CN117575788A - Transaction processing method, device, equipment and medium - Google Patents
Transaction processing method, device, equipment and medium Download PDFInfo
- Publication number
- CN117575788A CN117575788A CN202311523103.1A CN202311523103A CN117575788A CN 117575788 A CN117575788 A CN 117575788A CN 202311523103 A CN202311523103 A CN 202311523103A CN 117575788 A CN117575788 A CN 117575788A
- Authority
- CN
- China
- Prior art keywords
- transaction
- approval
- resource
- resource transfer
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 18
- 238000012546 transfer Methods 0.000 claims abstract description 664
- 238000012545 processing Methods 0.000 claims abstract description 232
- 238000000034 method Methods 0.000 claims abstract description 146
- 238000012795 verification Methods 0.000 claims description 61
- 238000004590 computer program Methods 0.000 claims description 22
- 230000015654 memory Effects 0.000 claims description 19
- 230000008569 process Effects 0.000 description 88
- 238000010586 diagram Methods 0.000 description 18
- 238000007726 management method Methods 0.000 description 15
- 230000003993 interaction Effects 0.000 description 13
- 239000003999 initiator Substances 0.000 description 11
- 238000004891 communication Methods 0.000 description 9
- 230000007246 mechanism Effects 0.000 description 8
- 230000006870 function Effects 0.000 description 6
- 230000000977 initiatory effect Effects 0.000 description 6
- 238000013475 authorization Methods 0.000 description 5
- 230000009286 beneficial effect Effects 0.000 description 5
- FFBHFFJDDLITSX-UHFFFAOYSA-N benzyl N-[2-hydroxy-4-(3-oxomorpholin-4-yl)phenyl]carbamate Chemical compound OC1=C(NC(=O)OCC2=CC=CC=C2)C=CC(=C1)N1CCOCC1=O FFBHFFJDDLITSX-UHFFFAOYSA-N 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 230000009471 action Effects 0.000 description 2
- 230000008520 organization Effects 0.000 description 2
- 238000004806 packaging method and process Methods 0.000 description 2
- 238000012552 review Methods 0.000 description 2
- 238000012216 screening Methods 0.000 description 2
- 238000012384 transportation and delivery Methods 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000003044 adaptive effect Effects 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 238000012550 audit Methods 0.000 description 1
- 230000033228 biological regulation Effects 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000007423 decrease Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Business, Economics & Management (AREA)
- Physics & Mathematics (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- Technology Law (AREA)
- Strategic Management (AREA)
- Marketing (AREA)
- Economics (AREA)
- Development Economics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The application provides a transaction processing method, a transaction processing device, transaction processing equipment and a transaction processing medium. The method comprises the following steps: acquiring a resource transfer transaction, and determining a target transaction approval task and an associated approval object; the transaction approval notification information is sent to a second resource client corresponding to the approval object, so that the second resource client performs transaction approval to obtain transaction approval information; when the transaction approval passes, configuring the approval state of the resource transfer transaction as an approval passing state, and sending transaction signature notification information to the first resource client so as to enable the first resource client to conduct transaction signature to obtain transaction signature information; and determining signed resource transfer transaction through transaction signature information and transaction approval information, and transmitting the signed resource transfer transaction to the first blockchain node so that the first blockchain node can uplink the resource transfer transaction and the transaction approval information to the first blockchain. The method and the device can improve the security of transaction uplink.
Description
Technical Field
The present disclosure relates to the field of blockchain technologies, and in particular, to a transaction processing method, device, apparatus, and medium.
Background
Currently, when a business object (e.g., an enterprise user a) initiates a resource transfer transaction (e.g., a transaction for transferring a business resource at an enterprise level) to a blockchain node through a business terminal, the business object may sign the resource transfer transaction through private key information of the enterprise user a in the business terminal, and send the resource transfer transaction after the transaction signature to the blockchain node. In this way, the blockchain node can sign and check the resource transfer transaction signed by the enterprise user A through the public key information of the enterprise user A, so that the currently acquired resource transfer transaction can be executed after the signature and check pass, and the resource transfer of enterprise-level business resources can be realized.
However, the inventor finds in practice that the private key information of the user a for signing the transaction for the resource transfer transaction is directly stored in the service terminal, and once the illegal object illegally acquires the service terminal, the private key information of the enterprise user a stored in the service terminal is at risk of disclosure of the private key, so that it is difficult for the blockchain node to distinguish whether the resource transfer transaction after the current acquired transaction signature is submitted by the user a by its own signature or by the illegal object illegally simulating the user a signature. This means that it is difficult for existing transaction signature schemes to ensure the authenticity of the transaction signature and thus the transaction uplink security of subsequent resource transfer transactions that are uplink to the blockchain.
Disclosure of Invention
The embodiment of the application provides a transaction processing method, a device, equipment and a medium, which can improve the reliability of transaction signature and the security of transaction uplink.
In one aspect, an embodiment of the present application provides a transaction processing method, where the method is performed by a resource approval processing server, and the method includes:
when a resource transfer transaction to be approved initiated by a business object through a first resource client is acquired, determining a target transaction approval task aiming at the resource transfer transaction based on the resource quantity to be transferred indicated by the resource transfer transaction, and determining an approval object associated with the target transaction approval task; the service object is an object subjected to resource transfer permission registration on a resource approval processing server; the approval object is an object which is subjected to transaction approval authority registration on the resource approval processing server;
generating transaction approval notification information aiming at the resource transfer transaction, and sending the transaction approval notification information to a second resource client corresponding to the approval object, so that when the second resource client acquires the hardware equipment of the approval object based on the transaction approval notification information, the hardware equipment of the approval object is authorized to conduct transaction approval on the resource transfer transaction to obtain the transaction approval information aiming at the resource transfer transaction;
When the transaction approval result of the target transaction approval task is determined to be that the transaction approval passes through the transaction approval information, configuring the approval state of the resource transfer transaction as the approval passing state, and generating transaction signature notification information for the resource transfer transaction based on the resource transfer transaction in the approval passing state;
the method comprises the steps of sending transaction signature notification information to a first resource client, so that when the first resource client obtains hardware equipment of a service object based on the transaction signature notification information, the hardware equipment of the service object is authorized to conduct transaction signature on a resource transfer transaction, and transaction signature information of the service object for the resource transfer transaction is obtained;
when transaction signature information is acquired from a first resource client, signed resource transfer transaction corresponding to the resource transfer transaction is determined through the transaction signature information and transaction approval information, the signed resource transfer transaction is easily transmitted to a first blockchain node of a first blockchain, so that the first blockchain node performs transaction signature verification on the transaction signature information in the signed resource transfer transaction, and when the transaction signature verification is successful, the resource transfer transaction is obtained, and the resource transfer transaction and the transaction approval information are uplink to the first blockchain.
In another aspect, embodiments of the present application provide a transaction processing method, performed by a second resource client, the method including:
when receiving the transaction approval notification information sent by the resource approval processing server corresponding to the second resource client, displaying a resource transfer transaction to be approved indicated by the transaction approval notification information on a transaction approval interface; the resource transfer transaction is initiated by the business object through the first resource client; the service object is an object subjected to resource transfer permission registration on a resource approval processing server;
responding to an approval object associated with a target transaction approval task corresponding to the resource transfer transaction, acquiring hardware equipment of the approval object aiming at a transaction approval operation of the resource transfer transaction in a transaction approval interface, and authorizing the hardware equipment of the approval object to carry out transaction approval on the resource transfer transaction to acquire transaction approval information of the approval object aiming at the resource transfer transaction; the target transaction approval task is determined by the resource approval processing server based on the amount of resources to be transferred indicated by the resource transfer transaction; the approval object is an object which is subjected to transaction approval authority registration on the resource approval processing server;
The method comprises the steps that transaction approval information is returned to a resource approval processing server, so that when the resource approval processing server determines that a transaction approval result of a target transaction approval task is that transaction approval passes through the transaction approval information, the approval state of a resource transfer transaction is configured to be an approval passing state, and transaction signature notification information for the resource transfer transaction is generated based on the resource transfer transaction in the approval passing state; the transaction signature notification information is used for notifying the first resource client to authorize the hardware equipment of the service object to conduct transaction signature on the resource transfer transaction when the hardware equipment of the service object is acquired, and transaction signature information of the service object for the resource transfer transaction is obtained; the resource approval processing server is used for determining signed resource transfer transaction corresponding to the resource transfer transaction through the transaction signature information and the transaction approval information when transaction signature information is acquired from the first resource client, and transmitting the signed resource transfer to a first blockchain node of the first blockchain; the first block chain link point is used for conducting transaction signature verification on transaction signature information in signed resource transfer transaction, and when the transaction signature verification is successful, resource transfer transaction is obtained, and the resource transfer transaction and transaction approval information are uplink to the first block chain.
In one aspect, an embodiment of the present application provides a transaction processing device, where the device operates in a resource approval processing server; the device comprises:
the approval task determining module is used for determining a target transaction approval task aiming at the resource transfer transaction based on the resource quantity to be transferred indicated by the resource transfer transaction when the resource transfer transaction to be approved initiated by the business object through the first resource client is acquired, and determining an approval object associated with the target transaction approval task; the service object is an object subjected to resource transfer permission registration on a resource approval processing server; the approval object is an object which is subjected to transaction approval authority registration on the resource approval processing server;
the transaction notification approval module is used for generating transaction approval notification information aiming at the resource transfer transaction, and sending the transaction approval notification information to a second resource client corresponding to the approval object, so that when the second resource client acquires the hardware equipment of the approval object based on the transaction approval notification information, the hardware equipment of the approval object is authorized to conduct transaction approval on the resource transfer transaction to obtain the transaction approval information aiming at the resource transfer transaction by the approval object;
The approval state configuration module is used for configuring the approval state of the resource transfer transaction as an approval passing state when the transaction approval result of the target transaction approval task is determined to be that the transaction approval passes through the transaction approval information, and generating transaction signature notification information for the resource transfer transaction based on the resource transfer transaction in the approval passing state;
the transaction notification signature module is used for sending the transaction signature notification information to the first resource client so that the first resource client authorizes the hardware equipment of the service object to conduct transaction signature on the resource transfer transaction when acquiring the hardware equipment of the service object based on the transaction signature notification information to obtain transaction signature information of the service object for the resource transfer transaction;
the transaction uplink module is used for determining signed resource transfer transaction corresponding to the resource transfer transaction through transaction signature information and transaction approval information when transaction signature information is acquired from the first resource client, transferring the signed resource to a first blockchain node of the first blockchain, so that the first blockchain node performs transaction signature verification on the transaction signature information in the signed resource transfer transaction, and when the transaction signature verification is successful, obtaining the resource transfer transaction, and uplink the resource transfer transaction and the transaction approval information to the first blockchain.
In one aspect, embodiments of the present application provide a transaction processing apparatus, where the apparatus operates in a second resource client; the device comprises:
the transaction information display module is used for displaying the resource transfer transaction to be approved indicated by the transaction approval notification information on the transaction approval interface when the transaction approval notification information sent by the resource approval processing server corresponding to the second resource client is received; the resource transfer transaction is initiated by the business object through the first resource client; the service object is an object subjected to resource transfer permission registration on a resource approval processing server;
the transaction approval module is used for responding to an approval object associated with a target transaction approval task corresponding to the resource transfer transaction, acquiring a hardware device of the approval object aiming at the transaction approval operation of the resource transfer transaction in a transaction approval interface, and authorizing the hardware device of the approval object to carry out transaction approval on the resource transfer transaction to obtain transaction approval information of the approval object aiming at the resource transfer transaction; the target transaction approval task is determined by the resource approval processing server based on the amount of resources to be transferred indicated by the resource transfer transaction; the approval object is an object which is subjected to transaction approval authority registration on the resource approval processing server;
The approval information return module is used for returning the transaction approval information to the resource approval processing server, so that when the resource approval processing server determines that the transaction approval result of the target transaction approval task is that the transaction approval passes through the transaction approval information, the approval state of the resource transfer transaction is configured to be the approval passing state, and transaction signature notification information for the resource transfer transaction is generated based on the resource transfer transaction in the approval passing state; the transaction signature notification information is used for notifying the first resource client to authorize the hardware equipment of the service object to conduct transaction signature on the resource transfer transaction when the hardware equipment of the service object is acquired, and transaction signature information of the service object for the resource transfer transaction is obtained; the resource approval processing server is used for determining signed resource transfer transaction corresponding to the resource transfer transaction through the transaction signature information and the transaction approval information when transaction signature information is acquired from the first resource client, and transmitting the signed resource transfer to a first blockchain node of the first blockchain; the first block chain link point is used for conducting transaction signature verification on transaction signature information in signed resource transfer transaction, and when the transaction signature verification is successful, resource transfer transaction is obtained, and the resource transfer transaction and transaction approval information are uplink to the first block chain.
An aspect of the embodiments of the present application provides a computer device, including a memory and a processor, where the memory is connected to the processor, and the memory is used to store a computer program, and the processor is used to call the computer program, so that the computer device performs the method provided in the foregoing aspect of the embodiments of the present application.
An aspect of the present application provides a computer readable storage medium, in which a computer program is stored, the computer program being adapted to be loaded and executed by a processor, to cause a computer device having a processor to perform the method provided in the above aspect of the embodiments of the present application.
According to one aspect of the present application, there is provided a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions, so that the computer device performs the method provided in the above aspect.
In the embodiment of the application, when the resource approval processing server obtains the resource transfer transaction to be approved initiated by the business object, the target transaction approval task for the resource transfer transaction can be determined based on the resource quantity to be transferred indicated by the resource transfer transaction, and the approval object associated with the target transaction approval task can be determined; the business object is an object registered by the resource transfer authority, and the approval object is an object registered by the transaction approval authority, that is, the business object is authenticated, when the business object signs the transaction, the business object needs to pass the authentication to be executed (similarly, the approval object is authenticated, and when the approval object approves the transaction, the authentication is required to pass the authentication to be executed), so that a transaction initiator (transaction approver) of the resource transfer transaction (such as transfer transaction for enterprise resources) can be ensured not to be an illegal user, and the safety and reliability of the resource transfer transaction can be improved; at this time, the approval object can be informed to approve the transaction of the resource transfer transaction through the hardware equipment of the approval object authorized by the second resource client, and when the approval of the resource transfer transaction is confirmed to pass through the transaction approval information, the approval state of the resource transfer transaction is configured to be an approval passing state; the hardware equipment of the first resource client authorization service object is allowed to sign the resource transfer transaction so as to obtain signed resource transfer transaction, the signed resource transfer transaction is sent to the first blockchain node, and when the first blockchain node obtains the resource transfer transaction through the signed resource transfer transaction, the resource transfer transaction and transaction approval information are uplink, namely the resource transfer is realized. It can be understood that the transaction approval process and the transaction initiation process can be associated and bound, and a resource transfer transaction can be signed only after approval passes, so that the signed resource transfer transaction can be linked, and the security of the transaction uplink can be improved through the transaction auditing process, namely, the security of resources to be transferred (such as the security of enterprise resources) corresponding to the resource transfer transaction is ensured. In addition, it can be understood that the above transaction approval and the transaction signature both need to be subjected to the hardware equipment that the identity registration and the authentication pass, the hardware equipment can ensure that the identity information of the approval object and the business object is correct (that is, the source party of the transaction approval and the signature is correct) and the related private key information cannot be revealed, that is, the hardware equipment can ensure that the identity of the transaction signature party (including the transaction initiator and the transaction approval party) is correct, and the reliability of the transaction signature is improved, so that the transaction safety and the reliability can be improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic diagram of a network architecture according to an embodiment of the present application;
FIG. 2 is a schematic diagram of a transaction approval process provided in an embodiment of the present application;
FIG. 3 is a second schematic diagram of a transaction approval process according to an embodiment of the present disclosure;
FIG. 4 is a flowchart illustrating a transaction processing method according to an embodiment of the present disclosure;
FIG. 5 is a schematic diagram of a determination scenario of a transaction approval task provided in an embodiment of the present application;
FIG. 6 is a schematic diagram of a transaction approval scenario provided in an embodiment of the present application;
fig. 7 is a second schematic view of a transaction approval scenario provided in an embodiment of the present application;
FIG. 8 is a schematic view of a scenario of an on-chain transaction approval task provided in an embodiment of the present application;
fig. 9 is a second flow chart of a transaction processing method according to an embodiment of the present application;
FIG. 10 is a schematic illustration of a transaction approval scenario presented in an embodiment of the present application;
FIG. 11 is a second schematic view of a transaction approval scenario provided in an embodiment of the present application;
FIG. 12 is a schematic diagram of an interaction flow of a transaction processing method according to an embodiment of the present application;
fig. 13 is a schematic structural diagram of a transaction processing device according to an embodiment of the present application;
fig. 14 is a schematic diagram of a second structure of a transaction processing device according to an embodiment of the present disclosure;
fig. 15 is a schematic structural diagram of a computer device according to an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments herein without making any inventive effort, are intended to be within the scope of the present application.
Referring to fig. 1, fig. 1 is a schematic diagram of a network architecture according to an embodiment of the present application. The network architecture as shown in fig. 1 may be applied to a blockchain system, which may be a distributed system formed by a plurality of nodes connected by a network communication. The blockchain system may include, but is not limited to, a blockchain system corresponding to a federated chain.
