CN110264197B - Receipt storage method and node combining event function type and judgment condition - Google Patents
Receipt storage method and node combining event function type and judgment condition Download PDFInfo
- Publication number
- CN110264197B CN110264197B CN201910419959.1A CN201910419959A CN110264197B CN 110264197 B CN110264197 B CN 110264197B CN 201910419959 A CN201910419959 A CN 201910419959A CN 110264197 B CN110264197 B CN 110264197B
- Authority
- CN
- China
- Prior art keywords
- event function
- log
- transaction
- contract
- special event
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3823—Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
Abstract
One or more embodiments of the present specification provide a receipt storage method and a node in combination with an event function type and a judgment condition, the method may include: the first block chain node receives encrypted transaction for calling the intelligent contract; decrypting the transaction in a trusted execution environment by a first blockchain node to obtain the smart contract, the smart contract comprising a special event function; executing the intelligent contract in the trusted execution environment by a first blockchain node to obtain receipt data, wherein the receipt data comprises a log corresponding to the special event function; and storing the receipt data by a first block chain link point, so that at least one log field meeting a preset condition in the log corresponding to the special event function is stored in a plaintext form, and the rest content of the receipt data is stored in a ciphertext form.
Description
Technical Field
One or more embodiments of the present disclosure relate to the field of block chain technology, and in particular, to a receipt storage method and node combining event function types and determination conditions.
Background
The blockchain technique is built on top of a transport network, such as a point-to-point network. Network nodes in a transport network utilize a chained data structure to validate and store data and employ a distributed node consensus algorithm to generate and update data.
The two biggest challenges in the current enterprise-level blockchain platform technology are privacy and performance, which are often difficult to solve simultaneously. Most solutions trade privacy for loss of performance or do not consider privacy much to pursue performance. Common encryption technologies for solving privacy problems, such as Homomorphic encryption (Homomorphic encryption) and Zero-knowledge proof (Zero-knowledge proof), have high complexity and poor universality, and may cause serious performance loss.
Trusted Execution Environment (TEE) is another way to address privacy concerns. The TEE can play a role of a black box in hardware, a code and data operating system layer executed in the TEE cannot be peeped, and the TEE can be operated only through an interface defined in advance in the code. In the aspect of efficiency, due to the black box property of the TEE, plaintext data is operated in the TEE instead of complex cryptography operation in homomorphic encryption, and the efficiency of the calculation process is not lost, so that the safety and privacy of a block chain can be improved to a great extent on the premise of small performance loss by combining with the TEE. The industry is concerned with TEE solutions, and almost all mainstream chip and Software consortiums have their own TEE solutions, including Software-oriented TPM (Trusted Platform Module) and hardware-oriented Intel SGX (Software Guard Extensions), ARM Trustzone (Trusted zone), and AMD PSP (Platform Security Processor).
Disclosure of Invention
In view of the above, one or more embodiments of the present specification provide a receipt storage method and node that combine an event function type and a judgment condition.
To achieve the above object, one or more embodiments of the present disclosure provide the following technical solutions:
according to a first aspect of one or more embodiments of the present specification, there is provided a receipt storing method combining an event function type and a judgment condition, including:
the first block chain node receives encrypted transaction for calling the intelligent contract;
decrypting the transaction in a trusted execution environment by a first blockchain node to obtain the smart contract, the smart contract comprising a special event function;
executing the intelligent contract in the trusted execution environment by a first blockchain node to obtain receipt data, wherein the receipt data comprises a log corresponding to the special event function;
and storing the receipt data by a first block chain link point, so that at least one log field meeting a preset condition in the log corresponding to the special event function is stored in a plaintext form, and the rest content of the receipt data is stored in a ciphertext form.
According to a second aspect of one or more embodiments of the present specification, there is provided a receipt storage node combining an event function type and a judgment condition, including:
a receiving unit that receives the encrypted transaction for calling the smart contract;
a decryption unit to decrypt the transaction in a trusted execution environment to obtain the smart contract, the smart contract comprising a special event function;
an execution unit that executes the smart contract in the trusted execution environment, resulting in receipt data that includes a log corresponding to the special event function;
and the storage unit is used for storing the receipt data, so that at least one log field meeting a preset condition in the log corresponding to the special event function is stored in a plaintext form, and the rest content of the receipt data is stored in a ciphertext form.
According to a third aspect of one or more embodiments of the present specification, there is provided an electronic apparatus including:
a processor;
a memory for storing processor-executable instructions;
wherein the processor implements the method of the first aspect by executing the executable instructions.
According to a fourth aspect of one or more embodiments of the present description, a computer-readable storage medium is presented, having stored thereon computer instructions which, when executed by a processor, implement the steps of the method according to the first aspect.
Drawings
FIG. 1 is a schematic diagram of creating an intelligent contract, provided by an exemplary embodiment.
FIG. 2 is a schematic diagram of a calling smart contract provided by an exemplary embodiment.
FIG. 3 is a flowchart of a receipt storage method incorporating event function types and judgment conditions according to an exemplary embodiment.
Fig. 4 is a schematic diagram of implementing privacy protection at block link points according to an exemplary embodiment.
Fig. 5 is a schematic diagram of the functional logic for implementing a blockchain network via system contracts and chain code in accordance with an exemplary embodiment.
FIG. 6 is a block diagram of a receipt storage node incorporating event function types and decision conditions provided by an exemplary embodiment.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the following exemplary embodiments do not represent all implementations consistent with one or more embodiments of the present specification. Rather, they are merely examples of apparatus and methods consistent with certain aspects of one or more embodiments of the specification, as detailed in the claims which follow.
It should be noted that: in other embodiments, the steps of the corresponding methods are not necessarily performed in the order shown and described herein. In some other embodiments, the method may include more or fewer steps than those described herein. Moreover, a single step described in this specification may be broken down into multiple steps for description in other embodiments; multiple steps described in this specification may be combined into a single step in other embodiments.
Blockchains are generally divided into three types: public chain (Public Blockchain), Private chain (Private Blockchain) and alliance chain (Consortium Blockchain). In addition, there are various types of combinations, such as private chain + federation chain, federation chain + public chain, and other different combinations. The most decentralized of these is the public chain. The public chain is represented by bitcoin and ether house, and the participators joining the public chain can read the data record on the chain, participate in transaction, compete for accounting right of new blocks, and the like. Furthermore, each participant (i.e., node) is free to join and leave the network and perform related operations. Private chains are the opposite, with the network's write rights controlled by an organization or organization and the data read rights specified by the organization. Briefly, a private chain can be a weakly centralized system with strictly limited and few participating nodes. This type of blockchain is more suitable for use within a particular establishment. A federation chain is a block chain between a public chain and a private chain, and "partial decentralization" can be achieved. Each node in a federation chain typically has a physical organization or organization corresponding to it; participants jointly maintain blockchain operation by authorizing to join the network and forming a benefit-related alliance.
Whether public, private, or alliance, may provide the functionality of an intelligent contract. An intelligent contract on a blockchain is a contract that can be executed on a blockchain system triggered by a transaction. An intelligent contract may be defined in the form of code.
Taking the ethernet as an example, the support user creates and invokes some complex logic in the ethernet network, which is the biggest challenge of ethernet to distinguish from bitcoin blockchain technology. The core of the ethernet plant as a programmable blockchain is the ethernet plant virtual machine (EVM), each ethernet plant node can run the EVM. The EVM is a well-behaved virtual machine, which means that a variety of complex logic can be implemented through it. The user issuing and invoking smart contracts in the etherhouse is running on the EVM. In fact, what the virtual machine directly runs is virtual machine code (virtual machine bytecode, hereinafter referred to as "bytecode"). The intelligent contracts deployed on the blockchain may be in the form of bytecodes.
For example, as shown in fig. 1, after Bob sends a transaction containing information to create an intelligent contract to the ethernet network, the EVM of node 1 may execute the transaction and generate a corresponding contract instance. The "0 x6f8ae93 …" in fig. 1 represents the address of the contract, the data field of the transaction holds the byte code, and the to field of the transaction is empty. After agreement is reached between the nodes through the consensus mechanism, this contract is successfully created and can be invoked in subsequent procedures. After the contract is created, a contract account corresponding to the intelligent contract appears on the blockchain and has a specific address, and the contract code is stored in the contract account. The behavior of the intelligent contract is controlled by the contract code. In other words, an intelligent contract causes a virtual account to be generated on a blockchain that contains a contract code and an account store (Storage).
