Design of Anonymous Endorsers in Hyperledger Fabric with Linkable Threshold Ring Signature

Blockchain technology has gained its attention from its application in bitcoin which circumvented
the problem of double spending that existed in the prior digital currencies, through validation. Particularly
permissioned blockchain framework became popular with organizations forming consortium
that allowed only authorized entities to participate in the network. Hyperledger Fabric, a popular distributed
ledger technology hosted by Linux Foundation has remarkable features because of the fact
that it is open source. It stands out from other frameworks as it focuses on the privacy-preserving
requirements of the enterprises. Apart from only allowing authenticated organizations to participate
in the network it implements channels that allows a subset of organizations to communicate concealing
the existence of such a channel to other members. Optionally fabric also provides anonymity and
unlinkability of the participating clients through a cryptographic protocol suite called Idemix that
operates based on zero-knowledge proofs. Fabric follows the execute-order-validate transaction flow
as opposed to order-execute flow that had certain limitations in other platforms. For executing the
transactions submitted by the clients, fabric has designated endorsing peers which holds the smart
contract - programmable business logic. Endorsing peers or endorsers execute the transactions and
attach their signatures to the results for validation purpose. But revealing the endorser identities may
be a problem when there is conflict of interest among the enterprises. Hence to have an unbiased flow
of work it is important to conceal the endorser identity. According to [1] anonymization of endorsing
peers is still a open problem in fabric community. We propose a solution to this problem which uses
linkable threshold ring signatures that conceals the identity of endorsers. Ring signatures are known
for preserving the privacy of the signer in a group. Threshold ring signature allows t-out-of-n signers
to collaborate on the signing procedure. Employing threshold ring signature implicitly addresses
one more problem stated in [10] where the verifiers need to manually count the valid ring signature
that increases the verification time. This process of separately verifying each of the signatures and
checking if the number of signatures is more than the threshold value is replaced by having just one
threshold signature collaboratively signed by the required endorsers.