Kaleido: Private Blockchain in Few Clicks

In this article, we will share our experience of working with Kaleido and provide insights into its functionality and capabilities.

Challenge tradition, embrace improvement...

Under this motto, I embarked on the search for a solution when our client tasked us with rapidly developing a blockchain-based supply chain. Considering the enormous volume of operations expected to flow through this supply chain, using a public blockchain was out of the question. Thus, I began exploring solutions for a private blockchain. This time, I had no desire to manually deploy nodes in the cloud or involve DevOps in the process. Therefore, I turned my attention to third-party services that handle the complexities of setting up and maintaining remote blockchain nodes. In this report, I will not compare such services, as that topic warrants a separate article. I will simply mention that, with the client's agreement, I opted to utilize a service like Kaleido.

Without further ado, let's proceed to the main part of this article. After completing the registration process (which took me a couple of minutes), we are greeted by a minimalist button inviting us to experience this service in action.

In the first window after clicking the button, we enter the network name and provide a brief description of its purpose. Next, we have the option to select the server location for our network, which is quite convenient. Since our client is solely focused on the American market, choosing a server location within the United States will slightly expedite each request, thereby enhancing the user experience.

Now, we have successfully created our network. Kaleido once again greets us with its minimalist design in the flow, which personally pleases me. Next, we are prompted to proceed with creating the blockchain environment.

At the second stage, we have a few more options to choose from. Kaleido provides not only the ability to create a private blockchain but also a multitude of more specialized solutions based on blockchain technology (such as NFT marketplaces, digital asset platforms, sidechains, etc.). However, discussing these options would require a separate article. This time, we select the standard blockchain service and proceed further.

When it comes to creating a private blockchain, Kaleido offers a diverse range of solutions, all of which are industry gold standards and proven over time.

At the start of the project, our team had already decided to use an Ethereum-like blockchain such as Hyperledger Besu or Quorum, as the ability to write smart contracts in Solidity was most comfortable for us.

The second window may be a bit confusing if you have already made up your mind about using a specific solution (as was the case with us, focusing on Hyperledger Besu). This is because all Ethereum-like solutions are categorized under Ethereum, and the option to specify the solution will appear later.

The next step involves specifying the name for our blockchain network, Deployment Options (hybrid options available only on the paid plan), and proceeding confidently.

Finally, we can select the specific blockchain solution that suits our needs. The list, while not extensive, includes industry leaders. In this window, we can also perform basic network configuration by choosing the consensus algorithm, network ID, block generation period, and more.

We select Hyperledger Besu with default settings and Proof of Authority consensus and proceed further.

Well, excellent! We have now created our network with just 20 mouse clicks and inputting the network name and description. The next step is to create the first node for our network. In the same minimalist design, there is a single button that allows us to create a node. In the paid plans, we have the option to choose the sizes of each created node based on the anticipated workload.

In addition to this, we are presented with extensive capabilities for node configuration and security. However, at this stage, we can leave everything as it is and make changes as needed later on.

Now, congratulations on successfully creating your fully operational blockchain network!

Now comes the final step. We need to configure several modules to interact with the blockchain externally, handle wallet management, and deploy our first smart contract to this network.

Let's start by creating endpoints and RPC URLs so that our backend can communicate with this network. To do this, we simply navigate to the Security section on the left sidebar and select the App Credentials section.

In this section, we initialize new credentials for our network and obtain everything we need to start working with the network from external resources.

I recommend immediately storing all the information obtained on this tab in a secure location, as Kaleido does not allow you to view them again for security reasons.

You can create new credentials as many times as needed. This allows you to group users who will be accessing the network. In combination with this grouping, the Application Firewall module has proven to be effective, as it allows you to configure permissions for each individual set of credentials. This can be particularly useful when, for example, you need to directly connect the frontend to the network. In such cases, credentials can be easily obtained through the DevTools in the browser. Therefore, credentials that are only used in the browser can be restricted to read-only permissions, while separate credentials can be created for the backend with write access.

One important note is that the Application Firewall module is unfortunately only available starting from the Business tier.

I would also like to highlight another important aspect, in my opinion. As you can see, the JSON-RPC endpoint includes credentials - a login and password. We encountered an issue when trying to use this endpoint with JSON providers from the web3 and ethers.js libraries due to these credentials. The solution we found was to use a WebSocket provider with a wss link, which worked perfectly in this case. However, if you prefer to avoid dealing with these libraries altogether, you can use the REST API Gateway to invoke smart contract functions as endpoints on the backend. For our specific needs (directly sending transactions to the blockchain without using smart contracts), it was crucial to leverage the functionality and capabilities of the ethers.js library.

Now we need to connect the HD-wallets module to easily create new participants and associate them with specific wallets. To do this, simply navigate to the Key Management section (still on the left sidebar) and select the Managed Wallets section. From there, we can connect the HD-wallets module to our network.

In the opened flow, we provide a name for our module and select the desired module type (in this case, we have chosen the familiar HD-wallets).

Within this module, we need to complete the creation of an HD-wallet instance by clicking the "Create" button. We should securely store the Recovery Passphrase for our credentials in case of data loss.

Now, we can manually create wallets or automate this process on the backend using the API, integrating it into our new user registration flow. The documentation for the API is provided on the same page, and it is easy to understand how to use it. Most importantly, we do not need to store any user keys in our database as this module takes care of that for us. We only need to store the index of the newly created wallet by this module.

Now let's proceed with implementing our first business logic, namely deploying a smart contract to the network. To do this, we return to the dashboard of our network. Once again, in the left sidebar, we select the "Apps" section and navigate to the "Smart Contracts" section.

In the opened flow, we have four options to upload our smart contracts. Since I prefer the traditional approach of writing and testing smart contracts in Hardhat within my IDE, I choose the option to "Upload file with source code". I provide a name for my application that will utilize the smart contract and proceed to upload the contract file. After that, I specify the name of the main contract in the selector and select the compiler version and EVM.

However, even after successfully completing the flow, we cannot yet use the smart contract. It needs to be deployed, so we select the corresponding button to initiate the deployment process.

Next, we open the API and make a POST request to the constructor method. After successfully completing this step, we can finally use our smart contract. Don't forget to save the contractAddress from the response body if you wish to interact with the functions of this contract via the JSON-RPC endpoint rather than through the API gateway.

Now, returning back to our application, we have access to all the smart contract functions as endpoints. We can substitute them into the previously created credentials to execute the smart contract functions or simply retrieve data from it.

Well, that concludes our report. As you can see, with Kaleido, creating your own blockchain network has been simplified to a few dozen clicks and just one hour of time (though I believe you will be able to do it much faster).

Kaleido offers a variety of interesting modules and features to customize your network according to the goals and needs of your specific project. In this article, we discussed the most basic ones to get your network up and running and allow the core components of your application to interact with it. The complete functionality is thoroughly documented in the Kaleido developer documentation available on their website. Overall, as a developer, I found this service to be a true gem, especially considering tight deadlines.

Thank you for your attention, and best of luck!