CN108776892B - Storage system, device, and recovery method of storage system - Google Patents

Storage system, device, and recovery method of storage system Download PDF

Info

Publication number
CN108776892B
CN108776892B CN201810488513.XA CN201810488513A CN108776892B CN 108776892 B CN108776892 B CN 108776892B CN 201810488513 A CN201810488513 A CN 201810488513A CN 108776892 B CN108776892 B CN 108776892B
Authority
CN
China
Prior art keywords
account
new account
information
private information
new
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810488513.XA
Other languages
Chinese (zh)
Other versions
CN108776892A (en
Inventor
闫浩
邹斌
李敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ora Inc
Original Assignee
Ora Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ora Inc filed Critical Ora Inc
Priority to CN201810488513.XA priority Critical patent/CN108776892B/en
Publication of CN108776892A publication Critical patent/CN108776892A/en
Application granted granted Critical
Publication of CN108776892B publication Critical patent/CN108776892B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/105Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems involving programming of a portable memory device, e.g. IC cards, "electronic purses"
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Abstract

The embodiment of the invention provides a storage system, equipment and a recovery method. The storage system comprises a 1 st device and a 2 nd device which establishes connection with the 1 st device, wherein the 2 nd device is a new device; verifying the input authentication information using the authentication information stored in the 1 st device; if the verification is passed, generating a new account in the 1 st device or the 2 nd device; a transfer is made from the original account of the 1 st device to the new account. Thus, the burden on the user can be reduced, and the capital safety can still be ensured.

Description

Storage system, device, and recovery method of storage system
Technical Field
The present invention relates to the field of information technologies, and in particular, to a storage system, a device, and a method for recovering the storage system.
Background
In the prior art, virtual currency/digital currency is widely used, and the funds in the account of the virtual currency/digital currency can be transferred (transferred) by using private key information, so that the storage of the private key information becomes a very important subject.
In addition, in the conventional technology, private key information, for example, a private key of virtual money/digital money and/or a seed password, is stored in a separate hardware device, so that the private key information can be stored offline, thereby ensuring security. Such a hardware device is called a hardware wallet. When the hardware wallet is lost, the user can use the kept mnemonics to recover the private key on the new wallet hardware by the following method: and recovering the seed password by the mnemonic words and recovering the private key by the seed password so as to retrieve the digital currency/virtual currency.
It should be noted that the above background description is only for the sake of clarity and complete description of the technical solutions of the present invention and for the understanding of those skilled in the art. Such solutions are not considered to be known to the person skilled in the art merely because they have been set forth in the background section of the invention.
Disclosure of Invention
However, the inventors found that: under the condition that the private key is recovered in a new hardware wallet by using the mnemonic words, on one hand, the user needs to keep the mnemonic words which are generally long, so that the burden of the user is increased, and when the mnemonic words are used in accounts in a plurality of terminals, the mnemonic words have no protection capability, the private key is low in theft cost, once the private key is obtained by other people, the fund is threatened, on the other hand, the fund can be transferred by the cracked private key in the hardware wallet, and once the hardware wallet for storing the private key is obtained by other people and is cracked, the safety of the fund cannot be ensured.
The present invention has been made in view of the above-mentioned problems, and provides a storage system, a device, and a recovery method for a storage system.
According to a first aspect of embodiments of the present invention, there is provided a storage system, wherein,
the system comprises a 1 st device and a 2 nd device which establishes connection with the 1 st device, wherein the 2 nd device is a new device;
verifying the input authentication information using the authentication information stored in the 1 st device;
generating a new account in the 1 st device or the 2 nd device if the verification passes;
transferring the transfer from the original account of the 1 st device to the new account.
According to a second aspect of the embodiments of the present invention, a method for recovering a storage system is provided, where the storage system includes a 1 st device and a 2 nd device that establishes a connection with the 1 st device, and the 2 nd device is a new device, where the method includes:
verifying the input authentication information using the authentication information stored in the 1 st device;
generating a new account in the 1 st device or the 2 nd device if the verification passes;
transferring the transfer from the original account of the 1 st device to the new account.
According to a third aspect of the embodiments of the present invention, there is provided a 1 st device that establishes a connection with a 2 nd device that is a new device, wherein the 1 st device includes:
a storage unit storing authentication information and original account information;
an account generation unit that generates a new account in the 1 st device; and
a transfer unit transferring money from the original account to the new account.
According to a fourth aspect of the embodiments of the present invention, there is provided a 2 nd device that establishes a connection with a 1 st device storing a primary account, wherein the 2 nd device includes:
an account generation unit that generates a new account in the 2 nd device;
an information transmitting unit that transmits the new account to the 1 st device.
The embodiment of the invention has the beneficial effects that: the private key is not required to be recovered through the mnemonic words, so that the user does not need to keep the mnemonic words, the burden of the user can be reduced, when the 1 st equipment or the 2 nd equipment is lost, funds in an account in the lost equipment are transferred to a new account, and the fund safety can still be ensured even if the equipment is lost or cracked.
Specific embodiments of the present invention are disclosed in detail with reference to the following description and accompanying drawings, which specify the manner in which the principles of the embodiments of the invention may be employed. It should be understood that the embodiments of the invention are not so limited in scope. The embodiments of the invention include many variations, modifications and equivalents within the spirit and scope of the appended claims.
Features that are described and/or illustrated with respect to one embodiment may be used in the same way or in a similar way in one or more other embodiments, in combination with or instead of the features of the other embodiments.
It should be emphasized that the term "comprises/comprising" when used herein, is taken to specify the presence of stated features, integers, steps or components but does not preclude the presence or addition of one or more other features, integers, steps or components.
Drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention. It is obvious that the drawings in the following description are only some embodiments of the invention, and that for a person skilled in the art, other drawings can be derived from them without inventive effort. In the drawings:
FIG. 1 is a schematic view of a storage system of embodiment 1;
FIG. 2 is another schematic view of the storage system of embodiment 1;
FIG. 3 is still another schematic view of the storage system of embodiment 1;
FIG. 4 is a schematic view of a control method of the storage system of embodiment 1;
FIG. 5 is a schematic view of the apparatus of example 2 in item 1;
FIG. 6 is another schematic view of the apparatus of example 2;
FIG. 7 is a schematic diagram of the apparatus of example 1;
FIG. 8 is another schematic view of the apparatus of example 1;
FIG. 9 is a schematic view of the 2 nd apparatus of example 4;
FIG. 10 is another schematic view of the 2 nd apparatus of example 4;
Detailed Description
The foregoing and other features of embodiments of the present invention will become apparent from the following description, taken in conjunction with the accompanying drawings. In the description and drawings, particular embodiments of the invention have been disclosed in detail as being indicative of some of the embodiments in which the principles of embodiments of the invention may be employed, it being understood that the invention is not limited to the embodiments described, but, on the contrary, is intended to cover all modifications, variations, and equivalents falling within the scope of the appended claims. Various embodiments of the present invention will be described below with reference to the accompanying drawings. These embodiments are merely exemplary and are not intended to limit the present invention.
In the embodiments of the present invention, the terms "1 st", "2 nd", etc. are used to distinguish different elements by reference, but do not indicate a spatial arrangement or a temporal order, etc. of the elements, and the elements should not be limited by these terms. The term "and/or" includes any and all combinations of one or more of the associated listed terms. The terms "comprising," "including," "having," and the like, refer to the presence of stated features, elements, components, and do not preclude the presence or addition of one or more other features, elements, components, and elements.
In embodiments of the invention, the singular forms "a", "an", and the like include the plural forms and are to be construed broadly as "a" or "an" and not limited to the meaning of "a" or "an"; furthermore, the term "comprising" should be understood to include both the singular and the plural, unless the context clearly dictates otherwise. Further, the term "according to" should be understood as "at least partially according to … …," and the term "based on" should be understood as "based at least partially on … …," unless the context clearly dictates otherwise.
Example 1
The present embodiment provides a memory system, and fig. 1 is a schematic diagram of a memory system 100 of the present embodiment.
As shown in fig. 1, a storage system 100 includes a 1 st device 101 and a 2 nd device 102 that establishes a connection with the 1 st device 101, where the 2 nd device 102 is a new device; verifying the inputted authentication information using the authentication information stored in the 1 st device 101; in case the verification passes, a new account is generated in the 1 st device 101 or the 2 nd device 102; the transfer is made from the original account of the 1 st device 101 to the new account.
In the embodiment, the private key is not required to be recovered by the mnemonic words, so that the user does not need to keep the mnemonic words, the burden of the user can be reduced, when the 1 st device or the 2 nd device is lost, funds in an account in the lost device are transferred to a new account, and even if the device is lost or cracked, the fund safety can still be ensured.
In the present embodiment, the storage system 100 may be used to store account information of various virtual currencies (also referred to as digital currencies), but the present embodiment is not limited thereto, and for example, the storage system may also be used to store other types of account information, such as information of accounts such as bank accounts, network payment accounts, virtual gaming accounts, etc., and the following description will take the example that the storage system stores account information of various virtual currencies as an example. In the present embodiment, the 1 st device 101, as a device that is not lost, stores previous information such as private key information, authentication information, certificate information, and the like, and for convenience of description, the 1 st device 101 is also referred to as an old device; the 2 nd device 102 is a device for re-pairing with the 1 st device 101 after the device paired with the 1 st device 101 is lost, and does not hold the previous information, and for convenience of description, the 2 nd device 102 is also referred to as a new device.
In this embodiment, whether the device is a new device may be determined by determining whether private key information exists in the device, for example, if the device does not have the private key information, it may be determined that the device is the new device, at this time, a device loss process may be initiated, for example, an authentication input interface is displayed on a user interaction interface, if the device has the private key information, it is determined that the device is an old device, and in this case, a password resetting process is initiated, for example, a password resetting interface is displayed on the user interaction interface.
In one implementation of this embodiment, device 1 101 may be a protection shield and device 2 102 may be a hardware wallet, i.e., in this implementation, the hardware wallet is a lost device, and therefore device 2 (new device) 102 acting as a hardware wallet is used to pair with device 1 101 acting as a protection shield.
In another embodiment of the present embodiment, contrary to the previous embodiment, the 1 st device 101 is a hardware wallet and the 2 nd device 102 is a protection shield, i.e. in this embodiment, the protection shield is a lost device, and thus the 2 nd device 102 (new device) as the protection shield is used to pair with the 1 st device 101 as the hardware wallet.
