增加对区块链和分类帐数据库的访问

||Comments (

Last year, I spent some time in Jakartavisiting HARA, an AWS customer. They've created a way to connect small farms in developing nations to banks and distributers of goods, like seeds, fertilizer, and tools. Traditionally, rural farms have been ignored by the financial world, because they don't normally have the information required to open an account or apply for credit. With HARA, this hard-to-obtain data on small farms is collected and authenticated, giving these farmers access to resources they've never had before.

哈拉创建的系统的主要组成部分是区块链。这是一种用于构建多方可以通过点对点网络进行交互的应用程序的技术,并记录不可抵御的无可受信任的权限。哈拉必须开发额外的技术,以使其在必威体育精装版app官网Ethereum,一个流行的开源,区块链框架上的应用程序工作。

这是许多客户,如雀巢和新加坡交流,在SlockChain上与美国建立可扩展的企业应用程序共享,这是耗时和复杂的。无法达到这些挑战的组织落后。他们的想法也落后,可能会改变世界的想法,就像哈拉正在做的那样。

为了消除与区块链网络相关的复杂性,我们最近宣布Amazon Managed Blockchain, a fully managed service that makes it easy to create and manage scalable blockchain networks.

We also announcedAmazon Quantum Ledger Database(Amazon QLDB), a ledger database that provides some of the same features as blockchain for data integrity. It's designed for centralized systems, where there is a central trusted authority. Amazon QLDB provides a transparent, immutable, and cryptographically verifiable transaction log ‎owned by a central trusted authority.

In this post, I dive deeper into some of these concepts, the challenges people face building with blockchain, and how our two new services solve these issues.

A closer look at blockchain and ledger technology

首先,让我们仔细看看区块链后面的一些技术:LEDGERS,分散网络,共识算法和智能合同。

Blockchains are designed to maintain the integrity of data. They are immutable—committed data history cannot be altered or deleted, it can only be updated. Ledgers are the building blocks that help make blockchains immutable, so I'm going to explain this concept in detail.

LEDGERS已经存在了很长时间,通常用于记录两个或更多缔约方之间的经济和金融活动历史。早期的文明,如美不达米亚和古埃及,使用用石头和纸莎草植物建造的二手聚烯厂。今天,跟踪学分和借方的银行申请是分类帐最常见的例子之一。

Ledgers found in a blockchain (and now in Amazon QLDB) typically consist of the following:

  • Current and historical state:A data structure that keeps the current and historical state values, allowing applications to easily access the data without needing to traverse the entire transactional log.
  • A journal:事务日志,使一个完整的记录f the entire history of data changes. The transactional log is append-only, meaning that each new record is chained to the previous, allowing you to see the entire lineage of data's change history. Additionally, with the help of cryptographic hashing, a process that assigns a unique identifier (like a fingerprint) to each record, blocks are chained to one another. This allows ledgers to have a timekeeping property allowing anyone to look back in time and get proof that the data transaction occurred, making auditing simple.

Compare this to relational databases where customers have to engineer an auditing mechanism because the database is not inherently immutable. Such auditing mechanisms built with relational databases can be hard to scale. They put the onus on the application developer to ensure that all the right data is being recorded.

除了分布式分区,区块链还包括共识机制和智能合同执行环境。

  • Consensus algorithmshelp ensure that the members in the network have an agreed-upon method to allow transactions and data to be committed to the ledger. If the consensus requirements aren't met, then the transaction is rolled back and not valid.
  • Smart contracts是有规则和处罚的计划,该合同定义为代码行。该程序在满足合同的条件时不断检查,然后确保合同自动执行。

Together, these elements allow two or more parties to transact with decentralized trust, where each party consents to the transaction and records the transaction. Decentralized trust makes sense when multiple organizations must independently verify transaction history and have a single, up-to-date, accurate view of data. It also makes sense when there is no single party that wants to maintain an application but network members still want to transact with other parties efficiently.

Let's take the example of a trade finance application where decentralized trust is needed. Trading goods across international borders requires many orgs to work with one another, such as importers, exporters, multiple banks, shipping companies, insurance companies, and customs departments. With the number of stakeholders involved, there is no trusted central authority. Each stakeholder wants to independently verify the documentation related to the trade and doesn't want any single entity to own the record of activity.

The current process requires trade-related paperwork (for example, a letter of credit) to go back and forth between the stakeholders, which can take 5–10 business days to complete. This results in long processing time and high costs.

In this scenario, enabling the stakeholders to operate with decentralized trust improves efficiency and cuts down costs. A single participant does not own the infrastructure, and the system distributes a copy of the transaction ledger to each participant for independent verification. The business contract, such as a letter-of-credit, can be written as a smart contract in the blockchain application. It can automatically execute as soon as all parties provide consensus to record the transaction.

Customers look to blockchain as technology that enables them to transact with multiple parties when there is no single trusted authority and they need a system with decentralized trust.

Making blockchain easy with Managed Blockchain

It's difficult, expensive, and time-consuming to create and manage blockchain networks using existing frameworks. First, to create a blockchain network with permissions, each network member must manually provision hardware, install software, create and manage certificates for access control, and configure networking components. When the blockchain network is running, users have to continuously monitor the infrastructure. They must adapt to changes, such as an increase in transaction requests or new members joining or leaving the network.

为了帮助克服人们遇到模板建立的障碍,AWS已经创建了托管区块链。与自托管区块链网络不同,Amazon Managed SlockChinain消除了手动配置硬件,配置软件和设置网络和安全组件的需求。此服务允许用户只需点击几下即可设置和管理可伸缩的区块链网络。它自动缩放以满足运行数百万台交易的数千个应用程序的需求。

托管区块链管理证书和跟踪操作指标,例如计算,内存和存储资源的使用。通过托管区块链的投票API,网络参与者可以添加或删除成员。当网络成员需要额外的要创建和验证事务的容量时,成员可以使用托管区块链的API快速添加新节点。

In addition, Managed Blockchain provides a selection of instance types that comprise varying combinations of CPU and memo. This gives you the flexibility to choose the appropriate mix of resources to support your nodes. Users pay according to their usage and don't worry about any upfront costs for infrastructure.

区块链支持两种流行的区块链管理frameworks, Hyperledger Fabric and Ethereum. Hyperledger Fabric is well-suited for applications that require stringent privacy and permission controls and with a known set of members. For example, this might include a financial application where certain trade-related data is only shared between a subset of the network (only the banks that are part of the trade).

Ethereum is well suited for highly distributed blockchain networks where transparency of data for all members is important. Each transaction is visible to all the members of the network. For example, this might include a customer loyalty blockchain application that allows any network retailer to verify user activity by broadcasting the transaction to all members.

托管区块链现已用于超载杂志面料(Ethereum即将推出)。

Managed Blockchain creates a network and manages its key components:

  • Members
  • Hyperledger Fabric's certificate authority (CA) for each member
  • Peer nodes
  • The ordering service

A blockchain network is a peer-to-peer network running a decentralized blockchain framework. Each network includes one or more members, which are unique identities in the network (for example, an organization in a consortium of banks). Each member on the network can easily create their own peer nodes that come with a variety of compute and storage options.

With each member, the Hyperledger Fabric CA also gets created. The Hyperledger Fabric CA provides a number of certificate services that relate to user enrollment, transactions invoked on the blockchain, and TLS-secured connections between users or components of the blockchain.

每个成员的对等节点运行smar交互t contracts known as chaincode in Hyperledger Fabric. They create and endorse transactions proposed in the network, and store a local copy of the ledger.

Members define the rules in the endorsement process based on their application's business logic. For example, in a trade finance application, the bank for the exporting party wants to verify that the importing party has necessary funds before endorsing the transaction. To configure blockchain applications on peer nodes and to interact with other network resources, members use a client configured with the AWS CLI or SDK. Those network resources could include the certificate authority, ordering service, and peer nodes.

Managed Blockchain provides endpoints to access these services, which can be accessed via an AWS PrivateLink endpoint. Additionally, in Managed Blockchain, we have improved the reliability of the default ordering service, a component that ensures delivery of transactions across the blockchain network. We have rebuilt the ordering service using the same underlying technology as Amazon QLDB. There's even now an immutable change log that accurately maintains the complete history of all transactions in the blockchain network, ensuring that you durably save this data.

A ledger solution with centralized trust

我们花了很多时间在AWS与客户谈论区块链,以更好地了解它解决的问题。我们发现的一些有趣的是,许多公司对区块链感兴趣,因为它们需要一个透明,不变的和密码可验证的分类帐。但是,它们没有需要分散的信任的用例。

One example of this is a department of motor vehicles that tracks vehicle ownership and registration history in a way that is resilient against data manipulation. People have tried to solve this problem with a relational database, but it's not built to be immutable. Users have to do a bunch of work to create any complex auditing functionality. Also, with a traditional database there's no way to go back in time and verify the integrity of the change log.

逻辑上,下一个想法是,“区块链的分类帐组件呢?”除了为涉及多方的交易提供分散的信任之外,还解决了数据完整性和审计功能的问题。对于不需要对各方的每一笔交易达成共识的公司,它也不是工作的正确工具。

此问题的解决方案是一种集中式分类帐,用作透明,不变的和加密可验证的事务日志。这就是为什么我们创建了第一个目的内置的分类帐数据库 - 亚马逊QLDB。

Amazon QLDB使得易于理解应用程序数据随着时间的变化而变化,消除了在应用程序中构建复杂的审计功能的需要。Amazon QLDB日志是一个不可变日志,交易被附加为数据块。在事务被写入日志中后,无法更改或删除 - 它成为永久性记录。

These blocks are also hash-chained together using cryptography (SHA-256). This allows you to verify and show the proof of your data's integrity (for example, an ecommerce business may have to show proof of a winning bid). This transaction then gets updated in the Current State table, which always keeps the current value of the data. And, finally, the transaction gets indexed in the history table, which can be queried to track how the data has changed over time.

此外,由于Amazon QLDB是一个数据库,它提供比区块链框架更好的性能和比例。它可以很容易地扩展并执行两到三次作为常见区块链框架的交易。亚马逊QLDB现在可以使用limited preview

让每个人都有现代的解雇

Blockchain and ledger technology has the potential to dramatically improve many types of transactions. However, if it isn't accessible to everyone, many great ideas may never be realized.

通过托管区块链和亚马逊QLDB,任何人都可以创建一个透明,不变的和密码可验证的分类帐。BlockChain和分类帐数据库有许多用例。这只是一些例子。

Summary

These two solutions—Managed Blockchain and Amazon QLDB—expand the AWS portfolio of databases that offers the most breadth and depth of any cloud provider. By creating more options, we help more people. And when a company has the freedom to choose the best tool for a job, it makes a big difference.

Comments