具有保密身份的观察者节点
我已经开始使用观察者节点(https://docs.corda.net/tutorial-observer-nodes.html)进行一些测试,我刚刚构建了以下简单的场景:
- 10.监管机构向A银行(CashIssueAndPaymentFlow)发出10.POUNDS
- A银行使用机密身份(CashPaymentFlow,anonymous=true)向B银行发送4.POUNDS
- 在子流中,银行A同步标识(IdentitySyncFlow)并向监管机构报告交易(SendTransactionFlow)
当我查询监管机构库时,它无法将B银行识别为4 4.POUNDS的所有者,也就是说,它不能使用wellKnownPartyFromAnonymous()解析身份:
6.00 GBP, owner=C=BR,L=Sao Paulo,O=BankA
4.00 GBP, owner=Anonymous(DLEg4Kqd7dwcGqkMrJEWoxugT61SoYKzxqpcMBKbMGXu3q)也许我漏掉了什么?
遵循以下代码: 对象TransferCashFlow { @InitiatingFlow @StartableByRPC类启动器( val数量:call,val otherParty: Party,val调节器: Party):FlowLogic() {@悬浮覆盖有趣调用():SignedTransaction {val tx = subFlow(CashPaymentFlow(amount,otherParty,true)).stx subFlow(ReportFlow.Initiator(调节器),)返回tx }}对象ReportFlow { @InitiatingFlow class启动器( val调节器: Party,val tx: SignedTransaction):FlowLogic() {@悬浮覆盖有趣调用(){val regulatorSession =initiateFlow(调节器)initiateFlow tx.tx) subFlow(SendTransactionFlow(regulatorSession ),}@InitiatedBy(启动器::class )类响应器(私有val otherPartySession: FlowSession):FlowLogic() {@悬浮覆盖有趣调用(){ subFlow(ReceiveTransactionFlow(otherPartySession,真,StatesToRecord.ALL_VISIBLE)}
回答 1
Stack Overflow用户
发布于 2017-12-14 10:43:30
按照设计,IdentitySyncFlow.Send将只通过发送属于发送节点的事务中的机密标识的证书发送。参见extractOurConfidentialIdentities()在IdentitySyncFlow中的定义
private fun extractOurConfidentialIdentities(): Map<AbstractParty, PartyAndCertificate?> {
val states: List<ContractState> = (tx.inputs.map { serviceHub.loadState(it) }.requireNoNulls().map { it.data } + tx.outputs.map { it.data })
val identities: Set<AbstractParty> = states.flatMap(ContractState::participants).toSet()
// Filter participants down to the set of those not in the network map (are not well known)
val confidentialIdentities = identities
.filter { serviceHub.networkMapCache.getNodesByLegalIdentityKey(it.owningKey).isEmpty() }
.toList()
return confidentialIdentities
.map { Pair(it, serviceHub.identityService.certificateFromKey(it.owningKey)) }
// Filter down to confidential identities of our well known identity
// TODO: Consider if this too restrictive - we perhaps should be checking the name on the signing certificate in the certificate path instead
.filter { it.second?.name == ourIdentity.name }
.toMap()
}倒数第二行确保节点不发送任何不是它自己的身份证书。这是为了防止节点欺骗对手发送一堆机密身份。
如果您想向发送所有的机密身份,则必须基于IdentitySyncFlow定义自己的流,后者不执行此筛选。
https://stackoverflow.com/questions/47794935
复制相似问题
腾讯云开发者
