CN113159767A - Transfer processing method, device and system based on block chain - Google Patents
Transfer processing method, device and system based on block chain Download PDFInfo
- Publication number
- CN113159767A CN113159767A CN202110406896.3A CN202110406896A CN113159767A CN 113159767 A CN113159767 A CN 113159767A CN 202110406896 A CN202110406896 A CN 202110406896A CN 113159767 A CN113159767 A CN 113159767A
- Authority
- CN
- China
- Prior art keywords
- node
- transaction
- transfer
- supervision
- roll
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Engineering & Computer Science (AREA)
- Finance (AREA)
- Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a transfer processing method, device and system based on a block chain, and relates to the technical field of block chains. Wherein, the method comprises the following steps: encrypting the account transfer transaction according to the symmetric key to obtain a transaction ciphertext; sending a verification request to the first supervisory node to enable the first supervisory node to verify the transfer transaction; after receiving the response information passing the verification, constructing uplink transaction data and sending the uplink transaction data to the block chain; the uplink transaction data includes: and the transaction ciphertext and at least one of first to fourth secret key ciphertexts obtained by encrypting the symmetric secret key respectively based on the public key of the roll-out party node, the public key of the first supervision node, the public key of the receiving party node and the public key of the second supervision node. Partial supervision is shifted from post-affair supervision to pre-affair supervision through the steps, and the supervision effectiveness is improved; and by combining and using the cryptography technology, the privacy of user account data and transaction data is ensured on the premise of safety and verifiability.
Description
Technical Field
The invention relates to the technical field of block chains, in particular to a transfer processing method, device and system based on a block chain.
Background
The blockchain technology, also called distributed book technology, combines technologies such as cryptography, P2P communication, consensus algorithm and the like at the bottom layer, and provides a novel computing paradigm and a cooperation mode for establishing trust at low cost in a weak trust environment. The main characteristics of the blockchain include decentralization, openness and transparency, tamper resistance and traceability.
At present, the main pain points in the cross-border payment service scenario include: (1) the remittance speed is low, a cross-border payment service can be cleared and booked among accounts only through a plurality of bank systems, and the whole remittance process can be completed in 2-3 days generally; (2) the remittance cost is high, the customer needs to pay the handling fee and the electric charge, the handling fee is usually 0.1 percent of the remittance amount, the electric charge is 80 yuan or 150 yuan, in addition, the transfer fee, the cash exchange fee and the like are also provided, and the whole cost is high; and (3) the transparency is low, cross-border payment relates to a plurality of countries or regions, and payment messages are transmitted layer by layer among banks in a serial mode, so that the traceability is poor, the information communication feedback is not smooth, and the information transparency is low.
A block chain technology is applied to construct a cross-border payment ecological alliance, a novel payment network is built, simple dependence on swift can be avoided, the transaction processing speed is increased, and the traceability of the whole transaction process is improved. At present, most of the existing cross-border payment schemes synchronize all account book data in a transaction consensus process by deploying a block chain node, and the global account book data is subjected to post-mortem supervision through a view angle of the last emperor, so that the supervision timeliness is low, the execution result of a transaction is difficult to change, and moreover, leakage risks exist in user account data and transaction data, and the privacy of the data is difficult to guarantee.
Disclosure of Invention
In view of the above, the invention provides a block chain-based transfer processing method, device and system, which can support the supervision department to supervise the whole transaction process of digital assets, move part of supervision from post supervision to pre supervision, and improve the supervision effectiveness; and by combining and using the cryptography technology, the privacy of user account data and transaction data is ensured on the premise of safety and verifiability.
To achieve the above object, according to a first aspect of the present invention, there is provided a block chain-based transfer processing method.
The transfer processing method based on the block chain is executed by a roll-out node and comprises the following steps: symmetrically encrypting the transfer transaction according to the symmetric key to obtain a transaction ciphertext; sending a verification request carrying the transaction ciphertext to a first supervision node so that the first supervision node verifies the transfer transaction decrypted from the transaction ciphertext; after response information which is returned by the first supervision node and passes verification is received, uplink transaction data are constructed and sent to a block chain; the uplink transaction data comprises: the transaction cryptograph is at least one of first to fourth secret key cryptographs obtained by asymmetrically encrypting the symmetric secret key based on the public key of the roll-out party node, the public key of the first supervision node, the public key of the receiving party node and the public key of the second supervision node; the first supervision node is a supervision node corresponding to the roll-out party node, and the second supervision node is a supervision node corresponding to the receiving party node.
Optionally, before sending the verification request carrying the transaction ciphertext to the first supervisory node, the method further includes: and carrying out asymmetric encryption on the symmetric secret key by using a public key of a first supervision node to obtain a second secret key ciphertext, and carrying the second secret key ciphertext in the verification request, so that the first supervision node decrypts the transaction ciphertext based on the symmetric secret key decrypted from the second secret key ciphertext.
Optionally, before sending the verification request carrying the transaction ciphertext to the first supervisory node, the method further includes: and signing the hash code of the transaction ciphertext by using the private key of the roll-out party node, and carrying the generated signature of the roll-out party node in the verification request so that the first supervision node verifies the signature of the roll-out party node.
Optionally, the response information includes: a signature of the first supervising node; the method further comprises the following steps: adding the signature of the first supervising node, and/or the signature of the transferor node, to the uplink transaction data.
Optionally, the method further comprises: and after the uplink transaction data for the uplink are successfully linked, modifying the balance of the account of the transfer party in the local database corresponding to the transfer party node.
To achieve the above object, according to a second aspect of the present invention, there is provided another block chain-based transfer processing method.
The transfer processing method based on the block chain is executed by a first supervision node and comprises the following steps: in response to a verification request sent by a roll-out party node, decrypting a transaction ciphertext carried by the verification request to obtain a transfer transaction, and verifying the transfer transaction; the transaction ciphertext is obtained by symmetrically encrypting the transfer transaction by the roll-out party node according to the symmetric key; under the condition that the transfer transaction is verified, sending response information passing the verification to the transfer-out party node, so that the transfer-out party node constructs uplink transaction data after receiving the response information and sends the uplink transaction data to a block chain; the uplink transaction data comprises: the transaction cryptograph is at least one of first to fourth secret key cryptographs obtained by asymmetrically encrypting the symmetric secret key based on the public key of the roll-out party node, the public key of the first supervision node, the public key of the receiving party node and the public key of the second supervision node; the first supervision node is a supervision node corresponding to the roll-out party node, and the second supervision node is a supervision node corresponding to the receiving party node.
Optionally, the verification request further includes a second secret key ciphertext; the second secret key ciphertext is obtained by the transfer party node performing asymmetric encryption on the symmetric secret key by using the public key of the first supervision node; the decrypting the transaction ciphertext carried by the verification request to obtain the transfer transaction comprises: decrypting the second secret key ciphertext by using a private key of the first supervisory node to obtain the symmetric secret key; decrypting the transaction cryptograph based on the symmetric key to obtain a transfer transaction.
