Re: Why shouldn't print chaincode logging to peer in production? #fabric-chaincode-evm

Hubert Z

Thanks for the reply from Brett Logan that,

You could leak sensitive information about your orgs data into the logs of a peer not owned by your org. Malicious actors who compromise enough of the network to replace your Chaincode could then use the Chaincode to grab as much information as they can via the logs from the peers they've compromised.

As the above reply, does it mean that it is okay if the chaincode log doesn't include sensitive information? I have following questions from Brett's reply,
1. The peer of other orgs cannot be controlled by my org, so that I couldn't know if other peers configuration is "CORE_VM_DOCKER_ATTACHSTDOUT=true" or not, so I could only make sure the chaincode log won't have any sensitive information, right?
2. Could it still have sensitive information appeared in the log of a chaincode container, if I didn't implement any logging functions? Could you explain more details of the probable data leakage from chaincode logging?
3. If the malicious actors who could replace my chaincode, they can just get the log from chaincode containers which running in their peers, even they could use the malicious chaincode to grab any data they want, that shouldn't be the problem of logging, but the security problem of Hyperledger Fabric authentication and endorsement?
Thanks again.
Best Regards,

Join to automatically receive all group messages.