WO2021184885A1 - Method and device for use in updating public key set at blockchain node - Google Patents

Method and device for use in updating public key set at blockchain node Download PDF

Info

Publication number
WO2021184885A1
WO2021184885A1 PCT/CN2020/139905 CN2020139905W WO2021184885A1 WO 2021184885 A1 WO2021184885 A1 WO 2021184885A1 CN 2020139905 W CN2020139905 W CN 2020139905W WO 2021184885 A1 WO2021184885 A1 WO 2021184885A1
Authority
WO
WIPO (PCT)
Prior art keywords
transaction
node
public key
node change
block
Prior art date
Application number
PCT/CN2020/139905
Other languages
French (fr)
Chinese (zh)
Inventor
林鹏
Original Assignee
支付宝(杭州)信息技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 支付宝(杭州)信息技术有限公司 filed Critical 支付宝(杭州)信息技术有限公司
Publication of WO2021184885A1 publication Critical patent/WO2021184885A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3827Use of message hashing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying

Definitions

  • the embodiments of this specification relate to blockchain technology, and in particular, to a method and device for updating a public key set at a blockchain node.
  • the public key set of all blockchain nodes in the blockchain system may be maintained at each blockchain node.
  • blockchain node changes will occur, for example, a new blockchain node joins the blockchain system or a joined blockchain node exits the blockchain system.
  • a trusted way is needed to update the public key set in the blockchain system.
  • the embodiments of this specification provide a method and device for updating the public key set at a blockchain node.
  • a method for updating a public key set at a blockchain node includes the public key set of all blockchain nodes participating in consensus in the blockchain network.
  • the method includes: for at least one newly added block, based on the receipt index information and the node change transaction identifier in the block header of the block, determining whether the node change transaction identifier exists in the block
  • the indicated node change type transaction, the node change type transaction uses the smart contract used to perform the blockchain node change operation as the transaction object
  • the receipt index information includes a transaction type identification field
  • the transaction type identification field indicates the area
  • the transaction type of each transaction in the block when there is a node change transaction in the block, obtain the block body information of the block; obtain the receipt information of the node change transaction from the block body information,
  • the receipt information includes a public key field, and the public key field is used to store the public key of the changed blockchain node indicated by the node change transaction; the changed public key field is obtained from the public key field of the
  • the block body information may include a transaction tree and a receipt tree
  • obtaining the receipt information of the node change transaction from the block body information may include: based on the node change type Transaction identifier, which determines the address of the designated initiator designated to initiate the node change transaction and the smart contract address corresponding to the node change transaction; based on the transaction tree information in the block body information and the designated initiator address And the smart contract address, determining the node change transaction and the first position of the node change transaction in the transaction tree from the transaction tree; and obtaining and determined from the receipt tree The receipt information at the second location corresponding to the first location of.
  • the receipt information of may further include: verifying the node change transaction based on the transaction object address included in the node change transaction and the smart contract address of the smart contract.
  • Obtaining the receipt information at the second position corresponding to the determined first position in the receipt tree includes: when the node change transaction verification is passed, obtaining the receipt information corresponding to the determined first position in the receipt tree The receipt information at the second location.
  • verifying the node change transaction may include: Based on the transaction initiator address, the transaction object address, the designated initiator address and the smart contract address of the node change transaction determined from the transaction tree, the node change transaction found is verified.
  • the node change transaction identifier indicates that the node adds a new transaction
  • using the obtained public key to update the public key set may include: adding the public key to the public key In the set, or the node change transaction identifier instructs the node to delete the transaction, using the obtained public key to update the public key set includes: deleting the public key from the public key set.
  • the blockchain system may be a consortium chain system.
  • the smart contract may be deployed in the genesis block.
  • a device for updating a set of public keys in a consortium chain where the set of public keys includes the public keys of all blockchain nodes participating in the consensus in the blockchain network, so
  • the device includes: a node change transaction determining unit, for at least one newly added block, based on the receipt index information in the block header of the block and the node change transaction identifier, determine whether the node change type exists in the block A node change type transaction indicated by a transaction identifier, the node change type transaction uses a smart contract for performing a blockchain node change operation as a transaction object, the receipt index information includes a transaction type identification field, and the transaction type identification field Indicate the transaction type of each transaction in the block; the block body information obtaining unit, when there is a node change transaction in the block, obtain the block body information of the block; the receipt information obtaining unit, from the block Obtain the receipt information of the node change transaction in the block information, the receipt information includes a public key field, and the public key
  • the block body information may include a transaction tree and a receipt tree
  • the receipt information acquisition unit may include: a designated transaction information determining module, which determines that the designated transaction information is designated based on the node change transaction identifier The address of the designated initiator that initiates the node change transaction and the smart contract address corresponding to the node change transaction; the first location determination module is based on the transaction tree information in the block body information and the address of the designated initiator And the smart contract address, which determines the node change type transaction and the first position of the node change type transaction in the transaction tree from the transaction tree; and a receipt information acquisition module from the receipt tree To obtain the receipt information at the second location corresponding to the determined first location.
  • the receipt information obtaining unit may include: a node change transaction verification module, before obtaining the receipt information at the second position corresponding to the determined first position in the receipt tree , Verifying the node change transaction based on the transaction object address contained in the node change transaction and the smart contract address of the smart contract, and the receipt information acquisition module when the node change transaction is verified To obtain the receipt information at the second location corresponding to the determined first location in the receipt tree.
  • the node change transaction verification module may be based on the transaction initiator address, the transaction object address, the designated initiator address, and the node change transaction determined from the transaction tree.
  • the smart contract address verifies the node change transaction found.
  • the node change transaction identifier may indicate that the node adds a new transaction, and the public key set update unit may add the public key to the public key set, or the node The change transaction identifier may instruct the node to delete the transaction, and the public key set update unit may delete the public key from the public key set.
  • a computing device including: at least one processor; and a memory, the memory stores instructions, and when the instructions are executed by the at least one processor, the At least one processor executes the method as described above.
  • a non-transitory machine-readable storage medium which stores executable instructions, which when executed cause the machine to execute the method as described above.
  • the block body is obtained when it is determined that there is a node change transaction indicated by the node change transaction identifier in the corresponding block based on the receipt index information in the block header and the node change transaction identifier.
  • Information and then obtain the public key of the blockchain node corresponding to the node change exchange based on the obtained block body information, and then use the obtained public key to update the public key set, which can not only provide a trusted block
  • the chain public key set update method and because the block body information acquisition and public key acquisition process are executed after determining that there is a node change transaction, it can reduce the burden on each blockchain node.
  • FIG. 1 shows a schematic diagram of an example of an environment that can be used to execute a method for updating a public key set at a blockchain node according to an embodiment of the present specification
  • FIG. 2 shows a schematic diagram of an example of a system architecture that executes the method for updating a public key set at a blockchain node according to an embodiment of the present specification
  • FIG. 3 shows a schematic diagram of an example of a blockchain system to which the method for updating a public key set at a blockchain node according to an embodiment of the present specification is applicable;
  • Fig. 4 is a flowchart of a method for updating a public key set at a blockchain node according to an embodiment of the present specification
  • FIG. 5 is a flowchart of an example of the receipt information acquisition process in the method for updating the public key set at the blockchain node according to an embodiment of the present specification
  • FIG. 6 is a flowchart of another example of the receipt information acquisition process in the method for updating a public key set at a blockchain node according to an embodiment of the present specification
  • Fig. 7 is a structural block diagram of an apparatus for updating a public key set at a blockchain node according to an embodiment of the present specification
  • FIG. 8 is a structural block diagram of the receipt information obtaining unit in the device for updating the public key set at the blockchain node shown in FIG. 7;
  • Fig. 9 is a structural block diagram of a computing device for implementing a method for updating a public key set at a blockchain node according to an embodiment of the present specification.
  • the term “including” and its variations mean open terms, meaning “including but not limited to”.
  • the term “based on” means “based at least in part on.”
  • the terms “one embodiment” and “an embodiment” mean “at least one embodiment.”
  • the term “another embodiment” means “at least one other embodiment.”
  • the terms “first”, “second”, etc. may refer to different or the same objects. Other definitions can be included below, whether explicit or implicit. Unless clearly indicated in the context, the definition of a term is consistent throughout the specification.
  • connection refers to direct mechanical connection, communication or electrical connection between two components, or indirect mechanical connection, communication or electrical connection through intermediate components.
  • electrically connected refers to the possibility of electrical communication between two components for data/information exchange.
  • the electrical connection may refer to a direct electrical connection between two components, or an indirect electrical connection through an intermediate component.
  • the electrical connection can be implemented in a wired manner or a wireless manner.
  • Blockchain is a chain data structure that connects and combines data blocks sequentially in chronological order, and cryptographically ensures that the data blocks cannot be tampered with or forged.
  • the blockchain includes one or more blocks. Each block in the blockchain is linked to the previous block by including the encrypted hash of the immediately preceding block in the blockchain. Each block also includes a timestamp, a cryptographic hash of the block, and one or more transactions.
  • the transaction that has been verified by the blockchain node is hashed and a Merkle tree is formed. In the Merkle tree, the data at the leaf nodes is hashed, and for each branch of the Merkle tree, all the hash values of the branch are concatenated at the root of the branch.
  • the above processing is performed on the Merkle tree until the root node of the entire Merkle tree.
  • the root node of the Merkle tree stores hash values representing all data in the Merkle tree.
  • Blockchain is a data structure used to store transactions.
  • the blockchain network is a network of computing nodes used to manage, update and maintain one or more blockchain structures.
  • the blockchain network can include a public blockchain network, a private blockchain network, or a consortium blockchain network.
  • the consensus process is controlled by the nodes of the consensus network.
  • the public blockchain network can be considered as a public network of participating entities.
  • most entities nodes must sign each block in sequence, and add the signed block to the blockchain of the blockchain network.
  • Examples of public blockchain networks may include specific peer-to-peer payment networks.
  • blockchain does not specifically refer to any particular blockchain.
  • the public blockchain network supports public transactions. Public transactions are shared among all nodes in the public blockchain network and stored in the global blockchain.
  • a global blockchain refers to a blockchain that is replicated across all nodes.
  • consensus protocols include but are not limited to: proof-of-work (POW), proof-of-stake (POS), and proof-of-authority (POA).
  • POW is used as a non-limiting example.
  • Private blockchain networks are provided for specific entities.
  • the read and write permissions of each node in the private blockchain network are strictly controlled. Therefore, a private blockchain network is usually also called a permissioned network, which restricts who is allowed to participate in the network and the level of network participation (for example, only in certain transaction situations).
  • a private blockchain network various types of access control mechanisms can be used (for example, existing participants vote to add new entities, regulatory agencies control permissions, etc.).
  • the alliance blockchain network is private among participating entities.
  • the consensus process is controlled by authorized nodes.
  • a consortium composed of several (for example, 10) entities (for example, financial institutions, insurance companies) can operate a consortium blockchain network, and each entity operates at least one node in the consortium blockchain network. Therefore, the consortium blockchain network can be considered as a private network of participating entities.
  • each participating entity node
  • each block may be signed by a subset of participating entities (nodes) (for example, at least 7 entities), and the block may be added to the blockchain.
  • Blockchain is a tamper-proof shared digital ledger that records transactions in a public or private peer-to-peer network.
  • the ledger is distributed to all member nodes in the network, and the history of asset transactions that occurred in the network is permanently recorded in the block.
  • the consensus mechanism ensures that all network nodes in the distributed blockchain network execute transactions in the same order and then write to the same ledger.
  • FIG. 1 shows a schematic diagram of an example of an environment 100 that can be used to execute a method for updating a public key set at a blockchain node according to an embodiment of the present specification.
  • the environment 100 enables entities to participate in the blockchain network 102.
  • the environment 100 includes a network 104, and computing devices/systems 106, 108.
  • the network 104 may include a local area network (LAN), a wide area network (WAN), the Internet, or a combination thereof, and connect a website, a user device (eg, a computing device), and a back-end system.
  • the network 104 may be accessed through a wired and/or wireless communication link.
  • the computing devices/systems 106 and 108 communicate with each other through the network 104, and communicate with the blockchain network 102 through the network 104, and the nodes (or node devices) in the blockchain network 102 pass through The network 104 communicates.
  • the network 104 represents one or more communication networks.
  • the computing devices/systems 106, 108 may be nodes of a cloud computing system (not shown), or each computing device/system 106, 108 may be a separate cloud computing system, including interconnection through the network 104 Multiple computers and used as a distributed processing system.
  • each of the computing devices/systems 106, 108 may include any suitable computing system capable of participating as a node in the blockchain network 102.
  • Examples of computing devices/systems include, but are not limited to, servers, desktop computers, laptops, tablet devices, smart phones, etc.
  • one or more computer-implemented services for interacting with the blockchain network 102 may be installed on the computing device/system 106, 108.
  • the computing device/system 106 may be installed with the services of the first entity (for example, user A), for example, the first entity is used to manage transactions with one or more other entities (for example, other users). Management system.
  • the computing device/system 108 may be installed with services of a second entity (for example, user B), for example, a transaction management system used by the second entity to manage transactions with one or more other entities (for example, other users) .
  • a second entity for example, user B
  • a transaction management system used by the second entity to manage transactions with one or more other entities (for example, other users) .
  • the blockchain network 102 is represented as a peer-to-peer network of nodes, and the computing devices/systems 106, 108 serve as the nodes of the first entity and the second entity participating in the blockchain network 102, respectively.
  • FIG. 2 shows a schematic diagram of an example of a system architecture 200 that executes the method for updating a public key set at a blockchain node according to an embodiment of the present specification.
  • An example of the system architecture 200 includes the participant systems 202, 204, and 206 corresponding to the participant A, the participant B, and the participant C, respectively.
  • Each participant eg, user, enterprise
  • the blockchain network 212 includes a plurality of nodes 214, wherein at least some of the nodes 214 record information in the blockchain 216, and the recorded information cannot be changed.
  • a single blockchain 216 is schematically shown within the blockchain network 212, multiple copies of the blockchain 216 may be provided, and multiple copies are maintained in the blockchain network 212, as described in detail later of.
  • each participant system 202, 204, 206 is provided by participant A, participant B, and participant C, or provided as participant A, participant B, and participant C, respectively, And it serves as the corresponding node 214 in the blockchain network 212.
  • a node generally refers to a single system (eg, computer, server) connected to the blockchain network 212 and enables corresponding participants to participate in the blockchain network.
  • the participant corresponds to each node 214.
  • one participant can operate multiple nodes 214 within the blockchain network 212, and/or multiple participants can share a single node 214.
  • the participant systems 202, 204, 206 use protocols (e.g., Hypertext Transfer Protocol Security (HTTPS)) and/or use remote procedure calls (RPC) to communicate with the blockchain network 212, or through the blockchain
  • HTTPS Hypertext Transfer Protocol Security
  • RPC remote procedure calls
  • the degree of participation of the node 214 in the blockchain network 212 may vary. For example, some nodes 214 may participate in the consensus process (eg, as miner nodes that add blocks to the blockchain 216), while other nodes 214 do not participate in the consensus process. As another example, some nodes 214 store a complete copy of the blockchain 216, while other nodes 214 only store a partial copy of the blockchain 216. In the example of Figure 2, the participant systems 202, 204, 206 each store a complete copy of the blockchain 216 216', 216", 216"'.
  • a blockchain (for example, the blockchain 216 in FIG. 2) is composed of a series of blocks, and each block stores data.
  • Examples of data may include transaction data representing transactions between two or more participants.
  • transactions are used as a non-limiting example, and it is expected that any appropriate data can be stored in the blockchain (for example, documents, images, videos, audios).
  • Examples of transactions may include, but are not limited to, the exchange of valuable things (for example, assets, products, services, currency, etc.).
  • Transaction data is stored immutably in the blockchain.
  • hash Before storing in the block, hash the transaction data. Hashing is the process of converting transaction data (provided as string data) into a fixed-length hash value (also provided as string data). After the transaction data is hashed, even a slight change in the transaction data will result in a completely different hash value.
  • the hash value is usually generated by hashing transaction data using a hash function. Examples of hash functions include, but are not limited to, Secure Hash Algorithm (SHA)-256, which outputs a 256-bit hash value.
  • SHA Secure Hash Algorithm
  • the transaction data of multiple transactions can be stored in the block after being hashed. For example, two transaction data are hashed to obtain two hash values, and then the two obtained hash values are hashed again to obtain another hash value. This process is repeated until a single hash value is obtained for all transactions to be stored in the block.
  • This hash value is called the Merkle root hash and is stored at the head of the block. Any change in the transaction will cause its hash value to change, and eventually the Merkle root hash value will change.
  • the block is added to the blockchain through a consensus protocol.
  • Multiple nodes in the blockchain network participate in the consensus protocol and add blocks to the blockchain after competition.
  • Such nodes are called miner nodes (or accounting nodes).
  • the POW introduced above serves as a non-limiting example.
  • Miner nodes perform a consensus process to add transactions (corresponding blocks) to the blockchain. Although multiple miner nodes participate in the consensus process, only one miner node can write a block to the blockchain. In other words, miner nodes compete in the consensus process to add their blocks to the blockchain. In more detail, the miner node periodically collects pending transactions from the transaction pool (for example, until a predetermined limit on the number of transactions that can be included in the block is reached, if any). The transaction pool includes transaction messages from participants in the blockchain network. Miner nodes create blocks and add transactions to the blocks. Before adding the transaction to the block, the miner node checks whether there is a transaction in the block of the blockchain among the transactions to be added. If the transaction has been added to another block, the transaction will be discarded.
  • the miner node generates a block header, hashes all transactions in the block, and combines the hash values in pairs to generate further hash values until a single hash value (Merkle root) is obtained for all transactions in the block. Hash). Then, add the Merkle root hash to the block header.
  • the miner also determines the hash value of the latest block in the blockchain (ie, the last block added to the blockchain). Miner nodes can also add random values (noune values) and timestamps to the block header.
  • the miner node tries to find a hash value that meets the required parameters. The miner node keeps changing the nonce value until it finds a hash value that meets the required parameters.
  • Every miner in the blockchain network tries to find a hash value that meets the required parameters and competes with each other in this way.
  • a miner node finds a hash value that meets the required parameters and advertises the hash value to all other miner nodes in the blockchain network.
  • Other miner nodes verify the hash value, and if it is determined to be correct, verify each transaction in the block, accept the block, and attach the block to their copy of the blockchain. In this way, the global state of the blockchain is agreed upon on all miner nodes within the blockchain network.
  • the above process is a POW consensus protocol.
  • participant A wants to send a certain amount of funds to participant B.
  • Participant A generates a transaction message and sends the transaction message to the blockchain network, and the transaction message is added to the transaction pool.
  • Each miner node in the blockchain network creates a block, obtains transactions from the transaction pool, and adds the transaction to the block. In this way, the transaction issued by participant A is added to the block of the miner node.
