How to design the network regarding the application layer? One application per organization or one overall?

Question

I am trying to implement a demo use case scenario under hyperledger fabric and i am trying to figure out the best practices for designing the network architecture.

I have already configured the network with 3 Organizations A, B and O (Orderer org) and i have also already developed the chaincode. But i have some questions regarding setup of the application layer (API interacting with the smart contracts).

Each admin is responsible for registering clients only in the organization that belongs to, and each client performs actions related only to this specific organization. At the time being i can think of two options designing the application:

1. Create a single application that includes the whole logic of both organizations and allow actions based on who is logged in and in which organization belongs to.

2. Create an application per organization and keep the endpoints separated based on organization access so admins and clients will only be able to call the endpoints of the application under the organization that they belong to.

And my questions are the following:

1. Are there any advantages and disadvantages of each option over the other?
2. Are there any best practices for structuring the application layer of a fabric network?

Thank you in advance, any suggestion or example would be highly appreciated.

Answer 1

Technically either can work. I think it's primarily an issue of trust and data privacy. Do all clients trust a single application to transact with the blockchain network on their behalf? Any private data sent by clients as transient data and only intended to be viewed by specific organisations, will be visible to a single, shared application.