Help Center> Blockchain Service> Developer Guide> Appendix> Homomorphic Encryption> Using the Homomorphic Encryption Library
Updated on 2023-01-16 GMT+08:00

Using the Homomorphic Encryption Library

This section describes how to use the homomorphic encryption library.

Procedure

  1. Buy a BCS instance and downloading files.

    When buying a BCS instance, select ECDSA for Security Mechanism. After the subscription, download the homomorphic encryption library ahex.x.x.tar.gz, OSCCA-published cryptographic algorithm SDK sdkx.x.x.tar.gz in the client development kit, and the user certificates and configuration files of peers and orderers.

  2. Installing the client SDK library.

    Decompress the downloaded OSSCA-published cryptographic algorithm SDK sdkx.x.x.tar.gz to the $GOPATH directory.

  3. Install the homomorphic encryption library.

    Decompress the downloaded homomorphic encryption library ahex.x.x.tar.gz to the $GOPATH directory.

  4. Install the dependent library (only for Fabric v1.1).

    The dependent library files are stored in the homomorphic encryption library directory. The decompressed homomorphic encryption library file is stored in the $GOPATH/src/ahe/PSW/deps/lib directory. Copy all the files in this directory to the local /usr/local/include/openssl/ directory. (If this directory does not exist, create it.) Then, run the following command to set the environment variables:

    export LD_LIBRARY_PATH=/usr/local/include/openssl:$LD_LIBRARY_PATH 
    //The project path /usr/local/include/openssl is used as an example. Replace it with the actual directory, if any.

    If the system displays a message indicating that libgmp is missing, install the gmp library. For details about the installation method, see the Linux operating system package management tool. For example, if Ubuntu is used, run the apt-get install libgmp10 command to install the library, or download the source code from https://gmplib.org/, then compile and install the library.

  5. Develop the client program and chaincode.

    Refer to the AHE Lib APIs and Chaincode Library APIs to develop the application and chaincode (smart contract).

    For example, the logic of an app client and chaincode is as follows:

    • Typical service logic of an app client:
      1. Register a user.

        When a user is registered, the key generation function can be invoked to generate public and private keys for the user.

      2. Initialize the account balance.

        When the balance is initialized, the initial balance preparation function can be invoked to generate initial balance data with privacy protected.

      3. Initiate a transaction.

        During a transaction, the transaction preparation function can be invoked to generate transaction data with privacy protected.

    • Typical service logic of a chaincode:
      1. Store the mapping between the user's public key and address.
      2. Verify the validity of the initial balance and generate an initial transaction.
      3. Verify the validity of transaction data and generate the transaction result.
        • The chaincode can invoke the initial balance verification function to verify the validity of the initial balance.
        • The transaction verification function is invoked to verify the validity of transaction data.

  6. Install a chaincode.

    Install and instantiate the developed chaincode for the subscribed BCS instance on the management page.

  7. Deploy the application.

    When developing the application, you can invoke the homomorphic encryption library to protect the transaction privacy. After the development is completed, deploy the application on the purchased server. After deployment, ensure that the configuration files, certificate files (user certificates of peers and orderers), and openssl library are available in the environment.