  • cryptography is implemented to maintain the privacy of transactions. For example, if two nodes want to maintain the privacy of the transaction so that other nodes in the blockchain network cannot learn the details of the transaction, the node can encrypt the transaction data.
  • encryption methods include, but are not limited to, symmetric encryption and asymmetric encryption.
  • Symmetric encryption refers to the encryption process that uses a single key to encrypt (generate ciphertext based on plaintext) and decrypt (generate plaintext based on ciphertext).
  • symmetric encryption multiple nodes can use the same key, so each node can encrypt/decrypt transaction data.
  • a key pair is used for encryption and decryption, and each key pair includes a different private key and public key.
  • the private key in its asymmetric encryption key pair needs to be stored confidentially; the public key can be made public for other nodes to obtain.
  • the data is encrypted with a public key, only the corresponding private key can be used to decrypt it.
  • Participant A can use the public key of participant B to encrypt data, and send the encrypted data to participant B.
  • Participant B can use its private key to decrypt the encrypted data (ciphertext) sent from participant A and decrypt the original data (plaintext). Messages encrypted with the public key of the node can only be decrypted with the corresponding private key in the paired secret key.
  • Asymmetric encryption can also be used to provide digital signatures, which enable participants in a transaction to confirm other participants in the transaction and the validity of the transaction.
  • participant A can digitally sign the message, and another participant B can confirm that the message was sent by the participant A according to the digital signature of the participant A.
  • Digital signatures can also be used to ensure that messages are not tampered with during transmission. For example, refer to Figure 1 again.
  • Participant A will send a message to participant B.
  • Participant A generates a hash value of the message, and then uses its private key to encrypt the hash value to generate a digital signature.
  • Participant A attaches the digital signature to the message, and sends the message with the digital signature to participant B.
  • Participant B uses the public key of participant A to decrypt the digital signature, thereby decrypting the corresponding hash value. Participant B hashes the received message to obtain another hash value, and then compares the two hash values. If the hash value is the same, participant B can confirm that the message is indeed from participant A and has not been tampered with.
  • the blockchain node can be any participant in FIG. 1 or FIG. 2.
  • FIG. 3 shows a schematic diagram of an example of a blockchain system to which the method for updating a public key set at a blockchain node according to an embodiment of the present specification is applicable.
  • the blockchain system 300 includes lightweight nodes and full nodes.
  • the full nodes include blockchain nodes 301, 302, etc., and the lightweight nodes are connected to one or more full nodes.
  • the blockchain nodes 301a, 301b, and 301c, which are lightweight nodes, are connected to the full node 301
  • the blockchain nodes 302a, 302b, and 302c are connected to the full node 302.
  • Each full node in the blockchain system 300 is connected to each other, and each full node can be used as an accounting node to jointly maintain a ledger of all transactions in the blockchain system based on the blockchain technology.
  • the accounting node can perform accounting operations such as transaction verification, transaction consensus, and block generation.
  • Full nodes usually maintain all the data of the blockchain locally, including the block body and block header of each block in the blockchain.
  • Lightweight nodes can only store the block headers of each block in the blockchain locally for simple verification operations (for example, SPV verification).
  • Lightweight nodes can always be connected to the same full number of nodes, and can also replace all connected nodes based on connection rules to reduce trust risks.
  • the transactions initiated by each blockchain node can be broadcast to the blockchain network for consensus processing (for example, consensus processing can be performed based on the PoW mechanism).
  • the transaction initiated by the full node can be broadcast to each other full node, and after each full node receives the transaction, it can be broadcast to the lightweight node it is connected to.
  • the transaction initiated by the light-weight node can be sent to all nodes connected to the light-weight node, so as to be broadcast by the all-weight node to other full-weight nodes or light-weight nodes.
  • the method implemented in this specification for updating the public key set at a blockchain node can be executed by the accounting node, or can be executed by the light node.
  • the public key set in this specification includes the public keys of all blockchain nodes participating in the consensus (the accounting node shown in Figure 3) in the blockchain network.
  • the method for updating the public key set at the node of the blockchain in the following embodiments can be used in the consortium chain, and can also be used in the public chain.
  • Fig. 4 is a flowchart of a method for updating a public key set at a blockchain node according to an embodiment of the present specification.
  • block 402 for at least one newly added block, based on the receipt index information and the node change transaction identifier in the block header of the block, it is determined whether there is a node change transaction identifier in the block. The indicated node change transaction.
  • the newly added block can be a newly generated block in the blockchain.
  • the accounting node can monitor the newly generated block to determine whether a node change transaction has occurred in the blockchain system.
  • the accounting node can also periodically scan the block headers of new blocks that have not been scanned, and determine in a timely manner whether a node change transaction has occurred.
  • the newly added block can be a block newly downloaded by the lightweight node from the full node.
  • Lightweight nodes can download block headers from full nodes in any manner. For example, they can download a predetermined number of block headers every predetermined period, or they can download locally missing block headers in a predetermined period.
  • the lightweight node can scan each newly downloaded block header at a suitable time period to determine whether there is a node change transaction in each block header.
  • the node change transaction takes the smart contract used to execute the blockchain node change operation as the transaction object.
  • Smart contracts used to perform blockchain node change operations can be deployed in the genesis block of the blockchain.
  • Node change transactions can be initiated by a designated transaction initiator.
  • the designated transaction initiator can be, for example, an administrator in a blockchain system, and the administrator can be a server composed of one or more computing devices.
  • the node change transaction can be a node addition transaction or a node deletion transaction.
  • the smart contract may include adding a smart contract to a node and deleting a smart contract to a node.
  • the administrator can initiate a new node type transaction with the node new smart contract as the transaction object.
  • the administrator can initiate a node deletion transaction with the node deletion smart contract as the transaction object.
  • the receipt index information includes a transaction type identification field, and the transaction type identification field indicates the transaction type of each transaction in the block.
  • the block body of each block may include receipt information of each transaction on the block, and each transaction receipt information may be stored in the block in the form of a receipt tree (for example, a receipt tree generated based on a Merck tree).
  • the receipt information of each transaction may include the transaction type (Topic) corresponding to the transaction.
  • the transaction type may include, for example, a transfer transaction, a node change transaction, a smart contract addition or deletion transaction, and the like.
  • the transaction type identification corresponding to each transaction may be included in the receipt index information.
  • the receipt index information may be a Bloom filter, for example.
  • the receipt index information can be found based on the node change transaction identifier.
  • the node change transaction identifier exists in the receipt index information, it can be determined that there is a node change transaction in the block.
  • the node change type transaction identifier may be a node new type transaction identifier indicating a node new type transaction, or a node deletion type transaction identifier of a node deletion type transaction.
  • block 404 block body information of the block is obtained. Due to the large amount of block body information, if there is no node change transaction in the block, there is no need to obtain block body information, which can reduce the burden on blockchain nodes.
  • the blockchain node is a lightweight node, due to the limited computing resources and local storage space of the lightweight node, obtaining block body information after determining that there is a node change transaction is more suitable for the operation requirements of the lightweight node.
  • the receipt information of the node change transaction is obtained from the block body information.
  • the receipt information includes a public key field, which is used to store the public key of the changed blockchain node indicated by the node change transaction.
  • a billing node processes a node change transaction, it can write the public key of the blockchain node corresponding to the node change transaction in the public key field.
  • the accounting node may not write any information to the public key field, that is, the public key field is empty.
  • the accounting node can make the receipt information of the transaction include the public key field, and for transactions that are not node change transactions, the receipt information of the transaction can be made not include the public key field. Key field.
  • the data structure of the receipt information may be TransactionReceipt ⁇ result,gasUsed,logEntries,output>, where TransactionReceipt represents the receipt, result is the execution result of the smart contract, gasused is the gas consumed to execute the smart contract, and output is the public key.
  • TransactionReceipt represents the receipt
  • result is the execution result of the smart contract
  • gasused is the gas consumed to execute the smart contract
  • output is the public key.
  • Field, logEntries executes the log entry of the corresponding transaction
  • the transaction log information can be included in the log entry.
  • the public key field may also be included in the log information.
  • the public key of the changed blockchain node is obtained from the public key field of the receipt information.
  • the changed blockchain node can be a newly added blockchain node or a deleted blockchain node.
  • the receipt information in the receipt information may be information after encoding.
  • the receipt information may be decoded by a decoding method corresponding to the encoding method.
  • the encoding method may be RLP encoding, and the RLP decoding method may be used for decoding during decoding.
  • the public key of the changed blockchain node can be obtained from it.
  • the public key set is updated with the obtained public key.
  • the obtained public key can be added to the public key set. If the node change transaction identifier instructs the node to delete the transaction, the obtained public key can be deleted from the public key set.
  • a trusted public key set update method can be provided, and the public key set update process can fully adapt to the resource constraints of lightweight nodes, so it can provide a public key set update that is more friendly to lightweight nodes. method.
  • Fig. 5 is a flowchart of an example of a receipt information acquisition process in a method for updating a public key set at a blockchain node according to an embodiment of the present specification.
  • the acquired block body information includes a transaction tree and a receipt tree.
  • the designated initiator address of the designated node change transaction and the smart contract address corresponding to the node change transaction are determined.
  • the designated initiators of the node deletion transaction and the node addition transaction may be the same, for example, both may be administrators. In another example, different designated initiators may be determined for node deletion transactions and node addition transactions, respectively.
  • the designated initiator and the corresponding smart contract address can be determined based on the specific type of the existing node change transaction.
  • the address of the designated initiator and the corresponding smart contract address of various node change transactions can be stored at the local blockchain node.
  • the designated initiator address and smart contract address can be read according to the node change transaction type indicated by the corresponding node change transaction. For example, if the node change transaction is a node addition transaction, the address of the designated initiator of the node addition transaction and the corresponding smart contract address can be read.
  • the node change transaction and the first position of the node change transaction in the transaction tree are determined from the transaction tree.
  • the determined designated initiator address and smart contract address can be compared with the transaction address of each transaction in the transaction tree to determine that the initiator address matches the designated initiator address and the transaction corresponding address is consistent with the determined smart contract Transactions with matching addresses.
  • the transaction thus determined is the corresponding node change transaction, and the position of the transaction in the transaction tree is the first position of the node change transaction in the transaction tree.
  • the receipt information at the second location corresponding to the determined first location is obtained from the receipt tree.
  • the position of each transaction in the transaction tree corresponds to the position of the receipt information of the transaction in the receipt tree.
  • the accounting node packs each transaction into a block, it can generate the transaction tree and the receipt tree in the same order.
  • the position of the receipt information of each transaction in the receipt tree is the same as the position of the transaction information of the transaction in the transaction tree, so that after determining the position of the node change transaction in the transaction pair, the same position of the receipt tree can be determined.
  • the receipt information For example, if the node change transaction is located at the first leaf node in the transaction tree, the receipt information located at the first leaf node in the receipt tree can be obtained to obtain the determined receipt information of the node change transaction.
  • the corresponding public key can be obtained from the public key field of the obtained receipt information. If the receipt information is encoded information, the corresponding decoding method can be used to decode it to obtain the public key of the changed node.
  • FIG. 6 is a flowchart of another example of a receipt information acquisition process in a method for updating a public key set at a blockchain node according to an embodiment of the present specification.
  • a node change transaction is determined from the transaction tree
  • the node change transaction is verified, and in block 606, it is determined whether the node change transaction passes the verification. For example, the transaction object address and smart contract address of the node change transaction determined from the transaction tree can be hashed, and then the hash values of the two can be compared whether they are consistent. When the hash values of the two are the same, it indicates that the node change type transaction that is traded from the transaction tree is indeed the node change type transaction to be found.
  • the address of the transaction initiator and the address of the transaction object of the node change transaction determined from the transaction tree can be verified separately.
  • the transaction initiator address verification can be performed based on the transaction initiator address of the node change transaction determined from the transaction tree and the designated initiator address of the corresponding node change transaction, and based on the node change transaction determined from the transaction tree
  • the address of the transaction object and the address of the smart contract are used to verify the address of the transaction object for the found node change transaction.
  • the transaction initiator address and transaction object address, designated initiator address and smart contract address of the node change transaction determined from the transaction tree can be hashed separately, and then the hash values can be compared to see if they are consistent.
  • Fig. 7 is a structural block diagram of an apparatus for updating a public key set at a blockchain node according to an embodiment of the present specification.
  • the public key set update device 700 includes a node change transaction determination unit 710, a block body information acquisition unit 720, a receipt information acquisition unit 730, a public key acquisition unit 740, and a public key set update unit.
  • the node change transaction determining unit 710 determines whether there is a node indicated by the node change transaction identifier in the block based on the receipt index information in the block header of the block and the node change transaction identifier Change transaction.
  • the node change transaction takes the smart contract used to execute the blockchain node change operation as the transaction object.
  • the receipt index information includes a transaction type identification field, and the transaction type identification field indicates the transaction type of each transaction in the block.
  • the block body information obtaining unit 720 obtains the block body information of the block.
  • the receipt information obtaining unit 730 obtains the receipt information of the node change transaction from the block body information.
  • the receipt information includes a public key field, and the public key field is used to store the public key of the changed blockchain node indicated by the node change transaction.
  • the public key obtaining unit 740 obtains the public key of the changed blockchain node from the public key field of the receipt information.
  • the public key set update unit 750 uses the acquired public key to update the public key set.
  • the node change type transaction identifier may indicate the node new type transaction.
  • the public key set update unit 750 may add the public key to the public key set.
  • the node change transaction identifier may also instruct the node to delete the transaction.
  • the public key set update unit 750 may delete the public key from the public key set.
  • FIG. 8 is a structural block diagram of the receipt information obtaining unit 730 in the apparatus for updating the public key set at the blockchain node shown in FIG. 7.
  • the receipt information acquisition unit 730 includes a designated transaction information determination module 731, a first location determination module 732, a node change transaction verification module 733, a receipt information acquisition module 734, and a receipt information acquisition module 735.
  • the block body information includes a transaction tree and a receipt tree.
  • the designated transaction information determining module 731 determines the designated initiator address of the designated initiating node change transaction and the smart contract address corresponding to the node change transaction based on the node change transaction identifier.
  • the first location determination module 732 determines the node change transaction and the node change transaction in the transaction tree from the transaction tree based on the transaction tree information in the block body information, the designated initiator address, and the smart contract address. The first position.
  • the node change transaction verification module 733 After determining the first location, the node change transaction verification module 733 verifies the node change transaction based on the transaction object address included in the node change transaction and the smart contract address of the smart contract. In another example, the node change transaction verification module 733 can determine the node change transaction based on the transaction initiator address, transaction object address, designated initiator address, and smart contract address of the node change transaction determined from the transaction tree. Change the transaction for verification.
  • the receipt information obtaining module 734 obtains the receipt information at the second location corresponding to the determined first location in the receipt tree.
  • the node change transaction verification module may not be included.
  • the receipt information acquisition module 734 may obtain the receipt from the receipt based on the determined first position. Obtain the corresponding receipt information from the tree.
  • the device for updating the public key set at the blockchain node in the embodiment of this specification can be implemented by hardware, or by software or a combination of hardware and software.
  • the various embodiments in this specification are described in a progressive manner, and the same or similar parts among the various embodiments are referred to each other.
  • the device for updating the public key set at the blockchain node in the embodiment of this specification can be implemented by hardware, or by software or a combination of hardware and software. Taking software implementation as an example, as a logical device, it is formed by reading the corresponding computer program instructions in the memory into the memory through the processor of the device where it is located. In the embodiment of the present specification, the device for updating the public key set at the blockchain node can be implemented by using a computing device, for example.
  • Fig. 9 is a structural block diagram of a computing device for implementing a method for updating a public key set at a blockchain node according to an embodiment of the present specification.
  • the computing device 900 includes a processor 910, a memory 920, a memory 930, a communication interface 940, and an internal bus 950, and the processor 910, a memory (for example, a non-volatile memory) 920, a memory 930, and a communication interface 940 are connected together via a bus 950.
  • the computing device 900 may include at least one processor 910 that executes at least one computer-readable instruction (ie, the aforementioned Elements implemented in software).
  • computer-executable instructions are stored in the memory 920, which when executed, cause at least one processor 910 to: for at least one newly added block, based on the receipt index information and the node in the block header of the block Change transaction identifier to determine whether there is a node change transaction indicated by the node change transaction identifier in the block; when there is a node change transaction in the block, obtain the block body information of the block; Obtain the receipt information of the node change transaction from the block body information.
  • the receipt information includes a public key field.
  • the public key field is used to store the public key of the changed blockchain node indicated by the node change transaction; from the public key of the receipt information Obtain the public key of the changed blockchain node in the field; and use the obtained public key to update the public key set.
  • a program product such as a non-transitory machine-readable medium.
  • the non-transitory machine-readable medium may have instructions (that is, the above-mentioned elements implemented in the form of software), which when executed by a machine, cause the machine to execute the above described in conjunction with FIGS. 1-8 in the various embodiments of the embodiments of this specification.
  • instructions that is, the above-mentioned elements implemented in the form of software
  • a system or device equipped with a readable storage medium may be provided, and the software program code for realizing the function of any one of the above-mentioned embodiments is stored on the readable storage medium, and the computer or device of the system or device The processor reads and executes the instructions stored in the readable storage medium.
  • the program code itself read from the readable medium can implement the function of any one of the above embodiments, so the machine readable code and the readable storage medium storing the machine readable code constitute the present invention a part of.
  • Examples of readable storage media include floppy disks, hard disks, magneto-optical disks, optical disks (such as CD-ROM, CD-R, CD-RW, DVD-ROM, DVD-RAM, DVD-RW, DVD-RW), magnetic tape, Volatile memory card and ROM.
  • the program code can be downloaded from the server computer or the cloud via the communication network.
  • the device structure described in the foregoing embodiments may be a physical structure or a logical structure, that is, some units may be implemented by the same physical entity, or some units may be implemented by multiple physical entities, or may be implemented by multiple physical entities. Some components in independent devices are implemented together.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Development Economics (AREA)
  • Technology Law (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • Power Engineering (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

