CN112288434A - Privacy transaction method and device, zero-knowledge proof system and privacy transaction architecture model - Google Patents

Privacy transaction method and device, zero-knowledge proof system and privacy transaction architecture model Download PDF

Info

Publication number
CN112288434A
CN112288434A CN202011313366.6A CN202011313366A CN112288434A CN 112288434 A CN112288434 A CN 112288434A CN 202011313366 A CN202011313366 A CN 202011313366A CN 112288434 A CN112288434 A CN 112288434A
Authority
CN
China
Prior art keywords
privacy
transaction
bill
account
certification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011313366.6A
Other languages
Chinese (zh)
Other versions
CN112288434B (en
Inventor
杜茂兵
赖奕宇
徐昊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Netease Hangzhou Network Co Ltd
Original Assignee
Netease Hangzhou Network Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Netease Hangzhou Network Co Ltd filed Critical Netease Hangzhou Network Co Ltd
Priority to CN202011313366.6A priority Critical patent/CN112288434B/en
Publication of CN112288434A publication Critical patent/CN112288434A/en
Application granted granted Critical
Publication of CN112288434B publication Critical patent/CN112288434B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention provides a privacy transaction method, a device, a zero-knowledge proof system and a privacy transaction architecture model, relates to the technical field of block chains, is applied to the privacy transaction method of a client, and comprises the following steps: generating zero-knowledge transaction certification information; the zero-knowledge transaction certification information comprises certification parameters of the user account encrypted by the public key of the supervisor; the certification parameters comprise a current privacy bill, a to-be-transacted privacy bill and an updated privacy bill of the user account; uploading the zero knowledge transaction certification information to a block chain node of a block chain system so that the block chain node can verify the effectiveness of the zero knowledge transaction certification information; if the verification is passed, carrying out privacy transaction with a pre-established privacy bill pool; the privacy bill pool is used for storing privacy bills to be traded. The invention reduces the cost of managing the bill, can ensure to provide higher safety guarantee during the transaction, and ensures the legality and compliance of the transaction.