Optionally, the transfer transaction includes information of a transfer party, information of a receiving party, and information of a transaction amount; the verifying the transfer transaction comprises: inquiring a local database according to the transfer party information to determine the total amount of the digital assets in the account of the transfer party; verifying whether sufficient digital assets exist in the account of the roll-out party according to the total amount of the digital assets in the account of the roll-out party and the transaction amount information; if yes, the transfer transaction is verified; the method further comprises the following steps: and after the transfer transaction is verified, setting the digital assets in the transfer-out party account in the local database corresponding to the first monitoring node to be in a frozen state.
Optionally, the verification request further comprises a signature of the roll-out node; the method further comprises the following steps: verifying the signature of the roll-out node and confirming that the signature of the roll-out node is verified before verifying the transfer transaction.
Optionally, the method further comprises: after the transfer transaction passes the verification, the private key of the first supervision node is used for signing the hash code of the transaction ciphertext, and the generated signature of the first supervision node is carried in the response information passing the verification.
Optionally, the method further comprises: and after the uplink transaction data for uplink are successfully linked, modifying the balance of the account of the transfer-out party in the local database corresponding to the first monitoring node.
To achieve the above object, according to a third aspect of the present invention, there is provided a block chain-based transfer processing apparatus.
The invention relates to a transfer processing device based on a block chain, which is arranged at a transfer-out side node and comprises: the encryption module is used for symmetrically encrypting the transfer transaction according to the symmetric key to obtain a transaction ciphertext; the verification request module is used for sending a verification request carrying the transaction ciphertext to a first supervision node so that the first supervision node verifies the transfer transaction decrypted from the transaction ciphertext; the uplink module is used for constructing uplink transaction data and sending the uplink transaction data to a block chain after receiving response information which is returned by the first supervision node and passes verification; the uplink transaction data comprises: the transaction cryptograph is at least one of first to fourth secret key cryptographs obtained by asymmetrically encrypting the symmetric secret key based on the public key of the roll-out party node, the public key of the first supervision node, the public key of the receiving party node and the public key of the second supervision node; the first supervision node is a supervision node corresponding to the roll-out party node, and the second supervision node is a supervision node corresponding to the receiving party node.
To achieve the above object, according to a fourth aspect of the present invention, there is provided a block chain-based transfer processing apparatus.
The invention discloses a transfer processing device based on a block chain, which is arranged at a first supervision node and comprises: the verification module is used for responding to a verification request sent by a roll-out party node, decrypting a transaction ciphertext carried by the verification request to obtain a transfer transaction, and verifying the transfer transaction; the transaction ciphertext is obtained by symmetrically encrypting the transfer transaction by the roll-out party node according to the symmetric key; the response module is used for sending response information passing the verification to the transfer party node under the condition that the transfer transaction passes the verification so that the transfer party node constructs uplink transaction data after receiving the response information and sends the uplink transaction data to a block chain; the uplink transaction data comprises: the transaction cryptograph is at least one of first to fourth secret key cryptographs obtained by asymmetrically encrypting the symmetric secret key based on the public key of the roll-out party node, the public key of the first supervision node, the public key of the receiving party node and the public key of the second supervision node; the first supervision node is a supervision node corresponding to the roll-out party node, and the second supervision node is a supervision node corresponding to the receiving party node.
To achieve the above object, according to a fifth aspect of the present invention, there is provided a block chain-based transfer processing system.
The transfer processing system based on the block chain comprises a transfer party node and a first supervision node; the transfer party node is used for symmetrically encrypting the transfer transaction according to the symmetric key to obtain a transaction ciphertext and sending a verification request carrying the transaction ciphertext to the first supervision node; the first supervision node is used for decrypting the transaction ciphertext carried by the verification request to obtain a transfer transaction and verifying the transfer transaction; the transfer party node is also used for sending response information of passing the verification to the transfer party node under the condition that the transfer transaction passes the verification; the forwarding party node is further configured to construct uplink transaction data after receiving the response information that passes the verification, and send the uplink transaction data to a block chain; the uplink transaction data comprises: the transaction cryptograph is at least one of first to fourth secret key cryptographs obtained by asymmetrically encrypting the symmetric secret key based on the public key of the roll-out party node, the public key of the first supervision node, the public key of the receiving party node and the public key of the second supervision node; the first supervision node is a supervision node corresponding to the roll-out party node, and the second supervision node is a supervision node corresponding to the receiving party node.
To achieve the above object, according to a sixth aspect of the present invention, there is provided an electronic apparatus.
The electronic device of the present invention includes: one or more processors; and storage means for storing one or more programs; when executed by the one or more processors, cause the one or more processors to implement the blockchain-based transfer processing method of the present invention.
To achieve the above object, according to a seventh aspect of the present invention, there is provided a computer-readable medium.
The computer-readable medium of the present invention has stored thereon a computer program which, when executed by a processor, implements the blockchain-based transfer processing method of the present invention.
One embodiment of the above invention has the following advantages or benefits: the account transfer transaction is encrypted according to the symmetric key to obtain a transaction ciphertext, a verification request is sent to the first supervision node, so that the first supervision node verifies the account transfer transaction, after response information passing verification is received, uplink transaction data including the transaction ciphertext and at least one of the first to fourth secret key ciphers are constructed, partial supervision can be moved to the front by the middle and after supervision, the supervision effectiveness is improved, and the privacy of user account data and transaction data is guaranteed on the premise that safety can be verified by combining the cryptography technology.
Further effects of the above-mentioned non-conventional alternatives will be described below in connection with the embodiments.
Drawings
The drawings are included to provide a better understanding of the invention and are not to be construed as unduly limiting the invention. Wherein:
FIG. 1 is an exemplary system architecture diagram in which embodiments of the present invention may be employed;
fig. 2 is a main flow diagram of a block chain-based transfer processing method according to a first embodiment of the present invention;
fig. 3 is a main flow diagram of a block chain-based transfer processing method according to a second embodiment of the present invention;
fig. 4 is a main flow diagram of a block chain-based transfer processing method according to a third embodiment of the present invention;
fig. 5 is a schematic view of the main blocks of a block chain-based transfer processing apparatus according to a fourth embodiment of the present invention;
fig. 6 is a main block diagram of a block chain-based transfer processing apparatus according to a fifth embodiment of the present invention;
fig. 7 is a schematic view of the main blocks of a block chain-based transfer processing system according to a sixth embodiment of the present invention;
FIG. 8 is a schematic block diagram of a computer system suitable for use with the electronic device to implement an embodiment of the invention.
Detailed Description
Exemplary embodiments of the present invention are described below with reference to the accompanying drawings, in which various details of embodiments of the invention are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
It should be noted that the embodiments and technical features of the embodiments of the present invention may be combined with each other without affecting the implementation of the present invention.
Fig. 1 illustrates an exemplary system architecture 100 of a blockchain based transfer processing method or blockchain based transfer processing apparatus to which embodiments of the present invention may be applied.
As shown in fig. 1, the system architecture 100 may include forwarder nodes 101, 102, 103, a network 104 and a supervisory node 105. The network 104 is used to provide the medium of communication links between the roll-out nodes 101, 102, 103 and the supervising node 105. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The roll-out nodes 101, 102, 103 may interact with the supervisory node 105 over the network 104 to receive or send messages, etc. The roll- out nodes 101, 102, 103 may be servers corresponding to the party initiating the transfer transaction. The roll-out nodes 101, 102, 103 may be servers providing various services, such as shopping-type application services, bank-finance-type application services, and the like.
