Layer 1

Trade, trace and finance agri-supply chains.


Geora is a blockchain-based platform for managing, monitoring, and securing agricultural supply chains. Geora provides digital infrastructure and tools that allow users along agricultural supply chains to build trade and finance solutions using the Track, Secure, Build, and Network capabilities of the platform. This document contains an overview of the technical design and implementation of Geora, including a breakdown of its components and the technologies used.


Geora is a hybrid blockchain system composed of three layers: 

Network layer

Contains core logic and immutable, verifiable data, using the Ethereum blockchain and IPFS¹ decentralised storage network, and secured by consensus amongst participants.

Business logic layer

Contains application logic, including smart contracts encoding financial agreements and supply-chain workflows, and simplifies access to the platform by providing key management and efficient data storage.

Access layer

Contains customer-facing tools for building and using rich workflows on the platform, tailoring it to the customer’s supply chain.

In this section, we will elaborate on each of these layers, and the components within.

¹ The Interplanetary File System is a distributed data storage solution which shares files across a global network of nodes.

Network Layer

The protocol layer is the source-of-truth for data in Geora.

A private, distributed network of Ethereum nodes contains asset, certificate, and broader supply-chain data. Core logic is encoded into smart contracts on the network, which govern asset ownership, permissions, and verifiable digital certifications. All participants of the network are able to verify that the logic is correctly executed.

Data stored in the protocol layer is immutable and versioned; meaning each update to the system adds another layer to its history. This history cannot be rewritten, providing an auditable record of changes to any data in the protocol, as well as an execution record for all workflows and financial agreements. The histories of these workflows can be accessed and analysed by tools in the higher layers.

Geora has developed infrastructure to scale and manage the private network, including a transaction nonce manager² and a custom Ethereum node plugin, that simplify permissioned access by higher layers.

This layer also stores encrypted certificates in IPFS, which are hashed and attached to assets in the Ethereum smart contracts - preventing any centralised point of failure for digital certificate storage.

² A nonce manager determines the ordering of transactions on the Ethereum network.

Business Logic Layer

The business logic layer manages and deploys Ethereum smart contracts.

Using these contracts and a customisable workflow engine it supports financial agreements and workflows tailored to customer requirements. These workflows can operate on assets, certificates, users, and digital currency to perform domain-specific actions.

The business logic layer is developed using ubiquitous Ethereum token standards like ERC-20 (fungible tokens) and ERC-721 (non-fungible tokens), allowing for interoperability with other protocols.

The business logic layer also contains supporting infrastructure to improve blockchain performance and security, and which simplify customer use of the platform:

  • Key management: to keep customer information secure, Geora manages their cryptographic keys. These keys are tied to customer identity and used to sign and verify actions and certificates in the protocol layer. The key management component removes the security burden of key storage for customers.
  • Data storage: the integration layer provides a fast, queryable database that reflects data stored in the protocol layer and makes it available to the access layer and third-party applications and integrations. Using a unique event-sourcing³ architecture, Geora is able to provide a fast and user-friendly access point that allows developers, financiers and farmers alike to use blockchain as a data storage platform, without sacrificing the trust provided by an immutable ledger.
  • Implementation

    The layer is made up of a number of components deployed across Amazon Web Services and DigitalOcean, and relies upon managed providers of databases (Amazon Relational Database Service), secret management (AWS Secrets Manager), and file storage (AWS S3). Components are developed in the TypeScript, Go, and Java languages.

    ³ Event Sourcing (

    Access Layer

    This layer provides customers of all technical abilities with access to the Geora platform.

    As part of the access layer, Geora provides a SaaS supply-chain traceability solution for non-technical users - which includes an asset record registry, certificate registry to secure supply chain value, and a permissioning tool to share data with different stakeholders. The user interface includes a digital toolkit that can be used to build asset standards, workflows and smart contracts to address customer use-cases. These workflows can be shared, adapted, and re-used to aid development and integration. The user interface is customisable and can be rebranded by users to meet their own brand requirements.

