CN112801663A - Block chain evidence storing method, device, system, equipment and medium - Google Patents
Block chain evidence storing method, device, system, equipment and medium Download PDFInfo
- Publication number
- CN112801663A CN112801663A CN202110162452.XA CN202110162452A CN112801663A CN 112801663 A CN112801663 A CN 112801663A CN 202110162452 A CN202110162452 A CN 202110162452A CN 112801663 A CN112801663 A CN 112801663A
- Authority
- CN
- China
- Prior art keywords
- electronic data
- hash value
- client
- signature information
- certification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 81
- 238000012795 verification Methods 0.000 claims abstract description 81
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 33
- 238000004590 computer program Methods 0.000 claims description 12
- 239000003999 initiator Substances 0.000 description 17
- 238000010586 diagram Methods 0.000 description 16
- 230000006870 function Effects 0.000 description 9
- 150000003839 salts Chemical class 0.000 description 9
- 230000003993 interaction Effects 0.000 description 8
- 238000004891 communication Methods 0.000 description 5
- 230000000694 effects Effects 0.000 description 5
- 238000012545 processing Methods 0.000 description 5
- 230000000977 initiatory effect Effects 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 238000013500 data storage Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000009471 action Effects 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 238000009938 salting Methods 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3827—Use of message hashing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
- G06Q50/10—Services
- G06Q50/18—Legal services; Handling legal documents
Abstract
The application discloses a block chain evidence storing method, a device, a system, equipment and a medium, wherein the method comprises the following steps: sending an electronic data signing request to a second client, wherein the electronic data signing request comprises first electronic data; receiving first signature information which is sent by a second client and corresponds to the hash value of the first electronic data; verifying the first signature information by adopting a preset first public key; when the verification passes, generating a certification file by adopting a zero-knowledge certification algorithm; and sending the certification file and the hash value of the first electronic data to the blockchain system, so that the blockchain system stores the hash value of the first electronic data after verifying that the certification file is correct based on the intelligent contract. According to the technical scheme, a third-party certificate storing system is not needed, the Hash value of the first electronic data can be safely and credibly stored on the block chain system based on the zero-knowledge proof algorithm, the identity privacy of both parties is prevented from being exposed, and the storage safety of the first electronic data is improved.
Description
Technical Field
The present invention relates generally to the field of blockchain technology, and more particularly, to a method, an apparatus, a system, a device, and a medium for blockchain evidence preservation.
Background
With the rapid development of information technology, more and more electronic data is generated. Sensitive information such as personal privacy or business confidentiality, for example, a contract, which is an agreement with legal effect made after both transaction parties determine a cooperative relationship, is possibly involved in the electronic data, and is an indispensable part of business activities. The direct storage of the contract by both parties of the transaction may cause the risk of forgery or falsification, which makes the authentication difficult, and therefore, it is important to effectively store the same electronic data.
At present, electronic data such as contracts can be directly stored in a third party certification system in the related technology, but the method may leak identity privacy or secret-related information of two parties of the contracts, so that serious loss is caused to benefits of the two parties of the contracts, and particularly, some electronic evidences related to business confidentiality of business information cause lower storage security of the electronic data of the same parties.
Disclosure of Invention
In view of the above-mentioned deficiencies or inadequacies in the prior art, it would be desirable to provide a block chaining verification method, apparatus, system, device, and medium.
In a first aspect, the present application provides a block chain evidence storing method, including:
sending an electronic data signing request to a second client, wherein the electronic data signing request comprises first electronic data;
receiving first signature information which is sent by a second client and corresponds to the hash value of the first electronic data;
verifying the first signature information by adopting a preset first public key;
when the verification passes, generating a certification file by adopting a zero-knowledge certification algorithm;
the attestation file and the hash value of the first electronic data are sent to the blockchain system so that the blockchain system stores the hash value of the first electronic data after verifying that the attestation file is correct based on the smart contract.
In a second aspect, the present application provides a block chain evidence storing method, including:
receiving and responding to an electronic data signing request sent by a first client, and acquiring second electronic data and second signature information, wherein the second electronic data comprises first electronic data, and the second signature information is obtained by signing a hash value of the first electronic data by the first client;
verifying the second signature information by adopting a preset second public key;
and when the verification is passed, sending first signature information to the first client, wherein the first signature information is obtained by signing the hash value of the first electronic data by the second client.
In a third aspect, the present application provides a block chain evidence storing method, including:
receiving a certification file sent by a first client and a hash value of first electronic data;
the correctness of the certification document is verified based on the smart contract, and the hash value of the first electronic data is stored when the certification document is verified to be correct.
In a fourth aspect, the present application provides a device for verifying a blockchain, comprising:
the first sending module is used for sending an electronic data signing request to the second client, wherein the electronic data signing request comprises first electronic data;
the receiving module is used for receiving first signature information which is sent by a second client and corresponds to the hash value of the first electronic data;
the verification module is used for verifying the first signature information by adopting a preset first public key;
the generating module is used for generating a certification file by adopting a zero-knowledge certification algorithm when the verification is passed;
and the second sending module is used for sending the certification file and the hash value of the first electronic data to the blockchain system, so that the blockchain system stores the hash value of the first electronic data after verifying that the certification file is correct based on the intelligent contract.
In a fifth aspect, the present application provides a device for storing a block chain certificate, the device comprising:
the receiving module is used for receiving and responding to an electronic data signing request sent by a first client, and acquiring second electronic data and second signature information, wherein the second electronic data comprises first electronic data, and the second signature information is obtained by signing a hash value of the first electronic data by the first client;
the verification module is used for verifying the second signature information by adopting a preset second public key;
and the sending module is used for sending first signature information and a first public key to the first client when the verification is passed, wherein the first signature information is obtained by signing the hash value of the first electronic data by the second client.
In a sixth aspect, an embodiment of the present application provides a device for verifying a blockchain, where the device includes:
the receiving module is used for receiving the certification file sent by the first client and the hash value of the first electronic data;
and the storage module is used for verifying the correctness of the certification file based on the intelligent contract and storing the hash value of the first electronic data when the certification file is verified to be correct.
A seventh aspect, an embodiment of the present application provides a blockchain credit system, where the system includes a first client, a second client, and a blockchain system, where the first client communicates with the second client and the blockchain system, respectively, and the second client communicates with the blockchain system;
the first client is used for sending an electronic data signing request to the second client, receiving first signature information which is sent by the second client and corresponds to the hash value of the first electronic data, and verifying the first signature information by adopting a preset first public key; when the verification passes, generating a certification file by adopting a zero-knowledge certification algorithm, and sending the certification file and the hash value of the first electronic data to a block chain system;
the second client is used for receiving and responding to the electronic data signing request sent by the first client, acquiring second electronic data and second signature information, and verifying the second signature information based on a preset second public key; when the verification is passed, sending first signature information and a first public key to the first client;
the block chain system is used for receiving the certification file sent by the first client and the hash value of the first electronic data; the correctness of the certification document is verified based on the smart contract, and the hash value of the first electronic data is stored when the certification document is verified to be correct.
In an eighth aspect, an embodiment of the present application provides a computer device, including a memory and a processor, where the memory stores a computer program, and the processor implements the method of the first aspect, the method of the second aspect, or the method of the third aspect when executing the computer program.
In a ninth aspect, the present application provides a computer-readable storage medium, on which a computer program is stored, the computer program being configured to, when executed by a processor, implement the method of the first aspect or the method of the second aspect or the method of the third aspect.
To sum up, according to the method, the device, the system, the equipment and the medium for storing the block chain certificate, the first client sends an electronic data signing request including first electronic data to the second client, receives first signature information corresponding to a hash value of the first electronic data sent by the second client, verifies the first signature information by adopting a preset first public key, generates a certificate file by adopting a zero-knowledge certificate algorithm when the verification is passed, and sends the certificate file and the hash value of the first electronic data to the block chain system, so that the block chain system stores the hash value of the first electronic data after verifying that the certificate file is correct based on an intelligent contract. According to the scheme, a third-party certificate storage system is not needed, the Hash value of the first electronic data can be safely and reliably stored on the block chain system based on a zero-knowledge proof algorithm, so that the validity of the first electronic data is effectively verified when a business dispute occurs, the identity privacy of both parties is prevented from being exposed, and the storage safety of the first electronic data is improved.
Drawings
Other features, objects and advantages of the present application will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:
fig. 1 is a schematic structural diagram of a blockchain credit system according to an embodiment of the present disclosure;
fig. 2 is a schematic diagram illustrating an internal structure of a blockchain credit system according to an embodiment of the present disclosure;
fig. 3 is a schematic flowchart of a block chain verification method according to an embodiment of the present disclosure;
fig. 4 is a schematic flowchart of a block chain verification method according to an embodiment of the present disclosure;
fig. 5 is a schematic flowchart of a block chain verification method according to an embodiment of the present disclosure;
fig. 6 is a schematic flowchart of a block chain verification method according to an embodiment of the present disclosure;
fig. 7 is a schematic flowchart of a block chain verification method according to an embodiment of the present disclosure;
fig. 8 is a schematic flowchart of a block chain verification method according to an embodiment of the present disclosure;
fig. 9 is a schematic structural diagram of a blockchain evidence storing device according to an embodiment of the present disclosure;
fig. 10 is a schematic structural diagram of a blockchain evidence storing device according to an embodiment of the present disclosure;
fig. 11 is a schematic structural diagram of a blockchain evidence storing device according to an embodiment of the present disclosure;
fig. 12 is a schematic structural diagram of a computer system according to an embodiment of the present application.
Detailed Description
The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the present invention are shown in the drawings.
It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict.
It can be understood that the electronic data such as the contract is an agreement with legal effect signed after the two parties determine the cooperative relationship, and it is important to effectively store the sensitive information such as personal privacy or business confidentiality. At present, the contracts can be directly stored in a third party certificate storage system, but the related method may leak identity privacy and secret-related information of two parties of the contracts, so that the benefits of the two parties of the contracts are seriously lost, and the storage safety of the electronic data of the same contracts is low.
Based on the defects, the block chain storage method is provided, and compared with the prior art, the block chain storage method does not need a third-party storage system, and can realize the safe and reliable storage of the first electronic data on the block chain system based on a zero-knowledge proof algorithm, so that the validity of the first electronic data is effectively verified when a business dispute occurs, the identity privacy of both parties is prevented from being exposed, and the storage safety of the first electronic data is improved.
Fig. 1 is a schematic structural diagram of a blockchain credit system according to an embodiment of the present disclosure, and as shown in fig. 1, the system includes a first client 10, a second client 20, and a blockchain system 30, where the first client 10 communicates with the second client 20 and the blockchain system 30, respectively, and the second client 20 communicates with the blockchain system 30.
Wherein the first client 10 may be a client used by a data originator and the second client 20 may be a client used by a data contractor, the data may be, for example, a contract. The first client or the second client may be running on an electronic device, and the electronic device may be a notebook computer, a tablet computer, a desktop computer, a smart phone, and the like.
The first client 10 is configured to send an electronic data signing request to the second client 20, receive first signature information corresponding to a hash value of the first electronic data sent by the second client 20, and verify the first signature information by using a preset first public key; when the verification passes, a proof document is generated using a zero-knowledge proof algorithm, and the proof document and the hash value of the first electronic data are sent to the blockchain system 30.
The second client 20 is configured to receive and respond to the electronic data signing request sent by the first client 10, acquire second electronic data and second signature information, and verify the second signature information based on a preset second public key; when the verification passes, first signature information is sent to the first client 10.
The blockchain system 30 is configured to receive the certification file sent by the first client 10 and the hash value of the first electronic data, verify the correctness of the certification file based on the smart contract, and store the hash value of the first electronic data when the certification file is verified to be correct.
Fig. 2 shows the logical framework of the service modules applied to the method and the main sub-function modules included in the modules, please refer to fig. 2, where the configuration file mainly includes user interaction service, block chain service, zero knowledge proof service, message communication service, data storage service and API interface service.
The user interaction service mainly provides a down-link UI interaction service and DB interaction for a user, and the UI interaction service may include, but is not limited to, sending, receiving, requesting a signature, and the like of data. The user interaction service may be associated with a data storage service through which interaction data resulting from user interactions is stored.
The intelligent contract management service mainly provides dynamic contracts such as Shield and Verifier for uplink of first electronic data provided by a first client, deploys the dynamic contracts to the chain when a system is initialized and operates, and calls the dynamic contracts when the first client needs to uplink the data. The first client is not authorized to modify contract content, and the intelligent contract is managed and constructed as part of the deployment process and needs to be specially customized according to the situation.
The zero knowledge proof service is mainly used to generate proof that can be verified on a chain. The services include, but are not limited to, functions of compiling Circuits (zksirark Circuits), generating proof, and verifying data validity by Verifier.
The messaging service is mainly messaging using Whisper processing, and the service further includes an application for creating an identity and a pub/sub wrapper for processing messaging.
The data storage service is primarily used to provide users with different DB components for managing data across storage instances (Mongo DB) and cache instances (Redis DB).
API interface service: the micro-service is mainly configured through a configuration file Config Files to coordinate the management of all application service programs.
For convenience of understanding and explanation, the block chaining verification method, apparatus, device and medium provided by the embodiments of the present application are described in detail below with reference to fig. 3 to 12.
Fig. 3 is a schematic flowchart of a block chain verification method provided in an embodiment of the present application, where the method is applied to a first client, and as shown in fig. 3, the method includes:
and step S101, sending an electronic data signing request to a second client, wherein the electronic data signing request comprises first electronic data.
Step S102, receiving first signature information which is sent by a second client and corresponds to the hash value of the first electronic data.
And step S103, verifying the first signature information by adopting a preset first public key.
And step S104, when the verification is passed, generating a certification file by adopting a zero-knowledge certification algorithm.
And step S105, sending the certification file and the hash value of the first electronic data to the blockchain system, so that the blockchain system stores the hash value of the first electronic data after verifying the certification file is correct based on the intelligent contract.
Specifically, when a first client needs to perform electronic data signing service with a second client, a first public key and a second public key may be pre-designated between the first client and the second client, where the first public key is used to verify first signature information corresponding to a hash value of first electronic data by the second client, and the second public key is used to verify second signature information corresponding to the hash value of the first electronic data by the first client, and then the first client may create the second electronic data and store the second electronic data in a first database, determine the first electronic data from the second electronic data, determine the hash value of the first electronic data by using a hash algorithm, and sign the hash value of the first electronic data by using a second private key and a first electronic signature to obtain second signature information. Alternatively, the first electronic data may be data of higher importance among the second electronic data.
It should be noted that, the hash value is usually represented by a short character string composed of random letters and numbers, and is a "data fingerprint" obtained by hashing an input message of any length, also called a digest value, which is represented in binary form in the underlying machine code of the computer, and the hash function can be used to transform the input first electronic data of any length into output data of a fixed length, and the output data is obtained as a digest value corresponding to the first electronic data, and the hash function can make the access process to a data sequence more rapid and effective, and the data elements will be located more rapidly by the hash function. Alternatively, common hash functions may be: direct addressing, numerical analysis, square-of-middle, random number, etc. The digest length of the obtained digest value is 256 bits, and 32 bytes in total.
The first client may be a contract initiator, the second client may be a contract contractor, the second electronic data may be a contract, for example, the first electronic data may be secret-related data in the contract, and the first database may be a private database corresponding to the contract initiator.
After signing the hash value of the first electronic data to obtain second signature information, the first client sends an electronic data signing request to the second client through the secure transmission channel, wherein the electronic data signing request comprises the second electronic data, the hash value of the first electronic data and the second signature information for signing the hash value of the first electronic data, so that after receiving the electronic data signing request, the second client responds to the electronic data signing request, stores the second electronic data in the second database, and verifies the second signature information through a preset second public key to verify the validity of the signature of the first client. The second database may be, for example, a private database corresponding to a contract contractor.
It should be noted that the first client may store the second electronic data in the first database through the local database storage system, so as to ensure safe and reliable storage and access of the data and not leak the data to any client except the first client.
When the second client side verifies the second signature information, the first private key is used for signing the hash value of the first electronic data to obtain first signature information, the first signature information is sent to the first client side, the first client side is enabled to verify the first signature information through the preset first public key, when the second client side verifies the second signature information, the zero-knowledge proof algorithm is used for generating a proof file, the proof file and the hash value of the first electronic data are sent to the block chain system, the block chain system is enabled to verify the correctness of the proof file based on the intelligent contract, and the hash value of the first electronic data is stored after the proof file is verified to be correct.
The method for storing the certificate of the block chain includes the steps that a first client sends an electronic data signing request including first electronic data to a second client, receives first signature information which is sent by the second client and corresponds to a hash value of the first electronic data, the first signature information is verified by a preset first public key, when the verification is passed, a zero-knowledge certification algorithm is adopted to generate a certification file, and the certification file and the hash value of the first electronic data are sent to the block chain system, so that the block chain system stores the hash value of the first electronic data after the certification file is verified to be correct based on an intelligent contract. According to the scheme, a third-party certificate storage system is not needed, the Hash value of the first electronic data can be safely and reliably stored on the block chain system based on a zero-knowledge proof algorithm, so that the validity of the first electronic data is effectively verified when a business dispute occurs, the identity privacy of both parties is prevented from being exposed, and the storage safety of the first electronic data is improved.
Optionally, on the basis of the foregoing embodiment, fig. 4 is a schematic flowchart of a method for generating a certification document according to an embodiment of the present application. As shown in fig. 4, the method may include:
s201, performing consistency verification on the hash value of the first electronic data to be linked through a preset logic circuit equation.
S202, when the consistency verification passes, verifying second signature information of the hash value of the first electronic data by adopting a preset second public key and verifying first signature information of the hash value of the first electronic data by adopting a preset first public key respectively.
And S203, when the first signature information and the second signature information are verified, generating a certification file by adopting a zero-knowledge certification tool based on the hash value of the first electronic data, the first signature information, the second signature information, the first public key and the second public key.
In particular, zero knowledge proof is an important technique for privacy protection in cryptography that allows an authenticator to determine whether electronic data is valid without knowing the specific content of the electronic data. When the zero-knowledge proof algorithm is adopted to generate the proof file, the consistency verification and the signature verification can be carried out on the hash value of the first electronic data to be linked through a preset logic circuit equation. The consistency verification is mainly used for verifying whether the hash value of the first electronic data to be linked and signed by the two parties is consistent with the hash value of the first electronic data. The signature verification is mainly to verify whether the public keys of the two parties can correctly verify the signature information of the hash value of the first electronic data.
The first client may perform consistency verification on the hash value of the first electronic data to be linked through a preset logical circuit equation to check whether the hash value to be linked signed by both sides is consistent with the hash value of the first electronic data, if so, it indicates that the consistency verification is passed, and if not, it indicates that the consistency verification is not passed.
When the consistency verification passes, the second signature information of the hash value of the first electronic data is verified by adopting a preset first public key, and the first signature information of the hash value of the first electronic data is verified by adopting a preset first public key, and when the first signature information and the second signature information are verified by adopting a zero-knowledge proof tool, a proof file can be generated by adopting a zero-knowledge proof tool based on the hash value of the first electronic data, the first signature information, the second signature information, the first public key and the second public key.
Further, the hash value of the first electronic data may be used as public Input, and the first signature information, the second signature information, the first public key and the second public key may be used as private Input, a witness file witness may be generated through computer-witness in a zero-knowledge Proof tool, then a certification key pk may be generated by using setup in the zero-knowledge Proof tool and a preset logic circuit, and then a certification file Proof may be generated based on the witness file witness and the certification key pk, and the certification file may be generated through a certification Proof (pk, witness) in the zero-knowledge Proof tool.
The first client generates the certification file by adopting a zero-knowledge certification algorithm, so that the condition that only the hash value of the first electronic data signed by the two sides can be stored in the block chain system is ensured, and when disputes occur, effective certification can be carried out through the certification file, information leakage is avoided, and the originality and integrity of the data are effectively ensured.
In this step, after the certification file is generated, the certification file and the hash value of the first electronic data may be sent to the blockchain system, so that the blockchain system verifies the correctness of the certification file based on the intelligent contract, and stores the hash value of the first electronic data after the correctness is verified. And then sending a chaining result to the first client, and when the chaining result represents that the chaining of the hash value of the first electronic data is successful, obtaining a data node index and a mercker tree root which are stored in the block chain system and correspond to the hash value of the first electronic data, and then sending the data node index and the mercker tree root by the second client, so that the second client verifies the validity of the hash value of the first electronic data stored in the block chain system based on the data node index and the mercker tree root.
In the embodiment, only the hash value of the first electronic data needs to be stored in the blockchain system, and the public keys of both parties and other information are stored in the blockchain system instead of storing the first electronic data, the signatures of both parties on the hash value of the first electronic data, and the public keys of both parties, so that the public keys of both parties and the signature information of both parties are stored in the intelligent contract, thereby protecting the identity privacy of both parties of the data.
Fig. 5 is a schematic flowchart of a block chain evidence storing method provided in an embodiment of the present application, where the method is applied to a second client, and as shown in fig. 5, the method includes:
s301, receiving and responding to an electronic data signing request sent by a first client, and obtaining second electronic data and second signature information, wherein the second electronic data comprises the first electronic data, and the second signature information is obtained by signing the hash value of the first electronic data by the first client.
And S302, verifying the second signature information by adopting a preset second public key.
And S303, when the verification is passed, sending first signature information and a first public key to the first client, wherein the first signature information is obtained by the second client by signing the hash value of the first electronic data.
Specifically, after the first client creates the second contract data and stores the second contract data in the first database, the first electronic data is determined from the second electronic data, the hash value of the first electronic data is determined by using a hash algorithm, and the hash value of the first electronic data is signed by using a preset second private key and a first electronic signature, so that second signature information is obtained. And then sending an electronic data signing request to a second client, wherein the electronic data signing request comprises second electronic data, a hash value of the first electronic data and second signature information, the second client receives and responds to the electronic data signing request sent by the first client, acquires the second electronic data and the second signature information, stores the second electronic data into a second database, verifies the second signature information by adopting a preset second public key, and signs the hash value of the first electronic data by adopting a first private key and a second electronic signature to obtain the first signature information.
And the second client sends the first signature information to the first client, so that the first client verifies the first signature information by adopting a preset first public key, when the verification is passed, a zero-knowledge proof algorithm is adopted to generate a proof file, and the proof file and the hash value of the first electronic data are sent to the block chain system, so that the block chain system stores the hash value of the first electronic data after verifying that the proof file is correct based on an intelligent contract.
In this step, when the uplink of the hash value of the first electronic data is successful, the blockchain system sends the uplink result to the second client, and when the representation of the uplink result is successful, the blockchain system receives the data node index and the mercker tree root sent by the first client, and then verifies the validity of the hash value of the first electronic data stored in the blockchain system based on the data node index and the mercker tree root. The second client can find the hash value of the first electronic data stored in the blockchain system through the data node index and the Merckel tree root, compare the hash value of the first electronic data stored in the blockchain system with the hash value of the first electronic data stored in the second database, and when the comparison is consistent, indicate that the hash value of the first electronic data is successfully stored in the blockchain system; when the comparison is inconsistent, the hash value of the first electronic data is not successfully stored in the blockchain system.
According to the embodiment, the hash value of the first electronic data can be stored after the signatures of the two parties are verified to be correct, so that the consistency of the two parties of the data is ensured, and only the hash value of the first electronic data needs to be stored in the blockchain system, so that the identity privacy of the first client and the second client is protected, information leakage is avoided, and the storage safety of the first electronic data is improved.
Fig. 6 is a flowchart illustrating a verification method for a blockchain according to an embodiment of the present disclosure, where the method is applied to a blockchain system, as shown in fig. 6, the method includes:
s401, receiving the certification file sent by the first client and the hash value of the first electronic data.
S402, verifying the correctness of the certification file based on the intelligent contract, and storing the hash value of the first electronic data when the certification file is verified to be correct.
Specifically, after the first client generates the certification file by adopting a zero-knowledge certification algorithm, the certification file and the hash value of the first electronic data are sent to the blockchain system, and after the blockchain system receives the certification file and the hash value of the first electronic data, the correctness of the certification file is verified based on the intelligent contract.
It should be noted that, the first client may generate the certification key and the verification key based on the zero-knowledge certification tool and the preset logic circuit, where the verification key matches with the certification key.
The blockchain system may obtain the verification key sent by the first client, and verify the correctness of the certification file through a first smart contract based on the verification key and the hash value of the first electronic data, where the first smart contract is a verification contract, and may be a Verifier contract, for example. When the verification is correct, the hash value of the first electronic data is stored based on a second intelligent contract, which is a state contract, such as a Shield contract.
The method comprises the following steps that a Shield contract discloses a calling authority for a data initiator of a first client, and a Verifier contract can only be called inside the Shield contract; the Shield contract mainly stores the hash value of the first electronic data into a block chain system, but before the hash value of the first electronic data is stored into a block chain, whether the hash value of the first electronic data is valid needs to be verified through a Verifer contract, and the correctness of a verification document can be realized; the Verifer contract mainly verifies the validity of the hash value of the first electronic data to be chained by a zero knowledge proof algorithm, and only when the verification is passed, the hash value of the first electronic data can be stored into the blockchain system by a Shield contract.
In this embodiment, only the hash value of the first electronic data needs to be stored in the blockchain, and the identity privacy of both data parties can be protected by storing the signature information of both parties, the public key of both parties, and the like in the intelligent contract.
For more clearly describing the present application, please refer to fig. 7, which takes the first client as the contract initiator, the second client as the contract contractor, the first electronic data as the contract, and the second electronic data as the contract-related data as examples, the method includes:
s501, a contract initiator creates a contract and stores the contract into a first database.
S502, determining contract confidential data from the contract, and determining a hash value of the contract confidential data by adopting a hash algorithm.
S503, signing the hash value of the contract confidential data by adopting a second private key and the first electronic signature to obtain second signature information.
And S504, sending an electronic data signing request to the contract signing party, wherein the electronic data signing request comprises the contract and the second signature information.
And S505, the contract signing party receives and responds to the electronic data signing request, and verifies the second signature information by adopting a preset second public key.
And S506, when the verification is passed, signing the hash value of the contract secret-related data by adopting a first private key to obtain first signature information.
And S507, the contract signing party sends first signature information to the contract initiator.
And S508, verifying the first signature information by adopting a preset first public key.
And S508, when the verification is passed, generating a certification file by adopting a zero-knowledge certification algorithm.
S510, sending the certification file and the hash value of the contract confidential data to a block chain system, so that the block chain system stores the hash value of the contract confidential data after verifying that the certification file is correct based on an intelligent contract.
And S511, after the chaining is successful, sending the data node index and the Mercker tree root to the contract contracting party.
S512, the contract signing party verifies the validity of the hash value of the stored contract confidential data based on the data node index and the Mercker tree root.
Specifically, as shown in fig. 8, a contract initiator and a contract contractor may specify a first public key and a second public key in advance, where the first public key and the second public key are used to verify signature information of both parties, the contract initiator creates a contract and stores the contract in a first database, the first database is a linked private database, then determines contract-related data from the contract, determines a hash value of the contract-related data by using a hash algorithm, and signs the hash value of the contract-related data by using the second private key and the first electronic signature to obtain second signature information. And sending an electronic data signing request to the contract signing party through the private channel, wherein the electronic data signing request comprises the contract and second signature information. And the contract signing party receives and responds the electronic data signing request, verifies the second signature information by adopting a preset second public key, stores the contract into a second database when the verification is passed, the second database is a down-link private database, signs the hash value of the contract secret-related data by adopting a first private key to obtain first signature information, and sends the first signature information to the contract initiating party.
And the contract initiator verifies the first signature information by adopting a preset first public key, and generates a certification document by calling a zero knowledge certification module and adopting a zero knowledge certification algorithm when the verification is passed. And sending the certification file and the hash value of the contract secret-related data to a block chain system to request a chain entering operation from the block chain system, so that the block chain system verifies the validity of the hash value of the first electronic data to be linked based on a Verifer contract, and when the verification is passed, processing the hash value of the contract secret-related data into blocks based on a Shield contract and storing the blocks onto the block chain system. And after the chaining is successful, sending a chaining success message to the contract signing party, and verifying the validity of the hash value of the contract secret-related data stored in the block chain system.
It should be noted that the contract initiator may send the data node index and the mercker tree root to the contract contractor, and the contract contractor may verify the validity of the hash value of the contract-related data according to the data node index and the mercker tree root.
For example, taking the first electronic data as contract-related data and the second electronic data as a contract, assuming that two parties of the contract are a contract initiator (buyer) and a contract contractor (supplier), respectively, the contract initiator and the contract contractor specify a buyer public key and a supplier public key in advance, and define a data structure related to the contract as follows:
salt (salt), in cryptography, refers to inserting a specific character string into an arbitrary fixed position of the hash content (e.g., password) before hashing, and this way of adding a character string to a hash is called "salting". In most cases, the salt is not required to be kept secret, and the salt may be a randomly generated character string, and the position of insertion may be arbitrary. If the hash result needs to be verified in the future (e.g., to verify a password entered by a user), the used salt needs to be recorded.
The method comprises the steps that a contract initiator creates contracts PSAConstants, stores the contracts into a first local database of the contract initiator, determines contract-related data from the contracts, records the contract-related data as PSACommutation, and creates hash values of the contract-related data according to the PSAConstants and random salting salt, wherein the hash values of the contract-related data determine that PSACommutation value is H (public Key OfBuyer, public Key OfSupplier, DataSensive, erc20ContractAddress, salt) in the following mode, and the hash values comprise hash calculations of a buyer public key, a supplier public key, the contract-related data, erc20 contract-related addresses and salt;
the contract initiator signs the hash value PSACommittent value of the same classified data to obtain second signature information, and the contract initiator sends the signed hash value PSACommittent value of the same classified data and the data of PSACommittent, salt and the like to the contract contractor through a safety channel; and after the contract signing party receives the electronic data signing request sent by the contract initiating party, responding to the electronic data signing request, verifying the validity of the second signature information by using a second public key appointed by the contract signing party and the contract signing party signs the hash value PSACommimitative value of the contract secret-related data signed by the contract initiating party by using a first private key after the verification is passed, and sending the signed first signature information to the contract initiating party through a private channel.
After receiving a data packet sent by a contract signing party, a contract initiator verifies first signature information sent by the contract signing party through a first public key pre-specified by the two parties, generates a certification file according to a zero knowledge certification algorithm after the verification is passed, and sends the certification file to a block chain system, so that the block chain system calls a Verifier contract through a Shield contract to verify the validity of data, and stores a hash value PSACommimittion.value of contract-related data signed by the two parties on the block chain system after the verification is passed. The contract originator may send the necessary verification data, including but not limited to data node index, Merkle tree root, etc., to the contract contractors. After the contract signing party receives the successful cochain information sent by the block chain, whether the hash value of the contract confidential data is correctly stored on the block chain system is verified based on the data node index and the Merkle tree root.
The double sending of the contract in this embodiment accomplishes an effective consensus of the data on the chain, during which time either party cannot tamper with or repudiate the validity of the contract's content. The hash value of the contract secret-related data is only stored in the blockchain system, the hash value of the contract, the signatures of both parties of the contract, the public keys of both parties and the like are not required to be stored in the blockchain system, and the public keys and the signature information of both parties are stored in the intelligent contract, so that the identity privacy of both parties of the contract is ensured. On the premise of protecting the privacy of the electronic contract, the originality and the integrity of the electronic contract can be effectively verified.
It should be noted that while the operations of the method of the present invention are depicted in the drawings in a particular order, this does not require or imply that the operations must be performed in this particular order, or that all of the illustrated operations must be performed, to achieve desirable results. Rather, the steps depicted in the flowcharts may change the order of execution. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions.
Fig. 9 is a schematic structural diagram of a blockchain evidence storing device according to an embodiment of the present invention. As shown in fig. 9, the apparatus may implement the method shown in fig. 3, and the apparatus may include:
a first sending module 610, configured to send an electronic data signing request to a second client, where the electronic data signing request includes first electronic data;
a receiving module 620, configured to receive first signature information corresponding to a hash value of the first electronic data sent by the second client;
the verifying module 630 is configured to verify the first signature information by using a preset first public key;
a generating module 640, configured to generate a certification document by using a zero-knowledge certification algorithm when the verification passes;
a second sending module 650, configured to send the certification file and the hash value of the first electronic data to the blockchain system, so that the blockchain system stores the hash value of the first electronic data after verifying that the certification file is correct based on the intelligent contract.
Optionally, the apparatus is further configured to:
creating second electronic data and storing the second electronic data in a first database;
determining first electronic data from the second electronic data, and determining a hash value of the first electronic data by using a hash algorithm;
and signing the hash value of the first electronic data by adopting a second private key and the first electronic signature to obtain second signature information.
Optionally, the generating module 640 is specifically configured to:
carrying out consistency verification on the hash value of the first electronic data to be linked through a preset logic circuit equation;
when the consistency verification passes, verifying second signature information of the hash value of the first electronic data by adopting a preset second public key and verifying first signature information of the hash value of the first electronic data by adopting a preset first public key respectively;
and when the first signature information and the second signature information are verified, generating a certification file by adopting a zero-knowledge certification tool based on the hash value of the first electronic data, the first signature information, the second signature information, the first public key and the second public key.
Optionally, the generating module 640 is specifically configured to:
taking the hash value of the first electronic data as public input, taking the first signature information, the second signature information, the first public key and the second public key as private input, and generating a witness file through a zero-knowledge proof tool;
generating a certification key by adopting a zero-knowledge certification tool and a preset logic circuit;
a certification document is generated based on the witness document and the certification key.
Optionally, the apparatus is further configured to:
receiving an uplink result sent by a block chain system;
when the uplink result represents that the uplink is successful, acquiring a data node index and a Mercker tree root which are stored in a block chain system and correspond to a hash value of the first electronic data;
the data node index and the merck tree root are sent to the second client such that the second client verifies the validity of the hash value of the first electronic data stored in the blockchain system based on the data node index and the merck tree root.
Optionally, the apparatus is further configured to:
and sending a verification key to the blockchain system so that the blockchain system verifies the correctness of the certification file based on the intelligent contract, wherein the verification key is generated by adopting a zero-knowledge certification tool and a preset logic circuit.
The blockchain evidence storing device provided in this embodiment may implement the embodiments of the method described above, and the implementation principle and technical effect are similar, which are not described herein again.
Fig. 10 is a schematic structural diagram of a blockchain evidence storing device according to an embodiment of the present invention. As shown in fig. 10, the apparatus may implement the method shown in fig. 5, and the apparatus may include:
the receiving module 710 is configured to receive and respond to an electronic data signing request sent by a first client, and obtain second electronic data and second signature information, where the second electronic data includes the first electronic data, and the second signature information is obtained by signing, by the first client, a hash value of the first electronic data;
the verifying module 720 is configured to verify the second signature information by using a preset second public key;
the sending module 730 is configured to send, to the first client, first signature information and a first public key when the verification is passed, where the first signature information is obtained by the second client signing the hash value of the first electronic data.
Optionally, the apparatus is further configured to:
storing the second electronic data in a second database;
and signing the hash value of the first electronic data by adopting a first private key and a second electronic signature to obtain first signature information.
Optionally, the apparatus is further configured to:
receiving an uplink result sent by a block chain system;
when the uplink result represents that the uplink is successful, receiving a data node index and a Mercker tree root which are sent by a first client;
the validity of the hash value of the first electronic data stored in the blockchain system is verified based on the data node index and the merkel tree root.
Fig. 11 is a schematic structural diagram of a blockchain evidence storing device according to an embodiment of the present invention. As shown in fig. 10, the apparatus may implement the method shown in fig. 6, and the apparatus may include:
a receiving module 810, configured to receive a certificate sent by a first client and a hash value of first electronic data;
the storage module 820 is configured to verify correctness of the certification document based on the smart contract, and store the hash value of the first electronic data when the certification document is verified to be correct.
Optionally, the storage module 820 is specifically configured to:
acquiring a verification key sent by a first client, wherein the verification key is a key corresponding to a certification key generated by adopting a zero-knowledge certification tool and a preset logic circuit;
verifying the correctness of the certification file through the first intelligent contract based on the verification key and the hash value of the first electronic data;
when the verification is correct, the hash value of the first electronic data is stored based on the second smart contract.
Optionally, the apparatus is further configured to:
and sending the uplink result to the first client and the second client.
The blockchain evidence storing device provided in this embodiment may implement the embodiments of the method described above, and the implementation principle and technical effect are similar, which are not described herein again.
Fig. 12 is a schematic structural diagram of a computer device according to an embodiment of the present invention. As shown in fig. 12, a schematic diagram of a computer system 900 suitable for implementing a terminal device according to an embodiment of the present application is shown.
As shown in fig. 12, the computer system 900 includes a Central Processing Unit (CPU)901 that can perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)902 or a program loaded from a storage section 908 into a Random Access Memory (RAM) 903. In the RAM903, various programs and data necessary for the operation of the system 900 are also stored. The CPU901, ROM902, and RAM903 are connected to each other via a bus 904. An input/output (I/O) interface 906 is also connected to bus 904.
The following components are connected to the I/O interface 905: an input portion 906 including a keyboard, a mouse, and the like; an output section 907 including components such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage portion 908 including a hard disk and the like; and a communication section 909 including a network interface card such as a LAN card, a modem, or the like. The communication section 909 performs communication processing via a network such as the internet. A drive 910 is also connected to the I/O interface 906 as needed. A removable medium 911 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 910 as necessary, so that a computer program read out therefrom is mounted into the storage section 908 as necessary.
In particular, the processes described above with reference to fig. 2-5 may be implemented as computer software programs, according to embodiments of the present disclosure. For example, embodiments of the present disclosure include a computer program product comprising a computer program tangibly embodied on a machine-readable medium, the computer program comprising program code for performing the methods of fig. 3-6. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 909, and/or installed from the removable medium 911.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units or modules described in the embodiments of the present application may be implemented by software or hardware. The described units or modules may also be provided in a processor, and may be described as: a processor includes a first sending module, a receiving module, a verification module, a generation module, and a second sending module. Where the names of such units or modules do not in some cases constitute a limitation on the units or modules themselves, for example, the first sending module may also be described as "for sending an electronic data subscription request to the second client, the electronic data subscription request including the first electronic data".
As another aspect, the present application also provides a computer-readable medium, which may be contained in the electronic device described in the above embodiments; or may exist separately without being assembled into the electronic device. The computer readable medium carries one or more programs, which when executed by an electronic device, cause the electronic device to implement the blockchain credentialing method as described in the above embodiments.
For example, the electronic device may implement the following as shown in fig. 2: step S101, an electronic data signing request is sent to a second client, and the electronic data signing request comprises first electronic data; step S102, receiving first signature information which is sent by a second client and corresponds to a hash value of the first electronic data; step S103, verifying the first signature information by adopting a preset first public key; step S104, when the verification is passed, generating a certification file by adopting a zero-knowledge certification algorithm; step S105, sending the certification file and the hash value of the first electronic data to a blockchain system, so that the blockchain system stores the hash value of the first electronic data after verifying that the certification file is correct based on an intelligent contract. As another example, the electronic device may implement the various steps shown in fig. 3-5.
It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.
Moreover, although the steps of the methods of the present disclosure are depicted in the drawings in a particular order, this does not require or imply that the steps must be performed in this particular order, or that all of the depicted steps must be performed, to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions, etc. Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware.
Claims (18)
1. A block chain evidence storing method is applied to a first client side and is characterized by comprising the following steps:
sending an electronic data signing request to a second client, wherein the electronic data signing request comprises first electronic data;
receiving first signature information which is sent by a second client and corresponds to the hash value of the first electronic data;
verifying the first signature information by adopting a preset first public key;
when the verification passes, generating a certification file by adopting a zero-knowledge certification algorithm;
and sending the certification file and the hash value of the first electronic data to a blockchain system, so that the blockchain system stores the hash value of the first electronic data after verifying that the certification file is correct based on an intelligent contract.
2. The method of claim 1, wherein prior to sending the electronic data subscription request to the second client, the method further comprises:
creating second electronic data and storing the second electronic data in a first database;
determining first electronic data from the second electronic data, and determining a hash value of the first electronic data by using a hash algorithm;
and signing the hash value of the first electronic data by adopting a second private key and the first electronic signature to obtain second signature information.
3. The method of claim 1, wherein generating the attestation file using a zero-knowledge attestation algorithm comprises:
carrying out consistency verification on the hash value of the first electronic data to be linked through a preset logic circuit equation;
when the consistency verification passes, verifying second signature information of the hash value of the first electronic data by adopting a preset second public key and verifying first signature information of the hash value of the first electronic data by adopting a preset first public key respectively;
and when the first signature information and the second signature information are verified, generating a certification file by adopting a zero-knowledge certification tool based on the hash value of the first electronic data, the first signature information, the second signature information, the first public key and the second public key.
4. The method of claim 3, wherein generating a certification document using a zero knowledge certification tool based on the hash value of the first electronic data, the first signature information, the second signature information, the first public key, and the second public key comprises:
taking the hash value of the first electronic data as public input, taking the first signature information, the second signature information, the first public key and the second public key as private input, and generating a witness file by a zero-knowledge proof tool;
generating a certification key by adopting a zero-knowledge certification tool and a preset logic circuit;
generating a certification document based on the witness document and the certification key.
5. The method of claim 1, wherein after sending the attestation file and the hash value of the first electronic data to a blockchain system, the method further comprises:
receiving an uplink result sent by the block chain system;
when the uplink result represents that uplink is successful, acquiring a data node index and a Mercker tree root which are stored in the block chain system and correspond to a hash value of the first electronic data;
sending the data node index and the Mercker tree root to the second client to cause the second client to verify the validity of a hash value of the first electronic data stored in the blockchain system based on the data node index and the Mercker tree root.
6. The method of claim 1, further comprising:
and sending a verification key to the blockchain system so that the blockchain system verifies the correctness of the certification file based on the intelligent contract, wherein the verification key is generated by adopting a zero-knowledge certification tool and a preset logic circuit.
7. A block chain evidence storing method is applied to a second client side and is characterized by comprising the following steps:
receiving and responding to an electronic data signing request sent by a first client, and acquiring second electronic data and second signature information, wherein the second electronic data comprises first electronic data, and the second signature information is obtained by signing a hash value of the first electronic data by the first client;
verifying the second signature information by adopting a preset second public key;
and when the verification is passed, sending first signature information to the first client, wherein the first signature information is obtained by the second client signing the hash value of the first electronic data.
8. The method of claim 7, wherein after verifying the second signature information with a second public key, the method further comprises:
storing the second electronic data in a second database;
and signing the hash value of the first electronic data by adopting a first private key and a second electronic signature to obtain first signature information.
9. The method of claim 7, wherein after sending the first signature information to the first client, the method further comprises:
receiving an uplink result sent by the block chain system;
when the uplink result represents that the uplink is successful, receiving a data node index and a Mercker tree root which are sent by a first client;
verifying the validity of the hash value of the first electronic data stored in the blockchain system based on the data node index and the Merck tree root.
10. A block chain evidence storing method is applied to a block chain system and is characterized by comprising the following steps:
receiving a certification file sent by a first client and a hash value of first electronic data;
the correctness of the certification document is verified based on the smart contract, and the hash value of the first electronic data is stored when the certification document is verified to be correct.
11. The method of claim 10, wherein verifying the certification document for correctness based on a smart contract and storing the hash value of the first electronic data when the certification document is verified for correctness comprises:
acquiring a verification key sent by a first client, wherein the verification key is a key corresponding to a certification key generated by adopting a zero-knowledge certification tool and a preset logic circuit;
verifying the correctness of the certification document through a first smart contract based on the verification key and the hash value of the first electronic data;
when the verification is correct, the hash value of the first electronic data is stored based on a second smart contract.
12. The method of claim 10, wherein after storing the hash value of the first electronic data, the method further comprises:
and sending uplink results to the first client and the second client.
13. A blockchain credentialing apparatus, said apparatus comprising:
the system comprises a first sending module, a second sending module and a third sending module, wherein the first sending module is used for sending an electronic data signing request to a second client, and the electronic data signing request comprises first electronic data;
the receiving module is used for receiving first signature information which is sent by a second client and corresponds to the hash value of the first electronic data;
the verification module is used for verifying the first signature information by adopting a preset first public key;
the generating module is used for generating a certification file by adopting a zero-knowledge certification algorithm when the verification is passed;
and the second sending module is used for sending the certification file and the hash value of the first electronic data to the blockchain system, so that the blockchain system stores the hash value of the first electronic data after verifying that the certification file is correct based on the intelligent contract.
14. A blockchain credentialing apparatus, said apparatus comprising:
the receiving module is used for receiving and responding to an electronic data signing request sent by a first client, and acquiring second electronic data and second signature information, wherein the second electronic data comprises first electronic data, and the second signature information is obtained by signing a hash value of the first electronic data by the first client;
the verification module is used for verifying the second signature information by adopting a preset second public key;
and the sending module is used for sending first signature information to the first client when the verification is passed, wherein the first signature information is obtained by signing the hash value of the first electronic data by the second client.
15. A blockchain credentialing apparatus, said apparatus comprising:
the receiving module is used for receiving the certification file sent by the first client and the hash value of the first electronic data;
and the storage module is used for verifying the correctness of the certification file based on the intelligent contract and storing the hash value of the first electronic data when the certification file is verified to be correct.
16. A block chain credit system is characterized in that the system comprises a first client, a second client and a block chain system, wherein the first client is respectively communicated with the second client and the block chain system, and the second client is communicated with the block chain system;
the first client is used for sending an electronic data signing request to a second client, receiving first signature information which is sent by the second client and corresponds to a hash value of the first electronic data, and verifying the first signature information by adopting a preset first public key; when the verification is passed, generating a certification file by adopting a zero-knowledge certification algorithm, and sending the certification file and the hash value of the first electronic data to the block chain system;
the second client is used for receiving and responding to the electronic data signing request sent by the first client, acquiring second electronic data and second signature information, and verifying the second signature information based on a preset second public key; when the verification is passed, sending first signature information to the first client;
the blockchain system is used for receiving the certification file sent by the first client and the hash value of the first electronic data; the correctness of the certification document is verified based on the smart contract, and the hash value of the first electronic data is stored when the certification document is verified to be correct.
17. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method of any of claims 1-6 or the method of any of claims 7-9 or the method of any of claims 10-12 when executing the program.
18. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the method of any one of claims 1-6 or the method of any one of claims 7-9 or the method of any one of claims 10-12.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110162452.XA CN112801663B (en) | 2021-02-05 | 2021-02-05 | Blockchain certification method, device, system, equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110162452.XA CN112801663B (en) | 2021-02-05 | 2021-02-05 | Blockchain certification method, device, system, equipment and medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112801663A true CN112801663A (en) | 2021-05-14 |
| CN112801663B CN112801663B (en) | 2024-03-19 |
Family
ID=75814506
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110162452.XA Active CN112801663B (en) | 2021-02-05 | 2021-02-05 | Blockchain certification method, device, system, equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112801663B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113129008A (en) * | 2021-05-19 | 2021-07-16 | 京东科技控股股份有限公司 | Data processing method and device, computer readable medium and electronic equipment |
| CN113326535A (en) * | 2021-06-01 | 2021-08-31 | 支付宝(杭州)信息技术有限公司 | Information verification method and device |
| CN114493940A (en) * | 2022-03-31 | 2022-05-13 | 湖南华菱电子商务有限公司 | Block chain-based electronic contract management method, device, equipment and storage medium |
| CN114614990A (en) * | 2022-02-28 | 2022-06-10 | 重庆市先进区块链研究院 | Block chain-based electronic contract signing method |
| CN114726541A (en) * | 2022-04-08 | 2022-07-08 | 平安国际智慧城市科技股份有限公司 | Electronic certificate reading method, device, equipment and storage medium |
| CN115277008A (en) * | 2022-07-01 | 2022-11-01 | 浪潮软件股份有限公司 | File signature management method and system based on block chain |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017063465A1 (en) * | 2015-10-16 | 2017-04-20 | 北京源创云网络科技有限公司 | Innovation and creativity data processing method, device and system and certificate storage device |
| CN109002732A (en) * | 2018-07-17 | 2018-12-14 | 深圳前海微众银行股份有限公司 | Data deposit card method, apparatus and system and data evidence collecting method |
| CN110287732A (en) * | 2019-05-15 | 2019-09-27 | 杭州趣链科技有限公司 | One kind depositing card method based on block chain electronic contract |
| CN110311782A (en) * | 2019-04-29 | 2019-10-08 | 山东工商学院 | Zero-knowledge proof method, system and the storage medium of personal information |
| CN111080295A (en) * | 2019-12-04 | 2020-04-28 | 腾讯科技(深圳)有限公司 | Block chain-based electronic contract processing method and equipment |
| CN111311172A (en) * | 2019-12-12 | 2020-06-19 | 曾广君 | Electronic signing method, system and storage medium |
| CN112035889A (en) * | 2020-09-03 | 2020-12-04 | 平安壹钱包电子商务有限公司 | Block chain privacy verification method and device for computing outsourcing and computer equipment |
-
2021
- 2021-02-05 CN CN202110162452.XA patent/CN112801663B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017063465A1 (en) * | 2015-10-16 | 2017-04-20 | 北京源创云网络科技有限公司 | Innovation and creativity data processing method, device and system and certificate storage device |
| CN109002732A (en) * | 2018-07-17 | 2018-12-14 | 深圳前海微众银行股份有限公司 | Data deposit card method, apparatus and system and data evidence collecting method |
| CN110311782A (en) * | 2019-04-29 | 2019-10-08 | 山东工商学院 | Zero-knowledge proof method, system and the storage medium of personal information |
| CN110287732A (en) * | 2019-05-15 | 2019-09-27 | 杭州趣链科技有限公司 | One kind depositing card method based on block chain electronic contract |
| CN111080295A (en) * | 2019-12-04 | 2020-04-28 | 腾讯科技(深圳)有限公司 | Block chain-based electronic contract processing method and equipment |
| CN111311172A (en) * | 2019-12-12 | 2020-06-19 | 曾广君 | Electronic signing method, system and storage medium |
| CN112035889A (en) * | 2020-09-03 | 2020-12-04 | 平安壹钱包电子商务有限公司 | Block chain privacy verification method and device for computing outsourcing and computer equipment |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113129008A (en) * | 2021-05-19 | 2021-07-16 | 京东科技控股股份有限公司 | Data processing method and device, computer readable medium and electronic equipment |
| CN113129008B (en) * | 2021-05-19 | 2023-09-22 | 京东科技控股股份有限公司 | Data processing method, device, computer readable medium and electronic equipment |
| CN113326535A (en) * | 2021-06-01 | 2021-08-31 | 支付宝(杭州)信息技术有限公司 | Information verification method and device |
| CN113326535B (en) * | 2021-06-01 | 2022-05-17 | 支付宝(杭州)信息技术有限公司 | Information verification method and device |
| CN114614990A (en) * | 2022-02-28 | 2022-06-10 | 重庆市先进区块链研究院 | Block chain-based electronic contract signing method |
| CN114614990B (en) * | 2022-02-28 | 2024-01-02 | 重庆市先进区块链研究院 | Electronic contract signing method based on block chain |
| CN114493940A (en) * | 2022-03-31 | 2022-05-13 | 湖南华菱电子商务有限公司 | Block chain-based electronic contract management method, device, equipment and storage medium |
| CN114726541A (en) * | 2022-04-08 | 2022-07-08 | 平安国际智慧城市科技股份有限公司 | Electronic certificate reading method, device, equipment and storage medium |
| CN114726541B (en) * | 2022-04-08 | 2023-12-22 | 平安国际智慧城市科技股份有限公司 | Electronic license reading method, device, equipment and storage medium |
| CN115277008A (en) * | 2022-07-01 | 2022-11-01 | 浪潮软件股份有限公司 | File signature management method and system based on block chain |
| CN115277008B (en) * | 2022-07-01 | 2024-04-12 | 浪潮软件股份有限公司 | Method and system for managing document signature based on blockchain |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112801663B (en) | 2024-03-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112801663B (en) | Blockchain certification method, device, system, equipment and medium | |
| US11799668B2 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
| CN109756485B (en) | Electronic contract signing method, electronic contract signing device, computer equipment and storage medium | |
| Yang et al. | Provable data possession of resource-constrained mobile devices in cloud computing | |
| CN109981287B (en) | Code signing method and storage medium thereof | |
| US11757640B2 (en) | Non-fungible token authentication | |
| CN112699353B (en) | Financial information transmission method and financial information transmission system | |
| CN105554018A (en) | Network real name verification method | |
| CN110569672A (en) | efficient credible electronic signature system and method based on mobile equipment | |
| CN109978543B (en) | Contract signing method and device, electronic equipment and storage medium | |
| CN111585995A (en) | Method and device for transmitting and processing safety wind control information, computer equipment and storage medium | |
| CN113434882A (en) | Communication protection method and device of application program, computer equipment and storage medium | |
| CN116506134B (en) | Digital certificate management method, device, equipment, system and readable storage medium | |
| CN110381114B (en) | Interface request parameter processing method and device, terminal equipment and medium | |
| CN116684104A (en) | RSA2 signature rechecking method and device of API (application program interface), electronic equipment and medium | |
| CN117155549A (en) | Key distribution method, key distribution device, computer equipment and storage medium | |
| CN110708155A (en) | Copyright information protection method, copyright information protection system, copyright confirming method, copyright confirming device, copyright confirming equipment and copyright confirming medium | |
| CN113285934B (en) | Method and device for detecting IP (Internet protocol) of server cryptographic machine client based on digital signature | |
| CN115442037A (en) | Account management method, device, equipment and storage medium | |
| CN114553557A (en) | Key calling method, key calling device, computer equipment and storage medium | |
| CN109902515B (en) | True data verification method and system | |
| US11777717B2 (en) | Method for end entity attestation | |
| JP2002006739A (en) | Authentication information generating device and data verifying device | |
| CN115987525A (en) | Method and device for adding authorized signature data | |
| CN115694818A (en) | Data consistency checking method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |