Quickstart API Reference Blog

Hyperledger Fabric Setup (BYO)

Connect your own Hyperledger Fabric network to Anchora. You bring peers, orderer, CA, and X.509 identity — Anchora deploys the anchora-anchor chaincode and starts anchoring batches.

What you need before starting

  • A running Hyperledger Fabric network (v2.5+) — peers, orderer, and CA reachable over TLS
  • One channel where Anchora can install the anchora-anchor chaincode
  • An X.509 identity for Anchora — cert (.pem) + private key (.pem) issued by your CA
  • Your connection profile (YAML or JSON) with peer endpoints, orderer, and TLS roots
  • An Anchora project on the Console
No Fabric network yet? You can spin up a single-node dev network with Microfab in under 60 seconds for evaluation. Production deployments should use a multi-org, multi-peer topology with HA orderers.

Step 1: Create a project with "Private" strategy

In the Console, click New Project. Pick Private (Hyperledger Fabric BYO) as the Anchoring Strategy. Give it a name + environment (dev / staging / prod). Skip the wallet step — Fabric projects don't use EVM wallets.

Step 2: Gather your Fabric materials

From your Fabric network, collect:

  • Client certcert.pem from the MSP folder of an enrolled identity
  • Private key — the matching priv_sk (or .pem) from keystore/
  • MSP ID — e.g. Org1MSP
  • Channel name — e.g. mychannel
  • Peer endpoint(s) — e.g. grpcs://peer0.org1.example.com:7051
  • TLS CA root — the CA cert that signed your peers' TLS certs

Step 3: Import the identity in Console

Open Project Settings → Blockchain → Import Fabric Identity and paste/upload:

  1. The client cert .pem contents
  2. The private key .pem contents
  3. MSP ID + channel name + peer endpoint + TLS root

Anchora encrypts the private key with AES-256-GCM at rest and never logs it in plaintext. The cert's NotAfter field is parsed and stored as certExpiresAt for the expiry monitor.

Step 4: Deploy the chaincode

From the same Settings page, click Deploy Chaincode. Anchora installs the anchora-anchor Go chaincode on your channel and runs a smoke test: it submits a single anchor + reads it back. On success, the project is marked ready and starts queuing records.

The anchora-anchor chaincode in one paragraph

Stores Merkle roots in PrivateData (collection: anchoraCollection) keyed by batchId. Exposes AnchorBatch(batchId, merkleRoot, timestamp) for writes and GetBatch(batchId) + GetRoot(batchId) for reads. ~200 lines of Go. Open source — you can audit, fork, or self-host. Source: anchora_vaas/contracts/fabric/anchora-anchor/.

Step 5: Anchor a test record

From the Console, navigate to Verify and click Anchor Test Record. Or use the SDK:

JavaScript 
import { AnchoraClient } from '@anchora/sdk';

const client = new AnchoraClient({
  apiKey: 'dcp_live_...',
  projectId: 'proj_...'
});

const result = await client.anchor({
  data: { orderId: 'ORD-001', amount: 100.50 },
  hashOnly: true,
  webhookUrl: 'https://your-app.com/anchora-webhook'
});

console.log(result.hash, result.recordId, result.status);
// → 63e33ef9...   6a030d25...   QUEUED

The worker picks the record up within ~30s, batches it (or batches a single record if no others are queued), and submits to your Fabric channel via fabric-gateway. The webhook fires when the anchor lands.

Expected webhook payload (Fabric)

JSON 
{
  "type": "ANCHORED",
  "hash": "63e33ef9...",
  "recordId": "6a030d25...",
  "chainType": "fabric",
  "networkId": "fabric-byo",
  "blockNumber": null,
  "transactionHash": "95cfed3ad9...",
  "batchId": "7",
  "anchoredAt": "2026-05-12T11:21:10.736Z",
  "merkleProof": ["0x70bdd5..."],
  "metadata": {}
}

Cert expiry monitoring

Anchora monitors certExpiresAt on every Fabric project and emails the organization owner at 30 / 7 / 1 days before expiry. Email comes from noreply@anchora.co.in.

To re-arm warnings: enroll a fresh identity from your Fabric CA, then re-import in Project Settings → Blockchain → Import Fabric Identity. Records anchored under the old cert remain valid — the cert only signs new submissions, it doesn't sign existing data.

Verifying a Fabric record

Same API as EVM, but the response now includes chainType: "fabric" and the onChainMerkleRoot comes from your chaincode (not Polygonscan).

cURL 
curl -X POST https://api.anchora.co.in/v1/verify \
  -H "Authorization: Bearer dcp_live_..." \
  -H "X-Project-Id: <projectId>" \
  -H "Content-Type: application/json" \
  -d '{
    "data": {"orderId": "ORD-001", "amount": 100.50},
    "hash": "63e33ef9..."
  }'

Troubleshooting

"Failed to connect to peer"

  • Confirm peer endpoint is reachable from Anchora's worker (Railway IP). If you're behind a firewall, allowlist worker IPs from the Console Worker Allowlist page.
  • TLS root must match the CA that signed your peer's TLS cert (different from the CA that signed your client identity).

"Chaincode not found on channel"

  • Anchora's chaincode install requires your identity to have peer.lifecycle.chaincode admin permission. If your identity is read-only, install the chaincode manually using the source in contracts/fabric/anchora-anchor/ and tick "Skip auto-deploy" in Settings.

"Cert expired"

  • Enroll a fresh identity from your CA and re-import. Anchora can't auto-renew because your CA controls enrollment policy.

"Webhook never fired"

  • Check Console → Webhooks tab for delivery attempts. Anchora retries with exponential backoff (1s, 2s, 4s, 8s, 16s, max 5 attempts). After 5 failures, the webhook is marked failed and surfaced in the UI.

Next Steps

Hybrid Mode
Anchor to Fabric AND Polygon at once
Multi-Chain Anchoring
Webhook & verification payload shapes
Webhook Reference
Full payload shapes + retry behavior