Description

Privacy transaction method and device, zero-knowledge proof system and privacy transaction architecture model
Technical Field
The invention relates to the technical field of block chains, in particular to a privacy transaction method, a device, a zero-knowledge proof system and a privacy transaction architecture model.
Background
Data privacy is an important issue at present, and in a blockchain transaction, in order to ensure more privacy of transaction data, a transaction mode of zero knowledge proof is generally adopted. Existing zero-knowledge based private transaction models, such as the ticket model exemplified by Zcash currency, which is a cryptocurrency that maintains the overall privacy of the sender and recipient through zero-knowledge encryption techniques. However, the existing ticket model is that a user usually owns a plurality of tickets, so the merging or splitting of the tickets is often involved in the transaction, and if the user wants to know how much private money the user owns, all the tickets of the user need to be merged to know, so the existing private transaction based on zero knowledge has the problems of inconvenient use and high cost for the user to manage the tickets.
Disclosure of Invention
The invention aims to provide a privacy transaction method, a device, a zero-knowledge proof system and a privacy transaction architecture model, which improve the use convenience, reduce the cost of managing bills, ensure higher security guarantee during transaction and ensure the legality and compliance of the transaction.
In a first aspect, an embodiment of the present invention provides a privacy transaction method, where the method is applied to a client; the client is provided with information of a user account; the user account corresponds to a unique privacy bill; the unique privacy ticket is used for representing the existing sum ticket of the user account; the method comprises the following steps: generating zero-knowledge transaction certification information; the zero-knowledge transaction certification information comprises certification parameters of the user account encrypted by the public key of the supervisor; the certification parameters comprise a current privacy bill, a to-be-transacted privacy bill and an updated privacy bill of the user account; uploading the zero knowledge transaction certification information to a block chain node of a block chain system so that the block chain node can verify the effectiveness of the zero knowledge transaction certification information; if the verification is passed, carrying out privacy transaction with a pre-established privacy bill pool; the privacy bill pool is used for storing privacy bills to be traded.
In an alternative embodiment, the user accounts include transfer-out accounts and transfer-in accounts; when the user account is a transfer-out account, the zero-knowledge transaction certification information is transfer-out certification information; the step of generating zero knowledge transaction evidencing information includes: determining a first proof parameter of the roll-out account based on the constraint proof parameter and a pre-established zero-knowledge proof system; the constraint attestation parameters include at least: the method comprises the steps that a private key of a roll-out account, a roll-out account balance, a private key of the roll-out account balance, the amount to be transacted and a public key of a supervisor party are transferred out; the first certification parameters comprise a first current privacy bill, a to-be-transacted privacy bill and a first updated privacy bill of the roll-out account; encrypting the first certification parameter through a public key of the supervisor to generate an encrypted first certification parameter; generating transfer certification information based on the encrypted first certification parameter and a pre-selected certification generating function; the pre-selected proof-of-generation function includes a proof generation function of a pre-set library of functions.
In an optional embodiment, the current privacy ticket is the current account information of the user subjected to the first hash operation; the current account information of the user comprises the current privacy amount of the user and a privacy key of the current amount; the privacy note to be traded is the information to be traded of the user after the second hash operation; the information to be transacted comprises the amount to be transacted and the privacy key to be transacted; the updated privacy bill is the user updated account information subjected to the third hash operation; the user updated account information includes the updated privacy amount and the updated amount privacy key.
In an optional embodiment, when the user account is a roll-out account, the step of performing a private transaction with a pre-established private ticket pool includes: determining a first updated privacy bill after privacy transaction based on the privacy bill to be transacted and the first current privacy bill; transferring out the bill to be traded to a pre-established bill privacy pool; sending transaction notification information to the transferred account in a preset instant messaging mode; the transaction notification information comprises the amount to be transacted and the transaction key corresponding to the privacy ticket to be transacted.
In an optional implementation mode, when the user account is a transfer-in account, the zero-knowledge transaction certification information is transfer-in certification information; the step of generating zero knowledge transaction evidencing information includes: determining a second certification parameter transferred to the account of the user based on the transaction notification information and a pre-established zero-knowledge certification system; encrypting the second certification parameter through the public key of the supervisor to generate an encrypted second certification parameter; the second certification parameters comprise a second current privacy bill transferred into the account, a privacy bill to be traded and a second updated privacy bill; generating the transfer-in attestation information based on the encrypted second attestation parameters and the preselected attestation generating function.
In an optional embodiment, when the user account is a transfer account, the step of performing a privacy transaction with a pre-established privacy ticket pool includes: the transferred account determines a second updated privacy bill after privacy transaction based on the privacy bill to be transacted, and consumes the privacy bill to be billed in the privacy bill pool; and after the privacy bill to be traded is consumed, removing the corresponding privacy bill to be traded in the privacy bill pool.
In an alternative embodiment, the method further comprises: the private transaction data during the private transaction is decrypted through the private key of the monitoring party, and the decrypted transaction data is obtained, so that the transaction is monitored.
In a second aspect, an embodiment of the present invention provides a privacy transaction method, where the method is applied to a blockchain node; the method comprises the following steps: acquiring zero-knowledge transaction certification information of a user account; the zero-knowledge transaction certification information comprises certification parameters of the user account encrypted by the public key of the supervisor; the certification parameters comprise a current privacy bill, a to-be-transacted privacy bill and an updated privacy bill of the user account; verifying the validity of the zero-knowledge transaction certification information; if the verification is passed, carrying out privacy transaction by the user account and a pre-established privacy bill pool; the privacy bill pool is used for storing privacy bills to be traded.
In an alternative embodiment, the step of verifying the validity of the zero-knowledge transaction certificate information comprises: carrying out user bill validity verification on a user account; the user bill validity verification is used for verifying whether a current privacy bill of a user account is valid; if the verification is passed, verifying the effectiveness of the zero-knowledge transaction certification information based on the certification parameters and a preselected verification function; the preselected verification function comprises a verification function of a preset function library; and if the validity of the zero-knowledge transaction certification information is verified, returning a verification success message.
In a third aspect, an embodiment of the present invention provides a privacy transaction method, where the method includes: creating a user account on the block link point; the user account corresponds to a unique privacy bill; the unique privacy ticket is used for representing the existing sum ticket of the user account; the user accounts comprise a transfer-out account and a transfer-in account; the transfer account generates transfer certification information; the transfer-out certification information comprises a first certification parameter of the transfer-out account encrypted by the public key of the monitoring party; the first certification parameters comprise a first current privacy bill, a to-be-transacted privacy bill and a first updated privacy bill of the roll-out account; the roll-out account uploads roll-out certification information to the block chain node based on a first communication protocol; verifying the outgoing certification information by the block chain node; if the verification is passed, the roll-out account determines a first updated privacy bill after privacy transaction based on the to-be-transacted privacy bill and the first current privacy bill, and rolls out the to-be-transacted bill to a pre-established bill privacy pool; the transfer-out account sends transaction notification information to the transfer-in account through a second communication protocol; the transaction notification information comprises the amount to be transacted and a transaction key corresponding to the privacy bill to be transacted; the transfer-in account generates transfer-in certification information based on the transaction notification information; the transfer-in certification information comprises a second certification parameter of the transfer-in account encrypted by the public key of the supervisor; the second certification parameters comprise a second current privacy bill transferred into the account, a privacy bill to be traded and a second updated privacy bill; the roll-out account uploads the roll-in certification information to the blockchain node based on a first communication protocol; the block chain link point verifies the transfer-in certification information; and if the verification is passed, the transferred account determines a second updated privacy bill after the privacy transaction based on the to-be-transacted privacy bill, consumes the to-be-received privacy bill in the privacy bill pool, and removes the corresponding to-be-transacted privacy bill in the privacy bill pool after consuming the to-be-transacted privacy bill.
In a fourth aspect, an embodiment of the present invention provides a privacy transaction apparatus, where the apparatus is disposed at a client; a user account is arranged on the client; the user account corresponds to a unique privacy bill; the unique privacy ticket is used for representing the existing sum ticket of the user account; the device comprises: the zero-knowledge transaction certification information generating module is used for generating zero-knowledge transaction certification information; the zero-knowledge transaction certification information comprises certification parameters of the user account encrypted by the public key of the supervisor; the certification parameters comprise a current privacy bill, a to-be-transacted privacy bill and an updated privacy bill of the user account; the certification information sending module is used for uploading the zero knowledge transaction certification information to the block chain nodes of the block chain system so as to verify the effectiveness of the zero knowledge transaction certification information by the block chain nodes; the first privacy transaction module is used for carrying out privacy transaction with a pre-established privacy bill pool if the verification is passed; the privacy bill pool is used for storing privacy bills to be traded.
In a fifth aspect, an embodiment of the present invention provides a privacy transaction apparatus, where the apparatus includes: the zero-knowledge transaction certification information acquisition module is used for acquiring zero-knowledge transaction certification information of a user account; the zero-knowledge transaction certification information comprises certification parameters of the user account encrypted by the public key of the supervisor; the certification parameters comprise a current privacy bill, a to-be-transacted privacy bill and an updated privacy bill of the user account; the validity verification module is used for verifying the validity of the zero-knowledge transaction certification information; the second privacy transaction module is used for carrying out privacy transaction by the user account and a pre-established privacy bill pool if the verification is passed; the privacy bill pool is used for storing privacy bills to be traded.
In a sixth aspect, an embodiment of the present invention provides a privacy transaction apparatus, where the apparatus includes: the account creating module is used for creating a user account on the block link points; the user account corresponds to a unique privacy bill; the unique privacy ticket is used for representing the existing sum ticket of the user account; the user accounts comprise a transfer-out account and a transfer-in account; the first generation module is used for generating transfer-out certification information by transferring out the account; the transfer-out certification information comprises a first certification parameter of the transfer-out account encrypted by the public key of the monitoring party; the first certification parameters comprise a first current privacy bill, a to-be-transacted privacy bill and a first updated privacy bill of the roll-out account; the first sending module is used for uploading the transfer-out certification information to the block chain node based on a first communication protocol by the transfer-out account; the first verification module is used for verifying the outgoing certification information by the block chain node; the transfer module is used for determining a first updated privacy bill after privacy transaction is carried out on the transferred account based on the to-be-transacted privacy bill and the first current privacy bill if the verification is passed, and transferring the to-be-transacted bill to a pre-established bill privacy pool; the down-link notification module is used for sending transaction notification information to the transferred account based on the second communication protocol; the transaction notification information comprises the amount to be transacted and a transaction key corresponding to the privacy bill to be transacted; the second generation module is used for generating transfer-in certification information based on the transaction notification information; the transfer-in certification information comprises a second certification parameter of the transfer-in account encrypted by the public key of the supervisor; the second certification parameters comprise a second current privacy bill transferred into the account, a privacy bill to be traded and a second updated privacy bill; the second sending module is used for uploading the transfer-in certification information to the block chain node based on the first communication protocol by the transfer-out account; the second verification module is used for verifying the transfer-in certification information by the block link node; and the account receiving module is used for determining a second updated privacy bill after the privacy transaction is carried out based on the to-be-transacted privacy bill and consuming the to-be-transacted privacy bill in the privacy bill pool by transferring to the account if the verification is passed, and removing the corresponding to-be-transacted privacy bill in the privacy bill pool after the to-be-transacted privacy bill is consumed.
In a seventh aspect, an embodiment of the present invention provides a zero knowledge proving system, where the zero knowledge proving system is respectively disposed in a client and a blockchain system; the zero-knowledge proof system includes: a transaction transfer-out circuit and a transaction transfer-in circuit; the transaction transfer-out circuit comprises a first user account subunit, a first intermediate amount subunit, a transaction transfer-out subunit, a first updated user account subunit and a first monitoring subunit; the first user account subunit is used for proving that the user holds a transaction account; the first intermediate sum subunit is used for proving the transfer sum; the first transaction roll-out subunit is used for ensuring the consistency of transaction amount; the first monitoring subunit is used for monitoring the actual amount of the transaction process; the transaction transfer circuit comprises a second user account subunit, a second intermediate amount subunit, a transaction transfer subunit, a second updated user account subunit and a second monitoring subunit; the second user account subunit is used for proving that the user holds the transaction account; the second intermediate sum subunit is used for proving the transfer-out sum; the transaction transfer subunit is used for ensuring the consistency of transaction amount; the second supervision subunit is used for supervising the actual amount of the transaction process.
In an eighth aspect, an embodiment of the present invention provides a privacy transaction architecture model, where the privacy transaction architecture model includes a client, a blockchain system, and a zero-knowledge proof system as in the foregoing embodiment; the client communicates with the blockchain system; the zero knowledge proof system is respectively arranged at the client and the block chain system; the client is used for executing the method of any one of the previous embodiments; the block link points are used to perform a method as in any of the previous embodiments.
In a ninth aspect, an embodiment of the present invention provides an electronic device, including a processor and a memory; the memory has stored thereon a computer program which, when executed by the processor, performs the method according to any of the preceding embodiments.
In a tenth aspect, embodiments of the present invention provide a computer-readable storage medium for storing a method according to any one of the preceding embodiments, or for storing computer software instructions for a method according to any one of the preceding embodiments.
The privacy transaction method, the device, the zero-knowledge proof system and the privacy transaction architecture model provided by the invention are applied to the client privacy transaction method, the client is provided with a user account, and the user account corresponds to a unique privacy bill (an existing total bill for representing the user account). The method comprises the steps that firstly, zero-knowledge transaction certification information is generated by a client and comprises certification parameters of a user account encrypted by a public key of a supervisor, wherein the certification parameters comprise a current privacy bill, a to-be-transacted privacy bill and an updated privacy bill of the user account, the zero-knowledge transaction certification information is uploaded to a block chain node of a block chain system, so that the block chain node verifies the effectiveness of the zero-knowledge transaction certification information, and performs privacy transaction with a pre-established privacy bill pool after verification is passed, and the privacy bill pool is used for storing the to-be-transacted privacy bill. In the mode, the unique privacy bill is arranged at the client, so that a user does not need to combine or split a plurality of bills during transaction, the use convenience is improved, and the bill management cost (such as time cost) is reduced; the zero knowledge certification information is generated, so that higher safety guarantee can be provided during transaction, and the zero knowledge transaction information is obtained by encrypting the public key of the supervisor, so that the legality and the compliance of the transaction are guaranteed.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a flowchart of a private transaction method according to an embodiment of the present invention;
FIG. 2 is a flow chart of another privacy transaction method provided by an embodiment of the invention;
FIG. 3 is a flow chart of a specific privacy transaction method according to an embodiment of the present invention;
FIG. 4 is a flow chart of another specific privacy transaction method provided by an embodiment of the invention;
fig. 5 is a block diagram of a privacy transaction apparatus according to an embodiment of the present invention;
FIG. 6 is a block diagram of another privacy transaction apparatus provided in an embodiment of the present invention;
FIG. 7 is a block diagram of an exemplary privacy transaction apparatus according to an embodiment of the present invention;
FIG. 8 is a block diagram of a zero knowledge proof system provided by an embodiment of the present invention;
FIG. 9 is a block diagram of a privacy transaction architecture model provided by an embodiment of the invention;
fig. 10 is a block diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations.
Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
In the description of the present invention, it should be noted that the terms "first", "second", and the like are used only for distinguishing the description, and are not intended to indicate or imply relative importance.
Some embodiments of the invention are described in detail below with reference to the accompanying drawings. The embodiments described below and the features of the embodiments can be combined with each other without conflict.
Considering the existing privacy transaction model based on zero knowledge, a user usually possesses multiple tickets, but the transaction may involve merging or splitting the tickets, and if one wants to know how much privacy money a user possesses, the multiple tickets must be merged to know. However, when in transaction, the bills are combined or separated, or when the balance of the user is inquired, all the user bills need to be combined, so that the use is inconvenient; if the user is used as a collection account, the cost of managing the bill by the user is very large. Based on the method and the device, the zero-knowledge proof system and the privacy transaction architecture model are provided by the invention, so that the use convenience is improved, the bill management cost is reduced, higher safety guarantee can be provided during transaction, and the legality and compliance of the transaction are guaranteed.
For convenience of understanding, firstly, a detailed description is given to a private transaction method provided in an embodiment of the present invention, referring to a flowchart of the private transaction method shown in fig. 1, where before performing a transaction, a user account is first created for each user on a blockchain, the user account corresponds to a unique private ticket, the unique private ticket is used to characterize an existing total ticket of the user account, and a to-be-billed private ticket pool is additionally established. The client is provided with a user account, that is, the client stores account information of the user account, such as user information of the user account, a user privacy amount (expressed by a numerical value), an amount privacy key, and the like. The method mainly comprises the following steps S102 to S106:
step S102, generating zero-knowledge transaction certification information.
When a user account carries out transaction, firstly, a client generates zero-knowledge transaction certification information, the zero-knowledge transaction certification information comprises certification parameters of the user account encrypted by a public key of a supervisor, the supervisor is a third-party client which is distinguished from the client and a block chain and is used for supervising transaction processes and transaction data so as to ensure legal compliance of the transaction, and the public key of the supervisor is arranged on the client so as to be encrypted by the public key when the zero-knowledge transaction certification information is generated. The certification parameters comprise a current privacy bill of the user account, a privacy bill to be traded and an updated privacy bill. The bill, that is, the hidden user balance value, is usually obtained by performing a hash operation on the balance value, and is represented by a string of characters. It can be understood that, before the user account performs a transaction, the current privacy ticket of the user account is also the existing total ticket of the user account, and after the user account performs a transaction, the updated privacy ticket of the user account is also the existing total ticket.
Step S104, the zero knowledge transaction certification information is uploaded to a block chain node of the block chain system, so that the block chain node can verify the effectiveness of the zero knowledge transaction certification information.
After generating the zero-knowledge proof information, the user account initiates uplink verification, that is, zero-knowledge transaction proof information is uploaded to the blockchain node of the blockchain system. And uploading the privacy bill to a block chain node so as to verify whether the unique privacy bill held by the user is valid or not, and if so, further verifying the validity of the generated zero-knowledge transaction information.
And step S106, if the verification is passed, carrying out privacy transaction with a pre-established privacy bill pool.
The pre-established pool of privacy tickets is used to store (also referred to as deposit) the privacy tickets to be traded when a transaction is initiated. It can be understood that the privacy bills generated by the user account during the transaction (i.e. the above-mentioned privacy bills to be transacted) are all firstly stored in the privacy bill pool, such as when the user account initiates a transfer, the privacy bills to be transferred are added to the privacy bill pool; and when the user account initiates charge collection, collecting the privacy bill from the privacy bill pool. In one embodiment, after the block link point passes the verification of the uplink verification initiated by the user account, the user account transfers the privacy bill to be transacted out or into the privacy bill pool, and determines an updated privacy bill based on the privacy bill to be transacted and the current privacy bill.
According to the privacy transaction method provided by the embodiment of the invention, the unique privacy bill is arranged at the client, so that a user does not need to combine or split a plurality of bills during transaction, the convenience of use is improved, and the cost (such as time cost) of managing the bills is reduced; the zero knowledge certification information is generated, so that higher safety guarantee can be provided during transaction, and the zero knowledge transaction information is obtained by encrypting the public key of the supervisor, so that the legality and the compliance of the transaction are guaranteed.
Generally, when a transaction is performed, the main transaction types are transfer and receipt, respectively, so that the user account may further include a transfer-out account and a transfer-in account, and when the user account is a transfer-out account, the zero-knowledge transaction verification information is transfer-out verification information, and the step S102 may further include the following steps 1 to 3:
step 1, determining a first certification parameter of the transferred account based on a constraint certification parameter and a pre-established zero-knowledge certification system. The constraint attestation parameters include at least: the system comprises a private key of a roll-out account, a roll-out account balance privacy key, a to-be-transacted amount and a public key of a supervisor, wherein a first certification parameter comprises a first current privacy bill, a to-be-transacted privacy bill and a first updated privacy bill of the roll-out account. The pre-established zero-knowledge proof system can be integrated in the client and the blockchain system respectively so as to ensure contract consistency of the client and the blockchain system when privacy transaction is carried out.
And 2, encrypting the first certification parameter through the public key of the monitoring party to generate the encrypted first certification parameter. When the transaction certification information is generated, the public key of the monitoring party is encrypted, so that the purpose of completely protecting the transaction privacy and monitoring by a third party can be achieved, and the privacy of the transaction and the legality and compliance of the transaction are improved.
And 3, generating the transfer-out certification information based on the encrypted first certification parameter and a preselected certification generating function, wherein the preselected certification generating function comprises a plurality of certification generating functions of a preset function library, such as a libsnr library, and the corresponding certification generating function is an r1cs _ ppzksnark _ prover function. In one embodiment, the first proof parameter is passed into the r1cs _ ppzksnark _ driver function to obtain a string of characters, i.e., the outgoing proof information.
In one embodiment, the current privacy bill is current account information of the user subjected to the first hash operation, and the current account information of the user includes a current privacy amount of the user and a current amount privacy key; the to-be-transacted privacy bill is to-be-transacted information of the user after the second hash operation, the to-be-transacted information comprises the to-be-transacted amount and the to-be-transacted privacy key, the updated privacy bill is to-be-transacted account information of the user after the third hash operation, and the updated account information of the user comprises the updated privacy amount and the updated amount privacy key. It can be understood that, when the user account is a roll-out account, the zero-knowledge proof information may be represented as zero-knowledge proof information based on [ Hash (current privacy amount value + current amount privacy key) ═ Hash (updated privacy amount value + updated amount privacy key) + Hash (amount to be transacted + amount to be transacted privacy key) AND supervisor public key encrypted amount information data ], where the "AND supervisor public key encrypted amount information data" represents data (i.e., data) obtained by encrypting the privacy amount information by the supervisor public key. When the user account is a transfer-in account, the zero-knowledge proof information can be expressed as [ Hash (current privacy amount value + current amount privacy key) + Hash (amount to be traded + privacy key to be traded) ] AND supervisor public key encrypted amount information data.
When the user account is a transfer-out account, the step S106 further includes the following steps (1) to (3):
step (1), a first updated privacy bill after privacy transaction is determined based on the to-be-transacted privacy bill and the first current privacy bill, and because the roll-out account executes transfer transaction, the first updated privacy bill of the roll-out account is inevitably reduced after transaction, so that the first updated privacy bill can be represented as Hash (updated privacy amount value + updated amount privacy key) ═ Hash (current privacy amount value + current amount privacy key) — Hash (to-be-transacted amount + to-be-transacted privacy key).
And (2) transferring the bill to be traded out to a pre-established bill privacy pool.
And (3) sending transaction notification information to the transferred account in a preset instant messaging manner, wherein the transaction notification information comprises the amount to be transacted and a transaction key corresponding to the privacy bill to be transacted, the transaction notification information can also be called an accounting bill, the amount to be transacted is also the accounting amount (which is a numerical value), and the transaction password is also the privacy key corresponding to the accounting amount (which is a random 256 numerical value). It can be understood that the transaction processes are all exchanged on the implemented chain, and the transaction notification information is sent by using a preset instant communication manner, even though the communication manner may include an end-to-end manner, the communication manner may also be other communication manners under the chain, such as notification of the transaction information through a social APP and the like. Because the amount to be transacted and the transaction key are informed to be transferred to the account in a mode of communication under the chain, the transaction on the chain can be further ensured to be private, namely, nobody knows the specific amount of the transaction.
When the transfer-in account receives the transaction notification information in the chain, transfer-in certification information is generated, and the generation step of the transfer-in certification information may include the following steps 1) to 3):
and step 1), determining a second certification parameter transferred to the account of the user based on the transaction notification information and a pre-established zero-knowledge certification system.
Step 2), encrypting the second certification parameter through the public key of the supervisor to generate an encrypted second certification parameter; the second certification parameters comprise a second current privacy bill transferred into the account, a privacy bill to be traded and a second updated privacy bill.
And 3) generating transfer-in certification information based on the encrypted second certification parameter and a preselected certification generating function.
After the transferred account generates transferred certification information, chain linking operation is executed, namely the transferred certification information is uploaded to block chain nodes, verification is carried out through the block chain nodes, so that privacy transaction is carried out on the transferred account and a pre-established privacy bill pool after the verification is passed, the transferred account determines a second updated privacy bill after the privacy transaction is carried out based on the privacy bill to be transacted, the privacy bill to be collected in the privacy bill pool is consumed, and after the privacy bill to be transacted is consumed, the corresponding privacy bill to be transacted in the privacy bill pool is removed.
In order to realize the supervision of a third party while realizing the complete privacy protection transaction, a supervisor can export the uplink transaction at any time, and the supervisor decrypts encrypted data of account transfer and account collection by using a private key of the supervisor by exporting the uplink transaction so as to obtain specific transaction data and supervise the privacy transaction process of a bill.
An embodiment of the present invention further provides a privacy transaction method applied to a block link node, referring to a flowchart of another privacy transaction method shown in fig. 2, where the method mainly includes the following steps S202 to S206:
step S202, acquiring zero-knowledge transaction certification information of a user account; the zero-knowledge transaction certification information comprises certification parameters of the user account encrypted by the public key of the supervisor; the certification parameters comprise a current privacy bill, a to-be-transacted privacy bill and an updated privacy bill of the user account;
step S204, verifying the validity of the zero-knowledge transaction certification information;
step S206, if the verification is passed, carrying out privacy transaction by the user account and a pre-established privacy bill pool; the privacy bill pool is used for storing privacy bills to be traded.
According to the privacy transaction method provided by the embodiment of the invention, the zero knowledge certification information generated by the client is firstly obtained, and the validity of the zero knowledge transaction certification information is verified, so that higher safety guarantee can be provided during transaction, and the zero knowledge transaction information is obtained by encrypting the public key of the supervisor, so that the legality and compliance of the transaction are guaranteed.
After the client generates zero-knowledge proof information, initiating uplink verification, performing verification by the block chain nodes, performing user bill validity verification on user accounts because each user account corresponds to a unique privacy bill, when the user bills are determined to be valid, performing validity verification on zero-knowledge transaction proof information based on proof parameters and a preselected verification function, namely inputting the proof parameters into a preselected verification function, if the verification is successful, returning a verification success message (true), and if the verification is failed, returning a verification failure message (false), wherein the preselected verification function can comprise a verification function of a preset function library, the preset function library can also adopt various types, such as when the preset function library is a libsnirk library, the verification function may employ the function r1cs _ ppzksnark _ verifier.
In one embodiment, the method may be represented in the form of pseudo code:
establishing an intelligent contract on a chain, such as:
verification & user privacy Bill-contract
Each user holds a valid ticket;
a to-be-received bill pool;
transaction encryption data;
verifying and transferring out;
verifying and transferring in;
}
(II) storing the following information for the client of each user account:
user information
Account: account on the block chain;
the user privacy amount: a numerical value;
amount privacy key: a random 256-bit value;
}
(III) user-generated roll-out attestation
Turning-out proof
Account current privacy ticket: hash (user current privacy amount + amount privacy key);
the privacy bill to be collected: hash (amount to be billed + privacy key to be billed);
account latest privacy ticket: hash (user latest privacy amount + amount privacy key);
transaction encryption data: supervision public key encryption (the plaintext information);
zero knowledge proves that: transferring out certification data;
}
and performing uplink;
(IV) executing intelligent contracts
Func executing turning-out ready pocket
1. The method comprises the following steps: checking validity () of current privacy ticket of account;
step two: judging zero knowledge proof information validity ();
step three: updating a latest privacy bill ();
step four: adding a privacy bill to be received and billed to a pool ();
step five: saving the encrypted data ();
}
(V) sending the bill to be received to the account receiver through the lower end opposite end of the client execution line
Account receipt
And (4) collecting the account amount: a numerical value;
the amount of the collected account corresponds to the privacy key: a random 256-bit value;
}
(VI) generating a receipt zero knowledge proof by a user
Turning over to proof
Account current privacy ticket: hash (user current privacy amount + amount privacy key);
the privacy bill to be collected: hash (amount to be billed + privacy key to be billed);
account latest privacy ticket: hash (user latest privacy amount + amount privacy key);
transaction encryption data: supervision public key encryption (the plaintext information);
zero knowledge proves that: transferring into certification data;
}
and performing uplink;
(seventh) contract execution logic is as follows
Func executing turning-out ready pocket
The method comprises the following steps: checking validity () of current privacy ticket of account;
step two: judging zero knowledge proof information validity ();
step three: updating a latest privacy bill ();
step four: consuming the privacy bill to be billed and removing () in the pool;
step five: saving the encrypted data ();
}
(VIII) the supervisor draws the transaction and decrypts through the private key to execute supervision
Func execution supervision
The method comprises the following steps: pull chain transaction ();
step two: decrypting the transaction data and performing an audit;
step three: updating a latest privacy bill ();
step four: consuming the privacy bill to be billed and removing () in the pool;
step five: saving the encrypted data ();
}
therefore, the whole privacy transaction process is executed.
Further, an embodiment of the present invention provides a specific privacy transaction method, referring to a flowchart of the specific privacy transaction method shown in fig. 3, where the method mainly includes the following steps S302 to S320:
step S302, a user account is created on the block chain node, the user account corresponds to a unique privacy bill, the unique privacy bill is used for representing the existing sum bill of the user account, and the user account comprises a transfer-out account and a transfer-in account.
Step S304, the roll-out account generates roll-out certification information, the roll-out certification information comprises a first certification parameter of the roll-out account encrypted by a public key of the supervising party, and the first certification parameter comprises a first current privacy bill, a privacy bill to be traded and a first updated privacy bill of the roll-out account.
Step S306, the roll-out account uploads the roll-out certification information to the block chain node based on the first communication protocol.
In step S308, the block link point verifies the roll-out certification information.
And S310, if the verification is passed, the roll-out account determines a first updated privacy bill after privacy transaction based on the to-be-transacted privacy bill and the first current privacy bill, and rolls out the to-be-transacted bill to a pre-established bill privacy pool.
In step S312, the transferred-out account sends the transaction notification message to the transferred-in account via the second communication protocol. The transaction notification information comprises the amount to be transacted and the transaction key corresponding to the privacy ticket to be transacted.
In step S314, the transfer-in account generates transfer-in certification information based on the transaction notification information. The transfer-in certification information comprises second certification parameters of the transferred-in account encrypted by the public key of the supervisor, and the second certification parameters comprise a second current privacy bill, a to-be-traded privacy bill and a second updated privacy bill of the transferred-in account.
And step S316, the roll-out account uploads the roll-in certification information to the blockchain node based on the first communication protocol.
In step S318, the block link point verifies the transfer-in certification information.
And S320, if the verification is passed, the transferred account determines a second updated privacy bill after the privacy transaction is carried out based on the to-be-transacted privacy bill, consumes the to-be-billed privacy bill in the privacy bill pool, and removes the corresponding to-be-transacted privacy bill in the privacy bill pool after the to-be-transacted privacy bill is consumed.
For understanding, referring to a flowchart of another specific private transaction method shown in fig. 4, a user a (i.e., a roll-out account) initiates a transfer, that is, zero-knowledge proof information of [ Hash (current amount of money + private key) ═ Hash (remaining amount of money + private key) + Hash (amount to be billed + private key) AND supervisor public key encrypted amount information data ] is generated; and then, the user A executes chain linking, namely, the privacy bill, the encrypted information, the certification data and the like are uploaded to the block chain, the zero-knowledge-transfer-out certification verification is executed, the user bill has message verification, the account balance privacy bill is updated after the verification is passed, and the privacy bill to be billed is added to the transaction pool. And the user A sends the amount of the to-be-received private bill and the private key to the receiver under the link, and informs the receiver of receiving the bill. AND then, initiating an account receipt by a user B, namely generating zero knowledge certification information of Hash (the current amount value + the privacy key) + Hash (the amount value to be billed + the privacy key to be billed), namely Hash (a new amount value + a new amount privacy key) AND supervisor public key encrypted amount information data, then executing chain linking by the user B, namely uploading the privacy bill, the encrypted information, the certification data AND the like to a block chain, executing account receipt zero knowledge certification verification, verifying the bill with information by the user B, updating the account balance privacy bill after the verification is passed, updating the privacy bill to be billed into a consumed bill AND removing a transaction pool. In addition, the monitoring party can export the uplink transaction, namely the monitoring party can decrypt the encrypted data of the account transfer and the account receipt through the private key to obtain the specific data of the transaction, so that the monitoring is carried out. In the above process shown in fig. 4, the user a and the user B have the latest amount of money + amount of money privacy key under the chain, and have the privacy bill Hash (amount of money + amount of money privacy key) of the user on the chain, and complete the transfer process by generating and receiving the bill to be received, and generate the encrypted information by the public key of the supervisor during the generation of the proof, and the private key of the supervisor decrypts the data, thereby realizing the complete privacy protection transaction and achieving the purpose of third party supervision.
For the privacy transaction method corresponding to fig. 1, an embodiment of the present invention provides a privacy transaction apparatus, referring to a structure diagram of the privacy transaction apparatus shown in fig. 5, the apparatus is disposed on a client, a user account is disposed on the client, the user account corresponds to a unique privacy ticket, and the unique privacy ticket is used for representing an existing total amount ticket of the user account, and the apparatus mainly includes the following parts:
a zero knowledge transaction proof information generating module 502 for generating zero knowledge transaction proof information; the zero-knowledge transaction certification information comprises certification parameters of the user account encrypted by the public key of the supervisor; the certification parameters comprise a current privacy bill, a to-be-transacted privacy bill and an updated privacy bill of the user account;
the certification information sending module 504 is configured to upload zero knowledge transaction certification information to a blockchain node of a blockchain system, so that the blockchain node performs validity verification on the zero knowledge transaction certification information;
a first privacy transaction module 506, configured to perform privacy transaction with a pre-established privacy ticket pool if the verification passes; the privacy bill pool is used for storing privacy bills to be traded.
According to the privacy transaction device provided by the embodiment of the invention, the unique privacy bill is arranged at the client, so that a user does not need to combine or split a plurality of bills during transaction, the convenience in use is improved, and the cost (such as time cost) for managing the bills is reduced; the zero knowledge certification information is generated, so that higher safety guarantee can be provided during transaction, and the zero knowledge transaction information is obtained by encrypting the public key of the supervisor, so that the legality and the compliance of the transaction are guaranteed.
In one embodiment, the user accounts include transfer-out accounts and transfer-in accounts; when the user account is the transfer-out account, the zero-knowledge transaction certification information is transfer-out certification information; the zero-knowledge transaction certification information generating module 502 is further configured to determine a first certification parameter of the roll-out account based on a constraint certification parameter and a pre-established zero-knowledge certification system; the constraint attestation parameters include at least: the private key of the roll-out account, the balance of the roll-out account, the privacy key of the balance of the roll-out account, the amount of money to be transacted and the public key of the supervisor party; the first certification parameters comprise a first current privacy bill of the roll-out account, the to-be-transacted privacy bill and a first updated privacy bill; encrypting the first certification parameter through the public key of the supervisor to generate an encrypted first certification parameter; generating the outgoing attestation information based on the encrypted first attestation parameters and a preselected attestation generating function; the pre-selected proof-of-generation function comprises a proof generation function of a preset function library.
In an embodiment, when the user account is the roll-out account, the first privacy transaction module 506 is further configured to determine the first updated privacy ticket after the privacy transaction is performed based on the to-be-transacted privacy ticket and the first current privacy ticket; transferring the bill to be traded out to the pre-established bill privacy pool; sending transaction notification information to the transferred account in a preset instant messaging mode; the transaction notification information comprises the amount to be transacted and a transaction key corresponding to the privacy bill to be transacted.
In one embodiment, when the user account is the transfer-in account, the zero-knowledge transaction certification information is transfer-in certification information; the zero-knowledge transaction certification information generating module 502 is further configured to determine a second certification parameter of the transferred user account based on the transaction notification information and a pre-established zero-knowledge certification system; encrypting the second certification parameter through the public key of the supervisor to generate an encrypted second certification parameter; the second certification parameters comprise a second current privacy bill transferred into the account, the to-be-traded privacy bill and a second updated privacy bill; generating the pass-in credential information based on the encrypted second credential parameter and the preselected credential generating function.
In an embodiment, when the user account is the transfer account, the first privacy transaction module 506 is further configured to determine, by the transfer account, the second updated privacy ticket after the privacy transaction is performed based on the to-be-transacted privacy ticket, and consume the to-be-billed privacy ticket of the privacy ticket pool; and after the to-be-transacted privacy bill is consumed, removing the corresponding to-be-transacted privacy bill in the privacy bill pool.
In one embodiment, the above apparatus further comprises: and the supervision module is used for decrypting the private transaction data during the private transaction through the private key of the supervision party to obtain the decrypted transaction data so as to supervise the transaction.
The device provided by the embodiment has the same implementation principle and technical effect as the foregoing embodiment, and for the sake of brief description, reference may be made to the corresponding contents in the foregoing method embodiment for the portion of the embodiment of the device that is not mentioned.
In view of the above-mentioned privacy transaction method shown in fig. 2, an embodiment of the present invention provides a privacy transaction apparatus, referring to a structure diagram of another privacy transaction apparatus shown in fig. 6, the apparatus mainly includes the following parts:
a zero-knowledge transaction proof information obtaining module 602, configured to obtain zero-knowledge transaction proof information of a user account; the zero-knowledge transaction certification information comprises certification parameters of the user account encrypted by the public key of the supervisor; the certification parameters comprise a current privacy bill, a to-be-transacted privacy bill and an updated privacy bill of the user account;
the validity verification module 604 is used for verifying the validity of the zero-knowledge transaction certification information;
a second privacy transaction module 606, configured to perform privacy transaction with a pre-established privacy ticket pool by the user account if the verification passes; the privacy bill pool is used for storing privacy bills to be traded.
According to the privacy transaction device provided by the embodiment of the invention, the zero knowledge certification information generated by the client is firstly obtained, and the validity of the zero knowledge transaction certification information is verified, so that higher safety guarantee can be provided during transaction, and the zero knowledge transaction information is obtained by encrypting the public key of the supervisor, so that the legality and compliance of the transaction are guaranteed.
In an embodiment, the validity verifying module 604 is further configured to verify validity of the user ticket for the user account; the user ticket validity verification is used for verifying whether the current privacy ticket of the user account is valid; if the verification is passed, verifying the effectiveness of the zero-knowledge transaction certification information based on the certification parameters and a preselected verification function; the preselected verification function comprises a verification function of a preset function library; and if the validity of the zero-knowledge transaction certification information is verified, returning a verification success message.
The device provided by the embodiment has the same implementation principle and technical effect as the foregoing embodiment, and for the sake of brief description, reference may be made to the corresponding contents in the foregoing method embodiment for the portion of the embodiment of the device that is not mentioned.
An embodiment of the present invention further provides a specific privacy transaction apparatus, referring to a structure diagram of the specific privacy transaction apparatus shown in fig. 7, the apparatus mainly includes the following components:
an account creation module 702 for creating a user account at a block link point; the user account corresponds to a unique privacy bill; the unique privacy ticket is used for representing the existing sum ticket of the user account; the user accounts comprise a transfer-out account and a transfer-in account;
a first generation module 704, configured to generate transfer-out certification information for a transfer-out account; the transfer-out certification information comprises a first certification parameter of the transfer-out account encrypted by the public key of the monitoring party; the first certification parameters comprise a first current privacy bill, a to-be-transacted privacy bill and a first updated privacy bill of the roll-out account;
a first sending module 706, configured to upload the roll-out certification information to the block link node based on the first communication protocol;
a first verification module 708, configured to verify the outgoing certificate information by the blockchain node;
the transfer module 710 is configured to determine, if the verification is passed, a first updated privacy bill after the privacy transaction is performed on the basis of the to-be-transacted privacy bill and the first current privacy bill, and transfer the to-be-transacted bill to a pre-established bill privacy pool;
a down-link notification module 712, configured to send transaction notification information to the transferred account based on the second communication protocol; the transaction notification information comprises the amount to be transacted and a transaction key corresponding to the privacy bill to be transacted;
a second generation module 714, configured to generate transfer-in certification information based on the transaction notification information; the transfer-in certification information comprises a second certification parameter of the transfer-in account encrypted by the public key of the supervisor; the second certification parameters comprise a second current privacy bill transferred into the account, a privacy bill to be traded and a second updated privacy bill;
a second sending module 716, configured to upload transfer-in certification information to the blockchain node based on the first communication protocol for the transfer-out account;
a second verification module 718, configured to verify the transfer-in certification information by using the block link point;
and the accounting module 720 is used for determining a second updated privacy bill after the privacy transaction is carried out based on the to-be-transacted privacy bill and consuming the to-be-accounted privacy bill in the privacy bill pool if the verification is passed, and removing the corresponding to-be-transacted privacy bill in the privacy bill pool after the to-be-transacted privacy bill is consumed.
According to the privacy transaction device provided by the embodiment of the invention, the roll-out certification information generated by the roll-out account client is firstly obtained, and the validity of the roll-out certification information is verified, so that higher safety guarantee can be provided during transaction, and the roll-out certification information is obtained by encrypting the public key of the monitoring party, so that the legality and the compliance of the transaction are guaranteed.
The embodiment of the invention provides a zero knowledge certification system, which is respectively arranged at a client and a block chain system, and is shown in a structure diagram of the zero knowledge certification system shown in figure 8, wherein the zero knowledge certification system comprises a transaction roll-out circuit and a transaction roll-in circuit, wherein the transaction roll-out circuit comprises a first user account subunit, a first intermediate sum subunit, a transaction roll-out subunit, a first updated user account subunit and a first supervision subunit, the first user account subunit is used for certifying that a user holds a transaction account, the first intermediate sum subunit is used for certifying the roll-out sum, the first transaction roll-out subunit is used for ensuring the consistency of the transaction sum, and the first supervision subunit is used for supervising the actual sum in the transaction process; the transaction transfer circuit comprises a second user account subunit, a second intermediate amount subunit, a transaction transfer subunit, a second updated user account subunit and a second monitoring subunit, wherein the second user account subunit is used for proving that a user holds a transaction account, the second intermediate amount subunit is used for proving the transfer amount, the transaction transfer subunit is used for ensuring the consistency of the transaction amount, and the second monitoring subunit is used for monitoring the actual amount of the transaction process.
The zero-knowledge proof system of this embodiment can implement any privacy transaction method in the above embodiments, and the implementation principle and the resulting technical effects are the same as those of the foregoing embodiments, and are not repeated here for the sake of brief description.
An embodiment of the present invention further provides a privacy transaction architecture model, referring to a structure diagram of a privacy transaction architecture model shown in fig. 9, where the privacy transaction architecture model includes a zero-knowledge proof generation client, a blockchain system, and the zero-knowledge proof system, where the client communicates with the blockchain system, the zero-knowledge proof system is respectively disposed at the client and the blockchain system, and the client and the blockchain node are used to execute the privacy transaction method according to the foregoing embodiment.
The embodiment of the invention provides electronic equipment, which particularly comprises a processor and a storage device; the storage means has stored thereon a computer program which, when executed by the processor, performs the method of any of the above described embodiments.
Fig. 10 is a schematic structural diagram of an electronic device according to an embodiment of the present invention, where the electronic device 1000 includes: the system comprises a processor 100, a memory 101, a bus 102 and a communication interface 103, wherein the processor 100, the communication interface 103 and the memory 101 are connected through the bus 102; the processor 100 is adapted to execute executable modules, such as computer programs, stored in the memory 101.
The memory 101 may include a high-speed Random Access Memory (RAM) and may also include a non-volatile memory (non-volatile memory), such as at least one disk memory. The communication connection between the network element of the system and at least one other network element is realized through at least one communication interface 103 (which may be wired or wireless), and the internet, a wide area network, a local network, a metropolitan area network, and the like can be used.
The bus 102 may be an ISA bus, PCI bus, EISA bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one double-headed arrow is shown in FIG. 10, but this does not indicate only one bus or one type of bus.
The memory 101 is used for storing a program, the processor 100 executes the program after receiving an execution instruction, and the method executed by the apparatus defined by the flow process disclosed in any of the foregoing embodiments of the present invention may be applied to the processor 100, or implemented by the processor 100.
Processor 100 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware or instructions in the form of software in the processor 100. The Processor 100 may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; the device can also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field-Programmable Gate Array (FPGA), or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components. The various methods, steps and logic blocks disclosed in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in the memory 101, and the processor 100 reads the information in the memory 101 and completes the steps of the method in combination with the hardware.
The privacy transaction method, the apparatus, the zero-knowledge proof system, and the computer program product of the privacy transaction architecture model provided in the embodiments of the present invention include a computer-readable storage medium storing a nonvolatile program code executable by a processor, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by the processor, the method described in the foregoing method embodiments is executed.
It can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working process of the system described above may refer to the corresponding process in the foregoing embodiments, and is not described herein again.
The computer program product of the readable storage medium provided in the embodiment of the present invention includes a computer readable storage medium storing a program code, where instructions included in the program code may be used to execute the method described in the foregoing method embodiment, and specific implementation may refer to the method embodiment, which is not described herein again.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.

