I have a non-validating notary on my Corda network. Non-validating notaries are only supposed to see time-windows and input state references when de-conflicting transactions.
However, when I log into the notary's database (using the instructions here: https://docs.corda.net/node-database.html) and check the attachments table, I see the notary has seen various attachments.
This is a breach of privacy. Why is the notary seeing these attachments?
In Corda, contracts are stored on the node as attachments. It is these attachments that you are seeing on the non-validating notary.
At runtime, your node scans every JAR in its cordapps folder. Any JAR that includes one or more contract classes (i.e. classes implementing the Contract interface) will be serialised and uploaded to the node as an attachment, to be used during contract verification.
The entire JAR will be serialised, not just the contracts. That's why it is important to structure your CorDapp in the manner described in https://docs.corda.net/writing-a-cordapp.html#structure.
