Every year, ArcTouch brings together its employees for a three-day hackathon, where groups set out to prototype an idea using new and emerging technologies. This year, we had many blockchain hackathon projects — and we think this speaks to both the growing interest in blockchain by our staff and the potential for companies to benefit from it.
My group chose to implement an identity verification system built on the blockchain. The idea was to store someone’s proof of age, which a bartender or sales clerk could reference in lieu of a physical ID such as a driver’s license. Since we planned to leverage smart contracts, we opted for an Ethereum blockchain. However, for first-round development, using the public blockchain or even the testnet is not always ideal due to long transaction confirmation times. Instead, we looked at a several options for quickly spinning up a private blockchain.
By far, the easiest approach is to use a cloud service such as Azure to host a private blockchain network. Azure makes the setup particularly easy by providing an Ethereum Blockchain Consortium template, which features a configurable number of both mining and transaction nodes. In three steps, and about 10 minutes, you can set up a fully functioning private blockchain in the cloud (here’s a great Medium post that details this setup).
This particular Azure template however, provides a proof-of-work (PoW) blockchain which, depending on your requirements, may not be the best option for a private blockchain. For example, we opted for a proof-of-authority (PoA) blockchain using Ethereum’s Clique consensus engine that was released last year. This consensus setup works well in a private setting because nodes do not need to compete against each other for the privilege of minting blocks, thus eliminating the processing overhead and energy use that comes with PoW block mining and the ethhash algorithm.
To create our PoA network on Azure, we set up a server instance using the Ubuntu Server 16.04 LTS template to act as our authority node. Since authorities do not require heavy computing resources, we were able to use a smaller virtual machine size (a B1S) with the default options.
Once the virtual machine was provisioned, we set up our authority node using the following steps:
Step 1: Install Ethereum and geth
sudo apt-get install software-properties-common sudo add-apt-repository -y ppa:ethereum/ethereum sudo apt-get update sudo apt-get install ethereum
Step 2: Generate the authority account and transaction account
You’ll generate two accounts — the first of which will be the authority account, and the second will be a prefunded account that can be used to send transactions to the network:
geth --datadir .ethereum/ account new > Address: {6203bb870bfb79438b827de3d6b0070d4d2a5f7b} geth --datadir .ethereum/ account new > Address: {1808adc011f6e970943d3f28f4d285053d9140ac}
Be sure to keep track of the password used to create each account!
Step 3: Create the genesis block
Using puppeth, a CLI tool released with geth 1.6, create and export the definition for your genesis block:
puppeth ... Please specify a network name to administer (no spaces, please) > clique ... What would you like to do? (default = stats) 1. Show network stats 2. Configure new genesis 3. Track new remote server 4. Deploy network components > 2 Which consensus engine to use? (default = clique) 1. Ethash - proof-of-work 2. Clique - proof-of-authority > 2 How many seconds should blocks take? (default = 15) > 15 Which accounts are allowed to seal? (mandatory at least one) > 0x6203bb870bfb79438b827de3d6b0070d4d2a5f7b > 0x Which accounts should be pre-funded? (advisable at least one) > 0x1808adc011f6e970943d3f28f4d285053d9140ac > 0x Specify your chain/network ID if you want an explicit one (default = random) > 42 INFO [02-15|18:24:03] Configured new genesis block
What would you like to do? (default = stats) 1. Show network stats 2. Manage existing genesis 3. Track new remote server 4. Deploy network components > 2 1. Modify existing fork rules 2. Export genesis configuration 3. Remove genesis configuration > 2 Which file to save the genesis into? (default = clique.json) > genesis.json INFO [02-15|18:24:22] Exported existing genesis block
Use the first generated account, the authority, as the “sealer” account, and the second account as the pre-funded account. For the network/chain ID, I’d recommend choosing a value below 1000. The value 1337 is used by dev chains, and we found that higher values (such as those generated when choosing “random”) may lead to problems later on.
Step 4: Start your private Ethereum instance
Initialize and start your authority geth instance:
geth --datadir .ethereum/ init genesis.json geth --nodiscover --networkid 42 --datadir .ethereum/ --unlock 0x6203bb870bfb79438b827de3d6b0070d4d2a5f7b --mine --rpc --rpcapi eth,net,web3 --rpcaddr
Pass the address of the authority to the unlock parameter, and for rpcaddr, use the Private IP address of your virtual machine as displayed in the Azure console Networking settings.
Be sure to create an Inbound security rule for port 8545 in your network security group to allow you to connect to your authority node using the standard web3.js library, or in our case, Nethereum for use with Xamarin.
Result: A functional Ethereum blockchain
The above process takes about 20 minutes, and results in a fully functional, private PoA Ethereum blockchain in the cloud. This environment is ideal for decentralized application (DApp) proof-of-concept development, and provides fast and free transactions.
You could easily include other virtual machines in the setup to act as dedicated transaction nodes or additional authority nodes for a more representative network. But developing a proof-of-concept is only one step toward developing a full commercial blockchain solution. DApp security is a notoriously complex topic, and deploying to a public testnet for testing real world scenarios and verifying correct operation is critical.
Integrating your blockchain-based back end with a mobile app front end also requires some solid strategy. Blockchain presents a unique user experience challenge, in that transactions may take many minutes to confirm depending on the gas price you are willing to pay.