Peer Permissioning in Quorum
Quorum is an open-source blockchain platform that is built on Ethereum. It is designed for use in permissioned blockchain networks, where the participants are known and trusted. Peer permissioning is an important concept in Quorum, as it allows for the control of which nodes are allowed to participate in the network.
There are several options for peer permissioning in Quorum, including:
- ACLs (Access Control Lists): ACLs can be used to control access to Quorum nodes. The
consul acl bootstrap
command can be used to create a bootstrap token, which is a management token with unrestricted privileges. This token is shared with all the servers in the quorum, and is added to the state store. - Raft Consensus Algorithm: Quorum uses the Raft consensus algorithm for leader election and quorum management. A Raft cluster must share the same seal configuration, and all servers participate as part of the peer set. When an API request arrives at a non-leader server, the request is forwarded to the leader.
- Peer Sets and Quorum: A peer set is a group of nodes that are allowed to participate in the network. Quorum requires at least (N/2)+1 members to form a quorum, where N is the number of members in the peer set.
- Disaster Recovery: In instances of unexpected failure, both Consul and Vault can recover from quorum loss. For large deployments that need to scale reads without impacting write latency with too many voting servers in the quorum, the non-voting or read replication feature available in the Enterprise or HCP editions can be used.
Here is an example of how to create a bootstrap token in Quorum using ACLs:
consul acl bootstrap
This will create a bootstrap token with unrestricted privileges, which is shared with all the servers in the quorum and added to the state store.
Here is an example of how to create a Raft cluster in Quorum:
vault operator raft join 10.0.101.22:8201
This will add a new node to the Raft cluster, which must share the same seal configuration.
Here is an example of how to create a peer set in Quorum:
quorum peers add node1
quorum peers add node2
quorum peers add node3
This will add three nodes to the peer set, which requires at least two nodes to form a quorum.
For more information, please see the following resources:
- Quorum documentation
- Go-Ethereum documentation
- Consul documentation on ACLs
- Vault documentation on Raft and quorum management
- Quorum tutorial on lost quorum recovery
I hope this helps! Let me know if you have any questions.