Specific embodiment
Example embodiments are described in detail here, and the example is illustrated in the accompanying drawings.Following description is related to
When attached drawing, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements.Following exemplary embodiment
Described in embodiment do not represent all embodiments consistent with this specification one or more embodiment.Phase
Instead, they are only some aspects phases with the one or more embodiments of as detailed in the attached claim, this specification
The example of consistent device and method.
It should be understood that the sequence that might not show and describe according to this specification in other embodiments executes
The step of correlation method.In some other embodiments, step included by method can than described in this specification more
It is more or less.In addition, single step described in this specification, may be broken down into other embodiments multiple steps into
Row description;And multiple steps described in this specification, it may also be merged into single step progress in other embodiments
Description.
Block chain is normally divided into three types: publicly-owned chain (Public Blockchain), privately owned chain
(PrivateBlockchain) and alliance's chain (Consortium Blockchain).In addition, there are also a plurality of types of combinations, than
Such as privately owned chain+alliance's chain, alliance's chain+publicly-owned chain different combinations.The participant of block chain, that is, block chain node (or referred to as
Node), block chain node can read data record, the book keeping operation power participated in business and compete new block on chain etc., each
Block chain node constitutes corresponding block chain network.In the block chain of the above-mentioned type, highest decentralization degree is public
There is chain.For publicly-owned chain using bit coin, ether mill as representative, the participant that publicly-owned chain is added can read data record on chain, ginseng
Weighed with the book keeping operation for trading and competing new block etc., and each participant freely can be added and exit network.Privately owned chain then on the contrary,
The write-in permission of network of relation is by some tissue or mechanism controls, and reading data permission is organized or the regulation of mechanism.Simply
For, privately owned chain can be weak center's system, and participant has stringent limitation and less.Such block chain is more suitable
It is used together in particular organization inside.Alliance's chain is then the block chain between publicly-owned chain and privately owned chain, it can be achieved that " partially going
Centralization ".Each node usually has corresponding physical mechanism or tissue in alliance's chain;Participant is added by authorization
Network and composition interests correlation alliance, it is common to safeguard the operation of block chain.
Whether publicly-owned chain, privately owned chain or alliance's chain may all provide the function of intelligent contract.Intelligence on block chain
Contract is the contract that can be executed by transaction triggering on block catenary system.Intelligent contract can pass through the formal definition of code.
By taking ether mill as an example, user is supported to create in the network of ether mill and call the logic of some complexity, this is ether
Mill is different from the ultimate challenge of bit coin block chain technology.Ether mill is ether mill void as the core of a programmable block chain
Quasi- machine (EVM), each ether mill node can run EVM.EVM is the complete virtual machine of figure spirit, it means that can be with
The logic of various complexity is realized by it.It is exactly to run on EVM that user, which issues in ether mill and call intelligent contract,.It is real
On border, what virtual machine was directly run is virtual machine code (Virtual Machine bytecodes, lower abbreviation " bytecode ").It is deployed on block chain
Intelligent contract can be the form of bytecode.
Such as shown in Fig. 1, after a transaction comprising the intelligent contract information of creation is sent ether mill network by Bob, section
The EVM of point 1 can execute this and trade and generate corresponding contract example." 0x6f8ae93 ... " in 1 in figure represents this
The address of contract, what the data field of transaction saved can be bytecode, and the to field of transaction is sky.Pass through common recognition machine between node
After system is reached an agreement, this contract is successfully created, and can be called in the follow-up process.After contract creation, on block chain
There is a contract account corresponding with the intelligence contract, and possess a specific address, contract code will be stored in the conjunction
About in account.The behavior of intelligent contract is controlled by contract code.In other words, intelligent contract to generate on block chain comprising closing
The about virtual account of code and account storage (Storage).
As shown in Fig. 2, one is used to call the transaction of intelligent contract to be sent to ether mill by Bob still by taking ether mill as an example
After network, the EVM of a certain node can execute this and trade and generate corresponding contract example.The from word traded in 2 in figure
Section is the address of the account of transaction initiator (i.e. Bob), and " 0x6f8ae93 ... " in field represents called intelligence and close
Address about, value field are the value of ether coin, the side of the intelligent contract of the calling that the data field of transaction saves in ether mill
Method and parameter.Intelligent contract in a prescribed manner in block chain network each node disjoint execution, all execution record and
Data are all stored on block chain, so just saving the transaction that can not be distorted, will not lose on block chain after the completion of transaction
Voucher.
As previously mentioned, the intelligent contract being deployed on block chain can be the form of bytecode.Bytecode is by a series of
Byte composition, each byte can identify an operation.Consider based on development efficiency, readability etc. are many-sided, developer can be with
Bytecode is not write directly, but selects a high level language intelligence contract code.The intelligent contract of high level language
Code is compiled by compiler, generates bytecode, and then the bytecode can be deployed on block chain.The height that ether mill is supported
There are many grade language, such as Solidity, Serpent, LLL language.
By taking Solidity language as an example, the contract write with it and class (Class) the very phase in Object-Oriented Programming Language
Seemingly, a variety of members, including contract state, function, function modifier, event etc. can be stated in a contract.Contract state
It is the value being permanently stored in the account storage of intelligent contract, for saving the state of contract.
It is the example code for the simple intelligent contract write with Solidity language as follows:
In general, " balance " this corresponding storage state of contract state is bright after this contract is deployed in block chain
Text, anyone is it can be seen that its state, the setting and ability of no secret protection.If user wants to play state secret protection
Come, at present using zero-knowledge proof, homomorphic cryptography solution, need to rewrite this contract again so that " balance " this
A contract state encipherment protection gets up, and needs support all operations of the balance in encrypted domain.General this cipher mode
Operation is complicated, and is difficult the suitable algorithm of design and supports in encrypted domain.And combined in some block chains with TEE
In solution, in order to realize secret protection, some or all of intelligent contract contract state, which is taken as, needs secret protection
Data are stored in the database of block chain node maintenance.The database, physical support can be storage medium, such as hold
Long property storage medium.
TEE is the security extension based on CPU hardware, and the credible performing environment completely isolated with outside.TEE be earliest by
The concept that Global Platform is proposed, for solving the security isolation of resource in mobile device, being parallel to operating system is to answer
Credible and secure performing environment is provided with program.The Trust Zone technology of ARM realizes the TEE technology of real commercialization earliest.
And along with the high speed development of internet, safe demand is higher and higher, is not limited only to mobile device, cloud device, in data
The heart all proposes more demands to TEE.The concept of TEE has also obtained the development and expansion of high speed.Described TEE is compared now
It has been the TEE of more broad sense with the concept initially proposed.For example, server chips manufacturer Intel, AMD etc. are successively released
The TEE of hardware auxiliary and the concept and characteristic for enriching TEE, have been widely recognized in industry.The TEE lifted now
Usually more refer to the TEE technology of this kind of hardware auxiliary.Different from mobile terminal, cloud access needs to remotely access, terminal user couple
Hardware platform is invisible, therefore seeks to the genuine and believable of confirmation TEE using the first step of TEE.Therefore present TEE technology is all
Remote proving mechanism is introduced, endorsed by hardware vendor (mainly CPU manufacturer) and user couple is ensured by digital signature technology
TEE state can verify that.
Meanwhile only the resource isolation of safety may also be unable to satisfy demand for security, so that further data-privacy
Protection is also suggested.Including Intel SGX, the commercial TEE including AMD SEV also both provides memory encryption technology, will be credible
Hardware is limited to inside CPU, and the data of bus and memory are that ciphertext prevents malicious user from being spied upon.For example, Intel
Software protection extend the TEE technology insulation such as (SGX) code execution, remote proving, security configuration, the secure storage of data and
For executing the trusted path of code.The application program run in TEE is kept safe, as a consequence it is hardly possible to be visited by third party
It asks.
By taking Intel SGX technology as an example, SGX provides enclosure (enclave, also referred to as enclave), i.e., one adds in memory
Close credible execution region, protects data not to be stolen by CPU.By taking a certain block chain node is using the CPU for supporting SGX as an example,
Using newly-increased processor instruction, a part of region EPC (Enclave Page Cache, enclosure page can be distributed in memory
Face caching or enclave page cache), by the crypto engine MEE (Memory Encryption Engine) in CPU to wherein
Data encrypted.The content encrypted in EPC, which only enters after CPU, can just be decrypted into plain text.Therefore, in SGX, user
It can distrust operating system, VMM (Virtual Machine Monitor, monitor of virtual machine), even BIOS (Basic
Input Output System, basic input output system), it is only necessary to trust CPU just and can ensure that private data will not leak.
Therefore, under the encipherment protection of CPU, intelligent contract can be executed in enclosure, generates contract state, and is hidden to needing in enclosure
The contract state of private protection is encrypted, and then will be stored after the outflow of obtained ciphertext contract state, to both can use CPU
Powerful calculating power, and do not have to concern of data and leak.
Fig. 3 is the flow chart that the method for dynamic encryption is realized in a kind of block chain of exemplary embodiment offer.Such as Fig. 3
Shown, this method is applied to block chain node, may comprise steps of:
Step 302, block chain node decrypts the transaction received in credible performing environment, is corresponded to the determination transaction
Intelligent contract.
In one embodiment, client can create transaction, and the transaction is for creating or calling intelligent contract.Client can
It is encrypted with the transaction by key pair, and encrypted transaction is sent to block chain node, so that block chain node can
The encrypted transaction to be decrypted in credible performing environment, so that it is determined that the corresponding intelligent contract of the transaction.
As previously mentioned, when above-mentioned transaction is for when creating intelligent contract, the data field of the transaction to preserve intelligent contract
Code corresponding intelligent contract can be read from the data field of the transaction so that after the transaction of block chain node decryption.
When above-mentioned transaction is for when calling intelligent contract, the to field of the transaction to include the address of called intelligent contract, so that area
After the transaction of block chain node decryption, the address of intelligent contract can be read from the to field of the transaction, and obtain based on the address
Take the code of corresponding intelligent contract.
When transaction is for calling intelligent contract, the calling of multinest structure can be.For example, transaction calls directly intelligence
Can and about 1, and the intelligence and about 1 code have invoked intelligence and about 2, and the code in intelligence and about 2 be directed toward it is intelligent with about 3
Contract address so that transaction actually have invoked indirectly intelligence and about 3 codes.In this way, whether intelligent and about 1, intelligence
About 2 or intelligence and when about contract state defined in 3 is modified, this specification can to modified contract state into
Row encryption storage.