    Through the Geora developer portal,customers with more technical capabilities can access the Geora API to build their own applications using the platform. Geora provides access to the business logic layer through a flexible and intuitive GraphQL API, which assumes no blockchain knowledge and makes it easy for developers from different backgrounds to build supply-chain solutions. Since the Geora API sits between the customer and the blockchain network, it shields users and developers from protocol details. Geora is able to stay up-to-date with the latest blockchain technology without forcing customers to modify their systems.

    The developer portal also contains comprehensive documentation and an API playground, giving developers the tools they need to get started with Geora.


    Blockchain Protocol

    Geora uses the Ethereum blockchain to power the network layer.

    This is a private, permissioned network containing nodes which execute and verify all transactions. These nodes are operated by both Geora and its customers, creating a consortium chain.

    Ethereum provides a number of advantages over other networks:

  • Configurable consensus algorithms for building fast private networks
  • A strong core team pushing state-of-the art advances in blockchain technology like sharding and proof-of-stake
  • Mature and comprehensive smart contract languages and tools
  • A large developer ecosystem
  • The network is secured using the IBFT2 consensus protocol, which provides finality and fault tolerance. It prevents bad actors from adding incorrect data or breaking the rules of the system. With a current block time of two seconds and high gas limits, the network is capable of processing hundreds of transactions per second in parallel, and tens of thousands of updates.

    The network is composed of multiple validator nodes, including those managed by customers. It supports nodes entering and leaving the network, and tolerates node failures, without compromising uptime and remaining highly-available. The network has maintained 100% uptime since its inception (almost 500 days).


    Customer privacy and flexibility of data permissioning are built in to Geora at all layers.

    Geora supports data privacy, making asset and workflow data available to only those with permission, as well as transactional privacy, which obscures a customer’s counterparties and the actions they take within financial contracts.

    To achieve these goals, Geora uses a four-pronged privacy solution:

  • 1.Merkle trees and other hash technologies secure asset data at the protocol layer by compressing all data into a single hash. The protocol can share this hash across all nodes without revealing any of the constituent data. Through Merkle proofs or providing plaintext, workflows and contracts can check specific values in the data without revealing the entire asset.
  • 2.When customers upload certificates, the protocol encrypts the data using a unique data key per certificate and stores it on IPFS. Users can share and revoke access to these files using their own private keys via asymmetric encryption.
  • 3.Each user in the system can hide their identity using pseudo-anonymous on-demand identities. For each action they take, the user can generate a new identity using a hierarchical deterministic wallet that cannot be traced back to their public identity.
  • 4.Within workflows and contracts, state channels hide the details of actions from non-participants. The channels perform individual steps of a workflow away from public view and reveal only the final outcome.

    This example describes how Geora would encode a workflow involving the financed sale of wheat.

    In this scenario, a bank is financing a buyer, who is purchasing grain from a grower. The bank will pay the upfront cost of the wheat purchase; the buyer can repurchase the wheat from the bank at any time by paying the value plus interest.

    The grower accesses Geora through the SaaS platform in the access layer. Throughout the growing process they add data to their wheat asset to improve its value, such as its grade and quality data. They apply to a certificate registry run by an organic regulator, who approves their production methods and issues a signed organic certification for the asset, further increasing its value. This data is stored privately in the business and network layers.

    When the grower is ready to sell the wheat, they create a permissioned lens which gives the buyer insight into the asset without revealing proprietary data. When the buyer agrees to purchase, they partner with the bank and use Geora’s digital toolkit to create a new contract in the network layer, which governs their finance agreement. After the parties agree to the contract, it is executed: the grower is paid immediately, and the bank takes possession of the wheat asset. This transaction is executed as an atomic swap: the same transaction contains both the transfer of grain title and the payment to the buyer, so when the smart contract is executed either both transactions will succeed or both will fail. This provides the means to remove counterparty risk by matching delivery to payment. 

    The bank interacts with Geora directly, by integrating its systems with the integration and application layers. It is able to pay the grower, take possession of the asset, and make it available for repurchase by the buyer through its existing systems and processes. When the buyer decides to repurchase, the contract calculates interest in the application layer, and the payment is settled via the network and business logic layers.

    Finally, the buyer creates another permissioned lens for end consumers; when a customer scans a QR code, they see selected parts of the asset’s history, including its organic certification, and are persuaded to pay more for the high quality asset.