Hyperledger Fabric

Making fungible tokens and NFTs safer to use for enterprises

Share this post:

office collaborationBefore cryptocurrencies, blockchain technology was unknown to most people. It was blockchain’s unique ability to manage the ownership of (virtual) currency in a decentralized and reduced-risk manner that made all the difference. The introduction of permissioned blockchains made the same functionality even more appealing to the enterprise world in the context of decentralized business asset transfer.

Experts have established the term token to represent a business asset digitally where the asset’s ownership can be managed. Similarly, the term tokenization refers to the process through which a business asset is represented by a token digitally. In the meantime, the technology is widespread enough that some speak of a “token economy” in which asset transfer transactions are processed in a more efficient, transparent, and fair manner.

IBM Research has recently designed and implemented two blockchain components facilitating token exchange in enterprise context that have been recently open-sourced as Hyperledger Labs. These two new labs are called Fabric Smart Client and Fabric Token SDK. Fabric stands here for Hyperledger Fabric, the permissioned blockchain and open source project under The Linux Foundation’s Hyperledger.

Register now for this on-demand webinar and get the answers to your blockchain questions

Fabric Smart Client allows for off-chain exchanges between clients, application/client-side state management, and more flexible transaction creation. Fabric Smart Client also enables Fabric applications to integrate a greater variety of privacy enhancing technologies and/or reflect a variety of business processes as needed by the use case at hand.

Fabric Token SDK is a library — leveraging Fabric Smart Client — allowing for token exchange on top of Fabric with configurable enterprise privacy properties. More specifically, Fabric Token SDK can be configured to offer mechanisms where the privacy of token exchange participants and value is preserved and co-exists with auditability. At the same time, the Fabric Token SDK can offer asset exchange in the clear, for example, without privacy considerations.

Let’s take a closer look at each of the two projects.

What is missing in current popular token management systems

One of the weaknesses of current token exchange systems is the lack of privacy protection they feature beyond a very basic pseudonymization. In Bitcoin, for example, transactions are pseudonymous and reveal the Bitcoin value exchanged. That makes them linkable and traceable, presenting threats that are inadmissible in other settings such as enterprise networks, in a supply chain or in finance.

While some newer cryptocurrencies offer a higher degree of privacy, entirely concealing the actual asset exchanged and transaction participants, they retain the permissionless character of Bitcoin and others, which presents challenges on the regulatory compliance side. For enterprise blockchains, a permissioned setting is required, in which the identity of participants issuing and exchanging tokens is concealed, yet non-repudiatable, and transaction participants can be securely identified upon properly authorized requests.

A big conundrum in permissioned blockchains exists in accommodating the use of token payment systems while at the same time preserving the privacy of the parties involved and still allowing for auditing functionalities. Another challenge stems from the variability of privacy and security regulation associated with asset transfer, depending on the nature of the asset itself or the actual country in which the system is deployed. For this reason, modularity of any token system implementation becomes critical.

We are now thrilled to announce that we have developed a token management system with configurable privacy level, whose privacy variant achieves those conflicting goals. Fabric Token SDK employs a modular and privacy-preserving mechanism for asset exchange in the permissioned blockchain context, with support for fine-grained auditing.

A modular architecture suitable to a variety of privacy requirements

The system adopts the unspent transaction output model pioneered by Bitcoin and adds some tweaks of its own to support issuance, redemption, transfer, and atomic swap of assets.

draft token chart

At the heart of our Fabric Token SDK architecture sits the Token API, an API-based abstraction of token exchange operations. More specifically, these APIs assume access to a ledger and can facilitate the construction and validation of token issuance, transfer, redemption and swap requests. The Token API can be configured to interact with one or more drivers implementing these operations with different privacy, scalability, and performance properties.