In one embodiment, client can be symmetric cryptography, asymmetric encryption to the cipher mode of transaction, or symmetrical
Encryption combines asymmetric encryption.When using symmetric cryptography, client encrypts transaction by encryption key, and block chain
Node is decrypted transaction by identical encryption key;Correspondingly, used symmetric encipherment algorithm can be DES calculation
Method, 3DES algorithm, TDEA algorithm, Blowfish algorithm, RC5 algorithm, IDEA algorithm etc..When using asymmetric encryption, client
End encrypts transaction by public key, block chain node is decrypted transaction by private key;Correspondingly, used non-right
Claim Encryption Algorithm, e.g. RSA, Elgamal, knapsack algorithm, Rabin, D-H, ECC (elliptic curve encryption algorithm) etc..When adopting
When with symmetric cryptography combination asymmetric encryption, client can use symmetric cryptography using symmetric encipherment algorithm encryption transaction
The key of algorithm encrypts transaction, and with the key used in rivest, shamir, adelman cryptographic symmetrical Encryption Algorithm, for example using non-
The key used in the public key encryption symmetric encipherment algorithm of symmetric encipherment algorithm;In this way, block chain node receives the friendship of encryption
Yi Hou can be first decrypted using the private key of rivest, shamir, adelman, obtain the key of symmetric encipherment algorithm, and then with symmetrically
The key of Encryption Algorithm decrypts above-mentioned transaction.
Step 304, the block chain node executes the intelligent contract in credible performing environment, makes the intelligent contract
In include contract state modified.
As previously mentioned, block chain node can be by executing intelligent contract, to ensure contract state and its value in TEE
It will not leak.For example, block chain node can obtain the corresponding intelligent contract of transaction after decrypting process above-mentioned
Plaintext code, and plaintext code obtained is executed in TEE.Specifically, block chain node can use the place increased newly in CPU
Manage device instruction, a part of region EPC can be distributed in memory, by the crypto engine MEE in CPU to above-mentioned plaintext code into
Row encryption is stored in the EPC.The content encrypted in EPC is decrypted into plain text after entering CPU, i.e., above-mentioned plaintext code makes
Operation can be carried out to the plaintext code by obtaining CPU, complete implementation procedure.
In SGX technology, EVM can be loaded into above-mentioned enclosure, EVM be executed in enclosure above-mentioned
Plaintext code, to make full use of the powerful calculation power of CPU.During remote proving, Key Management server can calculate this
The hash value of ground EVM code, and compared with the hash value of the EVM code loaded in block chain node, the correct conduct of comparison result
By a necessary condition of remote proving, to complete the measurement of the code loaded to block chain node SGX enclosure.Through excessive
Amount, correct EVM can execute the plaintext code for corresponding intelligent contract of trading in SGX, and ensure that all correct EVM exist
Result after executing same section of code is identical.
In general, after the plaintext code of the intelligent contract of CPU execution, part or all of contract shape defined in the plaintext code
State can change, i.e., part or all of contract state is modified, and this specification can be for the contract state that these are modified
It carries out after reliably encrypting, stores into the database of block chain node maintenance, to realize that high level data safety and privacy are protected
Shield.
Step 306, the block chain node in credible performing environment according to public keys and impact factor to the conjunction
About state is encrypted, and database is written in contract state after encrypting, wherein the impact factor includes locating for the transaction
The block height of block.
It in one embodiment, is to write the contract state from the angle of block chain node by contract state deposit block chain
Enter database, such as local database.The database, is generally stored among storage medium, and more common is persistence
Storage medium.The persistent storage medium can be disk, floppy disk, be also possible to be powered after can restore data so as to
Memory of persistent storage etc.
In one embodiment, block chain node can encrypt contract state according to public keys and impact factor,
The effect by public keys and impact factor simultaneously of the value of contract state, identical in public keys after the encryption made
In the case of, the randomness of contract state after encryption can be increased by the impact factor of differentiation.In other words, work as public keys
It is acquired even if the contract state for identical value is encrypted by using different impact factors in identical situation
Encryption after contract state will also have different values.Therefore, public keys progress is all made of compared to all contract states
Encryption, can to avoid criminal grasp encryption after contract state value changing rule, prevent criminal by attempt and
The value of contract state is compared and deduced, there is higher safety.
In one embodiment, impact factor can only include the block height of block locating for above-mentioned transaction.Therefore, for not
With block transaction be performed after the contract state modified, block chain node will be using the impact factor of different values.So,
When block chain node encrypts contract state according to public keys and impact factor, even if contract state before encrypting has
There is identical value, since the block height as impact factor is different, can also make contract state after encryption entirely different, thus
Increase the value randomness of contract state after encrypting.As it can be seen that when impact factor is the block height of the locating block of transaction, it can
To increase the value randomness of contract state after each encryption in block dimension, it is ensured that the transaction of different blocks is corresponding
The governed value variation of rule will not be generated after encryption between contract state.
It is assumed that including block B1 and block B2 in a certain block chain network, the block height of block B1 is H1, block B2
Block height be H2.For the sake of understanding, it is assumed that comprising transaction Tx1, Tx2 in block B1, in block B2 comprising transaction Tx3,
Tx4, transaction Tx1, Tx3 corresponding position offset in block B1, B2 is Offset1, and trade Tx2, Tx4 are in area
Corresponding position offset is Offset2 in block B1, B2;Meanwhile contract state is defined in trade Tx1, Tx3
Balance1, Balance2, transaction Tx2, Tx4 in define contract state Balance3, Balance4.
When impact factor only includes block height, as shown in Figure 4: for Balance1 involved in block B1,
The contracts state such as Balance2, Balance3 and Balance4, and though each contract state whether from it is same transaction or not
With transaction, be all made of public keys Key128 (i.e. version number be 128 security key, reference can be made to below with respect to key version
Description;Alternatively, the public keys of other forms can be used, it is only used for illustrating herein) and block height H1 implementation cryptographic operation,
To respectively obtain contract state after corresponding encryption, for example Balance1 corresponding S-Balance1-1, Balance2 are corresponded to
The corresponding S-Balance4-1 of S-Balance2-1, Balance3 corresponding S-Balance3-1, Balance4 etc..
Similarly, for block B2, no matter whether each contract state trades from same transaction or difference,
Cryptographic operation is implemented using public keys key128 and block height H2, so that contract state after corresponding encryption is respectively obtained,
Such as the corresponding R- of Balance1 corresponding R-Balance1-1, Balance2 corresponding R-Balance2-1, Balance3
Corresponding R-Balance4-1 of Balance3-1, Balance4 etc..
Other than " the block height for locating block of trading ", impact factor can also further include other conditions, than
As other conditions may include " position offset of the transaction in locating block ", " contract state is performed in intelligent contract
By modification order " etc. one or more can be at other to obtain the impact factor as made of multiple conditional combinations
Cryptographic operation is implemented to contract state in dimension.
In one embodiment, impact factor can be the block height of block, transaction at exchange in locating block
Position offset.In conjunction with " trading in locating block to the condition block height of block " trade locating ", condition respectively above
The description of position offset ", it is known that: the encryption control of block dimension may be implemented in condition " the block height for locating block of trading "
It makes, ensure that contract state after encryption will not necessarily be made to generate the governed value variation of rule, condition " transaction between different blocks
Position offset in locating block " may be implemented the control extension of transaction dimension, ensure the different transaction in same block
Between will not necessarily make contract state after encryption generate rule governed value variation, then when impact factor includes simultaneously upper
When stating two conditions, the control extension of block dimension and transaction dimension may be implemented, so that will not necessarily make between different transaction
Contract state generates the governed value variation of rule after must encrypting, regardless of whether these transaction are in same block or not same district
Block.Wherein, it trades, can be realized by condition " position offset of the transaction in locating block " for the difference of same block
Control extension, this is because the different transaction in same block necessarily have different position offsets;And for different blocks
Different transaction, even if these transaction are identical in the corresponding position offset of locating block, can also further pass through item
Part " the block height for locating block of trading " realizes control extension, this is because the transaction of different blocks necessarily has different areas
Block height.
Still by taking above-mentioned block B1, B2 as an example.As shown in figure 5, when block chain node considers block height and transaction simultaneously
When corresponding position offset, for contracts such as block B1 Balance1, Balance2, Balance3 and Balance4 being related to
State, since Balance1 and Balance2 are Offset1 from the corresponding position offset of transaction Tx1, transaction Tx1,
Thus Balance1 and Balance2 is carried out by public keys Key128, block height H1 and position offset Offset1
Encrypt respectively, for example, obtain S-Balance1-2 after encrypting to Balance1, Balance2 is encrypted after obtain S-
Balance2-2.Simultaneously as Balance3 and Balance4 are from the corresponding position offset of transaction Tx2, transaction Tx2
For Offset2, thus by public keys Key128, block height H1 and position offset Offset2 to Balance3 and
Balance4 is encrypted respectively, for example is obtained S-Balance3-2 after encrypting to Balance3, carried out to Balance4
S-Balance4-2 is obtained after encryption.
Similarly, for block B2, since Balance1 and Balance2 is from transaction Tx3, Tx3 pairs of the transaction
The position offset answered is Offset1, thus passes through public keys Key128, block height H2 and position offset Offset1
Balance1 and Balance2 is encrypted respectively, for example obtains R-Balance1-2, right after encrypting to Balance1
Balance2 obtains R-Balance2-2 after being encrypted.Simultaneously as Balance3 and Balance4 from transaction Tx4,
The corresponding position offset of transaction Tx4 is Offset2, thus inclined by public keys Key128, block height H2 and position
Shifting amount Offset2 encrypts Balance3 and Balance4 respectively, for example obtains R- after encrypting to Balance3
Balance3-2, R-Balance4-2 is obtained after encrypting to Balance4.
In one embodiment, impact factor can be the block height, contract state of block at exchange in intelligent contract
Be performed by modification order.In conjunction with above respectively to condition " the block height of block locating for transaction ", condition " contract state
Intelligent contract be performed by modification order " description, it is known that: the condition block height of block " trade locating " can be real
The control extension of existing block dimension ensures necessarily make contract state generation rule after encryption governed between different blocks
Value variation, condition " contract state intelligent contract be performed by modification order " the encryption control of state dimension may be implemented
Making, ensuring will not necessarily make contract state generation rule after encryption governed between the different contract states of same transaction generation
Value variation, then when impact factor includes above-mentioned two condition simultaneously, may be implemented block dimension and state dimension plus
Close control, even if so that having the same by modification time between the contract state that multiple transaction in different blocks generate respectively
Sequence also will not necessarily make contract state after encryption generate the governed value variation of rule.Wherein, same transaction is generated
Multiple contract states, can by condition " contract state intelligent contract be performed by modification order " realize encryption control
System, this is because it is same transaction generate different contract states necessarily have it is different by modification order;And for different blocks
The contract state that generates respectively of multiple transaction, even if these contract states are having the same by modification time in respective transaction
Number can also further pass through condition " the block height for locating block of trading " and realize control extension, this is because different blocks
Transaction necessarily have different block height.
Still by taking above-mentioned block B1, B2 as an example.As shown in fig. 6, when block chain node considers block height and contract simultaneously
State by modification order when, for contracts such as block B1 Balance1, Balance2, Balance3 and Balance4 being related to
State, since Balance1 and Balance2 is from same transaction Tx1, so that Balance1 and Balance2 is necessarily right respectively
Should be in different by modification order, for example Balance1, which corresponds to, is corresponded to by modification order U1, Balance2 by modification order
U2, thus by public keys Key128, block height H1 with Balance1 is encrypted by modification order U1, encrypted
S-Balance1-3 afterwards, and Balance2 is carried out with by modification order U2 by public keys Key128, block height H1
Encryption, obtains encrypted S-Balance2-3.Simultaneously as Balance3 and Balance4 makes from same transaction Tx2
Balance3 necessarily corresponds respectively to different by modification order from Balance4, for example Balance3 corresponds to secondary by modification
Sequence U1, Balance4 corresponds to by modification order U2, thus by public keys Key128, block height H1 and by modification order
U1 encrypts Balance3, obtains encrypted S-Balance3-3, and passes through public keys Key128, block height H1
Balance4 is encrypted with by modification order U2, obtains encrypted S-Balance4-3.
Similarly, for contracts shapes such as block B2 Balance1, Balance2, Balance3 and Balance4 being related to
State, since Balance1 and Balance2 is from same transaction Tx3, so that Balance1 and Balance2 is necessarily respectively corresponded
In different by modification order, for example Balance1, which corresponds to, is corresponded to by modification order U1, Balance2 by modification order U2,
Thus by public keys Key128, block height H2 with Balance1 is encrypted by modification order U1, after obtaining encryption
R-Balance1-3, and by public keys Key128, block height H2 with by modification order U2 Balance2 is added
It is close, obtain encrypted R-Balance2-3.Simultaneously as Balance3 and Balance4 is from same transaction Tx4, so that
Balance3 necessarily corresponds respectively to different by modification order from Balance4, and for example Balance3 corresponds to by modification order
U1, Balance4 correspond to by modification order U2, thus by public keys Key128, block height H2 and by modification order U1
Balance3 is encrypted, obtains encrypted R-Balance3-3, and by public keys Key128, block height H2 with
Balance4 is encrypted by modification order U2, obtains encrypted R-Balance4-3.
In one embodiment, impact factor can be " the block height for locating block of trading ", " transaction is in locating block
Position offset " and " contract state intelligent contract be performed by modification order ", may be implemented block dimension, transaction
The control extension of dimension and state dimension, so that contract state all necessarily will not after encryption caused by any two contract state
The governed value variation of generation rule, regardless of any two contract state whether comes from same transaction or difference is traded, no
Whether same block or different blocks are come from transaction.Wherein, the multiple contract states generated for same transaction, can pass through
Condition " contract state intelligent contract be performed by modification order " realize control extension, this is because same transaction generation
Different contract states necessarily have it is different by modification order;And for the different contracts generated respectively of trading of same block
State can also further pass through condition even if these contract states are having the same by modification number in respective transaction
" position offset of the transaction in locating block " realizes control extension, this is because the different transaction of same block necessarily have
Different position offsets;And for the contract state that multiple transaction of different blocks generate respectively, even if these contract states
Having the same by modification number in respective transaction, can also further passing through condition, " block for locating block of trading is high
Degree " realizes control extension, this is because the transaction of different blocks necessarily has different block height.
Still by taking above-mentioned block B1, B2 as an example.As shown in fig. 7, when block chain node considers block height, transaction pair simultaneously
The position offset answered and contract state by modification order when, Balance1, Balance2 for being related to for block B1,
The contracts state such as Balance3 and Balance4, since Balance1 and Balance2 is from transaction Tx1, so that Balance1
Necessarily corresponded respectively to from Balance2 it is different by modification order, for example Balance1 correspond to by modification order U1,
Balance2 corresponds to by modification order U2, while the corresponding position offset of Tx1 that assumes to trade is Offset1, then can be with
Balance1 is added by public keys Key128, block height H1, position offset Offset1 and by modification order U1
It is close, encrypted S-Balance1-4 is obtained, and pass through public keys Key128, block height H1, position offset Offset1
Balance2 is encrypted with by modification order U2, obtains encrypted S-Balance2-4.Simultaneously as Balance3 with
Balance4 from transaction Tx2 so that Balance3 necessarily corresponded respectively to from Balance4 it is different by modification order, example
Corresponded to by modification order U1, Balance4 by modification order U2 as Balance3 corresponds to, while assuming that transaction Tx2 is corresponding
Position offset is Offset2, then can by public keys Key128, block height H1, position offset Offset2 and
Balance3 is encrypted by modification order U1, obtains encrypted S-Balance3-4, and by public keys Key128,
Block height H1, position offset Offset2 and Balance4 is encrypted by modification order U2, obtains encrypted S-
Balance4-4。
Similarly, for contracts shapes such as block B2 Balance1, Balance2, Balance3 and Balance4 being related to
State, since Balance1 and Balance2 is from transaction Tx3, so that Balance1 and Balance2 are necessarily corresponded respectively to not
With by modification order, for example Balance1 corresponds to is corresponded to by modification order U2, simultaneously by modification order U1, Balance2
It is assumed that the corresponding position offset of transaction Tx3 is Offset1, then can pass through public keys Key128, block height H2, position
It sets offset Offset1 and Balance1 is encrypted by modification order U1, obtain encrypted R-Balance1-4, and lead to
It crosses public keys Key128, block height H2, position offset Offset1 and Balance2 is added by modification order U2
It is close, obtain encrypted R-Balance2-4.Simultaneously as Balance3 and Balance4 from transaction Tx4 so that
Balance3 necessarily corresponds respectively to different by modification order from Balance4, and for example Balance3 corresponds to by modification order
U1, Balance4 correspond to by modification order U2, while assuming that the corresponding position offset of transaction Tx4 is Offset2, then can
With by public keys Key128, block height H2, position offset Offset2 and by modification order U1 to Balance3 carry out
Encryption obtains encrypted R-Balance3-4, and passes through public keys Key128, block height H2, position offset
Offset2 and Balance4 is encrypted by modification order U2, obtains encrypted R-Balance4-4.
In one embodiment, the encrypted transaction received is read in credible performing environment and is decrypted by block chain node
And corresponding intelligent contract is executed, and encrypt in credible performing environment to the contract state for generating modification, be then written
It is stored in database, it is ensured that it is ciphertext except credible performing environment, with assuring data security, and credible performing environment
Within can decrypt calculation power to be handled in plain text, to make full use of CPU.
When block chain node encrypts contract state according to public keys and impact factor in credible performing environment,
There are the cryptographic means of plurality of optional, can use for reference scrambling solutions in the related technology.Two kinds may be used below
Scrambling solutions introduced.
In one embodiment, block chain node can be by GCM (Galois/Counter Mode) algorithm to above-mentioned conjunction
About state is encrypted;Alphabetical G in GCM represent GMAC (Galois message authentication code mode,
Galois Message Authentication Code), letter C represent CTR (CounTeR counter mode).The input of GCM algorithm includes 3 parts: to be added
Ciphertext data, symmetric key and initialization vector (IV, Initialization Vector), can will be above-mentioned in this specification
Contract state as be-encrypted data, using above-mentioned public keys as symmetric key needed for GCM algorithm, by above-mentioned influence
The factor is as initialization vector needed for GCM algorithm, to encrypt to contract state, generates contract shape after corresponding encryption
State and corresponding check code, the check code can be used for verifying the integrality of contract state after encryption.
Therefore, block chain node, can be by contract state phase after check code and encryption in contract state after storage encrypts
Database is associatedly written.So, when contract state is decrypted after subsequent for encryption, if decryption failure can pass through
Check code verifies contract state after encryption: when verifying successfully, show that the data of contract state after encrypting are complete, it should
It is that failure, such as the key or impact factor mistake that input are decrypted as caused by other factors;When verifying failure, show to encrypt
The data of contract state are imperfect afterwards.
In another embodiment, block chain node can generate derivative key according to public keys and impact factor, such as
Hash operation or other operations will be carried out after public keys and impact factor splicing, to obtain derivative key;Then, block chain link
Point can encrypt contract state according to derivative key, generate contract state after encryption.
In one embodiment, public keys is stored in the enclosure on block chain node.Since only CPU is able to access that enclosure
The public keys of interior storage ensures that and adds so that the public keys safe enough, can not theoretically be obtained by criminal
The safety of contract state after close.
Public keys can be by block chain node by extremely should after remote proving by Key Management server (KMS) distribution
Block chain node;Alternatively, public keys can be by negotiating to obtain between each node in block chain network;Alternatively, can pass through
Other modes obtain public keys, and this specification is limited not to this.
Based on above-mentioned approach obtain key can and non-public key.For example, the key that above-mentioned channel obtains can be
Security key, and the security key may be implemented it is version evolving, thus develop obtain above-mentioned public keys.In other words, above-mentioned
Public keys can be indicated release security key;Wherein, in the security key of adjacent version, the safety of lowest version is close
Key is irreversibly calculated by the security key of highest version, and for example the security key of highest version is root key (root
Key), and the security key of other versions is directly or indirectly irreversibly calculated by root key.Such as the safety of lowest version
Key carries out Hash operation with presupposed information by the security key of highest version and obtains, then due to the characteristic of Hash operation, so that
The security key of lowest version can not backstepping go out the security key of highest version, facilitate so real by the version evolution of security key
Now to the replacement of public keys, and avoid using identical public keys for a long time.It, can be with also, when replacing public keys
The version of key is always above the version for replacing preceding key after ensuring to replace, to ensure: on the one hand, even if previously used key
It leaks, the key of highest version can also be changed to and stopped loss in time;On the other hand, as long as possessing the key of highest version, i.e.,
Can develop to obtain the key of lowest version, the key being previously used is compatible with, thus to the contract state of preceding encryption into
Row decryption.
Version evolving rule between security key can be with are as follows: adjacent highest version key and adjacent lowest version key pair
The version number answered carries out Hash operation, obtains adjacent lowest version key.For example, deriving version number if necessary is respectively 0
The key of~255 256 versions can breathe out root key with version number 0xFF (corresponding decimal system value is 255)
It is uncommon to calculate, obtain the key key-255 that version number is 255;By by key key-255 and version factor 0xFE (corresponding ten
System value is 254) to carry out Hash calculation, obtains the key key-254 that version number is 254;... by by key key-1 with
Version factor 0x00 (corresponding decimal system value is 0) carries out Hash calculation, obtains the key key-0 that version number is 0.Due to breathing out
The characteristic of uncommon algorithm so that the calculating between highest version key and lowest version key is irreversible, such as can by key key-1 with
Version factor 0x00 is calculated key key-0, but can not by key key-0 with version factor 0x00 is counter releases key
key-1.Therefore, the security key of a certain version can be selected, and is set to public keys used in block chain node,
For contract state to be encrypted.
As previously mentioned, block chain node encrypts contract state according to public keys and impact factor, to be added
Contract state after close.If public keys and impact factor are fixed value, only need public keys, impact factor point
It is not stored separately in enclosure;But if public keys or impact factor have dynamic value, i.e., for different conjunctions
When about state is encrypted, it is therefore possible to use different public keys or impact factor, then should storage encryption after contract shape
When state, to public keys, the impact factor or for showing that the information of its value is associated storage accordingly used, in order to
Subsequent implementation decryption oprerations.
It is assumed that the value of impact factor the factor and encryption there are dynamic change, can be will affect after contract state in association
Database is written.Such as shown in Fig. 8, block chain node with the form of key-value pair (key-value) to contract state after encryption into
Row storage.The value of Key can be determined with reference to mode in the related technology, such as key=hash (RLP (value)), i.e. key
Value be RLP (Recursive Length Prefix, recursion length prefix) coding after value cryptographic Hash.And
The component part of value may include: contract state, check value and impact factor after encryption.Contract state can be by upper after encryption
The mode in embodiment is stated, is encrypted to obtain according to public keys and impact factor.And when using such as GCM algorithm or other
When Encryption Algorithm implements encryption, check value can also be obtained;Certainly, if there is no check value, then can not be wrapped in value
Containing check value.And the value of impact factor is there are a variety of situations described above, with impact factor includes simultaneously block height in Fig. 8
For degree, transaction offset and modification order, i.e., impact factor by the block height of block " trade locating ", " transaction is locating
Position offset in block " and " contract state intelligent contract be performed by modification order " constitute.
Based on embodiment shown in Fig. 8, block chain node, can be from the key-value pair after reading this key-value pair
Impact factor needed for obtaining decryption in value, so that contract state after encryption be decrypted in conjunction with public keys.And one
In a little scenes, impact factor can be encrypted, for example memory phase by block chain node in TEE to impact factor into
Row encryption, so that include encrypted impact factor in value, rather than the impact factor of plaintext version;Correspondingly, it is reading such as
After key-value pair shown in Fig. 8, the impact factor for directly obtaining plaintext version will be unable to, can further be promoted to contract after encryption
The decryption threshold of state promotes safety.
Block chain node can encrypt impact factor using arbitrary key.Although can also be using above-mentioned public
Key pair impact factor is encrypted, but in order to increase the diversity of key, promote safety, it can be public using being different from
Other key pair impact factors of key are encrypted.For example, when public keys is the key of aforementioned a certain version, to influence
The key that the factor is encrypted can be another version, to be different from public keys;For example, version number can be used for 0
Minimum version key pair impact factor is encrypted, and the version number of public keys can be set to be naturally larger than 0.
There may be version informations for public keys, and for example public keys is the security key of above-mentioned a certain version.Block chain
Node can include the version letter of public keys in value when the key-value pair of contract state after for encryption is stored
Breath, the especially public keys that uses of block chain node are there are in the case where version updating, the version of currently employed public keys
This may be different from the history public keys that contract state is used in encryption after previously stored encryption, thus institute in value
The key that the version information contained uses needed for block chain node can be helped accurately to choose.Such as shown in Fig. 9, reality shown in Fig. 8
On the basis of applying example, information field may include in the value of key-value pair, which can further include version letter
Subfield is ceased, which is used to record the version information of public keys.
Wherein, it after block chain node can encrypt version information, is added in value, rather than uses plaintext shape
Formula recording version information.Key for encrypting to version information can be public keys, or be different from public keys its
His key, such as similar with impact factor above-mentioned, can use version number for 0 minimum version key pair version information
It is encrypted.
In conclusion this specification encrypts contract state according to public keys and impact factor, compared to simple
It is encrypted using public keys, the randomness of contract state after encryption can be increased by impact factor, to promote data peace
Quan Xing.
Figure 10 is a kind of schematic configuration diagram for equipment that an exemplary embodiment provides.Referring to FIG. 10, in hardware view,
The equipment includes processor 1002, internal bus 1004, network interface 1006, memory 1008 and nonvolatile memory
1010, it is also possible that hardware required for other business certainly.Processor 1002 is read from nonvolatile memory 1010
Then corresponding computer program is run into memory 1008, formed on logic level and realize dynamic encryption based on block height
Device.Certainly, other than software realization mode, other realization sides are not precluded in this specification one or more embodiment
Formula, such as logical device or the mode of software and hardware combining etc., that is to say, that the executing subject of following process flow is simultaneously unlimited
Due to each logic unit, it is also possible to hardware or logical device.
Figure 11 is please referred to, in Software Implementation, should realize that the device of dynamic encryption may include: based on block height
Decryption unit 1101 decrypts the transaction received in credible performing environment, with the corresponding intelligence of the determination transaction
It can contract;
Execution unit 1102 executes the intelligent contract in credible performing environment, make include in the intelligent contract
Contract state is modified;
Encryption unit 1103 carries out the contract state according to public keys and impact factor in credible performing environment
Encryption, wherein the impact factor includes the block height of block locating for the transaction;
Storage unit 1104, for contract state write-in database after encrypting.
Optionally, the impact factor further includes at least one of: positional shift of the transaction in locating block
Amount, the contract state the intelligent contract be performed by modification order.
Optionally, database is written with contract state after the encryption in the impact factor in association.
Optionally, it is related to contract state after the encryption after the impact factor is encrypted in credible performing environment
Connection ground write-in database.
Optionally, encryption unit 1103 is specifically used for:
Using the public keys as symmetric key needed for GCM algorithm, using the impact factor as needed for GCM algorithm
Initialization vector, the contract state is encrypted by GCM algorithm, generates after the encryption contract state and corresponding
Check code;Wherein, database is written with contract state after the encryption in the check code in association.
Optionally, encryption unit 1103 is specifically used for:
Derivative key is generated according to the public keys and the impact factor;
The contract state is encrypted according to the derivative key, generates contract state after the encryption.
Optionally, the public keys includes: the security key of indicated release;Wherein, in the security key of adjacent version
In, the security key of lowest version is irreversibly calculated by the security key of highest version.
Optionally, the security key of highest version is root key, and the security key of other versions is directly or indirectly by described
Root key is irreversibly calculated.
Optionally, data are written with contract state after the encryption in the version information of the public keys in association
Library.
Optionally, it after the version information of the public keys is encrypted in credible performing environment, and is closed after the encryption
About database is written in state in association.
System, device, module or the unit that above-described embodiment illustrates can specifically realize by computer chip or entity,
Or it is realized by the product with certain function.A kind of typically to realize that equipment is computer, the concrete form of computer can
To be personal computer, laptop computer, cellular phone, camera phone, smart phone, personal digital assistant, media play
In device, navigation equipment, E-mail receiver/send equipment, game console, tablet computer, wearable device or these equipment
The combination of any several equipment.
In a typical configuration, computer includes one or more processors (CPU), input/output interface, network
Interface and memory.
Memory may include the non-volatile memory in computer-readable medium, random access memory (RAM) and/or
The forms such as Nonvolatile memory, such as read-only memory (ROM) or flash memory (flash RAM).Memory is computer-readable medium
Example.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method
Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data.
The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves
State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable
Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM),
Digital versatile disc (DVD) or other optical storage, magnetic cassettes, disk storage, quantum memory, based on graphene
Storage medium or other magnetic storage devices or any other non-transmission medium, can be used for storing can be accessed by a computing device
Information.As defined in this article, computer-readable medium does not include temporary computer readable media (transitory media),
Such as the data-signal and carrier wave of modulation.
It should also be noted that, the terms "include", "comprise" or its any other variant are intended to nonexcludability
It include so that the process, method, commodity or the equipment that include a series of elements not only include those elements, but also to wrap
Include other elements that are not explicitly listed, or further include for this process, method, commodity or equipment intrinsic want
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including described want
There is also other identical elements in the process, method of element, commodity or equipment.
It is above-mentioned that this specification specific embodiment is described.Other embodiments are in the scope of the appended claims
It is interior.In some cases, the movement recorded in detail in the claims or step can be come according to the sequence being different from embodiment
It executes and desired result still may be implemented.In addition, process depicted in the drawing not necessarily require show it is specific suitable
Sequence or consecutive order are just able to achieve desired result.In some embodiments, multitasking and parallel processing be also can
With or may be advantageous.
The term that this specification one or more embodiment uses be only merely for for the purpose of describing particular embodiments, and
It is not intended to be limiting this specification one or more embodiment.In this specification one or more embodiment and the appended claims
Used in the "an" of singular, " described " and "the" be also intended to including most forms, unless context understands earth's surface
Show other meanings.It is also understood that term "and/or" used herein refers to and includes one or more associated list
Any or all of project may combine.
It will be appreciated that though this specification one or more embodiment may using term first, second, third, etc. come
Various information are described, but these information should not necessarily be limited by these terms.These terms are only used to same type of information area each other
It separates.For example, the first information can also be referred to as in the case where not departing from this specification one or more scope of embodiments
Two information, similarly, the second information can also be referred to as the first information.Depending on context, word as used in this is " such as
Fruit " can be construed to " ... when " or " when ... " or " in response to determination ".
The foregoing is merely the preferred embodiments of this specification one or more embodiment, not to limit this theory
Bright book one or more embodiment, all within the spirit and principle of this specification one or more embodiment, that is done is any
Modification, equivalent replacement, improvement etc. should be included within the scope of the protection of this specification one or more embodiment.