As shown in fig. 2, still taking an ethernet house as an example, after Bob sends a transaction for invoking an intelligent contract to the ethernet house network, the EVM of a certain node may execute the transaction and generate a corresponding contract instance. The from field of the transaction in fig. 2 is the address of the account of the transaction initiator (i.e., Bob), the "0 x6f8ae93 …" in the to field represents the address of the smart contract called, and the value field is the value of tai-currency in the etherhouse, and the data field of the transaction holds the method and parameters for calling the smart contract. The intelligent contract is independently executed at each node in the blockchain network in a specified mode, and all execution records and data are stored on the blockchain, so that after the transaction is completed, transaction certificates which cannot be tampered and cannot be lost are stored on the blockchain.
After executing Bob-initiated transaction, a node in the blockchain network generates corresponding receipt (receipt) data for recording receipt information related to the transaction. Taking the ether house as an example, the receipt data obtained by the node executing the transaction may include the following:
a Result field indicating the execution Result of the transaction;
a Gas used field representing a Gas value consumed by the transaction;
a Logs field for representing a Log generated by the transaction, wherein the Log may further comprise a From field for representing an account address of an initiator of the call, a To field for representing an account address of an object (such as a smart contract) To be called, a Topic field for representing a subject of the Log, a Log data field for representing Log data, and the like;
an Output field, representing the Output of the transaction.
Wherein the journal is a function provided in the ether house. During the running process of the code of the intelligent contract, the logs generated by various events contained in the code can be recorded. The log allows the details of the event To be recorded, such as the From field and To field mentioned above can indicate the accounts of both parties involved in the transaction, and the Topic field can contain the values of state variables and the like referenced by the event after the code is executed. Thus, the log can be used to drive related operations in addition to being used as relevant evidence after the transaction is performed on the blockchain. For example, a callback function of JavaScript may be used to listen to an event, and a corresponding log may be generated when the event is triggered, so that by retrieving log content, a DAPP (Decentralized Application) client may be driven to perform a related processing operation when retrieving preset log content, and the like.
In the related art, the entire contents of receipt data generated within the TEE are stored encrypted on the blockchain as data requiring privacy protection. The block chain is a data set organized by specific logics stored in a database of nodes. The database, as described later, may be a storage medium, such as a persistent storage medium, in physical carrier. When the log included in the receipt data is stored in an encrypted manner, the retrieval operation for the log may not be normally performed, thereby affecting the execution of the relevant processing operation by the DAPP client.
The following describes the implementation process of an embodiment of a receipt storing method combining event function types and judgment conditions according to the present application with reference to fig. 3:
at step 302, a first block link point receives an encrypted transaction invoking a smart contract.
In one embodiment, a user may generate a transaction directly on a first blockchain node; alternatively, the user may generate a transaction on the client and send the transaction to the first blockchain node through the client; alternatively, the client may send the transaction to the second blockchain node and send the transaction to the first blockchain node by the second blockchain node.
In one embodiment, when a transaction is used to invoke a smart contract, the transaction content may include the account address of the invoked smart contract, the methods and parameters that need to be passed in, and the like.
At step 304, the first blockchain node decrypts the transaction in the trusted execution environment to obtain the intelligent contract, the intelligent contract comprising a special event function.
In one embodiment, a smart contract may contain one or more events, each event for implementing predefined associated processing logic. After each event included in the intelligent contract is called and executed, a corresponding Logs field is generated, for example, when the intelligent contract includes event 1 and event 2, event 1 may generate a corresponding Logs field, and event 2 may generate a corresponding Logs field, so that the receipt data corresponding to the intelligent contract includes multiple Logs fields at the same time.
In one embodiment, the events contained in the smart contract can be divided into special event functions and general event functions, wherein: the log generated by the common event function is stored in a ciphertext mode so as to realize privacy protection; the log generated by the special event function needs to store at least a part of log fields (such as the exposed log field hereinafter) in a clear text form on the premise of meeting the requirement of privacy protection, so that retrieval can be carried out on the content of the part of log fields to drive implementation of related operations.
In an embodiment, the special event function may be a predefined global event function in the blockchain network. For example, in a chain code or a system contract of a block chain network, event functions belonging to "special event functions" may be recorded, for example, in a special event function list; accordingly, by comparing the event function included in the intelligent contract with the above-mentioned special event function list, it can be determined whether the event function included in the intelligent contract is the above-mentioned special event function.
In one embodiment, the special event function can be any function customized in the intelligent contract, and the event function can be marked as the special event function by adding a type identifier for the event function in the intelligent contract. For example, in the Solidity language, the code of the event function included in the smart contract is as follows:
Event buy_candy1expose(who,candy_num);
Event buy_candy2(who,candy_num);
in the code example described above, the smart contract defines 2 events: event buy _ candy1 and event buy _ candy 2. The event buy _ candy1 can be marked as the special event function described above by adding the type identifier "expose" to the event buy _ candy 1; accordingly, since the type identifier "expose" is not included in the event buy _ ready 2, the event buy _ ready 2 is a general event function, not the special event function described above.
Many high-level languages supported by etherhouses, such as Solidity, Serpent, LLL, etc., may contain the type identifier described above. The intelligent contract written in the high-level language can be compiled into a corresponding byte code through a compiler, and the first block link point finally executes the intelligent contract in the form of the byte code in the EVM virtual machine. Then, the type identifiers may be the same in the intelligent contract codes in the high-level language and the bytecode, or the intelligent contract codes in the high-level language may be the first type identifiers and the intelligent contract codes in the bytecode may be the second type identifiers, and the first type identifiers and the second type identifiers may correspond to each other.
In an embodiment, by encrypting the transaction content, the encrypted transaction can be in a privacy protection state, and the transaction content is prevented from being exposed. For example, the transaction content may include information such as an account address of the transaction initiator and an account address of the transaction target, and the encryption process may ensure that none of the transaction content can be directly read.
In an embodiment, the transaction may be encrypted by a symmetric encryption algorithm or may be encrypted by an asymmetric encryption algorithm. The encryption algorithm used for symmetric encryption is, for example, DES algorithm, 3DES algorithm, TDEA algorithm, Blowfish algorithm, RC5 algorithm, IDEA algorithm, etc. Examples of asymmetric encryption algorithms are RSA, Elgamal, knapsack Algorithm, Rabin, D-H, ECC (elliptic curve encryption Algorithm), etc.
In one embodiment, the transaction may be encrypted by combining a symmetric encryption algorithm with an asymmetric encryption algorithm. Taking the example that the client submits the transaction to the first blockchain node, the client may encrypt the transaction content using a symmetric encryption algorithm, that is, encrypt the transaction content using a key of the symmetric encryption algorithm, and encrypt the key used in the symmetric encryption algorithm using an asymmetric encryption algorithm, for example, encrypt the key used in the symmetric encryption algorithm using a public key of the asymmetric encryption algorithm. Therefore, after the first block chain node receives the encrypted transaction, the first block chain node can firstly decrypt by using the private key of the asymmetric encryption algorithm to obtain the key of the symmetric encryption algorithm, and then decrypt by using the key of the symmetric encryption algorithm to obtain the transaction content.
When the transaction is used to invoke a smart contract, it may be an invocation of multiple nested structures. For example, a transaction directly calls intelligent contract 1, while the code of intelligent contract 1 calls intelligent contract 2, and the code in intelligent contract 2 points to the contract address of intelligent contract 3, so that the transaction actually indirectly calls the code of intelligent contract 3, while intelligent contract 3 includes some event function. Thus, it is equivalent to the event function included in the intelligent contract 1. The specific implementation process is similar to the above process, and is not described herein again.
As described above, when executing the code of the intelligent contract, the first blockchain node generates a corresponding Logs field for each event function included in the code, that is, generates a log corresponding to each event function. By determining the special event function, the log corresponding to the special event function can be further determined, and under the condition that at least one part of log fields corresponding to the special event function meet the preset conditions, the at least one part of log fields are allowed to be stored in a plaintext form.
In one embodiment, for example, in an ethernet, after receiving a transaction for invoking an intelligent contract sent by a client, the first block node may check whether the transaction is valid, whether the format is correct, whether the signature of the transaction is valid, and the like.
