As you may remember from Chapter 4, Designing a Data and Transaction Model with Golang, one of the new features added with Hyperledger 1.1 is attribute-based access control. At the time of registering an entity, attributes can be specified for an entity, which then are added to the X.509 certificate upon enrollment. Examples of attributes include a role name such as an "auditor" that is agreed upon by the organizations participating in the network. When chaincode is executed, it can check if an identity has certain attributes before the invoke or query operation. At a simple level, this allows application-level attributes to be passed down into chaincode through a X.509 certificate.