Ermyas Abebe

Bishakh Chandra Ghosh, Venkatraman Ramakrishna, Chander Govindarajan et al.

Interoperation for data sharing between permissioned blockchain networks relies on networks' abilities to independently authenticate requests and validate proofs accompanying the data; these typically contain digital signatures. This requires counterparty networks to know the identities and certification chains of each other's members, establishing a common trust basis rooted in identity. But permissioned networks are ad hoc consortia of existing organizations, whose network affiliations may not be well-known or well-established even though their individual identities are. In this paper, we describe an architecture and set of protocols for distributed identity management across permissioned blockchain networks to establish a trust basis for data sharing. Networks wishing to interoperate can associate with one or more distributed identity registries that maintain credentials on shared ledgers managed by groups of reputed identity providers. A network's participants possess self-sovereign decentralized identities (DIDs) on these registries and can obtain privacy-preserving verifiable membership credentials. During interoperation, networks can securely and dynamically discover each others' latest membership lists and members' credentials. We implement a solution based on Hyperledger Indy and Aries, and demonstrate its viability and usefulness by linking a trade finance network with a trade logistics network, both built on Hyperledger Fabric. We also analyze the extensibility, security, and trustworthiness of our system.

Ermyas Abebe, Yining Hu, Allison Irvin et al.

Permissioned ledger technologies have gained significant traction over the last few years. For practical reasons, their applications have focused on transforming narrowly scoped use-cases in isolation. This has led to a proliferation of niche, isolated networks that are quickly becoming data and value silos. To increase value across the broader ecosystem, these networks must seamlessly integrate with existing systems and interoperate with one another. A fundamental requirement for enabling crosschain communication is the ability to prove the validity of the internal state of a ledger to an external party. However, due to the closed nature of permissioned ledgers, their internal state is opaque to an external observer. This makes consuming and verifying states from these networks a non-trivial problem. This paper addresses this fundamental requirement for state sharing across permissioned ledgers. In particular, we address two key problems for external clients: (i) assurances on the validity of state in a permissioned ledger and (ii) the ability to reason about the currency of state. We assume an adversarial model where the members of the committee managing the permissioned ledger can be malicious in the absence of detectability and accountability. We present a formalization of the problem for state sharing and examine its security properties under different adversarial conditions. We propose the design of a protocol that uses a secure public ledger for providing guarantees on safety and the ability to reason about time, with at least one honest member in the committee. We then provide a formal security analysis of our design and a proof of concept implementation based on Hyperledger Fabric demonstrating the effectiveness of the proposed protocol.