Nothing Special   »   [go: up one dir, main page]

CN110008733B - Method and device for hiding transaction written into block chain - Google Patents

Method and device for hiding transaction written into block chain Download PDF

Info

Publication number
CN110008733B
CN110008733B CN201910100726.5A CN201910100726A CN110008733B CN 110008733 B CN110008733 B CN 110008733B CN 201910100726 A CN201910100726 A CN 201910100726A CN 110008733 B CN110008733 B CN 110008733B
Authority
CN
China
Prior art keywords
transaction
data
block
hiding
target
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910100726.5A
Other languages
Chinese (zh)
Other versions
CN110008733A (en
Inventor
杨新颖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ant Chain Technology Co ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to CN201910100726.5A priority Critical patent/CN110008733B/en
Publication of CN110008733A publication Critical patent/CN110008733A/en
Application granted granted Critical
Publication of CN110008733B publication Critical patent/CN110008733B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6254Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification

Landscapes

  • Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Medical Informatics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A method and apparatus for concealing transactions written to a chain of blocks is disclosed. If a transaction written to the blockchain is a sensitive transaction (containing sensitive content that is not suitable for disclosure), then the transaction in the blockchain may be replaced with the anonymized data that includes the transaction hash for the transaction.

Description

Method and device for hiding transaction written into block chain
Technical Field
The embodiments of the present disclosure relate to the field of information technology, and in particular, to a method and an apparatus for hiding transactions written into a block chain.
Background
A blockchain network is a decentralized, distributed data storage system that is participated in by multiple nodes. Once the data is written into the blockchain on each node, on one hand, the data is disclosed in the whole network, and on the other hand, the data written into the blockchain is difficult to delete and tamper. Based on this, the block chain technology has a great application prospect in the field of data storage.
In addition, in practice, the centralized device may also store data in a manner of class blockchain storage (which may be regarded as centralized blockchain storage), and the generation principle of the blocks in the blockchain is the same as that of the blocks in the class blockchain. Obviously, if data written into the class blockchain is to be deleted, unless the centralized device deletes the entire stored class blockchain. Therefore, the centralized class blockchain storage is also suitable for being applied to data storage services. The blockchain storage approach and other centralized class blockchain storage approaches are collectively referred to herein as blockchain storage.
However, in practical applications, some content (referred to herein as sensitive content) once written to the chain of blocks can have deleterious consequences that are difficult to eliminate.
Disclosure of Invention
In order to solve the problem that sensitive content is written into a block chain to easily cause a harmful result, embodiments of the present specification provide a method and an apparatus for hiding a transaction written into the block chain, where the technical scheme is as follows:
according to a first aspect of embodiments herein, there is provided a method of suppressing a transaction for writing to a chain of blocks, comprising:
receiving a hide instruction; the hiding instruction comprises a target transaction identifier and a hiding condition, and the hiding condition is used for determining sensitive content in the transaction corresponding to the target transaction identifier;
acquiring transaction hash of the transaction corresponding to the target transaction identifier, and extracting non-sensitive content from the transaction corresponding to the target transaction identifier according to the hiding condition included in the hiding instruction;
determining the concealed data according to the transaction hash and the non-sensitive content;
and replacing the transaction in the block chain corresponding to the target transaction identification with the suppressed data.
According to a 2 nd aspect of embodiments herein, there is provided an apparatus for concealing a transaction written to a block chain, comprising:
the receiving module receives the hiding instruction; the hiding instruction comprises a target transaction identifier and a hiding condition, and the hiding condition is used for determining sensitive content in the transaction corresponding to the target transaction identifier;
the acquisition and extraction module is used for acquiring the transaction hash of the transaction corresponding to the target transaction identifier and extracting non-sensitive content from the transaction corresponding to the target transaction identifier according to the hiding condition included by the hiding instruction;
a determining module for determining the concealed data according to the transaction hash and the non-sensitive content;
and the processing module is used for replacing the transaction corresponding to the target transaction identifier in the block chain with the hiding data.
According to the technical scheme provided by the embodiment of the specification, if a certain transaction written into the block chain is a sensitive transaction (contains sensitive content which is not suitable for disclosure), the transaction in the block chain can be replaced by the hiding data comprising the transaction hash of the transaction. On the other hand, the transaction hash of the transaction is calculated by using a one-way hash algorithm (i.e., hash algorithm) for the transaction, and the transaction hash of the transaction cannot be used to reversely deduce the transaction, so that replacing the transaction with the concealed data is equivalent to irrecoverably concealing the plaintext contents of the transaction shown in the block chain. On the other hand, the transaction is replaced by the concealed data, so that the stability of the Merkel tree corresponding to the block where the transaction is located is not influenced, and the accuracy of Simple PaymentVerification (SPV) aiming at other transactions (the transactions located in the same block as the transaction) is not influenced, and the normal operation of the data storage service is ensured.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of embodiments of the invention.
In addition, any one of the embodiments in the present specification is not required to achieve all of the effects described above.
Drawings
In order to more clearly illustrate the embodiments of the present specification or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the embodiments of the present specification, and other drawings can be obtained by those skilled in the art according to the drawings.
FIG. 1 is a schematic diagram of a structure of a Merkel tree provided in the present description;
FIG. 2 is a flowchart of a method for hiding transactions written into a block chain according to an embodiment of the present disclosure;
FIG. 3 is a schematic diagram of a process for constructing suppressed data according to an embodiment of the present disclosure;
FIG. 4 is a schematic diagram of another process for constructing suppressed data according to an embodiment of the present disclosure;
FIG. 5 is a flowchart illustrating a method for hiding transactions written to a block chain according to an embodiment of the present disclosure;
FIG. 6 is a diagram of a content field and an identification field provided by an embodiment of the present description;
FIG. 7 is a flowchart illustrating a method for suppressing transactions written to a blockchain according to an embodiment of the present disclosure;
FIG. 8 is a schematic diagram of suppressed data including non-sensitive content according to an embodiment of the present disclosure;
FIG. 9 is a flowchart illustrating a method for suppressing transactions written to a block chain according to an embodiment of the present disclosure;
FIG. 10 is a flowchart illustrating a method for suppressing transactions written to a block chain according to an embodiment of the present disclosure;
fig. 11 is a flowchart illustrating a method for constructing a mekerr tree corresponding to a block according to an embodiment of the present disclosure;
FIG. 12 is a flowchart illustrating a method for suppressing transactions written to a block chain according to an embodiment of the present disclosure;
fig. 13 is a schematic flowchart of another method for constructing a mekerr tree corresponding to a block according to an embodiment of the present disclosure;
FIG. 14 is a flow chart of a simple payment verification method provided by embodiments of the present description;
fig. 15 is a schematic structural diagram of an apparatus for hiding transactions written into a block chain according to an embodiment of the present disclosure;
FIG. 16 is a block diagram illustrating an apparatus for hiding transactions written into a chain of blocks according to an embodiment of the present disclosure;
FIG. 17 is a block diagram illustrating an apparatus for concealing transactions written to a chain of blocks according to an embodiment of the present disclosure;
FIG. 18 is a block diagram illustrating an apparatus for concealing transactions written to a chain of blocks according to an embodiment of the present disclosure;
FIG. 19 is a block diagram illustrating an apparatus for concealing transactions written into a chain of blocks according to an embodiment of the present disclosure;
fig. 20 is a schematic structural diagram of an apparatus for constructing a mekerr tree corresponding to a block according to an embodiment of the present disclosure;
fig. 21 is a schematic structural diagram of a simple payment verification apparatus provided in an embodiment of the present specification;
fig. 22 is a schematic structural diagram of a computer device for configuring an apparatus according to an embodiment of the present disclosure.
Detailed Description
As mentioned above, in practical applications, sensitive content, once written into a chain of blocks, can have deleterious consequences that are difficult to eliminate.
For example, Zusanyang defamation on Liqu, and uploading a text file of the defamation statement to a blockchain network for deposit, resulting in the text file being written to the blockchain, causing irreparable harm to the reputation of Liqu. For another example, company a steals the business secret of company B and submits the stolen business secret to the centralized device using class blockchain storage for verification, resulting in the business secret being written into the class blockchain.
Note that the transaction (transaction) described in this specification refers to a piece of data written in a block chain. The transaction is a data structure agreed in a blockchain protocol or a similar blockchain protocol, and a piece of data needs to be encapsulated into the transaction when being stored in the blockchain.
In the data evidence scenario based on the block chain, once the transaction is written into the block chain, it is difficult to delete and tamper with the transaction. However, in practical applications, if the transaction written into the blockchain is subsequently determined to contain sensitive content that is not suitable for disclosure, how to make the sensitive content written into the blockchain not disclosed on the premise of ensuring normal operation of the blockchain storage service becomes a technical problem that is difficult to solve.
It should be noted that, if the sensitive transaction (transaction containing sensitive content) written into the block chain is directly deleted, it is easy to cause that the data evidence storing service running based on the block chain cannot run normally. The reasons are specifically as follows:
common blockchain techniques (blockchains or centralized class blockchains) tend to support simple pay SPV authentication. SPV refers to verifying, for a transaction, whether the transaction has been written to a chain of blocks. The principle of SPV is that a verification requester requests a data storage party (block chain node or centralized device) to verify whether a certain transaction (called a target transaction) has been written into a block chain, the data storage party first locates a block (called a target block) where the target transaction is located, then constructs a Merkle tree (Merkle trees) based on each transaction in the target block, then determines a Merkle path corresponding to the target transaction, and returns a hash value associated with the Merkle path corresponding to the target transaction to the verification requester. And verifying whether the hash value returned by the data storage party by the requester is correct or not, namely calculating the root hash of the Merkel tree according to the transaction hash of the target transaction and the hash value returned by the data storage party and the Merkel path corresponding to the target transaction, judging whether the calculated root hash is consistent with the root hash in the block head of the target block or not, if so, confirming that the verification is passed and proving that the target transaction is actually written into the block chain.
Fig. 1 is a schematic structural diagram of a meikel tree provided in the present description. As shown in fig. 1, in the merkel tree, each leaf node corresponds to each transaction stored in the target block one-to-one. The hash value on each leaf node is a transaction hash obtained by performing a hash operation on the corresponding transaction. And for each father node, the hash value on the father node is obtained by carrying out hash operation on the hash values on two child nodes of the father node.
