Bringing a Better Performing Hyperledger Besu, Orion, and EthSigner

The latest release of Hyperledger Besu is now available for download. The 1.4 version offers better performance and improved enterprise functionality.

Since the release of v1.3 in October 2019, the PegaSys team has been heads down working towards delivering improvements to open source projects, including Hyperledger Besu, Orion, and EthSigner. These improvements have made the platforms even more reliable, scalable, and easy to use for both mainnet and enterprise. This work also demonstrates our team’s commitment to improving open source projects in addition to our work on PegaSys Plus and launch of PegaSys Orchestrate.

In the v1.4 release those improvements are reflected in the addition of the following features:

Hyperledger Besu:

New Plugin APIs to help you connect your blockchain network to the rest of your infrastructure with ease

New Tracing APIs to help improve compatibility with other Ethereum clients

Multi Tenancy to allow for more than one user on the same Ethereum node

End to End Encryption with TLS to ensure the entire lifecycle of your transaction is secure

Sync time improvements

EthSigner:

Advanced Key Management through EthSigner

Orion:

Add and remove members from privacy groups* (Coming in March 2020)

Download the latest version of Hyperledger Besu, and learn more about each feature upgrade below.

Hyperledger Besu

New Plugin APIs

The addition of Plugin APIs in Hyperledger Besu enable users to take data from any Besu network, public or permissioned, and feed it into the rest of their application and systems easily.

The API exposes data about the the following components:

Blocks Execution Results

Smart Contracts Logs

Syncing State Balances

Transactions Transaction Pool

To learn more about the Plugin API feature, like why we chose Plugins over JSON RPC or how to setup your own plugins, watch the webinar recording on this feature here.

New tracing APIs

Hyperledger Besu v1.4 also supports a new tracing API: trace_replayBlockTransaction. Adding this particular API is a big step in the direction towards Besu being fully compatible with all clients on the Ethereum network, helping to further bridge the gap between Hyperledger and Ethereum. In particular, the new tracing APIs, enable the use of Parity-style traces, which are a more concise alternative to the current debug_* APIs in Besu.



Specifically, the vmTrace option provides an operation by operation trace of EVM execution, the stateDiff option highlights the differences in account and storage state before and after the transaction and the trace option details every type and result of calls to account and contracts.



More Parity-style traces will soon be added to Besu as well. Next scheduled are trace_block and trace_transaction.

Multi-Tenancy - Secure Private Transactions in a shared environment

Besu v1.4 will be able to run in a “Multi-tenant environment”, allowing a number of users to use the same Ethereum node to connect to the network. The Hyperledger Besu multi-tenancy support enables a much wider user base to make use of the blockchain technology, reducing the barriers to entry associated with learning, upskilling, and additional costs associated with making use of blockchain.

Support for authenticated API access will also be given, allowing hosts custom control on who to grant access to, depending on the users’ need. This coupled with Orion, the open-sourced, Apache 2.0 licensed private transaction manager, enables private transactions to take place all while ensuring only the correct recipient can access the data. Through the use of JWT tokens, a user identity is tied to a privacy identity, validating every API call to ensure the user is part of the privacy group before any data is revealed.

End to end encryption with TLS

While blockchain delivers significant security benefits, encryption is still critical across the transaction lifecycle. Besu will offer end to end encryption with TLS, meaning all communication from the generation of the private transaction to its signature using private keys stored in secure vaults (e.g. Hashicorp Keyvault), transmission through private transaction managers, and arriving at another node is encrypted.

EthSigner

Advanced Key Management

The latest release also includes additional key management functionality through EthSigner. By design, Hyperledger Besu does not allow keys to be stored in the client or node. You have to use an external key manager. In this release, multi-Key support has been added. This support allows for a number of private keys to be securely stored in vaults accessible only when needed to be used for signing a transaction.

This advanced option adds the capability to select the correct key based on the details of transactions, regardless of where those keys are stored, allowing for rotation of keys and further security.

Orion

Finally, coming next month, the private transaction manager, Orion, will include adding and removing members from privacy groups. This new membership feature gives permissioned networks using Besu and Orion increased flexibility with how they set up their networks. Look out for more information soon on this feature.

Download the latest version of Hyperledger Besu below.

Interested in learning more, or curious on how to get started with Hyperledger Besu? Check out the Besu docs, view the tutorials, check out our YouTube, visit the wiki, or take a look at some open issues in JIRA.



Those looking to interact one-on-one with Besu developers and contributors can join the conversation on Rocketchat at #besu, or join our regular contributor calls.