It can be understood that the blockchain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, consensus mechanism, encryption algorithm and the like, and is mainly used for sorting data according to time sequence, encrypting the data into an account book, preventing the account book from being tampered and forged, and simultaneously verifying, storing and updating the data. A blockchain is essentially a de-centralized database in which each node stores an identical blockchain, and the blockchain network distinguishes the nodes into core nodes and light nodes, wherein the core nodes may be responsible for the consensus of the blockchain network, i.e., the core nodes herein may be consensus nodes in the blockchain network. It should be appreciated that when any node (e.g., a light node) in the blockchain network receives transaction data (which may also be simply referred to as a transaction) sent by a client, the transaction may be transferred between the light nodes in the blockchain network in a baton manner, until a target block for packaging in the blockchain network (i.e., a master core node in the blockchain network) receives the transaction, the transaction may be further added to a transaction pool of the master core node, so that the subsequent target block for packaging (i.e., the master core node) may package the transaction and other transactions in the transaction pool together into a block, so that a packaged block (i.e., a target block) may be broadcast to other target blocks in the blockchain network (i.e., slave core nodes in the blockchain network), so that the other target blocks broadcasted may be subjected to block consensus by the other consensus nodes, and when the target blocks carrying the transaction may be written into a local (e.g., the master core node) in the local pool, and the subsequent transaction carrying the target block may also be written into the target block for the target block may be written into the target chain network. The target blockchain is understood as the longest chain constructed by the consensus nodes according to a consensus mechanism.
It will be appreciated that a blockchain system may include a smart contract that is understood in the blockchain system as code that can be understood and executed between nodes (including consensus nodes) of a blockchain, and that can execute any logic and produce a result. A user may initiate a transaction add request for a transaction to any one of the nodes in the blockchain network through a resource client (also referred to as a resource management client), and then a node in the blockchain network (e.g., the slave core node or the light node) may send the transaction carried in the transaction add request to the master core node, so that the master core node executes the transaction requested by the user in a smart contract running in the calling node and links the transaction to the blockchain.
Among other things, it should be appreciated that one or more intelligent contracts may be included in the blockchain system, which may be distinguished by contract call addresses, contract identification numbers (Identity document, IDs), or contract names, and that the resource client-initiated transaction add request may also carry the contract call addresses or contract identification numbers or contract names of the intelligent contracts to specify the intelligent contracts that need to be run. If the intelligent contract specified by the resource client is a contract (i.e. a data reading contract) for which data needs to be read, each consensus node can call the data reading contract to quickly access the local account book (for example, each consensus node can quickly access a multi-level block cache constructed by a block chain structure in a node memory, wherein the multi-level block cache is obtained by arranging the block caches of each block according to an index mode of a block hash value of each block cached in the node memory of each consensus node, one block cache can be used for storing a transaction reading cache and a transaction writing cache of each transaction in one block) for reading corresponding data, and finally each consensus node can mutually verify whether each transaction execution result for the transaction is consistent (i.e. performs consensus), if so, the transaction is determined to be legal, then the transaction execution result of the legal transaction can be stored in the transaction writing cache of the local account book, and the transaction execution result of the transaction can be returned to the resource client.
It should be appreciated that the network architecture as shown in fig. 1 may include a cluster of core nodes (i.e., consensus nodes), a cluster of servers, and a cluster of user terminals. The core node cluster may include one or more core nodes, where the plurality of core nodes may specifically include the node 10a, the node 10b, the node 10c, and the node 10d shown in fig. 1. As shown in fig. 1, nodes 10a, 10b, 10d may each be connected to node 10c via a network to form a consensus network 100a as shown in fig. 1. It will be appreciated that in the consensus network 100a, nodes 10a, 10b, 10d are each capable of data interaction via a network connection with the node 10 c. In addition, the server cluster may include one or more servers (e.g., may be a background server or a light node corresponding to a resource client), and for ease of understanding, a server (e.g., may be referred to as a resource approval server) is taken herein as an example, where the resource approval server is the server 4000a shown in fig. 1, and the server 4000a may perform data interaction with a network connection between the nodes 10c shown in fig. 4. In addition, the user terminal cluster shown in fig. 1 may include one or more user terminals, and the plurality of user terminals may include, in particular, user terminal 3000a, user terminal 3000b, user terminal 3000c, user terminal 3000n shown in fig. 1. As shown in fig. 1, user terminals 3000a, 3000b, 3000c, 3000n may be respectively network connected to a server 4000a in the server cluster, so as to be capable of data interaction through a network connection with the server 4000 a.
In this embodiment, each core node (e.g., node 10a, node 10b, node 10c, node 10 d) and the light node in the consensus network 100a may be collectively referred to as a blockchain node, where the blockchain node may be used to receive a transaction addition request (e.g., a transaction addition request corresponding to a resource transfer transaction) sent by a user terminal running a resource client. It should be appreciated that each core node herein may be configured to maintain the same blockchain (e.g., blockchain 10e shown in fig. 1 may be the target blockchain in the blockchain network described above), and that any two core nodes in the consensus network 100a may form a point-to-point network therebetween, which may employ a point-to-point protocol, wherein the point-to-point protocol is an application layer protocol that operates over a transmission control protocol (TCP, transmission Control Protocol) protocol. It is appreciated that in a distributed system, any device, such as a server, terminal, etc., may be added as blockchain nodes, where each blockchain node may include a hardware layer, an intermediate layer, an operating system layer, and an application layer.
It can be appreciated that, in this embodiment of the present application, a blockchain node may be bound for any role (e.g., any individual user, any enterprise, any entity object such as an organization) accessing the blockchain network, so as to collectively refer to the blockchain network formed by the blockchain nodes as a federated chain network. Therefore, the nodes 10a, 10b, 10c, and 10d shown in fig. 1 may have a one-to-one correspondence with the corresponding roles (i.e., entity objects in the corresponding service scenario) that need to be accessed into the federated chain network, respectively. The business scenario herein may include a transfer scenario, an electronic ticket scenario, a social scenario, a credit scenario, etc. At this time, the target service in the corresponding service scenario may specifically include a transfer service, an electronic bill service, a social service, an access service, a credit service, etc., and specific services in the corresponding service scenario will not be listed one by one here.
It can be appreciated that, since each entity object may correspond to one blockchain node, in this embodiment of the present application, the entity object may be the enterprise user (i.e. the enterprise) as described above, and in this case, the blockchain node associated with each enterprise user may be the same blockchain node (for example, the core node in the core node cluster shown in fig. 1 may perform data interaction with the user terminals corresponding to multiple enterprise users). For example, in the blockchain data system, the transfer service corresponding to each business may be referred to as a transaction service. The enterprise a may perform data interaction with the node 10a shown in fig. 1 through the user terminal 3000a shown in fig. 1, so as to complete a corresponding transaction; similarly, the enterprise B may perform data interaction with the node 10a shown in fig. 1 through the user terminal 3000B shown in fig. 1, so as to complete a corresponding transaction; enterprise C may interact with node 10a of fig. 1 via user terminal 3000C of fig. 1 to complete a corresponding transaction.
Alternatively, it may be appreciated that the embodiments of the present application may collectively refer to entity objects (e.g., enterprise a, enterprise B, enterprise C) that send transaction addition requests for the above-described transfer service (resource transfer service) as requesting users. It should be appreciated that embodiments of the present application may receive a transaction add request sent by a requesting user (e.g., enterprise a, enterprise B,..and enterprise C) through the light node described above, and may also receive a transaction add request sent by a requesting user (e.g., enterprise a, enterprise B,..and enterprise C) through the core node described above, and the node type of the blockchain node that receives the transaction add request will not be limited herein.
Optionally, in the consensus network 100a, since the node 10c may perform data synchronization with other blockchain nodes having network connections (also referred to as session connections), that is, the node 10c may synchronize corresponding service data information (e.g., where the service data information may include, but is not limited to, a transaction in the transaction addition request and a block in the block synchronization request, etc.) from the other blockchain nodes, the core node associated with each enterprise user may be a different blockchain node. For example, the billing enterprise a may also perform data interaction with the node 10c shown in fig. 1 through the user terminal 3000a shown in fig. 1; the billing enterprise B may also perform data interaction with the node 10B shown in fig. 1 through the user terminal 3000B shown in fig. 1; the billing company C may also perform data interaction with the server 4000a shown in fig. 1 through the user terminal 3000C shown in fig. 1. It should be appreciated that by randomly distributing transaction addition requests sent by different user terminals to the blockchain nodes in the blockchain system, network loads in the blockchain network can be effectively balanced, so that processing efficiency of service data corresponding to corresponding services can be improved.
It can be appreciated that when the blockchain node receives a transaction adding request sent by a requesting user corresponding to a certain resource client, the transaction adding request initiated by the requesting user can be forwarded to the master core node, so as to perform validity verification on the transaction adding request initiated by the first user through the master core node. In this way, the master core node may add the transaction requested by the requesting user (i.e. the non-duplicate transaction with validity) to the transaction pool, so that the transaction data associated with the transaction may be packaged into blocks later, so that the following may perform consensus with other consensus nodes (i.e. the slave core nodes), so that after the consensus passes, the blocks carrying the transaction data of the transaction may be temporarily stored in the local ledger, so that the blocks carrying the transaction data may be written into the blockchain database (also may simply be referred to as a database) later.
In the technical scheme of the application, when a business object initiates a resource transfer transaction through a resource client (a first resource client), the business object can be firstly sent to a resource approval processing server, the resource approval processing server sends transaction approval notification information corresponding to the resource transfer transaction to a second resource client corresponding to the approval object so as to conduct transaction approval, after the transaction approval passes, the resource approval processing server notifies the first resource client to conduct transaction signing on the resource transfer transaction, and when the resource approval processing server determines signed resource transfer transaction, the signed resource transfer transaction is sent to a blockchain node (such as a first blockchain node of a first blockchain), and when the signed resource transfer transaction obtains the resource transfer transaction, the blockchain node can execute the resource transfer transaction, so that the resource transfer of resources (business resources) to be transferred indicated by the resource transfer transaction is realized.
Where it is understood that a business object refers to an object for initiating a resource transfer transaction, and an approval object refers to an object for approving the resource transfer transaction.
It will be appreciated that the resource approval server may be a background server of the resource client (which may be referred to as a resource management server, a resource processing server), which may be a separate under-chain server, or may be added to the blockchain network as a blockchain node, such as a core node or as a light node. It can be appreciated that the resource approval processing server may be configured to execute an approval process for a resource management transaction when a resource transfer transaction from one resource client is received, that is, may be configured to notify an approval object to perform a transaction approval for the resource transfer transaction.
The resource client may be used to sign or approve business transactions to be uplinked, or may be used to manage digital resources on-chain (e.g., transfer of digital resources on-chain, which may be enterprise assets). For example, the private key information corresponding to the user (business object) may be used by the resource client to sign the business transaction to be uplinked. The resource client may be configured to implement a resource management service function and to implement a communication connection with the de-centralized application client based on the resource management service function. A resource client is a tool for managing and storing digital resources of a user, and for example, can transfer digital resources (also called digital assets) to other accounts based on the resource client, and can receive digital resources transferred to other accounts based on the resource client. The resource client can be a hardware device or a software program and is deployed in the terminal device. It is to be appreciated that the resource client has a corresponding resource management contract on the blockchain that can be utilized to perform related services requested by the resource client, such as resource transfer services and the like.
It is appreciated that the resource client can keep account private key information (i.e., object keys, or user keys) of the user on the blockchain. The identity of the user is identified on the blockchain by a private key, and the user's assets are managed by the private key. Such as initiating a transaction such as a resource transfer, a business transaction needs to be signed by private key information in the resource client. The block chain link point can verify the signature information through public key information of a user signing the business transaction, namely signature verification processing, the business transaction is correct only when the signature verification processing is successful, and an initiator of the business transaction is correct, at the moment, verification of the correct transaction block chain node is executed, and the forged signature block chain node refuses and prompts failure.
It can be understood that, in the embodiment of the present application, the resource client keeps the private key information through the hardware device of the user, so as to prevent the disclosure of the private key information, and the correctness and reliability of the user identity information for performing the transaction operation through the private key information.
Therefore, the embodiment of the application can ensure the security of the transaction uplink, namely the transaction reliability and the security of resource transfer through a transaction approval mechanism and the storage of private key information by hardware equipment. The transaction approval mechanism can enable the resource transfer transaction initiated by the business object to be signed, executed and uplink only after the approval is passed, so that abnormal transfer of the business resource can be prevented. In addition, the correctness of the transaction source, namely the reliability of the transaction signature, can be ensured by authorizing the hardware device to conduct the transaction signature or the transaction approval and preventing the private key information from being acquired by illegal users.
It may be understood that the computer device related to the embodiment of the present application may be a server or a terminal device. The server may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDNs (Content Delivery Network, content delivery networks), basic cloud computing services such as big data and artificial intelligent platforms, and the like. Terminals may include, but are not limited to, cell phones, computers, intelligent voice interaction devices, intelligent appliances, vehicle terminals, aircraft, and the like. The embodiments of the present application may be applied to various scenarios including, but not limited to, cloud technology, artificial intelligence, intelligent transportation, assisted driving, and the like.
It should be understood that fig. 1 is merely an exemplary representation of a network architecture that may exist in the present application, and is not limited to a specific architecture of the present application, that is, the present application may also provide other network architectures.
For ease of understanding, further, please refer to fig. 2, fig. 2 is a schematic diagram illustrating a transaction approval process according to an embodiment of the present application. Under the scene, a transaction approval mechanism is provided, and the credibility of the transaction and the safety of resources on a chain can be ensured through the transaction approval mechanism. The transaction approval process may be: the business object (a 1) initiates a resource transfer transaction (TX 1) to be audited through a first resource client in the terminal equipment 20a, and sends (S21) the resource transfer transaction to a resource approval processing server 21, and when a target transaction approval task aiming at the resource transfer transaction is determined (S22) based on the resource quantity to be transferred indicated by the resource transfer transaction and an approval object (b 1) associated with the target transaction approval task is determined, the resource approval processing server generates transaction approval notification information aiming at the resource transfer transaction, and sends (S23) the transaction approval notification information to a second resource client corresponding to the approval object in the terminal equipment 20 b; when the second resource client corresponding to the approval object acquires the hardware equipment of the approval object, (S24) authorizing the hardware equipment of the approval object to conduct transaction approval on the resource transfer transaction to obtain transaction approval information, and returning (S25) the transaction approval information to the resource approval processing server; when the transaction approval result of the target transaction approval task is confirmed to be that the transaction approval passes through the transaction approval information, the resource approval processing server (S26) configures the approval state of the resource transfer transaction as the approval passing state and generates transaction signature notification information for the resource transfer transaction; the resource approval processing server transmits (S27) transaction signature notification information to the first resource client; when the first resource approval processing server acquires the hardware equipment of the service object, (S28) authorizing the hardware equipment of the service object to conduct transaction signature on the resource transfer transaction to obtain transaction signature information, and returning (S29) the transaction signature information to the resource approval processing server; the resource approval processing server can determine signed resource transfer transaction corresponding to the resource transfer transaction through the transaction signature information and the transaction approval information, and send (S210) the signed resource transfer transaction to the first blockchain node 22 of the first blockchain, and when the first blockchain node performs transaction signature verification on the transaction signature information to obtain the resource transfer transaction, the resource transfer transaction and the transaction approval information are uplink (S211) to the first blockchain.
Further, referring to fig. 3, fig. 3 is a schematic diagram illustrating a transaction approval process according to an embodiment of the present application. The target transaction approval task may include one or more transaction approval tasks (i.e., transaction approval subtasks), where two transaction approval tasks (e.g., subtask 1 and subtask 2) have approval orders, when the transaction approval result of one transaction approval task is that the transaction approval passes, the next transaction approval task is notified to perform the transaction approval, and the approval object b1 associated with the target transaction approval task includes one or more approval objects (e.g., b11, b12, etc.) associated with the subtask 1, and one or more approval objects (e.g., b13, etc.) associated with the subtask 2. Therefore, the resource approval processing server 21 may send (S31) the transaction approval notification information to the approval objects b11 and b12 associated with the subtask 1, where the transaction approval interface (interface K) in the second resource client corresponding to the approval objects b11 and b12 displays the resource transfer transaction to be approved, the transaction approval interface displays approval controls (such as "approve" controls and "reject" controls) for the resource transfer transaction, and the approval objects b11 and b12 touch the "approve" controls in the approval controls to implement the transaction approval operation for the resource transfer transaction, and at this time, the second resource client corresponding to the approval object b11 obtains the hardware device of the approval object b11, authorizes the hardware device of the approval object b11 to perform the transaction approval for the resource transfer transaction, obtains the transaction approval information 1 of the approval object b11 for the resource transfer transaction, and returns (S32) to the resource approval processing server; similarly, the second resource client corresponding to the approval object b12 acquires the hardware equipment of the approval object b12, authorizes the hardware equipment of the approval object b12 to conduct transaction approval on the resource transfer transaction, acquires transaction approval information 2 of the approval object b12 for the resource transfer transaction, and returns (S33) to the resource approval processing server; when the resource approval processing server determines that the transaction approval result of the subtask 1 is the transaction approval passing through the transaction approval information 1 and the transaction approval information 2, the transaction approval notification information is sent (S34) to an approval object b13 associated with the subtask 2, at this time, a transaction approval interface in a second resource client corresponding to the approval object b13 displays a resource transfer transaction to be approved, an approval control for the resource transfer transaction is displayed on the transaction approval interface, the approval object b13 performs touch control on the approval control to realize the transaction approval operation for the resource transfer transaction, at this time, the hardware equipment of the approval object b13 is obtained by the second resource client corresponding to the approval object b13, and the transaction approval is authorized by the hardware equipment of the approval object b13 to the resource transfer transaction, so that the transaction approval information 3 of the approval object b13 for the resource transfer transaction is obtained, and the transaction approval information is returned (S35) to the resource approval processing server. It can be understood that when the transaction approval results of the approval subtasks included in the target transaction approval task are all transaction approval passing, the transaction approval results of the target transaction approval task are indicated to be transaction approval passing, that is, the resource transfer transaction approval passing, and then the first resource client can be notified to sign the resource transfer transaction.