Assume target transaction 1. The verification requester needs to verify whether transaction 1 is written to the blockchain. Thus, the authentication requester sends a request to any data storage side, and the data storage side first determines the target block and constructs a merkel tree as shown in fig. 1. Then, the data storage party determines that the Hash values associated with the merkel path corresponding to the transaction 1 are Hash2, Hash10 and Hash14, and returns Hash2, Hash10 and Hash14 to the verification requesting party. The verification requester can calculate the root Hash of the merkel tree according to the Hash1 (the transaction Hash of the transaction 1), the Hash2, the Hash10 and the Hash14 and the merkel path corresponding to the transaction 1, and then, if the verification requester finds that the calculated root Hash is consistent with the root Hash stored in the block header of the target block, the verification requester determines that the transaction 1 is actually written into the block chain.
Clearly, the data store typically needs to build a merkel tree based on each transaction in the target block before triggering simple payment verification for the target transaction. In this way, the hash value associated with the merkel path corresponding to the target transaction can be returned to the verification requester, so that SPV is performed on the target transaction. This also means that any of transactions 1-8 are tampered with or deleted and the root Hash of the mekerr tree (i.e., Hash1-8) is changed, resulting in a failure of simple payment verification.
For example, as shown in fig. 1, transaction 2 includes sensitive content, and if transaction 2 is directly deleted from the blockchain, when simple payment verification needs to be performed on any one of transactions 1 and 3 to 8, due to lack of transaction 2, the meikel tree can only be constructed based on transactions 1 and 3 to 8, so that the root hash of the constructed meikel tree is inconsistent with the root hash stored in the block header of the target block, which may result in failure of simple payment verification, and an error conclusion that neither transaction 1 nor transaction 3 to 8 is linked is obtained.
Therefore, the invention can realize the hiding of a certain transaction in the block chain on the premise of not interfering the simple payment verification in the block chain system. The core technical means of the invention is to replace the transaction (sensitive transaction) needing to be concealed in the block chain into concealed data containing the transaction hash of the transaction. In this way, disclosure of the clear content of the transaction can be stopped without interfering with smooth operation of the simple payment verification system based on the block chain.
In order to make those skilled in the art better understand the technical solutions in the embodiments of the present specification, the technical solutions in the embodiments of the present specification will be described in detail below with reference to the drawings in the embodiments of the present specification, and it is obvious that the described embodiments are only a part of the embodiments of the present specification, and not all the embodiments. All other embodiments that can be derived by one of ordinary skill in the art from the embodiments given herein are intended to be within the scope of protection.
The technical solutions provided by the embodiments of the present description are described in detail below with reference to the accompanying drawings.
Example one
Fig. 2 is a flowchart illustrating a method for hiding a transaction written into a block chain according to an embodiment of the present disclosure, including the following steps:
s200: a suppressed instruction is received.
The data evidence storage scene based on the block chain is applied to the scene. In this scenario, the data is block-chained distributed certified by a block chain network including a plurality of nodes, or block-chained centralized certified by a centralized device.
In a block chain scene, the execution main body of the method can be each block chain link point; in the class blockchain scenario, the main implementation of the method may be a centralized device.
In this description, the suppressed instruction contains a target transaction identification, which is typically a transaction identification of a sensitive transaction containing sensitive content. Of course, the method shown in fig. 1 may also hide non-sensitive transactions written into the block chain, and thus, the target transaction identifier may theoretically be a transaction identifier of any transaction.
It should be noted that the transaction identifier of the transaction is used to uniquely identify the transaction. Specifically, the transaction identifier of the transaction may be a transaction hash obtained by performing hash operation on the transaction, or may be a unique number allocated to the transaction.
In step S200, the hiding instruction may be issued by a certain user. The user may be the user who uploaded the sensitive content or may be a subject (e.g., a court, victim, etc.) who has the right to hide the sensitive content.
In a blockchain scene, each blockchain link point receives a hiding instruction, which may specifically be: each block link point receives a concealed transaction encapsulating a concealed instruction. And each block chain node executes the hidden command in a mode of executing the hidden transaction, and after the execution of the hidden transaction is finished, each block chain node writes the hidden transaction into the block chain for evidence storage.
S202: and determining the hiding data according to the hiding instruction.
In this specification, the anonymization data includes at least a transaction hash of the transaction corresponding to the target transaction id.
S204: and replacing the transaction in the block chain corresponding to the target transaction identification with the suppressed data.
In this specification, the replacing of the transaction corresponding to the target transaction identifier in the block chain with the suppressed data may specifically be:
first, a block (referred to as a target block) in the block chain where the transaction place corresponding to the target transaction identifier is located is determined, and then the transaction stored in the transaction storage location corresponding to the target transaction identifier in the target block is replaced with the concealed data.
A block chain is actually a storage structure in which a plurality of blocks are connected in chronological order of blocking. For each block, there are multiple transactional memory locations in the block. The transaction storage location refers to a storage space or a storage address for storing a transaction in a block. Assuming that 100 transactions are written in the blockchain, there are also 100 transaction storage locations in the blockchain at the same time, and the transaction storage locations are used for storing the 100 transactions respectively.
In this specification, traversal may be performed in a block chain according to the target transaction identifier to search for a transaction corresponding to the target transaction identifier, that is, to locate a transaction storage location where the transaction corresponding to the target transaction identifier is located. And then deleting the transaction corresponding to the target transaction identification from the positioned transaction storage position, and storing the hiding data into the positioned transaction storage position.
Further, since it is inefficient to locate a transaction in a block chain in a traversal manner according to a target transaction identifier, in this specification, a corresponding relationship between a transaction identifier of the transaction and a transaction storage location in the block chain where the transaction is located may be recorded separately for any transaction written in the block chain in advance outside the block chain.
For any transaction written into the blockchain, the transaction storage location in the blockchain where the transaction is located is generally the height of the block where the transaction is located (i.e. the sequence number of the block in the blockchain) and the offset of the transaction in the block. For example, after the block packed with transaction a is written into the 4 th block in the block chain, that is, the height of the block packed with transaction a is 5, and the offset of transaction a in the block is 120, the transaction storage location corresponding to transaction a may be (5, 120).
In this specification, in the context of a class blockchain, the centralizing facility may also encapsulate the concealed instructions into a concealed transaction write blockchain.
In addition, in the scene of the block chain or the class block chain, the hiding transaction written into the block chain is not only encapsulated with the hiding instruction, but also encapsulated with the data hash of the hiding data.
Concealment of sensitive content written into a chain of blocks may be achieved by the method described in figure 2. Moreover, the hiding mode of the sensitive content is to replace the sensitive transaction containing the sensitive content with the hiding data containing the transaction hash of the sensitive transaction, so the normal SPV is not influenced.
In addition, the anonymized data may include more information than the transaction hash of the transaction corresponding to the target transaction identifier.
Specifically, fig. 3 is a schematic diagram of a process for constructing the concealment data according to the embodiment of the present specification. When constructing the hiding data, each node can acquire the transaction hash of the transaction corresponding to the target transaction identifier; splicing preset pre-marked characters to the head of the transaction hash; and determining the concealed data according to the data formed by splicing the pre-marked characters and the transaction hash.
The function of the above-mentioned pre-marked character is that when data is read from a certain transaction storage position, if the transaction of the transaction storage position is replaced by the hiding data, the reading of the pre-marked character in the hiding data is equivalent to the definition: "the transaction storage location stores not the clear text content of the transaction, but rather the transaction hash".
Since the transaction hash is generally a character string of a fixed length, the remark information may be added to the concealed data after the transaction hash. In this way, when the transaction hash in the confidential data is read, the remaining part of the confidential data is the memo information.
It should be noted that the remark information may specifically be information added to implement a specific service requirement. For example, the remark information may be "hidden" indicating that the target transaction identification corresponding to the transaction has been suppressed. When the user inquires the transaction corresponding to the target transaction identifier, the remark information can prompt the user that the transaction is invisible.
Further, fig. 4 is a schematic diagram of another process for constructing the concealment data according to the embodiment of the present disclosure. When the hiding data is constructed, the transaction hash of the transaction corresponding to the target transaction identifier can be obtained; splicing a preset front marker character to the head of the transaction hash, splicing a preset rear marker character to the tail of the transaction hash, and splicing remark information to the tail of the rear marker character; then, the data obtained by splicing the front marker character, the transaction hash, the rear marker character, and the remark information is determined as the concealed data.
The post-marker character described above is used to distinguish between the transaction hash and the memo information (non-sensitive content) in the concealed data by using the post-marker character without reading the data based on the fixed length value of the transaction hash when the memo information (or non-sensitive content) is included in the concealed data.
The front marker character and the rear marker character can be specified according to actual needs. For example, the front marker character may be "0E" and the rear marker character may be "0F".
Example two
In the present specification, the confidential data may be marked by other means, without including the preceding marker character and the following marker character described in the first embodiment, as to whether the transaction or the confidential data is stored in a certain transaction storage location.
Specifically, a content field and an identification field are created in advance for each transaction storage location in the block chain, the content field is used for storing transactions or the suppressed data generated based on the transactions, and the identification field is used for storing a first identifier or a second identifier and identifying whether the transaction or the suppressed data is in the content field.
Wherein the identification field includes a first identifier when the content field includes a transaction and a second identifier when the content field includes anonymized data generated based on the transaction.
Fig. 5 is a flowchart of another method for hiding transactions written into a block chain according to an embodiment of the present disclosure, including the following steps:
s500: and receiving a hiding instruction containing a target transaction identifier, and determining a transaction storage position for storing the transaction corresponding to the target transaction identifier as a target transaction storage position.
In this specification, for each transaction storage location in a block chain, the transaction storage location stores a content field and an identification field, and if the content field contains a transaction, the identification field contains a first identifier.
S502: and determining the hiding data according to the hiding instruction.
S504: replacing transactions in the content field of the target transaction storage location with the anonymized data.
S506: replacing the first identifier in the identification field of the target transaction storage location with a second identifier.
For example, the first identifier may occupy a "FF" of two bytes, and the second identifier may be a "00" of two bytes.
The beneficial effects of example two are analyzed here. In the first embodiment, whether the transaction or the suppressed data is stored in a certain transaction storage position is marked by splicing the pre-marked characters before the transaction hash in the suppressed data.
However, in practice, in order to avoid "hash collision" between the transaction hash in the concealed data and the pre-marked character (that is, when the node or the centralized device executes the transaction concealing logic, it is impossible to distinguish whether the character read from the transaction storage location is the pre-marked character or the character in the transaction hash), the pre-marked character is usually set to a special character which is theoretically not overlapped with the transaction hash, and such a special character is generally long (occupies many bytes), which brings a large burden to the node or the centralized device which reads the data from the transaction storage location.
For this reason, if the method in the second embodiment is adopted, the pre-marker character is not used to be spliced with the transaction hash, but two independent fields, namely a content field and an identification field, are divided from the transaction storage location, the content field is used to store the transaction or the concealed data replaced by the transaction after being concealed, and the identification field stores an identifier for identifying whether the transaction or the concealed data is in the content field. In this way, it is possible to distinguish whether a transaction or suppressed data is stored in a certain transaction storage location by writing a short identifier in the identification field.
Fig. 6 is a schematic diagram of a content field and an identification field provided in an embodiment of the present specification. As shown in fig. 6, assuming that the content field of the transaction storage location 1 in the target block stores the transaction and the content field of the transaction storage location 2 stores the suppressed data, the identification can be performed based on the identification field.
EXAMPLE III
Based on the first and second embodiments, the configuration of the suppressed data can be optimized.
Fig. 7 is a flowchart of another method for hiding transactions written into a blockchain according to an embodiment of the present disclosure, including the following steps:
s700: a suppressed instruction is received.
In this description, the suppression instruction may specifically include a target transaction identification and a suppression condition. Wherein the hiding condition is used for determining sensitive content in the transaction corresponding to the target transaction identification.
Further, the hiding condition may be sensitive location information for characterizing a location of sensitive content in a transaction corresponding to the target transaction identity. For example, the sensitive location information may be byte range information (1, 6), which indicates that the content of the 1 st byte to the 6 th byte in the transaction corresponding to the target transaction identifier is sensitive content.
S702: and acquiring the transaction hash of the transaction corresponding to the target transaction identifier, and extracting non-sensitive content from the transaction corresponding to the target transaction identifier according to the hiding condition included in the hiding instruction.
The non-sensitive content is the content except the sensitive content in the transaction corresponding to the target transaction identification.
S704: and determining the concealed data according to the transaction hash and the non-sensitive content.
In step S704, the anonymized data may include only the transaction hash and the non-sensitive content. Since the transaction hash is typically of a fixed length, confusion of the transaction hash with the non-sensitive content typically does not occur.
In addition, the following cases may exist in combination with embodiment one:
1. pre-marked characters may also be included in the suppressed data.
2. The suppressed data may further include a front marker character and a rear marker character.
Wherein post-marker characters may be used to distinguish the transaction hash from the non-sensitive content.
3. The suppressed data may further include a front marker character, a first rear marker character, a second rear marker character, and remark information.
The first post-marker character may be used to distinguish the transaction hash from the non-sensitive content, and the second post-marker character may be used to distinguish the non-sensitive content from the remark information.
S706: and replacing the transaction in the block chain corresponding to the target transaction identification with the suppressed data.
In this way, the non-sensitive content in the transaction corresponding to the target transaction identifier may be retained on the premise that the sensitive content in the transaction corresponding to the target transaction identifier is concealed, as shown in fig. 8.
Example four
Based on the third embodiment, the generation method of the suppressed data may be further optimized.
Fig. 9 is a flowchart illustrating a method for hiding a transaction of a write block chain according to an embodiment of the present disclosure, including the following steps:
s900: a suppressed instruction is received.
S902: and acquiring the transaction hash of the transaction corresponding to the target transaction identifier, and extracting non-sensitive content from the transaction corresponding to the target transaction identifier according to the hiding condition included in the hiding instruction.
S904: and adjusting the expression mode of the non-sensitive content based on a preset expression mode adjusting model, and determining the concealed data according to the transaction hash and the adjusted non-sensitive content.
S906: and replacing the transaction in the block chain corresponding to the target transaction identification with the suppressed data.
The expression manner adjustment model may specifically be a preset expression manner adjustment rule, for example, the expression manner adjustment rule may be: if a Chinese character exists in the non-sensitive content, the Chinese character is replaced by pinyin. For another example, the expression adjustment rule may be: and if the capital English letters exist in the non-sensitive content, replacing at least one capital English letter with a lower-case English letter.
The expression mode adjustment model may be an intelligent model trained in advance according to a machine learning algorithm.
In summary, the expression adjustment model is used for adjusting the expression of the non-sensitive content, so that the information conveyed by the non-sensitive content after adjustment is within the coverage range of the information conveyed by the non-sensitive content before adjustment.
Preferably, the information conveyed by the non-sensitive content after the adjustment is consistent with the information conveyed by the non-sensitive content before the adjustment, that is, the conveyed information is not lost after the expression of the non-sensitive content is adjusted.
In order to prevent this, by adjusting the expression of the non-sensitive content written in the concealed data, the concealed sensitive content cannot be broken out from the non-sensitive content after adjustment, regardless of the attempt.
EXAMPLE five
Based on the above-mentioned first to fourth embodiments, a right verification mechanism may be introduced.
Fig. 10 is a flowchart illustrating a method for hiding a transaction of a write block chain according to an embodiment of the present disclosure, including the following steps:
s1000: receiving a hide instruction;
s1002: acquiring the signature of the hiding instruction, and judging whether the acquired signature meets a specified condition, if so, executing step S804, and if not, executing step S806.
S1004: and determining the concealed data of the transaction hash of the transaction corresponding to the target transaction identifier according to the concealed instruction, and replacing the transaction corresponding to the target transaction identifier in the block chain with the concealed data.
S1006: the suppressed instruction is rejected.
In practical applications, it may be required that the concealed instruction must have a signature that satisfies a specified condition. Each block link point or centralizing device executes a hidden instruction upon determining that the signature of the hidden instruction satisfies a specified condition.
Specifically, the specified condition may include, but is not limited to, the following three cases:
1. and if the transaction corresponding to the target transaction identification is a transaction written into a block chain, the signature of the hiding instruction is the signature of a block chain node. At this time, the specified condition is that the number of acquired signatures is greater than a specified number.
For example, if there are 10 nodes in the blockchain network and the specified number can be set to 5, the concealment instruction must be acknowledged by more than 5 nodes to be valid.
2. If the transaction corresponding to the target transaction identifier is a transaction written into a class block chain, the specified condition is that the acquired signature comprises signatures of at least two authorities.
In practice, the authorized parties may include courts, controllers of centralized equipment, business parties for data validation services of centralized equipment, and the like.
3. The signature of each authority is assigned a weight in advance. If the transaction corresponding to the target transaction identifier is a transaction written into the block chain, the specified condition is that the sum of the weights corresponding to the acquired signatures is greater than the specified weight.
For example, a court may be assigned a weight of 100, a controller of the centralized facility may be assigned a weight of 50, and a business may be assigned a weight of 40. Meanwhile, the assigned weight is set to 60.
EXAMPLE six
Based on the methods in the first to fifth embodiments, a method for constructing a mekerr tree corresponding to a block provided in the embodiment of the present specification is, as shown in fig. 11, including:
s1100: for each transactional memory location in the target block, data is read from the transactional memory location.
S1102: and if the data read from the transaction storage position is determined to comprise the transaction, performing hash calculation on the transaction comprised by the read data to obtain the transaction hash corresponding to the transaction storage position.
S1104: when it is determined that the data read from the transaction storage location includes the concealed data, the transaction hash is extracted from the concealed data included in the read data as the transaction hash corresponding to the transaction storage location.
S1106: and constructing a Meckel tree corresponding to the target block based on the transaction hash corresponding to each transaction storage position in the target block.
EXAMPLE seven
Based on the sixth embodiment, after the transaction corresponding to the target transaction identifier is concealed, the tag of the block where the transaction corresponding to the target transaction identifier is located may be further determined as the designated tag.
In this specification, at least some of the tiles in the chain of tiles may have a label to indicate that there is at least one transaction suppressed in the tile.
In particular, a designated tag may be agreed upon for characterizing the presence of at least one concealed transaction in a tile. After replacing the transaction corresponding to the target transaction identifier with the suppressed data, it may be determined whether or not the tag of the block (target block) in which the transaction corresponding to the target transaction identifier is located has a tag, and if not, a specific tag is assigned to the target block. If the label exists, whether the label is the designated label is further judged. If the transaction is the designated label, the target block is indicated to have other concealed sensitive transactions besides the transaction corresponding to the target transaction identifier, and the label of the target block does not need to be changed; if the target block does not contain the suppressed data, the tag of the target block needs to be modified to the designated tag.
Thus, the tag of a tile in the chain of tiles is either 1 or 0. If the designated tag is 1, the tag is 1 when the block contains the suppressed data, and the tag is 0 when the block does not contain the suppressed data. If the designated tag is 0, the tag is 0 when the block contains the suppressed data, and the tag is 1 when the block does not contain the suppressed data.
The function of determining the label of the block where the trading place corresponding to the target trading identification is located as the designated label is to reduce the calculation burden of block link points or centralized equipment. Specifically, if the block containing the concealed data is not labeled, as in the method shown in fig. 11, when it is necessary to construct a merkel tree for the target block, the block chain node or the centralizing device does not determine whether the concealed data is contained in the target block, and therefore, it is necessary to determine whether the transaction or the concealed data is stored in each transaction storage location in the target block in turn, so as to obtain the transaction hash corresponding to the transaction storage location by using different strategies. When there are many blocks that need to build a merkel tree and there are few sensitive transactions that are suppressed, much of the computational resources are wasted if the method shown in fig. 11 is performed for each block.
