Fabric Composer - Participants and Identities

Participants and Identities

A Participant is an actor in a business network. A participant might be an individual or an organization. A participant can create assets, and also exchange assets with other participants. A participant works with assets by submitting transactions.

A participant has a set of Identity documents that can be validated to prove the identity of that participant. For example, an individual may have one or more of the following identity documents that prove who they are:

  • Passport
  • Driving license
  • Fingerprints
  • Retina scan
  • SSL certificate

In order for a new participant to join a business network, a new instance of that participant must be created in the business network. An identity document must then be Issued to that participant. The new participant can then use that identity document to interact with the business network.

Identity documents usually expire after a set period of time. Identity documents may also be lost or stolen. If the identity document expires, or if it needs to be replaced, then it must be Revoked so it can no longer be used to interact with the business network.

These actions are performed by an existing participant in the business network, for example a regulatory body, or a participant in the same organization who has been trusted to manage participants/identities in that organization.

In the IBM Blockchain Framework, the structure of a participant is modelled in a model file. This structure may include various information about the participant, for example the participants name, address, e-mail address, date of birth, etc. New instances of that modelled participant can then be created and stored in a participant registry.

The IBM Blockchain Framework uses Hyperledger Fabric enrollment certificates as identity documents. APIs and command line applications are provided to issue and revoke enrollment certificates to participants that are stored in a participant registry. When transactions are submitted using those enrollment certificates, the participant is identified and is made available for the transaction processor function to use.

Business Network

Create a Business Domain Model
Add a Participant
Issue an Identity to a Participant
Revoke an Identity from a Participant

Participant add command
Identity issue command
Identity revoke command