CN108777625A

CN108777625A - Verification method, device and system, storage medium, the electronic device of signature

Info

Publication number: CN108777625A
Application number: CN201810691308.3A
Authority: CN
Inventors: 周洪飞; 王慧星
Original assignee: Tencent Technology Shenzhen Co Ltd; Tencent Cloud Computing Beijing Co Ltd
Current assignee: Tencent Technology Shenzhen Co Ltd; Tencent Cloud Computing Beijing Co Ltd
Priority date: 2018-06-28
Filing date: 2018-06-28
Publication date: 2018-11-09
Anticipated expiration: 2038-06-28
Also published as: CN110417558B; CN110417558A; CN108777625B

Abstract

The invention discloses a kind of verification method of signature, device and system, storage medium, electronic devices.Wherein, this method includes：Get the first request of target account, wherein the first request is for initiating transaction event；Multiple first nodes into block chain send the second request, wherein signature of second request for obtaining multiple first nodes to transaction event；Obtain the signature to transaction event that multiple the second requests of first node response are returned；Signature of multiple first nodes to transaction event is verified by multiple second nodes.The present invention solves the less efficient technical problem of verification endorsement signature in the related technology.

Description

Verification method, device and system, storage medium, the electronic device of signature

Technical field

The present invention relates to internet arenas, in particular to a kind of verification method of signature, device and system, storage Medium, electronic device.

Background technology

Block chain is a kind of decentralization distribution book keeping operation technology from bit coin, by pressing cryptographic block data Be superimposed according to time sequencing and generate lasting, not revisable record, and by record storage block chain network each section In point so that each node participated in block chain safeguards a reliable Distributed Storage jointly.Block chain as a result, With decentralization, can not distort, transparent procedures and the technical advantages such as traceable, be considered finance, reference, Internet of Things, The various fields such as economic trade clearing, asset management are owned by the foreground of being widely applied.

According to the difference of block chain participant, block chain is typically divided into publicly-owned chain, alliance's chain and privately owned chain three types, Wherein alliance's chain is the common form of business application.Alliance's chain has the multiple tissues endorsements of a variety of needs in practice can just submit Business, for example, addition/removal alliance chain organizational member etc..Endorsement mechanism in the related technology needs to be traversed for institute in block chain In a organized way to obtain the endorsement of certain amount, then verification endorsement is signed one by one, and which greatly limits alliance's chains Endorsement efficiency.

For above-mentioned problem, currently no effective solution has been proposed.

Invention content

An embodiment of the present invention provides a kind of verification method of signature, device and system, storage medium, electronic device, with At least solve the less efficient technical problem of verification endorsement signature in the related technology.

One side according to the ... of the embodiment of the present invention provides a kind of verification method of signature, including：Get target account Number first request, wherein first request for initiating transaction event；Multiple first nodes into block chain send second and ask It asks, wherein signature of second request for obtaining multiple first nodes to transaction event；Obtain multiple first node responses second Ask the signature to transaction event returned；Label of multiple first nodes to transaction event are verified by multiple second nodes Name.

Another aspect according to the ... of the embodiment of the present invention additionally provides a kind of verification device of signature, including：First obtains list Member, the first request for getting target account, wherein the first request is for initiating transaction event；Transmission unit, for Multiple first nodes in block chain send the second request, wherein the second request is for obtaining multiple first nodes to thing of merchandising The signature of part；Second acquisition unit, the label to transaction event returned for obtaining multiple the second requests of first node response Name；Authentication unit, the signature for verifying multiple first nodes to transaction event by multiple second nodes.

Another aspect according to the ... of the embodiment of the present invention additionally provides a kind of verification system of signature, including：High in the clouds cluster, Fourth node in the cluster of high in the clouds is used to obtain the first request of target account, wherein and first asks for initiating transaction event, Block chain, multiple first nodes in block chain are used to receive the second request that the fourth node in the cluster of high in the clouds is sent, and return It returns to the signature of transaction event to the fourth node in the cluster of high in the clouds, wherein the second request is for obtaining multiple first nodes pair The signature of transaction event；Resource pool, multiple second nodes in resource pool are for verifying multiple first nodes to transaction event Signature.

Another aspect according to the ... of the embodiment of the present invention additionally provides a kind of storage medium, which includes storage Program, program execute above-mentioned method when running.

Another aspect according to the ... of the embodiment of the present invention, additionally provides a kind of electronic device, including memory, processor and deposits The computer program that can be run on a memory and on a processor is stored up, processor executes above-mentioned side by computer program Method.

In embodiments of the present invention, the first request of target account is got, wherein the first request is for initiating transaction thing Part；Multiple first nodes into block chain send the second request, wherein the second request is for obtaining multiple first nodes to handing over The signature of easy event；Obtain the signature to transaction event that multiple the second requests of first node response are returned；Pass through multiple For the multiple first nodes of two node verifications to the signature of transaction event, the reception asked due to first is different nodes from signature verification Processing, and obvious treatment effeciency higher is verified compared to a node is used to verify to sign by multiple second nodes, So as to solve the less efficient technical problem of verification endorsement signature in the related technology, and then reach raising verification efficiency Technique effect.

Description of the drawings

Attached drawing described herein is used to provide further understanding of the present invention, and is constituted part of this application, this hair Bright illustrative embodiments and their description are not constituted improper limitations of the present invention for explaining the present invention.In the accompanying drawings：

Fig. 1 is the schematic diagram of the hardware environment of the verification method of signature according to the ... of the embodiment of the present invention；

Fig. 2 is a kind of flow chart of verification method optionally signed according to the ... of the embodiment of the present invention；

Fig. 3 is a kind of flow chart of verification method optionally signed according to the ... of the embodiment of the present invention；

Fig. 4 is a kind of flow chart of verification method optionally signed according to the ... of the embodiment of the present invention；

Fig. 5 is a kind of schematic diagram of verification system optionally signed according to the ... of the embodiment of the present invention；

Fig. 6 is a kind of flow chart of verification method optionally signed according to the ... of the embodiment of the present invention；

Fig. 7 is a kind of schematic diagram of optional client according to the ... of the embodiment of the present invention；

Fig. 8 is a kind of flow chart of verification method optionally signed according to the ... of the embodiment of the present invention；

Fig. 9 is a kind of schematic diagram of verification device optionally signed according to the ... of the embodiment of the present invention；

And

Figure 10 is a kind of structure diagram of terminal according to the ... of the embodiment of the present invention.

Specific implementation mode

In order to enable those skilled in the art to better understand the solution of the present invention, below in conjunction in the embodiment of the present invention Attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is only The embodiment of a part of the invention, instead of all the embodiments.Based on the embodiments of the present invention, ordinary skill people The every other embodiment that member is obtained without making creative work should all belong to the model that the present invention protects It encloses.

It should be noted that term " first " in description and claims of this specification and above-mentioned attached drawing, " Two " etc. be for distinguishing similar object, without being used to describe specific sequence or precedence.It should be appreciated that using in this way Data can be interchanged in the appropriate case, so as to the embodiment of the present invention described herein can in addition to illustrating herein or Sequence other than those of description is implemented.In addition, term " comprising " and " having " and their any deformation, it is intended that cover It includes to be not necessarily limited to for example, containing the process of series of steps or unit, method, system, product or equipment to cover non-exclusive Those of clearly list step or unit, but may include not listing clearly or for these processes, method, product Or the other steps or unit that equipment is intrinsic.

One side according to the ... of the embodiment of the present invention provides a kind of embodiment of the method for the verification method of signature.

Optionally, in the present embodiment, the verification method of above-mentioned signature can be applied to as shown in Figure 1 by high in the clouds cluster 101, in the hardware environment that terminal 103 and block chain 105 are constituted.As shown in Figure 1, high in the clouds cluster 101 passes through network and end End 103 is attached, and high in the clouds cluster 101 is attached by network and block chain 105, and above-mentioned network includes but not limited to：Extensively Domain net, Metropolitan Area Network (MAN) or LAN, terminal 103 are not limited to PC, mobile phone, tablet computer etc..

The verification method of the signature of the embodiment of the present invention can be executed by high in the clouds cluster 101, can also by terminal 103 It executes, can also be and executed jointly by high in the clouds cluster 101 and terminal 103.Wherein, terminal 103 executes the label of the embodiment of the present invention The verification method of name can also be to be executed by client mounted thereto.

Fig. 2 is a kind of flow chart of verification method optionally signed according to the ... of the embodiment of the present invention, as shown in Fig. 2, should Method may comprise steps of：

Step S202, the fourth node in the cluster of high in the clouds get the first request of target account, and the first request is for sending out Play transaction event.

Above-mentioned high in the clouds cluster be include that (these nodes include above-mentioned specific execution the application method to one or more nodes Fourth node) cluster, can be a set of to realize that more nets be uniformly accessed into, the forwarding of outer net network request, support automatic load equal The system of weighing apparatus, such as TGW (full name Tencent GateWay), above-mentioned node belongs to a logical concept, different types of multiple Node may operate in above the same physical server, also can a node operate on a physical server.

The first above-mentioned request is the request that client is sent out, which can be mounted on aforementioned user terminal, and should It is logged in target account in client or is logged in another account associated with target account.

Above-mentioned transaction event is appreciated that a kind of event for needing to pay trade tokens (such as bit coin) in block chain, The event is specifically as follows：The events such as securities trading, e-commerce, file storage.

Step S204, multiple first nodes of the fourth node into block chain in the cluster of high in the clouds send the second request, the Signature of two requests for obtaining multiple first nodes to transaction event.

Node in block chain is the communication entity of block chain, which also belongs to a logical concept, different types of Multiple nodes may operate in above the same physical server, also can a node operate on a physical server.On State that first node endorses node (English name be Fabric endorser) or endorsement person endorser, the node undertake Utilize the function of endorsement tactful (endorsement policy) endorsement；Endorsement strategy is the condition endorsed to transaction, i.e., Successful conclusion of endorsing is obtained, the condition provided in endorsement strategy must be met, the typical endorsement strategy of one kind is specified certain Node is endorsed, and the set of an endorsement node is formed, and completes the signature of an endorsement node set, i.e. coalition signature.

Step S206, the fourth node in the cluster of high in the clouds obtain that multiple the second requests of first nodes response are returned to handing over The signature of easy event.

Step S208, the fourth node in the cluster of high in the clouds verify multiple first nodes to thing of merchandising by multiple second nodes The signature of part.

The verification method of the signature of the embodiment of the present invention can be executed by high in the clouds cluster 101, can also be by high in the clouds cluster 101, terminal 103 and block chain 105 execute jointly.Wherein, high in the clouds cluster 101 executes the verification of the signature of the embodiment of the present invention Method can also be to be executed by installing the client on cluster 101 beyond the clouds node.

S202 to step S208 through the above steps gets the first request of target account, wherein the first request is used for Initiate transaction event；Multiple first nodes into block chain send the second request, wherein the second request is for obtaining multiple the Signature of one node to transaction event；Obtain the signature to transaction event that multiple the second requests of first node response are returned； Signature of multiple first nodes to transaction event is verified by multiple second nodes, due to the reception and signature verification of the first request It is different node processings, and obvious processing is verified compared to a node is used to verify to sign by multiple second nodes It is more efficient, so as to solve the less efficient technical problem of verification endorsement signature in the related technology, and then reaches and carry The technique effect of high verification efficiency.

In an alternative embodiment, endorsement strategy as shown in Figure 3 may be used and realize endorsement：

Step S302, peer of the client into block chain submit node requests transaction；

The peer of step S304, block chain submit node specified to intelligent contract (English name is Smart contract) All endorsement nodes (including endorsement node 1 is to the organized digital certificate private key signature of endorsement node n) request block chain institutes, intelligence Energy contract is a kind of computer protocol for being intended to that contract is propagated, verified or executed in a manner of information-based, and intelligent contract permission is not having Have it is third-party in the case of carry out credible transaction, these transaction are traceable and irreversible；

Step S306 waits the endorsement signature of intelligent contractual requirement to be returned respectively organized；

Step S308, peer submit node serially to verify signature with the organized digital certificate public key of institute.

In the above-described embodiments, subscription client can connect any one peer in block chain and submit node, utilize The endorsement mechanism of block chain, all organization certificate public keys are retained in each tissue peer and submit on node, wherein each organization certificate Private key only on this tissue endorsement node, sign on the endorsement node that intelligent contract is selected by all signatures；Submit section Point retains each tissue CertPubKey, serially to execute signature sign test on submitting node.

In another optional embodiment, endorsement strategy as shown in Figure 4 may be used and realize endorsement：

Step S402, peer of the client into block chain submit node requests transaction；

Step S404, block chain peer submit node to specify all endorsement nodes to ask all groups of block chain to intelligent contract The digital certificate private key signature knitted；

Step S406 waits the endorsement signature of intelligent contractual requirement to be returned respectively organized；

Step S408, peer submit node by the high-speed encryption and decryption machine that is connected organized digital certificate public key Serial verification signature.

