Fabric transaction cycle

Hyperledger Fabric Transaction Lifecycle

Identity and Membership Setup

The transaction lifecycle in Hyperledger Fabric begins with identity management through X.509 certificates issued by a Certificate Authority (CA). Each network participant - whether an organization, peer node, or user - receives a unique digital identity. These identities are managed through Membership Service Providers (MSPs), which define the rules for authentication and authorization within each organization. The MSP contains cryptographic materials including CA certificates, admin certificates, and node-specific signing keys that enable secure participation in the network.

Network Architecture Components

Fabric's modular architecture consists of several key components working together. Organizations join the network with their own peers (which maintain the ledger), CAs (for identity management), and client applications. The ordering service (comprised of orderer nodes) forms the backbone of the network, responsible for creating the immutable sequence of transactions blocks. This separation of concerns between execution (peers), ordering (orderers), and identity (CAs) provides Fabric with its flexible and scalable architecture.

Chaincode Development Process

Smart contracts in Fabric, called chaincode, contain the business logic that governs transactions. Developers write chaincode in general-purpose languages like Go or JavaScript, defining functions that interact with the ledger state. The chaincode specifies how assets are created, modified, or queried, with functions like InitLedger for initialization and custom functions like TransferAsset for business operations. Chaincode is versioned and can be upgraded without losing the existing ledger state.

Chaincode Deployment Lifecycle

Before execution, chaincode goes through a rigorous four-stage deployment process:

Packaging - The code is bundled with its dependencies into a deployable package
Installation - The package is installed on all endorsing peers across organizations
Approval - Required organizations approve the chaincode definition based on policy
Commitment - The chaincode becomes active on the channel after orderer verification

Transaction Endorsement Flow

When a client submits a transaction, it first creates a proposal that is sent to endorsing peers. These peers simulate the transaction by executing the chaincode against their current state, generating a read/write set that shows what would change. The peers then cryptographically sign these results if the simulation meets policy requirements. This endorsement process ensures transactions are validated before being committed to the ledger.

Ordering and Finalization

Endorsed transactions are sent to ordering service nodes, which:

Gather transactions from across the network
Arrange them into blocks
Establish the definitive order of transactions
Distribute blocks to all peers

Peers then validate each transaction in the block against endorsement policies and current state before appending it to their copy of the ledger and updating the world state.

Advanced Features

Fabric supports sophisticated enterprise requirements through:

Private Data Collections: Enables confidential transactions between specific organizations
Access Control: Attribute-based rules govern who can invoke chaincode functions
Versioning: Chaincode can be upgraded while preserving ledger state
Plugable Components: Supports different consensus mechanisms and databases

Consensus and Finality

Fabric achieves finality through execute-order-validate architecture:

Transactions are first executed and endorsed
Then ordered into blocks with deterministic sequencing
Finally validated against current state before commitment

This three-phase approach provides high throughput while preventing double-spending and other inconsistencies.

World State Management

The ledger maintains two components:

Blockchain: Immutable sequence of transaction blocks
World State: Current value database (LevelDB/CouchDB) for efficient queries

This separation allows for efficient access to current values while maintaining complete transaction history.

Security Model

Fabric's security derives from:

PKI-based identity with certificate revocation
Configurable endorsement policies
Channel-based data isolation
Cryptographic hashing of all transactions
Byzantine fault tolerant ordering

These features combine to create an enterprise-grade permissioned blockchain suitable for business networks.

Hyperledger Fabric Transaction Lifecycle

1. Identity Creation and MSP Configuration

What is happening? Fabric uses X.509 certificates for identity. These certs are issued by a Certificate Authority (CA) and represent different users, peers, and orderers in the network. Each organization defines a Membership Service Provider (MSP) to manage these identities.

Technical Components:

MSP folder structure (per org):

msp/
├── cacerts/            # CA root cert
├── keystore/           # Private ECDSA key
├── signcerts/          # X.509 signing cert
├── admincerts/         # Org admins

Layman Explanation: Think of MSP like your "organizational passport system". The CA is like a passport office, and your certificates are digital passports proving who you are in the network.

2. Network Map and Actor Roles

What is happening? Fabric has a modular architecture. Every participant plays a role:

Org	Peers	CA	Orderer	MSP
Org1	peer0.org1	ca.org1	-	Org1MSP
Org2	peer0.org2	ca.org2	-	Org2MSP
OrdererOrg	-	ca-orderer	orderer.example.com	OrdererMSP

Layman Explanation: Imagine Org1 and Org2 are banks. Each has a "teller" (peer), a "notary" (CA), and a way to validate and store transactions. The orderer is like a shared accountant who logs all entries in a common ledger.

