SAP and Blockchain
Blockchain refers to a data structure for storing information in a distributed manner. This is done using the help of cryptographic techniques. Blockchain essentially creates a distributed database with no central authority managing the database, users of the blockchain each have a record of all records in the distributed database and users of the blockchain network can independently verify that no entry in the database has been altered. These distributed databases can be used to store a wide range of data and thus have a wide range of applications in industry. This includes applications that are entirely public (such as cryptocurrencies such as bitcoin) or applications which are private (such as company-wide private blockchain based databases).
An individual company might opt to store data in a distributed database if that database is to have no central managing authority but at the same time the database has to maintain a high level of integrity. Authorised users can search and store data in the database, and all information on which data actions were initiated by which users made is recorded permanently in the distributed database. None of the legitimate users can change any data record without all other users of the database knowing that the data record was changed. The distributed network is implemented by storing data in blocks arranged in a chain like manner where every new block contains information about the record that precedes it. This is chain forming information is in the form of a cryptographic hash which is a one-way function.
A one-way function is a function which is easy to compute but very difficult to reverse. Hash functions also have the property of having different outputs for inputs (i.e they are one-to-one functions). So having a particular argument, it is very easy to compute the hash of that argument and get the output, but if you are given the output and not given the input, then computing the hash is very difficult. The most commonly used hash function in blockchain networks is the secure hash algorithm (SHA) hash function.
When a record is added to the database, that record is added to the current block. Each block has a fixed size and can therefore only store a finite amount of records, once this limit has been reached a new block has to be created. When the new block is created, the entire outgoing block is used as an input to a cryptographic hash function and the output is stored in the incoming block. This operation creates a chaining effect, where each block is cryptographically connected to both the block proceeding and succeeding it. Storing information in the manner that has just been described is referred to as storing the database as a blockchain.
If a user attempts to change an entry in a particular block, then the hash function of the altered block will not match the hash function of the unaltered block. A user can therefore easily verify if a particular block has been modified by computing the hash function of that block and checking if it corresponds with the hash that has been stored in the block that succeeds it. If the computed hash does not match the hash in the next block then the entire chain starting from the invalid block is invalidated. In this manner, individual users can verify the integrity of data stored in the blockchain without the help of some trusted third party such as a bank or a government.
Blockchain is particularly useful in enterprise scenarios where data is to be stored in a database that is accessible by multiple non-trusted parties in a distributed way. This data could be anything that is of interest to the business. Setting up a new blockchain to store data in can be a really difficult activity to engage in so enterprises looking to quickly leverage this technology can do so using the SAP Cloud Platform, particularly by using the tools provided by the SAP Leonardo Blockchain toolset, which helps end-users quickly experiment and deploy distributed databases using blockchain technology.
SAP Leonardo Blockchain tools provide companies with an easy way to setup and manage blockchain databases by providing a front-end for the open source Hyperledger fabric. The Hyperledger fabric is an open source implementation of a bare bones distributed blockchain based database. It is supported by the Linux foundation. Using SAP allows an enterprise to quickly use the Hyperledger and also easily integrate it with any other SAP cloud ser- vices they may have subscriptions to such as SAP Cloud analytics, Cloud HR or Cloud CRM. In a Hyperledger we have nodes (which can be seen as individual ledger users) and channels (which as communication interfaces). Each distinct participant (such as an SAP application) in the Hyperledger is a node and all nodes needs to be connected a channel connected to the Hyperledger in order for them to participate in the blockchain database.
In order to use blockchain with SAP Cloud, we need to first create an SAP Cloud service account and subscribe to blockchain services. After this we can create a Hyperledger Fabric backed database and interface with it via the SAP Cloud platform. This is done, as usual, via the SAP Cloud services cockpit. In the cloud services cockpit, a subscriber first needs to instantiate a blockchain based database by creating a new instance of the Hyperledger fabric service. This is done by selecting the Hyperledger fabric service in the service marketplace (select Services in left hand column of the SAP Cloud Platform Cockpit and then select Service Marketplace) and then creating a new instance.
After the instance has been created, you then proceed to creating a new channel for the Hyperledger. Multiple channels can be created, a unique channel can be created for each unique SAP application that will need to interface with the Hyperledger. In order for the application to access the Hyperledger, a new service needs to be created so the SAP application can link to it. After this an SAP Cloud platform can access the Hyperledger and access it as it if were are any normal SAP data storage service. The Hyperledger will provide all the benefits of a fully fledged enterprise distributed
database. Figure 1 shows an overview of how an SAP Cloud application connects to the Hyperledger based distributed database via the SAP Leonardo cockpit.
Figure 1: Overview SAP Cloud Platform Connected to Hyperledger
Enterprise applications can also interact with the underlying Hyperledger by using the SAP Cloud development kit and deploying the SAP enabled applications with chaincode (for things like smart contracts). Chaincode refers to code that is installed on a blockchain node and performs some interaction with that blockchain network’s shared ledger. This interaction is usually to perform or verify transactions. Chaincode just consists of a series of instructions and functions outlining what actions and operations should take place on the Hyperledger.
In order to deploy chaincode, the code is first developed as a standalone code. It is then added to the SAP platform via the Hyperledger fabric cockpit. The user, first selects chaincode on the left-hand column and then clicks on add chaincode. After doing this, the chaincode is then dragged and dropped onto the cockpit and the install chaincode button is pressed.
Figure 2: SAP Cloud Platform with Hyperledger and Other Enterprise Applications
In summary, SAP blockchain tools can be used to connect SAP enabled enterprise applications to Hyperledger fabric blockchain networks via the SAP Cloud platform. The process to accomplish this involves
- Setting up a SAP Account and Opening the IoT Blockchain Cockpit
- Add a User (or users) to the Cockpit
- Select the Hyperledger service and then add a new instance of it.
- After instantiating the Hyperledger fabric instance, open it and add a new channel.
- After the channel has been added, select the option to avail the channel as a service. Doing this makes the Hyperledger channel visible to other SAP cloud apps as a normal service.
- Any application that needs access to the blockchain can be bound the the newly created service.
- SAP applications will now be able to bind to and use the newly created blockchain service.