具有机密身份的Observer节点

Question

我已经开始使用Observer节点（https://docs.corda.net/tutorial-observer-nodes.html）进行一些测试，我刚刚建立了以下简单场景：

1. 监管机构发行10.POUNDS到银行A（CashIssueAndPaymentFlow）
2. 银行A使用机密身份向银行B发送4.POUNDS（CashPaymentFlow，anonymous = true）
3. 在子流程中，Bank A同步身份（IdentitySyncFlow）并将事务（SendTransactionFlow）报告给Regulator

当我查询Regulator库时，它无法将Bank B识别为4.POUNDS的所有者，也就是说，它无法使用wellKnownPartyFromAnonymous（）来解析身份：

6.00 GBP, owner=C=BR,L=Sao Paulo,O=BankA
4.00 GBP, owner=Anonymous(DLEg4Kqd7dwcGqkMrJEWoxugT61SoYKzxqpcMBKbMGXu3q)

也许我错过了什么？

  

按照代码：

object TransferCashFlow {

    @InitiatingFlow
    @StartableByRPC
    class Initiator(val amount: Amount<Currency>, val otherParty: Party, val regulator: Party) : FlowLogic<SignedTransaction>() {

            @Suspendable
            override fun call(): SignedTransaction {
                val tx = subFlow(CashPaymentFlow(amount, otherParty, true)).stx
                subFlow(ReportFlow.Initiator(regulator, tx))
                return tx
            }
    }
}

object ReportFlow {

    @InitiatingFlow
    class Initiator(val regulator: Party, val tx: SignedTransaction) : FlowLogic<Unit>() {

        @Suspendable
        override fun call() {

            val regulatorSession = initiateFlow(regulator)
            subFlow(IdentitySyncFlow.Send(regulatorSession, tx.tx))
            subFlow(SendTransactionFlow(regulatorSession, tx))
        }
    }

    @InitiatedBy(Initiator::class)
    class Responder(private val otherPartySession: FlowSession) : FlowLogic<Unit>() {
        @Suspendable
        override fun call() {

            subFlow(IdentitySyncFlow.Receive(otherPartySession))
            subFlow(ReceiveTransactionFlow(otherPartySession, true, StatesToRecord.ALL_VISIBLE))
        }
    }
}

Answer 1

按照设计，$formIsValid = $this->orderForm->isValid(); 将仅通过证书发送属于发送节点的交易中的机密身份。请参阅IdentitySyncFlow.Send中extractOurConfidentialIdentities()的定义：

IdentitySyncFlow

倒数第二行确保节点不发送任何不属于自己的身份证书。这是为了防止节点欺骗对方发送一堆机密身份。

如果您要发送所有机密身份，则必须根据private fun extractOurConfidentialIdentities(): Map<AbstractParty, PartyAndCertificate?> { val states: List<ContractState> = (tx.inputs.map { serviceHub.loadState(it) }.requireNoNulls().map { it.data } + tx.outputs.map { it.data }) val identities: Set<AbstractParty> = states.flatMap(ContractState::participants).toSet() // Filter participants down to the set of those not in the network map (are not well known) val confidentialIdentities = identities .filter { serviceHub.networkMapCache.getNodesByLegalIdentityKey(it.owningKey).isEmpty() } .toList() return confidentialIdentities .map { Pair(it, serviceHub.identityService.certificateFromKey(it.owningKey)) } // Filter down to confidential identities of our well known identity // TODO: Consider if this too restrictive - we perhaps should be checking the name on the signing certificate in the certificate path instead .filter { it.second?.name == ourIdentity.name } .toMap() } 定义您自己的流量，而IdentitySyncFlow不会执行此过滤。