Provided is a method for use in updating a public key set at a blockchain node, the public key set comprising public keys of all blockchain nodes participating in a consensus in a blockchain network. The method comprises: with respect to at least one newly added block, determining, on the basis of receipt index information and a node change-type transaction identifier in a block header of the block, whether a node change-type transaction indicated by the node change-type transaction identifier is present in the block (402), the receipt information comprising a transaction type identifier field; when the node change-type transaction is present in the block, acquiring block body information of the block (404); acquiring receipt information of the node change-type transaction in the block body information (406), the receipt information comprising a public key field, the public key field being used for storing a public key of a changed blockchain node indicated by the node change-type transaction; acquiring the public key of the changed blockchain node from the public key field of the receipt information (408); and utilizing the acquired public key to update a public key set (410).

Description

用于更新区块链节点处的公钥集合的方法及装置Method and device for updating public key set at block chain node 技术领域Technical field
本说明书实施例涉及区块链技术,具体地,涉及用于更新区块链节点处的公钥集合的方法及装置。The embodiments of this specification relate to blockchain technology, and in particular, to a method and device for updating a public key set at a blockchain node.
背景技术Background technique
在区块链系统中,出于某些区块链操作的需要,可能会在各个区块链节点处维护区块链系统中所有区块链节点的公钥集合。在区块链系统中,难免会发生区块链节点变更,例如新区块链节点加入区块链系统或已加入的区块链节点退出区块链系统。在发生区块链节点变更时,需要一种可信任的方式来更新区块链系统中的公钥集合。In the blockchain system, due to the needs of certain blockchain operations, the public key set of all blockchain nodes in the blockchain system may be maintained at each blockchain node. In the blockchain system, it is inevitable that blockchain node changes will occur, for example, a new blockchain node joins the blockchain system or a joined blockchain node exits the blockchain system. When the blockchain node changes, a trusted way is needed to update the public key set in the blockchain system.
发明内容Summary of the invention
鉴于上述,本说明书实施例提供了一种用于更新区块链节点处的公钥集合的方法及装置。In view of the above, the embodiments of this specification provide a method and device for updating the public key set at a blockchain node.
根据本说明书实施例的一个方面,提供了一种用于更新区块链节点处的公钥集合的方法,所述公钥集合包括区块链网络中的所有参与共识的区块链节点的公钥,所述方法包括:针对新加入的至少一个区块,基于该区块的区块头中的收据索引信息和节点变更类交易标识,确定该区块中是否存在所述节点变更类交易标识所指示的节点变更类交易,所述节点变更类交易以用于执行区块链节点变更操作的智能合约为交易对象,所述收据索引信息包括交易类型标识字段,所述交易类型标识字段指示该区块中的各个交易的交易类型;当该区块中存在节点变更类交易时,获取该区块的区块体信息;从所述区块体信息中获取所述节点变更类交易的收据信息,所述收据信息包括公钥字段,所述公钥字段用于存放所述节点变更类交易所指示的被变更区块链节点的公钥;从所述收据信息的公钥字段中获取的被变更区块链节点的公钥;以及利用所获取的公钥来更新所述公钥集合。According to one aspect of the embodiments of this specification, a method for updating a public key set at a blockchain node is provided, the public key set includes the public key set of all blockchain nodes participating in consensus in the blockchain network. The method includes: for at least one newly added block, based on the receipt index information and the node change transaction identifier in the block header of the block, determining whether the node change transaction identifier exists in the block The indicated node change type transaction, the node change type transaction uses the smart contract used to perform the blockchain node change operation as the transaction object, the receipt index information includes a transaction type identification field, and the transaction type identification field indicates the area The transaction type of each transaction in the block; when there is a node change transaction in the block, obtain the block body information of the block; obtain the receipt information of the node change transaction from the block body information, The receipt information includes a public key field, and the public key field is used to store the public key of the changed blockchain node indicated by the node change transaction; the changed public key field is obtained from the public key field of the receipt information The public key of the blockchain node; and using the obtained public key to update the set of public keys.
可选的,在一个示例中,所述区块体信息可以包括交易树和收据树,从所述区块体信息中获取所述节点变更类交易的收据信息可以包括:基于所述节点变更类交易标识,确定被指定发起所述节点变更类交易的指定发起方地址以及所述节点变更类交易对应的智能合约地址;基于所述区块体信息中的交易树信息和所述指定发起方地址以及所述 智能合约地址,从所述交易树中确定出所述节点变更类交易以及所述节点变更类交易在所述交易树中的第一位置;以及从所述收据树中获取与所确定的第一位置对应的第二位置处的收据信息。Optionally, in an example, the block body information may include a transaction tree and a receipt tree, and obtaining the receipt information of the node change transaction from the block body information may include: based on the node change type Transaction identifier, which determines the address of the designated initiator designated to initiate the node change transaction and the smart contract address corresponding to the node change transaction; based on the transaction tree information in the block body information and the designated initiator address And the smart contract address, determining the node change transaction and the first position of the node change transaction in the transaction tree from the transaction tree; and obtaining and determined from the receipt tree The receipt information at the second location corresponding to the first location of.
可选的,在一个示例中,在获取所述收据树中的与所确定的第一位置对应的第二位置处的收据信息之前,从所述区块体信息中获取所述节点变更类交易的收据信息还可以包括:基于所述节点变更类交易中包含的交易对象地址和所述智能合约的智能合约地址,对所述节点变更类交易进行验证。获取所述收据树中的与所确定的第一位置对应的第二位置处的收据信息包括:当所述节点变更交易验证通过时,获取所述收据树中的与所确定的第一位置对应的第二位置处的收据信息。Optionally, in an example, before obtaining the receipt information at the second position corresponding to the determined first position in the receipt tree, obtain the node change transaction from the block body information The receipt information of may further include: verifying the node change transaction based on the transaction object address included in the node change transaction and the smart contract address of the smart contract. Obtaining the receipt information at the second position corresponding to the determined first position in the receipt tree includes: when the node change transaction verification is passed, obtaining the receipt information corresponding to the determined first position in the receipt tree The receipt information at the second location.
可选的,在一个示例中,基于从所述交易树中确定出的节点变更类交易的交易对象地址信息和所述智能合约的智能合约地址,对所述节点变更类交易进行验证可以包括:基于从所述交易树中确定出的节点变更类交易的交易发起方地址、交易对象地址、所述指定发起方地址以及所述智能合约地址,对所查找出的节点变更交易进行验证。Optionally, in an example, based on the transaction object address information of the node change transaction determined from the transaction tree and the smart contract address of the smart contract, verifying the node change transaction may include: Based on the transaction initiator address, the transaction object address, the designated initiator address and the smart contract address of the node change transaction determined from the transaction tree, the node change transaction found is verified.
可选的,在一个示例中,所述节点变更类交易标识指示节点新增类交易,利用所获取的公钥来更新所述公钥集合可以包括:将所述公钥添加到所述公钥集合中,或所述节点变更类交易标识指示节点删除类交易,利用所获取的公钥来更新所述公钥集合包括:将所述公钥从所述公钥集合中删除。Optionally, in an example, the node change transaction identifier indicates that the node adds a new transaction, and using the obtained public key to update the public key set may include: adding the public key to the public key In the set, or the node change transaction identifier instructs the node to delete the transaction, using the obtained public key to update the public key set includes: deleting the public key from the public key set.
可选的,在一个示例中,所述区块链系统可以为联盟链系统。Optionally, in an example, the blockchain system may be a consortium chain system.
可选的,在一个示例中,所述智能合约可以布署在创世区块中。Optionally, in an example, the smart contract may be deployed in the genesis block.
根据本说明书实施例的另一方面,还一种用于在联盟链中更新公钥集合的装置,所述公钥集合包括区块链网络中所有参与共识的区块链节点的公钥,所述装置包括:节点变更交易确定单元,针对新加入的至少一个区块,基于该区块的区块头中的收据索引信息和节点变更类交易标识,确定该区块中是否存在所述节点变更类交易标识所指示的节点变更类交易,所述节点变更类交易以用于执行区块链节点变更操作的智能合约为交易对象,所述收据索引信息包括交易类型标识字段,所述交易类型标识字段指示该区块中的各个交易的交易类型;区块体信息获取单元,当该区块中存在节点变更类交易时,获取该区块的区块体信息;收据信息获取单元,从所述区块体信息中获取所述节点变更类交易的收据信息,所述收据信息包括公钥字段,所述公钥字段用于存放所述节点变更类交易所指示的被变更区块链节点的公钥;公钥获取单元,从所述收据信息的公钥字段 中获取的被变更区块链节点的公钥;以及公钥集合更新单元,利用所获取的公钥来更新所述公钥集合。According to another aspect of the embodiments of this specification, there is also a device for updating a set of public keys in a consortium chain, where the set of public keys includes the public keys of all blockchain nodes participating in the consensus in the blockchain network, so The device includes: a node change transaction determining unit, for at least one newly added block, based on the receipt index information in the block header of the block and the node change transaction identifier, determine whether the node change type exists in the block A node change type transaction indicated by a transaction identifier, the node change type transaction uses a smart contract for performing a blockchain node change operation as a transaction object, the receipt index information includes a transaction type identification field, and the transaction type identification field Indicate the transaction type of each transaction in the block; the block body information obtaining unit, when there is a node change transaction in the block, obtain the block body information of the block; the receipt information obtaining unit, from the block Obtain the receipt information of the node change transaction in the block information, the receipt information includes a public key field, and the public key field is used to store the public key of the changed blockchain node indicated by the node change transaction A public key acquisition unit that acquires the public key of the changed blockchain node from the public key field of the receipt information; and a public key set update unit that uses the acquired public key to update the public key set.
可选的,在一个示例中,所述区块体信息可以包括交易树和收据树,所述收据信息获取单元可以包括:指定交易信息确定模块,基于所述节点变更类交易标识,确定被指定发起所述节点变更类交易的指定发起方地址以及所述节点变更类交易对应的智能合约地址;第一位置确定模块,基于所述区块体信息中的交易树信息和所述指定发起方地址以及所述智能合约地址,从所述交易树中确定出所述节点变更类交易以及所述节点变更类交易在所述交易树中的第一位置;以及收据信息获取模块,从所述收据树中获取与所确定的第一位置对应的第二位置处的收据信息。Optionally, in an example, the block body information may include a transaction tree and a receipt tree, and the receipt information acquisition unit may include: a designated transaction information determining module, which determines that the designated transaction information is designated based on the node change transaction identifier The address of the designated initiator that initiates the node change transaction and the smart contract address corresponding to the node change transaction; the first location determination module is based on the transaction tree information in the block body information and the address of the designated initiator And the smart contract address, which determines the node change type transaction and the first position of the node change type transaction in the transaction tree from the transaction tree; and a receipt information acquisition module from the receipt tree To obtain the receipt information at the second location corresponding to the determined first location.
可选的,在一个示例中,所述收据信息获取单元可以包括:节点变更类交易验证模块,在获取所述收据树中的与所确定的第一位置对应的第二位置处的收据信息之前,基于所述节点变更类交易中包含的交易对象地址和所述智能合约的智能合约地址,对所述节点变更类交易进行验证,以及所述收据信息获取模块当所述节点变更交易验证通过时,获取所述收据树中的与所确定的第一位置对应的第二位置处的收据信息。Optionally, in an example, the receipt information obtaining unit may include: a node change transaction verification module, before obtaining the receipt information at the second position corresponding to the determined first position in the receipt tree , Verifying the node change transaction based on the transaction object address contained in the node change transaction and the smart contract address of the smart contract, and the receipt information acquisition module when the node change transaction is verified To obtain the receipt information at the second location corresponding to the determined first location in the receipt tree.
可选的,在一个示例中,所述节点变更交易验证模块可以基于从所述交易树中确定出的节点变更类交易的交易发起方地址、交易对象地址、所述指定发起方地址以及所述智能合约地址,对所查找出的节点变更交易进行验证。Optionally, in an example, the node change transaction verification module may be based on the transaction initiator address, the transaction object address, the designated initiator address, and the node change transaction determined from the transaction tree. The smart contract address verifies the node change transaction found.
可选的,在一个示例中,所述节点变更类交易标识可以指示节点新增类交易,所述公钥集合更新单元可以将所述公钥添加到所述公钥集合中,或所述节点变更类交易标识可以指示节点删除类交易,所述公钥集合更新单元可以将所述公钥从所述公钥集合中删除。Optionally, in an example, the node change transaction identifier may indicate that the node adds a new transaction, and the public key set update unit may add the public key to the public key set, or the node The change transaction identifier may instruct the node to delete the transaction, and the public key set update unit may delete the public key from the public key set.
根据本说明书实施例的另一方面,还提供一种计算设备,包括:至少一个处理器;以及存储器,所述存储器存储指令,当所述指令被所述至少一个处理器执行时,使得所述至少一个处理器执行如上所述的方法。According to another aspect of the embodiments of this specification, there is also provided a computing device, including: at least one processor; and a memory, the memory stores instructions, and when the instructions are executed by the at least one processor, the At least one processor executes the method as described above.
根据本说明书实施例的另一方面,还提供一种非暂时性机器可读存储介质,其存储有可执行指令,所述指令当被执行时使得所述机器执行如上所述的方法。According to another aspect of the embodiments of the present specification, there is also provided a non-transitory machine-readable storage medium, which stores executable instructions, which when executed cause the machine to execute the method as described above.
利用本说明书实施例的方法及装置,通过在基于区块头中的收据索引信息和节点变更类交易标识确定出相应区块中存在节点变更类交易标识所指示的节点变更交易时,获取区块体信息,然后基于所获取的区块体信息获取节点变更类交易所对应的区块链节 点的公钥,进而利用所获取的公钥来更新公钥集合,不仅能够提供一种可信任的区块链公钥集合更新方式,并且由于区块体信息获取以及公钥获取过程在确定存在节点变更类交易之后进执行,能够减轻各个区块链节点的负担。Using the method and device of the embodiment of this specification, the block body is obtained when it is determined that there is a node change transaction indicated by the node change transaction identifier in the corresponding block based on the receipt index information in the block header and the node change transaction identifier. Information, and then obtain the public key of the blockchain node corresponding to the node change exchange based on the obtained block body information, and then use the obtained public key to update the public key set, which can not only provide a trusted block The chain public key set update method, and because the block body information acquisition and public key acquisition process are executed after determining that there is a node change transaction, it can reduce the burden on each blockchain node.
附图说明Description of the drawings
通过参照下面的附图,可以实现对于本说明书实施例内容的本质和优点的进一步理解。在附图中,类似组件或特征可以具有相同的附图标记。附图是用来提供对本发明实施例的进一步理解,并且构成说明书的一部分,与下面的具体实施方式一起用于解释本说明书实施例的实施例,但并不构成对本说明书实施例的实施例的限制。在附图中:By referring to the following drawings, a further understanding of the nature and advantages of the contents of the embodiments of this specification can be achieved. In the drawings, similar components or features may have the same reference signs. The accompanying drawings are used to provide a further understanding of the embodiments of the present invention, and constitute a part of the specification. Together with the following specific implementations, they are used to explain the embodiments of the embodiments of the specification, but do not constitute an example of the embodiments of the specification. limit. In the attached picture:
图1示出了可用于执行根据本说明书实施例的用于更新区块链节点处的公钥集合的方法的环境的示例的示意图;FIG. 1 shows a schematic diagram of an example of an environment that can be used to execute a method for updating a public key set at a blockchain node according to an embodiment of the present specification;
图2示出了执行根据本说明书实施例的用于更新区块链节点处的公钥集合的方法的系统架构的示例的示意图;FIG. 2 shows a schematic diagram of an example of a system architecture that executes the method for updating a public key set at a blockchain node according to an embodiment of the present specification;
图3示出了根据本说明书实施例的用于更新区块链节点处的公钥集合的方法所适用的区块链系统的一个示例的示意图;FIG. 3 shows a schematic diagram of an example of a blockchain system to which the method for updating a public key set at a blockchain node according to an embodiment of the present specification is applicable;
图4是根据本说明书的一个实施例的用于更新区块链节点处的公钥集合的方法的流程图;Fig. 4 is a flowchart of a method for updating a public key set at a blockchain node according to an embodiment of the present specification;
图5是根据本说明书的一个实施例的用于更新区块链节点处的公钥集合的方法中的收据信息获取过程的一个示例的流程图;5 is a flowchart of an example of the receipt information acquisition process in the method for updating the public key set at the blockchain node according to an embodiment of the present specification;
图6是根据本说明书的一个实施例的用于更新区块链节点处的公钥集合的方法中的收据信息获取过程的另一示例的流程图;6 is a flowchart of another example of the receipt information acquisition process in the method for updating a public key set at a blockchain node according to an embodiment of the present specification;
图7是根据本说明书的一个实施例的用于更新区块链节点处的公钥集合的装置的结构框图;Fig. 7 is a structural block diagram of an apparatus for updating a public key set at a blockchain node according to an embodiment of the present specification;
图8是图7所示的用于更新区块链节点处的公钥集合的装置中的收据信息获取单元的结构框图;以及FIG. 8 is a structural block diagram of the receipt information obtaining unit in the device for updating the public key set at the blockchain node shown in FIG. 7; and
图9是根据本说明书的一个实施例的用于实现用于更新区块链节点处的公钥集合的方法的计算设备的结构框图。Fig. 9 is a structural block diagram of a computing device for implementing a method for updating a public key set at a blockchain node according to an embodiment of the present specification.
具体实施方式Detailed ways
以下将参考示例实施方式讨论本文描述的主题。应该理解,讨论这些实施方式只是为了使得本领域技术人员能够更好地理解从而实现本文描述的主题,并非是对权利要求书中所阐述的保护范围、适用性或者示例的限制。可以在不脱离本说明书实施例内容的保护范围的情况下,对所讨论的元素的功能和排列进行改变。各个示例可以根据需要,省略、替代或者添加各种过程或组件。另外,相对一些示例所描述的特征在其它例子中也可以进行组合。The subject described herein will be discussed below with reference to example embodiments. It should be understood that the discussion of these embodiments is only to enable those skilled in the art to better understand and realize the subject described herein, and is not to limit the scope of protection, applicability, or examples set forth in the claims. The function and arrangement of the discussed elements can be changed without departing from the protection scope of the content of the embodiments of this specification. Various examples can omit, substitute, or add various procedures or components as needed. In addition, features described with respect to some examples can also be combined in other examples.
如本文中使用的,术语“包括”及其变型表示开放的术语,含义是“包括但不限于”。术语“基于”表示“至少部分地基于”。术语“一个实施例”和“一实施例”表示“至少一个实施例”。术语“另一个实施例”表示“至少一个其他实施例”。术语“第一”、“第二”等可以指代不同的或相同的对象。下面可以包括其他的定义,无论是明确的还是隐含的。除非上下文中明确地指明,否则一个术语的定义在整个说明书中是一致的。As used herein, the term "including" and its variations mean open terms, meaning "including but not limited to". The term "based on" means "based at least in part on." The terms "one embodiment" and "an embodiment" mean "at least one embodiment." The term "another embodiment" means "at least one other embodiment." The terms "first", "second", etc. may refer to different or the same objects. Other definitions can be included below, whether explicit or implicit. Unless clearly indicated in the context, the definition of a term is consistent throughout the specification.
在本文中,术语“相连”是指两个组件之间直接机械连接、连通或电连接,或者通过中间组件来间接机械连接、连通或电连接。术语“电连接”是指两个组件之间可以进行电通信以进行数据/信息交换。同样,所述电连接可以指两个组件之间直接电连接,或者通过中间组件来间接电连接。所述电连接可以采用有线方式或无线方式来实现。In this document, the term "connected" refers to direct mechanical connection, communication or electrical connection between two components, or indirect mechanical connection, communication or electrical connection through intermediate components. The term "electrically connected" refers to the possibility of electrical communication between two components for data/information exchange. Similarly, the electrical connection may refer to a direct electrical connection between two components, or an indirect electrical connection through an intermediate component. The electrical connection can be implemented in a wired manner or a wireless manner.
现在结合附图来描述本说明书实施例的用于更新区块链节点处的公钥集合的方法及装置。Now, the method and device for updating the public key set at the blockchain node according to the embodiments of the present specification will be described with reference to the accompanying drawings.
区块链是一种按照时间顺序来将数据区块顺序相连组合而成的链式数据结构,并且以密码学方式保证数据区块不可篡改和不可伪造。区块链包括一个或多个区块。区块链中的每个区块通过包括该区块链中紧接其之前的前一个区块的加密散列而链接到该前一个区块。每个区块还包括时间戳、该区块的加密哈希以及一个或多个交易(transaction)。对已经被区块链节点验证的交易进行哈希处理并形成Merkle树。在Merkle树中,对叶节点处的数据进行哈希处理,并且针对Merkle树的每个分支,在该分支的根处级联该分支的所有哈希值。针对Merkle树执行上述处理,直到整个Merkle树的根节点。Merkle树的根节点存储代表该Merkle树中的所有数据的哈希值。当一个哈希值声称是Merkle树中存储的交易时,可以通过判断该哈希值是否与Merkle树的结构一致来进行快速验证。Blockchain is a chain data structure that connects and combines data blocks sequentially in chronological order, and cryptographically ensures that the data blocks cannot be tampered with or forged. The blockchain includes one or more blocks. Each block in the blockchain is linked to the previous block by including the encrypted hash of the immediately preceding block in the blockchain. Each block also includes a timestamp, a cryptographic hash of the block, and one or more transactions. The transaction that has been verified by the blockchain node is hashed and a Merkle tree is formed. In the Merkle tree, the data at the leaf nodes is hashed, and for each branch of the Merkle tree, all the hash values of the branch are concatenated at the root of the branch. The above processing is performed on the Merkle tree until the root node of the entire Merkle tree. The root node of the Merkle tree stores hash values representing all data in the Merkle tree. When a hash value claims to be a transaction stored in the Merkle tree, it can be quickly verified by judging whether the hash value is consistent with the structure of the Merkle tree.
区块链是用于存储交易的数据结构。区块链网络是用于管理、更新和维护一个或多个区块链结构的计算节点网络。如上所述,区块链网络可以包括公有区块链网络、私有区块链网络或联盟区块链网络。Blockchain is a data structure used to store transactions. The blockchain network is a network of computing nodes used to manage, update and maintain one or more blockchain structures. As mentioned above, the blockchain network can include a public blockchain network, a private blockchain network, or a consortium blockchain network.
在公有区块链网络中,共识过程由共识网络的节点控制。例如,在公有区块链网络中可以存在成千上万个实体协作处理,每个实体操作该公有区块链网络中的至少一个节点。因此,公有区块链网络可以被认为是参与实体的公有网络。在一些示例中,大多数实体(节点)必须按序对每个区块进行签名,并且将签名后的区块添加到区块链网络的区块链中。公有区块链网络的示例可以包括特定对等支付网络。此外,术语“区块链”不特别指代任何特定的区块链。In the public blockchain network, the consensus process is controlled by the nodes of the consensus network. For example, there may be thousands of entities in a public blockchain network for collaborative processing, and each entity operates at least one node in the public blockchain network. Therefore, the public blockchain network can be considered as a public network of participating entities. In some examples, most entities (nodes) must sign each block in sequence, and add the signed block to the blockchain of the blockchain network. Examples of public blockchain networks may include specific peer-to-peer payment networks. In addition, the term "blockchain" does not specifically refer to any particular blockchain.
公有区块链网络支持公有交易。公有交易在公有区块链网络内的所有节点之间共享,并且存储在全局区块链中。全局区块链是指跨所有节点复制的区块链。为了达成共识(例如,同意向区块链添加区块),在公有区块链网络内实现共识协议。共识协议的示例包括但不限于:工作量证明(POW,proof-of-work),权益证明(POS,proof-of-stake)和权威证明(POA,proof-of-authority)。在本说明书实施例中,采用POW作为非限制性示例。The public blockchain network supports public transactions. Public transactions are shared among all nodes in the public blockchain network and stored in the global blockchain. A global blockchain refers to a blockchain that is replicated across all nodes. In order to reach a consensus (for example, agree to add a block to the blockchain), a consensus agreement is implemented in the public blockchain network. Examples of consensus protocols include but are not limited to: proof-of-work (POW), proof-of-stake (POS), and proof-of-authority (POA). In the embodiments of this specification, POW is used as a non-limiting example.
私有区块链网络被提供来用于特定实体。私有区块链网络中的各个节点的读写权限被严格控制。因此,私有区块链网络通常也称为许可网络,其对允许谁参与网络以及的网络参与水平(例如,仅在某些交易情形下)进行限制。在私有区块链网络中,可以使用各种类型的访问控制机制(例如,现有参与方对添加新实体进行投票,监管机构控制许可等)。Private blockchain networks are provided for specific entities. The read and write permissions of each node in the private blockchain network are strictly controlled. Therefore, a private blockchain network is usually also called a permissioned network, which restricts who is allowed to participate in the network and the level of network participation (for example, only in certain transaction situations). In a private blockchain network, various types of access control mechanisms can be used (for example, existing participants vote to add new entities, regulatory agencies control permissions, etc.).
联盟区块链网络在参与实体之间是私有的。在联盟区块链网络中,共识过程由授权节点控制。例如,由若干个(例如,10个)实体(例如,金融机构,保险公司)组成的联盟可以操作联盟区块链网络,每个实体操作该联盟区块链网络中的至少一个节点。因此,联盟区块链网络可以被认为是参与实体的私有网络。在一些示例中,每个参与实体(节点)必须按序对每个区块进行签名,并将该区块添加到区块链。在一些示例中,可以由参与实体(节点)的子集(例如,至少7个实体)来对每个区块进行签名,并将该区块添加到区块链。The alliance blockchain network is private among participating entities. In the alliance blockchain network, the consensus process is controlled by authorized nodes. For example, a consortium composed of several (for example, 10) entities (for example, financial institutions, insurance companies) can operate a consortium blockchain network, and each entity operates at least one node in the consortium blockchain network. Therefore, the consortium blockchain network can be considered as a private network of participating entities. In some examples, each participating entity (node) must sign each block in sequence and add the block to the blockchain. In some examples, each block may be signed by a subset of participating entities (nodes) (for example, at least 7 entities), and the block may be added to the blockchain.
区块链是防篡改的共享数字分类账,其在公有或私有对等网络中记录交易。分类账被分发到网络中的所有成员节点,并且网络中发生的资产交易历史记录被永久记录在区块中。Blockchain is a tamper-proof shared digital ledger that records transactions in a public or private peer-to-peer network. The ledger is distributed to all member nodes in the network, and the history of asset transactions that occurred in the network is permanently recorded in the block.
共识机制确保分布式区块链网络中的所有网络节点按照相同的顺序执行交易,并且随后写入相同的分类账。The consensus mechanism ensures that all network nodes in the distributed blockchain network execute transactions in the same order and then write to the same ledger.
图1示出了可用于执行根据本说明书实施例的用于更新区块链节点处的公钥集合的方法的环境100的示例的示意图。在一些示例中,环境100使得实体能够参与区块链网络102。如图1所示,环境100包括网络104、和计算设备/系统106、108。在一些示例中,网络104可以包括局域网(LAN)、广域网(WAN)、因特网或其组合,并且连接网站、用户设备(例如,计算设备)和后端系统。在一些示例中,可以通过有线和/或无线通信链路来访问网络104。在一些示例中,计算设备/系统106、108通过网络104相互通信,以及通过网络104实现与区块链网络102之间的通信,以及区块链网络102中的节点(或,节点设备)通过网络104来进行通信。通常,网络104表示一个或多个通信网络。在一些情况下,计算设备/系统106、108可以是云计算系统(未示出)的节点,或者每个计算设备/系统106、108可以是单独的云计算系统,其包括通过网络104互连的多个计算机并且用作分布式处理系统。FIG. 1 shows a schematic diagram of an example of an environment 100 that can be used to execute a method for updating a public key set at a blockchain node according to an embodiment of the present specification. In some examples, the environment 100 enables entities to participate in the blockchain network 102. As shown in FIG. 1, the environment 100 includes a network 104, and computing devices/ systems 106, 108. In some examples, the network 104 may include a local area network (LAN), a wide area network (WAN), the Internet, or a combination thereof, and connect a website, a user device (eg, a computing device), and a back-end system. In some examples, the network 104 may be accessed through a wired and/or wireless communication link. In some examples, the computing devices/ systems 106 and 108 communicate with each other through the network 104, and communicate with the blockchain network 102 through the network 104, and the nodes (or node devices) in the blockchain network 102 pass through The network 104 communicates. Generally, the network 104 represents one or more communication networks. In some cases, the computing devices/ systems 106, 108 may be nodes of a cloud computing system (not shown), or each computing device/ system 106, 108 may be a separate cloud computing system, including interconnection through the network 104 Multiple computers and used as a distributed processing system.
在所说明的示例中,计算设备/系统106、108中的每个可以包括能够参与作为区块链网络102中的节点的任何合适的计算系统。计算设备/系统的示例包括但不限于,服务器,台式计算机,笔记本电脑,平板电脑设备和智能手机等。在一些示例中,计算设备/系统106、108上可以安装有用于与区块链网络102交互的一个或多个计算机实现的服务。例如,计算设备/系统106可以上可以安装有第一实体(例如,用户A)的服务,比如,第一实体用于管理其与一个或多个其他实体(例如,其他用户)的交易的交易管理系统。计算设备/系统108可以上可以安装有第二实体(例如,用户B)的服务,比如,第二实体用于管理其与一个或多个其他实体(例如,其他用户)的交易的交易管理系统。在图1的示例中,区块链网络102被表示为节点的对等网络,并且计算设备/系统106、108分别作为参与区块链网络102的第一实体和第二实体的节点。In the illustrated example, each of the computing devices/ systems 106, 108 may include any suitable computing system capable of participating as a node in the blockchain network 102. Examples of computing devices/systems include, but are not limited to, servers, desktop computers, laptops, tablet devices, smart phones, etc. In some examples, one or more computer-implemented services for interacting with the blockchain network 102 may be installed on the computing device/ system 106, 108. For example, the computing device/system 106 may be installed with the services of the first entity (for example, user A), for example, the first entity is used to manage transactions with one or more other entities (for example, other users). Management system. The computing device/system 108 may be installed with services of a second entity (for example, user B), for example, a transaction management system used by the second entity to manage transactions with one or more other entities (for example, other users) . In the example of FIG. 1, the blockchain network 102 is represented as a peer-to-peer network of nodes, and the computing devices/ systems 106, 108 serve as the nodes of the first entity and the second entity participating in the blockchain network 102, respectively.
图2示出了执行根据本说明书实施例的实施例的用于更新区块链节点处的公钥集合的方法的系统架构200的示例的示意图。系统架构200的示例包括分别与参与方A,参与方B和参与方C对应的参与方系统202、204、206。每个参与方(例如,用户,企业)参与被提供来作为对等网络的区块链网络212。区块链网络212包括多个节点214,其中,节点214中的至少一些节点在区块链216中记录信息,并且所记录的信息不可更改。尽管在区块链网络212内示意性地示出了单个区块链216,但是可以提供区块链216的多个副本,并且在区块链网络212中维护多个副本,如稍后详细描述的。FIG. 2 shows a schematic diagram of an example of a system architecture 200 that executes the method for updating a public key set at a blockchain node according to an embodiment of the present specification. An example of the system architecture 200 includes the participant systems 202, 204, and 206 corresponding to the participant A, the participant B, and the participant C, respectively. Each participant (eg, user, enterprise) participates in the blockchain network 212 provided as a peer-to-peer network. The blockchain network 212 includes a plurality of nodes 214, wherein at least some of the nodes 214 record information in the blockchain 216, and the recorded information cannot be changed. Although a single blockchain 216 is schematically shown within the blockchain network 212, multiple copies of the blockchain 216 may be provided, and multiple copies are maintained in the blockchain network 212, as described in detail later of.
在所示出的示例中,每个参与方系统202、204、206分别由参与方A,参与方B和参与方C提供,或者被提供来作为参与方A,参与方B和参与方C,并且充当区块链网络212内的对应节点214。如这里所使用的,节点通常是指连接到区块链网络212的单个系统(例如,计算机,服务器),并且使得相应的参与方能够参与区块链网络。在图2示出的示例中,参与方对应于每个节点214。然而,一个参与方可以操作区块链网络212内的多个节点214,和/或多个参与方可以共享单个节点214。在一些示例中,参与方系统202、204、206使用协议(例如,超文本传输协议安全(HTTPS))和/或使用远程过程调用(RPC)来与区块链网络212通信,或者通过区块链网络212进行通信。In the example shown, each participant system 202, 204, 206 is provided by participant A, participant B, and participant C, or provided as participant A, participant B, and participant C, respectively, And it serves as the corresponding node 214 in the blockchain network 212. As used herein, a node generally refers to a single system (eg, computer, server) connected to the blockchain network 212 and enables corresponding participants to participate in the blockchain network. In the example shown in FIG. 2, the participant corresponds to each node 214. However, one participant can operate multiple nodes 214 within the blockchain network 212, and/or multiple participants can share a single node 214. In some examples, the participant systems 202, 204, 206 use protocols (e.g., Hypertext Transfer Protocol Security (HTTPS)) and/or use remote procedure calls (RPC) to communicate with the blockchain network 212, or through the blockchain The chain network 212 communicates.
节点214在区块链网络212的参与度可以不同。例如,一些节点214可以参与共识过程(例如,作为将区块添加到区块链216的矿工节点),而其他节点214不参与共识过程。作为另一示例,一些节点214存储区块链216的完整副本,而其他节点214仅存储区块链216的部分副本。在图2的示例中,参与方系统202、204、206各自存储区块链216的完整副本216'、216”、216”'。The degree of participation of the node 214 in the blockchain network 212 may vary. For example, some nodes 214 may participate in the consensus process (eg, as miner nodes that add blocks to the blockchain 216), while other nodes 214 do not participate in the consensus process. As another example, some nodes 214 store a complete copy of the blockchain 216, while other nodes 214 only store a partial copy of the blockchain 216. In the example of Figure 2, the participant systems 202, 204, 206 each store a complete copy of the blockchain 216 216', 216", 216"'.
区块链(例如,图2中的区块链216)由一连串的区块组成,每个区块存储数据。数据的示例可以包括表示两个或更多参与方之间的交易的交易数据。在本说明书实施例中,交易被使用来作为非限制性示例,可以预期的是,任何适当的数据都可以存储在区块链中(例如,文档,图像,视频,音频)。交易的示例可以包括但不限于交换有价值的东西(例如,资产,产品,服务和货币等)。交易数据被不可更改地存储在区块链中。A blockchain (for example, the blockchain 216 in FIG. 2) is composed of a series of blocks, and each block stores data. Examples of data may include transaction data representing transactions between two or more participants. In the embodiments of this specification, transactions are used as a non-limiting example, and it is expected that any appropriate data can be stored in the blockchain (for example, documents, images, videos, audios). Examples of transactions may include, but are not limited to, the exchange of valuable things (for example, assets, products, services, currency, etc.). Transaction data is stored immutably in the blockchain.
在存储在区块中之前,对交易数据进行哈希处理。哈希处理是将(作为字符串数据提供的)交易数据转换为固定长度的哈希值(也被作为字符串数据提供)的过程。通过对交易数据进行哈希处理后,即使交易数据出现轻微更改,也会导致得到完全不同的哈希值。哈希值通常是通过使用哈希函数来对交易数据进行哈希处理而生成的。哈希函数的示例包括但不限于安全散列算法(SHA)-256,其输出256比特的哈希值。Before storing in the block, hash the transaction data. Hashing is the process of converting transaction data (provided as string data) into a fixed-length hash value (also provided as string data). After the transaction data is hashed, even a slight change in the transaction data will result in a completely different hash value. The hash value is usually generated by hashing transaction data using a hash function. Examples of hash functions include, but are not limited to, Secure Hash Algorithm (SHA)-256, which outputs a 256-bit hash value.
多个交易的交易数据可以在被哈希化之后存储在区块中。例如,对两个交易数据进行哈希处理得到两个哈希值,然后,对所得到的两个哈希值再次进行哈希处理以得到另一哈希值。重复该过程,直到对于要存储在区块中的所有交易,得到单个哈希值。该哈希值被称为Merkle根哈希,并且被存储在区块的头部。任何交易的更改都会导致其哈希值发生变化,最终导致Merkle根哈希值发生变化。The transaction data of multiple transactions can be stored in the block after being hashed. For example, two transaction data are hashed to obtain two hash values, and then the two obtained hash values are hashed again to obtain another hash value. This process is repeated until a single hash value is obtained for all transactions to be stored in the block. This hash value is called the Merkle root hash and is stored at the head of the block. Any change in the transaction will cause its hash value to change, and eventually the Merkle root hash value will change.
通过共识协议来将区块添加到区块链中。区块链网络中的多个节点参与共识协议,并且经过竞争之后将区块添加到区块链中。这样的节点被称为矿工节点(或记账节点)。 以上介绍的POW用作非限制性示例。The block is added to the blockchain through a consensus protocol. Multiple nodes in the blockchain network participate in the consensus protocol and add blocks to the blockchain after competition. Such nodes are called miner nodes (or accounting nodes). The POW introduced above serves as a non-limiting example.
矿工节点执行共识过程来将交易(所对应的区块)添加到区块链。虽然多个矿工节点参与共识过程,但只有一个矿工节点可以将区块写入区块链。也就是说,矿工节点在共识过程中竞争以将其区块添加到区块链中。更详细地,矿工节点周期性地从交易池中收集待处理的交易(例如,直到达到在区块中可以包括的交易数量的预定限制,如果有的话)。交易池包括来自区块链网络中的参与方的交易消息。矿工节点创建区块,并将交易添加到区块中。在将交易添加到区块之前,矿工节点检查待添加的交易中是否存在区块链的区块中具有的交易。如果该交易已被添加到另一个区块中,则该交易将被丢弃。Miner nodes perform a consensus process to add transactions (corresponding blocks) to the blockchain. Although multiple miner nodes participate in the consensus process, only one miner node can write a block to the blockchain. In other words, miner nodes compete in the consensus process to add their blocks to the blockchain. In more detail, the miner node periodically collects pending transactions from the transaction pool (for example, until a predetermined limit on the number of transactions that can be included in the block is reached, if any). The transaction pool includes transaction messages from participants in the blockchain network. Miner nodes create blocks and add transactions to the blocks. Before adding the transaction to the block, the miner node checks whether there is a transaction in the block of the blockchain among the transactions to be added. If the transaction has been added to another block, the transaction will be discarded.
矿工节点生成区块头,对区块中的所有交易进行哈希处理,并且成对地组合哈希值以生成进一步的哈希值,直到针对区块中的所有交易得到单个哈希值(Merkle根哈希)。然后,将Merkle根哈希添加到区块头中。矿工还确定区块链中的最新区块(即,添加到区块链的最后一个区块)的哈希值。矿工节点还可以在区块头中添加随机数值(noune值)和时间戳。在挖掘过程中,矿工节点尝试找到满足所需参数的哈希值。矿工节点不断更改nonce值,直到找到满足所需参数的哈希值。The miner node generates a block header, hashes all transactions in the block, and combines the hash values in pairs to generate further hash values until a single hash value (Merkle root) is obtained for all transactions in the block. Hash). Then, add the Merkle root hash to the block header. The miner also determines the hash value of the latest block in the blockchain (ie, the last block added to the blockchain). Miner nodes can also add random values (noune values) and timestamps to the block header. During the mining process, the miner node tries to find a hash value that meets the required parameters. The miner node keeps changing the nonce value until it finds a hash value that meets the required parameters.
区块链网络中的每个矿工都试图找到满足所需参数的哈希值,并且以这种方式彼此竞争。最终,一个矿工节点找到满足所需参数的哈希值,并将该哈希值通告给区块链网络中的所有其他矿工节点。其他矿工节点验证哈希值,如果确定为正确,则验证区块中的每个交易,接受该区块,并将该区块附加到它们的区块链副本中。以这种方式,区块链的全局状态在区块链网络内的所有矿工节点上达成一致。上述过程是POW共识协议。Every miner in the blockchain network tries to find a hash value that meets the required parameters and competes with each other in this way. Finally, a miner node finds a hash value that meets the required parameters and advertises the hash value to all other miner nodes in the blockchain network. Other miner nodes verify the hash value, and if it is determined to be correct, verify each transaction in the block, accept the block, and attach the block to their copy of the blockchain. In this way, the global state of the blockchain is agreed upon on all miner nodes within the blockchain network. The above process is a POW consensus protocol.
在图2所提供的示例中,参与方A想要向参与方B发送一定数量的资金。参与方A生成交易消息,并将交易消息发送到区块链网络,该交易消息被增加到交易池中。区块链网络中的每个矿工节点创建区块,并从交易池中获取交易,并将交易添加到区块。按照这种方式,参与方A所发布的交易被添加到矿工节点的区块中。In the example provided in Figure 2, participant A wants to send a certain amount of funds to participant B. Participant A generates a transaction message and sends the transaction message to the blockchain network, and the transaction message is added to the transaction pool. Each miner node in the blockchain network creates a block, obtains transactions from the transaction pool, and adds the transaction to the block. In this way, the transaction issued by participant A is added to the block of the miner node.
在一些区块链网络中,实施密码技术来维护交易的隐私性。例如,如果两个节点想要保持交易私密性,使得区块链网络中的其他节点不能获悉交易细节,则节点可以对交易数据进行加密处理。加密方法的示例包括但不限于对称加密和非对称加密。对称加密是指使用单个密钥进行加密(根据明文生成密文)和解密(根据密文生成明文)的加密过程。在对称加密中,多个节点可以使用相同的密钥,因此每个节点都可以对交易数 据进行加密/解密。In some blockchain networks, cryptography is implemented to maintain the privacy of transactions. For example, if two nodes want to maintain the privacy of the transaction so that other nodes in the blockchain network cannot learn the details of the transaction, the node can encrypt the transaction data. Examples of encryption methods include, but are not limited to, symmetric encryption and asymmetric encryption. Symmetric encryption refers to the encryption process that uses a single key to encrypt (generate ciphertext based on plaintext) and decrypt (generate plaintext based on ciphertext). In symmetric encryption, multiple nodes can use the same key, so each node can encrypt/decrypt transaction data.
