CN113132095A

CN113132095A - Block chain cross-chain supervision method, system, device and computer storage medium

Info

Publication number: CN113132095A
Application number: CN201911422261.1A
Authority: CN
Inventors: 李武璐; 来鑫; 张骁; 陈磊
Original assignee: Shenzhen Onething Technology Co Ltd
Current assignee: Shenzhen Onething Technology Co Ltd; Shenzhen Xunlei Network Technology Co Ltd
Priority date: 2019-12-31
Filing date: 2019-12-31
Publication date: 2021-07-16
Anticipated expiration: 2039-12-31
Also published as: CN113132095B

Abstract

The application discloses a block chain cross-chain supervision method, a system, a device and a computer storage medium, which are applied to a target block chain node to obtain a first commitment value stored in a first block chain; acquiring second discrete password group information applied by a second block chain, and acquiring second numerical value information which meets a preset relation with the first numerical value information; calculating second numerical value information based on the second discrete password information to obtain a second commitment value; generating certification information for certifying whether the first numerical information and the second numerical information meet a preset relationship through a zero-knowledge certification method, the first commitment value and the second commitment value; and issuing the second commitment value and the certification information to the block chain verification node so that the block chain verification node links the second commitment value to the second block chain after verifying that the first numerical value information and the second numerical value information meet the preset relation through the certification information. And cross-chain supervision of information in the block chain is realized.

Description

Block chain cross-chain supervision method, system, device and computer storage medium

Technical Field

The present application relates to the field of information security technologies, and in particular, to a method, a system, an apparatus, and a computer storage medium for block chain cross-chain supervision.

Background

With the development of communication technology, users have higher requirements on information security and transmission, and under such an environment, the blockchain receives attention from the users by virtue of the advantages of decentralization, non-tampering and traceability. The Blockchain (Blockchain) is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like, is an important concept of the bitcoin, is essentially a decentralized database, is used as a bottom layer technology of the bitcoin, is a series of data blocks which are produced by correlation through a cryptography method, and each data block contains information of a batch of bitcoin network transactions and is used for verifying the validity (anti-counterfeiting) of the information and generating the next block. However, in the application process of the block chain, in order to better hide the privacy information of the user, such as hiding transaction information of the user in the block chain, menuo currency comes from the beginning, with the help of menuo currency, other users can only know that a certain user has performed a transaction, but cannot know specific user information, so that the user identity and numerical information transmitted by the user need to be supervised, for example, a supervision node is preset in the block chain system, and the user is managed with the help of the supervision node.

However, in the application process of the privacy protection blockchain, when a user stores own information in different blockchains, for example, when the user is in cross-border transaction, information such as quotation, quantity, total price, and the like may be hidden and stored in different blockchains respectively, at this time, it is required that user privacy data can freely flow in corresponding supervision ranges of different blockchains, and it is required that the user can calculate according to the privacy data belonging to the supervision ranges of different blockchains, so that different blockchains can only store part of information of the user, and there may be a correlation between information stored in different blockchains, and the privacy protection blockchain cannot determine whether information stored in different blockchains belongs to the same user, and cannot determine whether there is a correlation between information stored in different blockchains.

In summary, how to implement data and computation chain-crossing supervision for the same user by using different block chains is a problem to be urgently solved by those skilled in the art.

Disclosure of Invention

The application aims to provide a block chain cross-chain supervision method which can solve the technical problem of how to realize data and calculation cross-chain supervision on the same user by means of different block chains to a certain extent. The application also provides a block chain cross-chain supervision system, a block chain cross-chain supervision device and a computer readable storage medium.

In order to achieve the above object, the present application provides a block chain cross-chain supervision method, applied to a target block chain node, including:

obtaining a first commitment value stored in a first block chain, wherein the first commitment value is a value obtained by the target block chain node after the target block chain node operates first numerical information based on first discrete cipher group information applied by the first block chain;

acquiring second discrete password group information applied by a second block chain, and acquiring second numerical value information meeting a preset relation with the first numerical value information;

calculating the second numerical value information based on the second discrete password information to obtain a second commitment value;

generating certification information which proves whether the first numerical information and the second numerical information meet the preset relationship through a zero-knowledge certification method and the first commitment value and the second commitment value;

and issuing the second commitment value and the certification information to the blockchain verification node so that the blockchain verification node verifies whether the first numerical information and the second numerical information meet the preset relation through the certification information.

Preferably, the preset relationship includes that the first numerical information and the second numerical information satisfy a preset ratio.

Preferably, the generating, by the zero knowledge proving method and the first and second commitment values, proving whether the first numerical information and the second numerical information satisfy the preset relationship includes:

calculating the first commitment value and the preset proportion according to a proportion calculation formula to obtain a proportion commitment value;

selecting three random numbers, and calculating the three random numbers, the proportional commitment value and the second commitment value based on a first calculation formula to obtain a first calculation result;

generating zero-knowledge proof results of the first commitment value and the second commitment value according to a first equation based on the first operation result;

taking the first operation result and the zero knowledge proof result as the proof information;

the block chain verification node verifies whether a second equation is satisfied or not based on the first operation result and the zero knowledge proof result, if so, the first numerical information and the second numerical information are judged to satisfy the preset proportion, and if not, the first numerical information and the second numerical information are judged not to satisfy the preset proportion;

the proportional operation formula comprises:

the first operation formula includes:

z₁＝r₁+exγ,z₂＝r₂+ey,z₃＝r+eab；

the first equation comprises:

the second equation comprises:

wherein, c₄Representing the proportional commitment value; gamma represents the preset ratio; e. z is a radical of₁、z₂、z₃Representing the result of the first operation; r is₁、r₂And r represents the three random numbers; h represents a hash algorithm;

c₁representing the first commitment value, g representing a discrete cipher group generator, h₁Representing a first encryption group element generated based on the discrete cipher group generator in the first discrete cipher group information, a representing the first numerical value information, and x representing a random number generated by the target block chain node;

c₂represents the second commitment value, h₂Representing a second cryptographic group element generated based on the discrete cryptographic group generator in the second discrete cryptographic group information, b representing the second numerical information, and y representing a random number generated by the target block chain node;

representing the zero knowledge proof result.

Preferably, the obtaining second discrete cipher group information applied to the second blockchain and obtaining second numerical information that satisfies a preset relationship with the first numerical information include:

acquiring a third commitment value obtained by calculating third numerical information based on third discrete password group information applied by a third block chain;

according to the preset relation, calculating the first numerical information and the third numerical information to obtain second numerical information;

generating certification information that certifies whether the first numerical information and the second numerical information satisfy the preset relationship through the zero-knowledge certification method, the first commitment value, and the second commitment value, includes:

generating certification information certifying whether the first numerical information, the second numerical information, and the third numerical information satisfy the preset relationship through the zero knowledge certification method and the first commitment value, the second commitment value, and the third commitment value;

and the block chain verification node verifies whether the first commitment value, the second commitment value and the third commitment value meet the preset relation through the certification information.