The supervisory node 105 may be a server corresponding to an organization that supervises transfer transactions, etc. of the exporter node.
The roll-out party nodes 101, 102, 103 can encrypt the transfer transaction initiated by the user, send the encrypted transaction ciphertext to the supervision node 105 for verification, and after receiving the response information returned by the supervision node that passes the verification, construct uplink transaction data, and send the uplink transaction data to the block chain.
It should be noted that the block chain based transfer processing method provided by an embodiment of the present invention may be executed by a forwarding node, and accordingly, the block chain based transfer processing device is generally disposed in the forwarding node. The block chain based transfer processing method provided by another embodiment of the invention can be executed by a supervisory node, and accordingly, the block chain based transfer processing device is generally arranged in the supervisory node.
It should be understood that the number of roll-out nodes, networks and supervisory nodes in fig. 1 is merely illustrative. There may be any number of roll-out nodes, networks, and supervisory nodes, as desired for implementation.
Fig. 2 is a main flow diagram of a block chain-based transfer processing method according to a first embodiment of the present invention. The method of the embodiment of the invention is executed by the roll-out node. As shown in fig. 2, the transfer processing method based on the block chain according to the embodiment of the present invention includes:
step S201: and symmetrically encrypting the transfer transaction according to the symmetric secret key to obtain a transaction ciphertext.
Illustratively, the transfer transaction may include: roll-out information, recipient information, and transaction amount information. The information of the roll-out party can specifically comprise an account name of the roll-out party and/or information such as a name of the roll-out party; the information of the receiving party may specifically include an account name of the receiving party, and/or information such as a name of the receiving party. In specific implementation, the forwarding party and the receiving party may be individuals or enterprises.
In step S201, the transfer transaction may be symmetrically encrypted using a symmetric encryption algorithm such as SM4 (a national encryption algorithm), AES (Advanced encryption Standard), or 3DES (triple data encryption algorithm). In an alternative example, to fully ensure the encryption effect of the transfer transaction data and improve the security of the transfer transaction data, the encryption level of the algorithm may be not lower than the SM 4.
Step S202: and sending a verification request carrying the transaction ciphertext to a first supervision node so that the first supervision node verifies the transfer transaction decrypted from the transaction ciphertext.
After the transaction ciphertext is obtained in step S201, the transaction ciphertext may be carried in the verification request, and the verification request is sent to the first monitoring node, that is, the monitoring node corresponding to the roll-out party. And after receiving the verification request, the first supervision node decrypts the transaction ciphertext carried by the verification request and then verifies the transfer transaction obtained by decryption.
In an optional example, to further improve the security of the transfer transaction data, the method further comprises: before step S202, the public key of the first supervisory node is used to perform asymmetric encryption on the symmetric key to obtain a second secret key ciphertext, and the second secret key ciphertext and the transaction ciphertext obtained in step S201 are carried in the verification request. In specific implementation, the forwarding node may encrypt the symmetric key by using an asymmetric encryption algorithm such as SM2 (a cryptographic algorithm), RSA, and the like. In an alternative example, in order to sufficiently ensure the encryption effect of the symmetric key and improve the security of the symmetric key, the encryption level of the algorithm may be not lower than SM 2. After receiving the verification request, the first supervision node decrypts the second secret key ciphertext based on the private key of the first supervision node to obtain a symmetric secret key, and then decrypts the transacted ciphertext based on the symmetric secret key to obtain the transfer transaction.
In another optional example, to further improve the security of the transfer transaction data, the method further comprises: before step S202, the hash code of the transaction ciphertext obtained in step S201 is signed by using the private key of the roll-out party node, and the generated signature of the roll-out party node and the transaction ciphertext are carried in the verification request. And after receiving the verification request, the first supervision node verifies the signature of the exporter node and decrypts the transaction ciphertext. In specific implementation, the first supervision node can verify the signature of the transfer-out party node, decrypt the transaction ciphertext after the signature of the transfer-out party node passes the verification, and then verify the contents of the account transfer transaction; or, the first supervision node may decrypt the transaction ciphertext, verify the signature of the exporter node, and verify the contents of the ledger transaction after the signature of the exporter node passes the verification.
Step S203: and after receiving response information which is returned by the first supervision node and passes the verification, constructing uplink transaction data and sending the uplink transaction data to a block chain.
Wherein the uplink transaction data comprises: the transaction cryptograph is at least one of first to fourth secret key cryptographs obtained by asymmetrically encrypting the symmetric secret key based on the public key of the roll-out party node, the public key of the first supervision node, the public key of the receiving party node and the public key of the second supervision node (namely the supervision node corresponding to the receiving party node).
For example, in a specific example, the uplink transaction data includes a transaction ciphertext, a first secret key ciphertext obtained by asymmetrically encrypting a symmetric key based on a public key of the forwarding-out node, a second secret key ciphertext obtained by asymmetrically encrypting the symmetric key based on the public key of the first supervision node, a third secret key ciphertext obtained by asymmetrically encrypting the symmetric key based on the public key of the receiving-side node, and a fourth secret key ciphertext obtained by asymmetrically encrypting the symmetric key based on the public key of the second supervision node. In the embodiment of the invention, the account transfer transaction is encrypted, and at least one of the first to fourth secret key ciphertexts is contained in the uplink transaction data, so that only a transaction related party can decrypt the transaction ciphertext, and the privacy of the transaction data can be protected to the maximum extent while the security of the transaction data is ensured.
In an optional example, the uplink transaction data further includes, in addition to the transaction cryptogram and at least one of the first to fourth key cryptograms: a signature of the recipient node, and/or a signature of the first supervising node. For example, in one embodiment, the uplink transaction data includes: the transaction cryptograph, the first to fourth keys, the signature of the receiver node, and the signature of the first supervisory node.
In an alternative example, the method of an embodiment of the present invention may further include the steps of: and after the uplink transaction data for uplink are successfully linked, the transfer-out party node modifies the balance of the transfer-out party account in the local database corresponding to the transfer-out party node so as to realize deduction of the digital assets.
In the embodiment of the invention, a supervision node is introduced into the transfer processing flow to ensure that the whole transaction flow can be supervised; in addition, before the transaction data are sent to the block chain, the transaction content is verified by the supervision node of the initiator, so that supervision forwarding is realized, and the supervision effectiveness is improved; in addition, by encrypting and chaining transaction data and matching with other cryptography technologies, the transaction data are only visible in the transaction related party node, and the non-transaction related node cannot decrypt the data, so that the privacy of user account data and the transaction data is ensured.
Fig. 3 is a main flow diagram of a block chain-based transfer processing method according to a second embodiment of the present invention. The method of the embodiment of the invention is executed by a first supervision node, namely a supervision node corresponding to a transfer-out party node. As shown in fig. 3, the transfer processing method based on the block chain according to the embodiment of the present invention includes:
step S301: and responding to a verification request sent by the roll-out party node, and decrypting a transaction ciphertext carried by the verification request to obtain the transfer transaction.