It should be noted that, in the embodiment of the present application, when the resource client obtains the identity information of the corresponding service object or the block link point obtains the account address of the service object, a prompt interface or a popup window may be displayed on the corresponding client, where the prompt interface or the popup window is used to prompt that the service object is currently collecting data such as private key information, and only after obtaining that the service object sends a confirmation operation to the prompt interface or the popup window (for example, the service object confirms authorization through the resource client), the relevant step of data obtaining is started, or otherwise, the relevant step is ended.
In addition, it can be understood that, in the specific embodiments of the present application, data such as account addresses, private key information, etc. related to business objects such as users, enterprises, institutions, etc. may be involved, and when the embodiments of the present application are applied to specific products or technologies, permission or consent of the business objects such as users, enterprises, institutions, etc. needs to be obtained, and collection, use and processing of related data need to comply with related laws and regulations and standards of related areas.
It can be understood that the above scenario is merely an example, and does not constitute a limitation on the application scenario of the technical solution provided in the embodiments of the present application, and the technical solution of the present application may also be applied to other scenarios. For example, as one of ordinary skill in the art can know, with the evolution of the system architecture and the appearance of new service scenarios, the technical solutions provided in the embodiments of the present application are equally applicable to similar technical problems.
Further, referring to fig. 4, fig. 4 is a schematic flow chart of a transaction processing method according to an embodiment of the present application, as shown in fig. 4, the method may be performed by the above-mentioned computer device, and the computer device may be a resource approval processing server, for example, the resource approval processing server may be any one of the servers in the server cluster shown in fig. 1, such as the server 4000c. The method specifically comprises the following steps S101-S105:
s101, when a resource transfer transaction to be approved initiated by a business object through a first resource client is obtained, determining a target transaction approval task aiming at the resource transfer transaction based on the resource quantity to be transferred indicated by the resource transfer transaction, and determining an approval object associated with the target transaction approval task.
The business object is an object which is subjected to resource transfer permission registration on the resource approval processing server. It will be appreciated that only objects with resource transfer rights can initiate resource management transactions. The approval object is an object in which transaction approval authority is registered on the resource approval processing server. It will be appreciated that only objects with transaction approval rights can conduct transaction approval for the resource transfer transaction.
The process and principle of the resource transfer authority registration and the transaction approval authority registration are the same, and reference can be made to the related description of the following embodiments.
The target transaction approval task can be a preset approval process aiming at all the resource transfer transactions, and can also be adaptively adjusted according to different resource transfer transactions. For example, the corresponding target transaction approval tasks may be different according to the different amounts of resources to be transferred indicated by the resource transfer exchanges. For example, when the amount of resources to be transferred is large, the transaction approval can be performed by a target transaction approval task formed by a plurality of transaction approval tasks. Or when the amount of resources to be transferred is smaller, the transaction approval can be carried out by a target transaction approval task formed by one transaction approval task. Or the target transaction approval task may be different depending on the transaction initiator of the resource transfer transaction. The determination rules of the target transaction approval task can be configured by relevant business personnel.
At this time, the target transaction approval task for the resource transfer transaction is determined according to the amount of the resource to be transferred indicated by the resource transfer transaction. For example, the resource quantity to be transferred is divided into a plurality of resource quantity grades, and different resource quantity grades correspond to different target transaction approval tasks. When a resource transfer transaction is acquired, determining a resource quantity grade corresponding to the resource quantity to be transferred indicated by the resource transfer transaction, thereby determining a corresponding target transaction approval task.
Specifically, if the amount of resources to be transferred reaches a first resource amount threshold, acquiring N1 transaction approval tasks for transaction approval, and determining the N1 transaction approval tasks as target transaction approval tasks; n1 is a positive integer greater than 1; and taking the approval objects configured for the N1 transaction approval tasks as approval objects associated with the target transaction approval tasks. That is, the N1 transaction approval tasks are transaction approval tasks among the target transaction approval tasks. It will be appreciated that the approval objects configured for a transaction approval task may be one or more. And are not limited herein.
Alternatively, the N1 transaction approval tasks may be serial approval tasks, that is, the N1 transaction approval tasks have approval levels (and approval levels are different), and the lower the approval level, the more advanced the transaction approval. I.e., N1 transaction approval tasks have an approval order based on approval levels. After the approval of one transaction approval task is completed and the approval passes, the next transaction approval task performs transaction approval. Alternatively, the N1 transaction approval tasks may be parallel approval tasks, that is, the N1 transaction approval tasks do not have approval levels (or may be understood as the approval levels are the same), and the N1 transaction approval tasks synchronously perform transaction approval. Without limitation, approval rules may be specifically configured by the relevant business personnel.
Similarly, if the amount of the resources to be transferred does not reach the first resource amount threshold and reaches the second resource amount threshold, acquiring N2 transaction approval tasks from the N1 transaction approval tasks based on the approval grades of the N1 transaction approval tasks, and determining the N2 transaction approval tasks as target transaction approval tasks; n2 is a positive integer greater than 1 and less than N1; the second resource amount threshold is less than the first resource amount threshold; and taking the approval objects configured for the N2 transaction approval tasks as approval objects associated with the target transaction approval task.
It may be appreciated that when N1 transaction approval tasks have approval levels, N2 transaction approval tasks may be sequentially acquired from N1 transaction approval tasks as target transaction approval tasks in order of low to high approval levels (or in order of high to low). Or when the N1 transaction approval tasks do not have approval grades, randomly selecting the N2 transaction approval tasks from the N1 transaction approval tasks as target transaction approval tasks.
Further, if the amount of the resources to be transferred does not reach the second resource amount threshold and reaches the third resource amount threshold, acquiring a reference transaction approval task from N1 transaction approval tasks based on the approval grades of the N1 transaction approval tasks, and determining the reference transaction approval task as a target transaction approval task; the third resource amount threshold is less than the second resource amount threshold; and taking the approval object configured for the reference transaction approval task as the approval object associated with the target transaction approval task.
It may be appreciated that when N1 transaction approval tasks have approval levels, a transaction approval task with the lowest transaction approval level (or the highest approval level) may be obtained from the N1 transaction approval tasks as a reference transaction approval task to be used as a target transaction approval task. Or when the N1 transaction approval tasks do not have approval grades, randomly selecting one transaction approval task from the N1 transaction approval tasks as a reference transaction approval task to serve as a target transaction approval task.
Further, if the amount of the resources to be transferred does not reach the third resource amount threshold, generating quick signature notification information for the resource transfer transaction; the method comprises the steps of sending quick signature notification information to a first resource client, so that when the first resource client obtains hardware equipment of a service object based on the quick signature notification information, the hardware equipment of the service object is authorized to conduct transaction signature on resource transfer transaction, and transaction signature information of the service object for the resource transfer transaction is obtained; when transaction signature information is acquired from a first resource client, a quick signature resource transfer transaction corresponding to the resource transfer transaction is determined through the transaction signature information, and the quick signature resource transfer transaction is easily transmitted to a first blockchain node, so that the first blockchain node performs transaction signature verification on the transaction signature information in the quick signature resource transfer transaction, and when the transaction signature verification is successful, the resource transfer transaction is obtained, and the resource transfer transaction is uplink to a first blockchain. That is, when the amount of resources to be transferred does not reach the third resource amount threshold, the resource transfer transaction can go through the fast transaction channel, i.e. without waiting for transaction approval, the transaction signature can be directly performed and the link can be up.
That is, when the amount of the resources to be transferred is large (i.e. large transfer), transaction approval can be performed through a large amount of transaction approval tasks, so that transaction safety is ensured, and the amount of the resources to be transferred is approved, so that the resources can be transferred safely, and asset loss is prevented. When the amount of resources to be transferred is generally large (i.e., moderate transfers), transaction approval may be performed by a certain number of transaction approval tasks. When the amount of resources to be transferred is small (low-rate transfer), transaction approval can be performed by only one transaction approval task. When the amount of the resources to be transferred is very small (namely low-limit transfer), the transaction can be directly executed without passing through a transaction audit and walking through a fast transaction channel, so that the transaction instantaneity is improved.
It will be appreciated that the determination of the target transaction approval task is described herein only by way of example by dividing the amount of resources to be transferred x into 4 resource amount levels (i.e., x < third resource amount threshold, third resource amount threshold < x < second resource amount threshold, second resource amount threshold < x < first resource amount threshold, first resource amount threshold < x). The resource amount level divided by the resource amount x to be transferred is not limited here. For example, x is less than the second resource amount threshold, the second resource amount threshold is less than or equal to x is less than or equal to the first resource amount threshold, and the first resource amount threshold is less than or equal to x, when the amount of the resource to be transferred is less than the second resource amount threshold, the target transaction approval task corresponding to the resource transfer transaction can be a reference transaction approval task selected from N1 transaction approval tasks.
For example, as shown in fig. 5, fig. 5 is a schematic diagram of a determination scenario of a transaction approval task provided in an embodiment of the present application; the N1 transaction approval tasks used for transaction approval comprise transaction approval tasks 1-3; the approval objects configured for the transaction approval task 1 may be an approval object 11 and an approval object 12; the approval objects configured for the transaction approval task 2 may be an approval object 21, an approval object 22, and an approval object 23; the approval object configured for the transaction approval task 3 may be the approval object 31; when the quantity of resources to be transferred of the resource transfer transaction reaches a first resource quantity threshold, taking the transaction approval task 1-3 as a target transaction approval task, and taking the approval object configured for the transaction approval task 1-3 as an approval object associated with the target transaction approval task; when the quantity of resources to be transferred of the resource transfer transaction does not reach a first resource quantity threshold value and reaches a second resource quantity threshold value, screening a transaction approval task 1-2 from the transaction approval tasks 1-3 according to the approval level of the transaction approval task as a target transaction approval task, and taking an approval object configured for the transaction approval task 1-2 as an approval object associated with the target transaction approval task; when the quantity of resources to be transferred of the resource transfer transaction does not reach the second resource quantity threshold and reaches the third resource quantity threshold, screening the transaction approval task 1 from the transaction approval tasks 1-3 according to the approval level of the transaction approval task as a target transaction approval task, and taking an approval object configured for the transaction approval task 1 as an approval object associated with the target transaction approval task; when the quantity of the resources to be transferred in the resource transfer transaction does not reach the third resource quantity threshold, the fast transaction channel is walked, namely the fast signature notification information is generated to notify the first resource client to conduct transaction signature on the resource transfer transaction, and transaction approval is not required to be waited.
S102, generating transaction approval notification information for the resource transfer transaction, and sending the transaction approval notification information to a second resource client corresponding to the approval object.
The resource approval processing server can generate transaction approval notification information to inform an approval object of conducting transaction approval. When the second resource client corresponding to the approval object obtains the hardware equipment of the approval object based on the transaction approval notification information, the hardware equipment of the approval object is authorized to conduct transaction approval on the resource transfer transaction, so that transaction approval information of the approval object for the resource transfer transaction is obtained.
The specific process of the second resource client to conduct transaction approval on the resource transfer transaction through the hardware device of the approval object can be seen in the following description of the embodiments.
It is to be appreciated that the target transaction approval task can include one or more transaction approval tasks. Such as including N1 transaction approval tasks.
When N1 transaction approval tasks have approval levels (N1 is a positive integer greater than 1), the approval level of a transaction approval task i in the N1 transaction approval tasks is lower than the approval level of a transaction approval task i+1 in the N1 transaction approval tasks (i is a positive integer less than N1), and the approval object associated with the target transaction approval task includes a first approval object configured for the transaction approval task i and a second approval object configured for the transaction approval task i+1.
Thus, the process of sending the transaction approval notification information to the second resource client corresponding to the approval object may be: the method comprises the steps of sending transaction approval notification information to a second resource client corresponding to a first approval object, so that when the second resource client corresponding to the first approval object obtains hardware equipment of the first approval object based on the transaction approval notification information, the hardware equipment of the first approval object is authorized to conduct transaction approval on a resource transfer transaction, and first transaction approval information of the first approval object for the resource transfer transaction is obtained; when the transaction approval result of the transaction approval task i is determined to be the transaction approval passing through the first transaction approval information, the transaction approval notification information is sent to a second resource client corresponding to the second approval object, so that when the second resource client corresponding to the second approval object acquires the hardware equipment of the second approval object based on the transaction approval notification information, the hardware equipment of the second approval object is authorized to conduct the transaction approval on the resource transfer transaction, and the second transaction approval information of the second approval object aiming at the resource transfer transaction is obtained.
That is, when the transaction approval result of the transaction approval task is determined to pass by the transaction approval information after the transaction approval is performed by the approval object associated with the transaction approval task, the transaction approval notification information is sent to the approval object associated with the next transaction approval task, so that the approval object associated with the next transaction approval task performs the transaction approval of the resource transfer transaction until each transaction approval task completes the transaction approval, and when the transaction approval results are all that the transaction approval passes, the transaction approval of the resource transfer transaction is indicated, and the first resource client can be notified to sign the transaction of the resource transfer transaction.
It can be understood that the approval levels of the transaction approval tasks in the N1 transaction approval tasks are sequentially increased, and the lower the approval level is, the higher the approval order is. After the approval of the transaction approval task i in the N1 transaction approval tasks is completed, the next transaction approval task (transaction approval task i+1) of the transaction approval task i carries out transaction approval. The transaction approval task i may be any one of N1 transaction approval tasks.
For example, the N1 transaction approval tasks include a first transaction approval task, a second transaction approval task and a third transaction approval task, wherein the approval level of the first transaction approval task is less than the approval level of the second transaction approval task is less than the approval level of the third transaction approval task, that is, the approval order of the first transaction approval task precedes the approval order of the second transaction approval task, and the approval order of the second transaction approval task precedes the approval order of the third transaction approval task; therefore, the approval objects associated with the first transaction approval task can be notified to conduct transaction approval, when the first transaction approval task is completed and the approval passes, the approval objects associated with the second transaction approval task are notified to conduct transaction approval, and when the second transaction approval task is completed and the approval passes, the approval objects associated with the third transaction approval task are notified to conduct transaction approval until all of N1 transaction approval tasks are completed and the approval passes, and the resource transfer transaction approval is considered to pass.
Taking a plurality of first trial objects as examples; and carrying out transaction approval on the second resource client corresponding to the first approval object to obtain first transaction approval information. When the transaction approval result of the transaction approval task i is determined to be that the transaction approval passes through the first transaction approval information, the sending of the transaction approval notification information to the second resource client corresponding to the second approval object may be: when the first transaction approval information acquired from the second resource clients corresponding to the plurality of first approval objects is effective and the number of the acquired first transaction approval information reaches a first number threshold value associated with the transaction approval task i, determining that the transaction approval result of the transaction approval task i is that the transaction approval passes; and sending the transaction approval notification information to a second resource client corresponding to the second approval object.
It can be understood that the process of the approval object conducting transaction approval on the resource transfer transaction through the second resource client side is that the hardware device of the approval object is authorized to conduct transaction signature on the resource transfer transaction through private key information in the hardware device of the approval object by the second resource client side, and the obtained transaction signature information is used as transaction approval information of the approval object for the resource transfer transaction.
That is, the process of the first approval object performing the transaction approval on the resource transfer transaction to obtain the first transaction approval information is as follows: the hardware equipment of the first examination object is authorized by the second resource client corresponding to the first examination object to carry out signature processing on the resource transfer transaction through private key information in the hardware equipment of the first examination object, and the obtained examination signature information (namely transaction signature information) is used as first transaction examination information of the first examination object for the resource transfer transaction.
Therefore, when the resource approval processing server acquires the first transaction approval information, the first transaction approval information is signed and approved through the public key information of the first approval object, and when the signature and approval are successful, the first transaction approval information is determined to be effective. It can be understood that when the number of the valid first transaction approval information reaches the first number threshold, the transaction approval result of the first transaction approval task is determined to be the transaction approval passing. Transaction approval processes of other approval objects are the same.
It will be appreciated that the first transaction approval information herein is used to indicate that the approval result of the resource transfer transaction by the first approval object is approval.
That is, when the transaction approval notification information obtained by a transaction approval task is valid and the number reaches the number threshold associated with the transaction approval task, the transaction approval result indicating the transaction approval result is that the transaction approval passes.
And if the plurality of second examination and approval objects are provided, respectively sending the transaction examination and approval notification information to the second resource clients corresponding to the second examination and approval objects in the plurality of second examination and approval objects. It can be understood that the second resource client corresponding to the second approval object performs transaction approval to obtain second transaction approval information. And when the second transaction approval information acquired from the second resource clients corresponding to the second approval objects is valid, and the quantity of the acquired second transaction approval information reaches a second quantity threshold value associated with the transaction approval task i+1, determining that the transaction approval result of the transaction approval task i+1 is the transaction approval passing.
When the N1 transaction approval tasks do not have approval levels (N1 is a positive integer greater than 1), the transaction approval notification information may be respectively sent to the second resource clients corresponding to the approval objects associated with each transaction approval task, and when the transaction approval information obtained from the second resource clients corresponding to the approval objects associated with each transaction approval task is valid and the number of the obtained transaction approval information respectively reaches the number threshold value associated with each transaction approval task, the transaction approval result of each transaction approval task is determined to be that the transaction approval passes.
For example, as shown in fig. 6, fig. 6 is a schematic diagram of a scenario for transaction approval provided in an embodiment of the present application; the target transaction approval task comprises a transaction approval task 1 and a transaction approval task 2, wherein the transaction approval task 1 and the transaction approval task 2 have approval levels, and the approval level of the transaction approval task 1 is lower than that of the transaction approval task 2, namely the approval order of the transaction approval task 1 is prior to the transaction approval task 2; the approval objects configured for the transaction approval task 1 include approval objects 11-approval objects 13; the approval objects configured for the transaction approval task 2 include approval objects 21-22; the resource approval processing server 21 transmits the transaction approval notification information to the approval object 11-the approval object 13, and the approval object 11-the approval object 13 performs transaction approval on the resource transfer transaction; if the approval object 11 performs transaction approval on the resource transfer transaction to obtain transaction approval information 11 (for indicating approval of the approval object 11), the transaction approval information 11 is returned to the resource approval processing server; if the approval object 12 performs transaction approval on the resource transfer transaction to obtain transaction approval information 12 (for indicating approval of the approval object 12), the transaction approval information 12 is returned to the resource approval processing server; if the transaction approval information received at this time is valid and the quantity (transaction approval information 11 and transaction approval information 12) reaches the quantity threshold 1 (e.g., 2) associated with the transaction approval task 1, determining that the transaction approval result of the transaction approval task 1 is that the transaction approval passes, that is, determining that the transaction approval passes through the transaction approval information 11 and the transaction approval information 12, sending the transaction approval notification information to the approval object 21-approval object 22, and performing the transaction approval on the resource transfer transaction by the approval object 21-approval object 22; if the approval object 21 performs transaction approval on the resource transfer transaction to obtain transaction approval information 21 (for indicating approval of the approval object 21), the transaction approval information 21 is returned to the resource approval processing server; if the approval object 22 performs transaction approval on the resource transfer transaction to obtain transaction approval information 22 (for indicating approval of the approval object 22), the transaction approval information 22 is returned to the resource approval processing server; if the transaction approval information received at this time is valid and the number (the transaction approval information 21 and the transaction approval information 22) reaches the number threshold 2 (e.g. 1) associated with the transaction approval task 2, that is, the transaction approval is determined to pass through by the transaction approval information 21 and the transaction approval information 22, the transaction approval result of the transaction approval task 2 is determined to be the transaction approval passing. Therefore, the transaction approval results of the transaction approval task 1 and the transaction approval task 2 are transaction approval passing, and therefore the transaction approval result of the target transaction approval task is determined to be transaction approval passing, namely, the resource transfer transaction approval passing, and the approval state of the resource transfer transaction can be configured to be the approval passing state.
As another example, as shown in fig. 7, fig. 7 is a second schematic view of a transaction approval scenario provided in an embodiment of the present application; the target transaction approval task comprises a transaction approval task 1 and a transaction approval task 2, the transaction approval task 1 and the transaction approval task 2 do not have approval grades, namely, the approval sequence of the transaction approval task 1 is synchronous with the transaction approval task 2, and the approval objects configured for the transaction approval task 1 comprise approval objects 11-approval objects 13; the approval objects configured for the transaction approval task 2 include approval objects 21-22; the resource approval processing server 21 sends the transaction approval notification information to the approval object 11-approval object 13, the approval object 11-approval object 13 performs transaction approval on the resource transfer transaction, and meanwhile, the transaction approval notification information is sent to the approval object 21-approval object 22, and the approval object 21-approval object 22 performs transaction approval on the resource transfer transaction; if the approval object 11 performs transaction approval on the resource transfer transaction to obtain transaction approval information 11 (for indicating approval of the approval object 11), the transaction approval information 11 is returned to the resource approval processing server; if the approval object 12 performs transaction approval on the resource transfer transaction to obtain transaction approval information 12 (for indicating approval of the approval object 12), the transaction approval information 12 is returned to the resource approval processing server; if the received transaction approval information is valid, and the quantity (the transaction approval information 11 and the transaction approval information 12) reaches the quantity threshold 1 (if 2 is considered, the transaction approval result of the transaction approval task 1 is confirmed to be the transaction approval, and if the approval object 21 is considered to be the transaction approval, the transaction approval information 21 is obtained (the approval object 21 is used for indicating the approval of the transaction approval), the transaction approval information 21 is returned to the resource approval processing server, and if the approval object 22 is considered to be the transaction approval information 22 (the approval object 22 is considered to be the transaction approval), the transaction approval information 22 is returned to the resource approval processing server, and if the quantity (the transaction approval information 21 and the transaction approval information 22) reaches the quantity threshold 2 (if 1 is considered to be the transaction approval task 2) which is confirmed to be the transaction approval task, the transaction approval information 21 is confirmed to be the transaction approval, and the transaction approval information 21 is confirmed to be the transaction approval result is confirmed to be the transaction approval task, and the transaction approval state is confirmed to be the transaction result to be the transaction approval task 2 is confirmed to be the transaction approval task 2.
And S103, when the transaction approval result of the target transaction approval task is determined to be that the transaction approval passes through the transaction approval information, configuring the approval state of the resource transfer transaction as the approval passing state, and generating transaction signature notification information for the resource transfer transaction based on the resource transfer transaction in the approval passing state.
It can be understood that when the transaction approval result of the target transaction approval task is determined to be that the transaction approval passes through the transaction approval information, that is, the transaction approval result of each transaction approval task is determined to be that the transaction approval passes through the transaction approval information corresponding to each transaction approval task, the approval state of the resource transfer transaction can be configured to be the approval passing state, and then the transaction signature notification information for the resource transfer transaction can be generated.
The transaction approval process referred to in the present application may be an off-chain approval process, that is, the approval state of the resource transfer transaction may be recorded off-chain. Alternatively, the transaction approval process may also be an in-chain approval process, that is, the approval status of the resource transfer transaction may be recorded on the chain. In this way, when the approval state of the resource transfer transaction is inquired on the chain as the approval passing state, transaction signature notification information for the resource transfer transaction is generated.
Optionally, the resource approval processing server may be a second blockchain node of the second blockchain; the second blockchain node is used for configuring the approval state of the resource transfer transaction to be an to-be-approved state on the second blockchain when the resource transfer transaction is received from the first resource client, and is used for uplink the received transaction approval information for the resource transfer transaction to the second blockchain when the transaction approval information for the resource transfer transaction returned by the second resource client is received.
That is, when the resource approval processing server serving as the second blockchain node can receive the resource transfer transaction, the transaction approval contract on the second blockchain is invoked, and the approval state of the resource transfer transaction is written into the second blockchain, that is, the approval state of the resource transfer transaction is configured as the to-be-approved state on the second blockchain. Meanwhile, when the resource approval processing server serving as the second blockchain node receives transaction approval information returned by the second resource client corresponding to one second business object, the transaction approval contract on the second blockchain is called, and the received transaction approval information is written into the second blockchain, so that the whole transaction approval process can be ensured to be carried out on the chain, and important data such as the related transaction approval information are transparent and tamper-proof on the chain, and the safety of transaction approval is ensured.
That is, the resource approval processing server as the second blockchain node may acquire, from the second blockchain, the transaction approval information returned by the second resource client by the approval object associated with the transaction approval task, and when the transaction approval result of the transaction approval task is determined to be the transaction approval passing by the transaction approval information acquired from the chain, send the transaction approval notification information to the approval object associated with the next transaction approval task, thereby implementing the transaction approval process participated by the blockchain.
It is to be appreciated that the second blockchain can be different from the first blockchain or can be the same blockchain as the first blockchain. That is, when conducting transaction approval, the transaction approval may be conducted on the same chain, or may be conducted on different blockchains. And are not limited herein. It will be appreciated that when the first blockchain and the second blockchain are the same blockchain, the resource approval server is also the first blockchain node that accesses the first blockchain. That is, the first blockchain node and the second blockchain node are the same blockchain node at this time.
Therefore, when the transaction approval result of the target transaction approval task is determined to be that the transaction approval passes through the transaction approval information, configuring the approval state of the resource transfer transaction to be the approval passing state may be that when the transaction approval information of the resource transfer transaction is acquired from the second blockchain, the transaction approval contract on the second blockchain is called, and the transaction approval result of the target transaction approval task is determined through the transaction approval information of the resource transfer transaction; when the transaction approval result of the target transaction approval task indicates that the approval result of the resource transfer transaction is that the transaction approval passes, the approval state of the resource transfer transaction is updated and configured from the to-be-approved state to the approval passing state on the second blockchain. It can be understood that when the transaction approval result of each transaction approval task in the target transaction approval task is determined to be the transaction approval passing, the transaction approval result of the target transaction approval task is indicated to be the transaction approval passing.
That is, the second blockchain node is configured to configure the approval status of the resource transfer transaction from the pending status update to an approval passing status on the second blockchain. Generating transaction signature notification information for the resource transfer transaction based on the resource transfer transaction in the approval passing state may be querying an approval state of the resource transfer transaction from the second blockchain; and when the approval state of the resource transfer transaction is inquired to be the approval passing state, generating transaction signature notification information for the resource transfer transaction based on the resource transfer transaction in the approval passing state.
For example, as shown in fig. 8, fig. 8 is a schematic view of a scenario of an on-chain transaction approval task provided in an embodiment of the present application; taking the resource client 21 as a second blockchain node on a second blockchain, and the first blockchain and the second blockchain as the same blockchain as an example, the target transaction approval task includes a transaction approval task 1 and a transaction approval task 2, the transaction approval task 1 and the transaction approval task 2 have approval levels, and the approval level of the transaction approval task 1 is lower than that of the transaction approval task 2, that is, the approval order of the transaction approval task 1 is prior to the transaction approval task 2; the transaction approval notification information is sent to an approval object 1 associated with the transaction approval task 1; when receiving transaction approval information 1 returned by the approval object 1 associated with the transaction approval task 1 through the second resource client, the transaction approval information 1 is uplink to the second blockchain; acquiring transaction approval information 1 from the second blockchain, and transmitting transaction approval notification information to an approval object associated with the transaction approval task 2 when the transaction approval result of the transaction approval task 1 is determined to be the transaction approval passing through by the transaction approval information 1; when transaction approval information 2 returned by the approval object 2 associated with the transaction approval task 2 through the second resource client is received, the transaction approval information 2 is uplink to the second blockchain; and acquiring transaction approval information 2 from the second blockchain, and when the transaction approval result of the transaction approval task 2 is determined to be the transaction approval passing through the transaction approval information 2, determining that the transaction approval result of the target transaction approval task is the transaction approval passing through, namely, the approval result of the resource transfer transaction is the transaction approval passing through, and updating and configuring the approval state of the resource transfer transaction from the to-be-approved state to the approval passing state on the second blockchain. At this time, the approval state of the resource transfer transaction can be queried from the second blockchain, and when the approval state of the resource transfer transaction is queried to be the approval passing state, transaction signature notification information aiming at the resource transfer transaction is generated and sent to the first resource client, and the first resource client performs transaction signature on the resource transfer transaction to obtain transaction signature information. Subsequently, the resource client obtains the signed resource transfer transaction, performs transaction signature verification on transaction signature information in the signed resource transfer transaction, obtains the resource transfer transaction when the transaction signature verification is successful, and uplinks the resource transfer transaction and transaction approval information to a second blockchain (namely the first blockchain).
S104, the transaction signature notification information is sent to the first resource client.
When the approval state of the resource transfer transaction is changed to the approval passing state, the business object can be allowed to sign the resource transfer transaction.
Therefore, when the first resource client acquires the hardware equipment of the business object based on the transaction signature notification information, the hardware equipment of the business object is authorized to conduct transaction signature on the resource transfer transaction, and transaction signature information of the business object for the resource transfer transaction is obtained. The specific process of signing the transaction of the resource transfer transaction by the first resource client through the hardware device of the business object may be the same as the specific process of approving the transaction of the resource transfer transaction by the second resource client through the hardware device of the approval object, and may be described in the following embodiments.
And S105, when transaction signature information is acquired from the first resource client, determining signed resource transfer transaction corresponding to the resource transfer transaction through the transaction signature information and the transaction approval information, and transmitting the signed resource transfer transaction to a first blockchain node of the first blockchain.
When the resource approval processing server acquires the transaction signature information from the first resource client, the transaction formed by the resource transfer transaction, the transaction signature information and the transaction approval information can be used as a signed resource transfer transaction corresponding to the resource transfer transaction. The transaction signature information and the transaction approval information can be written into the resource transfer transaction to obtain the signed resource transfer transaction.
The first blockchain node can conduct transaction signature verification on transaction signature information in signed resource transfer transactions, and when the transaction signature verification is successful, resource transfer transactions are obtained, and the resource transfer transactions and transaction approval information are uplink to the first blockchain. That is, transaction approval information related to the entire transaction approval process may be written into the signed resource transfer transaction, above the first blockchain, to facilitate the traceability of subsequent approval processes.
That is, the reliability and the credibility of the resource transfer transaction can be ensured by a transaction approval mechanism and a manner of keeping private key information by hardware equipment, and meanwhile, the reliability of a transaction signature and the security of transaction uplink can be ensured, the security of resource transfer is ensured, and the loss of enterprise assets caused by unauthorized transfer is avoided. In addition, only after the transaction approval, the resource transfer transaction in the transaction approval passing state can be signed by the transaction initiator, so that unauthorized illegal transaction uplink can be avoided, and the transaction security uplink is ensured.
It will be appreciated that the present application may bind a currently acquired asset transfer transaction and transaction approval process prior to the current acquired asset transfer transaction (e.g., an enterprise level asset transfer transaction) being uploaded to the blockchain, such that when the approval tasks in the transaction approval flow system complete the transaction approval for the enterprise level asset transfer transaction, the asset transfer transaction is signed to obtain a signed asset transfer transaction, so that the signed asset transfer transaction may be subsequently uploaded to the blockchain. It will be appreciated that asset management for an enterprise may be achieved when the on-chain resources involved in the resource transfer transaction are enterprise-level resources.
It can be understood that the technical scheme of the application mainly relates to the following two processes (firstly, the creation process of the approval flow system and secondly, the approval process of the approval flow system); the customized approval process (i.e. the target transaction approval task) can be performed according to the amount of resources to be transferred indicated by the resource transfer transaction. For example, in the present application, a transaction approval process may be created, which includes a series of transaction approval tasks, such as transaction approval process 1, transaction approval process 2, and transaction approval process 3. The transaction approval process 1 may include 3 transaction approval tasks, where one transaction approval task may be for approval by an approval user (for example, A, B, C three users), one transaction approval task may be for approval by another approval user (for example, D user), and one transaction approval task may be for approval by another approval user (for example, E user), and these transaction approval tasks are connected in series to form a transaction approval process.
As another example, the transaction approval process 2 may include 2 transaction approval tasks, where one transaction approval task may be for approval by an approval user (e.g., A, B, C three users), and one transaction approval task may be for approval by another approval user (e.g., D user), and these transaction approval tasks are connected in series to form one transaction approval process.
As another example, transaction approval process 3 may include 1 transaction approval task, where one transaction approval task may be for approval by an approval user (e.g., A, B, C three users) to form one transaction approval process.
It should be understood that when a certain transaction approval task in the transaction approval process is customized and created, a threshold number of approval users may be specified for random configuration of the currently created transaction approval task, for example, 3 approval users may be configured for the transaction approval task 1, 1 approval user may be configured for the transaction approval task 2, and 1 approval user may be configured for the transaction approval task.
It should be understood that, in this application, to ensure safe and reliable approval management, the application may also adaptively adjust the corresponding target transaction approval task based on the transaction transfer credit of the enterprise-level resource transfer transaction, that is, the amount of the resource to be transferred (specifically, the credit ladder where the transaction transfer credit is located, that is, the resource level). For example, for a transfer line of 100W (which falls into the line ladder of 20W-100W), the transaction approval process 1 is walked, i.e. three transaction approval tasks are allowed to conduct transaction approval. For example, for 15W (falling in the limit ladder of 10-20W), the transaction approval process 2 may be walked, that is, two transaction approval tasks may be allowed to be approved, and for 5W (falling in the limit ladder of 1-10W), the transaction approval process 3 may be walked, that is, 1 transaction approval task may be allowed to be approved. In addition, for other relatively small transfer amounts, a quick transfer strategy may be optionally used, for example, the resource transfer transaction may be directly signed under approval and then chained, which may reduce delay in transferring the transaction.
In addition, for the approval users associated with each transaction approval task, the approval users with the specified quantity threshold can be randomly configured, or hierarchical approval configuration can be realized by combining the role management grades of enterprises where the enterprise-level users currently registered as the approval users are based on the approval grades where the transaction approval tasks are located. For example, the role level of the approval object associated with the transaction approval task with the lower approval level may be lower, the role level of the approval object associated with the transaction approval task with the higher approval level may be higher, etc. Thus, after a resource transfer transaction is generated, an adaptive transaction approval process can be determined according to the amount of the resource to be transferred. For example, the determined transaction approval process is transaction approval process 1, at this time, the resource approval processing server may notify the approval user A, B, C associated with the transaction approval task 1 in the transaction approval process to perform transaction approval, after one or more of the approval users A, B, C determine that the transaction approval result of the transaction approval task 1 is that the transaction approval passes, may notify the approval user D associated with the transaction approval task 2 to perform transaction approval, when the approval of the transaction approval user D is completed, and after determining that the transaction approval result of the transaction approval task 2 is that the transaction approval passes, may notify the approval user E associated with the transaction approval task 3 to perform transaction approval until the transaction approval task in the transaction approval process is completed.
