# PK妯″紡闀垮畨閾句粙缁� ## Public閫傜敤鍦烘櫙璇存槑 鍦ㄩ暱瀹夐摼2.X鐗堟湰涓�, 鎴戜滑瀹炵幇浜嗕笁绉嶈韩浠芥潈闄愮鐞嗘ā鍨嬶細 * PermissionedWithCert锛氬熀浜庢暟瀛楄瘉涔︾殑鐢ㄦ埛鏍囪瘑浣撶郴銆佸熀浜庤鑹茬殑鏉冮檺鎺у埗浣撶郴; * PermissionedWithKey锛氬熀浜庡叕閽ョ殑鐢ㄦ埛鏍囪瘑浣撶郴銆佸熀浜庤鑹茬殑鏉冮檺鎺у埗浣撶郴銆� * Public锛氬熀浜庡叕閽ョ殑鐢ㄦ埛鏍囪瘑浣撶郴銆佸熀浜庤鑹茬殑鏉冮檺鎺у埗浣撶郴銆� 鍏朵腑锛孭ermissionedWithCert鍜孭ermissionedWithKey妯″紡闈㈠悜寮烘潈闄愭帶鍒跺満鏅�(鑱旂洘閾�)锛孭ublic妯″紡闈㈠悜寮辨潈闄愭帶鍒跺満鏅�(鍏摼) ### 涓嶅悓閾捐处鎴锋ā寮忓姣� | 瀵规瘮椤筡韬唤妯″紡 | PermissionWithCert | Public | PermissionWithKey | |----------|-------------------------------------|----------------------------|-----------------------------| | 妯″紡鍚嶇О | [璇佷功妯″紡](./Cert妯″紡闀垮畨閾句粙缁�.html) | [鍏挜妯″紡](./PK妯″紡闀垮畨閾句粙缁�.html) | [鍏挜娉ㄥ唽妯″紡](./PWK妯″紡闀垮畨閾句粙缁�.html) | | 妯″紡绠€绉� | cert妯″紡 | pk妯″紡 | pwk妯″紡 | | 璐︽埛绫诲瀷 | 鑺傜偣璐︽埛(鍏辫瘑鑺傜偣銆佸悓姝ヨ妭鐐广€佽交鑺傜偣), 鐢ㄦ埛璐︽埛(绠$悊鍛樸€佹櫘閫氱敤鎴�) | 鑺傜偣璐︽埛(鍏辫瘑鑺傜偣), 鐢ㄦ埛璐︽埛(绠$悊鍛樸€佹櫘閫氱敤鎴�) | 鍚岃瘉涔︽ā寮� | | 璐︽埛鏍囪瘑 | 鏁板瓧璇佷功 | 鍏挜/鍦板潃 | 鍏挜/鍦板潃 | | 鏄惁闇€瑕佸噯鍏� | 鏄紝璇佷功闇€瑕丆A绛惧彂 | 鍚︼紝鏅€氱敤鎴峰彲鐩存帴璋冪敤鍚堢害 | 鏄紝璐︽埛闇€瑕佺鐞嗗憳鍦ㄩ摼涓婃敞鍐� | | 璐︽埛涓庣粍缁囧叧绯� | 璐︽埛灞炰簬鏌愪釜缁勭粐 | 璐︽埛鏃犵粍缁囨蹇� | 璐︽埛灞炰簬鏌愪釜缁勭粐 | | 閫傜敤閾剧被鍨� | 鑱旂洘閾� | 鍏摼 | 鑱旂洘閾� | | 鍏辫瘑绠楁硶 | TBFT銆丷AFT銆丮axBFT | TBFT銆丏POS | TBFT銆丷AFT | 鍦≒ublic锛�**鍏挜**锛夎处鎴锋ā寮忎笅锛屼竴鏉¢摼浠呭瓨鍦ㄤ竴涓粯璁ょ粍缁囷紙public锛夛紝鍦ㄩ厤缃枃浠讹紙bc.yml锛夌殑`trust roots` 瀛楁涓畾涔夌鐞嗗憳鍏挜,鍦╜consensus`閲屽畾涔夌粍缁囩殑鍏辫瘑鑺傜偣鍒楄〃锛屼竴鏉¢摼鍙互鏈夊涓摼绠$悊鍛樸€佸涓叡璇嗚妭鐐广€傛櫘閫氱敤鎴峰姞鍏ユ病鏈夐棬妲涳紝浠绘剰鍏閽ュ垱寤虹殑閾捐处鎴烽兘鍙互鎴愪负閾剧殑鏅€氱敤鎴�,濡備笅鍥炬墍绀猴細 <img loading="lazy" src="../images/Identity-UserSystem-public.png" style="zoom:70%;" /> ## 璐︽埛瑙掕壊涓庢潈闄愯鏄� ### 瑙掕壊绫诲瀷 <span id="role_type"></span> 闀垮畨閾句腑锛屽畾涔変簡浠ヤ笅鍑犵瑙掕壊绫诲瀷锛� - 鍏辫瘑鑺傜偣 `consensus`锛氭湁鏉冨弬涓庡尯鍧楀叡璇嗘祦绋嬬殑閾句笂鑺傜偣锛� - 绠$悊鍛� `admin`锛氬彲浠h〃缁勭粐杩涜閾句笂娌荤悊鐨勭敤鎴凤紱 - 鏅€氱敤鎴� `client`锛氭棤鏉冭繘琛岄摼涓婃不鐞嗭紝浣嗗彲鍙戦€佸拰鏌ヨ浜ゆ槗鐨勭敤鎴枫€� ### 鏉冮檺璇存槑 鏉冮檺鏍囪瘑鏂规硶锛氶噰鐢�**鍏挜**鐨勬爣璇嗘柟寮忥紝鑳藉閬垮厤鍍忔暟瀛楄瘉涔︿綋绯婚偅鏍风箒鐞愮殑绛惧彂娴佺▼锛屼娇鐢ㄦ埛鍔犲叆鍖哄潡閾剧綉缁滄洿鍔犵畝鍗曞揩鎹凤紝浣嗘棤娉曟壙杞界敤鎴锋垨鑺傜偣鐨勭粍缁囦俊鎭互鍙婅鑹蹭俊鎭€� 鏉冮檺绠$悊鍙婁慨鏀瑰彲鍙傝€冿細[鏉冮檺绠$悊](绠$悊PK璐︽埛妯″紡鐨勯摼.html#鏉冮檺绠$悊) ## 閾鹃厤缃枃浠惰鏄� ### 鍒涗笘鍧楅厤缃枃浠惰鏄� **閰嶇疆鏂囦欢锛歜c.yml** - auth_type锛氳韩浠芥ā寮� public锛氶潰鍚戝急鏉冮檺鎺у埗鍦烘櫙锛屽熀浜庡叕閽ョ殑鐢ㄦ埛鏍囪瘑浣撶郴銆佸熀浜庤鑹茬殑鏉冮檺鎺у埗浣撶郴銆� * consensus锛氬叡璇嗛厤缃� - nodes锛氬叡璇嗚妭鐐瑰垪琛� **TBFT鍏辫瘑妯″紡闇€瑕侀厤缃叡璇嗚妭鐐瑰垪琛紝DPOS鍏辫瘑妯″紡涓嶉渶瑕侀厤缃€�** * trust_roots锛氫俊浠绘牴閰嶇疆鍒楄〃 **榛樿鍙娇鐢ㄥ垪琛ㄤ笅绗竴涓厤缃�** - org_id锛歱ublic妯″紡閰嶇疆鏍囪瘑锛堥渶瑕佸~鍐檖ublic锛� ```yaml org_id: "public" ``` - root锛氶摼绠$悊鍛樺叕閽ユ墍鍦ㄨ矾寰勫垪琛� ### 鍒涗笘鍧楅厤缃枃浠剁ず渚� ```yaml chain_id: chain1 # 閾炬爣璇� version: v1.0.0 # 閾剧増鏈� sequence: 0 # 閰嶇疆鐗堟湰 auth_type: "public" # 璁よ瘉绫诲瀷 permissionedWithCert / permissionedWithKey / public crypto: hash: SHA256 # 鍚堢害鏀寔绫诲瀷鐨勯厤缃� contract: enable_sql_support: false # 浜ゆ槗銆佸尯鍧楃浉鍏抽厤缃� block: tx_timestamp_verify: true # 鏄惁闇€瑕佸紑鍚氦鏄撴椂闂存埑鏍¢獙 tx_timeout: 600 # 浜ゆ槗鏃堕棿鎴崇殑杩囨湡鏃堕棿(绉�) block_tx_capacity: 100 # 鍖哄潡涓渶澶т氦鏄撴暟 block_size: 10 # 鍖哄潡鏈€澶ч檺鍒讹紝鍗曚綅MB block_interval: 2000 # 鍑哄潡闂撮殧锛屽崟浣�:ms # core妯″潡 core: tx_scheduler_timeout: 10 # [0, 60] 浜ゆ槗璋冨害鍣ㄤ粠浜ゆ槗姹犳嬁鍒颁氦鏄撳悗, 杩涜璋冨害鐨勬椂闂� tx_scheduler_validate_timeout: 10 # [0, 60] 浜ゆ槗璋冨害鍣ㄤ粠鍖哄潡涓嬁鍒颁氦鏄撳悗, 杩涜楠岃瘉鐨勮秴鏃舵椂闂� consensus_turbo_config: consensus_message_turbo: false # 鏄惁寮€鍚叡璇嗘姤鏂囧帇缂� retry_time: 500 # 鏍规嵁浜ゆ槗ID鍒楄〃浠庝氦鏄撴睜鑾峰彇浜ゆ槗鐨勯噸璇曟鏁� retry_interval: 20 # 閲嶈瘯闂撮殧锛屽崟浣�:ms #鍏辫瘑閰嶇疆 consensus: # 鍏辫瘑绫诲瀷(0-SOLO,1-TBFT,2-MBFT,3-HOTSTUFF,4-RAFT,5-DPOS) type: 5 ext_config: # 鎵╁睍瀛楁锛岃褰曢毦搴︺€佸鍔辩瓑鍏朵粬绫诲叡璇嗙畻娉曢厤缃� - key: aa value: chain01_ext11 dpos_config: # DPoS #ERC20鍚堢害閰嶇疆 - key: erc20.total value: "10000000" - key: erc20.owner value: "6CeSsjU5M62Ee3Gx9umUX6nXJoaBkWYufQdTZqEJM5di" - key: erc20.decimals value: "18" - key: erc20.account:DPOS_STAKE value: "10000000" #Stake鍚堢害閰嶇疆 - key: stake.minSelfDelegation value: "2500000" - key: stake.epochValidatorNum value: "4" - key: stake.epochBlockNum value: "10" - key: stake.completionUnbondingEpochNum value: "1" - key: stake.candidate:6CeSsjU5M62Ee3Gx9umUX6nXJoaBkWYufQdTZqEJM5di value: "2500000" - key: stake.candidate:F5tJ4ca4vdbuyffpc1Szw3WHU3caGaTVAh52MRMS4qBt value: "2500000" - key: stake.candidate:FxfunVWGkKgYMjngxMtLkd4pUNYVNAHNAqiDqopg5zdw value: "2500000" - key: stake.candidate:DYt7DfcZnqKNpjgyJ6tU6GFixNfLMkkmnqdwB3NNiAP7 value: "2500000" - key: stake.nodeID:6CeSsjU5M62Ee3Gx9umUX6nXJoaBkWYufQdTZqEJM5di value: "QmZcFcJFYYoZ3FNNGL88QaszUZwFwuBdFqYh6yPzJURc3s" - key: stake.nodeID:F5tJ4ca4vdbuyffpc1Szw3WHU3caGaTVAh52MRMS4qBt value: "QmXwtuPemSgH5ypzoKvcLdCLbd9jZ25FbpNf7VPjHF3HMS" - key: stake.nodeID:FxfunVWGkKgYMjngxMtLkd4pUNYVNAHNAqiDqopg5zdw value: "QmRmQLHJoqAYGkuLFaNY6HLzwtTNxr45UJsYpSjdKvBQw2" - key: stake.nodeID:DYt7DfcZnqKNpjgyJ6tU6GFixNfLMkkmnqdwB3NNiAP7 value: "QmURUHTGsuzzjgh1Xg6s92G1Q3gK91A6JEZGPfYNWwJMiT" # 瓒呯骇绠$悊鍛� trust_roots: - org_id: "public" root: - "../config-pk/public/admin/admin1/admin1.pem" - "../config-pk/public/admin/admin2/admin2.pem" - "../config-pk/public/admin/admin3/admin3.pem" - "../config-pk/public/admin/admin4/admin4.pem" ``` ### 鑺傜偣閰嶇疆鏂囦欢璇存槑 **閰嶇疆鏂囦欢锛歝hainmaker.yml** - auth_type锛氳韩浠芥ā寮� public锛氶潰鍚戝急鏉冮檺鎺у埗鍦烘櫙锛屽熀浜庡叕閽ョ殑鐢ㄦ埛鏍囪瘑浣撶郴銆佸熀浜庤鑹茬殑鏉冮檺鎺у埗浣撶郴銆� - node锛氳妭鐐归厤缃� - priv_key_file锛氳妭鐐圭閽ュ湴鍧€ - cert_file锛氫笉闇€瑕侀厤缃� - net锛氱綉缁滈厤缃� - tls锛歍LS閰嶇疆 - priv_key_file锛氳妭鐐圭閽ュ湴鍧€ - cert_file锛氫笉闇€瑕侀厤缃� **娉細node鍜宯et閲岄渶瑕侀厤缃悓涓€涓閽ョ殑鍦板潃**銆� ### 鑺傜偣閰嶇疆鏂囦欢绀轰緥 ```yaml auth_type: "public" # permissionedWithCert / permissionedWithKey / public log: config_file: ../config-pk/public/node/node1/log.yml # config file of logger configuration. blockchain: - chainId: chain1 genesis: ../config-pk/public/node/node1/chainconfig/bc1.yml node: # 鑺傜偣绫诲瀷锛歠ull type: full org_id: wx-org1.chainmaker.org priv_key_file: ../config-pk/public/node/node1/node1.key signer_cache_size: 1000 cert_cache_size: 1000 net: provider: LibP2P listen_addr: /ip4/0.0.0.0/tcp/11351 seeds: - "/ip4/127.0.0.1/tcp/11351/p2p/QmZcFcJFYYoZ3FNNGL88QaszUZwFwuBdFqYh6yPzJURc3s" - "/ip4/127.0.0.1/tcp/11352/p2p/QmXwtuPemSgH5ypzoKvcLdCLbd9jZ25FbpNf7VPjHF3HMS" - "/ip4/127.0.0.1/tcp/11353/p2p/QmRmQLHJoqAYGkuLFaNY6HLzwtTNxr45UJsYpSjdKvBQw2" - "/ip4/127.0.0.1/tcp/11354/p2p/QmURUHTGsuzzjgh1Xg6s92G1Q3gK91A6JEZGPfYNWwJMiT" tls: enabled: true priv_key_file: ../config-pk/public/node/node1/node1.key txpool: max_txpool_size: 5120 # 鏅€氫氦鏄撴睜涓婇檺 max_config_txpool_size: 10 # config浜ゆ槗姹犵殑涓婇檺 full_notify_again_time: 30 # 浜ゆ槗姹犳孩鍑哄悗锛屽啀娆¢€氱煡鐨勬椂闂撮棿闅�(绉�) rpc: provider: grpc port: 12301 tls: # TLS妯″紡: # disable - 涓嶅惎鐢═LS # oneway - 鍗曞悜璁よ瘉 # twoway - 鍙屽悜璁よ瘉 #mode: disable #mode: oneway mode: disable monitor: enabled: false port: 14321 pprof: enabled: false port: 24321 storage: store_path: ../data/node1/ledgerData1 blockdb_config: provider: leveldb leveldb_config: store_path: ../data/node1/blocks statedb_config: provider: leveldb leveldb_config: store_path: ../data/node1/state historydb_config: provider: leveldb leveldb_config: store_path: ../data/node1/history resultdb_config: provider: leveldb leveldb_config: store_path: ../data/node1/result disable_contract_eventdb: true #鏄惁绂佹鍚堢害浜嬩欢瀛樺偍鍔熻兘锛岄粯璁や负true锛屽鏋滆缃负false,闇€瑕侀厤缃甿ysql contract_eventdb_config: provider: sql #濡傛灉寮€鍚痗ontract event db 鍔熻兘锛岄渶瑕佹寚瀹歱rovider涓簊ql sqldb_config: sqldb_type: mysql #contract event db 鍙敮鎸乵ysql dsn: root:password@tcp(127.0.0.1:3306)/ #mysql鐨勮繛鎺ヤ俊鎭紝鍖呮嫭鐢ㄦ埛鍚嶃€佸瘑鐮併€乮p銆乸ort绛夛紝绀轰緥锛歳oot:admin@tcp(127.0.0.1:3306)/ debug: # 鏄惁寮€鍚疌LI鍔熻兘锛岃繃搴︽湡闂翠娇鐢� is_cli_open: true is_http_open: false ```