After receiving the verification request sent by the roll-out party node, the first supervision node decrypts the transaction ciphertext carried by the verification request to obtain the transfer transaction. And the transaction ciphertext is obtained by the transfer party node symmetrically encrypting the transfer transaction according to the symmetric key. In specific implementation, the transfer party node may use symmetric encryption algorithms such as SM4 (a cryptographic algorithm), AES (Advanced encryption Standard), or 3DES (triple data encryption algorithm) to symmetrically encrypt the transfer transaction. Further, in order to fully ensure the encryption effect of the transfer transaction data and improve the security of the transfer transaction data, the encryption grade of the symmetric encryption algorithm can be not lower than the SM 4.
In an optional example, to further improve the security of the transfer transaction data, the verification request further comprises a second secret key ciphertext obtained by the transferor node asymmetrically encrypting the symmetric secret key using the public key of the first supervisory node. In this alternative example, step S301 specifically includes: the first supervision node decrypts the second secret key ciphertext by using a private key of the first supervision node to obtain the symmetric secret key; the first supervisory node decrypts the transaction ciphertext based on the symmetric key to obtain a transfer transaction.
In another alternative example, to further increase the security of the transfer transaction data, the verification request also includes a signature of the transferor node. In this optional example, the method further comprises: before step S302, the signature of the roll-out node is verified, and it is confirmed that the signature of the roll-out node is verified. In specific implementation, the first supervision node can verify the signature of the transfer-out party node, decrypt the transaction ciphertext after the signature of the transfer-out party node passes the verification, and then verify the contents of the account transfer transaction; or, the first supervision node may decrypt the transaction ciphertext, verify the signature of the exporter node, and verify the contents of the ledger transaction after the signature of the exporter node passes the verification.
Step S302: the transfer transaction is validated.
Illustratively, the transfer transaction includes referrer information, recipient information, and transaction amount information. In this example, verifying the transfer transaction specifically includes: the first supervision node inquires a local database according to the roll-out party information to determine the total amount of the digital assets in the roll-out party account; and the first supervision node verifies whether enough digital assets exist in the account of the roll-out party according to the total amount of the digital assets in the account of the roll-out party and the transaction amount information. If enough digital assets exist in the roll-out side account, namely the total amount of the digital assets in the roll-out side account can meet the transaction requirement, the transfer transaction is verified; otherwise, the transfer transaction is not validated.
Further, the method of the embodiment of the present invention may further include the steps of: and after the transfer transaction passes verification, the first supervision node sets the digital assets in the transfer-out side account in the local database corresponding to the first supervision node to be in a frozen state. The content of the transfer transaction is verified, and the digital assets in the transfer account are frozen after the verification is passed, so that double-flower transaction can be effectively avoided.
Step S303: and under the condition that the transfer transaction is verified, sending response information passing the verification to the transfer-out party node, so that the transfer-out party node constructs uplink transaction data after receiving the response information and sends the uplink transaction data to a block chain.
Wherein the uplink transaction data comprises: the transaction cryptograph is at least one of first to fourth secret key cryptographs obtained by asymmetrically encrypting the symmetric secret key based on the public key of the roll-out party node, the public key of the first supervision node, the public key of the receiving party node and the public key of the second supervision node (namely the supervision node corresponding to the receiving party node). For example, in a specific example, the uplink transaction data includes a transaction ciphertext, a first secret key ciphertext obtained by asymmetrically encrypting a symmetric key based on a public key of the forwarding-out node, a second secret key ciphertext obtained by asymmetrically encrypting the symmetric key based on the public key of the first supervision node, a third secret key ciphertext obtained by asymmetrically encrypting the symmetric key based on the public key of the receiving-side node, and a fourth secret key ciphertext obtained by asymmetrically encrypting the symmetric key based on the public key of the second supervision node.
In an alternative example, the method of an embodiment of the present invention further comprises the steps of: after the transfer transaction passes the verification, the private key of the first supervision node is used for signing the hash code of the transaction ciphertext, and the generated signature of the first supervision node is carried in the response information passing the verification. Further, in this optional example, the uplink transaction data may further include, in addition to the transaction cryptogram and at least one of the first to fourth key cryptograms: a signature of the recipient node, and/or a signature of the first supervising node. For example, in one embodiment, the uplink transaction data includes: the transaction cryptograph, the first to fourth keys, the signature of the receiver node, and the signature of the first supervisory node.
In an alternative example, the method of an embodiment of the present invention further comprises the steps of: and after the uplink transaction data for uplink are successfully linked, the first supervisory node modifies the account balance of the transfer party in the local database corresponding to the first supervisory node so as to realize deduction of the digital assets.
In the embodiment of the invention, partial supervision on the account transaction can be shifted from post-affairs supervision to pre-affairs by the steps, the supervision effectiveness is improved, and the privacy of user account data and transaction data is ensured on the premise of safety and verifiability by combining and using a cryptography technology.
Fig. 4 is a main flow diagram of a block chain-based transfer processing method according to a third embodiment of the present invention. As shown in fig. 4, the transfer processing method based on the block chain according to the embodiment of the present invention includes:
step S401: the roll-out node constructs a transfer transaction s.
The forwarding party may be an individual or a corporate organization such as an enterprise, and the forwarding party node may be a terminal used by the forwarding party or an electronic device such as a server.
The transfer transaction s may include, among other things: roll-out information, recipient information, and transaction amount information.
Step S402: and the transfer-out party node encrypts s according to the symmetric key to obtain a transaction ciphertext s (key).
In this step, the transfer-out node may symmetrically encrypt the transfer transaction using a symmetric Encryption algorithm such as SM4 (a national crypto algorithm), AES (advanced Encryption Standard), or 3DES (triple data Encryption algorithm). In order to fully ensure the encryption effect of the transfer transaction data and improve the security of the transfer transaction data, the encryption level of the algorithm can be not lower than SM 4.
Further, before step S402, the method of the embodiment of the present invention further includes: and the roll-out party node randomly generates a symmetric key. By randomly generating the symmetric secret key, the leakage of the symmetric secret key can be effectively prevented, and the security of transfer transaction data is further improved.
Step S403: the roll-out node encrypts the ke using the public keys pub-a, pub-A, pub-B, and pub-B to obtain key ciphers key (pub-a), key (pub-B), and key (pub-B).
The pub-a is a public key of the roll-out node, pub-a is a public key of a first supervision node, namely, a supervision node corresponding to the roll-out node, pub-B is a public key of a receiver node, and pub-B is a public key of a second supervision node, namely, a supervision node corresponding to the receiver node. In step S403, the symmetric key is asymmetrically encrypted using pub-a to obtain a key ciphertext key (pub-a), the symmetric key is asymmetrically encrypted using pub-B to obtain a key ciphertext key (pub-B), and the symmetric key is asymmetrically encrypted using pub-B to obtain a key ciphertext key (pub-B).
In specific implementation, the roll-out node may encrypt the symmetric key by using asymmetric encryption algorithms such as SM2 and RSA. In order to fully ensure the encryption effect of the symmetric key and improve the security of the symmetric key, the encryption level of the asymmetric encryption algorithm can be not lower than the SM 2.
Step S404: the exporter node signs the hash code of s (key) with private key pri-a to obtain signature (a).
Step S405: the roll-out node sends a verification request carrying the signatures (a), s (key) and key (pub-A) to the first supervisory node.
And the first supervision node is the corresponding supervision node of the roll-out party. For example, in a cross-border payment scenario, the supervision node of the bank in country a may be a server corresponding to the central row in country a, and the supervision node of the bank in country B may be a server corresponding to the central row in country B.
Step S406: the first supervisory node verifies signature (a).
After receiving the verification request, the first supervisory node verifies the signature (a) of the transit-out node carried by the verification request, and executes step S407 after the verification is passed.
Step S407: the first supervision node decrypts the key (pub-A) by using the private key pri-A to obtain the key, and decrypts the s (key) by using the key to obtain the s.
In this step, the first supervisory node may first use its own private key pri-a to asymmetrically decrypt the key ciphertext k ey (pub-a) to obtain a symmetric key; the first supervisory node then symmetrically decrypts the transaction ciphertext s (key) using the symmetric key to obtain the transfer transaction s.
Step S408: the first supervising node verifies the transfer transaction s.
Wherein, step S408 specifically includes: the first supervision node inquires a local database according to the roll-out party information in the transfer transaction s to determine the total amount of the digital assets in the roll-out party account; and the first supervision node verifies whether enough digital assets exist in the account of the roll-out party or not according to the total amount of the digital assets in the account of the roll-out party and the transaction amount information in the transfer transaction s. If the roll-out side account has enough digital assets, namely the total amount of the digital assets in the roll-out side account can meet the transaction requirement, the transfer transaction is verified, and the step S409 can be executed; otherwise, the transfer transaction is not validated, and then the first supervising node may return a response message to the forwarding-party node indicating that validation failed.
Further, after the transfer transaction s is verified, the first supervising node may further perform the steps of: digital assets within the transit account in the local database are set to a frozen state. The content of the transfer transaction is verified, and the digital assets in the transfer account are frozen after the verification is passed, so that double-flower transaction can be effectively avoided. In addition, in order to further improve the security of the account data, the account data may be stored only in local databases corresponding to the roll-out node, the receiving node, the first supervising node and the second supervising node.
Step S409: the first supervising node sends response information that the verification is passed.
The response information includes a signature (a) of the first supervisory node, and the signature is obtained by the first supervisory node using its own private key pri-a to sign a hash code of the transaction ciphertext s (key).
Step S410: the forwarding node constructs uplink transaction data.
After receiving the response message passing the verification, the transmitting party node constructs uplink transaction data. The uplink transaction data includes the following information: s (key), key (pub-a), key (pub-A), key (pub-B), key (pub-B), signature (a), signature (A).
Step S411: the egress node sends uplink transaction data to the blockchain.
Further, after step S411, the uplink transaction data may be packed into blocks according to the existing rule of the distributed account book, and the block data is identified in the blockchain network.
For non-transaction related nodes in the blockchain network, verifying the signature correctness of the hash code of the transaction ciphertext s (key), specifically comprising verifying the correctness of the signature (a) of the roll-out party node and the signature (A) of the first supervision node. After the consensus is successful, the non-transaction related node directly writes the block into the account book. And for the roll-out party node and the first supervision node, after the consensus is successful, the block is written into the account book, and the balance of the roll-out party account in the local database is also modified so as to realize the deduction of the digital assets. For the receiving party node and the second supervision node, after the consensus is successful, in addition to writing the block into the account book, the transaction ciphertext s (key) is decrypted to obtain the transfer amount information, and then the account balance of the receiving party in the local database is modified according to the transfer amount information to realize the increase of the digital assets.
In the embodiment of the invention, partial supervision on the account transaction can be shifted from post-affairs supervision to pre-affairs by the steps, the supervision effectiveness is improved, and the privacy of user account data and transaction data is ensured on the premise of safety and verifiability by combining and using a cryptography technology.
Fig. 5 is a schematic view of the main blocks of a block chain-based transfer processing apparatus according to a fourth embodiment of the present invention. The transfer processing device based on the block chain in the embodiment of the invention is arranged at the transfer-out side node. As shown in fig. 5, the block chain-based transfer processing apparatus 500 according to an embodiment of the present invention includes: an encryption module 501, an authentication request module 502, and a uplink module 503.
And the encryption module 501 is configured to perform symmetric encryption on the transfer transaction according to the symmetric key to obtain a transaction ciphertext.
Illustratively, the transfer transaction may include: roll-out information, recipient information, and transaction amount information. The information of the roll-out party can specifically comprise an account name of the roll-out party and/or information such as a name of the roll-out party; the information of the receiving party may specifically include an account name of the receiving party, and/or information such as a name of the receiving party. In specific implementation, the forwarding party and the receiving party may be individuals or enterprises.
In specific implementation, the Encryption module 501 may use symmetric Encryption algorithms such as SM4 (a cryptographic algorithm), AES (advanced Encryption Standard), or 3DES (triple data Encryption algorithm) to symmetrically encrypt the transfer transaction. In order to fully ensure the encryption effect of the transfer transaction data and improve the security of the transfer transaction data, the encryption level of the algorithm can be not lower than SM 4.
In an optional example, the encryption module 501 is further configured to perform asymmetric encryption on the symmetric key by using the public key of the first supervisory node to obtain a second secret key ciphertext, and carry the second secret key ciphertext and the transaction ciphertext together in the verification request. In specific implementation, the encryption module 501 may encrypt the symmetric key by using an asymmetric encryption algorithm such as SM2 (a cryptographic algorithm), RSA, and the like. In order to fully ensure the encryption effect of the symmetric key and improve the security of the symmetric key, the encryption level of the algorithm may be not lower than SM 2.
In another alternative example, to further improve the security of the transfer transaction data, the encryption module 501 is further configured to sign a hash code of the transaction ciphertext by using a private key of the roll-out party node, and to carry the generated signature of the roll-out party node and the transaction ciphertext together in the verification request.
The verification request module 502 is configured to send a verification request carrying the transaction ciphertext to a first supervisory node, so that the first supervisory node verifies the transfer transaction decrypted from the transaction ciphertext.
After obtaining the transaction ciphertext, the verification request module 502 may carry the transaction ciphertext in a verification request, and send the verification request to a first supervision node, i.e., a supervision node corresponding to the roll-out party. And after receiving the verification request, the first supervision node decrypts the transaction ciphertext carried by the verification request and then verifies the transfer transaction obtained by decryption. After the transfer transaction is verified, the first supervisory node returns response information that the verification is passed to the roll-out party node.
The uplink module 503 is configured to construct uplink transaction data and send the uplink transaction data to the block chain after receiving the response information that is returned by the first supervisory node and passes the verification.
Wherein the uplink transaction data comprises: the transaction cryptograph is at least one of first to fourth secret key cryptographs obtained by asymmetrically encrypting the symmetric secret key based on the public key of the roll-out party node, the public key of the first supervision node, the public key of the receiving party node and the public key of the second supervision node. And the second supervision node is a supervision node corresponding to the receiver node. In the embodiment of the invention, the account transfer transaction is encrypted, and at least one of the first to fourth secret key ciphertexts is contained in the uplink transaction data, so that only a transaction related party can decrypt the transaction ciphertext, and the privacy of the transaction data can be protected to the maximum extent while the security of the transaction data is ensured.
In the embodiment of the invention, the device can verify the account transfer transaction before the transaction data is linked, so that partial supervision of the account transfer transaction is transferred from post-affairs supervision to pre-affairs supervision, and the supervision effectiveness is improved; and by combining and using the cryptography technology, the privacy of user account data and transaction data is ensured on the premise of safety and verifiability.
Fig. 6 is a schematic view of the main blocks of a block chain-based transfer processing apparatus according to a fifth embodiment of the present invention. The transfer processing device based on the block chain in the embodiment of the invention is arranged at the first supervision node. As shown in fig. 6, the block chain-based transfer processing apparatus 600 according to an embodiment of the present invention includes: a verification module 601 and a response module 602.
The verification module 601 is configured to respond to a verification request sent by a transfer-out party node, decrypt a transaction ciphertext carried by the verification request to obtain a transfer transaction, and verify the transfer transaction.
And the transaction ciphertext is obtained by the transfer party node symmetrically encrypting the transfer transaction according to the symmetric key. In specific implementation, the transfer party node may use symmetric Encryption algorithms such as SM4 (a cryptographic algorithm), AES (Advanced Encryption Standard), or 3DES (triple data Encryption algorithm) to symmetrically encrypt the transfer transaction. In order to fully ensure the encryption effect of the transfer transaction data and improve the security of the transfer transaction data, the encryption grade of the symmetric encryption algorithm can be not lower than SM 4.
In one optional example, the transfer transaction includes roll-out information, recipient information, and transaction amount information. In this example, the verifying module 601 specifically verifies the transfer transaction includes: the verification module 601 queries a local database according to the roll-out party information to determine the total amount of the digital assets in the roll-out party account; the verification module 601 verifies whether there are enough digital assets in the account of the transferor according to the total amount of the digital assets in the account of the transferor and the transaction amount information. If enough digital assets exist in the roll-out side account, namely the total amount of the digital assets in the roll-out side account can meet the transaction requirement, the transfer transaction is verified; otherwise, the transfer transaction is not validated.
Further, the device of the embodiment of the invention can also comprise an account setting module. And the account setting module is used for setting the digital assets in the account of the transfer party in the local database corresponding to the account setting module into a frozen state after the transfer transaction passes verification. The content of the transfer transaction is verified, and the digital assets in the transfer account are frozen after the verification is passed, so that double-flower transaction can be effectively avoided.
A response module 602, configured to send response information that the transfer transaction passes the verification to the transfer-out node under the condition that the transfer transaction passes the verification, so that the transfer-out node constructs uplink transaction data after receiving the response information, and sends the uplink transaction data to a block chain.
Wherein the uplink transaction data comprises: the transaction cryptograph is at least one of first to fourth secret key cryptographs obtained by asymmetrically encrypting the symmetric secret key based on the public key of the roll-out party node, the public key of the first supervision node, the public key of the receiving party node and the public key of the second supervision node; the first supervision node is a supervision node corresponding to the roll-out party node, and the second supervision node is a supervision node corresponding to the receiving party node.
In the embodiment of the invention, the device can verify the account transfer transaction before the transaction data is linked, so that partial supervision of the account transfer transaction is transferred from post-affairs supervision to pre-affairs supervision, and the supervision effectiveness is improved; and the encryption is carried out on the transaction data for the uplink by combining and using the cryptography technology, so that the privacy of the user account data and the transaction data can be ensured on the premise of safety and verifiability.
Fig. 7 is a schematic diagram of the main blocks of a block chain-based transfer processing system according to a sixth embodiment of the present invention. As shown in fig. 7, the block chain-based transfer processing system according to the embodiment of the present invention includes: a roll-out node 701, a first supervisory node 702.
The roll-out party node 701 is configured to perform symmetric encryption on the transfer transaction according to the symmetric key to obtain a transaction ciphertext, and is further configured to send a verification request carrying the transaction ciphertext to the first supervision node 702.
Illustratively, the roll-out node 701 may symmetrically encrypt the transfer transaction using a symmetric Encryption algorithm such as SM4 (a national crypto algorithm), AES (Ad advanced Encryption Standard), or 3DES (triple data Encryption algorithm). In order to fully ensure the encryption effect of the transfer transaction data and improve the security of the transfer transaction data, the encryption grade of the symmetric encryption algorithm can be not lower than SM 4.
In an alternative example, the exporter node 701 is also used to randomly generate a symmetric key before symmetrically encrypting the transfer transaction based on the symmetric key to obtain a transaction cryptogram. By randomly generating the symmetric secret key, the leakage of the symmetric secret key can be effectively prevented, and the security of transfer transaction data is further improved.
The first supervision node 702 is configured to decrypt the transaction ciphertext carried by the verification request to obtain a transfer transaction, and verify the transfer transaction; and also for sending a response message to the roll-out node 702 that the transfer transaction is validated.
Specifically, the first supervisory node 702 verifying the transfer transaction includes: the first supervisory node 702 queries the local database according to the roll-out information in the transfer transaction to determine the digital asset total in the roll-out account; the first supervisory node 702 verifies that there are sufficient digital assets in the transferor account based on the total amount of digital assets in the transferor account and the transaction amount information in the transfer transaction. If enough digital assets exist in the roll-out side account, namely the total amount of the digital assets in the roll-out side account can meet the transaction requirement, the transfer transaction is verified; otherwise, the transfer transaction is not validated.
In an alternative example, before sending the verification request carrying the transaction ciphertext to the first supervisory node 702, the roll-out node is further configured to asymmetrically encrypt the symmetric key using the public key of the first supervisory node to obtain a second secret key ciphertext, sign a hash code of the transaction ciphertext using the private key of the roll-out node to obtain a signature of the roll-out node, and carry the second secret key ciphertext, the signature of the roll-out node, and the transaction ciphertext together in the verification request. In this alternative example, the first administrator node verifies the signature of the exporter node after receiving the verification request, decrypts the second secret key ciphertext using its own private key after the verification is passed to obtain a symmetric key, and then decrypts the transaction ciphertext using the symmetric key to obtain the transfer transaction.
The forwarding-side node 701 is further configured to construct uplink transaction data after receiving the response message that passes the verification, and send the uplink transaction data to the block chain 703.
Wherein the uplink transaction data comprises: the transaction cryptograph is at least one of first to fourth secret key cryptographs obtained by asymmetrically encrypting the symmetric secret key based on the public key of the roll-out party node, the public key of the first supervision node, the public key of the receiving party node and the public key of the second supervision node; the first supervision node is a supervision node corresponding to the roll-out party node, and the second supervision node is a supervision node corresponding to the receiving party node.
Further, after the uplink transaction data is sent to the block chain 703, the uplink transaction data may be packed into blocks according to the existing rule of the distributed account book, and the block data is identified in the block chain network. For the roll-out node 701 and the first supervisory node 702, in addition to writing the blocks into the ledger after successful consensus, the balance of the roll-out account in the local database is also modified to achieve a deduction of the digital assets.
Further, the block chain-based transfer processing system in the embodiment of the present invention may further include a receiver node 704 and a second supervisory node 705. For the receiver node 704 and the second supervisory node 705, after the consensus is successful, in addition to writing the block into the account book, the transaction ciphertext s (key) is decrypted to obtain the transfer amount information, and then the account balance of the receiver in the local database is modified according to the transfer amount information to realize the increase of the digital assets. In order to further improve the security of the account data, the account data may be stored only in local databases corresponding to the roll-out node, the receiving node, the first supervising node and the second supervising node.