Typically, the nodes in the Etherhouse are also accounting contested nodes, and thus the first blockchain node can perform the transaction locally as accounting contested node. If one of the nodes competing for accounting rights wins the current round of accounting rights, the node becomes the accounting node. If the first block link point wins the accounting right in the current round, the first block link point becomes an accounting node; of course, if the first block link point does not win in the process of competing for accounting rights in the current round, it is not an accounting node, and other nodes may become accounting nodes.
An intelligent contract is similar to a class in object-oriented programming, with the result of execution generating a contract instance corresponding to the intelligent contract, similar to generating an object corresponding to a class. Executing code in the transaction to create the intelligent contract creates a contract account and deploys the contract in the account space. In the etherhouse, the address of the intelligent contract account is generated by an encryption algorithm by taking the address of the sender (e.g., "0 xf5e …" in fig. 1-2) and a transaction random number (nonce) as input, such as the contract address "0 x6f8ae93 …" in fig. 1-2, i.e., by the address of the sender "0 xf5e …" and the nonce in the transaction.
In general, in a blockchain network supporting intelligent contracts using consensus algorithms such as Proof of Work (POW) and Proof of equity (POS), Proof of commission (DPOS), nodes competing for accounting rights may execute a transaction including creation of an intelligent contract after receiving the transaction. One of the nodes competing for the accounting right wins the accounting right in the current round of the accounting right competition, and becomes the accounting node. The accounting node may package the transaction containing the smart contract with other transactions and generate a new block, and send the generated new block to other nodes for consensus.
For a block chain network supporting an intelligent contract by using a Practical Byzantine Fault Tolerance (PBFT) mechanism and the like, nodes with the accounting right are already agreed before accounting in the current round. Therefore, after the first block link node receives the transaction, if the first block link node is not the accounting node of the current round, the transaction can be sent to the accounting node. For the accounting node of the current round (which may be the first blockchain node), the transaction may be performed during or before the process of packaging the transaction and generating the new tile, or during or before the process of packaging the transaction with other transactions and generating the new tile. After the accounting node packages the transaction (or packages other transactions together) and generates a new block, the generated new block or a block header is sent to other nodes for consensus.
As described above, in the blockchain network supporting the intelligent contract using the POW mechanism or the blockchain network supporting the intelligent contract using the POS, DPOS, or PBFT mechanisms, the accounting node in the current round may package the transaction and generate a new block, and send the block header after the generated new block to other nodes for consensus. If the other nodes verify that no problem exists after receiving the block, the new block can be added to the tail of the original block chain, so that the accounting process is completed, and consensus is achieved; and if the transaction is used for calling the intelligent contract, the calling and executing of the intelligent contract are finished. Other nodes may also perform transactions in the block while verifying the new block or block header sent by the accounting node.
The execution process may be generally performed by a virtual machine. Taking the ethernet house as an example, the support user creates and/or invokes some complex logic in the ethernet house network, which is the biggest challenge of the ethernet house to distinguish from the bitcoin blockchain technology. The core of an etherhouse as a programmable block chain is an Etherhouse Virtual Machine (EVM), and each etherhouse node can run the EVM. The EVM is a well-behaved virtual machine, which means that a variety of complex logic can be implemented through it. The user issuing and invoking smart contracts in the etherhouse is running on the EVM.
In this embodiment, the first block link point may execute the code of the decrypted smart contract in a Trusted Execution Environment (TEE). For example, as shown in fig. 4, the first block node may be divided into a regular execution environment (left side in the figure) and a TEE, a transaction submitted by a client (as described above, the transaction may have other sources; the transaction submitted by the client is taken as an example for explanation here) first enters a "transaction/query interface" in the regular execution environment to be identified, a transaction without a privacy processing requirement may be left in the regular execution environment to be processed (whether the privacy processing requirement exists may be identified here according to a user type of a transaction initiator, a transaction type, an identifier included in the transaction, and the like), and a transaction with the privacy processing requirement may be transferred to the TEE to be processed. The TEE is isolated from the regular execution environment. The transaction is in an encrypted state before entering the TEE, and is decrypted into plaintext transaction content in a trusted execution environment, so that the plaintext transaction content can be efficiently processed in the TEE on the premise of ensuring data security, and plaintext receipt data is generated in the TEE.
The TEE is a trusted execution environment that is based on a secure extension of the CPU hardware and is completely isolated from the outside. TEE was originally proposed by Global Platform to address the secure isolation of resources on mobile devices, providing a trusted and secure execution environment for applications parallel to the operating system. The Trust Zone technology of ARM realizes the real commercial TEE technology at the earliest. Along with the rapid development of the internet, the security requirement is higher and higher, and more requirements are provided for the TEE by mobile equipment, cloud equipment and a data center. The concept of TEE has also been developed and expanded at a high rate. The concept now referred to as TEE has been a more generalized TEE than the concept originally proposed. For example, server chip manufacturers Intel, AMD, etc. have introduced hardware-assisted TEE in turn and enriched the concept and characteristics of TEE, which have gained wide acceptance in the industry. The mention of TEE now is more generally directed to such hardware assisted TEE techniques. Unlike the mobile terminal, the cloud access requires remote access, and the end user is not visible to the hardware platform, so the first step of using the TEE is to confirm the authenticity and credibility of the TEE. Therefore, the current TEE technology introduces a remote attestation mechanism which is endorsed by a hardware manufacturer (mainly a CPU manufacturer) and ensures that a user can verify the TEE state through a digital signature technology. Meanwhile, the security requirement which cannot be met by only safe resource isolation is also met, and further data privacy protection is also provided. Commercial TEE including Intel SGX, AMD SEV also provide memory encryption techniques, limiting trusted hardware within the CPU, with the data of the bus and memory being ciphertext to prevent snooping by malicious users. For example, TEE technology such as intel's software protection extensions (SGX) isolates code execution, remote attestation, secure configuration, secure storage of data, and trusted paths for executing code. Applications running in the TEE are secured and are almost impossible to access by third parties.
Taking the Intel SGX technology as an example, SGX provides an enclosure (also called enclave), that is, an encrypted trusted execution area in memory, and a CPU protects data from being stolen. Taking the example that the first block link point adopts a CPU supporting SGX, a part of an area EPC (enclosure Page Cache, Enclave Page Cache, or Enclave Page Cache) may be allocated in the memory by using a newly added processor instruction, and data therein is encrypted by an Encryption engine mee (memory Encryption engine) in the CPU. The encrypted content in the EPC is decrypted into plaintext only after entering the CPU. Therefore, in the SGX, a user may not trust an operating System, a VMM (Virtual Machine Monitor), or even a BIOS (Basic Input Output System), and only need to trust the CPU to ensure that private data is not leaked. In practical application, the private data can be encrypted and then transmitted to the enclosure in a ciphertext form, and the corresponding secret key is transmitted to the enclosure through remote certification. Then, the operation is performed by using the data under the encryption protection of the CPU, and the result is returned in a ciphertext form. In this mode, not only can the powerful calculation be utilized, but also data leakage is not worried about.
As described above, by executing the decrypted transaction content in the TEE, the execution process may be assured of being completed within the trusted environment to ensure that private information is not revealed. When the transaction with the privacy processing requirement is used for creating the intelligent contract, the transaction comprises the code of the intelligent contract, and the first block link point can decrypt the transaction in the TEE to obtain the code of the intelligent contract contained in the transaction and further execute the code in the TEE. When the transaction requiring privacy processing is used for invoking the intelligent contract, the first block link point may execute the code in the TEE (if the invoked intelligent contract handles the encryption state, the intelligent contract needs to be decrypted in the TEE to obtain the corresponding code). Specifically, the first block link point may allocate a part of the area EPC in the memory by using a processor instruction newly added in the CPU, and encrypt the plaintext code by using an encryption engine MEE in the CPU and store the plaintext code in the EPC. The encrypted content in the EPC enters the CPU and is decrypted into plaintext. And in the CPU, the operation is carried out on the code of the plaintext, and the execution process is completed. For example, in SGX technology, the EVM may be loaded into the enclosure by executing the plaintext code of the smart contract. In the remote certification process, the key management server can calculate a hash value of the local EVM code, compare the hash value with the hash value of the EVM code loaded in the first block chain link point, and correctly use a comparison result as a necessary condition for passing the remote certification, thereby completing measurement of the code loaded on the SGX enclosure of the first block chain node. Measured, the correct EVM can execute the code of the intelligent contract described above in the SGX.
