Re: Need to know on network map
toggle quoted messageShow quoted text
Our network is not a democratic network so we don’t have the philosophic issue of power struggle. The participants in the network are strictly managed and signed roles to play. We use both centralized application/server and Corda to take the advantage of both: the centralized application manages complicated business relationships, business processes, roles, and identity; the trading activity happen on Corda and therefore we gain the shared ledger and traceability.
Revealing IP would not be ok in our network as it is too easy to guess or to programmatically figure out the identity should there be bad actors in the network. We have banking accounts of our participants connected with the network too so we need to be very careful.
Regarding corporate firewalls, we could possibly request all nodes of the corporate participants being installed on a web server outside the firewall so we don’t have to worry about fighting with different versions of corporate firewalls. If we do that, the nodes will have to interact with each other on HTTP instead of RPC right? I recall Corda implemented HTTP too. Our current code is using RPC calls.
So is there still anything in Corda we can leverage to implement our Private Network Dispatcher? Or maybe we could take Corda’s Network Map and modify the code and make it fit in our scenario? If that is doable, what about future Corda upgrades? If that is not doable, how about we simply just develop a piece of software on our own that will feed each node the contact info of their counterparties on-demand? Is this approach going to break anything in Corda though so it will give us headache when Corda updates in the future?
From: email@example.com <firstname.lastname@example.org> On Behalf Of Mike Hearn via Groups.Io
If you're running your own network, you could initialise every node with a randomised Corda identity that gives away nothing about who they are, e.g. is a UUID. Then you implement your own protocol (or flow) to resolve user input to that randomised identity. The resolution must return zero results if the user input is even slightly wrong, for the reasons discussed above, so your own notion of business identity would need to be constructed with that in mind (e.g. check digits, if using numbers).