Why do only ADMIN users in Hyperledger Fabric have the permission to install query in chaincode

+16 votes

I read in Node SDK Tutorial the following lines:

User identities provisioned this way are only of the MEMBER role, which means it won't be able to perform certain operations reserved for the ADMIN role:

create/update channel
install/instantiate chaincode

query installed/instantiated chaincodes

For these privileged operations, the client must use an ADMIN user to submit the request.

Calling an ADMIN user only for query will cause extra latency in the network response instead of other MEMBER users ( reducing the load on one user that is ADMIN user ) in a given channel. Then why only ADMIN has the permission to query installed/instantiated chaincodes? Isn't it better if other members also had this permission?

Apr 3, 2018 in Blockchain by Johnathon
 • 9,090 points 3,935 views

4 answers to this question.

+2 votes
Best answer

It was already decided that installing chaincode on individual peers should be an "administrative action". In keeping with that, it made sense that actually querying a peer for the chaincodes which are installed and running on the peer should be administrative actions as well.

The access control model is currently being updated which will allow you to set the access control policies for these APIs.

answered Apr 3, 2018 by Perry
 • 17,100 points
selected Jul 27, 2018 by Omkar
+3 votes
The main intention of hyperledger is to provide confidential transactions. Chaincode contains sensitive information such as business logic. The main purpose of hyperledger would not be satisfied if any user could install or instantiate a query in chaincode. Hence, for now, only the Admin has the permission to install and/or instantiate queries.
answered Jun 26, 2018 by Omkar
 • 69,220 points
+2 votes
Only the Admin has permission to install query because if every user was given this privilege, there could be misuse and compromise in the security on the Fabric. So looking from the security perspective, giving only the admin these privileges would be the best way to maintain the integrity and security.
answered Jul 27, 2018 by Vicky
0 votes
Installing a query in chaincode is an important task. There are many nodes in the network and most of whose identity is not revealed. Giving such permissions to any nodes in the network would be a problem if the node is malicious. That's why only admins have the permission to do this.
answered Apr 25, 2019 by Tina

Related Questions In Blockchain

0 votes
1 answer

How to install chaincode in new Org in hyperledger fabric?

To do this, first enter you cli ...READ MORE

answered Nov 22, 2018 in Blockchain by Omkar
 • 69,220 points 1,474 views
0 votes
1 answer

How to set chaincode path in Hyperledger Fabric?

For chaincode to properly run on your ...READ MORE

answered Jul 27, 2018 in Blockchain by digger
 • 26,740 points 1,844 views
0 votes
1 answer

How to define the path to hyperledger-fabric chaincode?

You can find that in docker-compose files ...READ MORE

answered Oct 4, 2018 in Blockchain by Perry
 • 17,100 points 1,363 views
+2 votes
3 answers

Hyperledger Fabric: How to run node js chaincode in dev mode?

Hi, the command you are using to ...READ MORE

answered Nov 2, 2018 in Blockchain by Omkar
 • 69,220 points 4,590 views
0 votes
1 answer

Hyperledger Sawtooth vs Quorum in concurrency and speed Ask

Summary: Both should provide similar reliability of ...READ MORE

answered Sep 26, 2018 in IoT (Internet of Things) by Upasana
 • 8,620 points 1,424 views
0 votes
0 answers

How to add a new organisation to an existing channel in hyperledger fabric without creating a new node/peer for that organisation. Can we add a organisation which does not contain any nodes?

May 2, 2019 in Blockchain by anonymous
 5,080 views
0 votes
1 answer

Invalid Batch or signature in Savtooth

This will solve your problem import org.apache.commons.codec.binary.Hex; Transaction txn ...READ MORE

answered Aug 1, 2018 in Blockchain by digger
 • 26,740 points 963 views
+1 vote
1 answer

What are the key functional differences between Hyperledger Composer and Fabric Javascript SDK?

Hyperledger Composer is an application development framework ...READ MORE

answered Apr 11, 2018 in Blockchain by Perry
 • 17,100 points 1,559 views
+1 vote
2 answers

HyperLedger Fabric Java SDK - Wrinting the ChainCode Sample in Java

To get started developing Java chaincode Ensure you ...READ MORE

answered Aug 3, 2018 in Blockchain by Omkar
 • 69,220 points 4,453 views
+1 vote
2 answers

How to return value from a chaincode in Hyperledger Fabric?

Hyperledger Fabric supports only 2 types of ...READ MORE

answered Jun 13, 2018 in Blockchain by Perry
 • 17,100 points 2,929 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.