That is, the technical scheme of the application can support the realization of the enterprise-level approval flow system, and an approval user (management user) can create a transaction approval task to be combined to form a transaction approval process, so that the resource transfer transaction after approval of the transaction approval task in the transaction approval process is allowed to be signed, and the enterprise is helped to realize the authority and process management of asset transfer. It can be understood that the technical solution of the present application supports review of transaction approval processes, where there are two ways: in the process of resource transfer transaction uplink, the transaction approval state of the resource transfer transaction is determined through the review of the transaction approval flow, and when the transaction approval state is an approval passing state, the resource transfer transaction can be subjected to transaction signature, so that the signed resource transfer transaction can be uplink to the first blockchain. And the other is that before the resource transfer transaction is uplink, the transaction approval process is not relied on, but the approval state of the transaction corresponding to the resource transfer transaction is firstly inquired on the second blockchain, if the approval state corresponding to the resource transfer transaction is found on the chain to be the approval passing state, the transaction signature can be carried out on the resource transfer transaction, and then the signed resource transfer transaction is uplink to the first blockchain.
In the embodiment of the application, when the resource approval processing server obtains the resource transfer transaction to be approved initiated by the business object, the target transaction approval task for the resource transfer transaction can be determined based on the resource quantity to be transferred indicated by the resource transfer transaction, and the approval object associated with the target transaction approval task can be determined; the business object is an object registered by the resource transfer authority, and the approval object is an object registered by the transaction approval authority, that is, the business object is authenticated, when the business object signs the transaction, the business object needs to pass the authentication to be executed (similarly, the approval object is authenticated, and when the approval object approves the transaction, the authentication is required to pass the authentication to be executed), so that a transaction initiator (transaction approver) of the resource transfer transaction (such as transfer transaction for enterprise resources) can be ensured not to be an illegal user, and the safety and reliability of the resource transfer transaction can be improved; at this time, the approval object can be informed to approve the transaction of the resource transfer transaction through the hardware equipment of the approval object authorized by the second resource client, and when the approval of the resource transfer transaction is confirmed to pass through the transaction approval information, the approval state of the resource transfer transaction is configured to be an approval passing state; the hardware equipment of the first resource client authorization service object is allowed to sign the resource transfer transaction so as to obtain signed resource transfer transaction, the signed resource transfer transaction is sent to the first blockchain node, and when the first blockchain node obtains the resource transfer transaction through the signed resource transfer transaction, the resource transfer transaction and transaction approval information are uplink, namely the resource transfer is realized. It can be understood that the transaction approval process and the transaction initiation process can be associated and bound, and a resource transfer transaction can be signed only after approval passes, so that the signed resource transfer transaction can be linked, and the security of the transaction uplink can be improved through the transaction auditing process, namely, the security of resources to be transferred (such as the security of enterprise resources) corresponding to the resource transfer transaction is ensured. In addition, it can be understood that the above transaction approval and the transaction signature both need to be subjected to the hardware equipment that the identity registration and the authentication pass, the hardware equipment can ensure that the identity information of the approval object and the business object is correct (i.e. the source party of the transaction approval and the signature is correct) and the related private key information cannot be revealed, that is, the hardware equipment can ensure that the identity of the transaction signature party is correct, and the reliability of the transaction signature is improved, so that the transaction safety and the reliability can be improved.
Further, referring to fig. 9, fig. 9 is a second flowchart of a transaction processing method according to an embodiment of the present application, as shown in fig. 9, the method may be performed by the above-mentioned computer device, and the computer device may be a terminal device configured with a second resource client, for example, the terminal device may be the terminal device 3000a shown in fig. 1. The method specifically comprises the following steps of S201 to S203:
s201, when transaction approval notification information sent by a resource approval processing server corresponding to the second resource client is received, displaying a resource transfer transaction to be approved, which is indicated by the transaction approval notification information, on a transaction approval interface.
Wherein the resource transfer transaction is initiated by the business object through the first resource client. The service object is an object which is subjected to resource transfer permission registration on a resource approval processing server.
The transaction approval interface can display the resource transfer transaction indicated by the transaction approval notification information, and the approval object can realize the transaction approval of the resource transfer transaction through the transaction approval operation aiming at the resource transfer transaction in the transaction approval interface. The method comprises the steps that transaction approval of resource transfer transaction is conducted through hardware equipment of an approval object, namely signature processing is conducted on the resource transfer transaction through private key information in the hardware equipment of the approval object, and approval signature information of the approval object on the resource transfer transaction is used as transaction approval information.
For example, the transaction approval interface may view the amount of resources to be transferred for a resource transfer transaction, the identity information of the transaction initiator (business object) (e.g., transaction initiator name, which department it belongs to, etc.), and may display approval controls (e.g., an "agree" control and a "decline" control) for the resource transfer transaction. The transaction approval operation for the resource transfer transaction may be performed by touching the "approve" control.
It will be appreciated that the approval objects associated with the targeted transaction approval task may be one or more. The transaction approval process is the same for each approval object. The transaction approval process of an approval object is described herein as an example.
S202, responding to an approval object associated with a target transaction approval task corresponding to the resource transfer transaction, acquiring a hardware device of the approval object aiming at a transaction approval operation of the resource transfer transaction in a transaction approval interface, and authorizing the hardware device of the approval object to carry out transaction approval on the resource transfer transaction to obtain transaction approval information of the approval object aiming at the resource transfer transaction.
Wherein the target transaction approval task is determined by the resource approval processing server based on the amount of resources to be transferred indicated by the resource transfer transaction. Descriptions related to the objective transaction approval task may be referred to the related descriptions of the above embodiments, and are not described herein. The approval object is an object in which transaction approval authority is registered on the resource approval processing server.
The hardware equipment of the approval object stores private key information of the approval object. Transaction approval may be conducted through the private key information. The second resource client is integrated with a hardware authentication client, and when detecting the transaction approval operation of the approval object, the second resource client notifies the hardware authentication client to acquire the hardware equipment of the approval object and displays an approval signature interface, wherein the approval signature interface is used for displaying an approval signature control, and when the hardware authentication client detects the triggering operation of the approval object on the approval signature control, the hardware authentication client performs signature processing on the resource transfer transaction through private key information in the hardware equipment so as to acquire approval signature information.
When the hardware authentication client in the second resource client acquires the hardware device of the approval object, the hardware authentication client performs identity verification on the hardware device of the approval object, and after the verification is passed, the hardware authentication client authorizes the hardware device to perform signature processing on the resource transfer transaction when the hardware device of the approval object is determined to be correct. The authentication of the hardware device of the approval object is to determine whether the approval object is an object with transaction approval authority.
The resource approval processing server is used for transmitting a first challenge value to be verified for an approved object to the second resource client. For example, the first authentication request may be issued together when the transaction approval notification information is sent, or the first challenge value to be authenticated may be issued by the resource approval processing server based on the first authentication request when the hardware authentication client acquires the hardware device of the approval object and detects the triggering operation of the approval object for the approval signature control.
At this time, the hardware device of the authorized approval object performs transaction approval on the resource transfer transaction, and the obtaining of the transaction approval information of the approval object for the resource transfer transaction may be that the first challenge value to be verified is subjected to data signature through the private key information of the approval object stored in the hardware device of the approval object, so as to obtain first challenge value signature information; the first challenge value signature information is returned to the resource approval processing server, so that the resource approval processing server performs data signature verification on the first challenge value signature information through public key information of an approval object to obtain a first challenge value to be matched, and performs data comparison on the first challenge value to be matched and the first challenge value to be verified to obtain a first data comparison result; when the first data comparison result indicates that the first challenge value to be matched is the same as the first challenge value to be verified, determining that the object identity verification of the approval object is successful, and authorizing the hardware equipment of the approval object to sign the resource transfer transaction through the private key information of the approval object to obtain approval signature information of the approval object for the resource transfer transaction; transaction approval information of the approval object for the resource transfer transaction is determined based on the approval signature information.
That is, when the resource approval processing server determines that the first challenge value to be matched signed by the hardware device of the approval object is the same as the first challenge value to be verified, it determines that the object identity verification of the approval object is successful, at this time, the hardware device of the approval object can be notified to the second resource client to authorize the approval object to perform signature processing on the resource transfer transaction through the private key information of the approval object, and the approval signature information is determined as transaction approval information of the approval object for the resource transfer transaction.
The transaction approval authority registration process of the approval object (i.e. the registration process of the hardware device of the approval object) may be that the second resource client generates a first registration request for the transaction approval authority and sends the first registration request to the resource approval processing server, so that the resource approval processing server obtains an object identifier allocated to the approval object and generates first hardware device binding information based on the object identifier of the approval object; when first hardware device binding information sent by a resource approval processing server is received, binding hardware devices of an approval object based on the first hardware device binding information, and generating public key information of the approval object through the bound hardware devices of the approval object; and sending the public key information of the approval object to a resource approval processing server so that the resource approval processing server determines that the approval object has transaction approval authority when binding the public key information of the approval object with the object identification of the approval object. At this time, the resource approval processing server records the approval object for transaction approval, that is, the approval object has transaction approval authority at this time.
That is, when the approval object is registered in the second resource client, the resource approval processing server allocates an object identifier for the approval object, and when the registration of the transaction approval authority is completed, the object identifier for identifying the approval object binds the hardware device of the approval object, and the transaction approval can be performed through private key information in the hardware device of the approval object. At this time, the public key information associated with the object identifier of the approval object is maintained in the resource approval processing server, and the public key information is the public key information corresponding to the private key information in the hardware device of the approval object.
For example, as shown in fig. 10, fig. 10 is a schematic view of a scenario 1 of transaction approval provided in an embodiment of the present application; the resource approval processing server 21 sends (S41) the transaction approval notification information to a second resource client corresponding to the approval object b1, where the second resource client displays, in the transaction approval interface (interface K), a resource transfer transaction to be approved indicated by the transaction approval notification information, and the approval object b1 may view, in the transaction approval interface, the amount of resources to be transferred for the resource transfer transaction, identity information of a transaction initiator (service object) (such as a name of the transaction initiator, belonging to which department, etc.), and may display approval controls (such as an "approve" control and a "reject" control) for the resource transfer transaction; the second resource client determines that the approval object executes transaction approval operation for the resource transfer transaction in a transaction approval interface when detecting the triggering operation of the approval object for the approval control, at the moment, the integrated hardware authentication client (S42) can be called to acquire hardware equipment of the approval object and display an approval signature interface, the approval signature interface is used for displaying the approval signature control, and when the hardware authentication client detects the triggering operation of the approval object for the approval signature control, a first identity verification request is generated and sent (S43) to the resource approval processing server; the resource approval processing server issues (S44) a first challenge value to be verified for the approval object based on the first identity verification request; the second resource client performs data signature on the first challenge value to be verified through private key information of the approval object stored in hardware equipment of the approval object (S45), obtains first challenge value signature information, and returns (S46) the first challenge value signature information to the resource approval processing server; when the first challenge value signature information is subjected to data signature verification through public key information of an approval object to obtain a first challenge value to be matched, the resource approval processing server performs data comparison on the first challenge value to be matched and the first challenge value to be verified to obtain a first data comparison result, and sends (S47) the first data comparison result; when the first data comparison result indicates that the first challenge value to be matched is the same as the first challenge value to be verified, the second resource client determines that the object identity verification of the approval object is successful, authorizes (S48) the hardware equipment of the approval object to conduct signature processing on the resource transfer transaction through private key information of the approval object to obtain approval signature information of the approval object for the resource transfer transaction, determines the approval signature information as transaction approval information of the approval object for the resource transfer transaction (S49), and returns (S410) to the resource approval processing server. The resource approval processing server receives transaction approval information from an approval object, namely, the approval object completes the transaction approval process.
S203, the transaction approval information is returned to the resource approval processing server.
When the transaction approval result of the target transaction approval task is determined to be that the transaction approval passes through the transaction approval information, the resource approval processing server configures the approval state of the resource transfer transaction as the approval passing state, and generates transaction signature notification information for the resource transfer transaction based on the resource transfer transaction in the approval passing state. The specific process of determining that the transaction approval passes by the resource approval processing server may be referred to the related description of the above embodiment, which is not described herein.
It can be understood that the transaction signature notification information is used for notifying the first resource client to authorize the hardware device of the service object to perform a transaction signature on the resource transfer transaction when the hardware device of the service object is acquired, so as to obtain transaction signature information of the service object for the resource transfer transaction. The resource approval processing server is used for determining signed resource transfer transaction corresponding to the resource transfer transaction through the transaction signature information and the transaction approval information when the transaction signature information is acquired from the first resource client, and transmitting the signed resource transfer transaction to the first blockchain node of the first blockchain. The first block chain link point is used for conducting transaction signature verification on transaction signature information in signed resource transfer transaction, and when the transaction signature verification is successful, resource transfer transaction is obtained, and the resource transfer transaction and transaction approval information are uplink to the first block chain.
It can be appreciated that the private key information of the business object is kept in the hardware device of the business object. Transaction signatures may be made through the business information. The first resource client also integrates a hardware authentication client, when the first resource client detects transaction signature notification information sent by the resource approval processing server, the first resource client notifies the hardware authentication client to acquire hardware equipment of a service object and displays a transaction signature interface, the transaction signature interface is used for displaying a transaction signature control, and when the hardware authentication client detects triggering operation of the service object on the transaction signature control, the hardware authentication client performs transaction signature on a resource transfer transaction through private key information in the hardware equipment so as to obtain transaction signature information.
When the hardware authentication client in the first resource client acquires the hardware equipment of the service object, the hardware authentication client performs identity authentication on the hardware equipment of the service object, and after the authentication is passed, the hardware equipment of the service object is authorized to perform transaction signature on the resource transfer transaction when the hardware equipment of the service object is determined to be correct. The authentication of the hardware device of the service object is to determine whether the service object is an object with resource transfer authority. It will be appreciated that the authentication process for the business object is the same as the authentication process for the trial objects.
The resource approval processing server is used for transmitting a first challenge value to be verified for the business object to the first resource client. For example, the method may be issued together when sending the transaction signature notification information, or may be generated when the hardware authentication client obtains the hardware device of the service object and detects the triggering operation of the service object for the transaction signature control, and the resource approval processing server issues a second challenge value to be verified based on the second authentication request.
At this time, the authorizing the hardware device of the service object to perform the transaction signature on the resource transfer transaction may be that the second challenge value to be verified is subjected to the data signature through the private key information of the service object stored in the hardware device of the service object, so as to obtain second challenge value signature information; the second challenge value signature information is returned to the resource approval processing server, so that the resource approval processing server performs data signature verification on the second challenge value signature information through public key information of the service object to obtain a second challenge value to be matched, and performs data comparison on the second challenge value to be matched and the second challenge value to be verified to obtain a second data comparison result; and when the second data comparison result indicates that the second challenge value to be matched is the same as the second challenge value to be verified, determining that the object identity verification of the service object is successful, and authorizing the hardware equipment of the service object to conduct transaction signature on the resource transfer transaction through the private key information of the service object to obtain transaction signature information of the service object on the resource transfer transaction.
That is, when the resource approval processing server determines that the second challenge value to be matched and the second challenge value to be verified, which are signed by the hardware device of the service object, are the same, it is determined that the object identity verification of the service object is successful, and at this time, the first resource client can be notified to authorize the hardware device of the service object to sign the resource transfer transaction through the private key information of the service object.
Similarly, the resource transfer authority registration process of the service object (i.e. the registration process of the hardware device of the service object) is the same as the transaction approval authority registration process of the approval object. Specifically, the first resource client generates a second registration request for the resource transfer authority, and sends the second registration request to the resource approval processing server, so that the resource approval processing server obtains an object identifier allocated to the service object, and generates second hardware device binding information based on the object identifier of the service object; when second hardware device binding information sent by a resource approval processing server is received, binding the hardware devices of the service object based on the second hardware device binding information, and generating public key information of the service object through the bound hardware devices of the service object; and sending the public key information of the service object to a resource approval processing server so that the resource approval processing server determines that the service object has resource transfer authority when binding the public key information of the service object with the object identification of the service object. At this time, the service object is recorded in the resource approval processing server and used for initiating the resource transfer transaction, i.e. the service object has the resource transfer authority at this time.
That is, when the service object is registered in the first resource client, the resource approval processing server allocates an object identifier for the service object, and when the registration of the resource transfer authority is completed, the object identifier for identifying the service object binds the hardware device of the service object, and transaction approval can be performed through private key information in the hardware device of the service object. At this time, the public key information associated with the object identifier of the management service object in the resource approval processing server is the public key information corresponding to the private key information in the hardware device of the service object.
It can be understood that the hardware authentication client integrated in the resource client is an online fast authentication client, and the authentication mode is to use a security key in physical hardware, and the authenticators can be authenticators similar to a U-shield or a dynamic token in shape. In addition, the authentication client (i.e., hardware authentication client) may also support a platform authenticator for fingerprints and faces. In the application, when a business object initiates a resource transfer transaction through a resource client, the hardware authentication client integrated on the resource client can be used to use a security key (Token) in physical hardware to perform identity verification and transaction signature safely, so as to prevent the leakage of private key information of a user.
The user identity registration process according to the present application can be roughly divided into the following two steps: firstly, a user registers basic identity on a resource client, namely, similar to the traditional registration method, the user can register through a mailbox or a mobile phone number when logging in the resource client, so that when the resource approval processing server can allocate a user identifier for the user based on the received mailbox or mobile phone number. Then, after the user completes the basic identity registration, the resource approval processing server prompts the user to bind the hardware equipment, at this time, the resource client can allow the user to carry out authentication of the hardware equipment and binding of public key information through the hardware authentication client under the condition of integrating the hardware authentication client, so that the public key information of the hardware equipment is bound with the user identifier. It is understood that a user identification may bind one or more hardware devices.
