Detection method for transaction data source under super account book multichain scene
Technical field
The present invention relates to the data isolation guard methods under multichain scene in the super account book of block chain open source projects, especially
A kind of detection method in the multi-channel data source that the improvement based on to super account book common recognition algorithm is realized.
Background technique
Block chain technology allows people can be in not as a kind of Distributed sharing account book technology by cryptographic technique
In the case where entreating authoritative institution's supervision, confidence is set up to coordination with one another, realizes going in distributed network polygon transaction
Centralization.Currently, there are several block chain technology platforms in the whole world, for studying block chain technology and its application.Linux foundation branch
The open source projects Hyperledger Fabric (super account book) held is representative platform therein.
The common recognition algorithm of super account book includes four-stage: (1) first stage, and motion of trading is submitted to endorsement by client
Node;(2) second stage, endorsement node inspection transaction, simulation execute chain code, return to the transaction of endorsement;(3) phase III, visitor
Transaction after endorsement is submitted to ordering joint by family end, and ordering joint is based on kafka sequence service and collects transaction, and generation area
Block;(4) block is distributed to host node by fourth stage, ordering joint, is distributed downwards by host node, and adds area in each node
Block is checked before on block to chain, finally, checks that the block passed through is appended on existing block chain, it is entire to know together
Process is completed.
In 0.6 version of Hyperledger Fabric, all nodes belong to the same chain, and all nodes also can be same
Walk identical data.However, the data volume of each node synchronization and storage increased dramatically, and can not with the increase of portfolio
Realize the isolation of different sensitivity data, there are incipient fault for data security.Therefore, in 1.0 version of Hyperledger Fabric
In, increase the support to multichain.The appearance of multichain is for isolated data, and node can be added to according to demands such as applications
In different chains, to obtain different data.Since intelligent contract is disposed independently of chain, so as to realize the privacy of data
Protection.
Under the scene of multichain, common recognition algorithm also will be independent of chain operation.Super account book passes through in each transaction motion
Comprising exchange chain ID come distinguish exchange chain, so that it is guaranteed that ordering joint transaction is bundled in sequence it is same
In the block of a chain.However, it has been found that once there is the chain user (a corresponding specific client) of malice, deliberating will
Leaking data in the high chain of data sensitive degree (assuming that chain ID is ID_A) is to the low chain of sensitivity (assuming that chain ID is
ID_B), attacker can proceed as follows: the transaction of attacker operates in chain ID_A, and attacker is after to endorsement
Transaction encapsulation (corresponding data structure be Envelope) during, chain ID is deliberately revised as the lower chain of sensitivity
Then the transaction of encapsulation is sent to sequence service node by ID_B, since ordering joint is in transaction packing process, only test
Therefore demonstrate,proving the signature of Envelope structural body and carrying out piecemeal processing to transaction according to the chain ID in transaction should be added originally
The transaction for being added to chain ID_A will be added in chain ID_B by wrong.And at present version block chain will node to trade into
After row checks, entire block is all retained in a manner of not updating world state and is added on block chain, so as to cause
The leakage of sensitive data, has broken the original security target of super account book multichain mechanism.
Summary of the invention
To solve the above problems, the present invention provides one kind for super account book Fabric (1.0 and the above version) multichain field
The detection method in transaction data source under scape.Detection method includes the following steps for this:
Step 1: client generates transaction motion, is signed to obtain SignedProposal to it, will
SignedProposal is sent to endorsement node and endorses, and the channel information of transaction has been included in SignedProposal.Prop
In osalBytes.Header.ChannelHeader;
Step 2: simulation executes transaction after endorsement node receives motion request, in construction motion response
The ChannelHeader structure in SignedProposal is obtained when ProposalResponse and calculates hash value, by the value
It is filled into ProposalResponse.ChannelHeaderHash field;Motion response to building
ProposalResponse signs;
Step 3: endorsement node returns to the motion constructed to client and responds ProposalResponse;
Step 4: client will transaction motion and motion response ProposalResponse group after receiving transaction endorsement
Conjunction is configured to Envelope structure, represents a Transaction Information, wherein endorsement number of responses is not less than 1;
Step 5: Envelope structure is sent to ordering joint requests transaction and sorted by client;
Step 6: ordering joint is verified after receiving Envelope structure:
6.1: unserializing obtains each class formation and signing messages;
6.2: the Envelope structure outermost layer client signature information that verifying filtering unserializing is got does not pass through such as
Outer layer signature verification terminates this treatment process;
6.3: the Envelope.Payload.Data.TransactionAction. that verifying filtering unserializing is got
First endorsement node signing messages in Payload.Action.Endorsement signature array, does not pass through endorsement node such as
Signature verification terminates this treatment process;
6.4: Hash is calculated to the Envelope.Payload.Header.ChannelHeader that unserializing is got
Value, and with Envelope.Payload.Data.TransactionAction.Payload.Action.P ayload.Channe
LHeaderHash value compares verifying;If the two is inconsistent, terminate this treatment process;
Step 7: it is all to be verified, continue the sorting operation of super account book Fabric, generates block;
Step 8: returning to ranking results.
In above-mentioned steps 2, the ProposalResponse data structure in Fabric source code is modified,
A ChannelHeaderHash field is added in ProposalResponse.Payload and assigns initial value 0, remaining structure
And field is constant.
The beneficial effects of the present invention are: utilizing the original signature verification system of Hyperledger Fabric and increased chain
Number field hash value is realized due to the premeditated leakage of the insufficient caused malicious client of verifying of the system to locating channel of trading
The detection of sensitive information avoids the sensitive data generated due to sequence service because verifying missing leads to trading channel distribution mistake
Leakage problem.To ensure the safety of transaction data under multichain scene.
Detailed description of the invention
Fig. 1 is to be submitted to the process flow diagram for generating block in original super account book Fabric from transaction;
Fig. 2 is to be submitted to the process flow diagram for generating block in the super account book Fabric of this programme from transaction.
Specific embodiment
The present invention will be further described in detail below with reference to the accompanying drawings and specific embodiments.
Fig. 1 is to be submitted to the process flow diagram for generating block in original super account book Fabric from transaction;
It (trades in the super account book of this programme in conjunction with Fig. 2 and is submitted to the process flow diagram for generating block), it is improved complete
Transaction executes and sequence comprises the steps of (each node has been turned on completion):
Step 1: client generates transaction motion, is signed to obtain SignedProposal to it, will
SignedProposal is sent to endorsement node and endorses, and the channel information of transaction has been included in SignedProposal.Prop
In osalBytes.Header.ChannelHeader;
Step 2: simulation executes transaction after endorsement node receives motion request, modifies in Fabric source code
ProposalResponse data structure adds one in ProposalResponse.Payload
ChannelHeaderHash field simultaneously assigns initial value 0, remaining structure and field are constant;Modification endorsement node source code, is generating
To SignedProposal.ProposalBytes.Header.ChannelHeader in ProposalResponse configuration process
Hash value is calculated, and the value is filled into ProposalResponse.ChannelHeaderHash field;To what is built
Motion response ProposalResponse signs;
Step 3: endorsement node returns to the motion constructed to client and responds ProposalResponse;
Step 4: client will transaction motion and motion response ProposalResponse group after receiving transaction endorsement
Conjunction is configured to Envelope structure, represents a Transaction Information, wherein endorsement number of responses is not less than 1;
Step 5: Envelope structure is sent to ordering joint requests transaction and sorted by client;
Step 6: ordering joint is verified after receiving Envelope structure:
6.1: unserializing obtains each class formation and signing messages;
6.2: the Envelope structure outermost layer client signature information that verifying filtering unserializing is got does not pass through such as
Outer layer signature verification terminates this treatment process;
6.3: the Envelope.Payload.Data.TransactionAction. that verifying filtering unserializing is got
First endorsement node signing messages in Payload.Action.Endorsement signature array, does not pass through endorsement node such as
Signature verification terminates this treatment process;
6.4: Hash is calculated to the Envelope.Payload.Header.ChannelHeader that unserializing is got
Value, and with Envelope.Payload.Data.TransactionAction.Payload.Action.P ayload.Channe
LHeaderHash value compares verifying;If the two is inconsistent, terminate this treatment process;
Step 7: it is all to be verified, continue the sorting operation of super account book Fabric, generates block;
Step 8: returning to ranking results.