Private contracts and constellation

Private contracts are an out-of-the-box feature provided by Quorum for enabling data privacy. Private contracts are used for sharing information privately between two or more nodes without other nodes being able to see it. 

Let's look at what private contracts in Quorum are. Contracts that are deployed using private transactions are called private contracts. A private transaction is basically one whose payload (contract code for contract deployment or function arguments for calling functions, the data part of transactions) is shared point to point, outside of blockchain between a selected list of peers mentioned at the time of sending the transaction, and the hash of the payload is recorded in the blockchain by replacing the actual payload with the hash of the payload. Now, the nodes in the network check whether they have the content that hashes to the hash present in the blockchain as payload, and if yes, then they execute the original payload. Quorum forms two different states of the same blockchain: the public and private state. Private transactions form the private state, whereas public transactions form the public state. These states cannot interact with each other. But, private-private contracts can certainly interact with each other.

Quorum uses constellation for sending and receiving actual transaction payloads for private transactions. Constellation is a separate software built by J.P. Morgan. Constellation forms a network of nodes, each of which advertises a list of public keys that they are the recipient for. Each node exposes an API which allows the user to send a payload to one or more public keys. That payload will be encrypted for the public key before being transferred over to the recipient node. It exposes APIs via IPC for applications to connect to their constellation node and send or receive data. At a high level, if you are connected to a constellation network, then you just have to mention the public key of the recipient and the data is encrypted and sent to the IP address mapped to the public key. While sending a private transaction, the list of public keys and the transaction is only broadcast to the blockchain network once the payload is successfully sent to all the listed constellation nodes. If any listed constellation node is down, then the transaction fails and is never broadcast to the blockchain network. 

So, basically, before starting your Quorum node, you need to start your constellation node and then provide the IPC path for constellation to the Quorum node before starting the Quorum node. Then, your Quorum node uses the constellation for sending or receiving private transactions.

Private transactions are not the ultimate solution to achieving privacy in Quorum. They have various downsides. Following are some of them:

• Once you send a private transaction to a list of nodes, you cannot add new nodes to that list. For example, if you deployed a private contract that used for interbank transfers. Suppose initially the central bank was not part of the network, and later if they decide to join in then they won't be able to monitor the transactions because there is no way we can make the private contract visible to them nor the previous bank transfers visible to them. Although they can see the new private transactions, as they don't have the new private transactions they cannot execute the transactions and so will not be able to see the output.
• There is no way to check whether private transactions pointing to a private contracts have exactly the same list of public keys that were used while deploying the private contracts. This can lead to double spend attacks; in other words, you will be able to transfer the same assets twice. For example, it at the time of deploying contracts you mentioned three nodes A, B, and C. Now, when A is transferring assets it may exclude C from the private transaction and then later transfer the same assets to C by creating a new private transaction. There is no way for C to verify that the new owner of the asset is B. For this reason, private transactions aren't used for transferring digital assets, but private transactions can used for all other forms of data representation.
• You will need to build your own backup mechanisms for the constellation nodes. So, if your constellation node crashes, then it will not automatically get back payloads from the constellation network.