Disclosure of Invention
The embodiment of the specification provides a digital asset hosting method and device in a block chain and electronic equipment, and aims to solve the problems that in the prior art, the safety of digital assets stored through an asset hosting mechanism and the privacy of user transaction are poor.
In order to solve the above technical problem, the embodiments of the present specification adopt the following technical solutions:
in a first aspect, a method for digital asset hosting in a blockchain is provided, the method comprising:
the client-side carries out blinding processing on the transaction to be signed;
the client sends the transaction after the blinding processing to the selected digital asset trusteeship end;
the digital asset hosting end signs the transaction after the blinding processing to obtain a blinding processing transaction signature; sending the blinded transaction signature to the client;
the client receives a blinded transaction signature sent by the digital asset trustee end;
and the client side obtains the transaction signature of the client side according to the blinding transaction signature of the selected digital asset management end.
In a second aspect, a client is provided, which is applied to digital asset hosting in a blockchain, and includes:
the blinding processing module is used for blinding the transaction to be signed;
the transmission module is used for transmitting the transaction after the blinding processing to the selected digital asset trusteeship end;
the receiving module is used for receiving the blinded transaction signature sent by the digital asset trustee end;
and the signature processing module is used for processing the transaction signature according to the blinding of the selected digital asset trustee end to obtain the transaction signature of the client.
In a third aspect, there is provided an apparatus for digital asset hosting in a blockchain, the apparatus comprising:
the receiving module is used for receiving the transaction after the blinding processing sent by the client;
the signature module is used for signing the transaction after the blinding processing to obtain a blinded transaction signature;
and the sending module is used for sending the blinded transaction signature to the client.
In a fourth aspect, an electronic device is provided, comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the computer program being executed by the processor to:
the client-side carries out blinding processing on the transaction to be signed;
the client sends the transaction after the blinding processing to the selected digital asset trusteeship end;
the digital asset hosting end signs the transaction after the blinding processing to obtain a blinding processing transaction signature; sending the blinded transaction signature to the client;
the client receives a blinded transaction signature sent by the digital asset trustee end;
and the client side obtains the transaction signature according to the blinded transaction signature of the selected digital asset trustee end.
In a fifth aspect, a computer-readable storage medium is provided that stores one or more programs which, when executed by an electronic device including a plurality of application programs, cause the electronic device to perform operations comprising:
the client-side carries out blinding processing on the transaction to be signed;
the client sends the transaction after the blinding processing to the selected digital asset trusteeship end;
the digital asset hosting end signs the transaction after the blinding processing to obtain a blinding processing transaction signature; sending the blinded transaction signature to the client;
the client receives a blinded transaction signature sent by the digital asset trustee end;
and the client side obtains the transaction signature according to the blinded transaction signature of the selected digital asset trustee end.
In a sixth aspect, there is provided a digital asset hosting system in a blockchain, the system comprising a client and a plurality of digital asset hosting pipes, wherein:
the client is used for conducting blind processing on the transaction to be signed; sending the transaction after the blinding processing to a preset number of digital asset trusteeship ends in all selected digital asset trusteeship ends; receiving a blinded transaction signature sent by the selected digital asset trustee end; obtaining the transaction signature of the client according to the blinded transaction signature of the selected digital asset management end;
the digital asset trusteeship end is used for receiving the transaction after the blinding processing sent by the client; signing the transaction after the blinding processing by using a private key sent by the client to obtain a blinded transaction signature; and sending the blinded transaction signature to the client.
The embodiment of the specification adopts at least one technical scheme which can achieve the following beneficial effects:
according to the technical scheme, the transaction to be signed is blindly processed and then sent to the digital asset trustee end, the digital asset trustee end cannot know the transaction information of the client, privacy of the transaction information of a user is improved, and because only the preset number of digital asset trustee ends are arranged in all the digital asset trustee ends to carry out signature processing on the blindly processed transaction, when one digital asset trustee end fails, the blindly processed transaction can be signed by arranging other digital assets in all the digital asset trustee ends, asset loss caused by unreliability of the digital asset trustee end is prevented, and safety of the digital assets is improved.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present disclosure more clear, the technical solutions of the embodiments of the present disclosure will be clearly and completely described below with reference to the specific embodiments of the present disclosure and the accompanying drawings. It is to be understood that the embodiments described are only a few embodiments of the present disclosure, and not all embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments in the present specification without any creative effort belong to the protection scope of the embodiments in the present specification.
The technical solutions provided by the embodiments of the present description are described in detail below with reference to the accompanying drawings.