In this embodiment, the hardware wallet may be a hardware device that stores information including one or any combination of a seed password, a private key, and a mnemonic word of virtual currency, but the embodiment is not limited thereto, for example, the hardware wallet may further store other information, such as a public key, authentication information, and certificate information, etc., where the public key may be generated by the private key, which may be used to generate an address of the wallet, the authentication information may be a pin code (pin code) or a user fingerprint, but is not limited thereto, and the authentication information may also be other encrypted information, such as other biometric information (e.g., user iris information or face image information), or a combination of the above information, and the certificate information may be, for example, a certificate generated when the 1 st device and the 2 nd device are first docked. When the hardware wallet is the 1 st device, the hardware wallet stores the information; when the hardware wallet is the 2 nd device, since it is a new device, the above information is not stored, or the new device holds only basic information of the device such as a device ID and the like. The protection shield can be used as a backup device of the hardware wallet, and can be used for storing the information of the wallet hardware, and can also be used for storing information such as a device ID of the hardware wallet, the device IDs which are backed up with each other can be used for pairing to establish connection, and when the protection shield is the 1 st device, the protection shield stores the information; when the protection shield is the 2 nd device, it does not store the above information because it is a new device.
Since both the protection shield and the hardware wallet are likely to be lost devices, the storage system of the present embodiment will be described below only from the viewpoint of the 1 st device and the 2 nd device. That is, the 1 st device is a device holding original information, and may be a wallet or a protection shield, and correspondingly, the 2 nd device is a device not holding original information, and corresponding to the 1 st device, may be a protection shield or a wallet.
In this embodiment, the 1 st device and the 2 nd device may communicate through various Communication protocols to establish a connection, for example, the 1 st device and the 2 nd device may communicate through a physical connection manner, for example, through various USB interfaces, but not limited thereto, an existing physical connection manner between the devices may also be adopted, and in addition, the 1 st device and the 2 nd device may also communicate through a wireless manner, for example, through wireless Communication technologies such as, but not limited to, tjet (transfer jet), Near Field Communication (Near Field Communication, NFC), BLUETOOTH (BLUETOOTH), and the like, but also may communicate through other wireless Communication technologies. The 1 st device and the 2 nd device may communicate to confirm identity to establish connection, for example, the 1 st device may verify whether the received device ID of the 2 nd device matches the ID of the paired 2 nd device stored in the 1 st device, and the 1 st device may also verify other non-key information (e.g., certificate) received, and in case of successful verification, the 1 st device and the 2 nd device may establish connection to perform subsequent operations.
In this embodiment, when the 2 nd device is a new device, the 1 st device and the 2 nd device may establish a connection to perform a subsequent operation, in an embodiment, the 1 st device may perform self-check (for example, determine whether key information is stored) and send a self-check result to the 1 st device when detecting that the 2 nd device is the new device or the 2 nd device, and when the detection result is that the 2 nd device is the new device, the 1 st device and the 2 nd device may establish a connection, at this time, a device loss process may be initiated, at this time, an interactive interface for acquiring authentication information may appear on the 1 st device, so that a user may input the authentication information, but this embodiment is not limited thereto, and an interactive interface for acquiring authentication information may also appear on the 2 nd device, for example. In the following description, the device for acquiring authentication information is not limited unless otherwise specified.
In this embodiment, when verifying the input authentication information using the authentication information stored in the 1 st device, the 1 st device may verify the input authentication information using its own stored authentication information, but the embodiment is not limited thereto, for example, the 1 st device may send its stored authentication information to the 2 nd device, and perform authentication information verification through the 2 nd device.
In this embodiment, in the case of an authentication information verification error, the 1 st device and/or the 2 nd device will be locked, for example, the number of times of verification error permission may be set, and when the number of consecutive verification errors reaches a set value, the 1 st device and/or the 2 nd device will be locked, thereby preventing malicious attacks.
In this embodiment, in the case that the authentication information passes the verification, a new account may be generated in the 2 nd device, but the embodiment is not limited thereto, and for example, a new account may also be generated in the 1 st device, where the new account may include private key information (such as a private key), and may also include a public key, and the like.
In this embodiment, when transferring from the primary account in the 1 st device to a new account, the transfer may be performed from the primary account to the new account in the 1 st device, and the transfer signature may be performed using private key information (such as a private key) corresponding to the primary account in the 1 st device, but the present invention is not limited thereto, and for example, the private key information and the like corresponding to the primary account in the 1 st device may also be sent to the 2 nd device, so that the transfer signature is performed using the private key information corresponding to the primary account in the 2 nd device. Thus, when a device is lost, funds in an account in the lost device are transferred to a new account, and even if the device is lost or cracked, the fund security can still be guaranteed.
In this embodiment, in a case that a new account is generated in the 1 st device, the 1 st device may send the new account to the 2 nd device, and in an implementation, the 1 st device may send the new account to the 2 nd device when the new account is generated in the 1 st device, where the new account may include private key information, and may also include a public key and the like. But is not limited thereto, for example, the 1 st device may also send a new account to the 2 nd device after the transfer is completed. Thereby, the 1 st device and the 2 nd device complete mutual backup for a new account (key information).
In another embodiment, the device 2 may send the new account to the device 1 in case the new account is generated in the device 2, and in one embodiment, the device 2 may send the new account to the device 1 when the new account is generated in the device 2, but is not limited thereto, for example, the device 2 may also send the new account to the device 1 after the transfer is completed. Thus, device 1 and device 2 complete a mutual backup for the new account.
In this embodiment, after the transfer is completed, the 1 st device may send non-key information (such as authentication information and certificate information) in the 1 st device to the 2 nd device, and the non-key information may further include other information, such as a device ID. Also, the present embodiment is not limited to transmitting the non-key information after the transfer is completed, and for example, the non-key information may be transmitted before the transfer, or may be transmitted together with a new account (key information). Thereby, the 1 st device and the 2 nd device complete mutual backup of non-key information such as key information and authentication information.
In this embodiment, the storage system 100 may have one 1 st device 101 and one 2 nd device 102 as shown in fig. 1, but is not limited thereto, and the storage system 100 may also have one 2 nd device 102 and at least two 1 st devices 101-1, 101-2 … 101-N, where N ≧ 2, for example, the 2 nd device may be wallet hardware, and the 1 st device may be a shield or a protection shield as a backup device.
The following describes a storage system including a 2 nd device 102 and at least two 1 st devices 101-1 and 101-2 … 101-N in detail, and the same parts as those of the storage system 100 in fig. 1 are not described again.
As shown in fig. 2, the storage system 100 includes a 2 nd device 102 and N1 st devices 101-1, 101-2 … 101-N, where N1 st devices 101-1, 101-2 … 101-N establish connection (also called combination mode) therebetween to share information, for example, a plurality of 1 st devices may establish connection therebetween in a wired manner, the 1 st device 101-1 may serve as a main 1 st device that establishes connection with the 2 nd device 102, and the connection manner between the main 1 st device 101-1 and the 2 nd device may refer to the above description about the storage system 100 in fig. 1. Any 1 st device may be used as the main 1 st device, and may be set by a user, or may be automatically set by the connection between the 2 nd device and the 1 st device, which is not limited in this embodiment. When not in use, the 2 nd device 102 and the 1 st devices 101-1 and 101-2 … 101-N are respectively stored, and when in use, the 1 st devices 101-1 and 101-2 … 101-N are connected by wires to be in the combination mode, and when the 1 st devices are in the combination mode, whether the 2 nd device and each 1 st device are connected or not does not need to be considered. When the 2 nd device is lost, the backup information in the 1 st device can be used to retrieve the device. In this embodiment, when the multiple 1 st devices are connected in a wired manner, for example, an encrypted communication channel may be established between the multiple 1 st devices, so that the security of information sharing may be further improved. However, the embodiment is not limited to this, and for example, a plurality of 1 st devices may be connected to each other in a wireless manner. Hereinafter, a plurality of 1 st devices are connected by a wired method as an example.
In one embodiment, the 2 nd device 102 is a new device, each 1 st device is an old device, and each 1 st device 101-1 and 101-2 … 101-N stores a complete copy of private information corresponding to an original account. The private information may include private key information, authentication information, certificate information, and the like.
In this embodiment, the 2 nd device may receive the authentication information input by the user, but is not limited thereto, and the 1 st device may also receive the authentication information input by the user, and the following description will take the 2 nd device to receive the authentication information input by the user as an example.
In this embodiment, after receiving the authentication information input by the user, the 2 nd device may verify the input authentication information by using the authentication information in the private information stored in any one of the 1 st devices; generating a new account in the 2 nd device or the any one of the 1 st devices in case of passing the verification; and transfers from the original account in any of the 1 st devices to the new account.
For example, the main first device 101-1 may serve as any one of the first devices 1, but is not limited thereto, and the any one of the first devices 1 may be another first device 1, and for the process that the any one of the first devices 1 interacts with the second device 2 to generate a new account, and the process of transferring the account from the original account in the first device 1 to the new account may refer to the above description about the storage system 100 in fig. 1, and the same contents are not described again.
In one embodiment, the new account may be generated in any one of the 1 st devices (e.g., 101-1), the 1 st device 101-1 and the other 1 st devices 101-2, … … 101-N may be connected by a wired connection in a combined mode, and an encrypted communication channel may be established between all the 1 st devices by a wired connection so that information sharing may be achieved between all the 1 st devices. Device 1 101-1, which generates a new account, may send the new account to other device 1 through a wired connection in the combo mode, and device 1 101-1 may also send the new account to device 2. Thus, a new account (private information) can be backed up in the 2 nd device, and multiple backups in the plurality of 1 st devices are realized, it should be noted that the same backup information in the 2 nd device and the plurality of 1 st devices includes not only account information but also certificate information, authentication information, and the like, and for the mutual backup of the certificate information and the authentication information between the 2 nd device and the 1 st device, reference may be made to the description about the storage system 100 of fig. 1.
In another embodiment, a new account may be generated in the 2 nd device, each 1 st device is in the combination mode through a wired connection, the 2 nd device transmits the new account to the 1 st device with which the connection is established, and the 1 st device with which the connection is established transmits the new account to the other 1 st devices through wired connections. For the connection between the 1 st devices, reference may be made to the above description. Therefore, multiple backups of account information corresponding to the new account in the 2 nd device and the 1 st devices are realized.
In this embodiment, when a new account is generated in the 2 nd device, the 2 nd device may send new account information (including private key information and the like) to the primary 1 st device when generating a new account or after the transfer is completed, and when a new account is generated in the 1 st device, the 1 st device generating a new account may send new account information to the 2 nd device when generating a new account or after the transfer is completed, and backup the full copy of the new account information to other 1 st devices, thereby completing multiple backups. In this embodiment, before multiple copies of private information corresponding to a new account are completed in each 1 st device, the funds in the original account will not exist or become frozen and cannot be transferred.
In another embodiment, the private information corresponding to the primary account includes at least two private information segments, the number of all the private information segments is the same as that of the 1 st device, and each private information segment is stored on each 1 st device respectively. In this embodiment, the lengths of the private information segments may be the same, but are not limited thereto, and may also be different, and each 1 st device may encrypt and then send the private information segment when performing information sharing or when performing private information segment transmission between the 1 st device and the 2 nd device.
For example, the private information corresponding to the original account is split into private information pieces with the number equal to the number N of the 1 st device, and each private information piece is stored on each 1 st device 101-1 and 101-2 … 101-N respectively. The private information may include private key information, authentication information, certificate information, and the like, and each private information segment may be numbered according to each 1 st device, such as private information segments 1, 2, and … … n.
In this embodiment, as shown in fig. 2, the 1 st devices are connected by a wire, and one 1 st device in the 1 st devices is connected with the 2 nd device 102 as a main 1 st device 101-1; the other 1 st equipment except the 1 st equipment 101-1 sends the stored private information segment to the 1 st equipment 101-1, the 1 st equipment 101-1 obtains a complete copy of the private information corresponding to the original account, the authentication information in the private information is used for verifying the input authentication information, and a new account is generated in the 2 nd equipment 102 or the 1 st equipment 101-1 under the condition that the verification is passed; and transfer the transfer from the primary account in the private information obtained from the primary 1 st device 101-1 to the new account.
For example, N1 st devices are connected by wire and in a combined mode, the 1 st device 101-1 being the main 1 st device; after the 2 nd device and the 1 st device 101-1 establish connection, the 1 st device 101-2 … 101-N sends the stored private information segments 2 and … … N to the 1 st device, the 1 st device 101-1 obtains a complete copy of the private information corresponding to the original account according to all the private information segments 1, 2 and … … N, and verifies the input authentication information by using the authentication information in the private information; if the verification is passed, generating a new account in the 1 st device or the main 2 nd device; transfers are made from the original account to the new account.
In this embodiment, a new account may be generated in any 1 st device, for example, a new account may be generated in the main 1 st device 101-1, and a new account may also be generated in the 1 st device 101-N corresponding to the secret information segment number N, but is not limited thereto, and a new account may also be generated in other 1 st devices or 2 nd devices.
In this embodiment, a transfer may be performed to a new account by using an original account in the complete private information obtained in the primary 1 st device 101-1, for example, a transfer signature may be performed by using private key information in the complete private information.
In this embodiment, when a new account is generated in the primary 1 st device 101-1, the 1 st device 101-1 splits the private information corresponding to the new account into n private information segments, and the primary 1 st device 101-1 reserves its own private information segment and sends other private information segments to other 1 st devices, respectively. But is not limited to this, new accounts may also be generated in other 1 st devices, in which case it may be implemented in a similar manner. Therefore, split backup in a plurality of 1 st devices can be realized, and stronger private information protection can be realized.
In this embodiment, when a new account is generated in the 2 nd device 102, the 2 nd device 102 splits private information corresponding to the new account into n private information segments, the 2 nd device 102 sends the private information segments to the main 1 st device 101-1, the main 1 st device 101-1 reserves its private information segment, and sends other private information segments to the 1 st device respectively. Wherein the 1 st device connected to the 2 nd device 102 is the primary 1 st device 101-1. Therefore, split backup in a plurality of 1 st devices can be realized, and stronger private information protection can be realized.
The above describes a manner in which a plurality of 2 nd devices are connected in a combined mode to realize information sharing, where one 1 st device 101-1 as a main 1 st device establishes a connection with the 2 nd device 102, but the embodiment is not limited thereto, and there may be other connection manners between the 2 nd device 102 and the plurality of 1 st devices.
As shown in fig. 3, the storage system 100 includes a 2 nd device 102 and N1 st devices 101-1, 101-2 … 101-N, where the N1 st devices 101-1, 101-2 … 101-N establish connections with the 1 st device 101, respectively, and reference may be made to the above description about the storage system 100 in fig. 1 for the connection manner between each 1 st device and each 2 nd device. When not in use, the 2 nd device 102 and the 1 st devices 101-1 and 101-2 … 101-N are stored, respectively, and when in use, the 1 st devices 101-1 and 101-2 … 101-N are connected to the 1 st device, respectively. When the 2 nd device is lost, the backup information in the 1 st device can be used to retrieve the device.
In one embodiment, device 2 102 is the new device and a full copy of the private information corresponding to the original account is stored on each of devices 1 101-1, 101-2 … 101-N, respectively. The private information may include private key information, authentication information, certificate information, and the like.
In this embodiment, the authentication information stored in any one of the 1 st devices may be used to verify the input authentication information; generating a new account in the 2 nd device or the any one of the 1 st devices in case of passing the verification; and transfers from the original account in any of the 1 st devices to the new account. In this embodiment, the authentication information input by the user may be received through the 2 nd device, but the embodiment is not limited thereto, and the authentication information input by the user may also be received through the 1 st device, which is not limited in this embodiment.
For example, the authentication information in the private information stored in the 1 st device 101-1 may be used to verify the inputted authentication information, but is not limited thereto, and the authentication information stored in any other 1 st device may also be used to verify the inputted authentication information, and the above description about the storage system 100 in fig. 1 may be referred to for the verification of the authentication information. If the verification passes, a new account may be generated in the 1 st device 101-1, but the method is not limited to this, and for example, a new account may also be generated in the 2 nd device, and in a case where other 1 st devices are connected to the 2 nd device, a new account may also be generated in other 1 st devices. When the transfer is made, the transfer may be made from the original account in the 1 st device 101-1 to a new account, for example, but not limited to, the transfer signature may be made using the key information in the 1 st device 101-1, and the transfer signature may also be made using the key information in other 1 st devices.
In this embodiment, when a new account is generated in any one of the 1 st devices, the 1 st device that generates the new account may send new account information to the 2 nd device that has established a connection with the 1 st device, and after other 1 st devices establish a connection with the 2 nd device, the 2 nd device sends the new account information to a specific number of the 2 nd devices other than the 1 st device that generates the new account according to a predetermined multiple backup number, whereby multiple backups of secret information corresponding to the new account information may be implemented in the specific number of the 1 st devices.
In this embodiment, when a new account is generated in the 2 nd device, the 2 nd device may send private information (including private key information and the like) corresponding to the new account to each 2 nd device connected to the 2 nd device after the new account is generated, so that multiple backups are completed in a predetermined number of 1 st devices. In this embodiment, the funds in the original account will not be present until multiple backups are completed in a predetermined number of devices 1. In this embodiment, the sending process of the private information corresponding to the new account may be performed before or after the transfer process, which is not limited in this embodiment.
In another embodiment, the private information corresponding to the primary account includes at least two private information segments, the number of all the private information segments is the same as that of the 1 st device, and each private information segment is stored on each 1 st device respectively.
In this embodiment, each 1 st device establishes a connection with the 2 nd device 102, each 1 st device may send a respective stored private information segment to the 2 nd device 102, and the 2 nd device 102 can thus obtain a complete copy of the private information corresponding to the original account; verifying the input authentication information by using the authentication information in the private information; generating a new account in the 2 nd device if the verification passes; and transfers from the original account obtained by the 2 nd device to the new account. Thus, when the original 2 nd device is lost, the funds in the original account in the lost device are transferred to a new account, and even if the lost device is cracked, the fund security can still be ensured.
