Nothing Special   »   [go: up one dir, main page]

CN112200575B - Node group creating method and node group-based transaction method in alliance chain network - Google Patents

Node group creating method and node group-based transaction method in alliance chain network Download PDF

Info

Publication number
CN112200575B
CN112200575B CN202011118131.1A CN202011118131A CN112200575B CN 112200575 B CN112200575 B CN 112200575B CN 202011118131 A CN202011118131 A CN 202011118131A CN 112200575 B CN112200575 B CN 112200575B
Authority
CN
China
Prior art keywords
transaction
node
group
sub
anonymous
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011118131.1A
Other languages
Chinese (zh)
Other versions
CN112200575A (en
Inventor
杨文龙
夏凝
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ant Blockchain Technology Shanghai Co Ltd
Original Assignee
Alipay Hangzhou Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alipay Hangzhou Information Technology Co Ltd filed Critical Alipay Hangzhou Information Technology Co Ltd
Priority to CN202011118131.1A priority Critical patent/CN112200575B/en
Publication of CN112200575A publication Critical patent/CN112200575A/en
Application granted granted Critical
Publication of CN112200575B publication Critical patent/CN112200575B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/389Keeping log of transactions for guaranteeing non-repudiation of a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Databases & Information Systems (AREA)
  • Economics (AREA)
  • Technology Law (AREA)
  • Marketing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Development Economics (AREA)
  • Data Mining & Analysis (AREA)
  • General Engineering & Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A method for creating a node group, a node group-based transaction method in a federation chain network is disclosed. The administrator of the first node in the alliance chain network can initiate a group creation transaction through the own alliance chain account, and the group creation transaction comprises a group creation sub-transaction. After the group creation transaction is broadcasted to the alliance chain network, when the first node executes the group creation transaction, a private chain is created locally according to the group creation sub-transaction, which is equivalent to creating a node group containing the first node. While other nodes do not create a private chain locally when executing the set of creation transactions. Eventually the first node and other nodes will write the set of created transactions into the local federation chain. By the scheme, the privacy of the service data butted by the nodes can be protected.

