Governance & Permissions
A decentralized, enterprise-caliber business network requires robust mechanisms for network permissions and access control. Processes need to be available for certain participating organizations (e.g. consortia founders) to maintain heightened levels of control and administrative authority, while tempering the permissions of an onboarded member. These permissions need to be transparent such that subsequently invited participants have full line of sight into the network’s configuration, and they must be static once applied in order to ensure the integrity and status quo of the network. To accommodate these requirements, Kaleido implements an “inherited permissions” approach for externally-invited organizations. This document aims to summarize the currently available permissions and outline the potential ramifications of inviting an organization with one or more permission applied.
NOTE: In order to invite an external organization with limited or rescinded permissions, the inviting organization must be on the Enterprise Membership Plan.
“Signing” nodes participate in IBFT and Proof of Authority (POA) consensus algorithms by casting votes on proposed blocks and appending their digital signatures to the block header. They can best be seen as the network entities ultimately responsible for the integrity and synchronicity of the ledger. The ability to delegate control over the creation of signing nodes is beneficial for a variety of reasons:
First, it may be the case that certain participants simply need a copy of the environment’s chain, but have no need to play a role in its maintenance and state changes.
Secondly, there may be requirements around the level of influence a specific organization can have on the applied consensus algorithm. For example, one organization may have multiple memberships and desire a node for each of its memberships. However, creating every node as a signer could potentially leave that organization as an overly powerful influencer in the algorithm at large.
Lastly, and perhaps most importantly, the ability to create nodes as signers and non-signers allows for far more expansive environments. An environment with 50 nodes all attempting to participate in the consensus process would create an overwhelming number of threads and the traffic would effectively suffocate the algorithm.
- By controlling the number of signers, environments can expand dynamically without fear of exhausting the algorithm’s capability.
In Kaleido every environment is its own unique chain and every network resource (nodes, credentials, services, etc.) exists in the scope of an environment. As such, the ability to create, configure and manage environments is a powerful privilege. In this context the term “manage” refers to the ability to:
- Create and name an environment
- Configure an environment with a choice of node client and consensus algorithm
- Configure an environment with a limited signers parameter enabled
- Upgrade existing environments to new releases
Self explanatory on its surface, the ability to invite external organizations carries with it one important caveat – organizations can only extend the same permissions that they themselves possess. For example, say you as
Organization A invite
Organization B to your network and limit their permissions to “Manage Environments” and “Invite Organizations.”
Organization B could extend subsequent invitations with these same permissions, but they COULD NOT offer the ability to create signing nodes and/or create multiple environments.
A consortium in Kaleido is comprised of a grouping of organizations which have a certain number of memberships tied to them, and all network resources (with the exception of environmental utility services) are distinctly bound to a membership. Allowing multiple memberships enables organizations to have distinct entities for different business units who may desire a unique representation for each of those departments. For example, imagine a large financial institution participating in a consortium designed to streamline trade settlement. They may desire memberships for currencies, commodities and equities.
Smart Contract Management
All consortia have a "shared asset" class, within which you generate and manage smart contract compilations. These compilations are visible to the entire network, along with their corresponding byte code, interfaces and status. The compilations can be subsequently promoted to one or more environments within your business network and will automatically generate REST APIs for the available methods. Smart Contract management allows for network-wide visibility and transparency of the critical on-chain business logic begin called by your applications.