AWS Partner Network (APN) Blog
Making Blockchains Interoperable and Agile with HCLTech’s CoTrust Platform and AWS
By Shivendra Yadav, Product Lead, Digital & Analytics Services – HCLTech
By Vikram Sharma, Sr. Technical Architect, Digital & Analytics Services – HCLTech
By Abhishek Soni, Partner Solutions Architect at AWS
Blockchain is being compared with the “network of networks,” and rightly so as the traits between both are similar.
When the internet first came into existence, usage was minuscule but the promise was to connect the world. We see the same traits with blockchain—different platforms coming in with different functionality and less interoperability.
Bitcoin did a fantastic job in connecting the network, but then came Ethereum, ripple, Litecoin, Tether, and the list goes on. Like the crypto space, blockchain has multiple platforms in the enterprise domain as well.
The introduction of more technology platforms gives users choice but also increases the siloes. To make a blockchain network work in an enterprise, there has to be a glue which sticks all of these platforms together.
In this post, we will discuss the blockchain framework that can help achieve interoperability among the blockchain platforms, and how to deploy the same on Amazon Web Services (AWS) to make it more agile and scalable.
HCLTech, an AWS Premier Tier Services Partner with multiple AWS Competencies including DevOps and Migration, has built a highly scalable, cost-effective, and easy-to-integrate blockchain platform called CoTrust that is architected to deploy on AWS.
The Interoperability Pertinence
Blockchain is driven by inter-organizational networks and not every organization uses the same blockchain platform. It’s therefore imperative that blockchain networks should interoperate. Another reason for interoperability is different consensus mechanisms used by different platforms.
The most common consensus mechanisms like Proof of Work (PoW) and Proof of Stake (PoS) are slow by design and can handle few transactions per second. This is not suitable for a scaled deployment, but there are blockchain platforms which use different consensus mechanism to solve this aspect.
Creating interoperability between platforms gives the organization a choice in selecting the best blockchain platform based on transaction handling capability rather than sticking to a platform which is low in transaction processing speed.
Interoperability is required in many places where there’s an exchange of data in the value chain, such as financial services, manufacturing, logistics, and even healthcare where patient records are exchanged to provide better services.
Before an enterprise takes the journey towards blockchain, they must understand the purpose, use case, and viability of the platform in the long run.
Blockchain is still finding a sweet spot to interconnect, and there are multiple ways—cross-chains, proxy tokens, sidechains, and swaps—that enables interconnection among different blockchain networks. Still, interconnecting is not simple and requires a tremendous effort to reach to a constructive level.
Solving Interoperability Using the CoTrust Blockchain Platform
HCLTech’s CoTrust is a managed blockchain application platform which provides scaffolding services on top of various blockchain engines. These prebuilt services help developers quickly create blockchain use cases without worrying about the nuts and bolts of getting the blockchain environment ready for development.
The representation below depicts the overall CoTrust Blockchain Platform.
Figure 1 – HCLTech’s CoTrust Blockchain Platform.
CoTrust is a blockchain platform that supports multiple blockchain engines. These are part of its foundation layer, which comprises preconfigured services that interact with the blockchain engines.
The layer above are the services which facilitate transaction execution and manage the certificates and keys necessary for making those transactions happen. The top layer is where users are provided with the interface (or APIs, as needed) to authenticate themselves and submit the transactions.
For testing out a sample use case, a scaled down version of the CoTrust Blockchain Platform is available on AWS Marketplace. Using the same, you can easily create a two node blockchain network on Hyperledger with the use of a single command with certain administration services as part of the package.
Figure 2 – CoTrust on AWS reference design.
Blockchain Interoperability Using CoTrust
CoTrust comes with its own interoperability solution to address the challenges of running transactions across different networks. CoTrust logically groups various disparate networks, which work independently and may have been incompatible to be connected with each directly.
Figure 3 – CoTrust blockchain network.
Let’s take a look at couple of examples where a user is trying to interact with two different blockchain platforms using CoTrust, which enables transaction execution among disparate networks by allowing them to use CoTrust Node/Account as a bridge or custodian between networks.
Scenario 1: Transaction Over Multiple Networks Using Single CoTrust Instance
In this scenario, there are two separate blockchain networks running on two different blockchain platforms. CoTrust is managing both of the networks where a user is submitting two transactions on two different networks using CoTrust interface.
The user submits transaction A to add an asset in Network X and transaction B to add another asset in Network Y.
- CoTrust submits the transaction A to Network X and signs using the keys for that network, and then submits Transaction B to Network Y by signing using that network’s keys. The hashes of both the transaction and network is stored in the transaction store for offline access or to be used for confirmation later.
- CoTrust’s support for multiple blockchain engines ensures these networks can be any or same blockchain engines.
Figure 4 – Transaction over multiple networks using single CoTrust instance.
Scenario 2: Transaction Between Different Networks Using CoTrust
In this scenario, User X is transferring some amount to User Y and both of them are sitting on two different networks. CoTrust will use its wallet services to execute this transaction.
- CoTrust will move asset from Customer A/c to CoTrust A/c in Network X, and at the same time create an asset in Network Y with link to the transaction hash from Network X. The complete transaction is also stored in transaction store for offline access and can be used for validation/auditing later.
- Similar strategy is used by CoTrust for transaction within same network but different subgroups (channels).
- CoTrust’s support for multiple blockchain engines ensures these networks can be any or same blockchain engines.
- This scenario mostly occurs in case of supply chain where traceability needs to be accomplished, but Tier 1 supplier of a part/asset are not comfortable revealing their Tier 2 suppliers to the buyers or others on the network. Use of CoTrust provides them with easy-to-do transactions, and transfer assets from one channel/subnetwork to other without revealing their source from the last network.
Figure 5 – Transaction between different networks using CoTrust.
Reference Design on AWS for Interoperability Solution
Following is the CoTrust reference design on AWS for the interoperability solution. HCLTech chose AWS as its cloud platform for proven advantages. AWS lets you create a globally scalable and easy-to-deploy solution in a matter of few clicks.
In Distributed Ledger Technology (DLT) functionality, you need a low latency and scalable platform which can handle multiple nodes at the same time in terms of data distribution. Amazon Elastic Container Service (Amazon ECS) provides the capability to provision and decommission nodes quickly and saves operational costs in the process.
Figure 6 – CoTrust reference design on AWS.
At the bottom layer, CoTrust has support for multiple blockchain engines. The supported engines include AWS Managed Blockchain (Hyperledger Fabric), Ethereum, R3 Corda, and Hyperledger Fabric. AWS Managed Blockchain provides lot of scaffolding services on top of standard Hyperlegder and Ethereum, which makes it easy to integrate and deploy with other services in the blockchain network.
The platform services layer has microservice-based architecture. These are services which facilitate transaction execution, and are also responsible for interacting with certificate and identity management systems, transaction store, and integrating with other enterprise systems such as ECM and ERP.
Following is the list of modules from platform services:
- Administration services
- Transaction services
- Security services
- Auditing services
Certificate and Identity Management
This layer manages the CoTrust instance’s relationship with certificate authorities and the identities that CoTrust uses in communicating with blockchain engines and other external entities.
Responsibilities of this layer include:
- Determining the level of trust CoTrust has for certificate authorities (CAs) that have signed certificates.
- Determining parent certificates used for certificates signed by CoTrust.
- Determining the certificates and identities that CoTrust uses to interact with blockchain and other external entities.
This information in regards to the CAs, their whitelisting, and the identities (information and secret keys ) associated/enrolled with the CAs are stored as part of the Certificate and Identity Management database.
The CoTrust platform utilizes Amazon DynamoDB for its key-value and document data structures. The platform also has support for using AWS Key Management Service (KMS) in its future roadmap.
The CoTrust platform also supports LDAP integration for user management. The biggest reason for going with DynamoDB is its serverless capability and light setup, along with millisecond response time which is necessary when looking at a global scale of deployment.
Web and API Interface
This layer is where users are provided with the interface (or APIs, as needed) to authenticate themselves and submit the transactions. This layer also offers integration with LDAP for user authentication and role mapping (if required).
This module stores the transaction hash for all of the transactions in a database that are independent of the blockchain ledger. Transaction store uses DynamoDB to store the transaction hashes offline for the transactions. DynamoDB is also used for its NoSQL features, including document database service and ease of scalability.
Transaction store is particularly helpful in case of auditability for the transactions, and for user interface development to quickly access a particular transaction using the hash/transactionID stored in transaction store.
HCLTech thrives on providing effective yet easy-to-deploy solutions keeping in mind the economics of the solution as well.
With a combination of CoTrust and AWS services, customers can solve their interoperability and blockchain deployment challenges effectively. Contact HCLTech to learn more, and you read more about CoTrust and HCLTech capabilities in blockchain space in these resources:
HCLTech – AWS Partner Spotlight
HCLTech is an AWS Premier Tier Services Partner. With a dedicated cloud-native business unit, HCLTech builds and provides enterprise cloud computing solutions on the AWS platform.