It should be noted that, in the embodiment of the present specification, the transaction to be signed is blindly processed and then sent to the digital asset trustee end, and the digital asset trustee end cannot know the transaction information of the client, so that privacy of the transaction information of the user is improved.
Example one
Referring to fig. 1, a schematic diagram of steps of a digital asset hosting method in a blockchain according to an embodiment of the present disclosure is provided. The embodiments of the present disclosure will be described in detail below with reference to the flow of steps shown in fig. 1.
Step 102: and the client performs blinding processing on the transaction to be signed.
In an embodiment of the present invention, when a user hosts a digital asset to a plurality of digital asset hosting organizations, it is first necessary to generate private key shares (a private key share refers to a private key in a key pair, but is generally referred to as a share in threshold cryptography) for the plurality of digital asset hosting organizations, and send the key pair to a corresponding digital asset hosting pipe. The communication mode in which the user sends the key pair using the client is also encrypted, and specifically, the sending mode in the prior art, for example, sending using a security protocol ssl (secure Sockets layer), may be used.
In the embodiment of the present invention, taking an example that a user hosts assets at three digital asset hosting organizations and uses signatures of two hosting parties to recover the signatures of the user, firstly, the user generates private keys for the three digital asset hosting organizations, and the specific manner is as follows:
let the private key of user be s ∈ Z
p,Z
pFor additive cyclic groups, the user public key is
User selection of a Z
pThe first-order polynomial P above satisfies the condition that P (0) is s, and s is calculated
1=P(1),s
2=P(2),s
3=P(3),
The key pairs of the three asset hosting organizations, namely the public and private key pairs are respectively: (s)1,v1),(s2,v2),(s3,v3). The user uses the client to manage the public and private of the organizationThe key pair is sent to the corresponding digital asset hosting facility.
Wherein the public parameter is (G)1,G2,GT,e,g1,g2P, h) in which G1,G2Is a multiplication cyclic group of order p, the generators are each g1、g2And e is a bilinear map: g1*G2→GTH (-) is the hash function: {0,1}*→G1。
If the user needs to sign the transaction Tx, the user blinds the transaction Tx, and the specific processing mode is as follows:
and carrying out hash operation on the transaction to be signed to obtain a hash value h (Tx) of the transaction to be signed, wherein h (·) represents a hash function.
And respectively carrying out exponential operation of the Lagrange coefficient of the selected digital asset trustee end on the hash value to obtain the transaction after the blinding processing.
Two digital asset hosting mechanisms 1 and 2, λ, may be selected among the three digital asset hosting mechanisms
1And λ
2Lagrangian coefficients for the selected two digital asset hosting facilities respectively,
mod represents the remainder, then the digital asset hosting facilities 1 and 2 are respectively for the blinded transactions
Step 104: and the client sends the transaction after the blinding processing to the digital asset management ends with preset quantity in all the selected digital asset management ends.
In the embodiment of the invention, a user hosts the digital assets to a plurality of hosting organizations, and when the transaction needs to be signed, a preset number of digital asset hosting organizations in all the digital asset hosting organizations can be selected to sign the transaction. For example, two hosting institutions are selected from three digital asset hosting institutions to sign the transaction.
The preset number can be flexibly set as required, and the preset number can be set to be smaller than the total number of the digital asset hosting mechanisms.
Step 106: and the digital asset hosting end signs the transaction after the blinding processing to obtain a blinding processing transaction signature.
In this step, the digital asset escrow end uses the private key sent by the client to sign the transaction after the blinding process.
The digital asset hosting organization 1 signs the transaction after the blinding process by using a private key, and the obtained transaction signature is as follows:
the digital asset hosting mechanism 2 signs the transaction after the blinding process by using a private key, and the obtained transaction signature is as follows:
step 108: the digital asset trustee end sends the blinded transaction signature to the client.
Step 110: the client receives the blinded transaction signature.
Step 112: and the client side obtains the transaction signature of the client side according to the blinding processing transaction signature of the selected digital asset management end.
In the embodiment of the invention, before the transaction signature is blinded according to the selected digital asset trusteeship end, the blinded transaction signature sent by the digital asset trusteeship end can be verified to determine whether the signature is correct, and the following formula is specifically adopted:
wherein Tx is the transaction to be signed, and m is the number of selected digital asset hosted ends;
and (4) confirming whether the left side and the right side of the equal sign of the above formula are equal or not, and if so, judging that the signature is correct.
When the signature is confirmed to be correct, the transaction signature of the user is determined by adopting the following formula:
δ=δ1δ2…δi=h(Tx)S;
where h (-) represents a hash function, Tx is the transaction to be signed, s is the private key, δiTo blindly process the transaction signature for the ith digital asset trustee end, i is 1,2, … n, n is a preset number of digital asset trustees ends.
And after determining the transaction signature, the user packs the transaction signature and the transaction content and sends the transaction signature and the transaction content to the blockchain.
In the embodiment of the invention, the private key s of the escrow mechanism i is selected for the description simplicityiTo P (i), a secret large number x may be chosen in practiceiTo calculate siP (i) as private key of escrow mechanism i, xiOnly the user knows, therefore, the hosting organization i cannot calculate the lambda of the hosting organization i, and therefore the privacy of the user is guaranteed.
In the above embodiment, if the hosting organization 1 of the digital asset hosting organizations 1 and 2 fails, the user can reselect the hosting organizations 2 and 3 to sign the transaction, thereby avoiding the security problem of the digital asset due to single point failure.
According to the embodiment of the invention, the transaction to be signed is blindly processed and then sent to the digital asset trustee end, the digital asset trustee end cannot acquire the transaction information of the client, so that the privacy of the transaction information of a user is improved, and because only a preset number of digital asset trustee ends are arranged in all the digital asset trustee ends to sign the blindly processed transaction, when one of the digital asset trustee ends fails, the blindly processed transaction can be signed by arranging other digital assets in all the digital asset trustee ends, so that the asset loss caused by unreliability of the digital asset trustee end is prevented, and the safety of the digital assets is improved.
Example two
The electronic apparatus of the embodiment of the present specification is described in detail below with reference to fig. 2. Referring to fig. 2, at a hardware level, the electronic device includes a processor, and optionally further includes an internal bus, a network interface, and a memory. The Memory may include a Memory, such as a Random-Access Memory (RAM), and may further include a Non-Volatile Memory (Non-Volatile Memory), such as at least 1 disk Memory. Of course, the electronic device may also include hardware required for other services.
The processor, the network interface, and the memory may be interconnected by an internal bus, which may be an Industry Standard Architecture (ISA) bus, a Peripheral Component Interconnect (PCI) bus, an Extended ISA (EISA) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one double-headed arrow is shown in FIG. 2, but this does not indicate only one bus or one type of bus.
And the memory is used for storing programs. In particular, the program may include program code comprising computer operating instructions. The memory may include both memory and non-volatile storage and provides instructions and data to the processor.
The processor reads the corresponding computer program from the nonvolatile memory into the memory and then runs the computer program to form the content recommendation device on a logic level. And the processor is used for executing the program stored in the memory and is specifically used for executing the method operation executed when the server is taken as an execution main body.
The method disclosed in the embodiment of fig. 1 in the present specification may be applied to a processor, or may be implemented by a processor. The processor may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or instructions in the form of software. The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components. The various methods, steps and logic blocks disclosed in the embodiments of the present specification may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with the embodiments of the present specification may be embodied directly in a hardware decoding processor, or in a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in a memory, and a processor reads information in the memory and completes the steps of the method in combination with hardware of the processor.
The electronic device may also execute the method of fig. 1, and implement the functions of the embodiment shown in fig. 1, which is applied to a client for digital asset hosting in a block chain, and the embodiments of this specification are not described herein again.
Of course, besides the software implementation, the electronic device of the embodiment of the present disclosure does not exclude other implementations, such as a logic device or a combination of software and hardware, and the like, that is, the execution subject of the following processing flow is not limited to each logic unit, and may also be hardware or a logic device.
EXAMPLE III
The present specification embodiments also provide a computer-readable storage medium storing one or more programs which, when executed by an electronic device including a plurality of application programs, cause the electronic device to perform the following:
the client-side carries out blinding processing on the transaction to be signed;
the client sends the transaction after the blinding processing to the selected digital asset trusteeship end;
the digital asset hosting end signs the transaction after the blinding processing to obtain a blinding processing transaction signature; sending the blinded transaction signature to the client;
the client receives a blinded transaction signature sent by the digital asset trustee end;
and the client side obtains the transaction signature according to the blinded transaction signature of the selected digital asset trustee end.
The computer-readable storage medium may be a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk.
Example four
Referring to fig. 3, a schematic structural diagram of a client, provided in this specification, for digital asset hosting in a blockchain, mainly includes:
a blinding processing module 302, configured to blindly process a transaction to be signed;
a sending module 304, configured to send the blinded transaction to a selected digital asset hosting end;
a receiving module 306, configured to receive a blinded transaction signature sent by the digital asset trustee;
and the signature processing module 308 is configured to obtain the transaction signature of the client according to the blinded transaction signature of the selected digital asset trustee end.
The blinding processing module is specifically configured to:
carrying out hash operation on the transaction to be signed to obtain a hash value of the transaction to be signed;
and respectively carrying out exponential operation of Lagrange coefficients of the selected digital asset trusteeship ends on the hash values to obtain the transaction after the blinding processing.
The sending module is further configured to send a private key, so that the digital asset trustee end uses the private key to sign the transaction after the blinding process to obtain a blinding process transaction signature.
The client further comprises:
the verification module 310 is configured to verify that the signature of the blinded transaction signature sent by the digital asset trustee is correct before obtaining the transaction signature of the client according to the blinded transaction signature of the selected digital asset trustee.
The verification module 310 is specifically configured to determine whether the left and right of the equal sign of the following formula are equal:
where Tx is the transaction to be signed, m is the number of digital asset hosted ends selected, e is the bilinear map: g1*G2→GTH (-) is the hash function: {0,1}*→G1,G1,G2Is a multiplication cyclic group of order p, the generators are each g1、g2,δiFor blinding transaction signatures for ith digital asset hosted end, viReceiving the client's private key, λ, for the ith digital asset escrow endiLagrange coefficients for the stinger end of the ith selected digital asset;
and if the left side and the right side of the formula equal number are equal, the signature of the blinded transaction signature transmitted by the digital asset trustee end is confirmed to be correct.
The signature processing module is specifically configured to:
and determining the transaction signature of the client by adopting the following formula according to the blinded transaction signature of each digital asset trustee end:
δ=δ1δ2…δi=h(Tx)S;
where h (-) represents a hash function, Tx is the transaction to be signed, s is the private key, δiTo blindly process the transaction signature for the ith digital asset trustee end, i is 1,2, … n, n is a preset number of digital asset trustees ends.
EXAMPLE five
Referring to fig. 4, a schematic structural diagram of a digital asset hosting device in a blockchain provided for an embodiment of the present specification, the device includes:
a receiving module 402, configured to receive a transaction after blinding processing sent by a client;
a signature module 404, configured to sign the transaction after the blinding process, so as to obtain a blinded transaction signature;
a sending module 406, configured to send the blinded transaction signature to the client.
The signature module 404 is specifically configured to:
and signing the transaction after the blinding processing by using a private key sent by the client to obtain a blinded transaction signature.
EXAMPLE six
Referring to fig. 5, a schematic structural diagram of a digital asset hosting system in a block chain provided for an embodiment of the present specification includes a client 502 and a plurality of digital asset hosting ends 504, where:
the client 502 is configured to perform blind processing on a transaction to be signed; sending the transaction after the blinding processing to a preset number of digital asset trusteeship ends in all selected digital asset trusteeship ends; receiving a blinded transaction signature sent by the selected digital asset trustee end; processing the blinded transaction signature of the selected digital asset trustee end to obtain the transaction signature of the client;
the digital asset trustee end 504 is used for receiving the transaction after the blinding processing sent by the client; signing the transaction after the blinding processing by using a private key sent by the client to obtain a blinded transaction signature; and sending the blinded transaction signature to the client.
The client performs blind processing on the transaction to be signed, and specifically comprises the following steps: carrying out hash operation on the transaction to be signed to obtain a hash value of the transaction to be signed; and respectively carrying out exponential operation of Lagrange coefficients of the selected digital asset trusteeship ends on the hash values to obtain the transaction after the blinding processing.
The client obtains the transaction signature of the client according to the blinding transaction signature of the selected digital asset management end, and specifically comprises the following steps:
and determining the transaction signature of the client by adopting the following formula according to the blinded transaction signature of each digital asset trustee end:
δ=δ1δ2…δi=h(Tx)S;
where h (-) represents a hash function, Tx is the transaction to be signed, s is the private key, δiTo blindly process the transaction signature for the ith digital asset trustee end, i is 1,2, … n, n is a preset number of digital asset trustees ends.
According to the embodiment of the invention, the transaction to be signed is blindly processed and then sent to the digital asset trustee end, the digital asset trustee end cannot acquire the transaction information of the client, so that the privacy of the transaction information of a user is improved, and because only a preset number of digital asset trustee ends are arranged in all the digital asset trustee ends to sign the blindly processed transaction, when one of the digital asset trustee ends fails, the blindly processed transaction can be signed by arranging other digital assets in all the digital asset trustee ends, so that the asset loss caused by unreliability of the digital asset trustee end is prevented, and the safety of the digital assets is improved.
In short, the above description is only a preferred embodiment of the present disclosure, and is not intended to limit the scope of the present disclosure. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the embodiments of the present disclosure should be included in the protection scope of the embodiments of the present disclosure.
The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. One typical implementation device is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The embodiments in the present specification are all described in a progressive manner, and the same and similar parts among the embodiments can be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.