Privacy
Warning
Orion features have been merged into Tessera! Read our Orion to Tessera migration guide and about all the new Tessera features.
In Besu, privacy refers to the ability to keep transactions private between the involved participants. Other participants cannot access the transaction content or list of participants.
Important
For production environments requiring private transactions:
- We recommend using a network with a consensus mechanism supporting transaction finality. For example, IBFT 2.0.
- Tessera must be highly available and run in a separate instance to Besu.
Using private transactions with pruning or fast sync is not supported.
Private transaction manager
Besu uses a private transaction manager, Tessera, to implement privacy. Each Besu node sending or receiving private transactions requires an associated Tessera node.
Private transactions pass from the Besu node to the associated Tessera node. The Tessera node encrypts and directly distributes (that is, point-to-point) the private transaction to the Tessera nodes participating in the transaction.
By default, each participant in a privacy network uses its own Besu and Tessera node. Multi-tenancy allows more than one participant to use the same Besu and Tessera node.
Tip
Private Transaction Managers are also known as Enclaves.
Reorg-compatible privacy
In v1.4, using private transactions in a network using a consensus mechanism where forks occur (that is, PoW algorithms or Clique) is an early access feature. For example, using private transactions on Ropsten.
Do not use private transactions in production environments using consensus mechanisms where forks occur.