3. Chaincode (Smart Contract) Development

hello.go (written in Go):

type HelloWorldContract struct {
    contractapi.Contract
}
 
type Message struct {
    Text string `json:"text"`
}
 
func (c *HelloWorldContract) InitLedger(ctx contractapi.TransactionContextInterface) error {
    return ctx.GetStub().PutState("message", []byte(`{"text":"Hello Fabric!"}`))
}
 
func (c *HelloWorldContract) UpdateMessage(ctx contractapi.TransactionContextInterface, newMsg string) error {
    msg := Message{Text: newMsg}
    data, _ := json.Marshal(msg)
    return ctx.GetStub().PutState("message", data)
}

Layman Explanation: This is the program logic deployed to the blockchain. It initializes a message and lets users update it.

4. Package, Install, Approve, Commit (Chaincode Lifecycle)

What is happening? Fabric separates chaincode deployment into lifecycle phases.

4.1 Package Chaincode

peer lifecycle chaincode package hello.tar.gz \
  --path ./hello --lang golang --label hello_1

4.2 Install on Peers

peer lifecycle chaincode install hello.tar.gz

4.3 Approve by Each Org

peer lifecycle chaincode approveformyorg ...

4.4 Commit Chaincode Definition

peer lifecycle chaincode commit ...

Layman Explanation: Imagine writing a company policy, getting department heads to sign off (approve), and then publishing it to everyone (commit).

5. Endorsement Policy (Who Must Approve Transactions?)

Examples:

OR('Org1MSP.peer','Org2MSP.peer')  # Allow either org
AND('Org1MSP.peer','Org2MSP.peer') # Require both orgs

Layman Explanation: It's like saying: "For payments, either the manager or finance must sign" vs "Both manager and finance must sign."

6. InitLedger Transaction

peer chaincode invoke -C mychannel -n hello -c '{"function":"InitLedger","Args":[]}' ...

7. Submit UpdateMessage("Goodbye Fabric!")

Proposal Payload:

{
  "txID": "f9d7...",
  "args": ["UpdateMessage", "Goodbye Fabric!"],
  "creator": "user1@Org1MSP",
  "endorsers": ["peer0.org1", "peer0.org2"]
}

8. World State Update

Before:

{"message": {"text": "Hello Fabric!"}}

After:

{"message": {"text": "Goodbye Fabric!"}}

9. Block Structure

Example:

{
  "number": 7,
  "data": {
    "transactions": [
      {
        "txID": "f9d7...",
        "chaincode": "hello",
        "rwSet": {
          "writes": [
            {"key": "message", "value": "{\"text\":\"Goodbye Fabric!\"}"}
          ]
        },
        "status": "VALID"
      }
    ]
  }
}

10. Chaincode Upgrade (v1 → v2)

peer lifecycle chaincode package hello_v2.tar.gz ...
peer lifecycle chaincode install hello_v2.tar.gz
peer lifecycle chaincode approveformyorg --version 2 --sequence 2
peer lifecycle chaincode commit --version 2 --sequence 2 ...

11. Private Data Collection (PDC)

collections_config.json:

[
  {
    "name": "msgCollection",
    "policy": "OR('Org1MSP.member')",
    "requiredPeerCount": 1,
    "maxPeerCount": 2,
    "blockToLive": 100,
    "memberOnlyRead": true
  }
]

12. Access Control via Attributes (ABAC)

Chaincode Example:

val, ok, _ := ctx.GetClientIdentity().GetAttributeValue("role")
if val != "auditor" { return fmt.Errorf("unauthorized") }

Fabric Ledger Internals

Component	Description
Ledger	Immutable sequence of blocks
Block Store	Stores header, data, metadata
State Database	Current values only (LevelDB or CouchDB)

Summary Table

Category	Details
Identity & MSP	X.509 + CA + ECDSA keys
Chaincode Lifecycle	Package → Install → Approve → Commit

