1 CA.
    • Specify an Admin ID of admin and Admin Secret of adminpw.

  • Create your wholesaler2 organization CA

    • Click Add Certificate Authority.
    • Click IBM Cloud under Create Certificate Authority and Next.
    • Give it a Display name of W2 CA.
    • Specify an Admin ID of admin and Admin Secret of adminpw.

  • Create your pharmacy organization CA (process is same as shown in gif above)

    • Click Add Certificate Authority.
    • Click IBM Cloud under Create Certificate Authority and Next.
    • Give it a Display name of Pharmacy CA.
    • Specify an Admin ID of admin and Admin Secret of adminpw.

  • Create your patient organization CA (process is same as shown in gif above)

    • Click Add Certificate Authority.
    • Click IBM Cloud under Create Certificate Authority and Next.
    • Give it a Display name of Patient CA.
    • Specify an Admin ID of admin and Admin Secret of adminpw.

  • Use your CA to register manufacturer identities

    • Select the Manufacturer CA Certificate Authority that we created.
    • First, we will register an admin for our Organization. Click on the Register User button. Give an Enroll ID of manufacturerAdmin, and Enroll Secret of manufacturerAdminpw. Click Next. Set the Type for this identity as client and select org1 from the affiliated organizations drop-down list. We will leave the Maximum enrollments and Add Attributes fields blank.
    • We will repeat the process to create an identity of the peer. Click on the Register User button. Give an Enroll ID of manufacturerPeer, and Enroll Secret of manufacturerPeerpw. Click Next. Set the Type for this identity as peer and select org1 from the affiliated organizations drop-down list. We will leave the Maximum enrollments and Add Attributes fields blank.

  • Use your CA to register w1 identities

    • Select the W1 CA Certificate Authority that we created.
    • First, we will register an admin for our W1 Organization. Click on the Register User button. Give an Enroll ID of w1Admin, and Enroll Secret of w1Adminpw. Click Next. Set the Type for this identity as client and select org1 from the affiliated organizations drop-down list. We will leave the Maximum enrollments and Add Attributes fields blank.
    • We will repeat the process to create an identity of the peer. Click on the Register User button. Give an Enroll ID of w1Peer, and Enroll Secret of w1Peerpw. Click Next. Set the Type for this identity as peer and select org1 from the affiliated organizations drop-down list. We will leave the Maximum enrollments and Add Attributes fields blank.

  • Use your CA to register w2 identities

    • Select the W2 CA Certificate Authority that we created.
    • First, we will register an admin for our W2 Organization. Click on the Register User button. Give an Enroll ID of w2Admin, and Enroll Secret of w2Adminpw. Click Next. Set the Type for this identity as client and select org1 from the affiliated organizations drop-down list. We will leave the Maximum enrollments and Add Attributes fields blank.
    • We will repeat the process to create an identity of the peer. Click on the Register User button. Give an Enroll ID of w2Peer, and Enroll Secret of w2Peerpw. Click Next. Set the Type for this identity as peer and select org1 from the affiliated organizations drop-down list. We will leave the Maximum enrollments and Add Attributes fields blank.

  • Use your CA to register pharmacy identities (process is same as shown in gif above)

    • Select the Pharmacy CA Certificate Authority that we created.
    • First, we will register an admin for our Pharmacy Organization. Click on the Register User button. Give an Enroll ID of pharmacyAdmin, and Enroll Secret of pharmacyAdminpw. Click Next. Set the Type for this identity as client and select org1 from the affiliated organizations drop-down list. We will leave the Maximum enrollments and Add Attributes fields blank.
    • We will repeat the process to create an identity of the peer. Click on the Register User button. Give an Enroll ID of pharmacyPeer, and Enroll Secret of pharmacyPeerpw. Click Next. Set the Type for this identity as peer and select org1 from the affiliated organizations drop-down list. We will leave the Maximum enrollments and Add Attributes fields blank.

  • Use your CA to register patient identities (process is same as shown in gif above)

    • Select the Patient CA Certificate Authority that we created.
    • First, we will register an admin for our Patient Organization. Click on the Register User button. Give an Enroll ID of patientAdmin, and Enroll Secret of patientAdminpw. Click Next. Set the Type for this identity as client and select org1 from the affiliated organizations drop-down list. We will leave the Maximum enrollments and Add Attributes fields blank.
    • We will repeat the process to create an identity of the peer. Click on the Register User button. Give an Enroll ID of patientPeer, and Enroll Secret of patientPeerpw. Click Next. Set the Type for this identity as peer and select org1 from the affiliated organizations drop-down list. We will leave the Maximum enrollments and Add Attributes fields blank.