In this way, the private key information in the hardware device can be used for identity authentication each time. It should be appreciated that the hardware authentication here is similar to the process of face recognition, where the face information collected is similar to the public key information in the hardware device we use to authenticate here for verifying the ownership of the user's identity. After the user registers, if the user uses the resource client again, the user can log in (e.g. a mailbox or a mobile phone short message verifies and logs in) firstly, after logging in, if the user needs to do the operation of the transaction type (e.g. transaction signature or transaction approval), the resource client prompts the user to insert hardware equipment to do the identity verification of the hardware equipment, the resource approval processing server generates a challenge value to enable the hardware equipment to use private key information to conduct data signature, so that the signature result can be sent to the resource approval processing server, the resource approval processing server uses the user identifier related to the mailbox used by the current logging-in resource client to inquire the public key information of the user, and then the inquired public key information can be used to verify and sign the signature result of the challenge value, and when the verification passes, the user can be determined to be a legal user holding the hardware equipment, and then the hardware equipment can be authorized to continuously initiate the transaction type operation (e.g. transaction signature or transaction approval).
It can be understood that the hardware device has one more function than the face verification, namely, the key pair can be stored in the hardware device, the face data of the user cannot be revealed, and the hardware device can be verified to be held by the user. For example, after signing the issued challenge value through private key information in the hardware device, the signature result can be returned to the resource approval processing server for signature verification, so that when the signature verification is successful, it is determined that the challenge value obtained after the current signature verification is consistent with the initially issued challenge value, and the user is confirmed to currently hold the hardware device. In addition, the user identifier (object identifier) is generated when registering, is a unique identifier of the user in the resource client, and cannot be generated again when authenticating; when the identity is verified, a user inputs a mailbox and a password, and then whether the current input mailbox is a stored registered mailbox or not can be judged, if so, when the current mailbox is determined to be the registered mailbox, the user identifier associated with the registered mailbox can be further searched, and further public key information bound for the user can be searched through the user identifier. In other words, the user identification herein may be associated with information (name, phone number, mailbox, public key information, etc.) that is owned by the user.
It can be appreciated that, in the case of enterprise users (e.g., enterprise companies and enterprise teams), a resource client is used to transfer accounts, and a manner in which personal accounts cannot be directly transferred is not required, but the enterprise users need to go through an approval process of an enterprise when transferring accounts through the resource client (for example, the application may provide an on-cloud approval method). By the cloud approval method, a customized approval process (specifically, the method can comprise a sub-chain approval process for issuing notification by approval notification information and an on-chain approval process for approving by calling an approval contract) can be provided for each enterprise, so that a certain enterprise-level user can be allowed to conduct transaction signature on the resource transfer transaction under the condition that approval is completed and approval state is effective, and further the resource transfer transaction after transaction signature can be uplink to a blockchain, so that the transfer of non-approved enterprise assets can be avoided, and the safety and reliability of resource transfer can be ensured.
It can be appreciated that the technical solution of the present application may provide a terminal-visualized interface (e.g., an approval interface of a mobile phone end) to an enterprise-level user, so that after the enterprise-level user logs in to a resource client, the enterprise-level user may display what company the enterprise-level user belongs to (i.e., an organization to which the enterprise-level user belongs, an enterprise, etc.), what role the enterprise-level user has (e.g., the role may at least include an administrator, an approval user, and an asset transfer user), whether or not permission is given to create an approval stream, whether or not permission is given to create a resource transfer transaction, and whether or not permission is given to set a binding of the resource transfer transaction and the approval stream.
For example, if the role of the enterprise-level user is an administrator (i.e., the administrator), an approval flow (i.e., a transaction approval task) may be created, and a binding relationship between the resource transfer transaction and the approval flow may be set (e.g., whether the transaction type of the resource transfer transaction is an enterprise-level asset transfer transaction, if so, the enterprise-level asset transfer transaction may be business-bound with a corresponding transaction approval flow), so that when a certain resource transfer transaction sent by a certain employee is received, a different target transaction approval policy may be executed based on the size of the transaction amount of the certain employee, for example, the transaction approval flow 3 may be performed when the transaction amount is smaller (i.e., the amount of the transaction amount belongs to a certain amount ladder), and the transaction approval flow 1 may be performed when the transaction amount is larger (i.e., the amount of the transaction amount belongs to another amount ladder).
In addition, the transaction approval process can be created and customized according to different approval user authorities (namely, according to the role management level of the enterprise to which the different approval users belong), for example, the transaction approval process 1 specifically can include a primary transaction approval task, a secondary transaction approval task, a tertiary transaction approval task and the like, so that after the primary transaction approval task is completed, the secondary transaction approval task can be executed, and then the tertiary transaction approval task is executed until the whole transaction approval task is completed, and the transaction approval process is ended. That is, the present application may adaptively select different transaction approval processes based on the size of the transaction amount before the resource transfer transaction is linked to execute the customized approval business through the selected transaction approval processes. In the embodiment of the application, the transaction approval process can be checked before the resource transfer transaction is uplink, so that the resource transfer transaction is approved and approved, the resource transfer transaction can be signed, and the signed resource transfer transaction can be uplink to the blockchain.
The method and the device can correlate the resource transfer transaction with the transaction approval process, correlate the transaction signature step of the resource transfer transaction with the approval state, correlate the transaction uplink authority and the like with the transaction approval process, and can walk different transaction approval processes according to the quantity of the resource to be transferred (namely the transaction amount) of the resource transfer transaction.
It can be understood that in the embodiment of the present application, approval signature information of all approval users participating in transaction approval in the whole transaction approval process may be obtained, and if it is determined that the approval signature information is valid, approval is confirmed, so that the enterprise-level user may be authorized to sign the transaction carrying the resource transfer transaction, so that signed resource transfer transaction may be determined, and enterprise-level resource transfer may be performed through the signed resource transfer transaction.
Optionally, the embodiment of the present application may further encapsulate the whole transaction approval process into a contract (transaction approval contract), and the resource approval processing server may call the transaction approval contract to perform transaction approval on the resource transfer transaction, and finally may write the approval status, approval signature information, and the like of the resource transfer transaction on the chain through the transaction approval contract. Before a certain resource transfer transaction is linked up, the approval state of the resource transfer transaction can be checked on the chain first without depending on the transaction approval flow but depending on a blockchain mechanism, if the resource transfer transaction is in a transaction passing state, a first resource client can be informed to sign the transaction of the resource transfer transaction, and then the signed resource transfer transaction is linked up.
It will be appreciated that the security of asset transfer may be controlled by a strict approval process in this manner at the time of a large asset transfer.
It can be understood that the transaction processing service and the transaction approval service can be deployed on the resource approval processing server, the business object can register the resource transfer authority through the transaction processing service on the resource approval processing server, and the approval object can register the transaction approval authority through the transaction approval service on the resource approval processing server. The resource transfer transaction initiated by the business object may be stored in a transaction sub-service in the transaction processing service, which may be used to send the resource transfer transaction to a transaction approval service. The transaction approval service can be used for determining a target transaction approval task adapted by the resource transfer exchange, generating transaction approval notification information to inform an approval object associated with the target transaction approval task of conducting transaction approval, and configuring an approval state of the resource transfer transaction as an approval passing state when the resource transfer transaction approval is determined to pass. Meanwhile, a signature sub-service in the transaction approval service informs the transaction processing service of generating transaction signature notification information, wherein the signature sub-service is used for sending the transaction signature notification information to a first resource approval processing server, and the first resource approval processing server signs a transaction for the resource transfer transaction. It can be understood that the transaction processing service and the transaction approval service can be deployed on the resource approval processing server at the same time, or only one service of the transaction processing service and the transaction approval service can be deployed, and the approval process of the resource management transaction can be completed by the cooperation of a plurality of resource approval processing servers.
For example, as shown in fig. 11, fig. 11 is a second schematic view of a transaction approval scenario provided in an embodiment of the present application; the resource approval processing server 21 is configured with a transaction processing service and a transaction approval service, the business object (such as a user a) can register the resource transfer authority through the transaction processing service based on the first resource client and the hardware device, and the approval object (such as a user B, a user C, a user D, a user E, etc.) can register the transaction approval authority through the transaction approval service based on the second resource client and the hardware device. It will be appreciated that for a user, the user identification may bind public key information in one or more hardware devices, and a hardware device may generate a public-private key pair. For example, a user may conduct transaction-class operations at home using public-private key pairs in hardware device 1, and at the time of the company, may conduct transaction-class operations using public-private key pairs in hardware device 2.
Therefore, the user a may initiate the resource transfer transaction TX1 and send (S91) the resource transfer transaction to the resource approval processing server, the resource approval processing server stores the resource transfer transaction into the transaction sub-service in the transaction processing service, the transaction sub-service sends (S92) the resource transfer transaction to the transaction approval service, and when determining that the target transaction approval task adapted by the resource transfer transaction includes the transaction approval task 1-3, the transaction approval service generates transaction approval notification information to notify the approval object associated with the transaction approval task 1-3 to conduct the transaction approval, for example, sends (S93) the transaction approval notification information to the user B and the user C associated with the transaction approval task 1, and the second resource client corresponding to the user B and the user C conduct the transaction approval through their own hardware devices and returns (S94) the transaction approval information 1; when the transaction approval service determines that the transaction approval result of the transaction approval task 1 is that the transaction approval passes, the transaction approval notification information (S95) is sent to a user D associated with the transaction approval task 2, and a second resource client corresponding to the user D performs transaction approval through hardware equipment of the second resource client and returns (S96) the transaction approval information 2; when the transaction approval service determines that the transaction approval result of the transaction approval task 2 is that the transaction approval passes, the transaction approval service sends (S97) transaction approval notification information to a user E associated with the transaction approval task 3, and a second resource client corresponding to the user E performs transaction approval through hardware equipment of the user E and returns (S98) the transaction approval information 3; when the transaction approval service determines that the transaction approval result of the transaction approval task 3 is that the transaction approval passes, the transaction approval result of the resource transfer transaction is determined to be that the transaction approval passes, that is, after the approval of one transaction approval service is completed, the next transaction approval service is executed, the transaction approval service can send (S99) the transaction approval result to a signature sub-service in the transaction processing service, the signature sub-service generates transaction signature notification information based on the transaction approval result and sends (S910) the transaction signature notification information to a user A, and a first resource client corresponding to the user A carries out transaction signature through own hardware equipment and returns (S911) the transaction signature information; when the signature sub-service receives the transaction signature information, the signature sub-service sends the transaction signature information to the transaction sub-service, and the transaction sub-service determines signed resource transfer transaction through the transaction signature information and transaction approval information 1-3 sent by the transaction approval service.
It can be understood that when the above-mentioned approval user performs transaction approval, a visual transaction approval interface may be displayed on the first resource client through the provided approval access interface, for example, the approval user checks a transaction approval list to be approved, checks transfer data of the resource transfer transaction, and if the transfer is allowed, clicks an approval button, at this time, the first resource client authorizes the hardware device to perform transaction approval, and it can be understood that when authorizing the hardware device, the transaction approval service in the resource approval processing server performs identity verification of the approval user by issuing a challenge value to be verified.
It can be understood that the transaction approval information related to the above-mentioned approval process can be uplink through a transaction approval contract, and when the transaction approval information is valid and the transaction approval result of the transaction approval task is determined to be the transaction approval, the approval state of the transaction can be transferred through the transaction approval contract, so as to complete the approval operation. The signature sub-service in the transaction processing service allows the first resource client to sign the resource transfer transaction when judging that the approval state is in the approval passing state from the chain, avoids the uplink of the resource transfer transaction without approval, improves the reliability of the transaction signature and the security of the transaction uplink, and ensures the security of the resource transfer.
For example, as shown in fig. 12, fig. 12 is an interactive flow diagram of a transaction processing method according to an embodiment of the present application; in this case, the resource approval processing server is different from the first blockchain node by way of example: s31, a business object initiates a resource transfer transaction to be examined and approved through a first resource client; s32, the first resource client sends the resource transfer transaction to a resource approval processing server; s33, the resource approval processing server determines a target transaction approval task aiming at the resource transfer transaction based on the amount of resources to be transferred indicated by the resource transfer transaction, and determines approval objects associated with the target transaction approval task, for example, the target transaction approval task comprises a transaction approval task 1 and a transaction approval task 2, the transaction approval task 1 is associated with an approval object a and the transaction approval task 2 is associated with an approval object b, the approval level of the transaction approval task 1 is lower than that of the transaction approval task 2, and the approval order of the transaction approval task 1 is higher than that of the transaction approval task 2; s34, the resource approval processing server generates transaction approval notification information aiming at the resource transfer transaction; s35, the resource approval processing server sends the transaction approval notification information to a second resource client a corresponding to the approval object a; s36, the second resource client a displays the resource transfer transaction to be approved indicated by the transaction approval notification information on the transaction approval interface; s37, the second resource client a responds to the approval object a, obtains the hardware equipment of the approval object a according to the transaction approval operation of the resource transfer transaction in the transaction approval interface, and authorizes the hardware equipment of the approval object a to carry out transaction approval on the resource transfer transaction to obtain the transaction approval information a of the approval object a according to the resource transfer transaction; s38, the second resource client a returns the transaction approval information a to the resource approval processing server; s39, the resource approval processing server determines that the transaction approval result of the transaction approval task 1 is that the transaction approval passes through the transaction approval information a, and sends transaction approval notification information to a second resource client b corresponding to the approval object b; s310, a second resource client b displays a resource transfer transaction to be approved, which is indicated by the transaction approval notification information, on a transaction approval interface; s311, the second resource client b responds to the approval object b, obtains the hardware equipment of the approval object b according to the transaction approval operation of the resource transfer transaction in the transaction approval interface, and authorizes the hardware equipment of the approval object b to carry out transaction approval on the resource transfer transaction to obtain the transaction approval information b of the approval object b according to the resource transfer transaction; s312, the second resource client b returns the transaction approval information b to the resource approval processing server; s313, when the resource approval processing server determines that the transaction approval result of the transaction approval task 2 is transaction approval passing through the transaction approval information b, namely, the transaction approval results of the transaction approval task 1 and the transaction approval task 2 are transaction approval passing, the transaction approval result of the target transaction approval task is determined to be transaction approval passing, the approval state of the resource transfer transaction is configured as an approval passing state, and transaction signature notification information for the resource transfer transaction is generated based on the resource transfer transaction in the approval passing state; s314, the resource approval processing server sends transaction signature notification information to the first resource client; s315, when the first resource client acquires the hardware equipment of the service object based on the transaction signature notification information, authorizing the hardware equipment of the service object to conduct transaction signature on the resource transfer transaction to obtain transaction signature information of the service object for the resource transfer transaction; s316, the first resource client returns transaction signature information; s317, the resource approval processing server determines signed resource transfer transaction corresponding to the resource transfer transaction through transaction signature information and transaction approval information a-b; s318, the resource approval processing server transfers the signed resource to a first blockchain node which is easy to send to the first blockchain; s319, the first blockchain node performs transaction signature verification on transaction signature information in signed resource transfer transactions, and when the transaction signature verification is successful, resource transfer transactions are obtained; s320, the first blockchain link links up-link the resource transfer transaction and transaction approval information a-b to the first blockchain.
In the embodiment of the application, when the resource approval processing server obtains the resource transfer transaction to be approved initiated by the business object, the target transaction approval task for the resource transfer transaction can be determined based on the resource quantity to be transferred indicated by the resource transfer transaction, and the approval object associated with the target transaction approval task can be determined; the business object is an object registered by the resource transfer authority, and the approval object is an object registered by the transaction approval authority, that is, the business object is authenticated, when the business object signs the transaction, the business object needs to pass the authentication to be executed (similarly, the approval object is authenticated, and when the approval object approves the transaction, the authentication is required to pass the authentication to be executed), so that a transaction initiator (transaction approver) of the resource transfer transaction (such as transfer transaction for enterprise resources) can be ensured not to be an illegal user, and the safety and reliability of the resource transfer transaction can be improved; at this time, the approval object can be informed to approve the transaction of the resource transfer transaction through the hardware equipment of the approval object authorized by the second resource client, and when the approval of the resource transfer transaction is confirmed to pass through the transaction approval information, the approval state of the resource transfer transaction is configured to be an approval passing state; the hardware equipment of the first resource client authorization service object is allowed to sign the resource transfer transaction so as to obtain signed resource transfer transaction, the signed resource transfer transaction is sent to the first blockchain node, and when the first blockchain node obtains the resource transfer transaction through the signed resource transfer transaction, the resource transfer transaction and transaction approval information are uplink, namely the resource transfer is realized. It can be understood that the transaction approval process and the transaction initiation process can be associated and bound, and a resource transfer transaction can be signed only after approval passes, so that the signed resource transfer transaction can be linked, and the security of the transaction uplink can be improved through the transaction auditing process, namely, the security of resources to be transferred (such as the security of enterprise resources) corresponding to the resource transfer transaction is ensured. In addition, it can be understood that the above transaction approval and the transaction signature both need to be subjected to the hardware equipment that the identity registration and the authentication pass, the hardware equipment can ensure that the identity information of the approval object and the business object is correct (i.e. the source party of the transaction approval and the signature is correct) and the related private key information cannot be revealed, that is, the hardware equipment can ensure that the identity of the transaction signature party is correct, and the reliability of the transaction signature is improved, so that the transaction safety and the reliability can be improved.
Further, referring to fig. 13, fig. 13 is a schematic structural diagram of a transaction processing device according to an embodiment of the present application. As shown in fig. 13, the transaction processing apparatus 1 is applicable to a computer device. It should be understood that the transaction processing device 1 may be a computer program (comprising program code) running in a computer apparatus, for example the transaction processing device 1 may be an application software; it will be appreciated that the transaction processing device 1 may be used to perform the corresponding steps in the methods provided by the embodiments of the present application. As shown in fig. 13, the transaction processing device 1 may include: an approval task determining module 11, a transaction notification approval module 12, an approval state configuration module 13, a transaction notification signing module 14 and a transaction uplink module 15; wherein:
the approval task determining module 11 is configured to determine, when a resource transfer transaction to be approved initiated by the business object through the first resource client is acquired, a target transaction approval task for the resource transfer transaction based on an amount of resources to be transferred indicated by the resource transfer transaction, and determine an approval object associated with the target transaction approval task; the service object is an object subjected to resource transfer permission registration on a resource approval processing server; the approval object is an object which is subjected to transaction approval authority registration on the resource approval processing server;
The transaction notification approval module 12 is configured to generate transaction approval notification information for the resource transfer transaction, and send the transaction approval notification information to a second resource client corresponding to the approval object, so that when the second resource client obtains the hardware device of the approval object based on the transaction approval notification information, the hardware device of the approval object is authorized to perform transaction approval on the resource transfer transaction, and transaction approval information of the approval object for the resource transfer transaction is obtained;
the approval state configuration module 13 is configured to configure an approval state of the resource transfer transaction as an approval passing state when a transaction approval result of the target transaction approval task is determined to be that the transaction approval passes through the transaction approval information, and generate transaction signature notification information for the resource transfer transaction based on the resource transfer transaction in the approval passing state;
the transaction notification signature module 14 is configured to send transaction signature notification information to the first resource client, so that when the first resource client obtains the hardware device of the service object based on the transaction signature notification information, the hardware device of the service object is authorized to perform transaction signature on the resource transfer transaction, and transaction signature information of the service object for the resource transfer transaction is obtained;
The transaction uplink module 15 is configured to determine, when transaction signature information is acquired from the first resource client, a signed resource transfer transaction corresponding to the resource transfer transaction according to the transaction signature information and the transaction approval information, and send the signed resource transfer transaction to a first blockchain node of the first blockchain, so that the first blockchain node performs transaction signature verification on the transaction signature information in the signed resource transfer transaction, and when the transaction signature verification is successful, obtain the resource transfer transaction, and uplink the resource transfer transaction and the transaction approval information to the first blockchain.
The approval task determination module 11 includes:
the first approval task determining unit 111 is configured to obtain N1 transaction approval tasks for transaction approval if the amount of resources to be transferred reaches a first resource amount threshold, and determine the N1 transaction approval tasks as target transaction approval tasks; n1 is a positive integer greater than 1;
the first approval task determining unit 111 is further configured to use the approval objects configured for the N1 transaction approval tasks as approval objects associated with the target transaction approval task.
Wherein, the approval task determining module 11 further comprises:
the second approval task determining unit 112 is configured to obtain N2 transaction approval tasks from the N1 transaction approval tasks based on the approval level of the N1 transaction approval tasks if the amount of the resource to be transferred does not reach the first resource amount threshold and reaches the second resource amount threshold, and determine the N2 transaction approval tasks as target transaction approval tasks; n2 is a positive integer greater than 1 and less than N1; the second resource amount threshold is less than the first resource amount threshold;
The second approval task determining unit 112 is further configured to use the approval objects configured for the N2 transaction approval tasks as approval objects associated with the target transaction approval task.
Wherein, the approval task determining module 11 further comprises:
a third approval task determining unit 113, configured to obtain, based on approval levels of N1 transaction approval tasks, a reference transaction approval task from N1 transaction approval tasks, and determine the reference transaction approval task as a target transaction approval task if the amount of resources to be transferred does not reach the second resource amount threshold and reaches the third resource amount threshold; the third resource amount threshold is less than the second resource amount threshold;
the third approval task determining unit 113 is further configured to take an approval object configured for the reference transaction approval task as an approval object associated with the target transaction approval task.
Wherein, the approval task determining module 11 further comprises:
a fourth approval task determining unit 114, configured to generate quick signature notification information for the resource transfer transaction if the amount of the resource to be transferred does not reach the third resource amount threshold;
the transaction notification signature module 14 is configured to send the quick signature notification information to the first resource client, so that when the first resource client obtains the hardware device of the service object based on the quick signature notification information, the hardware device of the service object is authorized to perform a transaction signature on the resource transfer transaction, and transaction signature information of the service object for the resource transfer transaction is obtained;
The transaction uplink module 15 is configured to determine, when transaction signature information is obtained from the first resource client, a fast signature resource transfer transaction corresponding to the resource transfer transaction through the transaction signature information, and send the fast signature resource transfer transaction to the first blockchain node, so that the first blockchain node performs transaction signature verification on the transaction signature information in the fast signature resource transfer transaction, and when the transaction signature verification is successful, obtain the resource transfer transaction, and uplink the resource transfer transaction to the first blockchain.
The target transaction approval tasks comprise N1 transaction approval tasks; the N1 transaction approval tasks have approval levels, and the approval level of the transaction approval task i is lower than the approval level of the transaction approval task i+1; n1 is a positive integer greater than 1; i is a positive integer less than N1; the approval objects associated with the target transaction approval task comprise a first approval object configured for the transaction approval task i and a second approval object configured for the transaction approval task i+1;
the transaction notification approval module 12 is specifically configured to:
the method comprises the steps of sending transaction approval notification information to a second resource client corresponding to a first approval object, so that when the second resource client corresponding to the first approval object obtains hardware equipment of the first approval object based on the transaction approval notification information, the hardware equipment of the first approval object is authorized to conduct transaction approval on a resource transfer transaction, and first transaction approval information of the first approval object for the resource transfer transaction is obtained;
When the transaction approval result of the transaction approval task i is determined to be the transaction approval passing through the first transaction approval information, the transaction approval notification information is sent to a second resource client corresponding to the second approval object, so that when the second resource client corresponding to the second approval object acquires the hardware equipment of the second approval object based on the transaction approval notification information, the hardware equipment of the second approval object is authorized to conduct the transaction approval on the resource transfer transaction, and the second transaction approval information of the second approval object aiming at the resource transfer transaction is obtained.
Wherein the first trial batch object has a plurality of; performing transaction approval by a second resource client corresponding to the first approval object to obtain first transaction approval information;
the transaction notification approval module 12 is specifically configured to:
when the first transaction approval information acquired from the second resource clients corresponding to the plurality of first approval objects is effective and the number of the acquired first transaction approval information reaches a first number threshold value associated with the transaction approval task i, determining that the transaction approval result of the transaction approval task i is that the transaction approval passes;
and sending the transaction approval notification information to a second resource client corresponding to the second approval object.
The resource approval processing server is a second blockchain node of a second blockchain; the second blockchain node is used for configuring the approval state of the resource transfer transaction to be an to-be-approved state on the second blockchain when the resource transfer transaction is received from the first resource client, and is used for uplink the received transaction approval information for the resource transfer transaction to the second blockchain when the transaction approval information for the resource transfer transaction returned by the second resource client is received;
the approval state configuration module 13 includes:
the approval result determining unit 131 is configured to, when obtaining transaction approval information for the resource transfer transaction from the second blockchain, invoke a transaction approval contract on the second blockchain, and determine a transaction approval result of the target transaction approval task according to the transaction approval information for the resource transfer transaction;
and the approval state configuration unit 132 is configured to update and configure, on the second blockchain, the approval state of the resource transfer transaction from the to-be-approved state to the approval passing state when the approval result of the transaction of the target transaction approval task indicates that the approval result of the resource transfer transaction is that the transaction approval passes.
The resource approval processing server is a second blockchain node of a second blockchain; the second blockchain node is used for updating and configuring the approval state of the resource transfer transaction from the to-be-approved state to the approval passing state on the second blockchain;
the approval state configuration module 13 includes:
an approval state inquiry unit 133 for inquiring the approval state of the resource transfer transaction from the second blockchain;
and when the approval state of the resource transfer transaction is inquired to be the approval passing state, generating transaction signature notification information for the resource transfer transaction based on the resource transfer transaction in the approval passing state.
The specific implementation manners of the approval task determining module 11, the transaction notification approval module 12, the approval status configuring module 13, the transaction notification signing module 14, and the transaction uplink module 15 may be referred to the relevant descriptions in the above embodiments, and will not be further described herein. It should be understood that the description of the beneficial effects obtained by the same method will not be repeated.
In the present embodiment, the term "module" or "unit" refers to a computer program or a part of a computer program having a predetermined function, and works together with other relevant parts to achieve a predetermined object, and may be implemented in whole or in part by using software, hardware (such as a processing circuit or a memory), or a combination thereof. Also, a processor (or multiple processors or memories) may be used to implement one or more modules or units. Furthermore, each module or unit may be part of an overall module or unit that incorporates the functionality of the module or unit.
Further, referring to fig. 14, fig. 14 is a schematic diagram of a transaction processing device according to an embodiment of the present disclosure. As shown in fig. 14, the transaction processing device 2 is applicable to a computer apparatus. It will be appreciated that the transaction processing means 2 may be a computer program (comprising program code) running in a computer device, for example the transaction processing means 2 may be an application software; it will be appreciated that the transaction processing device 2 may be adapted to perform the corresponding steps in the methods provided by the embodiments of the present application. As shown in fig. 14, the transaction processing device 2 may include: a transaction information display module 21, a transaction approval module 22, an approval information return module 23 and a permission registration module 24; wherein:
the transaction information display module 21 is configured to display, on a transaction approval interface, a resource transfer transaction to be approved indicated by the transaction approval notification information when the transaction approval notification information sent by the resource approval processing server corresponding to the second resource client is received; the resource transfer transaction is initiated by the business object through the first resource client; the service object is an object subjected to resource transfer permission registration on a resource approval processing server;
The transaction approval module 22 is configured to respond to an approval object associated with a target transaction approval task corresponding to a resource transfer transaction, obtain a hardware device of the approval object in a transaction approval interface for a transaction approval operation of the resource transfer transaction, and authorize the hardware device of the approval object to perform a transaction approval on the resource transfer transaction, so as to obtain transaction approval information of the approval object for the resource transfer transaction; the target transaction approval task is determined by the resource approval processing server based on the amount of resources to be transferred indicated by the resource transfer transaction; the approval object is an object which is subjected to transaction approval authority registration on the resource approval processing server;
the approval information returning module 23 is configured to return the transaction approval information to the resource approval processing server, so that when the resource approval processing server determines that the transaction approval result of the target transaction approval task is that the transaction approval passes through the transaction approval information, the approval state of the resource transfer transaction is configured to be an approval passing state, and transaction signature notification information for the resource transfer transaction is generated based on the resource transfer transaction in the approval passing state; the transaction signature notification information is used for notifying the first resource client to authorize the hardware equipment of the service object to conduct transaction signature on the resource transfer transaction when the hardware equipment of the service object is acquired, and transaction signature information of the service object for the resource transfer transaction is obtained; the resource approval processing server is used for determining signed resource transfer transaction corresponding to the resource transfer transaction through the transaction signature information and the transaction approval information when transaction signature information is acquired from the first resource client, and transmitting the signed resource transfer to a first blockchain node of the first blockchain; the first block chain link point is used for conducting transaction signature verification on transaction signature information in signed resource transfer transaction, and when the transaction signature verification is successful, resource transfer transaction is obtained, and the resource transfer transaction and transaction approval information are uplink to the first block chain.
The resource approval processing server is used for transmitting a first challenge value to be verified for an approved object to the second resource client;
the transaction approval module 22 includes:
a challenge value signing unit 221, configured to perform data signing on a first challenge value to be verified through private key information of an approval object stored in a hardware device of the approval object, to obtain first challenge value signing information;
the challenge value signing unit 221 is further configured to return the first challenge value signing information to the resource approval processing server, so that when the resource approval processing server performs data signing and signing on the first challenge value signing information through public key information of an approval object to obtain a first challenge value to be matched, perform data comparison on the first challenge value to be matched and the first challenge value to be verified to obtain a first data comparison result;
the device authorization unit 222 is configured to determine that the object identity of the approval object is successfully authenticated when the first data comparison result indicates that the first challenge value to be matched is the same as the first challenge value to be authenticated, and authorize the hardware device of the approval object to sign the resource transfer transaction through private key information of the approval object, so as to obtain approval signature information of the approval object for the resource transfer transaction;
The approval information determining unit 223 is configured to determine transaction approval information of the approval object for the resource transfer transaction based on the approval signature information.
Wherein the transaction processing device 2 further comprises:
the permission registration module 24 is configured to generate a first registration request for transaction approval permission, and send the first registration request to the resource approval processing server, so that the resource approval processing server obtains an object identifier allocated for an approval object, and generate first hardware device binding information based on the object identifier of the approval object;
the permission registration module 24 is further configured to bind, when receiving the first hardware device binding information sent by the resource approval processing server, a hardware device of an approval object based on the first hardware device binding information, and generate public key information of the approval object through the bound hardware device of the approval object;
the permission registration module 24 is further configured to send the public key information of the approval object to the resource approval processing server, so that the resource approval processing server determines that the approval object has transaction approval permission when binding the public key information of the approval object with the object identifier of the approval object.
The specific implementation manners of the transaction information display module 21, the transaction approval module 22, the approval information return module 23, and the permission registration module 24 may be referred to the related descriptions in the above embodiments, and will not be further described herein. It should be understood that the description of the beneficial effects obtained by the same method will not be repeated.
Further, referring to fig. 15, fig. 15 is a schematic structural diagram of a computer device according to an embodiment of the present application. As shown in fig. 15, the computer device 1500 may be a service terminal or a server, which is not limited herein. For ease of understanding, this application will take a computer device as an example of a server, and the computer device 1500 may include: processor 1501, network interface 1504 and memory 1505, in addition, the computer device 1500 may further comprise: a user interface 1503, and at least one communication bus 1502. Wherein a communication bus 1502 is used to enable connected communications between these components. The user interface 1503 may also include a standard wired interface, or a wireless interface, among others. The network interface 1504 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface). Memory 1505 may be a high-speed RAM memory or a non-volatile memory, such as at least one disk memory. Memory 1505 may also optionally be at least one memory device located remotely from the processor 1501. As shown in fig. 15, an operating system, a network communication module, a user interface module, and a device control application may be included in the memory 1505, which is one type of computer-readable storage medium.
Wherein the network interface 1504 in the computer device 1500 may also provide network data interaction functionality. In the computer device 1500 shown in fig. 15, the network interface 1504 can provide network data interaction functions; while the user interface 1503 is primarily an interface for providing input to a user; the processor 1501 may be configured to invoke the device control application stored in the memory 1505 to execute the description of the transaction processing method in the embodiment corresponding to fig. 4 and 9, and may also execute the description of the transaction processing apparatus 1 in the embodiment corresponding to fig. 13 and the description of the transaction processing apparatus 2 in the embodiment corresponding to fig. 14, which are not described herein. In addition, the description of the beneficial effects of the same method is omitted.
Furthermore, it should be noted here that: the embodiments of the present application further provide a computer readable storage medium, in which the aforementioned computer programs executed by the transaction processing device 1 and the transaction processing device 2 are stored, and the computer programs include computer instructions, when executed by the processor, are capable of executing the description of the transaction processing method in the corresponding embodiments of fig. 4 and 9, and therefore, the description thereof will not be repeated here. In addition, the description of the beneficial effects of the same method is omitted. For technical details not disclosed in the embodiments of the computer-readable storage medium according to the present application, please refer to the description of the method embodiments of the present application. As an example, computer instructions may be deployed to be executed on one computing device or on multiple computing devices at one site or, alternatively, across multiple computing devices distributed across multiple sites and interconnected by a communication network, where the multiple computing devices distributed across multiple sites and interconnected by a communication network may constitute a blockchain system.
In addition, it should be noted that: embodiments of the present application also provide a computer program product or computer program that may include computer instructions that may be stored in a computer-readable storage medium. The processor of the computer device reads the computer instructions from the computer readable storage medium, and the processor may execute the computer instructions, so that the computer device performs the foregoing description of the transaction processing method in the embodiment corresponding to fig. 4 and fig. 9, and therefore, a detailed description will not be given here. In addition, the description of the beneficial effects of the same method is omitted. For technical details not disclosed in the computer program product or the computer program embodiments related to the present application, please refer to the description of the method embodiments of the present application.
It should be noted that, for simplicity of description, the foregoing method embodiments are all expressed as a series of action combinations, but it should be understood by those skilled in the art that the present application is not limited by the described order of action, as some steps may take other order or be performed simultaneously according to the present application. Further, those skilled in the art will also appreciate that the embodiments described in the specification are all preferred embodiments, and that the acts and modules referred to are not necessarily required in the present application.
The steps in the method of the embodiment of the application can be sequentially adjusted, combined and deleted according to actual needs.
The modules in the device of the embodiment of the application can be combined, divided and deleted according to actual needs.
Those skilled in the art will appreciate that implementing all or part of the above-described methods may be accomplished by way of a computer program stored in a computer-readable storage medium, which when executed may comprise the steps of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), or the like.
The foregoing disclosure is only illustrative of the preferred embodiments of the present application and is not intended to limit the scope of the claims herein, as the equivalent of the claims herein shall be construed to fall within the scope of the claims herein.