In the embodiment of the invention, the supervision node is introduced to ensure that the whole transaction process can be supervised; the first supervision node verifies the transaction data before the transaction data are sent to the block chain network, supervision is moved forward, and supervision effectiveness is improved; the account data of the transfer party is only stored in the transfer party node and the first supervision node, so that the privacy of the account data can be ensured; through encrypting the transaction data and linking up, and encrypting the symmetric secret key used for encryption by matching with other cryptography technologies, the method can ensure that a non-transaction related party cannot decrypt the data, thereby ensuring the privacy of the transaction data of the user to the maximum extent.
Referring now to FIG. 8, shown is a block diagram of a computer system 800 suitable for use in implementing an electronic device of an embodiment of the present invention. The computer system illustrated in FIG. 8 is only one example and should not impose any limitations on the scope of use or functionality of embodiments of the invention.
As shown in fig. 8, the computer system 800 includes a Central Processing Unit (CPU)801 that can perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)802 or a program loaded from a storage section 808 into a Random Access Memory (RAM) 803. In the RAM 803, various programs and data necessary for the operation of the system 800 are also stored. The CPU 801, ROM 802, and RAM 803 are connected to each other via a bus 804. An input/output (I/O) interface 805 is also connected to bus 804.
The following components are connected to the I/O interface 805: an input portion 806 including a keyboard, a mouse, and the like; an output section 807 including a signal such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage portion 808 including a hard disk and the like; and a communication section 809 including a network interface card such as a LAN card, a modem, or the like. The communication section 809 performs communication processing via a network such as the internet. A drive 810 is also connected to the I/O interface 805 as necessary. A removable medium 811 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 810 as necessary, so that a computer program read out therefrom is mounted on the storage section 808 as necessary.
In particular, according to the embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program can be downloaded and installed from a network through the communication section 809 and/or installed from the removable medium 811. The computer program performs the above-described functions defined in the system of the present invention when executed by the central processing unit (CP U) 801.
It should be noted that the computer readable medium shown in the present invention can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The modules described in the embodiments of the present invention may be implemented by software or hardware. The described modules may also be provided in a processor, which may be described as: a processor comprises an encryption module, a verification request module and a chaining module. The names of these modules do not in some cases constitute a limitation on the module itself, for example, an encryption module may also be described as a "module that encrypts a ledger transaction".
As another aspect, the present invention also provides a computer-readable medium that may be contained in the apparatus described in the above embodiments; or may be separate and not incorporated into the device. The computer readable medium carries one or more programs which, when executed by a device, cause the device to perform the following: symmetrically encrypting the transfer transaction according to the symmetric key to obtain a transaction ciphertext; sending a verification request carrying the transaction ciphertext to a first supervision node so that the first supervision node verifies the transfer transaction decrypted from the transaction ciphertext; after response information which is returned by the first supervision node and passes verification is received, uplink transaction data are constructed and sent to a block chain; the uplink transaction data comprises: the transaction cryptograph is at least one of first to fourth secret key cryptographs obtained by asymmetrically encrypting the symmetric secret key based on the public key of the roll-out party node, the public key of the first supervision node, the public key of the receiving party node and the public key of the second supervision node; the first supervision node is a supervision node corresponding to the roll-out party node, and the second supervision node is a supervision node corresponding to the receiving party node.
According to the technical scheme of the embodiment of the invention, partial supervision can be moved from post-affair supervision to pre-affair supervision, the supervision effectiveness is improved, and the privacy of user account data and transaction data is ensured on the premise of safety and verifiability by combining and using a cryptography technology.
The above-described embodiments should not be construed as limiting the scope of the invention. Those skilled in the art will appreciate that various modifications, combinations, sub-combinations, and substitutions can occur, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (16)
1. A block chain based transfer processing method, performed by a roll-out node, comprising:
symmetrically encrypting the transfer transaction according to the symmetric key to obtain a transaction ciphertext;
sending a verification request carrying the transaction ciphertext to a first supervision node so that the first supervision node verifies the transfer transaction decrypted from the transaction ciphertext;
after response information which is returned by the first supervision node and passes verification is received, uplink transaction data are constructed and sent to a block chain; the uplink transaction data comprises: the transaction cryptograph is at least one of first to fourth secret key cryptographs obtained by asymmetrically encrypting the symmetric secret key based on the public key of the roll-out party node, the public key of the first supervision node, the public key of the receiving party node and the public key of the second supervision node; the first supervision node is a supervision node corresponding to the roll-out party node, and the second supervision node is a supervision node corresponding to the receiving party node.
2. The method of claim 1, wherein prior to sending a validation request carrying the transaction cryptogram to the first supervisory node, the method further comprises:
and carrying out asymmetric encryption on the symmetric secret key by using a public key of a first supervision node to obtain a second secret key ciphertext, and carrying the second secret key ciphertext in the verification request, so that the first supervision node decrypts the transaction ciphertext based on the symmetric secret key decrypted from the second secret key ciphertext.
3. The method of claim 1, wherein prior to sending a validation request carrying the transaction cryptogram to the first supervisory node, the method further comprises:
and signing the hash code of the transaction ciphertext by using the private key of the roll-out party node, and carrying the generated signature of the roll-out party node in the verification request so that the first supervision node verifies the signature of the roll-out party node.
4. The method of claim 3, wherein the response information comprises: a signature of the first supervising node; the method further comprises the following steps:
adding the signature of the first supervising node, and/or the signature of the transferor node, to the uplink transaction data.
5. The method of claim 1, further comprising:
and after the uplink transaction data for the uplink are successfully linked, modifying the balance of the account of the transfer party in the local database corresponding to the transfer party node.
6. A blockchain-based transfer processing method, performed by a first supervisory node, comprising:
in response to a verification request sent by a roll-out party node, decrypting a transaction ciphertext carried by the verification request to obtain a transfer transaction, and verifying the transfer transaction; the transaction ciphertext is obtained by symmetrically encrypting the transfer transaction by the roll-out party node according to the symmetric key;
under the condition that the transfer transaction is verified, sending response information passing the verification to the transfer-out party node, so that the transfer-out party node constructs uplink transaction data after receiving the response information and sends the uplink transaction data to a block chain; the uplink transaction data comprises: the transaction cryptograph is at least one of first to fourth secret key cryptographs obtained by asymmetrically encrypting the symmetric secret key based on the public key of the roll-out party node, the public key of the first supervision node, the public key of the receiving party node and the public key of the second supervision node; the first supervision node is a supervision node corresponding to the roll-out party node, and the second supervision node is a supervision node corresponding to the receiving party node.
7. The method of claim 6, wherein the validation request further comprises a second secret key ciphertext; the second secret key ciphertext is obtained by the transfer party node performing asymmetric encryption on the symmetric secret key by using the public key of the first supervision node;
the decrypting the transaction ciphertext carried by the verification request to obtain the transfer transaction comprises: decrypting the second secret key ciphertext by using a private key of the first supervisory node to obtain the symmetric secret key; decrypting the transaction cryptograph based on the symmetric key to obtain a transfer transaction.
8. The method of claim 6 wherein the transfer transaction includes roll-out information, recipient information, and transaction amount information;
the verifying the transfer transaction comprises: inquiring a local database according to the transfer party information to determine the total amount of the digital assets in the account of the transfer party; verifying whether sufficient digital assets exist in the account of the roll-out party according to the total amount of the digital assets in the account of the roll-out party and the transaction amount information; if yes, the transfer transaction is verified;
the method further comprises the following steps: and after the transfer transaction is verified, setting the digital assets in the transfer-out party account in the local database corresponding to the first monitoring node to be in a frozen state.
9. The method of claim 6, wherein the validation request further comprises a signature of the roll-out node;
the method further comprises the following steps: verifying the signature of the roll-out node and confirming that the signature of the roll-out node is verified before verifying the transfer transaction.
10. The method of claim 6, further comprising:
after the transfer transaction passes the verification, the private key of the first supervision node is used for signing the hash code of the transaction ciphertext, and the generated signature of the first supervision node is carried in the response information passing the verification.
11. The method of claim 6, further comprising:
and after the uplink transaction data for uplink are successfully linked, modifying the balance of the account of the transfer-out party in the local database corresponding to the first monitoring node.
12. A block chain-based transfer processing apparatus, the apparatus being provided at a roll-out node, comprising:
the encryption module is used for symmetrically encrypting the transfer transaction according to the symmetric key to obtain a transaction ciphertext;
the verification request module is used for sending a verification request carrying the transaction ciphertext to a first supervision node so that the first supervision node verifies the transfer transaction decrypted from the transaction ciphertext;
the uplink module is used for constructing uplink transaction data and sending the uplink transaction data to a block chain after receiving response information which is returned by the first supervision node and passes verification; the uplink transaction data comprises: the transaction cryptograph is at least one of first to fourth secret key cryptographs obtained by asymmetrically encrypting the symmetric secret key based on the public key of the roll-out party node, the public key of the first supervision node, the public key of the receiving party node and the public key of the second supervision node; the first supervision node is a supervision node corresponding to the roll-out party node, and the second supervision node is a supervision node corresponding to the receiving party node.
13. A blockchain-based transfer processing apparatus, the apparatus being provided at a first supervisory node, comprising:
the verification module is used for responding to a verification request sent by a roll-out party node, decrypting a transaction ciphertext carried by the verification request to obtain a transfer transaction, and verifying the transfer transaction; the transaction ciphertext is obtained by symmetrically encrypting the transfer transaction by the roll-out party node according to the symmetric key;
the response module is used for sending response information passing the verification to the transfer party node under the condition that the transfer transaction passes the verification so that the transfer party node constructs uplink transaction data after receiving the response information and sends the uplink transaction data to a block chain; the uplink transaction data comprises: the transaction cryptograph is at least one of first to fourth secret key cryptographs obtained by asymmetrically encrypting the symmetric secret key based on the public key of the roll-out party node, the public key of the first supervision node, the public key of the receiving party node and the public key of the second supervision node; the first supervision node is a supervision node corresponding to the roll-out party node, and the second supervision node is a supervision node corresponding to the receiving party node.
14. A block chain based transfer processing system, the system comprising a transfer party node and a first supervisory node;
the transfer party node is used for symmetrically encrypting the transfer transaction according to the symmetric key to obtain a transaction ciphertext and sending a verification request carrying the transaction ciphertext to the first supervision node;
the first supervision node is used for decrypting the transaction ciphertext carried by the verification request to obtain a transfer transaction and verifying the transfer transaction; the transfer party node is also used for sending response information of passing the verification to the transfer party node under the condition that the transfer transaction passes the verification;
the forwarding party node is further configured to construct uplink transaction data after receiving the response information that passes the verification, and send the uplink transaction data to a block chain; the uplink transaction data comprises: the transaction cryptograph is at least one of first to fourth secret key cryptographs obtained by asymmetrically encrypting the symmetric secret key based on the public key of the roll-out party node, the public key of the first supervision node, the public key of the receiving party node and the public key of the second supervision node; the first supervision node is a supervision node corresponding to the roll-out party node, and the second supervision node is a supervision node corresponding to the receiving party node.
15. An electronic device, comprising:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-5, 6-11.
16. A computer-readable medium, on which a computer program is stored, which program, when being executed by a processor, is adapted to carry out the method of any one of claims 1-5, 6-11.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110406896.3A CN113159767A (en) | 2021-04-15 | 2021-04-15 | Transfer processing method, device and system based on block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110406896.3A CN113159767A (en) | 2021-04-15 | 2021-04-15 | Transfer processing method, device and system based on block chain |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113159767A true CN113159767A (en) | 2021-07-23 |
Family
ID=76867911
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110406896.3A Pending CN113159767A (en) | 2021-04-15 | 2021-04-15 | Transfer processing method, device and system based on block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113159767A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113595724A (en) * | 2021-07-29 | 2021-11-02 | 成都质数斯达克科技有限公司 | Accounting method, device, equipment and readable storage medium based on block chain |
-
2021
- 2021-04-15 CN CN202110406896.3A patent/CN113159767A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113595724A (en) * | 2021-07-29 | 2021-11-02 | 成都质数斯达克科技有限公司 | Accounting method, device, equipment and readable storage medium based on block chain |
| CN113595724B (en) * | 2021-07-29 | 2023-10-20 | 成都质数斯达克科技有限公司 | Block chain-based accounting method, device, equipment and readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11936774B2 (en) | Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys | |
| US11722314B2 (en) | Digital transaction signing for multiple client devices using secured encrypted private keys | |
| KR20200074910A (en) | Off-chain smart contract service based on a reliable execution environment | |
| CN113162752B (en) | Data processing method and device based on hybrid homomorphic encryption | |
| CN109800588B (en) | Dynamic bar code encryption method and device and dynamic bar code decryption method and device | |
| CN106576043A (en) | Virally distributable trusted messaging | |
| CN111429138A (en) | Block link point data safety interaction method and first interaction node | |
| CN113486407B (en) | Deposit list management system and method based on block chain | |
| GB2603495A (en) | Generating shared keys | |
| CN110557247B (en) | Identity-based blockchain method and system | |
| CN109687961B (en) | Quantum computation resistant blockchain transaction method and system based on symmetric key pool routing device | |
| CN116308776A (en) | Transaction supervision method and device based on blockchain, electronic equipment and storage medium | |
| CN114037447A (en) | Method and device for off-line transaction | |
| CN109660344A (en) | Anti- quantum calculation block chain method of commerce and system based on unsymmetrical key pond route device | |
| CN111915302B (en) | Associated data processing method and device, electronic equipment and computer readable medium | |
| CN115705601A (en) | Data processing method and device, computer equipment and storage medium | |
| CN113159767A (en) | Transfer processing method, device and system based on block chain | |
| CN115409511B (en) | Personal information protection system based on block chain | |
| CN114584355B (en) | Security authentication method, device and system for digital currency transaction | |
| US20220216999A1 (en) | Blockchain system for supporting change of plain text data included in transaction | |
| CN113206745B (en) | Digital certificate management method and device | |
| CN115941773A (en) | Project transaction method, system, terminal device and medium based on cloud service sharing | |
| CN109784917B (en) | Anti-quantum computation blockchain secret transaction system and method based on symmetric key pool | |
| KR102475434B1 (en) | Security method and system for crypto currency | |
| CN111861489A (en) | Financial product transaction share determination method and device based on block chain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |