AWSではじめるBlockchain/[DevelopersIO 2019 in OSAKA]Blockchain starting with AWS

"84Ͱ͸͡ΊΔ#MPDLDIBJO "84ࣄۀຊ෦ɹίϯαϧςΟϯά෦ ؙໟɹಞ࢙

DNEFWJP

εϥΠυ͸ޙͰೖख͢Δ͜ͱ͕ग़དྷ·͢ͷͰ ൃදதͷ಺༰ΛϝϞ͢Δඞཁ͸͋Γ·ͤΜɻ ࣸਅࡱӨΛ͢Δ৔߹͸ ϑϥογϡɾγϟολʔԻ͕ग़ͳ͍Α͏ʹ͝഑ྀ͍ͩ͘͞ Attention

ࣗݾ঺հ ؙໟ ಞ࢙ʢϚϧϞΞπγʣ AWS ࣄۀຊ෦ ίϯαϧςΟϯά෦ॴଐ • ιϦϡʔγϣϯΞʔΩςΫτ •
2018೥1݄ೖࣾ - 18೥ؒɺਆށͷ SIer ͰΠϯϑϥΤϯδχΞ • ޷͖ͳ AWS αʔϏε - Amazon CloudFront - AWS Transit Gateway - Amazon Managed Blockchain

࿩͢͜ͱ wϒϩοΫνΣʔϯͷجૅ  ϏοτίΠϯ͔ΒϒϩοΫνΣʔϯͷجຊ֓೦ΛֶͿ w"NB[PO.BOBHFE#MPDLDIBJOͷ֓ཁ w)ZQFSMFEHFS'BCSJDͷجૅ  ֤ίϯϙʔωϯτʹ͍ͭͯ

࿩͞ͳ͍͜ͱ wϏοτίΠϯɺ&UIFSFVNͷৄࡉͳ࿩ w"NB[PO2VBOUVN-FEHFS%BUBCBTF 2-%#ʣ wεϚʔτίϯτϥΫτ։ൃͷ࿩ wϢʔεέʔεɺϒϩοΫνΣʔϯΛ࢖ͬͨϏδωεతͳ࿩

ϒϩοΫνΣʔϯͱ͸

௨শɿCJUDPJO࿦จʢ4BUPTIJ/BLBNPUP࿦จʣ ೥ʹ$SZQUPHSBQIZ.BJMJOH-JTUʹ౤ߘ͞Εͨ࿦จ    ʮ#JUDPJO"1FFSUP1FFS&MFDUSPOJD$BTI4ZTUFNʯ w҉߸Խٕज़ʢIBTIɺσδλϧॺ໊ʣ w11ωοτϫʔΫ wίϯηϯαεΞϧΰϦζϜ 1P8
w෼ࢄܕ୆ாʢ෼ࢄܕτϥετʣ IUUQTCJUDPJOPSHCJUDPJOQEG ࿦จͷதͰʮϒϩοΫνΣʔϯʯͱ͍͏  ୯ޠ͸ग़ͯ͜ͳ͍

ैདྷܕͷ՝୊ wίετ w஥հίετ  গֹܾࡁͰ͖ͳ͍ w࣌ؒతίετ w࠮ٗͳͲʹෆ࣮֬ੑʹ ର͢Δίετ ৴པͰ͖Δୈࡾऀ Alice
Bob औҾ ѱҙͷϢʔβ ৴༻ ඞཁͳͷ͸ʮ୭ʯʹ΋ͱͮ ͘৴༻Ͱ͸ͳ͘ɺ҉߸ֶత ূ໌ʹجͮ͘ిࢠऔҾ

ϒϩοΫνΣʔϯͷఆٛ ೔ຊϒϩοΫνΣʔϯڠձʢ+#"ʣʹΑΔఆٛ ʮϏβϯνϯো֐ΛؚΉෆಛఆଟ਺ͷϊʔυΛ༻͍ɺ࣌ؒͷܦաͱͱ΋ʹͦͷ࣌఺ͷ ߹ҙ͕෴Δ֬཰͕΁ऩଋ͢Δϓϩτίϧɺ·ͨ͸ͦͷ࣮૷ΛϒϩοΫνΣʔϯͱݺ Ϳɻʯ ʮిࢠॺ໊ͱϋογϡϙΠϯλΛ࢖༻͠վ᜵ݕग़͕༰қͳσʔλߏ଄Λ࣋ͪɺ׌ͭɺ ౰֘σʔλΛωοτϫʔΫ্ʹ෼ࢄ͢Δଟ਺ͷϊʔυʹอ࣋ͤ͞Δ͜ͱͰɺߴՄ༻ੑ
ٴͼσʔλಉҰੑ౳Λ࣮ݱ͢Δٕज़Λ޿ٛͷϒϩοΫνΣʔϯͱݺͿɻʯ ڱٛͷϒϩοΫνΣʔϯʢΦϦδφϧʣ ޿ٛͷϒϩοΫνΣʔϯ

ϒϩοΫνΣʔϯΛࢧ͑Δٕज़ w҉߸Խʢެ։伴҉߸ɺσδλϧॺ໊ɺϋογϡؔ਺ʣ w11ωοτϫʔΫ wίϯηϯαεΞϧΰϦζϜ wεϚʔτίϯτϥΫτ

σδλϧॺ໊ ᶃϋογϡؔ਺Ͱϋογϡ஋Λࢉग़ ᶄૹ৴ऀͷൿີ伴Ͱϋογϡ஋Λ  ɹ҉߸Խ ᶆϋογϡؔ਺Ͱϋογϡ஋Λࢉग़ ᶇૹ৴ऀͷެ։伴Ͱϋογϡ஋Λ෮߸ ᶈͦΕͧΕͷϋογϡ஋Λൺֱ

σδλϧॺ໊νΣʔϯ ඇվ͟ΜͷݕূɺίΠϯͷॴ༗ݖ w11ͰίΠϯͷৡ౉͢Δࡍɺ૬खͷެ։伴 ͱσδλϧॺ໊Λ෇͚ͨ5YΛૹΔ wडऔਓ͸ૹΓओͷެ։伴Ͱॺ໊Λݕূ͢ Δ͜ͱͰɺॴ༗ݖʢॴ༗ऀͷίΠϯ͔Βࢧ෷ ΘΕͨʣΛݕূͰ͖Δ wτϥϯβΫγϣϯ#ʹ͸डऔਓ#ͷެ։伴ؚ͕ ·Ε͍ͯΔͷͰ࣍ͷνΣʔϯΛ৳͹ͤΔͷ͸
ॴ༗ऀͷΈʢެ։伴ͰݕূͰ͖Δॺ໊Λ࡞ ੒Ͱ͖Δͷ͸ॴ༗ऀͷΈʣ ͨͩ͠ɺ11ܾࡁʹ͓͍ͯೋॏ࢖༻ͷݕূ͸Ͱ͖ͳ͍

ೋॏ࢖༻ͷղܾํ๏ wઌʹಧ͍ͨτϥϯβΫγϣϯΛਖ਼ͱ͢Δ wͦͷͨΊʹ͸ɺ͢΂ͯͷτϥϯβΫγϣϯͷॱ൪͕ඞཁ wͭ·Γɺ͢΂ͯͷτϥϯβΫγϣϯΛ஌Δඞཁ  ˠۜߦͳͲͷۚ༥ωοτϫʔΫ͕৴པ͞ΕΔୈࡾऀͰ͋Δཧ༝ wͰ΋ɺඇதԝूݖΛ໨ࢦ͍ͯ͠Δ ͢΂ͯͷτϥϯβΫγϣϯΛ೺ѲͰ͖Δ  11ωοτϫʔΫ͕ඞཁ

Α͏΍͘ϒϩοΫͷొ৔ wτϥϯβΫγϣϯͷϒϩʔυΩϟετ  ͢΂ͯͷτϥϯβΫγϣϯΛ஌Δ wλΠϜελϯϯϓʴσδλϧॺ໊  ͋Δ࣌ࠁʹͦͷిࢠσʔλ͕ଘࡏ͍ͯͨ͜͠ͱͱɺͦΕҎ ߱վ͟Μ͞Ε͍ͯͳ͍͜ͱΛূ໌͢Δٕज़ wϒϩοΫ  ෳ਺τϥϯβΫγϣϯʢ59ʣͷϋογϡ஋ΛϚʔΫϧϧʔ τʹ·ͱΊɺϧʔτϋογϡͷΈΛϒϩοΫϔομʔʹؚ
ΊͯɺλΠϜελϯϓΛൃߦ  ֤ϒϩοΫ͸ϋογϡνΣʔϯͰͭͳ͕ͬͯɺ͢΂ͯͷऔ Ҿ͕ه࿥͞Ε͍ͯΔ͜ͱ͔Β୆ாͱ͍ΘΕΔ ैདྷͷλΠϜελϯϓαʔό͸தԝूݖతͰ͋ΔͨΊɺ  ඇதԝूݖతͳλΠϜελϯϓαʔό͕ඞཁʢ୭Λਖ਼ͱ͢Δͷ͔ʣ