非对称加密中使用密钥对来进行加密和解密,且每个密钥对包括的私钥和公钥不同。对于一个节点来说,其具有的非对称加密的密钥对中的私钥需要保密存储;公钥可以公开出去,让其它节点获得。如果用公钥对数据进行加密,只有用对应的私钥才能解密。例如,再次参考图1。参与方A可以使用参与方B的公钥来加密数据,并将加密后的数据发送至参与方B。参与方B可以使用其私钥来解密从参与方A发来的加密数据(密文)并解密得到原始数据(明文)。使用节点的公钥加密的消息,只能使用成对秘钥中对应的私钥解密。In asymmetric encryption, a key pair is used for encryption and decryption, and each key pair includes a different private key and public key. For a node, the private key in its asymmetric encryption key pair needs to be stored confidentially; the public key can be made public for other nodes to obtain. If the data is encrypted with a public key, only the corresponding private key can be used to decrypt it. For example, refer to Figure 1 again. Participant A can use the public key of participant B to encrypt data, and send the encrypted data to participant B. Participant B can use its private key to decrypt the encrypted data (ciphertext) sent from participant A and decrypt the original data (plaintext). Messages encrypted with the public key of the node can only be decrypted with the corresponding private key in the paired secret key.
非对称加密还可以用于提供数字签名,这使得交易中的参与方能够确认交易中的其他参与方以及交易的有效性。例如,参与方A可以对消息进行数字签名,而另一个参与方B可以根据参与方A的数字签名确认消息是由该参与方A发送的。数字签名还可以用于确保消息在传输过程中不被篡改。例如,再次参考图1。参与方A将向参与方B发送消息。参与方A生成消息的哈希值,然后使用其私钥对哈希值进行加密来生成数字签名。参与方A将该数字签名附加到消息,并将具有数字签名的消息发送给参与方B。参与方B使用参与方A的公钥解密数字签名,从而解密出对应的哈希值。参与方B对所接收的消息进行哈希处理以得到另一哈希值,然后比较两个哈希值。如果哈希值相同,则参与方B可以确认该消息确实来自参与方A,并且未被篡改。Asymmetric encryption can also be used to provide digital signatures, which enable participants in a transaction to confirm other participants in the transaction and the validity of the transaction. For example, participant A can digitally sign the message, and another participant B can confirm that the message was sent by the participant A according to the digital signature of the participant A. Digital signatures can also be used to ensure that messages are not tampered with during transmission. For example, refer to Figure 1 again. Participant A will send a message to participant B. Participant A generates a hash value of the message, and then uses its private key to encrypt the hash value to generate a digital signature. Participant A attaches the digital signature to the message, and sends the message with the digital signature to participant B. Participant B uses the public key of participant A to decrypt the digital signature, thereby decrypting the corresponding hash value. Participant B hashes the received message to obtain another hash value, and then compares the two hash values. If the hash value is the same, participant B can confirm that the message is indeed from participant A and has not been tampered with.
在本说明书实施例中,区块链节点可以是图1或图2中的任意参与方。In the embodiment of this specification, the blockchain node can be any participant in FIG. 1 or FIG. 2.
图3示出了根据本说明书实施例的用于更新区块链节点处的公钥集合的方法所适用的区块链系统的一个示例的示意图。FIG. 3 shows a schematic diagram of an example of a blockchain system to which the method for updating a public key set at a blockchain node according to an embodiment of the present specification is applicable.
如图3所示,区块链系统300中包括轻量节点和全量节点,全量节点包括区块链节点301、302等,轻量节点连接至一个或多个全量节点。例如,作为轻量节点的区块链节点301a、301b、301c与全量节点301连接,区块链节点302a、302b、302c与全量节点302连接。区块链系统300中的各个全量节点互相连接,各个全量节点可以作为记账节点来基于区块链技术共同维护区块链系统中的所有交易的账本。记账节点可以执行交易验证、交易共识、区块生成等记账操作。全量节点通常会在本地维护区块链的所有数据,包括区块链中各个区块的区块体和区块头。轻量节点可以仅在本地存储区块链中各个区块的块头,以用于简单的验证操作(例如SPV验证)。轻量节点可以始终连接至相同的全量节点,还可以基于连接规则更换其所连接的全量节点,以降低信任风险。As shown in FIG. 3, the blockchain system 300 includes lightweight nodes and full nodes. The full nodes include blockchain nodes 301, 302, etc., and the lightweight nodes are connected to one or more full nodes. For example, the blockchain nodes 301a, 301b, and 301c, which are lightweight nodes, are connected to the full node 301, and the blockchain nodes 302a, 302b, and 302c are connected to the full node 302. Each full node in the blockchain system 300 is connected to each other, and each full node can be used as an accounting node to jointly maintain a ledger of all transactions in the blockchain system based on the blockchain technology. The accounting node can perform accounting operations such as transaction verification, transaction consensus, and block generation. Full nodes usually maintain all the data of the blockchain locally, including the block body and block header of each block in the blockchain. Lightweight nodes can only store the block headers of each block in the blockchain locally for simple verification operations (for example, SPV verification). Lightweight nodes can always be connected to the same full number of nodes, and can also replace all connected nodes based on connection rules to reduce trust risks.
各个区块链节点所发起的交易可以广播至区块链网络中,以进行共识处理(例如可基于PoW机制进行共识处理)。全量节点所发起的交易可以广播给各个其它全量节点,各个全量节点在接收到交易后可以广播给其所连接的轻量节点。轻量节点所发起的交易可以发送给该轻量节点所连接的全量节点,以由该全量节点广播至其它全量节点或轻量节点。The transactions initiated by each blockchain node can be broadcast to the blockchain network for consensus processing (for example, consensus processing can be performed based on the PoW mechanism). The transaction initiated by the full node can be broadcast to each other full node, and after each full node receives the transaction, it can be broadcast to the lightweight node it is connected to. The transaction initiated by the light-weight node can be sent to all nodes connected to the light-weight node, so as to be broadcast by the all-weight node to other full-weight nodes or light-weight nodes.
本说明书实施的用于更新区块链节点处的公钥集合的方法可以由记账节点执行,也可以由轻节点执行。本说明书中的公钥集合包括区块链网络中的所有参与共识的区块链节点(如图3所示的记账节点)的公钥。以下实施例中的用于更新区块链节点处的公钥集合的方法可以用于联盟链,也可以用于公有链。The method implemented in this specification for updating the public key set at a blockchain node can be executed by the accounting node, or can be executed by the light node. The public key set in this specification includes the public keys of all blockchain nodes participating in the consensus (the accounting node shown in Figure 3) in the blockchain network. The method for updating the public key set at the node of the blockchain in the following embodiments can be used in the consortium chain, and can also be used in the public chain.
图4是根据本说明书的一个实施例的用于更新区块链节点处的公钥集合的方法的流程图。Fig. 4 is a flowchart of a method for updating a public key set at a blockchain node according to an embodiment of the present specification.
如图4所示,在块402,针对新加入的至少一个区块,基于该区块的区块头中的收据索引信息和节点变更类交易标识,确定该区块中是否存在节点变更类交易标识所指示的节点变更类交易。As shown in FIG. 4, in block 402, for at least one newly added block, based on the receipt index information and the node change transaction identifier in the block header of the block, it is determined whether there is a node change transaction identifier in the block. The indicated node change transaction.
对于记账节点,新加入区块可以是区块链中新生成的区块。记账节点可以对新生成的区块进行监听,以确定在区块链系统中是否发生了节点变更类交易。记账节点还可以周期性地扫描未被扫描过的新区块的区块头,以及时确定是否发生了节点变更类交易。对于轻量节点,新加入区块可以是轻量节点从全量节点处新下载的区块。轻量节点可以以任意方式从全量节点下载区块头,例如可以每隔预定周期下载预定数量的区块头,还可以以预定周期下载本地缺少的区块头。在下载区块头之后,轻量节点可以在合适的时间段对新下载的各个区块头进行扫描,以确定各个区块头中是否存在节点变更类交易。For the accounting node, the newly added block can be a newly generated block in the blockchain. The accounting node can monitor the newly generated block to determine whether a node change transaction has occurred in the blockchain system. The accounting node can also periodically scan the block headers of new blocks that have not been scanned, and determine in a timely manner whether a node change transaction has occurred. For lightweight nodes, the newly added block can be a block newly downloaded by the lightweight node from the full node. Lightweight nodes can download block headers from full nodes in any manner. For example, they can download a predetermined number of block headers every predetermined period, or they can download locally missing block headers in a predetermined period. After downloading the block header, the lightweight node can scan each newly downloaded block header at a suitable time period to determine whether there is a node change transaction in each block header.
节点变更类交易以用于执行区块链节点变更操作的智能合约为交易对象。用于执行区块链节点变更操作的智能合约可以被部署在区块链的创世区块中。节点变更类交易可以由指定交易发起方发起,指定交易发起方例如可以是区块链系统中的管理员,管理员可以是由一台或多台计算设备组成的服务器。节点变更类交易可以是节点新增类交易,还可以是节点删除类交易。相应地,智能合约可以包括节点新增智能合约和节点删除智能合约。当有新的区块链节点请求加入区块链网络时,管理员可以以节点新增智能合约为交易对象发起节点新增类交易。当需要从区块链网络中删除区块链节点时,管理员可以以节点删除智能合约为交易对象发起节点删除类交易。The node change transaction takes the smart contract used to execute the blockchain node change operation as the transaction object. Smart contracts used to perform blockchain node change operations can be deployed in the genesis block of the blockchain. Node change transactions can be initiated by a designated transaction initiator. The designated transaction initiator can be, for example, an administrator in a blockchain system, and the administrator can be a server composed of one or more computing devices. The node change transaction can be a node addition transaction or a node deletion transaction. Correspondingly, the smart contract may include adding a smart contract to a node and deleting a smart contract to a node. When a new blockchain node requests to join the blockchain network, the administrator can initiate a new node type transaction with the node new smart contract as the transaction object. When it is necessary to delete a blockchain node from the blockchain network, the administrator can initiate a node deletion transaction with the node deletion smart contract as the transaction object.
收据索引信息包括交易类型标识字段,交易类型标识字段指示该区块中的各个交易的交易类型。在各个区块的区块体中可以包括该区块上的各个交易的收据信息,各个交易收据信息可以以收据树(例如基于默克树生成的收据树)的形式存储在区块中。各个交易的收据信息中可以包括该交易对应的交易类型(Topic),交易类型例如可以包括转账类交易、节点变更类交易、智能合约新增或删除类交易等。在记账节点将各个交易打包生成区块时,可以基于该区块中各个交易的收据信息中的交易类型生成收据索引信息,并将收据索引信息包括在区块头中。在一个示例中,可以将对应于各个交易的交易类型标识包括在收据索引信息中。收据索引信息例如可以是布隆过滤器。在确定区块中是否存在节点变更类交易时,可以基于节点变更类交易标识来查找收据索引信息,当收据索引信息中存在节点变更类交易标识时,可以确定该区块中存在节点变更类交易。节点变更类交易标识可以是指示节点新增类交易的节点新增类交易标识,还可以是节点删除类交易的节点删除类交易标识。The receipt index information includes a transaction type identification field, and the transaction type identification field indicates the transaction type of each transaction in the block. The block body of each block may include receipt information of each transaction on the block, and each transaction receipt information may be stored in the block in the form of a receipt tree (for example, a receipt tree generated based on a Merck tree). The receipt information of each transaction may include the transaction type (Topic) corresponding to the transaction. The transaction type may include, for example, a transfer transaction, a node change transaction, a smart contract addition or deletion transaction, and the like. When the accounting node packages each transaction to generate a block, it can generate receipt index information based on the transaction type in the receipt information of each transaction in the block, and include the receipt index information in the block header. In one example, the transaction type identification corresponding to each transaction may be included in the receipt index information. The receipt index information may be a Bloom filter, for example. When determining whether there is a node change transaction in a block, the receipt index information can be found based on the node change transaction identifier. When the node change transaction identifier exists in the receipt index information, it can be determined that there is a node change transaction in the block. . The node change type transaction identifier may be a node new type transaction identifier indicating a node new type transaction, or a node deletion type transaction identifier of a node deletion type transaction.
当该区块中存在节点变更类交易时,在块404,获取该区块的区块体信息。由于区块体信息量较大,如果区块中不存在节点变更类交易,则不需要获取区块体信息,从而能够减轻区块链节点的负担。当区块链节点是轻量节点时,由于轻量节点的计算资源以及本地存储空间有限,因而在确定存在节点变更类交易之后获取区块体信息,更能适应轻量节点的运行需求。When there is a node change transaction in the block, in block 404, block body information of the block is obtained. Due to the large amount of block body information, if there is no node change transaction in the block, there is no need to obtain block body information, which can reduce the burden on blockchain nodes. When the blockchain node is a lightweight node, due to the limited computing resources and local storage space of the lightweight node, obtaining block body information after determining that there is a node change transaction is more suitable for the operation requirements of the lightweight node.
在获取到区块体信息之后,在块406,从区块体信息中获取节点变更类交易的收据信息。收据信息包括公钥字段,公钥字段用于存放节点变更类交易所指示的被变更区块链节点的公钥。作为示例,记账节点在处理节点变更类交易时,可以在公钥字段中写入该节点变更类交易对应的区块链节点的公钥。如果所处理的不是节点变更类交易,记账节点可以不向公钥字段写入任何信息,即公钥字段为空。在另一示例中,记账节点可以在交易是节点变更类交易时,使该交易的收据信息包括公钥字段,而对于不是节点变更类交易的交易,可以使该交易的收据信息不包括公钥字段。After the block body information is obtained, in block 406, the receipt information of the node change transaction is obtained from the block body information. The receipt information includes a public key field, which is used to store the public key of the changed blockchain node indicated by the node change transaction. As an example, when a billing node processes a node change transaction, it can write the public key of the blockchain node corresponding to the node change transaction in the public key field. If the transaction is not a node change transaction, the accounting node may not write any information to the public key field, that is, the public key field is empty. In another example, when the transaction is a node change transaction, the accounting node can make the receipt information of the transaction include the public key field, and for transactions that are not node change transactions, the receipt information of the transaction can be made not include the public key field. Key field.
作为示例,收据信息的数据结构例如可以是TransactionReceipt<result,gasUsed,logEntries,output>,其中,TransactionReceipt表示收据,result为智能合约的执行结果,gasused是执行智能合约所消耗的gas,output为公钥字段,logEntries执行相应交易的日志条目,在日志条目中可以包括交易日志信息。在另一示例中,公钥字段也可以被包括日志信息中。As an example, the data structure of the receipt information may be TransactionReceipt<result,gasUsed,logEntries,output>, where TransactionReceipt represents the receipt, result is the execution result of the smart contract, gasused is the gas consumed to execute the smart contract, and output is the public key. Field, logEntries executes the log entry of the corresponding transaction, and the transaction log information can be included in the log entry. In another example, the public key field may also be included in the log information.
获取收据信息的示例性过程将在下文参考图5进行说明。An exemplary process of obtaining receipt information will be described below with reference to FIG. 5.
在获取到收据信息之后,在块408,从收据信息的公钥字段中获取的被变更区块链节点的公钥。被变更区块链节点可以是被新增的区块链节点或被删除的区块链节点。收据信息中的收据信息可以是经过编码之后的信息,此时,可以利用与编码方法对应的解码方法对收据信息进行解码。例如,编码方法可以是RLP编码,解码时可以利用RLP解码方法来进行解码。获取解码后的收据信息之后,可以从中获取被变更区块链节点的公钥。After the receipt information is obtained, in block 408, the public key of the changed blockchain node is obtained from the public key field of the receipt information. The changed blockchain node can be a newly added blockchain node or a deleted blockchain node. The receipt information in the receipt information may be information after encoding. In this case, the receipt information may be decoded by a decoding method corresponding to the encoding method. For example, the encoding method may be RLP encoding, and the RLP decoding method may be used for decoding during decoding. After obtaining the decoded receipt information, the public key of the changed blockchain node can be obtained from it.
在获取到公钥之后,在块410,利用所获取的公钥来更新公钥集合。当节点变更类交易标识指示节点新增类交易时,可以将所获取的公钥添加到公钥集合中。如果节点变更类交易标识指示节点删除类交易,可以将所获取的公钥从公钥集合中删除。After the public key is obtained, in block 410, the public key set is updated with the obtained public key. When the node change transaction identifier instructs the node to add a new transaction, the obtained public key can be added to the public key set. If the node change transaction identifier instructs the node to delete the transaction, the obtained public key can be deleted from the public key set.
通过本实施例,能够提供一种可信任的公钥集合更新方法,并且公钥集合更新过程能够充分适应轻量节点的资源限制,因而能够提供一种对轻量节点较为友好的公钥集合更新方法。Through this embodiment, a trusted public key set update method can be provided, and the public key set update process can fully adapt to the resource constraints of lightweight nodes, so it can provide a public key set update that is more friendly to lightweight nodes. method.
图5是根据本说明书的一个实施例的用于更新区块链节点处的公钥集合的方法中的收据信息获取过程的一个示例的流程图。在该示例中,所获取的区块体信息包括交易树和收据树。Fig. 5 is a flowchart of an example of a receipt information acquisition process in a method for updating a public key set at a blockchain node according to an embodiment of the present specification. In this example, the acquired block body information includes a transaction tree and a receipt tree.
如图5所示,在块502,基于节点变更类交易标识,确定被指定发起节点变更类交易的指定发起方地址以及节点变更类交易对应的智能合约地址。在一个示例中,发起节点删除类交易和节点新增类交易的指定发起方可以相同,例如可以都是管理员。在另一示例中,可以分别为节点删除类交易和节点新增类交易确定不同的指定发起方。As shown in FIG. 5, at block 502, based on the node change transaction identifier, the designated initiator address of the designated node change transaction and the smart contract address corresponding to the node change transaction are determined. In an example, the designated initiators of the node deletion transaction and the node addition transaction may be the same, for example, both may be administrators. In another example, different designated initiators may be determined for node deletion transactions and node addition transactions, respectively.
在基于区块头中的收据索引信息确定区块中存在节点变更类交易时,可以基于所存在的节点变更类交易的具体类型确定指定发起方和相应的智能合约地址。各类节点变更类交易的指定发起方地址和所对应的智能合约地址可以存储在本地区块链节点处。在确定存在节点变更类交易时,可以根据对应的节点变更类交易所指示的节点变更类交易类别来读取指定发起方地址和智能合约地址。例如,如果节点变更类交易是节点新增类交易,则可以读取节点新增类交易的指定发起方地址和所对应的智能合约地址。When it is determined that there is a node change transaction in the block based on the receipt index information in the block header, the designated initiator and the corresponding smart contract address can be determined based on the specific type of the existing node change transaction. The address of the designated initiator and the corresponding smart contract address of various node change transactions can be stored at the local blockchain node. When it is determined that there is a node change transaction, the designated initiator address and smart contract address can be read according to the node change transaction type indicated by the corresponding node change transaction. For example, if the node change transaction is a node addition transaction, the address of the designated initiator of the node addition transaction and the corresponding smart contract address can be read.
然后,在块504,基于区块体信息中的交易树信息和指定发起方地址以及智能合约地址,从交易树中确定出节点变更类交易以及节点变更类交易在交易树中的第一位置。可以将所确定的指定发起方地址和智能合约地址与交易树中的各个交易的交易地址进行一一比对,以确定发起方地址与指定发起方地址相符且交易对应地址与所确定的智能 合约地址相符的交易。由此确定出的交易即相应的节点变更类交易,该交易在交易树中的位置即节点变更类交易在交易树中的第一位置。Then, in block 504, based on the transaction tree information in the block body information and the designated initiator address and smart contract address, the node change transaction and the first position of the node change transaction in the transaction tree are determined from the transaction tree. The determined designated initiator address and smart contract address can be compared with the transaction address of each transaction in the transaction tree to determine that the initiator address matches the designated initiator address and the transaction corresponding address is consistent with the determined smart contract Transactions with matching addresses. The transaction thus determined is the corresponding node change transaction, and the position of the transaction in the transaction tree is the first position of the node change transaction in the transaction tree.
在确定出第一位置之后,在块506,从收据树中获取与所确定的第一位置对应的第二位置处的收据信息。各个交易在交易树中的位置与该交易的收据信息在收据树中的位置存在对应关系。例如,记账节点在将各个交易打包生成区块时,可以按照相同的顺序生成交易树和收据树。由此,各个交易的收据信息在收据树的位置与该交易的交易信息在交易树中的位置相同,从而可以在确定出节点变更类交易在交易对中的位置之后,对收据树的相同位置处获取收据信息。例如,如果节点变更类交易位于交易树中的第一个叶子节点,则可以获取位于收据树中的第一个叶子节点处的收据信息,以获取所确定出的节点变更类交易的收据信息。After the first location is determined, at block 506, the receipt information at the second location corresponding to the determined first location is obtained from the receipt tree. The position of each transaction in the transaction tree corresponds to the position of the receipt information of the transaction in the receipt tree. For example, when the accounting node packs each transaction into a block, it can generate the transaction tree and the receipt tree in the same order. Thus, the position of the receipt information of each transaction in the receipt tree is the same as the position of the transaction information of the transaction in the transaction tree, so that after determining the position of the node change transaction in the transaction pair, the same position of the receipt tree can be determined. To get the receipt information. For example, if the node change transaction is located at the first leaf node in the transaction tree, the receipt information located at the first leaf node in the receipt tree can be obtained to obtain the determined receipt information of the node change transaction.
在获取到收据信息之后,可以从所获取的收据信息的公钥字段中获取对应的公钥。如果收据信息是经过编码的信息,可以采用相应的解码方法解码之后,获取被变更节点的公钥。After the receipt information is obtained, the corresponding public key can be obtained from the public key field of the obtained receipt information. If the receipt information is encoded information, the corresponding decoding method can be used to decode it to obtain the public key of the changed node.
在另一示例中,为了提高所确定出的节点变更类交易的可靠性,可以参考图6,在获取收据树中的与所确定的第一位置对应的第二位置处的收据信息之前,对所确定出的节点变更类交易进行验证,以确定所确定出的节点变更类交易是否的确是节点变更类交易。图6是根据本说明书的一个实施例的用于更新区块链节点处的公钥集合的方法中的收据信息获取过程的另一示例的流程图。In another example, in order to improve the reliability of the determined node change transaction, you can refer to FIG. 6, before obtaining the receipt information at the second position corresponding to the determined first position in the receipt tree, The determined node change transaction is verified to determine whether the determined node change transaction is indeed a node change transaction. Fig. 6 is a flowchart of another example of a receipt information acquisition process in a method for updating a public key set at a blockchain node according to an embodiment of the present specification.
如图6所示,在块602,从交易树中确定出节点变更类交易As shown in Figure 6, at block 602, a node change transaction is determined from the transaction tree
在块604和,基于节点变更类交易中包含的交易对象地址和智能合约的智能合约地址,对节点变更类交易进行验证,并在块606,确定节点变更类交易是否通过验证。例如,可以对从交易树中确定出的节点变更类交易的交易对象地址和智能合约地址进行哈希运算,然后比较二者的哈希值是否一致。当二者的哈希值一致时,表明从交易树中交易的节点变更类交易的确是所要查找的节点变更类交易。In block 604 and, based on the transaction object address contained in the node change transaction and the smart contract address of the smart contract, the node change transaction is verified, and in block 606, it is determined whether the node change transaction passes the verification. For example, the transaction object address and smart contract address of the node change transaction determined from the transaction tree can be hashed, and then the hash values of the two can be compared whether they are consistent. When the hash values of the two are the same, it indicates that the node change type transaction that is traded from the transaction tree is indeed the node change type transaction to be found.
在一个示例中,可以对从交易树中确定出的节点变更类交易的交易发起方地址和交易对象地址分别进行验证。可以基于从交易树中确定出的节点变更类交易的交易发起方地址和相应节点变更类交易的指定发起方地址来进行交易发起方地址验证,并基于从交易树中确定出的节点变更类交易的交易对象地址和所述智能合约地址,对所查找出的节点变更交易进行交易对象地址验证。作为示例,可以从交易树中确定出的节点变更类 交易的交易发起方地址和交易对象地址、指定发起方地址和智能合约地址分别进行哈希运算,然后通过比较哈希值是否一致的方法来进行交易发起方地址验证和交易对应地址验证。当交易发起方地址与指定发起方地址一致且交易对象地址与智能合约地址一致时,可以确定从交易树中确定出的节点变更类交易验证通过。In an example, the address of the transaction initiator and the address of the transaction object of the node change transaction determined from the transaction tree can be verified separately. The transaction initiator address verification can be performed based on the transaction initiator address of the node change transaction determined from the transaction tree and the designated initiator address of the corresponding node change transaction, and based on the node change transaction determined from the transaction tree The address of the transaction object and the address of the smart contract are used to verify the address of the transaction object for the found node change transaction. As an example, the transaction initiator address and transaction object address, designated initiator address and smart contract address of the node change transaction determined from the transaction tree can be hashed separately, and then the hash values can be compared to see if they are consistent. Perform transaction initiator address verification and transaction corresponding address verification. When the address of the transaction initiator is consistent with the address of the designated initiator and the address of the transaction object is consistent with the address of the smart contract, it can be determined that the node change type transaction determined from the transaction tree has passed the verification.
当从交易树中确定出的节点变更交易验证通过时,在块608,获取收据树中的与所确定的第一位置对应的第二位置处的收据信息。由此,能够避免因确定出的节点变更类交易出现错误而导致不必要的运算资源浪费。When the verification of the node change transaction determined from the transaction tree is passed, in block 608, the receipt information at the second location corresponding to the determined first location in the receipt tree is obtained. As a result, it is possible to avoid unnecessary waste of computing resources due to errors in the determined node change transaction type.
图7是根据本说明书的一个实施例的用于更新区块链节点处的公钥集合的装置的结构框图。如图7所示,公钥集合更新装置700包括节点变更交易确定单元710、区块体信息获取单元720、收据信息获取单元730、公钥获取单元740和公钥集合更新单元。Fig. 7 is a structural block diagram of an apparatus for updating a public key set at a blockchain node according to an embodiment of the present specification. As shown in FIG. 7, the public key set update device 700 includes a node change transaction determination unit 710, a block body information acquisition unit 720, a receipt information acquisition unit 730, a public key acquisition unit 740, and a public key set update unit.
节点变更交易确定单元710针对新加入的至少一个区块,基于该区块的区块头中的收据索引信息和节点变更类交易标识,确定该区块中是否存在节点变更类交易标识所指示的节点变更类交易。节点变更类交易以用于执行区块链节点变更操作的智能合约为交易对象。收据索引信息包括交易类型标识字段,交易类型标识字段指示该区块中的各个交易的交易类型。当该区块中存在节点变更类交易时,区块体信息获取单元720获取该区块的区块体信息。在获取到区块体信息之后,收据信息获取单元730从区块体信息中获取节点变更类交易的收据信息。收据信息包括公钥字段,公钥字段用于存放所述节点变更类交易所指示的被变更区块链节点的公钥。公钥获取单元740从收据信息的公钥字段中获取的被变更区块链节点的公钥。For at least one newly added block, the node change transaction determining unit 710 determines whether there is a node indicated by the node change transaction identifier in the block based on the receipt index information in the block header of the block and the node change transaction identifier Change transaction. The node change transaction takes the smart contract used to execute the blockchain node change operation as the transaction object. The receipt index information includes a transaction type identification field, and the transaction type identification field indicates the transaction type of each transaction in the block. When there is a node change transaction in the block, the block body information obtaining unit 720 obtains the block body information of the block. After obtaining the block body information, the receipt information obtaining unit 730 obtains the receipt information of the node change transaction from the block body information. The receipt information includes a public key field, and the public key field is used to store the public key of the changed blockchain node indicated by the node change transaction. The public key obtaining unit 740 obtains the public key of the changed blockchain node from the public key field of the receipt information.
在获取到公钥时,公钥集合更新单元750利用所获取的公钥来更新公钥集合。在一个示例中,节点变更类交易标识可以指示节点新增类交易。此时,公钥集合更新单元750可以将公钥添加到所述公钥集合中。在另一示例中,节点变更类交易标识还可以指示节点删除类交易。此时,公钥集合更新单元750可以将公钥从公钥集合中删除。When the public key is acquired, the public key set update unit 750 uses the acquired public key to update the public key set. In an example, the node change type transaction identifier may indicate the node new type transaction. At this time, the public key set update unit 750 may add the public key to the public key set. In another example, the node change transaction identifier may also instruct the node to delete the transaction. At this time, the public key set update unit 750 may delete the public key from the public key set.
图8是图7所示的用于更新区块链节点处的公钥集合的装置中的收据信息获取单元730的结构框图。如图8所示,收据信息获取单元730包括指定交易信息确定模块731、第一位置确定模块732、节点变更类交易验证模块733、收据信息获取模块734和收据信息获取模块735。在该示例中,区块体信息包括交易树和收据树。FIG. 8 is a structural block diagram of the receipt information obtaining unit 730 in the apparatus for updating the public key set at the blockchain node shown in FIG. 7. As shown in FIG. 8, the receipt information acquisition unit 730 includes a designated transaction information determination module 731, a first location determination module 732, a node change transaction verification module 733, a receipt information acquisition module 734, and a receipt information acquisition module 735. In this example, the block body information includes a transaction tree and a receipt tree.
指定交易信息确定模块731基于节点变更类交易标识,确定被指定发起节点变更类交易的指定发起方地址以及节点变更类交易对应的智能合约地址。第一位置确定模块 732基于区块体信息中的交易树信息和指定发起方地址以及所述智能合约地址,从交易树中确定出节点变更类交易以及节点变更类交易在所述交易树中的第一位置。The designated transaction information determining module 731 determines the designated initiator address of the designated initiating node change transaction and the smart contract address corresponding to the node change transaction based on the node change transaction identifier. The first location determination module 732 determines the node change transaction and the node change transaction in the transaction tree from the transaction tree based on the transaction tree information in the block body information, the designated initiator address, and the smart contract address. The first position.
在确定出第一位置之后,节点变更类交易验证模块733基于节点变更类交易中包含的交易对象地址和所述智能合约的智能合约地址,对节点变更类交易进行验证。在另一示例中,节点变更交易验证模块733可以基于从交易树中确定出的节点变更类交易的交易发起方地址、交易对象地址、指定发起方地址以及智能合约地址,对所查找出的节点变更交易进行验证。After determining the first location, the node change transaction verification module 733 verifies the node change transaction based on the transaction object address included in the node change transaction and the smart contract address of the smart contract. In another example, the node change transaction verification module 733 can determine the node change transaction based on the transaction initiator address, transaction object address, designated initiator address, and smart contract address of the node change transaction determined from the transaction tree. Change the transaction for verification.
当节点变更交易验证通过时,收据信息获取模块734获取收据树中的与所确定的第一位置对应的第二位置处的收据信息。When the node change transaction is verified, the receipt information obtaining module 734 obtains the receipt information at the second location corresponding to the determined first location in the receipt tree.
在另一示例中,可以不包括节点变更类交易验证模块。在该示例中,当第一位置确定模块732从交易树中确定出节点变更类交易以及其在交易树中的第一位置之后,收据信息获取模块734可以基于所确定出的第一位置从收据树中获取相应的收据信息。In another example, the node change transaction verification module may not be included. In this example, after the first position determination module 732 determines the node change transaction and its first position in the transaction tree from the transaction tree, the receipt information acquisition module 734 may obtain the receipt from the receipt based on the determined first position. Obtain the corresponding receipt information from the tree.
以上参照图1到图8,对根据本说明书实施例的用于更新区块链节点处的公钥集合的方法及装置的实施例进行了描述。在以上对方法实施例的描述中所提及的细节,同样适用于本说明书实施例的装置的实施例。With reference to FIGS. 1 to 8 above, the embodiments of the method and device for updating the public key set at a blockchain node according to the embodiments of the present specification have been described. The details mentioned in the above description of the method embodiment are also applicable to the embodiment of the device in the embodiment of this specification.
本说明书实施例的用于更新区块链节点处的公钥集合的装置可以采用硬件实现,也可以采用软件或者硬件和软件的组合来实现。本说明书中的各个实施例均采用递进的方式描述,各个实施例之间相同相似的部分互相参见。The device for updating the public key set at the blockchain node in the embodiment of this specification can be implemented by hardware, or by software or a combination of hardware and software. The various embodiments in this specification are described in a progressive manner, and the same or similar parts among the various embodiments are referred to each other.
本说明书实施例的用于更新区块链节点处的公钥集合的装置可以采用硬件实现,也可以采用软件或者硬件和软件的组合来实现。以软件实现为例,作为一个逻辑意义上的装置,是通过其所在设备的处理器将存储器中对应的计算机程序指令读取到内存中运行形成的。在本说明书实施例中,用于更新区块链节点处的公钥集合的装置例如可以利用计算设备实现。The device for updating the public key set at the blockchain node in the embodiment of this specification can be implemented by hardware, or by software or a combination of hardware and software. Taking software implementation as an example, as a logical device, it is formed by reading the corresponding computer program instructions in the memory into the memory through the processor of the device where it is located. In the embodiment of the present specification, the device for updating the public key set at the blockchain node can be implemented by using a computing device, for example.
图9是根据本说明书的一个实施例的用于实现用于更新区块链节点处的公钥集合的方法的计算设备的结构框图。如图9所示,计算设备900包括处理器910、存储器920、内存930、通信接口940和内部总线950,并且处理器910、存储器(例如,非易失性存储器)920、内存930、通信接口940经由总线950连接在一起。根据一个实施例,计算设备900可以包括至少一个处理器910,该至少一个处理器910执行在计算机可读存储介质(即,存储器920)中存储或编码的至少一个计算机可读指令(即,上述以软件形 式实现的元素)。Fig. 9 is a structural block diagram of a computing device for implementing a method for updating a public key set at a blockchain node according to an embodiment of the present specification. As shown in FIG. 9, the computing device 900 includes a processor 910, a memory 920, a memory 930, a communication interface 940, and an internal bus 950, and the processor 910, a memory (for example, a non-volatile memory) 920, a memory 930, and a communication interface 940 are connected together via a bus 950. According to an embodiment, the computing device 900 may include at least one processor 910 that executes at least one computer-readable instruction (ie, the aforementioned Elements implemented in software).
在一个实施例中,在存储器920中存储计算机可执行指令,其当执行时使得至少一个处理器910:针对新加入的至少一个区块,基于该区块的区块头中的收据索引信息和节点变更类交易标识,确定该区块中是否存在所述节点变更类交易标识所指示的节点变更类交易;当该区块中存在节点变更类交易时,获取该区块的区块体信息;从区块体信息中获取节点变更类交易的收据信息,收据信息包括公钥字段,公钥字段用于存放节点变更类交易所指示的被变更区块链节点的公钥;从收据信息的公钥字段中获取的被变更区块链节点的公钥;以及利用所获取的公钥来更新公钥集合。In one embodiment, computer-executable instructions are stored in the memory 920, which when executed, cause at least one processor 910 to: for at least one newly added block, based on the receipt index information and the node in the block header of the block Change transaction identifier to determine whether there is a node change transaction indicated by the node change transaction identifier in the block; when there is a node change transaction in the block, obtain the block body information of the block; Obtain the receipt information of the node change transaction from the block body information. The receipt information includes a public key field. The public key field is used to store the public key of the changed blockchain node indicated by the node change transaction; from the public key of the receipt information Obtain the public key of the changed blockchain node in the field; and use the obtained public key to update the public key set.
应该理解,在存储器920中存储的计算机可执行指令当执行时使得至少一个处理器910进行本说明书实施例的各个实施例中以上结合图1-8描述的各种操作和功能。It should be understood that the computer-executable instructions stored in the memory 920, when executed, cause at least one processor 910 to perform the various operations and functions described above in conjunction with FIGS. 1-8 in the various embodiments of the embodiments of this specification.
根据一个实施例,提供了一种例如非暂时性机器可读介质的程序产品。非暂时性机器可读介质可以具有指令(即,上述以软件形式实现的元素),该指令当被机器执行时,使得机器执行本说明书实施例的各个实施例中以上结合图1-8描述的各种操作和功能。According to one embodiment, a program product such as a non-transitory machine-readable medium is provided. The non-transitory machine-readable medium may have instructions (that is, the above-mentioned elements implemented in the form of software), which when executed by a machine, cause the machine to execute the above described in conjunction with FIGS. 1-8 in the various embodiments of the embodiments of this specification. Various operations and functions.
具体地,可以提供配有可读存储介质的系统或者装置,在该可读存储介质上存储着实现上述实施例中任一实施例的功能的软件程序代码,且使该系统或者装置的计算机或处理器读出并执行存储在该可读存储介质中的指令。Specifically, a system or device equipped with a readable storage medium may be provided, and the software program code for realizing the function of any one of the above-mentioned embodiments is stored on the readable storage medium, and the computer or device of the system or device The processor reads and executes the instructions stored in the readable storage medium.
在这种情况下,从可读介质读取的程序代码本身可实现上述实施例中任何一项实施例的功能,因此机器可读代码和存储机器可读代码的可读存储介质构成了本发明的一部分。In this case, the program code itself read from the readable medium can implement the function of any one of the above embodiments, so the machine readable code and the readable storage medium storing the machine readable code constitute the present invention a part of.
可读存储介质的实施例包括软盘、硬盘、磁光盘、光盘(如CD-ROM、CD-R、CD-RW、DVD-ROM、DVD-RAM、DVD-RW、DVD-RW)、磁带、非易失性存储卡和ROM。可选择地,可以由通信网络从服务器计算机上或云上下载程序代码。Examples of readable storage media include floppy disks, hard disks, magneto-optical disks, optical disks (such as CD-ROM, CD-R, CD-RW, DVD-ROM, DVD-RAM, DVD-RW, DVD-RW), magnetic tape, Volatile memory card and ROM. Alternatively, the program code can be downloaded from the server computer or the cloud via the communication network.
上述对本说明书特定实施例进行了描述。其它实施例在所附权利要求书的范围内。在一些情况下,在权利要求书中记载的动作或步骤可以按照不同于实施例中的顺序来执行并且仍然可以实现期望的结果。另外,在附图中描绘的过程不一定要求示出的特定顺序或者连续顺序才能实现期望的结果。在某些实施方式中,多任务处理和并行处理也是可以的或者可能是有利的。The foregoing describes specific embodiments of this specification. Other embodiments are within the scope of the appended claims. In some cases, the actions or steps described in the claims can be performed in a different order than in the embodiments and still achieve desired results. In addition, the processes depicted in the drawings do not necessarily require the specific order or sequential order shown in order to achieve the desired results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
上述各流程和各系统结构图中不是所有的步骤和单元都是必须的,可以根据实际 的需要忽略某些步骤或单元。各步骤的执行顺序不是固定的,可以根据需要进行确定。上述各实施例中描述的装置结构可以是物理结构,也可以是逻辑结构,即,有些单元可能由同一物理实体实现,或者,有些单元可能分由多个物理实体实现,或者,可以由多个独立设备中的某些部件共同实现。Not all steps and units in the above processes and system structure diagrams are necessary, and some steps or units can be omitted according to actual needs. The order of execution of each step is not fixed and can be determined as needed. The device structure described in the foregoing embodiments may be a physical structure or a logical structure, that is, some units may be implemented by the same physical entity, or some units may be implemented by multiple physical entities, or may be implemented by multiple physical entities. Some components in independent devices are implemented together.
在整个本说明书中使用的术语“示例性”意味着“用作示例、实例或例示”,并不意味着比其它实施例“优选”或“具有优势”。出于提供对所描述技术的理解的目的,具体实施方式包括具体细节。然而,可以在没有这些具体细节的情况下实施这些技术。在一些实例中,为了避免对所描述的实施例的概念造成难以理解,公知的结构和装置以框图形式示出。The term "exemplary" used throughout this specification means "serving as an example, instance, or illustration", and does not mean "preferred" or "advantageous" over other embodiments. The detailed description includes specific details for the purpose of providing an understanding of the described technology. However, these techniques can be implemented without these specific details. In some instances, in order to avoid incomprehensibility to the concepts of the described embodiments, well-known structures and devices are shown in the form of block diagrams.
以上结合附图详细描述了本说明书实施例的实施例的可选实施方式,但是,本说明书实施例的实施例并不限于上述实施方式中的具体细节,在本说明书实施例的实施例的技术构思范围内,可以对本说明书实施例的实施例的技术方案进行多种简单变型,这些简单变型均属于本说明书实施例的实施例的保护范围。The above describes in detail the optional implementation manners of the embodiments of the embodiments of this specification with reference to the accompanying drawings. However, the embodiments of the embodiments of this specification are not limited to the specific details in the above-mentioned embodiments. Within the scope of the conception, a variety of simple modifications can be made to the technical solutions of the embodiments of the embodiments of the present specification, and these simple modifications all belong to the protection scope of the embodiments of the embodiments of the present specification.
本说明书实施例内容的上述描述被提供来使得本领域任何普通技术人员能够实现或者使用本说明书实施例内容。对于本领域普通技术人员来说,对本说明书实施例内容进行的各种修改是显而易见的,并且,也可以在不脱离本说明书实施例内容的保护范围的情况下,将本文所定义的一般性原理应用于其它变型。因此,本说明书实施例内容并不限于本文所描述的示例和设计,而是与符合本文公开的原理和新颖性特征的最广范围相一致。The foregoing description of the content of the embodiments of this specification is provided to enable any person of ordinary skill in the art to implement or use the content of the embodiments of this specification. It is obvious to a person of ordinary skill in the art that various modifications made to the content of the embodiments of this specification are obvious, and the general principles defined herein can also be used without departing from the scope of protection of the content of the embodiments of this specification. Apply to other variants. Therefore, the contents of the embodiments of this specification are not limited to the examples and designs described herein, but are consistent with the widest scope that conforms to the principles and novel features disclosed herein.

Claims (14)

  1. 一种用于更新区块链节点处的公钥集合的方法,所述公钥集合包括区块链网络中的所有参与共识的区块链节点的公钥,所述方法包括:A method for updating a public key set at a blockchain node, the public key set including the public keys of all blockchain nodes participating in consensus in a blockchain network, and the method includes:
    针对新加入的至少一个区块,基于该区块的区块头中的收据索引信息和节点变更类交易标识,确定该区块中是否存在所述节点变更类交易标识所指示的节点变更类交易,所述节点变更类交易以用于执行区块链节点变更操作的智能合约为交易对象,所述收据索引信息包括交易类型标识字段,所述交易类型标识字段指示该区块中的各个交易的交易类型;For at least one newly added block, based on the receipt index information and the node change transaction identifier in the block header of the block, determine whether the node change transaction indicated by the node change transaction identifier exists in the block, and The node change type transaction uses a smart contract for performing the block chain node change operation as the transaction object, the receipt index information includes a transaction type identification field, and the transaction type identification field indicates the transaction of each transaction in the block type;
    当该区块中存在节点变更类交易时,获取该区块的区块体信息;When there is a node change transaction in the block, obtain the block body information of the block;
    从所述区块体信息中获取所述节点变更类交易的收据信息,所述收据信息包括公钥字段,所述公钥字段用于存放所述节点变更类交易所指示的被变更区块链节点的公钥;Obtain the receipt information of the node change transaction from the block body information, the receipt information includes a public key field, and the public key field is used to store the changed blockchain indicated by the node change transaction The public key of the node;
    从所述收据信息的公钥字段中获取的被变更区块链节点的公钥;以及The public key of the changed blockchain node obtained from the public key field of the receipt information; and
    利用所获取的公钥来更新所述公钥集合。Use the obtained public key to update the set of public keys.
  2. 如权利要求1所述的方法,其中,所述区块体信息包括交易树和收据树,从所述区块体信息中获取所述节点变更类交易的收据信息包括:The method of claim 1, wherein the block body information includes a transaction tree and a receipt tree, and obtaining the receipt information of the node change transaction from the block body information includes:
    基于所述节点变更类交易标识,确定被指定发起所述节点变更类交易的指定发起方地址以及所述节点变更类交易对应的智能合约地址;Based on the node change transaction identifier, determine the address of the designated initiator designated to initiate the node change transaction and the smart contract address corresponding to the node change transaction;
    基于所述区块体信息中的交易树信息和所述指定发起方地址以及所述智能合约地址,从所述交易树中确定出所述节点变更类交易以及所述节点变更类交易在所述交易树中的第一位置;以及Based on the transaction tree information in the block body information, the designated initiator address and the smart contract address, it is determined from the transaction tree that the node change transaction and the node change transaction are in the The first position in the transaction tree; and
    从所述收据树中获取与所确定的第一位置对应的第二位置处的收据信息。The receipt information at the second location corresponding to the determined first location is obtained from the receipt tree.
  3. 如权利要求2所述的方法,其中,在获取所述收据树中的与所确定的第一位置对应的第二位置处的收据信息之前,从所述区块体信息中获取所述节点变更类交易的收据信息还包括:The method of claim 2, wherein before obtaining the receipt information at the second position corresponding to the determined first position in the receipt tree, the node change is obtained from the block body information The receipt information for such transactions also includes:
    基于所述节点变更类交易中包含的交易对象地址和所述智能合约的智能合约地址,对所述节点变更类交易进行验证,Verifying the node change transaction based on the transaction object address included in the node change transaction and the smart contract address of the smart contract,
    获取所述收据树中的与所确定的第一位置对应的第二位置处的收据信息包括:Obtaining the receipt information at the second location corresponding to the determined first location in the receipt tree includes:
    当所述节点变更交易验证通过时,获取所述收据树中的与所确定的第一位置对应的第二位置处的收据信息。When the verification of the node change transaction is passed, the receipt information at the second location corresponding to the determined first location in the receipt tree is obtained.
  4. 如权利要求3所述的方法,其中,基于从所述交易树中确定出的节点变更类交易的交易对象地址信息和所述智能合约的智能合约地址,对所述节点变更类交易进行验 证包括:The method of claim 3, wherein, based on the transaction object address information of the node change transaction determined from the transaction tree and the smart contract address of the smart contract, verifying the node change transaction comprises :
    基于从所述交易树中确定出的节点变更类交易的交易发起方地址、交易对象地址、所述指定发起方地址以及所述智能合约地址,对所查找出的节点变更交易进行验证。Based on the transaction initiator address, the transaction object address, the designated initiator address, and the smart contract address of the node change transaction determined from the transaction tree, the node change transaction found is verified.
  5. 如权利要求1-4中任一所述的方法,其中,所述节点变更类交易标识指示节点新增类交易,利用所获取的公钥来更新所述公钥集合包括:The method according to any one of claims 1 to 4, wherein the node change transaction identifier instructs the node to add a new transaction, and using the obtained public key to update the public key set comprises:
    将所述公钥添加到所述公钥集合中,或Add the public key to the set of public keys, or
    所述节点变更类交易标识指示节点删除类交易,利用所获取的公钥来更新所述公钥集合包括:The node change transaction identifier instructs the node to delete the transaction, and using the obtained public key to update the public key set includes:
    将所述公钥从所述公钥集合中删除。The public key is deleted from the public key set.
  6. 如权利要求1-4中任一所述的方法,其中,所述区块链系统为联盟链系统。The method according to any one of claims 1-4, wherein the blockchain system is a consortium chain system.
  7. 如权利要求1-4中任一所述的方法,其中,所述智能合约布署在创世区块中。The method according to any one of claims 1 to 4, wherein the smart contract is deployed in the genesis block.
  8. 一种用于在联盟链中更新公钥集合的装置,所述公钥集合包括区块链网络中所有参与共识的区块链节点的公钥,所述装置包括:A device for updating a set of public keys in a consortium chain, the set of public keys includes the public keys of all blockchain nodes participating in consensus in a blockchain network, and the device includes:
    节点变更交易确定单元,针对新加入的至少一个区块,基于该区块的区块头中的收据索引信息和节点变更类交易标识,确定该区块中是否存在所述节点变更类交易标识所指示的节点变更类交易,所述节点变更类交易以用于执行区块链节点变更操作的智能合约为交易对象,所述收据索引信息包括交易类型标识字段,所述交易类型标识字段指示该区块中的各个交易的交易类型;The node change transaction determining unit, for at least one newly added block, based on the receipt index information and the node change transaction identifier in the block header of the block, determines whether there is a node change transaction identifier in the block indicated by the node change transaction identifier The node change type transaction, the node change type transaction uses the smart contract used to perform the block chain node change operation as the transaction object, the receipt index information includes a transaction type identification field, and the transaction type identification field indicates the block The transaction type of each transaction in;
    区块体信息获取单元,当该区块中存在节点变更类交易时,获取该区块的区块体信息;The block body information obtaining unit, when there is a node change transaction in the block, obtain the block body information of the block;
    收据信息获取单元,从所述区块体信息中获取所述节点变更类交易的收据信息,所述收据信息包括公钥字段,所述公钥字段用于存放所述节点变更类交易所指示的被变更区块链节点的公钥;A receipt information obtaining unit, which obtains the receipt information of the node change transaction from the block body information, the receipt information includes a public key field, and the public key field is used to store information instructed by the node change transaction The public key of the changed blockchain node;
    公钥获取单元,从所述收据信息的公钥字段中获取的被变更区块链节点的公钥;以及The public key obtaining unit obtains the public key of the changed blockchain node from the public key field of the receipt information; and
    公钥集合更新单元,利用所获取的公钥来更新所述公钥集合。The public key set update unit uses the obtained public key to update the public key set.
  9. 如权利要求8所述的装置,其中,所述区块体信息包括交易树和收据树,所述收据信息获取单元包括:8. The device of claim 8, wherein the block body information includes a transaction tree and a receipt tree, and the receipt information obtaining unit includes:
    指定交易信息确定模块,基于所述节点变更类交易标识,确定被指定发起所述节点变更类交易的指定发起方地址以及所述节点变更类交易对应的智能合约地址;The designated transaction information determining module determines, based on the node change transaction identifier, the address of the designated initiator designated to initiate the node change transaction and the smart contract address corresponding to the node change transaction;
    第一位置确定模块,基于所述区块体信息中的交易树信息和所述指定发起方地址以 及所述智能合约地址,从所述交易树中确定出所述节点变更类交易以及所述节点变更类交易在所述交易树中的第一位置;以及The first location determination module determines the node change transaction and the node from the transaction tree based on the transaction tree information in the block body information, the designated initiator address, and the smart contract address The first position of the change transaction in the transaction tree; and
    收据信息获取模块,从所述收据树中获取与所确定的第一位置对应的第二位置处的收据信息。The receipt information obtaining module obtains the receipt information at the second location corresponding to the determined first location from the receipt tree.
  10. 如权利要求8所述的装置,其中,所述收据信息获取单元包括:8. The apparatus according to claim 8, wherein the receipt information obtaining unit comprises:
    节点变更类交易验证模块,在获取所述收据树中的与所确定的第一位置对应的第二位置处的收据信息之前,基于所述节点变更类交易中包含的交易对象地址和所述智能合约的智能合约地址,对所述节点变更类交易进行验证,以及The node change transaction verification module, before obtaining the receipt information at the second position corresponding to the determined first position in the receipt tree, is based on the transaction object address and the intelligence contained in the node change transaction The smart contract address of the contract verifies the node change transaction, and
    所述收据信息获取模块当所述节点变更交易验证通过时,获取所述收据树中的与所确定的第一位置对应的第二位置处的收据信息。The receipt information obtaining module obtains the receipt information at the second location corresponding to the determined first location in the receipt tree when the node change transaction verification is passed.
  11. 如权利要求10所述的装置,其中,所述节点变更交易验证模块基于从所述交易树中确定出的节点变更类交易的交易发起方地址、交易对象地址、所述指定发起方地址以及所述智能合约地址,对所查找出的节点变更交易进行验证。The device according to claim 10, wherein the node change transaction verification module is based on the transaction initiator address, the transaction object address, the designated initiator address, and the address of the node change transaction determined from the transaction tree. The smart contract address is used to verify the found node change transaction.
  12. 如权利要求8-11中任一所述的装置,其中,所述节点变更类交易标识指示节点新增类交易,所述公钥集合更新单元将所述公钥添加到所述公钥集合中,或The device according to any one of claims 8-11, wherein the node change transaction identifier indicates that the node adds a new transaction, and the public key set update unit adds the public key to the public key set ,or
    所述节点变更类交易标识指示节点删除类交易,所述公钥集合更新单元将所述公钥从所述公钥集合中删除。The node change transaction identifier instructs the node to delete the transaction, and the public key set update unit deletes the public key from the public key set.
  13. 一种计算设备,包括:A computing device including:
    至少一个处理器;以及At least one processor; and
    存储器,所述存储器存储指令,当所述指令被所述至少一个处理器执行时,使得所述至少一个处理器执行如权利要求1到7中任一所述的方法。A memory, where the memory stores instructions, and when the instructions are executed by the at least one processor, the at least one processor executes the method according to any one of claims 1 to 7.
  14. 一种机器可读存储介质,其存储有可执行指令,所述指令当被执行时使得所述机器执行如权利要求1到7中任一所述的方法。A machine-readable storage medium storing executable instructions, which when executed, cause the machine to execute the method according to any one of claims 1 to 7.
PCT/CN2020/139905 2020-03-16 2020-12-28 Method and device for use in updating public key set at blockchain node WO2021184885A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010180640.0 2020-03-16
CN202010180640.0A CN111047324B (en) 2020-03-16 2020-03-16 Method and apparatus for updating a set of public keys at a blockchain node

Publications (1)

Publication Number Publication Date
WO2021184885A1 true WO2021184885A1 (en) 2021-09-23

Family

ID=70231144

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/139905 WO2021184885A1 (en) 2020-03-16 2020-12-28 Method and device for use in updating public key set at blockchain node

Country Status (2)

Country Link
CN (1) CN111047324B (en)
WO (1) WO2021184885A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113821536A (en) * 2021-11-23 2021-12-21 腾讯科技(深圳)有限公司 Data processing method, device and equipment based on block chain and readable storage medium

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111047324B (en) * 2020-03-16 2020-08-04 支付宝(杭州)信息技术有限公司 Method and apparatus for updating a set of public keys at a blockchain node
CN111769984B (en) * 2020-06-29 2022-12-09 南京浩澜创达科技有限公司 Method for adding nodes in block chain network and block chain system
CN112395371B (en) * 2020-12-10 2024-05-28 深圳迅策科技有限公司 Financial institution asset classification processing method, device and readable medium
CN113206738B (en) * 2021-04-29 2022-12-09 中国人民银行数字货币研究所 Digital certificate management method and device
CN113179169B (en) * 2021-04-29 2022-12-09 中国人民银行数字货币研究所 Digital certificate management method and device
CN113242132B (en) * 2021-04-29 2022-12-13 中国人民银行数字货币研究所 Digital certificate management method and device
EP4333365A1 (en) * 2021-04-29 2024-03-06 Digital Currency Institute, The People's Bank of China Digital certificate management method and apparatus
CN113206746B (en) * 2021-04-29 2022-12-13 中国人民银行数字货币研究所 Digital certificate management method and device
CN113193961B (en) * 2021-04-29 2022-12-13 中国人民银行数字货币研究所 Digital certificate management method and device
CN113672686B (en) * 2021-10-21 2022-01-07 广东卓启云链科技有限公司 Block data distribution and storage method and system
CN117874838B (en) * 2024-03-11 2024-05-17 誉农智汇(成都)农业科技发展集团有限公司 Agricultural financial service method and system based on blockchain

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110493005A (en) * 2019-08-09 2019-11-22 如般量子科技有限公司 Anti- quantum calculation public key pond update method and system based on alliance's chain
US20190375373A1 (en) * 2017-10-11 2019-12-12 Uniquid Inc. Systems and methods for networked device security
CN110852745A (en) * 2019-10-12 2020-02-28 杭州云象网络技术有限公司 Block chain distributed dynamic network key automatic updating method
CN111047324A (en) * 2020-03-16 2020-04-21 支付宝(杭州)信息技术有限公司 Method and apparatus for updating a set of public keys at a blockchain node

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180225661A1 (en) * 2017-02-07 2018-08-09 Microsoft Technology Licensing, Llc Consortium blockchain network with verified blockchain and consensus protocols
EP3607483B1 (en) * 2019-03-15 2021-07-07 Advanced New Technologies Co., Ltd. Authentication based on a recoverd public key
CN110569668B (en) * 2019-09-11 2022-04-26 北京邮电大学 Data encryption storage method, device, equipment and medium based on block chain

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190375373A1 (en) * 2017-10-11 2019-12-12 Uniquid Inc. Systems and methods for networked device security
CN110493005A (en) * 2019-08-09 2019-11-22 如般量子科技有限公司 Anti- quantum calculation public key pond update method and system based on alliance's chain
CN110852745A (en) * 2019-10-12 2020-02-28 杭州云象网络技术有限公司 Block chain distributed dynamic network key automatic updating method
CN111047324A (en) * 2020-03-16 2020-04-21 支付宝(杭州)信息技术有限公司 Method and apparatus for updating a set of public keys at a blockchain node

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113821536A (en) * 2021-11-23 2021-12-21 腾讯科技(深圳)有限公司 Data processing method, device and equipment based on block chain and readable storage medium

Also Published As

Publication number Publication date
CN111047324A (en) 2020-04-21
CN111047324B (en) 2020-08-04

Similar Documents

Publication Publication Date Title
WO2021184885A1 (en) Method and device for use in updating public key set at blockchain node
CN111062716B (en) Method and device for generating block chain signature data and block chain transaction initiating system
US11698840B2 (en) Transaction consensus processing method and apparatus for blockchain and electronic device
US11614994B2 (en) Method, apparatus and electronic device for blockchain-based transaction consensus processing
US11050549B2 (en) Blockchain-based transaction method and apparatus, and remitter device
WO2021135757A1 (en) Method and apparatus for executing transaction correctness verification
US11032077B2 (en) Blockchain-based transaction method and apparatus, and remitter device
TWI740378B (en) Method and device for transaction verification
WO2021135857A1 (en) Method and device for updating trusted node information
US10951417B2 (en) Blockchain-based transaction verification
WO2021135744A1 (en) Data synchronization method and device for blockchain nodes
US10904013B2 (en) Managing blockchain-based centralized ledger systems
EP3808030B1 (en) Managing blockchain-based centralized ledger systems
WO2021135755A1 (en) Method and apparatus for sending response message for data request, and blockchain system
WO2021143364A1 (en) Method and apparatus for acquiring transaction processing state in decentralized application cluster
CN111144894B (en) UTXO processing method and device
CN110827034B (en) Method and apparatus for initiating a blockchain transaction
CN111143381B (en) Method and device for updating trust points in multi-layer block chain structure
CN110839067B (en) Information providing method and device
CN111159286B (en) Method and apparatus for generating multi-layer block chain structure

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20925562

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20925562

Country of ref document: EP

Kind code of ref document: A1