Summary of the invention
The method and apparatus that this specification embodiment is intended to provide a kind of more effectively resetting block chain account key, with solution
Deficiency certainly in the prior art.
To achieve the above object, this specification provides a kind of side that user biological feature is stored in into block chain on one side
Method, the block chain is alliance's chain, and each full node in the block chain is the common recognition node of the block chain, described
Method passes through block chain client executing corresponding with the first account of the first user, comprising:
Obtain the biological characteristic of first user;
It obtains and trusts user list, include the respective account mark of at least one second user in the trust user list
Know, at least one described second user is the trust user of preset first user;And
Into block chain, any full node sends the first transaction for biological characteristic to be arranged, so that each in block chain
A full node is arranged biological characteristic corresponding with first account in its local account database respectively and trusts user
List, wherein include the biological characteristic and the trust user list in the data field of first transaction.
In one embodiment, the biological characteristic for obtaining first user includes receiving from physical characteristics collecting device
The biological characteristic of first user.
In one embodiment, the biological characteristic comprises at least one of the following feature: face, fingerprint and iris.
In one embodiment, in the data field include biological characteristic ciphertext, the biological characteristic ciphertext by by
The client carries out the biological characteristic with the first encryption key of each full node joint consultation obtained in advance
It encrypts and obtains.
On the other hand this specification provides a kind of method that user biological feature is stored in into block chain, the block chain is
Alliance's chain, and each full node in the block chain is the common recognition node of the block chain, and the method passes through block chain
The middle first node as full node executes, comprising:
It receives from block chain and is traded by first for biological characteristic to be arranged that the first account issues, wherein described the
Biological characteristic corresponding with the first account is included at least in the data field of one transaction and trusts user list;
After being verified of digital signature to first transaction, added in local account database and institute
It states the corresponding biological characteristic of the first account and trusts user list;And
First transaction at least one of is bundled in block and is sent to block chain full node.
In one embodiment, in local account database addition biological characteristic corresponding with first account and
Trusting user list includes, addition biological characteristic ciphertext corresponding with first account and letter in local account database
Appoint user list, wherein the biological characteristic ciphertext by by the first node with each full node joint consultation
Second encryption key encrypts the biological characteristic and is obtained.
In one embodiment, the account database is the State Tree with MPT tree construction, wherein in local account
Biological characteristic corresponding with first account is added in user data library and trusts user list and includes, in the local state
The biological characteristic is added in the value of leaf node corresponding with the first account in tree and trusts user list, and correspondingly more
The value of existing node relevant to the leaf node in the new State Tree.
On the other hand this specification provides a kind of method for resetting block chain account key, wherein the block chain is connection
Alliance's chain, and each full node in the block chain is the common recognition node of the block chain, and each full node exists respectively
It is stored with the first biological characteristic corresponding with the first account of the first user in its local account database and trusts user list,
Wherein, it is described trust user list in include second user the second account account identification, the method by with the second account
The corresponding block chain client executing in family, comprising:
Obtain the second biological characteristic of first user;
The second public key of first account is obtained, second public key will be used to replace first account existing
One public key;And
Into block chain, any full node sends the second transaction for resetting the first account public key, wherein described second
It include second biological characteristic and second public key in the data field of transaction, so that each full node in block chain
The first public key of first account that it is locally stored is replaced with second public key.
In one embodiment, it is described second transaction data field in include the second biological characteristic ciphertext, described second
The third encryption key that biological characteristic ciphertext passes through each full node joint consultation obtained in advance by the client
Second biological characteristic is encrypted and is obtained.
On the other hand this specification provides a kind of method for resetting block chain account key, the block chain is alliance's chain,
And each full node in the block chain is the common recognition node of the block chain, and each full node is respectively in its local
It is stored with the first biological characteristic corresponding with the first account of the first user in account database and trusts user list, wherein
The account identification of the second account in the trust user list including second user, the method are complete by being used as in block chain
The second node of node executes, comprising:
The second transaction for resetting the first account public key issued by second account is received from block chain,
In, it include the second biological characteristic corresponding with the first account and the second public key in the data field of second transaction, described the
Two public keys will be used to replace existing first public key of first account;
After being verified of digital signature to second transaction, determine that the account identification of second account is
It is no in the trust user list, and determine second biological characteristic and first biological characteristic it is whether consistent;
The account identification for determining second account in the trust user list and second biological characteristic with
In the first biological characteristic unanimous circumstances, with the first public affairs of first account that second public key replacement is locally stored
Key;And
Second transaction at least one of is bundled in block and is sent to block chain full node.
In one embodiment, each full node is stored in its local account database and described the respectively
The corresponding first biological characteristic ciphertext of one account, wherein the first biological characteristic ciphertext is assisted jointly with each full node
The second encryption keys of quotient, the method also includes determining second biological characteristic and first biological characteristic
Whether it is consistent before, using the second decruption key of each full node joint consultation to the first biological characteristic ciphertext solution
It is close, to obtain first biological characteristic.
In one embodiment, it is described second transaction data field in include the second biological characteristic ciphertext, described second
Biological characteristic ciphertext is with the third encryption keys of each full node joint consultation, and the method also includes in determination
Before whether second biological characteristic and first biological characteristic are consistent, the of each full node joint consultation is used
Three decruption keys decrypt the first biological characteristic ciphertext, to obtain first biological characteristic.
In one embodiment, the public key cryptographic Hash of first account is also stored in the account database, it is described
Method further includes, and after the first public key of first account being locally stored with second public key replacement, updates local
Account database in first account public key cryptographic Hash.
On the other hand this specification provides a kind of device that user biological feature is stored in into block chain, the block chain is
Alliance's chain, and each full node in the block chain is the common recognition node of the block chain, and described device is deployed in and the
The corresponding block chain client of the first account of one user, comprising:
First acquisition unit is configured to, and obtains the biological characteristic of first user;
Second acquisition unit is configured to, and is obtained and is trusted user list, in the trusts user list including at least one the
The respective account identification of two users, at least one described second user are the trust user of preset first user;And
Transmission unit is configured to, and into block chain, any full node sends the first transaction for biological characteristic to be arranged, with
So that each full node setting life corresponding with first account in its local account database respectively in block chain
Object feature and trust user list, wherein include the biological characteristic and the trust in the data field of first transaction
User list.
In one embodiment, the first acquisition unit is additionally configured to, and receives described the from physical characteristics collecting device
The biological characteristic of one user.
On the other hand this specification provides a kind of device that user biological feature is stored in into block chain, the block chain is
Alliance's chain, and each full node in the block chain is the common recognition node of the block chain, and described device is deployed in block
First node in chain as full node, comprising:
Receiving unit is configured to, and is received from block chain and is used to be arranged the first of biological characteristic by what the first account issued
Transaction, wherein include at least biological characteristic corresponding with the first account in the data field of first transaction and trust user
List;
Adding unit is configured to, after being verified of digital signature to first transaction, in local account
Biological characteristic corresponding with first account is added in database and trusts user list;And
At least one of packaged unit is configured to, first transaction is bundled in block and is sent to block chain
Full node.
In one embodiment, the adding unit is additionally configured to, the addition and described the in local account database
The corresponding biological characteristic ciphertext of one account and trust user list, wherein the biological characteristic ciphertext passes through by the first segment
Point encrypts the biological characteristic with the second encryption key of each full node joint consultation and is obtained.
In one embodiment, the account database is the State Tree with MPT tree construction, wherein the addition is single
Member is additionally configured to, and it is special that the biology is added in the value of the leaf node corresponding with the first account in the local State Tree
It seeks peace and trusts user list, and update accordingly the value of existing node relevant to the leaf node in the State Tree.
On the other hand this specification provides a kind of device for resetting block chain account key, wherein the block chain is connection
Alliance's chain, and each full node in the block chain is the common recognition node of the block chain, and each full node exists respectively
It is stored with the first biological characteristic corresponding with the first account of the first user in its local account database and trusts user list,
Wherein, the account identification for trusting the second account in user list including second user, described device are deployed in and second
The corresponding block chain client of account, comprising:
First acquisition unit is configured to, and obtains the second biological characteristic of first user;
Second acquisition unit is configured to, and obtains the second public key of first account, and second public key will be used to replace
Existing first public key of first account;And
Transmission unit is configured to, and any full node sends for resetting the first account public key into block chain second is handed over
Easily, wherein include second biological characteristic and second public key in the data field of second transaction, so that block
Each full node in chain replaces the first public key of first account that it is locally stored with second public key.
In one embodiment, it is described second transaction data field in include the second biological characteristic ciphertext, described second
The third encryption key that biological characteristic ciphertext passes through each full node joint consultation obtained in advance by the client
Second biological characteristic is encrypted and is obtained.
On the other hand this specification provides a kind of device for resetting block chain account key, the block chain is alliance's chain,
And each full node in the block chain is the common recognition node of the block chain, and each full node is respectively in its local
It is stored with the first biological characteristic corresponding with the first account of the first user in account database and trusts user list, wherein
The account identification of the second account in the trust user list including second user, described device are deployed in conduct in block chain
The second node of full node, comprising:
Receiving unit is configured to, and is received from block chain and is used to reset the first account public affairs by what second account issued
Key second transaction, wherein it is described second transaction data field in include the second biological characteristic corresponding with the first account and
Second public key, second public key will be used to replace existing first public key of first account;
Determination unit is configured to, and after being verified of digital signature to second transaction, determines described second
The account identification of account determines that second biological characteristic and first biology are special whether in the trust user list
It whether consistent levies;
Replacement unit is configured to, in the account identification for determining second account in the trust user list and institute
It states in the second biological characteristic and the first biological characteristic unanimous circumstances, is replaced with second public key described in being locally stored
First public key of the first account;And
At least one of packaged unit is configured to, second transaction is bundled in block and is sent to block chain
Full node.
In one embodiment, each full node is stored in its local account database and described the respectively
The corresponding first biological characteristic ciphertext of one account, wherein the first biological characteristic ciphertext is assisted jointly with each full node
The second encryption keys of quotient, described device further include that the first decryption unit is configured to, and are determining that second biology is special
Before whether sign and first biological characteristic are consistent, using the second decruption key of each full node joint consultation to institute
The decryption of the first biological characteristic ciphertext is stated, to obtain first biological characteristic.
In one embodiment, it is described second transaction data field in include the second biological characteristic ciphertext, described second
Biological characteristic ciphertext further includes the second solution with the third encryption keys of each full node joint consultation, described device
Close unit, is configured to, before determining whether second biological characteristic and first biological characteristic are consistent, using described each
The third decruption key of a full node joint consultation decrypts the first biological characteristic ciphertext, special to obtain first biology
Sign.
In one embodiment, the public key cryptographic Hash of first account is also stored in the account database, it is described
Device further includes that updating unit is configured to, and first in first account being locally stored with second public key replacement is public
After key, the public key cryptographic Hash of first account in local account database is updated.
On the other hand this specification provides a kind of computer readable storage medium, be stored thereon with computer program, work as institute
When stating computer program and executing in a computer, computer is enabled to execute any of the above-described method.
On the other hand this specification provides a kind of calculating equipment, including memory and processor, which is characterized in that described to deposit
It is stored with executable code in reservoir, when the processor executes the executable code, realizes any of the above-described method.
In the scheme according to this specification embodiment, by combining in user biological feature and corresponding account database
The configuration of the indoor appearance of reconciliation realizes the function of the resetting account key in block chain, middle compared with the prior art to use two
Private key is used for the scheme of re-cipher key, saves the management cost of key, facilitates the operation of user.
Specific embodiment
This specification embodiment is described below in conjunction with attached drawing.
Fig. 1 shows the block chain account maintenance system according to this specification embodiment.As shown in Figure 1, being wrapped in the system
The multiple full nodes (6 full nodes are schematically illustrated in figure) for constituting block chain are included, these nodes are connected two-by-two, wherein for example including
Node 11, node 12 and node 13, the block chain are alliance's chain, and each full node therein is that may participate in common recognition in alliance's chain
Node, be equivalent to each server of block platform chain, and each full node is trusted node, and at least
One trusted authorities is corresponding.The system also includes the client 14 of block chain, client 15, the client is, for example,
Light wallet node in block chain is traded dependent on above-mentioned each full node.Wherein, client 14 is, for example, the first use
The client of first account at family, client 15 are, for example, the client of the second account of second user.
In the block chain, it is, for example, lower right-most portion institute in figure that locally maintenance has account database to each full node
The State Tree shown, the State Tree are, for example, MPT tree, and the leaf node of the MPT tree is the account content of each account (as included account
Family remaining sum, trusts the information such as account list, account key information at account biological information), MPT tree is above leaf node
Each father node include at least one address character of account and the cryptographic Hash corresponding to its whole child node, wherein the MPT
The value of the root node of tree is the state root of the tree.By the State Tree, node can obtain user's by account address local
Biological characteristic is with the key for resetting user.It is appreciated that the account database is not limited to the form of MPT State Tree,
It may be other database forms, such as Merkle tree, Trie tree.
For example, above-mentioned first user can send the transaction of setting biological characteristic by its client 14 to any full node,
So that setting is corresponding with first account in its local account database respectively for each full node in block chain
Biological characteristic and trust user list.
Lower left quarter schematically illustrates the transaction Tx sent by client 14 in figure, it is assumed that client 14 is the first user Bob
Client, (0xf5e ...) is the account address of newly-generated Bob, which is sent to node 11, node 11 by client 14
Account address be (0x6f8 ...), wherein " Data " be the transaction in data field, be, for example, with first user's
The corresponding biological characteristic of first account and trust user list, the digital signature " 0x93a " in figure is to pass through the private of the first account
Key carries out the data field in the transaction to encrypt acquired encryption data.
Node 11 is signed after receiving the transaction with the number of the public key verifications of the first account transaction obtained in advance
Name, to verify being not tampered with for transaction data, and is sent to other full nodes (such as node 12) in block chain for the transaction,
To be diffused into the full node of each of block chain.Node 13 is for example confirmed as the accounting nodes of the transaction, is somebody's turn to do in verifying
After digital signature of trading, its local account status tree is updated, that is, leaf corresponding with account address is updated in State Tree
The value of child node, i.e., increase in the leaf node biological characteristic and trust user list, and update the State Tree its
The value of its interdependent node including the state root (state root) of root node, and the transaction is bundled in block to deposit
Enter in block chain, wherein include the state root of the update in the block head of the block.Node 13 sends out newly-generated block
After giving the full node of at least one of described block chain, reach altogether after the verifying by the full node of predetermined number
Know, to generate new block in block chain, each node updates its local account status tree according to newly-generated block,
It is consistent to reach the whole network.
The account identification for trusting second account of the user list for example including above-mentioned second user, when the first user loses
When mistake private key wishes to reset key (i.e. public key), the first user can pass through second user and carry out the first account re-cipher key.Second
User can be appointed by client 15 corresponding with its second account into block chain after the biological characteristic for acquiring the first user
One Quan Jiedian (such as node 11) sends the second transaction for resetting the first account public key, so that each complete in block chain
Node replaces the public key of first user that it is locally stored used before with the new public key of the first user.
Above-mentioned block chain account re-cipher key process is described more fully below.
It is described Fig. 2 shows a kind of method for being stored in user biological feature into block chain according to this specification embodiment
Block chain is alliance's chain, and each full node in the block chain is the common recognition node of the block chain, and the method is logical
Cross the block chain client executing corresponding with the first account of the first user, comprising:
In step S202, the biological characteristic of first user is obtained;
It in step S204, obtains and trusts user list, include that at least one second user is each in the trust user list
From account identification, at least one described second user be preset first user trust user;And
In step S206, into block chain, any full node sends the first transaction for biological characteristic to be arranged, so that
Setting biology corresponding with first account is special in its local account database respectively for each full node in block chain
It seeks peace and trusts user list, wherein include the biological characteristic and the trust user in the data field of first transaction
List.
As described above, the block chain is alliance's chain, each full node of the block chain and at least one trust machine
Structure is corresponding, is the equal of each server of block platform chain, for providing store function and operation function in block chain
Can, such as storage account status tree, memory block, verifying transaction, book keeping operation, common recognition.User is with from its client, (i.e. block chain is light
Node) to the mode that these full nodes send transaction its biological characteristic, the i.e. account in each full node are stored in into block chain
Its biological characteristic is stored in State Tree respectively, so that user can be based on its local by each full node when needing to reset key
The user biological characteristic carry out re-cipher key.And each full node ensure that its respective database based on block chain framework
In data can not tamper, increase safety compared to common server.
The implementation process of each step of this method is detailed below.
Firstly, obtaining the biological characteristic of first user in step S202.
The biological characteristic can be one of biological characteristics such as face, fingerprint, iris or various features.Can by pair
The collection apparatus device answered acquires corresponding biological characteristic.For example, the features such as face, iris can be acquired by camera, pass through finger
Line acquisition device acquires fingerprint etc..The client can refer to the terminal of user, can also refer to the APP on user terminal.In visitor
In the case where family end is user terminal, which can carry above-mentioned various collection apparatus devices, to carry out collection apparatus and obtain
It takes corresponding feature or the client that can connect with corresponding collection apparatus device, and receives phase from this feature acquisition device
The feature answered.
It in step S204, obtains and trusts user list, include that at least one second user is each in the trust user list
From account identification, at least one described second user be preset first user trust user.
First user can be stored in the trust user list, while being stored in biological characteristic to block chain to be used for
The re-cipher key based on biological characteristic is carried out by the second user.That is, second user is the trusted of the first user
User.For example, first user and second user can be conjugal relation, the privacy information of the first user can not have to the
Two users retain, thus, the first user can reset key by second user in Lost Security Key.It is described at least one second
The respective account identification of user is, for example, the block chain account address of each second user, it will be understood that account mark is unlimited
In for account address, if its with second user be it is unique corresponding, for example, the block chain account address of user is real name
Certification, so that the account identification can be the identity etc. of second user.
In step S206, into block chain, any full node sends the first transaction for biological characteristic to be arranged, so that
Setting biology corresponding with first account is special in its local account database respectively for each full node in block chain
It seeks peace and trusts user list, wherein include the biological characteristic and the trust user in the data field of first transaction
List.
As shown in fig. 1, first transaction is for example including following three fields " From ", " To " and " Data ".Wherein
" From " field can insert the account address of sender, i.e. the account address of the first account is, for example, the account of Bob in Fig. 1
Address.The account address of node to be sent, such as the account address of Fig. 1 interior joint 11 can be inserted in " To " field.It is appreciated that
First user is not limited to for the transaction to be sent to node 11, but can be sent to any full node in block chain."Data"
Field is the data field in trading, and includes the biological characteristic and letter of above-mentioned acquisition for first transaction, in data field
Appoint user list.
In order to guarantee the transaction can not tamper, the first user will use the private key of the first account to count the transaction
Word signature.Client 14 is after the first transaction that will have above-mentioned digital signature is sent to node 11, and node 11 is using in advance
The digital signature is decrypted to be not tampered with for verifying the data field in the public key of the first account obtained.Node 11 exists
After the first transaction being verified of digital signature, which is sent to at least one full node of its connection, from
And the first transaction is broadcast in block chain.As shown in fig. 1, node 13 is, for example, the book keeping operation section for storing first transaction
Point, node 13 are equally tested with node 11 first after receiving first transaction issued by the first account from block chain
The digital signature of the transaction is demonstrate,proved, and updates local account database after being verified.Account database is, for example, MPT
Account database can be known as State Tree by tree construction.Specifically, node 13 updates corresponding with account address in State Tree
Leaf node, i.e., and the corresponding leaf node in account address in addition biological characteristic corresponding with the account and trust use
Family list field information, and update accordingly the value of existing node relevant to the leaf node in the State Tree, the correlation
Node includes the root node of the State Tree, and the value of the root node is the state root of the State Tree, the value of the leaf node be with
The corresponding account content in account address.
After the account content for updating first account, the account content includes at least following field: the account
Family mark, trusts user list at the remaining sum of the account, user biological feature, and the account content is not limited to include above-mentioned word
Section, for example, the account content may also include the field informations such as the cryptographic Hash of first public key.
Node 13 is after updating State Tree, if first transaction is the last one friendship in the block to be packaged
Easily, node 13 writes the state root of the State Tree in the state root field in the block head of the block, in addition also such as this field
In it is known, to generate a new block, which are stored in for also filling transaction root, receipt root etc. in the block head
In local block data block, and the newly-generated block is broadcast in block chain, to be deposited into block chain.
Other full nodes of predetermined number in block chain are after receiving the newly-generated block, by block head
State root, transaction root, receipt root etc. verify the block, and after being verified, similarly update with node 13
The block is stored in local block data block, so that the generation to the block is reached common understanding by local State Tree.In block chain
Other full nodes then can directly download the block, and local State Tree is updated based on the block.
It in one embodiment, include biological characteristic ciphertext in the data field of first transaction, the biology is special
Ciphertext is levied by the first encryption key of each full node joint consultation obtained in advance by the client 14 to institute
Biological characteristic is stated to be encrypted and obtained.Correspondingly, node 13 can be stored in the biological characteristic ciphertext in local account State Tree,
It and also include the biological characteristic ciphertext in the block of deposit block chain, so as to further protect the personal secrets of user.
In one embodiment, node 13 is in the proper account that the biological characteristic of the first user is arranged into State Tree
Before in appearance, the biological characteristic is encrypted using the second encryption key of each full node joint consultation, and by encryption
Biological characteristic is arranged into State Tree.In one embodiment, as described above, it is wrapped in the data field of first transaction
Biological characteristic ciphertext is included, the biological characteristic ciphertext is total to by each full node obtained in advance by the client 14
The biological characteristic is encrypted and is obtained with the first encryption key negotiated, for the purpose of safety, node 13 makes first
The biological characteristic ciphertext is decrypted with the first decruption key of each full node joint consultation, to obtain the bright of biological characteristic
Text, the second encryption key for reusing each full node joint consultation encrypts the biological characteristic, to obtain new biology
Feature ciphertext is simultaneously stored in State Tree.
The method that Fig. 3 shows a kind of resetting block chain account key according to this specification embodiment, wherein the block
Chain is alliance's chain, and each full node in the block chain is the common recognition node of the block chain, each full node
The first biological characteristic corresponding with the first account of the first user is stored in its local account database respectively and is trusted and is used
Family list, wherein it is described trust user list in include second user the second account account identification, the method by with
The corresponding block chain client executing of second account, comprising:
In step S302, the second biological characteristic of first user is obtained;
In step S304, the second public key of first account is obtained, second public key will be used to replace described first
Existing first public key of account;And
In step S306, into block chain, any full node sends the second transaction for resetting the first account public key,
In, it include second biological characteristic and second public key in the data field of second transaction, so that in block chain
Each full node the first public key of first account that it is locally stored is replaced with second public key.
Such as shown in fig. 1, client 14 is after carrying out method shown in Fig. 2, so that each full node in block chain
After being stored in biological characteristic corresponding with the first account in its account database respectively and trusting user list, wherein the letter
Appoint the second account in user list including second user, thus, when the first user loses private key, second can be passed through and used
The client at family resets key.
Specifically, firstly, in step S302, the second biological characteristic of first user is obtained.For example, as shown in Figure 1,
First user can come 15 location of client, to carry out the acquisition of biological characteristic, alternatively, the first user can voluntarily acquire biology
The biological characteristic is sent to the client 15 of second user in a secured manner after feature.Here, with the second biological characteristic
Indicate the biological characteristic of the first user obtained by client 15, with above pass through that client 14 obtains and be stored in shape
The biological characteristic (being denoted as the first biological characteristic herein) of the first user in state tree is mutually distinguished.
In step S304, the second public key of first account is obtained, second public key will be used to replace described first
Existing first public key of account.
For example, client 15 can receive the second public key of the first account regenerated from client 14.Alternatively, can be by
Two users obtain second public key from the first user, and input second public key etc. in client 15 by second user.
In step S306, into block chain, any full node sends the second transaction for resetting the first account public key,
In, it include second biological characteristic and second public key in the data field of second transaction, so that in block chain
Each full node the first public key of first account that it is locally stored is replaced with second public key.
Similarly with above-mentioned first transaction, " From " field of the second transaction can insert example, and client 15 is corresponding as shown in figure 1
The second account account address, the account address of node to be sent, such as the account of Fig. 1 interior joint 11 can be inserted in " To " field
Family address includes second biological characteristic and second public key of above-mentioned acquisition in " Data " field.
Similarly, in order to guarantee the transaction can not tamper, second user will use the private key of the second account to this
Two transaction are digitally signed.Client 15 is after the second transaction that will have above-mentioned digital signature is sent to node 11, section
Point 11 utilize the public key of the second account obtained in advance to the digital signature be decrypted be used for verify the data field not by
It distorts.Node 11 is sent to its connection at least after to the second transaction being verified of digital signature, by second transaction
One full node, so that the first transaction is broadcast in block chain.
As shown in fig. 1, node 13 is, for example, the accounting nodes for storing second transaction, and node 13 is from block chain
Receive this by the second account issue second transaction after, the digital signature of the transaction is equally verified with node 11 first,
And after being verified, determine the account identification of second account (the corresponding account of client 15) whether in the first account
Trust user list in, and determine second biological characteristic and first biological characteristic it is whether consistent.Specifically, node
13 can obtain trust user list corresponding with the first account and the first biological characteristic from local account status tree, thus base
The account identification of second account is determined whether in the trust user list in the trust user list, by by second
The second biological characteristic in transaction is compared with the first biological characteristic, so that it is determined that second biological characteristic and described first
Whether biological characteristic is consistent.In the account identification for determining second account in the trust user list and described second
In biological characteristic and the first biological characteristic unanimous circumstances, described in node 13 is locally stored with second public key replacement
First public key of the first account, and second transaction at least one of is bundled in block and is sent to block chain full section
Point.In the case where including public key cryptographic Hash in account status tree, node 13 can also be updated accordingly in local State Tree
Public key cryptographic Hash.
Other full nodes of predetermined number in block chain are tested after receiving the newly-generated block to the block
After card passes through, the block is being locally stored, the public key of the first local user is similarly being updated with node 13, and to the block
Generation reach common understanding.Then other full nodes in block chain can directly download the block, and updated locally based on the block
The first user public key.
In one embodiment, each full node is stored in its local account database and described the respectively
The corresponding first biological characteristic ciphertext of one account, wherein the first biological characteristic ciphertext is assisted jointly with each full node
The second encryption keys of quotient, thus, node 13 is determining whether are second biological characteristic and first biological characteristic
Before consistent, the first biological characteristic ciphertext is decrypted using the second decruption key of each full node joint consultation,
To obtain first biological characteristic.
In one embodiment, it is described second transaction data field in include the second biological characteristic ciphertext, described second
The of each full node joint consultation that biological characteristic ciphertext is obtained in advance by the client by the second user
Three encryption keys encrypt second biological characteristic and are obtained, thus, node 13 is determining second biological characteristic
With first biological characteristic it is whether consistent before, using the third decruption key of each full node joint consultation to described
First biological characteristic ciphertext decryption, to obtain first biological characteristic.
Fig. 4 shows real between the first client, the second client and block platform chain according to this specification embodiment
Apply the interaction schematic diagram of method shown in Fig. 2 and Fig. 3.As shown in Figure 4, the first client (client 14 of example as shown in figure 1) exists
Step S402 obtains the biological characteristic of the first user, and obtains the trust user list of the first user in step S404, in step
S406, the first client will include that the first transaction of biological characteristic and trust user list is sent to block platform chain, here, institute
Stating block platform chain can be specially any full node in block chain.In step S408, block platform chain is according to the first transaction
The biological characteristic of first user and trust user list are added in the account status tree of platform, here, the account of the platform
State Tree can be specially the account status tree of each full node local.Second client (client 15 of example as shown in figure 1) exists
Step S410 obtains the biological characteristic of the first user, and new public key is obtained in step S412, for carrying out to the first user
Re-cipher key, in step S414, the second client will include that the second transaction of biological characteristic and new public key be sent to block chain
Platform, here, similarly, the block platform chain can be specially any full node in block chain.In step S416, block
Platform chain verify the corresponding second user of the second client account identification whether in the trust user list of the first user, with
And whether the biological characteristic of the first user being stored in the second biological characteristic and State Tree in transaction is consistent, block chain here
Platform can be specially any full node in block chain, in step S418, in the case where being verified, and block platform chain resetting the
The public key of one user replaces the original public key of the first user using the new public key in the second transaction, block chain here is flat
Platform can be specially each full node in block chain.
Fig. 5 shows a kind of device 500 that user biological feature is stored in into block chain according to this specification embodiment, institute
Stating block chain is alliance's chain, and each full node in the block chain is the common recognition node of the block chain, described device
It is deployed in block chain client corresponding with the first account of the first user, comprising:
First acquisition unit 51, is configured to, and obtains the biological characteristic of first user;
Second acquisition unit 52, is configured to, and obtains and trusts user list, includes at least one in the trust user list
The respective account identification of second user, at least one described second user are the trust user of preset first user;With
And
Transmission unit 53, is configured to, and into block chain, any full node sends the first transaction for biological characteristic to be arranged,
So that setting is corresponding with first account in its local account database respectively for each full node in block chain
Biological characteristic and trust user list, wherein include the biological characteristic and the letter in the data field of first transaction
Appoint user list.
In one embodiment, the first acquisition unit 51 is additionally configured to, described in the reception of physical characteristics collecting device
The biological characteristic of first user.
Fig. 6 shows a kind of device 600 that user biological feature is stored in into block chain according to this specification embodiment, institute
Stating block chain is alliance's chain, and each full node in the block chain is the common recognition node of the block chain, described device
It is deployed in the first node in block chain as full node, comprising:
Receiving unit 61, is configured to, and be used to be arranged biological characteristic the issued by the first account is received from block chain
One transaction, wherein include at least biological characteristic corresponding with the first account in the data field of first transaction and trust and use
Family list;
Adding unit 62, is configured to, after being verified of digital signature to first transaction, in local account
Biological characteristic corresponding with first account is added in user data library and trusts user list;And
Packaged unit 63, is configured to, by it is described first transaction be bundled in block and be sent in block chain at least one
A full node.
In one embodiment, the adding unit 62 is additionally configured to, in local account database addition with it is described
The corresponding biological characteristic ciphertext of first account and trust user list, wherein the biological characteristic ciphertext passes through by described first
Node encrypts the biological characteristic with the second encryption key of each full node joint consultation and is obtained.
In one embodiment, the account database is the State Tree with MPT tree construction, wherein the addition is single
Member 62 is additionally configured to, and adds the biology in the value of the leaf node corresponding with the first account in the local State Tree
Feature and trust user list, and update accordingly the value of existing node relevant to the leaf node in the State Tree.
Fig. 7 shows a kind of device 700 of resetting block chain account key according to this specification embodiment, wherein described
Block chain is alliance's chain, and each full node in the block chain is the common recognition node of the block chain, described each complete
Node is stored with the first biological characteristic corresponding with the first account of the first user and letter in its local account database respectively
Appoint user list, wherein the account identification for trusting the second account in user list including second user, described device portion
Administration is in block chain client corresponding with the second account, comprising:
First acquisition unit 71, is configured to, and obtains the second biological characteristic of first user;
Second acquisition unit 72, is configured to, and obtains the second public key of first account, and second public key will be used to replace
Change existing first public key of first account;And
Transmission unit 73, is configured to, and into block chain, any full node is sent for resetting the second of the first account public key
Transaction, wherein include second biological characteristic and second public key in the data field of second transaction, so that area
Each full node in block chain replaces the first public key of first account that it is locally stored with second public key.
Fig. 8 shows a kind of device 800 of resetting block chain account key according to this specification embodiment, the block chain
For alliance's chain, and each full node in the block chain is the common recognition node of the block chain, each full node point
The first biological characteristic corresponding with the first account of the first user is not stored in its local account database and trusts user
List, wherein the account identification for trusting the second account in user list including second user, described device are deployed in area
Second node in block chain as full node, comprising:
Receiving unit 81, is configured to, and receives from block chain and is used to reset the first account by what second account issued
Second transaction of public key, wherein include the second biological characteristic corresponding with the first account in the data field of second transaction
With the second public key, second public key will be used to replace existing first public key of first account;
Determination unit 82, is configured to, and after being verified of digital signature to second transaction, determines described the
The account identification of two accounts determines second biological characteristic and first biology whether in the trust user list
Whether feature is consistent;
Replacement unit 83, is configured to, the account identification for determining second account in the trust user list and
In second biological characteristic and the first biological characteristic unanimous circumstances, the institute being locally stored is replaced with second public key
State the first public key of the first account;And
Packaged unit 84, is configured to, by it is described second transaction be bundled in block and be sent in block chain at least one
A full node.
In one embodiment, each full node is stored in its local account database and described the respectively
The corresponding first biological characteristic ciphertext of one account, wherein the first biological characteristic ciphertext is assisted jointly with each full node
The second encryption keys of quotient, described device further include that the first decryption unit 85 is configured to, and are determining second biology
Before whether feature and first biological characteristic are consistent, the second decruption key pair of each full node joint consultation is used
The first biological characteristic ciphertext decryption, to obtain first biological characteristic.
In one embodiment, it is described second transaction data field in include the second biological characteristic ciphertext, described second
Biological characteristic ciphertext further includes the second solution with the third encryption keys of each full node joint consultation, described device
Close unit 86, is configured to, before determining whether second biological characteristic and first biological characteristic are consistent, using described
The third decruption key of each full node joint consultation decrypts the first biological characteristic ciphertext, to obtain first biology
Feature.
In one embodiment, the public key cryptographic Hash of first account is also stored in the account database, it is described
Device further includes that updating unit 87 is configured to, the first of first account being locally stored with second public key replacement
After public key, the public key cryptographic Hash of first account in local account database is updated.
On the other hand this specification provides a kind of computer readable storage medium, be stored thereon with computer program, work as institute
When stating computer program and executing in a computer, computer is enabled to execute any of the above-described method.
On the other hand this specification provides a kind of calculating equipment, including memory and processor, which is characterized in that described to deposit
It is stored with executable code in reservoir, when the processor executes the executable code, realizes any of the above-described method.
In the scheme according to this specification embodiment, by combining in user biological feature and corresponding account database
The configuration of the indoor appearance of reconciliation realizes the function of the resetting account key in block chain, middle compared with the prior art to use two
Private key is used for the scheme of re-cipher key, saves the management cost of key, facilitates the operation of user.
It is to be understood that herein " first ", the description such as " second ", it is for illustration only simple and to similar concept into
Row is distinguished, and does not have other restriction effects.
All the embodiments in this specification are described in a progressive manner, same and similar portion between each embodiment
Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for system reality
For applying example, since it is substantially similar to the method embodiment, so being described relatively simple, related place is referring to embodiment of the method
Part explanation.
It is above-mentioned that this specification specific embodiment is described.Other embodiments are in the scope of the appended claims
It is interior.In some cases, the movement recorded in detail in the claims or step can be come according to the sequence being different from embodiment
It executes and desired result still may be implemented.In addition, process depicted in the drawing not necessarily require show it is specific suitable
Sequence or consecutive order are just able to achieve desired result.In some embodiments, multitasking and parallel processing be also can
With or may be advantageous.
Those of ordinary skill in the art should further appreciate that, describe in conjunction with the embodiments described herein
Each exemplary unit and algorithm steps, can be realized with electronic hardware, computer software, or a combination of the two, in order to clear
Illustrate to Chu the interchangeability of hardware and software, generally describes each exemplary group according to function in the above description
At and step.These functions hold track actually with hardware or software mode, depending on technical solution specific application and set
Count constraint condition.Those of ordinary skill in the art can realize each specific application using distinct methods described
Function, but this realization is it is not considered that exceed scope of the present application.
The step of method described in conjunction with the examples disclosed in this document or algorithm, can hold track with hardware, processor
Software module or the combination of the two implement.Software module can be placed in random access memory (RAM), memory, read-only storage
Device (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technology neck
In any other form of storage medium well known in domain.
Above-described specific embodiment has carried out further the purpose of the present invention, technical scheme and beneficial effects
It is described in detail, it should be understood that being not intended to limit the present invention the foregoing is merely a specific embodiment of the invention
Protection scope, all within the spirits and principles of the present invention, any modification, equivalent substitution, improvement and etc. done should all include
Within protection scope of the present invention.