Governance & Policies
How to manage channel governance, organization policies, and consortium rules in Fabric networks.
Channel Policies
Every Fabric channel has policies that control who can read, write, and administer the channel. ChainLaunch lets you view and modify these policies.
Default Policies
When you create a channel, these default policies are applied:
| Policy | Default Rule | Controls |
|---|---|---|
| Readers | ANY member of any org | Who can query the ledger |
| Writers | ANY member of any org | Who can submit transactions |
| Admins | MAJORITY of org admins | Who can modify channel config |
| LifecycleEndorsement | MAJORITY of orgs | Who must approve chaincode |
| Endorsement | MAJORITY of orgs | Who must endorse transactions |
View Current Policies
curl http://localhost:8100/api/v1/networks/{networkId}/channels/{channelName}/config \
| jq '.channel_group.policies'
Modify Policies
See Update Channel for step-by-step policy modification.
Organization Governance
Adding an Organization
Adding a new org to a consortium requires approval from existing members:
- The new org creates their ChainLaunch instance and creates their organization
- An existing admin updates the channel to add the new org
- A majority of existing org admins must sign the config update
- Once approved, the new org's peers can join the channel
Removing an Organization
Removing an org follows the same approval process:
- An admin proposes removing the org from the channel config
- Majority of remaining org admins must approve
- The org's peers are disconnected from the channel
- The org's data on the ledger remains (immutable)
Removing an org does not delete their historical data from the ledger. All past transactions remain visible to remaining channel members.
Chaincode Lifecycle Governance
Fabric's chaincode lifecycle ensures all organizations agree on which smart contracts run on the channel.
Approval Flow
Define chaincode → Install on peers → Approve per org → Commit to channel
- Define: Package the chaincode with a label and version
- Install: Each org installs the package on their peers
- Approve: Each org's admin approves the chaincode definition
- Commit: Once majority approve, any org can commit to the channel
The LifecycleEndorsement policy controls how many orgs must approve (default: MAJORITY).
Upgrade Chaincode
To upgrade chaincode, increment the sequence number:
# Approve new version (each org)
chainlaunch chaincode approve --name mycc --version 2.0 --sequence 2 \
--channel mychannel --org Org1MSP
# Commit after majority approve
chainlaunch chaincode commit --name mycc --version 2.0 --sequence 2 \
--channel mychannel
Orderer Governance
Orderer Policies
The ordering service has its own policies:
| Policy | Default | Controls |
|---|---|---|
| Readers | ANY member | Who can fetch blocks |
| Writers | ANY member | Who can broadcast transactions |
| Admins | MAJORITY of orderer org admins | Who can modify orderer config |
| BlockValidation | ANY orderer org member | Who can validate blocks |
Adding/Removing Orderer Nodes
To add a new orderer (consenter) to a Raft cluster:
- Create the orderer node in ChainLaunch
- Update the channel config to add the new consenter
- The new orderer syncs the ledger and joins consensus
Add orderers one at a time and verify they've caught up before adding the next. Adding multiple orderers simultaneously can destabilize Raft consensus.
Consortium Management Best Practices
- Document governance rules — agree on policies before creating the network
- Use MAJORITY policies — prevents any single org from making unilateral changes
- Separate orderer org — consider a neutral orderer organization for the ordering service
- Regular policy reviews — audit channel policies quarterly
- Test policy changes in dev — always test config updates on a dev network first
Next Steps
- Update Channel for step-by-step policy changes
- Multi-Org Network for building consortium networks
- RBAC & Permissions for ChainLaunch's own access control