Tag Archives: Fabric

[Solved] Fabric_sdk_go:QueryBlockConfig failed: QueryBlockConfig failed: target(s) required

Fabric_sdk_go:[Solved]event service creation failed: could not get chConfig cache reference: QueryBlockConfig failed: QueryBlockConfig failed: target(s) required
Error Message:

Configuration file config_test: channel name is mychannel, in the demo it is orgchannel.
[Solution] Comment out orgchannel in config_test:

  # Mychannel overrides initialBackoff for discovery
  mychannel:
    policies:
      discovery:
        retryOpts:
          #[Required for override] number of retry attempts
          attempts: 4
          initialBackoff: 1s

  # multi-org test channel
  # orgchannel:  //remove

    # orderers:
    #  - orderer.example.com

    peers:
      peer0.org1.example.com:
        endorsingPeer: true
        chaincodeQuery: true
        ledgerQuery: true
        eventSource: true

      peer0.org2.example.com:
        endorsingPeer: true
        chaincodeQuery: true
        ledgerQuery: true
        eventSource: true

Problem-solving:

[Solved] Fabric 2.x: error starting container: API error (404): network_test not found

Run fabric samples/test network example with fabric 2.2, and the network error is as follows:

Error: endorsement failure during invoke. 
response: status:500 message:"error in simulation: failed to execute transaction 18cf3086eb32e877a497fe3cb33a4d0d0dc892f221528bf0788a07d4ffb6bdcf: could not launch 
chaincode fabcar_1:762e0fe3dbeee0f7b08fb6200adeb4a3a20f649a00f168c0b3c2257e53b6e506: error starting container: error starting container:
API error (404): network _test not found" 

The possible reason is that the update of docker compose Version (+ after v1.28) causes problems in reading .Env files.

As shown in the figure below, network.Sh script will call docker compose to start the container. Originally, docker compose should read the .Env environment variable according to the compose in it_PROJECT_Name = net generates a net_Test , but reading .Env failed, which is equivalent to not reading the value of net , so the in the error message is generated_test not found

Solution:
first ./network.sh down drop the network down . Manually modify the network.Sh file, add -- env file./.Env at the command of docker compose , and explicitly specify to read the environment variable configuration file, as shown in the following figure


restart the network for experiment

Fabric appears when trying to use application call: Unknown: access denied: Channel [mychannel] creator org [org1msp]

What happened

An unknown: access denied: Channel [mychannel] creator org [org1msp] error occurred when running the go application of “asset transfer” according to the official document of fabric.

resolvent

Open the go application and you can see that there are two folders, keystore and wallet, as shown in the following figure. The problem can be solved by deleting these two folders and running the application again

Cause of the problem

You may have run the application once before, and then these two folders will be generated. Then execute the command./network. Sh down and rebuild the network. This leads to errors
the specific reason is not clear, please ask the boss to answer.

TLS error: error: RPC error: code = unavailable desc = transport is closing

If you want to turn on TLS, you just need to set the TLS attribute of orderer, peer, CLI and Ca to true, and configure the file address such as certificate and key. These are the following attributes:

CORE_ PEER_ TLS_ ENABLED=trueCORE_ PEER_ TLS_ CERT_ FILE=xxx/tls/ server.crtCORE_ PEER_ TLS_ KEY_ FILE=xxx/tls/ server.keyCORE_ PEER_ TLS_ ROOTCERT_ FILE=xxx/tls/ ca.crt
After that, start the container to enter the CLI. It should be noted that after the TLS mode is turned on, the command to create a channel is different from that when the TLS mode is not turned on. When the TLS mode is not turned on, the command to create a channel is as follows:

peer channel create -o orderer.scf.com:7050 -c mychannel -t 50 -f ./channel-artifacts/ mychannel.tx
After opening TLS, the TLS parameter and the certificate file address of the sorting service should be added when creating the channel

peer channel create -o orderer.scf.com:7050 -c mychannel -t 50 –tls –cafile /opt/gopath/src/ github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/scf .com/orderers/ orderer.scf.com/msp/tlscacerts/tlsca . scf.com – cert.pem -f ./channel-artifacts/ mychannel.tx
If you still use the command when TLS is not turned on to create a channel, the following error will be reported in the CLI:

2019-04-11 17:31:48.661 UTC [grpc] Printf -> DEBU 010 transport: http2 Client.notifyError got notified that the client transport was broken unexpected EOF.
2019-04-11 17:31:48.667 UTC [grpc] Printf -> DEBU 011 transport: http2 Client.notifyError got notified that the client transport was broken unexpected EOF.
2019-04-11 17:31:48.668 UTC [grpc] Printf -> DEBU 012 transport: http2 Client.notifyError got notified that the client transport was broken read tcp 172.18.0.10:59602-> 172.18.0.2:7050: read: connection reset by peer

orderer.scf.com | 2019-04-11 17:31:48.654 UTC [grpc] Printf -> DEBU 3da grpc: Server.Serve failed to complete security handshake from “172.18.0.10:59598”: tls: first record does not look like a TLS handshake
Next, the commands for peer to add channel, install chain code and query are the same as when TLS is not turned on. However, when instantiating chain code and calling invoke, you need to add parameters such as TLS in the command as when creating channel, otherwise the above error will be reported.

In other words, if TLS mode is enabled, as long as communication with orderer is involved, two parameters – TLS and – cafile need to be added to the command line parameters. Cafile parameter corresponds to the corresponding file of orderer module.

Example of public key signature and verification generated with fabric case

public and private keys generated by Fabric case

The

Fabric case generates public and private key pairs for nodes such as Peer, User, Admin, etc. Public and private keys are shown in the figure below.


example of signing and validating with public and private key pairs

Example code for signing and validating a message with the above public and private key pairs is shown below.

package main

import (
	"crypto/ecdsa"
	"crypto/rand"
	"crypto/sha256"
	"crypto/x509"
	"encoding/pem"
	"fmt"
	"io/ioutil"
)

func main() {
	msg := "hello, world"
	hash := sha256.Sum256([]byte(msg))
	msg2 := "Hello, world"
	hash2 := sha256.Sum256([]byte(msg2))

	privBytes, _ := ioutil.ReadFile("./priv_sk")
	blkPriv, _ := pem.Decode(privBytes)
	fmt.Println("priv_sk  type:", blkPriv.Type)
	key, _ := x509.ParsePKCS8PrivateKey(blkPriv.Bytes)
	ecdsaKey := key.(*ecdsa.PrivateKey)
	r, s, _ := ecdsa.Sign(rand.Reader, ecdsaKey, hash[:])

	certBytes, _ := ioutil.ReadFile("./cert.pem")
	blkCert, _ := pem.Decode(certBytes)
	fmt.Println("cert.pem type:", blkCert.Type)
	cert, _ := x509.ParseCertificate(blkCert.Bytes)
	pubkey := cert.PublicKey.(*ecdsa.PublicKey)
	ok := ecdsa.Verify(pubkey, hash[:], r, s)
	fmt.Println("verify hash(shoule be true):", ok)

	ok = ecdsa.Verify(pubkey, hash2[:], r, s)
	fmt.Println("verify hash2(shoule be false):", ok)
}

compiles and runs as shown below.