A while back, Microsoft announced a pair of blockchain projects, bringing distributed ledgers to Azure. Project Bletchley and the Coco Framework provide tools to build consortium-based blockchains, operating without the overhead and performance penalties of proof-of-work and proof-of-stake operations, by limiting access to a known group of participants.
Those projects are now products, part of the Azure Blockchain Workbench. Available as a set of solution templates from the Azure Marketplace, the Blockchain Workbench contains all the services and components needed to build and run your own blockchain applications. Once installed, it automatically provisions Azure Event Grid, Azure Service Bus, a SQL Database, storage accounts, key vaults, app services, VMsm, and virtual networks, as well as monitoring and management tools.
Deploying Azure Blockchain Workbench
There’s a lot there, all wrapped up as a single resource group for deployment across one or more Azure regions. You’re charged using normal Azure billing, wrapping up the costs each of the services that it uses. While development costs are likely to be low, you’ll need to keep an eye on the usage of any live blockchains you build on the service.
Setting up your Blockchain Workbench requires adding appropriate usernames for the VMs, as well as database passwords. There’s support for SSH as well as standard Windows authentication, so you can use SSH RSA keys rather than passwords to increase the security of your instance—something that’s well worth considering if you’re building a financial or trading blockchain solution, or if you’re going to be managing from a Unix system.
Once the resource group is defined, you also need to set up additional features, creating the initial proof-of-authority nodes for your application, using the Ethereum blockchain. Along with creating a new blockchain, you add it to an Azure Active Directory to control access, as well as defining the VM size you’ll use for each node and the type of storage it’ll require. This last option determines the performance of your blockchain. Using proof-of-authority ensures your blockchain will be relatively fast, because only approved entities can write to your application’s blockchain.
If you’re attaching your Workbench install to an existing Ethereum network, it needs to be accessible and not be chargeable. Microsoft’s blockchains aren’t intended to cost you anything; they’re for trusted partners wanting to share information transparently. If you connect a Blockchain Workbench to an Ethereum network that uses proof-of-stake and needs funds, all your transactions will fail.
Once you’ve completed your configuration, Azure will deploy the Blockchain Workbench resource group. Because there are a lot of components, you may need to wait a while for your deployment to complete—though it shouldn’t take more than a couple of hours. You can then run an Azure Active Directory configuration script to complete setup, connecting to your blockchain through an Azure App Service URL. Once connected, you can register your Blockchain Workbench as an Azure app in the portal. This lets you control the URLs and APIs used, as well as manage permissions for users and for the blockchain itself.
Building applications on the Azure Blockchain Workbench
Blockchains aren’t only for digital currencies, and Microsoft’s consortium-based approach treats them as a tool for building interorganization workflows, where consortium partners treat an Azure-hosted Etherium application as a neutral platform for sharing information. Applications built on the Blockchain Workbench use it as a transparent ledger where all writes and all changes are visible to all the members of a consortium.
Building blockchain apps on top of the Blockchain Workbench is relatively simple, with the underlying infrastructure managed by Azure. You start by describing a workflow in a JSON document. This defines the participants in an interaction, along with the interaction itself. Interactions are at heart message-based, using requests and responses to handle the workflow. You also need to define the states that need to be stored in the blockchain, managing the steps of the workflow.
Because Blockchain Workbench is based on Ethereum, the code that handles the workflow needs to be written in Ethereum’s Solidity language. Based on ECMAScript, Solidity is a contract-oriented language, implementing smart contracts using functions to implement writing to and reading from the underlying blockchain, triggered by messages managed by the Ethereum workflow. Once a function is complete, it updates the transaction by calling a ContractUpdated function.
Controlling identity and authority with Azure Active Directory
Each function in an Ethereum app leaves an immutable trace in its blockchain, which is replicated across all the instances of your application in Azure and is visible to all members of your consortium. Members are managed via Azure Active Directory and can be added and removed using familiar tools, assigning roles that are defined by the blockchain workflow JSON. Azure Active Directory makes it easier to bring in users from different organizations, using its federation features to assign roles across corporate boundaries.
One advantage of using a framework like the Blockchain Workbench, along with its Azure integrations, is its predefined user interface, which has all the tools you need to upload new contracts, manage users, and handle contract actions. Users can handle the actions associated with their roles in a contract; for example, signing a document, posting a cryptographic hash of the signed document, and then saving the signed hash as an entity in the application block chain. Microsoft also provides PowerShell tools to help debug your applications.
Extending the blockchain with serverless applications
A new tool, the Azure Blockchain Development Kit, sits on top of the Blockchain Workbench, linking it to serverless technologies and providing connections to external services. With sample code on GitHub, it’s intended to simplify building applications around Microsoft’s blockchain tools. It’s important to make blockchain one of many tools in your application toolbox, stripping away the hype and using it to solve real problems.
Support for serverless technologies like Logic Apps will make it easier to automate blockchain applications. Instead of having to manually handle interactions, code can become part of the workflow, sending messages and handling data. By using Blockchain Workbench API endpoints, you can automatically call actions on your Ethereum smart contracts, as well as triggering actions based on state in the blockchain.
Perhaps the most interesting aspect of Microsoft’s approach to blockchain development is its support for accelerators to handle specific use cases and for implementation guides for devops. Building a library of design patterns and best practices like these is critical for enterprise adoption of blockchain technologies beyond experiments.