Step 3. Build a network - Create MSP Definitions

  • Create the manufacturer MSP definition

    • Navigate to the Organizations tab in the left navigation and click Create MSP definition.
    • Enter the MSP Display name as Manufacturer MSP and an MSP ID of manufacturermsp.
    • Under Root Certificate Authority details, specify the peer CA that we created Manufacturer CA as the root CA for the organization.
    • Give the Enroll ID and Enroll secret for your organization admin, manufacturerAdmin and manufacturerAdminpw. Then, give the Identity name, Manufacturer Admin.
    • Click the Generate button to enroll this identity as the admin of your organization and export the identity to the wallet. Click Export to export the admin certificates to your file system. Finally click Create MSP definition.

  • Create the shop MSP definition (same process as shown in gif above)

    • Navigate to the Organizations tab in the left navigation and click Create MSP definition.
    • Enter the MSP Display name as Shop MSP and an MSP ID of shopmsp.
    • Under Root Certificate Authority details, specify the peer CA that we created Shop CA as the root CA for the organization.
    • Give the Enroll ID and Enroll secret for your organization admin, shopAdmin and shopAdminpw. Then, give the Identity name, Shop Admin.
    • Click the Generate button to enroll this identity as the admin of your organization and export the identity to the wallet. Click Export to export the admin certificates to your file system. Finally click Create MSP definition.

  • Create the repair shop MSP definition (same process as shown in gif above)

    • Navigate to the Organizations tab in the left navigation and click Create MSP definition.
    • Enter the MSP Display name as Repair Shop MSP and an MSP ID of repairshopmsp.
    • Under Root Certificate Authority details, specify the peer CA that we created Repair Shop CA as the root CA for the organization.
    • Give the Enroll ID and Enroll secret for your organization admin, repairShopAdmin and repairShopAdminpw. Then, give the Identity name, Repair Shop Admin.
    • Click the Generate button to enroll this identity as the admin of your organization and export the identity to the wallet. Click Export to export the admin certificates to your file system. Finally click Create MSP definition.

  • Create the police MSP definition (same process as shown in gif above)

    • Navigate to the Organizations tab in the left navigation and click Create MSP definition.
    • Enter the MSP Display name as Police MSP and an MSP ID of policemsp.
    • Under Root Certificate Authority details, specify the peer CA that we created Police CA as the root CA for the organization.
    • Give the Enroll ID and Enroll secret for your organization admin, policeAdmin and policeAdminpw. Then, give the Identity name, Police Admin.
    • Click the Generate button to enroll this identity as the admin of your organization and export the identity to the wallet. Click Export to export the admin certificates to your file system. Finally click Create MSP definition.

Step 4. Build a network - Create Peers

  • Create an manufacturer peer

    • On the Nodes page, click Add peer.
    • Click IBM Cloud under Create a new peer and Next.
    • Give your peer a Display name of Manufacturer Peer.
    • On the next screen, select Manufacturer CA as your Certificate Authority. Then, give the Enroll ID and Enroll secret for the peer identity that you created for your peer, manufacturerPeer, and manufacturerPeerpw. Then, select the Administrator Certificate (from MSP), Manufacturer MSP, from the drop-down list and click Next.
    • Give the TLS Enroll ID, admin, and TLS Enroll secret, adminpw, the same values are the Enroll ID and Enroll secret that you gave when creating the CA. Leave the TLS CSR hostname blank.
    • The last side panel will ask you to Associate an identity and make it the admin of your peer. Select your peer admin identity Manufacturer Admin.
    • Review the summary and click Submit.

  • Create a shop peer (same process as shown in gif above)

    • On the Nodes page, click Add peer.
    • Click IBM Cloud under Create a new peer and Next.
    • Give your peer a Display name of Shop Peer.
    • On the next screen, select Shop CA as your Certificate Authority. Then, give the Enroll ID and Enroll secret for the peer identity that you created for your peer, shopPeer, and shopPeerpw. Then, select the Administrator Certificate (from MSP), Shop MSP, from the drop-down list and click Next.
    • Give the TLS Enroll ID, admin, and TLS Enroll secret, adminpw, the same values are the Enroll ID and Enroll secret that you gave when creating the CA. Leave the TLS CSR hostname blank.
    • The last side panel will ask you to Associate an identity and make it the admin of your peer. Select your peer admin identity Shop Admin.
    • Review the summary and click Submit.