In its first version, Fabric Token SDK comes with two driver implementations: one with no support for privacy, and one with privacy preservation. The privacy-preserving driver functionality conceals both the type of assets and/or respective values transferred and the sender-receiver relationship in a request. The resulting transaction never reveals information on the tokens being spent other than the fact that they are valid and unspent. To complete a transaction, a user must provide credentials that bind the tokens spent to the user’s identity rather than a pseudonym.

This authorization systems relies on anonymous transactor authentication already supported in Fabric under the name of identity mixer membership service provider. The system also allows for the configuration of a designated auditor that enjoys unlimited access to all asset-exchange transactions of the system. These properties are crucial for a token management system that ensures governance, user privacy protection and compliance with existing regulations.

The Token API is architecturally consumed by a set of Fabric-specific components allowing Fabric clients to optimally choose the tokens to be spent (token selectors), construct token exchange requests (Token Transaction Constructor), create a list of owned tokens (Token Cache), initiate Fabric smart contracts to validate them (Token Chaincode), and allow auditors to perform audit functions (Token Auditor).

Flexible off-chain client interactions using Fabric Smart Client

Flexibility in the way transactions are constructed has turned out to be an important requirement when offering a transaction processing system. This is true even when the scope is limited to a specific purpose like asset exchange. The need for flexibility stems from the variability of the legal frameworks and processes governing an asset’s transfer, issuance, or redemption, even within the same country. Privacy requirements can also radically vary across or within countries.

That calls for different privacy enhancement technologies to be leveraged in each case. For example, cases with complete absence of trusted parties require the use of advanced cryptographic primitives such as secure multi-party computation and multiple interactions across the entities in the system to compose the transaction. On the other hand, use cases where one can rely on trusted hardware or trusted parties, would exhibit fewer and different types of interactions.

Fabric Smart Client comes to bring Fabric closer to such a flexible transaction composition setup. More specifically, it allows for easy communication channel setup between Fabric clients in the context of a specific application through a component called Application View SDK. The same component allows for easy programmability of the exact actions a client performs upon the reception of another client’s message in the context of an application, as well as management of the client-relevant application state.

Fabric Smart Client integrates legacy Fabric Client SDK extending the functionality of the latter regarding Fabric smart contract invocation and transaction submission.

Fabric Token SDK leverages Fabric Smart Client for constructing atomic (multi-party) swaps requests of tokens.

For more information register now for our on-demand webinar, and be sure to reach out and connect to us for any other questions you may have.

blockchain servicesTurning strategy into business outcomes

IBM Blockchain Services can help bring your ideas to life.  Explore the use of blockchain and digital assets in your business.

Connect with the blockchain experts

Distinguished Research Staff Member and Research Manager - IBM Research

Dr. Angelo De Caro

Security, Cryptography, and Blockchain - IBM Research

Dr. Kaoutar El Khiyaoui

Research Staff Member - IBM Research

More Hyperledger Fabric stories

Take digital assets into the enterprise with blockchain

Digital assets have been ubiquitous in the news these days: cryptocurrencies, stablecoins or non-fungible tokens (NFTs), to name a few. Their applications are even more varied, from representing financial instruments to safeguarding authenticity and ownership of digital IP or physical assets. Enterprises that engage in digital assets have significant opportunity to deliver meaningful value to […]

Continue reading

Navigating the broader digital asset and cryptocurrency markets

The cryptocurrency and broader digital assets evolution has continued to grow in earnest, showing promising signs of maturity through 2021 as industry-wide regulatory bills have reached the Senate floor in Washington D.C. while prices have appreciated to new all-time highs. Although price appreciation tends to lure attention, price has become an increasingly less significant metric […]

Continue reading

Fueling the financial industry with open source cross-border payments

Financial services, payments, streamlining inefficient processes is in our blood. So, it’s no surprise my colleague and contributor to this article, Nitin Gaur and his team, tackled the unthinkable four years ago by building a global payment network addressing remittance and interbank payments. As if that wasn’t challenge enough, the team also designed it for […]

Continue reading