And 308, storing the receipt data by the first block chain link point, so that at least one log field meeting a preset condition in the log corresponding to the special event function is stored in a plaintext form, and the rest content of the receipt data is stored in a ciphertext form.
In one embodiment, for a log corresponding to a special event function in receipt data, all log fields of the log may be compared with corresponding preset conditions, and all log fields satisfying the preset conditions may be stored in a clear text form. Accordingly, log fields corresponding to special event functions but satisfying preset conditions, logs corresponding to common event functions, other receipt contents in the receipt data, and the like are all stored in a ciphertext form.
In one embodiment, for the log corresponding to the special event function in the receipt data, the exposed log field corresponding to the special event function can be determined, and the exposed log field is compared with the corresponding preset condition, so that the exposed log field meeting the preset condition is stored in a clear text form. The exposed log field usually involves relatively less privacy content or does not involve core privacy content, and the risk of storing in a clear text form is relatively low; whereas non-exposed log fields may relate to relatively more or relatively more important privacy content, storage in ciphertext form may ensure that the core purpose of privacy protection is not violated. And through judging by combining with preset conditions, the privacy content which is not suitable for disclosure and possibly contained in the exposed log field can be further screened out, so that the retrieval operation can be finished, and the privacy protection is realized as far as possible.
In one embodiment, the special event function includes an exposure log field that is marked by an exposure identifier. The first block link point may be determined by reading an exposure identifier included in the special event function and determining one or more log fields indicated by the exposure identifier as the exposure log fields. Taking the Solidity language as an example, the code of the special event function included in the intelligent contract is as follows:
Event buy_candy3expose_from(who,candy_num);
Event buy_candy4show_to(who,candy_num);
in the code example described above, the smart contract defines 2 events: event buy _ candy3 and event buy _ candy 4.
The event buy _ can 3 includes a type identifier "expose", and the event buy _ can 3 can be determined as a special event function according to the above description. Further, an exposed identifier "_ From" for designating a Log field From is included after the type identifier "expose", so that in the Log Logs generated corresponding To the event buy _ can 3, the From field will be stored in a plain text form, and the remaining To field, Topic field, Log data field, and the like are stored in a cipher text form.
Event buy _ candy4 does not contain a type identifier "expose"; however, if the event buy _ can 4 is the above-mentioned predefined special event function, for example, the event buy _ can 4 is located in the above-mentioned special event function list, then the event buy _ can 4 is determined to be a special event function. Further, the event buy _ candidate 4 includes an exposure identifier "show _ To" for indicating the Log field To, so that in the Log Logs generated corresponding To the event buy _ candidate 4, the To field will be stored in a plain text form, and the rest of the From field, the Topic field, the Log data field, and the like will be stored in a cipher text form.
Similar to the exposed log field marked by the exposed identifier, the special event function may include an encrypted log field marked by the encrypted identifier, and the exposed log field is the remaining other log field. Taking the Solidity language as an example, the code of the special event function included in the intelligent contract is as follows:
Event buy_candy5expose_hide_from(who,candy_num);
Event buy_candy6hide_to(who,candy_num);
in the code example described above, the smart contract defines 2 events: event buy _ candy5 and event buy _ candy 6.
The event buy _ can 5 includes a type identifier "expose", and the event buy _ can 5 can be determined as a special event function according to the above description. Further, an encryption identifier "hide _ From" is included after the type identifier "expose", and the encryption identifier "hide _ From" is used To mark the Log field From, so that in the Log Logs generated corresponding To the event buy _ candidate 5, the From field will be stored in a ciphertext form, and the rest of To field, Topic field, Log data field, etc. as exposed Log fields are all stored in a plaintext form.
Event buy _ candy6 does not contain a type identifier "expose"; however, if the event buy _ can 6 is the above-mentioned predefined special event function, for example, the event buy _ can 6 is located in the above-mentioned special event function list, then the event buy _ can 6 is determined to be a special event function. Further, the event buy _ can 6 includes an encryption identifier "hide _ To" for indicating the log field To, so that in the log Logs generated corresponding To the event buy _ can 6, the To field will be stored in a ciphertext form, and the rest of the From field, the Topic field, the log data field, and the like, which are used as exposed log fields, are stored in a plaintext form.
Many high-level languages supported by etherhouses, such as Solidity, Serpent, LLL, etc., may contain the exposed/encrypted identifiers described above. The exposed/encrypted identifiers may be the same in the high-level language and the bytecode-form intelligent contract code, or the high-level language intelligent contract code may be a first exposed/encrypted identifier and the bytecode-form intelligent contract code may be a second exposed/encrypted identifier, and the first exposed/encrypted identifier and the second exposed/encrypted identifier may correspond to each other.
Besides adding the above-mentioned exposure identifier or encryption identifier to the special event function to indicate the corresponding exposure log field, a mapping relationship between the special event function and the exposure log field or a mapping relationship between the special event function and the encryption log field may be predefined, so that the first block chain node may obtain the predefined mapping relationship, and determine the exposure log field corresponding to the special event function according to the special event function and the mapping relationship included in the intelligent contract.
For example, when the mapping relationship includes contents such as "Event busy _ can 7-From _ To", "Event busy _ can 8-Topic", if the smart contract includes the Event "Event busy _ can 7", the exposure log field corresponding To the Event "Event busy _ can 7" may be determined as the From field and the To field by querying the mapping relationship "Event busy _ can 7-From _ To", and if the smart contract includes the Event "Event busy _ can 8", the exposure log field corresponding To the Event "Event busy _ can 8" may be determined as the Topic field by querying the mapping relationship "Event busy _ can 8-Topic".
In an embodiment, on the premise of protecting the privacy of the user, by identifying the event functions contained in the intelligent contract, the exposed log field capable of being stored in a plain text can be determined according to the different requirements of different types of event functions on privacy protection, and further, according to the meeting condition of the exposed log field on the preset conditions, the corresponding different requirements are reflected in the storage process, so that the method has higher flexibility.
Specifically, by comparing the exposed log field corresponding to the special event function with the preset condition, the exposed log field satisfying the preset condition can be stored in a plaintext form, while the exposed log field not satisfying the preset condition or other receipt contents are necessarily stored in a ciphertext form. Wherein, the content of the preset condition may include at least one of the following: the corresponding log field contains preset content, the value of the corresponding log field belongs to a preset value interval, and the like.
The preset contents may include: one or more specified keywords, such as the keyword, may include predefined state variables, predefined intermediate variables, and the like, so that when a certain exposed log field contains the state variables or the intermediate variables as the keyword, it may be determined that the exposed log field satisfies the preset condition.
The preset contents may include: a preset value. For example, the preset value may be a numerical value, and the numerical value may be compared with the value of the state variable, so as to determine whether the value of the state variable is expected; for another example, the preset value may be a character string composed of numeric values, letters, special symbols, and the like, and the character string may be compared with an account address of the transaction initiator, an account address of the transaction target, a log topic, and the like to identify a specific transaction initiator, a specific transaction target, or a specific log topic, and the like. By taking the preset content as a character string as an example, assuming that the character string is a certain account address, when a user initiates a transaction for the account address and an exposed log field corresponding To the transaction type includes a To field, the To field is stored in a plaintext form, and when initiates a transaction for other account addresses, the To field is not allowed To be stored in a plaintext form, so that privacy disclosure is avoided.
The preset value interval can indicate the privacy protection requirement condition of the relevant receipt field, for example, in a transfer scene, the preset value interval can be a value interval with a smaller value and a lower privacy protection requirement, so that even if the relevant receipt field is disclosed, serious user privacy disclosure can not be caused, but the relevant operation such as a DAPP client side can be automatically triggered, and certain balance is achieved between privacy protection and convenience. Therefore, when the value of the exposed log field is in the preset value interval, the exposed log field can be stored in a plaintext form.
In an embodiment, the preset condition may include a general condition corresponding to all log fields, that is, in the log corresponding to the special event function in the receipt data, a uniform preset condition exists in all log fields included in the log, so that all exposed log fields included in the log need to be compared with the uniform preset condition. For example, when the preset condition is "including a preset keyword", all exposed log fields in the log corresponding to the special event function may be compared with the keyword included in the preset condition to determine an exposed log field including the keyword as an exposed log field satisfying the preset condition.
In one embodiment, the preset condition may include a specific condition corresponding to each log field, that is, in the log corresponding to the special event function in the receipt data, the corresponding preset condition exists in each log field included in the log, so that each exposed log field included in the log is used for comparing with the corresponding preset condition. The preset conditions corresponding to different log fields are independent from each other, but may be the same or different. For example, the preset condition corresponding To the From field and the To field may be "whether preset content is included", and the preset content may be a preset account address indicating a transaction initiated by or for the account address, allowing the From field or the To field To be stored in a clear text form (may be stored in a clear text form when the From field or the To field belongs To the exposure log field). For another example, the preset condition corresponding to the Topic field may be "whether the Topic field belongs to a preset value interval", and the value of the state variable referenced by the relevant event may be recorded in the Topic field, for example, the state variable representing "transfer amount" may be included in a transfer scenario, which indicates that when the transfer amount is in the preset value interval (usually, a small amount value interval corresponding to a smaller amount), the transfer amount is allowed to be stored in a clear text form (may be stored in a clear text form when the Topic field belongs to the exposure log field).
In one embodiment, the preset conditions may be located in the transaction, so that the preset conditions adopted by different transaction exchanges may have differences to meet the demand differences faced by different transaction exchanges; of course, the same preset conditions may be used for different transactions. The difference in the preset conditions may be represented as: the content of the preset condition, the receipt field to which the preset condition applies, and the difference of at least one dimension in the processing logic for judging whether the exposed log field meets the preset condition.
In one embodiment, the preset condition may be located in a smart contract invoked for trading, or the preset condition may be located in another smart contract invoked for trading, so that the trading may determine whether to use the corresponding preset condition by selecting the invoked smart contract. The intelligent contract can be created by the transaction initiator or any other user in advance; of course, if there is a corresponding invoking condition for the smart contract, it is necessary to enable the transaction to invoke the smart contract when the invoking condition is satisfied, for example, the invoking condition may include: the transaction initiator belongs to a preset white list, the transaction initiator does not belong to a preset black list or other conditions.
In an embodiment, the preset condition may be located in the system contract or the chain code, so that the preset condition is a global condition applicable to all transactions on the blockchain, and is different from the preset condition included in the transaction or the smart contract, so that even if the smart contract invoked by the transaction or the transaction does not include the preset condition, the storage manner of the log field may be determined based on the preset condition defined in the system contract or the chain code and by combining the user type of the transaction initiator.
It should be noted that: the preset conditions contained in the trading or intelligent contracts do not contradict the preset conditions contained in the chain codes or the system contracts: the two may respectively include preset conditions of different dimensions, for example, log fields to which the preset conditions are applicable are different; alternatively, when there is a conflict between the preset conditions included in the two, it may be defaulted to preferentially adopt the preset conditions included in the transaction or the smart contract, or to preferentially adopt the preset conditions included in the chain code or the system contract, depending on the predefined selection logic.
By running program code (hereinafter simply referred to as chain code) of a blockchain on a computing device (physical or virtual machine), the computing device can be configured as a blockchain link point in a blockchain network, such as the first blockchain node described above, or the like. In other words, the first block link point implements the corresponding functional logic by running the above-mentioned chain code. Thus, the receipt data storage logic described above in relation to the event function and the preset condition may be written into the chain code when creating the blockchain network, so that each blockchain link point may implement the receipt data storage logic.
The receipt data storage logic associated with the event function and the preset condition may include: identification logic for special event functions, confirmation logic for exposed log fields, determination logic for preset conditions, processing logic for exposed log fields, etc.
The identification logic for the special event function is to instruct the first blockchain node to: a special event function contained in the smart contract is identified. Such as: a predefined list of special event functions may be recorded in the system contract, or processing logic may be recorded in the system contract that identifies special event functions based on the type identifier. Specifically, reference may be made to the above description for identifying the special event function, which is not described herein again.
The validation logic to expose the log field is to instruct the first blockchain node to: and determining a corresponding exposed log field according to the special event function. Such as: determining a corresponding exposure log field according to an exposure identifier or an encryption identifier contained in the special event function; or, according to the chain code or the mapping relation between the special event function recorded in the system contract or the block and the exposed log field, the corresponding exposed log field is determined by combining the special event function contained in the current initiated transaction. Specifically, reference may be made to the above description for obtaining the relevant description of the exposed log field corresponding to the special event function, which is not described herein again.
The determination logic for the preset condition is to instruct the first blockchain node to: and acquiring a preset condition applicable to the exposed log field. Such as: a general condition applicable to all receipt fields is obtained, or a special condition applicable to exposing log fields is obtained, etc. Specifically, reference may be made to the above description related to the preset condition, which is not described herein again.
Processing logic for the exposed log field is to instruct the first blockchain node to: receipt content in the receipt data corresponding to the exposed log field is stored. Such as: for the log corresponding to the special event function in the receipt data, the receipt content corresponding to the exposed log field and satisfying the preset condition in the log can be stored in a plain text form, while the receipt content corresponding to the exposed log field and failing to satisfy the preset condition in the log, the receipt content corresponding to the non-exposed field in the log can be stored in a cipher text form, and other receipt content (such as the receipt content corresponding to the common event function) in the receipt data can be stored in a cipher text form. Reference may be made to the above description of storing receipt data, which is not described herein again.
Due to the fact that upgrading and updating of the chain codes are relatively difficult, the chain codes are used for storing receipt data, and the problems of low flexibility and poor expandability exist. In order to implement the functional extension of the chain code, as shown in fig. 5, the chain code may be combined with a system contract: the chain code is used for realizing basic functions of the block chain network, and the function extension in the running process can be realized in a system contract mode. Similar to the above-mentioned smart contract, the system contract includes code in the form of byte code, for example, and the first block link node may be functionally complementary to the chain code by running the code of the system contract (for example, reading the code in the system contract according to the uniquely corresponding address "0 x53a98 …"). Accordingly, the first block link point may read code of a system contract in which receipt data storage logic associated with the transaction type and event function is defined; the first block chain node may then execute code of the system contract to store the exposed log field in plaintext form and the remaining contents of the receipt data in ciphertext form that satisfy the preset condition in the log corresponding to the particular event function based on receipt data storage logic associated with the event function and the preset condition.
Unlike the above-described intelligent contracts issued by users to blockchains, system contracts cannot be freely issued by users. The system contract read by the first blockchain node may include a preset system contract configured in a founder block of the blockchain network; and an administrator (i.e., the above-mentioned administrative user) in the blockchain network may have an update authority for the system contract, so as to perform an update for a preset system contract such as the above-mentioned system contract, the system contract read by the above-mentioned first blockchain node may further include a corresponding updated system contract. Certainly, the updated system contract can be obtained by the administrator by performing one-time update on the preset system contract; or, the updated system contract may be obtained by performing multiple iterative updates on the preset system contract by the administrator, for example, the preset system contract is updated to obtain the system contract 1, the system contract 1 is updated to obtain the system contract 2, and the system contract 2 is updated to obtain the system contract 3, where the system contract 1, the system contract 2, and the system contract 3 may all be regarded as the updated system contract, but the first block link point generally is subject to the latest version of the system contract, for example, the first block link node is subject to the code in the system contract 3, but not the code in the system contract 1 or the system contract 2.
In addition to the preset system contracts contained in the foundational blocks, the administrator may also publish system contracts within subsequent blocks and make updates to the published system contracts. In summary, a certain degree of restriction should be imposed on the issuance and updating of system contracts by means such as rights management to ensure that the functional logic of the blockchain network is functioning properly and to avoid unnecessary loss to any user.
For receipt contents in the receipt data which need to be stored in a ciphertext form, the first block chain link point encrypts the receipt contents through a key. The encryption can adopt symmetric encryption or asymmetric encryption. If the first blockchain node encrypts the receipt content in a symmetric encryption manner, i.e., using the symmetric key of the symmetric encryption algorithm, the client (or other object holding the key) can decrypt the encrypted receipt content using the symmetric key of the symmetric encryption algorithm.
In one embodiment, when the first blockchain node encrypts the receipt content with the symmetric key of the symmetric encryption algorithm, the symmetric key may be pre-provided to the first blockchain node by the client. Then, only the client (which should actually be the user corresponding to the logged-in account on the client) and the first block link point grasp the symmetric key, so that only the client can decrypt the corresponding encrypted receipt content, and an unrelated user or even a lawbreaker is prevented from decrypting the encrypted receipt content.
For example, when the client initiates a transaction to the first block link node, the client may encrypt the transaction content with an initial key of a symmetric encryption algorithm to obtain the transaction; accordingly, the first tile chain node may be used to directly or indirectly encrypt the receipt content by obtaining the initial key. For example, the initial key may be pre-negotiated by the client and the first blockchain node, or sent by the key management server to the client and the first blockchain node, or sent by the client to the first blockchain node. When the initial key is sent to the first block chain node by the client, the client can encrypt the initial key by the public key of the asymmetric encryption algorithm and then send the encrypted initial key to the first block chain node, and the first block chain node decrypts the encrypted initial key by the private key of the asymmetric encryption algorithm to obtain the initial key, that is, the digital envelope encryption described above, which is not described herein again.
In one embodiment, the first tile link point may encrypt the receipt content using the initial key described above. The initial keys used for different transactions may be the same, so that all transactions submitted by the same user are encrypted using the initial keys, or the initial keys used for different transactions may be different, for example, the client may randomly generate an initial key for each transaction, so as to improve security.
In one embodiment, the first tile chain node may generate a derivative key based on the initial key and the impact factor, and encrypt the receipt content with the derivative key. Compared with the method that the initial key is directly adopted for encryption, the derived key can increase the randomness, so that the difficulty of being broken is improved, and the safety protection of data is optimized. The impact factor may be related to the transaction; for example, the impact factor may include designated bits of the transaction hash value, such as the first chunk nexus may concatenate the initial key with the first 16 bits (or the first 32 bits, the last 16 bits, the last 32 bits, or other bits) of the transaction hash value and hash the concatenated string to generate the derivative key.
In an embodiment, the first block link point may further adopt an asymmetric encryption manner, that is, the receipt content is encrypted by using a public key of an asymmetric encryption algorithm, and accordingly, the client may decrypt the encrypted receipt content by using a private key of the asymmetric encryption algorithm. The key of the asymmetric encryption algorithm may be, for example, a pair of a public key and a private key generated by the client, and the public key is sent to the first blockchain node in advance, so that the first blockchain node may encrypt the receipt content with the public key.
The first block link point implements a function by running code for implementing the function. Thus, for functions that need to be implemented in the TEE, the relevant code needs to be executed as well. For code executed in the TEE, relevant specifications and requirements of the TEE need to be met; accordingly, for codes used for realizing a certain function in the related art, code writing needs to be performed again in combination with the specification and requirements of the TEE, so that not only is a relatively large development amount, but also a bug (bug) is easily generated in the rewriting process, and reliability and stability of function realization are affected.
Thus, a first block link point may store receipt data generated in the TEE (including receipt content in plain text requiring plain text storage, and receipt content in cipher text requiring cipher text storage) to an external storage space outside the TEE by executing a store function code outside the TEE, so that the storage function code can be the code used for realizing the storage function in the related art, does not need to be re-written with the specification and requirement of the TEE, the receipt data can be safely and reliably stored, the development amount of related codes can be reduced on the basis of not influencing the safety and reliability, furthermore, the TCB (Trusted Computing Base) can be reduced by reducing the related codes of the TEE, so that the additional security risk caused by the combination of the TEE technology and the block chain technology is in a controllable range.
In one embodiment, the first block chain node may execute a write cache function code within the TEE to store the receipt data described above in a write cache within the TEE, such as may correspond to a "cache" as shown in fig. 1. Further, the first block chain node outputs the data in the write cache from the trusted execution environment to be stored in the external storage space. The writing cache function code can be stored in the TEE in a plaintext form, and the cache function code in the plaintext form can be directly executed in the TEE; alternatively, the write cache function code may be stored outside the TEE in a ciphertext form, such as in the external storage space (for example, "pack + store" as shown in fig. 4, where "pack" indicates that the first blockchain node packs the transaction into blocks outside the trusted execution environment), and the write cache function code in the ciphertext form may be read into the TEE, decrypted in the TEE into a plaintext code, and executed.
Write caching refers to a "buffering" mechanism provided to avoid causing a "shock" to an external storage space when data is written to the external storage space. For example, the above write cache may be implemented by using a buffer; of course, the write cache may also be implemented by using a cache, which is not limited in this specification. In fact, because the TEE is an isolated security environment and the external storage space is located outside the TEE, the external storage space can be written into the data in the cache in batches by adopting a cache writing mechanism, so that the interaction times between the TEE and the external storage space are reduced, and the data storage efficiency is improved. Meanwhile, the TEE may need to call generated data in the process of continuously executing each transaction, and if the data needing to be called is just located in the write cache, the data can be directly read from the write cache, so that on one hand, interaction with an external storage space can be reduced, on the other hand, a decryption process of the data read from the external storage space is omitted, and therefore the data processing efficiency in the TEE is improved.
Of course, the write cache may also be established outside the TEE, for example, the first tile chain node may execute the write cache function code outside the TEE, so as to store the receipt data in the write cache outside the TEE, and further store the data in the write cache to the external storage space.
An embodiment of a receipt storage node incorporating event function types and decision conditions according to the present specification is described below in conjunction with FIG. 6, including:
a receiving unit 61 that receives the encrypted transaction for calling the smart contract;
a decryption unit 62 that decrypts the transaction in a trusted execution environment to obtain the smart contract, the smart contract containing a special event function;
an execution unit 63, configured to execute the smart contract in the trusted execution environment, to obtain receipt data, where the receipt data includes a log corresponding to the special event function;
and the storage unit 64 is used for storing the receipt data, so that at least one log field meeting a preset condition in the log corresponding to the special event function is stored in a plaintext form, and the rest content of the receipt data is stored in a ciphertext form.
Optionally, the event function in the intelligent contract includes a type identifier, and the type identifier is used for marking the event function as a special event function.
Optionally, when the event function included in the intelligent contract is located in a special function list recorded on the blockchain, the event function included in the intelligent contract is determined as a special event function.
Optionally, the at least one log field includes: and the exposed log field corresponding to the special event function.
Optionally, the special event function includes the exposure log field marked by an exposure identifier; or, the special event function includes an encrypted log field marked by an encrypted identifier, and the exposed log field is another log field.
Optionally, a mapping relationship between a predefined special event function and an exposed log field, or a mapping relationship between a predefined special event function and an encrypted log field is recorded in the blockchain; the mapping relation is used for determining an exposed log field corresponding to the special event function.
Optionally, the preset condition includes at least one of: the corresponding log field contains preset content, and the value of the corresponding log field belongs to a preset value interval.
Alternatively to this, the first and second parts may,
the preset conditions comprise general conditions corresponding to all log fields; or the like, or, alternatively,
the preset conditions comprise special conditions corresponding to each log field.
Alternatively to this, the first and second parts may,
the preset condition is located in the transaction; or the like, or, alternatively,
the preset condition is positioned in the intelligent contract called by the transaction or in another intelligent contract called by the transaction; or the like, or, alternatively,
the preset condition is located in a system contract or a chain code.
Optionally, the storage unit 64 is specifically configured to:
reading code of a system contract, the code of the system contract defining receipt data storage logic related to an event function and a preset condition;
and executing the code of the system contract to store at least one log field meeting a preset condition in the log corresponding to the special event function in a plaintext form and store the rest content of the receipt data in a ciphertext form.
Optionally, the system contract includes: the preset system contract recorded in the creation block or the updated system contract corresponding to the preset system contract.
Optionally, the storage unit 64 is specifically configured to:
executing storage function code outside the trusted execution environment to store the receipt data to an external storage space outside the trusted execution environment.
Optionally, the key for encrypting the receipt data by the first block link point includes: a key of a symmetric encryption algorithm or a key of an asymmetric encryption algorithm.
Optionally, the key of the symmetric encryption algorithm includes an initial key provided by the client; or, the key of the symmetric encryption algorithm comprises the initial key and a derivative key generated by the influence factor.
Optionally, the transaction is encrypted by the initial key, and the initial key is encrypted by a public key of an asymmetric encryption algorithm; the decryption unit 62 is specifically configured to:
and decrypting by using a private key of the asymmetric encryption algorithm to obtain the initial key, and decrypting the transaction by using the initial key to obtain the transaction content.
Optionally, the initial key is generated by the client; or, the initial key is sent to the client by a key management server.
Optionally, the impact factor is associated with the transaction.
Optionally, the influence factor includes: a specified bit of the hash value for the transaction.
In the 90 s of the 20 th century, improvements in a technology could clearly distinguish between improvements in hardware (e.g., improvements in circuit structures such as diodes, transistors, switches, etc.) and improvements in software (improvements in process flow). However, as technology advances, many of today's process flow improvements have been seen as direct improvements in hardware circuit architecture. Designers almost always obtain the corresponding hardware circuit structure by programming an improved method flow into the hardware circuit. Thus, it cannot be said that an improvement in the process flow cannot be realized by hardware physical modules. For example, a Programmable Logic Device (PLD), such as a Field Programmable Gate Array (FPGA), is an integrated circuit whose Logic functions are determined by programming the Device by a user. A digital system is "integrated" on a PLD by the designer's own programming without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Furthermore, nowadays, instead of manually making an Integrated Circuit chip, such Programming is often implemented by "logic compiler" software, which is similar to a software compiler used in program development and writing, but the original code before compiling is also written by a specific Programming Language, which is called Hardware Description Language (HDL), and HDL is not only one but many, such as abel (advanced Boolean Expression Language), ahdl (alternate Hardware Description Language), traffic, pl (core universal Programming Language), HDCal (jhdware Description Language), lang, Lola, HDL, laspam, hardward Description Language (vhr Description Language), vhal (Hardware Description Language), and vhigh-Language, which are currently used in most common. It will also be apparent to those skilled in the art that hardware circuitry that implements the logical method flows can be readily obtained by merely slightly programming the method flows into an integrated circuit using the hardware description languages described above.
The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer-readable medium storing computer-readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, an Application Specific Integrated Circuit (ASIC), a programmable logic controller, and an embedded microcontroller, examples of which include, but are not limited to, the following microcontrollers: ARC 625D, Atmel AT91SAM, Microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic for the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller as pure computer readable program code, the same functionality can be implemented by logically programming method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Such a controller may thus be considered a hardware component, and the means included therein for performing the various functions may also be considered as a structure within the hardware component. Or even means for performing the functions may be regarded as being both a software module for performing the method and a structure within a hardware component.
The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. One typical implementation device is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functions of the various elements may be implemented in the same one or more software and/or hardware implementations of the present description.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
This description may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The specification may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks. In a typical configuration, a computer includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic disk storage, quantum memory, graphene-based storage media or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
The terminology used in the description of the one or more embodiments is for the purpose of describing the particular embodiments only and is not intended to be limiting of the description of the one or more embodiments. As used in one or more embodiments of the present specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It should be understood that although the terms first, second, third, etc. may be used in one or more embodiments of the present description to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of one or more embodiments herein. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
The above description is only for the purpose of illustrating the preferred embodiments of the one or more embodiments of the present disclosure, and is not intended to limit the scope of the one or more embodiments of the present disclosure, and any modifications, equivalent substitutions, improvements, etc. made within the spirit and principle of the one or more embodiments of the present disclosure should be included in the scope of the one or more embodiments of the present disclosure.
Claims (21)
1. A receipt storing method combining an event function type and a judgment condition, comprising:
the first block chain node receives encrypted transaction for calling the intelligent contract;
the first blockchain node decrypts the transaction in a trusted execution environment to obtain the intelligent contract, wherein the intelligent contract comprises a special event function and a common event function, at least a part of log fields in a log corresponding to the special event function are used for storing in a plaintext form, and the log corresponding to the common event function is used for storing in a ciphertext form;
executing the intelligent contract in the trusted execution environment by a first blockchain node to obtain receipt data, wherein the receipt data comprises a log corresponding to the special event function;
and storing the receipt data by a first block chain link point, so that at least one log field meeting a preset condition in the log corresponding to the special event function is stored in a plaintext form, and the rest content of the receipt data is stored in a ciphertext form.
2. The method of claim 1, wherein an event function in the intelligent contract comprises a type identifier that is used to mark the event function as a special event function.
3. The method according to claim 1, wherein the event function contained in the intelligent contract is determined as a special event function when the event function contained in the intelligent contract is located in a special function list recorded on a blockchain.
4. The method of claim 1, the at least one log field comprising: and the exposed log field corresponding to the special event function.
5. The method of claim 4, the special event function including therein the exposure log field designated by an exposure identifier; or, the special event function includes an encrypted log field marked by an encrypted identifier, and the exposed log field is another log field.
6. The method according to claim 4, wherein a mapping relation between a predefined special event function and an exposed log field or a mapping relation between a predefined special event function and an encrypted log field is recorded in the blockchain; the mapping relation is used for determining an exposed log field corresponding to the special event function.
7. The method of claim 1, the preset condition comprising at least one of: the corresponding log field contains preset content, and the value of the corresponding log field belongs to a preset value interval.
8. The method of claim 1, wherein the first and second light sources are selected from the group consisting of,
the preset conditions comprise general conditions corresponding to all log fields; or the like, or, alternatively,
the preset conditions comprise special conditions corresponding to each log field.
9. The method of claim 1, wherein the first and second light sources are selected from the group consisting of,
the preset condition is located in the transaction; or the like, or, alternatively,
the preset condition is positioned in the intelligent contract called by the transaction or in another intelligent contract called by the transaction; or the like, or, alternatively,
the preset condition is located in a system contract or a chain code.
10. The method of claim 1, a first block link point storing the receipt data, comprising:
reading a code of a system contract by a first block chain node, wherein the code of the system contract defines a receipt data storage logic related to an event function and a preset condition;
and executing the code of the system contract by the first block chain node to store at least one log field meeting a preset condition in the log corresponding to the special event function in a plaintext form and store the rest content of the receipt data in a ciphertext form.
11. The method of claim 10, the system contract comprising: the preset system contract recorded in the creation block or the updated system contract corresponding to the preset system contract.
12. The method of claim 1, a first block link point storing the receipt data, comprising:
the first blockchain node executes storage function code outside the trusted execution environment to store the receipt data to an external storage space outside the trusted execution environment.
13. The method of claim 1, the key for the first block chain node to encrypt the receipt data comprising: a key of a symmetric encryption algorithm or a key of an asymmetric encryption algorithm.
14. The method of claim 13, the key of the symmetric encryption algorithm comprising a client-provided initial key that initiates the transaction; or, the key of the symmetric encryption algorithm comprises the initial key and a derivative key generated by the influence factor.
15. The method of claim 14, the transaction being encrypted by the initial key, and the initial key being encrypted by a public key of an asymmetric encryption algorithm; the first blockchain node decrypts the transaction in the trusted execution environment, including:
and the first blockchain node decrypts by using a private key of the asymmetric encryption algorithm to obtain the initial key, and decrypts the transaction by using the initial key to obtain the transaction content of the transaction.
16. The method of claim 14, the initial key being generated by a client; or, the initial key is sent to the client by a key management server.
17. The method of claim 14, the impact factor being related to the transaction.
18. The method of claim 17, the impact factor comprising: a specified bit of the hash value for the transaction.
19. A receipt storage node that incorporates event function types and decision conditions, comprising:
a receiving unit that receives the encrypted transaction for calling the smart contract;
a decryption unit configured to decrypt the transaction in a trusted execution environment to obtain the smart contract, the smart contract including a special event function and a normal event function, at least a part of log fields in a log corresponding to the special event function being configured to be stored in a plaintext form, and a log corresponding to the normal event function being configured to be stored in a ciphertext form;
an execution unit that executes the smart contract in the trusted execution environment, resulting in receipt data that includes a log corresponding to the special event function;
and the storage unit is used for storing the receipt data, so that at least one log field meeting a preset condition in the log corresponding to the special event function is stored in a plaintext form, and the rest content of the receipt data is stored in a ciphertext form.
20. An electronic device, comprising:
a processor;
a memory for storing processor-executable instructions;
wherein the processor implements the method of any one of claims 1-18 by executing the executable instructions.
21. A computer readable storage medium having stored thereon computer instructions which, when executed by a processor, carry out the steps of the method according to any one of claims 1 to 18.
Priority Applications (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910419959.1A CN110264197B (en) | 2019-05-20 | 2019-05-20 | Receipt storage method and node combining event function type and judgment condition |
| PCT/CN2020/089386 WO2020233425A1 (en) | 2019-05-20 | 2020-05-09 | Determination condition based receipt storage method and node |
| PCT/CN2020/089385 WO2020233424A1 (en) | 2019-05-20 | 2020-05-09 | Event function type-based receipt storage method and node |
| PCT/CN2020/091403 WO2020233628A1 (en) | 2019-05-20 | 2020-05-20 | Receipt storage method and node based on combination of event function type and judgment condition |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910419959.1A CN110264197B (en) | 2019-05-20 | 2019-05-20 | Receipt storage method and node combining event function type and judgment condition |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110264197A CN110264197A (en) | 2019-09-20 |
| CN110264197B true CN110264197B (en) | 2021-05-18 |
Family
ID=67914800
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910419959.1A Active CN110264197B (en) | 2019-05-20 | 2019-05-20 | Receipt storage method and node combining event function type and judgment condition |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN110264197B (en) |
| WO (1) | WO2020233628A1 (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110264197B (en) * | 2019-05-20 | 2021-05-18 | 创新先进技术有限公司 | Receipt storage method and node combining event function type and judgment condition |
| CN110263089B (en) * | 2019-05-20 | 2021-05-04 | 创新先进技术有限公司 | Receipt storage method and node combining conditional restrictions of transaction and event types |
| WO2020233425A1 (en) * | 2019-05-20 | 2020-11-26 | 创新先进技术有限公司 | Determination condition based receipt storage method and node |
| CN110266644B (en) * | 2019-05-20 | 2021-04-06 | 创新先进技术有限公司 | Receipt storage method and node combining code marking and transaction types |
| WO2020233424A1 (en) * | 2019-05-20 | 2020-11-26 | 创新先进技术有限公司 | Event function type-based receipt storage method and node |
| CN111510918B (en) * | 2020-04-28 | 2022-08-02 | 拉扎斯网络科技(上海)有限公司 | Communication method, system, device, electronic equipment and readable storage medium |
| CN111510462B (en) * | 2020-04-28 | 2022-07-08 | 拉扎斯网络科技(上海)有限公司 | Communication method, system, device, electronic equipment and readable storage medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104318135A (en) * | 2014-10-27 | 2015-01-28 | 中国科学院信息工程研究所 | Java code safety dynamic loading method on basis of trusted execution environment |
| CN105429760A (en) * | 2015-12-01 | 2016-03-23 | 神州融安科技(北京)有限公司 | Method and system for identity verification of digital certificate based on TEE (Trusted Execution Environment) |
| CN105787353A (en) * | 2014-12-17 | 2016-07-20 | 联芯科技有限公司 | Credible application management system and loading method for credible applications |
| CN105828324A (en) * | 2016-03-21 | 2016-08-03 | 珠海市魅族科技有限公司 | Method and device of obtaining virtual subscriber identity |
| CN106407795A (en) * | 2016-09-05 | 2017-02-15 | 北京众享比特科技有限公司 | Data existence authentication system, authentication method and verification method |
| CN108681898A (en) * | 2018-05-15 | 2018-10-19 | 广东工业大学 | A kind of data trade method and system based on block chain |
| CN109389500A (en) * | 2018-09-29 | 2019-02-26 | 重庆邮电大学 | Data trade platform based on ether mill |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10554634B2 (en) * | 2017-08-18 | 2020-02-04 | Intel Corporation | Techniques for shared private data objects in a trusted execution environment |
| CN107682331B (en) * | 2017-09-28 | 2020-05-12 | 复旦大学 | Block chain-based Internet of things identity authentication method |
| US10439804B2 (en) * | 2017-10-27 | 2019-10-08 | EMC IP Holding Company LLC | Data encrypting system with encryption service module and supporting infrastructure for transparently providing encryption services to encryption service consumer processes across encryption service state changes |
| CN109660358B (en) * | 2019-01-08 | 2022-04-08 | 余炀 | Data circulation method based on block chain and safe execution environment |
| CN110264197B (en) * | 2019-05-20 | 2021-05-18 | 创新先进技术有限公司 | Receipt storage method and node combining event function type and judgment condition |
-
2019
- 2019-05-20 CN CN201910419959.1A patent/CN110264197B/en active Active
-
2020
- 2020-05-20 WO PCT/CN2020/091403 patent/WO2020233628A1/en active Application Filing
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104318135A (en) * | 2014-10-27 | 2015-01-28 | 中国科学院信息工程研究所 | Java code safety dynamic loading method on basis of trusted execution environment |
| CN105787353A (en) * | 2014-12-17 | 2016-07-20 | 联芯科技有限公司 | Credible application management system and loading method for credible applications |
| CN105429760A (en) * | 2015-12-01 | 2016-03-23 | 神州融安科技(北京)有限公司 | Method and system for identity verification of digital certificate based on TEE (Trusted Execution Environment) |
| CN105828324A (en) * | 2016-03-21 | 2016-08-03 | 珠海市魅族科技有限公司 | Method and device of obtaining virtual subscriber identity |
| CN106407795A (en) * | 2016-09-05 | 2017-02-15 | 北京众享比特科技有限公司 | Data existence authentication system, authentication method and verification method |
| CN108681898A (en) * | 2018-05-15 | 2018-10-19 | 广东工业大学 | A kind of data trade method and system based on block chain |
| CN109389500A (en) * | 2018-09-29 | 2019-02-26 | 重庆邮电大学 | Data trade platform based on ether mill |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110264197A (en) | 2019-09-20 |
| WO2020233628A1 (en) | 2020-11-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110223172B (en) | Conditional receipt storage method and node combining code labeling and type dimension | |
| CN110264195B (en) | Receipt storage method and node combining code marking with transaction and user type | |
| CN110245490B (en) | Conditional receipt storage method and node combining code labeling and type dimension | |
| CN110263087B (en) | Receipt storage method and node based on multi-dimensional information and with conditional restriction | |
| CN110263544B (en) | Receipt storage method and node combining transaction type and judgment condition | |
| CN110266644B (en) | Receipt storage method and node combining code marking and transaction types | |
| CN110264196B (en) | Conditional receipt storage method and node combining code labeling and user type | |
| CN110264198B (en) | Conditional receipt storage method and node combining code labeling and transaction type | |
| CN110245504B (en) | Receipt storage method and node combined with condition limitation of multi-type dimensionality | |
| CN110278193B (en) | Receipt storage method and node combining code marking with transaction and event types | |
| CN110245946B (en) | Receipt storage method and node combining code labeling and multi-type dimensionality | |
| CN110263086B (en) | Receipt storage method and node combining user type and event function type | |
| CN110264197B (en) | Receipt storage method and node combining event function type and judgment condition | |
| CN110245503B (en) | Receipt storage method and node combining code marking and judging conditions | |
| CN110245947B (en) | Receipt storage method and node combining conditional restrictions of transaction and user types | |
| CN110263091B (en) | Receipt storage method and node combining code marking with user and event type | |
| CN110245945B (en) | Receipt storage method and node combining code marking and user type | |
| CN110245942B (en) | Receipt storage method and node combining user type and judgment condition | |
| CN110263088B (en) | Conditional receipt storage method and node combining code labeling and event type | |
| CN110276684B (en) | Receipt storage method and node combining transaction type and event function type | |
| CN110247895B (en) | Receipt storage method, node, device and storage medium | |
| CN110264194B (en) | Receipt storage method and node based on event function type | |
| CN110264193B (en) | Receipt storage method and node combining user type and transaction type | |
| CN110263090B (en) | Receipt storage method and node with multiple types of dimensions | |
| CN110245944B (en) | Receipt storage method and node based on user type |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20200924 Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Applicant after: Innovative advanced technology Co.,Ltd. Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Applicant before: Advanced innovation technology Co.,Ltd. Effective date of registration: 20200924 Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Applicant after: Advanced innovation technology Co.,Ltd. Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands Applicant before: Alibaba Group Holding Ltd. |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |