CN112766971A - Method and apparatus for transmitting transactions and executing transactions in blockchain - Google Patents

Method and apparatus for transmitting transactions and executing transactions in blockchain Download PDF

Info

Publication number
CN112766971A
CN112766971A CN202110340284.9A CN202110340284A CN112766971A CN 112766971 A CN112766971 A CN 112766971A CN 202110340284 A CN202110340284 A CN 202110340284A CN 112766971 A CN112766971 A CN 112766971A
Authority
CN
China
Prior art keywords
transaction
access node
digital signature
account
blockchain
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110340284.9A
Other languages
Chinese (zh)
Inventor
邱鸿霖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alipay Hangzhou Information Technology Co Ltd
Ant Blockchain Technology Shanghai Co Ltd
Original Assignee
Alipay Hangzhou Information Technology Co Ltd
Ant Blockchain Technology Shanghai Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alipay Hangzhou Information Technology Co Ltd, Ant Blockchain Technology Shanghai Co Ltd filed Critical Alipay Hangzhou Information Technology Co Ltd
Priority to CN202110340284.9A priority Critical patent/CN112766971A/en
Publication of CN112766971A publication Critical patent/CN112766971A/en
Priority to PCT/CN2021/133037 priority patent/WO2022205959A1/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3827Use of message hashing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Technology Law (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The embodiment of the specification provides a method and a device for sending a transaction and executing the transaction in a blockchain, wherein the blockchain comprises a first access node, the method is executed by the first access node, and the first access node is connected with a first client of a first user, and the method comprises the following steps: receiving a first transaction and a first digital signature thereof from the first client, the first digital signature being a digital signature of the first user; verifying the first transaction; generating a second digital signature of the first transaction in the event that the verification of the first transaction passes; sending the first transaction, the first digital signature, and the second digital signature to other nodes of the blockchain.

Description

Method and apparatus for transmitting transactions and executing transactions in blockchain
Technical Field
The embodiments of the present disclosure relate to the field of blockchain technologies, and more particularly, to a method and an apparatus for sending a transaction in a blockchain, and a method and an apparatus for performing a transaction in a blockchain.
Background
In a new generation of blockchains, for example in an ethernet house, the concept of accounts is added, wherein the accounts created by the user are external accounts in the ethernet house. Typically, each external account has a pair of public and private keys, where the private key is used to digitally sign and the public key is used to verify the signature. In addition, in each node, a data table of all accounts in the block chain is maintained in a database local to the node in the form of a state tree, wherein the state tree is a mapping between an account address and account content, and the account content comprises account balance, account key information and the like. Before the user carries out transaction, the balance of the opposite side, the key information of the opposite side and the like can be acquired by inquiring the state tree.
The block chain is, for example, an asset platform, and accounts in the block chain are used for recording digital assets of users and digital asset circulation. Typically, the asset platform needs to fulfill relevant regulatory rules, such as customer awareness (kyc), anti-money laundering, etc. Therefore, asset platforms implemented based on blockchains also need to meet regulatory requirements. In the existing solutions, the supervision is performed by using a centralized access system, and a user of the blockchain asset platform needs to select a centralized service point for accessing, and in some solutions, the user needs to host the asset.
Therefore, a more efficient scheme for policing in a blockchain platform is needed.
Disclosure of Invention
Embodiments of the present disclosure aim to provide a more efficient scheme for sending and executing transactions in a blockchain to solve the deficiencies of the prior art.
To achieve the above object, one aspect of the present specification provides a method for sending a transaction in a blockchain, the blockchain including a first access node, the method being performed by the first access node, the first access node being connected to a first client of a first user, the method including:
receiving a first transaction and a first digital signature thereof from the first client, the first digital signature being a digital signature of the first user;
verifying the first transaction;
generating a second digital signature of the first transaction in the event that the verification of the first transaction passes;
sending the first transaction, the first digital signature, and the second digital signature to other nodes of the blockchain.
In one embodiment, the first transaction is a transaction for creating an account of the first user, wherein the first transaction includes an identification of the first access node.
In one embodiment, the identity of the first access node is a public key of the first access node or an account of the first access node.
In one embodiment, the blockchain further includes a second access node, and the first transaction is a transaction for modifying an access node of the first client, and the first transaction includes an identifier of the second access node.
Another aspect of the present specification provides a method of performing a transaction in a blockchain including a first access node connected to a first client of a first user, the method performed by any node in the blockchain, including:
acquiring a first transaction, a first digital signature and a second digital signature of the first transaction, wherein the first transaction is sent by the first client, the first digital signature is a digital signature of the first user, and the second digital signature is a digital signature of the first access node;
verifying the first digital signature and the second digital signature respectively;
in the event of a verification pass, the first transaction is executed.
In one embodiment, the first transaction is a transaction for creating an account of the first user, wherein the first transaction includes an identification of the first access node.
In one embodiment, verifying the first digital signature and the second digital signature respectively includes obtaining a public key of the first access node based on an identifier of the first access node, and verifying the second digital signature using the public key of the first access node.
In one embodiment, the first client corresponds to a first account of the first user, and in the case of a pass of authentication, performing the first transaction includes, in the case of a pass of authentication, performing the first transaction to create data of the first account in a local account database, wherein the identification of the first access node is included in the data of the first account.
In an embodiment, the first client corresponds to a first account of the first user, a local account database includes data of the first account, the data of the first account includes an identifier of the first access node, wherein verifying the first digital signature and the second digital signature respectively includes reading the identifier of the first access node from the data of the first account, acquiring a public key of the first access node based on the identifier of the first access node, and verifying the second digital signature based on the public key of the first access node.
In one embodiment, the first client corresponds to a first account of the first user, the blockchain further includes a second access node, the first transaction is a transaction for modifying the access node of the first client, the first transaction includes an identifier of the second access node, wherein, in the case of passing the verification, executing the first transaction includes, in the case of passing the verification, executing the first transaction to modify the identifier of the first access node in the data of the first account to the identifier of the second access node in the local account database.
Another aspect of the present specification provides an apparatus for sending a transaction in a blockchain, the blockchain including a first access node, the apparatus being deployed at the first access node, the first access node being connected to a first client of a first user, the apparatus comprising:
a receiving unit configured to receive a first transaction and a first digital signature thereof from the first client, the first digital signature being a digital signature of the first user;
a verification unit configured to verify the first transaction;
a generating unit configured to generate a second digital signature of the first transaction in case the verification of the first transaction passes;
a sending unit configured to send the first transaction, the first digital signature, and the second digital signature to other nodes of the blockchain.
Another aspect of the present specification provides an apparatus for performing a transaction in a blockchain, the blockchain including a first access node connected to a first client of a first user, the apparatus being deployed at any node in the blockchain, including:
an obtaining unit, configured to obtain a first transaction, a first digital signature of the first transaction, and a second digital signature of the first transaction, where the first transaction is sent by the first client, the first digital signature is a digital signature of the first user, and the second digital signature is a digital signature of the first access node;
a verification unit configured to verify the first digital signature and the second digital signature, respectively;
an execution unit configured to execute the first transaction in case of a pass of the verification.
In one embodiment, the verifying unit includes a first obtaining subunit configured to obtain a public key of the first access node based on an identifier of the first access node, and a first verifying subunit configured to verify the second digital signature using the public key of the first access node.
In one embodiment, the first client corresponds to a first account of the first user, and the execution unit is further configured to execute the first transaction to create data of the first account in a local account database if the first account passes the verification, wherein the data of the first account includes an identification of the first access node.
In an embodiment, the first client corresponds to a first account of the first user, a local account database includes data of the first account, and the data of the first account includes an identifier of the first access node, where the verifying unit includes a reading subunit configured to read the identifier of the first access node from the data of the first account, a second obtaining subunit configured to obtain a public key of the first access node based on the identifier of the first access node, and a second verifying subunit configured to verify the second digital signature based on the public key of the first access node.
In one embodiment, the first client corresponds to a first account of the first user, the blockchain further includes a second access node, the first transaction is a transaction for modifying the access node of the first client, the first transaction includes an identifier of the second access node, and the execution unit is further configured to execute the first transaction to modify the identifier of the first access node in the data of the first account to the identifier of the second access node in the local account database if the verification is passed.
Another aspect of the present specification provides a computer readable storage medium having stored thereon a computer program or instructions which, when executed in a computer, cause the computer to perform any of the above methods.
Another aspect of the present specification provides a computing device comprising a memory having stored therein a computer program or instructions, and a processor that, when executed, implements any of the above methods.
Through the account system and the transaction scheme based on the account system in the embodiment of the specification, the operation of the service access point is stored in the block chain in the form of the digital signature of the transaction, so that the operation of the service access point can be supervised through the block chain, the decentralization characteristic is kept through the scheme, the assets of the user are maintained through the private key of the user, the service access point cannot appropriate the assets of the user, and higher safety is provided.
Drawings
The embodiments of the present specification may be made more clear by describing the embodiments with reference to the attached drawings:
FIG. 1 illustrates a block chain system in accordance with an embodiment of the present description;
FIG. 2 illustrates a timing diagram for creating accounts in a blockchain according to an embodiment of the present description;
FIG. 3 schematically illustrates one form of transaction 1 (Tx 1) and its digital signature S1;
FIG. 4 schematically shows another form of transaction 1 (Tx 1) and its digital signature S1;
FIG. 5 schematically shows data for account A1 in a state tree;
fig. 6 shows a timing diagram of a method of modifying an access point of a client according to an embodiment of the present description;
FIG. 7 schematically illustrates one form of transaction 2 (Tx 2) and its digital signature S1;
FIG. 8 schematically shows another form of transaction 2 (Tx 2) and its digital signature S1;
FIG. 9 schematically shows data for account A1 in the state tree after modification;
fig. 10 illustrates an apparatus 1000 for sending transactions in a blockchain in accordance with an embodiment of the present description;
fig. 11 illustrates an apparatus 1100 for performing transactions in a blockchain in accordance with an embodiment of the present description.
Detailed Description
The embodiments of the present specification will be described below with reference to the accompanying drawings.
Fig. 1 shows a block chain system according to an embodiment of the present disclosure. As shown in fig. 1, the blockchain system includes a blockchain 11, and the blockchain 11 is a network of nodes formed by connecting a plurality of blockchain nodes to each other. The plurality of nodes includes a plurality of service access points, schematically shown as access point E1 and access point E2, where each access point has a node account in the blockchain and locally stores data in the blockchain. Each access point is connected to a plurality of user clients, and it is schematically shown that the access point E1 is connected to a client of the user U1 and a client of the user U2, and the access point E2 is connected to a client of the user U3 and a client of the user U4. The user's client also has an account in the blockchain that reads and writes to the blockchain by connecting to its corresponding access point.
Specifically, in order to read from or write to the blockchain, the user U1 first needs to generate an account using the client of the blockchain 11, for example, a private key and a public key of the account a1 (i.e., the account address a 1) and the account a1 are generated. User U1 then needs to send transaction 1 for creating an account to any access point in the blockchain 11, such as access point E1. Access point E1, upon receiving the transaction 1, verifies the transaction 1, generates a digital signature for the transaction 1, and sends the transaction 1 and its digital signature (including the digital signature of user U1 and the digital signature of access point E1) to the other nodes in blockchain 11. When any node in the blockchain is executing transaction 1, after verifying the digital signature for transaction 1, data corresponding to account a1 is created in the account database, where the identification of access point E1 is included in the data corresponding to account a 1. Thereafter, when the user U1 sends any transaction (e.g., transaction 2) through account a1, it needs to first be sent to access point E1, signed by access point E1 for verification of the transaction 2 and sent into the blockchain. When a node (e.g., node P1) in the blockchain executes a transaction, it may obtain the identity of access point E1 from the data of account a1 in the account database, thereby obtaining the public key of access point E1, and verify the digital signature of access point E1 for transaction 2 using the public key of access point E1, and execute transaction 2 after the verification is passed. When user U1 wishes to read ledger data in blockchain 11, it reads ledger data in access point E1 by connecting to access point E1.
The above-described account system, and the transaction process based on the account system will be described in detail below.
Fig. 2 illustrates a timing diagram for creating accounts in a blockchain according to an embodiment of the present description. The sequence diagram is executed by the user U1 device, the access point E1 and the blockchain 11. Among them, the user U1 device is a client that the user U1 logs in through his account A1.
First, in step S202, the user U1 device sends transaction 1 and its digital signature S1 to the access point E1, where the transaction 1 includes the identity of the access point E1.
The account and the public key of each access point in the blockchain 11 are set in advance in the user U1 device in a system contract manner, for example, so that the user U1 can select, for example, the access point E1 as an access point for reading and writing the blockchain 11 through the user U1 device, and acquire the account and the public key of the access point E1 from the user U1 device.
FIG. 3 schematically shows one form of transaction 1 (Tx 1) and its digital signature S1. Where transaction 1 is a transaction for creating an account in the blockchain, the From field of the transaction is the account address From which the transaction was sent, i.e., account a1, and the To field is the account address of the access point of the user U1 device, i.e., the account of access point E1. Digital signature S1 is a digital signature signed by the private key of account a 1. For example, "CreatAccount" is included in the Data field of transaction 1 as a specific identifier for indicating that the transaction is a transaction for creating an account in the blockchain, based on the characteristic identifier, a node (e.g., node P1) in the blockchain may determine that the account to be created is a transaction sending account of transaction 1, i.e., "account a 1", and the account a1 accesses the blockchain through an access point corresponding to a transaction receiving account (i.e., access point E1 account). The public key of access point E1 may also be included in the data field of transaction 1.
FIG. 4 schematically shows another form of transaction 1 (Tx 1) and its digital signature S1. The transaction 1 is, for example, a transaction that invokes a smart contract (contract C1) for creating an account, and thus the From field of the transaction 1 is the account a1 and the To field is the account of the contract C1. The contract C1 includes, for example, a CreatAcount () function whose incoming argument is "access point E1 account", thereby indicating that account a1 accesses the block chain through access point E1. It is to be understood that in this embodiment, the incoming parameter of the function is not limited to being an account of the access point E1 as long as it is an identification that can uniquely identify the access point E1, and for example, the incoming parameter of the function may also be a public key of the access point E1.
In one embodiment, the user U1 device may include the public key of account A1 in the transaction data in this transaction 1. In one embodiment, the user U1 device may additionally send its public key to the access point E1 for disclosure of its public key.
Other data required to be submitted by a specific platform for creating an account can also be included in the transaction data of transaction 1, for example, the blockchain 11 is an asset platform, and data such as identification of the user U1 needs to be provided in the transaction data of transaction 1. It is to be understood that although the asset platform is described herein as an example, the blockchain 11 is not limited to being an asset platform, but may be other platforms requiring supervision, and accordingly, the data required to be provided by the user for creating an account may include other data, which is not limited thereto.
In one embodiment, the digital signature S1 may be a multiple signature, i.e., account a1 has multiple public keys, and digital signature S1 includes multiple signatures that are signed sequentially by the multiple public keys. In one embodiment, account a1 has N public keys, each with a respective weight that is a number between 1 and 100, in which case digital signature S1 may include multiple signatures signed by M of the N public keys, as long as the sum of the weights of the M public keys is greater than or equal to 100.
At step S204, access point E1 verifies transaction 1.
For example, where the blockchain 11 is an asset platform, the access point E1 verifies that the identification of the user U1 is authentic, and that the asset regulatory rules are met, and verifies that the digital signature for transaction 1 is the digital signature for account a1 via the public key of account a 1.
At step S206, the access point E1 generates a digital signature S2 for transaction 1 after the verification passes.
That is, the access point E1 encrypts the hash value for transaction 1 using its account private key, generating a digital signature for transaction 1S 2. Similarly, the digital signature S2 may also be a multiple signature.
In step S208, the access point E1 sends transaction 1, its digital signature S1, and digital signature S2 to the blockchain 11.
Access point E1 may send transaction 1, digital signature S1, and digital signature S2 to any node of the blockchain 11 to flood it into the blockchain 11. Wherein the transaction 1, the digital signature S1, and the digital signature S2 can be written in predetermined 3 parts of a file similarly to fig. 3 so as to be read respectively.
At step S210, the blockchain 11 verifies the digital signature prior to performing transaction 1.
After receiving transaction 1 and its digital signature, the nodes in blockchain 11, after passing through the node consensus, perform transaction 1 by the nodes determined by the consensus, pack transaction 1 into, for example, block 1, and send block 1 to the other respective nodes. After receiving block 1, the other nodes will also perform transaction 1 therein. That is, each node in the blockchain 11 will acquire transaction 1 and execute transaction 1.
For example, node P1 in blockchain 11 is going to execute transaction 1, and before executing transaction 1, node P1 needs to verify the digital signature S1 and digital signature S2, respectively, for transaction 1.
To verify the digital signature S1 and the digital signature S2, node P1 first obtains the public key of account a1 and the public key of access point E1. For example, as described above, the account a1 public key and the access point E1 public key may be included in the transaction data for transaction 1, so that node P1 may obtain the account a1 public key and the access point E1 public key from transaction 1. Alternatively, the node P1 obtains the public keys of the accounts in advance, wherein the public key of the account a1 and the public key of the access point E1 are included, and the transaction data of the transaction 1 includes the accounts of the account a1 and the access point E1, so that the node P1 can obtain the public keys thereof locally based on the accounts of the account a1 and the access point E1, respectively.
Node P1 may perform verification of the digital signature S1 and digital signature S2 after obtaining the account a1 public key and the access point E1 public key. Specifically, in the node P1, the hash value of the transaction 1 is calculated, the digital signature S1 is decrypted by the public key of the account a1, it is determined whether the hash value of the transaction 1 is the same as the value obtained by the decryption, and if so, it is verified that the digital signature S1 is a signature generated by the private key of the account a 1. Likewise, the digital signature S2 is verified in the node P1 by the public key of the access point E1 to verify whether the digital signature S2 is a signature obtained by the private key of the access point E1.
In the case where the digital signature S1 and the digital signature S2 are multiple signatures, the node P1 may acquire a plurality of public keys of the digital signature S1, and verify the digital signature S1 using the plurality of public keys in a predetermined order, and similarly verify the digital signature S2.
At step S212, blockchain 11 executes transaction 1, creating account a 1.
The blockchain 11 is, for example, a blockchain of an etherhouse chain type, where status data of each account in the blockchain is recorded by a status tree, that is, the status tree is an account database in the blockchain. In the status tree, each leaf node corresponds to one account, and the status data of the corresponding account, such as account balance, key information, etc., is recorded in the leaf node, and each node from the root node to the leaf node of the status tree includes at least part of characters in the account address of the corresponding account, i.e., in the status tree, addressing can be performed based on the account address to read the account data.
When any node (e.g., node P1) in the blockchain 11 executes transaction 1, for example, as shown in fig. 4, a contract C1 for creating an account is invoked in the transaction 1, then the node P1 adds the account a1 in the locally stored state tree by executing the contract C1, i.e., adds a leaf node corresponding to the account a1 in the state tree, and stores the data of the account a1 in the leaf node. FIG. 5 schematically shows data for account A1 in a state tree. As shown in fig. 5, the account balance of account a1 is included in the data of account a1, and the account balance of account a1 may be set to a predetermined value, for example, 0, when the account is created. The data for account a1 also includes the public key for account a1 and the public key for access point E1.
In one embodiment, the digital signature S1 and the digital signature S2 may be multiple signatures, that is, the public key of the account a1 may include a plurality of public keys, and each public key may include a respective weight, and the weight of each public key may be a natural number between 1 and 100. In this case, in fig. 5, the public key of account a1 may include the public key of account a1 and the corresponding weight, and the public key of access point E1 may include the public key of access point E1 and the corresponding weight.
Each node in blockchain 11 will perform the same process of performing transaction 1 as described above in node P1, so that each node has updated the status database locally, i.e. has added account a 1's data in the status database.
It is to be understood that the blockchain 11 is not limited to being an etherhouse chain type, and that the account database therein may have other forms when the blockchain 11 is other types of blockchains. In addition, in the account database of the node, the data of account a1 is not limited to include the content as shown in fig. 5, for example, the data of account a1 may not include the public key of account a1 and the public key of access point E1, but may include an identification of the account of access point E1, etc., for indicating that account a1 is associated with access point E1.
Fig. 6 shows a timing diagram of a method of modifying an access point of a client according to an embodiment of the present description.
As shown in fig. 6, first in step S602, the user U1 device sends transaction 2 and its digital signature S1 to the access point E1, where the transaction 2 includes the identity of the access point E2.
Similarly to the above, the user U1 may obtain the account and public key of access point E2 from the user U1 device, sending transaction 2 and its digital signature S1 to access point E1 through the user U1 device.
FIG. 7 schematically shows one form of transaction 2 (Tx 2) and its digital signature S1. Where transaction 2 is a transaction for modifying an account access point in the blockchain, the From field of the transaction is the account address From which the transaction was sent, i.e., account a1, and the To field is the account address of the new access point of the user U1 device, i.e., account of access point E2. Digital signature S1 is a digital signature signed by the private key of account a 1. The Data (Data) field of transaction 2 includes, for example, "amendacount" as a specific identifier for indicating that the transaction is a transaction for modifying an account access point in a blockchain, and based on the specific identifier, a node (e.g., node P1) in the blockchain may determine that transaction 2 is used to modify an "account a 1" access point to access point E2. The public key of access point E2 may also be included in the data field of transaction 2.
FIG. 8 schematically shows another form of transaction 2 (Tx 2) and its digital signature S1. The transaction 2 is, for example, a transaction that invokes a smart contract (contract C2) for modifying an account access point, and thus the From field of the transaction 2 is the account a1 and the To field is the account of the contract C2. The contract C2 includes, for example, an amandacount () function whose incoming argument is "access point E2 account", thereby indicating that the account a1 access point is modified to access point E2. It is to be understood that in this embodiment, the incoming parameter of the function is not limited to being an account of the access point E2 as long as it is an identification that can uniquely identify the access point E2, and for example, the incoming parameter of the function may also be a public key of the access point E2.
At step S604, access point E1 verifies transaction 2.
Here, similar to the description of step S204 above, the access point E1 verifies whether transaction 2 satisfies predetermined rules, such as regulatory rules in the asset platform, and additionally, whether the digital signature of transaction 2 is that of user U1.
In step S606, the access point E1 generates a digital signature S2 after passing the verification.
That is, the access point E1 encrypts the hash value for transaction 2 using its account private key, generating a digital signature for transaction 2S 2.
In step S608, the access point E1 sends transaction 2, its digital signature S1, and digital signature S2 to the blockchain 11.
Access point E1 may send transaction 2, digital signature S1, and digital signature S2 to any node of the blockchain 11 to flood it into the blockchain 11. Wherein the transaction 2, the digital signature S1, and the digital signature S2 can be written in predetermined 3 parts of a file similarly to fig. 7 so as to be read respectively.
At step S610, blockchain 11 verifies the digital signature for transaction 2.
Similarly as above, after access point E1 sends transaction 2 to any node in blockchain 11, each node in blockchain 11 will obtain transaction 2 and execute transaction 2 to modify the access point data for local account a 1.
For example, node P1 verifies the digital signature S1 and the digital signature S2 prior to executing transaction 2. The node P1 first determines from transaction 2 that the sending account of the transaction is account a1, then the node P1 obtains the public key of account a1 and the public key of access point E1 based on the data of account a1 shown in fig. 5 in the locally stored account database, and verifies the digital signature S1 and the digital signature S2 of transaction 2 using the public key of account a1 and the public key of access point E1, respectively. In one embodiment, the account of access point E1 for account a1 is stored in an account database local to node P1, so that node P1 can find the public key of access point E1 from the client based on the account of access point E1 and verify the digital signature S2 for transaction 2 with the public key.
At step S612, the blockchain 11 executes transaction 2, modifying the access point data for account a 1.
When any node in the blockchain 11 (e.g., node P1 in fig. 1) is executing transaction 2, such as, for example, as shown in fig. 8, that transaction 2 invokes a contract C2 for modifying an account access point, then that node P1 modifies the access point for account a1 in a locally stored state tree to access point E2 by executing that contract C2. FIG. 9 schematically shows the data for account A1 in the state tree after modification. As shown in FIG. 9, the data for account A1 includes the account balance for account A1, the public key for account A1, and the public key for access point E2. For example, the public key of access point E2 is included in the transaction data of transaction 2, so that node P1 may obtain the public key of access point E2 from transaction 2 and modify the access point E1 public key in account a1 in the state tree to access point E2 public key when performing transaction 2. Alternatively, the node P1 obtains the public key of each account in advance, including the public key of the access point E2, and the transaction data of the transaction 2 includes the account of the access point E2, so that the node P1 can obtain its public key locally based on the account of the access point E2 when executing the transaction 2, so as to modify the public key of the access point E1 in the account a1 into the public key of the access point E2.
The account system according to the embodiment of the present specification, and the method of sending and executing a transaction based on the account system are described above by taking transaction 1 and transaction 2 as examples. It will be appreciated that the user U1, when corresponding to access point E1, is not limited to sending transaction 1 and transaction 2 to access point E1, but may send any transaction, such as transaction 3. Processing of transactions 1 and 2 similarly, the user U1 needs to send transaction 3 and its digital signature S1 to access point E1 to send it into blockchain 11. The access point E1 also needs to perform compliance verification, digital signature verification, and the like on the transaction 3 after receiving the transaction 3, generate the digital signature S2 of the transaction 3 after the verification is passed, and send the transaction 3, its digital signature S1, and the digital signature S2 into the blockchain 11. The nodes in blockchain 11 also need to continue to execute transaction 3 after verifying the digital signature S1 and the digital signature S2 of transaction 3 when executing transaction 3, wherein the public key of access point E1 can be obtained based on the data of account a1 in the local account database as well when verifying transaction 3.
Fig. 10 illustrates an apparatus 1000 for sending a transaction in a blockchain including a first access node in the blockchain, the apparatus being deployed at the first access node, the first access node being connected to a first client of a first user, according to an embodiment of the present specification, the apparatus including:
a receiving unit 101, configured to receive a first transaction and a first digital signature thereof from the first client, where the first digital signature is a digital signature of the first user;
a verification unit 102 configured to verify the first transaction;
a generating unit 103 configured to generate a second digital signature of the first transaction in case the verification of the first transaction passes;
a sending unit 104 configured to send the first transaction, the first digital signature, and the second digital signature to other nodes of the blockchain.
Fig. 11 illustrates an apparatus 1100 for performing a transaction in a blockchain including a first access node connected to a first client of a first user, the apparatus being deployed at any node in the blockchain, according to an embodiment of the present specification, including:
an obtaining unit 111 configured to obtain a first transaction, a first digital signature of the first transaction, and a second digital signature of the first transaction, where the first transaction is sent by the first client, the first digital signature is a digital signature of the first user, and the second digital signature is a digital signature of the first access node;
a verification unit 112 configured to verify the first digital signature and the second digital signature, respectively;
an execution unit 113 configured to execute the first transaction in case the verification passes.
In one embodiment, the verifying unit 112 includes a first obtaining subunit 1121 configured to obtain a public key of the first access node based on the identifier of the first access node, and a first verifying subunit 1122 configured to verify the second digital signature using the public key of the first access node.
In one embodiment, the first client corresponds to a first account of the first user, and the executing unit 113 is further configured to execute the first transaction to create data of the first account in a local account database if the first transaction passes the verification, wherein the data of the first account includes an identifier of the first access node.
In one embodiment, the first client corresponds to a first account of the first user, the data of the first account is included in a local account database, the data of the first account includes an identifier of the first access node, wherein the verifying unit 112 includes a reading subunit 1123 configured to read the identifier of the first access node from the data of the first account, a second obtaining subunit 1124 configured to obtain a public key of the first access node based on the identifier of the first access node, and a second verifying subunit 1125 configured to verify the second digital signature based on the public key of the first access node.
In an embodiment, the first client corresponds to a first account of the first user, the blockchain further includes a second access node, the first transaction is a transaction for modifying the access node of the first client, the first transaction includes an identifier of the second access node, and the execution unit 113 is further configured to, in the case that the verification is passed, execute the first transaction to modify the identifier of the first access node in the data of the first account into the identifier of the second access node in the local account database.
Another aspect of the present specification provides a computer readable storage medium having stored thereon a computer program or instructions which, when executed in a computer, cause the computer to perform any of the above methods.
Another aspect of the present specification provides a computing device comprising a memory having stored therein a computer program or instructions, and a processor that, when executed, implements any of the above methods.
Through the account system and the transaction scheme based on the account system in the embodiment of the specification, the operation of the service access point is stored in the block chain in the form of the digital signature of the transaction, so that the operation of the service access point can be supervised through the block chain, the decentralization characteristic is kept through the scheme, the assets of the user are maintained through the private key of the user, the service access point cannot appropriate the assets of the user, and higher safety is provided.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
It will be further appreciated by those of ordinary skill in the art that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be embodied in electronic hardware, computer software, or combinations of both, and that the components and steps of the examples have been described in a functional general in the foregoing description for the purpose of illustrating clearly the interchangeability of hardware and software. Whether these functions are performed in hardware or software depends on the particular application of the solution and design constraints. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied in hardware, a software module executed by a processor, or a combination of the two. A software module may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are merely exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (22)

1. A method of sending a transaction in a blockchain including a first access node, the method being performed by the first access node, the first access node being connected to a first client of a first user, the method comprising:
receiving a first transaction and a first digital signature thereof from the first client, the first digital signature being a digital signature of the first user;
verifying the first transaction;
generating a second digital signature of the first transaction in the event that the verification of the first transaction passes;
sending the first transaction, the first digital signature, and the second digital signature to other nodes of the blockchain.
2. The method of claim 1, wherein the first transaction is a transaction for creating an account of the first user, wherein the first transaction includes an identification of the first access node.
3. The method of claim 2, wherein the identification of the first access node is a public key of the first access node or an account of the first access node.
4. The method of claim 1, wherein the blockchain further comprises a second access node, and the first transaction is a transaction for modifying an access node of the first client, and the first transaction comprises an identification of the second access node.
5. A method of performing a transaction in a blockchain including a first access node connected to a first client of a first user, the method performed by any node in the blockchain, comprising:
acquiring a first transaction, a first digital signature and a second digital signature of the first transaction, wherein the first transaction is sent by the first client, the first digital signature is a digital signature of the first user, and the second digital signature is a digital signature of the first access node;
verifying the first digital signature and the second digital signature respectively;
in the event of a verification pass, the first transaction is executed.
6. The method of claim 5, wherein the first transaction is a transaction for creating an account of the first user, wherein the first transaction includes an identification of the first access node.
7. The method of claim 6, wherein verifying the first digital signature and the second digital signature separately comprises obtaining a public key of the first access node based on an identity of the first access node, and verifying the second digital signature using the public key of the first access node.
8. The method of claim 6, wherein the first client corresponds to a first account of the first user, and wherein performing the first transaction if authenticated comprises performing the first transaction if authenticated to create data for the first account in a local account database, wherein the data for the first account includes an identification of the first access node.
9. The method of claim 5, wherein the first client corresponds to a first account of the first user, the data of the first account is included in a local account database, the data of the first account includes an identifier of the first access node, and the verifying the first digital signature and the second digital signature respectively includes reading the identifier of the first access node from the data of the first account, obtaining a public key of the first access node based on the identifier of the first access node, and verifying the second digital signature based on the public key of the first access node.
10. The method of claim 9, wherein the blockchain further includes a second access node therein, the first transaction is a transaction to modify an access node of the first client, the first transaction includes an identification of the second access node therein, wherein in the event of verification passing, performing the first transaction includes, in the event of verification passing, performing the first transaction to modify the identification of the first access node in the data of the first account to the identification of the second access node in the local account database.
11. An apparatus for sending a transaction in a blockchain, the blockchain including a first access node, the apparatus being deployed at the first access node, the first access node being connected to a first client of a first user, the apparatus comprising:
a receiving unit configured to receive a first transaction and a first digital signature thereof from the first client, the first digital signature being a digital signature of the first user;
a verification unit configured to verify the first transaction;
a generating unit configured to generate a second digital signature of the first transaction in case the verification of the first transaction passes;
a sending unit configured to send the first transaction, the first digital signature, and the second digital signature to other nodes of the blockchain.
12. The apparatus of claim 11, wherein the first transaction is a transaction to create an account for the first user, wherein the first transaction includes an identification of the first access node.
13. The apparatus of claim 12, wherein the identification of the first access node is a public key of the first access node or an account of the first access node.
14. The apparatus of claim 11, wherein the blockchain further comprises a second access node, the first transaction is a transaction for modifying an access node of the first client, and the first transaction comprises an identification of the second access node.
15. An apparatus for performing a transaction in a blockchain, the blockchain including a first access node connected to a first client of a first user, the apparatus being deployed at any node in the blockchain, comprising:
an obtaining unit, configured to obtain a first transaction, a first digital signature of the first transaction, and a second digital signature of the first transaction, where the first transaction is sent by the first client, the first digital signature is a digital signature of the first user, and the second digital signature is a digital signature of the first access node;
a verification unit configured to verify the first digital signature and the second digital signature, respectively;
an execution unit configured to execute the first transaction in case of a pass of the verification.
16. The apparatus of claim 15, wherein the first transaction is a transaction for creating an account of the first user, wherein the first transaction includes an identification of the first access node.
17. The apparatus of claim 16, wherein the verification unit comprises a first obtaining subunit configured to obtain a public key of the first access node based on an identity of the first access node, a first verification subunit configured to verify the second digital signature using the public key of the first access node.
18. The apparatus of claim 16, wherein the first client corresponds to a first account of the first user, and wherein the execution unit is further configured to, upon validation, execute the first transaction to create data of the first account in a local account database, wherein an identification of the first access node is included in the data of the first account.
19. The apparatus according to claim 15, wherein the first client corresponds to a first account of the first user, and includes data of the first account in a local account database, and the data of the first account includes an identifier of the first access node, and wherein the verifying unit includes a reading subunit configured to read the identifier of the first access node from the data of the first account, a second obtaining subunit configured to obtain a public key of the first access node based on the identifier of the first access node, and a second verifying subunit configured to verify the second digital signature based on the public key of the first access node.
20. The apparatus of claim 19, wherein the blockchain further comprises a second access node, the first transaction is a transaction to modify the access node of the first client, the first transaction comprises an identification of the second access node, and wherein the execution unit is further configured to execute the first transaction to modify the identification of the first access node in the data of the first account to the identification of the second access node in the local account database if the authentication is passed.
21. A computer-readable storage medium having stored thereon a computer program or instructions which, when executed in a computer, cause the computer to perform the method of any one of claims 1-10.
22. A computing device comprising a memory having stored therein a computer program or instructions, and a processor which, when executed, implements the method of any of claims 1-10.
CN202110340284.9A 2021-03-30 2021-03-30 Method and apparatus for transmitting transactions and executing transactions in blockchain Pending CN112766971A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202110340284.9A CN112766971A (en) 2021-03-30 2021-03-30 Method and apparatus for transmitting transactions and executing transactions in blockchain
PCT/CN2021/133037 WO2022205959A1 (en) 2021-03-30 2021-11-25 Method and apparatus for sending transaction in blockchain, and method and apparatus for executing transaction in blockchain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110340284.9A CN112766971A (en) 2021-03-30 2021-03-30 Method and apparatus for transmitting transactions and executing transactions in blockchain

Publications (1)

Publication Number Publication Date
CN112766971A true CN112766971A (en) 2021-05-07

Family

ID=75691133

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110340284.9A Pending CN112766971A (en) 2021-03-30 2021-03-30 Method and apparatus for transmitting transactions and executing transactions in blockchain

Country Status (2)

Country Link
CN (1) CN112766971A (en)
WO (1) WO2022205959A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022205959A1 (en) * 2021-03-30 2022-10-06 蚂蚁区块链科技(上海)有限公司 Method and apparatus for sending transaction in blockchain, and method and apparatus for executing transaction in blockchain

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190251566A1 (en) * 2018-11-07 2019-08-15 Alibaba Group Holding Limited Managing private transactions on blockchain networks based on workflow
CN111161056A (en) * 2018-11-07 2020-05-15 新明华区块链技术(深圳)有限公司 Method, system and equipment for improving transaction security of digital assets
CN111242617A (en) * 2020-01-02 2020-06-05 支付宝(杭州)信息技术有限公司 Method and apparatus for performing transaction correctness verification
CN111385350A (en) * 2020-02-13 2020-07-07 南京如般量子科技有限公司 Quantum computation resistant blockchain transaction method and system based on one-time-varying secret sharing and routing device

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA3059438A1 (en) * 2017-04-26 2018-11-01 Visa International Service Association Systems and methods for recording data representing multiple interactions
US11316706B2 (en) * 2019-04-16 2022-04-26 Mastercard International Incorporated Method and system for using dynamic private keys to secure data file retrieval
CN112766971A (en) * 2021-03-30 2021-05-07 支付宝(杭州)信息技术有限公司 Method and apparatus for transmitting transactions and executing transactions in blockchain

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190251566A1 (en) * 2018-11-07 2019-08-15 Alibaba Group Holding Limited Managing private transactions on blockchain networks based on workflow
CN111161056A (en) * 2018-11-07 2020-05-15 新明华区块链技术(深圳)有限公司 Method, system and equipment for improving transaction security of digital assets
CN111242617A (en) * 2020-01-02 2020-06-05 支付宝(杭州)信息技术有限公司 Method and apparatus for performing transaction correctness verification
CN111385350A (en) * 2020-02-13 2020-07-07 南京如般量子科技有限公司 Quantum computation resistant blockchain transaction method and system based on one-time-varying secret sharing and routing device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022205959A1 (en) * 2021-03-30 2022-10-06 蚂蚁区块链科技(上海)有限公司 Method and apparatus for sending transaction in blockchain, and method and apparatus for executing transaction in blockchain

Also Published As

Publication number Publication date
WO2022205959A1 (en) 2022-10-06

Similar Documents

Publication Publication Date Title
CN110245506B (en) Intelligent contract management method and device based on block chain and electronic equipment
CN109074562B (en) Combined data transmission control method and system based on block chain
WO2018158936A1 (en) Block chain management device, block chain management method and program
US20190303932A1 (en) Method and system for verifying policy compliance of transactions in a blockchain executing smart contracts
CN111539731A (en) Block chain-based federal learning method and device and electronic equipment
JP2020511017A (en) System and method for implementing blockchain-based digital certificates
CN112215608A (en) Data processing method and device
CN112115205B (en) Cross-chain trust method, device, equipment and medium based on digital certificate authentication
JP2020511018A (en) System and method for generating digital marks
US11270030B2 (en) System and method for consensus management
US11888985B2 (en) Blockchain system, registration terminal, approval terminal, smart contract registration method, and smart contract registration program
CN112101938B (en) Digital seal using method and device based on block chain and electronic equipment
US20210391991A1 (en) Linking identities in a distributed database
TW202101350A (en) Method and device for cross-chain transmission of authenticable message based on processing module
CN111090581A (en) Intelligent contract testing method and device, computer equipment and storage medium
Roy et al. UML based modeling of ECDSA for secured and smart E-Governance system
CN112258189A (en) Block chain-based subscription management method and device and electronic equipment
CN110223075B (en) Identity authentication method and device, computer equipment and storage medium
CN112766971A (en) Method and apparatus for transmitting transactions and executing transactions in blockchain
JP6866803B2 (en) Authentication system and authentication method
CN112347516A (en) Asset certification method and device based on block chain
US20220114276A1 (en) Controlling a data network with respect to a use of a distributed database
CN110535663B (en) Method and system for realizing trusted timestamp service based on block chain
CN113469811A (en) Block chain transaction processing method and device
CN114372280A (en) Block chain service execution method and device based on multi-sign intelligent contract

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination