KR102039570B1 - P2p ledger for fiat money without cryptocurrency - Google Patents

Abstract

This paper describes a peer-to-peer ledger that can implement a universal financial platform for fiat currency without issuing cryptocurrency. According to an aspect of the present invention, there is provided a network system, comprising: a financial platform for authenticating an identity with a real name for each of a plurality of users who want to enter a network to provide a user identifier on the network; Collecting and merging information about transactions between the users to generate a transaction block, select signers for the generated transaction block, receive the signature on the generated transaction block of the selected signers, and generate the transaction block. A plurality of aggregator nodes attempting to add a to the signed blockchain; And a plurality of signer nodes for validating a transaction block generated at each of the plurality of merger nodes and signing the validated transaction block according to a request from each of the plurality of merger nodes. Can be.

Description

P2P ledger for fiat currency without cryptocurrency {P2P LEDGER FOR FIAT MONEY WITHOUT CRYPTOCURRENCY}

The following discussion relates to a peer-to-peer ledger that can implement a universal financial platform for fiat currency without issuing any cryptocurrency. More specifically, transactions using fiat currency in the real name network It relates to a p2p book for recording a, a p2p book-based network system, a signer's signature method and a merger's transaction block addition method.

Due to Satoshi Nakamoto's original idea, the p2p public ledger seems to be feasible within an anonymous network. Any Internet user can contribute to a p2p network by participating in the network and providing their computing power or proof-of-work. Proof of work is a clever one vote per CPU implementation by anonymous participants, which ensures that the Bitcoin ledger is not an illegal variant. To reward the nodes for their work, a cryptocurrency called Bitcoin is issued and given to each node. For example, Korean Patent Laid-Open No. 10-2016-0024185 discloses a system and method for managing cryptocurrency using SE (Secure Element).

However, the anonymity of books and cryptocurrencies prevents the technology from being used in the fiat currency economy. Cryptocurrencies are untraceable even if used for money laundering or tax avoidance, and their value is not stable and fluctuates violently.

A p2p book for recording transactions using fiat money in a real name network, a network system based on the p2p book, a signer's signature method, and a merger's transaction block addition method are provided.

A financial platform for authenticating an identity with a real name for each of a plurality of users who want to enter a network to provide a user identifier on the network; Collecting and merging information about transactions between the users to create a transaction block, and signers for the generated transaction block, regardless of the interest in the transaction that the generated transaction block includes, signed block chain A plurality of merger nodes that select based on the transaction of the last completed block of and attempt to add the generated transaction block to the signed blockchain by receiving a signature on the generated transaction block of the selected signers ; And a plurality of signer nodes for validating a transaction block generated at each of the plurality of merger nodes and signing the validated transaction block according to a request from each of the plurality of merger nodes. It provides a network system, characterized in that.

According to one side, the plurality of merger nodes, each of the signed transaction blocks from the plurality of signer nodes are broadcast by the corresponding merger nodes, so as to confirm the validity of the signed transaction blocks, the And approving the addition of the signed transaction blocks that have been validated to the signed blockchain.

According to another aspect, among the block chains to which the transaction blocks generated at each of the plurality of merger nodes are added, the block chain to which the transaction block which receives the most signatures from the plurality of signer nodes is selected is selected. can do.

According to another aspect, each of the plurality of merger nodes is randomly predicted, having as inputs information about a transaction contained in a previous transaction block of a transaction block to add to the signed blockchain. Generate a hash value which is impossible but deterministic to be output via a function whose output is determined according to the input, selects signers for the transaction block to be added based on the generated hash value, and selects the selected signer Requesting a signature for the transaction block to be added to the signer nodes corresponding to the data.

According to another aspect, each of the plurality of signer nodes manages a block identifier of a transaction block signed by it, and for a transaction block generated before the last signed transaction block in the signed blockchain is completed. Reject the signature request.

According to another aspect, each of the plurality of signer nodes ignores a request for signing another transaction block that includes information about transactions on a transaction block that it has already signed, and information on ignoring the signature request. It may be characterized by notifying the merger node corresponding to the other transaction block.

According to another aspect, each of the plurality of signer nodes reports a signing request to the financial platform for a block containing a transaction that does not match a signed one, and identifies the merger's identifier and the mismatch according to the signing request. And broadcast the identifier of the sender of the transaction not on the network.

Receiving a signature request for a transaction block generated by the merger node through the network from a merger node on a network whose real name is authenticated for a plurality of users to enter; Verifying validity of the signature requested transaction block; And signing the validated transaction block, wherein the signature request is sent by the merger node to signer nodes on the network selected based on a hash value, the hash value being signed block. The signature method is characterized in that it is output through a function that is random and unpredictable but deterministic so that the output is determined according to the input while having information on the transactions included in the last trading block of the chain as input. to provide.

Collecting information on a transaction between the users through a network in which a real name is authenticated for a plurality of users to enter; Merging information about the collected transactions to generate a transaction block; Selecting signers for the generated trading block based on the transaction of the last completed block of the signed blockchain, irrespective of the interest in the transaction that the generated trading block includes; Requesting a signature on the generated transaction block of the selected signers; And sending the signed transaction block to a plurality of aggregator nodes on the network to add a signed transaction block from the signers to the signed blockchain. to provide.

In combination with a computer device, a computer program stored on a computer readable recording medium for executing the method on the computer device is provided.

A computer readable recording medium having recorded thereon a program for executing the method on a computer device is provided.

At least one processor implemented to execute readable instructions on a computer device, wherein the at least one processor is configured to provide the network from an amalgamator node on the network whose identity is authenticated by a real name for a plurality of users to enter. Receive a signature request for the transaction block generated by the merger node, verify the validity of the signature requested transaction block, sign the validated transaction block, and the signature request is based on a hash value Is sent by the merger node to signer nodes on the network that are selected by the merger, the hash value being random and predictive with inputs about the transactions that the last transaction block of the signed blockchain contains. Impossible but deterministic, so the output depends on the input Provides a computer apparatus characterized in that the output from the function.

At least one processor implemented to execute readable instructions on a computer device, wherein the at least one processor is a transaction between the users over a network whose real name is authenticated for a plurality of users to enter Collects information about the transaction, merges the information about the collected transaction to generate a transaction block, and signs the signers for the generated transaction block regardless of the interest of the transaction that the generated transaction block includes. To select based on the transaction of the completed last block of the completed blockchain, request a signature for the generated transaction block of the selected signers, and add a signed transaction block from the signers to the signed blockchain, Forward the signed transaction block to a plurality of amalgamator nodes on the network. It provides a computer unit, characterized in that.

It is possible to provide a p2p book for recording transactions using fiat money in a real name network, a network system based on the p2p book, a signature method of a signer, and a transaction block addition method of a merger.

1 is a diagram illustrating an example of a P2P book protocol according to an embodiment of the present invention.
2 is a diagram illustrating an example of information included in a new block added to a signed block chain according to one embodiment of the present invention.
FIG. 3 is a diagram for one example of selecting signers for a new block based on a previous block according to one embodiment of the present invention.
4 is a diagram illustrating an example in which a p2p book is protected against a forking a block according to an embodiment of the present invention.
5 is a diagram illustrating an example of an operating environment of a network system according to an embodiment of the present invention.
6 is a diagram illustrating an example of an internal configuration of a computer device according to one embodiment of the present invention.
7 is a flowchart illustrating an example of a signature method in an embodiment of the present invention.
8 is a flowchart illustrating an example of a method for adding a transaction block according to an embodiment of the present invention.

Hereinafter, exemplary embodiments will be described in detail with reference to the accompanying drawings.

Embodiments of the present invention describe techniques for a p2p ledger that implements a universal financial platform for fiat currencies without issuing any cryptocurrencies. In contrast, embodiments of the present invention introduce a new concept of "Proof of Population" based on real name identity. It can be used as a p2p ledger for banks, as an influential tool for settlement, and can be used for any financial transactions. Furthermore, it distributes the costs held by third parties to peers that cannot be centralized. Because of the very low energy requirements, it is possible to run software according to embodiments of the invention on a smartphone or personal computer.

1. Introduction

A third trusted authority is assumed to be required to conduct records transactions in a trusted manner. In this model, participants need trust to believe that the records are not modified. Instead of providing trust, the third trust authority receives transaction costs from the participants. This is well done if the participants in the network generally agree on the cost of running a third party, such as a bank. However, if it is impossible to establish a third-party trust institution that technically, economically and politically protects the transaction, then a decentralized but not counterfeit online transaction record is needed. Furthermore, even if a third trust authority already exists, it is more desirable to use a distributed ledger if it is feasible when the cost of maintaining the third trust authority is too large to create an unfair advantage, rather than technically or economically unavoidable. . Providing decentralized ledgers and eliminating third parties has a significant impact on markets run by trust institutions by providing another competitive technology that does not rely on third parties.

In 2009, Bitcoin provided the concept of eliminating the centralized currency foundry and decentralizing the books of the online currency system. In the Bitcoin network, coins are issued in a distributed way by peers managing a single global constant ledger. To keep the books unchanged, Nakamoto has developed a new voting mechanism that can resolve discrepancies in the books by voting by anonymous peers. Since the nodes in the Internet cannot be accurately distinguished, a mechanism for realizing one vote per node is required. Since identities such as IP addresses can be easily captured, Bitcoin uses so-called proof-of-work (PoW) to effectively implement the abstract concept of one vote per CPU.

Current PoW-based cryptocurrency systems have some technical limitations that prevent them from being used as real currency for trading.

Energy: According to the Bitcoin Energy Consumption Index by Digiconomist, the number of US homes powered by Bitcoin is 4,049,860.

Slow acknowledgment: In theory, blocks take at least 60 minutes to complete, but generally rely more substantially on limited block size and bulk transactions.

Scalability: Only 4-20 transactions can be processed per second. This cannot be a candidate for large scale networks.

Instead of using PoW, there are cryptocurrency systems that use proof-of-stake (PoS). PoS-based systems in which stake holders stake their stake to vote so-called solve the above problems. There is still debate about the effectiveness of PoS attacks, but it is argued that it is possible to forge several chains simultaneously and even profitable.

Now let's look at the other aspects of cryptocurrency: Anonymity and Decentralization.

Non-Transparency: All transactions are processed under arbitrary addresses whose owner cannot be verified.

Non-decentralized: Hashing of power or equity is dominated by small groups of people.

1.1. Transparency

Cryptocurrencies efficiently realize online money systems so that they are not traceable as real currency. Since the introduction of Bitcoin, much focus has been placed on cryptocurrencies, which has triggered a flood of cryptocurrency systems (about 1,300 cryptocurrencies). However, almost all cryptocurrencies using the block chain concept are untraceable. Just as cash in the real world is not easy to track even when used for crimes such as money laundering and tax avoidance, cryptocurrencies can't be tracked except when exchanged for real currency on an exchange. However, modern society is moving toward a more transparent economy due to credit cards, check cards and pay. The current cash model is gradually being eliminated by these alternatives. However, the cryptocurrencies represented by Bitcoin go in the opposite direction. One example of that opacity was that in March 2017, the US Securities and Exchange Commission (US SEC) decided not to list the Winklevoss Bitcoin Trust due to the opacity of the transaction.

1.2. Decentralization

Since the p2p platform according to embodiments of the present invention does not generate any cryptocurrency, decentralization means that the contributions and rewards for the network are distributed evenly to the participants. According to Bolckchain.info, the top seven mining groups account for more than 70% of global hashing power. Recently, cryptocurrencies are not decentralized as expected when they were first proposed. Proof of ownership also allows high stake holders to control their books and reports that double spending is possible. To prevent centralization by small groups of people, one-on-one voting is the solution and other alternatives are just similar ones.

1.3. The idea according to embodiments of the present invention to satisfy the need of high-decentralized open books and high-transparent open books on a transaction that cannot be secured by a small number of groups is to use blindness-based voting. will be. Given that financial transactions must be conducted in real name, there is no need to adhere to an anonymous network in embodiments of the present invention. Embodiments of the present invention propose a p2p financial platform that can achieve both true decentralization and high levels of transparency while protecting book-level privacy. Instead of using inefficient PoW based voting, the system according to an embodiment of the present invention uses a much safer, faster, scalable, and eco-proof, proof-of-population (PoP) based voting.

Now let's discuss cryptocurrencies. The goal of bitcoin designers is huge, but bitcoin cannot be a currency. People don't want to use it to buy a product, they want to speculate, and there are many reasons for this. One is that it separates from real money and functions in its own ecosystem, and the other is high mining costs.

Closed ecosystems: Money ledger technologies rely on closed ecosystems to maintain stable economic incentives for miners. In other words, cryptocurrency is a reward and transactions are made only of cryptocurrencies.

Mining costs: PoW-based books are not suitable for processing small transactions because of high mining costs.

1.4. Closed ecosystem of cryptocurrency

In current cryptocurrency networks, rewards are given in cryptocurrencies within the network, and book transactions only consist of the same cryptocurrency. This closed ecosystem has the effect of keeping the value of incentives of attackers very stable, on the other hand, restricting the use of books only to transactions related to cryptocurrencies. Economic incentives cannot attract miners if the currency for books and the cryptocurrency for rewards are different. Suppose that the bitcoin ledger processes USD transactions, and rewards, including transaction costs and coinbase, are given in bitcoin. When the value of Bitcoin plummets and rewards become smaller than transactions in blocks, this separation will obviously prevent attackers from mining honestly, encouraging them to do something wrong (forge trading blocks). do. When the value is very high, the transaction cost will be so high that it will be too high to handle small transactions. This is why most cryptocurrencies are defined recursively in their networks. Although it is not possible to separate the currency for trade and the currency for reward, there must be a way to evaluate the value of money to give miners real economic incentives. Cryptocurrency exchanges exist for this purpose, but the value of cryptocurrencies is changing rapidly due to speculation.

1.5. Mining cost

On the other hand, the cost of mining blocks by unleashing PoW has recently been very high, making it difficult to use to finance small amounts of transactions. For example, one block mining by AntMiner S9, a very large mining pool, costs $ 19,598.50 without considering hardware costs. https://grisha.org/blog/2017/09/28/electricity-cost-of-1- bitcoin /. Therefore, it is quite clear that we cannot use Bitcoin to process small transactions.

As a result, closed ecosystems and high mining costs that separate from the real economy make PoW / PoS-based cryptocurrencies inapplicable to real trading. To overcome this, we propose to use fiat currency instead of cryptocurrency. This is also a recursive use of book money, but this design choice simplifies the problem of closed ecosystems. Book currency according to embodiments of the present invention is already the very currency (legal currency) of reality. No exchange is required to exchange cryptocurrencies for fiat currency. No cryptocurrency is generated in the system according to embodiments of the present invention. Although the p2p platform according to embodiments of the present invention (which in fact can be used to process transactions of any cryptocurrency) is not limited to a particular kind of currency, It will show you how to operate a distributed ledger. Because it treats fiat money on books, it can be used freely for commercial, online and offline payments regardless of value changes. The cost of generating proof to make a block is to generate and collect signatures, which are very common when compared to PoW. Therefore, economic incentives for miners do not need to be large, which means that small transactions can be efficiently processed on the network.

By solving all the above-mentioned problems, the p2p financial platform according to embodiments of the present invention can enable banks to sell financial products and allow consumers to open accounts that are not operated on a central server.

2. Background

The problem solved by Bitcoin is called the Byzantine Generals Problem (BGP), which creates a consensus among the public, under the assumption that it is an incomplete communication network and an incomplete public. Bitcoin is an attempt to resolve BGP among `` unlike '' anonymous users on the Internet. The Bitcoin network was created to create a permanent public ledger on the Internet that allows Internet-connected participants to remain free and join the network without being anonymous. Even worse, they are trying to corrupt their open books in search of their own interests. At this time, there is a possibility that there are a plurality of books that exist simultaneously due to damage. The obvious way to agree on a single open book is to vote, but voting in a trusted and secure way among anonymous users cannot be easily performed. The method of voting for a single book is related to BGP on the Internet. Bitcoin solves the problem with Proof of Work (PoW), which efficiently implements 1 CPU for one vote. Blocks holding multiple transactions with PoW are linked to one public ledger organized by blockchain. PoW is calculated by network participants called "miners" and miners are rewarded with transaction costs and coinbase in the form of cryptocurrencies. To modify the book, attackers fork the chain by adding another transaction to the existing blockchain and adding a PoW that catches up and overrides the existing chain. To do this, the attacker must have more computing power to calculate the PoW for the blockchain. When the blockchain that is created reaches a point longer than the existing chain, the attacker opens the forged chain and asks to replace it with this new chain. The attacker or group of attackers must have 51% or more computing power to succeed in the attack (51% attack).

The difficulty of voting on anonymous networks is the value of Bitcoin's PoW-based blockchain. However, anonymity hinders the application of blockchain technology to real financial platforms in terms of money laundering and tax avoidance. Therefore, institutions in the financial services sector are interested in 'private block chain' and 'consortium block chain' technologies. In a private / consortium blockchain network, because interested entities participate in the private / consortium blockchain, and damaged ledgers lose some objects, it is not necessary for them to operate the network without any 'coin' or 'mining' compensation. It is possible. In the sense that the true meaning of the blockchain is that it is an open ledger that can form consensus between anonymous participants of no interest, private / consortium blockchains in which the identity of participating nodes are known to each other and the nodes are operated by organizations It can only be seen as a redundant distribution of databases for security purposes. In the embodiments of the present invention, it is noted that the entities in the private or consortium blockchain have real identity and can easily be identified with each other, and thus can easily agree without PoW / PoS when a mismatch occurs in the database. Current experimental projects based on private or consortium blockchains focus on the efficiency of coherence between security and distributed database systems obtained by redundant database management by interested entities. In order to deal with transactions between interested third parties, variants of practical Byzantine fault tolerance protocols (PBFTs) have been adopted for private chains. However, most PBFT protocols are not scalable enough to be used in public chain networks. Therefore, the meaning of private / consortium is limited.

Unlike existing blockchains, our blockchain has both the openness of the Public Block Chain and the high throughput of the Private Block Chain. On the other hand, it appears to be a private blockchain because it is operated by anonymous, authenticated nodes rather than anonymous nodes. On the other hand, it also appears to be a public chain, in that nodes can freely join and leave our network and blocks are signed by arbitrary nodes of no interest. This is not an anonymous network but a network operated by real name authenticated peers, so that all transactions recorded can be identified by government authorities if necessary. The new ledger can serve as the ultimate P2P financial platform for dealing with any type of asset, including physical and cryptocurrencies. By using this platform, there is a P2P bank where the bank's books are managed in a distributed, constant ledger operated by peers using smartphones and computers rather than bank servers. The role of the bank includes pseudonym and real identity management, mapping their consumers and selling financial products on the network.

3. Motivation

The innovation of the public blockchain is in resolving book mismatches by enabling anonymous voting by PoW. Even if the identity of a node is not known, if there is a way to distinguish between two votes coming from one node (duplicate votes) or two votes coming from other nodes (two valid votes), Can be counted. In the case of duplicate votes, one of the two votes may be ignored. In this case, votes can be counted without expensive PoW calculations. The real name based identifier and its digital signature may serve for this purpose. Although real name identification is excessive for voting only, it aims to be a real name traceable platform for high-decentralized, high-transparent ledgers, which perfectly fits the purpose according to embodiments of the present invention.

A p2p ledger according to embodiments of the present invention using real name based aliases and digital signatures may be seen as a variant of the private / consortium blockchain in which the block is identified by an explicit majority vote. However, a ledger according to embodiments of the present invention can be freely accessed and left by anyone, once the identity is identified, and the book access is not controlled by anyone and the block can be signed by arbitrary peers. It is a kind of public blockchain. In addition, the operating environment of the public chain is different from the private chain. The number of signers is large, and excessive forking is frequently caused by large network delays. Therefore, we need a different strategy from the PBFT-based majority voting algorithm that is taken by private / consortium blockchains such as Hyperledger.

In a private / consortium blockchain, signers interested in the block must sign the block, whereas in the p2p platform according to embodiments of the present invention, the signature-based majority vote is not interested in who signed the block and how many voters You are only interested in signing the block. Therefore, signatures are used to prove that a certain number of peers have voted on the block. In short, PoP is a game where a miner ("merger" in embodiments of the present invention) is rewarded if he collects N signatures for the block fastest, regardless of the identity of the signer. This is similar to PoW, where the miner who solved the hash puzzle fastest wins the game. To add a block, N random peers between participants vote for the block by adding their signature to the block. Where N≥1. The longer the chain, the more voters support the chain. Therefore, when book mismatch occurs, a chain fork with more voters will be selected, which is the correct implementation of the majority vote. The problem here is how to implement signature-based majority voting in an efficient, secure and decentralized way in a distributed p2p network. Our approach to the problem is to: 1) carefully balance the gains and losses of attackers by transaction volume, transaction cost, and completion time; and 2) to prevent attackers from counterfeiting their books through full traceability. Take advantage.

4. P2P Book Protocol

To make the new blockchain a reality, a proof of population (PoP) using digital signatures is used instead of PoW or Proof of Stake, which is an explicit voting realization by individuals. Unlike PoW and PoS, which rely on accumulated computing power and amount of stake, PoP makes decisions based on the cumulative number of people who support the block. Therefore, when forking occurs by an attack or asynchronous to generate multiple versions of the chain, a chain with a larger population or a chain supported by more voters is chosen as the chain that wins the game.

4.1. Nodes: Signer and Merger

There are two kinds of nodes in a PoP network. One kind of node contributes to maintaining the open ledger by digitally signing the block, while the other kind of node gathers multiple transactions into one block, requests nodes to sign the block, and signs ) And contribute by linking it to an existing blockchain. The former node is called the signer and the latter node is called the merger. When the signer receives a signature request for a transaction block, the signer shows the user a message confirming that the PoP wallet should generate a signature. This can be done automatically by setting up prior consent for automatic signatures. In the embodiment of the present invention, a case where the signature module is executed on a terminal capable of installing an application such as a smartphone is considered. By installing an application according to embodiments of the present invention on its terminal, the signer can make some money as a reward for signing the block. The merger collects and verifies a certain number of transactions to construct a trading block. In addition, for each transaction block, the merger must collect a certain number of valid signatures for the block from the signers and insert them into the block. The merger's software (module for collecting and inserting valid signatures) may also be run on the merger's terminal, such as a smartphone or desktop / server computer. The aggregator node has to advertise or promote itself in order to get more signers to join their network and quickly collect as many signatures as needed. When the signer joins the network, it will register itself with the mergers and the mergers will ask the signer to sign the block. When a signer participates in multiple mergers, the signer must set priorities among the mergers. Nodes participating in a PoP network must be compensated for their work in order to maintain the network. Merger nodes are rewarded for collecting / verifying transactions and collecting signatures for such transactions, and signer nodes are rewarded for their contributions that generated the signature. These rewards are given in real money in their accounts on the books.

1 is a diagram illustrating an example of a P2P book protocol according to an embodiment of the present invention. The first dashed line box 110 shows an example of a signed blockchain as a P2P ledger according to the present embodiment, and FIG. 1 shows that the merger 120 has one transaction between the user and / or one between the user and the merchant. An example of a case in which a block is to be added and added as a new block 111 of the signed block chain shown in the first dotted line box 110 is shown. In FIG. 1, although transaction 1 131 and transaction 2 132 are illustrated, a plurality of transactions generated after the previous block 112 of the block 111 to be newly added are approved and delivered to the merger 120. May include transactions of.

For example, when a transaction occurs from A to B, the transaction record including the amount of money, date / time, transaction purpose and their (A and B) IDs is signed using A and B's private signature keys and A Sent to the mergers by either B or B; In other words, in FIG. 1, the transaction 1 131 between the user and the user may include information on the amount of money, date / time, transaction purpose, and IDs of the two users. Transaction 1 131 may also be signed 133 by two users' private signature keys and sent to the mergers. Although one merger 120 is representatively illustrated in FIG. 1, a transaction record may be substantially transmitted to each of the plurality of mergers. Similarly, transaction 2 132 between a user and a merchant in FIG. 1 may include information about the amount of money, date / time, transaction purpose, and the user's ID and the merchant's ID. Transaction 2 132 may also be signed 134 by the user's personal signature key and the merchant's personal signature key and sent to the mergers.

At this time, the transactions 131, 132 may be signed by the signers 141, 142, 143. In FIG. 1, typically, three signers 141, 142, 143 provide signatures 151, 152, 153 for the new block 111 at the request of the merger 120. At this time, the signers to participate in the signature for the new block 111 may be selected according to the manner to be described later.

The merger 120 may sign 121 a new block 111 and broadcast it to all mergers, and the new block 111 approved by the mergers appears in the first dotted box 110. Can be added as the last block of the signed blockchain. The manner in which mergers approve a block is described in more detail later.

As such, in a PoP network in accordance with embodiments of the present invention, a transaction may be signed by an account holder and sent to a merger, and a block containing multiple transactions may be signed to signers and mergers.

2 is a diagram illustrating an example of information included in a new block added to a signed block chain according to one embodiment of the present invention. FIG. 2 includes transaction 1 131 with signature 141 and transaction 2 132 with signature 142 added to the end of the signed blockchain described with reference to FIG. Block 111 is signed 151, 152, 153 by signers 141, 142, 143. In addition, the merger 120 also indicates that a new block 111 has been signed 121.

4.2. Participation as a node and opening an account in the PoP network

Because PoP networks require how many people support the block, an individual must be authenticated in real name by a p2p bank before entering the network. When the user is authenticated, he creates his own publickey / private key pair and pseudonym and gets the signature from the p2p bank. Therefore, the role of the p2p bank is to authenticate the user and issue public key certificates for aliases and public key pairs. The user stores all of this in the wallet, but the public key and alias pair signed by the p2p bank are registered on the blockchain, the p2p bank stores the real name, and the public key and alias are stored as tuples in the database. . This database, created by multiple p2p banks, must be shared to distinguish nodes or can be managed by a single trust authority. The role of the authorities here is limited to the management of the blind and pseudonym pairs, but not related to transaction processing. The public key can be updated by adding new public key and alias pairs on the book if necessary. Similarly, aliases can be updated by re-registering in the database, but change logs must also be maintained.

A user who has successfully registered an authentication on a book can serve as a signer, a consolidator and / or a consumer if desired.

4.3. Transaction processing at p2p banks

As described through FIG. 1, when a transaction occurs from A to B, the transaction record, including the amount of money, date / time, transaction purpose and their IDs, is signed using A and B's private signature keys and A and B Sent to the mergers by either. Mergers are selected by the sender according to the rank of the mergers profiled in the wallet. Now, the merger who receives the transaction record validates the record and merges some records to create a transaction block. When a block is constructed, the merger collects a predetermined (but periodically adjusted) number of signatures as soon as possible to add the block to the chain. Signers and mergers can only create signatures for blocks created after they join the network. The signers for a block are not chosen arbitrarily by the merger, but are chosen by a hash value that is the output of a function whose output is random because it is random and unpredictable but deterministic of the transaction records of the previous block. Can be. For example, the hash value may be generated through a hash function preset in each of the mergers. At this time, the signers may be selected according to the hash value as a result of the hash function having information extracted from the transaction records of the previous block as a parameter. Therefore, to change the signature group for an attack, it is necessary to change the transactions of the previous block so that their hash value selects the attacker's signer group. At this time, as described above, in order to change the transactions of the previous block, the transactions of the previous block must be changed. As a result, changing the signature group of one block involves changing all signature groups of all preceding blocks and all subsequent blocks.

FIG. 3 is a diagram for one example of selecting signers for a new block based on a previous block according to one embodiment of the present invention. 3 illustrates the new block 111 and the previous block 112 of the new block described with reference to FIG. 1. In this case, the previous block 112 may include information about transaction a 310, transaction b 320 and transaction c 330, similar to those described with reference to FIG. It can include a signature. In addition, as described above, the previous block 112 may include a previous hash value 340 generated based on the previous block of the previous block 112.

The merger (eg, the merger 120 described with reference to FIG. 1) has information about the transaction a 310, the transaction b 320 and the transaction c 330 included in the previous block 112 as parameters. The hash function 350 may generate a hash value for the new block 111. The newly generated hash value may be included in the new block 111 as in the previous hash value 360 shown in FIG. 3. Meanwhile, the merger may select the signers 370 based on the hash value generated through the hash function 350. For example, the signers 141, 142, 143 of FIG. 1 may be selected by the signer IDs that the merger 120 calculated based on the hash value.

Thereafter, as described with reference to FIG. 1, the merger may send a new block 111 to the signers 370 to receive the signatures 151, 152, and 153 of the signers 370 and merge. As such, a block in a PoP network according to embodiments of the present invention may be signed to signers and mergers, and a group of signers may be forced by a hash value for the transaction of the previous block.

1) Transactions are broadcast to the merger's network and the mergers wait until some transaction volume is collected.

2) The merger collects transactions in the block, calculates the signer ID, finds the signers with the closest ID among the signers registered in the signer management list of the merger, and sends the block to the signers.

3) The signer verifies the validity of the block and responds to the merger through the signature on the block.

4) The merger waits until it gets some signatures on the block, and if successful, signs the block and broadcasts the multi-signed block to all mergers.

5) Mergers approve a block only if the block is valid and not paid in duplicate.

6) Mergers use the hash of the approved block as the previous hash to notify block approval by working to create the next block in the chain.

The signer must hold all block IDs signed. The signer checks the following and signs the block.

If the time stamp in the block does not match the current time considering the time synchronization error on the distributed network, it reports to the authority and ignores the block (e.g. in a Bitcoin network, the block has a time stamp of the last 11 blocks. Greater than the median is considered valid).

Ignore if the signature request is for a block created before the signer joined the network.

If the request is for a block created before the last signed block is completed, the signing request from the merger will be automatically rejected.

If the request is for another block containing information about transactions on a block that has already been signed, the signer ignores the request and notifies the merger. This notice has the effect of prompting the merger with the message "You are late. The transaction has already been added."

If the request is for a block containing a transaction that does not match the signed one, the signer reports to the authorities and broadcasts the merger ID and sender ID to the network to drive the user who made the request out of the network. Now all requests from this attacker will be ignored.

Signers may be disqualified over time by the merger to ensure an even distribution of transaction costs.

4.4. Fork with multiple voters

When a block is added to chain O, it takes a few seconds to spread the result over the entire network to form a new chain N. Therefore, during that time, another merger may try to add another block to the chain O, which causes chain forking to make another chain N '. Chain forking means that there are two versions of books that must be resolved explicitly. In a PoP network, selecting the appropriate chain is done by voting. When two or more forks compete with each other to become the main chain, the mergers choose forks with a more accumulated number of signatures, which means that more people support the chain.

4.5. Approval level

가 체인에 추가되고 다음 블록

이 그 체인에 추가될 때

는 네트워크로부터 하나의 승인을 받는다. 미리 결정된 수의 승인들이 있은 후, 블록은 영구적으로 체인에 추가되며, 이 영구적인 승인 후에는 또 다른 포킹 요청이 승인되지 않을 것이다. 그러므로, 합병자는 경합하는 포크 블록 체인들 중에서 최신의 영구적인 승인에 대한 가장 빠른 타임 스탬프를 갖는 하나를 선택해야 한다. 이는 최신의 영구적인 승인 이후의 시간 프레임 내로 포킹 논의를 제한시킨다.block

Is added to the chain and the next block

Is added to the chain

Receives one approval from the network. After a predetermined number of grants, the block is permanently added to the chain and after this permanent grant another forking request will not be granted. Therefore, the consolidator must choose one of the competing fork blockchains with the earliest time stamp for the latest permanent approval. This limits the forking discussion into the time frame after the latest permanent approval.

In order to improve throughput, embodiments of the present invention may employ GHOST (Greedy Heaviest-Observed Sub-Tree). The idea is not to eliminate contending branches, but to leave branches to support the blocks from which the branches are forked. Now instead of choosing the longest chain, we choose the heaviest chain that the largest population supports.

4.6. Select signer group

에 대한 서명자 그룹은 종전 블록들 상 거래 내용과, 서명 및 체인 해시가 제외된 서명자 그룹 내 서명자들의 리스트를 해시함으로써 선택된다. 즉, 리스트는

에 의해 계산될 수 있으며, 여기서

는 i번째 블록 상의 거래 및 서명자 리스트들이며, t(≥1)는 최종 임계 값이다. 서명 그룹의 이러한 소급성 및 적용되지만 예측 불가능한 선택은 장부의 훼손을 더 어렵게 만든다.block

The signer group for is selected by hashing the transaction content on the previous blocks and the list of signers in the signer group, excluding the signature and chain hash. In other words, the list is

Can be calculated where

Is the transaction and signer lists on the i-th block, and t (≥1) is the final threshold. This traceability of the signature group and the applied but unpredictable choice makes it more difficult to damage the books.

4.7. Nearest signer ID in Hamming distance

The signer ID selected by the hash value may not be valid because the signer has not yet joined or the signer with the ID may not be activated. In this case, the closest ID in the hamming distance will be selected and the score for selecting the longest chain can be calculated as in Equation 1 below.

는 블록

내 서명자들의 수이고, 128은 ID의 비트 길이의 예일 수 있고,

는 j번째 서명자와 해시 출력 간의 해밍 거리이다.here

Block

My number of signers, 128 could be an example of the bit length of the ID,

Is the hamming distance between the j th signer and the hash output.

4.8. Difficulty adjustment: number of signers

New signers join the network through mergers, and they participate in the signature processing from the next block. S is the number of signers to sign the block. Every two seconds, a reference point for collecting signatures S. This is calculated by measuring 1,800 block creation times, the number of which is recorded in blocks. If it is too slow to collect S signatures, only the minimum S (e.g., 5) is retained for security purposes.

5. Security

5.1. Block forging

To forge a block, the attacker has two choices. One is to forge signatures in the block, which is not feasible by the EUF-CMA security of the signature. Instead of destroying the cryptographic signature, one can buy the signature group of the block. This method replaces the signer group and puts the signatures of their own signer group.

5.1.1. Replace signer group

를 얻기 위하여 한 블록

내 거래를 변형할 때, 서명자 그룹에 의해 서명된

를 얻어야 한다. 서명을 위조하지 않으려면 (암호학적으로 불가능하므로), 서명자 그룹을 교체시켜야 한다. 이에 대해, 서명자 그룹은

의 기록들에 의해 결정되기 때문에, 종전 블록

의 거래 기록들은

로 변형되어야 한다. 이는 결국 변형된 블록

의 재서명과 관련된다. 블록

의 서명자 그룹은 그들이 이미 시간 프레임 내에 서명되었기 때문에

에 재서명하지 않을 것이고, 이에 따라

에 대한 서명자 그룹은 변화되어야 한다. 결과적으로, 블록

의 변형은

,

, …,

의 역행 회귀 변형과 관련된다. 또한,

내 거래를 변화시킴으로써,

내 저장된 체인 해시 및

의 서명자 그룹 모두가 변화된다. 결과적으로, 하나의 블록을 변화시키는 것은 순행 및 역행 체인 모두의 변형과 관련된다.Attacker

One block to get

When transforming my transaction, signed by a group of signers

You should get To avoid forging signatures (since cryptographically impossible), the group of signers must be replaced. In this regard, the group of signers

The previous block, as determined by the records of

Transaction records

It should be transformed into. Which in turn transforms the block

It is related to the resignation of. block

The signer group of is because they are already signed within the time frame

Will not resign to

The signer group for must be changed. As a result, the block

Variation of

,

,… ,

Is associated with the retrograde regression of. Also,

By changing my deal,

My saved chain hash and

All of the signer groups in are changed. As a result, changing one block involves the modification of both the forward and backward chains.

4 is a diagram illustrating an example in which a p2p book is protected against a forking a block according to an embodiment of the present invention. 4 shows a block Bi-1 411, a target block Bi 412, and a block Bi + 1 413 as part of a signed blockchain, where the target block Bi 412 is the signer group a 421. Is signed, and block Bi + 1 413 is signed by signer group b 422.

At this time, a case in which the counterfeiter wants to receive approval for the counterfeit block Bi '431 before the target block Bi 412 is approved may be considered. As already explained, the signer group a 421 is selected based on the hash value for the transaction of the block Bi-1 411, so that the forger uses a different signer group to obtain a signature for the forged block Bi '431. In order to forge the transaction content of block Bi-1 (411). This requires the forger to sequentially forge all previous blocks of block Bi-1 411.

Forgers can also attempt to conspiracy against signers. However, the counterfeiter has a burden of public advertising in order to collect conspirators, and the signers for signing the following counterfeit block Bi + 1'432 are selected by the transaction contents of the counterfeit block Bi'431. Therefore, the signer group selected for the counterfeit block Bi + 1 '432 is different from the signer group b 422 of the normal block Bi + 1 413 as the signer group x 441 as shown in FIG. do. In other words, not only the next counterfeit block Bi + 1 '432, but all the counterfeit blocks of the counterfeiter to be added afterwards must continually compete with the normal blocks attempted by multiple consolidators by duplicate signatures. The race must be repeated for the last block of the signed blockchain.

5.1.2. A group of signers compromised by bribery or negotiated with theft keys

에 대한 서명자 그룹이 변화되지 않아서 정확하지만 매수된 서명자 그룹에 의한 유효한 서명들이 부가되기 때문에, 공격자는 종전 블록들을 변화시킬 필요가 없다. 공격자는 오직 순행 위조에 대해서만 관심이 있다. 거래들 및 대응하는 서명들의 변화에 의해, 다음 블록

에 대한 서명자 그룹 및 체인 해시 값은 실제 체인 상의 블록의 것들과는 본질적으로 매치되지 않는다. 그러므로, 공격자는 블록

에 서명하기 위하여 새로운 서명자 그룹을 다시 매수하거나 협상해야만 한다. 이제, 변형된 블록

는 다른 서명자 그룹, 다른 체인 해시를 갖지만 같은 거래들을 가지며, 이는 다른 서명을 유발한다.

에 대해, 블록에 서명한 서명자 그룹은 공격자들에게 매수되어야 하고, 이는 체인의 마지막 블록까지 반복된다. 확정 투표로 되돌아가기 위한 매수된 서명자들의 요구되는 수는 너무 커서 위조된 거래량에 의해 보상되지 않는다.You can attack by buying a group of signers or stealing keys to forge blocks. This way, the current block

The attacker does not need to change the previous blocks because the signer group for is not changed so that valid but bought signatures by the signer group are added. The attacker only cares about forgery. The next block, due to changes in transactions and corresponding signatures

The signer group and chain hash values for do not essentially match those of the block on the actual chain. Therefore, the attacker blocks

The new signer group must be bought back or negotiated in order to sign. Now, the transformed block

Has different signer groups, different chain hashes, but the same transactions, resulting in different signatures.

For, the signer group that signed the block must be bought by attackers, which is repeated until the last block in the chain. The required number of bought signers to return to the confirmation ballot is too large to be compensated by the forged trade volume.

5.2. Security economy, rewards and fines

There are a number of devices that prevent attackers from participating in forgery.

The first and most important device is a fully traceable blindness-based ledger. The strongest motivation comes from the fact that all nodes have already been authenticated blind and that all transactions on the books are fully traceable. Therefore, nodes in the network know enough that the crime is perfectly traceable and likely to be discovered.

)의 공모를 해야만 하기 때문에, 블록을 위조하는 합병자는 비공개 포킹을 할 수 없다. 그러나, 위조 합병자에 의해 제안받은 서명자들 중 적어도 하나는 블록이 이미 높은 확률로 완성되었다는 것을 알아야 한다(블록은 네트워크 거리의 시간 이후에 완성된다). 그러므로, 임의의 서명자는 당국에 이중 지급 시도를 신고할 것이다.The second device is that private forks are impossible, so public advertising is inevitable for forking. In a PoW network, miners can secretly make forks for double payments by calculating PoW faster than other miners until they deploy a private fork to replace the actual chain. However, in the PoP network, creating a forking chain R group of signers approximately R Х S two (or more accurately approximately 200 signatories

The consolidator who forges the block will not be able to fork privately, since it must conspire. However, at least one of the signers proposed by the counterfeit merger should know that the block has already been completed with a high probability (the block is completed after the time of the network distance). Therefore, any signer will report a double payment attempt to the authority.

및 R을 각각 블록에 대한 서명자 그룹 사이즈 및 확정을 위한 블록의 수라고 하자. 서명자들의 수

는 네트워크 속도에 의해 결정되고, R은 네트워크 거리에 의해 결정된다. 명료성을 위하여, S를 한 블록에 대한 서명자들의 평균 수라고 가정하자. 이때, 공격자를 위한 최고의 시나리오는 막 확정된 블록을 위조하는 것이고 이는 블록들의 최소 개수만 재서명될 필요가 있기 때문이다. 공격자는 블록을 위조해서 화폐 소비에 대한 자신의 거래가 제거되도록 한다. 위조된 블록은 공격자의 이중 지급에 대해 M

TA 개의 거래를 잃고, 따라서 M

F

TA는 위조된 블록의 공모 서명자들에게 보상되어야 한다. 다음 블록에 대한 서명자 그룹은 이제 새로운 그룹으로 변화하고, 그들은 다음 블록을 위조된 것에 서명해야 한다. 거래들은 변화하지 않기 때문에 후속 블록들은 같은 서명자 그룹들에 의해 서명되고, 그들은 새로운 서명으로부터 추가 수입을 얻지 않는다. 이제, 후속 블록들에 대한 공모 서명자들은 중복 서명 행위라는 것을 알면서 같은 블록에 또 다시 서명하라는 요청을 받는다. 이때, 공모 서명자들은 공모에 참여할지 말지 선택해야 한다. 공모 서명자들은 두 가지를 고려한다. 하나는 네트워크 노드들에 의해 이중 서명 행위로 당국에 신고될 가능성이 높다는 점이다. 다른 하나는 공모 서명자들이 이중 서명 행위가 거래 비용을 얻을 기회를 잃게 만들 수 있다는 점을 공모 서명자들이 알고 있다는 것이다. 이는 공모 서명자들이 서명한 종전 체인이 공모 서명자들이 공모하려는 후속 체인보다 거래 비용을 벌어들일 더 많은 가능성을 갖기 때문이다. 요약하면, 공모 서명자가 얻을 수 있는 지분은,

와 같이 계산될 수 있으며, 거래 비용은

와 같이 얻어질 수 있다.The third device is that the incentives given to each competition signer are less than the transaction cost. Let F % be the transaction cost and TA is the maximum limit per block. In addition, a single transaction is limited to less than M % of TA . Also,

Let and R be the signer group size for the block and the number of blocks for confirmation, respectively. Number of signers

Is determined by the network speed, and R is determined by the network distance. For clarity, suppose S is the average number of signers for a block. At this point, the best scenario for an attacker is to forge a block that has just been established because only the minimum number of blocks needs to be re-signed. The attacker falsifies the block so that his trade in money consumption is eliminated. The forged block is M for the attacker's double payment

Lose TA transactions, thus M

F

The TA must be rewarded to the competition signers of the forged block. The signer group for the next block now changes to the new group, and they must sign the next block forged. Since the transactions do not change, subsequent blocks are signed by the same signer groups, and they do not get additional income from the new signature. Now, collusion signers for subsequent blocks are asked to sign the same block again, knowing that it is a duplicate signing action. At this time, contest signers must choose whether or not to participate in the contest. Competition signers consider two things. One is that network nodes are likely to be notified to the authorities for double signing. The other is that the competition signers know that the signing of the competition can lead to the loss of the opportunity to obtain a transaction cost. This is because previous chains signed by competition signers have a greater chance of earning transaction costs than subsequent chains. In summary, the stake that can be obtained by the signatory of the competition,

Can be calculated as

Can be obtained as

를

와 비교할 것이다. 간단한 대수에 의해,

가 얻어질 수 있다. 즉, F가

이상일 때, 서명자는 공모에 참여하지 않고, 정직하게 행동할 것이다. M = 10%이고, R = 10으로 설정한다면, F를 1% 미만으로 설정할 수 있다. 이는 블록 상 단일한 거래의 최대 부분이 10%로 제한되고, 그 블록을 포함하는 10개의 블록이 더해진 후에 하나의 블록이 확인된다면, 거래 비용 1%가 공모 공격을 방지하기에 충분하다는 것을 의미한다.Therefore, the signer

To

Will be compared with By simple algebra,

Can be obtained. That is, F

In this case, the signer will not participate in the contest and will act honestly. If M = 10% and R = 10, then F can be set to less than 1%. This means that if the maximum portion of a single transaction on a block is limited to 10% and one block is identified after the 10 blocks containing that block have been added, then 1% of the transaction cost is sufficient to prevent collusion attacks. .

보다 높게 설정되어야 한다.As a fourth device, rewards and fines can be considered. In order to protect the network, embodiments of the present invention may introduce a penalty to the notifier of the double payer and a penalty for the attacker. Given that it must be publicly advertised and recruit signers to conspiracy, if the fines are greater than the benefits of forgery, a potential attacker will rarely try to forge a book. Any signer is more likely to report a double payer because the reward is set higher than the equity that can be obtained when conspiring against illegal counterfeiting. To this end, rewards and fines

Should be set higher.

For the last device, the incentive given by the attack can be limited by a system policy that sets the maximum transaction value (eg, 10% of the total in the block). If the price of a transaction is high, the transaction must be broken up into many smaller transactions to prevent attacks. In doing so, the maximum profits of the conspirators are limited. By setting the TA small for each block, the incentives for attackers are reduced. For example, if you set TA to USD 10,000 and S to 10, respectively, considering R = 10, M = 10% and F = 1%, the maximum profit for each conspirator is only USD 9.9. USD 9.9 will not be enough to engage in crime within a fully traceable network.

As such, block counterfeiting must be publicly advertised by counterfeiters to attract conspirators and less incentives because equity is less than costs, rewards and fines.

6. Other

6.1. Size scalability by local blockchains and interpolation

For the scalability of the PoP chain, every regional area has its own local blockchain. All transactions occurring within the area are processed as described above. On the other hand, we can consider the case where a transaction occurs between two local blockchains. For example, if A (hereinafter 'A @ Orlando') on a local chain in Orlando wants to send USD 5 to B (hereafter 'B @ Fairfax) on a local chain in Fairfax May be considered. The transaction "A @ Orlando sends USD 5 to B @ Fairfax" can be verified for the first time by checking the balance and processed on the local chain at Fairfax. Therefore, the cost between transactions will be higher than the cost of processing transactions internally as it involves more mergers and signers. When B @ Fairfax wants to send some money to C ('C @ Boston') on the local chain in Boston, the balance of B @ Fairfax will be first validated on the local chain in Fairfax. Can be.

Localization of chains and interoperability between chains makes the books manageable in terms of size and speed. One local chain does not delay transaction processing because of the size of the transaction, the size of the book does not increase rapidly, and only has local transaction records. Even keeping the books small, interoperability allows transactions between chains.

6.2. Time scalability to move all balances to new chain

By interoperability between the chains, the system according to embodiments of the present invention can be extended in time. A new chain is created, which can be advertised not to use the old chain, and all balances on the old chain can be transferred to the new chain. At this time, the old chain may be kept in the repository of peers (full nodes). If all balances do not move to the new chain and later a transaction request on the old chain occurs, the archived chain can still be used to move to the new chain.

6.3. Privacy on amount

Multiple addresses can be used to separate transactions by privacy techniques for amounts to make tracking difficult.

6.4. Balance based ledger

The balance of each account as well as the transaction records can be stored in the book to make account balance confirmation faster.

6.5. Receipt on blockchain

Instead of storing only property movement information, we can store contextual information to make it possible to realize on the chain an unacceptable online receipt. To save the storage of the ledger and to better protect the privacy, only the hash value of the transaction is stored in the book but the unique transaction information is stored separately by the bank.

6.6. Transaction with conventional bank

When consumers transfer a certain amount of money from a conventional bank account (T) to our p2p bank account (P), the balance in T is reduced and a transaction is created indicating the transfer from T to P. When the block containing the transaction is successfully connected to the blockchain, the transaction processing is completed. Transactions from P to T can be handled similarly by adjusting the balances in both accounts.

6.7. International money transfer

Clearly, it is possible to transfer money internationally from an account in one chain to one in another. By applying exchange rates, recording preferred transactions in the source chain and recording them in the destination chain using local chain interaction procedures completes international remittances.

7. Differences from existing cryptocurrency technologies

7.1. Fully traceable real name online financial platform

The blockchain according to embodiments of the present invention is executed and used by users (nodes) identified with real names, so all transactions are traceable when given a pseudonym and real name mapping table. This will ease the development of books by resolving government concerns about tax avoidance and money laundering.

7.2. True decentralization

It is more democratic compared to PoW and PoS in that one user can cast one vote. In anonymous networks using PoW or PoS, large computing power owners or high- stake owners can vote more than others. More democratic in this sense means a lot. For example, being more democratic can mean better security, fairness and democratic control of the network. Currently PoW / PoS networks require decentralization but they are actually centralized by high hash capability groups, large cryptocurrency exchanges and developers. On the other hand, PoP according to embodiments of the present invention can provide decentralization rather than cryptocurrency, PoW, PoS.

7.3. In addition, PoP can provide higher security with the possibility of retrograde or forged counterfeiting.

7.4. High transaction processing speed

In terms of transaction throughput and energy consumption, PoP is better than PoW. This is because PoP does not cause any huge calculations for transaction processing. As a result, PoP networks are more scalable than PoW networks because of the order of magnitude of the faster processing speed. At present, the processing speed of Bitcoin network is only 7 Transactions Per Second (TPS).

7.5. Protocol for real money

In current cryptocurrency networks, rewards are given in cryptocurrencies within the network, and transactions are only in cryptocurrencies. This recursive use inside the network causes a separation between cryptocurrency and real world values. It does not provide any criteria for the real world value of cryptocurrencies, but it destabilizes the value of their assets. The value between the real currency (eg USD) and the cryptocurrency arises only in the cryptocurrency exchange market. Problems arise in the current trading market because those are the only places where the market value of a cryptocurrency is determined and there is no basis (or anchor) for that value. Instability on exchanges and recursive use of cryptocurrency trading prevents cryptocurrencies from serving as real world currencies. PoP-based p2p banks deal with real money transfers instead of cryptocurrencies, so transaction costs are given in real money. Overall, the protocol for p2p banks works for real financial systems, not virtually opened financial systems.

7.5. Digital signature

For PoP networks, any secure (EU-CMA secure) digital signature can be used simultaneously on platforms such as RSA-OAEP, ECDSA, DSA, pairing based signatures, and the like. If network bandwidth is not sufficient, an aggregate signature can be used to compress multiple signatures.

7.6. Other applications

It can be handled for any form of transactions as well as for money transfers. For example, cryptocurrencies can be handled on PoP networks. Book sales records, music / song sales records may be stored in the book to make business processing transparent.

5 is a diagram illustrating an example of an operating environment of a network system according to an embodiment of the present invention. 5 illustrates a financial platform 510, a plurality of signer nodes 510, and a plurality of merger nodes 530. At this time, the financial platform 510, each of the plurality of signer nodes 510, and each of the plurality of merger nodes 530 are physical, such as the computer device 600 described below with reference to FIG. 6, for example. It may be implemented as a hardware device, or in some embodiments, two or more computer devices may be implemented in a combined form.

The financial platform 510 may correspond to the p2p bank described above, and may provide a user identifier on the network by authenticating the identity with a real name for each of the plurality of users who want to enter the network.

Each of the plurality of merger nodes 520 collects and merges information about transactions between users to generate a transaction block, and understands the signers for the generated transaction block, the transaction that the generated transaction block includes. Regardless of the relationship, you can select based on the transaction of the last completed block of the signed blockchain, receive signatures on the created transaction blocks of the selected signers, and attempt to add the generated transaction blocks to the signed blockchain. have. Each of the plurality of merger nodes 520 may correspond to the terminal of the merger described above.

Each of the plurality of signer nodes 530 verifies the validity of the transaction block generated in each of the plurality of merger nodes 520 according to a request from each of the plurality of merger nodes 520, You can sign a trading block. Each of the plurality of signer nodes 530 may correspond to the terminal of the signer described above.

In this case, the financial platform 510, each of the plurality of signer nodes 510, and each of the plurality of merger nodes 520 may communicate with each other through the network 540 shown in FIG. 5.

As already explained, when a transaction occurs from A to B, the transaction record containing the amount, date / time, transaction purpose and their IDs is signed using A and B's private signature keys and is either A or B Sent by the sender to the mergers. Mergers are selected by the sender according to the rank of the mergers profiled in the wallet.

In this case, the plurality of merger nodes 520 may correspond to terminals of the selected mergers, and the plurality of merger nodes 520 may correspond to transaction blocks signed from the plurality of signer nodes 530. As each is broadcast by the merger nodes, the validity of the signed transaction blocks can be verified and the addition of the validated signed transaction blocks to the signed blockchain can be approved. As already explained, the PoP network selects and actualizes a new blockchain according to the cumulative number of people who support the block (the number of signatures). At this time, since the number of accumulated people is the same for the blockchain determined before the new block, a new blockchain may be selected according to the number of transaction blocks newly added to the blockchain. Each of the plurality of signer nodes 530 may validate the new trading blocks being broadcast and approve adding the validated signed trading blocks to the blockchain, wherein those of the people supporting the trading block Transactions with the highest cumulative number (signatures) of those who support the addition of the trading block with the highest cumulative number of signatures (signatures) or new blockchains that have added validated trading blocks. You can select the blockchain to which the block is added.

Meanwhile, each of the plurality of merger nodes 520 has as inputs information about transactions contained in previous transaction blocks of the transaction block to be added to the signed blockchain, but is unpredictable (random) according to the input. Generate a hash value that is output through a function whose output is deterministic, select the signers for the transaction block you want to add based on the generated hash value, add them to the signer nodes corresponding to the selected signers, You can request a signature for your trading block.

In this case, each of the plurality of signer nodes 530 manages a block identifier of a transaction block signed by it, and requests a signature request for a transaction block generated before the last signed transaction block in the signed blockchain is completed. You can refuse. In addition, each of the plurality of signer nodes 530 ignores the request for signing the other transaction block, which includes information about transactions on the transaction block that it has already signed, and informs the other transaction block about the negation of the signature request. The merger node corresponding to the message may be notified. In addition, each of the plurality of signer nodes 530 reports a signing request to the financial platform 510 for a block that contains a transaction that does not match the signed one, and identifies the merger's identifier and the mismatched transaction according to the signature request. The identifier of the sender of may be broadcast on the network.

6 is a diagram illustrating an example of an internal configuration of a computer device according to one embodiment of the present invention. As described above, the financial platform 510, each of the plurality of signer nodes 510, and each of the plurality of merger nodes 530 may be physical devices, such as the computer device 600 of FIG. 6. In some embodiments, two or more computer devices may be implemented in a combined form.

As illustrated in FIG. 6, the computer device 600 may include a memory 610, a processor 620, a communication interface 630, and an input / output interface 640. The memory 610 may be a computer-readable recording medium, and may include a permanent mass storage device such as random access memory (RAM), read only memory (ROM), and a disk drive. The non-volatile mass storage device, such as a ROM and a disk drive, may be included in the computer device 600 as a separate permanent storage device separate from the memory 610. In addition, the memory 610 may store an operating system and at least one program code. These software components may be loaded into the memory 610 from a computer-readable recording medium separate from the memory 610. Such a separate computer-readable recording medium may include a computer-readable recording medium such as a floppy drive, a disk, a tape, a DVD / CD-ROM drive, a memory card, and the like. In other embodiments, software components may be loaded into memory 610 via communication interface 630 rather than a computer readable recording medium. For example, software components may be loaded into memory 610 of computer device 600 based on a computer program installed by files received via network 540.

The processor 620 may be configured to process instructions of a computer program by performing basic arithmetic, logic, and input / output operations. The instructions may be provided to the processor 620 by the memory 610 or the communication interface 630. For example, the processor 620 may be configured to execute a command received according to a program code stored in a recording device such as the memory 610.

The communication interface 630 may provide a function for the computer device 600 to communicate with other devices (eg, storage devices described above) via the network 540. For example, a request, a command, data, a file, etc. generated by the processor 620 of the computer device 600 according to a program code stored in a recording device such as the memory 610 may be controlled according to the control of the communication interface 630. 540 may be passed to other devices. Conversely, signals, commands, data, files, and the like from other devices may be received by computer device 600 via network 540 via communication interface 630 of computer device 600. Signals, commands, data, and the like, received through the communication interface 630 may be transmitted to the processor 620 or the memory 610, and the files and the like may be included in the storage medium that the computer device 600 may further include. Persistent storage).

The input / output interface 640 may be a means for interfacing with the input / output device 650. For example, the input device may include a device such as a microphone, a keyboard or a mouse, and the output device may include a device such as a display or a speaker. As another example, the input / output interface 640 may be a means for interfacing with a device in which functions for input and output are integrated into one, such as a touch screen. The input / output device 650 may be configured as a computer device 600 and one device.

Further, in other embodiments, the computer device 600 may include fewer or more components than the components of FIG. 6. However, it is not necessary to clearly show most of the prior art components. For example, computer device 600 may be implemented to include at least some of the input and output devices 650 described above, or may further include other components, such as a transceiver, a database, and the like.

7 is a flowchart illustrating an example of a signature method in an embodiment of the present invention. The signature method according to the present embodiment may be performed by the computer device 600 implementing the terminal of the signer as described above. For example, the processor 620 of the computer device 600 may be implemented to execute a control instruction according to a code of an operating system included in the memory 610 or a code of at least one program. Here, the processor 620 may perform the steps 710 to 730 included in the method of FIG. 7 according to a control command provided by a code stored in the computer device 600. Can be controlled.

In operation 710, the computer device 600 receives a signature request for a transaction block generated by the merger node through a network from a merger node on a network whose identity is authenticated with a real name for a plurality of users to enter. can do. Here, the computer device 600 may correspond to the terminal of the user selected as the signer among the plurality of users, and the merger node may also correspond to the terminal of the user selected as the merger among the plurality of users. At this time, the signature request may be sent by the merger node to the signer nodes on the network selected based on the hash value, where the hash value inputs information about transactions included in the last transaction block of the signed blockchain. Since it is arbitrary and unpredictable but deterministic, it can be output through a function whose output is determined according to the input.

In operation 720, the computer device 600 may verify the validity of the transaction block for which the signature is requested. Since the signer has verified the validity of the transaction block several times, repeated description thereof will be omitted.

In operation 730, the computer device 600 may sign a valid transaction block. At this time, the computer device 600 may transmit the signed transaction block to the merger node. Operation at the merger node will be described with reference to FIG. 8.

8 is a flowchart illustrating an example of a method for adding a transaction block according to an embodiment of the present invention. The transaction block adding method according to the present embodiment may be performed by the computer device 600 implementing the terminal of the merger described above. For example, the processor 620 of the computer device 600 may be implemented to execute a control instruction according to a code of an operating system included in the memory 610 or a code of at least one program. Here, the processor 620 may be configured to perform the steps 810 to 850 included in the method of FIG. 8 according to a control command provided by a code stored in the computer device 600. Can be controlled.

In operation 810, the computer device 600 may collect information about a transaction between users through a network in which a user name is authenticated with real names for a plurality of users who want to enter. For example, when a transaction occurs from user A to user B, the transaction record, including the amount of money, the date / time, the purpose of the transaction, and their IDs (user A and user B), is the user's private signature key and user B It can be signed using the private signature key of and sent to the mergers by either user A or user B (the sender). In this embodiment, the computer device 600 may be a terminal of one of these mergers, and may collect information about transactions between users as in step 810.

In operation 820, the computer device 600 may generate a transaction block by merging the collected transaction information. The transaction block may include information about the transaction (transaction record in the previous example) received from at least one sender.

In step 830 the computer device 600 selects the signers for the generated transaction block based on the transaction of the last completed block of the signed blockchain, irrespective of the interest in the transaction that the generated transaction block includes. Can be. For example, in FIG. 3, a new block 111 is obtained through a hash value calculated using a hash function having, as input parameters, transactions 310, 320, and 330 included in the previous block 112 of the new block 111. An example in which signers 370 are selected for the above is described.

In operation 840, the computer device 600 may request a signature for the generated transaction block of the selected signers. At this time, each of the signers receives the signature request through the steps 710 to 730 described with reference to FIG. 7, confirms the validity of the transaction block, and signs the valid transaction block according to the embodiment of FIG. 8. 600 may be transmitted to the merger node.

In step 850, the computer device 600 may send the signed transaction block to the plurality of aggregator nodes on the network to add the signed transaction block from the signers to the signed blockchain. In this case, as described above, each of the plurality of merger nodes may confirm the validity of the signed transaction block and approve the addition of the signed transaction block whose validity is confirmed to the signed block chain. In this case, as described above, the cumulative number of people who support the trading block (the number of signatures) approves the addition of the largest trading block or supports the trading block among the new blockchains with the added valid trading blocks. You can choose the blockchain to which the trading blocks with the largest cumulative number of people (signatures) are added.

5 to 8 may refer to the foregoing descriptions, and the effects of the network system, the signature method, and the transaction block generation method have been described in detail above.

The system or apparatus described above may be implemented as a hardware component, a software component or a combination of hardware components and software components. For example, the devices and components described in the embodiments are, for example, processors, controllers, arithmetic logic units (ALUs), digital signal processors, microcomputers, field programmable gate arrays (FPGAs). May be implemented using one or more general purpose or special purpose computers, such as a programmable logic unit (PLU), a microprocessor, or any other device capable of executing and responding to instructions. The processing device may execute an operating system (OS) and one or more software applications running on the operating system. The processing device may also access, store, manipulate, process, and generate data in response to the execution of the software. For convenience of explanation, one processing device may be described as being used, but one of ordinary skill in the art will appreciate that the processing device includes a plurality of processing elements and / or a plurality of types of processing elements. It can be seen that it may include. For example, the processing device may include a plurality of processors or one processor and one controller. In addition, other processing configurations are possible, such as parallel processors.

The software may include a computer program, code, instructions, or a combination of one or more of the above, and configure the processing device to operate as desired, or process it independently or collectively. You can command the device. Software and / or data may be any type of machine, component, physical device, virtual equipment, computer storage medium or device in order to be interpreted by or to provide instructions or data to the processing device. It can be embodied in. The software may be distributed over networked computer systems so that they are stored or executed in a distributed manner. Software and data may be stored on one or more computer readable media.

The method according to the embodiment may be embodied in the form of program instructions that can be executed by various computer means and recorded in a computer readable medium. The computer readable medium may include program instructions, data files, data structures, etc. alone or in combination. The program instructions recorded on the media may be those specially designed and constructed for the purposes of the embodiments, or they may be of the kind well-known and available to those having skill in the computer software arts. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks, and magnetic tape, optical media such as CD-ROMs, DVDs, and magnetic disks, such as floppy disks. Magneto-optical media, and hardware devices specifically configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like. Such a recording medium may be various recording means or storage means in the form of a single or several hardware combined, and is not limited to a medium directly connected to any computer system, but may be distributed on a network. Examples of program instructions include not only machine code generated by a compiler, but also high-level language code that can be executed by a computer using an interpreter or the like.

Although the embodiments have been described by the limited embodiments and the drawings as described above, various modifications and variations are possible to those skilled in the art from the above description. For example, the described techniques may be performed in a different order than the described method, and / or components of the described systems, structures, devices, circuits, etc. may be combined or combined in a different form than the described method, or other components. Or even if replaced or substituted by equivalents, an appropriate result can be achieved.

Therefore, other implementations, other embodiments, and equivalents to the claims are within the scope of the following claims.

Claims (10)

A financial platform for authenticating an identity with a real name for each of a plurality of users who want to enter a blockchain network and providing a user identifier on the blockchain network;
Collecting and merging information on transactions using fiat currency between users whose identity is authenticated by the real name to create a transaction block, and regardless of the interest of the transaction included in the generated transaction block, the signed blockchain Select signers for the generated trading block based on the transaction of the last completed block of, receive the signature of the generated trading block of the selected signers, add the generated trading block to the signed blockchain, and A plurality of consolidator nodes that attempt to do so; And
A plurality of signer nodes for validating a transaction block generated at each of the plurality of merger nodes according to a request from each of the plurality of merger nodes, and for signing the validated transaction block
Network system comprising a. The method of claim 1,
The plurality of merger nodes,
As signed transaction blocks from the plurality of signer nodes are each broadcast by corresponding merger nodes, verify validity of the signed transaction blocks, and verify the signature of the validated signed transaction blocks. Network system for approving addition to the blockchain. The method of claim 1,
And among the block chains to which the transaction blocks generated at each of the plurality of merger nodes are added, the block chain to which the transaction block which receives the most signatures from the plurality of signer nodes is added. The method of claim 1,
Each of the plurality of merger nodes,
A function that is random and unpredictable but deterministic and has an output determined according to the input while having as inputs information about the transactions contained in the previous trading block of the trading block to be added to the signed blockchain. Generate a hash value outputted through the selector, select signers for the transaction block to be added based on the generated hash value, and add to the transaction block to be added to the signer nodes corresponding to the selected signers Request a signature for the network system. The method of claim 1,
Each of the plurality of signer nodes,
Managing a block identifier of a transaction block signed by the user, and rejecting a signature request for a transaction block generated before the transaction block last signed in the signed block chain is completed. The method of claim 1,
Each of the plurality of signer nodes,
Disregarding a signature request for another transaction block that contains information about transactions on a transaction block that it has already signed, and notifying the merger node corresponding to the other transaction block of information about the disregard of the signature request. Characterized by a network system. The method of claim 1,
Each of the plurality of signer nodes,
Report a signing request to the financial platform for a block containing a transaction that does not match a signed one, and broadcast on the blockchain network an identifier of a consolidator in accordance with the signature request and an identifier of the sender of the mismatched transaction Network system, characterized in that. A computer program coupled to a computer stored on a computer readable recording medium for executing a signature method on a computer,
The signature method is
From a merger node on a blockchain network whose identity is authenticated by a real name for a plurality of users who wish to enter the transaction, the merger node performs transactions using fiat currency between users whose identity is authenticated by the real name through the blockchain network. Receiving a signature request for a transaction block generated by collecting and merging information about the transaction block;
Verifying validity of the signature requested transaction block; And
Signing the validated transaction block
Including,
The signing request is sent by the aggregator node to signer nodes on the blockchain network selected based on a hash value,
The hash value is random and unpredictable but deterministic because the hash value has information on transactions included in the last trading block of the signed blockchain and is output through a function whose output is determined according to the input. Computer program, characterized in that. A computer program stored in a computer readable recording medium in combination with a computer for causing a computer to execute a method of adding a transaction block,
The transaction block addition method,
Collecting information on transactions using fiat currency between users whose identity is authenticated by the real name through a blockchain network in which the identity is authenticated by the real name for a plurality of users to enter;
Merging information about the collected transactions to generate a transaction block;
Selecting signers for the created transaction block based on the transaction of the last completed block of the signed blockchain, regardless of the interest in the transaction that the generated transaction block includes;
Requesting a signature on the generated transaction block of the selected signers; And
Sending the signed transaction block to a plurality of amalgamator nodes on the blockchain network to add a signed transaction block from the signers to the signed blockchain.
Computer program comprising a. A computer-readable recording medium in which the computer program according to claim 8 or 9 is recorded.

Images