In the above-described embodiments, subscription client can connect any one node of block chain, change previous embodiment Block chain endorsement mechanism, all organization certificate public keys be retained in it is each tissue peer submit node connection high-speed encryption and decryption On machine, wherein respectively tissue certificate and private key is only stored on this tissue endorsement node, all signature operations are selected in intelligent contract Endorsement node on carry out；It submits and retains each tissue CertPubKey on the high-speed encryption and decryption machine of node connection, signature sign test is serial It is carried out on encryption and decryption machine.

There is unavoidable problem in above-mentioned two scheme：One is client can connect any one submission Node leads to, each submission node needs very big to the customer transaction request frequency of client and the control difficulty of request total amount Real-time data synchronization cannot achieve in the case of submitting interstitial content numerous；The second is peer submits node to need with all groups The digital certificate public key knitted serially verifies signature, and treatment effeciency is extremely low, though it is serially verified using encryption and decryption machine, but by It is limited to single machine performance, there is also the upper limits even if performance is high again.

And in embodiments herein, be fourth node in the cluster of high in the clouds verifies multiple the by multiple second nodes Signature of one node to transaction event：1) processing of the first request and the processing of verification are carried out separately, and pass through multiple second Node verifies signature of multiple first nodes to transaction event, and is verified without the fourth node in the cluster of high in the clouds, changes speech It, the fourth node in the cluster of high in the clouds does not have to not only handle the first request, but also is verified, its traffic pressure can be reduced；2) it is Signature of multiple first nodes to transaction event is verified by multiple second nodes, in other words, if there are multiple first requests, that The signature of corresponding each first request can respectively be handled by multiple second nodes, i.e., parallel proof corresponds to multiple first requests Signature verification, the signature verification of corresponding one first request of such as each second node processing, without with going here and there on one node Row processing can improve the response speed to multiple first requests；3) signature of corresponding each first request, can be multiple the Parallel proof on two nodes, since a transaction event needs to obtain the signature of multiple first nodes, and each first node Signature is required to verify, and therefore, the verification of the signature of this multiple first node can parallel execute on multiple second nodes, such as One second node at least verifies the signature of a first node, so as to improve the corresponding speed to single first request； 4) object of the first request of processing is the fourth node in the cluster of high in the clouds, rather than peer submits node.

The technical solution of the application is described in further detail with reference to step shown in Fig. 2：

In the technical solution that step S202 is provided, as shown in figure 5, when there are when business demand, such as need to visit for client When asking the data in business datum block chain, it can be asked to high in the clouds collection pocket transmission first, the fourth node in the cluster of high in the clouds can connect The first request of target account in client is received, first asks for initiating transaction event (such as events of access service data), High in the clouds cluster can be realized by the node in claim data block chain and be signed.

Optionally, using high in the clouds elasticity expansion capacity, according to customer transaction request amount and endorsement sign test number dynamic implement The load balancing of middleware cluster, the first request for getting target account include：Calculate the load of each node in the cluster of high in the clouds Rate (load factor can be expressed as the ratio between the calculation resources that certain node has used and all calculation resources of the node), The first request of target account is obtained by the fourth node in the cluster of high in the clouds, the load factor of fourth node is not more than high in the clouds cluster In node in addition to fourth node load factor.

Before or after obtaining the first request of target account by fourth node in the cluster of high in the clouds, cluster beyond the clouds In the load factor of all nodes that is active reach first threshold in the case of in other words, middleware cluster it is negative Carry it is higher in the case of, state of activation will be switched to by stand-by state for the state of the standby node of high in the clouds cluster configuration, and add Enter into high in the clouds cluster, standby node herein can be pre-configured, can also be and configured at the current time of needs 's.

In the above-described embodiments, node can be increased automatically and reduces cloud in the case that the load of middleware cluster is higher The load for holding cluster, can also carry out resource reclaim, beyond the clouds in cluster in the case that the load of cluster is smaller beyond the clouds certainly In the case that the load factor of all nodes of state of activation is less than second threshold, by the shape of not used node in the cluster of high in the clouds State is switched to stand-by state by state of activation, and is deleted in the cluster of high in the clouds, and second threshold is the positive number less than first threshold, from cloud The meaning deleted in the cluster of end includes the recycling occupied hardware resource of the node and retains the node, but the node is in not Available mode (or stand-by state).

In the above-described embodiment, the load factor for all nodes being active in cluster beyond the clouds reaches the first threshold In the case of value, prompt message is sent to the client for sending the first request, prompt message is for prompting to own in the cluster of high in the clouds The load factor of node reaches first threshold；At the same time, the request transmission frequency that can also count target account, passes through prompt message Target account is prompted, the frequency of the request sent is excessively high (causing high in the clouds load factor excessively high), does not reprocess within a certain period of time The first request transmitted by it realizes block chain customer transaction request frequency and request overall control by middleware layer.

In the technical solution that step S204 is provided, multiple first segments of the fourth node into block chain in the cluster of high in the clouds Point sends the second request, signature of second request for obtaining multiple first nodes to transaction event.

In the technical solution that step S206 is provided, the fourth node in the cluster of high in the clouds obtains multiple first nodes responses the The signature to transaction event that two requests are returned.

Above-mentioned first node can be the peer endorsement nodes in block chain, each to organize certificate and private key only in this tissue It endorses on node, all signatures are signed on the endorsement node (i.e. above-mentioned multiple first nodes) that intelligent contract is selected.

In the technical solution that step S208 is provided, the fourth node in the cluster of high in the clouds is verified more by multiple second nodes Signature of a first node to transaction event.

Optionally, after verifying multiple first nodes to the signature of transaction event by multiple second nodes, multiple In the case that second node passes through the verification of the signature of multiple first nodes, determine that transaction event is legal transaction；? In the case of at least one second node is unsanctioned to the verification of the signature of first node, it is legal friendship to determine transaction event not Easily.

Optionally, middleware layer can realize the high in the clouds distributed P 2 P computing resource of block chain tissue digital certificate public key Distribution, before verifying multiple first nodes to the signature of transaction event by multiple second nodes, is obtained from multiple first nodes The organized multiple public keys of institute, each public key in multiple public keys are taken to verify the signature of a first node for second node； By multiple public keys be sent in reciprocity P2P networks third node (namely control node, the node can be specified nodes, Can also be the arbitrary node in network), other nodes in peer-to-peer network to are sent multiple public keys by third node, it is right Node in equal networks is the node using on-site programmable gate array FPGA processor, and any node in peer-to-peer network is used for In the case where receiving multiple public keys, sends the multiple public keys received to node with any node communication connection, change Yan Zhi, node can propagate the digital certificate public key that can be obtained each tissue by the virus-type of the P2P networks of neighbor node.

In the above-described embodiments, the signature of transaction event can be wrapped by verifying multiple first nodes by multiple second nodes It includes：Whether the signature that a first node is verified by each second node in multiple second nodes is correct, any two the First node belonging to the signature of two node verifications is different, in other words, between second node will not repeated authentication some signature, it is multiple A node in second node executes the signature operation to transaction event in first time period, another in multiple second nodes A node executes the signature operation to transaction event in second time period, part or complete between first time period and second time period Portion is overlapped namely the verification operation of any two second node can execute parallel.

Optionally, whether the signature that a first node is verified by each second node in multiple second nodes is correct Including：Third node into peer-to-peer network sends third request, and in other words, middleware layer is only needed to P2P network transmissions one Secondary third request, and without to the transmission third request of each second node, third node sends third request to peer-to-peer network In multiple second nodes, the request of third that any one second node receives is from third node or another second section Point；After second node completes signature using signature private key, returns to signature and give third node, then the fourth node in the cluster of high in the clouds The signature of multiple second nodes of third node return can be received.

In the above-described embodiments, a third node into peer-to-peer network sends third request and may include：To resource pool In third node send third request, all resource nodes in resource pool are connected using peer-to-peer network, and third node is The control node of resource pool, for third node for selecting second node from all resource nodes, second node is load factor Less than the load factor of the resource node in all resource nodes in addition to second node.

The application utilizes high in the clouds elasticity expansion capacity, according in customer transaction request amount and sign test number dynamic implement of endorsing Between the load balancing of part cluster, the elasticity of distributed P 2 P cloud computing sign test resource expand, middleware cluster distribution and is collected parallel Distributed P 2 P cloud computing resources endorse sign test as a result, efficiently completing block chain using high in the clouds distribution type high efficient FPGA computing resources Endorsement verification.This programme is supported to dispose under public cloud and private clound.

As a kind of optional embodiment, below the technical solution of the application is applied to Internet data center IDC For illustrate.

Internet data center is that the Internet Service Providers such as telecommunications are provided using existing internet communication circuit, bandwidth Standardized telecommunication field grade building environment is established in source, and trust server, rental and related increment are provided for enterprise, government Etc. all-around service；Popular point can be understood as computer room, cross-domain i.e. across IDC.The inside may include private network VPC, (full name is by Cloud Server CVM (full name is Cloud Virtual Machine), data center network cluster DCI, cloud disk C BS Cloud Block Storage), the special host CDH of cloud (full name be CVM Dedicated Host), cloud messenger service CMQ (full name is Cloud Message Queue), elastic caching CRS (full name is Cloud Redis Store), cloud container service The groups such as CCS (full name is Cloud Container Service), file storage CFS (full name is Cloud File Storage) Part.

Above-mentioned cloud private network VPC, be one piece can user-defined cyberspace, user can be inside private network Affix one's name to cloud host, load balancing, database, Nosql the cloud services resource such as storage soon.User can freely divide the network segment, formulate routing Strategy, private network can configure public network gateway to access Internet, while also configuration public network or access via telephone line be supported to build Mixed cloud, cellular logic is isolated between private network, and it is privately owned can be stored in cloud for the first requested business of request in the application In network.

It is the cloud virtual machine of high-performance high stable that can have Cloud Server CVM, Cloud Server in cloud private network, can be in cloud The middle adjustable calculating capacity of offer size reduces the difficulty that client estimates calculation scale；Client can easily buy self-defined The type of configuration, gets new demand servicing device in a few minutes, and according to client need carry out quick dilatation using mirror image.

There can be cloud disk C BS in cloud private network, cloud hard disk is a kind of High Availabitity, highly reliable, inexpensive, customizable Network control techology, can be used as the expansible hard disk of independence of Cloud Server.It provides block level other data storage, Using the distributed mechanism of three copies, provides data reliability for CVM and ensure.CBS supports replicate automatically in available area, will be objective The data backup at family, to exempt the problems such as loss of data that individual machine failure is brought, improves data on different machines Availability and persistence.According to the difference of performance, it is divided into common cloud hard disk and SSD cloud hard disk two types.

The special host CDH of cloud, is different from Tencent server CVM, and the special host of cloud can provide what user exclusively enjoyed Physical server resource is the supplement of Cloud Server product, meets customer resources and exclusively enjoys, resource physical isolation, safety, closes rule need It asks.User can be bought by way of exclusively enjoying whole host, manage resource.Free CVM can be created after purchase on it Example, example specification, quantity support autonomous definition, contexture by self.

Elastic caching CRS is that the caching for the compatibility redis agreements made for cloud and storage service (such as preserve industry above-mentioned Business data), principal and subordinate's version and cluster version are provided, abundant data structure can help you to complete different types of business scenario exploitation, It supports principal and subordinate hot standby, automatic disaster tolerance switching, data backup, failure migration, example monitoring, on-line rapid estimation, data time shelves etc. is provided A full set of database service.

Cloud container service CCS, is highly scalable high-performance container management service, and client can be in the cloud service of trustship Application program is easily run on device example cluster.Using the service, without installation, O&M, extends your cluster management basis and set It applies, only need to carry out simple API Calls, can start and stop Docker application programs, inquire the good working condition of cluster, and Use various cloud services.The storing of container can be arranged in your cluster according to the resource requirement and availability requirement of client, Meet the particular requirement of business or application program (such as the present processes can be run by this method).

File stores CFS, provides expansible shared file storage service, can be used with services collocation such as the CVM of cloud, CFS provides the NFS file system access protocol of standard, provides shared data source for multiple CVM examples, supports limitless volumes With the extension of performance, existing application it is not necessary to modify can carry use, be a kind of High Availabitity, highly reliable distributed field system System, is suitable for the scenes such as big data analysis, media handling and Content Management.

CKafka (full name is Cloud Kafka), is distributed, high-throughput, enhanced scalability a message system System, Ckafka are based on publish/subscribe pattern, are decoupled by message, make producers and consumers' asynchronous interactive, without each other etc. It waits for, Ckafka has many advantages, such as data compression while supporting offline and real time data processing, is suitable for log compression and collects, supervises The scenes such as data aggregate are controlled, as between the block chain of the application, high in the clouds cluster middleware, distributed sign test computing resource pond, or This mode may be used between person's block chain, high in the clouds cluster middleware, the component inside distributed sign test computing resource pond to carry out Communication.

In the technical solution of the application, framework is as indicated with 6：

Client：The client that block chain terminal client uses, Fig. 7 show a kind of optional client, and user can be with The operations such as " newly-increased account ", " priority assignation " are executed at the back-stage management interface of certain business；

High in the clouds cluster middleware：High in the clouds load balancing cluster substitution blocks chain can be used to submit node, high in the clouds load balancing Cluster mainly provides distribution service；

Endorsement node：It is responsible for endorsement strategy signature, stores this tissue private key, issue public key to cluster middleware；

Distributed sign test computing resource pond：It is responsible for the tactful sign test of endorsement, receives and stores the organized public key of institute.

A kind of specific software flow of optional high in the clouds cluster middleware is as follows：

Step S602, high in the clouds cluster middleware receive client transaction request (the i.e. first request), high in the clouds cluster middleware Between TGW may be used, realize more nets be uniformly accessed into, outer net network request forwarding, support automatic load balancing.

Cloud messenger service CMQ can be used between the middleware of high in the clouds cluster internal, cloud messenger service provides distribution and disappears Queue service is ceased, can be provided and be based between the different application of distributed deployment or between the different components of an application The reliable asynchronous mechanism of message, message are stored in highly reliable, High Availabitity CMQ queues, and multi-process can be simultaneously Read-write, does not interfere with each other.

Step S604, acceptance certificate public key upload request.

Step S606 submits transaction endorsement request (the i.e. second request) according to intelligent contractual requirement to endorsement node.

Step S608 issues CertPubKey to P2P network distribution type sign test computing resources pond.

Step S610, endorsement node return to endorsement signature.

Step S612 submits sign test request (i.e. according to intelligent contractual requirement to P2P network distribution type sign test computing resources pond Third is asked).

Step S614 returns to sign test result.

In the technical solution of the application, being uniformly accessed into for client request, FREQUENCY CONTROL and request overall control are supported. High in the clouds middleware and high in the clouds P2P network distribution type computing resources can be expanded according to client's request amount and sign test frequency elasticity.It supports The digital certificate distribution of high in the clouds P2P network distribution type computing resources pond and management, support parallel sign test high-performance calculation.Specifically such as Under：

Step S802, client connect to high in the clouds cluster middleware by domain name mapping and send out transaction request, with request Transaction.

Step S804, high in the clouds cluster middleware is according to transaction request intelligence contract by load balancing statelessly to intelligent conjunction About regulation limited quantity tissue endorsement node sends out endorsement signature request (initiating transaction endorsement request).

Step S806, limited quantity tissue endorse node return endorsement signature to cluster middleware.

Step S808, high in the clouds cluster middleware judge whether to meet endorsement strategy signature rule according to transaction request intelligence contract Then, and signature cluster (stage submission) list is submitted.

Step S810, high in the clouds cluster middleware distribute sign test request to high in the clouds P2P nets according to the signature cluster-list of submission Network distribution FPGA high speed computational resources pond, each calculate node of the resource pool receive according to current load state in signature list Limited a sign test computation requests, and by remaining sign test computation requests in P2P network distribution type FPGA high speed computational resources pond It propagates, concurrently completing sign test in resource pool until all computation requests calculates.

Step S812, high in the clouds P2P network distribution type FPGA high speed computational resources pond return to sign test result in the cluster of high in the clouds Between part.

Step S814, high in the clouds cluster middleware judge whether that meeting the tactful sign test of endorsement advises according to transaction request intelligence contract Then, and sign test cluster (two-stage submission) list is submitted.

Step S816, high in the clouds cluster middleware return to transaction results to requesting client.

Using the technical solution of the application, have as follows a little：

The technical solution of the application supports clustered deploy(ment), can promote scheduling system disaster tolerance and availability, that is, realize collection Group's band domain name disaster tolerance is dispatched, can between cluster the offline synchronization request request number of times of user, the customer transaction frequency of client and Total amount configuration is asked, numerous submission nodes are substituted by high in the clouds cluster middleware, control client is perfectly accessed by cluster Customer transaction request frequency and request total amount, and can according to the request dynamic of client increase and decrease cluster middleware load balancing Component count；

The digital certificate public key of each tissue is distributed to the distribution type high efficient of high in the clouds P2P networks by high in the clouds cluster middleware In FPGA computing resources, each distribution type high efficient FPGA computing resources need to only lead to without being all directly connected to high in the clouds cluster middleware The virus-type for crossing the P2P networks of neighbor node propagates the digital certificate public key that can be obtained each tissue；Distribution type high efficient FPGA meters Calculating resource pool can dynamically increase and decrease according to the calculating task of client's sign test.

By high in the clouds cluster middleware, by client trading request by the flow that such as request two benches are statelessly submitted next time (omitting block chain common recognition, sequence, distributed accounting process) concurrent processing, efficiently completes the calculating task of signature and sign test.

It should be noted that for each method embodiment above-mentioned, for simple description, therefore it is all expressed as a series of Combination of actions, but those skilled in the art should understand that, the present invention is not limited by the described action sequence because According to the present invention, certain steps can be performed in other orders or simultaneously.Secondly, those skilled in the art should also know It knows, embodiment described in this description belongs to preferred embodiment, and involved action and module are not necessarily of the invention It is necessary.

Through the above description of the embodiments, those skilled in the art can be understood that according to above-mentioned implementation The method of example can add the mode of required general hardware platform to realize by software, naturally it is also possible to by hardware, but it is very much In the case of the former be more preferably embodiment.Based on this understanding, technical scheme of the present invention is substantially in other words to existing The part that technology contributes can be expressed in the form of software products, which is stored in a storage In medium (such as ROM/RAM, magnetic disc, CD), including some instructions are used so that a station terminal equipment (can be mobile phone, calculate Machine, server or network equipment etc.) execute method described in each embodiment of the present invention.

Other side according to the ... of the embodiment of the present invention additionally provides a kind of for implementing the verification method of above-mentioned signature The verification device of signature.Fig. 9 is a kind of schematic diagram of verification device optionally signed according to the ... of the embodiment of the present invention, such as Fig. 9 Shown, which may include：

First acquisition unit 901, the first request for getting target account, wherein the first request is handed over for initiating Easy event.

Transmission unit 903 sends the second request, wherein the second request is used for multiple first nodes into block chain In the multiple first nodes of acquisition to the signature of transaction event.

Second acquisition unit 905, for obtaining that the second request of multiple first nodes response returned to transaction event Signature.

Authentication unit 907, the signature for verifying multiple first nodes to transaction event by multiple second nodes.

It should be noted that the initiation module 72 in the embodiment can be used for executing the step in the embodiment of the present application S202, the opening module 74 in the embodiment can be used for executing the step S204 in the embodiment of the present application, in the embodiment Sending module 76 can be used for executing the step S206 in the embodiment of the present application, and the first closedown module 78 in the embodiment can be with For executing the step S208 in the embodiment of the present application.

Herein it should be noted that above-mentioned module is identical as example and application scenarios that corresponding step is realized, but not It is limited to above-described embodiment disclosure of that.It should be noted that above-mentioned module as a part for device may operate in as In hardware environment shown in FIG. 1, it can also pass through hardware realization by software realization.

By above-mentioned module, the first request of target account is got, wherein the first request is for initiating transaction event； Multiple first nodes into block chain send the second request, wherein the second request is for obtaining multiple first nodes to transaction The signature of event；Obtain the signature to transaction event that multiple the second requests of first node response are returned；Pass through multiple second For the multiple first nodes of node verification to the signature of transaction event, the reception asked due to first is at different nodes from signature verification Reason, and obvious treatment effeciency higher is verified compared to a node is used to verify to sign by multiple second nodes, from And the less efficient technical problem of verification endorsement signature in the related technology can be solved, and then reach and improve verification efficiency Technique effect.

It is that the fourth node in the cluster of high in the clouds verifies multiple first by multiple second nodes in embodiments herein Signature of the node to transaction event：1) processing of the first request and the processing of verification are carried out separately, and are saved by multiple second It puts to verify signature of multiple first nodes to transaction event, and is verified without the fourth node in the cluster of high in the clouds, in other words, Fourth node in the cluster of high in the clouds does not have to not only handle the first request, but also is verified, its traffic pressure can be reduced；2) it is to pass through Multiple second nodes verify signature of multiple first nodes to transaction event, in other words, if there are multiple first requests, then right Answer the signature of each first request that can respectively be handled by multiple second nodes, i.e., parallel proof corresponds to the label of multiple first requests Name verification, if the processing of each second node corresponds to the signature verification of one first request, without being located with serial on one node Reason can improve the response speed to multiple first requests；3) signature of corresponding each first request, can be in multiple second sections Parallel proof on point, since a transaction event needs to obtain the signature of multiple first nodes, and the signature of each first node It is required to verify, therefore, the verification of the signature of this multiple first node can parallel execute on multiple second nodes, such as one Second node at least verifies the signature of a first node, so as to improve the corresponding speed to single first request；4) place The object of the first request of reason is the fourth node in the cluster of high in the clouds, rather than peer submits node.

In an alternative embodiment, authentication unit can be additionally used in：It is saved by each of multiple second nodes second Whether the signature of point one first node of verification is correct, wherein the first segment belonging to the signature of any two second node verification Point is different, and a node in multiple second nodes executes the signature operation to transaction event in first time period, and multiple second Another node in node executes the signature operation to transaction event, first time period and second time period in second time period Between be partly or entirely overlapped.

Above-mentioned authentication unit may include：Sending module sends third request for the third node into peer-to-peer network, Wherein, third node is used to sending third request into multiple second nodes in peer-to-peer network to, any one second node connects The third request received derives from third node or another second node；Receiving module can be used for receiving third node and return Multiple second nodes signature.

Above-mentioned sending module can be additionally used in：Third node into resource pool sends third request, wherein in resource pool All resource nodes be connected using peer-to-peer network, third node is the control node of resource pool, and third node is used for from institute Have and select second node in resource node, second node is that load factor is less than in all resource nodes in addition to second node The load factor of resource node.

In another optional embodiment, authentication unit is verifying multiple first nodes to handing over by multiple second nodes After the signature of easy event, it may also be used for：Multiple second nodes to the verification of the signatures of multiple first nodes by feelings Under condition, determine that transaction event is legal transaction；The verification of the signature of first node is not passed through at least one second node In the case of, it is legal transaction to determine transaction event not.

Optionally, the device of the application may also include：Third acquiring unit, for more by the verification of multiple second nodes Before a first node is to the signature of transaction event, multiple public keys are obtained from multiple first nodes, wherein every in multiple public keys A public key verifies the signature of a first node for second node；Multiple public keys are sent in peer-to-peer network by transmission unit Third node, multiple public keys are sent to other nodes in peer-to-peer network by third node to, wherein in peer-to-peer network Other nodes are the node using field programmable gate array processor, any node in peer-to-peer network be used for receive it is more In the case of a public key, the multiple public keys received are sent to node with any node communication connection.

Optionally, first acquisition unit can be additionally used in：The of target account is obtained by fourth node in the cluster of high in the clouds One request, wherein the load factor of fourth node is not more than the load factor of the node in addition to fourth node in the cluster of high in the clouds.

Optionally, the device of the application may also include：Rm-cell, for passing through Section four in the cluster of high in the clouds Before or after point obtains the first request of target account, the load factor for all nodes being active in cluster beyond the clouds In the case of reaching first threshold, activation shape will be switched to by stand-by state for the state of the standby node of high in the clouds cluster configuration State, and be added in the cluster of high in the clouds；The load factor for all nodes being active in cluster beyond the clouds is less than second threshold In the case of, the state of not used node in the cluster of high in the clouds is switched to stand-by state by state of activation, and in the cluster of high in the clouds It deletes, wherein second threshold is less than first threshold.

Optionally, the device of the application may also include：Prompt unit, the institute for being active in cluster beyond the clouds In the case of thering is the load factor of node to reach first threshold, prompt message is sent to the client for sending the first request, wherein carry Show information for prompting the load factor of all nodes in the cluster of high in the clouds to reach first threshold.

Herein it should be noted that above-mentioned module is identical as example and application scenarios that corresponding step is realized, but not It is limited to above-described embodiment disclosure of that.It should be noted that above-mentioned module as a part for device may operate in as In hardware environment shown in FIG. 1, it can also pass through hardware realization by software realization, wherein hardware environment includes network Environment.

Other side according to the ... of the embodiment of the present invention additionally provides a kind of for implementing the verification method of above-mentioned signature System, as shown in Figure 5.

High in the clouds cluster, the fourth node in the cluster of high in the clouds are used to obtain the first request of target account, wherein the first request For initiating transaction event.

Block chain, multiple first nodes in block chain are used to receive the fourth node in the cluster of high in the clouds is sent second and ask It asks, and returns to the signature of transaction event to the fourth node in the cluster of high in the clouds, wherein the second request is for obtaining multiple first Signature of the node to transaction event.

Resource pool, the signature that multiple second nodes in resource pool are used to verify multiple first nodes to transaction event.

Specific embodiment may refer to previous embodiment.

Other side according to the ... of the embodiment of the present invention additionally provides a kind of for implementing the verification method of above-mentioned signature Server or terminal.

Figure 10 is a kind of structure diagram of terminal according to the ... of the embodiment of the present invention, and as shown in Figure 10, which may include： One or more (one is only shown in Figure 10) processors 1001, memory 1003 and transmitting device 1005, such as Figure 10 institutes Show, which can also include input-output equipment 1007.

Wherein, memory 1003 can be used for storing software program and module, such as testing for the signature in the embodiment of the present invention Corresponding program instruction/the module of method and apparatus is demonstrate,proved, processor 1001 is stored in the software journey in memory 1003 by operation Sequence and module realize the verification method of above-mentioned signature to perform various functions application and data processing.Memory 1003 may include high speed random access memory, can also include nonvolatile memory, as one or more magnetic storage device, Flash memory or other non-volatile solid state memories.In some instances, memory 1003 can further comprise relative to processing The remotely located memory of device 1001, these remote memories can pass through network connection to terminal.The example packet of above-mentioned network Include but be not limited to internet, intranet, LAN, mobile radio communication and combinations thereof.

Above-mentioned transmitting device 1005 is used to receive via network or transmission data, can be also used for processor with Data transmission between memory.Above-mentioned network specific example may include cable network and wireless network.In an example, Transmitting device 1005 includes a network adapter (Network Interface Controller, NIC), can pass through cable It is connected with other network equipments with router so as to be communicated with internet or LAN.In an example, transmission dress It is radio frequency (Radio Frequency, RF) module to set 1005, is used to wirelessly be communicated with internet.

Wherein, specifically, memory 1003 is for storing application program.

Processor 1001 can call the application program that memory 1003 stores by transmitting device 1005, following to execute Step：

Get the first request of target account, wherein the first request is for initiating transaction event；

Multiple first nodes into block chain send the second request, wherein the second request is for obtaining multiple first segments Signature of the point to transaction event；

Obtain the signature to transaction event that multiple the second requests of first node response are returned；

Signature of multiple first nodes to transaction event is verified by multiple second nodes.

Processor 1001 is additionally operable to execute following step：

Multiple public keys are obtained from multiple first nodes, wherein each public key in multiple public keys is verified for second node The signature of one first node；

Multiple public keys are sent to the third node in peer-to-peer network, equity to is sent multiple public keys by third node Other nodes in network, wherein other nodes in peer-to-peer network are the node using field programmable gate array processor, Any node in peer-to-peer network is used in the case where receiving multiple public keys, and the multiple public keys received are sent to and appointed The node of one node communication connection.

Using the embodiment of the present invention, the first request of target account is got, wherein the first request is for initiating transaction thing Part；Multiple first nodes into block chain send the second request, wherein the second request is for obtaining multiple first nodes to handing over The signature of easy event；Obtain the signature to transaction event that multiple the second requests of first node response are returned；Pass through multiple For the multiple first nodes of two node verifications to the signature of transaction event, the reception asked due to first is different nodes from signature verification Processing, and obvious treatment effeciency higher is verified compared to a node is used to verify to sign by multiple second nodes, So as to solve the less efficient technical problem of verification endorsement signature in the related technology, and then reach raising verification efficiency Technique effect.

Optionally, the specific example in the present embodiment can refer to the example described in above-described embodiment, the present embodiment Details are not described herein.

It will appreciated by the skilled person that structure shown in Fig. 10 is only to illustrate, terminal can be smart mobile phone (such as Android phone, iOS mobile phones), tablet computer, palm PC and mobile internet device (Mobile Internet Devices, MID), the terminal devices such as PAD.Figure 10 it does not cause to limit to the structure of above-mentioned electronic device.For example, terminal is also It may include more either less components (such as network interface, display device) than shown in Figure 10 or have and Figure 10 institutes Show different configurations.

One of ordinary skill in the art will appreciate that all or part of step in the various methods of above-described embodiment is can To be completed come command terminal device-dependent hardware by program, which can be stored in a computer readable storage medium In, storage medium may include：Flash disk, read-only memory (Read-Only Memory, ROM), random access device (Random Access Memory, RAM), disk or CD etc..

The embodiments of the present invention also provide a kind of storage mediums.Optionally, in the present embodiment, above-mentioned storage medium can For executing the program code for the verification method signed.

Optionally, in the present embodiment, above-mentioned storage medium can be located at multiple in network shown in above-described embodiment On at least one of network equipment network equipment.

Optionally, in the present embodiment, storage medium is arranged to store the program code for executing following steps：

S12 gets the first request of target account, wherein the first request is for initiating transaction event；

S14, multiple first nodes into block chain send the second request, wherein the second request is for obtaining multiple the Signature of one node to transaction event；

S16 obtains the signature to transaction event that multiple the second requests of first node response are returned；

S18 verifies signature of multiple first nodes to transaction event by multiple second nodes.

Optionally, storage medium is also configured to store the program code for executing following steps：

S22 obtains multiple public keys from multiple first nodes, wherein each public key in multiple public keys is used for second node Verify the signature of a first node；

Multiple public keys are sent to the third node in peer-to-peer network by S24, are sent to multiple public keys by third node Other nodes in peer-to-peer network, wherein other nodes in peer-to-peer network are using field programmable gate array processor Node, any node in peer-to-peer network are used in the case where receiving multiple public keys, the multiple public keys received are transmitted Give the node of any node communication connection.

Optionally, in the present embodiment, above-mentioned storage medium can include but is not limited to：USB flash disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, RandomAccess Memory), mobile hard disk, magnetic disc or light The various media that can store program code such as disk.

The embodiments of the present invention are for illustration only, can not represent the quality of embodiment.

If the integrated unit in above-described embodiment is realized in the form of SFU software functional unit and as independent product Sale in use, can be stored in the storage medium that above computer can be read.Based on this understanding, skill of the invention Substantially all or part of the part that contributes to existing technology or the technical solution can be with soft in other words for art scheme The form of part product embodies, which is stored in a storage medium, including some instructions are used so that one Platform or multiple stage computers equipment (can be personal computer, server or network equipment etc.) execute each embodiment institute of the present invention State all or part of step of method.

In the above embodiment of the present invention, all emphasizes particularly on different fields to the description of each embodiment, do not have in some embodiment The part of detailed description may refer to the associated description of other embodiment.

In several embodiments provided herein, it should be understood that disclosed client, it can be by others side Formula is realized.Wherein, the apparatus embodiments described above are merely exemplary, for example, the unit division, only one Kind of division of logic function, formula that in actual implementation, there may be another division manner, such as multiple units or component can combine or It is desirably integrated into another system, or some features can be ignored or not executed.Another point, it is shown or discussed it is mutual it Between coupling, direct-coupling or communication connection can be INDIRECT COUPLING or communication link by some interfaces, unit or module It connects, can be electrical or other forms.

The unit illustrated as separating component may or may not be physically separated, aobvious as unit The component shown may or may not be physical unit, you can be located at a place, or may be distributed over multiple In network element.Some or all of unit therein can be selected according to the actual needs to realize the mesh of this embodiment scheme 's.

In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, it can also It is that each unit physically exists alone, it can also be during two or more units be integrated in one unit.Above-mentioned integrated list The form that hardware had both may be used in member is realized, can also be realized in the form of SFU software functional unit.

The above is only a preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art For member, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also answered It is considered as protection scope of the present invention.

Claims

1. a kind of verification method of signature, which is characterized in that including：

Get the first request of target account, wherein first request is for initiating transaction event；

Multiple first nodes into block chain send the second request, wherein second request is for obtaining the multiple the Signature of one node to the transaction event；

It obtains the multiple first node and responds the signature to the transaction event that second request is returned；

Signature of the multiple first node to the transaction event is verified by multiple second nodes.

2. according to the method described in claim 1, it is characterized in that, verifying the multiple first node by multiple second nodes Signature to the transaction event includes：

Whether just the signature of a first node is verified by each of the multiple second node second node Really, wherein the first node belonging to signature that second node described in any two is verified is different, the multiple second node In a node executed to the signature operation of the transaction event in first time period, it is another in the multiple second node A node executes the signature operation to the transaction event, the first time period and the second time period in second time period Between be partly or entirely overlapped.

3. according to the method described in claim 2, it is characterized in that, passing through each of the multiple second node described second The signature of one first node of node verification whether include correctly：

Third node into peer-to-peer network sends third request, wherein the third node is used to ask to pass by the third The multiple second node in the peer-to-peer network is given, the third request that any one of second node receives From the third node or another described second node；

Receive the signature for the multiple second node that the third node returns.

4. according to the method described in claim 3, it is characterized in that, the third node transmission third into peer-to-peer network is asked Ask including：

The third node into resource pool sends the third request, wherein all resource nodes in the resource pool Be connected using the peer-to-peer network, the third node be the resource pool control node, the third node be used for from The second node is selected in all resource nodes, the second node is that load factor is less than all resource nodes In resource node in addition to the second node load factor.

5. according to the method described in claim 2, it is characterized in that, verifying the multiple first segment by multiple second nodes After point is to the signature of the transaction event, the method further includes：

In the case where the multiple second node passes through the verification of the signature of the multiple first node, the friendship is determined Easy event is legal transaction；

It is unsanctioned to the verification of the signature of the first node at least one second node, determine the friendship Easy event is not legal transaction.

6. according to the method described in any one node in claim 1 to 5, which is characterized in that passing through multiple second nodes Before the multiple first node is verified to the signature of the transaction event, the method further includes：

Multiple public keys are obtained from the multiple first node, wherein each public key in the multiple public key is used for described second The signature of one first node of node verification；

The multiple public key is sent to the third node in peer-to-peer network, is passed the multiple public key by the third node Give other nodes in the peer-to-peer network, wherein other nodes in the peer-to-peer network are using field programmable gate The node of array processor, any node in the peer-to-peer network are used in the case where receiving the multiple public key, will The multiple public key received sends the node with any node communication connection to.

7. according to the method described in any one node in claim 1 to 5, which is characterized in that get the of target account One request include：

First request of the target account is obtained by the fourth node in the cluster of high in the clouds, wherein the fourth node Load factor no more than the node in the high in the clouds cluster in addition to the fourth node load factor.

8. the method according to the description of claim 7 is characterized in that obtaining the mesh by the fourth node in the cluster of high in the clouds Before or after first request for marking account, the method further includes：

To be institute in the case that the load factor for all nodes being active in the high in the clouds cluster reaches first threshold The state for stating the standby node of high in the clouds cluster configuration is switched to state of activation by stand-by state, and is added to the high in the clouds cluster In；And/or

It, will be described in the case that the load factor for all nodes being active in the high in the clouds cluster is less than second threshold The state of not used node is switched to stand-by state by state of activation in the cluster of high in the clouds, and is deleted in the high in the clouds cluster, In, the second threshold is less than the first threshold.

9. according to the method described in claim 8, it is characterized in that, the method further includes：

In the case that the load factor for all nodes being active in the high in the clouds cluster reaches first threshold, to transmission The client of first request sends prompt message, wherein the prompt message is for prompting to own in the high in the clouds cluster The load factor of node reaches the first threshold.

10. a kind of verification device of signature, which is characterized in that including：

First acquisition unit, the first request for getting target account, wherein first request is for initiating transaction thing Part；

Transmission unit sends the second request for multiple first nodes into block chain, wherein second request is for obtaining Take signature of the multiple first node to the transaction event；

Second acquisition unit, for obtain the multiple first node respond it is described second request returned to the transaction thing The signature of part；

Authentication unit, the signature for verifying the multiple first node to the transaction event by multiple second nodes.

11. device according to claim 10, which is characterized in that the authentication unit is additionally operable to：

12. according to the devices described in claim 11, which is characterized in that the authentication unit includes：

Sending module sends third request, wherein the third node is used for institute for the third node into peer-to-peer network Third is stated to ask to send the multiple second node in the peer-to-peer network to, what any one of second node received The third request derives from the third node or another described second node；

Receiving module, the signature for receiving the multiple second node that the third node returns.

13. a kind of verification system of signature, which is characterized in that including：

High in the clouds cluster, the fourth node in the high in the clouds cluster are used to obtain the first request of target account, wherein described first Request is for initiating transaction event；

Block chain, multiple first nodes in the block chain are used to receive that the fourth node in the high in the clouds cluster to send the Two requests, and return to the signature of the transaction event to the fourth node in the high in the clouds cluster, wherein second request Signature for obtaining the multiple first node to the transaction event；

Resource pool, multiple second nodes in the resource pool are for verifying the multiple first node to the transaction event Signature.

14. a kind of storage medium, which is characterized in that the storage medium includes the program of storage, wherein when described program is run Execute the method described in 1 to 9 any one of the claims.

15. a kind of electronic device, including memory, processor and it is stored on the memory and can transports on the processor Capable computer program, which is characterized in that the processor executes the claims 1 to 9 by the computer program Method described in one.