The 2 nd equipment splits the private information corresponding to the new account into at least two private information sections, the number of all the private information sections is the same as that of the 1 st equipment, and the 2 nd equipment sends each private information section to each 1 st equipment respectively.
Thus, split backup in a plurality of 1 st devices can be realized, and stronger private information protection can be realized.
For example, the private information corresponding to the original account is split into private information pieces with the number equal to the number N of the 1 st device, and each private information piece is stored on each 1 st device 101-1 and 101-2 … 101-N respectively. The private information may include private key information, authentication information, certificate information, and the like, and each private information segment may be numbered according to each 1 st device, such as private information segments 1, 2, and … … n.
In this embodiment, after the 2 nd device 102 establishes a connection with each of the 1 st devices 101-1 and 101-2 … 101-N, each of the 1 st devices 101-1 and 101-2 … 101-N sends each of the pieces of private information 1, 2, and … … N stored therein to the 2 nd device 102, and the 2 nd device 102 can thereby obtain a complete copy of the private information corresponding to the original account; the 2 nd device 102 verifies the input authentication information by using the authentication information in the private information; generating a new account in the 2 nd device if the verification passes; and transfers from the original account to the new account.
In this embodiment, when a new account is generated in the 2 nd device 102, the 2 nd device 102 splits the private information corresponding to the new account into private information segments having the same number N as that of the 1 st devices, and sends each private information segment to each 1 st device. However, this embodiment is not limited to this, for example, a new account may also be generated in any 1 st device, where any 1 st device may send, after the new account is generated, the private information corresponding to the new account to the 2 nd device 102, and the 2 nd device 102 splits the received private information and then sends the split private information to each 1 st device.
In this embodiment, the transfer may be performed to a new account by using an original account in the complete private information obtained by the 2 nd device, and the transfer signature may be performed by using private key information in the complete private information.
Fig. 4 is a schematic diagram of a recovery method of a storage system according to this embodiment, where the storage system includes a 1 st device and a 2 nd device that establishes a connection with the 1 st device, and the 2 nd device is a new device, as shown in fig. 4, the method includes:
step 401, using the authentication information stored in the 1 st device to verify the input authentication information;
step 402, generating a new account in the 1 st device or the 2 nd device under the condition that the verification is passed; and
in step 403, a transfer is made from the original account of the 1 st device to the new account.
Thus, when the original 2 nd device is lost, the funds in the original account in the lost device are transferred to a new account, and even if the lost device is cracked, the fund security can still be ensured.
In step 403, transfer signature is performed by using private key information corresponding to the primary account in the 1 st device.
As shown in fig. 4, the method further comprises the steps of:
step 404, in the case that a new account is generated in the 1 st device, the 1 st device sends the new account to the 2 nd device;
step 405, in case of generating a new account in the 2 nd device, the 2 nd device sends the new account to the 1 st device.
The steps 404 and 405 correspond to different scenarios, and the execution sequence of the steps 403 and 404(405) may be exchanged.
Through the embodiment described above, the private key does not need to be recovered through mnemonics, so that the user does not need to keep the mnemonics, the burden of the user can be reduced, and when the 1 st device or the 2 nd device is lost, funds in the account in the lost device are transferred to a new account, and even if the device is lost or cracked, the fund safety can still be ensured.
Example 2
This embodiment 2 provides a device 1. Fig. 5 is a schematic diagram of the 1 st apparatus 101 of the present embodiment. It may correspond to any device 1 in fig. 1 or 2, and the same contents as those in embodiment 1 are not described again.
As shown in fig. 5, the 1 st apparatus 101 includes: a storage unit 501 that stores authentication information and original account information; an account generation unit 502 that generates a new account in the 1 st device; and a transfer unit 503 transferring money from the original account to a new account. In the present embodiment, the 1 st device 101 executes a corresponding function by each unit when a connection is established with a 2 nd device as a new device, and the 2 nd device may be the 2 nd device 102 in embodiment 1.
According to the embodiment, the private key is not required to be recovered through the mnemonic words, so that the user does not need to keep the mnemonic words, the burden of the user can be reduced, and when the original 2 nd device is lost, funds in the account in the lost device are transferred to a new account, and even if the device is lost or cracked, the fund safety can still be ensured.
In this embodiment, the 1 st device 101 may further include: the first information sending unit 504 sends a new account to the 2 nd device, and in this embodiment, the new account may correspond to private key information. Therefore, when the equipment is lost, the private key information corresponding to the new account is backed up in the new equipment, and the account is transferred from the original account to the new account.
In this embodiment, the 1 st device 101 may further include: an authentication information obtaining unit 505 that obtains authentication information input by a user; a first verification unit 506 that verifies the received authentication information using the authentication information stored in the storage unit 501; the account generation unit 502 generates a new account if the verification result of the first verification unit 506 is verification pass.
In this embodiment, the authentication information obtaining unit 505 may receive the authentication information input by the user from the 2 nd device, but is not limited thereto, for example, the authentication information input by the user may also be received, and the authentication information may be determined according to a specific application scenario.
In this embodiment, the 1 st device further includes an information receiving unit 507 and a private information obtaining unit 508, where the 1 st device may establish a connection with at least one other 1 st device, the storage unit 501 stores one private information segment of private information corresponding to an original account, and the information receiving unit 507 receives, from at least one other 1 st device, the private information segment stored by at least one other 1 st device; the private information obtaining unit 508 obtains a complete copy of private information corresponding to an original account according to one private information segment in the storage unit 501 and a private information segment received from at least one other 1 st device, the second verifying unit 509 verifies the authentication information input by the user by using the obtained authentication information in the private information, and the account generating unit generates a new account in the 1 st device if the verification result of the second verifying unit 509 is that verification is passed.
It can be seen that, in the storage system shown in fig. 2, when a plurality of 1 st devices are combined to perform split backup on private information, when the 2 nd device is lost, the private information can be retrieved through the private information segment stored in each 1 st device.
In this embodiment, the 1 st device 101 further includes: the information splitting unit 510 and the second information sending unit 511, where the information splitting unit splits the private information corresponding to the new account into at least two private information segments, and the number of the private information segments is the same as that of the 1 st device; the second information transmitting unit 511, after retaining its own private information piece, transmits the other private information pieces to the other 1 st devices, respectively.
Therefore, in the multiple 1 st devices in the combined mode, the split backup of the private information corresponding to the new account is realized. The capital safety can be further ensured.
In this embodiment, the above units of the 1 st device 101 may also be used to perform operations corresponding to those in embodiment 1, and details about these operations are not described again.
In this embodiment, the storage unit 501 may be a memory, and the memory may store various information, such as private information corresponding to an account, including authentication information, certificate information, and key information, and may also be used to store device ID information and the like described in embodiment 1, which is used to execute a program for implementing a prescribed function.
Fig. 6 is another schematic diagram of the 1 st apparatus of the present embodiment. As shown in fig. 6, the 1 st device may include a Central Processing Unit (CPU)601, a memory 602, a communication section 603, and an input-output section 604. The central processing unit 601 is used for executing the program stored in the memory 602 to perform corresponding control or processing; the communication section 603 is used for communicating with the 2 nd device under the control of the central processor 601, thereby realizing information transmission and reception. The input/output portion 604 is used for a user to input information, such as authentication information, etc., and for displaying related information and pictures to the user under the control of the central processor 601.
In this embodiment, the central processor 601 may be configured to: generating a new account in the 1 st device; and transferring the transfer from the original account to a new account.
In this embodiment, the central processor 601 may be configured to: the communicator 603 is controlled to transmit the new account to the 2 nd device.
In this embodiment, the central processor 601 may be configured to: obtaining authentication information input by a user by controlling the input/output unit 604 or the communication unit 603; and verifies the received authentication information using the authentication information stored in the memory 602; and, if the verification result is that the verification passes, a new account is generated.
In this embodiment, the 1 st device is connected to at least one other 1 st device by a wire, the storage unit stores one private information segment of the private information corresponding to the primary account, and the central processing unit 601 may be configured to: the control communication part 603 receives the private information segment stored by each of the at least one other 1 st device from the at least one other 1 st device; and obtaining a complete copy of the private information corresponding to the original account according to one private information segment in the memory 602 and the private information segment received from at least one other 1 st device, verifying the authentication information input by the user by using the authentication information in the obtained private information, and generating a new account in the 1 st device if the verification result of the verification unit is that the verification is passed.
In this embodiment, the central processor 601 may be configured to: dividing private information corresponding to the new account into at least two private information sections, wherein the number of the private information sections is the same as that of the 1 st equipment; and after retaining the own private information pieces, controls the communication section 603 to transmit the other private information pieces to the other 1 st devices, respectively.
In this embodiment, the central processing unit 601 may also be configured to execute other operations that may be executed by the device 1 101 in embodiment 1, and details about these operations are not described again.
Through the embodiment described above, the private key does not need to be recovered through mnemonics, so that the user does not need to keep the mnemonics, the burden of the user can be reduced, and when the 2 nd device is lost, funds in the account in the lost device are transferred to a new account, and even if the device is lost or cracked, the fund safety can still be ensured.
Example 3
This embodiment 3 provides a 1 st apparatus. Fig. 7 is a schematic diagram of the 1 st apparatus 101 of the present embodiment. It may correspond to any device 1 in fig. 3, and the same contents as those in embodiment 1 are not described again.
As shown in fig. 7, the 1 st apparatus 101 includes: a storage unit 701, which stores one private information segment of private information corresponding to an original account; an information sending unit 702 that sends the private information piece stored by the storage unit 701 to the 2 nd device; and an information receiving unit 703 that receives a new piece of secret information allocated to the storage of the 1 st device from the 2 nd device and stores it in the storage unit 701. In this embodiment, the 1 st device 101 performs corresponding functions through respective units when the 2 nd device establishes a connection with at least one other 1 st device respectively with the 2 nd device as a new device, and the 2 nd device may be the 2 nd device 102 in embodiment 1.
According to the embodiment, the private key is not required to be recovered through the mnemonic words, so that the user does not need to keep the mnemonic words, the burden of the user can be reduced, and when the 2 nd device is lost, the fund in the account in the lost device is transferred to a new account, and the fund safety can be still ensured even if the device is lost or cracked.
It can be seen that, corresponding to the storage system shown in fig. 3, when a plurality of 1 st devices split and backup private information and each 1 st device is connected to a 2 nd device, when the 2 nd device is lost, the private information corresponding to a new account can be backed up by docking each 1 st device with the 2 nd device, retrieving the private information segment stored in each 1 st device, and splitting and backup private information, so that the fund security can be further guaranteed.
In this embodiment, the above units of the 1 st device 101 may also be used to perform operations corresponding to those in embodiment 1, and details about these operations are not described again.
In this embodiment, the storage unit 701 may be a memory, and the memory may store various information, such as private information corresponding to an account, including authentication information, certificate information, and key information, and may also be used to store device ID information and the like described in embodiment 1, and the information is used to execute a program that implements a prescribed function.
Fig. 8 is another schematic diagram of the 1 st apparatus of the present embodiment. As shown in fig. 8, the 1 st device may include a Central Processing Unit (CPU)801, a memory 802, a communication section 803, and an input-output section 804. The central processing unit 801 is used for executing programs stored in the memory 802 to perform corresponding control or processing; the communication unit 803 is used for communicating with the 2 nd device under the control of the central processing unit 801, thereby realizing information transmission and reception. The input/output section 804 is used for a user to input information and for displaying related information and screens to the user under the control of the central processing unit 801.
In this embodiment, the central processor 801 may be configured to: it controls the communication section 803 to transmit the private information piece stored in the memory to the 2 nd device; and receives a new piece of secret information allocated to the storage of the 1 st device from the 2 nd device and stores it in the storage unit 802.
In this embodiment, the central processing unit 801 may also be configured to perform other operations that may be performed by the device 1 101 in embodiment 1, and details regarding these operations are not described again.
Through the embodiment described above, the private key does not need to be recovered through mnemonics, so that the user does not need to keep the mnemonics, the burden of the user can be reduced, and when the 2 nd device is lost, funds in the account in the lost device are transferred to a new account, and even if the device is lost or cracked, the fund safety can still be ensured.
Example 4
This embodiment 4 provides a 2 nd apparatus. Fig. 9 is a schematic diagram of the 2 nd device 102 of the present embodiment. It may correspond to any 2 nd device in fig. 1, 2 and 3, and the same contents in this embodiment and embodiments 1-3 are not repeated.
As shown in fig. 9, the 2 nd device 102 includes: an account generation unit 901 that generates a new account in the 2 nd device; and an information transmitting unit that transmits the new account to the 1 st device. In this embodiment, the 2 nd device 102 establishes a connection with the 1 st device storing the primary account, where the 1 st device may be the 1 st device 101 in embodiments 1 to 3.
In this embodiment, the 2 nd device 102 may further include: an information receiving unit 903 which receives authentication information from the 1 st device.
In this embodiment, the 2 nd device 102 may further include: an information input unit 904 which receives authentication information input by a user; and a verification unit 905 which verifies the authentication information input by the user using the received authentication information. Further, the account generation unit 901 generates a new account when the verification result of the verification unit 905 is verification passed
Through the embodiment described above, the private key does not need to be recovered through the mnemonic words, so that the user does not need to keep the mnemonic words, the burden of the user can be reduced, the operation of the recovery process of the storage system is simple, the recovery mode is unique due to the mnemonic words, and the fund safety can be further ensured.
In this embodiment, each unit of the 2 nd device 102 may also be configured to perform each operation corresponding to that in embodiment 1, and details about these operations are not described again.
In this embodiment, the storage unit 901 may be a memory, and the memory may store various information, such as private information corresponding to an account, including authentication information, certificate information, and key information, and may also be used to store device ID information and the like described in embodiment 1, and the information is used to execute a program that implements a prescribed function.
Fig. 10 is another schematic diagram of the 2 nd apparatus of the present embodiment. As shown in fig. 10, the 2 nd device may include a Central Processing Unit (CPU)1001, a memory 1002, a communication section 1003, and an input-output section 1004. The cpu 1001 is configured to execute a program stored in the memory 1002 to perform corresponding control or processing; the communication unit 1003 is used for communicating with the 1 st device under the control of the cpu 1001, thereby realizing information transmission and reception. The input/output unit 1004 is used for a user to input information such as authentication information and the like, and for displaying related information and pictures to the user under the control of the cpu 1001.
In this embodiment, the cpu 1001 may be configured to: generating a new account in the 2 nd device; and controls the communication section 1003 to transmit the new account to the 1 st device.
In this embodiment, the cpu 1001 may be configured to: the communication part 1003 is controlled to receive authentication information from the 1 st device.
In this embodiment, the cpu 1001 may be configured to: controls the input/output unit 1004 to receive authentication information input by a user; and verifying the authentication information input by the user by using the received authentication information, and generating a new account if the verification result is that the verification is passed.
In this embodiment, the central processing unit 1001 may also be configured to perform other operations that may be performed by the 2 nd device 102 in embodiments 1 to 3, and details regarding these operations are not described again.
Through the embodiment described above, the private key does not need to be recovered through the mnemonic words, so that the user does not need to keep the mnemonic words, the burden of the user can be reduced, and when the 2 nd device is lost, the operation of the recovery process of the storage system is simple, the recovery mode is unique due to the mnemonic words, and the fund safety can be further ensured.
An embodiment of the present invention further provides a computer-readable program, where when the program is executed in a storage system, the program causes the storage system to execute the method for recovering the storage system in embodiment 1 in the 1 st device and/or the 2 nd device.
An embodiment of the present invention further provides a storage medium storing a computer-readable program, where the computer-readable program enables a computer to execute the method for recovering a storage system in embodiment 1 in a device 1 and/or a device 2.
The above devices and methods of the present invention can be implemented by hardware, or can be implemented by hardware and software. The present invention relates to a computer-readable program which, when executed by a logic section, enables the logic section to realize the above-described apparatus or constituent section, or to realize the above-described various methods or steps. The present invention also relates to a storage medium such as a hard disk, a magnetic disk, an optical disk, a DVD, a flash memory, or the like, for storing the above program.
The methods/apparatus described in connection with the embodiments of the invention may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. For example, one or more of the functional block diagrams and/or one or more combinations of the functional block diagrams illustrated in fig. 5, 7, and 9 may correspond to respective software modules of a computer program flow or may correspond to respective hardware modules. These software modules may correspond to the steps shown in fig. 4, respectively. These hardware modules may be implemented, for example, by solidifying these software modules using a Field Programmable Gate Array (FPGA).
A software module may reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art. A storage medium may be coupled to the processor such that the processor can read information from, and write information to, the storage medium; or the storage medium may be integral to the processor. The processor and the storage medium may reside in an ASIC. The software module may be stored in the memory of the mobile terminal or in a memory card that is insertable into the mobile terminal. For example, if the device (e.g., mobile terminal) employs a relatively large capacity MEGA-SIM card or a large capacity flash memory device, the software module may be stored in the MEGA-SIM card or the large capacity flash memory device.
One or more of the functional blocks and/or one or more combinations of the functional blocks described in the figures can be implemented as a general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any suitable combination thereof designed to perform the functions described herein. One or more of the functional blocks and/or one or more combinations of the functional blocks described in connection with the figures may also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP communication, or any other such configuration.
While the invention has been described with reference to specific embodiments, it will be apparent to those skilled in the art that these descriptions are illustrative and not intended to limit the scope of the invention. Various modifications and alterations of this invention will become apparent to those skilled in the art based upon the spirit and principles of this invention, and such modifications and alterations are also within the scope of this invention.

Claims (22)

1. A storage system, characterized in that,
the system comprises a 1 st device and a 2 nd device which establishes connection with the 1 st device, wherein the 2 nd device is a new device;
verifying the input authentication information using the authentication information stored in the 1 st device;
generating a new account in the 1 st device or the 2 nd device if the verification passes;
transferring the transfer from the original account of the 1 st device to the new account,
wherein the 1 st device is one of a protection shield and a hardware wallet, and the 2 nd device is the other of the protection shield and the hardware wallet.
2. The storage system according to claim 1, wherein when transferring from the primary account of the 1 st device to the new account, the transfer signature from the primary account to the new account is performed using private key information corresponding to the primary account.
3. The storage system of claim 1,
in the case where the new account is generated in the 1 st device, the 1 st device transmits the new account to the 2 nd device;
in a case where the new account is generated in the 2 nd device, the 2 nd device transmits the new account to the 1 st device.
4. The storage system of claim 1,
and after the transfer is completed, the 1 st device sends the authentication information and the certificate information stored in the 1 st device to the 2 nd device.
5. The storage system of claim 1, wherein the 1 st device is at least two and the 2 nd device is one.
6. The storage system of claim 5,
and a complete copy of private information corresponding to the original account is stored on each 1 st device.
7. The storage system of claim 6,
verifying the input authentication information by using the authentication information in the private information stored in any one of the 1 st devices;
if the verification is passed, generating a new account in the 2 nd device or any one of the 1 st devices; and
transfer from the original account to the new account in any of the 1 st devices.
8. The storage system of claim 7,
a connection is established between the at least two 1 st devices,
the new account is generated in any one of the 1 st devices, the 1 st device generating the new account sends the new account to other 1 st devices through the connection, and the 1 st device connected with the 2 nd device sends the new account to the 2 nd device; or
The new account is generated in the 2 nd device, the 2 nd device sends the new account to the 1 st device connected with the 2 nd device, and the 1 st device connected with the 2 nd device sends the new account to other 1 st devices through the connection.
9. The storage system of claim 7,
the at least two 1 st devices respectively establish connections with the 2 nd device,
the new account is generated in any one of the 1 st devices, the 1 st device generating the new account sends the new account to the 2 nd device, and the 2 nd device sends the new account to the 1 st devices except the 1 st device generating the new account; or
The new account is generated in the 2 nd device, and the 2 nd device sends the new account to each 1 st device respectively.
10. The storage system of claim 5,
the private information corresponding to the original account comprises at least two private information sections, the number of the private information sections is the same as that of the 1 st equipment, and each private information section is stored on each 1 st equipment.
11. The storage system of claim 10,
establishing connection between the at least two 1 st devices, wherein one 1 st device in the at least two 1 st devices is connected with the 2 nd device as a main 1 st device;
the other 1 st equipment except the 1 st equipment sends the stored private information segment to the 1 st equipment, the 1 st equipment obtains a complete copy of the private information corresponding to the original account, and the authentication information in the private information is used for verifying the input authentication information;
generating a new account in the 2 nd device or the primary 1 st device if the authentication passes; and
transfer is made from the original account to the new account.
12. The storage system of claim 11,
the new account is generated in the main 1 st device, the 1 st device splits the private information corresponding to the new account into at least two private information segments, the number of the private information segments is the same as that of the 1 st device, the main 1 st device reserves the private information segment of the main 1 st device, and sends other private information segments to other 1 st devices respectively; or
The new account is generated in the 2 nd device, the 2 nd device splits the private information corresponding to the new account into at least two private information segments, the number of the private information segments is the same as that of the 1 st device, the 2 nd device sends the private information segments to the 1 st device, the 1 st device reserves the private information segments of the 1 st device, and sends other private information segments to the 1 st devices respectively.
13. The storage system of claim 10,
the at least two 1 st devices are respectively connected with the 2 nd device, each 1 st device sends the respectively stored private information segment to the 2 nd device, and the 2 nd device obtains a complete copy of the private information corresponding to the original account;
verifying the input authentication information by using the authentication information in the private information;
generating a new account in the 2 nd device if the verification is passed; and
transfer is made from the original account to the new account.
14. The storage system of claim 13,
the 2 nd device splits the private information corresponding to the new account into at least two private information segments, the number of the private information segments is the same as that of the 2 nd device, and the 2 nd device sends each private information segment to each 1 st device respectively.
15. A method for recovering a storage system, wherein the storage system comprises a 1 st device and a 2 nd device connected to the 1 st device, and the 2 nd device is a new device, the method comprising:
verifying the input authentication information using the authentication information stored in the 1 st device;
if the verification is passed, generating a new account in the 1 st device or the 2 nd device;
transferring the transfer from the original account of the 1 st device to the new account,
wherein the 1 st device is one of a protection shield and a hardware wallet, and the 2 nd device is the other of the protection shield and the hardware wallet.
16. The method for restoring a storage system according to claim 15,
in the case where the new account is generated in the 1 st device, the method further comprises:
the 1 st device sending the new account to the 2 nd device;
in the case where the new account is generated in the 2 nd device, the method further comprises:
the 2 nd device sends the new account to the 1 st device.
17. A 1 st device that establishes a connection with a 2 nd device that is a new device, wherein the 1 st device is one of a protection shield and a hardware wallet, and the 2 nd device is the other of the protection shield and the hardware wallet, the 1 st device comprising:
a storage unit that stores authentication information and an original account;
an account generation unit that generates a new account in the 1 st device; and
a transfer unit transferring money from the original account to the new account.
18. The 1 st device of claim 17, wherein the 1 st device further comprises:
a first information transmitting unit that transmits the new account to the 2 nd device.
19. The 1 st apparatus according to claim 17 or 18, wherein the 1 st apparatus further comprises:
an authentication information acquisition unit which acquires authentication information input by a user; and
a first verification unit that verifies the received authentication information using the authentication information stored in the storage unit;
and the account generation unit generates the new account when the verification result of the first verification unit is verification pass.
20. The 1 st device of claim 19, wherein the 1 st device further comprises:
the information splitting unit is used for splitting the private information corresponding to the new account into at least two private information segments, and the number of the private information segments is the same as that of the 1 st equipment; and
and a second information sending unit which, after keeping the private information section of itself, sends the other private information sections to the other 1 st devices, respectively.
21. A 2 nd device that establishes a connection with a 1 st device storing a primary account, wherein the 2 nd device is one of a protection shield and a hardware wallet, and the 1 st device is the other of the protection shield and the hardware wallet, the 2 nd device comprising:
an account generation unit that generates a new account in the 2 nd device;
an information sending unit that sends the new account to the 1 st device to transfer money from the original account to the new account.
22. The 2 nd device of claim 21, wherein the 2 nd device further comprises:
an information receiving unit which receives authentication information from the 1 st device.
CN201810488513.XA 2018-05-21 2018-05-21 Storage system, device, and recovery method of storage system Active CN108776892B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810488513.XA CN108776892B (en) 2018-05-21 2018-05-21 Storage system, device, and recovery method of storage system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810488513.XA CN108776892B (en) 2018-05-21 2018-05-21 Storage system, device, and recovery method of storage system

Publications (2)

Publication Number Publication Date
CN108776892A CN108776892A (en) 2018-11-09
CN108776892B true CN108776892B (en) 2022-05-31

Family

ID=64027280

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810488513.XA Active CN108776892B (en) 2018-05-21 2018-05-21 Storage system, device, and recovery method of storage system

Country Status (1)

Country Link
CN (1) CN108776892B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109727128B (en) * 2018-12-07 2020-10-09 杭州秘猿科技有限公司 Asset management method and system based on multiple hardware wallets
CN112822182A (en) * 2020-12-31 2021-05-18 北京握奇数据股份有限公司 Hardware wallet medium replacing system and method
CN112616074B (en) * 2021-03-08 2021-05-28 武汉斗鱼鱼乐网络科技有限公司 Target group identification method and electronic equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1744127A (en) * 2004-08-30 2006-03-08 中国银联股份有限公司 Bank preservation processing system and method
CN103905204A (en) * 2014-04-02 2014-07-02 天地融科技股份有限公司 Data transmission method and transmission system
CN104811310A (en) * 2015-03-30 2015-07-29 赵宇翔 Display method and wearing device
CN107066893A (en) * 2017-02-28 2017-08-18 腾讯科技(深圳)有限公司 The treating method and apparatus of accounts information in block chain

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2509895A (en) * 2012-11-22 2014-07-23 Visa Europe Ltd Activation and Use of a Digital Wallet via Online Banking
GB2528486A (en) * 2014-07-23 2016-01-27 Valasca Ltd Verification method and system for digital currency

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1744127A (en) * 2004-08-30 2006-03-08 中国银联股份有限公司 Bank preservation processing system and method
CN103905204A (en) * 2014-04-02 2014-07-02 天地融科技股份有限公司 Data transmission method and transmission system
CN104811310A (en) * 2015-03-30 2015-07-29 赵宇翔 Display method and wearing device
CN107066893A (en) * 2017-02-28 2017-08-18 腾讯科技(深圳)有限公司 The treating method and apparatus of accounts information in block chain

Also Published As

Publication number Publication date
CN108776892A (en) 2018-11-09

Similar Documents

Publication Publication Date Title
AU2021202620B2 (en) Method of using one device to unlock another device
EP3320667B1 (en) Method for mapping at least two authentication devices to a user account using an authentication server
US11157912B2 (en) Method and system for enhancing the security of a transaction
CN109474424B (en) Block chain account key backup and recovery method and system
CN111756533B (en) System, method and storage medium for secure password generation
US10460314B2 (en) Pre-generation of session keys for electronic transactions and devices that pre-generate session keys for electronic transactions
CN108776892B (en) Storage system, device, and recovery method of storage system
RU2560810C2 (en) Method and system for protecting information from unauthorised use (versions thereof)
EP3230935A1 (en) Systems and method for enabling secure transaction
WO2015183497A1 (en) Cryptocurrency virtual wallet system and method
EP3662430B1 (en) System and method for authenticating a transaction
EP2987123B1 (en) Facilitating secure transactions using a contactless interface
CN109379189A (en) Block chain account cipher key backup and restoration methods, device, terminal and system
EP2991263B1 (en) Offline pin authentication method and system for ic card
CZ2015473A3 (en) The method of authentication security in electronic communication
JP2015138545A (en) Electronic payment system and electronic payment method
CN105592056A (en) Password safety system for mobile device and password safety input method thereof
US9792606B2 (en) Method and secure device for performing a secure transaction with a terminal
US11586717B2 (en) Method and electronic device for authenticating a user
CN111125665A (en) Authentication method and device
KR20200021107A (en) Method and apparatus for service authentication
CN113205342A (en) User identity authentication method and device based on multi-terminal payment
CN108711053B (en) Operation control system and operation control method
CN108122111B (en) Secure payment method, device, storage medium and computer equipment
US11232444B2 (en) Digital asset transaction method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant