Specific embodiment
Example embodiments are described in detail here, and the example is illustrated in the accompanying drawings.Following description is related to
When attached drawing, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements.Following exemplary embodiment
Described in embodiment do not represent all embodiments consistent with this specification one or more embodiment.Phase
Instead, they are only some aspects phases with the one or more embodiments of as detailed in the attached claim, this specification
The example of consistent device and method.
It should be understood that the sequence that might not show and describe according to this specification in other embodiments executes
The step of correlation method.In some other embodiments, step included by method can than described in this specification more
It is more or less.In addition, single step described in this specification, may be broken down into other embodiments multiple steps into
Row description;And multiple steps described in this specification, it may also be merged into single step progress in other embodiments
Description.
Block chain is normally divided into three types: publicly-owned chain (Public Blockchain), privately owned chain (Private
) and alliance's chain (Consortium Blockchain) Blockchain.In addition, there are also a plurality of types of combinations, such as privately owned chain
The different combinations such as+alliance chain, alliance's chain+publicly-owned chain.It is publicly-owned chain that wherein decentralization degree is highest.Publicly-owned chain with than
Special coin, ether mill are representative, and the participant that publicly-owned chain is added can read data record on chain, participate in business and compete newly
Book keeping operation power of block etc..Moreover, each participant's (i.e. node) freely can be added and exit network, and carry out relevant operation.It is private
There is chain then on the contrary, the write-in permission of the network is by some tissue or mechanism controls, reading data permission is by organization prescribed.Simply
For, privately owned chain can be weak center's system, and participating in node has stringent limitation and less.Such block chain is more
It is suitable for using inside particular organization.Alliance's chain is then block chain between publicly-owned chain and privately owned chain, it can be achieved that " part
Decentralization ".Each node usually has corresponding physical mechanism or tissue in alliance's chain;Participant is added by authorization
Enter network and composition interests correlation alliance, it is common to safeguard the operation of block chain.
Below in conjunction with the realization for the embodiment of the method for illustrating to realize three handed deal shown in Fig. 1 in one block chain of this specification
Journey:
Step 102, the first block chain node receives transaction, and the transaction includes the type field of plaintext.
In one embodiment, transaction can be committed to the first block chain node by client.For example, user is raw in client
After the transaction, transaction is committed to by the first block chain node by the client.By taking Fig. 2 as an example, in the first block chain node
Comprising transaction/query interface, which can dock with client, and client is submitted to the first block chain node and is handed over
Easily.
The transaction can also be forwarded to the first block chain node by the second block chain node.For example, user is raw in client
After the transaction, which is committed to by the second block chain node by the client;Then, the second block chain link point is further
The transaction is forwarded to the first block chain node.By taking Fig. 2 as an example, above-mentioned interface can be docked with other block chain nodes, such as should
Other block chain nodes may include the second above-mentioned block chain node, allow the second block chain node to the first block chain
Node transmitted transaction.Similarly, the second block chain node can also be docked by the transaction/query interface of itself with client, with
Receive the transaction that client is submitted.
Such as proved using proof of work (Proof of Work, POW) and equity (Proof of Stake,
POS), equity is appointed to prove in the block chain network of the common recognition such as (Delegated Proof of Stake, DPOS) algorithm, second
Block chain node is after the transaction for receiving client submission, other blocks of diffusion immediately (as broadcasted) into ether mill network
Chain node.
Using practical Byzantine failure tolerance (Practical Byzantine Fault Tolerance, PBFT) for another example
Etc. in the block chain network of mechanism, accounting nodes have been agreed upon before epicycle book keeping operation, so that the second block chain node is receiving
After the transaction that client is submitted, if itself not being accounting nodes, which is sent to fixed accounting nodes, so that
The accounting nodes transmit transaction (including the transaction) to each verifying node in the further common recognition stage.And when second
It, can be with after other block chain link points receive the transaction of client submission when block chain node itself is fixed accounting nodes
Transaction is forwarded to the second block chain node;Then, the second block chain node can common recognition the stage by above-mentioned transaction (or also
Including other transaction) it transmits to each verifying node, including the first block chain node.
Step 104, the value of first block chain node type field according to contained by the transaction identifies that the transaction is bright
Text transaction or privacy transaction.
In one embodiment, by adding type field in transaction, the first block chain is allowed to identify transaction accordingly
Type is transaction in plain text or privacy transaction.In the related art, such as in the network of ether mill, transaction generally comprise to,
The fields such as value, data.And the present embodiment increases by a type field on the basis of the relevant technologies in transaction, for example characterizes
For type field, and the value based on the type field, show the type of relationship trading;For example, when type field takes for first
When value, shows relationship trading to trade in plain text, when type field is the second value, show relationship trading for privacy transaction.
In one embodiment, all the elements of transaction are all made of plaintext version in plain text, i.e. each field of the transaction is adopted
With plaintext version, the first block chain node is directly read out to each field of plaintext transaction, to implement phase
Pass processing.Other than type field is using plaintext version, other fields are all made of ciphertext form for privacy transaction, so that on the one hand
First block chain node can quickly identify type of transaction without decryption, thus for transaction and privacy in plain text
Differentiation processing is implemented in transaction, on the other hand makes it only by using ciphertext form and can be held the object of key to be decrypted
And reading, avoid Transaction Information from revealing.
Step 106A, the first block chain node execute plaintext transaction except credible performing environment, and will obtain
Plaintext implementing result is stored to the external memory space except the credible performing environment.
In one embodiment, the first block chain node is compatible in the related technology for the processing capacity of plaintext transaction, can be with
Plaintext transaction is handled except credible performing environment, and plaintext implementing result is stored to external memory space.Such as
Shown in Fig. 2, the first block chain node can be divided into conventional performing environment and credible performing environment, and client is submitted (with client
Hold submit transaction for) transaction initially enter " transaction/query interface " in conventional performing environment carry out type identification, general
The plaintext transaction identified stays in the privacy transaction transport that is handled in conventional performing environment, and will identify that credible execution
It is handled in environment.In other words, the first block chain node can be not only compatible in the related technology for the processing of plaintext transaction, but also
It can trade and handle to the privacy of ciphertext form, thus real to plaintext transaction and privacy transaction in entire block chain network
Existing mixed processing.
Transaction in this specification can be used to implement relatively simple processing logic, for example be similar in the related technology
It transfers accounts logic.
Transaction in this specification can be also used for realizing relative complex processing logic, here can be by means of intelligent conjunction
About realize.Whether publicly-owned chain, privately owned chain or alliance's chain may all provide the function of intelligent contract.Intelligence on block chain
Energy contract is the contract that can be executed by transaction triggering on block catenary system.Intelligent contract can be determined by way of code
Justice.Certainly, above-mentioned plaintext transaction content might not be related to intelligent contract, for example the plaintext transaction content only includes to transfer accounts
Information etc., but by using plaintext transaction content relevant to intelligent contract, relatively more complicated processing logic may be implemented.
