When you put a new network into production, you need to start actively monitoring your blockchain and auditing it. Here are five important steps you should take:
1. Know Your Network and Actors
The same security best-practices that apply to any other networked technology also apply to blockchains. Security should be the first thing you think about when you set up a new blockchain. With a private blockchain, you need to keep track of which nodes have access to the blockchain, and what roles they play. Some key metrics to track include:
- Authentication: unique IP addresses, network segments, usernames, access timestamps
- Network Statistics: amount of data transfered, node uptime, typical hours of operation
- Roles and Privileges: who has access to what, and does each role have the least privilege necessary
2. Benchmark Blockchain Performance
The next thing to worry about is whether or not your blockchain will be able to handle the projected load. You’ll want to run performance tests in a test environment (that simulates production as closely as possible) to measure key performance measures, like these:
- Total network bandwidth
- Transaction error rate
- Transaction throughput
- Transaction latency
- Node resource consumption (ie CPU, I/O, etc on each individual node)
3. Establish a Current Baseline
Once you know the maximum load your blockchain can handle, you’ll want to keep track of where you’re currently at on production. Baseline the same metrics as you benchmark, and you’ll be able to set up alerts that notify you a) when your blockchain performance begins to deviate away from what’s “normal”, and b) when you start getting close to the max you currently can handle.
4. Use Change Control for Smart Contracts
Changes to smart contracts (also known as “chaincode”) are propagated to the blockchain network through transactions themselves. The format of these smart contracts are usually opaque, machine-readable blobs of bytecode. To make sure everyone on the network is using the same version of a contract, and is aware of any changes that have been made to it, establish a change-control process for your smart contracts that includes at least these elements:
- Follow a written change-control plan
- Notify appropriate stakeholders at each stage of the process
- Maintain a log of each process step that was executed
5. Set Alerts for Critical Events
You’ll want alerts for all of the above, so you’ll know as soon as anything important happens. Set up alerts to notify you when:
- Nodes are added to or removed from the network
- Privilege changes are made
- Transaction error rates spike
- Transaction volume deviates from the baseline
- Smart contracts are updated
Need a Blockchain Monitoring Tool?
It can take a lot of work to maintain and monitor a blockchain. Here are a few tools that can help:
- Amazon Managed Blockchain: Makes it easy to set up a properly segmented blockchain network, as well as stand up test environments that closely match production.
- Hyperledger Caliper: Framework for benchmarking Hyperledger-based blockchains.
- BlocMonitor: Provides alerts, audit history, and real-time performance metrics for your blockchain.