Preferably, the second blockchain is the same as the third blockchain, and the preset relationship includes that the second numerical information is a sum of the first numerical information and the third numerical information;

generating certification information that certifies whether the first numerical information, the second numerical information, and the third numerical information satisfy the preset relationship through the zero knowledge certification method and the first commitment value, the second commitment value, and the third commitment value, including:

calculating a quotient of the second commitment value and the third commitment value, and generating a zero-knowledge proof result pi (c) of the quotient based on the first commitment value₂/c₃,c₁)；

Proving the zero knowledge result pi (c)₂/c₃,c₁) As the certification information;

wherein, after receiving the certification information, the blockchain verification node calculates a ratio of the second commitment value to the third commitment value, and verifies the zero-knowledge certification result pi (c) based on the ratio₂/c₃,c₁) Is turning toDetermining if the zero knowledge proof result is pi (c)₂/c₃,c₁) If the second numerical value is correct, the second numerical value is proved to be the sum of the first numerical value and the third numerical value;

wherein the content of the first and second substances,

c₂representing the second commitment value, g representing a discrete cipher group generator, h₂Representing a second cryptographic group element generated based on the discrete cryptographic group generator in the second discrete cryptographic group information, b representing the second numerical information, and z representing a random number generated by the target block chain node;

c₁represents the first commitment value, h₁Representing a first encryption group element generated based on the discrete cipher group generator in the first discrete cipher group information, a representing the first numerical value information, and x representing a random number generated by the target block chain node;

c₃represents the third commitment value, h₂Represents a third cryptographic group element in the third discrete cryptographic group information generated based on the discrete cryptographic group generator, d represents the third numerical information, and b ═ a + d, y represents a random number generated by the target blockchain node.

Preferably, the second block chain is the same as the third block chain, and the preset relationship includes that the second numerical information is a product of the first numerical information and the third numerical information;

selecting five random numbers, calculating the five random numbers, the first commitment value, the second commitment value and the third commitment value based on a third calculation formula to obtain a third calculation result, and taking the third calculation result as the certification information;

the block chain verification node verifies whether a third equation is satisfied or not based on the third operation result, if so, determines that second numerical information is a product of the first numerical information and the third numerical information, and if not, determines that the second numerical information is not the product of the first numerical information and the third numerical information;

the third operation formula includes:

z₁＝r₁+ex,z₂＝r₂+ea,z₃＝r+ey,z₄＝r₄+ed,z₅＝r₅+e(z-ya)；

the third equation includes:

wherein e, z₁、z₂、z₃、z₄、z₅Representing the result of the third operation; r is₁、r₂、r₃、r₄、r₅Represents the five random numbers; h represents a hash algorithm;

c₃represents the third commitment value, h₂A third cryptographic group element generated based on the discrete cryptographic group generator in the third discrete cryptographic group information is represented, d represents the third numerical information, and b ═ a × d, y represents a random number generated by the target block chain node.

Preferably, the second block chain and the third block chain are two different chains, and the preset relationship includes that the second numerical information is a sum of the first numerical information and the third numerical information;

converting the first numerical information and the third numerical information into a first conversion commitment value and a third conversion commitment value on the second blockchain through a first conversion formula, giving a bottom conversion certificate between the first commitment value and the first conversion commitment value, and giving a bottom conversion certificate between the third commitment value and the third conversion commitment value;

selecting a random number, calculating the random number, the first conversion commitment value, the second commitment value and the third conversion commitment value based on a fourth calculation formula to obtain a fourth calculation result, and taking the fourth calculation result as the certification information;

the block chain verification node verifies whether a fourth equation is satisfied or not based on the fourth operation result, if so, determines that the second numerical information is a sum of the first numerical information and the third numerical information, and if not, determines that the second numerical information is not the sum of the first numerical information and the third numerical information;

the first conversion formula includes:

the fourth operation formula includes:

e＝H(g^r)；

w＝r+e(z-x'-y')；

the fourth equation includes:

wherein H represents a hash algorithm;

c₃represents the third commitment value, h₃Representing a third cryptographic group element generated based on the discrete cryptographic group generator in the third discrete cryptographic group information, dRepresents the third numerical information, and b ═ a + d, y represents a random number generated by the target blockchain node; c'₁Represents the first conversion commitment value, x' represents a random number generated by the target block chain node; c'₃Represents the third conversion commitment value, y' represents a random number generated by the target block chain node; e. w represents the result of the fourth operation, and r represents the one random number; II type_swit(c₁,c'₁) A transmutation credential representing a difference between the first commitment value and the first transformed commitment value; II type_swit(c₃,c'₃) Represents a tradeoffs between the third commitment value and the third transformed commitment value.

Preferably, the second block chain is different from the third block chain, and the preset relationship includes that the second numerical information is a product of the first numerical information and the third numerical information;

selecting five random numbers, calculating the five random numbers, the first conversion commitment value, the second commitment value and the third conversion commitment value based on a fifth calculation formula to obtain a fifth calculation result, and using the fifth calculation result as the certification information;

the block chain verification node verifies whether a fifth equation is established or not based on the fifth operation result, if so, the second numerical information is determined to be the product of the first numerical information and the third numerical information, and if not, the second numerical information is determined not to be the product of the first numerical information and the third numerical information;

the first conversion formula includes:

the fifth operation formula includes:

z₁＝r₁+ex',z₂＝r₂+ea,z₃＝r+ey',z₄＝r₄+ed,z₅＝r₅+e(z-y'a)；

the fifth equation includes:

wherein e, z₁、z₂、z₃、z₄、z₅Representing the result of the fifth operation; r is₁、r₂、r₃、r₄、r₅Represents the five random numbers; h represents a hash algorithm;

c₁represents the first commitment value, h₁Representing a generator of the first discrete cryptographic group information based on the discrete cryptographic groupA represents the first numerical information, and x represents a random number generated by the target block chain node;

c₃represents the third commitment value, h₃Representing a third cryptographic group element generated based on the discrete cryptographic group generator in the third discrete cryptographic group information, d representing the third numerical information, and b ═ a × d, y representing a random number generated by the target block chain node; c'₁Represents the first conversion commitment value, x' represents a random number generated by the target block chain node; c'₃Represents the third conversion commitment value, y' represents a random number generated by the target block chain node; II type_swit(c₁,c'₁) A transmutation credential representing a difference between the first commitment value and the first transformed commitment value; II type_swit(c₃,c'₃) Represents a tradeoffs between the third commitment value and the third transformed commitment value.

Preferably, the discrete cipher group information includes a discrete cipher group generating element and an encryption group element, the encryption group element includes a trap door random number generated by the supervisory node based on a preset format and a cipher group obtained after the discrete cipher group generating element is operated, and the trap door random number is a trap door stored by the supervisory node.

The application provides a block chain cross-chain supervision method, which is applied to a block chain verification node and comprises the following steps:

receiving a second commitment value issued by a target block chain node, wherein the second commitment value is obtained by the target block chain node after calculating second numerical information based on second discrete cipher group information applied by a second block chain;

receiving certification information issued by the target block chain node, wherein the certification information is information which proves whether the target block chain link point meets a preset relationship or not through a zero knowledge certification method, a first commitment value and a second commitment value, and the generated first numerical value information and the second numerical value information meet the preset relationship, the first commitment value is a value which is obtained after the target block chain node calculates the first numerical value information based on first discrete cipher group information applied to a first block chain, and the first numerical value information and the second numerical value information meet the preset relationship;

and verifying whether the first numerical information and the second numerical information meet the preset relationship through the certification information, and if so, chaining the second commitment value to the second block chain.

In order to achieve the above object, the present application further provides a system for monitoring a blockchain across chains, applied to a target blockchain node, including:

a first obtaining module, configured to obtain a first commitment value stored in a first block chain, where the first commitment value is a value obtained by operating, by a target block chain node, first numerical information based on first discrete cipher group information applied by the first block chain;

the second acquisition module is used for acquiring second discrete password group information applied by a second block chain and acquiring second numerical value information which meets a preset relation with the first numerical value information;

the first operation module is used for operating the second numerical value information based on the second discrete password information to obtain a second commitment value;

a first generation module, configured to generate, through a zero knowledge certification method and the first commitment value and the second commitment value, certification information that certifies whether the first numerical information and the second numerical information satisfy the preset relationship;

the first issuing module is configured to issue the second commitment value and the certification information to the blockchain verification node, so that the blockchain verification node verifies whether the first numerical information and the second numerical information satisfy the preset relationship through the certification information.

To achieve the above object, the present application further provides a device for managing blockchain information, the device including a memory and a processor, the memory storing thereon a blockchain cross-chain supervisor executable on the processor, the blockchain cross-chain supervisor implementing the method as described in any one of the above when executed by the processor.

To achieve the above object, the present application further provides a computer-readable storage medium having stored thereon a blockchain cross-chain hypervisor, which is executable by one or more processors to implement the blockchain cross-chain supervisory method as described in any one of the above.

The block chain cross-chain supervision method is applied to a target block chain node, and a first commitment value stored in a first block chain is obtained, wherein the first commitment value is a value obtained by the target block chain node after operation of first numerical information based on first discrete cipher group information applied to the first block chain; acquiring second discrete password group information applied by a second block chain, and acquiring second numerical value information which meets a preset relation with the first numerical value information; calculating second numerical value information based on the second discrete password information to obtain a second commitment value; generating certification information for certifying whether the first numerical information and the second numerical information meet a preset relationship through a zero-knowledge certification method, the first commitment value and the second commitment value; and issuing the second commitment value and the certification information to the block chain verification node so that the block chain verification node verifies whether the first numerical value information and the second numerical value information meet the preset relation through the certification information. In the block chain cross-chain supervision method provided by the present application, a target block chain node utilizes first discrete cipher group information applied by a first block chain and second discrete cipher group information applied by a second block chain, generating certification information for certifying that the first numerical information and the second numerical information satisfy a preset relationship through a zero-knowledge certification method and a commitment value, and issues certification information to the blockchain verification node so that the blockchain verification node verifies whether the first numerical information and the second numerical information satisfy a preset relationship through the certification information, therefore, the second numerical information meeting the preset relation with the first numerical information can be supervised by the second block chain, cross-chain supervision of information in the block chain is achieved, in addition, the block chain verification node can not obtain specific numerical information by means of a commitment value and zero knowledge proving method, and privacy of the numerical information in the target block chain link point is protected. The system, the device and the computer-readable storage medium for block chain cross-chain supervision solve the corresponding technical problems.

Drawings

In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.

FIG. 1 is a schematic flow chart of a first embodiment of the present application;

FIG. 2 is a schematic flow chart of a second embodiment of the present application;

FIG. 3 is a schematic flow chart of a third embodiment of the present application;

FIG. 4 is a schematic flow chart of a fourth embodiment of the present application;

fig. 5 is a schematic structural diagram of a block chain inter-chain supervision system according to an embodiment of the present application;

fig. 6 is a schematic diagram illustrating an internal structure of a block chain inter-chain supervision apparatus according to an embodiment of the present application.

Detailed Description

The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

The terms "first," "second," "third," "fourth," and the like in the description and in the claims of the present application and in the drawings described above, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It will be appreciated that the data so used may be interchanged under appropriate circumstances such that the embodiments described herein may be practiced otherwise than as specifically illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.

It should be noted that the description relating to "first", "second", etc. in the present invention is for descriptive purposes only and is not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one such feature. In addition, technical solutions between various embodiments may be combined with each other, but must be realized by a person skilled in the art, and when the technical solutions are contradictory or cannot be realized, such a combination should not be considered to exist, and is not within the protection scope of the present invention.

The application provides a block chain cross-chain supervision method.

Referring to fig. 1, fig. 1 is a schematic flow chart of a first embodiment of the present application.

In a first embodiment, a block chain cross-chain supervision method provided by the present application is applied to a target block chain node, and may include the following steps:

step S101: and acquiring a first commitment value stored in the first block chain, wherein the first commitment value is obtained after the first value information is operated based on the first discrete cipher group information applied to the first block chain.

In practical applications, the target blockchain node may first obtain a first commitment value stored in the first blockchain, where the first commitment value is a value obtained by the target blockchain node after performing an operation on first numerical information based on first discrete cipher group information applied to the first blockchain, and the first discrete cipher group applied to the first blockchain refers to a discrete cipher group set for the first blockchain by the privacy protection blockchain and used for processing data on the first blockchain. It should be noted that the types of the target block chain node, the first block chain, and the first numerical information may be determined according to an actual application scenario, for example, the target block chain node may be a block chain node applied by an employee of a certain company, the first block chain may be a block chain that is set by the company and stores the amount information of the employee, that is, a block chain that supervises the amount information of the employee, and the like, and the first numerical information may be wages of the employee, and the like; the type of the discrete cipher group in the first discrete cipher group information can be determined according to actual needs, for example, the type of the discrete cipher group can be elliptic curve group, and the number and the interrelation of the discrete cipher groups in the first discrete cipher group information can be determined according to actual needs, for example, the first discrete cipher group information can include a discrete cipher group generator and an encryption group element; in addition, the principle and function of the commitment value related to the present application are the same as those of the existing monetary commitment, and are not described herein again.

