WO2019233454A1 - Chain code upgrading method and device - Google Patents

Chain code upgrading method and device Download PDF

Info

Publication number
WO2019233454A1
WO2019233454A1 PCT/CN2019/090206 CN2019090206W WO2019233454A1 WO 2019233454 A1 WO2019233454 A1 WO 2019233454A1 CN 2019090206 W CN2019090206 W CN 2019090206W WO 2019233454 A1 WO2019233454 A1 WO 2019233454A1
Authority
WO
WIPO (PCT)
Prior art keywords
version
chain code
version set
world state
node
Prior art date
Application number
PCT/CN2019/090206
Other languages
French (fr)
Chinese (zh)
Inventor
高磊
刘勋
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2019233454A1 publication Critical patent/WO2019233454A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • G06F8/71Version control; Configuration management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/389Keeping log of transactions for guaranteeing non-repudiation of a transaction

Definitions

  • the present application relates to the field of blockchain technology, and in particular, to a method and device for upgrading a chain code.
  • the chain code is used to indicate the logic of the transaction and the rules of transaction processing.
  • the node includes the relevant records of at least one transaction (including the payer and receiver of the transaction funds, the amount of the transaction funds, etc.) in the area by executing the chain code.
  • the block acts as an account page.
  • the transactions existing in the blockchain network can be recorded in multiple blocks. Each block is connected together in a certain order to form a blockchain.
  • the formed blockchain is also the transaction recorded in the blockchain network. Ledger.
  • chain codes that is, smart contracts
  • the nodes can execute the new chain codes to process each transaction to meet user needs.
  • users can also upgrade the version of the chain code, and the node processes each transaction by executing a higher version of the chain code.
  • the client can initiate a chaincode upgrade process. Specifically, the client sends a chain code upgrade command to the preset node to indicate which version the chain code is upgraded to. The preset node verifies the client's certificate and signature. If the client's identity is confirmed to be valid, the corresponding version of the chain code is updated. Upgrade packages and related configurations are stored in the state database. Subsequently, when the client initiates a transaction, the node can call the upgraded chain code in the state database and execute the upgraded chain code to process the transaction, so that the client's transaction proceeds smoothly.
  • the node because the node only confirms the identity of the client, it cannot avoid the logical defect chain code from the legitimate client. In this way, when the node processes the transaction according to the logical defect chain code, it is easy to generate errors and misplace the world of the transaction Status, reducing the accuracy of blockchain transactions.
  • the embodiments of the present application provide a method and device for upgrading a chain code, which can improve the accuracy of blockchain transactions.
  • an embodiment of the present application provides a method for upgrading a chain code.
  • the method includes: an endorsement node (Endorse) obtains a first target version set corresponding to a chain code to be upgraded, and in an independent operating environment according to the first A target version set simulates the upgrade of the chain code to be upgraded. If the second world state world state of the first target version set is consistent with the first world state, the endorsing node upgrades the upgrade chain code outside of the independent operating environment.
  • the first world state is the world state before the upgrade of the chain code to be upgraded, and the second world state is the world state after the upgrade of the chain code to be upgraded.
  • the first target version set includes the upgrade package and upgrade of the first target version. Related configuration of the package, independent operating environment does not affect the operating environment outside itself.
  • the method for upgrading the chain code provided in the embodiment of this application endorses the node.
  • the simulation upgrade process in the memory of independent operation environment protection will not interfere with other applications outside the independent operation environment, that is, it will not cause damage to the actual transactions and blockchain data outside the independent operation environment.
  • the second world state after the simulation upgrade is consistent with the first world state before the simulation upgrade, indicating that the first target version of the chain code has not tampered with the world state.
  • the feasibility of the chain code upgrade has been verified in an independent operating environment.
  • the probability that the first target version chain code tampered with the world state will be correspondingly reduced, so that the accuracy of transactions based on the untampered world state after the actual upgrade is improved, and blockchain transactions are improved. Security.
  • the following steps may be performed: if the second world state of the first target version set is inconsistent with the first world state, the endorsing node Update the first target version set to the second target version set, the second target version set is the latest legal version set in the branch of the version tree to which the first target version set belongs, and the second world state and first world of the legal version set The status is consistent.
  • the second world state of the version set of the first target version is inconsistent with the first world state
  • the second world state of the first target version set is inconsistent with the first world state, wherein the first target version is a version corresponding to the first target version set.
  • the endorsing node can learn the history of the illegal version set by querying the version tree, avoiding the client to call the chain code corresponding to the illegal version set for transactions, and improving transaction security.
  • identity verification that is, from which client
  • simulation upgrade which simplifies the chain code upgrade process.
  • the version tree includes a root node and a child node, and the child node includes a first child node and a second child node.
  • the first child node is a first-level child node of the root node
  • the second child node is a division node.
  • each first child node is a version root node of a domain chain code.
  • the second root node of the domain chain code is connected to the version root node, and the first child node of the domain chain code and The second child node of the domain chain code forms a version tree branch of the domain chain code; each child node corresponds to a version set, and the version set includes the version upgrade package and the related configuration of the version upgrade package.
  • Different domain chain codes have different chain codes.
  • the first target version set is connected after the latest version version set in the version tree branch to which it belongs.
  • the method of creating a version tree may be implemented as follows:
  • the endorsement node determines the version tree branch to which the first target version set belongs according to the domain to which the chain code to be upgraded belongs, and connects the first target version set to the first After the latest version set in the branch of the version tree to which the target version set belongs.
  • the version sets of different versions are connected in the order of the update time of the versions, and the new version set is based on the old version set at a higher level.
  • the following steps may be performed: If the second world state of the first target version set is consistent with the first world state, Endorse The first target version set is stored in the state database, or if the second world state of the first target version set is inconsistent with the first world state, Endorse stores the second target version set in the state database.
  • the legal latest version set is stored in the state database, which means that the legal version set can be called by the client, and the illegal version set is not stored in the state database, so the client will not call the illegal version.
  • Set the corresponding chain code to reduce the risk of calling illegal version sets for transactions.
  • an embodiment of the present application provides a device for upgrading a chain code.
  • the device is provided with a processor and a memory.
  • the memory is configured to store information including program instructions; the processor is configured to obtain a first target version set corresponding to the chain code to be upgraded, and the first target version set includes an upgrade package of the first target version and related configurations of the upgrade package. ; Simulate the upgrade of the chain code to be upgraded according to the first target version set in an independent operating environment, the independent operating environment does not affect the operating environment other than itself; if the second world state of the first target version set is the world state and the first If the world status is the same, the chain code to be upgraded is upgraded outside the independent operating environment.
  • the first world state is to simulate the world state before the upgrade; the second world state is to simulate the world state after the upgrade. .
  • the processor is further configured to update the first target version set to the second target version set if the second world state of the first target version set is inconsistent with the first world state, and the second target The version set is the latest legal version set in the branch of the version tree to which the first target version set belongs, and the second world state of the legal version set is consistent with the first world state.
  • the second world state of the version set of the first target version is inconsistent with the first world state
  • the second world state of the first target version set is inconsistent with the first world state, wherein the first target version is a version corresponding to the first target version set.
  • the version tree includes a root node and a child node, and the child node includes a first child node and a second child node.
  • the first child node is a first-level child node of the root node
  • the second child node is a division node.
  • each first child node is a version root node of a domain chain code.
  • the second root node of the domain chain code is connected to the version root node, and the first child node of the domain chain code and The second child node of the domain chain code forms a version tree branch of the domain chain code; each child node corresponds to a version set, and the version set includes the version upgrade package and the related configuration of the version upgrade package.
  • Different domain chain codes have different chain codes.
  • the first target version set is connected after the latest version version set in the version tree branch to which it belongs.
  • the processor is further configured to determine a version tree branch to which the first target version set belongs according to a domain to which the chain code to be upgraded belongs, and connect the first target version set to a version to which the first target version set belongs. After the latest version set in the tree branch.
  • the version sets of different versions are connected in the order of the update time of the versions, and the new version set is based on the old version set at a higher level.
  • the processor is further configured to: if the second world state of the first target version set is consistent with the first world state, Endorse stores the first target version set to a state database; or, if the first If the second world state of the target version set is inconsistent with the first world state, Endorse stores the second target version set to the state database.
  • a chain code upgrading device has the function of implementing the method of any one of the first aspects.
  • This function can be realized by hardware, and can also be implemented by hardware executing corresponding software.
  • the hardware or software includes one or more modules corresponding to the above functions.
  • a chain code upgrading device including: a processor and a memory; the memory is configured to store computer execution instructions; when the device is running, the processor executes the computer execution instructions stored in the memory, so that the The device executes the chain code upgrading method according to any one of the first aspects.
  • an apparatus including: a processor; the processor is coupled to the memory and reads instructions in the memory, and then executes the method for upgrading a chain code according to any one of the first aspects according to the instructions.
  • a computer-readable storage medium stores instructions that, when run on a computer, enable the computer to execute the method for upgrading a chain code according to any one of the first aspects.
  • a computer program product containing instructions which, when run on a computer, enables the computer to execute the method for upgrading a chain code according to any one of the first aspects.
  • a chip system includes a processor, and is configured to support the foregoing device to implement the functions involved in the foregoing first aspect.
  • the chip system further includes a memory, which is used to store program instructions and data necessary for the device.
  • the chip system can be composed of chips, and can also include chips and other discrete devices.
  • a circuit system including a processing circuit configured to perform a function according to the first aspect described above.
  • the technical effects brought by any one of the design methods in the second aspect to the ninth aspect can refer to the technical effects brought by the different design methods in the first aspect, and will not be repeated here.
  • FIG. 1 is a schematic architecture diagram of a blockchain system according to an embodiment of the present application.
  • FIG. 2 is a first schematic structural diagram of an endorsement node according to an embodiment of the present application.
  • FIG. 3 is a schematic flowchart of a method for obtaining a target version set according to an embodiment of the present application
  • FIG. 4 is a schematic diagram of a chain code upgrade process and a state of the world in the prior art
  • FIG. 5 is a schematic flowchart of a chain code upgrade method according to an embodiment of the present application.
  • FIG. 6 is a schematic diagram of a chain code upgrade process and a state of the world provided by an embodiment of the present application;
  • FIG. 7 is a flowchart of a method for creating a version tree according to an embodiment of the present application.
  • FIG. 8 is a schematic diagram of a version tree provided by an embodiment of the present application.
  • FIG. 9 is a flowchart of a version tree management method according to an embodiment of the present application.
  • FIG. 10 is a second structural diagram of an endorsement node provided by this embodiment.
  • the network architecture and service scenarios described in the embodiments of the present application are used to more clearly illustrate the technical solutions of the embodiments of the present application, and do not constitute a limitation on the technical solutions provided by the embodiments of the present application. With the evolution of the network architecture and the emergence of new service scenarios, the technical solutions provided in the embodiments of the present application are also applicable to similar technical problems.
  • Ledger Used to record every transaction in the blockchain system, usually including the blockchain and the current state of the world. Among them, the blockchain consists of a set of blocks connected end to end.
  • World State It is used to indicate the execution result and state of the transaction, and usually consists of a set of variables.
  • FIG. 1 it is a schematic structural diagram of a blockchain system according to an embodiment of the present application.
  • the blockchain system 100 includes a client 101, at least one endorsing node 102 (only one is exemplarily shown in FIG. 1), at least one submitting node 103, and at least one consensus node 104 (orderer) 104 ( Figure 1 shows only one by way of example).
  • the client 101 and the endorsement node 102 may be connected through a wireless network (such as Wi-Fi, Bluetooth, a cellular mobile network, or the like) or a wired network (such as fiber optics), which is not limited in the embodiment of the present application.
  • a wireless network such as Wi-Fi, Bluetooth, a cellular mobile network, or the like
  • a wired network such as fiber optics
  • the client 101 and the consensus node 104 may also be connected through a wireless network (such as Wi-Fi, Bluetooth, a cellular mobile network, or the like) or a wired network (such as fiber optics), which is not limited in the embodiment of the present application.
  • a wireless network such as Wi-Fi, Bluetooth, a cellular mobile network, or the like
  • a wired network such as fiber optics
  • the consensus node 104 and the endorsement node 102 may also be connected through a wireless network (such as Wi-Fi, Bluetooth, cellular mobile network, etc.) or a wired network (such as optical fiber, etc.), which is not limited in this embodiment of the present application.
  • a wireless network such as Wi-Fi, Bluetooth, cellular mobile network, etc.
  • a wired network such as optical fiber, etc.
  • the client 101 is configured to send a chain code deployment, a chain code upgrade request, and initiate a transaction request to the endorsement node 102 and the like. It is also used to send each transaction to the consensus node 104.
  • a software development kit SDK is deployed in the client 101, and a user can use the SDK provided by the client 101 to create a chain code and submit a chain code upgrade request to trigger the chain code upgrade process.
  • the client 101 stores a key, so that the key can be used for identity verification, so as to improve the security of the blockchain system 100.
  • the clients mentioned above may include various computing devices with computing functions, personal digital assistant (PDA) computers, tablet computers, handheld devices, and laptop computers (laptops) computer), user equipment (UE), terminal equipment (terminal), and the like.
  • PDA personal digital assistant
  • UE user equipment
  • terminal terminal
  • the devices mentioned above are collectively referred to as terminals in this application.
  • the endorsement node 102 is used to respond to the chaincode deployment request, chaincode upgrade request, transaction request, etc. initiated by the client 101 and verify the legitimacy of each request (including the legitimacy of the client's identity). If the request is a legitimate request, Then the endorsement node 102 performs an endorsement operation for the request, and feeds the endorsement result to the client 101, so that the client 101 sends the transaction to the consensus node 104 according to the endorsement result, so as to determine the order of the transaction in the blockchain.
  • the endorsement node 102 in the embodiment of the present application may be implemented by a device or a function module in a device, which is not specifically limited in the embodiment of the present application.
  • the foregoing function module may be a network element in a hardware device, a software function running on a hardware device, or a virtualized function instantiated on a platform (for example, a cloud platform).
  • the submitting node 103 is used to obtain an ordered block chain sorted by the consensus node 104.
  • the submitting node 103 may be implemented by a device, may also be a functional module in a device, or have other implementation manners, which are not specifically limited in this embodiment of the present application.
  • the endorsement node 102 and the submission node 103 may be co-located in one device, and the device has the function of the endorsement node 102 and the function of the submission node 103.
  • the endorsement node 102 and the submission node 103 may be implemented as different components in a device, or may be implemented as different functional modules in a device, which is not limited in the embodiment of the present application.
  • the consensus node 104 is used to sort each transaction sent by the client 101 to ensure that each transaction is written into the blockchain in the correct order. It is also used to notify the submitting node 103 of the sorted transactions.
  • the consensus node 104 may be implemented by a device, may also be a functional module within a device, or have other implementation manners, which are not specifically limited in this embodiment of the present application.
  • the chain code upgrade method provided in the embodiment of the present application is mainly applied to the above endorsement node.
  • the endorsement node in the embodiment of the present application may have the functions of the endorsement node 101 and the submission node 102 shown in FIG. 1, and when implemented by a hardware device FIG. 2 shows a schematic diagram of the hardware structure of an exemplary endorsement node.
  • the endorsement node 200 includes at least one processor 201, a communication line 202, a memory 203, and at least one transceiver 204.
  • the processor 201 may be a general-purpose central processing unit (CPU), a microprocessor, an application-specific integrated circuit (ASIC), or one or more processors for controlling the execution of the program of the solution of the present application. integrated circuit.
  • CPU central processing unit
  • ASIC application-specific integrated circuit
  • the communication line 202 may include a path for transmitting information between the aforementioned components.
  • the transceiver 204 is configured to communicate with other devices or communication networks, such as Ethernet, wireless access network (RAN), wireless local area networks (WLAN), and the like.
  • Ethernet wireless access network
  • WLAN wireless local area networks
  • the memory 203 may be a read-only memory (ROM) or other types of static storage devices that can store static information and instructions, a random access memory (RAM), or other types that can store information and instructions Dynamic storage device, can also be electrically erasable programmable read-only memory (electrically erasable programmable read-only memory (EEPROM)), read-only compact disc (compact disc-read-only memory (CD-ROM) or other optical disc storage, optical disc storage (Including compact discs, laser discs, optical discs, digital versatile discs, Blu-ray discs, etc.), disk storage media or other magnetic storage devices, or can be used to carry or store desired program code in the form of instructions or data structures and can be used by a computer Any other media accessed, but not limited to this.
  • the memory may exist independently, and is connected to the processor through the communication line 202. The memory can also be integrated with the processor.
  • the memory 203 is configured to store a computer execution instruction for executing the solution of the present application, and the processor 201 controls execution.
  • the processor 201 is configured to execute computer execution instructions stored in the memory 203, so as to implement the method for upgrading a chain code provided in the following embodiments of the present application.
  • the memory 203 stores the simulation upgrade application code, version tree management application code, endorsement application code, transaction storage application code, submission application code, block assembly application code, Chain code life cycle management (Life Code of Chain Code, LSCC) application code, etc.
  • the simulation upgrade application code is used to provide a chain code simulation upgrade function.
  • the version tree management application code is used to provide the corresponding management functions of the version tree.
  • the endorsement application code is used to provide endorsement functionality.
  • the transaction storage application code is used to provide the function of accounting for each transaction.
  • the submission application code is used to provide the ability to submit content to other types of nodes.
  • the block assembly application code is used to provide the function of assembling blocks into a blockchain.
  • LSCC is used to provide the function of chain code life cycle management.
  • the computer-executable instructions in the embodiments of the present application may also be referred to as application program codes, which are not specifically limited in the embodiments of the present application.
  • the processor 201 may include one or more CPUs, such as CPU0 and CPU1 in FIG. 2.
  • the endorsement node 200 may include multiple processors, such as the processor 201 and the processor 207 in FIG. 2. Each of these processors can be a single-CPU processor or a multi-CPU processor.
  • a processor herein may refer to one or more devices, circuits, and / or processing cores for processing data (such as computer program instructions).
  • the endorsement node 200 may further include an output device 205 and an input device 206.
  • the output device 205 is in communication with the processor 201 and can display information in a variety of ways.
  • the output device 205 may be a liquid crystal display (LCD), a light emitting diode (LED) display device, a cathode ray tube (CRT) display device, or a projector. Wait.
  • the input device 206 is in communication with the processor 201 and can receive user input in a variety of ways.
  • the input device 206 may be a mouse, a keyboard, a touch screen device, or a sensing device.
  • the above-mentioned endorsement node 200 may be a general-purpose device or a special-purpose device.
  • the endorsement node 200 may be a desktop computer, a portable computer, a personal digital assistant (PDA), a mobile phone, a tablet computer, a wireless terminal device, or a device with a similar structure in FIG. 2.
  • PDA personal digital assistant
  • the embodiment of the present application does not limit the type of the endorsement node 200.
  • the endorsement node obtains the target version set flow.
  • the process of obtaining the target version set is the basis of the chain code upgrade method provided by the following embodiments of this application, and includes the following steps:
  • the client receives an installation package upload instruction input by a user.
  • the upgrade package is an installation package of the first target version of the chain code to be upgraded.
  • the installation package is a version 2.0 installation package. Since the embodiments of the present application are mainly applied to the chain code upgrade process, the installation package herein may also be referred to as an upgrade package.
  • the user enters the installation package upload instruction through a subcommand, or the user enters the installation package upload instruction through a User Interface (UI) method.
  • UI User Interface
  • the user can also enter the installation package upload instruction through other methods. This application The embodiment does not limit this.
  • the client reports the installation package of the first target version of the chain code to be upgraded to the endorsing node.
  • the endorsement node stores the installation package of the first target version.
  • the endorsement node stores the installation package of the first target version, and then the corresponding installation package can be used to upgrade the chain code to be upgraded to the first target version according to user needs, which meets more Demand for new business.
  • Fig. 4 Taking the precious metal transaction as an example, as shown in Fig. 4, suppose that at the beginning, enterprise A and enterprise B signed a contract for precious metal transactions, and used the blockchain technology to conduct precious metal transactions. The two parties agreed that their initial account quotas were 20 Million. The blockchain system performs the initialization process of this contract (that is, the chain code). The initial world state (such as the initial account status and initial account quota) in the contract is recorded on the ledger of each endorsed node. Among them, the account limit of both parties in the initial contract is: A's account limit is 200,000, and B's account limit is 200,000.
  • Enterprise A paid RMB 20,000 to Enterprise B for the purchase of a certain precious metal.
  • the account balance of enterprise A was 180,000, and the account balance of enterprise B was 220,000.
  • Company B believes that the unit price of precious metals should be increased. Therefore, Company B and Company A re-sign a contract with a new unit price of precious metals recorded in the agreement.
  • the blockchain system verifies whether the new chain code (contract) was submitted by enterprise A or enterprise B. If the new chain code is submitted by enterprise A or enterprise B, the blockchain system confirms that the new chain code is legal, and executes the new The chain code initialization process, the initial value of the account in the new chain code (contract) is recorded in the ledger.
  • the new chain code has logical defects, it is likely to misplace the world state of the transaction (such as account status, account initial value, account balance, etc.). Still referring to Figure 4, the account balance of enterprise A should be 220,000, but due to a logical defect in the new chain code, the account balance of enterprise A was misplaced to 200,000. Similarly, the account balance of enterprise B was misplaced to 20 Million.
  • an embodiment of the present application provides a method for upgrading a chain code. As shown in FIG. 5, the method includes the following steps:
  • the client sends a chain code upgrade request to the endorsing node.
  • the chain code upgrade request carries an upgrade proposal, which is used to request the endorsing node to upgrade the chain code to be upgraded to the first target version.
  • the upgrade proposal includes the first target version installation package in Endorses the path in the node and the related configuration of the installation package.
  • the related configuration of the installation package includes, but is not limited to, the name of the chain code corresponding to the installation package and the corresponding version of the chain code.
  • users can upgrade the chaincode through the command line or UI.
  • users can also upgrade the chaincode in other ways.
  • the command line method is used, in one example, the user enters a chain code upgrade instruction through the client to trigger the client to execute S501.
  • the client After the user enters the chain code upgrade instruction on the client, the client generates a code structure (Spec) according to the chain code upgrade instruction, generates a deployment spec according to the Spec, and generates an upgrade proposal according to the deployment Spec.
  • the client can digitally sign the upgrade proposal.
  • the client uses the private key to encrypt the upgrade proposal to implement signature of the upgrade proposal.
  • the client sends a chain code upgrade request carrying an upgrade proposal to the endorsing node through a protocol such as Remote Procedure Call (Protocol, Protocol, RPC) to notify the endorsing node to upgrade the chain code to be upgraded to the first target version.
  • a protocol such as Remote Procedure Call (Protocol, Protocol, RPC) to notify the endorsing node to upgrade the chain code to be upgraded to the first target version.
  • the endorsement node obtains a first target version set corresponding to the chain code to be upgraded.
  • the first target version set includes an upgrade package of the first target version and related configurations of the upgrade package.
  • an upgrade package of a version is an installation package of the version.
  • the endorsing node After receiving the chaincode upgrade request, the endorsing node calls the ProcessProposal interface to process the carried upgrade proposal and verifies the signature of the upgrade proposal. Specifically, the endorsement node uses the client's public key to verify whether the upgrade proposal comes from the client. The endorsement node can also verify the client's certificate and authority, thereby further strengthening the security of the blockchain system. If the verification is passed, the endorsement node obtains the installation package of the first target version and the related configuration of the installation package of the first target version according to the path of the installation package of the first target version in the upgrade proposal. For the convenience of description, the path of a version installation package and the related configuration of the version installation package are referred to as a version set in this article, which are described here collectively, and will not be described in detail below. In this way, the path of the first target version installation package and the related configuration of the first target version installation package are collectively referred to as the target version set.
  • the endorsement node creates an independent operating environment.
  • the independent running environment is a container, and the container is at least one application running independently and the running environment of at least one application.
  • the independent running environment may also have other implementation forms, for example, being implemented as a running environment such as a virtual machine, which is not limited in the embodiment of the present application.
  • the independent operating environment does not affect the operating environment outside of itself. For example, the data of the Host file system outside the independent operating environment will not be changed, and the data in the actual state database outside the independent operating environment will not be altered.
  • the endorsement node calls an application programming interface (Application Programming Interface, API) to create an independent running environment, for example, the endorsement node calls an API interface to create a container.
  • API Application Programming Interface
  • the endorsement node can create an independent operating environment in advance before S501, and in the future, it can directly use the independent operating environment created in advance. Alternatively, the endorsement node is created after the first target version set is obtained. Of course, the independent running environment may also be created at another time. That is, the timing of creating an independent operating environment is not limited in the embodiment of the present application.
  • the endorsement node obtains the first world state.
  • the first world state is the state of the chain code to be upgraded before the upgrade.
  • the embodiment of the present application does not limit the timing of obtaining the first world state.
  • the endorsing node may execute S504 after S503, and may also execute S504 before or after S502.
  • the endorsement node performs a simulated upgrade on the chain code to be upgraded according to the first target version set in an independent operating environment.
  • the endorsement node compiles the chaincode indicated by the first target version set (that is, the installation package of the first target version and the related configuration of the first target version installation package), and generates an image according to the binary file of the compiled chaincode .
  • the endorsement node starts the above-mentioned generated image, and executes the simulation upgrade process of the chaincode in the independent operating environment according to the information of the first target version set contained in the image. Specifically, the endorsement node performs a simulated upgrade of the chain code to be upgraded in the independent operating environment according to the first target version installation package and related configuration of the installation package, and initializes the first target version chain code after the simulated upgrade.
  • the process of simulating the upgrade of the chain code is similar to the process of actually upgrading the chain code. The difference is that the simulation upgrade process is performed in an independent operating environment and does not affect other applications outside the independent operating environment in the endorsement node.
  • the running of the program code that is, the simulation upgrade process will not interfere with other operations outside the independent running environment, and applications outside the independent running environment cannot perceive the above simulation upgrade process.
  • the endorsement node obtains a second world state, and the second world state is a simulated world state of the chain code to be upgraded.
  • the second world state corresponding to the initial target version of the chain code after initialization is: the account balance of enterprise A is 180,000, and the account balance of enterprise B is 220,000.
  • the upgrade here in S507 is the actual chaincode upgrade process, including the initialization process of the first target version of the chaincode.
  • the actions of the endorsement node in the above steps S501 to S507 can be executed by the processor 201 shown in FIG. 2 calling the application program code stored in the memory 203.
  • the processor 201 calls the simulation upgrade application program code stored in the memory 203 to perform the simulation upgrade action of S505.
  • the above actions can also be performed in other manners, which are not limited in the embodiment of the present application.
  • the method for upgrading the chain code provided in the embodiment of this application endorses the node.
  • the simulation upgrade process in the memory of independent operation environment protection will not interfere with other applications outside the independent operation environment, that is, it will not cause damage to the actual transactions and blockchain data outside the independent operation environment.
  • the second world state after the simulation upgrade is consistent with the first world state before the simulation upgrade, indicating that the first target version of the chain code has not tampered with the world state.
  • the feasibility of the chain code upgrade has been verified in an independent operating environment.
  • the probability that the first target version chain code tampered with the world state will be correspondingly reduced, so that the accuracy of transactions based on the untampered world state after the actual upgrade is improved, and blockchain transactions are improved. Security.
  • a method for managing a version tree of a chain code is also provided. As shown in FIG. 7, a process for creating a version tree is provided.
  • the basis of the version tree management method includes the following steps:
  • the endorsement node obtains a new version set corresponding to the chain code.
  • the processor 201 of the endorsement node calls the LSCC in the memory 203, and the LSCC obtains a new version set corresponding to the chain code.
  • the endorsement node determines the version tree branch to which the new version set belongs according to the domain to which the chain code corresponding to the new version set belongs.
  • the processor 201 calls the version tree management application code in the memory 203, and the version tree management application code determines the version tree branch to which the new version set belongs according to the domain to which the chain code belongs.
  • the version tree includes a root node and a child node.
  • the root node is a virtual node and does not correspond to a version set with practical significance.
  • the child node includes a first child node and a second child node.
  • the first child node is a first-level child node of the root node.
  • the second child node is a child node other than the first-level child node.
  • Each first child node is a version root node of the domain chain code.
  • the version root node directly or indirectly connects the second child node of the domain chain code, the first child node of the domain chain code and the second child of the domain chain code. Nodes constitute the version tree branch of the domain chain code.
  • each child node corresponds to a version set
  • a version set includes the installation package of the version and the related configuration of the installation package of the version.
  • the version sets of different versions are linked according to the update time of the version, and the new version set is based on the old version set at a higher level.
  • the domain can be used to describe the function of the chain code, and can also be used to distinguish different user services.
  • the domain 1 corresponds to the chain code of the precious metal transaction
  • the domain 2 corresponds to the charity chain code of the charity
  • the domain 3 corresponds to the chain code of the stock transaction.
  • the version tree in FIG. 8 includes a root node and a plurality of child nodes.
  • the precious metal field branch includes a version root node (first-level child node) and other level child nodes of the field, where the version root node corresponds to a version set of version 1.0 (that is, 1.0 version of the chaincode installation package and 1.0 version of the chaincode installation package), the second-level child node connected to the root node of this version corresponds to the version set of version 2.0, and the third-level child node corresponds to the version set of version 3.0 .
  • each node in the charity funds branch and the stock domain branch corresponds to a version set.
  • the chain code to be upgraded is a chain code in the field of precious metal transactions between enterprise A and enterprise B, and enterprise A and enterprise B must upgrade the chain code to be upgraded to version 4.0 ,
  • the new version is version 4.0, and the branch of the version tree to which the new version set belongs is the precious metal field branch shown in FIG. 8.
  • the endorsement node connects the acquired new version set to the latest version version set in the branch of the version tree to which the new version set belongs.
  • the processor 201 of the endorsement node calls the version tree management application code in the memory 203 to connect the new version set to the branch of the version tree to which it belongs.
  • the latest version set is the 3.0 version set
  • the newly obtained 4.0 version set is connected after the 3.0 version set.
  • each version set is legal. Specifically, if the endorsing node determines that the second world state after the simulated upgrade of a certain version of the chaincode is consistent with the first world state before the simulated upgrade, indicating that the version of the chaincode has not tampered with the world state, the version set is determined to be a legal version Set, that is, in the embodiment of the present application, the legal version set refers to a version set that is consistent with the state of the world before and after the simulation upgrade, and a unified description is made here.
  • the endorsing node determines that the second world state after the simulated upgrade of a certain version of the chaincode is inconsistent with the first world state before the simulated upgrade, it determines that the version set is an illegal version set, that is, in the embodiment of the present application, it is illegal
  • the version set refers to a version set that is inconsistent with the state of the world before and after the simulation upgrade, and is described here uniformly.
  • the processor 201 of the endorsement node initially determines that a certain version set is a legal version set, the simulation upgrade application code shown in FIG. 2 is called in an independent operating environment, and the use of the simulation upgrade application code is simulated. Private key 1 signs the version set.
  • the processor 201 of the endorsing node calls the LSCC shown in Figure 2.
  • the LSCC uses the public key 1 (the public key 1 and the private key 1 are used in pairs) to verify whether the version set has been simulated and upgraded.
  • the application code processes, and if so, finally determines that the version set is a legal version set.
  • each version set of the precious metal field chain code, the 1.0 version set, 2.0, 3.0 version set is a legal version set, the 4.0 version is an illegal version set; each version set of the charity field chain code, the 1.0 version set And 2.0 version sets are legal version sets; for each version set of the chain code in the stock field, the 1.0 version set and the 2.0 version set are legal version sets.
  • the legal version set can be stored in the state database, which means that the legal version set in the state database can be called by the client, and the illegal version set is not stored in the state database, so the client does not call To the chain code corresponding to the illegal version set, reducing the risk of calling the illegal version set for transactions.
  • the action of the endorsement node to connect the new version set to its own version tree branch can be used as a trigger condition to trigger the endorsement node to create the independent operating environment mentioned above.
  • a trigger condition to trigger the endorsement node to create the independent operating environment mentioned above.
  • the triggering condition of the event of creating an independent container is not limited to this, and this embodiment of the present application does not limit this.
  • the endorsement node stores the version set of each version of the chaincode, that is, the endorsement node has a history of chaincode installation and each upgrade.
  • the old version set is sequentially connected to the new version set, and the chain code version can be traced according to subsequent business requirements, and the appropriate version of the chain code can be selected as the chain code to provide transaction services to improve the user experience.
  • the method includes the following steps:
  • the endorsement node obtains a first target version set corresponding to the chain code to be upgraded.
  • the endorsement node queries the version tree according to the first target version set.
  • the first target version set further includes the domain to which the chain code belongs or the version tree branch to which the chain code belongs, and is used to instruct the endorsing node to query the corresponding version tree branch.
  • the version tree of the endorsement node query is shown in FIG. 8, and the branch of the version tree to which the first target version chain code belongs is a branch in the precious metal field.
  • the endorsement node determines whether the version set of the first target version exists in the version tree. If the version set of the first target version exists in the version tree and the version set of the first target version is an illegal version set, S904, S905, S906: If the version set of the first target version exists in the version tree and the version set of the first target version is a legal version set, execute S906; if the version set of the first target version does not exist in the version tree, perform S907.
  • the first target version is a version of the first target version set.
  • the endorsement node determines that the first target version set is an illegal version set.
  • the first target version set is the 4.0 version set.
  • the endorsement node can determine that the first target version set is also an illegal version set.
  • the endorsement node updates the first target version set to the second target version set.
  • the second target version set is the latest legal version set in the branch of the version tree to which the first target version set belongs.
  • the endorsement node may use the latest legal version 3.0 in the precious metal field as the second target version, and accordingly, the 3.0 version set is used as the second target version set.
  • the endorsement node uses the updated target version set as a valid version set.
  • the endorsement node uses the 3.0 version set (that is, the second target version set) of the precious metal field in the state database as the valid version set, and the valid version set is used by the client to complete subsequent client-to-client interactions. Transaction.
  • the endorsement node sets the 3.0 version set of the precious metal field in the state database to be valid, and when subsequent clients call the chain code in the precious metal field, the 3.0 version version set is directly called.
  • the endorsement node directly sets the version 3.0 set in the state database to be valid. To be called by the client.
  • the endorsement node simulates the upgrade of the chain code to be upgraded according to the first target version set in an independent operating environment.
  • the user specifies that the precious metal domain chain code is upgraded to version 5.0. Since the precious metal domain branch of version 5.0 does not exist in the version tree, the endorsement node can perform the simulated upgrade process shown in FIG. 5.
  • the endorsing node will use this version 5.0 chaincode as the chaincode for providing services to clients.
  • the endorsing node executes the above S905 and S906 to update the first target version set to the second target version set, so as to re-determine the available valid version set, where the second target
  • the version set is the latest legal version set in the branch of the version tree to which the first target version set belongs. For example, as shown in Figure 8, if the second world state of the first target version set (such as the 5.0 version set) is inconsistent with the first world state, it means that the version 5.0 chain code is likely to tamper with the world state of the blockchain system.
  • the endorsement node executes S905 and S906 to re-determine the 3.0 version set in the precious metal field shown in FIG. 8 as a valid version set, and uses the 3.0 version set to provide services to the client.
  • the version tree management method provided by the embodiment of the present application, when it is necessary to roll back to a certain chain code version, it can quickly roll back to the latest valid version set according to the version tree, and the valid version set will not tamper with the state of the world. So as to ensure the success of transactions between clients. For example, when a user repeatedly uploads an illegal version set, the endorsing node can learn the history of the illegal version set by querying the version tree, preventing the client from calling the chain code corresponding to the illegal version set for transactions, and improving transaction security. In addition, since it is known whether the version set is an illegal version set by querying the version tree, there is no need to perform operations such as identity verification (that is, from which client) and simulation upgrade, which simplifies the chain code upgrade process.
  • the business scenario related to the version tree management of this application is not limited to the embodiment shown in FIG. 9.
  • the blockchain system may fail and users cannot upgrade the chain code in time.
  • the endorsement node can roll back to the latest version of the valid version set according to the version tree, thereby ensuring that the client calls the latest version of the valid version set for transactions.
  • each functional module or functional unit may be divided corresponding to each function, or two or more functions may be integrated into one.
  • Processing module The above integrated modules may be implemented in the form of hardware, or in the form of software functional modules or functional units.
  • the division of modules or units in the embodiments of the present application is schematic, and is only a logical function division. In actual implementation, there may be another division manner.
  • FIG. 10 shows a possible structure diagram of an endorsement node involved in the above embodiment.
  • the endorsement node 1000 includes a storage unit 1001, a processing unit 1002, and a communication unit 1003.
  • the storage unit 1001 may store, for example, a version tree corresponding to a chain code.
  • the processing unit 1002 is configured to control and manage the actions of the endorsement node 1000 to execute the technical solution steps in the embodiment of the present application.
  • the communication unit 1003 is configured to support the endorsement node 1000 to communicate with other devices in the communication system shown in FIG. 1. For example, the endorsement node 1000 is supported to execute S501 in FIG. 5.
  • the storage unit 1001 may be implemented as the memory 203 of the endorsement node in FIG. 2.
  • the processing unit 1002 may be implemented as the processor 201 or 207 of the endorsement node in FIG. 2, and the communication unit 1003 may be implemented as the transceiver 204 of the endorsement node in FIG. 2.
  • An embodiment of the present application further provides a computer-readable storage medium.
  • the computer-readable storage medium has instructions stored therein.
  • the endorsement node executes the instruction, the endorsement node executes the execution by the endorsement node in the method flow shown in the foregoing method embodiment. Each step.
  • the computer-readable storage medium may be, for example, but is not limited to, an electric, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples (non-exhaustive list) of computer-readable storage media include: electrical connections with one or more wires, portable computer disks, hard disks, random access memory (RAM), read-only memory (Read-Only Memory (ROM)), Erasable Programmable Read Only Memory (EPROM), registers, hard disk, optical fiber, portable compact disk read-only memory (Compact Disc Read-Only Memory, CD-ROM ), An optical storage device, a magnetic storage device, or any suitable combination of the foregoing, or any other form of computer-readable storage medium known in the art.
  • An exemplary storage medium is coupled to the processor such that the processor can read information from, and write information to, the storage medium.
  • the storage medium may also be an integral part of the processor.
  • the processor and the storage medium may be located in an Application Specific Integrated Circuit (ASIC).
  • ASIC Application Specific Integrated Circuit
  • the computer-readable storage medium may be any tangible medium containing or storing a program, and the program may be used by or in combination with an instruction execution system, apparatus, or device.
  • the embodiment of the present application further provides a chip system, which is applied to an endorsement node.
  • the chip system includes a processor for supporting the endorsement node to implement the methods in the foregoing embodiments, for example, a chain code to be upgraded in a container. Perform a simulated upgrade.
  • the chip system further includes a memory. This memory is used to store the necessary program instructions and data of the endorsement node. Of course, the memory may not be in the chip system.
  • the chip system may be composed of a chip, and may also include a chip and other discrete devices, which are not specifically limited in the embodiments of the present application.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Stored Programmes (AREA)

Abstract

The present invention relates to the technical field of block chains, and provides a chain code upgrading method and device. The method comprises: an endorse node (102) obtains a first target version set corresponding to a chain code to be upgraded (S502), and performs simulation upgrading on the chain code to be upgraded according to the first target version set in an independent operation environment (S505); if a second world state of the first target version set is consistent with a first world state, the endorse node (102) upgrades the chain code to be upgraded outside the independent operation environment (S502). The first target version set comprises an upgrade package of a first target version and related configuration of the upgrade package; the independent operation environment does not affect the operation environment outside of the independent operation environment; the first world state is the world state of the chain code to be upgraded before simulation upgrading, and the second world state is the world state of the chain code to be upgraded after simulation upgrading.

Description

链码升级方法及装置Method and device for upgrading chain code
本申请要求于2018年6月7日提交国家知识产权局、申请号为201810591924.1、发明名称为“链码升级方法及装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of a Chinese patent application filed with the State Intellectual Property Office on June 7, 2018, with application number 201810591924.1, and with the invention name "chain code upgrade method and device", the entire contents of which are incorporated herein by reference. .
技术领域Technical field
本申请涉及区块链技术领域,尤其涉及一种链码升级方法及装置。The present application relates to the field of blockchain technology, and in particular, to a method and device for upgrading a chain code.
背景技术Background technique
在区块链技术中,所有参与的节点共同验证每一笔交易,并且每个节点均存储交易的账本,使得达成一致的双方能直接进行交易,不需第三方背书。具体的,链码用于指示交易的逻辑与交易处理的规则,节点通过执行链码将至少一个交易(包括交易资金的付款方和收款方、交易资金的金额等)的相关记录包含在区块中,该区块作为一个账页。区块链网络中存在的交易可被记录在多个区块中,每一区块按照一定顺序连接在一起就形成了区块链,形成的区块链也就是区块链网络中记录交易的账本。In the blockchain technology, all participating nodes jointly verify each transaction, and each node stores the transaction ledger, so that the two parties that have reached an agreement can directly conduct transactions without endorsement by a third party. Specifically, the chain code is used to indicate the logic of the transaction and the rules of transaction processing. The node includes the relevant records of at least one transaction (including the payer and receiver of the transaction funds, the amount of the transaction funds, etc.) in the area by executing the chain code. Within the block, the block acts as an account page. The transactions existing in the blockchain network can be recorded in multiple blocks. Each block is connected together in a certain order to form a blockchain. The formed blockchain is also the transaction recorded in the blockchain network. Ledger.
当用户需要进行不同类型的交易时,需部署不同的链码(即智能合约),进而,节点获取部署的新链码后,能够执行新链码来处理每一笔交易,满足用户需求。此外,用户还可以对链码进行版本升级,节点通过执行更高版本的链码来处理每一笔交易。目前,可由客户端发起链码升级流程。具体的,客户端向预设节点发起链码升级命令,用以指示将链码升级至哪个版本,预设节点验证客户端的证书及签名,若确认客户端的身份合法,则将相应版本链码的升级包和相关配置存储至状态数据库。后续,当客户端发起交易时,节点可调用状态数据库中的升级后的链码,并执行升级后的链码来处理交易,使得客户端的交易顺利进行。When users need to conduct different types of transactions, different chain codes (that is, smart contracts) need to be deployed. Furthermore, after the nodes obtain the deployed new chain codes, they can execute the new chain codes to process each transaction to meet user needs. In addition, users can also upgrade the version of the chain code, and the node processes each transaction by executing a higher version of the chain code. Currently, the client can initiate a chaincode upgrade process. Specifically, the client sends a chain code upgrade command to the preset node to indicate which version the chain code is upgraded to. The preset node verifies the client's certificate and signature. If the client's identity is confirmed to be valid, the corresponding version of the chain code is updated. Upgrade packages and related configurations are stored in the state database. Subsequently, when the client initiates a transaction, the node can call the upgraded chain code in the state database and execute the upgraded chain code to process the transaction, so that the client's transaction proceeds smoothly.
但是,在现有技术中,由于节点仅仅确认客户端的身份,却无法避免来自合法客户端的逻辑缺陷链码,如此,节点根据逻辑缺陷链码处理交易时极易产生错误,并错置交易的世界状态,降低区块链交易的准确性。However, in the prior art, because the node only confirms the identity of the client, it cannot avoid the logical defect chain code from the legitimate client. In this way, when the node processes the transaction according to the logical defect chain code, it is easy to generate errors and misplace the world of the transaction Status, reducing the accuracy of blockchain transactions.
发明内容Summary of the Invention
本申请实施例提供一种链码升级方法及装置,可以提升区块链交易的准确性。The embodiments of the present application provide a method and device for upgrading a chain code, which can improve the accuracy of blockchain transactions.
为到达上述目的,本申请实施例采用如下技术方案:To achieve the above purpose, the embodiments of the present application adopt the following technical solutions:
第一方面,本申请实施例提供一种链码升级方法,该方法包括:背书节点(Endorse)获取待升级链码(Chaincode)对应的第一目标版本集,并在独立的运行环境中根据第一目标版本集对待升级链码进行模拟升级,若第一目标版本集的第二世界状态世界状态与第一世界状态一致,则背书节点在独立的运行环境外对待升级链码进行升级。其中,第一世界状态为待升级链码模拟升级前的世界状态,第二世界状态为待升级链码在模拟升级后的世界状态,第一目标版本集包括第一目标版本的升级包、升级包的相关配置,独立的运行环境不影响自身之外的运行环境。In a first aspect, an embodiment of the present application provides a method for upgrading a chain code. The method includes: an endorsement node (Endorse) obtains a first target version set corresponding to a chain code to be upgraded, and in an independent operating environment according to the first A target version set simulates the upgrade of the chain code to be upgraded. If the second world state world state of the first target version set is consistent with the first world state, the endorsing node upgrades the upgrade chain code outside of the independent operating environment. The first world state is the world state before the upgrade of the chain code to be upgraded, and the second world state is the world state after the upgrade of the chain code to be upgraded. The first target version set includes the upgrade package and upgrade of the first target version. Related configuration of the package, independent operating environment does not affect the operating environment outside itself.
与现有技术中仅验证目标版本链码是否来自合法客户端,使得存在逻辑缺陷的目标版本链码篡改世界状态,提升交易风险相比,本申请实施例提供的链码升级的方法, 背书节点获取待升级链码对应的第一目标版本集,并在独立运行环境内根据第一目标版本集对待升级链码进行模拟升级,只有当确定模拟升级后的第二世界状态与模拟升级前的第一世界状态一致后,才在该独立运行环境外对待升级链码进行实际升级。首先,在独立运行环境保护的内存中进行模拟升级流程,不会对独立运行环境外的其他应用程序产生干扰,也就是不会对该独立运行环境外的实际交易和区块链数据产生破坏。其次,模拟升级后的第二世界状态与模拟升级前的第一世界状态一致,说明第一目标版本链码并未篡改世界状态,由于已经在独立运行环境中对链码升级的可行性进行验证,那么在实际升级过程中,第一目标版本链码篡改世界状态的概率也就相应减小,使得实际升级后基于未篡改的世界状态进行的交易的准确度有所提升,提升区块链交易的安全性。Compared with the prior art, which only verifies that the target version chain code comes from a legitimate client, so that the target version chain code with logic defects can tamper with the world state and increase the transaction risk, the method for upgrading the chain code provided in the embodiment of this application endorses the node. Obtain the first target version set corresponding to the chain code to be upgraded, and simulate the upgrade of the chain code to be upgraded according to the first target version set in an independent operating environment. Only when the second world state after the simulation upgrade and the first After the world status is consistent, the actual upgrade of the chain code to be upgraded is performed outside the independent operating environment. First of all, the simulation upgrade process in the memory of independent operation environment protection will not interfere with other applications outside the independent operation environment, that is, it will not cause damage to the actual transactions and blockchain data outside the independent operation environment. Secondly, the second world state after the simulation upgrade is consistent with the first world state before the simulation upgrade, indicating that the first target version of the chain code has not tampered with the world state. The feasibility of the chain code upgrade has been verified in an independent operating environment. , Then in the actual upgrade process, the probability that the first target version chain code tampered with the world state will be correspondingly reduced, so that the accuracy of transactions based on the untampered world state after the actual upgrade is improved, and blockchain transactions are improved. Security.
在一种可能的设计中,在背书节点获取待升级链码对应的目标版本集之后,还可以执行如下步骤:若第一目标版本集的第二世界状态与第一世界状态不一致,则背书节点将第一目标版本集更新为第二目标版本集,第二目标版本集为第一目标版本集所属版本树的分支中版本最新的合法版本集,合法版本集的第二世界状态与第一世界状态一致。In a possible design, after the endorsing node obtains the target version set corresponding to the chain code to be upgraded, the following steps may be performed: if the second world state of the first target version set is inconsistent with the first world state, the endorsing node Update the first target version set to the second target version set, the second target version set is the latest legal version set in the branch of the version tree to which the first target version set belongs, and the second world state and first world of the legal version set The status is consistent.
基于本申请实施例提供的版本树管理方法,当需回退到某个链码版本时,可根据版本树快速的回退到最新的有效版本集,并且该有效版本集不会篡改世界状态,从而保证客户端之间的交易成功进行。Based on the version tree management method provided by the embodiment of the present application, when it is necessary to roll back to a certain chain code version, it can quickly roll back to the latest valid version set according to the version tree, and the valid version set will not tamper with the state of the world. So as to ensure the success of transactions between clients.
在一种可能的设计中,当第一目标版本集所属版本树的分支中存在第一目标版本的版本集,且第一目标版本的版本集的第二世界状态与第一世界状态不一致时,第一目标版本集的第二世界状态与第一世界状态不一致,其中,第一目标版本为第一目标版本集对应的版本。In a possible design, when a version set of the first target version exists in a branch of a version tree to which the first target version set belongs, and the second world state of the version set of the first target version is inconsistent with the first world state, The second world state of the first target version set is inconsistent with the first world state, wherein the first target version is a version corresponding to the first target version set.
如此,当用户重复上传非法版本集时,背书节点可通过查询版本树获知该非法版本集的历史情况,避免客户端调用该非法版本集对应的链码进行交易,提升交易安全性。并且,由于通过查询版本树已获知版本集是否为非法版本集,因此,无需再对版本集进行身份验证(即来自哪个客户端)、模拟升级等操作,简化了链码升级流程。In this way, when a user repeatedly uploads an illegal version set, the endorsing node can learn the history of the illegal version set by querying the version tree, avoiding the client to call the chain code corresponding to the illegal version set for transactions, and improving transaction security. In addition, since it is known whether the version set is an illegal version set by querying the version tree, there is no need to perform operations such as identity verification (that is, from which client) and simulation upgrade, which simplifies the chain code upgrade process.
在一种可能的设计中,版本树包括根节点和子节点,子节点包括第一子节点和第二子节点,第一子节点为根节点的第一级子节点,第二子节点为除第一级子节点外的其他级子节点,每一第一子节点为一个领域链码的版本根节点,版本根节点下连接领域链码的第二子节点,领域链码的第一子节点和领域链码的第二子节点构成领域链码的版本树分支;每一子节点对应一个版本集,版本集包括版本的升级包和版本升级包的相关配置,不同领域链码具有不同的链码标识。In a possible design, the version tree includes a root node and a child node, and the child node includes a first child node and a second child node. The first child node is a first-level child node of the root node, and the second child node is a division node. For other levels of child nodes outside the first-level child node, each first child node is a version root node of a domain chain code. The second root node of the domain chain code is connected to the version root node, and the first child node of the domain chain code and The second child node of the domain chain code forms a version tree branch of the domain chain code; each child node corresponds to a version set, and the version set includes the version upgrade package and the related configuration of the version upgrade package. Different domain chain codes have different chain codes. Logo.
在一种可能的设计中,第一目标版本集连接在所属版本树分支中最新版本的版本集后。In a possible design, the first target version set is connected after the latest version version set in the version tree branch to which it belongs.
在一种可能的设计中,创建版本树的方法可实现为:背书节点根据待升级链码所属的领域确定第一目标版本集所属的版本树分支,并将第一目标版本集连接在第一目标版本集所属版本树分支中版本最新的版本集后。可选的,版本树的某一分支中按照版本的更新时间顺序挂接不同版本的版本集,新版本集基于上一级的旧版本集。In a possible design, the method of creating a version tree may be implemented as follows: The endorsement node determines the version tree branch to which the first target version set belongs according to the domain to which the chain code to be upgraded belongs, and connects the first target version set to the first After the latest version set in the branch of the version tree to which the target version set belongs. Optionally, in a certain branch of the version tree, the version sets of different versions are connected in the order of the update time of the versions, and the new version set is based on the old version set at a higher level.
在一种可能的设计中,在Endorse获取待升级链码对应的第一目标版本集之后, 还可执行如下步骤:若第一目标版本集的第二世界状态与第一世界状态一致,则Endorse将第一目标版本集存储至状态数据库,或者,若第一目标版本集的第二世界状态与第一世界状态不一致,则Endorse将第二目标版本集存储至状态数据库。In a possible design, after Endorse obtains the first target version set corresponding to the chain code to be upgraded, the following steps may be performed: If the second world state of the first target version set is consistent with the first world state, Endorse The first target version set is stored in the state database, or if the second world state of the first target version set is inconsistent with the first world state, Endorse stores the second target version set in the state database.
本申请实施例中,将合法的最新版本集存储至状态数据库中,这意味着合法版本集可被客户端调用,非法版本集并不存储至状态数据库,从而,客户端不会调用到非法版本集对应的链码,降低调用非法版本集进行交易的风险性。In the embodiment of the present application, the legal latest version set is stored in the state database, which means that the legal version set can be called by the client, and the illegal version set is not stored in the state database, so the client will not call the illegal version. Set the corresponding chain code to reduce the risk of calling illegal version sets for transactions.
第二方面,本申请实施例提供一种链码升级装置,该装置设置有处理器、存储器。In a second aspect, an embodiment of the present application provides a device for upgrading a chain code. The device is provided with a processor and a memory.
其中,存储器,用于存储包括程序指令的信息;处理器,用于获取待升级链码对应的第一目标版本集,第一目标版本集包括第一目标版本的升级包、升级包的相关配置;在独立的运行环境中根据第一目标版本集对待升级链码进行模拟升级,独立的运行环境不影响自身之外的运行环境;若第一目标版本集的第二世界状态世界状态与第一世界状态一致,则在独立的运行环境外对待升级链码进行升级,第一世界状态为待升级链码模拟升级前的世界状态;第二世界状态为待升级链码在模拟升级后的世界状态。The memory is configured to store information including program instructions; the processor is configured to obtain a first target version set corresponding to the chain code to be upgraded, and the first target version set includes an upgrade package of the first target version and related configurations of the upgrade package. ; Simulate the upgrade of the chain code to be upgraded according to the first target version set in an independent operating environment, the independent operating environment does not affect the operating environment other than itself; if the second world state of the first target version set is the world state and the first If the world status is the same, the chain code to be upgraded is upgraded outside the independent operating environment. The first world state is to simulate the world state before the upgrade; the second world state is to simulate the world state after the upgrade. .
在一种可能的设计中,处理器,还用于若第一目标版本集的第二世界状态与第一世界状态不一致,则将第一目标版本集更新为第二目标版本集,第二目标版本集为第一目标版本集所属版本树的分支中版本最新的合法版本集,合法版本集的第二世界状态与第一世界状态一致。In a possible design, the processor is further configured to update the first target version set to the second target version set if the second world state of the first target version set is inconsistent with the first world state, and the second target The version set is the latest legal version set in the branch of the version tree to which the first target version set belongs, and the second world state of the legal version set is consistent with the first world state.
在一种可能的设计中,当第一目标版本集所属版本树的分支中存在第一目标版本的版本集,且第一目标版本的版本集的第二世界状态与第一世界状态不一致时,第一目标版本集的第二世界状态与第一世界状态不一致,其中,第一目标版本为第一目标版本集对应的版本。In a possible design, when a version set of the first target version exists in a branch of a version tree to which the first target version set belongs, and the second world state of the version set of the first target version is inconsistent with the first world state, The second world state of the first target version set is inconsistent with the first world state, wherein the first target version is a version corresponding to the first target version set.
在一种可能的设计中,版本树包括根节点和子节点,子节点包括第一子节点和第二子节点,第一子节点为根节点的第一级子节点,第二子节点为除第一级子节点外的其他级子节点,每一第一子节点为一个领域链码的版本根节点,版本根节点下连接领域链码的第二子节点,领域链码的第一子节点和领域链码的第二子节点构成领域链码的版本树分支;每一子节点对应一个版本集,版本集包括版本的升级包和版本升级包的相关配置,不同领域链码具有不同的链码标识。In a possible design, the version tree includes a root node and a child node, and the child node includes a first child node and a second child node. The first child node is a first-level child node of the root node, and the second child node is a division node. For other levels of child nodes outside the first-level child node, each first child node is a version root node of a domain chain code. The second root node of the domain chain code is connected to the version root node, and the first child node of the domain chain code and The second child node of the domain chain code forms a version tree branch of the domain chain code; each child node corresponds to a version set, and the version set includes the version upgrade package and the related configuration of the version upgrade package. Different domain chain codes have different chain codes. Logo.
在一种可能的设计中,第一目标版本集连接在所属版本树分支中最新版本的版本集后。In a possible design, the first target version set is connected after the latest version version set in the version tree branch to which it belongs.
在一种可能的设计中,处理器,还用于根据待升级链码所属的领域确定第一目标版本集所属的版本树分支,并将第一目标版本集连接在第一目标版本集所属版本树分支中版本最新的版本集后。可选的,版本树的某一分支中按照版本的更新时间顺序挂接不同版本的版本集,新版本集基于上一级的旧版本集。In a possible design, the processor is further configured to determine a version tree branch to which the first target version set belongs according to a domain to which the chain code to be upgraded belongs, and connect the first target version set to a version to which the first target version set belongs. After the latest version set in the tree branch. Optionally, in a certain branch of the version tree, the version sets of different versions are connected in the order of the update time of the versions, and the new version set is based on the old version set at a higher level.
在一种可能的设计中,处理器,还用于若第一目标版本集的第二世界状态与第一世界状态一致,则Endorse将第一目标版本集存储至状态数据库;或者,若第一目标版本集的第二世界状态与第一世界状态不一致,则Endorse将第二目标版本集存储至状态数据库。In a possible design, the processor is further configured to: if the second world state of the first target version set is consistent with the first world state, Endorse stores the first target version set to a state database; or, if the first If the second world state of the target version set is inconsistent with the first world state, Endorse stores the second target version set to the state database.
第三方面,提供一种链码升级装置,该装置具有实现上述第一方面任一项的方法 的功能。该功能可以通过硬件实现,也可以通过硬件执行相应的软件实现。该硬件或软件包括一个或多个与上述功能相对应的模块。According to a third aspect, a chain code upgrading device is provided, and the device has the function of implementing the method of any one of the first aspects. This function can be realized by hardware, and can also be implemented by hardware executing corresponding software. The hardware or software includes one or more modules corresponding to the above functions.
第四方面,提供一种链码升级装置,包括:处理器和存储器;该存储器用于存储计算机执行指令,当该装置运行时,该处理器执行该存储器存储的该计算机执行指令,以使该装置执行如上述第一方面中任一项的链码升级方法。According to a fourth aspect, a chain code upgrading device is provided, including: a processor and a memory; the memory is configured to store computer execution instructions; when the device is running, the processor executes the computer execution instructions stored in the memory, so that the The device executes the chain code upgrading method according to any one of the first aspects.
第五方面,提供一种装置,包括:处理器;处理器用于与存储器耦合,并读取存储器中的指令之后,根据指令执行如上述第一方面中任一项的链码升级方法。According to a fifth aspect, an apparatus is provided, including: a processor; the processor is coupled to the memory and reads instructions in the memory, and then executes the method for upgrading a chain code according to any one of the first aspects according to the instructions.
第六方面,提供一种计算机可读存储介质,该计算机可读存储介质中存储有指令,当其在计算机上运行时,使得计算机可以执行上述第一方面中任一项的链码升级方法。According to a sixth aspect, a computer-readable storage medium is provided. The computer-readable storage medium stores instructions that, when run on a computer, enable the computer to execute the method for upgrading a chain code according to any one of the first aspects.
第七方面,提供一种包含指令的计算机程序产品,当其在计算机上运行时,使得计算机可以执行上述第一方面中任一项的链码升级方法。According to a seventh aspect, a computer program product containing instructions is provided, which, when run on a computer, enables the computer to execute the method for upgrading a chain code according to any one of the first aspects.
第八方面,提供一种芯片系统,该芯片系统包括处理器,用于支持上述装置实现上述第一方面中所涉及的功能。在一种可能的设计中,该芯片系统还包括存储器,该存储器,用于保存该装置必要的程序指令和数据。该芯片系统,可以由芯片构成,也可以包含芯片和其他分立器件。According to an eighth aspect, a chip system is provided. The chip system includes a processor, and is configured to support the foregoing device to implement the functions involved in the foregoing first aspect. In a possible design, the chip system further includes a memory, which is used to store program instructions and data necessary for the device. The chip system can be composed of chips, and can also include chips and other discrete devices.
第九方面,提供一种电路系统,该电路系统包括处理电路,该处理电路被配置为执行上述第一方面所涉及的功能。According to a ninth aspect, there is provided a circuit system including a processing circuit configured to perform a function according to the first aspect described above.
其中,第二方面至第九方面中任一种设计方式所带来的技术效果可参见第一方面中不同设计方式所带来的技术效果,此处不再赘述。The technical effects brought by any one of the design methods in the second aspect to the ninth aspect can refer to the technical effects brought by the different design methods in the first aspect, and will not be repeated here.
附图说明BRIEF DESCRIPTION OF THE DRAWINGS
图1为本申请实施例提供的区块链系统的架构示意图;FIG. 1 is a schematic architecture diagram of a blockchain system according to an embodiment of the present application; FIG.
图2为本申请实施例提供的一种背书节点的结构示意图一;FIG. 2 is a first schematic structural diagram of an endorsement node according to an embodiment of the present application; FIG.
图3为本申请实施例提供的一种获取目标版本集方法的流程示意图;3 is a schematic flowchart of a method for obtaining a target version set according to an embodiment of the present application;
图4为现有技术中链码升级流程以及世界状态的示意图;4 is a schematic diagram of a chain code upgrade process and a state of the world in the prior art;
图5为本申请实施例提供的链码升级方法的流程示意图;FIG. 5 is a schematic flowchart of a chain code upgrade method according to an embodiment of the present application;
图6为本申请实施例提供的链码升级流程以及世界状态的示意图;6 is a schematic diagram of a chain code upgrade process and a state of the world provided by an embodiment of the present application;
图7为本申请实施例提供的创建版本树的方法流程图;7 is a flowchart of a method for creating a version tree according to an embodiment of the present application;
图8为本申请实施例提供的版本树的示意图;8 is a schematic diagram of a version tree provided by an embodiment of the present application;
图9为本申请实施例提供的版本树管理方法的流程图;9 is a flowchart of a version tree management method according to an embodiment of the present application;
图10为本实施例提供的背书节点的结构示意图二。FIG. 10 is a second structural diagram of an endorsement node provided by this embodiment.
具体实施方式Detailed ways
在本申请的描述中,除非另有说明,“/”表示或的意思,例如,A/B可以表示A或B;本文中的“和/或”仅仅是一种描述关联对象的关联关系,表示可以存在三种关系,例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B这三种情况。并且,在本申请的描述中,除非另有说明,“多个”是指两个或多于两个。另外,为了便于清楚描述本申请实施例的技术方案,在本申请的实施例中,采用了“第一”、“第二”等字样对功能和作用基本相同的相同项或相似项进行区分。本领域技术人员可以理解“第一”、“第二”等字样并不对数量和执行次序进行限定,并且“第一”、“第二”等字样也并不限定一定不同。In the description of this application, unless otherwise stated, "/" represents or means, for example, A / B may represent A or B; "and / or" herein is merely an association relationship describing an associated object, It means that there can be three kinds of relationships, for example, A and / or B, it can mean: there are three cases of A alone, A and B, and B alone. And, in the description of the present application, unless stated otherwise, "plurality" means two or more. In addition, in order to facilitate a clear description of the technical solutions of the embodiments of the present application, in the embodiments of the present application, words such as “first” and “second” are used to distinguish the same or similar items having substantially the same functions and functions. Those skilled in the art can understand that the words "first", "second" and the like do not limit the number and execution order, and the words "first" and "second" are not necessarily different.
此外,本申请实施例描述的网络架构以及业务场景是为了更加清楚的说明本申请实施例的技术方案,并不构成对于本申请实施例提供的技术方案的限定,本领域普通技术人员可知,随着网络架构的演变和新业务场景的出现,本申请实施例提供的技术方案对于类似的技术问题,同样适用。In addition, the network architecture and service scenarios described in the embodiments of the present application are used to more clearly illustrate the technical solutions of the embodiments of the present application, and do not constitute a limitation on the technical solutions provided by the embodiments of the present application. With the evolution of the network architecture and the emergence of new service scenarios, the technical solutions provided in the embodiments of the present application are also applicable to similar technical problems.
首先,对本申请实施例涉及的术语进行介绍:First, the terms involved in the embodiments of the present application are introduced:
账本(Ledger):用于记录区块链系统中的每一笔交易,通常包括区块链和当前的世界状态。其中,区块链由首尾相连的一组区块(block)构成。Ledger: Used to record every transaction in the blockchain system, usually including the blockchain and the current state of the world. Among them, the blockchain consists of a set of blocks connected end to end.
世界状态(World State):用于指示交易的执行结果以及状态,通常由一组变量组成。World State (World State): It is used to indicate the execution result and state of the transaction, and usually consists of a set of variables.
以下给出本申请实施例所涉及的区块链系统结构:The following describes the structure of the blockchain system involved in the embodiments of the present application:
如图1所示,为本申请实施例的区块链系统结构示意图。该区块链系统100包括客户端(Client)101、至少一个背书节点102(图1中仅仅示例性的示出一个)、至少一个提交节点(Committer)103以及至少一个共识节点(Orderer)104(图1仅示例性的示出一个)。As shown in FIG. 1, it is a schematic structural diagram of a blockchain system according to an embodiment of the present application. The blockchain system 100 includes a client 101, at least one endorsing node 102 (only one is exemplarily shown in FIG. 1), at least one submitting node 103, and at least one consensus node 104 (orderer) 104 ( Figure 1 shows only one by way of example).
其中,客户端101与背书节点102之间可以通过无线网络(例如Wi-Fi、蓝牙以及蜂窝移动网络等)或者有线网络(例如光纤等)连接,本申请实施例对此不作任何限制。The client 101 and the endorsement node 102 may be connected through a wireless network (such as Wi-Fi, Bluetooth, a cellular mobile network, or the like) or a wired network (such as fiber optics), which is not limited in the embodiment of the present application.
客户端101与共识节点104之间也可以通过无线网络(例如Wi-Fi、蓝牙以及蜂窝移动网络等)或者有线网络(例如光纤等)连接,本申请实施例对此不作任何限制。The client 101 and the consensus node 104 may also be connected through a wireless network (such as Wi-Fi, Bluetooth, a cellular mobile network, or the like) or a wired network (such as fiber optics), which is not limited in the embodiment of the present application.
同样的,共识节点104与背书节点102之间也可以通过无线网络(例如Wi-Fi、蓝牙以及蜂窝移动网络等)或者有线网络(例如光纤等)连接,本申请实施例对此不作任何限制。Similarly, the consensus node 104 and the endorsement node 102 may also be connected through a wireless network (such as Wi-Fi, Bluetooth, cellular mobile network, etc.) or a wired network (such as optical fiber, etc.), which is not limited in this embodiment of the present application.
客户端101,用于向背书节点102等发送链码部署、链码升级请求、发起交易请求等。还用于向共识节点104发送每一交易。其中,客户端101中部署有软件开发包(Software Development Kit,SDK),用户可使用客户端101提供的SDK创建链码,提交链码升级请求,以触发链码的升级流程。The client 101 is configured to send a chain code deployment, a chain code upgrade request, and initiate a transaction request to the endorsement node 102 and the like. It is also used to send each transaction to the consensus node 104. Among them, a software development kit (SDK) is deployed in the client 101, and a user can use the SDK provided by the client 101 to create a chain code and submit a chain code upgrade request to trigger the chain code upgrade process.
需要说明的是,在区块链系统100中,客户端101存储有秘钥(key),从而可以通过该秘钥进行身份验证,以便于提升区块链系统100的安全性。It should be noted that, in the blockchain system 100, the client 101 stores a key, so that the key can be used for identity verification, so as to improve the security of the blockchain system 100.
可选的,上述所涉及到的客户端可以包括各种具有计算功能的计算设备、个人数字助理(personal digital assistant,PDA)电脑、平板型电脑、手持设备(handheld)、膝上型电脑(laptop computer)、用户设备(user equipment,UE),终端设备(terminal device)等。为方便描述,本申请中,上面提到的设备统称为终端。Optionally, the clients mentioned above may include various computing devices with computing functions, personal digital assistant (PDA) computers, tablet computers, handheld devices, and laptop computers (laptops) computer), user equipment (UE), terminal equipment (terminal), and the like. For convenience of description, the devices mentioned above are collectively referred to as terminals in this application.
背书节点102,用于响应客户端101发起的链码部署请求、链码升级请求、交易请求等,并验证每一请求的合法性(包括客户端身份的合法性),若请求为合法请求,则背书节点102为该请求执行背书操作,并将背书结果反馈给客户端101,以使得客户端101根据背书结果将交易发送给共识节点104,用以确定该交易在区块链中的顺序。还用于响应链码升级请求,在独立的运行环境内对待升级链码进行模拟升级,仅当确定待升级链码在模拟升级后不篡改当前的世界状态(即待升级链码在模拟升级前的世界状态和模拟升级后的世界状态一致)后,才在独立的运行环境外对待升级链码 进行实际升级。并且,同样用于存储每一版本链码的版本树,该版本树用于回溯链码版本。需要说明的是,背书节点102中部署有链码,背书节点102执行链码,从而执行客户端所请求的每一交易。The endorsement node 102 is used to respond to the chaincode deployment request, chaincode upgrade request, transaction request, etc. initiated by the client 101 and verify the legitimacy of each request (including the legitimacy of the client's identity). If the request is a legitimate request, Then the endorsement node 102 performs an endorsement operation for the request, and feeds the endorsement result to the client 101, so that the client 101 sends the transaction to the consensus node 104 according to the endorsement result, so as to determine the order of the transaction in the blockchain. It is also used to respond to chain code upgrade requests, to perform simulated upgrade of the chain code to be upgraded in an independent operating environment, and only when it is determined that the chain code to be upgraded does not tamper with the current world state after the simulation upgrade (The world state is the same as the simulated world state after the upgrade), and then the actual upgrade of the chain code is performed outside the independent operating environment. And, it is also used to store a version tree of each version of the chaincode, and the version tree is used to trace back the version of the chaincode. It should be noted that a chain code is deployed in the endorsement node 102, and the endorsement node 102 executes the chain code to execute each transaction requested by the client.
可选的,本申请实施例中的背书节点102可由一个设备实现,还可以是一个设备内的一个功能模块,本申请实施例对此不作具体限定。可以理解的是,上述功能模块既可以是硬件设备中的网络元件,也可以是在硬件设备上运行的软件功能,或者是平台(例如,云平台)上实例化的虚拟化功能。Optionally, the endorsement node 102 in the embodiment of the present application may be implemented by a device or a function module in a device, which is not specifically limited in the embodiment of the present application. It can be understood that the foregoing function module may be a network element in a hardware device, a software function running on a hardware device, or a virtualized function instantiated on a platform (for example, a cloud platform).
提交节点103,用于获取经共识节点104排序后的有序区块链。The submitting node 103 is used to obtain an ordered block chain sorted by the consensus node 104.
可选的,提交节点103可由一个设备实现,还可以是一个设备内的一个功能模块,或具有其他实现方式,本申请实施例对此不作具体限定。Optionally, the submitting node 103 may be implemented by a device, may also be a functional module in a device, or have other implementation manners, which are not specifically limited in this embodiment of the present application.
需要说明的是,背书节点102和提交节点103可合设在一个设备中,该设备具有背书节点102的功能,也具有提交节点103的功能。其中,背书节点102和提交节点103可实现为一个设备中的不同组件,也可实现为一个设备中的不同功能模块,本申请实施例对此不进行限制。It should be noted that the endorsement node 102 and the submission node 103 may be co-located in one device, and the device has the function of the endorsement node 102 and the function of the submission node 103. Wherein, the endorsement node 102 and the submission node 103 may be implemented as different components in a device, or may be implemented as different functional modules in a device, which is not limited in the embodiment of the present application.
共识节点104,用于对客户端101发送的每一交易进行排序,以保证每个交易按照正确顺序被写入区块链。还用于将排序后的交易通知给提交节点103。The consensus node 104 is used to sort each transaction sent by the client 101 to ensure that each transaction is written into the blockchain in the correct order. It is also used to notify the submitting node 103 of the sorted transactions.
可选的,共识节点104可由一个设备实现,还可以是一个设备内的一个功能模块,或者具有其他实现方式,本申请实施例对此不作具体限定。Optionally, the consensus node 104 may be implemented by a device, may also be a functional module within a device, or have other implementation manners, which are not specifically limited in this embodiment of the present application.
本申请实施例提供的链码升级方法主要应用于上述背书节点中,本申请实施例中的背书节点可具有图1所示的背书节点101和提交节点102的功能,其中,当由硬件设备实现时,图2示出了一种示例性的背书节点的硬件结构示意图。该背书节点200包括至少一个处理器201,通信线路202,存储器203以及至少一个收发器204。The chain code upgrade method provided in the embodiment of the present application is mainly applied to the above endorsement node. The endorsement node in the embodiment of the present application may have the functions of the endorsement node 101 and the submission node 102 shown in FIG. 1, and when implemented by a hardware device FIG. 2 shows a schematic diagram of the hardware structure of an exemplary endorsement node. The endorsement node 200 includes at least one processor 201, a communication line 202, a memory 203, and at least one transceiver 204.
处理器201可以是一个通用中央处理器(central processing unit,CPU),微处理器,特定应用集成电路(application-specific integrated circuit,ASIC),或一个或多个用于控制本申请方案程序执行的集成电路。The processor 201 may be a general-purpose central processing unit (CPU), a microprocessor, an application-specific integrated circuit (ASIC), or one or more processors for controlling the execution of the program of the solution of the present application. integrated circuit.
通信线路202可包括一通路,在上述组件之间传送信息。The communication line 202 may include a path for transmitting information between the aforementioned components.
收发器204,用于与其他设备或通信网络通信,如以太网,无线接入网(radio access network,RAN),无线局域网(wireless local area networks,WLAN)等。The transceiver 204 is configured to communicate with other devices or communication networks, such as Ethernet, wireless access network (RAN), wireless local area networks (WLAN), and the like.
存储器203可以是只读存储器(read-only memory,ROM)或可存储静态信息和指令的其他类型的静态存储设备,随机存取存储器(random access memory,RAM)或者可存储信息和指令的其他类型的动态存储设备,也可以是电可擦可编程只读存储器(electrically erasable programmable read-only memory,EEPROM)、只读光盘(compact disc read-only memory,CD-ROM)或其他光盘存储、光碟存储(包括压缩光碟、激光碟、光碟、数字通用光碟、蓝光光碟等)、磁盘存储介质或者其他磁存储设备、或者能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质,但不限于此。存储器可以是独立存在,通过通信线路202与处理器相连接。存储器也可以和处理器集成在一起。The memory 203 may be a read-only memory (ROM) or other types of static storage devices that can store static information and instructions, a random access memory (RAM), or other types that can store information and instructions Dynamic storage device, can also be electrically erasable programmable read-only memory (electrically erasable programmable read-only memory (EEPROM)), read-only compact disc (compact disc-read-only memory (CD-ROM) or other optical disc storage, optical disc storage (Including compact discs, laser discs, optical discs, digital versatile discs, Blu-ray discs, etc.), disk storage media or other magnetic storage devices, or can be used to carry or store desired program code in the form of instructions or data structures and can be used by a computer Any other media accessed, but not limited to this. The memory may exist independently, and is connected to the processor through the communication line 202. The memory can also be integrated with the processor.
其中,存储器203用于存储执行本申请方案的计算机执行指令,并由处理器201来控制执行。处理器201用于执行存储器203中存储的计算机执行指令,从而实现本 申请下述实施例提供的链码升级方法。可选的,存储器203中存储有图2所示的模拟升级应用程序代码、版本树管理应用程序代码、背书应用程序代码、交易存储应用程序代码、提交应用程序代码、区块组装应用程序代码、链码生命周期管理(Life Service of Chain Code,LSCC)应用程序代码等。其中,模拟升级应用程序代码用于提供链码的模拟升级功能。版本树管理应用程序代码用于提供版本树相应的管理功能。背书应用程序代码用于提供背书功能。交易存储应用程序代码用于提供对每一交易进行记账的功能。提交应用程序代码用于提供向其他类型节点提交内容的功能。区块组装应用程序代码用于提供将区块组装成区块链的功能。LSCC用于提供链码生命周期管理的功能。The memory 203 is configured to store a computer execution instruction for executing the solution of the present application, and the processor 201 controls execution. The processor 201 is configured to execute computer execution instructions stored in the memory 203, so as to implement the method for upgrading a chain code provided in the following embodiments of the present application. Optionally, the memory 203 stores the simulation upgrade application code, version tree management application code, endorsement application code, transaction storage application code, submission application code, block assembly application code, Chain code life cycle management (Life Code of Chain Code, LSCC) application code, etc. Among them, the simulation upgrade application code is used to provide a chain code simulation upgrade function. The version tree management application code is used to provide the corresponding management functions of the version tree. The endorsement application code is used to provide endorsement functionality. The transaction storage application code is used to provide the function of accounting for each transaction. The submission application code is used to provide the ability to submit content to other types of nodes. The block assembly application code is used to provide the function of assembling blocks into a blockchain. LSCC is used to provide the function of chain code life cycle management.
可选的,本申请实施例中的计算机执行指令也可以称之为应用程序代码,本申请实施例对此不作具体限定。Optionally, the computer-executable instructions in the embodiments of the present application may also be referred to as application program codes, which are not specifically limited in the embodiments of the present application.
在具体实现中,作为一种实施例,处理器201可以包括一个或多个CPU,例如图2中的CPU0和CPU1。In specific implementation, as an embodiment, the processor 201 may include one or more CPUs, such as CPU0 and CPU1 in FIG. 2.
在具体实现中,作为一种实施例,背书节点200可以包括多个处理器,例如图2中的处理器201和处理器207。这些处理器中的每一个可以是一个单核(single-CPU)处理器,也可以是一个多核(multi-CPU)处理器。这里的处理器可以指一个或多个设备、电路、和/或用于处理数据(例如计算机程序指令)的处理核。In specific implementation, as an embodiment, the endorsement node 200 may include multiple processors, such as the processor 201 and the processor 207 in FIG. 2. Each of these processors can be a single-CPU processor or a multi-CPU processor. A processor herein may refer to one or more devices, circuits, and / or processing cores for processing data (such as computer program instructions).
在具体实现中,作为一种实施例,背书节点200还可以包括输出设备205和输入设备206。输出设备205和处理器201通信,可以以多种方式来显示信息。例如,输出设备205可以是液晶显示器(liquid crystal display,LCD),发光二级管(light emitting diode,LED)显示设备,阴极射线管(cathode ray tube,CRT)显示设备,或投影仪(projector)等。输入设备206和处理器201通信,可以以多种方式接收用户的输入。例如,输入设备206可以是鼠标、键盘、触摸屏设备或传感设备等。In a specific implementation, as an embodiment, the endorsement node 200 may further include an output device 205 and an input device 206. The output device 205 is in communication with the processor 201 and can display information in a variety of ways. For example, the output device 205 may be a liquid crystal display (LCD), a light emitting diode (LED) display device, a cathode ray tube (CRT) display device, or a projector. Wait. The input device 206 is in communication with the processor 201 and can receive user input in a variety of ways. For example, the input device 206 may be a mouse, a keyboard, a touch screen device, or a sensing device.
上述的背书节点200可以是一个通用设备或者是一个专用设备。在具体实现中,背书节点200可以是台式机、便携式电脑、掌上电脑(personal digital assistant,PDA)、移动手机、平板电脑、无线终端设备或有图2中类似结构的设备。本申请实施例不限定背书节点200的类型。The above-mentioned endorsement node 200 may be a general-purpose device or a special-purpose device. In a specific implementation, the endorsement node 200 may be a desktop computer, a portable computer, a personal digital assistant (PDA), a mobile phone, a tablet computer, a wireless terminal device, or a device with a similar structure in FIG. 2. The embodiment of the present application does not limit the type of the endorsement node 200.
下面将结合图1、图2对本申请实施的技术方案进行详细阐述。首先,如图3给出背书节点获取目标版本集的流程。该获取目标版本集的流程是本申请下述实施例提供的链码升级方法的基础,包括如下步骤:The technical solution implemented in the present application will be described in detail below with reference to FIGS. 1 and 2. First, as shown in Figure 3, the endorsement node obtains the target version set flow. The process of obtaining the target version set is the basis of the chain code upgrade method provided by the following embodiments of this application, and includes the following steps:
S301、客户端接收用户输入的安装包上传指令。S301. The client receives an installation package upload instruction input by a user.
这里,升级包为待升级链码的第一目标版本的安装包。例如,需将待升级链码升级至2.0版本,则安装包为2.0版本的安装包。由于本申请实施例主要应用于链码升级流程中,因此,本文中的安装包也可称为升级包。Here, the upgrade package is an installation package of the first target version of the chain code to be upgraded. For example, if the chain code to be upgraded needs to be upgraded to version 2.0, the installation package is a version 2.0 installation package. Since the embodiments of the present application are mainly applied to the chain code upgrade process, the installation package herein may also be referred to as an upgrade package.
可选的,用户通过子命令方式输入安装包上传指令,或者,用户通过用户界面(User Interface,UI)方式输入安装包上传指令,当然,用户还可以通过其他方式输入安装包上传指令,本申请实施例对此不进行限制。Optionally, the user enters the installation package upload instruction through a subcommand, or the user enters the installation package upload instruction through a User Interface (UI) method. Of course, the user can also enter the installation package upload instruction through other methods. This application The embodiment does not limit this.
S302、响应于安装包上传指令,客户端将待升级链码的第一目标版本的安装包上报给背书节点。S302. In response to the installation package upload instruction, the client reports the installation package of the first target version of the chain code to be upgraded to the endorsing node.
S303、背书节点存储第一目标版本的安装包。S303. The endorsement node stores the installation package of the first target version.
基于本实施例提供的上传安装包的流程,背书节点中存储有第一目标版本的安装包,进而就可以根据用户需求使用相应安装包将待升级链码升级至第一目标版本,满足更多新业务的需求。Based on the process of uploading the installation package provided in this embodiment, the endorsement node stores the installation package of the first target version, and then the corresponding installation package can be used to upgrade the chain code to be upgraded to the first target version according to user needs, which meets more Demand for new business.
以贵金属交易为例,如图4所示,假定初始时,甲企业与乙企业签订了一份贵金属交易的合约,并使用区块链技术进行贵金属交易,双方约定各自的初始账户额度均为20万。区块链系统执行这个合约(即链码)的初始化过程,合约中的初始世界状态(例如初始账户状态、初始账户额度)被记录在每一背书节点的账本上。其中,初始合约中双方的账户额度为:甲的账户额度20万,乙的账户额度20万。Taking the precious metal transaction as an example, as shown in Fig. 4, suppose that at the beginning, enterprise A and enterprise B signed a contract for precious metal transactions, and used the blockchain technology to conduct precious metal transactions. The two parties agreed that their initial account quotas were 20 Million. The blockchain system performs the initialization process of this contract (that is, the chain code). The initial world state (such as the initial account status and initial account quota) in the contract is recorded on the ledger of each endorsed node. Among them, the account limit of both parties in the initial contract is: A's account limit is 200,000, and B's account limit is 200,000.
需要说明的是,在区块链技术中,智能合约与链码是同一个概念,在此进行说明,下文不再赘述。It should be noted that in the blockchain technology, smart contracts and chain codes are the same concept, which will be described here, and will not be described in detail below.
之后,甲企业向乙企业支付2万元,用于购买某种贵金属。此时,甲企业的账户余额为18万,乙企业的账户余额为22万。随着交易行情的变化,乙企业认为贵金属的交易单价应该提升,于是,乙企业和甲企业重新签订合约,约定中记载有贵金属的新的交易单价。区块链系统验证新链码(合约)是否为甲企业或乙企业所提交的,若新链码是甲企业或乙企业提交的,则区块链系统确认该新链码合法,则执行新链码的初始化流程,新链码(合约)中的账户初始值被账本记录。但是,当新链码存在逻辑缺陷时,很可能错置交易的世界状态(例如账户状态、账户初始值、账户余额等)。仍参见图4,甲企业的账户余额应当为22万,但是,由于新链码存在逻辑缺陷,甲企业的账户余额被错置为20万,同样的,乙企业的账户余额被错置为20万。Afterwards, Enterprise A paid RMB 20,000 to Enterprise B for the purchase of a certain precious metal. At this time, the account balance of enterprise A was 180,000, and the account balance of enterprise B was 220,000. With the changes in the trading market, Company B believes that the unit price of precious metals should be increased. Therefore, Company B and Company A re-sign a contract with a new unit price of precious metals recorded in the agreement. The blockchain system verifies whether the new chain code (contract) was submitted by enterprise A or enterprise B. If the new chain code is submitted by enterprise A or enterprise B, the blockchain system confirms that the new chain code is legal, and executes the new The chain code initialization process, the initial value of the account in the new chain code (contract) is recorded in the ledger. However, when the new chain code has logical defects, it is likely to misplace the world state of the transaction (such as account status, account initial value, account balance, etc.). Still referring to Figure 4, the account balance of enterprise A should be 220,000, but due to a logical defect in the new chain code, the account balance of enterprise A was misplaced to 200,000. Similarly, the account balance of enterprise B was misplaced to 20 Million.
可见,现有技术中,在链码升级(即部署新合约)时很可能对交易的世界状态产生非预期的修改,使得记录的区块链出现差错,导致用户的链下资产受损。It can be seen that in the prior art, when the chain code is upgraded (that is, a new contract is deployed), it is likely to cause unexpected changes to the world state of the transaction, which will cause errors in the recorded blockchain and cause damage to users' off-chain assets.
对此,本申请实施例提供一种链码升级方法,如图5所示,该方法包括如下步骤:To this end, an embodiment of the present application provides a method for upgrading a chain code. As shown in FIG. 5, the method includes the following steps:
S501、客户端向背书节点发送链码升级请求,该链码升级请求携带有升级提案,用于请求背书节点将待升级链码升级至第一目标版本,升级提案包含第一目标版本安装包在背书节点中的路径以及安装包的相关配置。这里,安装包的相关配置包括但不限于安装包对应的链码的名称,对应的链码版本。S501. The client sends a chain code upgrade request to the endorsing node. The chain code upgrade request carries an upgrade proposal, which is used to request the endorsing node to upgrade the chain code to be upgraded to the first target version. The upgrade proposal includes the first target version installation package in Endorses the path in the node and the related configuration of the installation package. Here, the related configuration of the installation package includes, but is not limited to, the name of the chain code corresponding to the installation package and the corresponding version of the chain code.
其中,用户可通过命令行或UI方式对链码进行升级,当然,用户还可以采用其他方式对链码进行升级。若采用命令行方式,在一种示例中,用户通过客户端输入链码升级指令,以触发客户端执行S501。具体的,用户在客户端输入链码升级指令后,客户端根据该链码升级指令生成代码结构体(Spec),根据Spec生成部署Spec,根据部署Spec生成升级提案(upgrade Proposal)。这里,为了确保升级提案来自合法客户端,客户端可对升级提案进行数字签名。具体的,客户端使用私钥加密该升级提案,以实现对该升级提案的签名。Among them, users can upgrade the chaincode through the command line or UI. Of course, users can also upgrade the chaincode in other ways. If the command line method is used, in one example, the user enters a chain code upgrade instruction through the client to trigger the client to execute S501. Specifically, after the user enters the chain code upgrade instruction on the client, the client generates a code structure (Spec) according to the chain code upgrade instruction, generates a deployment spec according to the Spec, and generates an upgrade proposal according to the deployment Spec. Here, to ensure that the upgrade proposal comes from a legitimate client, the client can digitally sign the upgrade proposal. Specifically, the client uses the private key to encrypt the upgrade proposal to implement signature of the upgrade proposal.
之后,客户端通过诸如远程过程调用(Remote Procedure Call Protocol,RPC)协议向背书节点发送携带有升级提案的链码升级请求,用以通知背书节点将待升级链码升级至第一目标版本。After that, the client sends a chain code upgrade request carrying an upgrade proposal to the endorsing node through a protocol such as Remote Procedure Call (Protocol, Protocol, RPC) to notify the endorsing node to upgrade the chain code to be upgraded to the first target version.
S502、背书节点获取待升级链码对应的第一目标版本集,第一目标版本集包括第一目标版本的升级包、升级包的相关配置。S502. The endorsement node obtains a first target version set corresponding to the chain code to be upgraded. The first target version set includes an upgrade package of the first target version and related configurations of the upgrade package.
其中,如上文所描述,一个版本的升级包即该版本的安装包。Among them, as described above, an upgrade package of a version is an installation package of the version.
背书节点在接收到链码升级请求后,调用提案处理(ProcessProposal)接口处理携带的升级提案,验证升级提案的签名。具体的,背书节点采用客户端的公钥验证升级提案是否来自该客户端。背书节点还可以验证该客户端的证书以及权限,从而进一步加强区块链系统的安全性。若验证均通过,则背书节点根据升级提案中第一目标版本安装包的路径获取第一目标版本的安装包以及第一目标版本安装包的相关配置。为方便描述,本文中将一个版本的安装包的路径以及该版本安装包的相关配置称为一个版本集,这里统一做出说明,下文不再赘述。如此,第一目标版本安装包的路径以及第一目标版本安装包的相关配置合称目标版本集。After receiving the chaincode upgrade request, the endorsing node calls the ProcessProposal interface to process the carried upgrade proposal and verifies the signature of the upgrade proposal. Specifically, the endorsement node uses the client's public key to verify whether the upgrade proposal comes from the client. The endorsement node can also verify the client's certificate and authority, thereby further strengthening the security of the blockchain system. If the verification is passed, the endorsement node obtains the installation package of the first target version and the related configuration of the installation package of the first target version according to the path of the installation package of the first target version in the upgrade proposal. For the convenience of description, the path of a version installation package and the related configuration of the version installation package are referred to as a version set in this article, which are described here collectively, and will not be described in detail below. In this way, the path of the first target version installation package and the related configuration of the first target version installation package are collectively referred to as the target version set.
S503、背书节点创建独立的运行环境。S503. The endorsement node creates an independent operating environment.
可选的,独立的运行环境为容器,容器为独立运行的至少一个应用以及至少一个应用的运行环境。当然,独立的运行环境也可以有其他实现形式,例如,实现为虚拟机等运行环境,本申请实施例对此不进行限制。Optionally, the independent running environment is a container, and the container is at least one application running independently and the running environment of at least one application. Of course, the independent running environment may also have other implementation forms, for example, being implemented as a running environment such as a virtual machine, which is not limited in the embodiment of the present application.
其中,独立的运行环境不影响自身之外的运行环境。例如,不会改变该独立运行环境外Host文件系统的数据,不会对该独立运行环境外实际的状态数据库中的数据进行篡改。Among them, the independent operating environment does not affect the operating environment outside of itself. For example, the data of the Host file system outside the independent operating environment will not be changed, and the data in the actual state database outside the independent operating environment will not be altered.
可选的,背书节点调用应用程序编程接口(Application Programming Interface,API)创建独立的运行环境,例如,背书节点调用API接口创建容器。Optionally, the endorsement node calls an application programming interface (Application Programming Interface, API) to create an independent running environment, for example, the endorsement node calls an API interface to create a container.
背书节点可在S501之前预先创建一个独立运行环境,后续,可直接使用预先创建的独立运行环境。或者,背书节点在获取第一目标版本集后创建,当然,也可在其他时间创建该独立的运行环境。也就是,本申请实施例对创建独立运行环境的时机不做限制。The endorsement node can create an independent operating environment in advance before S501, and in the future, it can directly use the independent operating environment created in advance. Alternatively, the endorsement node is created after the first target version set is obtained. Of course, the independent running environment may also be created at another time. That is, the timing of creating an independent operating environment is not limited in the embodiment of the present application.
S504、背书节点获取第一世界状态。其中,第一世界状态为待升级链码模拟升级前的世界状态。S504. The endorsement node obtains the first world state. Among them, the first world state is the state of the chain code to be upgraded before the upgrade.
需要说明的是,本申请实施例并不对获取第一世界状态的时机进行限制,例如,背书节点可在S503之后执行S504,也可以在S502之前或之后执行S504。It should be noted that the embodiment of the present application does not limit the timing of obtaining the first world state. For example, the endorsing node may execute S504 after S503, and may also execute S504 before or after S502.
S505、背书节点在独立的运行环境内根据第一目标版本集对待升级链码进行模拟升级。S505. The endorsement node performs a simulated upgrade on the chain code to be upgraded according to the first target version set in an independent operating environment.
可选的,背书节点对第一目标版本集(即第一目标版本的安装包以及第一目标版本安装包的相关配置)所指示的链码进行编译,根据编译后链码的二进制文件生成镜像。Optionally, the endorsement node compiles the chaincode indicated by the first target version set (that is, the installation package of the first target version and the related configuration of the first target version installation package), and generates an image according to the binary file of the compiled chaincode .
之后,背书节点启动上述生成的镜像,在独立运行环境内根据镜像中包含的第一目标版本集的信息执行链码的模拟升级流程。具体的,背书节点在独立运行环境内根据第一目标版本安装包以及安装包的相关配置对待升级链码进行模拟升级,对模拟升级后的第一目标版本链码进行初始化。这里,对链码进行模拟升级的流程与对链码进行实际升级的流程相似,所不同的是,模拟升级流程在独立的运行环境内进行,不影响背书节点中该独立运行环境外的其他应用程序代码的运行,即模拟升级流程不会对该独立运行环境外的其他操作产生干扰,该独立运行环境外的应用程序等无法感知上述模拟升级流程。After that, the endorsement node starts the above-mentioned generated image, and executes the simulation upgrade process of the chaincode in the independent operating environment according to the information of the first target version set contained in the image. Specifically, the endorsement node performs a simulated upgrade of the chain code to be upgraded in the independent operating environment according to the first target version installation package and related configuration of the installation package, and initializes the first target version chain code after the simulated upgrade. Here, the process of simulating the upgrade of the chain code is similar to the process of actually upgrading the chain code. The difference is that the simulation upgrade process is performed in an independent operating environment and does not affect other applications outside the independent operating environment in the endorsement node. The running of the program code, that is, the simulation upgrade process will not interfere with other operations outside the independent running environment, and applications outside the independent running environment cannot perceive the above simulation upgrade process.
其中,升级链码以及初始化链码的具体流程可参见现有技术,这里不再赘述。The specific process of upgrading the chain code and initializing the chain code can be referred to the prior art, and will not be repeated here.
S506、背书节点获取第二世界状态,第二世界状态为待升级链码在模拟升级后的世界状态。S506. The endorsement node obtains a second world state, and the second world state is a simulated world state of the chain code to be upgraded.
结合图6中链码升级的示例性流程,第一目标版本链码初始化后对应的第二世界状态为:甲企业的账户余额为18万,乙企业的账户余额为22万。With reference to the exemplary process of chain code upgrade in FIG. 6, the second world state corresponding to the initial target version of the chain code after initialization is: the account balance of enterprise A is 180,000, and the account balance of enterprise B is 220,000.
S507、若第二世界状态与第一世界状态一致,则背书节点在独立运行环境外对待升级链码进行升级。S507. If the state of the second world is consistent with the state of the first world, the endorsing node upgrades the chain code to be upgraded outside the independent operating environment.
S507这里的升级为实际的链码升级流程,包括第一目标版本链码的初始化流程。The upgrade here in S507 is the actual chaincode upgrade process, including the initialization process of the first target version of the chaincode.
上述步骤S501至S507中背书节点的动作可以由图2所示的处理器201调用存储器203中存储的应用程序代码来执行。例如,处理器201调用存储器203中存储的模拟升级应用程序代码执行S505的模拟升级动作。当然,还可以采取其他方式执行上述动作,本申请实施例对此不进行任何限制。The actions of the endorsement node in the above steps S501 to S507 can be executed by the processor 201 shown in FIG. 2 calling the application program code stored in the memory 203. For example, the processor 201 calls the simulation upgrade application program code stored in the memory 203 to perform the simulation upgrade action of S505. Of course, the above actions can also be performed in other manners, which are not limited in the embodiment of the present application.
与现有技术中仅验证目标版本链码是否来自合法客户端,使得存在逻辑缺陷的目标版本链码篡改世界状态,提升交易风险相比,本申请实施例提供的链码升级的方法,背书节点获取待升级链码对应的第一目标版本集,并在独立运行环境内根据第一目标版本集对待升级链码进行模拟升级,只有当确定模拟升级后的第二世界状态与模拟升级前的第一世界状态一致后,才在该独立运行环境外对待升级链码进行实际升级。首先,在独立运行环境保护的内存中进行模拟升级流程,不会对独立运行环境外的其他应用程序产生干扰,也就是不会对该独立运行环境外的实际交易和区块链数据产生破坏。其次,模拟升级后的第二世界状态与模拟升级前的第一世界状态一致,说明第一目标版本链码并未篡改世界状态,由于已经在独立运行环境中对链码升级的可行性进行验证,那么在实际升级过程中,第一目标版本链码篡改世界状态的概率也就相应减小,使得实际升级后基于未篡改的世界状态进行的交易的准确度有所提升,提升区块链交易的安全性。Compared with the prior art, which only verifies that the target version chain code comes from a legitimate client, so that the target version chain code with logical defects can tamper with the world state and increase the transaction risk, the method for upgrading the chain code provided in the embodiment of this application endorses the node. Obtain the first target version set corresponding to the chain code to be upgraded, and simulate the upgrade of the chain code to be upgraded according to the first target version set in an independent operating environment. Only when the second world state after the simulation upgrade and the first After the world status is consistent, the actual upgrade of the chain code to be upgraded is performed outside the independent operating environment. First of all, the simulation upgrade process in the memory of independent operation environment protection will not interfere with other applications outside the independent operation environment, that is, it will not cause damage to the actual transactions and blockchain data outside the independent operation environment. Secondly, the second world state after the simulation upgrade is consistent with the first world state before the simulation upgrade, indicating that the first target version of the chain code has not tampered with the world state. The feasibility of the chain code upgrade has been verified in an independent operating environment. , Then in the actual upgrade process, the probability that the first target version chain code tampered with the world state will be correspondingly reduced, so that the accuracy of transactions based on the untampered world state after the actual upgrade is improved, and blockchain transactions are improved. Security.
在本申请的另一些实施例中,还提供一种链码的版本树管理方法,如图7所示,给出创建版本树的流程,该版本树创建流程是本申请下述实施例提供的版本树管理方法的基础,包括如下步骤:In other embodiments of the present application, a method for managing a version tree of a chain code is also provided. As shown in FIG. 7, a process for creating a version tree is provided. The basis of the version tree management method includes the following steps:
S701、背书节点获取链码对应的新版本集。S701. The endorsement node obtains a new version set corresponding to the chain code.
其中,S701的描述可参见S502,这里不再赘述。For the description of S701, refer to S502, which is not repeated here.
可选的,背书节点的处理器201调用存储器203中的LSCC,LSCC获取链码对应的新版本集。Optionally, the processor 201 of the endorsement node calls the LSCC in the memory 203, and the LSCC obtains a new version set corresponding to the chain code.
S702、背书节点根据新版本集对应的链码所属的领域确定新版本集所属的版本树分支。S702. The endorsement node determines the version tree branch to which the new version set belongs according to the domain to which the chain code corresponding to the new version set belongs.
可选的,处理器201调用存储器203中的版本树管理应用程序代码,由版本树管理应用程序代码根据链码所属的领域确定新版本集所属的版本树分支。Optionally, the processor 201 calls the version tree management application code in the memory 203, and the version tree management application code determines the version tree branch to which the new version set belongs according to the domain to which the chain code belongs.
其中,不同领域链码具有不同的链码标识。版本树包括根节点和子节点,根节点为虚拟节点,不对应具有实际意义的版本集,子节点包括第一子节点和第二子节点,第一子节点为根节点的第一级子节点,第二子节点为除第一级子节点外的其他级子节点。每一第一子节点为一个领域链码的版本根节点,版本根节点下直接或间接连接该 领域链码的第二子节点,领域链码的第一子节点和领域链码的第二子节点构成领域链码的版本树分支。在版本树中,每一子节点对应一个版本集,一个版本集包括该版本的安装包和该版本安装包的相关配置。可选的,版本树的某一分支中按照版本的更新时间挂接不同版本的版本集,新版本集基于上一级的旧版本集。Among them, different domain chain codes have different chain code identifiers. The version tree includes a root node and a child node. The root node is a virtual node and does not correspond to a version set with practical significance. The child node includes a first child node and a second child node. The first child node is a first-level child node of the root node. The second child node is a child node other than the first-level child node. Each first child node is a version root node of the domain chain code. The version root node directly or indirectly connects the second child node of the domain chain code, the first child node of the domain chain code and the second child of the domain chain code. Nodes constitute the version tree branch of the domain chain code. In the version tree, each child node corresponds to a version set, and a version set includes the installation package of the version and the related configuration of the installation package of the version. Optionally, in a certain branch of the version tree, the version sets of different versions are linked according to the update time of the version, and the new version set is based on the old version set at a higher level.
在本申请实施例中,领域可用于描述链码的功能,也可用于区分不同的用户业务。参见图8,领域1对应贵金属交易的链码,领域2对应慈善机构的慈善款链码,领域3对应股票交易的链码。图8中的版本树包括根节点和多个子节点,贵金属领域分支包括该领域的版本根节点(第一级子节点)和其他级子节点,其中,版本根节点对应1.0版本的版本集(即1.0版本链码的安装包、1.0版本链码的安装包的相关配置),该版本根节点下连接的第二级子节点对应2.0版本的版本集,第三级子节点对应3.0版本的版本集。同样的,慈善款领域分支和股票领域分支中的每一节点对应一个版本集。In the embodiments of the present application, the domain can be used to describe the function of the chain code, and can also be used to distinguish different user services. Referring to FIG. 8, the domain 1 corresponds to the chain code of the precious metal transaction, the domain 2 corresponds to the charity chain code of the charity, and the domain 3 corresponds to the chain code of the stock transaction. The version tree in FIG. 8 includes a root node and a plurality of child nodes. The precious metal field branch includes a version root node (first-level child node) and other level child nodes of the field, where the version root node corresponds to a version set of version 1.0 (that is, 1.0 version of the chaincode installation package and 1.0 version of the chaincode installation package), the second-level child node connected to the root node of this version corresponds to the version set of version 2.0, and the third-level child node corresponds to the version set of version 3.0 . Similarly, each node in the charity funds branch and the stock domain branch corresponds to a version set.
在一个示例中,结合图4、图6的举例,待升级链码为甲企业和乙企业进行贵金属交易这一领域的链码,且甲企业和乙企业需将待升级链码升级至4.0版本,则新版本为4.0版本,新版本集所属的版本树分支为图8所示的贵金属领域分支。In an example, in conjunction with the examples in FIG. 4 and FIG. 6, the chain code to be upgraded is a chain code in the field of precious metal transactions between enterprise A and enterprise B, and enterprise A and enterprise B must upgrade the chain code to be upgraded to version 4.0 , The new version is version 4.0, and the branch of the version tree to which the new version set belongs is the precious metal field branch shown in FIG. 8.
S703、背书节点将获取的新版本集连接在该新版本集所属版本树分支中最新版本的版本集后。S703. The endorsement node connects the acquired new version set to the latest version version set in the branch of the version tree to which the new version set belongs.
可选的,背书节点的处理器201调用存储器203中的版本树管理应用程序代码将新版本集连接在所属版本树分支上。Optionally, the processor 201 of the endorsement node calls the version tree management application code in the memory 203 to connect the new version set to the branch of the version tree to which it belongs.
如图8所示,在贵金属领域的版本树分支中,版本最新的版本集为3.0版本集,则将新获取的4.0版本集连接在3.0版本集后。As shown in FIG. 8, in the branch of the version tree in the field of precious metals, the latest version set is the 3.0 version set, and the newly obtained 4.0 version set is connected after the 3.0 version set.
结合图5所示的实施例,在图7所示的实施例中,还可判断每一版本集是否合法。具体的,若背书节点确定某一版本链码模拟升级后的第二世界状态与模拟升级前的第一世界状态一致,说明该版本链码并未篡改世界状态,则确定该版本集为合法版本集,即在本申请实施例中,合法版本集指的是模拟升级前后世界状态一致的版本集,这里统一做出说明。若背书节点确定某一版本链码模拟升级后的第二世界状态与模拟升级前的第一世界状态不一致,则确定该版本集为非法版本集,也就是说,在本申请实施例中,非法版本集指的是模拟升级前后世界状态不一致的版本集,这里统一说明。作为一种可能的实现方式,若背书节点的处理器201初步确定某一版本集为合法版本集,则在独立运行环境内调用图2所示的模拟升级应用程序代码,模拟升级应用程序代码使用私钥1对该版本集进行签名。后续,在独立容器外,背书节点的处理器201调用图2所示的LSCC,LSCC使用公钥1(公钥1与私钥1为成对使用的秘钥)验证该版本集是否经过模拟升级应用程序代码处理,若是,则最终确定该版本集为合法版本集。With reference to the embodiment shown in FIG. 5, in the embodiment shown in FIG. 7, it can also be determined whether each version set is legal. Specifically, if the endorsing node determines that the second world state after the simulated upgrade of a certain version of the chaincode is consistent with the first world state before the simulated upgrade, indicating that the version of the chaincode has not tampered with the world state, the version set is determined to be a legal version Set, that is, in the embodiment of the present application, the legal version set refers to a version set that is consistent with the state of the world before and after the simulation upgrade, and a unified description is made here. If the endorsing node determines that the second world state after the simulated upgrade of a certain version of the chaincode is inconsistent with the first world state before the simulated upgrade, it determines that the version set is an illegal version set, that is, in the embodiment of the present application, it is illegal The version set refers to a version set that is inconsistent with the state of the world before and after the simulation upgrade, and is described here uniformly. As a possible implementation manner, if the processor 201 of the endorsement node initially determines that a certain version set is a legal version set, the simulation upgrade application code shown in FIG. 2 is called in an independent operating environment, and the use of the simulation upgrade application code is simulated. Private key 1 signs the version set. Subsequently, outside the independent container, the processor 201 of the endorsing node calls the LSCC shown in Figure 2. The LSCC uses the public key 1 (the public key 1 and the private key 1 are used in pairs) to verify whether the version set has been simulated and upgraded. The application code processes, and if so, finally determines that the version set is a legal version set.
仍参见图8,贵金属领域链码的每一版本集中,1.0版本集、2.0、3.0版本集为合法版本集,4.0版本为非法版本集;慈善款领域链码的每一版本集中,1.0版本集、2.0版本集为合法版本集;股票领域链码的每一版本集中,1.0版本集、2.0版本集为合法版本集。Still referring to FIG. 8, each version set of the precious metal field chain code, the 1.0 version set, 2.0, 3.0 version set is a legal version set, the 4.0 version is an illegal version set; each version set of the charity field chain code, the 1.0 version set And 2.0 version sets are legal version sets; for each version set of the chain code in the stock field, the 1.0 version set and the 2.0 version set are legal version sets.
在本申请实施例中,可将合法版本集存储至状态数据库中,这意味着状态数据库中的合法版本集可被客户端调用,非法版本集不存储至状态数据库,从而,客户端不会调用到非法版本集对应的链码,降低调用非法版本集进行交易的风险性。In the embodiment of the present application, the legal version set can be stored in the state database, which means that the legal version set in the state database can be called by the client, and the illegal version set is not stored in the state database, so the client does not call To the chain code corresponding to the illegal version set, reducing the risk of calling the illegal version set for transactions.
需要说明的是,背书节点将新版本集连接在所属版本树分支(即新增节点)这一动作可作为触发条件,用以触发背书节点创建上文提及的独立运行环境。当然,创建独立容器这一事件的触发条件不局限于此,本申请实施例不对此进行限制。It should be noted that the action of the endorsement node to connect the new version set to its own version tree branch (ie, a new node) can be used as a trigger condition to trigger the endorsement node to create the independent operating environment mentioned above. Of course, the triggering condition of the event of creating an independent container is not limited to this, and this embodiment of the present application does not limit this.
基于本实施提供的版本树创建流程,背书节点中存储有每一版本链码的版本集,即背书节点有链码安装、每一次升级的历史记录,每一领域链码的版本树分支中按照旧版本集到新版本集的顺序顺次连接,进而可根据后续的业务需求追溯链码版本,选取合适版本的链码作为提供交易业务的链码,提升用户体验。Based on the version tree creation process provided in this implementation, the endorsement node stores the version set of each version of the chaincode, that is, the endorsement node has a history of chaincode installation and each upgrade. The old version set is sequentially connected to the new version set, and the chain code version can be traced according to subsequent business requirements, and the appropriate version of the chain code can be selected as the chain code to provide transaction services to improve the user experience.
结合图5、图7所示的实施例,以下给出本申请实施例提供的版本树管理方法的流程,如图9所示,该方法包括如下步骤:With reference to the embodiments shown in FIG. 5 and FIG. 7, the following describes the process of the version tree management method provided by the embodiment of the present application. As shown in FIG. 9, the method includes the following steps:
S901、背书节点获取待升级链码对应的第一目标版本集。S901. The endorsement node obtains a first target version set corresponding to the chain code to be upgraded.
S901的详细描述可参见S502的相关描述,这里不再赘述。For a detailed description of S901, refer to the related description of S502, which is not repeated here.
S902、背书节点根据第一目标版本集查询版本树。S902. The endorsement node queries the version tree according to the first target version set.
可选的,第一目标版本集还包括链码所属领域或链码所属的版本树分支,用以指示背书节点查询相应的版本树分支。假定背书节点查询的版本树如图8所示,且第一目标版本链码所属的版本树分支为贵金属领域分支。Optionally, the first target version set further includes the domain to which the chain code belongs or the version tree branch to which the chain code belongs, and is used to instruct the endorsing node to query the corresponding version tree branch. Assume that the version tree of the endorsement node query is shown in FIG. 8, and the branch of the version tree to which the first target version chain code belongs is a branch in the precious metal field.
S903、背书节点判断版本树中是否存在第一目标版本的版本集,若版本树中存在第一目标版本的版本集且该第一目标版本的版本集为非法版本集,则执行S904、S905、S906,若版本树中存在第一目标版本的版本集且该第一目标版本的版本集为合法版本集,则执行S906,若版本树中不存在第一目标版本的版本集,则执行S907。S903. The endorsement node determines whether the version set of the first target version exists in the version tree. If the version set of the first target version exists in the version tree and the version set of the first target version is an illegal version set, S904, S905, S906: If the version set of the first target version exists in the version tree and the version set of the first target version is a legal version set, execute S906; if the version set of the first target version does not exist in the version tree, perform S907.
其中,第一目标版本为第一目标版本集的版本。The first target version is a version of the first target version set.
S904、背书节点确定第一目标版本集为非法版本集。S904. The endorsement node determines that the first target version set is an illegal version set.
在一个示例中,假定需升级至版本4.0,即第一目标版本集为4.0版本集,如图8所示,在贵金属领域的版本树分支中,存在一个4.0版本集,且4.0版本集为非法版本集,那么,背书节点可确定第一目标版本集也为非法版本集。In one example, it is assumed that it is necessary to upgrade to version 4.0, that is, the first target version set is the 4.0 version set. As shown in FIG. 8, in the version tree branch of the precious metal field, there is a 4.0 version set, and the 4.0 version set is illegal. Version set, then the endorsement node can determine that the first target version set is also an illegal version set.
S905、背书节点将第一目标版本集更新为第二目标版本集。S905. The endorsement node updates the first target version set to the second target version set.
其中,第二目标版本集为第一目标版本集所属版本树的分支中版本最新的合法版本集。The second target version set is the latest legal version set in the branch of the version tree to which the first target version set belongs.
结合上述举例,第一目标版本4.0为非法版本,则背书节点可将贵金属领域中最新的合法版本3.0版本作为第二目标版本,相应的,3.0版本集作为第二目标版本集。In combination with the above example, the first target version 4.0 is an illegal version, the endorsement node may use the latest legal version 3.0 in the precious metal field as the second target version, and accordingly, the 3.0 version set is used as the second target version set.
S906、背书节点将更新后的目标版本集作为有效版本集。S906. The endorsement node uses the updated target version set as a valid version set.
结合上述S905中的举例,背书节点将状态数据库中贵金属领域的3.0版本集(即第二目标版本集)作为有效版本集,有效版本集用以被客户端调用,从而完成后续的客户端之间的交易。作为一种可能的实现方式,背书节点将状态数据库中贵金属领域的3.0版本集设置为有效,则后续客户端调用贵金属领域的链码时,直接调用该3.0版本的有效版本集。In conjunction with the example in S905, the endorsement node uses the 3.0 version set (that is, the second target version set) of the precious metal field in the state database as the valid version set, and the valid version set is used by the client to complete subsequent client-to-client interactions. Transaction. As a possible implementation manner, the endorsement node sets the 3.0 version set of the precious metal field in the state database to be valid, and when subsequent clients call the chain code in the precious metal field, the 3.0 version version set is directly called.
或者,当用户指定将贵金属领域链码升级至3.0版本时,由于贵金属领域的版本树分支中已存在3.0版本的合法版本集,则背书节点直接将状态数据库中的3.0版本集设置为有效,用以被客户端调用。Or, when the user specifies to upgrade the precious metal domain chain code to version 3.0, since the legal version set of version 3.0 already exists in the version tree branch of the precious metal field, the endorsement node directly sets the version 3.0 set in the state database to be valid. To be called by the client.
S907、背书节点在独立运行环境内根据第一目标版本集对待升级链码进行模拟升 级。S907. The endorsement node simulates the upgrade of the chain code to be upgraded according to the first target version set in an independent operating environment.
在一个示例中,用户指定将贵金属领域链码升级至5.0版本,由于版本树中不存在5.0版本的贵金属领域分支,则背书节点可执行图5所示的模拟升级流程,当确定5.0版本链码不会篡改世界状态后,背书节点将该5.0版本链码作为向客户端提供服务的链码。或者,当确定5.0版本链码会篡改世界状态后,背书节点执行上述S905和S906,将第一目标版本集更新为第二目标版本集,以便重新确定可用的有效版本集,其中,第二目标版本集为第一目标版本集所属版本树分支中版本最新的合法版本集。比如,如图8所示,若第一目标版本集(例如5.0版本集)的第二世界状态与第一世界状态不一致,说明5.0版本链码很可能会篡改区块链系统的世界状态,为了避免该情况发生,背书节点执行S905、S906,重新确定图8所示的贵金属领域中3.0版本集为有效版本集,并采用该3.0版本集为客户端提供服务。In an example, the user specifies that the precious metal domain chain code is upgraded to version 5.0. Since the precious metal domain branch of version 5.0 does not exist in the version tree, the endorsement node can perform the simulated upgrade process shown in FIG. 5. When the 5.0 version chain code is determined After tampering with the state of the world, the endorsing node will use this version 5.0 chaincode as the chaincode for providing services to clients. Alternatively, after determining that the 5.0 version chain code will tamper with the state of the world, the endorsing node executes the above S905 and S906 to update the first target version set to the second target version set, so as to re-determine the available valid version set, where the second target The version set is the latest legal version set in the branch of the version tree to which the first target version set belongs. For example, as shown in Figure 8, if the second world state of the first target version set (such as the 5.0 version set) is inconsistent with the first world state, it means that the version 5.0 chain code is likely to tamper with the world state of the blockchain system. To avoid this situation, the endorsement node executes S905 and S906 to re-determine the 3.0 version set in the precious metal field shown in FIG. 8 as a valid version set, and uses the 3.0 version set to provide services to the client.
基于本申请实施例提供的版本树管理方法,当需回退到某个链码版本时,可根据版本树快速的回退到最新的有效版本集,并且该有效版本集不会篡改世界状态,从而保证客户端之间的交易成功进行。例如,当用户重复上传非法版本集时,背书节点可通过查询版本树获知该非法版本集的历史情况,避免客户端调用该非法版本集对应的链码进行交易,提升交易安全性。并且,由于通过查询版本树已获知版本集是否为非法版本集,因此,无需再对版本集进行身份验证(即来自哪个客户端)、模拟升级等操作,简化了链码升级流程。Based on the version tree management method provided by the embodiment of the present application, when it is necessary to roll back to a certain chain code version, it can quickly roll back to the latest valid version set according to the version tree, and the valid version set will not tamper with the state of the world. So as to ensure the success of transactions between clients. For example, when a user repeatedly uploads an illegal version set, the endorsing node can learn the history of the illegal version set by querying the version tree, preventing the client from calling the chain code corresponding to the illegal version set for transactions, and improving transaction security. In addition, since it is known whether the version set is an illegal version set by querying the version tree, there is no need to perform operations such as identity verification (that is, from which client) and simulation upgrade, which simplifies the chain code upgrade process.
当然,本申请的版本树管理相关的业务场景不局限于图9所示的实施例,在另一些实施例中,区块链系统可能发生故障,用户无法及时对链码进行升级,此时,基于本申请实施例提供的版本树管理方法,背书节点可根据版本树回退至最新版本的有效版本集,从而确保客户端调用最新版本的有效版本集来进行交易。Of course, the business scenario related to the version tree management of this application is not limited to the embodiment shown in FIG. 9. In other embodiments, the blockchain system may fail and users cannot upgrade the chain code in time. At this time, Based on the version tree management method provided by the embodiment of the present application, the endorsement node can roll back to the latest version of the valid version set according to the version tree, thereby ensuring that the client calls the latest version of the valid version set for transactions.
本申请实施例可以根据上述方法示例对上述背书节点进行功能模块或者功能单元的划分,例如,可以对应各个功能划分各个功能模块或者功能单元,也可以将两个或两个以上的功能集成在一个处理模块中。上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块或者功能单元的形式实现。其中,本申请实施例中对模块或者单元的划分是示意性的,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式。In the embodiment of the present application, functional modules or functional units may be divided for the endorsement nodes according to the foregoing method examples. For example, each functional module or functional unit may be divided corresponding to each function, or two or more functions may be integrated into one. Processing module. The above integrated modules may be implemented in the form of hardware, or in the form of software functional modules or functional units. The division of modules or units in the embodiments of the present application is schematic, and is only a logical function division. In actual implementation, there may be another division manner.
图10示出了上述实施例中所涉及的背书节点的一种可能的结构示意图。如图10所示,该背书节点1000包括:存储单元1001、处理单元1002和通信单元1003。FIG. 10 shows a possible structure diagram of an endorsement node involved in the above embodiment. As shown in FIG. 10, the endorsement node 1000 includes a storage unit 1001, a processing unit 1002, and a communication unit 1003.
其中,存储单元1001,例如可存储链码对应的版本树。处理单元1002,用于对背书节点1000的动作进行控制管理,以执行本申请实施例的技术方案步骤。通信单元1003,用于支持背书节点1000与图1所示通信系统中的其他设备通信。例如,支持背书节点1000执行图5中的S501。The storage unit 1001 may store, for example, a version tree corresponding to a chain code. The processing unit 1002 is configured to control and manage the actions of the endorsement node 1000 to execute the technical solution steps in the embodiment of the present application. The communication unit 1003 is configured to support the endorsement node 1000 to communicate with other devices in the communication system shown in FIG. 1. For example, the endorsement node 1000 is supported to execute S501 in FIG. 5.
需要说明的是,存储单元1001可以实现为图2中的背书节点的存储器203。处理单元1002可以实现为图2中背书节点的处理器201或207,通信单元1003可以实现为图2中背书节点的收发器204。It should be noted that the storage unit 1001 may be implemented as the memory 203 of the endorsement node in FIG. 2. The processing unit 1002 may be implemented as the processor 201 or 207 of the endorsement node in FIG. 2, and the communication unit 1003 may be implemented as the transceiver 204 of the endorsement node in FIG. 2.
其中,上述方法实施例涉及的各步骤的所有相关内容均可以援引到图10所示装置中对应功能模块的功能描述,在此不再赘述。Wherein, all relevant content of each step involved in the above method embodiment can be referred to the functional description of the corresponding functional module in the apparatus shown in FIG. 10, which is not repeated here.
由于本申请实施例提供的背书节点可执行上述的资源配置方法,因此其所能获得的技术效果可参考上述方法实施例,在此不再赘述。Since the endorsement node provided in the embodiment of the present application can perform the foregoing resource allocation method, the technical effects that can be obtained can refer to the foregoing method embodiment, and details are not described herein again.
本申请实施例还提供一种计算机可读存储介质,计算机可读存储介质中存储有指令,当背书节点执行该指令时,该背书节点执行上述方法实施例所示的方法流程中背书节点执行的各个步骤。An embodiment of the present application further provides a computer-readable storage medium. The computer-readable storage medium has instructions stored therein. When the endorsement node executes the instruction, the endorsement node executes the execution by the endorsement node in the method flow shown in the foregoing method embodiment. Each step.
其中,计算机可读存储介质,例如可以是但不限于电、磁、光、电磁、红外线、或半导体的系统、装置或器件,或者任意以上的组合。计算机可读存储介质的更具体的例子(非穷举的列表)包括:具有一个或多个导线的电连接、便携式计算机磁盘、硬盘、随机存取存储器(Random Access Memory,RAM)、只读存储器(Read-Only Memory,ROM)、可擦式可编程只读存储器(Erasable Programmable Read Only Memory,EPROM)、寄存器、硬盘、光纤、便携式紧凑磁盘只读存储器(Compact Disc Read-Only Memory,CD-ROM)、光存储器件、磁存储器件、或者上述的任意合适的组合、或者本领域熟知的任何其它形式的计算机可读存储介质。一种示例性的存储介质耦合至处理器,从而使处理器能够从该存储介质读取信息,且可向该存储介质写入信息。当然,存储介质也可以是处理器的组成部分。处理器和存储介质可以位于特定用途集成电路(Application Specific Integrated Circuit,ASIC)中。在本申请实施例中,计算机可读存储介质可以是任何包含或存储程序的有形介质,该程序可以被指令执行系统、装置或者器件使用或者与其结合使用。The computer-readable storage medium may be, for example, but is not limited to, an electric, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples (non-exhaustive list) of computer-readable storage media include: electrical connections with one or more wires, portable computer disks, hard disks, random access memory (RAM), read-only memory (Read-Only Memory (ROM)), Erasable Programmable Read Only Memory (EPROM), registers, hard disk, optical fiber, portable compact disk read-only memory (Compact Disc Read-Only Memory, CD-ROM ), An optical storage device, a magnetic storage device, or any suitable combination of the foregoing, or any other form of computer-readable storage medium known in the art. An exemplary storage medium is coupled to the processor such that the processor can read information from, and write information to, the storage medium. Of course, the storage medium may also be an integral part of the processor. The processor and the storage medium may be located in an Application Specific Integrated Circuit (ASIC). In the embodiments of the present application, the computer-readable storage medium may be any tangible medium containing or storing a program, and the program may be used by or in combination with an instruction execution system, apparatus, or device.
可选的,本申请实施例还提供了一种芯片系统,应用于背书节点,该芯片系统包括处理器,用于支持背书节点实现上述各实施例中的方法,例如在容器内对待升级链码进行模拟升级。在一种可能的设计中,该芯片系统还包括存储器。该存储器,用于保存背书节点必要的程序指令和数据。当然,存储器也可以不在芯片系统中。该芯片系统,可以由芯片构成,也可以包含芯片和其他分立器件,本申请实施例对此不作具体限定。Optionally, the embodiment of the present application further provides a chip system, which is applied to an endorsement node. The chip system includes a processor for supporting the endorsement node to implement the methods in the foregoing embodiments, for example, a chain code to be upgraded in a container. Perform a simulated upgrade. In a possible design, the chip system further includes a memory. This memory is used to store the necessary program instructions and data of the endorsement node. Of course, the memory may not be in the chip system. The chip system may be composed of a chip, and may also include a chip and other discrete devices, which are not specifically limited in the embodiments of the present application.
以上所述,仅为本申请的具体实施方式,但本申请的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本申请揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本申请的保护范围之内。因此,本申请的保护范围应以所述权利要求的保护范围为准。The above is only a specific implementation of this application, but the scope of protection of this application is not limited to this. Any person skilled in the art can easily think of changes or replacements within the technical scope disclosed in this application. It should be covered by the protection scope of this application. Therefore, the protection scope of this application shall be subject to the protection scope of the claims.

Claims (14)

  1. 一种链码升级方法,其特征在于,包括:A method for upgrading a chain code, comprising:
    背书节点Endorse获取待升级链码Chaincode对应的第一目标版本集,所述第一目标版本集包括第一目标版本的升级包、所述升级包的相关配置;The endorser node Endorse obtains a first target version set corresponding to the chaincode Chaincode to be upgraded, where the first target version set includes an upgrade package of the first target version and related configurations of the upgrade package;
    所述背书节点在独立的运行环境中根据所述第一目标版本集对所述待升级链码进行模拟升级,所述独立的运行环境不影响自身之外的运行环境;The endorsement node simulates and upgrades the chain code to be upgraded according to the first target version set in an independent operating environment, and the independent operating environment does not affect the operating environment other than itself;
    若所述第一目标版本集的第二世界状态World State与第一世界状态一致,则所述背书节点在所述独立的运行环境外对所述待升级链码进行升级,所述第一世界状态为所述待升级链码模拟升级前的世界状态;所述第二世界状态为所述待升级链码在模拟升级后的世界状态。If the second world state WorldState of the first target version set is consistent with the first world state, the endorsement node upgrades the chain code to be upgraded outside the independent operating environment, and the first world The state is the world state before the upgrade of the chain code to be simulated; the second world state is the world state after the upgrade of the chain code to be simulated.
  2. 根据权利要求1所述的链码升级方法,其特征在于,在所述背书节点获取待升级链码对应的目标版本集之后,所述链码升级方法还包括:The method for upgrading a chain code according to claim 1, wherein after the endorsement node obtains a target version set corresponding to the chain code to be upgraded, the method for upgrading a chain code further comprises:
    若所述第一目标版本集的第二世界状态与所述第一世界状态不一致,则所述背书节点将所述第一目标版本集更新为第二目标版本集,所述第二目标版本集为所述第一目标版本集所属版本树的分支中版本最新的合法版本集,所述合法版本集的第二世界状态与第一世界状态一致。If the second world state of the first target version set is inconsistent with the first world state, the endorsement node updates the first target version set to a second target version set, and the second target version set Is the latest legal version set in the branch of the version tree to which the first target version set belongs, and the second world state of the legal version set is consistent with the first world state.
  3. 根据权利要求2所述的链码升级方法,其特征在于,当所述第一目标版本集所属版本树的分支中存在第一目标版本的版本集,且所述第一目标版本的版本集的第二世界状态与第一世界状态不一致时,所述第一目标版本集的第二世界状态与第一世界状态不一致,其中,所述第一目标版本为所述第一目标版本集对应的版本。The method for upgrading a chain code according to claim 2, characterized in that when a version set of the first target version exists in a branch of a version tree to which the first target version set belongs, and the version set of the first target version is When the second world state is inconsistent with the first world state, the second world state of the first target version set is inconsistent with the first world state, wherein the first target version is a version corresponding to the first target version set .
  4. 根据权利要求2或3所述的链码升级方法,其特征在于,所述版本树包括根节点和子节点,所述子节点包括第一子节点和第二子节点,所述第一子节点为所述根节点的第一级子节点,所述第二子节点为除所述第一级子节点外的其他级子节点,每一第一子节点为一个领域链码的版本根节点,所述版本根节点下连接所述领域链码的第二子节点,所述领域链码的第一子节点和所述领域链码的第二子节点构成所述领域链码的版本树分支;每一子节点对应一个版本集,所述版本集包括版本的升级包和版本升级包的相关配置,不同领域链码具有不同的链码标识。The method for upgrading a chain code according to claim 2 or 3, wherein the version tree includes a root node and a child node, the child node includes a first child node and a second child node, and the first child node is The first-level child node of the root node, the second child node is a child node other than the first-level child node, and each first child node is a version root node of a domain chain code, so The version root node is connected to the second child node of the domain chain code, and the first child node of the domain chain code and the second child node of the domain chain code form a version tree branch of the domain chain code; each A child node corresponds to a version set, and the version set includes a version upgrade package and a related configuration of the version upgrade package, and chain codes in different fields have different chain code identifiers.
  5. 根据权利要求4所述的链码升级方法,其特征在于,所述第一目标版本集连接在所属版本树分支中最新版本的版本集后。The method for upgrading a chain code according to claim 4, wherein the first target version set is connected after a version set of a latest version in a branch of a corresponding version tree.
  6. 根据权利要求1至5任意一项所述的链码升级方法,其特征在于,在所述背书节点获取待升级链码对应的第一目标版本集之后,所述链码升级方法还包括:The method for upgrading a chain code according to any one of claims 1 to 5, wherein after the endorsement node obtains a first target version set corresponding to the chain code to be upgraded, the method for upgrading a chain code further comprises:
    若所述第一目标版本集的第二世界状态与第一世界状态一致,则所述背书节点将所述第一目标版本集存储至状态数据库;If the second world state of the first target version set is consistent with the first world state, the endorsement node stores the first target version set to a state database;
    或者,若所述第一目标版本集的第二世界状态与第一世界状态不一致,则所述背书节点将第二目标版本集存储至状态数据库。Alternatively, if the second world state of the first target version set is inconsistent with the first world state, the endorsement node stores the second target version set to a state database.
  7. 一种链码升级装置,其特征在于,所述链码升级装置设置有处理器、存储器;A chain code upgrading device, characterized in that the chain code upgrading device is provided with a processor and a memory;
    所述存储器,用于存储包括程序指令的信息;The memory is configured to store information including program instructions;
    处理器,用于获取待升级链码Chaincode对应的第一目标版本集,所述第一目标版本集包括第一目标版本的升级包、所述升级包的相关配置;在独立的运行环境中根 据所述第一目标版本集对所述待升级链码进行模拟升级,所述独立的运行环境不影响自身之外的运行环境;若所述第一目标版本集的第二世界状态World State与第一世界状态一致,则在所述独立的运行环境外对所述待升级链码进行升级,所述第一世界状态为所述待升级链码模拟升级前的世界状态;所述第二世界状态为所述待升级链码模拟升级后的世界状态。A processor, configured to obtain a first target version set corresponding to the chaincode Chaincode to be upgraded, where the first target version set includes an upgrade package of the first target version and related configurations of the upgrade package; in an independent operating environment, according to The first target version set simulates and upgrades the chain code to be upgraded, and the independent operating environment does not affect the operating environment other than itself; if the second world state WorldState and the first If a world state is consistent, the chain code to be upgraded is upgraded outside the independent operating environment, and the first world state is the world state before the chain code to be upgraded is simulated; the second world state Simulate the upgraded world state for the chain code to be upgraded.
  8. 根据权利要求7所述的链码升级装置,其特征在于,The apparatus for upgrading a chain code according to claim 7, wherein:
    所述处理器,还用于若所述第一目标版本集的第二世界状态与所述第一世界状态不一致,则将所述第一目标版本集更新为第二目标版本集,所述第二目标版本集为所述第一目标版本集所属版本树的分支中版本最新的合法版本集,所述合法版本集的第二世界状态与第一世界状态一致。The processor is further configured to update the first target version set to a second target version set if the second world state of the first target version set is inconsistent with the first world state, and the first The second target version set is the latest legal version set in the branch of the version tree to which the first target version set belongs, and the second world state of the legal version set is consistent with the first world state.
  9. 根据权利要求8所述的链码升级装置,其特征在于,当所述第一目标版本集所属版本树的分支中存在第一目标版本的版本集,且所述第一目标版本的版本集的第二世界状态与第一世界状态不一致时,所述第一目标版本集的第二世界状态与第一世界状态不一致,其中,所述第一目标版本为所述第一目标版本集对应的版本。The device for upgrading a chain code according to claim 8, wherein, when a version set of the first target version exists in a branch of a version tree to which the first target version set belongs, and the version set of the first target version is When the second world state is inconsistent with the first world state, the second world state of the first target version set is inconsistent with the first world state, wherein the first target version is a version corresponding to the first target version set .
  10. 根据权利要求8或9所述的链码升级装置,其特征在于,所述版本树包括根节点和子节点,所述子节点包括第一子节点和第二子节点,所述第一子节点为所述根节点的第一级子节点,所述第二子节点为除所述第一级子节点外的其他级子节点,每一第一子节点为一个领域链码的版本根节点,所述版本根节点下连接所述领域链码的第二子节点,所述领域链码的第一子节点和所述领域链码的第二子节点构成所述领域链码的版本树分支;每一子节点对应一个版本集,所述版本集包括版本的升级包和版本升级包的相关配置,不同领域链码具有不同的链码标识。The device according to claim 8 or 9, wherein the version tree includes a root node and a child node, the child node includes a first child node and a second child node, and the first child node is The first-level child node of the root node, the second child node is a child node other than the first-level child node, and each first child node is a version root node of a domain chain code, so The version root node is connected to the second child node of the domain chain code, and the first child node of the domain chain code and the second child node of the domain chain code form a version tree branch of the domain chain code; each A child node corresponds to a version set, and the version set includes a version upgrade package and a related configuration of the version upgrade package, and chain codes in different fields have different chain code identifiers.
  11. 根据权利要求10所述的链码升级装置,其特征在于,所述第一目标版本集连接在所属版本树分支中最新版本的版本集后。The device for upgrading a chain code according to claim 10, wherein the first target version set is connected after a version set of a latest version in a branch of a corresponding version tree.
  12. 根据权利要求7至11任意一项所述的链码升级装置,其特征在于,The chain code upgrading device according to any one of claims 7 to 11, characterized in that:
    所述处理器,还用于若所述第一目标版本集的第二世界状态与第一世界状态一致,则将所述第一目标版本集存储至状态数据库;或者,若所述第一目标版本集的第二世界状态与第一世界状态不一致,则将第二目标版本集存储至状态数据库。The processor is further configured to store the first target version set in a state database if the second world state of the first target version set is consistent with the first world state; or, if the first target If the second world state of the version set is inconsistent with the first world state, the second target version set is stored in the state database.
  13. 一种可读存储介质,其特征在于,包括程序或指令,当所述程序或指令被执行时,如权利要求1至6中任一项所述的链码升级方法被实现。A readable storage medium, comprising a program or an instruction, and when the program or the instruction is executed, the method for upgrading a chain code according to any one of claims 1 to 6 is implemented.
  14. 一种电路系统,其特征在于,所述电路系统包括处理电路,所述处理电路配置为执行如权利要求1至6任意一项所述的链码升级方法。A circuit system, characterized in that the circuit system includes a processing circuit configured to execute the chain code upgrading method according to any one of claims 1 to 6.
PCT/CN2019/090206 2018-06-07 2019-06-05 Chain code upgrading method and device WO2019233454A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810591924.1 2018-06-07
CN201810591924.1A CN110580624B (en) 2018-06-07 2018-06-07 Chain code upgrading method and device

Publications (1)

Publication Number Publication Date
WO2019233454A1 true WO2019233454A1 (en) 2019-12-12

Family

ID=68770083

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/090206 WO2019233454A1 (en) 2018-06-07 2019-06-05 Chain code upgrading method and device

Country Status (2)

Country Link
CN (1) CN110580624B (en)
WO (1) WO2019233454A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024002468A1 (en) * 2022-06-28 2024-01-04 Huawei Cloud Computing Technologies Co., Ltd. Automated smart contract hot updates

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111221568B (en) * 2020-01-10 2023-05-26 杭州趣链科技有限公司 Fabric chain code life cycle management system based on physical machine deployment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106709704A (en) * 2016-11-23 2017-05-24 杭州秘猿科技有限公司 Intelligent contract upgrading method based on permission chain
CN106919419A (en) * 2017-02-03 2017-07-04 中钞信用卡产业发展有限公司北京智能卡技术研究院 The update method and device of the intelligent contract program on block chain
WO2018018992A1 (en) * 2016-07-25 2018-02-01 中兴通讯股份有限公司 Application blockchain method, apparatus and system
CN107832139A (en) * 2017-09-26 2018-03-23 上海点融信息科技有限责任公司 For the method, apparatus and system for the computing resource for managing block chain link point
CN107943580A (en) * 2017-11-13 2018-04-20 上海点融信息科技有限责任公司 For managing the method and equipment of user's intelligence contract at block chain link point

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180123779A1 (en) * 2016-11-01 2018-05-03 Jiangang Zhang Flexible Blockchain Smart-Contract Deployment
US11176519B2 (en) * 2016-11-11 2021-11-16 International Business Machines Corporation Smart contract admission check and fault tolerance in a blockchain
CN106775619B (en) * 2016-11-12 2020-05-12 杭州复杂美科技有限公司 Flexible blockchain architecture system
CN106778329B (en) * 2016-11-28 2020-12-04 中国银行股份有限公司 Block chain intelligent contract template dynamic updating method, device and system
TWI614713B (en) * 2017-01-23 2018-02-11 現代財富控股有限公司 Smart contract version control system and method thereof based on blockchain
CN107562513B (en) * 2017-07-18 2020-08-07 杭州趣链科技有限公司 Intelligent contract life cycle management method based on JAVA
CN107464148A (en) * 2017-08-23 2017-12-12 众安信息技术服务有限公司 A kind of intelligent contract upgrade method and system based on alliance's chain

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018018992A1 (en) * 2016-07-25 2018-02-01 中兴通讯股份有限公司 Application blockchain method, apparatus and system
CN106709704A (en) * 2016-11-23 2017-05-24 杭州秘猿科技有限公司 Intelligent contract upgrading method based on permission chain
CN106919419A (en) * 2017-02-03 2017-07-04 中钞信用卡产业发展有限公司北京智能卡技术研究院 The update method and device of the intelligent contract program on block chain
CN107832139A (en) * 2017-09-26 2018-03-23 上海点融信息科技有限责任公司 For the method, apparatus and system for the computing resource for managing block chain link point
CN107943580A (en) * 2017-11-13 2018-04-20 上海点融信息科技有限责任公司 For managing the method and equipment of user's intelligence contract at block chain link point

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024002468A1 (en) * 2022-06-28 2024-01-04 Huawei Cloud Computing Technologies Co., Ltd. Automated smart contract hot updates

Also Published As

Publication number Publication date
CN110580624B (en) 2022-02-18
CN110580624A (en) 2019-12-17

Similar Documents

Publication Publication Date Title
CN109981679B (en) Method and apparatus for performing transactions in a blockchain network
TWI737944B (en) Block chain-based transaction execution method and device, and electronic equipment
WO2020233048A1 (en) Customized software generation method and system, and electronic device and storage medium
US20190188706A1 (en) Transference tracking
CN110874739B (en) Distributed computing and storage network implementing high integrity, high bandwidth, low latency, secure processing
EP3605946B1 (en) Distributed ledger-based enterprise resource planning system
JP7228322B2 (en) Auto-commit transaction management in blockchain networks
TW201828220A (en) Service processing method and apparatus
CN113056760A (en) Advanced intelligent contracts with decentralized ledgers in a multi-tenant environment
US9912759B2 (en) Dynamically generating solution stacks
US10620928B2 (en) Global cloud applications management
WO2021031472A1 (en) Intelligent contract processing method and device, computer device and storage medium
US20160260157A1 (en) Rapid service orchestration and management
US11070563B2 (en) Trace-based transaction validation and commitment
CN110959165A (en) Techniques for automatically verifying functionality of offers in a cloud service broker system
WO2023207146A1 (en) Service simulation method and apparatus for esop system, and device and storage medium
US10656939B2 (en) Modeling lifetime of hybrid software application using application manifest
CN113505520A (en) Method, device and system for supporting heterogeneous federated learning
CN111311407A (en) Data processing method and device based on block chain system and electronic equipment
WO2019233454A1 (en) Chain code upgrading method and device
CN109711840A (en) A kind of transaction data processing method, device and storage medium
WO2022241945A1 (en) Data processing method and device, and computer-readable storage medium
US11716380B2 (en) Secure self-contained mechanism for managing interactions between distributed computing components
US11868911B1 (en) Distributed ledger based machine-learning model management
WO2021114075A1 (en) Credit score processing method, system and apparatus based on blockchain, and medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19815615

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19815615

Country of ref document: EP

Kind code of ref document: A1