IoT to Hyperledger Fabric, and Tracing / Certifying data

Question

I'm thinking about IoT and Blockchain to certifying data.

My blockchain is not public, and it has 3 nodes. I use Hyperledger

So, I have a sensor, that is a light blockchain client, not powerful enough to be a full node. I want to send data to a Blockchain, but I have several issues.

My IoT object should not have Internet, so maybe I should send it to a local gateway connected to internet, and then send the data to the blockchain.

If my IoT object has internet, I would hide my Blockchain behing an API so that Blockchain is not publicly available like any other private DB.

My question about tracability / certification is about code I use:

• To extract data from sensor
• To code an API that would write into the BC
• All the smart contracts

I can certify that the ledger has not been altered by the administrator of my company, but how can I certify that my admin has not altered code listed on those 3 points ?

If I can't guaranty that code has not been altered, how should I certify my data ?

Answer 1

I can certify that the ledger has not been altered by the administrator of my company, but how can I certify that my admin has not altered code listed on those 3 points ?

If I can't guaranty that code has not been altered, how should I certify my data ?

You can’t, and this is the problem with ‘supply chain tracking’ and other such ‘blockchain’ scams.

A blockchain cannot trustlessly certify data from the real world. A user would need to trust that the sensors (or some other oracle) have truthfully uploaded data to the chain.

After all, what is to stop someone from uploading false data? You could only allow ‘certified sensors’ to upload data, but now everyone needs to wholly trust the manufacturers of those sensors. Obviously this is an issue, since the goal of ‘supply chain tracking’ is to apparently reduce potential for abuse / provide more reliable data.

And so in the case where we need to trust some authority to upload truthful data, why not just let that authority provide us with a ~centralized database of that data? This would be an immense cost savings, considering how slow and expensive a blockchain is to run.