ίϯηϯαεΞϧΰϦζϜʢ1P8ʣ w୭͕୆ாʹॻ͖ࠐΉ͔ɺΛ߹ҙ͢Δ࢓૊Έ w1P8ɿ1SPPGPG8PSL  ϒϩοΫϔομʔͷϋογϡ஋͕͍͔ͭ͘ͷ̌ FYFEGFEʜʣͰ࢝·ΔΑ͏ʹͳΔͨΊ ʹՃ͑Δ஋ʢOPODFʣΛ୳͢ʢʹϚΠχϯάʣ w࠷ॳʹOPODFΛݟ͚ͭͨਓ͕ϒϩοΫΛ୆ாʹ ॻ͖ࠐΊΔʢλΠϜελϯϓʣ  ʢˍใु͕΋Β͑Δʣ
wOPODFͷϒϩʔυΩϟετ  ݟ͚ͭΒΕͨOPODFͷݕূ͸؆୯ w1P8͸$16ͷܭࢉྔͰใुΛಘΔ

ϋογϡϨʔτʢ࠾۷଎౓ʣ wϚΠχϯά͢Δࡍͷඵ͋ͨΓͷܭࢉྗ  ɾϝΨIBTIT͸ຖඵສճͷϋογϡܭࢉ w &)ʢΤΫαϋογϡʣ  ژճඵ w ໿ژճඵͷܭࢉ w
෼ͰϒϩοΫੜ੒͞ΕΔ Α͏ʹ೉қ౓ௐ੔͞ΕΔ w ϒϩοΫੜ੒͢Δͷʹ ژճYඵͷϋο γϡܭࢉΛͿΜճ͢

ίϯηϯαεΞϧΰϦζϜ͍Ζ͍Ζ w1P4ɿ1SPPGPG4UBLF  ௨՟ͷอ༗ྔͰใुΛಘΔɻෳࡶͳܭࢉ͕ෆཁɻ  -*4,΍কདྷظʹ&UIFSFVN͕࠾༻༧ఆɻ w1P*ɿ1SPPGPG*NQPSUBODF  ௨՟ͷอ༗ྔɺอ༗ظؒɺར༻ྔͳͲ͔ΒใुΛಘΔɻ  ྲྀಈੑΛԼ͛ͳ͍ɻ/&.͕࠾༻ɻ w1P$ɿ1SPPGPG$POTFOTVT  ৴༻ͷ͋Δاۀ΍άϧʔϓ͕ϒϩοΫΛঝೝɻதԝूݖతͰ͸͋Δ͕ૣ͍ɻ 
3JQQMF͕࠾༻ w1P"ɿ1SPPGPG"VUIPSJUZ  7BMJEBUPSͱݺ͹ΕΔঝೝΞΧ΢ϯτ͚͕ͩϒϩοΫΛੜ੒ɻதԝूݖతɻ  ϓϥΠϕʔτͳ&UIFSFVNͷςετωοτϫʔΫͰ࠾༻ʢ3JOLFZCZɺ,PWBOʣ

εϚʔτίϯτϥΫτ wϏοτίΠϯʹ͸ແ͍ػೳ wϒϩοΫνΣʔϯ্Ͱಈ࡞͢ΔϓϩάϥϜ w௨՟Ҏ֎ʹܖ໿಺༰ͳͲ΋ه࿥Ͱ͖Δ w৚͕݅੔͑͹ࣗಈͰܖ໿಺༰Λ࣮ߦ͢Δ͜ͱ΋Ͱ͖Δ w஥հऀ͕ͳ͘11Ͱ͋ΔͨΊऔҾ͕ૣ͍ wܖ໿಺༰͸ϒϩοΫνΣʔϯ্ʹ͋ΔͷͰվ͟Μ͕೉͍͠ w%BQQʢ෼ࢄܕΞϓϦέʔγϣϯʣ ϒϩοΫνΣʔϯΛߏ੒͢ΔͨΊͷٕज़Ͱ͸ͳ͍͕ɺϒϩοΫνΣʔϯͷීٴʹ 
͔ܽͤͳ͍ͨΊɺϒϩοΫνΣʔϯͷٕज़ͱͯ͠ޠΒΕΔ͜ͱ͕ଟ͍

ϒϩοΫνΣʔϯΛࢧ͑Δٕज़ɹ·ͱΊ w҉߸Խʢެ։伴҉߸ɺσδλϧॺ໊ɺϋογϡؔ਺ʣ  ɾॴ༗ݖͷݕূɺվ͟Μ๷ࢭ w11ωοτϫʔΫ  ɾඇதԝूݖԽ  ɾ෼ࢄܕ୆ா wίϯηϯαεΞϧΰϦζϜ  ɾෆਖ਼Λ๷ࢭ͠ɺऔҾͷ࿈ଓੑΛอͭ߹ҙͷख๏ wεϚʔτίϯτϥΫτ 
ɾϒϩοΫνΣʔϯ্Ͱಈ࡞͢ΔϓϩάϥϜ

"84Ͱ͸͡ΊΔ#MPDLDIBJO

ɾɾɾͷલʹ

ϒϩοΫνΣʔϯΛ͸͡ΊΔલʹ ͋ͳ͕ͨཉ͍͠ͷ͸ ඇதԝूݖͳϒϩοΫνΣʔϯͰ͔͢ʁ ෆมతͳ୆ாσʔλϕʔεͰ͔͢ʁ

୆ாσʔλϕʔεͰຬͨͤͦ͏ https://pages.awscloud.com/rs/112-TZM-766/images/B2-05.pdf

"NB[PO2VBOUVN-FEHFS%BUBCBTF 2-%# 2019/09/11 GA!!

"NB[PO2VBOUVN-FEHFS%BUBCBTF 2-%# ࠓ೔͸͕࣌ؒͳ͍ͷͰɺޙ΄ͲϒϩάಡΜͰ͍ͩ͘͞ https://dev.classmethod.jp/cloud/aws/reinvent-dat378-how-do-i-know-i-need-a-ledger-database-an-introduction-to-amazon-qldb/ https://dev.classmethod.jp/cloud/aws/amazon-qldb-ga/

͍΍ɺϒϩοΫνΣʔϯ͕ཉ͍͠ΜͰ͢ https://pages.awscloud.com/rs/112-TZM-766/images/B2-05.pdf

ϒϩοΫνΣʔϯͷՄೳੑ͸໛ࡧத https://pages.awscloud.com/rs/112-TZM-766/images/B2-05.pdf

"NB[PO.BOBHFE#MPDLDIBJO 2019/05 GA

"NB[PO.BOBHFE#MPDLDIBJO wݱ࣌఺Ͱ͸๺όʔδχΞʢVTFBTUʣͷΈར༻Մೳ wϑϧϚωʔδυ  ਺෼ͰϒϩοΫνΣʔϯωοτϫʔΫΛߏங wΦʔϓϯιʔεͷϑϨʔϜϫʔΫ  )ZQFSMFEHFS'BCSJD&UIFSFVNʢDPNJOHTPPOʣ w௿ίετ  ϝϯόʔγοϓྉۚIʙ  ϐΞϊʔυྉۚIʙ

)ZQFSMFEHFS'BCSJD wڐՄ੍ωοτϫʔΫʢϓϥΠϕʔτνΣʔϯʣ  ίϯιʔγΞϜܕ w֤ϝϯόʔ͕ࢀরՄೳͳ୆ாΛ੍ݶ͢Δ  νϟωϧΛ࣋ͭ w(P /PEFKT +BWBͰॻ͔ΕͨνΣʔϯίʔυʢεϚʔτίϯτϥΫ τʣΛ%PDLFSίϯςφͰ࣮ߦ
wνΣʔϯίʔυΛ࣮ߦ͢ΔͨΊͷݕূϙϦγʔΛ  ઃఆՄೳ wνΣʔϯίʔυͷ࣮ߦʹωΠςΟϒͷ҉߸௨՟Λ  ඞཁͱ͠ͳ͍ w"QBDIF-JDFODTF

&UIFSFVN wڐՄ੍ωοτϫʔΫ͔ɺύϒϦοΫͷ&UIFSFVNωοτ ϫʔΫΛ࢖༻ʢύϒϦοΫνΣʔϯʣ wίϯηϯαεΞϧΰϦζϜ͸ύϒϦοΫͰ͸1P8ɺϓϥ ΠϕʔτͰ͸1P"ʹઃఆ͞Ε͍ͯΔ wωοτϫʔΫʹΞΫηεͰ͖Δਓ͸୭Ͱ΋୆ாͷ͢΂ͯͷ σʔλΛࢀরͰ͖Δ wωοτϫʔΫ಺ͷϊʔυؒͰ࣮ߦ͞ΕΔݴޠ ʮ4PMJEJUZʯΛ࢖༻ͯ͠εϚʔτίϯτϥΫτΛ࡞੒͢Δ
w(1-ʢ&OUFSQSJTF޲͚ʹҰ෦"QBDIF-JDFOTF΋͋ Δʣ Coming soon!