  • Create a repair shop peer (same process as shown in gif above)

    • On the Nodes page, click Add peer.
    • Click IBM Cloud under Create a new peer and Next.
    • Give your peer a Display name of Repair Shop Peer.
    • On the next screen, select Repair Shop CA as your Certificate Authority. Then, give the Enroll ID and Enroll secret for the peer identity that you created for your peer, repairShopPeer, and repairShopPeerpw. Then, select the Administrator Certificate (from MSP), Repair Shop MSP, from the drop-down list and click Next.
    • Give the TLS Enroll ID, admin, and TLS Enroll secret, adminpw, the same values are the Enroll ID and Enroll secret that you gave when creating the CA. Leave the TLS CSR hostname blank.
    • The last side panel will ask you to Associate an identity and make it the admin of your peer. Select your peer admin identity Repair Shop Admin.
    • Review the summary and click Submit.

  • Create a police peer (same process as shown in gif above)

    • On the Nodes page, click Add peer.
    • Click IBM Cloud under Create a new peer and Next.
    • Give your peer a Display name of Police Peer.
    • On the next screen, select Police CA as your Certificate Authority. Then, give the Enroll ID and Enroll secret for the peer identity that you created for your peer, policePeer, and policePeerpw. Then, select the Administrator Certificate (from MSP), Police MSP, from the drop-down list and click Next.
    • Give the TLS Enroll ID, admin, and TLS Enroll secret, adminpw, the same values are the Enroll ID and Enroll secret that you gave when creating the CA. Leave the TLS CSR hostname blank.
    • The last side panel will ask you to Associate an identity and make it the admin of your peer. Select your peer admin identity Police Admin.
    • Review the summary and click Submit.

Step 5. Build a network - Create Orderer

  • Create your orderer organization CA

    • Click Add Certificate Authority.
    • Click IBM Cloud under Create Certificate Authority and Next.
    • Give it a unique Display name of Orderer CA.
    • Specify an Admin ID of admin and Admin Secret of adminpw.

  • Use your CA to register orderer and orderer admin identities (shown in gif above)

    • In the Nodes tab, select the Orderer CA Certificate Authority that we created.
    • First, we will register an admin for our organization. Click on the Register User button. Give an Enroll ID of ordereradmin, and Enroll Secret of ordereradminpw. Click Next. Set the Type for this identity as client and select org1 from the affiliated organizations drop-down list. We will leave the Maximum enrollments and Add Attributes fields blank.
    • We will repeat the process to create an identity of the orderer. Click on the Register User button. Give an Enroll ID of orderer1, and Enroll Secret of orderer1pw. Click Next. Set the Type for this identity as peer and select org1 from the affiliated organizations drop-down list. We will leave the Maximum enrollments and Add Attributes fields blank.

  • Create the orderer organization MSP definition

    • Navigate to the Organizations tab in the left navigation and click Create MSP definition.
    • Enter the MSP Display name as Orderer MSP and an MSP ID of orderermsp.
    • Under Root Certificate Authority details, specify the peer CA that we created Orderer CA as the root CA for the organization.
    • Give the Enroll ID and Enroll secret for your organization admin, ordereradmin and ordereradminpw. Then, give the Identity name, Orderer Admin.
    • Click the Generate button to enroll this identity as the admin of your organization and export the identity to the wallet. Click Export to export the admin certificates to your file system. Finally click Create MSP definition.

  • Create an orderer

    • On the Nodes page, click Add orderer.
    • Click IBM Cloud and proceed with Next.
    • Give your peer a Display name of Orderer.
    • On the next screen, select Orderer CA as your Certificate Authority. Then, give the Enroll ID and Enroll secret for the peer identity that you created for your orderer, orderer1, and orderer1pw. Then, select the Administrator Certificate (from MSP), Orderer MSP, from the drop-down list and click Next.
    • Give the TLS Enroll ID, admin, and TLS Enroll secret, adminpw, the same values are the Enroll ID and Enroll secret that you gave when creating the CA. Leave the TLS CSR hostname blank.
    • The last side panel will ask to Associate an identity and make it the admin of your peer. Select your peer admin identity Orderer Admin.
    • Review the summary and click Submit.

  • Add organizations as Consortium Member on the orderer to transact

    • Navigate to the Nodes tab, and click on the Orderer that we created.
    • Under Consortium Members, click Add organization.
    • From the drop-down list, select Manufacturer MSP.
    • Click Submit.
    • Repeat the same steps, but add W1 MSP, W2 MSP, Pharmacy MSP and Patient MSP as well.

Step 6. Build a network - Create and Join Channel

  • Create the channel

    • Navigate to the Channels tab in the left navigation.
    • Click Create channel.
    • Give the channel a name, mychannel.
    • Select the orderer you created, Orderer from the orderers drop-down list.
    • Select the MSP identifying the organization of the channel creator from the drop-down list. This should be Manufacturer MSP (manufacturermsp).
    • Associate available identity as Manufacturer Admin.
    • Click Add next to the manufacturer organization. Make the organization an Operator.
    • Click Add next to the w1 organization. Make the organization an Operator.
    • Click Add next to the w2 organization. Make the organization an Operator.
    • Click Add next to the pharmacy organization. Make the organization an Operator.
    • Click Add next to the patient organization. Make the organization an Operator.
    • Click Create.

  • Join your peer to the channel

    • Click Join channel to launch the side panels.
    • Select your Orderer and click Next.
    • Enter the name of the channel you just created. mychannel and click Next.
    • Select which peers you want to join the channel, click all peers.
    • Click Submit.

  • Add anchor peers to the channel

    • In order to communicate between organizations, we need to enroll anchor peers.
    • From the channels tab, click on the channel you have created, mychannel.
    • From the channel overview page, click on channel details. Scroll all the way down until you see Anchor peers.
    • Click Add anchor peer and add the Insurance, Police, Repair Shop, and Shop peers.
    • Select which peers you want to join the channel.
    • Click Add anchor peer.
    • If all went well, your channel Anchor peers should look like below:

Step 7. Deploy Smart Contract on the network

  • Install a smart contract

  • Clone the repository:

    git clone https://github.com/IBM/build-blockchain-insurance-app
    • Click the Smart contracts tab to install the smart contract.
    • Click Install smart contract to upload the insurance smart contract package file.
    • Click on Add file and find your packaged smart contract. It is the file in the build-blockchain-insurance-app/chaincodePackage directory.
    • Select all peers - we need to install the contract on each peer.
    • Once the contract is uploaded, click Install.

  • Instantiate smart contract

    • On the smart contracts tab, find the smart contract from the list installed on your peers and click Instantiate from the overflow menu on the right side of the row.
    • On the side panel that opens, select the channel, mychannel to instantiate the smart contract on. Click Next.
    • Select the organization members to be included in the policy, insurancemsp, shopmsp, repairshopmsp, policemsp. Click Next.
    • Give Function name of Init and leave Arguments blank.
    • Click Instantiate.

Step 8. Connect application to the network

  • Connect with sdk through connection profile

    • Under the Instantiated Smart Contract, click on Connect with SDK from the overflow menu on the right side of the row.
    • Choose from the dropdown for MSP for connection, insurancemsp.
    • Choose from Certificate Authority dropdown, Insurance CA.
    • Download the connection profile by scrolling down and clicking Download Connection Profile. This will download the connection json which we will use soon to establish connection.
    • You can click Close once the download completes.

  • Create insurance application admin

    • Go to the Nodes tab on the left bar, and under Certificate Authorities, choose your Insurance CA.
    • Click on Register user.
    • Give an Enroll ID and Enroll Secret to administer your application users, insuranceApp-admin and insuranceApp-adminpw.
    • Choose client as Type.
    • You can leave the Use root affiliation box checked.
    • You can leave the Maximum enrollments blank.
    • Under Attributes, click on Add attribute. Give attribute as hf.Registrar.Roles = *. This will allow this identity to act as registrar and issues identities for our app. Click Add-attribute.
    • Click Register.

  • Create shop application admin (same process as shown above in the gif)

    • Go to the Nodes tab on the left bar, and under Certificate Authorities, choose your Shop CA.
    • Click on Register user.
    • Give an Enroll ID and Enroll Secret to administer your application users, shopApp-admin and shopApp-adminpw.
    • Choose client as Type.
    • You can leave the Use root affiliation box checked.
    • You can leave the Maximum enrollments blank.
    • Under Attributes, click on Add attribute. Give attribute as hf.Registrar.Roles = *. This will allow this identity to act as registrar and issues identities for our app. Click Add-attribute.
    • Click Register.

  • Create repair shop application admin (same process as shown above in the gif)

    • Go to the Nodes tab on the left bar, and under Certificate Authorities, choose your Repair Shop CA.
    • Click on Register user.
    • Give an Enroll ID and Enroll Secret to administer your application users, repairShopApp-admin and repairShopApp-adminpw.
    • Choose client as Type.
    • You can leave the Use root affiliation box checked.
    • You can leave the Maximum enrollments blank.
    • Under Attributes, click on Add attribute. Give attribute as hf.Registrar.Roles = *. This will allow this identity to act as registrar and issues identities for our app. Click Add-attribute.
    • Click Register.

