(19.1.3 and later versions only) You can add private data collections to channels. Private data collections specify subsets of organizations that endorse, commit, or query private data on the channel.
Use private data collections in cases where you want a group of organizations on the channel to share data within a transaction and to prevent the other organizations on the channel from seeing the data.
If you're going to use private data collections across the organizations in your network, then you need to configure anchor peers. Anchor peers facilitate private data gossip among the organizations. See Add an Anchor Peer.
You specify the private data collections when you instantiate the chaincode.
- Go to the console and select the Chaincodes tab.
- Locate the chaincode that you want to instantiate and begin the instantiation process.
- Expand the Private Data Collections section and add the collection definition as needed.
Field Description Collection Name Enter the collection's name. You'll reference this name in the chaincode. Policy
Create the policy to specify which organizations are included in the collection and which peers can store the private data.
Each member listed in the policy must be included in an
ORsignature policy list.
To support read/write transactions, the private data distribution policy must contain more organizations than the chaincode endorsement policy because peers must have the private data to endorse transactions. For example, in a channel with ten organizations, five of the organizations are included in a private data collection policy, but the endorsement policy requires three organizations to endorse a transaction.
Enter the number of peers that each endorsing peer must distribute private data to before the peer signs the endorsement and returns the proposal response.Oracle recommends that you set this value to 1 or more peers to:
- Ensure redundancy of the private data on multiple peers in the network.
- Ensure that private data is available if the endorsing peers become unavailable.
Note that setting this value to 0 means that distribution isn't required. However, if the Max Peer Count field is set to greater than 0, then private data distribution might still occur.
Max Peer Count
Enter the maximum number of peers that the current endorsing peer attempts to distribute the data to. This is to ensure redundancy so that peers are available between endorsement time and commit time to pull the private data if an endorsing peer isn't available.
If you set this value to 0, then the private data isn't distributes at the time of endorsement. This causes private data pulls against the endorsing peers on all authorized peers at commit time.
Block to Live
Enter the length in number of blocks that you want data to reside on the private database. The data is purged when the number of blocks is reached.
Set this value to 0 if you never want to purge the data.
Note that a peer can fail to pull private data from another peer if a private data collection's blocktolive value is less than 10, and its requiredPeerCount and maxPeerCount are less than the total number of peers in the channel. This is a known Hyperledger Fabric issue. See https://jira.hyperledger.org/browse/FAB-11889.
- Click Add New Collection and your collection's information is displayed in the private data collection table.
- If needed, specify other collections.
- Complete the other fields on the Instantiate Chaincode page as needed.
- Click Instantiate.