Chaincode reverse engineer


Kimheng SOK
 

Hi all,

Until now is there any incident related to reverse engineer chaincode to get credentials ?
Can we do the reverse engineer or not?

Bests,


Alessandro Sorniotti
 

Kimheng

What kind of reverse engineering are you considering? Under fabric's security model, the chaincode package is only shared among the expected set of orgs. The chaincode package actually contains the sources of the chaincode and so there's no real reverse engineering necessary to discover the chaincode logic and/or any secrets that might be embedded in it.

External entities and not authorised entities are not expected to receive the chaincode in any form and this assumption should hold, especially if the chaincode embeds secrets.

Finally: entities who can invoke the chaincode may work out part of its business logic by analysing the responses they receive. If no response is received and state updates are encrypted or hashed, no significant leakage is expected.

Hope it helps.

Cheers,
Ale

On Mon, 12 Nov 2018, at 10:13 AM, Kimheng SOK wrote:
Hi all,

Until now is there any incident related to reverse engineer chaincode to
get credentials ?
Can we do the reverse engineer or not?

Bests,



Kimheng SOK
 

Hi,

First of all, I think that the chaincode was compile from source code to some form of binary code and host in the blockchain infrastructure (file or Database), and someone could access to it (Peer) and can do the reverse engineer to see the credential inside the chaincode.

But now I am learning from the documentation that, each chaincode need to be installed in each peer and than instantiate to the channel, so the secret needs to keep by the consortium  of the organizations who wrote and used that chaincode inside their peers, so the security is about protecting their infrastructure from unauthorized outsider. 

Bests,

On Wed, Nov 14, 2018 at 5:45 PM Alessandro Sorniotti <ale.linux@...> wrote:
Kimheng

What kind of reverse engineering are you considering? Under fabric's security model, the chaincode package is only shared among the expected set of orgs. The chaincode package actually contains the sources of the chaincode and so there's no real reverse engineering necessary to discover the chaincode logic and/or any secrets that might be embedded in it.

External entities and not authorised entities are not expected to receive the chaincode in any form and this assumption should hold, especially if the chaincode embeds secrets.

Finally: entities who can invoke the chaincode may work out part of its business logic by analysing the responses they receive. If no response is received and state updates are encrypted or hashed, no significant leakage is expected.

Hope it helps.

Cheers,
Ale

On Mon, 12 Nov 2018, at 10:13 AM, Kimheng SOK wrote:
> Hi all,
>
> Until now is there any incident related to reverse engineer chaincode to
> get credentials ?
> Can we do the reverse engineer or not?
>
> Bests,
>
>
>




Alessandro Sorniotti
 

But now I am learning from the documentation that, each chaincode need to
be installed in each peer and than instantiate to the channel, so the
secret needs to keep by the consortium of the organizations who wrote and
used that chaincode inside their peers, so the security is about protecting
their infrastructure from unauthorized outsider.
This interpretation is correct: the chaincode package (basically the sources of the chaincode) is only shared among the set of nodes that will later be required to endorse its invocations. This may be any non-empty subset of peers in the channel. These peers would be tasked to protect their infrastructure to avoid any non-authorised party from obtaining the chaincode sources/binary.

Ale