Claims (17)
1. A transaction processing method, wherein the method is performed by a resource approval processing server; the method comprises the following steps:
when a resource transfer transaction to be approved initiated by a business object through a first resource client is acquired, determining a target transaction approval task for the resource transfer transaction based on the resource quantity to be transferred indicated by the resource transfer transaction, and determining an approval object associated with the target transaction approval task; the business object is an object subjected to resource transfer permission registration on the resource approval processing server; the approval object is an object subjected to transaction approval authority registration on the resource approval processing server;
Generating transaction approval notification information for the resource transfer transaction, and sending the transaction approval notification information to a second resource client corresponding to the approval object, so that the second resource client authorizes the hardware equipment of the approval object to conduct transaction approval on the resource transfer transaction when acquiring the hardware equipment of the approval object based on the transaction approval notification information, thereby obtaining the transaction approval information of the approval object for the resource transfer transaction;
when the transaction approval result of the target transaction approval task is confirmed to be that the transaction approval passes through the transaction approval information, configuring the approval state of the resource transfer transaction as an approval passing state, and generating transaction signature notification information for the resource transfer transaction based on the resource transfer transaction in the approval passing state;
transmitting the transaction signature notification information to the first resource client, so that the first resource client authorizes the hardware equipment of the service object to conduct transaction signature on the resource transfer transaction when acquiring the hardware equipment of the service object based on the transaction signature notification information, and obtains transaction signature information of the service object for the resource transfer transaction;
When the transaction signature information is acquired from the first resource client, determining signed resource transfer transaction corresponding to the resource transfer transaction through the transaction signature information and the transaction approval information, transferring the signed resource to a first blockchain node of a first blockchain, so that the first blockchain node performs transaction signature verification on the transaction signature information in the signed resource transfer transaction, and when the transaction signature verification is successful, obtaining the resource transfer transaction, and uploading the resource transfer transaction and the transaction approval information to the first blockchain.
2. The method of claim 1, wherein the determining a target transaction approval task for the resource transfer transaction based on the amount of resources to be transferred indicated by the resource transfer transaction and determining an approval object associated with the target transaction approval task comprises:
if the resource quantity to be transferred reaches a first resource quantity threshold, N1 transaction approval tasks for transaction approval are acquired, and the N1 transaction approval tasks are determined to be the target transaction approval tasks; n1 is a positive integer greater than 1;
And taking the approval objects configured for the N1 transaction approval tasks as the approval objects associated with the target transaction approval task.
3. The method according to claim 2, wherein the method further comprises:
if the resource quantity to be transferred does not reach the first resource quantity threshold and reaches a second resource quantity threshold, acquiring N2 transaction approval tasks from the N1 transaction approval tasks based on the approval grades of the N1 transaction approval tasks, and determining the N2 transaction approval tasks as the target transaction approval tasks; n2 is a positive integer greater than 1 and less than N1; the second resource amount threshold is less than the first resource amount threshold;
and taking the approval objects configured for the N2 transaction approval tasks as the approval objects associated with the target transaction approval task.
4. A method according to claim 3, characterized in that the method further comprises:
if the resource quantity to be transferred does not reach the second resource quantity threshold and reaches a third resource quantity threshold, acquiring a reference transaction approval task from the N1 transaction approval tasks based on the approval grades of the N1 transaction approval tasks, and determining the reference transaction approval task as the target transaction approval task; the third resource amount threshold is less than the second resource amount threshold;
And taking the approval object configured for the reference transaction approval task as the approval object associated with the target transaction approval task.
5. The method according to claim 4, wherein the method further comprises:
if the amount of the resources to be transferred does not reach the third resource amount threshold, generating quick signature notification information for the resource transfer transaction;
transmitting the rapid signature notification information to the first resource client, so that when the first resource client acquires the hardware equipment of the service object based on the rapid signature notification information, the hardware equipment of the service object is authorized to conduct transaction signature on the resource transfer transaction, and transaction signature information of the service object for the resource transfer transaction is obtained;
when the transaction signature information is acquired from the first resource client, determining a quick signature resource transfer transaction corresponding to the resource transfer transaction through the transaction signature information, transferring the quick signature resource to the first blockchain node, so that the first blockchain node performs transaction signature verification on the transaction signature information in the quick signature resource transfer transaction, and when the transaction signature verification is successful, obtaining the resource transfer transaction, and uploading the resource transfer transaction to the first blockchain.
6. The method of claim 1, wherein the target transaction approval tasks include N1 transaction approval tasks; the N1 transaction approval tasks have approval levels, and the approval level of the transaction approval task i is lower than the approval level of the transaction approval task i+1; n1 is a positive integer greater than 1; i is a positive integer less than N1; the approval objects associated with the target transaction approval task comprise a first approval object configured for the transaction approval task i and a second approval object configured for the transaction approval task i+1;
the sending the transaction approval notification information to the second resource client corresponding to the approval object includes:
the transaction approval notification information is sent to a second resource client corresponding to the first approval object, so that when the second resource client corresponding to the first approval object obtains the hardware equipment of the first approval object based on the transaction approval notification information, the hardware equipment of the first approval object is authorized to conduct transaction approval on the resource transfer transaction, and first transaction approval information of the first approval object for the resource transfer transaction is obtained;
When the transaction approval result of the transaction approval task i is determined to be that the transaction approval passes through the first transaction approval information, the transaction approval notification information is sent to a second resource client corresponding to the second approval object, so that the second resource client corresponding to the second approval object authorizes the hardware equipment of the second approval object to conduct transaction approval on the resource transfer transaction when the hardware equipment of the second approval object is acquired based on the transaction approval notification information, and the second transaction approval information of the second approval object aiming at the resource transfer transaction is obtained.
7. The method of claim 6, wherein the first trial object has a plurality of; performing transaction approval by a second resource client corresponding to the first approval object to obtain first transaction approval information;
when the transaction approval result of the transaction approval task i is determined to be that the transaction approval passes through by the first transaction approval information, the sending the transaction approval notification information to the second resource client corresponding to the second approval object includes:
when first transaction approval information acquired from second resource clients corresponding to a plurality of first approval objects is effective and the number of the acquired first transaction approval information reaches a first number threshold value associated with the transaction approval task i, determining that a transaction approval result of the transaction approval task i is transaction approval passing;
And sending the transaction approval notification information to a second resource client corresponding to the second approval object.
8. The method of claim 1, wherein the resource approval processing server is a second blockchain node of a second blockchain; the second blockchain node is used for configuring the approval state of the resource transfer transaction to be an to-be-approved state on the second blockchain when the resource transfer transaction is received from the first resource client, and is used for uploading the received transaction approval information for the resource transfer transaction to the second blockchain when the transaction approval information for the resource transfer transaction returned by the second resource client is received;
when the transaction approval result of the target transaction approval task is determined to be that the transaction approval passes through according to the transaction approval information, configuring the approval state of the resource transfer transaction as an approval passing state, including:
when transaction approval information aiming at the resource transfer transaction is acquired from the second blockchain, invoking a transaction approval contract on the second blockchain, and determining a transaction approval result of the target transaction approval task through the transaction approval information aiming at the resource transfer transaction;
When the transaction approval result of the target transaction approval task indicates that the approval result of the resource transfer transaction is transaction approval passing, the approval state of the resource transfer transaction is updated and configured from the to-be-approved state to the approval passing state on the second blockchain.
9. The method of claim 1, wherein the resource approval processing server is a second blockchain node of a second blockchain; the second blockchain node is used for updating and configuring the approval state of the resource transfer transaction from the to-be-approved state to the approval passing state on the second blockchain;
the generating transaction signature notification information for the resource transfer transaction based on the resource transfer transaction in the approval passing state includes:
querying an approval status of the resource transfer transaction from the second blockchain;
and when the approval state of the resource transfer transaction is inquired to be the approval passing state, generating transaction signature notification information for the resource transfer transaction based on the resource transfer transaction in the approval passing state.
10. A transaction processing method, wherein the method is performed by a second resource client; the method comprises the following steps:
When transaction approval notification information sent by a resource approval processing server corresponding to the second resource client is received, displaying a resource transfer transaction to be approved, which is indicated by the transaction approval notification information, on a transaction approval interface; the resource transfer transaction is initiated by the business object through the first resource client; the business object is an object subjected to resource transfer permission registration on the resource approval processing server;
responding to an approval object associated with a target transaction approval task corresponding to the resource transfer transaction, acquiring a hardware device of the approval object in the transaction approval interface according to a transaction approval operation of the resource transfer transaction, and authorizing the hardware device of the approval object to carry out transaction approval on the resource transfer transaction to obtain transaction approval information of the approval object according to the resource transfer transaction; the target transaction approval task is determined by the resource approval processing server based on the amount of resources to be transferred indicated by the resource transfer transaction; the approval object is an object subjected to transaction approval authority registration on the resource approval processing server;
The transaction approval information is returned to the resource approval processing server, so that when the transaction approval result of the target transaction approval task is confirmed to be that the transaction approval passes through by the transaction approval information, the resource transfer transaction approval state is configured to be an approval passing state, and transaction signature notification information for the resource transfer transaction is generated based on the resource transfer transaction in the approval passing state; the transaction signature notification information is used for notifying the first resource client to authorize the hardware equipment of the service object to conduct transaction signature on the resource transfer transaction when the hardware equipment of the service object is acquired, so as to obtain transaction signature information of the service object for the resource transfer transaction; the resource approval processing server is used for determining signed resource transfer transaction corresponding to the resource transfer transaction through the transaction signature information and the transaction approval information when the transaction signature information is acquired from the first resource client, and transferring the signed resource to a first blockchain node of a first blockchain; the first block chain link point is used for carrying out transaction signature verification on the transaction signature information in the signed resource transfer transaction, obtaining the resource transfer transaction when the transaction signature verification is successful, and uploading the resource transfer transaction and the transaction approval information to the first block chain.
11. The method of claim 10, wherein the resource approval processing server is configured to issue a first challenge value to be validated for the approval object to the second resource client;
the authorizing the hardware device of the approval object to conduct transaction approval on the resource transfer transaction to obtain transaction approval information of the approval object for the resource transfer transaction comprises the following steps:
carrying out data signature on the first challenge value to be verified through private key information of the approval object stored in hardware equipment of the approval object to obtain first challenge value signature information;
returning the first challenge value signature information to the resource approval processing server, so that the resource approval processing server performs data signature verification on the first challenge value signature information through public key information of the approval object to obtain a first challenge value to be matched, and performs data comparison on the first challenge value to be matched and the first challenge value to be verified to obtain a first data comparison result;
when the first data comparison result indicates that the first challenge value to be matched is the same as the first challenge value to be verified, determining that the object identity verification of the approval object is successful, and authorizing the hardware equipment of the approval object to sign the resource transfer transaction through the private key information of the approval object to obtain approval signature information of the approval object for the resource transfer transaction;
And determining transaction approval information of the approval object for the resource transfer transaction based on the approval signature information.
12. The method according to claim 10, wherein the method further comprises:
generating a first registration request aiming at the transaction approval authority, and sending the first registration request to the resource approval processing server so that the resource approval processing server obtains an object identifier distributed for the approval object and generates first hardware equipment binding information based on the object identifier of the approval object;
when the first hardware device binding information sent by the resource approval processing server is received, binding the hardware device of the approval object based on the first hardware device binding information, and generating public key information of the approval object through the bound hardware device of the approval object;
and sending the public key information of the approval object to the resource approval processing server, so that the resource approval processing server determines that the approval object has the transaction approval authority when binding the public key information of the approval object with the object identification of the approval object.
13. A transaction processing device, wherein the device operates in a resource approval processing server; the device comprises:
the approval task determining module is used for determining a target transaction approval task aiming at the resource transfer transaction based on the resource quantity to be transferred indicated by the resource transfer transaction when the resource transfer transaction to be approved initiated by the business object through the first resource client is acquired, and determining an approval object associated with the target transaction approval task; the business object is an object subjected to resource transfer permission registration on the resource approval processing server; the approval object is an object subjected to transaction approval authority registration on the resource approval processing server;
the transaction notification approval module is used for generating transaction approval notification information aiming at the resource transfer transaction, and sending the transaction approval notification information to a second resource client corresponding to the approval object, so that when the second resource client acquires the hardware equipment of the approval object based on the transaction approval notification information, the hardware equipment of the approval object is authorized to conduct transaction approval on the resource transfer transaction, and the transaction approval information aiming at the resource transfer transaction by the approval object is obtained;
The approval state configuration module is used for configuring the approval state of the resource transfer transaction as an approval passing state when the transaction approval result of the target transaction approval task is confirmed to be that the transaction approval passes through the transaction approval information, and generating transaction signature notification information for the resource transfer transaction based on the resource transfer transaction in the approval passing state;
the transaction notification signature module is used for sending the transaction signature notification information to the first resource client so that the first resource client authorizes the hardware equipment of the business object to conduct transaction signature on the resource transfer transaction when acquiring the hardware equipment of the business object based on the transaction signature notification information to obtain transaction signature information of the business object for the resource transfer transaction;
and the transaction uplink module is used for determining signed resource transfer transaction corresponding to the resource transfer transaction through the transaction signature information and the transaction approval information when the transaction signature information is acquired from the first resource client, transferring the signed resource to a first blockchain node of a first blockchain, so that the first blockchain node performs transaction signature verification on the transaction signature information in the signed resource transfer transaction, obtains the resource transfer transaction when the transaction signature verification is successful, and uplinks the resource transfer transaction and the transaction approval information to the first blockchain.
14. A transaction processing device, wherein the device is operable in a second resource client; the device comprises:
the transaction information display module is used for displaying the to-be-approved resource transfer transaction indicated by the transaction approval notification information on a transaction approval interface when the transaction approval notification information sent by the resource approval processing server corresponding to the second resource client is received; the resource transfer transaction is initiated by the business object through the first resource client; the business object is an object subjected to resource transfer permission registration on the resource approval processing server;
the transaction approval module is used for responding to an approval object associated with a target transaction approval task corresponding to the resource transfer transaction, acquiring a hardware device of the approval object aiming at a transaction approval operation of the resource transfer transaction in the transaction approval interface, and authorizing the hardware device of the approval object to carry out transaction approval on the resource transfer transaction to obtain transaction approval information of the approval object aiming at the resource transfer transaction; the target transaction approval task is determined by the resource approval processing server based on the amount of resources to be transferred indicated by the resource transfer transaction; the approval object is an object subjected to transaction approval authority registration on the resource approval processing server;
The approval information return module is used for returning the transaction approval information to the resource approval processing server, so that when the resource approval processing server determines that the transaction approval result of the target transaction approval task is that the transaction approval passes through the transaction approval information, the approval state of the resource transfer transaction is configured to be an approval passing state, and transaction signature notification information for the resource transfer transaction is generated based on the resource transfer transaction in the approval passing state; the transaction signature notification information is used for notifying the first resource client to authorize the hardware equipment of the service object to conduct transaction signature on the resource transfer transaction when the hardware equipment of the service object is acquired, so as to obtain transaction signature information of the service object for the resource transfer transaction; the resource approval processing server is used for determining signed resource transfer transaction corresponding to the resource transfer transaction through the transaction signature information and the transaction approval information when the transaction signature information is acquired from the first resource client, and transferring the signed resource to a first blockchain node of a first blockchain; the first block chain link point is used for carrying out transaction signature verification on the transaction signature information in the signed resource transfer transaction, obtaining the resource transfer transaction when the transaction signature verification is successful, and uploading the resource transfer transaction and the transaction approval information to the first block chain.
15. A computer device comprising a memory and a processor;
the memory is connected to the processor, the memory is used for storing a computer program, and the processor is used for calling the computer program to enable the computer device to execute the method of any one of claims 1-12.
16. A computer readable storage medium, characterized in that the computer readable storage medium has stored therein a computer program adapted to be loaded and executed by a processor to cause a computer device having the processor to perform the method of any of claims 1-12.
17. A computer program product comprising computer programs/instructions which, when executed by a processor, implement the method of any of claims 1-12.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311523103.1A CN117575788A (en) | 2023-11-14 | 2023-11-14 | Transaction processing method, device, equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311523103.1A CN117575788A (en) | 2023-11-14 | 2023-11-14 | Transaction processing method, device, equipment and medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117575788A true CN117575788A (en) | 2024-02-20 |
Family
ID=89889189
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311523103.1A Pending CN117575788A (en) | 2023-11-14 | 2023-11-14 | Transaction processing method, device, equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117575788A (en) |
-
2023
- 2023-11-14 CN CN202311523103.1A patent/CN117575788A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| AU2022200068B2 (en) | Telecommunication system and method for settling session transactions | |
| US11669832B2 (en) | Blockchain-implemented method and system for access control on remote internet-enabled resources | |
| US20220271915A1 (en) | Advanced non-fungible token blockchain architecture | |
| US20220156837A1 (en) | Distributed ledger implementation for entity formation and monitoring system | |
| CN111292174A (en) | Tax payment information processing method and device and computer readable storage medium | |
| CN112733178B (en) | Cross-chain trust method, device, equipment and medium based on digital certificate authentication | |
| CN110674531B (en) | Residential information management method, device, server and medium based on block chain | |
| CN113256297B (en) | Data processing method, device and equipment based on block chain and readable storage medium | |
| CN114117264A (en) | Illegal website identification method, device, equipment and storage medium based on block chain | |
| CN116980163A (en) | Data processing method, device, equipment and medium based on trusted execution environment | |
| CN117616410A (en) | Multiparty computing in a computer slicing environment | |
| US10867326B2 (en) | Reputation system and method | |
| US20230403154A1 (en) | Verifier credential determination by a registrant | |
| CN115150178A (en) | Cross-platform unified login authentication method and device based on block chain | |
| CN117575788A (en) | Transaction processing method, device, equipment and medium | |
| CN113904774A (en) | Block chain address authentication method and device and computer equipment | |
| CN109658104B (en) | System and method for confirming asset consistency on chain | |
| US20230409400A1 (en) | System for resource allocation and monitoring | |
| CN117061089B (en) | Voting management method, device, equipment and storage medium | |
| US11902266B1 (en) | Systems and methods for generating and using secure sharded onboarding user interfaces | |
| CN116980136A (en) | Interface processing method, device, equipment, storage medium and product of intelligent contract | |
| CN117372017A (en) | Block chain-based data processing method, device, equipment and storage medium | |
| CN117931933A (en) | Multi-blockchain data processing method, device, equipment, system and medium | |
| WO2023201032A1 (en) | Secure retrieval of off-network data by trusted network entities | |
| CN117057800A (en) | Data processing method, device, equipment and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication |