My concern is regarding having a GPDR compliant scenario where private information can be delated. After testing deletePrivateData function in my chaincode, I could observe how the private data is successfully deleted. Nevertheless, I realised there are logs with sensitive information that remain stored in the peers.
I've read these logs are used for data recovery in the case is needed at some point. Anyhow, if the private data is erased shouldn't these information be deleted from the logs too?
Once the private information is deleted from private data, the information in this logs is still visible (not even encrypted). Please, check what can be seen in the logs:
As you can see, the information is readable although the details of this worker have been erased from private data. Creepy. Of course, these logs are in the peers who are part of organizations included in the collection. Specifically, these logs can be found in:
and in the case couchdb is not used but stateLeveldb (by default), here as well:
I wonder if Hyperledger Fabric should fix this in future versions coming.