.BOBHFE#MPDLDIBJOίϯϙʔωϯτ w0SEFSFS  ɾτϥϯβΫγϣϯͷॱং෇͚ͱ  ɹϒϩοΫͷ࡞੒  ɾϒϩοΫͷૹ৴ w$"  ɾϢʔβʔɺ1FFSͷొ࿥ɺ*%؅ཧ  ɾূ໌ॻͷൃߦɺ؅ཧ w1FFS 
ɾ୆ாͷอ༗  ɾτϥϯβΫγϣϯͷݕূɺ࣮ߦ  ɾνΣʔϯίʔυͷ࣮ߦ

.BOBHFE#MPDLDIBJOՁ֨ମܥ wϝϯόʔγοϓྉۚ wσʔλॻ͖ࠐΈྉۚ wϐΞϊʔυྉۚ wϐΞϊʔυετϨʔδྉۚ w71$ΤϯυϙΠϯτྉۚ w௨ৗͷσʔλసૹྉۚ wࢀՃऀ͕ͦΕͧΕͷϦιʔεʹԠͯ͡ ࢧ෷͏

.BOBHFE#MPDLDIBJO&EJUJPO 4UBSUFS&EJUJPO 4UBOEBSE&EUJPO ༻్ ςετ͓Αͼখن໛ͷ ຊ൪ωοτϫʔΫ ຊ൪ωοτϫʔΫ ϝϯόʔγοϓྉۚ ʢQFS)PVSʣ
ωοτϫʔΫ͋ͨΓͷ ϝϯόʔ਺ ࠷େ̑ ࠷େ ϝϯόʔ͋ͨΓͷ ϐΞϊʔυ਺ ࠷େ̎ ࠷େ̏ ΠϯελϯελΠϓ CDUTNBMMCDUNFEJVN CDUTNBMMYMBSHF CDNDMBSHFYMBSHF τϥϯβΫγϣϯͷ εϧʔϓοτ͓ΑͼՄ༻ੑ 4UBOEBSEΑΓ௿͍ 4UBSUFSΑΓߴ͍

)ZQFSMFEHFS'BCSJD

)ZQFSMFEHFS'BCSJD wίϯηϯαεϞσϧ w1FFS w0SEFSJOH4FSWJDF w.41 w$" w$IBOOFM w&OEPSTNFOUQPMJDZ

)ZQFSMFEHFS'BCSJDͷίϯηϯαεϞσϧ Hyperledger Fabric ೖ໳, ୈ 3 ճ ίϯηϯαε/Ordering Service/Kafka/Zookeeper

w&OEPSTFNFOUϑΣʔζ    &OEPSTJOH1FFSʹ5YΛૹ෇͠ɺ &OEPSTFNFOU1PMJDZ͕5YΛγϛϡϨʔ γϣϯͯ͠ॺ໊ΛՃ͑ɺΫϥΠΞϯτʹ ฦ৴ɻ    γϛϡϨʔγϣϯͷࡍʹૹ৴ݩͷূ໌ॻ ͷݕূɺର৅νϟωϧ΁ͷΞΫηεݖͷ νΣοΫ΋ߦ͏ɻ

w0SEFSJOHϑΣʔζ    0SEFSJOH4FSWJDFʹ5Y ʢ&OEPSTJOH1FFSͷγϛϡ Ϩʔγϣϯ݁Ռɺॺ໊ɺνϟω ϧ*%ΛؚΉʣΛૹ෇    0SEFSJOH4FSWJDF͕5YΛνϟ ωϧ͝ͱʹॱং෇͚ͯϒϩοΫ ʹ·ͱΊɺ$PNNJUUJOH1FFSʹ ϒϩοΫΛૹΔɻ

w7BMJEBUJPOϑΣʔζ    0SEFSJOH4FSWJDF͔Βड͚औͬͨ5YΛ $PNNJUUJOH1FFS͕ɺ&OEPSTFNFOU 1PMJDZΛຬͨͯ͠Δ͔ɺෳ਺ͷ5Y͕ಉ͡ ஋Λߋ৽ͯ͠ڝ߹͍ͯ͠ͳ͍͔ݕূ͢Δɻ    ໰୊ͳ͚Ε͹$PNNJUUJOH1FFS͸  ϒϩοΫΛ୆ாʹॻ͖ࠐΈɺεςʔτ%# Λߋ৽͢Δɻ

1FFS 1FFSʹ͸छྨͷ໾ׂ w&OEPSTFNFOU1FFS w୆ாͱνΣʔϯίʔυΛอ༗ w&OEPTFNFOU1PMJDZʹج͖ͮ5YΛݕূ wݕূ݁Ռʹࣗ਎ͷॺ໊Λ͚ͭͯΫϥΠΞϯτʹฦ৴ w$PNNJUUJOH1FFS w0SEFSFS͔Βૹ৴͞ΕͨϒϩοΫΛࣗ਎ͷ୆ாʹॻ͖ࠐΉ ͭͷ1FFSʹෳ਺ͷ໾ׂΛఆٛ͢Δ͜ͱ΋Մೳ 
ʢ".#͸ͭͷ1FFSʹू໿ͯͦ͠͏ʣ

1FFSͷػೳʢ୆ாͷอ༗ʣ ୆ா͸ϒϩοΫνΣʔϯͱεςʔτ%#ؚ͕·ΕΔ wϒϩοΫνΣʔϯ  νΣʔϯίʔυͷ࣮ߦཤྺ wεςʔτ%#  τϥϯβΫγϣϯͷ࠷৽ͷ݁Ռ ɾ୆ாͷ৘ใ͸੔߹ੑΛಘΔͨΊɺωοτϫʔΫ಺Ͱಉظ͞ΕΔɻ  ɾಉظ͸νϟωϧ୯ҐͰ͋ΔͨΊɺඞཁ࠷௿ݶͷൣғͰڞ༗Մೳɻ  ɾ֤1FFS͸νΣʔϯίʔυͷ࣮ߦ݁Ռ͕ଞͷνΣʔϯίʔυ݁Ռͱ 
ɹڝ߹͍ͯ͠ͳ͍͔Λεςʔτ%#Ͱ֬ೝɺݕূ͢Δɻ

1FFSͷػೳʢνΣʔϯίʔυͷ࣮ߦʣ νΣʔϯίʔυ͸Ϗδωε্ͷ৚݅ɺܖ໿ΛϏδωεϩδοΫ  ͱ࣮ͯ͠૷ͨ͠ϓϩάϥϜ w(P w/PEFKT w+BWB ɾεςʔτ%#ʹ͋ΔσʔλΛࢀরॻࠐ͢Δͱ͖͸ΫϥΠΞϯτ͔Β  ɹ5YΛૹ৴ͯ͠νΣʔϯίʔυΛ࣮ߦ͢Δɻ  ɾͭͷωοτϫʔΫ಺ʹෳ਺ͷνΣʔϯίʔυΛ഑ஔՄೳ 
ɾͦΕͧΕͷνΣʔϯίʔυ͸*%Ͱࣝผɻ5YΛૹ৴͢Δࡍʹ*%Λࢦఆ͢Δɻ