  • Create police application admin (same process as shown above in the gif)

    • Go to the Nodes tab on the left bar, and under Certificate Authorities, choose your Police CA.
    • Click on Register user.
    • Give an Enroll ID and Enroll Secret to administer your application users, policeApp-admin and policeApp-adminpw.
    • Choose client as Type.
    • You can leave the Use root affiliation box checked.
    • You can leave the Maximum enrollments blank.
    • Under Attributes, click on Add attribute. Give attribute as hf.Registrar.Roles = *. This will allow this identity to act as registrar and issues identities for our app. Click Add-attribute.
    • Click Register.

Update application connection

  • Copy the connection profile you downloaded into the web/www/blockchain directory.
  • Copy and paste everything in the connection profile, and overwrite the ibpConnection.json.

Step 9. Enroll App Admin Identities

  • Enroll insurnaceApp-admin

    • First, navigate to the web/www/blockchain directory.

      cd web/www/blockchain/

    • Open the config.json file, and update the caName with the URL of the insurance certificate authority from your ibpConnection.json file. Save the file.

    • Run the enrollAdmin.js script

      node enrollAdmin.js

    • You should see the following in the terminal:

      msg: Successfully enrolled admin user insuranceApp-admin and imported it into the wallet

  • Enroll shopApp-admin

    • First, change the appAdmin, appAdminSecret, and caName properties in your config.json file, so that it looks something like this (your caName should be different than mine):

      {
    "connection_file": "ibpConnection.json",
    "appAdmin": "shopApp-admin",
    "appAdminSecret": "shopApp-adminpw",
    "orgMSPID": "shopmsp",
    "caName": "https://fa707c454921423c80ec3c3c38d7545c-caf2e287.horeainsurancetest.us-south.containers.appdomain.cloud:7054",
    "userName": "shopUser",
    "gatewayDiscovery": { "enabled": true, "asLocalhost": false }
}

    • To find the other CA urls, you will need to click on the Nodes tab in IBM Blockchain Platform, then on the Shop CA, and on the settings cog icon at the top of the page. That will take you to the certificate authority settings, as shown in the picture below, and you can copy that endpoint URL into your config.json caName field.

    • Run the enrollAdmin.js script

      node enrollAdmin.js

    • You should see the following in the terminal:

      msg: Successfully enrolled admin user shopApp-admin and imported it into the wallet

  • Enroll repairShopApp-admin (same process as shown in gif above)

    • First, change the appAdmin, appAdminSecret, and caName properties in your config.json file, so that it looks something like this (your caName should be different than mine):

      {
    "connection_file": "ibpConnection.json",
    "appAdmin": "repairShopApp-admin",
    "appAdminSecret": "repairShopApp-adminpw",
    "orgMSPID": "repairshopmsp",
    "caName": "https://fa707c454921423c80ec3c3c38d7545c-caf2e287.horeainsurancetest.us-south.containers.appdomain.cloud:7054",
    "userName": "repairUser",
    "gatewayDiscovery": { "enabled": true, "asLocalhost": false }
}

    • Run the enrollAdmin.js script

      node enrollAdmin.js

    • You should see the following in the terminal:

      msg: Successfully enrolled admin user repairShopApp-admin and imported it into the wallet

  • Enroll policeApp-admin (same process as shown in gif above)

    • First, change the appAdmin, appAdminSecret, and caName properties in your config.json file, so that it looks something like this (your caName should be different than mine):

      {
    "connection_file": "ibpConnection.json",
    "appAdmin": "policeApp-admin",
    "appAdminSecret": "policeApp-adminpw",
    "orgMSPID": "policemsp",
    "caName": "https://fa707c454921423c80ec3c3c38d7545c-caf2e287.horeainsurancetest.us-south.containers.appdomain.cloud:7054",
    "userName": "policeUser",
    "gatewayDiscovery": { "enabled": true, "asLocalhost": false }
}

    • Run the enrollAdmin.js script

      node enrollAdmin.js

    • You should see the following in the terminal:

      msg: Successfully enrolled admin user policeApp-admin and imported it into the wallet

Step 10. Run the application

Navigate to the directory blockchain directory which contains the config.js file:

cd build-blockchain-insurance-app/web/www/blockchain/

License

This code pattern is licensed under the Apache Software License, Version 2. Separate third-party code objects invoked within this code pattern are licensed by their respective providers pursuant to their own separate licenses. Contributions are subject to the Developer Certificate of Origin, Version 1.1 (DCO) and the Apache Software License, Version 2.

Apache Software License (ASL) FAQ