How PegaSys Orchestrate Solves 4 Key Security Challenges for Enterprise Blockchain Solutions
PegaSys Orchestrate is a platform that enables enterprises to easily build secure and reliable applications on the Ethereum blockchain. Orchestrate combines multiple business functionalities, from transaction management to advanced monitoring, into a single product, culminating the experience the PegaSys team has gathered building production-grade blockchain platforms with enterprises from diverse industries, including capital markets, supply chain, and trade finance.
If you want to learn more about Orchestrate’s features, read our previous blog post, “How Your Enterprise Can Build Production-Grade Blockchain Applications with Ease Using PegaSys Orchestrate,” or contact us to speak directly with our team of blockchain experts.
Private Key Management
Private key management, sometimes referred to as “custody of private keys”, is critical for any blockchain platform. In a blockchain system, an identity is defined by a private key that allows the key holder to cryptographically sign transactions and interact with blockchain smart contracts. If an attacker gets access to a private key, they are then capable of signing any transaction in the name of the original private key holder.
Orchestrate offers compatibility with secure storage systems such as Hashicorp Vault, in which private keys either live in memory when signing a transaction or are stored encrypted on disk, tremendously limiting the possibilities of a private key being compromised. Hashicorp Vault is a good choice for storing the majority of private keys that are used on a daily basis(e.g. private key of an investor in a decentralized finance system), and it offers a good balance between security, user experience, and infrastructure cost.
For highly sensitive private keys, associated to accounts with elevated permissions over a smart contract (e.g. the private key of an asset issuer in a decentralized finance system), the best practice is to store the private key in an external cold storage systems such as a Ledger NanoS, which integrates with Orchestrate.
Multi-Tenancy and Access Control
Orchestrate is a multi-tenant system that provides each tenant with restricted accesses to blockchain networks, private keys, smart contracts, and transactions.
For example, assuming 2 applications (A and B) are running on top of Orchestrate, each having its on tenant, then:
- App A is forbidden to send transactions to a network registered by app B
- App A is forbidden to sign a transaction with a private key registered by app B
- App A is forbidden to generate transactions for a smart contract registered by app B (unless App A has also registered the smart contract)
Orchestrate implements restrictions through Authentication based on the OpenID Connect (OIDC) protocol (JWT token based authentication). Orchestrate allows your organization to configure custom Token Claims and extract tenant information from JWT tokens. Orchestrate is compatible with any OpenID Provider (Auth0, for example).
Programming Language: Golang
External Attack Surface
Orchestrate is written in Golang, which has been the language of choice for some of the most popular infrastructure systems, such as Docker, Kubernetes, Hashicorp Vault, Consul, Terraform. Today, these systems are must-haves in most distributed infrastructures, either on cloud or on-premise.
Go programs do not rely on external libraries to run, as they decrease the attack surface of a Go system to the system itself. Once compiled, a Go system can be deployed in any server and doesn’t require you to install further dependency that the server may not have (such as a virtual machine or a programming language executable). At PegaSys, we deploy Orchestrate using Docker scratch images which only contain Orchestrate binaries.
Deployment in Production
Transaction Orchestration: Messaging, Storage, and Caching
Orchestrate interfaces with battle-tested technologies to perform transaction orchestration: Apache Kafka for asynchronous messaging, PostgreSQL for persistent storage, and Redis for caching. Orchestrate allows you to interface with any of those technologies using TLS set-up with app-to-app authentication and encryption of communication.
Coming Soon: Integrated Smart Contract Security with MythX
One common problem faced by decentralized application users is whether they can trust the code that has been deployed on a smart contract at a given address. Complexity is double:
1. Has the smart contract been deployed using the correct code?
2. Is the implementation of the smart contract safe, i.e. no backdoors for potential attacks?
Orchestrate will soon integrate with MythX, a robust security API that will automatically audit and flag vulnerabilities in smart contracts whose code is available in the Orchestrate contract registry.
For more information on PegaSys Orchestrate, sign up for our webinar where you'll learn 'What You Need To Know Before Building Enterprise Applications on the Blockchain', or connect directly with our enterprise blockchain experts.