Claims (17)

1. A privacy transaction method is characterized in that the method is applied to a client; the client is provided with information of a user account; the user account corresponds to a unique privacy bill; the unique privacy ticket is used to characterize an existing total ticket of the user account; the method comprises the following steps:
generating zero-knowledge transaction certification information; the zero-knowledge transaction certification information comprises certification parameters of the user account encrypted by a public key of the supervisor; the certification parameters comprise a current privacy bill, a to-be-transacted privacy bill and an updated privacy bill of the user account;
uploading the zero knowledge transaction certification information to a block chain link point of a block chain system so that the block chain node can verify the effectiveness of the zero knowledge transaction certification information;
if the verification is passed, carrying out privacy transaction with a pre-established privacy bill pool; the privacy bill pool is used for storing the privacy bills to be traded.
2. The method of claim 1, wherein the user account comprises a transfer-out account and a transfer-in account; when the user account is the transfer-out account, the zero-knowledge transaction certification information is transfer-out certification information;
the step of generating the zero knowledge proof of transaction information includes:
determining a first attestation parameter of the roll-out account based on a constraint attestation parameter and a pre-established zero-knowledge attestation system; the constraint attestation parameters include at least: the private key of the roll-out account, the balance of the roll-out account, the privacy key of the balance of the roll-out account, the amount of money to be transacted and the public key of the supervisor party; the first certification parameters comprise a first current privacy bill of the roll-out account, the to-be-transacted privacy bill and a first updated privacy bill;
encrypting the first certification parameter through the public key of the supervisor to generate an encrypted first certification parameter;
generating the outgoing attestation information based on the encrypted first attestation parameters and a preselected attestation generating function; the pre-selected proof-of-generation function comprises a proof generation function of a preset function library.
3. The method of claim 1,
the current privacy bill is the current account information of the user after the first hash operation; the current account information of the user comprises the current privacy amount of the user and a privacy key of the current amount;
the private bill to be traded is the information to be traded of the user after the second hash operation; the information to be transacted comprises the amount to be transacted and the privacy key to be transacted;
the updated privacy bill is the user updated account information subjected to the third hash operation; and the user updated account information comprises the updated privacy amount and the updated amount privacy key.
4. The method of claim 2, wherein when the user account is the roll-out account, the step of conducting a private transaction with a pre-established private ticket pool comprises:
determining the first updated privacy bill after privacy transaction is carried out based on the privacy bill to be transacted and the first current privacy bill;
transferring the privacy bill to be traded out to the pre-established bill privacy pool;
sending transaction notification information to the transferred account in a preset instant messaging mode; the transaction notification information comprises the amount to be transacted and a transaction key corresponding to the privacy bill to be transacted.
5. The method according to claim 4, wherein when the user account is the transfer-in account, the zero-knowledge transaction proof information is transfer-in proof information;
the step of generating zero knowledge transaction evidencing information includes:
determining a second certification parameter of the transferred account based on the transaction notification information and a pre-established zero-knowledge certification system;
encrypting the second certification parameter through the public key of the supervisor to generate an encrypted second certification parameter; the second certification parameters comprise a second current privacy bill transferred into the account, the to-be-traded privacy bill and a second updated privacy bill;
generating the pass-in credential information based on the encrypted second credential parameter and the preselected credential generating function.
6. The method of claim 5, wherein when the user account is the transfer-in account, the step of performing a private transaction with a pre-established private ticket pool comprises:
the transferred account determines the second updated privacy bill after privacy transaction based on the privacy bill to be transacted, and consumes the privacy bill to be transacted in the privacy bill pool;
and after the to-be-transacted privacy bill is consumed, removing the corresponding to-be-transacted privacy bill in the privacy bill pool.
7. The method of claim 1, further comprising:
and decrypting the private transaction data during the private transaction by the private key of the supervision party to obtain the decrypted transaction data so as to supervise the transaction.
8. A private transaction method, characterized in that the method is applied to a blockchain node; the method comprises the following steps:
acquiring zero-knowledge transaction certification information of a user account; the zero-knowledge transaction certification information comprises certification parameters of the user account encrypted by a public key of the supervisor; the certification parameters comprise a current privacy bill, a to-be-transacted privacy bill and an updated privacy bill of the user account;
verifying the validity of the zero-knowledge transaction certification information;
if the verification is passed, carrying out privacy transaction by the user account and a pre-established privacy bill pool; the privacy bill pool is used for storing the privacy bills to be traded.
9. The method of claim 8, wherein the step of validating the zero knowledge transaction verification information comprises:
performing user bill validity verification on the user account; the user ticket validity verification is used for verifying whether the current privacy ticket of the user account is valid;
if the verification is passed, verifying the effectiveness of the zero-knowledge transaction certification information based on the certification parameters and a preselected verification function; the preselected verification function comprises a verification function of a preset function library;
and if the validity of the zero-knowledge transaction certification information is verified, returning a verification success message.
10. A method of privacy transaction, the method comprising:
creating a user account on the block link point; the user account corresponds to a unique privacy bill; the unique privacy ticket is used to characterize an existing total ticket of the user account; the user accounts comprise a transfer-out account and a transfer-in account;
the client side of the roll-out account generates roll-out certification information; the transfer-out certification information comprises a first certification parameter of the transfer-out account encrypted by a public key of the monitoring party; the first certification parameters comprise a first current privacy bill, a to-be-traded privacy bill and a first updated privacy bill of the roll-out account;
the client side of the roll-out account uploads the roll-out certification information to a block chain node based on a first communication protocol;
the block link point verifies the roll-out certification information;
if the verification is passed, the roll-out account determines the first updated privacy bill after privacy transaction based on the to-be-transacted privacy bill and the first current privacy bill, and rolls out the to-be-transacted privacy bill to a privacy bill pool;
the transfer-out account sends transaction notification information to the transfer-in account based on a second communication protocol; the transaction notification information comprises the amount to be transacted and a transaction key corresponding to the privacy bill to be transacted;
the transfer-in account generates transfer-in certification information based on the transaction notification information; the transfer-in certification information comprises a second certification parameter of the transfer-in account encrypted by the public key of the supervisor; the second certification parameters comprise a second current privacy bill transferred into the account, the to-be-traded privacy bill and a second updated privacy bill;
the roll-out account uploads the roll-in certification information to a block chain node based on a first communication protocol;
the block link point verifies the transfer-in certification information;
if the verification is passed, the transferred account determines the second updated privacy bill after privacy transaction based on the to-be-transacted privacy bill, consumes the to-be-transacted privacy bill in the privacy bill pool, and removes the to-be-transacted privacy bill corresponding to the privacy bill pool after consuming the to-be-transacted privacy bill.
11. A privacy transaction device is characterized in that the device is arranged at a client; a user account is arranged on the client; the user account corresponds to a unique privacy bill; the unique privacy ticket is used to characterize an existing total ticket of the user account; the device comprises:
the zero-knowledge transaction certification information generating module is used for generating zero-knowledge transaction certification information; the zero-knowledge transaction certification information comprises certification parameters of the user account encrypted by a public key of the supervisor; the certification parameters comprise a current privacy bill, a to-be-transacted privacy bill and an updated privacy bill of the user account;
the certification information sending module is used for uploading the zero-knowledge transaction certification information to block chain link points of a block chain system so that the block chain nodes can verify the effectiveness of the zero-knowledge transaction certification information;
the first privacy transaction module is used for carrying out privacy transaction with a pre-established privacy bill pool if the verification is passed; the privacy bill pool is used for storing the privacy bills to be traded.
12. A privacy transaction apparatus, characterized in that the apparatus comprises:
the zero-knowledge transaction certification information acquisition module is used for acquiring zero-knowledge transaction certification information of a user account; the zero-knowledge transaction certification information comprises certification parameters of the user account encrypted by a public key of the supervisor; the certification parameters comprise a current privacy bill, a to-be-transacted privacy bill and an updated privacy bill of the user account;
the validity verification module is used for verifying the validity of the zero-knowledge transaction certification information;
the second privacy transaction module is used for carrying out privacy transaction on the user account and a pre-established privacy bill pool if the verification is passed; the privacy bill pool is used for storing the privacy bills to be traded.
13. A privacy transaction apparatus, characterized in that the apparatus comprises:
the account creating module is used for creating a user account on the block link points; the user account corresponds to a unique privacy bill; the unique privacy ticket is used to characterize an existing total ticket of the user account; the user accounts comprise a transfer-out account and a transfer-in account;
the first generation module is used for generating transfer-out certification information by the transfer-out account; the transfer-out certification information comprises a first certification parameter of the transfer-out account encrypted by a public key of the monitoring party; the first certification parameters comprise a first current privacy bill, a to-be-traded privacy bill and a first updated privacy bill of the roll-out account;
the first sending module is used for uploading the roll-out certification information to the block chain node based on a first communication protocol by the roll-out account;
the first verification module is used for verifying the roll-out certification information by the block link point;
the transfer module is used for determining the first updated privacy bill after privacy transaction is carried out on the transfer-out account based on the to-be-transacted privacy bill and the first current privacy bill if the verification is passed, and transferring the to-be-transacted privacy bill to the privacy bill pool;
the linked notification module is used for sending transaction notification information to the transferred-out account based on a second communication protocol; the transaction notification information comprises the amount to be transacted and a transaction key corresponding to the privacy bill to be transacted;
the second generation module is used for generating transfer-in certification information based on the transaction notification information by the transfer-in account; the transfer-in certification information comprises a second certification parameter of the transfer-in account encrypted by the public key of the supervisor; the second certification parameters comprise a second current privacy bill transferred into the account, the to-be-traded privacy bill and a second updated privacy bill;
the second sending module is used for uploading the transfer-in certification information to the block chain node based on a first communication protocol by the transfer-out account;
the second verification module is used for verifying the shifted-in certification information by the block link point;
and the account receiving module is used for determining the second updated privacy bill after the privacy transaction is carried out based on the to-be-transacted privacy bill by the transferred account if the verification is passed, consuming the to-be-transacted privacy bill in the privacy bill pool, and removing the corresponding to-be-transacted privacy bill in the privacy bill pool after the to-be-transacted privacy bill is consumed.
14. A zero knowledge proof system is characterized in that the zero knowledge proof system is respectively arranged at a client and a block chain system; the zero knowledge proof system includes: a transaction transfer-out circuit and a transaction transfer-in circuit;
the transaction transfer-out circuit comprises a first user account subunit, a first intermediate amount subunit, a transaction transfer-out subunit, a first updated user account subunit and a first monitoring subunit; the first user account subunit is used for proving that the user holds a transaction account; the first intermediate sum subunit is used for proving a transfer-out sum; the transaction roll-out subunit is used for ensuring the consistency of transaction amount; the first supervision subunit is used for supervising the actual amount of the transaction process;
the transaction transfer circuit comprises a second user account subunit, a second intermediate amount subunit, a transaction transfer subunit, a second updated user account subunit and a second monitoring subunit; the second user account subunit is used for proving that the user holds the transaction account; the second intermediate sum subunit is used for proving a transfer-out sum; the transaction transfer subunit is used for ensuring the consistency of transaction amount; the second supervision subunit is used for supervising the actual amount of the transaction process.
15. A privacy transaction architecture model, comprising a client, a blockchain system, and the zero-knowledge attestation system of claim 14; the client communicates with the blockchain system; the zero knowledge proof system is respectively arranged at the client and the block chain system; the client is configured to perform the method of any of claims 1 to 7; the blockchain node is configured to perform the method according to any one of claims 8 to 9.
16. An electronic device comprising a processor and a memory;
the memory has stored thereon a computer program which, when executed by the processor, performs the method of any of claims 1 to 7, 8 to 9 or 10.
17. A computer readable storage medium for storing computer software instructions for use in the method of any one of claims 1 to 7, 8 to 9 or 10.
CN202011313366.6A 2020-11-20 2020-11-20 Privacy transaction method, device, zero knowledge proof system and privacy transaction architecture model Active CN112288434B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011313366.6A CN112288434B (en) 2020-11-20 2020-11-20 Privacy transaction method, device, zero knowledge proof system and privacy transaction architecture model

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011313366.6A CN112288434B (en) 2020-11-20 2020-11-20 Privacy transaction method, device, zero knowledge proof system and privacy transaction architecture model

Publications (2)

Publication Number Publication Date
CN112288434A true CN112288434A (en) 2021-01-29
CN112288434B CN112288434B (en) 2023-07-25

Family

ID=74399732

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011313366.6A Active CN112288434B (en) 2020-11-20 2020-11-20 Privacy transaction method, device, zero knowledge proof system and privacy transaction architecture model

Country Status (1)

Country Link
CN (1) CN112288434B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113112252A (en) * 2021-04-28 2021-07-13 深圳壹账通智能科技有限公司 Resource transfer method and device based on block chain, electronic equipment and storage medium
CN113221148A (en) * 2021-05-27 2021-08-06 中国人民银行数字货币研究所 Information verification method and device
CN113821817A (en) * 2021-11-22 2021-12-21 支付宝(杭州)信息技术有限公司 Data processing method, device, equipment and system based on block chain
CN113988863A (en) * 2021-12-28 2022-01-28 浙江大学 Supervision-capable online payment privacy protection method and device and electronic equipment
CN114244534A (en) * 2021-12-21 2022-03-25 杭州趣链科技有限公司 Data storage method, device, equipment and storage medium
WO2024001029A1 (en) * 2022-06-29 2024-01-04 蚂蚁区块链科技(上海)有限公司 Method and apparatus for maintaining blockchain data, electronic device, and storage medium

Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106982205A (en) * 2017-03-01 2017-07-25 中钞信用卡产业发展有限公司北京智能卡技术研究院 Digital asset treating method and apparatus based on block chain
CN108389046A (en) * 2018-02-07 2018-08-10 西安交通大学 Secret protection method of commerce based on block chain technology in a kind of e-commerce
CN109145629A (en) * 2018-09-12 2019-01-04 方欣科技有限公司 One kind being based on electronic bill structural data message transmissions and memory technology
CN109274501A (en) * 2018-10-25 2019-01-25 广西师范大学 License block chain method for secret protection based on Proxy Signature
US20190108517A1 (en) * 2017-10-06 2019-04-11 Allocrypt, Llc Digital currency for performing cash-equivalent transactions
US20190251270A1 (en) * 2018-11-07 2019-08-15 Alibaba Group Holding Limited Regulating blockchain confidential transactions
US10438290B1 (en) * 2018-03-05 2019-10-08 Winklevoss Ip, Llc System, method and program product for generating and utilizing stable value digital assets
CN110428334A (en) * 2019-08-09 2019-11-08 中国工商银行股份有限公司 Bill processing method and device based on block chain network
CN110473105A (en) * 2019-08-20 2019-11-19 深圳市网心科技有限公司 A kind of block chain transaction settlement method, system and relevant device
CN110545279A (en) * 2019-09-05 2019-12-06 国网区块链科技(北京)有限公司 block chain transaction method, device and system with privacy and supervision functions
CN110599137A (en) * 2019-09-16 2019-12-20 腾讯科技(深圳)有限公司 Electronic bill data processing method and device and computer equipment
CN110648229A (en) * 2019-08-07 2020-01-03 中国科学院信息工程研究所 Semi-public block chain system and transaction method
US10652019B1 (en) * 2019-08-28 2020-05-12 Qed-It Systems Ltd. Atomic swap using zero-knowledge proofs, and applications thereof
CN111314086A (en) * 2020-02-11 2020-06-19 上海宓猿信息技术有限公司 Method for implementing block chain privacy protocol
CN111861467A (en) * 2020-07-23 2020-10-30 浙江永旗区块链科技有限公司 Supply chain financial transaction privacy protection method and system
CN111971930A (en) * 2018-04-13 2020-11-20 区块链控股有限公司 Computer-implemented system and method adapted to improve instant offline blockchain transaction security

Patent Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106982205A (en) * 2017-03-01 2017-07-25 中钞信用卡产业发展有限公司北京智能卡技术研究院 Digital asset treating method and apparatus based on block chain
US20190108517A1 (en) * 2017-10-06 2019-04-11 Allocrypt, Llc Digital currency for performing cash-equivalent transactions
CN108389046A (en) * 2018-02-07 2018-08-10 西安交通大学 Secret protection method of commerce based on block chain technology in a kind of e-commerce
US10438290B1 (en) * 2018-03-05 2019-10-08 Winklevoss Ip, Llc System, method and program product for generating and utilizing stable value digital assets
CN111971930A (en) * 2018-04-13 2020-11-20 区块链控股有限公司 Computer-implemented system and method adapted to improve instant offline blockchain transaction security
CN109145629A (en) * 2018-09-12 2019-01-04 方欣科技有限公司 One kind being based on electronic bill structural data message transmissions and memory technology
CN109274501A (en) * 2018-10-25 2019-01-25 广西师范大学 License block chain method for secret protection based on Proxy Signature
US20190251270A1 (en) * 2018-11-07 2019-08-15 Alibaba Group Holding Limited Regulating blockchain confidential transactions
CN110648229A (en) * 2019-08-07 2020-01-03 中国科学院信息工程研究所 Semi-public block chain system and transaction method
CN110428334A (en) * 2019-08-09 2019-11-08 中国工商银行股份有限公司 Bill processing method and device based on block chain network
CN110473105A (en) * 2019-08-20 2019-11-19 深圳市网心科技有限公司 A kind of block chain transaction settlement method, system and relevant device
US10652019B1 (en) * 2019-08-28 2020-05-12 Qed-It Systems Ltd. Atomic swap using zero-knowledge proofs, and applications thereof
CN110545279A (en) * 2019-09-05 2019-12-06 国网区块链科技(北京)有限公司 block chain transaction method, device and system with privacy and supervision functions
CN110599137A (en) * 2019-09-16 2019-12-20 腾讯科技(深圳)有限公司 Electronic bill data processing method and device and computer equipment
CN111314086A (en) * 2020-02-11 2020-06-19 上海宓猿信息技术有限公司 Method for implementing block chain privacy protocol
CN111861467A (en) * 2020-07-23 2020-10-30 浙江永旗区块链科技有限公司 Supply chain financial transaction privacy protection method and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
张先洪;劳宪银;谭仁杨;梁海;: "基于区块链的军事数据云存储共享方案", 网络安全技术与应用, no. 06, pages 94 - 97 *

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113112252A (en) * 2021-04-28 2021-07-13 深圳壹账通智能科技有限公司 Resource transfer method and device based on block chain, electronic equipment and storage medium
CN113112252B (en) * 2021-04-28 2023-03-10 深圳壹账通智能科技有限公司 Resource transfer method and device based on block chain, electronic equipment and storage medium
CN113221148A (en) * 2021-05-27 2021-08-06 中国人民银行数字货币研究所 Information verification method and device
CN113821817A (en) * 2021-11-22 2021-12-21 支付宝(杭州)信息技术有限公司 Data processing method, device, equipment and system based on block chain
CN114244534A (en) * 2021-12-21 2022-03-25 杭州趣链科技有限公司 Data storage method, device, equipment and storage medium
CN113988863A (en) * 2021-12-28 2022-01-28 浙江大学 Supervision-capable online payment privacy protection method and device and electronic equipment
CN113988863B (en) * 2021-12-28 2022-03-29 浙江大学 Supervision-capable online payment privacy protection method and device and electronic equipment
WO2024001029A1 (en) * 2022-06-29 2024-01-04 蚂蚁区块链科技(上海)有限公司 Method and apparatus for maintaining blockchain data, electronic device, and storage medium

Also Published As

Publication number Publication date
CN112288434B (en) 2023-07-25

Similar Documents

Publication Publication Date Title
CN112288434B (en) Privacy transaction method, device, zero knowledge proof system and privacy transaction architecture model
CN111737724B (en) Data processing method and device, intelligent equipment and storage medium
TWI666902B (en) Robust ATM network system and information processing method based on blockchain technology
US11082420B2 (en) Certificate issuing system based on block chain
JP6514218B2 (en) Client authentication using social data
CN110851870B (en) Block chain privacy protection method, system and medium based on trusted execution environment
CN110601815B (en) Block chain data processing method and equipment
CN109117608A (en) A kind of data processing method, device and relevant device
CN107070896B (en) Safe and efficient block chain network customized login method and safe reinforcement system
CN109272316A (en) A kind of block realization method and system under the chain network based on block
CN112184229A (en) Block chain-based sub-account transaction processing method, system and equipment
CN112235301B (en) Access right verification method and device and electronic equipment
CN104125230A (en) Short message authentication service system and authentication method
KR101253683B1 (en) Digital Signing System and Method Using Chained Hash
CN112347516A (en) Asset certification method and device based on block chain
CN112862487A (en) Digital certificate authentication method, equipment and storage medium
CN115203749A (en) Data transaction method and system based on block chain
CN116308776A (en) Transaction supervision method and device based on blockchain, electronic equipment and storage medium
KR20200041490A (en) Method and apparatus for providing contract service based on blockchain
CN111191273B (en) Method and device for processing document, electronic equipment and readable storage medium
CN103716328A (en) Operation request processing method and system
CN110766407A (en) Transaction verification method, accounting node and medium based on block chain
CN108848089B (en) Data encryption method and data transmission system
CN112947966A (en) Firmware updating method, device and system for Internet of things equipment and storage medium
CN111507818A (en) Information sharing method and device based on block chain and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant