Hyperledger Fabric 模型（Model）

This section outlines the key design features woven into Hyperledger Fabric that fulfill its promise of a comprehensive, yet customizable, enterprise blockchain solution:
本节概述了Hyperledger Fabric中编织的实现全面、可定制的企业区块链解决方案承诺的关键设计特性:

• Assets — Asset definitions enable the exchange of almost anything with monetary value over the network, from whole foods to antique cars to currency futures.
  资产—资产定义为可以通过网络交换的几乎任何有货币价值的东西，从食物到古董车到货币期货。
• Chaincode — Chaincode execution is partitioned from transaction ordering, limiting the required levels of trust and verification across node types, and optimizing network scalability and performance.
  链代码—链代码的执行是从交易排序中分隔出来的，限制了跨节点类型的信任和验证的请求级别，并优化了网络的可伸缩性和性能。
• Ledger Features — The immutable, shared ledger encodes the entire transaction history for each channel, and includes SQL-like query capability for efficient auditing and dispute resolution.
  账本特性—不可变的共享帐本为每个通道编码全部交易历史，并包含像SQL一样的查询功能，用于有效的审计和纠纷解决。
• Privacy — Channels and private data collections enable private and confidential multi-lateral transactions that are usually required by competing businesses and regulated industries that exchange assets on a common network.
  隐私—通道和私有数据收藏使私有和机密的多边交易成为可能，这通常是相互竞争的企业和受监管的行业在通用网络上交换资产所需要的。
• Security & Membership Services — Permissioned membership provides a trusted blockchain network, where participants know that all transactions can be detected and traced by authorized regulators and auditors.
  安全与会员服务—为有许可会员提供一个可信的区块链网络，参与者知道所有的交易都可以被授权的监管机构和审计人员检测和跟踪。
• Consensus — A unique approach to consensus enables the flexibility and scalability needed for the enterprise.
  共识—一种独特的共识方法，能够提供企业所需的灵活性和可伸缩性。

资产（Assets）

Assets can range from the tangible (real estate and hardware) to the intangible (contracts and intellectual property). Hyperledger Fabric provides the ability to modify assets using chaincode transactions.
资产可以是有形资产（不动产和硬件），也可以是无形资产（合同和知识产权）。Hyperledger Fabric提供了使用链代码事务修改资产的功能。

Assets are represented in Hyperledger Fabric as a collection of key-value pairs, with state changes recorded as transactions on a Channel ledger. Assets can be represented in binary and/or JSON form.
资产在Hyperledger Fabric中表示为键-值对的集合，状态变化记录为通道帐本上的交易。资产可以用二进制和/或JSON形式表示。

You can easily define and use assets in your Hyperledger Fabric applications using the Hyperledger Composer tool.
你可以使用Hyperledger Composer工具轻松地在你的Hyperledger Fabric应用程序中定义和使用资产。

链代码（Chaincode）

Chaincode is software defining an asset or assets, and the transaction instructions for modifying the asset(s); in other words, it’s the business logic. Chaincode enforces the rules for reading or altering key-value pairs or other state database information. Chaincode functions execute against the ledger’s current state database and are initiated through a transaction proposal. Chaincode execution results in a set of key-value writes (write set) that can be submitted to the network and applied to the ledger on all peers.
链代码是定义资产的软件，以及修改资产的交易指令；换句话说，这是业务逻辑。链代码读取或更改键值对或其他状态数据库信息时强制执行规则。链代码函数根据帐本的当前状态数据库执行，并通过交易提议开始。链代码的执行会导致一组键值写操作（写集）提交给网络并应用到所有对等点上的帐本。

账本特征（Ledger Features）

The ledger is the sequenced, tamper-resistant record of all state transitions in the fabric. State transitions are a result of chaincode invocations (‘transactions’) submitted by participating parties. Each transaction results in a set of asset key-value pairs that are committed to the ledger as creates, updates, or deletes.
帐本是有顺序的，防篡改的在织物中所有状态转变的记录。状态转变是参与方提交的链代码调用(“交易”)的结果。每个交易都会生成一组资产键-值对，它们作为创建、更新或删除提交到帐本。

The ledger is comprised of a blockchain (‘chain’) to store the immutable, sequenced record in blocks, as well as a state database to maintain current fabric state. There is one ledger per channel. Each peer maintains a copy of the ledger for each channel of which they are a member.
帐本由一个区块链(“链”)组成，区块链用于在块中存储不可变的、有顺序的记录，以及用于维护当前织物状态的状态数据库。每个通道有一个账本。每个通道的成员对等节点都维护一份帐本副本。

Some features of a Fabric ledger:
Fabric账本的一些特征：

• Query and update ledger using key-based lookups, range queries, and composite key queries
  使用基于键的查找、范围查询和组合键查询来查询和更新分类帐
• Read-only queries using a rich query language (if using CouchDB as state database)
  使用富查询语言的只读查询（如果使用CouchDB作为状态数据库）
• Read-only history queries — Query ledger history for a key, enabling data provenance scenarios
  只读历史查询——查询一个键的账本历史记录，支持数据溯源
• Transactions consist of the versions of keys/values that were read in chaincode (read set) and keys/values that were written in chaincode (write set)
  交易由在链代码(读集)中读取的键/值和在链代码(写集)中写入的键/值的版本组成
• Transactions contain signatures of every endorsing peer and are submitted to ordering service
  交易包含每个背书节点的签名，并提交排序服务
• Transactions are ordered into blocks and are “delivered” from an ordering service to peers on a channel
  事务被排序进区块，并从排序服务“交付”到通道上的所有对等节点
• Peers validate transactions against endorsement policies and enforce the policies
  对等节点根据背书策略验证交易并执行策略
• Prior to appending a block, a versioning check is performed to ensure that states for assets that were read have not changed since chaincode execution time
  在添加到区块之前，要执行版本检查，以确保被读取的资产状态自链代码执行以来没有改变
• There is immutability once a transaction is validated and committed
  一旦交易被验证并提交，就存在不可变性
• A channel’s ledger contains a configuration block defining policies, access control lists, and other pertinent information
  通道的帐本包含一个配置区块，定义策略、访问控制列表和其他相关信息
• Channels contain Membership Service Provider instances allowing for crypto materials to be derived from different certificate authorities
  通道包含会员服务提供者（MSP）实例，允许从不同的证书颁发机构派生出加密材料

See the Ledger topic for a deeper dive on the databases, storage structure, and “query-ability.”
请参阅账本主题，以深入了解数据库、存储结构和“查询能力”。

隐私（Privacy）

Hyperledger Fabric employs an immutable ledger on a per-channel basis, as well as chaincode that can manipulate and modify the current state of assets (i.e. update key-value pairs). A ledger exists in the scope of a channel — it can be shared across the entire network (assuming every participant is operating on one common channel) — or it can be privatized to include only a specific set of participants.
Hyperledger Fabric使用了基于每个通道的不可变帐本，以及可以操作和修改资产当前状态(即更新键值对)的链代码。一个帐本存在于一个通道的范围内——它可以在整个网络中共享（假设每个参与者都在一个公共通道上操作）——它也可以私有化，只包含特定的一组参与者。

In the latter scenario, these participants would create a separate channel and thereby isolate/segregate their transactions and ledger. In order to solve scenarios that want to bridge the gap between total transparency and privacy, chaincode can be installed only on peers that need to access the asset states to perform reads and writes (in other words, if a chaincode is not installed on a peer, it will not be able to properly interface with the ledger).
在后面的场景中，这些参与者将创建一个单独的通道，从而隔离/分离他们的交易和帐本。为了解决桥接全透明和隐私之间分歧这样的场景，链代码可以只安装于需要访问资产状态执行读写的节点（换句话说,如果一个链代码没安装在这个节点，则它将无法与帐本正确对接）。

When a subset of organizations on that channel need to keep their transaction data confidential, a private data collection (collection) is used to segregate this data in a private database, logically separate from the channel ledger, accessible only to the authorized subset of organizations.
当该通道上的组织子集需要对其交易数据保密时，使用私有数据集合将该数据分离到私有数据库中，逻辑上与通道帐本分离，仅授权的组织子集才可访问。

Thus, channels keep transactions private from the broader network whereas collections keep data private between subsets of organizations on the channel.
因此，通道使更广泛的网络中的交易保持私有，而集合则使通道上的组织子集之间的数据保持私有。

To further obfuscate the data, values within chaincode can be encrypted (in part or in total) using common cryptographic algorithms such as AES before sending transactions to the ordering service and appending blocks to the ledger. Once encrypted data has been written to the ledger, it can be decrypted only by a user in possession of the corresponding key that was used to generate the cipher text. For further details on chaincode encryption, see the Chaincode for Developers topic.
为了进一步混淆数据，可以使用通用的加密算法（如AES）对链代码中的值进行加密（部分或全部），然后将交易发送到排序服务，并向帐本添加区块。一旦加密数据被写入到帐本，它只能由拥有相应密钥的用户解密，该密钥用于生成密码文本。有关链代码加密的详细信息，请参阅面向开发人员的链代码主题。

See the Private Data topic for more details on how to achieve privacy on your blockchain network.
有关如何在区块链网络上实现隐私的详细信息，请参阅私有数据主题。

安全和成员服务（Security & Membership Services）

Hyperledger Fabric underpins a transactional network where all participants have known identities. Public Key Infrastructure is used to generate cryptographic certificates which are tied to organizations, network components, and end users or client applications. As a result, data access control can be manipulated and governed on the broader network and on channel levels. This “permissioned” notion of Hyperledger Fabric, coupled with the existence and capabilities of channels, helps address scenarios where privacy and confidentiality are paramount concerns.
Hyperledger Fabric支持一个所有参与者都知道身份的交易网络。公钥基础设施用于生成与组织、网络组件和最终用户或客户端应用程序相关联的加密证书。因此，数据访问控制可以在更广泛的网络和通道级别上进行操作和管理。Hyperledger Fabric这种“要许可”的概念，加上通道的存在和能力，有助于解决最关心隐私和保密的场景。

See the Membership Service Providers (MSP) topic to better understand cryptographic implementations, and the sign, verify, authenticate approach used in Hyperledger Fabric.
请参阅会员服务提供者(MSP)主题，以更好地理解加密实现，以及Hyperledger Fabric中使用的签名、核实和身份验证方法。

共识（Consensus）

In distributed ledger technology, consensus has recently become synonymous with a specific algorithm, within a single function. However, consensus encompasses more than simply agreeing upon the order of transactions, and this differentiation is highlighted in Hyperledger Fabric through its fundamental role in the entire transaction flow, from proposal and endorsement, to ordering, validation and commitment. In a nutshell, consensus is defined as the full-circle verification of the correctness of a set of transactions comprising a block.
在分布式账本技术中，共识最近已经成为在单一功能中的特定算法的同义词。然而，共识不仅仅包括对交易顺序达成一致，在Hyperledger Fabric中这种区别通过其在整个交易流程中的根本性角色而突显，从提议和背书、到排序、验证和承诺。简而言之，共识被定义为包含一组交易组成的区块正确性验证的完整循环。

Consensus is achieved ultimately when the order and results of a block’s transactions have met the explicit policy criteria checks. These checks and balances take place during the lifecycle of a transaction, and include the usage of endorsement policies to dictate which specific members must endorse a certain transaction class, as well as system chaincodes to ensure that these policies are enforced and upheld. Prior to commitment, the peers will employ these system chaincodes to make sure that enough endorsements are present, and that they were derived from the appropriate entities. Moreover, a versioning check will take place during which the current state of the ledger is agreed or consented upon, before any blocks containing transactions are appended to the ledger. This final check provides protection against double spend operations and other threats that might compromise data integrity, and allows for functions to be executed against non-static variables.
当一个区块交易的顺序和结果满足明确的策略标准检查时，最终达成共识。这些检查和平衡发生在交易的整个生命周期中，包括使用背书策略来规定哪些特定成员必须对某类交易背书，以及用系统链代码来确保这些策略得到执行和支持。在承诺之前，对等节点将使用这些系统链代码来确保有足够的背书，并且它们是来自适当的实体。此外，在将包含交易的区块添加到帐本前，在帐本的当前状态达成意见一致或同意的整个期间将进行版本检查。这个最终检查为防止重复操作和其他可能危及数据完整性的威胁提供了保护，并允许对非静态变量执行功能。

In addition to the multitude of endorsement, validity and versioning checks that take place, there are also ongoing identity verifications happening in all directions of the transaction flow. Access control lists are implemented on hierarchical layers of the network (ordering service down to channels), and payloads are repeatedly signed, verified and authenticated as a transaction proposal passes through the different architectural components. To conclude, consensus is not merely limited to the agreed upon order of a batch of transactions; rather, it is an overarching characterization that is achieved as a byproduct of the ongoing verifications that take place during a transaction’s journey from proposal to commitment.
除了进行大量的背书、有效性和版本控制检查之外，在交易流程的各个方向上也进行身份验证。访问控制列表是在网络分层结构（从排序服务到通道)上实现的，当交易提议通过不同的体系结构组件时，有效负载会反复签名、核实和验证。综上所述，共识不仅限于商定一批交易的排序；相反，它是首要特性是交易从提议到承诺的过程中正在进行验证而获得的副产品。

Check out the Transaction Flow diagram for a visual representation of consensus.
查看交易流程图以获得共识的可视化表示。