In the seventh embodiment, before starting to construct the mekel tree corresponding to any block, it may first determine whether the block includes the suppressed data according to the label of the block, so that when there is no sensitive transaction that is suppressed in the target block, the mekel tree corresponding to the target block is constructed in a default manner (instead of the manner shown in fig. 11), thereby saving computing resources.
Fig. 12 is a flowchart illustrating a method for hiding a transaction of a write block chain according to an embodiment of the present disclosure, including the following steps:
s1200: a suppressed instruction is received.
S1202: and determining the hiding data according to the hiding instruction.
S1204: and replacing the transaction in the block chain corresponding to the target transaction identification with the suppressed data.
S1206: and determining the label of the block where the transaction is located corresponding to the target transaction identification as a designated label.
Fig. 13 is a flowchart of another method for constructing a mekerr tree corresponding to a block according to an embodiment of the present disclosure, which includes the following steps:
s1300: and aiming at a target block in a block chain, acquiring a label of the target block.
S1302: and if the label of the target block is the designated label, reading data from each transaction storage position in the target block.
S1304: and if the data read from the transaction storage position is determined to comprise the transaction, performing hash calculation on the transaction comprised by the read data to obtain the transaction hash corresponding to the transaction storage position.
S1306: when it is determined that the data read from the transaction storage location includes the concealed data, the transaction hash is extracted from the concealed data included in the read data as the transaction hash corresponding to the transaction storage location.
S1308: and constructing a Meckel tree corresponding to the target block based on the transaction hash corresponding to each transaction storage position in the target block.
Further, for each transaction storage location in the target block, if the data read from the transaction storage location does not include the pre-marked character, determining that the data read from the transaction storage location includes a transaction; if the data read from the transaction memory location includes the pre-marked character, the data read from the transaction memory location is determined to include the suppressed data.
Or if the identification field in the data read from the transaction storage location includes the first identifier, determining that the data read from the transaction storage location includes a transaction; if the identification field in the data read from the transactional memory location includes the second identifier, the data read from the transactional memory location is determined to include the anonymized data.
In the seventh embodiment, the transaction hash may be extracted by determining, as the transaction hash, data located after the preceding marker character in the concealed data included in the read data; or, data of a predetermined length following the pre-marker character in the concealed data included in the read data is extracted by determining the data as a transaction hash.
Wherein the specified length is a fixed length of a transaction hash.
In the seventh embodiment, the data between the front marker character and the rear marker character in the concealed data included in the read data may be determined as a transaction hash and extracted.
In the seventh embodiment, if the tag of the target block is not the designated tag, the meikel tree corresponding to the target block is constructed in a default manner.
In the seventh embodiment, further, a binary number string may be created in advance, and assuming that the block chain includes N blocks, the binary number string has at least N binary bits, and the value of the ith binary bit of the binary number string is the label of the ith block in the block chain, i e [1, N ].
Thus, the label manner of obtaining the target block may be to determine a sequence number M of the target block; reading the value of the Mth binary bit from the binary string as the label of the target block.
Fig. 14 is a schematic flowchart of a simple payment verification method provided in an embodiment of the present specification, including the following steps:
s1400: receiving an authentication request; the verification request comprises a target transaction identification;
s1402: according to the verification request, determining a block where the transaction corresponding to the target transaction identifier is located in a block chain of the verification request, and constructing a Merkel tree corresponding to the block based on the method shown in FIG. 11 or FIG. 13;
s1404: and based on the constructed Merkel tree, carrying out simple payment verification on the transaction corresponding to the target transaction identifier.
Fig. 15 is a schematic structural diagram of an apparatus for hiding transactions written into a block chain according to an embodiment of the present specification, where a content field and an identification field are stored in each transaction storage location in the block chain, and the identification field includes a first identifier if the content field includes a transaction, the apparatus including:
the receiving module 1501 receives a transaction storage location containing a target transaction identifier hiding instruction and determining a transaction corresponding to the target transaction identifier as a target transaction storage location;
a determination module 1502 for determining the concealed data based on the concealed instruction; the hiding data comprises transaction hash of the transaction corresponding to the target transaction identification;
the processing module 1503 replaces the transaction in the content field of the target transaction storage location with the suppressed data and replaces the first identifier in the identification field of the target transaction storage location with the second identifier.
The hiding instruction further comprises a hiding condition used for determining sensitive content in the transaction corresponding to the target transaction identification;
the determining module 1502 obtains the transaction hash of the transaction corresponding to the target transaction identifier, and extracts the non-sensitive content from the transaction corresponding to the target transaction identifier according to the hiding condition included in the hiding instruction; and determining the concealed data according to the transaction hash and the non-sensitive content.
The hiding condition is sensitive position information and is used for representing the position of the sensitive content in the transaction corresponding to the target transaction identification.
The determining module 1502 splices preset post-marked characters to the tail of the transaction hash; splicing the non-sensitive content to the tail of the post-marker character; and determining the data spliced by the transaction hash, the post-marked character and the non-sensitive content as the concealed data.
The determining module 1502 adjusts the expression mode of the non-sensitive content based on a preset expression mode adjusting model; and determining the concealed data according to the transaction hash and the adjusted non-sensitive content.
The determining module 1502 obtains the signature of the hidden instruction, and determines whether the obtained signature meets a specified condition; if yes, determining the hiding data according to the hiding instruction; if not, the hiding instruction is rejected.
And if the transaction corresponding to the target transaction identifier is a transaction written into a block chain, the signature of the hiding instruction is the signature of a block chain node, and the specified condition is that the number of acquired signatures is greater than a specified number.
If the transaction corresponding to the target transaction identifier is a transaction written into a class block chain, the specified condition is that the acquired signature comprises signatures of at least two authorities.
The signature of each authority is assigned a weight;
if the transaction corresponding to the target transaction identifier is a transaction written into the block chain, the specified condition is that the sum of the weights corresponding to the acquired signatures is greater than the specified weight.
The device further comprises:
the transaction write module 1504 writes the concealed transaction in which the concealed instruction is encapsulated into a block chain.
The transaction write module 1504 writes a concealed transaction, in which the concealed instruction and the concealed data are encapsulated, into a block chain.
The device further comprises:
the tag determining module 1505 determines the tag of the block where the transaction corresponding to the target transaction identifier is located as the designated tag.
For any block in the block chain, if the block does not contain the suppressed data, the tag of the block is not the designated tag.
Let the block chain include N blocks, the value of the ith binary bit of the pre-created binary string is the label of the ith block in the block chain, i ∈ [1, N ].
Fig. 16 is a schematic structural diagram of an apparatus for hiding a transaction of a write block chain according to an embodiment of the present disclosure, including:
a receiving module 1601, configured to receive a hiding instruction; the hiding instruction comprises a target transaction identifier and a hiding condition, and the hiding condition is used for determining sensitive content in the transaction corresponding to the target transaction identifier;
the obtaining and extracting module 1602, which obtains the transaction hash of the transaction corresponding to the target transaction identifier, and extracts the non-sensitive content from the transaction corresponding to the target transaction identifier according to the hiding condition included in the hiding instruction;
a determining module 1603 for determining the suppressed data according to the transaction hash and the non-sensitive content;
the processing module 1604 replaces the transaction in the block chain corresponding to the target transaction identification with the anonymized data.
For each transaction storage location in a block chain, storing a content field comprising a transaction or anonymized data generated based on the transaction, and an identification field;
wherein the identification field includes a first identifier when the content field includes a transaction and a second identifier when the content field includes anonymized data generated based on the transaction.
The hiding condition is sensitive position information and is used for representing the position of the sensitive content in the transaction corresponding to the target transaction identification.
The determining module 1603 splices preset post-marker characters to the tail of the transaction hash; splicing the non-sensitive content to the tail of the post-marker character; and determining the data spliced by the transaction hash, the post-marked character and the non-sensitive content as the concealed data.
The determining module 1603 adjusts a model based on a preset expression mode, and adjusts the expression mode of the non-sensitive content; and determining the concealed data according to the transaction hash and the adjusted non-sensitive content.
The determining module 1603 acquires the signature of the hiding instruction and judges whether the acquired signature meets a specified condition; if yes, determining the hiding data according to the hiding instruction; if not, the hiding instruction is rejected.
And if the transaction corresponding to the target transaction identifier is a transaction written into a block chain, the signature of the hiding instruction is the signature of a block chain node, and the specified condition is that the number of acquired signatures is greater than a specified number.
If the transaction corresponding to the target transaction identifier is a transaction written into a class block chain, the specified condition is that the acquired signature comprises signatures of at least two authorities.
The signature of each authority is assigned a weight;
if the transaction corresponding to the target transaction identifier is a transaction written into the block chain, the specified condition is that the sum of the weights corresponding to the acquired signatures is greater than the specified weight.
The device further comprises:
the tag determining module 1605 determines the tag of the block where the transaction corresponding to the target transaction identifier is located as the designated tag.
For any block in the block chain, if the block does not contain the suppressed data, the tag of the block is not the designated tag.
Let the block chain include N blocks, the value of the ith binary bit of the pre-created binary string is the label of the ith block in the block chain, i ∈ [1, N ].
The device further comprises:
the transaction write module 1606 writes the concealed transaction in which the concealed instruction is encapsulated into a block chain.
The transaction write module 1606 writes a secure transaction including a hash of the data in which the secure instruction and the secure data are encapsulated into a block chain.
Fig. 17 is a schematic structural diagram of an apparatus for hiding a transaction of a write block chain according to an embodiment of the present disclosure, including:
a reception module 1701 for receiving a concealment instruction; the hiding instruction comprises a target transaction identifier and a hiding condition, and the hiding condition is used for determining sensitive content in the transaction corresponding to the target transaction identifier;
an obtaining and extracting module 1702, configured to obtain a transaction hash of the transaction corresponding to the target transaction identifier, and extract non-sensitive content from the transaction corresponding to the target transaction identifier according to the hiding condition included in the hiding instruction;
an adjustment determining module 1703, configured to adjust the expression mode of the non-sensitive content based on a preset expression mode adjustment model, and determine the concealed data according to the transaction hash and the adjusted non-sensitive content;
the processing module 1704 replaces the transaction in the block chain corresponding to the target transaction identification with the anonymized data.
For each transaction storage location in a block chain, storing a content field comprising a transaction or anonymized data generated based on the transaction, and an identification field;
wherein the identification field includes a first identifier when the content field includes a transaction and a second identifier when the content field includes anonymized data generated based on the transaction.
The hiding condition is sensitive position information and is used for representing the position of the sensitive content in the transaction corresponding to the target transaction identification.
The adjustment determining module 1703 splices preset post-marker characters to the tail of the transaction hash; splicing the adjusted non-sensitive content to the tail part of the rear marker character; and determining the data spliced by the transaction hash, the post-marked character and the adjusted non-sensitive content as the concealed data.
The adjustment determining module 1703 is configured to obtain a signature of the concealed instruction, and determine whether the obtained signature meets a specified condition; if yes, determining the hiding data according to the hiding instruction; if not, the hiding instruction is rejected.
And if the transaction corresponding to the target transaction identifier is a transaction written into a block chain, the signature of the hiding instruction is the signature of a block chain node, and the specified condition is that the number of acquired signatures is greater than a specified number.
If the transaction corresponding to the target transaction identifier is a transaction written into a class block chain, the specified condition is that the acquired signature comprises signatures of at least two authorities.
The signature of each authority is assigned a weight;
if the transaction corresponding to the target transaction identifier is a transaction written into the block chain, the specified condition is that the sum of the weights corresponding to the acquired signatures is greater than the specified weight.
The device further comprises:
the tag determination module 1705 determines the tag of the block where the transaction corresponding to the target transaction identifier is located as the designated tag.
For any block in the block chain, if the block does not contain the suppressed data, the tag of the block is not the designated tag.
Let the block chain include N blocks, the value of the ith binary bit of the pre-created binary string is the label of the ith block in the block chain, i ∈ [1, N ].
The device further comprises:
the transaction writing module 1706 writes the concealed transaction in which the concealed instruction is encapsulated into the block chain.
The transaction writing module 1706 writes a concealed transaction including a hash of data in which the concealed instruction and the concealed data are encapsulated into a block chain.
Fig. 18 is a schematic structural diagram of an apparatus for hiding a transaction of a write block chain according to an embodiment of the present disclosure, including:
a receiving module 1801, which receives the hiding instruction; the hiding instruction comprises a target transaction identifier;
an acquisition judgment module 1802, which acquires the signature of the concealed instruction and judges whether the acquired signature meets a specified condition;
a first processing module 1803, if yes, determining, according to the hiding instruction, hiding data including transaction hash of a transaction corresponding to the target transaction identifier, and replacing the transaction corresponding to the target transaction identifier in a block chain with the hiding data;
and if not, the second processing module 1804 rejects the hiding instruction.
And if the transaction corresponding to the target transaction identifier is a transaction written into a block chain, the signature of the hiding instruction is the signature of a block chain node, and the specified condition is that the number of acquired signatures is greater than a specified number.
If the transaction corresponding to the target transaction identifier is a transaction written into a class block chain, the specified condition is that the acquired signature comprises signatures of at least two authorities.
The signature of each authority is assigned a weight;
if the transaction corresponding to the target transaction identifier is a transaction written into the block chain, the specified condition is that the sum of the weights corresponding to the acquired signatures is greater than the specified weight.
The first processing module 1803 obtains a transaction hash of a transaction corresponding to the target transaction identifier; splicing preset pre-marked characters to the head of the transaction hash; and determining the concealed data according to the data formed by splicing the front mark character and the transaction hash.
The first processing module 1803 splices a preset post-marked character to the tail of the transaction hash, and splices remark information to the tail of the post-marked character; and determining the data spliced by the front marked characters, the transaction hash, the rear marked characters and the remark information as the concealed data.
For each transaction storage location in a block chain, storing a content field comprising a transaction or anonymized data generated based on the transaction, and an identification field;
wherein the identification field includes a first identifier when the content field includes a transaction and a second identifier when the content field includes anonymized data generated based on the transaction.
The hiding instruction further comprises a hiding condition used for determining sensitive content in the transaction corresponding to the target transaction identification;
the first processing module 1803 obtains the transaction hash of the transaction corresponding to the target transaction identifier, and extracts the non-sensitive content from the transaction corresponding to the target transaction identifier according to the hiding condition included in the hiding instruction; and determining the concealed data according to the transaction hash and the non-sensitive content.
The hiding condition is sensitive position information and is used for representing the position of the sensitive content in the transaction corresponding to the target transaction identification.
The first processing module 1803 splices a preset post-marker character to the tail of the transaction hash; splicing the non-sensitive content to the tail of the post-marker character; and determining the data spliced by the transaction hash, the post-marked character and the non-sensitive content as the concealed data.
The first processing module 1803 adjusts a model based on a preset expression mode, and adjusts an expression mode of the non-sensitive content; and determining the concealed data according to the transaction hash and the adjusted non-sensitive content.
The device further comprises:
the tag determining module 1805 determines the tag of the block where the transaction corresponding to the target transaction identifier is located as the designated tag.
For any block in the block chain, if the block does not contain the suppressed data, the tag of the block is not the designated tag.
Let the block chain include N blocks, the value of the ith binary bit of the pre-created binary string is the label of the ith block in the block chain, i ∈ [1, N ].
The device further comprises:
the transaction writing module 1806 writes the concealed transaction encapsulated with the concealed instruction into the block chain.
The transaction writing module 1806 writes a concealed transaction including a hash of the concealed instruction and the concealed data into a block chain.
Fig. 19 is a schematic structural diagram of an apparatus for hiding a transaction of a write block chain according to an embodiment of the present disclosure, including:
a receiving module 1901 for receiving a hiding instruction; the hiding instruction comprises a target transaction identifier;
a determination module 1902 that determines the concealed data based on the concealed instruction; the hiding data comprises transaction hash of the transaction corresponding to the target transaction identification;
the processing module 1903 replaces the transaction corresponding to the target transaction identifier in the block chain with the suppressed data, and determines the label of the block where the transaction corresponding to the target transaction identifier is located as the designated label.
The determining module 1902, obtaining a transaction hash of a transaction corresponding to the target transaction identifier; splicing preset pre-marked characters to the head of the transaction hash; and determining the concealed data according to the data formed by splicing the front mark character and the transaction hash.
The determining module 1902 splices a preset post-marked character to the tail of the transaction hash, and splices remark information to the tail of the post-marked character; and determining the data spliced by the front marked characters, the transaction hash, the rear marked characters and the remark information as the concealed data.
For each transaction storage location in a block chain, storing a content field comprising a transaction or anonymized data generated based on the transaction, and an identification field;
wherein the identification field includes a first identifier when the content field includes a transaction and a second identifier when the content field includes anonymized data generated based on the transaction.
The hiding instruction further comprises a hiding condition used for determining sensitive content in the transaction corresponding to the target transaction identification;
the determining module 1902 acquires the transaction hash of the transaction corresponding to the target transaction identifier, and extracts the non-sensitive content from the transaction corresponding to the target transaction identifier according to the hiding condition included in the hiding instruction; and determining the concealed data according to the transaction hash and the non-sensitive content.
The hiding condition is sensitive position information and is used for representing the position of the sensitive content in the transaction corresponding to the target transaction identification.
The determining module 1902, which splices the preset post-marked character to the tail of the transaction hash; splicing the non-sensitive content to the tail of the post-marker character; and determining the data spliced by the transaction hash, the post-marked character and the non-sensitive content as the concealed data.
The determining module 1902, based on a preset expression mode adjusting model, adjusts the expression mode of the non-sensitive content; and determining the concealed data according to the transaction hash and the adjusted non-sensitive content.
The determining module 1902, configured to obtain a signature of the concealed instruction, and determine whether the obtained signature satisfies a specified condition; if yes, determining the hiding data according to the hiding instruction; if not, the hiding instruction is rejected.
If the transaction corresponding to the target transaction identifier is a transaction written into a block chain, the signature of the hiding instruction is the signature of a block chain node, and the specified condition is that the number of acquired signatures is greater than the specified number.
If the transaction corresponding to the target transaction identifier is a transaction written into a class block chain, the specified condition is that the acquired signature comprises signatures of at least two authorities.
The signature of each authority is assigned a weight;
if the transaction corresponding to the target transaction identifier is a transaction written into the block chain, the specified condition is that the sum of the weights corresponding to the acquired signatures is greater than the specified weight.
For any block in the block chain, if the block does not contain the suppressed data, the tag of the block is not the designated tag.
Let the block chain include N blocks, the value of the ith binary bit of the pre-created binary string is the label of the ith block in the block chain, i ∈ [1, N ].
The device further comprises:
the transaction write module 1904 writes the concealed transaction encapsulated with the concealed instruction into a block chain.
The transaction write module 1904 writes a concealed transaction including a hash of the concealed instruction and the concealed data into a block chain.
Fig. 20 is a schematic structural diagram of an apparatus for constructing a mekerr tree corresponding to a block according to an embodiment of the present disclosure, including:
an obtaining module 2001, for a target block in a block chain, obtaining a tag of the target block;
a reading module 2002, configured to, for each transaction storage location in the target block, read data from the transaction storage location if the tag of the target block is a designated tag; wherein the designated tag characterizes that at least one sensitive transaction is stored in the target block, and for each sensitive transaction, the sensitive transaction has been replaced with anonymized data comprising a transaction hash for the sensitive transaction;
a first processing module 2003, if it is determined that the data read from the transaction storage location includes a transaction, performing hash calculation on the transaction included in the read data to obtain a transaction hash corresponding to the transaction storage location;
a second processing module 2004 for extracting a transaction hash from the concealed data included in the read data as a transaction hash corresponding to the transaction storage location, if it is determined that the data read from the transaction storage location includes concealed data;
the constructing module 2005 is configured to construct a meikel tree corresponding to the target block based on the transaction hash corresponding to each transaction storage location in the target block.
The operation of replacing sensitive transactions stored in the target block with suppressed data is as follows:
determining a transaction hash for the sensitive transaction;
splicing preset pre-marked characters to the head of the transaction hash;
determining concealed data according to the data formed by splicing the front mark character and the transaction hash;
replacing the sensitive transaction with the determined anonymized data.
Determining the concealed data according to the data spliced by the pre-marked characters and the transaction hash, which specifically comprises the following steps:
splicing preset post-marked characters to the tail of the transaction hash, and splicing remark information to the tail of the post-marked characters;
and determining the data spliced by the front marked characters, the transaction hash, the rear marked characters and the remark information as the concealed data.
The first processing module 2003, if the data read from the transaction storage location does not include the pre-marked character, determining that the data read from the transaction storage location includes a transaction;
the second processing module 2004 determines that the data read from the transaction storage location includes the suppressed data if the data read from the transaction storage location includes the pre-marked character.
The second processing module 2004 determines data following the pre-marker character in the concealed data included in the read data as a transaction hash and extracts the transaction hash; or, data of a predetermined length following the pre-marker character in the concealed data included in the read data is extracted by determining the data as a transaction hash.
The second processing module 2004 determines data between the front marker character and the rear marker character in the concealed data included in the read data as a transaction hash, and extracts the transaction hash.
For each transaction storage location in a block chain, storing a content field comprising a transaction or anonymized data generated based on the transaction, and an identification field;
wherein the identification field comprises a first identifier when the content field comprises a transaction and a second identifier when the content field comprises anonymized data generated based on the transaction;
the first processing module 2003, if the identification field in the data read from the transaction storage location includes the first identifier, determining that the data read from the transaction storage location includes a transaction;
the second processing module 2004 determines that the data read from the transaction storage location includes the suppressed data if the identification field in the data read from the transaction storage location includes the second identifier.
The constructing module 2005 is configured to construct a meikel tree corresponding to the target block in a default manner if the tag of the target block is not the designated tag.
Setting a block chain to comprise N blocks, wherein the value of the ith binary bit of a pre-created binary number string is the label of the ith block in the block chain, and i belongs to [1, N ];
the obtaining module 2001, determining the sequence number M of the target block; reading the value of the Mth binary bit from the binary string as the label of the target block.
Fig. 21 is a schematic structural diagram of a simple payment verification apparatus provided in an embodiment of the present specification, including:
a receiving module 2101 to receive a verification request; the verification request comprises a target transaction identification;
a building module 2102, configured to determine, according to the verification request, a block in a block chain of the building module, where a transaction place corresponding to the target transaction identifier is located, and build a merkel tree corresponding to the block based on the method shown in fig. 11 or fig. 13;
and the verification module 2103 is used for performing simple payment verification on the transaction corresponding to the target transaction identifier based on the constructed Merkel tree.
A centralized storage scheme based on class blockchains comprises the following steps:
and receiving the data records to be stored, and determining the hash value of each data record.
The data records to be stored here may be various consumption records of individual users of the client, and also may be business results, intermediate states, operation records, and the like generated by the application server when executing business logic based on instructions of the users. Specific business scenarios may include consumption records, audit logs, supply chains, government regulatory records, medical records, and the like.
And when the preset blocking condition is reached, determining each data record to be written into the block, and generating an Nth block containing the hash value of the block and the data record.
The preset blocking condition comprises the following steps: when the number of data records to be stored reaches a number threshold, for example, a new block is generated every time one thousand data records are received, and one thousand data records are written into the block; alternatively, a time interval from the last blocking time reaches a time threshold, for example, every 5 minutes, a new block is generated, and the data records received within the 5 minutes are written into the block.
N herein refers to a serial number of a block, that is, in the embodiment of the present specification, the blocks are arranged in a block chain manner, and are arranged in sequence based on the blocking time, so that the block has a strong timing characteristic. The block height of the block is monotonically increased based on the sequence of the blocking time. The block height may be a sequence number, and the block height of the nth block is N at this time; the block height may also be generated in other ways.
When N is equal to 1, the block at this time is the initial block. The hash value and the block height of the initial block are given based on a preset mode. For example, the initial block contains no data record, the hash value is any given hash value, and the block height blknum is 0; for another example, the generation trigger condition of the initial chunk is consistent with the trigger conditions of other chunks, but the hash value of the initial chunk is determined by hashing all the contents in the initial chunk.
When N >1, since the content and hash value of the previous block have already been determined, at this time, the hash value of the current block (nth block) may be generated based on the hash value of the previous block (i.e., nth-1 block), for example, one possible way is to determine the hash value of each data record to be written into the nth block, generate a merkel tree in the order of arrangement in the blocks, concatenate the root hash value of the merkel tree with the hash value of the previous block, and generate the hash value of the current block again using the hash algorithm. For example, the hash value of the entire data record may be obtained by concatenating the data records in the order of the data records in the block and hashing the concatenated data records, and the hash value of the previous block and the hash value of the entire data record may be concatenated to perform a hash operation on the concatenated string to generate the hash value of the block.
By the above-mentioned block generation method, each block is determined by a hash value, and the hash value of a block is determined by the content and the sequence of the data records in the block and the hash value of the previous block. The user can initiate verification based on the hash value of the block at any time, and the modification of any content in the block (including the modification of the data record content or sequence in the block) can cause the hash value of the block calculated in the verification to be inconsistent with the hash value in the block generation, so that the verification fails, and centralized non-tampering is realized.
By generating a block comprising a certain number of data records and recording the hash value when the block is generated, centralized storage of the data records in a block chain manner is realized. In this data storage method, the hash value of each block depends on the hash value of the previous block and the content of the data record contained in the block. The user can inquire own data record at any time based on the storage form, and can verify the hash value of the appointed block or the appointed data record according to the hash value, so that the integrity of the user data is ensured, and the user experience is improved.
Embodiments of the present specification further provide a computer device, which at least includes a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements the functions of the methods shown in fig. 2, 5, 7, 9 to 14 when executing the program.
Fig. 22 is a more specific hardware structure diagram of a computing device provided in an embodiment of the present specification, where the device may include: processor 2210, memory 2220, input/output interface 2230, communication interface 2240, and bus 2250. Wherein processor 2210, memory 2220, input/output interface 2230, and communication interface 2240 enable communication connections within the device to each other through bus 2250.
Processor 2210 may be implemented by a general purpose CPU (Central Processing Unit), a microprocessor, an Application Specific Integrated Circuit (ASIC), or one or more Integrated circuits, and configured to execute related programs to implement the technical solutions provided in the embodiments of the present disclosure.
The Memory 2220 may be implemented in the form of a ROM (Read Only Memory), a RAM (Random access Memory), a static storage device, a dynamic storage device, or the like. The memory 2220 may store an operating system and other application programs, and when the technical solution provided by the embodiments of the present specification is implemented by software or firmware, the relevant program codes are stored in the memory 2220 and called by the processor 2210 to be executed.
The input/output interface 2230 is used for connecting input/output modules to realize information input and output. The i/o module may be configured as a component in a device (not shown) or may be external to the device to provide a corresponding function. The input devices may include a keyboard, a mouse, a touch screen, a microphone, various sensors, etc., and the output devices may include a display, a speaker, a vibrator, an indicator light, etc.
The communication interface 2240 is used for connecting a communication module (not shown in the figure) to implement communication interaction between the present apparatus and other apparatuses. The communication module can realize communication in a wired mode (such as USB, network cable and the like) and also can realize communication in a wireless mode (such as mobile network, WIFI, Bluetooth and the like).
Bus 2250 includes a pathway for communicating information between various components of the device, such as processor 2210, memory 2220, input/output interface 2230, and communication interface 2240.
It should be noted that although the above devices only show the processor 2210, the memory 2220, the input/output interface 2230, the communication interface 2240 and the bus 2250, in a specific implementation, the devices may also include other components necessary for proper operation. In addition, those skilled in the art will appreciate that the above-described apparatus may also include only those components necessary to implement the embodiments of the present description, and not necessarily all of the components shown in the figures.
Embodiments of the present specification also provide a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the functions of the methods shown in fig. 2, 5, 7, 9-14.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
From the above description of the embodiments, it is clear to those skilled in the art that the embodiments of the present disclosure can be implemented by software plus necessary general hardware platform. Based on such understanding, the technical solutions of the embodiments of the present specification may be essentially or partially implemented in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments of the present specification.
The systems, methods, modules or units described in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. A typical implementation device is a computer, which may take the form of a personal computer, laptop computer, cellular telephone, camera phone, smart phone, personal digital assistant, media player, navigation device, email messaging device, game console, tablet computer, wearable device, or a combination of any of these devices.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, the method and apparatus embodiments are substantially similar to the method embodiments and therefore are described in a relatively simple manner, and reference may be made to some of the descriptions of the method embodiments for related areas. The above-described method embodiments are merely illustrative, wherein the modules described as separate components may or may not be physically separate, and the functions of the modules may be implemented in one or more software and/or hardware when implementing the embodiments of the present specification. And part or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
The foregoing is only a specific embodiment of the embodiments of the present disclosure, and it should be noted that, for those skilled in the art, a plurality of modifications and decorations can be made without departing from the principle of the embodiments of the present disclosure, and these modifications and decorations should also be regarded as the protection scope of the embodiments of the present disclosure.

Claims (25)

1. A method of hiding transactions written to a chain of blocks, comprising:
receiving a hide instruction; the hiding instruction comprises a target transaction identifier and a hiding condition, and the hiding condition is used for determining sensitive content in the transaction corresponding to the target transaction identifier;
acquiring transaction hash of the transaction corresponding to the target transaction identifier, and extracting non-sensitive content from the transaction corresponding to the target transaction identifier according to the hiding condition included in the hiding instruction;
splicing preset front marker characters to the head of the transaction hash, and splicing preset rear marker characters to the tail of the transaction hash;
splicing the non-sensitive content to the tail of the post-marker character;
determining data spliced by the transaction hash, the front marker character, the rear marker character and the non-sensitive content as concealed data;
and replacing the transaction in the block chain corresponding to the target transaction identification with the suppressed data.
2. The method of claim 1, wherein for each transaction storage location in a block chain, the transaction storage location stores a content field and an identification field, the content field including a transaction or anonymized data generated based on the transaction;
wherein the identification field includes a first identifier when the content field includes a transaction and a second identifier when the content field includes anonymized data generated based on the transaction.
3. The method as recited in claim 1, wherein the suppressed condition is sensitive location information characterizing a location of sensitive content in the transaction corresponding to the target transaction identification.
4. The method as claimed in claim 1, wherein determining the suppressed data based on the suppressed instruction comprises:
acquiring a signature of the hiding instruction, and judging whether the acquired signature meets a specified condition;
if yes, determining the hiding data according to the hiding instruction;
if not, the hiding instruction is rejected.
5. The method as recited in claim 4, wherein the signature of the concealed instruction is a signature of a blockchain node if the transaction to which the target transaction identification corresponds is a transaction written to a blockchain, and wherein the specified condition is that the number of signatures acquired is greater than a specified number.
6. The method of claim 4, wherein the specified condition is that the acquired signature comprises signatures of at least two authorized parties if the transaction corresponding to the target transaction identifier is a transaction written into a blockchain.
7. The method of claim 4, wherein the signature of each authority is assigned a weight;
if the transaction corresponding to the target transaction identifier is a transaction written into the block chain, the specified condition is that the sum of the weights corresponding to the acquired signatures is greater than the specified weight.
8. The method of claim 1, further comprising:
and determining the label of the block where the transaction is located corresponding to the target transaction identification as a designated label.
9. The method of claim 8, wherein for any block in the chain of blocks, if the block does not contain suppressed data, the tag of the block is not the designated tag.
10. The method of claim 9, wherein the block chain is configured to include N blocks, and the value of the ith binary bit of the pre-created binary string is the tag of the ith block in the block chain, i e [1, N ].
11. The method of claim 1, further comprising:
writing the concealed transaction encapsulating the concealed instruction into a block chain.
12. The method as claimed in claim 11, wherein writing the suppressed transaction encapsulating the suppressed instruction into a block chain comprises:
and writing the concealed transaction of the data hash encapsulated with the concealed instruction and the concealed data into a block chain.
13. An apparatus for concealing transactions written to a chain of blocks, comprising:
the receiving module receives the hiding instruction; the hiding instruction comprises a target transaction identifier and a hiding condition, and the hiding condition is used for determining sensitive content in the transaction corresponding to the target transaction identifier;
the acquisition and extraction module is used for acquiring the transaction hash of the transaction corresponding to the target transaction identifier and extracting non-sensitive content from the transaction corresponding to the target transaction identifier according to the hiding condition included by the hiding instruction;
the determining module is used for splicing a preset front marker character to the head of the transaction hash and splicing a preset rear marker character to the tail of the transaction hash; splicing the non-sensitive content to the tail of the post-marker character; determining data spliced by the transaction hash, the front marker character, the rear marker character and the non-sensitive content as concealed data;
and the processing module is used for replacing the transaction corresponding to the target transaction identifier in the block chain with the hiding data.
14. The apparatus of claim 13, for each transaction storage location in a block chain that stores a content field that includes a transaction or obfuscated data generated based on the transaction, and an identification field;
wherein the identification field includes a first identifier when the content field includes a transaction and a second identifier when the content field includes anonymized data generated based on the transaction.
15. The apparatus as recited in claim 13, wherein the suppressed condition is sensitive location information characterizing a location of sensitive content in the transaction corresponding to the target transaction identification.
16. The apparatus as claimed in claim 13, wherein the determining module obtains a signature of the concealed instruction and determines whether the obtained signature satisfies a specified condition; if yes, determining the hiding data according to the hiding instruction; if not, the hiding instruction is rejected.
17. The apparatus as described in claim 16 wherein the signature of the concealed instruction is a signature of a blockchain node if the transaction to which the target transaction identification corresponds is a transaction that writes to a blockchain, and wherein the specified condition is that the number of signatures acquired is greater than a specified number.
18. The apparatus according to claim 16, wherein the specified condition is that the acquired signature includes signatures of at least two authorized parties if the transaction corresponding to the target transaction identifier is a transaction written into a blockchain.
19. The apparatus of claim 16, the signature of each authority being assigned a weight;
if the transaction corresponding to the target transaction identifier is a transaction written into the block chain, the specified condition is that the sum of the weights corresponding to the acquired signatures is greater than the specified weight.
20. The apparatus of claim 13, the apparatus further comprising:
and the label determining module is used for determining the label of the block where the transaction corresponding to the target transaction identifier is located as the designated label.
21. The apparatus of claim 20, wherein for any block in the chain of blocks, if the block does not contain suppressed data, the tag of the block is not the designated tag.
22. The apparatus of claim 13, wherein the block chain is configured to include N blocks, and wherein the value of the ith binary bit of the pre-created binary string is the tag of the ith block in the block chain, i e [1, N ].
23. The apparatus of claim 13, the apparatus further comprising:
and the transaction writing module writes the concealed transaction encapsulated with the concealed instruction into a block chain.
24. The apparatus of claim 15, the transaction write module to write a concealed transaction block chain encapsulating a data hash of the concealed instruction and the concealed data.
25. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program implements the method of any one of claims 1 to 12.
CN201910100726.5A 2019-01-31 2019-01-31 Method and device for hiding transaction written into block chain Active CN110008733B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910100726.5A CN110008733B (en) 2019-01-31 2019-01-31 Method and device for hiding transaction written into block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910100726.5A CN110008733B (en) 2019-01-31 2019-01-31 Method and device for hiding transaction written into block chain

Publications (2)

Publication Number Publication Date
CN110008733A CN110008733A (en) 2019-07-12
CN110008733B true CN110008733B (en) 2020-08-11

Family

ID=67165684

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910100726.5A Active CN110008733B (en) 2019-01-31 2019-01-31 Method and device for hiding transaction written into block chain

Country Status (1)

Country Link
CN (1) CN110008733B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110675265B (en) * 2019-09-29 2022-07-08 四川师范大学 Method for realizing block chain double-key hiding address protocol without temporary key leakage
CN111475828B (en) * 2020-05-14 2022-05-13 杭州烽顺科技信息服务有限公司 Encryption method and device, decryption method and device of block chain account book data

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3466137B1 (en) * 2016-05-25 2022-04-27 Nokia Technologies Oy Method, device and system for utilizing block chain to define trusted circle
CN108200079A (en) * 2018-01-19 2018-06-22 深圳四方精创资讯股份有限公司 Block chain method for secret protection and device based on symmetrical and asymmetric Hybrid Encryption
CN109271805A (en) * 2018-08-10 2019-01-25 广东工业大学 A kind of storage of data subregion, querying method and system based on block chain

Also Published As

Publication number Publication date
CN110008733A (en) 2019-07-12

Similar Documents

Publication Publication Date Title
CN110009334B (en) Meckel tree construction and simple payment verification method and device
CN110046509B (en) Method and device for hiding transaction written into block chain
CN110011800B (en) Block chain data reading method and device
US20200294048A1 (en) Blockchain-based data verification method and apparatus, and electronic device
CN110046517B (en) Method and device for hiding transaction written into block chain
CN110008743B (en) Data attribute identification method, device and equipment in block chain type account book
CN113535720A (en) Index creating method, device and equipment in block chain type account book
CN110008733B (en) Method and device for hiding transaction written into block chain
CN110059088B (en) Data attribute identification method, device and equipment in block chain type account book
CN110033264B (en) Merkel tree corresponding to building block and simple payment verification method and device
CN110059087B (en) Data attribute identification method, device and equipment in block chain type account book
CN110008734B (en) Method and device for hiding transaction written into block chain
CN110009341B (en) Method and device for hiding transaction written into block chain
CN110020548B (en) Method and device for hiding transaction written into block chain
CN110020547A (en) A kind of data hiding method, device and equipment
CN110688664B (en) Authority management method, device and equipment in block chain type account book
CN111444215A (en) Blocking method, device and equipment in block chain type account book
CN111695159B (en) Data processing method, device and equipment
CN112307011B (en) Data storage method, device and equipment
CN112307010B (en) Data storage method, device and equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20200924

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Patentee after: Innovative advanced technology Co.,Ltd.

Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Patentee before: Advanced innovation technology Co.,Ltd.

Effective date of registration: 20200924

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Patentee after: Advanced innovation technology Co.,Ltd.

Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands

Patentee before: Alibaba Group Holding Ltd.

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20240919

Address after: Guohao Times City # 20-01, 128 Meizhi Road, Singapore

Patentee after: Ant Chain Technology Co.,Ltd.

Country or region after: Singapore

Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Patentee before: Innovative advanced technology Co.,Ltd.

Country or region before: Cayman Islands

TR01 Transfer of patent right