Ethereum vs Hyperledger Fabric - Comparison

Technical Comparison Table

Category	Ethereum (EVM-Based Chains)	Hyperledger Fabric
1. Identity Model	ECDSA secp256k1 key pair; address = Keccak256(pubkey)[12:]	X.509 certificates issued by Membership Service Providers (MSP)
2. Network Type	Public or permissioned P2P (Ethereum Mainnet, Polygon, BSC)	Fully permissioned consortium network
3. Ledger Architecture	Global state stored in Merkle Patricia Trie (MPT)	Channel-based key-value store (LevelDB/CouchDB)
4. State Model	Account-based: balances and storage in accounts	Key-value database with versioned keys per channel
5. Smart Contract Format	EVM bytecode; written in Solidity/Vyper/Yul	Chaincode packages in Go, JavaScript, or Java
6. Contract Execution	Executed in deterministic sandbox (EVM)	Executed in Docker containers as chaincode
7. Contract Invocation	`eth_sendTransaction`: ABI-encoded calldata	SDK submits proposals → endorsers simulate
8. Transaction Structure	Nonce, to, value, gas, calldata, signature	Proposal + RW Set + endorsements + signature
9. Signing Mechanism	ECDSA (v, r, s) signature from sender	X.509-based MSP identities; multiple endorsements
10. Endorsement Model	No built-in multi-party endorsement (unless multisig logic)	Explicit endorsement policy per chaincode
11. Consensus Mechanism	PoS (Ethereum 2.0), PoW (legacy), rollup validators	Ordering service (Raft, BFT) + validation per org
12. Ordering Layer	Implicit in block mining / validator proposal	Dedicated ordering nodes create canonical blocks
13. State Change Process	Contract executes → SSTORE updates global state	Endorsers simulate → Orderer orders → Peers validate/commit
14. Double-Spend Prevention	State root update + nonce per account	MVCC: Version check of key during commit phase
15. Finality Model	Probabilistic (PoW), deterministic (PoS/finality gadget)	Deterministic finality after commit
16. Privacy Model	Fully public by default; private txs via rollups/middleware	Channel-based segregation + Private Data Collections (PDCs)
17. Data Visibility	All nodes hold all state (global visibility)	Per-channel; only authorized peers see data
18. Data Storage Format	MPT for state; key-value in trie; Keccak256 slots	Simple key-value in LevelDB/CouchDB
19. Transaction Validation	EVM bytecode + gas + opcode checks	Validation system chaincode enforces endorsement policy + MVCC
20. Gas / Resource Metering	Gas metering for all computation and storage	No gas model; logic must guard resource consumption
21. Events and Logs	LOGn opcode emits indexed events	Chaincode emits named events; clients can subscribe
22. Query Capability	JSON-RPC, The Graph, GraphQL, custom RPC	CouchDB rich queries, GetHistoryForKey, ad hoc queries
23. Time Constraints	Optional: `block.timestamp`, `validUntil` for EIP-1559 txs	Custom fields in chaincode; no native tx expiry
24. Execution Environment	Global EVM sandbox; each node runs all txs	Isolated Docker container per chaincode; endorsers simulate
25. Deployment Flow	Deploy via signed transaction containing bytecode	Lifecycle: package → install → approve → commit
26. Smart Contract Upgrade	Manual via proxy pattern or CREATE2	Controlled upgrade via chaincode lifecycle & endorsement policy
27. Programming Languages	Solidity (primary), Vyper, Yul	Go (primary), also JavaScript and Java
28. Auditability & History	Full block-by-block transaction trace, Merkle proof of state	Immutable ledger + key history queries
29. Hashing Functions	Keccak256 (SHA-3 variant)	SHA-256, SHA-512 (standard cryptographic primitives)
30. zk / Confidentiality Tools	zkRollups, zkEVM, TornadoCash, Aztec	External ZKP libraries; no native zero-knowledge integration

Execution Lifecycle Comparison

Stage	Ethereum (EVM)	Hyperledger Fabric
1. Initiation	User signs tx with ECDSA and submits to node	Client sends proposal to endorsing peers via SDK
2. Simulation	EVM runs the tx using opcode interpreter	Endorsing peers simulate chaincode, generate RW set
3. Signing	Sender signs tx (v, r, s)	Each endorser signs the proposal response
4. Ordering	Block produced by validator	Ordering service batches txs into blocks
5. Validation	Gas limit, signature, nonce, storage check	Validation system checks endorsement + MVCC versioning
6. Commit	State trie updated, new root in block header	Valid txs update state in DB; invalid txs marked as such
7. Finality	Final after sufficient blocks (PoW/PoS)	Final immediately after block commit

Summary Insights

Ethereum offers a globally synchronized, public execution model with gas metering and strong ecosystem tooling. It emphasizes decentralization, programmability, and composability.
Fabric is a modular enterprise-grade DLT with configurable privacy, endorsement policies, and deterministic execution. It separates simulation from ordering, enabling fine-grained control.

Fabric transaction cycle

On this page