You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/private-networks/concepts/permissioning/index.md
+6-28Lines changed: 6 additions & 28 deletions
Original file line number
Diff line number
Diff line change
@@ -10,14 +10,12 @@ tags:
10
10
11
11
A permissioned network enables node permissioning and account permissioning, allowing only specified nodes and accounts to access the network.
12
12
13
-
:::caution Permissioning is not privacy
13
+
:::caution Permissioning in peer-to-peer networks: challenges and enforcement
14
14
15
-
In peer-to-peer networks, node permissioning enforces rules on nodes you control.
15
+
In peer-to-peer networks, permissioning enforces rules on nodes you control.
16
16
17
17
Permissioning requires a distributed network of trust across the network where participants agree to follow the rules. One bad actor can decide not to follow the rules. Nodes can take action to prevent the bad actor from adding to the chain but they cannot prevent the bad actor from allowing access to the chain.
18
18
19
-
Besu also implements [privacy](../privacy/index.md).
You can specify permissioning [locally](#local) or [onchain](#onchain-deprecated).
42
-
43
-
### Local
37
+
## Specify local permissioning
44
38
45
-
[Local permissioning](../../how-to/use-permissioning/local.md) works at the node level. Each node in the network has a [permissions configuration file].
39
+
[Local permissioning](../../how-to/use-local-permissioning.md) works at the node level. Each node in the network has a [permissions configuration file], which can be used to configure node and/or account permissioning rules.
46
40
47
41
Local permissioning affects your node but not the rest of the network. Use local permissioning to restrict use of your node (that is, the resources under your control). For example, customers are able to access your node.
48
42
49
43
Local permissioning does not require coordination with the rest of the network and you can act immediately to protect your node. Your rules are not enforced in blocks produced by other nodes.
50
44
51
-
### Onchain (Deprecated)
52
-
53
-
:::caution
54
-
55
-
Onchain permissioning is deprecated in Besu version 24.12.0 and later. Please read this [blog post](https://www.lfdecentralizedtrust.org/blog/sunsetting-tessera-and-simplifying-hyperledger-besu) for more context on the rationale behind this decision as well as alternative options.
56
-
57
-
:::
58
-
59
-
[Onchain permissioning](onchain.md) works through a smart contract on the network. Specifying permissioning onchain enables all nodes to read and update permissioning configuration from one location.
60
-
61
-
Onchain permissioning requires coordination to update the rules. The network might not be able to act immediately (for example, the smart contract might enforce a minimum number of votes before changing permissioning rules).
62
-
63
-
When you update onchain permissioning, the update applies across the network and new blocks abide by the updated rules. For example, blocked accounts can no longer add transactions to the chain.
64
-
65
-
The following diagram illustrates applying local and onchain permissioning rules.
0 commit comments