CN108764874A - Anonymous refund method, system and storage medium based on block chain - Google Patents

Anonymous refund method, system and storage medium based on block chain Download PDF

Info

Publication number
CN108764874A
CN108764874A CN201810477299.8A CN201810477299A CN108764874A CN 108764874 A CN108764874 A CN 108764874A CN 201810477299 A CN201810477299 A CN 201810477299A CN 108764874 A CN108764874 A CN 108764874A
Authority
CN
China
Prior art keywords
node
transaction
public key
coin
block chain
Prior art date
Application number
CN201810477299.8A
Other languages
Chinese (zh)
Inventor
李辉忠
石翔
张开翔
范瑞彬
马国俊
刘雪峰
裴庆祺
Original Assignee
深圳前海微众银行股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳前海微众银行股份有限公司 filed Critical 深圳前海微众银行股份有限公司
Priority to CN201810477299.8A priority Critical patent/CN108764874A/en
Publication of CN108764874A publication Critical patent/CN108764874A/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/102Bill distribution or payments
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Exchange, e.g. stocks, commodities, derivatives or currency exchange

Abstract

The invention discloses a kind of anonymous refund methods based on block chain, including:First node initiates money transfer transactions request to second node, receives the public key information that second node returns;First node generates the Transaction Information of this transaction and is sent to second node, and Transaction Information includes that the new coin generated based on public key information is promised to undertake, based on the encrypted transaction amount of public key information, zero-knowledge proof;Second node is verified to being based on the encrypted transaction amount of public key information, if being verified, Transaction Information is announced in block chain network, so that miner's node is verified and keeps accounts to this transaction;Miner's node verifies the proof content in zero-knowledge proof, if being verified, it is determined that this transaction is effective and charges to Transaction Information in block chain.The invention also discloses a kind of anonymous refund systems and computer readable storage medium based on block chain.The present invention realizes anonymous refund, ensure that the privacy for the both parties' information transferred accounts based on block chain.

Description

Anonymous refund method, system and storage medium based on block chain

Technical field

The present invention relates to block chain financial technology field more particularly to a kind of anonymous refund method based on block chain, it is System and computer readable storage medium.

Background technology

The distributed network that existing block chain network is made of the more mechanisms participated in.It is sent out between any mechanism Raw each transaction can all be announced in the whole network, and all participation mechanisms can all receive and record this transaction, to generate one Account book.This account book exists a and is identical in each mechanism, it is to be formed according to exchange hour sequence and not It can distort.

Since the existing Transaction Information based on block chain technology is all the plaintext version used, and every money transfer transactions All there is a complete information record in each node, Transaction Information will be caused to exist in nontransaction related side in this way Transfer transaction information between the risk of leakage, such as AB Liang Ge mechanisms is It is not necessary to leak to C mechanisms.

Invention content

The anonymous refund method that the main purpose of the present invention is to provide a kind of based on block chain, system and computer-readable Storage medium, it is intended to solve the skill for how avoiding nontransaction related side to obtain Transaction Information in the money transfer transactions based on block chain Art problem.

To achieve the above object, the present invention provides a kind of anonymous refund method based on block chain, described to be based on block chain Anonymous refund method include the following steps:

First node initiates money transfer transactions request to second node, receives the public key information that second node returns;

First node generates the Transaction Information of this transaction, and the Transaction Information is sent to second node, the friendship Easy information includes that the new coin generated based on the public key information is promised to undertake, known based on the encrypted transaction amount of the public key information, zero Knowing proves;

Second node is verified to described based on the encrypted transaction amount of the public key information, if being verified, the Two nodes announce the Transaction Information in block chain network, so that miner's node is verified and keeps accounts to this transaction;

Miner's node verifies the proof content in the zero-knowledge proof, if being verified, it is determined that this friendship Easily effectively and the Transaction Information is charged in block chain.

Optionally, the Transaction Information further includes:Old coin sequence number uses the small change that one's own side address public key is one's own side's generation Coin promises to undertake, it is close to be encrypted obtained first to the random number for generating new coin sequence number using the second node encrypted public key Obtained second ciphertext is encrypted to transaction amount and both parties' public key using supervisory node public key in text.

Optionally, the second node is verified to described based on the encrypted transaction amount of the public key information, specifically Including:

Second node is based on the encrypted transaction amount of second node encrypted public key using the decryption of one's own side's decrypted private key, uses oneself Square address private key decryption first node is that the new coin that second node generates is promised to undertake using second node address public key, respectively obtains friendship The easy amount of money and new coin denomination;

It verifies this transaction amount and whether new coin denomination is consistent, if unanimously, being verified.

Optionally, miner's node to the proof content in the zero-knowledge proof verify in corresponding verification Appearance includes:

A, it verifies whether comprising promising to undertake in the data format of old coin and new coin, if so, determining that old coin and new coin format are complete It is whole;

B, whether the address public key of verification first node corresponds with address private key, if so, determining the body of requestee Part information truth;

C, verify whether old coin sequence number corresponds with first node address private key, if so, determining old coin sequence number It calculates correct;

D, the old coin of verification first node, which is promised to undertake, whether there is in promising to undertake in Merkle trees, if so, determining that old coin is promised to undertake Effectively;

E, verify whether the sum of old coin amount of money in entire block chain network is equal to the sum of new coin amount of money, if so, determining This transaction amount is effective.

Optionally, the anonymous refund method based on block chain further includes:

Supervisory node decrypts second ciphertext using one's own side's private key, obtains transaction amount and both parties address public key, For being supervised to anonymous refund transaction.

Optionally, the anonymous refund method based on block chain further includes:

First node initiates purchase coin transaction request to note issuance node, and receives note issuance node and hand over the purchase coin Easily request returns to subscribe really after being audited buys information;

First node, using the address private key and address public key of one's own side, generates respectively after receiving confirmation purchase information Merchandise corresponding currency serial numbers of this purchase coin promise to undertake with currency, and by the currency serial numbers, the currency is promised to undertake and institute It states currency and promises to undertake that required denomination of coining is sent to note issuance node and is verified;

Whether the transaction denomination of this purchase coin transaction of note issuance node verification and denomination of coining are consistent, if unanimously, giving birth to Coin Transaction Information at Transaction Information of coining, and described in announcing in block chain network, for miner's node to this merchandise into Row verification and book keeping operation;

Wherein, the Transaction Information of coining includes:Note issuance node is transaction id, the currency that this transaction generates It promises to undertake and note issuance node is this digital signature generated of merchandising.

Further, to achieve the above object, described the present invention also provides a kind of anonymous refund method based on block chain Anonymous refund method based on block chain includes the following steps:

First node initiates money transfer transactions request to second node, receives the public key information that second node returns;

The Transaction Information of this transaction is generated, and the Transaction Information is sent to second node, for second node pair It is verified based on the encrypted transaction amount of the public key information, the Transaction Information includes being generated based on the public key information New coin is promised to undertake, based on the encrypted transaction amount of the public key information, zero-knowledge proof;

Wherein, if transaction amount is verified, second node announces the Transaction Information in block chain network, for Miner's node verifies the proof content in the zero-knowledge proof, if the zero-knowledge proof is verified, miner Node determines this transaction effectively and charges to the Transaction Information in block chain.

Optionally, the public key information includes:Second node address public key and second node encrypted public key;

The Transaction Information further includes:Old coin sequence number, using one's own side address public key be one's own side generate small change coin promise to undertake, Obtained first ciphertext is encrypted to the random number for generating new coin sequence number using the second node encrypted public key, is used Obtained second ciphertext is encrypted to transaction amount and both parties' public key in supervisory node public key.

Optionally, the anonymous refund method based on block chain further includes:

Supervisory node decrypts second ciphertext using one's own side's private key, obtains transaction amount and both parties address public key, For being supervised to anonymous refund transaction.

Optionally, the anonymous refund method based on block chain further includes:

First node initiates purchase coin transaction request to note issuance node, and receives note issuance node and hand over the purchase coin Easily request returns to subscribe really after being audited buys information;

After receiving confirmation purchase information, using the address private key and address public key of one's own side, this purchase coin is generated respectively Corresponding currency serial numbers of merchandising are promised to undertake with currency, and the currency serial numbers, currency promise and the currency are held Denomination of coining required by promise is sent to note issuance node, for the transaction denomination for verifying this purchase coin transaction and denomination of coining It is whether consistent;

Wherein, if verification is consistent, note issuance node generates Transaction Information of coining, and institute is announced in block chain network Transaction Information of coining is stated, so that miner's node is verified and keeps accounts to this transaction, the Transaction Information of coining includes:Currency Distribution node is that transaction id, the currency that this transaction generates are promised to undertake and note issuance node is this number generated of merchandising Word is signed.

Further, to achieve the above object, described the present invention also provides a kind of anonymous refund method based on block chain Anonymous refund method based on block chain includes the following steps:

Second node receives the money transfer transactions request that first node is initiated, and returns to public key information to first node;

The Transaction Information for this transaction that first node generates and sends is received, the Transaction Information includes being based on the public affairs The new coin that key information generates is promised to undertake, based on the encrypted transaction amount of the public key information, zero-knowledge proof;

It is verified based on the encrypted transaction amount of the public key information to described;

If transaction amount is verified, the Transaction Information is announced in block chain network, so that miner's node is to institute The proof content stated in zero-knowledge proof is verified, if the zero-knowledge proof is verified, miner's node determines this Transaction is effective and charges to the Transaction Information in block chain.

Optionally, the public key information includes:Second node address public key and second node encrypted public key;

The Transaction Information further includes:Old coin sequence number, using one's own side address public key be one's own side generate small change coin promise to undertake, Obtained first ciphertext is encrypted to the random number for generating new coin sequence number using the second node encrypted public key, is used Obtained second ciphertext is encrypted to transaction amount and both parties' public key in supervisory node public key.

Optionally, it is described to it is described based on the encrypted transaction amount of the public key information carry out verification include:

Second node is based on the encrypted transaction amount of second node encrypted public key using the decryption of one's own side's decrypted private key, uses oneself Square address private key decryption first node is that the new coin that second node generates is promised to undertake using second node address public key, respectively obtains friendship The easy amount of money and new coin denomination;

It verifies this transaction amount and whether new coin denomination is consistent, if unanimously, being verified.

Optionally, the anonymous refund method based on block chain further includes:

Supervisory node decrypts second ciphertext using one's own side's private key, obtains transaction amount and both parties address public key, For being supervised to anonymous refund transaction.

Further, to achieve the above object, described the present invention also provides a kind of anonymous refund system based on block chain Anonymous refund system includes:Block chain network, block chain, the block chain network include:First node, second node, mine Work node;

First node receives the public key information that second node returns for initiating money transfer transactions request to second node;It is raw At the Transaction Information of this transaction;The Transaction Information is sent to second node, the Transaction Information includes being based on the public affairs The new coin that key information generates is promised to undertake, based on the encrypted transaction amount of the public key information, zero-knowledge proof;

Second node, for being verified based on the encrypted transaction amount of the public key information to described, if being verified, Then second node announces the Transaction Information in block chain network, so that miner's node is verified and remembered to this transaction Account;

Miner's node, for being verified to the proof content in the zero-knowledge proof, if being verified, it is determined that this Secondary transaction is effective and charges to the Transaction Information in block chain.

Optionally, further include in the block chain network:Supervisory node;The public key information includes:Second node address Public key and second node encrypted public key;

The Transaction Information further includes:Old coin sequence number, using one's own side address public key be one's own side generate small change coin promise to undertake, Obtained first ciphertext is encrypted to the random number for generating new coin sequence number using the second node encrypted public key, is used Obtained second ciphertext is encrypted to transaction amount and both parties' public key in supervisory node public key.

Optionally, the second node is additionally operable to:

It is based on the encrypted transaction amount of second node encrypted public key using the decryption of one's own side's decrypted private key, uses the private of one's own side address Key decrypt first node using second node address public key be second node generate new coin promise to undertake, respectively obtain transaction amount with New coin denomination;It verifies this transaction amount and whether new coin denomination is consistent, if unanimously, being verified.

Optionally, miner's node to the proof content in the zero-knowledge proof verify in corresponding verification Appearance includes:

A, it verifies whether comprising promising to undertake in the data format of old coin and new coin, if so, determining that old coin and new coin format are complete It is whole;

B, whether the address public key of verification first node corresponds with address private key, if so, determining the body of requestee Part information truth;

C, verify whether old coin sequence number corresponds with first node address private key, if so, determining old coin sequence number It calculates correct;

D, the old coin of verification first node, which is promised to undertake, whether there is in promising to undertake in Merkle trees, if so, determining that old coin is promised to undertake Effectively;

E, verify whether the sum of old coin amount of money in entire block chain network is equal to the sum of new coin amount of money, if so, determining This transaction amount is effective.

Optionally, the supervisory node is used for:

Second ciphertext is decrypted using one's own side's private key, transaction amount and both parties address public key are obtained, for hideing Name money transfer transactions are supervised.

Optionally, further include in the block chain network:Note issuance node;

First node is additionally operable to:Purchase coin transaction request is initiated to note issuance node;After receiving confirmation purchase information, Using the address private key and address public key of one's own side, this corresponding currency serial numbers of purchase coin transaction is generated respectively and is promised to undertake with currency, And the denomination of coining that the currency serial numbers, the currency are promised to undertake and currency promise is required is sent to note issuance Node is verified;

Note issuance node is used for:It is returned to first node after being audited to the purchase coin transaction request and confirms purchase letter Breath;Whether transaction denomination and the denomination of coining for verifying this purchase coin transaction are consistent, if unanimously, Transaction Information of coining is generated, and It coins Transaction Information described in being announced in block chain network, so that miner's node is verified and keeps accounts to this transaction;

Wherein, the Transaction Information of coining includes:Note issuance node is transaction id, the currency that this transaction generates It promises to undertake and note issuance node is this digital signature generated of merchandising.

Further, to achieve the above object, the present invention also provides a kind of computer readable storage medium, the computers The anonymous refund program based on block chain is stored on readable storage medium storing program for executing, the anonymous refund program based on block chain is located The step of reason device realizes anonymous refund method as described in any one of the above embodiments based on block chain when executing.

In the present invention, first node generates the Transaction Information of this transaction when initiating money transfer transactions to second node, should Transaction Information includes encrypted transaction amount and zero-knowledge proof, and second node decrypted transaction information is allowed to carry out the amount of money Verification is without allowing miner's node decryption Transaction Information;The zero-knowledge proof that miner's node can only be provided by verifying first node It realizes the verification to this transaction validity, and then ensure that the money transfer transactions on block chain only can in both parties Know, other party can not decrypt acquisition, to realize anonymous refund, ensure that the both parties' information transferred accounts based on block chain Privacy.

Description of the drawings

Fig. 1 is the functional module framework schematic diagram of one embodiment of anonymous refund system of the present invention;

Fig. 2 is the entity structure schematic diagram corresponding to the system model of anonymous refund system of the present invention;

Fig. 3 is that the present invention is based on the flow diagrams of the anonymous refund method first embodiment of block chain;

Fig. 4 is that the present invention is based on the flow diagrams of the anonymous refund method second embodiment of block chain;

Fig. 5 is the flow diagram of coining of one embodiment of anonymous refund method under entity structure shown in Fig. 2;

Fig. 6 is the transfer process schematic diagram of one embodiment of anonymous refund method under entity structure shown in Fig. 2;

Fig. 7 is that the present invention is based on the flow diagrams of the anonymous refund method 3rd embodiment of block chain;

Fig. 8 is that the present invention is based on the flow diagrams of the anonymous refund method fourth embodiment of block chain;

Fig. 9 is that the present invention is based on the flow diagrams of the 5th embodiment of anonymous refund method of block chain.

The embodiments will be further described with reference to the accompanying drawings for the realization, the function and the advantages of the object of the present invention.

Specific implementation mode

It should be appreciated that described herein, specific examples are only used to explain the present invention, is not intended to limit the present invention.

The present invention provides a kind of anonymous refund system based on block chain.

Referring to Fig.1, Fig. 1 is the functional module framework schematic diagram of one embodiment of anonymous refund system of the present invention.

In the present embodiment, anonymous refund system includes block chain network, block chain, wherein block chain network includes more A node, different nodes correspond to different block chains and participate in mechanism.For example node A, B are respectively different user nodes, and Node C is note issuance node, and node D is miner's node, and node E is supervisory node.

In the present embodiment, the anonymous refund between different nodes may be implemented in anonymous refund system, ensures on block chain Money transfer transactions can only would know that other party can not decrypt acquisition in both parties.Lower mask body is with first node to second Node, which is transferred accounts, to be illustrated.

In the present embodiment, first node receives what second node returned for initiating money transfer transactions request to second node Public key information;Generate the Transaction Information of this transaction;The Transaction Information is sent to second node, wherein the transaction letter Breath includes that the new coin generated based on the public key information is promised to undertake, demonstrate,proved based on the encrypted transaction amount of the public key information, Zero Knowledge It is bright;

Second node, for being verified based on the encrypted transaction amount of the public key information to described, if being verified, Then second node announces the Transaction Information in block chain network, so that miner's node is verified and remembered to this transaction Account;

Miner's node, for being verified to the proof content in the zero-knowledge proof, if being verified, it is determined that this Secondary transaction is effective and charges to the Transaction Information in block chain.

Further, in one embodiment, the public key information includes:Second node address public key is encrypted with second node Public key;

In the present embodiment, the Transaction Information that first node generates includes:

A, first node is that the new coin that second node generates is promised to undertake using second node address public key;

B, first node is that the small change coin that one's own side generates is promised to undertake using one's own side address public key;

C, it is promised to undertake with new coin in this transaction, small change coin promises to undertake the old coin sequence number that associated old coin is promised to undertake;

D, random number of the first node using second node encrypted public key to transaction amount and for generating new coin sequence number Obtained first ciphertext is encrypted;

E, obtained by first node is encrypted transaction amount and both parties address public key using supervisory node public key The second ciphertext.

To ensure that anonymous refund meets financial supervision requirement, in the present embodiment, prison is also can access in the block chain network Pipe node, for carrying out financial supervision to the All Activity in block chain network.

Optionally, the supervisory node is used for:Second ciphertext is decrypted using one's own side's private key, obtains transaction amount and friendship Easy both sides address public key, for being supervised to anonymous refund transaction.

Further, in one embodiment, the second node is additionally operable to:Described first is decrypted using one's own side's decrypted private key Ciphertext decrypts the new coin promise using one's own side address private key, respectively obtains this transaction amount and new coin denomination;Verify this Whether transaction amount and new coin denomination are consistent, if unanimously, being verified.

Further, in one embodiment, miner's node tests the proof content in the zero-knowledge proof Demonstrate,proving corresponding verification content includes:

A, it verifies whether comprising promising to undertake in the data format of old coin and new coin, if so, determining that old coin and new coin format are complete It is whole;

B, whether the address public key of verification first node corresponds with address private key, if so, determining the body of requestee Part information truth;

C, verify whether old coin sequence number corresponds with first node address private key, if so, determining old coin sequence number It calculates correct;

D, the old coin of verification first node, which is promised to undertake, whether there is in promising to undertake in Merkle trees, if so, determining that old coin is promised to undertake Effectively;

E, verify whether the sum of old coin amount of money in entire block chain network is equal to the sum of new coin amount of money, if so, determining This transaction amount is effective.

Further, in one embodiment, it to realize the management of currency in block chain network, is gone back in the block chain network Including:Note issuance node;

First node is additionally operable to:Purchase coin transaction request is initiated to note issuance node;After receiving confirmation purchase information, Using the address private key and address public key of one's own side, this corresponding currency serial numbers of purchase coin transaction is generated respectively and is promised to undertake with currency, And the denomination of coining that the currency serial numbers, the currency are promised to undertake and currency promise is required is sent to note issuance Node is verified;

Note issuance node is used for:It is returned to first node after being audited to the purchase coin transaction request and confirms purchase letter Breath;Whether transaction denomination and the denomination of coining for verifying this purchase coin transaction are consistent, if unanimously, Transaction Information of coining is generated, and It coins Transaction Information described in being announced in block chain network, so that miner's node is verified and keeps accounts to this transaction;

Wherein, the Transaction Information of coining includes:Note issuance node is transaction id, the currency that this transaction generates It promises to undertake and note issuance node is this digital signature generated of merchandising.

It is of the invention for ease of understanding, below based on the corresponding system model of anonymous refund system of the present invention, hide the present invention The relevant rudimentary content that name is transferred accounts illustrates.

In the present invention, the difference of each node based role in block chain network and user, regulator, publisher can be divided into Three types.Entity structure corresponding to the system model of anonymous refund system of the present invention as shown in Figure 2.

(1) regulator supervises the All Activity of whole system, can see the amount of money and flow direction of every transaction clearly.

(2) publisher is responsible for issuing digital cash to user.

(3) user carries out the user of digital cash transaction in system.

(4) user information database, the information of all users in preservation system, by regulator's independent maintenance.

(5) it coins information bank, preserves all users and buy the information of digital cash (assuming that user is from publisher in system After buying digital cash, then be traded), it is safeguarded by publisher oneself.

(6) wallet preserves the one's own digital cash of user, by user oneself independent maintenance.

The structural element of wallet includes<SN,CM,V,ρ,*>, wherein SN indicates that digital cash sequence number, CM indicate to promise to undertake: It is a string of ciphertexts, represents a secret fund, it will be appreciated that is an encrypted fund.Other nodes can not be speculated by promising to undertake Go out the person of transferring accounts and transfer amounts.Promise is pertaining only to a user, and can only be spent primary, the currency generated when by spending Sequence number avoids honeysuckle problem.Other nodes can not equally deduce corresponding currency according to currency serial numbers and promise to undertake, V is indicated Digital cash denomination, ρ indicate the random number of 256bit:For generating digital cash sequence number, * is other information.

(7) client public key pond, the public key of the current all validated users of storage system.

The structure in client public key pond is similar to promise to undertake pond, using Merkle tree constructions:Each client public key is leaf therein The value of node, root node is stored in block chain.

(8) pond, all promises of storage system are promised to undertake.

Promise pond is Merkle tree constructions, and each promise to undertake is that wherein leaf section, the value of root node is stored in block chain.

(9) block chain, the Transaction Information of storage system, and promise to undertake the cryptographic Hash in pond and client public key pond.

Each block structure includes in block chain:The block serial number of this block, the cryptographic Hash of previous block, client public key pond Root, root, type of transaction and the Transaction Information for promising to undertake pond, wherein type of transaction includes:It coins, whole coin is transferred accounts, and zero coin turns Account, the update of public key pond.

(10) structure for promise of coining

CMmint=(k, gv+ρ, Ρ), wherein k=H256(apk| | ρ | | v), apkFor the station address public key of 256bits, ρ tables Show that the random number of 256bit, v indicate the denomination of cast digital cash.G is Z* pOn generation member, P is 160 or more prime numbers.

(11) structure that transaction is promised to undertake

CMpour=(k, gv+ρ, Ρ), wherein k=H256(apk| | ρ | | v), apkFor the station address public key of 256bits, ρ tables Show that the random number of 256bit, v indicate the denomination of merchandised digital cash.G is Z* pOn generation member, P is 160 or more elements Number.

(12) key explanation

The public key of regulator, for the encryption to transaction amount in Transaction Information and user identity, and to client public key Signature verification when pond updates;

The private key of regulator, for the decryption to transaction amount in Transaction Information and user identity, and to client public key Signature when pond updates;

The address public key of user, the generation that coin is promised to undertake when for coining and merchandise;

The address private key of user is used for the generation of address public key and coin sequence number;

The encrypted public key of user:Public key when customer transaction for encrypted transmission coin secret information;

The decrypted private key of user:Private key when customer transaction for decrypting coin secret information ciphertext.

Based on the functional module framework and system model of the above-mentioned anonymous refund system based on block chain, base of the present invention is proposed In the following embodiment of the anonymous refund method of block chain.

It is that the present invention is based on the flow diagrams of the anonymous refund method first embodiment of block chain with reference to Fig. 3, Fig. 3.This In embodiment, the anonymous refund method based on block chain includes the following steps:

Step S110, first node initiate money transfer transactions request to second node, receive the public key letter that second node returns Breath;

In the present embodiment, first node is after initiating money transfer transactions request, to realize anonymous refund transaction content pair second Node discloses, and therefore, it is necessary to the public key informations for using second node to provide to encrypt pertinent transaction information, to which second node can Pertinent transaction information, such as transaction amount are known in decryption.

Step S120, first node generate the Transaction Information of this transaction, and by the Transaction Information, are sent to the second section Point, the Transaction Information include that the new coin generated based on the public key information is promised to undertake, is based on the encrypted transaction of the public key information The amount of money, zero-knowledge proof;

Zero-knowledge proof:A kind of proof thought of cryptography.What a rule of prover and verifier's joint consultation, is being advised In then, prover provides a string of ciphertexts in the case where not exposing itself secret evidence, to verifier, and verifier is close by verifying Text can be confident that prover possesses corresponding secret evidence, and verifier can not know the content of secret evidence.

In the present embodiment, to realize anonymous refund, prevent Transaction Information from revealing, first node generates the transaction of this transaction Information and zero-knowledge proof, wherein first node can selectively encrypt relationship trading based on process requirements of transferring accounts in block chain Information is to form Transaction Information.For example, the verification requirement based on beneficiary to transaction amount, encrypts transaction amount;Based on supervision The regulatory requirements of side, encrypt the identity information and transaction amount of both parties.

In the present embodiment, the Transaction Information that first node generates includes being held based on the new coin that the public key information generates Promise is based on the encrypted transaction amount of the public key information, zero-knowledge proof.Wherein, zero-knowledge proof is also a kind of ciphertext, is used for Miner's node verifies the validity of transaction.

Step S130, second node are verified to described based on the encrypted transaction amount of the public key information, if verification Pass through, then second node announces the Transaction Information in block chain network, so that miner's node verifies this transaction With book keeping operation;

In the present embodiment, before announcing Transaction Information and verifying and keep accounts for miner's node, first node needs The Transaction Information of generation and zero-knowledge proof are sent to second node and are traded amount of money verification, namely verification first node hair Whether the transaction amount risen and the denomination that second node obtains are consistent, if unanimously, being verified.

For ensure second node can successful decryption Transaction Information, first node preferably uses second node in the present embodiment Address public key carrys out the related content in encrypted transaction message with encrypted public key.

In the present embodiment, Transaction Information and zero-knowledge proof are published to by second node after being verified by transaction amount In block chain network, so that each miner's node in network is verified and keeps accounts to this transaction.

Step S140, miner's node verify the proof content in the zero-knowledge proof, if being verified, really This fixed transaction is effective and charges to the Transaction Information in block chain.

The present embodiment is unlimited for the particular content of zero-knowledge proof, and each miner's node is by verifying in zero-knowledge proof Content is proved to realize the verification to this transaction validity, and is verified by rear in the proof content of zero-knowledge proof, really This fixed transaction is effective, and will be in Transaction Information book keeping operation to block chain.Since miner's node can not obtain the plaintext of Transaction Information Content, such as the identity information of both parties, transaction amount, while also not exposed in transaction to miner's node in zero-knowledge proof Hold, it is thus achieved that effect of the transaction relative to other node anonymous between first node and second node, ensure that first segment The privacy of Transaction Information between point and second node.

In the present embodiment, first node generates the Transaction Information of this transaction when initiating money transfer transactions to second node, The Transaction Information includes encrypted transaction amount and zero-knowledge proof, and second node decrypted transaction information is allowed to carry out gold Volume verification is without allowing miner's node decryption Transaction Information;Miner's node can only be demonstrate,proved by verifying the Zero Knowledge that first node provides It is bright to realize to the verification of this transaction validity, and then it ensure that the money transfer transactions on block chain only can be in both parties It would know that, other party can not decrypt acquisition, to realize anonymous refund, ensure that the both parties' letter transferred accounts based on block chain The privacy of breath.

Further, in one embodiment of anonymous refund method the present invention is based on block chain, to ensure second node energy Enough successful decryption Transaction Informations, first node preferably uses second node address public key and second node encryption public in the present embodiment Key carrys out the related content in encrypted transaction message, will by second node specifically when initiating money transfer transactions request to second node The address public key of one's own side returns to first node with encrypted public key.

In the present embodiment, the Transaction Information that first node generates includes:

A, first node is that the new coin that second node generates is promised to undertake using second node address public key;

B, first node is that the small change coin that one's own side generates is promised to undertake using one's own side address public key;

C, it is promised to undertake with new coin in this transaction, small change coin promises to undertake the old coin sequence number that associated old coin is promised to undertake;

In the present embodiment, old coin is promised to undertake, new coin is promised to undertake and small change coin promise is all a kind of promise.Promise is a string of ciphertexts, Represent a secret fund, it will be appreciated that be an encrypted fund.Other nodes can not by promise to undertake deduce the person of transferring accounts and Transfer amounts.Promise is pertaining only to a user, and can only be spent primary, and the currency serial numbers generated when by spending are kept away Exempt from honeysuckle problem.Other nodes can not equally deduce corresponding currency according to currency serial numbers and promise to undertake.

In the present embodiment, first node will be that second node generates new coin and promises to undertake and be certainly when spending old coin to promise to undertake Body generates small change coin and promises to undertake.Wherein, it is all spent if old coin is promised to undertake, without generating small change coin promise.

D, random number of the first node using second node encrypted public key to transaction amount and for generating new coin sequence number Obtained first ciphertext is encrypted;

In the present embodiment, first node is encrypted transaction amount using the encrypted public key of second node, due to entire There was only second node in block chain network, there are corresponding decrypted private key, and therefore, other nodes can not obtain in the first ciphertext Private transaction information.

Wherein, random number is used for second node when spending new coin to promise to undertake, for generating new coin sequence number to avoid honeysuckle.

E, obtained by first node is encrypted transaction amount and both parties address public key using supervisory node public key The second ciphertext.

In the present embodiment, first node is encrypted transaction amount using the public key of supervisory node, due to entire block There was only supervisory node in chain network, there are corresponding private keys, and therefore, other nodes can not obtain the Private transaction in the second ciphertext Information.In addition, supervisory node decrypts the second ciphertext using one's own side's private key, transaction amount and both parties address public key are obtained, from And it can merchandise and supervise to anonymous refund.

Further, it is based on above-described embodiment, in an alternative embodiment of the invention, the second node to described to being based on The encrypted transaction amount of public key information carries out verification:

Second node is based on the encrypted transaction amount of second node encrypted public key using the decryption of one's own side's decrypted private key, uses oneself Square address private key decryption first node is that the new coin that second node generates is promised to undertake using second node address public key, respectively obtains friendship The easy amount of money and new coin denomination;It verifies this transaction amount and whether new coin denomination is consistent, if unanimously, being verified.

In the present embodiment, for avoid in money transfer transactions exist fraud, second node need to this transaction the amount of money and The new coin denomination itself obtained is verified, if verification is consistent, it is determined that transaction is effective.

Due to the encryption that the encryption key that the first ciphertext is provided using second node carries out, second node makes The first ciphertext can be decrypted with one's own side's decrypted private key and obtains this transaction amount;Since new coin is promised to undertake using second node The encryption that the encrypted public key of offer carries out, therefore, second node can decrypt new coin promise using one's own side address private key and obtain New coin denomination.

Further, in another embodiment of anonymous refund method the present invention is based on block chain, miner's node is corresponding Content is verified to correspond with the proof content in zero-knowledge proof.In the present embodiment, preferably in the corresponding verification of miner's node Appearance includes:

A, it verifies whether comprising promising to undertake in the data format of old coin and new coin, if so, determining that old coin and new coin format are complete It is whole;

In the present embodiment, promise represents an encrypted secret fund, therefore necessary in the data format of old coin and new coin Include to promise to undertake, does not allow to merchandise successfully if format is imperfect.

B, whether the address public key of verification first node corresponds with address private key, if so, determining the body of requestee Part information truth;

In the present embodiment, therefore address public key one node of unique mark only can need to verify in entire block chain network Whether address public key corresponds with address private key, you can determines whether the identity information of requestee is true.

Further include a client public key pond in the present embodiment, in block chain network, which is tied using Merkle trees Structure, for storing the client public key in whole network, each client public key is the leaf node of Merkle trees, and the value of root node is deposited It is stored in block chain.

C, verify whether old coin sequence number corresponds with first node address private key, if so, determining old coin sequence number It calculates correct;

In the present embodiment, the currency serial numbers of first node are generated by one's own side address private key, therefore, by verifying old coin Whether sequence number corresponds with first node address private key, you can determines whether old coin sequence number calculates correctly.

D, the old coin of verification first node, which is promised to undertake, whether there is in promising to undertake in Merkle trees, if so, determining that old coin is promised to undertake Effectively;

Further include a promise pond in the present embodiment, in block chain network, which uses Merkle tree constructions, for depositing The promise in whole network, each leaf node promised to undertake as Merkle trees are stored up, the value of root node is stored in block chain.Cause This, promises to undertake if the old coin promise of first node is present in Merkle trees, it is determined that old coin is promised to undertake effective.

E, verify whether the sum of old coin amount of money in entire block chain network is equal to the sum of new coin amount of money, if so, determining This transaction amount is effective.

In the present embodiment, in the case where not considering new issue currency, new coin can only be generated by consuming old coin, because This, if transaction amount is effective, the sum of old coin amount of money in entire block chain network ought to be equal to entire block link network The sum of new coin amount of money in network.

Further, in this embodiment when supervisory node participates in keeping accounts as miner's node, supervisory node is also further Verification supervision public key encryption address public key whether be pay both sides address public key, with supervision public key encryption the amount of money whether It is transaction amount, when the verification of supervisory node and other miner's nodes all passes through, you can confirm that this transaction effectively carries out Block chain is kept accounts.

It is that the present invention is based on the flow diagrams of the anonymous refund method second embodiment of block chain with reference to Fig. 4, Fig. 4.This In embodiment, the anonymous refund method based on block chain further includes:

Step S210, first node initiates purchase coin transaction request to note issuance node, and receives note issuance node pair The purchase coin transaction request returns to subscribe really after being audited buys information;

Further include note issuance node in the present embodiment, in block chain network, for the node hair into block chain network Row digital cash.

In the present embodiment, after first node initiates purchase coin transaction request to note issuance node, note issuance node needs Purchase coin transaction request is audited, for example whether audit purchaser's identity is legal, whether purchase denomination meets regulatory requirements etc., When the information for returning to confirmation purchase to first node after the approval.

Step S220, first node is after receiving and confirming purchase information, using the address private key and address public key of one's own side, This corresponding currency serial numbers of purchase coin transaction is generated respectively to promise to undertake with currency, and the currency serial numbers, the currency are held Promise and the currency promise to undertake that required denomination of coining is sent to note issuance node and is verified;

First node uses the address private key life of oneself after receiving the return of note issuance node and subscribing really and buy information At this corresponding currency serial numbers of purchase coin transaction, and this corresponding currency of purchase coin transaction is generated using the address public key of oneself It promises to undertake, is then sent to note issuance node.

Step S230, whether the transaction denomination of this purchase coin transaction of note issuance node verification and denomination of coining are consistent, if Unanimously, then Transaction Information of coining is generated, and Transaction Information of coining described in announcement in block chain network, so that miner's node is to this Secondary transaction is verified and is kept accounts;

Wherein, the Transaction Information of coining includes:Note issuance node is transaction id, the currency that this transaction generates It promises to undertake and note issuance node is this digital signature generated of merchandising.

In the present embodiment, before keeping accounts to this purchase coin transaction, note issuance node also needs to verify this purchase coin Whether the transaction denomination of transaction and denomination of coining are consistent, if unanimously, generating and coining Transaction Information and be published to block chain network In, so that miner's node is verified and keeps accounts to this transaction.

For ease of more fully understanding the anonymous refund flow of the present invention, below based on anonymous refund system shown in Fig. 2 Entity structure schematic diagram corresponding to system model with transfer process illustrate to the flow of coining involved by anonymous refund It is bright.

One, it coins flow

As shown in figure 5, node users initiate transaction of coining to issuer, miner's node is kept accounts, and is implemented Flow is as follows:

(1) user initiates purchase coin request to publisher, includes all purchase denominations in the request;

(2) publisher audits the purchase coin request of user;

(3) after the approval, publisher preserves the purchase coin information of user;

(4) publisher returns to user confirms purchase information;

(5) user generates the promise of this purchase coin, and the phase that will be promised to undertake and promise to undertake after receiving confirmation purchase information It closes information and is sent to publisher;

(6) publisher's verification promise and denomination;

(7) after being verified, publisher generates the Transaction Information of coining of this purchase coin, includes:Publisher is this The transaction id of transaction generation, user are the promise that this purchase coin generates, and publisher purchases the signature that coin generates for this, wherein label Name object is specially transaction id, the sequence number of this cast currency and the promise of this purchase coin generation that this transaction generates.

(8) this Transaction Information of coining is published in block chain network by publisher;

(9) whether this transaction of miner's node verification is effective;

(10) if this transaction is effective, miner's node charges to above-mentioned Transaction Information of coining in block chain.

Two, transfer process

As shown in fig. 6, node users A carries out anonymous refund to node users B, miner's node is kept accounts, and is implemented Flow is as follows:

(1) user A first initiates transaction request to user B;

(2) user B returns to the address public key and encrypted public key of oneself to user A;

(3) user A generates Transaction Information, including:The old coin sequence number of new coin using the address public key of user B is user B The new coin of generation is promised to undertake, the small change coin oneself to generate is promised to undertake, is encrypted transaction amount using the encrypted public key of user B and is used to give birth to At the obtained ciphertext of random number of new coin sequence number, use the public key encryption transaction amount of regulator and both parties address public affairs The obtained ciphertext of key, zero-knowledge proof;

(4) above-mentioned Transaction Information is sent to user B by user A;

(5) user B verifies the transaction amount in Transaction Information;

(6) after transaction amount is verified, above-mentioned Transaction Information is published in block chain network by user B;

(7) whether effective miner's node based on the zero-knowledge proof in Transaction Information verifies this transaction;

(8) if this transaction is effective, miner's node charges to above-mentioned Transaction Information in block chain.

It is that the present invention is based on the flow diagrams of the anonymous refund method 3rd embodiment of block chain with reference to Fig. 7, Fig. 7.This In embodiment, the anonymous refund method based on block chain includes the following steps:

Step S310, first node initiate money transfer transactions request to second node, receive the public key letter that second node returns Breath;

In the present embodiment, first node is after initiating money transfer transactions request, to realize anonymous refund transaction content pair second Node discloses, and therefore, it is necessary to the public key informations for using second node to provide to encrypt pertinent transaction information, to which second node can Pertinent transaction information, such as transaction amount are known in decryption.

Step S320 generates the Transaction Information of this transaction, and the Transaction Information is sent to second node, for the Two nodes are verified to being based on the encrypted transaction amount of the public key information, and the Transaction Information includes being believed based on the public key The new coin that breath generates is promised to undertake, based on the encrypted transaction amount of the public key information, zero-knowledge proof;

Wherein, before announcing Transaction Information and verifying and keep accounts for miner's node, first node needs to generate Transaction Information and zero-knowledge proof be sent to second node and be traded amount of money verification, namely the friendship that verification first node is initiated Whether the easy amount of money and the denomination that second node obtains are consistent, if unanimously, being verified.

In the present embodiment, to realize anonymous refund, prevent Transaction Information from revealing, first node generates the transaction of this transaction Information, wherein first node can selectively encrypt pertinent transaction information based on process requirements of transferring accounts in block chain and be handed over being formed Easy information.For example, the verification requirement based on beneficiary to transaction amount, encrypts transaction amount;Regulatory requirements based on monitoring party, Encrypt the identity information and transaction amount of both parties.

In the present embodiment, if transaction amount is verified, second node announces the transaction letter in block chain network Breath and the zero-knowledge proof, so that miner's node verifies the proof content in the zero-knowledge proof, if described zero Knowledge proof is verified, then miner's node determines this transaction effectively and charges to the Transaction Information in block chain.

For ensure second node can successful decryption Transaction Information, first node preferably uses second node in the present embodiment Address public key carrys out the related content in encrypted transaction message with encrypted public key.

In the present embodiment, Transaction Information is published in block chain network by second node after being verified by transaction amount, So that each miner's node in network is verified and keeps accounts to this transaction.

The present embodiment is unlimited for the particular content of zero-knowledge proof, and each miner's node is by verifying in zero-knowledge proof Content is proved to realize the verification to this transaction validity, and is verified by rear in the proof content of zero-knowledge proof, really This fixed transaction is effective, and will be in Transaction Information book keeping operation to block chain.Since miner's node can not obtain the plaintext of Transaction Information Content, such as the identity information of both parties, transaction amount, while also not exposed in transaction to miner's node in zero-knowledge proof Hold, it is thus achieved that effect of the transaction relative to other node anonymous between first node and second node, ensure that first segment The privacy of Transaction Information between point and second node.

In the present embodiment, first node generates the Transaction Information of this transaction when initiating money transfer transactions to second node, The Transaction Information includes encrypted transaction amount and zero-knowledge proof, and second node decrypted transaction information is allowed to carry out gold Volume verification is without allowing miner's node decryption Transaction Information;Miner's node can only be demonstrate,proved by verifying the Zero Knowledge that first node provides It is bright to realize to the verification of this transaction validity, and then it ensure that the money transfer transactions on block chain only can be in both parties It would know that, other party can not decrypt acquisition, to realize anonymous refund, ensure that the both parties' letter transferred accounts based on block chain The privacy of breath.

Further, in one embodiment of anonymous refund method the present invention is based on block chain, to ensure second node energy Successful decryption Transaction Information is reached, first node is preferably encrypted using second node address public key with encrypted public key in the present embodiment Related content in Transaction Information, specifically when initiating money transfer transactions to second node and asking, by second node by the ground of one's own side Location public key returns to first node with encrypted public key.

In the present embodiment, the Transaction Information that first node generates includes:

A, first node is that the new coin that second node generates is promised to undertake using second node address public key;

B, first node is that the small change coin that one's own side generates is promised to undertake using one's own side address public key;

C, it is promised to undertake with new coin in this transaction, small change coin promises to undertake the old coin sequence number that associated old coin is promised to undertake;

In the present embodiment, old coin is promised to undertake, new coin is promised to undertake and small change coin promise is all a kind of promise.Promise is a string of ciphertexts, Represent a secret fund, it will be appreciated that be an encrypted fund.Other nodes can not by promise to undertake deduce the person of transferring accounts and Transfer amounts.Promise is pertaining only to a user, and can only be spent primary, and the currency serial numbers generated when by spending are kept away Exempt from honeysuckle problem.Other nodes can not equally deduce corresponding currency according to currency serial numbers and promise to undertake.

In the present embodiment, first node will be that second node generates new coin and promises to undertake and be certainly when spending old coin to promise to undertake Body generates small change coin and promises to undertake.Wherein, it is all spent if old coin is promised to undertake, without generating small change coin promise.

D, random number of the first node using second node encrypted public key to transaction amount and for generating new coin sequence number Obtained first ciphertext is encrypted;

In the present embodiment, first node is encrypted transaction amount using the encrypted public key of second node, due to entire There was only second node in block chain network, there are corresponding decrypted private key, and therefore, other nodes can not obtain in the first ciphertext Private transaction information.

Wherein, random number is used for second node when spending new coin to promise to undertake, for generating new coin sequence number to avoid honeysuckle.

E, obtained by first node is encrypted transaction amount and both parties address public key using supervisory node public key The second ciphertext.

In the present embodiment, first node is encrypted transaction amount using the public key of supervisory node, due to entire block There was only supervisory node in chain network, there are corresponding private keys, and therefore, other nodes can not obtain the Private transaction in the second ciphertext Information.In addition, supervisory node decrypts the second ciphertext using one's own side's private key, transaction amount and both parties address public key are obtained, from And it can merchandise and supervise to anonymous refund.

It is that the present invention is based on the flow diagrams of the anonymous refund method fourth embodiment of block chain with reference to Fig. 8, Fig. 8.This In embodiment, the anonymous refund method based on block chain further includes:

Step S410, first node initiates purchase coin transaction request to note issuance node, and receives note issuance node pair The purchase coin transaction request returns to subscribe really after being audited buys information;

Further include note issuance node in the present embodiment, in block chain network, for the node hair into block chain network Row digital cash.

In the present embodiment, after first node initiates purchase coin transaction request to note issuance node, note issuance node needs Purchase coin transaction request is audited, for example whether audit purchaser's identity is legal, whether purchase denomination meets regulatory requirements etc., When the information for returning to confirmation purchase to first node after the approval.

Step S420, using the address private key and address public key of one's own side, is generated respectively after receiving confirmation purchase information Merchandise corresponding currency serial numbers of this purchase coin promise to undertake with currency, and by the currency serial numbers, the currency is promised to undertake and institute State currency and promise to undertake that required denomination of coining is sent to note issuance node, for verify the transaction denomination of this purchase coin transaction with Whether denomination of coining is consistent;

Wherein, if verification is consistent, note issuance node generates Transaction Information of coining, and institute is announced in block chain network Transaction Information of coining is stated, so that miner's node is verified and keeps accounts to this transaction, the Transaction Information of coining includes:Currency Distribution node is that transaction id, the currency that this transaction generates are promised to undertake and note issuance node is this number generated of merchandising Word is signed.

In the present embodiment, first node uses oneself after receiving the return of note issuance node and subscribing really and buy information Address private key generate this purchase coin and merchandise corresponding currency serial numbers, and generate this purchase coin using the address public key of oneself and hand over Easily corresponding currency is promised to undertake, note issuance node is then sent to.Note issuance node is kept accounts to this purchase coin transaction Before, also need the transaction denomination for verifying this purchase coin transaction and denomination of coining whether consistent, if unanimously, generation, which coins to merchandise, to be believed It ceases and is published in block chain network, so that miner's node is verified and keeps accounts to this transaction.

It is that the present invention is based on the flow diagrams of the 5th embodiment of anonymous refund method of block chain with reference to Fig. 9, Fig. 9.This In embodiment, the anonymous refund method based on block chain further includes:

Step S510, second node receives the money transfer transactions request that first node is initiated, and returns to public key to first node Information;

In the present embodiment, second node returns after receiving the money transfer transactions request that first node is initiated to first node Public key information, for the pertinent transaction information for encrypting first node generation, to which corresponding private key can be used in second node Pertinent transaction information, such as transaction amount are known in decryption, ensure that the privacy of transfer transaction information.

Step S520, receives the Transaction Information for this transaction that first node generates and sends, and the Transaction Information includes It is promised to undertake, based on the encrypted transaction amount of the public key information, zero-knowledge proof based on the new coin that the public key information generates;

In the present embodiment, to realize anonymous refund, prevent Transaction Information from revealing, first node generates the transaction of this transaction Information, wherein first node can selectively encrypt pertinent transaction information based on process requirements of transferring accounts in block chain and be handed over being formed Easy information.For example, the verification requirement based on beneficiary to transaction amount, encrypts transaction amount;Regulatory requirements based on monitoring party, Encrypt the identity information and transaction amount of both parties.In the present embodiment, the Transaction Information that first node generates includes base The encrypted new coin information of public key information and transaction amount provided in second node.

Step S530 is verified to described based on the encrypted transaction amount of the public key information;

Second node also needs to be traded the amount of money before announcing Transaction Information and verifying and keep accounts for miner's node It verifies, namely whether the denomination that the transaction amount of verification first node initiation and second node obtain is consistent, if unanimously, It is verified.

Step S540 announces the Transaction Information, for miner if transaction amount is verified in block chain network Node verifies the proof content in the zero-knowledge proof, if the zero-knowledge proof is verified, miner's node It determines this transaction effectively and charges to the Transaction Information in block chain.

In the present embodiment, Transaction Information is published in block chain network by second node after being verified by transaction amount, So that each miner's node in network is verified and keeps accounts to this transaction.Each miner's node is by verifying in zero-knowledge proof Proof content realize to the verification of this transaction validity, and be verified by rear in the proof content of zero-knowledge proof, Determine that this transaction is effective, and will be in Transaction Information book keeping operation to block chain.Since miner's node can not obtain the bright of Transaction Information Literary content, such as the identity information of both parties, transaction amount, while also not exposing and merchandising to miner's node in zero-knowledge proof Content, it is thus achieved that effect of the transaction relative to other node anonymous between first node and second node, ensure that first The privacy of Transaction Information between node and second node.

In the present embodiment, first node generates the Transaction Information of this transaction when initiating money transfer transactions to second node, The Transaction Information includes encrypted transaction amount and zero-knowledge proof, and second node decrypted transaction information is allowed to carry out gold Volume verification is without allowing miner's node decryption Transaction Information;Miner's node can only be demonstrate,proved by verifying the Zero Knowledge that first node provides It is bright to realize to the verification of this transaction validity, and then it ensure that the money transfer transactions on block chain only can be in both parties It would know that, other party can not decrypt acquisition, to realize anonymous refund, ensure that the both parties' letter transferred accounts based on block chain The privacy of breath.

Further, in one embodiment of anonymous refund method the present invention is based on block chain, to ensure second node energy Successful decryption Transaction Information is reached, first node is preferably encrypted using second node address public key with encrypted public key in the present embodiment Related content in Transaction Information, specifically when initiating money transfer transactions to second node and asking, by second node by the ground of one's own side Location public key returns to first node with encrypted public key.

In the present embodiment, the Transaction Information that first node generates includes:

A, first node is that the new coin that second node generates is promised to undertake using second node address public key;

B, first node is that the small change coin that one's own side generates is promised to undertake using one's own side address public key;

C, it is promised to undertake with new coin in this transaction, small change coin promises to undertake the old coin sequence number that associated old coin is promised to undertake;

In the present embodiment, old coin is promised to undertake, new coin is promised to undertake and small change coin promise is all a kind of promise.Promise is a string of ciphertexts, Represent a secret fund, it will be appreciated that be an encrypted fund.Other nodes can not by promise to undertake deduce the person of transferring accounts and Transfer amounts.Promise is pertaining only to a user, and can only be spent primary, and the currency serial numbers generated when by spending are kept away Exempt from honeysuckle problem.Other nodes can not equally deduce corresponding currency according to currency serial numbers and promise to undertake.

In the present embodiment, first node will be that second node generates new coin and promises to undertake and be certainly when spending old coin to promise to undertake Body generates small change coin and promises to undertake.Wherein, it is all spent if old coin is promised to undertake, without generating small change coin promise.

D, random number of the first node using second node encrypted public key to transaction amount and for generating new coin sequence number Obtained first ciphertext is encrypted;

In the present embodiment, first node is encrypted transaction amount using the encrypted public key of second node, due to entire There was only second node in block chain network, there are corresponding decrypted private key, and therefore, other nodes can not obtain in the first ciphertext Private transaction information.

Wherein, random number is used for second node when spending new coin to promise to undertake, for generating new coin sequence number to avoid honeysuckle.

E, obtained by first node is encrypted transaction amount and both parties address public key using supervisory node public key The second ciphertext.

In the present embodiment, first node is encrypted transaction amount using the public key of supervisory node, due to entire block There was only supervisory node in chain network, there are corresponding private keys, and therefore, other nodes can not obtain the Private transaction in the second ciphertext Information.In addition, supervisory node decrypts the second ciphertext using one's own side's private key, transaction amount and both parties address public key are obtained, from And it can merchandise and supervise to anonymous refund.

Further, it is based on above-described embodiment, in an alternative embodiment of the invention, second node is based on the public affairs to described The encrypted transaction amount of key information carries out verification:

Second node decrypts first ciphertext using one's own side's decrypted private key, decrypts the new coin using one's own side address private key It promises to undertake, respectively obtains this transaction amount and new coin denomination;It verifies this transaction amount and whether new coin denomination is consistent, if one It causes, is then verified.

In the present embodiment, for avoid in money transfer transactions exist fraud, second node need to this transaction the amount of money and The new coin denomination itself obtained is verified, if verification is consistent, it is determined that transaction is effective.

Due to the encryption that the encryption key that the first ciphertext is provided using second node carries out, second node makes The first ciphertext can be decrypted with one's own side's decrypted private key and obtains this transaction amount;Since new coin is promised to undertake using second node The encryption that the encrypted public key of offer carries out, therefore, second node can decrypt new coin promise using one's own side address private key and obtain New coin denomination.

The present invention also provides a kind of computer readable storage mediums.

In the present embodiment, the anonymous refund program based on block chain, institute are stored on the computer readable storage medium State when the anonymous refund program based on block chain is executed by processor realize as described in any of the above-described embodiment based on area The step of anonymous refund method of block chain.

Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side Method can add the mode of required general hardware platform to realize by software, naturally it is also possible to by hardware, but in many cases The former is more preferably embodiment.Based on this understanding, technical scheme of the present invention substantially in other words does the prior art Going out the part of contribution can be expressed in the form of software products, which is stored in a storage medium In (such as ROM/RAM), including some instructions are used so that a station terminal (can be mobile phone, computer, server or network are set It is standby etc.) execute method described in each embodiment of the present invention.

The embodiment of the present invention is described with above attached drawing, but the invention is not limited in above-mentioned specific Embodiment, the above mentioned embodiment is only schematical, rather than restrictive, those skilled in the art Under the inspiration of the present invention, without breaking away from the scope protected by the purposes and claims of the present invention, it can also make very much Form, it is every using equivalent structure or equivalent flow shift made by description of the invention and accompanying drawing content, directly or indirectly Other related technical areas are used in, all of these belong to the protection of the present invention.

Claims (21)

1. a kind of anonymous refund method based on block chain, which is characterized in that the anonymous refund method packet based on block chain Include following steps:
First node initiates money transfer transactions request to second node, receives the public key information that second node returns;
First node generates the Transaction Information of this transaction, and the Transaction Information is sent to second node, the transaction letter Breath includes that the new coin generated based on the public key information is promised to undertake, demonstrate,proved based on the encrypted transaction amount of the public key information, Zero Knowledge It is bright;
Second node is verified to described based on the encrypted transaction amount of the public key information, if being verified, the second section Point announces the Transaction Information in block chain network, so that miner's node is verified and keeps accounts to this transaction;
Miner's node verifies the proof content in the zero-knowledge proof, if being verified, it is determined that this transaction has It imitates and charges to the Transaction Information in block chain.
2. the anonymous refund method based on block chain as described in claim 1, which is characterized in that the public key information includes: Second node address public key and second node encrypted public key;
The Transaction Information further includes:Old coin sequence number is that the small change coin that one's own side generates is promised to undertake, used using one's own side address public key To the random number for generating new coin sequence number obtained first ciphertext is encrypted, using supervision in the second node encrypted public key Obtained second ciphertext is encrypted to transaction amount and both parties' public key in node public key.
3. the anonymous refund method based on block chain as claimed in claim 2, which is characterized in that the second node is to described It is verified, is specifically included based on the encrypted transaction amount of the public key information:
Second node is based on the encrypted transaction amount of second node encrypted public key using the decryption of one's own side's decrypted private key, using one's own side Location private key decryption first node is that the new coin that second node generates is promised to undertake using second node address public key, respectively obtains trade gold Volume and new coin denomination;
It verifies this transaction amount and whether new coin denomination is consistent, if unanimously, being verified.
4. the anonymous refund method based on block chain as claimed in claim 2, which is characterized in that miner's node is to described Proof content in zero-knowledge proof carries out verifying corresponding verification content:
A, it verifies whether comprising promising to undertake in the data format of old coin and new coin, if so, determining that old coin and new coin format are complete;
B, whether the address public key of verification first node corresponds with address private key, if so, determining the identity letter of requestee Breath is true;
C, verify whether old coin sequence number corresponds with first node address private key, if so, determining that old coin sequence number calculates Correctly;
D, the old coin of verification first node, which is promised to undertake, whether there is in promising to undertake in Merkle trees, if so, it is effective to determine that old coin is promised to undertake;
E, verify whether the sum of old coin amount of money in entire block chain network is equal to the sum of new coin amount of money, if so, determining this Transaction amount is effective.
5. the anonymous refund method based on block chain as claimed in claim 2, which is characterized in that the hideing based on block chain Name transfer account method further include:
Supervisory node decrypts second ciphertext using one's own side's private key, obtains transaction amount and both parties address public key, for Anonymous refund transaction is supervised.
6. the anonymous refund method based on block chain as described in claim 1, which is characterized in that the hideing based on block chain Name transfer account method further include:
First node initiates purchase coin transaction request to note issuance node, and receives note issuance node and asked to purchase coin transaction It asks to return to subscribe really after being audited and buys information;
First node, using the address private key and address public key of one's own side, generates this respectively after receiving confirmation purchase information Merchandise corresponding currency serial numbers of coin are purchased to promise to undertake with currency, and by the currency serial numbers, the currency is promised to undertake and the goods Coin promises to undertake that required denomination of coining is sent to note issuance node and is verified;
Whether the transaction denomination of this purchase coin transaction of note issuance node verification and denomination of coining are consistent, if unanimously, generating casting Coin Transaction Information, and Transaction Information of coining described in announcement in block chain network, so that miner's node tests this transaction Card and book keeping operation;
Wherein, the Transaction Information of coining includes:Note issuance node is that transaction id, the currency that this transaction generates are promised to undertake And note issuance node is the digital signature that this transaction generates.
7. a kind of anonymous refund method based on block chain, which is characterized in that the anonymous refund method packet based on block chain Include following steps:
First node initiates money transfer transactions request to second node, receives the public key information that second node returns;
The Transaction Information of this transaction is generated, and the Transaction Information is sent to second node, so that second node is to being based on The encrypted transaction amount of public key information is verified, and the Transaction Information includes the new coin generated based on the public key information It promises to undertake, based on the encrypted transaction amount of the public key information, zero-knowledge proof;
Wherein, if transaction amount is verified, second node announces the Transaction Information in block chain network, for miner Node verifies the proof content in the zero-knowledge proof, if the zero-knowledge proof is verified, miner's node It determines this transaction effectively and charges to the Transaction Information in block chain.
8. the anonymous refund method based on block chain as claimed in claim 7, which is characterized in that the public key information includes: Second node address public key and second node encrypted public key;
The Transaction Information further includes:Old coin sequence number is that the small change coin that one's own side generates is promised to undertake, used using one's own side address public key To the random number for generating new coin sequence number obtained first ciphertext is encrypted, using supervision in the second node encrypted public key Obtained second ciphertext is encrypted to transaction amount and both parties' public key in node public key.
9. the anonymous refund method based on block chain as claimed in claim 8, which is characterized in that the hideing based on block chain Name transfer account method further include:
Supervisory node decrypts second ciphertext using one's own side's private key, obtains transaction amount and both parties address public key, for Anonymous refund transaction is supervised.
10. the anonymous refund method based on block chain as claimed in claim 7, which is characterized in that described based on block chain Anonymous refund method further includes:
First node initiates purchase coin transaction request to note issuance node, and receives note issuance node and asked to purchase coin transaction It asks to return to subscribe really after being audited and buys information;
After receiving confirmation purchase information, using the address private key and address public key of one's own side, this purchase coin transaction is generated respectively Corresponding currency serial numbers are promised to undertake with currency, and the currency serial numbers, currency promise and the currency are promised to undertake institute It is required that denomination of coining be sent to note issuance node, for verify this purchase coin transaction transaction denomination and coin denomination whether Unanimously;
Wherein, if verification is consistent, note issuance node generates Transaction Information of coining, and the casting is announced in block chain network Coin Transaction Information, so that miner's node is verified and keeps accounts to this transaction, the Transaction Information of coining includes:Note issuance Node is the number label that transaction id, the currency that this transaction generates are promised to undertake and note issuance node is this transaction generation Name.
11. a kind of anonymous refund method based on block chain, which is characterized in that the anonymous refund method packet based on block chain Include following steps:
Second node receives the money transfer transactions request that first node is initiated, and returns to public key information to first node;
The Transaction Information for this transaction that first node generates and sends is received, the Transaction Information includes believing based on the public key The new coin that breath generates is promised to undertake, based on the encrypted transaction amount of the public key information, zero-knowledge proof;
It is verified based on the encrypted transaction amount of the public key information to described;
If transaction amount is verified, the Transaction Information is announced in block chain network, so that miner's node is to described zero Proof content in knowledge proof is verified, if the zero-knowledge proof is verified, miner's node determines this transaction Effectively and the Transaction Information is charged in block chain.
12. the anonymous refund method based on block chain as claimed in claim 11, which is characterized in that the public key information packet It includes:Second node address public key and second node encrypted public key;
The Transaction Information further includes:Old coin sequence number is that the small change coin that one's own side generates is promised to undertake, used using one's own side address public key To the random number for generating new coin sequence number obtained first ciphertext is encrypted, using supervision in the second node encrypted public key Obtained second ciphertext is encrypted to transaction amount and both parties' public key in node public key.
13. the anonymous refund method based on block chain as claimed in claim 12, which is characterized in that described to be based on institute to described It states the encrypted transaction amount of public key information and verify and include:
Second node is based on the encrypted transaction amount of second node encrypted public key using the decryption of one's own side's decrypted private key, using one's own side Location private key decryption first node is that the new coin that second node generates is promised to undertake using second node address public key, respectively obtains trade gold Volume and new coin denomination;
It verifies this transaction amount and whether new coin denomination is consistent, if unanimously, being verified.
14. the anonymous refund method based on block chain as claimed in claim 11, which is characterized in that described based on block chain Anonymous refund method further includes:
Supervisory node decrypts second ciphertext using one's own side's private key, obtains transaction amount and both parties address public key, for Anonymous refund transaction is supervised.
15. a kind of anonymous refund system based on block chain, which is characterized in that the anonymous refund system includes:Block link network Network, block chain, the block chain network include:First node, second node, miner's node;
First node receives the public key information that second node returns for initiating money transfer transactions request to second node;Generate this The Transaction Information of secondary transaction;The Transaction Information is sent to second node, the Transaction Information includes believing based on the public key The new coin that breath generates is promised to undertake, based on the encrypted transaction amount of the public key information, zero-knowledge proof;
Second node, for being verified based on the encrypted transaction amount of the public key information to described, if being verified, the Two nodes announce the Transaction Information in block chain network, so that miner's node is verified and keeps accounts to this transaction;
Miner's node, for being verified to the proof content in the zero-knowledge proof, if being verified, it is determined that this friendship Easily effectively and the Transaction Information is charged in block chain.
16. the anonymous refund system based on block chain as claimed in claim 15, which is characterized in that in the block chain network Further include:Supervisory node;The public key information includes:Second node address public key and second node encrypted public key;
The Transaction Information further includes:Old coin sequence number is that the small change coin that one's own side generates is promised to undertake, used using one's own side address public key To the random number for generating new coin sequence number obtained first ciphertext is encrypted, using supervision in the second node encrypted public key Obtained second ciphertext is encrypted to transaction amount and both parties' public key in node public key.
17. the anonymous refund system based on block chain as claimed in claim 16, which is characterized in that the second node is also used In:
It is based on the encrypted transaction amount of second node encrypted public key using the decryption of one's own side's decrypted private key, uses one's own side address private key solution Close first node is that the new coin that second node generates is promised to undertake using second node address public key, respectively obtains transaction amount and new coin Denomination;It verifies this transaction amount and whether new coin denomination is consistent, if unanimously, being verified.
18. the anonymous refund system based on block chain as claimed in claim 15, which is characterized in that miner's node is to institute It states the proof content in zero-knowledge proof and carries out verifying corresponding verification content and include:
A, it verifies whether comprising promising to undertake in the data format of old coin and new coin, if so, determining that old coin and new coin format are complete;
B, whether the address public key of verification first node corresponds with address private key, if so, determining the identity letter of requestee Breath is true;
C, verify whether old coin sequence number corresponds with first node address private key, if so, determining that old coin sequence number calculates Correctly;
D, the old coin of verification first node, which is promised to undertake, whether there is in promising to undertake in Merkle trees, if so, it is effective to determine that old coin is promised to undertake;
E, verify whether the sum of old coin amount of money in entire block chain network is equal to the sum of new coin amount of money, if so, determining this Transaction amount is effective.
19. the anonymous refund system based on block chain as claimed in claim 16, which is characterized in that the supervisory node is used In:
Second ciphertext is decrypted using one's own side's private key, obtains transaction amount and both parties address public key, for turning to anonymity Account transaction is supervised.
20. the anonymous refund system based on block chain as claimed in claim 15, which is characterized in that in the block chain network Further include:Note issuance node;
First node is additionally operable to:Purchase coin transaction request is initiated to note issuance node;After receiving confirmation purchase information, use The address private key and address public key of one's own side generates this corresponding currency serial numbers of purchase coin transaction and is promised to undertake with currency respectively, and will The currency serial numbers, the currency are promised to undertake and the currency promises to undertake that required denomination of coining is sent to note issuance node It is verified;
Note issuance node is used for:It is returned to first node after being audited to the purchase coin transaction request and confirms purchase information; Whether transaction denomination and the denomination of coining for verifying this purchase coin transaction are consistent, if unanimously, generating Transaction Information of coining, and in area It coins Transaction Information described in being announced in block chain network, so that miner's node is verified and keeps accounts to this transaction;
Wherein, the Transaction Information of coining includes:Note issuance node is that transaction id, the currency that this transaction generates are promised to undertake And note issuance node is the digital signature that this transaction generates.
21. a kind of computer readable storage medium, which is characterized in that be stored with based on area on the computer readable storage medium The anonymous refund program of block chain realizes such as claim 1- when the anonymous refund program based on block chain is executed by processor The step of anonymous refund method based on block chain described in any one of 14.
CN201810477299.8A 2018-05-17 2018-05-17 Anonymous refund method, system and storage medium based on block chain CN108764874A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810477299.8A CN108764874A (en) 2018-05-17 2018-05-17 Anonymous refund method, system and storage medium based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810477299.8A CN108764874A (en) 2018-05-17 2018-05-17 Anonymous refund method, system and storage medium based on block chain

Publications (1)

Publication Number Publication Date
CN108764874A true CN108764874A (en) 2018-11-06

Family

ID=64007322

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810477299.8A CN108764874A (en) 2018-05-17 2018-05-17 Anonymous refund method, system and storage medium based on block chain

Country Status (1)

Country Link
CN (1) CN108764874A (en)

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109447791A (en) * 2018-11-09 2019-03-08 北京邮电大学 A kind of funds transaction method and device based on block chain
WO2019072268A2 (en) 2018-11-07 2019-04-18 Alibaba Group Holding Limited Blockchain data protection based on account note model with zero-knowledge proof
WO2019072261A2 (en) 2018-11-07 2019-04-18 Alibaba Group Holding Limited Regulating blockchain confidential transactions
WO2019072302A2 (en) 2018-12-21 2019-04-18 Alibaba Group Holding Limited Blockchain data protection based on generic account model and homomorphic encryption
CN109858281A (en) * 2019-02-01 2019-06-07 杭州云象网络技术有限公司 A kind of block chain account model method for secret protection based on zero-knowledge proof
CN109903026A (en) * 2018-12-14 2019-06-18 阿里巴巴集团控股有限公司 Event-handling method and device, electronic equipment based on block chain
WO2019072265A3 (en) * 2018-11-07 2019-08-22 Alibaba Group Holding Limited Blockchain system supporting public and private transactions under account models
WO2019072264A3 (en) * 2018-11-07 2019-08-22 Alibaba Group Holding Limited Blockchain data protection using homomorphic encryption
WO2019072278A3 (en) * 2018-11-27 2019-09-19 Alibaba Group Holding Limited System and method for information protection
WO2019072279A3 (en) * 2018-11-27 2019-09-19 Alibaba Group Holding Limited System and method for information protection
WO2019072276A3 (en) * 2018-11-27 2019-09-19 Alibaba Group Holding Limited System and method for information protection
CN110348837A (en) * 2019-06-28 2019-10-18 阿里巴巴集团控股有限公司 A kind of transfer account method and system based on block chain intelligence contract
WO2019072300A3 (en) * 2018-12-21 2019-10-24 Alibaba Group Holding Limited Blockchain data protection based on generic account model and homomorphic encryption
EP3549306A4 (en) * 2018-11-07 2020-01-01 Alibaba Group Holding Limited Recovering encrypted transaction information in blockchain confidential transactions
US10652019B1 (en) 2019-08-28 2020-05-12 Qed-It Systems Ltd. Atomic swap using zero-knowledge proofs, and applications thereof
US10700850B2 (en) 2018-11-27 2020-06-30 Alibaba Group Holding Limited System and method for information protection
US10715500B2 (en) 2018-11-27 2020-07-14 Alibaba Group Holding Limited System and method for information protection
US10755276B2 (en) 2018-12-14 2020-08-25 Alibaba Group Holding Limited Event processing method, apparatus and electronic device based on blockchain technology
TWI706275B (en) 2018-11-27 2020-10-01 香港商阿里巴巴集團服務有限公司 System and method for information protection

Cited By (45)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
RU2727161C1 (en) * 2018-11-07 2020-07-21 Алибаба Груп Холдинг Лимитед Protection of these chains of blocks using homomorphic encryption
WO2019072268A2 (en) 2018-11-07 2019-04-18 Alibaba Group Holding Limited Blockchain data protection based on account note model with zero-knowledge proof
WO2019072261A2 (en) 2018-11-07 2019-04-18 Alibaba Group Holding Limited Regulating blockchain confidential transactions
US10664835B2 (en) 2018-11-07 2020-05-26 Alibaba Group Holding Limited Blockchain data protection using homomorphic encryption
AU2018347190A1 (en) * 2018-11-07 2020-05-21 Advanced New Technologies Co., Ltd. Blockchain data protection based on account note model with zero-knowledge proof
EP3545647A4 (en) * 2018-11-07 2019-11-27 Alibaba Group Holding Limited Regulating blockchain confidential transactions
WO2019072265A3 (en) * 2018-11-07 2019-08-22 Alibaba Group Holding Limited Blockchain system supporting public and private transactions under account models
WO2019072264A3 (en) * 2018-11-07 2019-08-22 Alibaba Group Holding Limited Blockchain data protection using homomorphic encryption
WO2019072268A3 (en) * 2018-11-07 2019-08-22 Alibaba Group Holding Limited Blockchain data protection based on account note model with zero-knowledge proof
WO2019072261A3 (en) * 2018-11-07 2019-09-12 Alibaba Group Holding Limited Regulating blockchain confidential transactions
RU2729595C1 (en) * 2018-11-07 2020-08-11 Алибаба Груп Холдинг Лимитед Protection of data of chains of blocks on basis of model of banknotes on accounts with proof with zero disclosure
TWI695613B (en) * 2018-11-07 2020-06-01 香港商阿里巴巴集團服務有限公司 Blockchain data protection using homomorphic encryption
RU2720354C1 (en) * 2018-11-07 2020-04-29 Алибаба Груп Холдинг Лимитед Control of confidential blockchain transactions
RU2726157C1 (en) * 2018-11-07 2020-07-09 Алибаба Груп Холдинг Лимитед Recovering encrypted transaction information in confidential transactions with blockchain
US10678931B2 (en) 2018-11-07 2020-06-09 Alibaba Group Holding Limited Regulating blockchain confidential transactions
EP3542336A4 (en) * 2018-11-07 2019-11-20 Alibaba Group Holding Limited Blockchain data protection based on account note model with zero-knowledge proof
EP3549306A4 (en) * 2018-11-07 2020-01-01 Alibaba Group Holding Limited Recovering encrypted transaction information in blockchain confidential transactions
CN109447791A (en) * 2018-11-09 2019-03-08 北京邮电大学 A kind of funds transaction method and device based on block chain
US10726657B2 (en) 2018-11-27 2020-07-28 Alibaba Group Holding Limited System and method for information protection
RU2716740C1 (en) * 2018-11-27 2020-03-16 Алибаба Груп Холдинг Лимитед Information protection system and method
KR102139897B1 (en) * 2018-11-27 2020-07-31 알리바바 그룹 홀딩 리미티드 System and method for information protection
WO2019072276A3 (en) * 2018-11-27 2019-09-19 Alibaba Group Holding Limited System and method for information protection
WO2019072279A3 (en) * 2018-11-27 2019-09-19 Alibaba Group Holding Limited System and method for information protection
AU2018347196B2 (en) * 2018-11-27 2020-05-14 Advanced New Technologies Co., Ltd. System and method for information protection
US10748370B2 (en) 2018-11-27 2020-08-18 Alibaba Group Holding Limited System and method for information protection
RU2721959C1 (en) * 2018-11-27 2020-05-25 Алибаба Груп Холдинг Лимитед System and method for protecting information
TWI706275B (en) 2018-11-27 2020-10-01 香港商阿里巴巴集團服務有限公司 System and method for information protection
US10700850B2 (en) 2018-11-27 2020-06-30 Alibaba Group Holding Limited System and method for information protection
KR20200066259A (en) * 2018-11-27 2020-06-09 알리바바 그룹 홀딩 리미티드 System and method for information protection
WO2019072278A3 (en) * 2018-11-27 2019-09-19 Alibaba Group Holding Limited System and method for information protection
US10715500B2 (en) 2018-11-27 2020-07-14 Alibaba Group Holding Limited System and method for information protection
US10817872B2 (en) 2018-12-14 2020-10-27 Advanced New Technologies Co., Ltd. Event processing method, apparatus and electronic device based on blockchain technology
US10755276B2 (en) 2018-12-14 2020-08-25 Alibaba Group Holding Limited Event processing method, apparatus and electronic device based on blockchain technology
CN109903026A (en) * 2018-12-14 2019-06-18 阿里巴巴集团控股有限公司 Event-handling method and device, electronic equipment based on block chain
US10680800B2 (en) 2018-12-21 2020-06-09 Alibaba Group Holding Limited Blockchain data protection based on generic account model and homomorphic encryption
EP3560144A4 (en) * 2018-12-21 2020-03-04 Alibaba Group Holding Limited Blockchain data protection based on generic account model and homomorphic encryption
WO2019072300A3 (en) * 2018-12-21 2019-10-24 Alibaba Group Holding Limited Blockchain data protection based on generic account model and homomorphic encryption
RU2719451C1 (en) * 2018-12-21 2020-04-17 Алибаба Груп Холдинг Лимитед Protection of data of block chains based on common model based on accounts and homomorphic encryption
US10708039B1 (en) 2018-12-21 2020-07-07 Alibaba Group Holding Limited Blockchain data protection based on generic account model and homomorphic encryption
RU2733223C1 (en) * 2018-12-21 2020-09-30 Алибаба Груп Холдинг Лимитед Protection of data of chains of blocks based on common model based on accounts and homomorphic encryption
WO2019072302A2 (en) 2018-12-21 2019-04-18 Alibaba Group Holding Limited Blockchain data protection based on generic account model and homomorphic encryption
US10790987B2 (en) 2018-12-21 2020-09-29 Alibaba Group Holding Limited Blockchain data protection based on generic account model and homomorphic encryption
CN109858281A (en) * 2019-02-01 2019-06-07 杭州云象网络技术有限公司 A kind of block chain account model method for secret protection based on zero-knowledge proof
CN110348837A (en) * 2019-06-28 2019-10-18 阿里巴巴集团控股有限公司 A kind of transfer account method and system based on block chain intelligence contract
US10652019B1 (en) 2019-08-28 2020-05-12 Qed-It Systems Ltd. Atomic swap using zero-knowledge proofs, and applications thereof

Similar Documents

Publication Publication Date Title
US9785941B2 (en) Tokenization in mobile environments
US9436935B2 (en) Computer system for making a payment using a tip button
US20190325405A1 (en) System and method for rendering virtual currency related services
US9818092B2 (en) System and method for executing financial transactions
Lansky Possible state approaches to cryptocurrencies
CN105684346B (en) Ensure the method for air communication safety between mobile application and gateway
US20150310426A1 (en) Bit Currency: Transactional Trust Tools
Ahamad et al. A survey on crypto currencies
CN109313753A (en) For providing the system and method for data-privacy in privately owned distributed account book
CN107666388B (en) Block chain information encryption method based on complete homomorphic cryptography method
WO2017137888A1 (en) Systems and methods for messaging, calling, digital multimedia capture, payment transactions, global digital ledger, and national currency world digital token
US20150081567A1 (en) Electronic transaction system and method with participant authentication via separate authority from real-time payment validation
US5799087A (en) Electronic-monetary system
JP3390016B2 (en) Trust agent for open distribution of electronic money
EP1669955B1 (en) System and method of bootstrapping a temporary public-key infrastructure from a cellular telecommunication authentication and billing infrastructure
US20150039470A1 (en) Decentralized Internet Shopping Marketplaces
CN109089428A (en) For improving the system and method for the safety in block chain transaction in assets
US5774553A (en) Foreign exchange transaction system
CN108352008A (en) The numerical data operation of safety
CN108604344A (en) Method and system for using digital signature creation Trusted Digital assets transfer
DE69828971T2 (en) Symmetrically secured electronic communication system
JP3083187B2 (en) Key management method of electronic wallet system
US7865431B2 (en) Private electronic value bank system
CN106982205B (en) Block chain-based digital asset processing method and device
CN107145768A (en) Copyright managing method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination