调用链码时出错:签名集不符合策略

时间:2019-03-06 10:53:24

标签: hyperledger-fabric hyperledger blockchain hyperledger-chaincode

我在Hyperledger Fabric 1.4中建立了一点网络,这与示例中的基本网络非常相似。 它具有:

一个与订购者同行的订购者组织 一个拥有两个同行的医院组织。 医院同龄人所在的单一渠道。

我试图编写一个非常简单的演示智能合约/链码并调用它。 (智能合约称为bananascc)

我从与peer0.hospital1.health.com对等方关联的docker容器cli / bin / bash运行,我成功安装并实例化了:

peer chaincode install -n bananascc -v 1.0 -l node -p /opt/gopath/src/github.com/chaincode/chaincode_bananas/node

peer chaincode instantiate -o orderer.health.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/health.com/orderers/orderer.health.com/msp/tlscacerts/tlsca.health.com-cert.pem -C hospital1channel -n bananascc -l node -v 1.0 -c '{"Args":["init","edo","100"]}' -P "OR ('Hospital1MSP.admin', 'Hospital1MSP.peer' )"

使用政策-P "OR ('Hospital1MSP.admin', 'Hospital1MSP.peer' )"

但是当我尝试调用chaincode时,事务成功发送,但是操作没有执行,因为我得到了

peer0.hospital1.health.com    | 2019-03-06 10:36:44.525 UTC [vscc] Validate -> ERRO 07e VSCC error: stateBasedValidator.Validate failed, err validation of endorsement policy for chaincode bananascc in tx 6:0 failed: signature set did not satisfy policy

peer0.hospital1.health.com    | 2019-03-06 10:36:44.525 UTC [committer.txvalidator] validateTx -> ERRO 07f VSCCValidateTx for transaction txId = d6726e0b2daf11d0e3ef24e86fa0e7a5530f2d98dcc4ad1f0d266ca642be1ee3 returned error: validation of endorsement policy for chaincode bananascc in tx 6:0 failed: signature set did not satisfy policy

我认为必须根据有效的签名集对交易进行评估,但是我无法理解在哪里可以指定该签名,或者根据VSCC为什么它应该是错误的。

如果有人可以帮助我解决问题,我将非常高兴。我已经广泛地寻找了一个我找不到的答案。

让我知道您是否需要有关此问题的其他信息。

非常感谢您。

2 个答案:

答案 0 :(得分:0)

The problem is probably caused by the order of instantiating the policies.

Can you simply swap the declaration to:

peer chaincode instantiate -o orderer.health.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/health.com/orderers/orderer.health.com/msp/tlscacerts/tlsca.health.com-cert.pem -C hospital1channel -n bananascc -l node -v 1.0 -c '{"Args":["init","edo","100"]}' -P "OR ('Hospital1MSP.peer','Hospital1MSP.admin')"

To avoid this pitfall, identities should be specified from most privileged to least privileged in the policy identities specification, and signatures should be ordered from least privileged to most privileged in the signature set.

Read here: https://hyperledger-fabric.readthedocs.io/en/release-1.4/policies.html

答案 1 :(得分:0)

如果只有一个组织,则没有必要制定一项政策(仅在组织之间使用),所以我删除了它,并成功了!

我的代码行:

peer chaincode instantiate -o orderer.orgX.com:7050 --tls $CORE_PEER_TLS_ENABLED --cafile $ORDERER_CA -C $CHANNEL_NAME -n mycc -l ${LANGUAGE} -v 1.0 -c '{"Args":["init","a","100","b","200"]}'  >&log.txt