VMware Blockchain provides data archiving capability to store the entire blockchain data, starting from the genesis block, on an external storage device called an ObjectStore. The ObjectStore is the platform's source of truth. Saving the data from the genesis block is important because the VMware Blockchain Replica nodes have limited storage resources, and the data is pruned periodically.
Data archiving is performed using a Full Copy Client node. The Full Copy Client node is connected to the ObjectStore. The Full Copy Client receives the data stored on the blockchain deployment and saves it on the ObjectStore. Full Copy Client nodes do not participate in the BFT consensus process.
Data archiving is done in a trusted manner. Each Full Copy Client node has its own set of private and public TLS Keys. The public key of each Full Copy Client node is known to the Replica Network. Every block that is written on the Replica node is sent to the Full Copy Client node and stored on the ObjectStore over a TLS connection.
The Full copy Client then verifies whether the block has at least f+1 proofs and only then writes it into the ObjectStore. In addition, to maintain data integrity on the ObjectStore, signed checkpoint messages are also saved on the ObjectStore.
The Full Copy Client node interacts with the ObjectStore using the standard S3 APIs.
The Full Copy Client node is stateless, which means it does not contain data, and the data is stored in the connected ObjectStore. Therefore, if the Full Copy Client node goes offline temporarily, for example, due to hardware or networking failure, there is no data loss. After the operator restores the failed node and establishes a connection to the new Full Copy Client node, the ObjectStore receives data from the Replica Network until all the existing data is synchronized with the Replica Network.
See the Configuring the Deployment Descriptor Parameters section Full Copy Client Node Parameters table in the Using and Managing VMware Blockchain guide.
ObjectStore Integrity Tool
To maintain the data integrity in the ObjectStore, VMware Blockchain provides a data Integrity tool. The Concord operator container uses this tool to initiate a data integrity assessment on the data stored in the S3. The data integrity evaluation includes proof of origination and tamper-detection capabilities of the data stored on the ObjectStore.
In the Replica Network, a CheckPoint is created every certain amount of blocks to maintain data integrity on the Replica Network. These CheckPoints are also signed cryptographically and saved on the ObjectStore. As part of the data integrity validation, the tool verifies the existence of these signed CheckPoints.
See the Perform Data Integrity Assessment section in the Using and Managing VMware Blockchain guide for implementation steps.
Restoring a Blockchain from Archive Data
In a rare catastrophic failure scenario, where all the Replica nodes in the blockchain fail, users can use the archived data to restore the blockchain to its latest state.
The blockchain node restoration process involves two steps.
Restore the data from the latest snapshot backup.
Restore data from the latest block on the backup to the latest block available on the ObjectStore.
The entire restoration process is not performed from the ObjectStore, to avoid performance latency. The restoration process must be repeated on every Replica node in the Replica Network. See Perform Data Integrity Assessment section in the Using and Managing VMware Blockchain for implementation steps.
The snapshot backup data and the ObjectStore data are signed, which provides data integrity.