Min Read

Kaleido PrivateStack General Availability: Third generation permissioned blockchain for hybrid, cross-cloud networks

Kaleido PrivateStack General Availability: Third generation permissioned blockchain for hybrid, cross-cloud networks
Since this post was written, Hyperledger FireFly has reached 1.0. Learn more here!

There are many reasons permissioned blockchain has been the architecture of choice for the overwhelming majority of enterprise blockchain adoption so far:

Control over the business network

Control over who is transacting.
Control over who has access to data.
The signatures that count towards consensus and finality.
Physical network security.

Speed to value

Reduced regulatory complications.
Simplified network governance.
Coordinated upgrades to network and app infrastructure.

Fit for purpose technology

Transaction scale.
Anonymity of transactions participants (gas free running).
Blockchain native privacy models (Corda, Quorum, Hyperledger Besu / Fabric).
Off-chain file and data transfer.
Advanced cryptography - zero-knowledge and secure compute.

All of these considerations remain as relevant today, as they were in 2015 at the dawn of enterprise blockchain.

To date business networks have faced a binary choice: 

1. Prioritize decentralization of the infrastructure

Require each participant to maintain their own highly-available infrastructure, in their own Cloud VPC or on-premise data-center, and cross connect it to every other participant when they join the network.

  • Many of these networks have taken years to make progress towards production, and struggle with scaling to get the network effects that demonstrate return on the initial investment.

2. Prioritize decentralization of the business transactions

Provide fully managed self-service infrastructure with rapid onboarding, that is automatically cross-connected to every other network participant, while ensuring every participant has their own sovereign keys and data.

  • We’ve seen these networks get to production more quickly, and focus on the high-value digital transformation of their industry. Sometimes, the large enterprise participants in these networks feel they relinquish too much control over the infrastructure and data.

Kaleido makes having both a reality

Since the beginning of the Kaleido project, we’ve been working with real business networks to address this last fundamental challenge of permissioned blockchain.

To let network participants have their cake, and eat it too. 

Announcing PrivateStack

Today we’re proud to announce that Kaleido’s first of a kind solution to this challenge is Generally Available and ready for production use.


PrivateBtack workflow illustration

Now in Kaleido, we provide decentralized solutions for every level participation seen in enterprise blockchain networks:

High investment members who are the trust anchors of the network:
  • Run nodes in your own private data center, or private cloud VPC
  • Have full control over every aspect of the software and infrastructure stack
  • Demonstrate infrastructure decentralization of the network validators
  • Meet strict IT security requirements with tech designed for enterprise
The network operator entity or board of trustees:
  • Make the blockchain plumbing a simple part of the application stack
  • Allow new members to onboard, while retaining a fully interconnected business network - including with privately hosted nodes
  • Retain visibility of the health of the infrastructure
  • Retain control of permissioning and governance
Full participation network members:
  • Have your own fully managed blockchain node in seconds in AWS or Azure
  • Run multi-region, multi-cloud with fully-managed infrastructure
  • Enterprise grade high availability (HA) and disaster recovery (DR)
  • Key management, including AWS & Azure cloud HSMs and HashiCorp Vault
  • REST APIs and Event Streams to integrate to your existing apps & infra
  • Off-chain private file and data transfer, with strong identity and encryption
The “long tail” of network participants:
  • Connect to a multi-tenant node, without needing any IT investment
  • Secure signing keys and data, dedicated to you
  • Visibility into how blockchain makes the business network decentralized
End users:
  • Secure connectivity into the network (OAuth / Open ID connect)
  • Custodial or non-custodial key management

PrivateStack Technology

Our PrivateStack technology has had a long incubation period, because we needed to ensure we got the foundations right throughout the Kaleido platform. In fact, release of the technology represents the third generation of our infrastructure platform:

  • Gen1 (2018): Fully-managed hosted blockchain, with decentralized ownership
  • Gen2 (2019): Multi-region, multi-cloud, firewall protected permissioned networks
  • Gen3 (2020): Seamless hybrid deployment, retaining security and full connectivity

The PrivateStack software package itself provides you with two key components:

1. PrivateStack Network Bridge

Combines forward & reverse proxies, secure network bridging via industry standard DMZ friendly networking, and dynamic configuration management. Designed to put you in full control of your network security, while retaining bi-directional connectivity to and from the whole business network.
2. PrivateStack Agent

Simplifies the creation of your private self-managed node into a single command. Provides a secure API to bootstrap your node into the business network, and share its public identity with other nodes in the same Kaleido environment. A cut-down version of the agent we run for nodes in the Kaleido fully-managed platform, it provides your organization enough with enough connectivity to ease on-boarding, without compromising the integrity of your private keys and data.

With this approach, we’ve been able to keep the OSS core blockchain protocol itself untouched. We’re also able to support all protocols, regardless of their choice of networking and consensus algorithm. Today we support:

  • Corda
  • Hyperledger Besu + Orion private transaction manager
  • Quorum + Tessera private transaction manager
  • Go Ethereum

Getting Started

Look out for an upcoming Walkthrough Wednesday where we will demonstrate the feature end to end, and show you how easy it is to get your own node running with PrivateStack fully interconnected with the rest of your multi-region, multi-cloud and hybrid borderless blockchain network.

Create environment illustration

Interested in Blockchain?

Start learning blockchain and creating enterprise solutions today with a free Kaleido account!

Create Free Account
Don't forget to share this article!
Interested in Blockchain?

Start learning blockchain and creating enterprise solutions today with a free Kaleido account!

Create Free Account

The Ultimate Enterprise Blockchain Glossary

Your guide to everything from asset tokenization to zero knowledge proofs

Download Now

Swift Utilizes Kaleido in New CBDC Sandbox

Learn how Swift, the world’s leading provider of secure financial messaging services, utilizes Kaleido in its CBDC Sandbox project.

Download Now

Related Posts

Comparing Hyperledger Fabric and Hyperledger Besu: A Deep Dive

Powerhouse Enterprise Protocols: A Comparison of Hyperledger Fabric vs Hyperledger Besu

How to Use the ERC-1400 Standard for Compliant Blockchain Securities

How to Use the ERC-1400 Standard for Compliant Blockchain Securities

Marc Lewis
Managing Editor
How to Manage Digital Asset with Our Next-Gen Asset Manager Service

Asset Manager Service: A Next-Gen Engine for Managing Digital Asset & Tokenization Projects

Marc Lewis
Managing Editor

Blockchain made radically simple for the enterprise

No Credit Card Required
ISO27K & SOC2 Type 2 Compliant
Free Training & Support