In a specific application scenario, the first commitment value acquired by the target block chain node may be a commitment value generated by the target block chain node and stored in the first block chain, in this process, the target block chain node may generate a random number hiding the first numerical information, and operate the first discrete cipher group information, the first numerical information, and the random number according to a preset format to obtain the first commitment value, where the preset format may be α^βα represents a discrete cipher group, and β represents a numerical value or a random number.

Step S102: and acquiring second discrete password group information applied by the second block chain, and acquiring second numerical value information which meets a preset relation with the first numerical value information.

In practical application, taking a target block chain node as a block chain node applied by an employee as an example, the employee may jump to another company due to some reasons during a working process, and block chains for supervising the employee set by the two companies are different, and it is assumed that the block chain for supervising the user set by the company after the employee jumps is a second block chain, so that after the employee jumps, corresponding information of the employee needs to be handed over to be supervised by the second block chain from the original first block chain, that is, the target block chain node needs to process its own numerical information by using second discrete cipher group information applied by the second block chain. In the process, the target block chain node may first obtain the second discrete cipher group information applied to the second block chain and obtain the second numerical information satisfying the preset relationship with the first numerical information.

Step S103: and calculating the second numerical value information based on the second discrete password information to obtain a second commitment value.

In practical application, after the target block chain node acquires the second discrete cipher group information and the second numerical value information, the second numerical value information can be operated based on the second discrete cipher group information to obtain a second commitment value, so that the block chain verification node cannot acquire specific second numerical value information, and the second numerical value information is hidden.

Step S104: and generating certification information for certifying whether the first numerical information and the second numerical information meet a preset relationship through a zero-knowledge certification method, the first commitment value and the second commitment value.

In practical applications, a target block chain node can accurately acquire a preset relationship between first numerical information and second numerical information, however, a block chain verification node in an existing privacy protection block chain cannot acquire the preset relationship between the first numerical information and the second numerical information, so that the block chain verification node cannot determine whether the first numerical information and the second numerical information of a target block chain link point stored in the block chain satisfy the preset relationship, that is, does not have a supervision function And the second commitment value is used for generating certification information for certifying whether the first numerical information and the second numerical information meet the preset relationship, and since the zero knowledge certification method enables an external verification party not to know specific numerical information, the certification information generated by the zero knowledge certification method can be used for verifying whether the first numerical information and the second numerical information meet the preset relationship under the condition of hiding the first numerical information and the second numerical information of the target block chain node. It should be noted that during the application of the commitment value, the commitment value and the traceable interval certification of the commitment value need to be used together.

Step S105: and issuing the second commitment value and the certification information to the block chain verification node so that the block chain verification node links the second commitment value to the second block chain after verifying that the first numerical value information and the second numerical value information meet the preset relation through the certification information.

In practical application, after the target block link point generates the certification information, the certification information may be issued to the block chain verification node, so that the block chain verification node verifies whether the first numerical information and the second numerical information satisfy the preset relationship through the certification information under the condition that the specific numerical value cannot be obtained, and after the block chain verification node verifies that the first numerical information and the second numerical information satisfy the preset relationship, the second commitment value is linked to the second block chain, and after the second commitment value is linked to the second block chain, the second numerical information is subjected to second block chain supervision.

It should be noted that when the numerical information is specifically transmitted by the target blockchain node, cross-chain supervision of the data of the target blockchain node can be realized; when the numerical information is information specifically transmitted by the target block chain link point and the preset relationship comprises a calculation relationship, cross-chain supervision of calculation of the target block chain node can be realized.

It should be noted that in the block chain cross-chain supervision method provided by the application, the supervision node on the block chain does not need to personally confirm whether the first numerical information and the second numerical information meet the preset relationship, and does not need to be responsible for specific work such as packaging transaction, accounting, block output and the like, so that static supervision is realized, and the requirements on the calculation capacity and the storage capacity of a supervisor are low; in addition, the supervision nodes belonging to different block chains can only supervise identity or amount information within the supervision range of the supervision nodes, and cannot supervise user information outside the supervision range of the supervision nodes, so that the privacy of users is reasonably protected; moreover, by means of the block chain cross-chain supervision method provided by the application, the target block chain link point can automatically select the required block chain, and the time for adding or withdrawing the block chain can be selected, so that the constraint of the privacy protection block chain on the target block chain node is reduced, and the characteristic of self decentralization is improved.

The block chain cross-chain supervision method is applied to a target block chain node, and a first commitment value stored in a first block chain is obtained, wherein the first commitment value is a value obtained by the target block chain node after operation of first numerical information based on first discrete cipher group information applied to the first block chain; acquiring second discrete password group information applied by a second block chain, and acquiring second numerical value information which meets a preset relation with the first numerical value information; calculating second numerical value information based on the second discrete password information to obtain a second commitment value; generating certification information for certifying whether the first numerical information and the second numerical information meet a preset relationship through a zero-knowledge certification method, the first commitment value and the second commitment value; and issuing the second commitment value and the certification information to the block chain verification node so that the block chain verification node verifies whether the first numerical value information and the second numerical value information meet the preset relation through the certification information. In the block chain cross-chain supervision method provided by the present application, a target block chain node utilizes first discrete cipher group information applied by a first block chain and second discrete cipher group information applied by a second block chain, generating certification information for certifying that the first numerical information and the second numerical information satisfy a preset relationship through a zero-knowledge certification method and a commitment value, and issues certification information to the blockchain verification node so that the blockchain verification node verifies whether the first numerical information and the second numerical information satisfy a preset relationship through the certification information, therefore, the second numerical information meeting the preset relation with the first numerical information can be supervised by the second block chain, cross-chain supervision of information in the block chain is achieved, in addition, the block chain verification node can not obtain specific numerical information by means of a commitment value and zero knowledge proving method, and privacy of the numerical information in the target block chain link point is protected.

In the first embodiment, when the target blockchain node supervises across the blockchain, the same numerical information of the user supervised by the first blockchain and the second blockchain may exist, that is, the first numerical information supervised by the first blockchain and the second numerical information supervised by the second blockchain satisfy the preset ratio, in this case, the preset relationship includes that the first numerical information and the second numerical information satisfy the preset ratio.

In the first embodiment, in order to improve the operation efficiency, the process of generating the certification information that proves whether the first numerical information and the second numerical information satisfy the preset relationship by using the zero knowledge certification method, the first commitment value, and the second commitment value may specifically be:

taking the first operation result and the zero knowledge proving result as proving information;

the block chain verification node verifies whether a second equation is established or not based on the first operation result and the zero knowledge proof result, if yes, the first numerical information and the second numerical information are judged to meet the preset proportion, and if not, the first numerical information and the second numerical information are judged not to meet the preset proportion;

the proportional operation formula comprises:

the first operation formula includes:

z₁＝r₁+exγ,z₂＝r₂+ey,z₃＝r+eab；

the first equation includes:

the second equation includes:

wherein, c₄Indicating a proportional commitment value; gamma represents a preset ratio; e. z is a radical of₁、z₂、z₃Representing a result of the first operation; r is₁、r₂R represents three random numbers; h represents a hash algorithm;

c₁representing a first commitment value, g representing a discrete cipher group generator, h₁Representing a first encryption group element generated based on a discrete encryption group generating element in first discrete encryption group information, a representing first numerical value information, and x representing a random number generated by a target block chain node;

c₂represents the second commitment value, h₂Representing a second encryption group element generated based on a discrete encryption group generating element in second discrete encryption group information, b representing second numerical value information, and y representing a random number generated by a target block chain node;

representing zero knowledge proof results.

Referring to fig. 2, fig. 2 is a schematic flow chart of a second embodiment of the present application.

In a second embodiment, a block chain cross-chain supervision method provided by the present application is applied to a target block chain node, and may include the following steps:

step S201: and acquiring a first commitment value stored in the first block chain, wherein the first commitment value is a value obtained by the target block chain node after the target block chain node calculates the first numerical information based on the first discrete cipher group information applied by the first block chain.

Step S202: obtaining third numerical information and a third commitment value obtained by calculating the third numerical information based on third discrete password group information applied by a third block chain;

step S203: and according to a preset relation, calculating the first numerical information and the third numerical information to obtain second numerical information.

Step S204: and calculating the second numerical value information based on the second discrete password information to obtain a second commitment value.

In practical application, the numerical information of the target block chain node may be saved and monitored by a plurality of block chains, taking the target block chain node for cross-border transaction as an example, the numerical value generated by the target block chain node in the cross-border transaction may include the quantity of goods, the unit price of goods and the total price of goods, the unit price of goods may be saved and monitored by foreign block chains, the quantity of goods may be saved and monitored by a block chain in charge of customs, the total price of goods may be saved and monitored by domestic block chains, so that each block chain can only save and monitor the numerical information in the self-monitoring range, each block chain cannot know the numerical information outside the self-monitoring range and cannot know the relationship between the self-monitoring numerical value and the numerical values monitored by other block chains, and thus the privacy protection block chain cannot supervise the whole process of cross-border transaction of the target block chain node, for example, the privacy-preserving blockchain cannot determine whether the total price of the good is equal to the product of the quantity of the good and the unit price of the good. In order to enable the privacy protection block chain to supervise a plurality of information of the target block chain node, taking the numerical information of the target block chain node as three examples, in the second embodiment, the target block chain node may obtain a third commitment value obtained by calculating third numerical information based on third discrete cipher group information applied by a third block chain, and the third numerical information, the second numerical information and the first numerical information satisfy a preset relationship.

Step S205: and generating certification information for certifying whether the first numerical information, the second numerical information and the third numerical information meet the preset relationship through a zero-knowledge certification method and the first commitment value, the second commitment value and the third commitment value.

In practical application, after the target block chain node obtains the third commitment value, certification information for certifying whether the first numerical information, the second numerical information, and the third numerical information satisfy a preset relationship may be generated by a zero knowledge certification method, the first commitment value, the second commitment value, and the third commitment value.

Step S206: and issuing the second commitment value and the certification information to the blockchain verification node so that the blockchain verification node verifies whether the first commitment value, the second commitment value and the third commitment value meet the preset relation through the certification information.

In the second embodiment, when the target block chain node applies its own numerical information, it may need to perform an addition operation on the numerical information, that is, the preset relationship may include an addition operation relationship, for example, the second numerical information is a sum of the first numerical information and the third numerical information, and if the second block chain is the same as the third block chain, the target block chain node generates a procedure of proving whether the first numerical information, the second numerical information, and the third numerical information satisfy the preset relationship by using a zero knowledge proving method and the first commitment value, the second commitment value, and the third commitment value, which may specifically be:

Proof the result of zero knowledge pi (c)₂/c₃,c₁) As certification information;

after receiving the certification information, the block chain verification node calculates the ratio of the second commitment value to the third commitment value, and checks a zero knowledge certification result pi (c) based on the ratio₂/c₃,c₁) If the correctness of the method is judged to be zero, the knowledge proves that the result is pi (c)₂/c₃,c₁) If the second value is correct, the second value is proved to be the sum of the first value and the third value;

wherein the content of the first and second substances,

c₂representing a second commitment value, g representing a discrete cipher group generator, h₂Representing a second encryption group element generated based on a discrete encryption group generator in the second discrete encryption group information, b representing second numerical information, and z representing a random number generated by a target block chain node;

c₁represents the first commitment value, h₁Representing a first encryption group element generated based on a discrete encryption group generating element in first discrete encryption group information, a representing first numerical value information, and x representing a random number generated by a target block chain node;

c₃represents a third commitment value, g represents a third discrete cipher group generator in the third discrete cipher group information, h₂Denotes a third cryptographic group element in the third discrete cryptographic group information, d denotes third numerical information, and b ═ a + d, y denotes a random number generated by the target blockchain node.

In the second embodiment, when the target block chain node applies its own numerical information, it may need to perform a multiplication operation on the numerical information, that is, the preset relationship may include a multiplication operation relationship, for example, the second numerical information is a product of the first numerical information and the third numerical information, and if the second block chain is the same as the third block chain, the target block chain node generates a procedure of proving whether the first numerical information, the second numerical information, and the third numerical information satisfy the preset relationship by using a zero knowledge proving method and the first commitment value, the second commitment value, and the third commitment value, which may specifically be:

selecting five random numbers, calculating the five random numbers, the first commitment value, the second commitment value and the third commitment value based on a third calculation formula to obtain a third calculation result, and taking the third calculation result as certification information;

the block chain verification node verifies whether a third equation is established or not based on a third operation result, if so, the second numerical information is judged to be the product of the first numerical information and the third numerical information, and if not, the second numerical information is judged not to be the product of the first numerical information and the third numerical information;

the third operation formula includes:

z₁＝r₁+ex,z₂＝r₂+ea,z₃＝r+ey,z₄＝r₄+ed,z₅＝r₅+e(z-ya)；

the third equation includes:

wherein e, z₁、z₂、z₃、z₄、z₅Representing the result of the third operation; r is₁、r₂、r₃、r₄、r₅Represents five random numbers; h represents a hash algorithm;

c₂representing a second commitment value, g representing a discrete cipher group generator, h₂A second adder representing a discrete cipher group generator generation based on the second discrete cipher group informationA dense group element, b represents second numerical information, and z represents a random number generated by a target block chain node;

c₃represents a third commitment value, h₂A third cryptographic group element generated based on the discrete cryptographic group generator in the third discrete cryptographic group information is represented, d represents third numerical information, and b ═ a × d, y represents a random number generated by the target block chain node.

Referring to fig. 3, fig. 3 is a schematic flow chart of a third embodiment of the present application.

In a third embodiment, a block chain cross-chain supervision method provided by the present application is applied to a target block chain node, and may include the following steps:

step S301: and acquiring a first commitment value stored in the first block chain, wherein the first commitment value is a value obtained by the target block chain node after the target block chain node calculates the first numerical information based on the first discrete cipher group information applied by the first block chain.

Step S302: acquiring a third commitment value obtained by calculating third numerical information based on third discrete password group information applied by a third block chain;

step S303: and according to a preset relation, calculating the first numerical information and the third numerical information to obtain second numerical information.

Step S304: and calculating the second numerical value information based on the second discrete password information to obtain a second commitment value.

Step S305: judging whether the first discrete password group information, the second discrete password group information and the third discrete password group information are different; if yes, go to step S306; if not, go to step S307.

Step S306: and (4) ensuring that the corresponding numerical information is unchanged, converting the first commitment value and the third commitment value into a first conversion commitment value and a third conversion commitment value belonging to the second block chain, generating certification information for certifying whether the first numerical information, the second numerical information and the third numerical information meet a preset relationship through a zero knowledge certification method, the first conversion commitment value, the second commitment value and the third conversion commitment value, and executing step S308.

Step S307: generating certification information certifying whether the first numerical information, the second numerical information, and the third numerical information satisfy the preset relationship through a zero-knowledge certification method and the first commitment value, the second commitment value, and the third commitment value, and executing step S308.

Step S308: and issuing the second commitment value and the certification information to the blockchain verification node so that the blockchain verification node verifies whether the first commitment value, the second commitment value and the third commitment value meet the preset relation through the certification information.

It should be noted that, in the second embodiment, the same blockchain exists among the first blockchain, the second blockchain, and the third blockchain, so that the target blockchain node only uses two different discrete cipher group information when generating the corresponding commitment value, and at this time, the first numerical information, the second numerical information, and the third numerical information may be verified according to the above method; in an actual application scenario, a situation that the first block chain, the second block chain, and the third block chain are different may exist, and in this case, in order to reduce the difficulty in verifying whether the first numerical information, the second numerical information, and the third numerical information satisfy the preset relationship, the target block chain node generates the certification information that proves whether the first numerical information, the second numerical information, and the third numerical information satisfy the preset relationship by using a zero knowledge certification method, the first commitment value, the second commitment value, and the third commitment value, specifically may be: judging whether the first discrete password group information, the second discrete password group information and the third discrete password group information are different;

and if the first discrete password group information, the second discrete password group information and the third discrete password group information are different, ensuring that the corresponding numerical value information is unchanged, converting the first commitment value and the third commitment value into a first conversion commitment value and a third conversion commitment value which belong to a second block chain, and generating certification information for certifying whether the first numerical value information, the second numerical value information and the third numerical value information meet a preset relationship through a zero knowledge certification method, the first conversion commitment value, the second commitment value and the third conversion commitment value.

To be provided with

For example, c can be started₁、c₃Conversion to base-identity commitment values, e.g. c₁、c₃Is converted into a base of h₅The commitment value of (a):

and give c₁And c₁' knowledge of zero for equal values in (a) proves pi (c)₁,c'₁) Giving c₃And c'₃The zero knowledge of equal value in (1) proves pi (c)₃,c'₃) (ii) a Then, c 'is applied again'₁、c'₃、c₂The first numerical information, the second numerical information and the third numerical information are proved to meet the preset relation.

In a third embodiment, when the second block chain and the third block chain are two different chains and the preset relationship includes that the second numerical information is a sum of the first numerical information and the third numerical information; the process of generating certification information that proves whether the first numerical information, the second numerical information, and the third numerical information satisfy the preset relationship through the zero-knowledge certification method and the first commitment value, the second commitment value, and the third commitment value may specifically be:

converting the first numerical information and the third numerical information into a first conversion commitment value and a third conversion commitment value on a second blockchain through a first conversion formula, giving a bottom conversion certificate between the first commitment value and the first conversion commitment value, and giving a bottom conversion certificate between the third commitment value and the third conversion commitment value;

selecting a random number, calculating the random number, the first conversion commitment value, the second commitment value and the third conversion commitment value based on a fourth calculation formula to obtain a fourth calculation result, and taking the fourth calculation result as certification information;

the block chain verification node verifies whether a fourth equation is established or not based on a fourth operation result, if so, the second numerical information is judged to be the sum of the first numerical information and the third numerical information, and if not, the second numerical information is judged not to be the sum of the first numerical information and the third numerical information;

the first conversion formula includes:

the fourth operation formula includes:

e＝H(g^r)；

w＝r+e(z-x'-y')；

the fourth equation includes:

wherein H represents a hash algorithm;

c₁represents the first commitment value, h₁A first encryption group element generated based on the discrete cipher group generator in the first discrete cipher group information, a represents first numerical value information, and x represents the target blockRandom numbers generated by the chain link points;

c₃represents a third commitment value, h₃Representing a third encryption group element generated based on the discrete encryption group generator in the third discrete encryption group information, d represents third numerical information, and b is a + d, y represents a random number generated by the target block chain node; c'₁Representing a first conversion commitment value, x' representing a random number generated by the target blockchain node; c'₃Represents a third conversion commitment value, y' represents a random number generated by the target blockchain node; e. w represents a fourth operation result, and r represents a random number; II type_swit(c₁,c'₁) A transmutation credential representing a difference between the first commitment value and the first transformed commitment value; II type_swit(c₃,c'₃) Representing a traded-bottom certification between the third commitment value and the third transformed commitment value.

It should be noted that instead the proof of identity is used to prove that the numerical information in both commitment values is the same, such as Π_swit(c₁,c'₁) The first conversion acceptance value is used for proving that the numerical value information in the first acceptance value and the first conversion acceptance value is a and the like.

In a third embodiment, when the second block chain is different from the third block chain, and the preset relationship includes that the second numerical information is a product of the first numerical information and the third numerical information; the process of generating certification information that proves whether the first numerical information, the second numerical information, and the third numerical information satisfy the preset relationship through the zero-knowledge certification method and the first commitment value, the second commitment value, and the third commitment value may specifically be:

selecting five random numbers, calculating the five random numbers, the first conversion commitment value, the second commitment value and the third conversion commitment value based on a fifth calculation formula to obtain a fifth calculation result, and using the fifth calculation result as certification information;

the block chain verification node verifies whether a fifth equation is established or not based on a fifth operation result, if so, the second numerical information is judged to be the product of the first numerical information and the third numerical information, and if not, the second numerical information is judged not to be the product of the first numerical information and the third numerical information;

the first conversion formula includes:

the fifth operation formula includes:

the fifth equation includes:

wherein e, z₁、z₂、z₃、z₄、z₅Representing a result of the fifth operation; r is₁、r₂、r₃、r₄、r₅Represents five random numbers; h represents a hash algorithm;

c₃represents a third commitment value, h₃Representing a third encryption group element generated based on the discrete encryption group generator in the third discrete encryption group information, d represents third numerical information, and b is a and y represents a random number generated by the target block chain node; c'₁Representing a first conversion commitment value, x' representing a random number generated by the target blockchain node; c'₃Represents a third conversion commitment value, y' represents a random number generated by the target blockchain node; II type_swit(c₁,c'₁) A transmutation credential representing a difference between the first commitment value and the first transformed commitment value; II type_swit(c₃,c'₃) Representing a traded-bottom certification between the third commitment value and the third transformed commitment value.

In the first, second, and third embodiments, in order to enable the supervisory node to trace back a target block chain node and supervise a value of the target block chain node, the discrete cipher group information includes a discrete cipher group generator and an encryption group element, the encryption group element includes a cipher group obtained by the supervisory node operating on a generated trapdoor random number and the discrete cipher group generator based on a preset format, and the trapdoor random number is a trapdoor stored by the supervisory node.

Referring to fig. 4, fig. 4 is a schematic flow chart of a fourth embodiment of the present application.

In a fourth embodiment, a method for managing a blockchain across chains provided by the present application is applied to any one of the blockchain verification nodes described above, and may include the following steps:

step S401: and receiving a second commitment value issued by the target block chain node, wherein the second commitment value is a value obtained by the target block chain node after calculating second numerical value information based on second discrete cipher group information applied by a second block chain.

Step S402: receiving certification information issued by a target block chain node, wherein the certification information is information for certifying whether a first numerical value information and a second numerical value information meet a preset relationship or not by a zero knowledge certification method, a first commitment value and a second commitment value of the target block chain node, the first commitment value is a value obtained by the target block chain node after calculating the first numerical value information based on a first discrete password group information applied by the first block chain, and the first numerical value information and the second numerical value information meet the preset relationship.

Step S403: and verifying whether the first numerical information and the second numerical information meet the preset relationship through the certification information, and if so, linking the second commitment value to a second block chain.

The description of each step in this embodiment is please refer to the above embodiments, which are not repeated herein. It should be noted that the whole process of data cross-chain also includes necessary steps such as hash root verification of the old chain, consensus voting of the new chain, etc., and the present application is not limited in detail herein.

In another aspect, the present application provides a system for block chain inter-chain supervision.

Referring to fig. 5, fig. 5 is a schematic structural diagram of a block chain cross-chain supervision system according to an embodiment of the present disclosure.

The application provides a block chain cross-chain supervisory system, is applied to target block chain node, can include:

a first obtaining module 101, configured to obtain a first commitment value stored in a first block chain, where the first commitment value is a value obtained by a target block chain node after calculating first numerical information based on first discrete cipher group information applied by the first block chain;

a second obtaining module 102, configured to obtain second discrete cipher group information applied to a second block chain, and obtain second numerical value information that satisfies a preset relationship with the first numerical value information;

the first operation module 103 is configured to perform an operation on the second numerical information based on the second discrete password information to obtain a second commitment value;

a first generating module 104, configured to generate certification information that proves whether the first numerical information and the second numerical information satisfy a preset relationship through a zero knowledge certification method and the first commitment value and the second commitment value;

the first issuing module 105 is configured to issue the second commitment value and the certification information to the blockchain verification node, so that the blockchain verification node verifies whether the first numerical information and the second numerical information satisfy the preset relationship through the certification information.

In another aspect, the present application provides a device for block chain inter-chain supervision.

Referring to fig. 6, fig. 6 is a schematic diagram illustrating an internal structure of a block chain inter-chain supervision apparatus according to an embodiment of the present disclosure.

In this embodiment, the block chain cross-chain supervision apparatus 1 may be a PC (Personal Computer), or may also be a smart phone, a tablet Computer, a palmtop Computer, a portable Computer, an intelligent router, an ore machine, a network storage device, and a terminal device.

The block chain inter-chain supervision apparatus 1 may be a node constituting a CDN network or a block chain network.

The memory 11 includes at least one type of readable storage medium, and the readable storage medium includes a flash memory, a hard disk, a multimedia card, a card type memory (e.g., SD or DX memory, etc.), a magnetic memory, a magnetic disk, an optical disk, and the like. The memory 11 may in some embodiments be an internal storage unit of the blockchain inter-chain supervisory device 1, for example a hard disk of the blockchain inter-chain supervisory device 1. The memory 11 may also be an external storage device of the block chain interlink supervisory device 1 in other embodiments, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like provided on the block chain interlink supervisory device 1. Further, the memory 11 may also include both an internal storage unit of the block chain inter-chain supervisor 1 and an external storage device. The memory 11 can be used not only for storing application software installed in the blockchain inter-chain supervisory device 1 and various types of data, such as the code of the blockchain inter-chain supervisory program 01, but also for temporarily storing data that has been output or is to be output.

The processor 12 may be, in some embodiments, a Central Processing Unit (CPU), controller, microcontroller, microprocessor or other data Processing chip for running program code stored in the memory 11 or Processing data, such as executing a blockchain cross-chain supervisor 01.

The bus 13 may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown in FIG. 6, but this is not intended to represent only one bus or type of bus.

Further, the blockchain cross-chain supervision apparatus may further comprise a network interface 14, and the network interface 14 may optionally comprise a wired interface and/or a wireless interface (such as a WI-FI interface, a bluetooth interface, etc.), which are generally used for establishing a communication connection between the apparatus 1 and other electronic devices.

Optionally, the block chain cross-chain supervision apparatus 1 may further comprise a user interface, the user interface may comprise a Display (Display), an input unit such as a Keyboard (Keyboard), and the optional user interface may further comprise a standard wired interface, a wireless interface. Alternatively, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch device, or the like. The display, which may also be referred to as a display screen or display unit, is suitable for displaying information processed in the blockchain inter-chain supervision apparatus 1 and for displaying a visual user interface.

While FIG. 6 only shows blockchain cross-chain supervisory device 1 with components 11-14 and blockchain cross-chain hypervisor 01, those skilled in the art will appreciate that the structure shown in FIG. 6 does not constitute a limitation of blockchain cross-chain supervisory device 1, and may include fewer or more components than shown, or combine certain components, or a different arrangement of components.

A computer-readable storage medium is provided, on which a blockchain cross-chain hypervisor is stored, where the blockchain cross-chain hypervisor is executable by one or more processors to implement a blockchain cross-chain supervision method as described in any of the above embodiments.

Reference herein to a computer-readable storage medium includes Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.

In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product.

The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the invention to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website site, computer, server, or data center to another website site, computer, server, or data center via wired (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that a computer can store or a data storage device, such as a server, a data center, etc., that is integrated with one or more available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.

It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.

In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.

The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.

The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed to by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.

It should be noted that the above-mentioned numbers of the embodiments of the present invention are merely for description, and do not represent the merits of the embodiments. And the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, apparatus, article, or method that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, apparatus, article, or method. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, apparatus, article, or method that includes the element.

The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims

1. A block chain cross-chain supervision method is applied to a target block chain node and comprises the following steps:

obtaining a first commitment value stored in a first block chain, wherein the first commitment value is a value obtained by calculating first numerical information based on first discrete cipher group information applied to the first block chain;

2. The method of claim 1, wherein the predetermined relationship comprises the first numerical information and the second numerical information satisfying a predetermined ratio.

3. The method according to claim 2, wherein the generating certification information that certifies whether the first numerical information and the second numerical information satisfy the predetermined relationship through the zero knowledge certification method and the first commitment value and the second commitment value comprises:

the proportional operation formula comprises:

the first operation formula includes:

z₁＝r₁+exγ,z₂＝r₂+ey,z₃＝r+eab；

the first equation comprises:

the second equation comprises:

c₁representing a random number generated by the target block chain node, g representing a discrete cipher group generator, h₁Representing the first discrete passwordA first cryptographic group element generated based on the discrete cryptographic group generator in the group information, a representing the first numerical information, and x representing a first random number;

representing the zero knowledge proof result.

4. The method according to claim 1, wherein the obtaining second discrete cipher group information applied by the second blockchain and obtaining second numerical information satisfying a preset relationship with the first numerical information comprises:

5. The method according to claim 4, wherein the second blockchain is the same as the third blockchain, and the preset relationship includes that the second numerical information is a sum of the first numerical information and the third numerical information;

wherein, after receiving the certification information, the blockchain verification node calculates a ratio of the second commitment value to the third commitment value, and verifies the zero-knowledge certification result pi (c) based on the ratio₂/c₃,c₁) If the correctness of the zero knowledge proof result pi (c) is judged₂/c₃,c₁) If the second numerical value is correct, the second numerical value is proved to be the sum of the first numerical value and the third numerical value;

wherein the content of the first and second substances,

6. The method according to claim 4, wherein the second blockchain is the same as the third blockchain, and the preset relationship includes that the second numerical information is a product of the first numerical information and the third numerical information;

the block chain verification node verifies whether a third equation is satisfied or not based on the third operation result, if so, the second numerical information is determined to be the product of the first numerical information and the third numerical information, and if not, the second numerical information is determined not to be the product of the first numerical information and the third numerical information;

the third operation formula includes:

z₁＝r₁+ex,z₂＝r₂+ea,z₃＝r+ey,z₄＝r₄+ed,z₅＝r₅+e(z-ya)；

the third equation includes:

c₃represents the third commitment value, h₂A third cryptographic group element representing the third discrete cryptographic group information generated based on the discrete cryptographic group generator, and d represents the third discrete cryptographic group informationAnd b is a, d, y represents a random number generated by the target blockchain node.

7. The method according to claim 4, wherein the second block chain and the third block chain are two different chains, and the preset relationship includes that the second numerical information is a sum of the first numerical information and the third numerical information;

generating certification information certifying whether the first numerical information, the second numerical information, and the third numerical information satisfy the preset relationship by the zero knowledge certification method and the first commitment value, the second commitment value, and the third commitment value, including:

the first conversion formula includes:

the fourth operation formula includes:

e＝H(g^r)；

w＝r+e(z-x'-y')；

the fourth equation includes:

wherein H represents a hash algorithm;

c₃represents the third commitment value, h₃Representing a third cryptographic group element generated based on the discrete cryptographic group generator in the third discrete cryptographic group information, d representing the third numerical information, and b being a + d, y representing a random number generated by the target block chain node; c'₁Represents the first conversion commitment value, x' represents a random number generated by the target block chain node; c'₃Represents the third conversion commitment value, y' represents a random number generated by the target block chain node; e. w represents the result of the fourth operation, and r represents the one random number; II type_swit(c₁,c'₁) Representing the first commitment value anda trade-bottom certification between said first trade commitment values; II type_swit(c₃,c'₃) Represents a tradeoffs between the third commitment value and the third transformed commitment value.

8. The method of claim 4, wherein the second blockchain is different from the third blockchain, and the predetermined relationship comprises that the second numerical information is a product of the first numerical information and the third numerical information;

the first conversion formula includes:

the fifth operation formula includes:

the fifth equation includes:

c₃represents the third commitment value as a function of the third commitment value,h₃representing a third cryptographic group element generated based on the discrete cryptographic group generator in the third discrete cryptographic group information, d representing the third numerical information, and b ═ a × d, y representing a random number generated by the target block chain node; c'₁Represents the first conversion commitment value, x' represents a random number generated by the target block chain node; c'₃Represents the third conversion commitment value, y' represents a random number generated by the target block chain node; II type_swit(c₁,c'₁) A transmutation credential representing a difference between the first commitment value and the first transformed commitment value; II type_swit(c₃,c'₃) Represents a tradeoffs between the third commitment value and the third transformed commitment value.

9. The method according to any one of claims 1 to 8, wherein the discrete cryptographic group information includes a discrete cryptographic group generator and an encrypted group element, the encrypted group element includes a cryptographic group obtained by a supervisory node operating on a generated trapdoor random number and the discrete cryptographic group generator based on a preset format, and the trapdoor random number is a trapdoor stored by the supervisory node.

10. A block chain cross-chain supervision method is applied to a block chain verification node and comprises the following steps:

11. A block chain cross-chain supervision system is applied to a target block chain node and comprises the following components:

the first publishing module is configured to publish the second commitment value and the certification information to the blockchain verification node, so that the blockchain verification node links the second commitment value to the second blockchain after verifying that the first numerical information and the second numerical information satisfy the preset relationship through the certification information.

12. A blockchain information policing apparatus, the apparatus comprising a memory and a processor, the memory having stored thereon a blockchain cross-chain hypervisor executable on the processor, the blockchain cross-chain hypervisor, when executed by the processor, implementing the method of any one of claims 1 to 10.

13. A computer-readable storage medium having stored thereon a blockchain cross-chain hypervisor executable by one or more processors to implement a blockchain cross-chain supervision method as recited in any one of claims 1 to 10.