Description

Node group creating method and node group-based transaction method in alliance chain network
Technical Field
The embodiment of the specification relates to the technical field of information, in particular to a node group creating and node group-based transaction method in a alliance chain network.
Background
A federation chain network, also called a block chain network of federation type, generally includes a plurality of enterprises as federation members, and nodes controlled by the enterprises respectively form the federation chain network.
For each enterprise as a member of the federation, a user interfacing with the enterprise may encapsulate service data of an initiated service into a transaction (a data structure specified by a blockchain protocol) and submit the transaction to a node corresponding to the enterprise, and then the node corresponding to the enterprise broadcasts the transaction to the federation chain network, and then each node in the federation chain network recognizes the transaction and writes the transaction into a local blockchain. In this way, it can be ensured that the service data written in the blockchain is difficult to be tampered.
In order to pursue the non-falsification of the service data, the existing operation mechanism of the alliance-link network causes the service data butted by any node to be disclosed to the whole network.
Disclosure of Invention
In order to solve the problem that the privacy of service data butted by nodes cannot be protected in the prior art, an embodiment of the present specification provides a transaction method for creating a node group in a federation link network and based on the node group, and the scheme is as follows:
according to a 1 st aspect of embodiments herein, there is provided a method of creating a node group in a federation chain network, the federation chain network including a plurality of nodes, the method comprising:
the first node receives a group creation transaction constructed by a first administrator account; the group creation transaction comprises a group creation sub-transaction, the group creation sub-transaction comprising a group public key; the first administrator account is an account registered by an administrator of the first node in the federation chain network; the group public key is specified by a manager of the first node;
the first node broadcasting the group creation transaction to the alliance-link network;
the first node performs the group creation transaction, including: creating a local private chain, writing the created sub-transaction into the local private chain, and encrypting the first node identifier by using the group public key;
each other node than the first node performs the group creation transaction without creating a private chain, including: encrypting the first node identification using the group public key;
each node in the alliance chain network writes the group establishing transaction and the corresponding execution result into a local alliance chain; and the execution result corresponding to the group creation transaction contains the encrypted first node identification.
According to the 2 nd aspect of the embodiments of the present specification, there is provided an anonymous registration method based on the node group created in the 1 st aspect, including:
the first node receives an anonymous registration transaction constructed by a corresponding user account; the anonymous registration transaction comprises an anonymous registration sub-transaction, and the anonymous registration sub-transaction comprises an anonymous public key and a signature generated by using a group private key corresponding to the group public key; wherein the user account is an account registered in a federation chain network by a user interfaced by the first node, the anonymous public key being specified by the user interfaced by the first node;
the first node verifies the signature corresponding to the group private key in the anonymous registration sub-transaction by using the group public key, and if the signature passes the verification, the first node processes the anonymous registration transaction, including: reconstructing an anonymous registration transaction comprising the anonymous registration sub-transaction through the first administrator account;
the first node broadcasting the reconstructed anonymous registration transaction to the federation link network;
the first node performs the anonymous registration transaction, including: writing the anonymous registration sub-transaction to a local private chain;
each other node than the first node performs the reconstructed anonymous registration transaction without creating a private chain;
each node in the federation chain network writes the anonymous registration transaction to a local federation chain.
According to a 3 rd aspect of embodiments of the present specification, there is provided a transaction method based on the anonymous registration method of the 2 nd aspect, including:
the first node receives a business transaction constructed by a corresponding user account; the business transaction comprises a business sub-transaction, and the business sub-transaction comprises business data, a signature generated by using the group private key and a signature generated by using an anonymous private key corresponding to the anonymous public key;
the first node verifies the signature corresponding to the group private key in the business sub-transaction by using the group public key, verifies the signature corresponding to the anonymous private key in the business sub-transaction by using the anonymous public key corresponding to the user account, and processes the business transaction if the verification is passed, wherein the verification comprises the following steps: reconstructing, by the first administrator account, a business transaction containing the hash value of the business sub-transaction;
the first node broadcasting the reconstructed business transaction to the federation chain network;
the first node performs the business transaction, including: writing the business sub-transaction into a local private chain;
under the condition that a private chain is not created, other nodes except the first node execute the reconstructed business transaction;
and each node in the alliance chain network writes the service transaction into a local alliance chain.
According to the technical scheme provided by the embodiment of the specification, a manager of the first node in the alliance chain network can initiate a group creation transaction through the own alliance chain account, and the group creation transaction comprises a group creation sub-transaction. After the group creation transaction is broadcasted to the alliance chain network, when the first node executes the group creation transaction, a private chain is created locally according to the group creation sub-transaction, which is equivalent to creating a node group containing the first node. While other nodes do not create a private chain locally when executing the set of creation transactions. Eventually the first node and other nodes will write the set of created transactions into the local federation chain.
Therefore, when a first manager initiates a service transaction to a first node through a self alliance chain account, if the first node determines that the service sub-transaction included in the service transaction carries a signature of a group private key, the first node determines that the service sub-transaction specifies a node group corresponding to the group private key, and the content of the service sub-transaction cannot be disclosed to an alliance chain. Finally, each node in the federation chain network writes the business transaction containing the hash value of the business sub-transaction into the local federation chain.
Through the technical scheme provided by the embodiment of the specification, on one hand, the service data plaintext butted by the first node is only stored in the private chain of the node group where the first node is located, so that the service data privacy of the first node is protected; on the other hand, the hash value of the service data corresponding to the first node is stored in the federation chain again, so that the effect of storing the certificate (non-falsification) is achieved. In addition, because the first node identifier in the execution result corresponding to the group creation transaction is encrypted, each node in the federation chain network does not locally store the actual identity information of the first node creating the node group.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of embodiments of the invention.
In addition, any one of the embodiments in the present specification is not required to achieve all of the effects described above.
Drawings
In order to more clearly illustrate the embodiments of the present specification or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the embodiments of the present specification, and other drawings can be obtained by those skilled in the art according to the drawings.
FIG. 1 is a block chain system of the prior art;
FIG. 2 is a block chain system according to an embodiment of the present disclosure;
FIG. 3 is a flowchart illustrating a method for creating a node group in a federation chain network according to an embodiment of the present specification;
fig. 4 is a schematic diagram of a first node locally maintaining a federation chain and a private chain according to an embodiment of the present specification;
fig. 5 is a flowchart illustrating an anonymous registration method based on a node group according to an embodiment of the present disclosure;
fig. 6 is a schematic flowchart of a transaction method based on an anonymous registration method according to an embodiment of the present specification;
fig. 7 is a flowchart illustrating a method for joining a node group according to an embodiment of the present specification;
fig. 8 is a schematic diagram of a second node locally maintaining a federation chain and a private chain according to an embodiment of the present specification;
fig. 9 is a flowchart illustrating an anonymous registration method based on a node group according to an embodiment of the present specification;
fig. 10 is a schematic flowchart of a transaction method based on an anonymous registration method according to an embodiment of the present specification;
fig. 11 is a schematic diagram of an apparatus for configuring a method according to an embodiment of the present disclosure.
Detailed Description
Fig. 1 is a schematic diagram of a conventional blockchain system. As shown in fig. 1, in the prior art, a federation chain account may send a transaction through any node, the transaction containing traffic data, and the transaction may be broadcast to the entire network so that each node caches the transaction locally. In the consensus stage, the nodes A to D generate blocks based on a consensus algorithm, a plurality of transactions are packaged in the blocks, each node executes the transactions in the blocks generated by consensus, and writes the blocks into a local alliance chain (which is equivalent to writing each transaction in the blocks into the local alliance chain), so that the transaction execution and the uplink storage of the transactions are realized.
The blockchain system described in fig. 1 would disclose the service data butted by each node in plain text in the federation chain, and all nodes in the federation chain network can check each other for the service data, so that protection of service data privacy cannot be achieved.
The scheme is used for realizing data isolation between nodes (data isolation between node groups, and data isolation between nodes and node groups) in a alliance chain network, so that the service data privacy of the nodes is protected.
The architecture of the blockchain system to which the present solution is applied will be described first. The blockchain system includes a federation chain network, and the federation chain network is composed of a plurality of nodes, and each node is deployed with a blockchain maintained by the federation chain network (for convenience of description, the blockchain maintained by the federation chain network is referred to as a federation chain). Each node in the federation chain network, in addition to maintaining a local federation chain, may also maintain at least one local private blockchain (referred to as a private chain for ease of description).
The term "private" as used herein refers to a private node group, and does not refer to a private node. Nodes maintaining the same private chain form a node group, and a node may create or join one or more than one node group. If a certain node group only comprises one node, the local private chain of the node is the private chain maintained by the node group; if a node group includes more than one node, then the private chain local to each node in the node group is the same, which is the private chain maintained by the node group.
In the scheme, any node can create or join a node group, nodes in the same node group maintain the same private chain, and the service data plaintext butted by the nodes in the same node group can be only written into the private chain of the node group, so that data isolation between the inside and the outside of the node group is realized.
Fig. 2 is a schematic structural diagram of a block chain system according to an embodiment of the present disclosure. As shown in fig. 2, the federation chain network includes a node a, a node B, a node C, and a node D, where nodes a to D all maintain locally the same federation chain, which is the block chain maintained by the federation chain network. In addition, node a and node D belong to the same node group, maintain the same private chain 1, share service data with each other, node C itself creates a node group, the node group includes only node C, node C maintains private chain 2 alone (of course, node A, B, D may be allowed to subsequently join the node group), node B does not create or join any node group, and service data docked by node B is shared to the whole network.
It should be noted that the service data of the node a and the node D are not shared to the node B and the node C, which realizes data isolation between node groups and between nodes. The service data of the node C can not be shared by other nodes, and the data isolation between the nodes is realized.
It can be seen that the architecture of the block chain system in this scheme is actually a two-layer network nested structure, the outer layer is a federation chain network, and a plurality of private chain networks (one private chain network is a node group) can be formed inside the federation chain network.
In addition, several concepts that may appear in the description of the present solution need to be explained.
Trading: refers to a transaction initiated by an account registered in the federation chain network (e.g., a manager account registered in the federation chain network by a manager of a certain node, and a user account registered in the federation network by a common user served by the manager), which is a concept at the federation chain network level, and the transaction is further written into the federation chain after being broadcast to each node in the federation chain network. For example, group creation transactions, group join transactions, business transactions.
Sub-transaction: refers to nested data structures within a transaction, which is a concept at the private chain network level. A child transaction specifies the private chain to which it is written, and all nodes maintaining the private chain write the child transaction to the private chain. For example, group creation sub-transactions, group joining sub-transactions, business sub-transactions.
As is well known, in the field of block chains, transactions are divided into executable transactions and credit-type transactions, and for executable transactions, a node not only needs to write the executable transactions into a block chain, but also needs to execute operations based on some data parameters in the executable transactions to obtain execution results; for the deposit card type transaction, the node does not need to execute, and only writes the deposit card type transaction into the block chain for deposit card.
The transaction on the federation chain level in the scheme is usually an execution type transaction, and the sub-transaction on the private chain level can be a deposit-certificate type transaction or an execution type transaction.
A first node: for convenience of description, a certain node in the federation chain network that creates a node group is referred to as a first node.
The second node: for convenience of description, some other node in the federation chain network that joins the group of nodes created by the first node is referred to as a second node.
In order to make those skilled in the art better understand the technical solutions in the embodiments of the present specification, the technical solutions in the embodiments of the present specification will be described in detail below with reference to the drawings in the embodiments of the present specification, and it is obvious that the described embodiments are only a part of the embodiments of the present specification, and not all the embodiments. All other embodiments that can be derived by one of ordinary skill in the art from the embodiments given herein are intended to be within the scope of protection.
The technical solutions provided by the embodiments of the present description are described in detail below with reference to the accompanying drawings.
Fig. 3 is a flowchart of a method for creating a node group in a federation chain network, provided by an embodiment of the present specification, including the following steps:
s300: the first node receives a group creation transaction constructed by a first administrator account.
The first administrator account is an account registered by an administrator of the first node in the federation chain network. Generally, the administrator of a node is the organization (e.g., a bank) that provides business services to users. Typically, a centralized server on the node's administrator will interface with several users. For a user, a management party of a node provides centralized service, the user initiates a service to a centralized server of the management party of the node, and the centralized server encapsulates corresponding service data into a service transaction through an account of a first management party and submits the service transaction to the first node, so that the alliance-link network processes and stores the service transaction.
However, for the node group creation operation and the node group join operation, the operations are usually initiated by the administrator of the node and are not initiated by the user who the administrator of the node interfaces with.
In this embodiment of the present specification, the group creation transaction includes a creation sub-transaction (of course, other parameters are also included in general), and the creation sub-transaction includes a group public key, which is specified by the administrator of the first node and is used as a public key corresponding to the created node group. It will be appreciated that the administrator of the first node now specifies the group public key and, of course, also the group private key.
It should be noted here that the transaction is a data structure known in the field of block chain technology, and the transaction usually contains other parameters (such as an account address, a hash value of the transaction, a signature of the transaction from the account initiating the transaction, etc.) in addition to the data to be processed (data), where the other parameters in the transaction are not important in the present scheme, and hereinafter, the other parameters are not emphasized again, and only data contained in the transaction is focused.
S302: the first node broadcasts the group creation transaction to the alliance-link network.
S304: the first node performs the group creation transaction.
S306: each other node than the first node performs the group creation transaction without creating a private chain.
S308: and each node in the alliance chain network writes the group establishing transaction and the corresponding execution result into a local alliance chain.
From the network level of the alliance chain, after accepting the group creation transaction initiated by the first manager account, the first node broadcasts the group creation transaction to the whole network. Each node in the alliance-link network packages the group creation transaction into a block based on a consensus algorithm (it is understood that there are other transactions in the block, and the other transactions are not necessarily other group creation transactions, and may be group join transactions or business transactions). After the block is generated by this consensus, each node needs to perform each transaction in the block and write the block into the local federation chain. It is noted here that a node will typically execute transactions based on locally deployed smart contracts or firmware.
Because the first node is the main body of the node group created this time, the private chain can be created only when the first node is local, and the private chain cannot be created when other nodes are local. This means that the first node performs the group creation transaction differently than the other nodes.
When the first node executes the group creation transaction, a private chain is created locally, a group creation sub-transaction embedded in the group creation transaction is extracted, written into the local private chain, and the group public key is used for encrypting the first node identifier.
And when executing the group creation transaction, each other node except the first node does not create the private chain, actually executes the group creation transaction without creating the private chain, and encrypts the first node identification by using the group public key. The other nodes may perform the group creation transaction "symbolically" (in addition, as long as it is ensured that the group public key is used to encrypt the first node identifier), in order to implement different manners of performing the group creation transaction by the first node and the other nodes, the following implementation may be specifically adopted:
two groups of created transaction execution logics can be deployed on each node, and the two groups of created transaction execution logics respectively correspond to two different logic triggering conditions. The group creation transaction execution logic 1 may be to create a private chain locally, write a group creation sub-transaction into the local private chain, and encrypt the first node identifier using the group public key, where the execution node is a node that accepts and broadcasts the group creation transaction; the group creation transaction execution logic 2 may be any execution logic that does not actually execute the group creation transaction, as long as it is ensured that the first node identification is encrypted using the group public key, and the trigger condition for this is that the execution node is not the node that accepts and broadcasts the group creation transaction. It is worth emphasizing here that the present specification does not specifically define the group creation transaction execution logic 2, as long as "symbolic" execution of the group creation transaction without creating a private chain is satisfied.
It will be appreciated that the results of the execution of the group creation transaction will of course also be written into the federation chain, and the results of the execution written into the federation chain by each node will of course be identical. In a specific implementation, the group creation transaction execution logic 1 and the group creation transaction execution logic 2 may be set to generate a logic of a same execution result, and the execution result corresponding to the group creation transaction may be set to include a group public key and an encrypted first node identifier, so as to store a public key corresponding to a node group created by the group creation transaction and an encrypted identity of a node creating the node group.
It is to be understood that the writing of the execution result into the federation chain (or private chain) herein does not necessarily mean storing the execution result in plaintext into the federation chain (or private chain), and may also mean storing the execution result in plaintext locally and anchoring the hash value of the execution result in plaintext onto the federation chain (private chain).
The above description of "symbolic" execution of a group creation transaction is also applicable to the case of "symbolic" execution of other transactions, and the specific principles will not be described again later when "symbolic" execution is mentioned. It is worth emphasizing that the node identification does not need to be encrypted when symbolically performing anonymous registration transactions and business transactions.
In addition, in practical applications, more than one node group may be created in the federation chain network, in which case, the group public key of the node group may be used as a unique identifier to distinguish different node groups, or a group identifier may be set for the node group.
Specifically, the group creation sub-transaction may further include a group identifier, and accordingly, an execution result corresponding to the group creation transaction may also include the group identifier.
In an embodiment of the present specification, the group creation sub-transaction may further include a signature generated using a group private key, so that the first node may verify the signature before broadcasting the group creation transaction to the whole network, and if the verification is passed, the group creation transaction is authorized to be initiated by the holder of the group private key, and a node group may be created based on the group creation transaction.
In this embodiment, it can be understood that, the first node writes the group creation sub-transaction into the locally created private chain, and actually the first node will package the private chain creation block of the group creation sub-transaction (which typically also includes several group join sub-transactions or business transactions accepted after the creation of the private chain) and write into the locally created private chain.
As can be seen, for a group creation transaction and its embedded group creation sub-transactions, the group creation transaction is packed into a block of a federation chain and written into the federation chain, and the group creation sub-transactions are packed into a creation block of a private chain local to the first node. In order to clarify the association relationship between the federation chain block and the private chain block and facilitate the record lookup, the first node may write a pointer object in the private chain block (which may specifically be in the block header) encapsulating the group creation sub-transaction, for pointing to the federation chain block encapsulating the group creation transaction.
Fig. 4 is a schematic diagram of a first node locally maintaining a federation chain and a private chain according to an embodiment of the present specification. As shown in fig. 4, the private chain creature block (packed with group creature sub-transactions) of the private chain local to the first node points to a federation chain block in the locally maintained federation chain in which the group creature transaction is packed by a pointer object.
The node group in the scheme can only comprise one node, and the node can write the service data butted by the node into a local private chain in a clear text manner. For this reason, a description will be given of how to anonymously register a user and how to transact in the case where only one node is included in the node group.
In practical application, a user interfacing with the first node may not delegate the first node to initiate a service transaction, but the user registers an account in the federation chain network and initiates the service transaction through the federation chain network. In this case, the user has a need for anonymity and does not want to disclose his identity in the federation chain network. To this end, fig. 5 is a flowchart illustrating an anonymous registration method based on a node group according to an embodiment of the present specification, where the method includes the following steps:
s500: the first node receives an anonymous registration transaction constructed from a corresponding user account.
The anonymous registration transaction comprises an anonymous registration sub-transaction, and the anonymous registration sub-transaction comprises an anonymous public key and a signature generated by using a group private key corresponding to the group public key; wherein the user account is an account registered in a federation chain network by a user interfacing with the first node, and the anonymous public key is specified by the user interfacing with the first node.
It will be appreciated that at the federation chain network level, an anonymous registration transaction effectively contains identity information for a user account, since the anonymous registration transaction is initiated by the user account.
S502: and the first node verifies the signature corresponding to the group private key in the anonymous registration sub-transaction by using the group public key, and processes the anonymous registration transaction if the signature passes the verification.
The processing comprises the following steps: reconstructing an anonymous registration transaction comprising the anonymous registration sub-transaction through the first administrator account. The effect of this process is that the first node reconstructs the anonymous registration transaction with its own identity, so that the identity information of the user account can be stripped.
S504: the first node broadcasts the reconstructed anonymous registration transaction to the federation chain network.
Because the identity information of the user account is stripped from the anonymous registration transaction, the first node broadcasts the anonymous registration transaction to the whole network, and the identity information of the user account cannot be leaked.
S506: the first node performs the anonymous registration transaction.
Specifically, the first node writes the anonymous registration sub-transaction to a local private chain. Thus, it is equivalent to anonymously registering the user at the private link network level. The user may subsequently initiate a business sub-transaction using a signature generated by the anonymous private key at the private chain network level.
S508: each other node than the first node performs the reconstructed anonymous registration transaction without creating a private chain.
In particular, each other node than the first node symbolically executes the reconstructed anonymous registration transaction without creating a private chain.
S510: each node in the federation chain network writes the reconstructed anonymous registration transaction to a local federation chain.
In addition, the anonymous registration sub-transaction may further include a signature generated using an anonymous private key corresponding to the anonymous public key to prove that an originator of the anonymous registration sub-transaction holds the anonymous private key.
Correspondingly, the first node may verify the signature corresponding to the anonymous private key in the anonymous registration sub-transaction by using the anonymous public key, and if the signature corresponding to the anonymous private key is verified, the first node processes the anonymous registration sub-transaction.
In addition, although the user is registered anonymously, in order to audit the service transaction initiated by the user in an anonymous identity subsequently, the first node can establish and store the corresponding relation between the anonymous public key and the user account locally, so that only the first node can master the real identity of the user corresponding to the registered anonymous public key.
Further, the first node may write a pointer object in the private chain block that encapsulates the anonymous registration sub-transaction for pointing to the federation chain block that encapsulates the reconstructed anonymous registration transaction.
Fig. 6 is a schematic flowchart of a transaction method based on an anonymous registration method according to an embodiment of the present specification, including the following steps:
s600: and the first node receives the business transaction constructed by the corresponding user account.
The business transaction comprises a business sub-transaction, and the business sub-transaction comprises business data, a signature generated by using the group private key and a signature generated by using an anonymous private key corresponding to the anonymous public key.
The business sub-transaction can be a deposit card type transaction or an execution type transaction. When the business sub-transaction is a credit card type transaction, the business data can be a data result obtained after the management party executes operation according to the business request; when the service sub-transaction is an execution type transaction, the service data may be a service request itself, the node in the node group needs to execute the service sub-transaction on the private chain network level to obtain an execution result, and both the service sub-transaction and the execution result are written into the private chain.
The business sub-transaction contains the signature corresponding to the group private key, and the business sub-transaction is proved to have the right to call the nodes in the node group to process the transaction. In addition, when more than one node group exists in the alliance-link network, the service sub-transaction may further include a group identifier for indicating the node group to be invoked by the service sub-transaction. And the first node verifies the signature in the business sub-transaction by using the group public key corresponding to the group identifier.
The business sub-transaction contains the signature corresponding to the anonymous private key, so that the business sub-transaction is proved to be initiated by the authorization of the user account corresponding to the anonymous public key.
S602: and the first node verifies the signature corresponding to the group private key in the business sub-transaction by using the group public key, verifies the signature corresponding to the anonymous private key in the business sub-transaction by using the anonymous public key corresponding to the user account, and processes the business transaction if the verification is passed.
The processing comprises the following steps: and reconstructing the business transaction containing the hash value of the business sub-transaction through the first management party account. On one hand, service data relates to data privacy and cannot be shared to a node group, on the other hand, on the network level of a alliance chain, service transactions including service sub-transactions need to be written into the alliance chain, through the processing, the first node can acquire plaintext of the service sub-transactions, and other nodes can only acquire hash values of the service sub-transactions. Meanwhile, the account information of the user initiating the business transaction cannot be leaked to other nodes except the first node.
In addition, the first node may perform the above-mentioned processing on the service transaction after determining that the anonymous public key has a correspondence with the user account according to a correspondence between the locally stored anonymous public key and the user account.
S604: the first node broadcasts the processed service transaction to the federation network.
S606: the first node performs the business transaction.
When the first node executes the business transaction, if the business sub-transaction is found to be a deposit-certificate type transaction, the business sub-transaction is written into a local private chain, if the business sub-transaction is found to be an execution type transaction, the business sub-transaction is executed, a corresponding execution sub-result is obtained, and the business sub-transaction and the corresponding execution sub-result are written into the local private chain.
S608: and other nodes in the alliance chain network execute the business transaction under the condition that a private chain is not created.
Here, the other nodes actually "symbolically" perform the traffic transaction.
S610: and each node in the alliance chain network writes the service transaction into a local alliance chain.
In addition, the first node may write a pointer object in the private chain block in which the service sub-transaction is encapsulated, for pointing to the federation chain block in which the processed service transaction is encapsulated.
A method of joining a node group is described below. It should be noted that, after the foregoing description of the principle of creating the node group is referred to, details of the principle communication will not be described.
Fig. 7 is a flowchart of a method for joining a node group according to an embodiment of the present specification, where the method includes the following steps:
s700: the second node receives a group join transaction constructed by the second administrator account.
The group join transaction comprises a group join sub-transaction, and the group join sub-transaction comprises a signature generated by using a group private key corresponding to the group public key; the second administrator account is an account registered by an administrator of the second node in the federation chain network.
After the first node creates the node group, the administrator of the second node may enable the second node to join the node group as well, and share the service data with the first node. The administrator of the first node may provide the group private key to the administrator of the second node online.
S702: and the second node verifies the signature in the group joining sub-transaction by using the group public key, and if the signature passes the verification, the second node broadcasts the group joining transaction to the alliance chain network.
S704: the second node performs the group join transaction.
Specifically, the second node creates a private chain locally, encrypts the second node identity using the group public key, synchronizes private chain history data from other nodes storing the same private chain (e.g., the first node and other nodes that have joined the same group of nodes), and writes the group join sub-transaction into the local private chain.
S706: the other nodes storing the same private chain perform the group join transaction.
Specifically, the other nodes storing the same private chain encrypt the second node identifier by using the group public key, and write the group join sub-transaction into the local private chain.
S708: and other nodes in the alliance chain network, which do not store the same private chain, execute the group join transaction under the condition that the private chain is not created.
The other nodes in the federation chain network that do not store the same private chain refer to other nodes that join the node group and encrypt the second node identifier using the group public key.
S710: and each node in the alliance chain network writes the group joining transaction and the corresponding execution result into a local alliance chain.
The execution result corresponding to the group join transaction may contain the encrypted second node identification.
Further, the group join transaction further includes a group identifier, and the second node verifies the signature of the group join sub-transaction using the group public key corresponding to the group identifier.
In addition, the second node and other nodes storing the same private chain write a pointer object in the private chain block encapsulating the group join sub transaction, for pointing to the federation chain block encapsulating the group join transaction.
Fig. 8 is a schematic diagram of locally maintaining a federation chain and a private chain by a second node according to an embodiment of the present specification. As shown in fig. 8, the second node requests to join the node group after the first node maintains the private chain for a while, before that, the private chain maintained by the first node stores two private chain blocks, the group join sub-transaction is packaged into a third private chain block, and meanwhile, the third private chain block is also associated with a certain alliance chain block packaged with the group join transaction.
The node group in the scheme can comprise more than one node, and each node in the same node group can share the service data butted by the node. A description is made herein of how to trade in the case where more than one node is included in a node group. It should be noted that, after the foregoing description of the principle of how to perform transactions in the case where only one node is included in the node group is referred to, details of the principle will not be repeated.
Fig. 9 is a flowchart of an anonymous registration method based on a node group according to an embodiment of the present specification, where the method includes the following steps:
s900: the second node receives an anonymous registration transaction constructed from the corresponding user account.
The anonymous registration transaction comprises an anonymous registration sub-transaction, the anonymous registration sub-transaction comprises an anonymous public key and a signature generated by using the group private key; wherein the user account is an account registered in a federation chain network by a user interfaced by the second node, and the anonymous public key is specified by the user corresponding to the second node.
S902: and the second node verifies the signature corresponding to the group private key in the anonymous registration sub-transaction by using the group public key, and processes the anonymous registration transaction if the signature passes the verification.
The processing comprises the following steps: reconstructing, via the second administrator account, an anonymous registration transaction that includes the anonymous registration sub-transaction.
S904: the second node broadcasts the processed anonymous registration transaction to the federation chain network.
S906: the second node performs the anonymous registration transaction with other nodes storing the same private chain.
Specifically, the second node writes the anonymous registration sub-transaction to a local private chain with other nodes storing the same private chain.
S908: and other nodes in the alliance chain network, which do not store the same private chain, execute the reconstructed anonymous registration transaction under the condition that the private chain is not created.
S910: each node in the federation chain network writes the anonymous registration transaction to a local federation chain.
In addition, the anonymous registration sub-transaction may further include a signature generated using an anonymous private key corresponding to the anonymous public key, such that the second node may verify the signature corresponding to the anonymous private key in the anonymous registration sub-transaction using the anonymous public key. Correspondingly, if the signature corresponding to the anonymous private key passes the verification, the second node processes the anonymous registration transaction.
In addition, the second node may establish and store a correspondence between the anonymous public key and the user account locally.
Fig. 10 is a schematic flowchart of a transaction method based on an anonymous registration method, provided by an embodiment of the present specification, and includes:
s1000: and the second node receives the business transaction constructed by the corresponding user account.
The business transaction comprises a business sub-transaction, and the business sub-transaction comprises business data, a signature generated by using the group private key and a signature generated by using an anonymous private key corresponding to the anonymous public key.
S1002: and the second node verifies the signature corresponding to the group private key in the business sub-transaction by using the group public key, verifies the signature corresponding to the anonymous private key in the business sub-transaction by using the anonymous public key, and sends the business sub-transaction to other nodes in the same node group and processes the business transaction if the verification is passed.
Since the node group includes not only the second node but also at least the first node (and possibly more nodes), the second node needs to send the service sub-transaction in the accepted service transaction to other nodes in the same node group on the private link network level.
In addition, the second node needs to reconstruct the business transaction containing the hash value of the business sub-transaction through the second administrator account. In this way, the user account information for initiating the business transaction is not leaked to other nodes except the first node.
In addition, the second node may perform the above-mentioned processing on the service transaction after determining that the anonymous public key has a correspondence with the user account according to a correspondence between the locally stored anonymous public key and the user account.
S1004: and the second node broadcasts the processed service transaction to the alliance chain network.
S1006: and the second node executes the service transaction with other nodes storing the same private chain.
S1008: and executing the processed business transaction by other nodes which do not store the same private chain in the alliance chain network under the condition that the private chain is not created.
S1010: and each node in the alliance chain network writes the processed business transaction into a local alliance chain.
Specifically, if the service sub-transaction is a credit-type transaction, the second node writes the service sub-transaction into a local private chain with other nodes storing the same private chain. And if the business sub-transaction is an execution type transaction, the second node executes the business sub-transaction with other nodes storing the same private chain, and writes the business sub-transaction and a corresponding execution sub-result into the local private chain.
Further, the service sub-transaction further includes a group identifier, and the second node may verify a signature in the service sub-transaction by using the group public key corresponding to the group identifier.
Further, the second node and other nodes storing the same private chain write a pointer object in the private chain block encapsulating the service sub-transaction, which is used for pointing to the alliance chain block encapsulating the processed service transaction.
In addition, for each other node storing the same private chain, if the other node determines that the service sub-transaction is received, the other node returns a signature to the second node. In this way, if the second node determines that the number of the received signatures of the other nodes meets the preset distributed fault-tolerant condition, the second node processes the service transaction.
The distributed fault tolerance condition may be that the number of received signatures reaches a specified number. For example, if the number of nodes in the same node group is not less than 4, the specified number may be 2f +1, where f ═ N-1)/3, and N is the number of nodes in the node group.
In addition, the embodiments of the present specification also provide a block chain system, including a federation chain network, the federation chain network including a plurality of nodes;
the first node receives a group creation transaction constructed by a first administrator account; the group creation transaction comprises a group creation sub-transaction, the group creation sub-transaction comprising a group public key; the first administrator account is an account registered by an administrator of the first node in the federation chain network; the group public key is specified by a manager of the first node; broadcasting the group creation transaction to the federation chain network; executing the group creation transaction, including: creating a private chain locally, writing the created sub-transaction into the local private chain, and encrypting the first node identifier by using the group public key;
each other node, other than the first node, performing the group creation transaction without creating a private chain, comprising: encrypting the first node identification using the group public key;
each node in the alliance chain network writes the group establishing transaction and the corresponding execution result into a local alliance chain; and the execution result corresponding to the group creation transaction contains the encrypted first node identification.
The first node receives an anonymous registration transaction constructed by a corresponding user account; the anonymous registration transaction comprises an anonymous registration sub-transaction, and the anonymous registration sub-transaction comprises an anonymous public key and a signature generated by using a group private key corresponding to the group public key; wherein the user account is an account registered in a federation chain network by a user interfaced by the first node, the anonymous public key being specified by the user interfaced by the first node; verifying the signature corresponding to the group private key in the anonymous registration sub-transaction by using the group public key, and if the signature passes the verification, processing the anonymous registration transaction, wherein the processing comprises the following steps: reconstructing an anonymous registration transaction comprising the anonymous registration sub-transaction through the first administrator account; broadcasting the reconstructed anonymous registration transaction to the federation chain network; performing the anonymous registration transaction, comprising: writing the anonymous registration sub-transaction into a local private chain;
each other node than the first node, without creating a private chain, performing the reconstructed anonymous registration transaction;
and each node in the alliance chain network writes the anonymous registration transaction into a local alliance chain.
The first node receives a business transaction constructed by a corresponding user account; the business transaction comprises a business sub-transaction, and the business sub-transaction comprises business data, a signature generated by using the group private key and a signature generated by using an anonymous private key corresponding to the anonymous public key; verifying the signature corresponding to the group private key in the business sub-transaction by using the group public key, verifying the signature corresponding to the anonymous private key in the business sub-transaction by using the anonymous public key corresponding to the user account, and processing the business transaction if the verification is passed, wherein the steps of: reconstructing a business transaction containing the hash value of the business sub-transaction through the first manager account; broadcasting the reconstructed business transaction to the federation chain network; performing the business transaction, including: writing the business sub-transaction into a local private chain;
the other nodes except the first node execute the reconstructed business transaction under the condition that a private chain is not created;
and each node in the alliance chain network writes the service transaction into a local alliance chain.
The second node receives a group joining transaction constructed by the account of the second management party; the group join transaction comprises a group join sub-transaction, and the group join sub-transaction comprises a signature generated by using a group private key corresponding to the group public key; the second administrator account is an account registered by an administrator of the second node in the federation chain network; verifying the signature in the group joining sub-transaction by using the group public key, and broadcasting the group joining transaction to the alliance chain network if the signature passes the verification; performing the group join transaction, including: creating a private chain locally, encrypting the second node identification by using the group public key, synchronizing private chain historical data from other nodes storing the same private chain, and writing the group joining sub-transaction into the local private chain;
other nodes storing the same private chain, performing the group join transaction, including: encrypting a second node identification by using the group public key, and writing the group joining sub-transaction into a local private chain;
the other nodes of the same private chain are not stored in the alliance chain network, and the group joining transaction is executed under the condition that the private chain is not created, wherein the group joining transaction comprises the following steps: encrypting a second node identification using the group public key;
each node in the alliance chain network writes the group joining transaction and the corresponding execution result into a local alliance chain; and the execution result corresponding to the group joining transaction comprises the encrypted second node identification.
The second node receives an anonymous registration transaction constructed by a corresponding user account; the anonymous registration transaction comprises an anonymous registration sub-transaction, the anonymous registration sub-transaction comprises an anonymous public key and a signature generated by using the group private key; the user account is an account registered in a alliance chain network by a user connected with the second node, and the anonymous public key is specified by the user corresponding to the second node; verifying the signature corresponding to the group private key in the anonymous registration sub-transaction by using the group public key, and if the signature passes the verification, processing the anonymous registration transaction, wherein the processing comprises the following steps: reconstructing an anonymous registration transaction comprising the anonymous registration sub-transaction through the second administrator account; broadcasting the reconstructed anonymous registration transaction to the federation chain network;
the second node, with other nodes storing the same private chain, performs the anonymous registration transaction, including: writing the anonymous registration sub-transaction to a local private chain;
the other nodes of the same private chain are not stored in the alliance chain network, and the reconstructed anonymous registration transaction is executed under the condition that the private chain is not created;
and each node in the alliance chain network writes the anonymous registration transaction into a local alliance chain.
The second node receives a business transaction constructed by a corresponding user account; the business transaction comprises a business sub-transaction, and the business sub-transaction comprises business data, a signature generated by using the group private key and a signature generated by using an anonymous private key corresponding to the anonymous public key; verifying the signature corresponding to the group private key in the business sub-transaction by using a group public key, verifying the signature corresponding to the anonymous private key in the business sub-transaction by using the anonymous public key, if the verification is passed, sending the business sub-transaction to other nodes in the same node group, and processing the business transaction, wherein the verification comprises the following steps: reconstructing a business transaction containing the hash value of the business sub-transaction through the second administrator account; broadcasting the reconstructed business transaction to the federation chain network;
the second node and other nodes storing the same private chain execute the service transaction, including: writing the business sub-transaction into a local private chain;
other nodes of the same private chain are not stored in the alliance chain network, and reconstructed service transaction is executed under the condition that the private chain is not created;
and each node in the alliance chain network writes the reconstructed service transaction into a local alliance chain.
Embodiments of the present specification also provide a computer device, which at least includes a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements the functions of the node in the embodiments of the present specification when executing the program.
Fig. 11 is a more specific hardware structure diagram of a computing device provided in an embodiment of the present specification, where the device may include: a processor 1110, a memory 1120, an input/output interface 1130, a communication interface 1140, and a bus 1150. Wherein the processor 1110, memory 1120, input/output interface 1130, and communication interface 1040 enable communication connections within the device with each other via bus 1050.
The processor 1110 may be implemented by a general-purpose CPU (Central Processing Unit), a microprocessor, an Application Specific Integrated Circuit (ASIC), or one or more Integrated circuits, and is configured to execute related programs to implement the technical solutions provided in the embodiments of the present specification.
The Memory 1120 may be implemented in the form of a ROM (Read Only Memory), a RAM (Random Access Memory), a static storage device, a dynamic storage device, or the like. The memory 1120 can store an operating system and other application programs, and when the technical solution provided by the embodiments of the present specification is implemented by software or firmware, the relevant program codes are stored in the memory 1120 and called by the processor 1110 for execution.
The input/output interface 1130 is used for connecting an input/output module to realize information input and output. The i/o module may be configured as a component in a device (not shown) or may be external to the device to provide a corresponding function. The input devices may include a keyboard, a mouse, a touch screen, a microphone, various sensors, etc., and the output devices may include a display, a speaker, a vibrator, an indicator light, etc.
The communication interface 1140 is used to connect a communication module (not shown in the figure) to enable the device to interact with other devices. The communication module can realize communication in a wired mode (such as USB, network cable and the like) and also can realize communication in a wireless mode (such as mobile network, WIFI, Bluetooth and the like).
Bus 1150 includes a pathway for communicating information between various components of the device, such as processor 1110, memory 1120, input/output interface 1130, and communication interface 1140.
It should be noted that although the above-mentioned device only shows the processor 1110, the memory 1120, the input/output interface 1130, the communication interface 1140 and the bus 1150, in a specific implementation, the device may also include other components necessary for normal operation. In addition, those skilled in the art will appreciate that the above-described apparatus may also include only those components necessary to implement the embodiments of the present description, and not necessarily all of the components shown in the figures.
Embodiments of the present specification also provide a computer-readable storage medium on which a computer program is stored, which program, when executed by a processor, implements the functions of a node in embodiments of the present specification.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
From the above description of the embodiments, it is clear to those skilled in the art that the embodiments of the present disclosure can be implemented by software plus necessary general hardware platform. Based on such understanding, the technical solutions of the embodiments of the present specification may be embodied in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, or the like, and includes several instructions for enabling a computer device (which may be a personal computer, a service device, or a network device) to execute the methods described in the embodiments or some parts of the embodiments of the present specification.
The systems, methods, modules or units described in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. A typical implementation device is a computer, which may take the form of a personal computer, laptop computer, cellular telephone, camera phone, smart phone, personal digital assistant, media player, navigation device, email messaging device, game console, tablet computer, wearable device, or a combination of any of these devices.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the apparatus embodiment, since it is substantially similar to the method embodiment, it is relatively simple to describe, and reference may be made to some descriptions of the method embodiment for relevant points. The above-described apparatus embodiments are merely illustrative, and the modules described as separate components may or may not be physically separate, and the functions of the modules may be implemented in one or more software and/or hardware when implementing the embodiments of the present disclosure. And part or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
The foregoing is only a specific embodiment of the embodiments of the present disclosure, and it should be noted that, for those skilled in the art, a plurality of modifications and decorations can be made without departing from the principle of the embodiments of the present disclosure, and these modifications and decorations should also be regarded as the protection scope of the embodiments of the present disclosure.

Claims (30)

1. A method of creating a node group in a federation chain network, the federation chain network including a plurality of nodes, the method comprising:
the first node receives a group creation transaction constructed by a first administrator account; the group creation transaction comprises a group creation sub-transaction, the group creation sub-transaction comprising a group public key; the first administrator account is an account registered in the alliance chain network by the administrator of the first node;
the first node broadcasting the group creation transaction to the alliance-link network;
the first node performs the group creation transaction, including: creating a private chain locally, writing the created sub-transaction into the local private chain, and encrypting the first node identifier by using the group public key;
each other node than the first node performs the group creation transaction without creating a private chain, including: encrypting the first node identification using the group public key;
each node in the alliance chain network writes the group establishing transaction and the corresponding execution result into a local alliance chain; and the execution result corresponding to the group creation transaction contains the encrypted first node identification.
2. The method of claim 1, the group creation sub-transaction further comprising a group identification;
the execution result corresponding to the group creation transaction also contains the group identification.
3. The method of claim 1, the group creation sub-transaction further comprising a signature generated using a group private key to which the group public key corresponds;
the first node broadcasting the group creation transaction to the alliance-link network, comprising:
and the first node verifies the signature in the group creation sub-transaction by using the group public key, and if the verification is passed, the group creation transaction is broadcasted to the alliance chain network.
4. The method of claim 1, further comprising:
and the first node writes a pointer object in the private chain block encapsulating the group creation sub-transaction, and the pointer object is used for pointing to the alliance chain block encapsulating the group creation transaction.
5. An anonymous registration method based on the node group created according to any one of claims 1 to 4, comprising:
the first node receives an anonymous registration transaction constructed by a corresponding user account; the anonymous registration transaction comprises an anonymous registration sub-transaction, and the anonymous registration sub-transaction comprises an anonymous public key and a signature generated by using a group private key corresponding to the group public key;
the first node verifies the signature corresponding to the group private key in the anonymous registration sub-transaction by using the group public key, and if the signature passes the verification, the first node processes the anonymous registration transaction, including: reconstructing an anonymous registration transaction comprising the anonymous registration sub-transaction through the first administrator account;
the first node broadcasting the reconstructed anonymous registration transaction to the federation chain network;
the first node performs the anonymous registration transaction, including: writing the anonymous registration sub-transaction to a local private chain;
each other node than the first node performs the reconstructed anonymous registration transaction without creating a private chain;
each node in the federation chain network writes the anonymous registration transaction to a local federation chain.
6. The method of claim 5, the anonymous registration sub-transaction further comprising a signature generated using an anonymous private key to which the anonymous public key corresponds;
the method further comprises the following steps:
the first node verifies a signature corresponding to the anonymous private key in the anonymous registration sub-transaction by using the anonymous public key;
the first node processing the anonymous registration sub-transaction, comprising:
and if the signature corresponding to the anonymous private key passes the verification, the first node processes the anonymous registration sub-transaction.
7. The method of claim 5, further comprising:
and the first node establishes and stores the corresponding relation between the anonymous public key and the user account locally.
8. The method of claim 5, further comprising:
the first node writes a pointer object in the private chain block encapsulating the anonymous registration sub-transaction for pointing to the federation chain block encapsulating the reconstructed anonymous registration transaction.
9. A transaction method based on the anonymous registration method of any of claims 5 to 8, comprising:
the first node receives a business transaction constructed by a corresponding user account; the business transaction comprises a business sub-transaction, and the business sub-transaction comprises business data, a signature generated by using the group private key and a signature generated by using an anonymous private key corresponding to the anonymous public key;
the first node verifies the signature corresponding to the group private key in the business sub-transaction by using the group public key, verifies the signature corresponding to the anonymous private key in the business sub-transaction by using the anonymous public key corresponding to the user account, and processes the business transaction if the verification is passed, wherein the verification comprises the following steps: reconstructing a business transaction containing the hash value of the business sub-transaction through the first manager account;
the first node broadcasting the reconstructed business transaction to the federation chain network;
the first node performs the business transaction, including: writing the business sub-transaction into a local private chain;
under the condition that a private chain is not created, other nodes except the first node execute the reconstructed business transaction;
and each node in the alliance chain network writes the service transaction into a local alliance chain.
10. The method of claim 9, the business sub-transaction further comprising a group identification;
the first node uses the group public key to verify the signature corresponding to the group private key in the business sub-transaction, and the verification comprises the following steps:
and the first node verifies the signature corresponding to the group private key in the business sub-transaction by using the group public key corresponding to the group identification.
11. The method of claim 9, processing the business transaction, comprising:
and the first node processes the business transaction after judging that the anonymous public key has the corresponding relation with the user account.
12. The method of claim 9, the method further comprising:
and the first node writes a pointer object in the private chain block encapsulated with the business sub-transaction, and the pointer object is used for pointing to the alliance chain block encapsulated with the reconstructed business transaction.
13. A method for joining a node group created based on any one of claims 1 to 4, comprising:
the second node receives a group joining transaction constructed by a second administrator account; the group join transaction comprises a group join sub-transaction, and the group join sub-transaction comprises a signature generated by using a group private key corresponding to the group public key;
the second node verifies the signature in the group joining sub-transaction by using the group public key, and if the signature passes the verification, the group joining transaction is broadcasted to the alliance chain network;
the second node performing the group join transaction, including: creating a private chain locally, encrypting the second node identification by using the group public key, synchronizing private chain historical data from other nodes storing the same private chain, and writing the group joining sub-transaction into the local private chain;
the other nodes storing the same private chain perform the group join transaction, including: encrypting a second node identification by using the group public key, and writing the group joining sub-transaction into a local private chain;
executing the group join transaction by other nodes in the alliance chain network, which do not store the same private chain, under the condition that the private chain is not created, wherein the group join transaction comprises the following steps: encrypting a second node identification using the group public key;
each node in the alliance chain network writes the group joining transaction and the corresponding execution result into a local alliance chain; and the execution result corresponding to the group joining transaction comprises the encrypted second node identification.
14. The method of claim 13, the group join transaction further comprising a group identification;
the second node verifies the signature of the group joining the transaction using the group public key, including:
and verifying the signature of the group added into the transaction by using the group public key corresponding to the group identification.
15. The method of claim 13, the method further comprising:
and the second node and other nodes storing the same private chain write a pointer object in the private chain block in which the group join word transaction is encapsulated, so as to point to the alliance chain block in which the group join transaction is encapsulated.
16. A method of anonymous registration based on a group of nodes according to any of claims 13 to 15, comprising:
the second node receives an anonymous registration transaction constructed by a corresponding user account; the anonymous registration transaction comprises an anonymous registration sub-transaction, the anonymous registration sub-transaction comprises an anonymous public key and a signature generated by using the group private key;
the second node verifies the signature corresponding to the group private key in the anonymous registration sub-transaction by using the group public key, and if the signature passes the verification, the second node processes the anonymous registration transaction, including: reconstructing an anonymous registration transaction comprising the anonymous registration sub-transaction through the second administrator account;
the second node broadcasting the reconstructed anonymous registration transaction to the federation chain network;
the second node performs the anonymous registration transaction with other nodes storing the same private chain, including: writing the anonymous registration sub-transaction to a local private chain;
when other nodes which do not store the same private chain in the alliance chain network do not create the private chain, the reconstructed anonymous registration transaction is executed;
each node in the federation chain network writes the anonymous registration transaction to a local federation chain.
17. The method of claim 16, the anonymous registration sub-transaction further comprising a signature generated using an anonymous private key to which the anonymous public key corresponds;
the method further comprises the following steps:
the second node verifies a signature corresponding to the anonymous private key in the anonymous registration sub-transaction using the anonymous public key;
the second node processing the anonymous registration transaction, comprising:
and if the signature corresponding to the anonymous private key passes the verification, processing the anonymous registration transaction.
18. The method of claim 16, the method further comprising:
and the second node establishes and stores the corresponding relation between the anonymous public key and the user account locally.
19. A transaction method based on the anonymous registration method of any of claims 16-18, comprising:
