1. Oracle Blockchain Platform Digital Assets Edition
  2. Wholesale Central Bank Digital Currency Application
  3. Wholesale CBDC Sample Application and Analytics Package
  4. Wholesale CBDC Sample Application
  5. Wholesale CBDC Sample Application Prerequisites

Wholesale CBDC Sample Application Prerequisites

Before importing the Oracle Visual Builder sample application package, it is essential to complete several prerequisites, including the creation of all required Oracle Cloud Infrastructure (OCI) resources and Oracle Identity Cloud Service (IDCS) groups as outlined below.

Visual Builder Cloud Service

The Wholesale CBDC application sample is built using Oracle Visual Builder Cloud Service. The package needs to be imported into Visual Builder to use it.

For more information on Visual Builder, see Visual Builder.

  1. Sign in to your Oracle Cloud Infrastructure account.
    Ensure you're in the correct compartment where you'll deploy the sample application.
  2. In the Console, click the Navigation menu in the top-left corner.
  3. Under Developer Services, select Visual Builder.
  4. In the Visual Builder interface, click Create Instance.
    1. Enter an instance name and choose the default network access or another option as needed.
    2. Click Create Visual Builder Instance.
Once Visual Builder is provisioned, you can explore Visual Builder Designer which is the interface you'll use to interact with the wholesale CBDC sample app. See Tour the Designer.

Provision Autonomous Database

All account transaction data is stored in and fetched from the rich history database. To use the rich history database, you must create an Oracle Autonomous Database.

For additional information on the rich history database in Oracle Blockchain Platform, see Create the Rich History Database.
  1. Sign in to your Oracle Cloud Infrastructure account.
    Ensure you're in the correct compartment where you'll deploy the sample application.
  2. In the Console, click the Navigation menu in the top-left corner. Select Oracle Database.
  3. Select Autonomous Data Warehouse, Autonomous JSON Database, or Autonomous Transaction Processing based on your workload.
  4. Click Create Autonomous Database.
    • Display Name: A user-friendly description (not unique).
    • Database Name: Must consist of letters and numbers only (maximum 30 characters).
    • Workload Type: Select Transaction Processing.
    • Deployments Type: Select the default Serverless.
    • Configure the database: Adjust the CPU and storage settings according to your requirements. However, the CBDC Application is designed to function effectively with the default values, so there is no need to modify these settings for the CBDC Application.
    • Backup retention: Keep the default settings.
    • Network:
      • Access Type: Select Secure access from allowed IPs and VCNs only.
      • Access control list: Select CIDR block from the IP notation type, and enter the value 0.0.0.0/0.
      • Mutual TLS (mTLS) authentication: mTLS is not required.
  5. After you select the settings, click Create Autonomous Database.
    When the provisioning is complete, the Lifecycle State will be Available.

Provision Oracle Blockchain Platform Digital Assets Edition

You must have an Oracle Blockchain Platform Digital Assets Edition instance provisioned for the sample application to use.

Users can create Oracle Blockchain Platform Digital Assets Edition instances with any name; however, the application supports one Central Bank as the founder of the Oracle Blockchain Platform network and six Financial Institutions (FI1, FI2, FI3, FI4, FI5, and FI6) as participant organizations within the network.

To ensure proper configuration, users must update the details of the founder organization in the Central Bank (CB) section and the participant organizations in the Financial Institution (FI) section. It is essential to maintain a fixed order for the participant organizations: FI1 corresponds to Participant 1, FI2 to Participant 2, and so on. The same details should be used to update the respective FI details accordingly.

  1. Sign in to your Oracle Cloud Infrastructure account.
    Ensure you're in the correct compartment where you'll deploy the sample application.
  2. In the Console, click the Navigation menu in the top-left corner.
  3. Under Developer Services, select Oracle Blockchain Platform.
  4. Click Create Oracle Blockchain Platform.
    1. Instance/Display Name: Must contain 1-15 characters, starting with an ASCII letter.
    2. Description: Enter an optional description for your instance.
    3. Platform Role: Choose Create a new network to create a founder organization. For a participant instance, choose Join an existing network.
    4. Platform Version: Choose Hyperledger Fabric v2.5.x.
    5. Edition: Select Digital Assets.
  5. Review your settings and click Create.
    The instance can take approximately 15 minutes to create. You'll receive notification once it's complete.

Create Users and User Groups with Oracle Identity Cloud Service

The CBDC application supports 11 personas, and the corresponding 11 application roles have already been created in the Visual Builder package. These roles are necessary to define the permissions and access levels for each persona in the application.

For a complete list of the roles and their operations, see Wholesale CBDC Application Workflow.

Application roles in Visual Builder are created to:

  • Define Access Levels: Each persona (example, Central Bank Admin, Participant User) has specific permissions and access requirements in the application. Application roles ensure that users only see and interact with the features relevant to their role.
  • Enable Role-Based Access Control (RBAC): By mapping IDCS groups to these roles, you can control who has access to what within the application.
  • Simplify User Management: Instead of assigning permissions to individual users, you assign them to roles, and users inherit these permissions through their IDCS group membership.

Overview

The IDCS groups for 1 Central Bank (CB) and 6 Participants have already been mapped to these application roles in Visual Builder. This means you only need to create IDCS groups and add users to those groups as listed in the table below. The IDCS groups are already mapped to the corresponding application roles in Visual Builder. Once users are added to the groups, they will automatically get the correct access to the application.

You'll create the groups described in the table below, and add users to them. By creating the IDCS groups with the exact names provided and adding users to these groups, you can easily enable role-based access to the application. The mapping between IDCS groups and Visual Builder roles is already configured, so no further setup is required.

For additional informing on creating IDCS groups and managing users, see: Manage Oracle Identity Cloud Service Users and Manage Oracle Identity Cloud Service Groups.

Table 3-1 Application Roles and their IDCS Groups and Bank Names

S NO Application Role IDCS User Groups Bank Name
1 CBDC_ADMINS CB_CBDC_ADMINS CB
2 CBDC_AUDITORS CB_CBDC_AUDITORS CB
3 CBDC_CREATORS CB_CBDC_CREATORS CB
4 CBDC_ESCROW CB_CBDC_MANAGERS CB
5 CBDC_ISSUERS CB_CBDC_ISSUERS CB
6 CBDC_RETIRERS CB_CBDC_RETIRERS CB
7 FI_ADMINS FI1_CBDC_ADMINS (repeat this pattern for remaining participant orgs like <org>_CBDC_ADMINS) FI1, FI2, FI3, FI4, FI5 and FI6
8 FI_CBDC_USERS FI1_CBDC_USERS (repeat this pattern for remaining participant orgs like <org>_CBDC_USERS) FI1, FI2, FI3, FI4, FI5 and FI6
9 FI_CBDC_OFFICERS FI1_CBDC_OFFICERS (repeat this pattern for remaining participant orgs like <org>_CBDC_OFFICERS) FI1, FI2, FI3, FI4, FI5 and FI6
10 FI_CBDC_MANAGERS FI1_CBDC_MANAGERS (repeat this pattern for remaining participant orgs like <org>_CBDC_MANAGERS) FI1, FI2, FI3, FI4, FI5 and FI6
11 FI_CBDC_AUDITORS FI1_CBDC_AUDITORS (repeat this pattern for remaining participant orgs like <org>_CBDC_AUDITORS) FI1, FI2, FI3, FI4, FI5 and FI6

Create Groups

  1. Sign in to your Oracle Cloud Infrastructure account. Ensure you're in the correct compartment where you'll deploy the sample application.
  2. In the Console, click the Navigation menu in the top-left corner. Click Identity & Security. Under Identity select Domains.
  3. On the Domains page, click Oracle Identity Cloud Service to open the Domains Overview page.
  4. Click Groups. Click Create Group.
    • Name: Enter a unique name for the group (example CB_CBDC_ADMINS).
    • Description: Provide a brief description of the group's purpose.
    • To allow users to request access to this group, select the option User can request access.
    Click Finish.

Create Users and Assign Them to Groups

  1. On the Domains Overview page, click Users.
  2. Click Create User.
    • First Name: Enter the user's first name.
    • Last Name: Enter the user's last name.
    • User Name / Email: Enter a valid email address or username for login.
    • Email: Enter the email address for communication and account activation.
  3. On the Assign Group page, you will see a list of existing groups.
  4. Select the checkbox next to each group you want to assign this user to. Ensure you select the appropriate group that aligns with their role (example CB_CBDC_ADMINS).
  5. After selecting the desired groups, click Finish to complete user creation.

Verifying Users and Groups

  1. After creating groups and adding users, return to the Groups section in the IDCS Console.
  2. Verify that all created groups and added users are listed correctly.