0SEFSJOH4FSWJDF wτϥϯβΫγϣϯͷॱং෇͚ͱϒ ϩοΫͷ࡞੒ɺ1FFS΁ͷϒϩοΫ ૹ৴Λߦ͏ wνϟωϧͷ࠶ߏ੒ͱߏங wΫϥΠΞϯτͷΞΫηε੍ޚ w৑௕Խ͸,BGLB;PPLFFQFSͰ࣮ݱ ͍ͯ͠Δɻ,BGLB͕5YΛཷΊࠐΈɺ ϒϩοΫʹͯ͠ૹ৴͢Δɻ;PPLFFQFS
͕෼ࢄγεςϜΛ؅ཧ͢Δɻ  Hyperledger Fabric ೖ໳, ୈ 3 ճ ίϯηϯαε/Ordering Service/Kafka/Zookeeper ".#͸,BGLBͰ͸ͳ͘2-%#ͷٕज़Ͱ଱ٱੑͱ৴པੑΛߴΊ͍ͯΔ

.41 $" w.41 .FNCFSTIJQ4FSWJDF1SPWJEFS   ɾূ໌ॻͷൃߦͱݕূɺϢʔβೝূΛߦ͏  ɾ.41ͷΠϯελϯε͸Ұҙͳ.41*%ʢ.FNCFS*%ʣ  ɹͱඥ෇͚ΒΕΔɻ  ɾ.41৘ใ͕δΣωγεϒϩοΫʹ૊Έࠐ·ΕΔ͜ͱͰɺ 
ɹωοτϫʔΫࢀՃͷೝূΛߦ͍ɺνϟωϧʹࢀՃͰ͖Δɹ w$"  ɾೝূͷͨΊʹඞཁͳূ໌ॻ΍ɺ伴Λൃߦ͢Δ  ɾ".#Ͱ͸ηΩϡΞͳ$"αʔϏεʹ,.4Λ࢖༻ɹɹɹɹɹɹɹɹ

$IBOOFM ୆ாͷڞ༗ൣғΛ੍ޚ͢ΔͨΊͷ  ϒϩοΫνΣʔϯ಺ͷԾ૝ωοτϫʔΫ w1FFS͸ෳ਺ͷνϟωϧʹࢀՃͰ͖Δ w୆ா͸νϟωϧ͝ͱʹ؅ཧ͞ΕΔ w1FFS಺ʹෳ਺୆ா͕͋ͬͯ΋ɺ  ผνϟωϧͷ୆ாʹΞΫηεग़དྷͳ͍ wΫϥΠΞϯτ͕5YΛૹ৴͢Δࡍ͸ νΣʔϯίʔυ*%͚ͩͰͳ͘νϟωϧ
໊΋ࢦఆ͕ඞཁ

&OEPSTFNFOU1PMJDZ ୆ாͷ੔߹ੑΛ୲อ͢ΔͨΊͷ৚݅ wྫ͑͹ɺ୆ாΛࢀর͢Δͱ͖͸͍ ͣΕ͔ͷ&OEPSTFNFOU1FFSͷ ঝೝ͕ͱΕͨΒ5YΛ࣮ߦͰ͖Δ ͕ɺߋ৽࣌͸͢΂ͯͷঝೝΛಘΒΕ ͳ͍ͱ5YΛ࣮ߦͰ͖ͳ͍ɺͳͲɻ wνΣʔϯίʔυΛอଘ͢Δͱ͖ʹ &OEPTFNFOU1PMJDZΛઃఆ͢Δɻ
Hyperledger Fabric ೖ໳, ୈ 2 ճ Peer/νϟωϧ/Endorsement Policy ͷղઆ

σϞ  ʢެࣜυΩϡϝϯτɾνϡʔτϦΞϧʣ

લఏ؀ڥ w๺όʔδχΞϦʔδϣϯ w71$  FOBCMF%OT)PTUOBNF༗ޮ  FOBCMF%OT4VQQPSU༗ޮ w4(ʢ)'$MJFOU"OE&OEQPJOUʣ  ࣗ਎ͷ4(JE͔Β͢΂ͯڐՄ  71$ΤϯυϙΠϯτɺ&$ʹΞ λον
w4(ʢ)'$MJFOU44)ʣ  44)઀ଓݩͷ*1ΛڐՄ  &$ʹΞλον

εςοϓɿωοτϫʔΫͱ࠷ॳͷϝϯόʔ࡞੒ wϑϨʔϜϫʔΫબ୒  )ZQFSMFEHFS'BCSJD wωοτϫʔΫΤσΟγϣϯ  4UBSUFSͰ࡞੒

εςοϓɿωοτϫʔΫͱ࠷ॳͷϝϯόʔ࡞੒ wωοτϫʔΫ໊ w౤ථϙϦγʔ  ঝೝͷ͖͍͠஋  ౤ථظؒʢʙ࣌ؒʣ

εςοϓɿωοτϫʔΫͱ࠷ॳͷϝϯόʔ࡞੒ wϝϯόʔ໊  ϝϯόʔ໊ʹݸผ*%  ωοτϫʔΫ಺ͰҰҙ w)ZQFS-FEHFSGBCSJDೝূہʢ$"ʣ  $"ͷ؅ཧϢʔβ໊ʗύεϫʔυ wl*UNBZUBLFBGFXNJOVUFTzͱॻ ͍͕ͯͨ෼΄Ͳ͔͔ͬͨ

εςοϓɿωοτϫʔΫͱ࠷ॳͷϝϯόʔ࡞੒

w".#ωοτϫʔΫ w0SEFSJOH4FSWJDF w.FNCFS w'BCSJD$" εςοϓɿωοτϫʔΫͱ࠷ॳͷϝϯόʔ࡞੒

εςοϓɿ71$ΤϯυϙΠϯτ࡞੒͓Αͼߏ੒

εςοϓɿ71$ΤϯυϙΠϯτ࡞੒͓Αͼߏ੒ w71$ͷࢦఆ wαϒωοτͷࢦఆ w71$ΤϯυϙΠϯτͷ4(  ࣄલʹ࡞੒͍ͯͨ͠ )'$MJFOU"OE&OEQPJOΛࢦఆ

w71$ΤϯυϙΠϯτ εςοϓɿ71$ΤϯυϙΠϯτ࡞੒͓Αͼߏ੒

εςοϓɿ)ZQFSMFEHFS'BCSJD$MJFOU wࠓճ͸&$Λ)ZQFSMFEHFS'BCSJD$MJFOUʹ࢖༻  ɾ4(͸z)'$MJOFU"OE&OEQPJOUz z)'$MJFOU44)z w&$͸"NB[PO-JOVYͰUTNBMMΛ࢖༻  ɾ%PDLFS؀ڥ  ɾ(Pݴޠ  ɾηοτΞοϓৄࡉ͸ެࣜΨΠυࢀর  ɾσϑΥϧτͷ"84$-*
BXTDMJ ͸  ɹzBXTNBOBHFECMPDLDIBJOίϚϯυz͕ͳ͍ɻཁVQEBUFɻ wదٓɺ*".ϩʔϧ͸ઃఆ  ɾࠓճ͸ݕূͷͨΊ"ENJOݖݶͰ࢖༻

εςοϓɿ)ZQFSMFEHFS'BCSJD$MJFOU $ curl https://ca.m-dxguvikqg5bkbgczei5yusw3ue.n- q7tnhxnbxnaqlabhaueyck75jy.managedblockchain.us-east-1.amazonaws.com: 30002/cainfo -k {"result":{"CAName":"m- DXGUVIKQG5BKBGCZEI5YUSW3UE","CAChain":"LS0tLS1CRUdJTiBDRVJUSUZJQ0FUR
S0tLS0tCk1JSUNzakNDQWxtZ0F3SUJBZ0lVUCtXUjFvVWN3K0tGVVBVNW5jNFlaQ2Z kbGpRd0NnWUlLb1pJemowRUF3SXcKZ2JVeEN6QUpCZ  （中略） WZyU0FUa3hIVlJQQWlBaWE5cVc1a2V3WVJyWgpKUG1zM2JWWitZa25KRDJZd0s5R 0ZMVE1qeHhvQUE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==","Version":" 1.2.1-snapshot-"} ,"errors":[],"messages":[],"success":true} w)'$MJFOU͔Β'BCSJD$"΁ͷ઀ଓ֬ೝ

εςοϓɿ)ZQFSMFEHFS'BCSJD$MJFOU $ go get -u github.com/hyperledger/fabric-ca/cmd/... $ cd /home/ec2-user/go/src/github.com/hyperledger/fabric-ca
$ git fetch $ git checkout release-1.2 Branch 'release-1.2' set up to track remote branch 'release-1.2' from 'origin'. Switched to a new branch 'release-1.2' $ make fabric-ca-client Building fabric-ca-client in bin directory ... Built bin/fabric-ca-client $ cd /home/ec2-user $ git clone https://github.com/hyperledger/fabric-samples.git w$"ΫϥΠΞϯτΛߏ੒ wαϯϓϧϦϙδτϦͷෳ੡

εςοϓɿ)ZQFSMFEHFS'BCSJD$MJFOU （docker-compose-cli.yaml）  $ cat docker-compose-cli.yaml version: '2' services: cli:
container_name: cli image: hyperledger/fabric-tools:1.2.0 tty: true environment: - GOPATH=/opt/gopath - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock - CORE_LOGGING_LEVEL=info # Set logging level to debug for more verbose logging - CORE_PEER_ID=cli - CORE_CHAINCODE_KEEPALIVE=10 working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer command: /bin/bash volumes: - /var/run/:/host/var/run/ - /home/ec2-user/fabric-samples/chaincode:/opt/gopath/src/github.com/ - /home/ec2-user:/opt/home w%PDLFS$PNQPTFΛߏ੒

εςοϓɿ)ZQFSMFEHFS'BCSJD$MJFOU $ docker-compose -f ~/docker-compose-cli.yaml up -d Creating network
"ec2user_default" with the default driver Pulling cli (hyperledger/fabric-tools:1.2.0)... (略) Status: Downloaded newer image for hyperledger/fabric-tools:1.2.0 Creating cli ... done w)ZQFSMFEHFS'BCMJD$MJFOUىಈ

w&$  ɾ%PDLFS  ɾ)ZQFSMFEHFS'BCSJD$MJFOU εςοϓɿ)ZQFSMFEHFS'BCSJD$MJFOU

$ aws s3 cp s3://us-east-1.managedblockchain/etc/managedblockchain-tls-chain.pem /home/ ec2-user/managedblockchain-tls-chain.pem download: s3://us-east-1.managedblockchain/etc/managedblockchain-tls-chain.pem
to ./ managedblockchain-tls-chain.pem $ openssl x509 -noout -text -in /home/ec2-user/managedblockchain-tls-chain.pem  Certificate: Data: Version: 3 (0x2) Serial Number: 36:a8:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:3f:9b Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, ST=WA, L=Seattle, O=Amazon Web Services, Inc., OU=Amazon Managed Blockchain, CN=Amazon Managed Blockchain us-east-1 Root CA Validity  （以下、省略） wূ໌ॻϑΝΠϧΛ࡞੒ɺ಺༰ͷ֬ೝ εςοϓɿ؅ཧϢʔβͷొ࿥

$ fabric-ca-client enroll -u https://devioadmin:'ABC123!'@ca.m- dxguvikqg5bkbgczei5yusw3ue.n-q7tnhxnbxnaqlabhaueyck75jy.managedblockchain.us- east-1.amazonaws.com:30002 --tls.certfiles /home/ec2-user/managedblockchain-tls-
chain.pem -M /home/ec2-user/admin-msp    2019/09/05 22:27:18 [INFO] Created a default configuration file at /home/ec2-user/.fabric- ca-client/fabric-ca-client-config.yaml 2019/09/05 22:27:18 [INFO] TLS Enabled 2019/09/05 22:27:18 [INFO] generating key: &{A:ecdsa S:256} 2019/09/05 22:27:18 [INFO] encoded CSR 2019/09/05 22:27:18 [INFO] Stored client certificate at /home/ec2-user/admin-msp/ signcerts/cert.pem 2019/09/05 22:27:18 [INFO] Stored root CA certificate at /home/ec2-user/admin-msp/ cacerts/ca-m-dxguvikqg5bkbgczei5yusw3ue-n-q7tnhxnbxnaqlabhaueyck75jy- managedblockchain-us-east-1-amazonaws-com-30002.pem w؅ཧϢʔβΛొ࿥  <VIUUQT"ENJO6TFSOBNF"ENJO1BTTXPSE!4BNQMF$"&OEQPJOU"OE1PSU> εςοϓɿ؅ཧϢʔβͷొ࿥

$ cp -r admin-msp/signcerts admin-msp/admincerts w.41ͷূ໌ॻΛίϐʔ  ͜ͷ.41͸ϝϯόʔ؅ཧऀͱͯ͠ػೳ͢ΔͨΊɺূ໌ॻΛίϐʔ͢Δ εςοϓɿ؅ཧϢʔβͷొ࿥

εςοϓɿϐΞϊʔυ࡞੒

wΠϯελϯελΠϓ w";  ϐΞϊʔυ͸";ʹଐ͢ΔͨΊ  Մ༻ੑΛߴΊΔʹ͸ϐΞΛ  ෳ਺";ʹ෼ࢄ͢Δඞཁ͕͋Δ εςοϓɿϐΞϊʔυ࡞੒ w෼ఔ౓Ͱ࡞੒͞ΕΔ

wϐΞϊʔυ  εςοϓɿϐΞϊʔυ࡞੒

$ cat configtx.yaml Organizations: - &Org1 # DefaultOrg defines
the organization which is used in the sampleconfig # of the fabric.git development environment Name: m-DXGUVIKQG5BKBGCZEI5YUSW3UE # ID to load the MSP definition as ID: m-DXGUVIKQG5BKBGCZEI5YUSW3UE MSPDir: /opt/home/admin-msp # AnchorPeers defines the location of peers which can be used # for cross org gossip communication. Note, this value is only # encoded in the genesis block in the Application section context  AnchorPeers: - Host: Port: Application: &ApplicationDefaults # Organizations is the list of orgs which are defined as participants on # the application side of the network Organizations:   Profiles: OneOrgChannel: Consortium: AWSSystemConsortium Application: <<: *ApplicationDefaults Organizations: - *Org1 wνϟωϧߏ੒ϑΝΠϧʢDPOpHUYZNMʣͷ࡞੒ εςοϓɿ)ZQFSMFEHFS'BCSJDνϟωϧΛ࡞੒ Member-ID

$ docker exec cli configtxgen \  -outputCreateChannelTx /opt/home/mychannel.pb \ 
-profile OneOrgChannel -channelID mychannel \ --configPath /opt/home/ 2019-09-06 06:58:32.137 UTC [common/tools/configtxgen] main -> INFO 001 Loading configuration 2019-09-06 06:58:32.139 UTC [common/tools/configtxgen] doOutputChannelCreateTx -> INFO 002 Generating new channel configtx 2019-09-06 06:58:32.139 UTC [common/tools/configtxgen/encoder] NewApplicationGroup -> WARN 003 Default policy emission is deprecated, please include policy specificiations for the application group in configtx.yaml 2019-09-06 06:58:32.140 UTC [common/tools/configtxgen/encoder] NewApplicationOrgGroup -> WARN 004 Default policy emission is deprecated, please include policy specificiations for the application org group m-DXGUVIKQG5BKBGCZEI5YUSW3UE in configtx.yaml 2019-09-06 06:58:32.140 UTC [common/tools/configtxgen] doOutputChannelCreateTx -> INFO 005 Writing new channel tx wDPOpHUYϐΞϒϩοΫͷ࡞੒ εςοϓɿ)ZQFSMFEHFS'BCSJDνϟωϧΛ࡞੒ << νϟωϧ໊

# .bash_profile    export MSP_PATH=/opt/home/admin-msp export MSP=m-DXGUVIKQG5BKBGCZEI5YUSW3UE export ORDERER=orderer.n-q7tnhxnbxnaqlabhaueyck75jy.managedblockchain.us-east-1.amazonaws.com:30001
export PEER=nd-z3gz64hpmvc3no2ysx2d7bxiru.m-dxguvikqg5bkbgczei5yusw3ue.n- q7tnhxnbxnaqlabhaueyck75jy.managedblockchain.us-east-1.amazonaws.com:30003    $ source ~/.bash_profile w؀ڥม਺ઃఆ εςοϓɿ)ZQFSMFEHFS'BCSJDνϟωϧΛ࡞੒

$ docker exec -e "CORE_PEER_TLS_ENABLED=true" \ > -e "CORE_PEER_TLS_ROOTCERT_FILE=/opt/home/managedblockchain-tls-chain.pem"
\ > -e "CORE_PEER_ADDRESS=$PEER" \ > -e "CORE_PEER_LOCALMSPID=$MSP" \ > -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ > cli peer channel create -c mychannel \ > -f /opt/home/mychannel.pb -o $ORDERER \ > --cafile /opt/home/managedblockchain-tls-chain.pem --tls 2019-09-06 10:28:41.260 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized 2019-09-06 10:28:41.397 UTC [cli/common] readBlock -> INFO 002 Got status: &{NOT_FOUND}  （中略）  2019-09-06 10:28:43.555 UTC [channelCmd] InitCmdFactory -> INFO 017 Endorser and orderer connections initialized 2019-09-06 10:28:43.760 UTC [cli/common] readBlock -> INFO 018 Received block: 0   wνϟωϧ࡞੒ εςοϓɿ)ZQFSMFEHFS'BCSJDνϟωϧΛ࡞੒

\ > -e "CORE_PEER_ADDRESS=$PEER" \ > -e "CORE_PEER_LOCALMSPID=$MSP" \ > -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ > cli peer channel join -b mychannel.block \ > -o $ORDERER --cafile /opt/home/managedblockchain-tls-chain.pem --tls  2019-09-06 10:31:34.028 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized 2019-09-06 10:31:34.417 UTC [channelCmd] executeJoin -> INFO 002 Successfully submitted proposal to join channel  wϐΞϊʔυΛνϟωϧʹࢀՃ εςοϓɿ)ZQFSMFEHFS'BCSJDνϟωϧΛ࡞੒

wνϟωϧͷ࡞੒ wϐΞϊʔυͷνϟωϧొ࿥ εςοϓɿ)ZQFSMFEHFS'BCSJDνϟωϧΛ࡞੒

\ > -e "CORE_PEER_LOCALMSPID=$MSP" \ > -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ > -e "CORE_PEER_ADDRESS=$PEER" \ > cli peer chaincode install \ > -n mycc -v v0 -p github.com/chaincode_example02/go 2019-09-06 11:09:59.791 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 001 Using default escc 2019-09-06 11:09:59.792 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 002 Using default vscc 2019-09-06 11:09:59.943 UTC [chaincodeCmd] install -> INFO 003 Installed remotely response:<status:200 payload:"OK" > wνΣʔϯίʔυͷΠϯετʔϧ  <QFFSDIBJODPEFJOTUBMMOνΣʔϯίʔυ໊WόʔδϣϯQύε> εςοϓɿνΣʔϯίʔυͷΠϯετʔϧͱ࣮ߦ

\ > -e "CORE_PEER_LOCALMSPID=$MSP" \ > -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ > -e "CORE_PEER_ADDRESS=$PEER" \ > cli peer chaincode instantiate \ > -o $ORDERER -C mychannel -n mycc -v v0 \ > -c '{"Args":["init","a","100","b","200"]}' \ > --cafile /opt/home/managedblockchain-tls-chain.pem --tls 2019-09-06 11:12:46.285 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 001 Using default escc 2019-09-06 11:12:46.286 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 002 Using default vscc wνΣʔϯίʔυͷΠϯελϯεԽ εςοϓɿνΣʔϯίʔυͷΠϯετʔϧͱ࣮ߦ << -c Initؔ਺ʹ౉͢Ҿ਺

\ > -e "CORE_PEER_LOCALMSPID=$MSP" \ > -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ > -e "CORE_PEER_ADDRESS=$PEER" \ > cli peer chaincode list --instantiated \ > -o $ORDERER -C mychannel \ > --cafile /opt/home/managedblockchain-tls-chain.pem --tls Get instantiated chaincodes on channel mychannel: Name: mycc, Version: v0, Path: github.com/chaincode_example02/go, Escc: escc, Vscc: vscc wνΣʔϯίʔυͷΠϯελϯεԽΛ֬ೝ εςοϓɿνΣʔϯίʔυͷΠϯετʔϧͱ࣮ߦ ESCCʢEndorsement System ChainCodeʣ  ɹɾTxͷϓϩϙʔβϧϨεϙϯεʹॺ໊͢ΔγεςϜνΣʔϯίʔυ  VSCCʢValidation System ChainCodeʣ  ɹɾΤϯυʔεϝϯτΛݕূ͢ΔγεςϜνΣʔϯίʔυ

\ > -e "CORE_PEER_ADDRESS=$PEER" \ > -e "CORE_PEER_LOCALMSPID=$MSP" \ > -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ > cli peer chaincode query -C mychannel \ > -n mycc -c '{"Args":["query","a"]}' 100 εςοϓɿνΣʔϯίʔυͷΠϯετʔϧͱ࣮ߦ wνΣʔϯίʔυͷΫΤϦ

\ > -e "CORE_PEER_ADDRESS=$PEER" -e "CORE_PEER_LOCALMSPID=$MSP" \ > -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ > cli peer chaincode invoke -C mychannel \ > -n mycc -c '{"Args":["invoke","a","b","10"]}' \ > -o $ORDERER --cafile /opt/home/managedblockchain-tls-chain.pem --tls 2019-09-06 11:18:33.984 UTC [chaincodeCmd] chaincodeInvokeOrQuery -> INFO 001 Chaincode invoke successful. result: status:200 εςοϓɿνΣʔϯίʔυͷΠϯετʔϧͱ࣮ߦ wνΣʔϯίʔυͷݺͼग़͠ʢ*OWPLFʣ

\ > -e "CORE_PEER_ADDRESS=$PEER" \ > -e "CORE_PEER_LOCALMSPID=$MSP" \ > -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ > cli peer chaincode query -C mychannel \ > -n mycc -c '{"Args":["query","a"]}' 90 εςοϓɿνΣʔϯίʔυͷΠϯετʔϧͱ࣮ߦ wνΣʔϯίʔυͷΫΤϦʢ*OWPLF݁Ռͷ֬ೝʣ

wνΣʔϯίʔυͷΠϯετʔϧ εςοϓɿνΣʔϯίʔυͷΠϯετʔϧͱ࣮ߦ

εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒ w1SPQPTF*OWJUBUJPO wট଴͢Δ"84ΞΧ΢ϯτ *%Λࢦఆ

εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒ w*OWJUBUJPOఏҊ͕ಧ͘ͷͰɺ1SPQPTBM*%ΛΫϦοΫͯ͠։͘

εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒ w:FTPS/PΛ౤ථ w౤ථঢ়گͷαϚϦ

εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒ wՄܾ͞ΕΔͱผΞΧ΢ϯτ͔Β".#ωοτϫʔΫʹࢀՃͰ͖Δ w࠷ॳͷϝϯόʔʹ͸ৗʹ൪໨ͷϝϯόʔͷট଴ఏҊʹର͢Δ  །Ұͷ౤ථݖ͕͋Δ 

εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒ wΞΧ΢ϯτ#ଆͰ*OWJUBUJPOΛड͚ೖΕɺ".#ωοτϫʔΫ ʹࢀՃ͢Δ ͜Ε͚ͩͰ"84ΞΧ΢ϯτؒʢ૊৫ؒʣͰσʔλϕʔεɺۀ຿ϓ ϩάϥϜʢεϚʔτίϯτϥΫτʣΛڞ༗͢Δ؀ڥ͕Ͱ͖Δ  %JSFDU$POOFDU(8΍71$ϐΞϦϯάͳͲͰ઀ଓ͢Δඞཁ͸ͳ͍

εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒ wωοτϫʔΫʹϝϯόʔΛ࡞੒ w71$ΤϯυϙΠϯτηοτΞοϓ w)ZQFSMFEHFS'BCSJD$MJFOUηοτΞοϓ w؅ཧϢʔβొ࿥ wϐΞϊʔυ࡞੒ w܁Γฦ͠ͳͷͰׂѪ  ʢεςοϓ·Ͱطଘͱಉ༷ʹ࣮ࢪʣ

[ec2-user@Org1 ~]$ mkdir /home/ec2-user/org2-msp [ec2-user@Org1 ~]$ mkdir /home/ec2-user/org2-msp/admincerts [ec2-user@Org1
~]$ mkdir /home/ec2-user/org2-msp/cacerts 何らかの方法で、Org2から以下を取得・Org2のAdmin証明書（Org2 の /home/ec2-user/admin-msp/admincerts 以下）・Org2のルートCA（Org2 の /home/ec2-user/admin-msp/cacerts 以下） [ec2-user@Org1 ~]$ cp Org2AdminCerts /home/ec2/org2-msp/admincerts [ec2-user@Org1 ~]$ cp Org2CACerts /home/ec2/org2-msp/cacerts εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒ wνϟωϧ࡞੒ऀ͸ɺࢀՃऀʢ0SHʣͷ.41ΞʔςΟϑΝΫτΛ࡞੒

$ cat configtx.yaml Organizations: - &Org1 Name: m-DXGUVIKQG5BKBGCZEI5YUSW3UE ID:
m-DXGUVIKQG5BKBGCZEI5YUSW3UE MSPDir: /opt/home/admin-msp  AnchorPeers: - Host: Port:  - &Org2 Name: m-HDN2TMRMCJEHHD27SM2KZY7F2Q ID: m-HDN2TMRMCJEHHD27SM2KZY7F2Q MSPDir: /opt/home/org2-msp AnchorPeers: - Host: Port: Application: &ApplicationDefaults Organizations:   Profiles: TwoOrgChannel: Consortium: AWSSystemConsortium Application: <<: *ApplicationDefaults Organizations: - *Org1  - *Org2 wڞ༗νϟωϧͷνϟωϧߏ੒ϑΝΠϧʢDPOpHUYZNMʣͷ࡞੒ εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒

[ec2-user@Org1 ~]$ docker exec cli configtxgen \ > -outputCreateChannelTx
/opt/home/ourchannel.pb \ > -profile TwoOrgChannel -channelID ourchannel \ > --configPath /opt/home/ 2019-09-07 01:16:02.674 UTC [common/tools/configtxgen] main -> INFO 001 Loading configuration 2019-09-07 01:16:02.677 UTC [common/tools/configtxgen] doOutputChannelCreateTx -> INFO 002 Generating new channel configtx 2019-09-07 01:16:02.678 UTC [common/tools/configtxgen/encoder] NewApplicationGroup -> WARN 003 Default policy emission is deprecated, please include policy specificiations for the application group in configtx.yaml 2019-09-07 01:16:02.678 UTC [common/tools/configtxgen/encoder] NewApplicationOrgGroup -> WARN 004 Default policy emission is deprecated, please include policy specificiations for the application org group m-DXGUVIKQG5BKBGCZEI5YUSW3UE in configtx.yaml 2019-09-07 01:16:02.678 UTC [common/tools/configtxgen/encoder] NewApplicationOrgGroup -> WARN 005 Default policy emission is deprecated, please include policy specificiations for the application org group m-HDN2TMRMCJEHHD27SM2KZY7F2Q in configtx.yaml 2019-09-07 01:16:02.679 UTC [common/tools/configtxgen] doOutputChannelCreateTx -> INFO 006 Writing new channel tx wDPOpHUYϐΞϒϩοΫͷ࡞੒ʢ0SHͰ࣮ߦʣ εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒

[ec2-user@Org1 ~]$ docker exec -e "CORE_PEER_TLS_ENABLED=true" \ > -e
"CORE_PEER_TLS_ROOTCERT_FILE=/opt/home/managedblockchain-tls-chain.pem" \ > -e "CORE_PEER_ADDRESS=$PEER" \ > -e "CORE_PEER_LOCALMSPID=$MSP" \ > -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ > cli peer channel create -c ourchannel \ > -f /opt/home/ourchannel.pb -o $ORDERER \ > --cafile /opt/home/managedblockchain-tls-chain.pem --tls 2019-09-07 01:27:43.173 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized 2019-09-07 01:27:43.284 UTC [cli/common] readBlock -> INFO 002 Got status: &{NOT_FOUND} 2019-09-07 01:27:46.300 UTC [cli/common] readBlock -> INFO 01e Got status: &{NOT_FOUND} 2019-09-07 01:27:46.315 UTC [channelCmd] InitCmdFactory -> INFO 01f Endorser and orderer connections initialized 2019-09-07 01:27:46.522 UTC [cli/common] readBlock -> INFO 020 Received block: 0 wڞ༗νϟωϧΛ࡞੒ʢ0SHͰ࣮ߦʣ εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒

"CORE_PEER_TLS_ROOTCERT_FILE=/opt/home/managedblockchain-tls-chain.pem" \ > -e "CORE_PEER_ADDRESS=$PEER" \ > -e "CORE_PEER_LOCALMSPID=$MSP" -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ > cli peer channel fetch oldest /opt/home/ourchannel.block \ > -c ourchannel -o $ORDERER \ > --cafile /opt/home/managedblockchain-tls-chain.pem --tls 2019-09-07 01:34:07.914 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized 2019-09-07 01:34:07.919 UTC [cli/common] readBlock -> INFO 002 Received block: 0 wδΣωγεϒϩοΫͷऔಘʢ0SHͰ࣮ߦʣ  νϟωϧʹࢀՃ͢Δϝϯόʔ͸ɺνϟωϧͷδΣωγεϒϩοΫΛऔಘ͢Δඞཁ͕͋Δ εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒

"CORE_PEER_TLS_ROOTCERT_FILE=/opt/home/managedblockchain-tls-chain.pem" \ > -e "CORE_PEER_ADDRESS=$PEER" \ > -e "CORE_PEER_LOCALMSPID=$MSP" \ > -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ > cli peer channel join -b /opt/home/ourchannel.block \ > -o $ORDERER --cafile /opt/home/managedblockchain-tls-chain.pem --tls 2019-09-07 01:37:32.066 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized 2019-09-07 01:37:32.295 UTC [channelCmd] executeJoin -> INFO 002 Successfully submitted proposal to join wϐΞϊʔυΛڞ༗νϟωϧʹࢀՃʢ0SH 0SHͷ྆ํͰ࣮ߦʣ εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒

"CORE_PEER_TLS_ROOTCERT_FILE=/opt/home/managedblockchain-tls-chain.pem" \ > -e "CORE_PEER_LOCALMSPID=$MSP" \ > -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ > -e "CORE_PEER_ADDRESS=$PEER" \ > cli peer chaincode install -n mycc -v v0 \ > -p github.com/chaincode_example02/go 2019-09-07 02:05:51.527 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 001 Using default escc 2019-09-07 02:05:51.527 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 002 Using default vscc 2019-09-07 02:05:51.823 UTC [chaincodeCmd] install -> INFO 003 Installed remotely response:<status:200 payload:"OK" > wνΣʔϯίʔυͷΠϯετʔϧʢ0SH 0SHͷ྆ํͰ࣮ߦʣ εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒

[ec2-user@Org1 ~]$ docker exec -e “CORE_PEER_TLS_ENABLED=true” / > -e
“CORE_PEER_TLS_ROOTCERT_FILE=/opt/home/managedblockchain-tls-chain.pem” \ > -e "CORE_PEER_LOCALMSPID=$MSP" \ > -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ > -e "CORE_PEER_ADDRESS=$PEER" \ > cli peer chaincode instantiate -o $ORDERER \ > -C ourchannel -n mycc -v v0 \ > -c '{"Args":["init","a","100","b","200"]}' \ > --cafile /opt/home/managedblockchain-tls-chain.pem --tls \ > -P "AND (‘m-DXGUVIKQG5BKBGCZEI5YUSW3UE.member’,'m-HDN2TMRMCJEHHD27SM2KZY7F2Q.member')" 2019-09-07 02:15:22.821 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 001 Using default escc 2019-09-07 02:15:22.822 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 002 Using default vscc wνΣʔϯίʔυͷΠϯελϯεԽʢ0SHͰ࣮ߦʣ εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒ -P ͸Endorsment policyͷࢦఆ  AND Λࢦఆ͍ͯ͠ΔͨΊɺ͜ͷCC͸྆ϝϯόʔͷঝೝ͕ͳ͍ͱ࣮ߦͰ͖ͳ͍

"CORE_PEER_TLS_ROOTCERT_FILE=/opt/home/managedblockchain-tls-chain.pem" \ > -e "CORE_PEER_ADDRESS=$PEER" \ > -e "CORE_PEER_LOCALMSPID=$MSP" \ > -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ > cli peer chaincode query -C ourchannel \ > -n mycc -c '{"Args":["query","a"]}' 100 wνΣʔϯίʔυͷΫΤϦʢ0SHͰ࣮ߦʣ εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒

"CORE_PEER_LOCALMSPID=$MSP" \ > -e "CORE_PEER_TLS_ROOTCERT_FILE=/opt/home/managedblockchain-tls-chain.pem" \ > -e "CORE_PEER_ADDRESS=$PEER" \ > -e "CORE_PEER_ADDRESS2=$PEER2" \ > -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ > cli peer chaincode invoke \ > -C ourchannel -n mycc -c '{"Args":["invoke","a","b","10"]}' \ > --peerAddresses $PEER \ > --tlsRootCertFiles /opt/home/managedblockchain-tls-chain.pem \ > --peerAddresses $PEER2 \ > --tlsRootCertFiles /opt/home/managedblockchain-tls-chain.pem \ > -o $ORDERER --cafile /opt/home/managedblockchain-tls-chain.pem --tls 2019-09-07 02:30:14.176 UTC [chaincodeCmd] chaincodeInvokeOrQuery -> INFO 001 Chaincode invoke successful. result: status:200 wνΣʔϯίʔυͷݺͼग़͠ʢ0SHͰ࣮ߦʣ εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒

"CORE_PEER_TLS_ROOTCERT_FILE=/opt/home/managedblockchain-tls-chain.pem" \ > -e "CORE_PEER_ADDRESS=$PEER" \ > -e "CORE_PEER_LOCALMSPID=$MSP" \ > -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ > cli peer chaincode query -C ourchannel \ > -n mycc -c '{"Args":["query","a"]}' 90 wνΣʔϯίʔυͷΫΤϦʢ0SHͰ݁Ռͷ֬ೝ࣮ߦʣ εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒

"CORE_PEER_LOCALMSPID=$MSP" \ > -e "CORE_PEER_TLS_ROOTCERT_FILE=/opt/home/managedblockchain-tls-chain.pem" \ > -e "CORE_PEER_ADDRESS2=$PEER2" \ > -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ > cli peer chaincode invoke \ > -C ourchannel -n mycc -c '{"Args":["invoke","a","b","10"]}' \ > --peerAddresses $PEER2 \ > --tlsRootCertFiles /opt/home/managedblockchain-tls-chain.pem \ > -o $ORDERER --cafile /opt/home/managedblockchain-tls-chain.pem --tls 2019-09-07 02:38:12.996 UTC [chaincodeCmd] chaincodeInvokeOrQuery -> INFO 001 Chaincode invoke successful. result: status:200 wνΣʔϯίʔυͷݺͼग़͠ʢ0SHͰ࣮ߦʣ  ͭͷQFFS"EESFTTFTΛࢦఆͤͣʹνΣʔϯίʔυΛݺͼग़ͯ͠ΈΔ εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒

"CORE_PEER_TLS_ROOTCERT_FILE=/opt/home/managedblockchain-tls-chain.pem" \ > -e "CORE_PEER_ADDRESS=$PEER" \ > -e "CORE_PEER_LOCALMSPID=$MSP" \ > -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ > cli peer chaincode query -C ourchannel \ > -n mycc -c '{"Args":["query","a"]}' 90�<< 変わっていない。    ��AND条件のEndorsment policyであるため、  ��一方のPeerにのみで呼び出しても台帳を更新することが出来ないことが確認できた。 wνΣʔϯίʔυͷΫΤϦʢ0SHͰ݁Ռͷ֬ೝ࣮ߦʣ εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒

wڞ༗νϟωϧͷ࡞੒ wڞ༗νϟωϧʹϐΞͷొ࿥ wνΣʔϯίʔυͷΠϯετʔϧ wνΣʔϯίʔυͷΠϯελϯεԽ εςοϓɿผͷ"84ΞΧ΢ϯτΛϝϯόʔʹট଴ͯ͠ڞಉνϟωϧ࡞੒

ࢀߟ "NB[PO.BOBHFE#MPDLDIBJO8PSLTIPQ • https://github.com/aws-samples/non-profit-blockchain

".#ͷ͕ͪ͜͜ΐͬͱ໘౗͍͘͞ ɾڞ༗νϟωϧ࡞੒ऀʹূ໌ॻϧʔτ$"ΛૹΔํ๏͕ϚωʔδυͰ͸ͳ͍  ɾνϟωϧࢀՃऀͷϐΞΞυϨεΛ͢΂ͯࢦఆ͢Δඞཁ͕͋Δ  ɹʢσϞͰ͸͚ͭͩͰྑ͔͕ͬͨɾɾɾʣ  ɾνΣʔϯίʔυ໊ͱόʔδϣϯΛϚωʔδυʹ؅ཧ͢Δ࢓૊Έ͕ͳ͍ [ιχʔɾϛϡʔδοΫ༷ొஃ] Amazon Managed Blockchain
ͷ࢖͍Ͳ͜ΖͱιχʔɾϛϡʔδοΫ༷ʹ͓͚Δ࢖༻ࣄྫʹ͍ͭͯ ʙ ιχʔϛϡʔδοΫ͸ͳͥ AWS ΛબΜͩͷ͔ʁ ԻָͷݖརॲཧͷϒϩοΫνΣʔϯɾγεςϜΛղઆ ʙ

·ͱΊ w҉߸Խʢެ։伴҉߸ɺσδλϧॺ໊ɺϋογϡؔ਺ʣ  ɾॴ༗ݖͷݕূɺվ͟Μ๷ࢭ w11ωοτϫʔΫ  ɾඇதԝूݖԽ  ɾ෼ࢄܕ୆ா wίϯηϯαεΞϧΰϦζϜ  ɾෆਖ਼Λ๷ࢭ͠ɺऔҾͷ࿈ଓੑΛอͭ߹ҙͷख๏ wεϚʔτίϯτϥΫτ 
ɾϒϩοΫνΣʔϯ্Ͱಈ࡞͢ΔϓϩάϥϜ wϒϩοΫνΣʔϯΛࢧ͑Δٕज़

·ͱΊ wίϯηϯαεΞϧΰϦζϜ  ɾ&OEPSTNFOUɺ0SEFSJOHɺ7BMJEBUJPOͷϑΣʔζ w0SEFSJOH4FSWJDF  ɾτϥϯβΫγϣϯΛ·ͱΊͯϒϩοΫΛ࡞Δ  ɾҰൠతʹ͸,BGLB[PPLFFQFS͕ͩɺ".#Ͱ͸2-%#Λ࢖͍ɺߴ଱ٱੑɾߴ৴པੑ wνΣʔϯίʔυ  ɾεϚʔτίϯτϥΫτ  ɾ֤ϐΞͰνΣʔϯίʔυ໊ͱόʔδϣϯΛἧ͑Δඞཁ͕͋Δ
wνϟωϧ  ɾϒϩοΫνΣʔϯ಺ͷԾ૝ωοτϫʔΫɻ୆ா͸νϟωϧ͝ͱʹ؅ཧ  ɾνϟωϧͷ෼཭ͰωοτϫʔΫ಺Ͱ΋ηΩϡΞͳ؅ཧ w)ZQFSMFEHFS'BCSJD

·ͱΊ wͦ΋ͦ΋ϒϩοΫνΣʔϯ͕ඞཁͳͷ͔ΛΑ͘ߟ͑Δ  ɾෆมతͳ୆ாσʔλϕʔε͕ཉ͍͠ͳΒ"NB[PO2-%#  ɾ("ͳΓ·ͨ͠ʂ౦ژϦʔδϣϯͰ΋࢖͑·͢ wϑϨʔϜϫʔΫ  ɾ)ZQFSMFEHFS'BCSJDɹϓϥΠϕʔτνΣʔϯ  ɾ&UIFSFVNɹϓϥΠϕʔτPSύϒϦοΫνΣʔϯɹͨͩ͠$PNJOHTPPO wΤσΟγϣϯͷҧ͍  ɾ4UBSUFSɺ4UBOEBSE 
ɾՁ֨ɺεέʔϧɺར༻ՄೳͳΠϯελϯελΠϓ w௿ίετɺ؆୯ʹߏங  ɾैྔ՝ۚͳͷͰࣦ҆͘ഊͰ͖Δɻ໛ࡧ͍ͯͩ͘͠͞ɻ  ɾ໘౗ͳ෦෼͸ϑϧϚωʔδυɻεϚʔτίϯτϥΫτ։ൃʹूதͰ͖Δɻ w"NB[PO.BOBHFE#MPDLDIBJO

ϒϩοΫνΣʔϯʹݶΒͣͰ͕͢ ϒϩοΫνΣʔϯ͋Γ͖Ͱݕ౼͢Δͱ ͓ͦΒࣦ͘ഊ͢Δ ՝୊Λղܾ͢Δख๏͕ϒϩοΫνΣʔϯ ͳͷ͔ɺΑ͘ߟ͑Δ

AWSではじめるBlockchain/[DevelopersIO 2019 in OSAKA]Blockchain starting with AWS

AWSではじめるBlockchain/[DevelopersIO 2019 in OSAKA]Blockchain starting with AWS

More Decks by maru1981

Other Decks in Technology

Featured

Transcript