the second node receives a business transaction constructed by a corresponding user account; the business transaction comprises a business sub-transaction, and the business sub-transaction comprises business data, a signature generated by using the group private key and a signature generated by using an anonymous private key corresponding to the anonymous public key;
the second node verifies the signature corresponding to the group private key in the business sub-transaction by using a group public key, verifies the signature corresponding to the anonymous private key in the business sub-transaction by using the anonymous public key, and sends the business sub-transaction to other nodes in the same node group and processes the business transaction if the verification is passed, wherein the verification comprises the following steps: reconstructing a business transaction containing the hash value of the business sub-transaction through the second administrator account;
the second node broadcasting the reconstructed business transaction to the federation chain network;
the second node executes the service transaction with other nodes storing the same private chain, including: writing the business sub-transaction into a local private chain;
under the condition that the private chain is not created, other nodes which do not store the same private chain in the alliance chain network execute reconstructed service transaction;
and each node in the alliance chain network writes the reconstructed business transaction into a local alliance chain.
20. The method of claim 19, the business sub-transaction further comprising a group identification;
the second node uses the group public key to verify the signature corresponding to the group private key in the business sub-transaction, and the verification comprises the following steps:
and the second node verifies the signature corresponding to the group private key in the business sub-transaction by using the group public key corresponding to the group identification.
21. The method of claim 19, processing the business transaction, comprising:
and the second node processes the business transaction after judging that the anonymous public key has the corresponding relation with the user account.
22. The method of claim 19, the method further comprising:
and the second node and other nodes storing the same private chain write a pointer object in the private chain block in which the service sub-transaction is encapsulated, so as to point to the alliance chain block in which the processed service transaction is encapsulated.
23. The method of claim 19, the method further comprising:
for each other node storing the same private chain, if the other node receives the service sub-transaction, returning a signature to the second node;
the second node processes the business transaction, including:
and if the second node determines that the number of the received signatures of other nodes meets the preset distributed fault-tolerant condition, processing the service transaction.
24. A blockchain system comprising a federation chain network comprising a plurality of nodes;
the first node receives a group creation transaction constructed by a first administrator account; the group creation transaction comprises a group creation sub-transaction, the group creation sub-transaction comprising a group public key; broadcasting the group creation transaction to the federation chain network; executing the group creation transaction, including: creating a private chain locally, writing the created sub-transaction into the local private chain, and encrypting the first node identifier by using the group public key; the first administrator account is an account registered in the alliance chain network by the administrator of the first node;
each other node, other than the first node, performing the group creation transaction without creating a private chain, comprising: encrypting the first node identification using the group public key;
each node in the alliance chain network writes the group establishing transaction and the corresponding execution result into a local alliance chain; and the execution result corresponding to the group creation transaction contains the encrypted first node identification.
25. The system of claim 24, the first node, receiving an anonymous registration transaction constructed from a corresponding user account; the anonymous registration transaction comprises an anonymous registration sub-transaction, and the anonymous registration sub-transaction comprises an anonymous public key and a signature generated by using a group private key corresponding to the group public key; verifying the signature corresponding to the group private key in the anonymous registration sub-transaction by using the group public key, and if the signature passes the verification, processing the anonymous registration transaction, wherein the processing comprises the following steps: reconstructing an anonymous registration transaction comprising the anonymous registration sub-transaction through the first administrator account; broadcasting the reconstructed anonymous registration transaction to the federation chain network; performing the anonymous registration transaction, comprising: writing the anonymous registration sub-transaction to a local private chain;
each other node than the first node, without creating a private chain, performing the reconstructed anonymous registration transaction;
and each node in the alliance chain network writes the anonymous registration transaction into a local alliance chain.
26. The system of claim 25, the first node, receiving a business transaction constructed from a corresponding user account; the business transaction comprises a business sub-transaction, and the business sub-transaction comprises business data, a signature generated by using the group private key and a signature generated by using an anonymous private key corresponding to the anonymous public key; verifying the signature corresponding to the group private key in the business sub-transaction by using the group public key, verifying the signature corresponding to the anonymous private key in the business sub-transaction by using the anonymous public key corresponding to the user account, and processing the business transaction if the verification is passed, wherein the verification comprises the following steps: reconstructing a business transaction containing the hash value of the business sub-transaction through the first manager account; broadcasting the reconstructed business transaction to the federation chain network; performing the business transaction, including: writing the business sub-transaction into a local private chain;
the other nodes except the first node execute the reconstructed business transaction under the condition that a private chain is not created;
and each node in the alliance chain network writes the service transaction into a local alliance chain.
27. The system of claim 24, the second node receiving a group join transaction constructed from the second administrator account; the group join transaction comprises a group join sub-transaction, and the group join sub-transaction comprises a signature generated by using a group private key corresponding to the group public key; verifying the signature in the group joining sub-transaction by using the group public key, and broadcasting the group joining transaction to the alliance chain network if the signature passes the verification; performing the group join transaction, including: creating a private chain locally, encrypting the second node identification by using the group public key, synchronizing private chain historical data from other nodes storing the same private chain, and writing the group joining sub-transaction into the local private chain;
other nodes storing the same private chain, performing the group join transaction, including: encrypting a second node identification by using the group public key, and writing the group joining sub-transaction into a local private chain;
the federation chain network does not store other nodes of the same private chain, and the group joining transaction is executed under the condition that the private chain is not created, wherein the group joining transaction comprises the following steps: encrypting a second node identification using the group public key;
each node in the alliance chain network writes the group joining transaction and the corresponding execution result into a local alliance chain; and the execution result corresponding to the group joining transaction comprises the encrypted second node identification.
28. The system of claim 27, the second node, receiving an anonymous registration transaction constructed from a corresponding user account; the anonymous registration transaction comprises an anonymous registration sub-transaction, and the anonymous registration sub-transaction comprises an anonymous public key and a signature generated by using the group private key; verifying the signature corresponding to the group private key in the anonymous registration sub-transaction by using the group public key, and if the signature passes the verification, processing the anonymous registration transaction, wherein the processing comprises the following steps: reconstructing, by the second administrator account, an anonymous registration transaction comprising the anonymous registration sub-transaction; broadcasting the reconstructed anonymous registration transaction to the federation chain network;
the second node, with other nodes storing the same private chain, performs the anonymous registration transaction, including: writing the anonymous registration sub-transaction to a local private chain;
other nodes of the same private chain are not stored in the alliance chain network, and the reconstructed anonymous registration transaction is executed under the condition that the private chain is not created;
and each node in the alliance chain network writes the anonymous registration transaction into a local alliance chain.
29. The system of claim 28, the second node, receiving a business transaction constructed from a corresponding user account; the business transaction comprises a business sub-transaction, and the business sub-transaction comprises business data, a signature generated by using the group private key and a signature generated by using an anonymous private key corresponding to the anonymous public key; verifying the signature corresponding to the group private key in the business sub-transaction by using a group public key, verifying the signature corresponding to the anonymous private key in the business sub-transaction by using the anonymous public key, if the verification is passed, sending the business sub-transaction to other nodes in the same node group, and processing the business transaction, wherein the verification comprises the following steps: reconstructing a business transaction containing the hash value of the business sub-transaction through the second administrator account; broadcasting the reconstructed business transaction to the federation chain network;
the second node and other nodes storing the same private chain execute the service transaction, including: writing the business sub-transaction into a local private chain;
other nodes of the same private chain are not stored in the alliance chain network, and reconstructed service transaction is executed under the condition that the private chain is not created;
and each node in the alliance chain network writes the reconstructed service transaction into a local alliance chain.
30. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program implements the first node in any one of claims 1-12 or the functionality of the second node in any one of claims 13-23.
CN202011118131.1A 2020-05-28 2020-05-28 Node group creating method and node group-based transaction method in alliance chain network Active CN112200575B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011118131.1A CN112200575B (en) 2020-05-28 2020-05-28 Node group creating method and node group-based transaction method in alliance chain network

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010470181.XA CN111383018B (en) 2020-05-28 2020-05-28 Node group creating method and node group-based transaction method in alliance chain network
CN202011118131.1A CN112200575B (en) 2020-05-28 2020-05-28 Node group creating method and node group-based transaction method in alliance chain network

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN202010470181.XA Division CN111383018B (en) 2020-05-28 2020-05-28 Node group creating method and node group-based transaction method in alliance chain network

Publications (2)

Publication Number Publication Date
CN112200575A CN112200575A (en) 2021-01-08
CN112200575B true CN112200575B (en) 2022-05-31

Family

ID=71220408

Family Applications (2)

Application Number Title Priority Date Filing Date
CN202010470181.XA Active CN111383018B (en) 2020-05-28 2020-05-28 Node group creating method and node group-based transaction method in alliance chain network
CN202011118131.1A Active CN112200575B (en) 2020-05-28 2020-05-28 Node group creating method and node group-based transaction method in alliance chain network

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN202010470181.XA Active CN111383018B (en) 2020-05-28 2020-05-28 Node group creating method and node group-based transaction method in alliance chain network

Country Status (2)

Country Link
CN (2) CN111383018B (en)
WO (1) WO2021239072A1 (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111383018B (en) * 2020-05-28 2020-09-25 支付宝(杭州)信息技术有限公司 Node group creating method and node group-based transaction method in alliance chain network
CN111932239B (en) * 2020-09-18 2021-02-05 腾讯科技(深圳)有限公司 Service processing method, device, node equipment and storage medium
CN113127908B (en) * 2021-04-29 2024-04-26 郑杰骞 Chained address generation and transaction data processing method and device and storage medium
CN113449322A (en) * 2021-07-16 2021-09-28 建信金融科技有限责任公司 Data sharing method and device based on block chain, electronic equipment and readable medium
CN114285861B (en) * 2021-12-21 2023-03-21 西安交通大学 Decentralized credible identity authentication method based on alliance chain
CN116743512B (en) * 2023-08-15 2024-01-26 中移(苏州)软件技术有限公司 Network autonomy and isolation method and device, electronic equipment and readable storage medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107423978A (en) * 2017-06-16 2017-12-01 郑州大学 A kind of distributed energy business confirmation method based on alliance's block chain
CN109064325A (en) * 2018-06-25 2018-12-21 浙江超脑时空科技有限公司 A kind of intelligent contract implementation method and device based on block chain
CN109347955A (en) * 2018-10-19 2019-02-15 北京奇艺世纪科技有限公司 A kind of block chain network system and information processing method
CN109472596A (en) * 2018-10-16 2019-03-15 中国传媒大学 Alliance's chain common recognition method and system based on transaction assessment
JP2019105903A (en) * 2017-12-11 2019-06-27 三菱Ufj信託銀行株式会社 Virtual currency maintenance system
CN110035059A (en) * 2019-03-05 2019-07-19 深圳前海微众银行股份有限公司 A kind of building of block chain and group partition method and device
CN110572267A (en) * 2019-09-09 2019-12-13 北京工业大学 Anonymous electronic voting method based on block chain of alliances
KR20200000576A (en) * 2018-06-25 2020-01-03 한신대학교 산학협력단 A Method For Detecting Counterfeit application in Mobile Device Based On Blockchain

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107438002B (en) * 2016-05-27 2022-02-11 索尼公司 Block chain based system and electronic device and method in system
WO2019033394A1 (en) * 2017-08-18 2019-02-21 达闼科技成都有限公司 Blockchain system and right management method therefor
CN107911216B (en) * 2017-10-26 2020-07-14 矩阵元技术(深圳)有限公司 Block chain transaction privacy protection method and system
CN109246179B (en) * 2018-06-30 2021-06-01 华为技术有限公司 Method and apparatus for maintaining blockchain, server, and computer-readable storage medium
CN109214883A (en) * 2018-07-27 2019-01-15 阿里巴巴集团控股有限公司 Service lease method, apparatus, system and electronic equipment based on block chain
WO2020022599A1 (en) * 2018-07-27 2020-01-30 박기업 Node group managing device and computing device for configuring group key-based dual signature transaction structure in blockchain network
CN109409884A (en) * 2018-10-25 2019-03-01 北京安如山文化科技有限公司 A kind of block chain secret protection scheme and system based on SM9 algorithm
CN109995850B (en) * 2019-03-05 2022-04-26 深圳前海微众银行股份有限公司 Block chain system and transaction processing method thereof
CN110008739B (en) * 2019-03-05 2023-10-03 深圳前海微众银行股份有限公司 Block chain system based on group, group management method and device
CN110852748A (en) * 2019-11-06 2020-02-28 杭州复杂美科技有限公司 Group transaction method, device and storage medium
CN111383018B (en) * 2020-05-28 2020-09-25 支付宝(杭州)信息技术有限公司 Node group creating method and node group-based transaction method in alliance chain network

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107423978A (en) * 2017-06-16 2017-12-01 郑州大学 A kind of distributed energy business confirmation method based on alliance's block chain
JP2019105903A (en) * 2017-12-11 2019-06-27 三菱Ufj信託銀行株式会社 Virtual currency maintenance system
CN109064325A (en) * 2018-06-25 2018-12-21 浙江超脑时空科技有限公司 A kind of intelligent contract implementation method and device based on block chain
KR20200000576A (en) * 2018-06-25 2020-01-03 한신대학교 산학협력단 A Method For Detecting Counterfeit application in Mobile Device Based On Blockchain
CN109472596A (en) * 2018-10-16 2019-03-15 中国传媒大学 Alliance's chain common recognition method and system based on transaction assessment
CN109347955A (en) * 2018-10-19 2019-02-15 北京奇艺世纪科技有限公司 A kind of block chain network system and information processing method
CN110035059A (en) * 2019-03-05 2019-07-19 深圳前海微众银行股份有限公司 A kind of building of block chain and group partition method and device
CN110572267A (en) * 2019-09-09 2019-12-13 北京工业大学 Anonymous electronic voting method based on block chain of alliances

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
一种适用于联盟链的共识机制;曹兆磊;《信息安全与技术》;20191231;第10卷(第01期);全文 *

Also Published As

Publication number Publication date
WO2021239072A1 (en) 2021-12-02
CN111383018B (en) 2020-09-25
CN112200575A (en) 2021-01-08
CN111383018A (en) 2020-07-07

Similar Documents

Publication Publication Date Title
CN111382168B (en) Node group creating method and node group-based transaction method in alliance chain network
CN112200575B (en) Node group creating method and node group-based transaction method in alliance chain network
CN108681853B (en) Logistics information transmission method, system and device based on block chain
CN110457875B (en) Data authorization method and device based on block chain
CN110473094B (en) Data authorization method and device based on block chain
CN111047443B (en) User scoring method and device, electronic equipment and computer readable storage medium
CN110020854B (en) Data evidence storage method and system based on multiple block chain networks
CN110009321B (en) Transfer method and system based on block chain intelligent contract
CN110048846B (en) Signature verification method and system based on block chain intelligent contract
CN110020945B (en) Data reading method and system based on multiple block chain networks
CN111211911B (en) Collaborative signature method, device, equipment and system
CN110060153B (en) Data evidence storage method and system based on multiple block chain networks
CN113221165B (en) User element authentication method and device based on block chain
CN111178840A (en) Service processing method, device, system, electronic equipment and storage medium
CN110046991B (en) Data processing method and system based on intelligent contract of block chain
WO2024011863A1 (en) Communication method and apparatus, sim card, electronic device, and terminal device
CN114331437A (en) Block chain-based digital seal using method and device
CN114358764A (en) Privacy calculation method based on intelligent contracts in block chain and related equipment
CN115102744A (en) Data access method and device
CN113765674B (en) Cross-platform registration method and device based on blockchain
CN111861462B (en) Financial product transaction method and device based on blockchain
CN111899104B (en) Service execution method and device
CN116095671A (en) Resource sharing method based on meta universe and related equipment thereof
CN116260852A (en) Calling method, equipment and medium for third party service
CN115131029A (en) Block chain-based digital file signing method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 40044601

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20240920

Address after: Room 803, floor 8, No. 618 Wai Road, Huangpu District, Shanghai 200010

Patentee after: Ant blockchain Technology (Shanghai) Co.,Ltd.

Country or region after: China

Address before: 310000 801-11 section B, 8th floor, 556 Xixi Road, Xihu District, Hangzhou City, Zhejiang Province

Patentee before: Alipay (Hangzhou) Information Technology Co.,Ltd.

Country or region before: China