By taking ether mill as an example, user is supported to create in the network of ether mill and call the logic of some complexity, this is ether
Mill is different from the ultimate challenge of bit coin block chain technology.Ether mill is ether mill void as the core of a programmable block chain
Quasi- machine (EVM), each ether mill node can run EVM.EVM is the complete virtual machine of figure spirit, it means that can be with
The logic of various complexity is realized by it.It is exactly to run on EVM that user, which issues in ether mill and call intelligent contract,.It is real
On border, what virtual machine was directly run is virtual machine code (Virtual Machine bytecodes, lower abbreviation " bytecode ").It is deployed on block chain
Intelligent contract can be the form of bytecode.
Such as shown in Fig. 3, after a transaction comprising the intelligent contract information of creation is sent ether mill network by Bob, section
The EVM of point 1 can execute this and trade and generate corresponding contract example.What the data field of transaction saved can be byte
Code, the to field of transaction are an empty account.After being reached an agreement between node by common recognition mechanism, this contract is successfully created,
Subsequent user can call this contract.
Contract creation after, on block chain occur a contract account corresponding with the intelligence contract, and possess one it is specific
Address, contract code and account storage will be stored in the contract account.The behavior of intelligent contract is controlled by contract code, and
The account storage of intelligent contract then saves the state of contract.In other words, intelligent contract to generate on block chain comprising closing
The about virtual account of code and account storage (Storage).
It is previously mentioned, the byte that can be the intelligence contract saved comprising creating the data field of transaction of intelligent contract
Code.Bytecode is made of a series of byte, and each byte can identify an operation.It is more based on development efficiency, readability etc.
From the aspect of, developer can not directly write bytecode, but select a high level language intelligence contract code.It is advanced
The intelligent contract code that language is write, compiles by compiler, generates bytecode, and then the bytecode can be deployed to block chain
On.There are many high-level language that ether mill is supported, such as Solidity, Serpent, LLL language.
In addition, as shown in figure 4, Bob is by one comprising calling the transaction of intelligent contract information to send still by taking ether mill as an example
To after the network of ether mill, the EVM of node 1 can execute this and trade and generate corresponding contract example.It trades in 4 in figure
From field is the address for initiating to call the account of intelligent contract, and " 0x692a70d2 ... " in field represents called
The address of intelligent contract, value field are the value of ether coin in ether mill, and the calling that the data field of transaction saves intelligently is closed
Method and parameter about.After calling intelligent contract, the value of balance may change.Subsequent, some client can be by a certain
Block chain node checks the current value of balance.
Intelligent contract can be executed by each node disjoint of the defined mode in block chain network, all execution
Record and data are all stored on block chain, so just saving on block chain can not distort, no after the completion of such transaction
The transaction certificate that can be lost.
It creates intelligent contract and calls the schematic diagram of intelligent contract as shown in Figure 5.An intelligence is created in ether mill to close
About, it needs by writing intelligent contract, becoming bytecode, be deployed to the processes such as block chain.Intelligent contract is called in ether mill, is
The transaction for being directed toward intelligent contract address is initiated, intelligent contract code operates in each node in the network of ether mill in a distributed manner
Virtual machine in.
Privacy transaction is decrypted in step 106B, the first block chain node, to obtain in corresponding transaction in plain text
Hold;The plaintext transaction content is executed in credible performing environment, and obtained plaintext implementing result is encrypted as ciphertext and is executed
As a result it is exported from the credible performing environment after;Store function code is executed except the credible performing environment, by institute
Ciphertext implementing result is stated to store to the external memory space.
In one embodiment, the first block chain node can be in credible performing environment (Trusted Execution
Environment, TEE) in decryption privacy transaction.TEE is the security extension based on CPU hardware, and with it is external completely every
From credible performing environment.TEE is the concept proposed by Global Platform earliest, for solving resource in mobile device
Security isolation, be parallel to operating system and credible and secure performing environment be provided for application program.The Trust Zone technology of ARM
The TEE technology of real commercialization is realized earliest.
Along with the high speed development of internet, safe demand is higher and higher, is not limited only to mobile device, cloud device,
Data center all proposes more demands to TEE.The concept of TEE has also obtained the development and expansion of high speed.Now described
TEE is compared to the TEE for the concept initially proposed being more broad sense.For example, server chips manufacturer Intel, AMD etc. are first
It is proposed the TEE of hardware auxiliary afterwards and enriches the concept and characteristic of TEE, is had been widely recognized in industry.It mentions now
The TEE risen usually more refers to the TEE technology of this kind of hardware auxiliary.Different from mobile terminal, cloud access needs to remotely access, terminal
User is invisible to hardware platform, therefore seeks to the genuine and believable of confirmation TEE using the first step of TEE.Therefore present TEE
Technology all introduces remote proving mechanism, is endorsed by hardware vendor (mainly CPU manufacturer) and is ensured by digital signature technology
User can verify that TEE state.It is simultaneously only the demand for security that the resource isolation of safety is also unable to satisfy, further data
Secret protection is also suggested.Including Intel SGX, the commercial TEE including AMD SEV also both provides memory encryption technology, will
Reliable hardware is limited to inside CPU, and the data of bus and memory are that ciphertext prevents malicious user from being spied upon.For example, Ying Te
Your software protection extends code execution, remote proving, security configuration, the secure storage of data such as (SGX) TEE technology insulation
And the trusted path for executing code.The application program run in TEE is kept safe, as a consequence it is hardly possible to by third
Side's access.
By taking Intel SGX technology as an example, SGX provides enclosure (enclave, also referred to as enclave), i.e., one adds in memory
Close credible execution region, protects data not to be stolen by CPU.By taking the first block chain node is using the CPU for supporting SGX as an example,
Using newly-increased processor instruction, a part of region EPC (Enclave Page Cache, enclosure page can be distributed in memory
Face caching or enclave page cache), by the crypto engine MEE (Memory Encryption Engine) in CPU to wherein
Data encrypted.The content encrypted in EPC, which only enters after CPU, can just be decrypted into plain text.Therefore, in SGX, user
It can distrust operating system, VMM (Virtual Machine Monitor, monitor of virtual machine), even BIOS (Basic
Input Output System, basic input output system), it is only necessary to trust CPU just and can ensure that private data will not leak.
It in practical application, is transferred in enclosure after private data being encrypted with ciphertext form, and will be corresponding by remote proving
Code key is also passed to enclosure.Then, operation is carried out using data under the encipherment protection of CPU, as a result can be returned with ciphertext form.This
Under kind mode, powerful calculating power not only can use, but also do not have to concern of data and leak.
It is assumed that above-mentioned privacy transaction is generated by user in a certain client, which can firstly generate hands in plain text
Then easy content encrypts the plaintext transaction content with key.The encryption can use symmetric cryptography, can also use non-
Symmetric cryptography.Correspondingly, the first block chain node can decrypt the privacy with corresponding key and trade, and be traded in plain text with obtaining
Content.If client symmetric cryptography mode, i.e., plaintext transaction content is encrypted with the private key of symmetric encipherment algorithm, then accordingly
Ground, the first block chain node can decrypt the privacy with the private key of the symmetric encipherment algorithm and trade.What symmetric cryptography used
Encryption Algorithm, e.g. DES algorithm, 3DES algorithm, TDEA algorithm, Blowfish algorithm, RC5 algorithm, IDEA algorithm etc..Symmetrically
The key of Encryption Algorithm, such as can be and negotiate to determine by client and the first block chain node.
If encrypted with the private key of rivest, shamir, adelman to plaintext transaction content, then phase with asymmetric encryption mode
Ying Di, the first block chain node can decrypt the privacy with the private key of the rivest, shamir, adelman and trade.Asymmetric encryption
Algorithm, e.g. RSA, Elgamal, knapsack algorithm, Rabin, D-H, ECC (elliptic curve encryption algorithm) etc..Asymmetric encryption
The key of algorithm, such as can be and a pair of of public key and private key are generated by the first block chain node, and by public key before step 402
It is sent to the client, so that client described in step 402 can encrypt plaintext transaction content with key.
The key of rivest, shamir, adelman can also be generated by a Key Management server.Pass through the side of remote proving
Private key is sent to the first block chain node by formula, Key Management server, specifically, can be incoming first block chain node
In enclosure.First block chain node may include multiple enclosures, and the safety that above-mentioned private key can be passed into these enclosures is enclosed
Circle;For example, the safe enclosure can be QE (Quoting Enclave) enclosure, rather than AE (Application Enclave) encloses
Circle.For the public key of asymmetric encryption, the client can be sent to by Key Management server.Thus in step 402,
The client can use the public key encryption plaintext transaction content, and correspondingly, the first block chain node can use the private key solution
The close privacy transaction, to obtain the plaintext transaction content that privacy transaction includes.
Client can also be in such a way that symmetric cryptography combination asymmetric encryption combines.For example, client use pair
Claim Encryption Algorithm encrypting plaintext transaction content, that is, uses the private key encryption plaintext transaction content of symmetric encipherment algorithm, and with non-right
Claim the private key used in Encryption Algorithm cryptographic symmetrical Encryption Algorithm.In general, using the public key encryption pair of rivest, shamir, adelman
Claim the private key used in Encryption Algorithm.In this way, after the first block chain node receives the transaction of encryption, it can be first using asymmetric
The private key of Encryption Algorithm is decrypted, and obtains the private key of symmetric encipherment algorithm, and then decrypted with the private key of symmetric encipherment algorithm
To plaintext transaction content.
For example, the private key of rivest, shamir, adelman can be sent to the firstth area by remote proving by Key Management server
The enclosure of block chain node, and the private key of rivest, shamir, adelman is sent to the client.Thus, the client can adopt
With the private key encryption plaintext transaction content of symmetric encipherment algorithm, that is, use in the private key encryption plaintext transaction of symmetric encipherment algorithm
Hold, and with the private key used in the public key encryption symmetric encipherment algorithm of rivest, shamir, adelman.In turn, the client can incite somebody to action
Privacy transaction and encryption key (by rivest, shamir, adelman public key to the private key used in the symmetric encipherment algorithm into
Obtained after row encryption) it is sent to the first block chain node.First block chain node receives the privacy transaction and encryption key
Afterwards, first the encryption key can be decrypted with the private key of rivest, shamir, adelman to obtain the private key of symmetric encipherment algorithm, into
And decrypt the privacy with the private key of the symmetric encipherment algorithm and trade, obtain plaintext transaction content.Here cipher mode is general
Referred to as digital envelope encrypts.
After privacy transaction is decrypted in first block chain node, plaintext transaction content is obtained.Plaintext transaction content can be with
Code comprising intelligent contract, for creating intelligent contract in block chain;Plaintext transaction content may include in block chain
The contract address of a certain intelligent contract created, for calling the intelligence contract.
Either for creating or calling intelligent contract, the first block chain node can be by executing generation of the intelligence contract
Code, to complete to trade.First block chain node can execute the code of the intelligent contract in credible performing environment.Work as intelligence
When the code of contract is located in privacy transaction, the first block chain node to privacy transaction by being decrypted to obtain above-mentioned plaintext
Transaction content, the code of the intelligent contract in the plaintext transaction content comprising plaintext;When intelligent contract has created in advance, privacy is handed over
When being easy for calling the intelligence contract, if the intelligence contract carries out encryption storage by the first block chain link point in advance, and this
One block chain node can be by reading in the code of the intelligent contract of ciphertext in credible performing environment, and decrypts and obtain plaintext
The code of intelligent contract.Multinest structure may be implemented between intelligent contract;Such as the code in intelligence and about 1 has invoked intelligence
Can be with about 2, and the code in intelligence and about 2 has been directed toward the contract address 3 through creating intelligent contract code building, to work as privacy
When the code in intelligence and about 1 is called in transaction, the intelligent contract code in the contract address 3 is had invoked indirectly.
In one embodiment, there may be multiple corresponding intelligent contracts for the ciphertext transaction, and in ciphertext transaction
The processing type that each intelligent contract marks respectively is existed for, the first block chain node is directed in ciphertext transaction not
The processing operation of differentiation is used with the intelligent contract of processing type;Wherein, plaintext implementing result described above includes each
The corresponding plaintext contract implementing result of intelligent contract.For example, may include a type field in the code of intelligent contract, the
One block chain node can in the code based on each intelligent contract contained type field value, determine that the intelligence contract is hidden
Privates manages type or in plain text processing type;For another example privacy processing type intelligent contract in may include privacy identifier,
The intelligent contract of processing type can not include the privacy identifier in plain text;In another example the intelligent contract of processing type can in plain text
The plaintext identifier can not included with the intelligent contract comprising plaintext identifier, privacy processing type;Correspondingly, the first block
Chain node can be based on above-mentioned difference, distinguish the intelligent contract of different disposal type.
It is assumed that the ciphertext transaction, there are the corresponding first intelligent contract, which is noted as privacy processing
Type, the first block chain node can execute the first intelligent contract in credible performing environment, obtain corresponding plaintext contract
Implementing result, and further by key pair, the corresponding plaintext contract implementing result of the first intelligence contract carries out being encrypted as ciphertext
Contract implementing result, then above-mentioned ciphertext implementing result includes the ciphertext contract implementing result, which can
To realize ciphertext storage in external memory space.
It is assumed that the ciphertext transaction, there are the corresponding second intelligent contract, which is noted as handling in plain text
Type, the first block chain node can execute the second intelligent contract in credible performing environment, obtain corresponding plaintext contract
Implementing result, but without further implementing cryptographic operation, above-mentioned ciphertext implementing result may include the plaintext contract and execute knot
Fruit, the plaintext contract implementing result can realize stored in clear in external memory space.
As it can be seen that when each intelligent contract that ciphertext transaction includes is privacy processing type, ciphertext implementing result
Include these corresponding ciphertext contract implementing results of intelligence contract;When the ciphertext is traded while handling type comprising privacy
When handling the intelligent contract of type with plaintext, ciphertext implementing result includes that these corresponding ciphertext contracts of intelligence contracts execute
As a result with plaintext contract implementing result.
The ciphertext transaction can be used for creating intelligent contract and/or call intelligent contract.
When the ciphertext is traded for creating intelligent contract, the to field in transaction is sky, and can be in data field
The code of multiple intelligent contracts for needing to create is separately included, and the processing type of corresponding intelligent contract can be marked in code.
So, for the intelligent contract of privacy processing type, the first block chain node can be created as the intelligent contract of privacy type, should
The code of intelligent contract is stored in external memory space with ciphertext form.The intelligent contract of type, the firstth area are handled for plaintext
Block chain node can be created as the intelligent contract of plaintext type, and the code of the intelligence contract is stored in external storage with plaintext version
Space.
When the ciphertext is traded for calling intelligent contract, n to field may include in transaction, to correspond respectively to
N different contracts call, for example, to1 field be intelligence and about 1 address, to be called for the intelligence and about 1, to2
Field be intelligence and about 2 address, to be called for the intelligence and about 2.So, it is called for each contract, it can be with
Indicate corresponding processing type in data field respectively: when intelligence and about 1 be noted as privacy processing type when, no matter the intelligence
About 1 intelligent contract as privacy type or plaintext type, the first block chain node execute the intelligence and about 1, make
After corresponding contract state changes, store after being encrypted to the contract state to external memory space;When intelligent conjunction
About 2 when being noted as handling type in plain text, the intelligence and about 2 it is general should be plaintext type intelligent contracts (it is certain, do not arrange
Except intelligence and about 2 be privacy type intelligent contract the case where), the first block chain node execute the intelligence and about 2, make phase
After the contract state answered changes, stored in clear is carried out to external memory space to the contract state.
Certainly, when ciphertext is traded for calling intelligent contract, if multiple contracts call to same intelligent contract into
Row calls, and can only include a to field in transaction, and the value of the to field is the address of called intelligent contract, and
Data field may include the information repeatedly called for implementation needed for the same intelligent contract.For example called intelligence is closed
About for implementing transfer operation in given time, then the ground of the intelligence contract can be written in field in ciphertext transaction
Location is respectively written into the information of each calling in data field, for example each calling wishes at the time of generation, transfers accounts and object and transfer accounts
Amount of money etc., and mark wishes the processing type used respectively;For example, when calling 1 to wish to be transferred to the amount of money to account U1 in moment t1
M1, when being labeled as privacy processing type, the first block chain node can call the intelligence contract to complete to transfer accounts, and by contract shape
State encryption after store to external memory space, and when call 2 wish moment t2 to account U2 be transferred to amount of money M2, be labeled as in plain text
When handling type, the first block chain node can call the intelligence contract to complete to transfer accounts, and extremely by contract state stored in clear
External memory space.
When the ciphertext is traded for creating and calling intelligent contract, all creation intelligence contracts can correspond to one
The to field of a sky, and the intelligent contract of each calling can according to circumstances use one or more to field, this can refer to upper
State correlation circumstance when calling intelligent contract.Correspondingly, data field may include the code for the intelligent contract that need to be created, the generation
The processing type and data field that related intelligent contract can be marked in code may include for called intelligent contract and
The processing type of mark.First block chain node correspondingly can create and call intelligent contract according to the processing type of mark,
It can be respectively with reference to the embodiment of above-mentioned creation intelligence contract and the intelligent contract of calling.
Specifically, the first block chain node can use the processor instruction increased newly in CPU, one can be distributed in memory
Partial region EPC carries out encryption to above-mentioned plaintext code by the crypto engine MEE in CPU and is stored in the EPC.In EPC
The content of encryption is decrypted into plain text after entering CPU.In CPU, operation is carried out to the code of the plaintext, completion executed
Journey.
In SGX technology, the code of the intelligent contract is executed, EVM can be loaded into the enclosure.In remote proving
In the process, the Key Management server can calculate the hash value of local EVM code, and with loaded in the first block chain node
The hash value of EVM code compare, comparison result is correctly as by a necessary condition of remote proving, so that completion is to the
The measurement of the code of one block chain node SGX enclosure load.Through excess vol, correct EVM can execute the intelligence in SGX
Contract code.
In general, the contract state can change after CPU executes the plaintext code.Contract state is stored in area
Block chain is that database, such as local database is written in the contract state from the angle of block chain node.The database,
It is generally stored among storage medium, more common is persistent storage medium.The persistent storage medium, can be magnetic
Disk, floppy disk are also possible to the memory etc that can restore data after being powered so as to persistent storage.
The operation that database is written, if being indicated with code, such as setstorage (key, ENC (value, secret_
key)).In setstorage (key, ENC (value, secret_key)), key (key) can be with traditional key writing mode phase
Together.As for the write-in of value, Intel SGX technology can be used, ENC indicates that enclave, secret_key indicate to use SGX
The key used when database is written in technology.The key can be the key of symmetric cryptography, e.g. seal (Simple
Encrypted Arithmetic Library) key.The seal key, for example, can be by after remote proving by key
Management server is sent to the first block chain node, then for example can be each node (such as the first block chain link in block chain
Point and other block chain nodes) between negotiate to obtain.The key is also possible to the key of asymmetric encryption.The key can be with
It is stored in the enclosure of the first block chain node.First block chain node may include multiple enclosures, and above-mentioned private key can be with
The safe enclosure being passed into these enclosures;For example, the safe enclosure can be QE enclosure, rather than AE enclosure.
As it can be seen that the first block chain node can create credible performing environment, and ensure phase in the embodiment of this specification
Close sensitive information (such as transaction content, implementing result) only in credible performing environment be decrypted read or execute, and once from
It is in encrypted state when opening credible performing environment, thus in the full link of processing transaction, it is ensured that privacy and safety.
First block chain node is by running the code for realizing a certain function, to realize the function.Therefore, for needing
The function to realize in credible performing environment also needs to execute correlative code.And for being executed in credible performing environment
Code, need to meet the related specifications and requirement of credible performing environment;Accordingly in the related technology for realizing a certain
The code of function needs the specification and requirement in conjunction with credible performing environment to re-start written in code, and there is only relatively bigger
Exploitation amount, and be easy during rewriting generate loophole (bug), influence function realization reliability and stability.
Therefore, the first block chain node is by being encrypted as ciphertext implementing result by key for plaintext implementing result, and is somebody's turn to do
Ciphertext implementing result is only decrypted by credible performing environment, it can be ensured that ciphertext implementing result safe enough itself.
On this basis, the first block chain node, will be described close by executing store function code except the credible performing environment
Literary implementing result is stored to the external memory space except the credible performing environment, and the store function code is allowed to be phase
Code is re-started in the technology of pass for realizing the code of store function, the specification and requirement not needed in conjunction with credible performing environment
It writes, can realize safe and reliable storage for the ciphertext implementing result, can not only not influence safe and reliable degree
On the basis of, the exploitation amount of correlative code is reduced, and TCB can be reduced by reducing the correlative code of credible performing environment
(Trusted Computing Base, trusted computing base), so that during TEE technology and block chain technology are combined,
Security risk caused by additional is in controlled range.
In one embodiment, the first block chain node can execute write buffer function code in credible performing environment, with
The plaintext implementing result is stored in the write buffer in the credible performing environment, for example the write buffer can correspond to such as figure
" caching " shown in 2.Further, the first block chain node by after the data encryption in the write buffer from the credible execution
Environment output, to store to the external memory space.Wherein, the write buffer function code can be stored in plaintext version
In the credible performing environment, the caching function code of the plaintext version can be directly executed in credible performing environment;Or, institute
Stating write buffer function code can be stored in except the credible performing environment with ciphertext form, for example be stored in above-mentioned outside
The write buffer function code of the ciphertext form can be read in credible hold by memory space (such as " packing+storage " shown in Fig. 2)
Row environment is decrypted as plaintext code in credible performing environment, and executes the plaintext code.
Write buffer refers to when writing data into external memory space, in order to avoid causing " the punching to external memory space
Hit " and " buffering " mechanism of offer.For example, can realize above-mentioned write buffer using buffer;Certainly, write buffer can also adopt
It is realized with cache, this specification is limited not to this.In fact, due to the safety collar that credible performing environment is isolation
Border, and external memory space is located at except credible performing environment, so that by using write buffer mechanism, it can be to the number in caching
External memory space is written according to batch is carried out, so that the interaction times between credible performing environment and external memory space are reduced,
Promote data storage efficiency.Meanwhile credible performing environment is during constantly executing each item plaintext transaction content, it may be necessary to
Transferring generated data (such as value of contract state) can be direct if the data that need to be called are located exactly in write buffer
The data are read from write buffer, on the one hand can be reduced the interaction between external memory space in this way, on the other hand be removed from
To the decrypting process from external memory space data streams read, thus the data processing effect being lifted in credible performing environment
Rate.
It is of course also possible to write buffer is built on except credible performing environment, for example the first block chain node can be can
Believe and execute write buffer function code except performing environment, so that the ciphertext implementing result is stored in outside the credible performing environment
Write buffer in, and further the data in the write buffer are stored to the external memory space.
In one embodiment, the inquiry request that the first block chain node can be initiated according to client, holds the plaintext
It is exported after the encryption of row result from credible performing environment, to be back to the client.
For example, the first block chain node can read the ciphertext implementing result from the external memory space, by institute
The decryption of ciphertext implementing result is stated the credible performing environment to be read in, then being held to the plaintext after the plaintext implementing result
It is exported after the encryption of row result from credible performing environment, for example is returned and encrypted to client by transaction/query interface shown in Fig. 2
Plaintext implementing result afterwards.
For another example the first block chain node can read the plaintext from the read buffer in credible performing environment executes knot
Fruit, and exported to after plaintext implementing result encryption from credible performing environment;Wherein, the plaintext implementing result is by the firstth area
Block chain node executes read buffer function code in credible performing environment in advance, reads from the external memory space described close
Literary implementing result decrypts the ciphertext implementing result to read in the credible performing environment simultaneously after the plaintext implementing result
It is stored in the read buffer.In other words, the first block chain node reads the ciphertext from the external memory space and executes knot
Fruit decrypts the ciphertext implementing result for after the plaintext implementing result, can be by executing reading in credible performing environment
The plaintext implementing result is stored in the read buffer in credible performing environment by caching function code, for example the read buffer can be right
It should be in " caching " shown in Fig. 2;Further, the inquiry request initiated for client, or exist for credible performing environment
Data required when plaintext transaction content are executed, reading data can be preferentially carried out from the read buffer, if dependency number can be read
According to being then not necessarily to read from external memory space, to reduce and the interaction times of external memory space, release data deciphering mistake
Journey.
Read buffer refers to after data are read in credible performing environment from external memory space, in order to reduce and external storage
The data read can be stored in the read buffer space in credible performing environment by the interaction times in space with plaintext version
It is interior.For example, can realize above-mentioned read buffer using cache;Certainly, read buffer can also be realized using buffer, this theory
Bright book is limited not to this.
First block chain node can support above-mentioned read buffer mechanism and write buffer mechanism simultaneously.And with caching technology
Continuous development, same caching can be applied not only to realize reading data or data write-in, it might even be possible to while support data
Read-write operation, so that the boundary line between read buffer and write buffer is not sometimes very clear, thus only with " caching " progress in Fig. 2
Signal, and its concrete type is not distinguished specifically, it can be configured and be adjusted according to actual needs.
Certainly, the caching mechanism in above-mentioned credible performing environment, can be applied equally in conventional performing environment, such as logical
" caching " Lai Shixian in conventional performing environment shown in Fig. 2 is crossed, but reading and writing data at this time relates only to read and write in plain text, no
Need to implement data encrypting and deciphering operation, details are not described herein again.
When the first block chain node is by competition or negotiates to be determined as accounting nodes, the first block chain node can be to area
Verifying node in block chain initiates common recognition.Specifically, the first block chain node can determine that epicycle needs one group of transaction of cochain,
These transaction can be that plaintext trades, is privacy transaction or transaction and privacy transaction in plain text simultaneously, then the first block
Chain node can be traded by executing each item in group transaction, and according to every transaction and its corresponding transaction implementing result
Information such as (corresponding to ciphertext implementing result if corresponding to plaintext implementing result, privacy transaction if plaintext is traded), generate state
Tree, transaction tree and receipt tree, corresponding Hash of root node that this three are set is charged in block head;Then, the first block chain
After one group of above-mentioned transaction is packaged (such as " packing+storage " module as shown in Figure 2 is realized) and generates new block by node,
The block or block head are broadcasted into the verifying node into block chain network (i.e. in block chain network other than accounting nodes
Block chain node), it initiates common recognition and proposes.And node is verified by executing one group of above-mentioned transaction, to the root Hash in block head
It is verified, and after determining proposal by verifying, the block comprising this group transaction is appended to original block chain end (i.e.
Cochain), according to this group transaction implementing result world state is updated.And the first block chain node can know together in confirmation
By rear, by executing the store function code to corresponding plaintext implementing result and/or the privacy transaction correspondence of trading in plain text
Ciphertext implementing result stored;It is of course also possible to just be stored when common recognition unconfirmed passes through, and carried out after finding the problem
Rollback.
When the first block chain node is verifying node rather than accounting nodes, the first block chain node can receive book keeping operation
The common recognition that node is initiated proposes that the common recognition is proposed related to plaintext transaction and/or privacy transaction.For example, accounting nodes can be with
For the second block chain node, and the common recognition that the first block chain link point receives the initiation of the second block chain node is proposed, which proposes
Comprising one group of transaction, these transaction are that plaintext trades, is privacy transaction or transaction and privacy transaction in plain text simultaneously, this is total
Know the root node proposed also comprising three trees described above.First block chain node can be held by process described above
Transaction obtains corresponding plaintext implementing result to row in plain text, execution privacy trades to obtain corresponding ciphertext implementing result, then generates
The root node of three trees, and be compared by root node contained by block head in proposing with common recognition, to be in comparison result
Determine that the common recognition proposes otherwise to be determined as unverified by verifying when consistent.After being verified, the first block chain link
Point is by executing the store function code to corresponding plaintext implementing result and/or the corresponding ciphertext of privacy transaction of trading in plain text
Implementing result is stored.
It is noted that each block chain node in block chain network, corresponding bright trading for same privacy
When literary implementing result is encrypted, it should be ensured that the key of use is identical, in this way in the corresponding plaintext implementing result phase of privacy transaction
It can ensure that resulting ciphertext implementing result is identical in the case where, to generate identical root node.
Below in conjunction with the realization for the embodiment of the method for illustrating to realize three handed deal shown in Fig. 6 in another block chain of this specification
Process:
Step 602, the first block chain node receives transaction, and the transaction includes the type field of plaintext.
Described in step 102 as shown in figure 1, transaction can be committed to the first block chain node by client.The transaction
The first block chain node can be forwarded to by the second block chain node.
For example, transaction is committed to the first block chain node after client generates the transaction, through the client by user.
It include transaction/query interface in the first block chain node, which can dock with client, so that client can by taking Fig. 2 as an example
It is traded with being submitted to the first block chain node.
For another example the transaction is committed to the second block chain after client generates the transaction, through the client by user
Node;Then, which is further forwarded to the first block chain node by the second block chain link point.By taking Fig. 2 as an example, above-mentioned interface
It can be docked with other block chain nodes, for example other block chain nodes may include the second above-mentioned block chain node, so that
Second block chain node can be to the first block chain node transmitted transaction.Similarly, the second block chain node can also pass through itself
Transaction/query interface docked with client, with receive client submission transaction.
Step 604, the value of first block chain node type field according to contained by the transaction identifies that the transaction is bright
Text transaction or privacy transaction.
Described in step 104 as shown in figure 1, by adding type field in transaction, allow the first block chain accordingly
Identify that type of transaction is transaction in plain text or privacy transaction.The present embodiment increases a kind of on the basis of the relevant technologies in transaction
Type-word section, for example it is characterized as type field, and the value based on the type field, show the type of relationship trading;For example, working as class
When type-word section is the first value, show that relationship trading to trade in plain text, when type field is the second value, shows relationship trading
For privacy transaction.
In one embodiment, all the elements of transaction are all made of plaintext version in plain text, i.e. each field of the transaction is adopted
With plaintext version, the first block chain node is directly read out to each field of plaintext transaction, to implement phase
Pass processing.Other than type field is using plaintext version, other fields are all made of ciphertext form for privacy transaction, so that on the one hand
First block chain node can quickly identify type of transaction without decryption, thus for transaction and privacy in plain text
Differentiation processing is implemented in transaction, on the other hand makes it only by using ciphertext form and can be held the object of key to be decrypted
And reading, avoid Transaction Information from revealing.
Step 606, the first block chain node executes the plaintext transaction except credible performing environment, and bright by what is obtained
Literary implementing result is stored to the external memory space except the credible performing environment.
Described in step 106A as shown in figure 1, the first block chain node is compatible in the related technology for the processing of plaintext transaction
Ability can handle plaintext transaction except credible performing environment, and plaintext implementing result is stored to external storage
Space.Such as shown in Fig. 2, the first block chain node can be divided into conventional performing environment and credible performing environment, and client mentions
It hands over the transaction (by taking the transaction that client is submitted as an example) to initially enter " transaction/query interface " in conventional performing environment and carries out class
Type identification, the plaintext transaction that will identify that stay in the privacy transaction transport for being handled in conventional performing environment, and being will identify that
Extremely handled in credible performing environment.In other words, the first block chain node, which can be both compatible with, in the related technology hands over plaintext
Easy processing, and can trade and handle to the privacy of ciphertext form, to trade in entire block chain network to plaintext
It trades with privacy and realizes mixed processing.
Transaction in this specification can be used to implement relatively simple processing logic, for example be similar in the related technology
It transfers accounts logic.Transaction in this specification can be also used for realizing relative complex processing logic, here can be by means of intelligence
Contract is realized.
Further, described in step 106B as shown in figure 1, privacy transaction is decrypted in the first block chain node,
To obtain corresponding plaintext transaction content;The plaintext transaction content, and the plaintext that will be obtained are executed in credible performing environment
Implementing result is exported from the credible performing environment after being encrypted as ciphertext implementing result;It is held except the credible performing environment
Row store function code, the ciphertext implementing result is stored to the external memory space.
About the relevant information for the encryption and decryption traded to privacy, is executed to plaintext implementing result and ciphertext adding between structure
Decryption, based on caching mechanism, common recognition process between credible performing environment and external memory space etc., can refer to step
The associated description of 106B, details are not described herein again.
Below in conjunction with the realization for the embodiment of the method for illustrating to realize three handed deal shown in Fig. 7 in the another block chain of this specification
Process:
Step 702, the first block chain node receives transaction, and the transaction includes the type field of plaintext.
Described in step 102 as shown in figure 1, transaction can be committed to the first block chain node by client.The transaction
The first block chain node can be forwarded to by the second block chain node.
For example, transaction is committed to the first block chain node after client generates the transaction, through the client by user.
It include transaction/query interface in the first block chain node, which can dock with client, so that client can by taking Fig. 2 as an example
It is traded with being submitted to the first block chain node.
For another example the transaction is committed to the second block chain after client generates the transaction, through the client by user
Node;Then, which is further forwarded to the first block chain node by the second block chain link point.By taking Fig. 2 as an example, above-mentioned interface
It can be docked with other block chain nodes, for example other block chain nodes may include the second above-mentioned block chain node, so that
Second block chain node can be to the first block chain node transmitted transaction.Similarly, the second block chain node can also pass through itself
Transaction/query interface docked with client, with receive client submission transaction.
Step 704, the value of first block chain node type field according to contained by the transaction identifies that the transaction is bright
Text transaction or privacy transaction.
Described in step 104 as shown in figure 1, by adding type field in transaction, allow the first block chain accordingly
Identify that type of transaction is transaction in plain text or privacy transaction.The present embodiment increases a kind of on the basis of the relevant technologies in transaction
Type-word section, for example it is characterized as type field, and the value based on the type field, show the type of relationship trading;For example, working as class
When type-word section is the first value, show that relationship trading to trade in plain text, when type field is the second value, shows relationship trading
For privacy transaction.
In one embodiment, all the elements of transaction are all made of plaintext version in plain text, i.e. each field of the transaction is adopted
With plaintext version, the first block chain node is directly read out to each field of plaintext transaction, to implement phase
Pass processing.Other than type field is using plaintext version, other fields are all made of ciphertext form for privacy transaction, so that on the one hand
First block chain node can quickly identify type of transaction without decryption, thus for transaction and privacy in plain text
Differentiation processing is implemented in transaction, on the other hand makes it only by using ciphertext form and can be held the object of key to be decrypted
And reading, avoid Transaction Information from revealing.
Step 706, privacy transaction is decrypted in the first block chain node, to obtain in corresponding transaction in plain text
Hold;The plaintext transaction content is executed in credible performing environment, and obtained plaintext implementing result is encrypted as ciphertext and is executed
As a result it is exported from the credible performing environment after;Store function code is executed except the credible performing environment, by institute
Ciphertext implementing result is stated to store to the external memory space except the credible performing environment.
In step 706, it is executed about the relevant information for the encryption and decryption traded to privacy, to plaintext implementing result and ciphertext
Encryption and decryption between structure, based on caching mechanism, common recognition process between credible performing environment and external memory space etc.,
With the associated description with reference to step 106B, details are not described herein again.
Further, described in step 106A as shown in figure 1, the first block chain node executes institute except credible performing environment
It states literary transaction clearly, and obtained plaintext implementing result is stored to the external memory space except the credible performing environment.I.e.
First block chain node is compatible in the related technology for the processing capacity of plaintext transaction, can be except credible performing environment to bright
Text transaction is handled, and plaintext implementing result is stored to external memory space.Such as shown in Fig. 2, the first block chain node
It can be divided into conventional performing environment and credible performing environment, client submits the transaction (by taking the transaction that client is submitted as an example)
" transaction/query interface " initially entered in conventional performing environment carries out type identification, and the plaintext transaction that will identify that stays in often
It is handled in rule performing environment, and the privacy transaction transport that will identify that is handled into credible performing environment.In other words,
First block chain node can be not only compatible in the related technology for the processing of plaintext transaction, but also can be handed over the privacy of ciphertext form
It is easily handled, to realize mixed processing to plaintext transaction and privacy transaction in entire block chain network.
Transaction in this specification can be used to implement relatively simple processing logic, for example be similar in the related technology
It transfers accounts logic.Transaction in this specification can be also used for realizing relative complex processing logic, here can be by means of intelligence
Contract is realized.
The node embodiment that three handed deal is realized in a kind of block chain of this specification is introduced below in conjunction with Fig. 8, comprising:
Receiving unit 801, for receiving transaction, the transaction includes the type field of plaintext;
Recognition unit 802 identifies the transaction for the value of the type field according to contained by the transaction to trade in plain text
Or privacy transaction;
Plaintext transaction handling unit 803 for executing plaintext transaction except credible performing environment, and will obtain
Plaintext implementing result is stored to the external memory space except the credible performing environment;
Privacy transaction handling unit 804, for privacy transaction to be decrypted, to obtain in corresponding transaction in plain text
Hold;The plaintext transaction content is executed in credible performing environment, and obtained plaintext implementing result is encrypted as ciphertext and is executed
As a result it is exported from the credible performing environment after;Store function code is executed except the credible performing environment, by institute
Ciphertext implementing result is stated to store to the external memory space.
The node embodiment that three handed deal is realized in a kind of block chain of this specification is introduced below in conjunction with Fig. 9, comprising:
Receiving unit 901, for receiving transaction, the transaction includes the type field of plaintext;
Recognition unit 902 identifies the transaction for the value of the type field according to contained by the transaction to trade in plain text
Or privacy transaction;
Plaintext transaction handling unit 903 for executing plaintext transaction except credible performing environment, and will obtain
Plaintext implementing result is stored to the external memory space except the credible performing environment.
Optionally, further includes:
Decryption unit 904, for privacy transaction to be decrypted, to obtain corresponding plaintext transaction content;
Execution unit 905 is held for executing the plaintext transaction content in credible performing environment, and by obtained plaintext
Row result is exported from the credible performing environment after being encrypted as ciphertext implementing result;
Storage unit 906 holds the ciphertext for executing store function code except the credible performing environment
Row result is stored to the external memory space.
The node embodiment that three handed deal is realized in a kind of block chain of this specification is introduced below in conjunction with Figure 10, comprising:
Receiving unit 1001, for receiving transaction, the transaction includes the type field of plaintext;
Recognition unit 1002 identifies the transaction for the value of the type field according to contained by the transaction to hand in plain text
Easily or privacy is traded;
Decryption unit 1003, for privacy transaction to be decrypted, to obtain corresponding plaintext transaction content;
Execution unit 1004, for executing the plaintext transaction content, and the plaintext that will be obtained in credible performing environment
Implementing result is exported from the credible performing environment after being encrypted as ciphertext implementing result;
Storage unit 1005, for executing store function code except the credible performing environment, by the ciphertext
Implementing result is stored to the external memory space except the credible performing environment.
Optionally, further includes:
Plaintext transaction handling unit 1006 for executing the plaintext transaction except credible performing environment, and will obtain
Plaintext implementing result store to the external memory space.
In the 1990s, the improvement of a technology can be distinguished clearly be on hardware improvement (for example,
Improvement to circuit structures such as diode, transistor, switches) or software on improvement (improvement for method flow).So
And with the development of technology, the improvement of current many method flows can be considered as directly improving for hardware circuit.
Designer nearly all obtains corresponding hardware circuit by the way that improved method flow to be programmed into hardware circuit.Cause
This, it cannot be said that the improvement of a method flow cannot be realized with hardware entities module.For example, programmable logic device
(Programmable Logic Device, PLD) (such as field programmable gate array (Field Programmable Gate
Array, FPGA)) it is exactly such a integrated circuit, logic function determines device programming by user.By designer
Voluntarily programming comes a digital display circuit " integrated " on a piece of PLD, designs and makes without asking chip maker
Dedicated IC chip.Moreover, nowadays, substitution manually makes IC chip, this programming is also used instead mostly " is patrolled
Volume compiler (logic compiler) " software realizes that software compiler used is similar when it writes with program development,
And the source code before compiling also write by handy specific programming language, this is referred to as hardware description language
(Hardware Description Language, HDL), and HDL is also not only a kind of, but there are many kind, such as ABEL
(Advanced Boolean Expression Language)、AHDL(Altera Hardware Description
Language)、Confluence、CUPL(Cornell University Programming Language)、HDCal、JHDL
(Java Hardware Description Language)、Lava、Lola、MyHDL、PALASM、RHDL(Ruby
Hardware Description Language) etc., VHDL (Very-High-Speed is most generally used at present
Integrated Circuit Hardware Description Language) and Verilog.Those skilled in the art also answer
This understands, it is only necessary to method flow slightly programming in logic and is programmed into integrated circuit with above-mentioned several hardware description languages,
The hardware circuit for realizing the logical method process can be readily available.
Controller can be implemented in any suitable manner, for example, controller can take such as microprocessor or processing
The computer for the computer readable program code (such as software or firmware) that device and storage can be executed by (micro-) processor can
Read medium, logic gate, switch, specific integrated circuit (Application Specific Integrated Circuit,
ASIC), the form of programmable logic controller (PLC) and insertion microcontroller, the example of controller includes but is not limited to following microcontroller
Device: ARC 625D, Atmel AT91SAM, Microchip PIC18F26K20 and Silicone Labs C8051F320 are deposited
Memory controller is also implemented as a part of the control logic of memory.It is also known in the art that in addition to
Pure computer readable program code mode is realized other than controller, can be made completely by the way that method and step is carried out programming in logic
Controller is obtained to come in fact in the form of logic gate, switch, specific integrated circuit, programmable logic controller (PLC) and insertion microcontroller etc.
Existing identical function.Therefore this controller is considered a kind of hardware component, and to including for realizing various in it
The device of function can also be considered as the structure in hardware component.Or even, it can will be regarded for realizing the device of various functions
For either the software module of implementation method can be the structure in hardware component again.
System, device, module or the unit that above-described embodiment illustrates can specifically realize by computer chip or entity,
Or it is realized by the product with certain function.It is a kind of typically to realize that equipment is computer.Specifically, computer for example may be used
Think personal computer, laptop computer, cellular phone, camera phone, smart phone, personal digital assistant, media play
It is any in device, navigation equipment, electronic mail equipment, game console, tablet computer, wearable device or these equipment
The combination of equipment.
For convenience of description, it is divided into various units when description apparatus above with function to describe respectively.Certainly, implementing this
The function of each unit can be realized in the same or multiple software and or hardware when specification.
It should be understood by those skilled in the art that, the embodiment of the present invention can provide as method, system or computer program
Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the present invention
Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the present invention, which can be used in one or more,
The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces
The form of product.
The present invention be referring to according to the method for the embodiment of the present invention, the process of equipment (system) and computer program product
Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions
The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs
Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce
A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real
The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
This specification can describe in the general context of computer-executable instructions executed by a computer, such as journey
Sequence module.Generally, program module include routines performing specific tasks or implementing specific abstract data types, programs, objects,
Component, data structure etc..This specification can also be practiced in a distributed computing environment, in these distributed computing environment
In, by executing task by the connected remote processing devices of communication network.In a distributed computing environment, program module
It can be located in the local and remote computer storage media including storage equipment.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates,
Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or
The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting
Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or
The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one
The step of function of being specified in a box or multiple boxes.In a typical configuration, computer includes at one or more
Manage device (CPU), input/output interface, network interface and memory.
Memory may include the non-volatile memory in computer-readable medium, random access memory (RAM) and/or
The forms such as Nonvolatile memory, such as read-only memory (ROM) or flash memory (flash RAM).Memory is computer-readable medium
Example.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method
Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data.
The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves
State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable
Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM),
Digital versatile disc (DVD) or other optical storage, magnetic cassettes, disk storage, quantum memory, based on graphene
Storage medium or other magnetic storage devices or any other non-transmission medium, can be used for storing can be accessed by a computing device
Information.As defined in this article, computer-readable medium does not include temporary computer readable media (transitory media),
Such as the data-signal and carrier wave of modulation.
It should also be noted that, the terms "include", "comprise" or its any other variant are intended to nonexcludability
It include so that the process, method, commodity or the equipment that include a series of elements not only include those elements, but also to wrap
Include other elements that are not explicitly listed, or further include for this process, method, commodity or equipment intrinsic want
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including described want
There is also other identical elements in the process, method of element, commodity or equipment.
It is above-mentioned that this specification specific embodiment is described.Other embodiments are in the scope of the appended claims
It is interior.In some cases, the movement recorded in detail in the claims or step can be come according to the sequence being different from embodiment
It executes and desired result still may be implemented.In addition, process depicted in the drawing not necessarily require show it is specific suitable
Sequence or consecutive order are just able to achieve desired result.In some embodiments, multitasking and parallel processing be also can
With or may be advantageous.
The term that this specification one or more embodiment uses be only merely for for the purpose of describing particular embodiments, and
It is not intended to be limiting this specification one or more embodiment.In this specification one or more embodiment and the appended claims
Used in the "an" of singular, " described " and "the" be also intended to including most forms, unless context understands earth's surface
Show other meanings.It is also understood that term "and/or" used herein refers to and includes one or more associated list
Any or all of project may combine.
It will be appreciated that though this specification one or more embodiment may using term first, second, third, etc. come
Various information are described, but these information should not necessarily be limited by these terms.These terms are only used to same type of information area each other
It separates.For example, the first information can also be referred to as in the case where not departing from this specification one or more scope of embodiments
Two information, similarly, the second information can also be referred to as the first information.Depending on context, word as used in this is " such as
Fruit " can be construed to " ... when " or " when ... " or " in response to determination ".
The foregoing is merely the preferred embodiments of this specification one or more embodiment, not to limit this theory
Bright book one or more embodiment, all within the spirit and principle of this specification one or more embodiment, that is done is any
Modification, equivalent replacement, improvement etc. should be included within the scope of the protection of this specification one or more embodiment.