Detailed Description
The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the present invention are shown in the drawings.
It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The present application will be described in detail below with reference to the embodiments with reference to the attached drawings.
Fig. 1 is a flowchart of a method for issuing a certificate of correspondence according to an embodiment of the present invention. As shown in fig. 1, in this embodiment, the present invention provides a method for issuing a passport, including:
s12: sending first request information for acquiring public information to each block link point according to a preconfigured node scanning rule, and receiving and storing the public information generated and returned by each block link point; wherein the public information comprises the address of the corresponding node;
s14: screening out a plurality of air-drop target nodes according to each public information and a pre-configured air-drop rule;
s16: and generating air-drop transactions for issuing a plurality of certificates to each air-drop target node, and broadcasting each air-drop transaction to each block link point.
Specifically, public information is used as an address of a corresponding node; scanning is started for zero adjustment every day according to a preconfigured node scanning rule, and the scanning is only performed once; the pre-configured airdrop rule is an example that all scanned nodes are taken as airdrop target nodes, and the number of the certificates issued to each airdrop target node is consistent; suppose that the current year is 2000, 1 month, 1 day, zero adjustment;
in step S12, the credential issuance server sends first request information for obtaining public information to each block link point according to the preconfigured node scanning rule, and receives and stores the public information generated and returned by each block link point; the scanning is started at zero point and once every day according to the preconfigured node scanning rule, so that the certificate issuing server sends first request information for acquiring the address according to each block chain link point, and receives and stores the address of the corresponding node generated and returned by each block chain link point;
in step S14, the passport issuance server screens out a plurality of airdrop target nodes according to each public information and the preconfigured airdrop rule; the pre-configured airdrop rule is to airdrop all the scanned nodes, and the number of the certificates issued to each airdrop target node is consistent, so that the certificate issuing server screens all the scanned nodes corresponding to the address of the node as the airdrop target node;
in step S16, the certification issuing server generates the airdrop transactions in which the number of certificates issued to each airdrop target node is uniform, and broadcasts each airdrop transaction to each tile link point.
The above embodiment takes the public information as the address of the corresponding node; scanning is started for zero adjustment every day according to a preconfigured node scanning rule, and the scanning is only performed once; the preset airdrop rule is an exemplary explanation of the method for issuing the certificates for the example that all scanned nodes are taken as the airdrop target nodes, and the number of the certificates issued by each airdrop target node is consistent.
In more embodiments, the public information may be configured as the public key information of the corresponding node according to actual requirements, so that the same technical effect can be achieved.
In further embodiments, the preconfigured node scanning rule may configure different scanning periods according to actual requirements, for example, once the scanning process is started to be circulated all the time, or configure to scan each time after the scanning is finished for a certain time period (for example, scan each time after 2 hours after the scanning is finished), and the same technical effect may be achieved.
In further embodiments, the preconfigured airdrop rule may also be configured according to actual requirements to use several of all scanned nodes as airdrop target nodes, for example, randomly extracting 50% of all scanned nodes as airdrop nodes; the pre-configured airdrop rule can also be configured according to actual requirements, so that the number of the certificates issued by different airdrop target nodes is different, for example, the synchronized block height information of the airdrop target node is obtained, and the configured synchronized block height is positively correlated with the number of the issued certificates, so that the same technical effect can be achieved.
The embodiment stimulates the user to deploy the public link node by the method of issuing the certificate to the public link node, thereby enhancing the robustness of the public link.
Fig. 2 is a flowchart of step S12 in a preferred embodiment of the method shown in fig. 1. As shown in fig. 2, in a preferred embodiment, step S12 includes:
s122: sending first request information for acquiring public information and an IP address list of each second node connected with the first node to each connected first node according to a preconfigured node scanning rule so that each first node respectively generates the public information and the IP address list and returns the public information and the IP address list;
s124: receiving public information and an IP address list which are generated and returned by each first node;
s126: judging whether a third node which does not send the first request information is scanned according to each received IP address list: if yes, sending first request information to the third node for the third node to generate and return public information and an IP address list; and circulating the current step until the judgment is negative.
Specifically, it is assumed that the first node connected to the credential issuance server is only node a, each node connected to node a is node B, node C, and node D, each node connected to node B is node a and node C, each node connected to node C is node a and node B, and each node connected to node D is node a;
the public information of the node A is addr (A), and the IP address list of each second node connected with the node A is IP _ B, IP _ C, IP _ D;
the public information of the node B is addr (B), and the IP address list of each second node connected with the node B is IP _ A, IP _ C;
the public information of the node C is addr (C), and the IP address list of each second node connected with the node C is IP _ A, IP _ B;
the public information of the node D is addr (D), and the IP address list of each second node connected with the node D is IP _ A;
in step S122, the credential issuance server sends first request information for acquiring the public information and the IP address list of each second node connected to the node a according to the preconfigured node scanning rule, and the node a generates and returns the public information addr (a) and the IP address list IP _ B, IP _ C, IP _ D;
in step S124, the credential issuance server receives addr (a) and the IP address list IP _ B, IP _ C, IP _ D generated and returned by the node a;
in step S126, the credential issuance server determines whether a third node that does not transmit the first request information is scanned according to the received IP address list IP _ B, IP _ C, IP _ D:
since the node connected to the passport issue server is node a, the passport issue server is only locally IP _ a, and the IP address in the received IP address list is IP _ B, IP _ C, IP _ D, the nodes (node B, node C, node D) that do not send the first request information are scanned; the method comprises the steps that a certification issuing server sends first request information to a node B, a node C and a node D, the node B generates and returns public information addr (B) and an IP address list IP _ A, IP _ C, the node C generates and returns public information addr (C) and an IP address list IP _ A, IP _ B, and the node D generates and returns public information addr (D) and an IP address list IP _ A;
since the certification issuing server has the local IP _ A, IP _ B, IP _ C, IP _ D and the IP address in the received IP address list is IP _ A, IP _ B, IP _ C, IP _ D, the node which does not send the first request information is not scanned, and the loop ends.
In further embodiments, if the credential issuance server stores the IP address list and the public information of the connected node, the method may be configured to:
sending first request information for acquiring public information of each second node connected with the first node and an IP address list of each second node connected with the first node to each connected first node according to a preconfigured node scanning rule so that each first node respectively generates and returns the public information and the IP address list of each connected second node;
receiving public information and an IP address list which are generated and returned by each first node;
judging whether a third node which does not send the first request information is scanned according to each received public information or IP address list: if yes, sending first request information to the third node, so that the third node respectively generates and returns public information and an IP address list; and circulating the current step until the judgment is negative.
Specifically, the certificate issuing server sends first request information for acquiring public information of each second node connected to the node a and an IP address list of each second node connected to the node a according to a preconfigured node scanning rule, and the node a generates and returns public information addr (b), addr (c), addr (D) and the IP address list IP _ B, IP _ C, IP _ D;
the certificate issuing server receives addr (B), addr (C), addr (D) and an IP address list IP _ B, IP _ C, IP _ D which are generated and returned by the node A;
the certificate issuing server judges whether a third node which does not send the first request information is scanned according to the received public information addr (B), addr (C), addr (D) or IP address list IP _ B, IP _ C, IP _ D:
because the node connected with the certificate issuing server is the node A, the certificate issuing server only stores IP _ A and addr (A) locally; since the existing embodiment explains the principle of using the IP address list for judgment, only the public address is explained here for judgment:
the public information received by the certificate issuing server is addr (B), addr (C) and addr (D), so that the nodes (node B, node C and node D) which do not send the first request information are scanned; the method comprises the steps that a certificate issuing server sends first request information to a node B, a node C and a node D, the node B generates and returns public information addr (A), addr (C) and an IP address list IP _ A, IP _ C, the node C generates and returns public information addr (A), addr (B) and an IP address list IP _ A, IP _ B, and the node D generates and returns public information addr (A) and an IP address list IP _ A;
since addr (A), addr (B), addr (C) and addr (D) exist locally in the general certificate issuing server, the IP addresses in the received IP address list are addr (A), addr (B), addr (C) and addr (D), so that the node which does not send the first request information is not scanned, and the cycle is ended.
In further embodiments, if a node joins a blockchain, that is, a transaction including an IP address of the node is generated and broadcast, and the IP address of each blockchain node is recorded on the blockchain, the method may be configured to:
and sending first request information for acquiring the public information to nodes corresponding to all IP addresses recorded on the block chain according to a preconfigured node scanning rule so that all nodes respectively generate, return and return the public information.
Specifically, the IP address recorded on the block chain is IP _ A, IP _ B, IP _ C, IP _ D;
the notification issuing server sends first request information for acquiring the public information to a node corresponding to the IP _ A, IP _ B, IP _ C, IP _ D according to a preconfigured node scanning rule, the node A corresponding to the IP _ A generates public information addr (A), the node B corresponding to the IP _ B generates public information addr (B), the node C corresponding to the IP _ C generates public information addr (C), and the node D corresponding to the IP _ D generates public information addr (D).
Fig. 3 is a flowchart of step S14 in a preferred embodiment of the method shown in fig. 1. As shown in fig. 3, in a preferred embodiment, the public information includes public key information of the corresponding node, and step S14 includes:
s142: generating a corresponding address according to the public key information of each block chain node;
s144: and screening out a plurality of air-drop target nodes according to the addresses and the pre-configured air-drop rules.
FIG. 4 is a flow diagram of a preferred embodiment of the method shown in FIG. 1. As shown in fig. 4, in a preferred embodiment, the public information further includes a synchronized block height of the corresponding node, and the method further includes:
s17: requesting to acquire verification request information of the first block from a fourth node which returns public information so that the fourth node returns first block data of the first block; wherein the first block height of the first block is not greater than the synchronized block height of the fourth node;
s18: verifying whether the fourth node returned the correct first block data for the first block:
otherwise, step S19 is executed: no pass is issued to the fourth node.
Specifically, the first block height of the first block is not greater than the synchronized block height of the fourth node, and taking the first block data as the block hash of the first block as an example, it is assumed that the fourth node is node B and the first block is block (100_ B);
in step S17, the credential issuance server requests the node B that has returned the public information to obtain the authentication request information of the block (100_ B), and the node B returns the first block data hash (100_ B) of the block (100_ B);
in step S18: the credentialing server verifies if node B returns the correct hash (100_ B):
otherwise, step S19 is executed: no pass is issued to node B.
In further embodiments, the first tile data may also be configured as other parameters for identifying the first tile, such as a tile ID configured as the first tile, which may achieve the same technical effect.
According to the embodiment, by comparing the correctness of the block data and not issuing the evidence to the public link node with the incorrect block data, the public link node deployed by the user is further stimulated to correctly participate in the construction and maintenance of the public link, and the robustness of the public link is enhanced.
Fig. 5 is a flowchart of step S14 in a preferred embodiment of the method shown in fig. 4. As shown in fig. 5, in a preferred embodiment, step S14 includes:
s146: and screening out a plurality of air-drop target nodes according to the synchronized block height corresponding to each block link point and a pre-configured air-drop rule.
Specifically, assume that the preconfigured airdrop rule is to screen a scanned node with a synchronized block height greater than 1000 as an airdrop target node; the synchronized block height of node a, node B, and node C is 1001, and the synchronized block height of node D is 500;
in step S146, since the synchronized block height of the node a, the node B, and the node C is 1001, the synchronized block height of the node D is 500, and the pre-configured air-drop rule is to screen the scanned node having the synchronized block height greater than 1000 as an air-drop target node, a plurality of air-drop target nodes are screened according to the synchronized block height corresponding to each of the block links and the pre-configured air-drop rule, where the air-drop target nodes are the node a, the node B, and the node C.
In further embodiments, the synchronized block height may be configured as other integers according to actual requirements, for example, 500, 2000; or the synchronized block height is configured as a percentage of the highest block height that is commonly known and rounded up, e.g., the highest block height is 1001, the percentage is configured as 80%, then the synchronized block height is calculated as 801; or configuring the synchronized block height as a percentage of the common highest block height and rounding up, e.g., the highest block height is 1001 and the percentage is configured as 80%, then the synchronized block height is calculated as 800, which achieves the same technical effect.
Fig. 6 is a flowchart of step S18 in a preferred embodiment of the method shown in fig. 4. As shown in fig. 6, in a preferred embodiment, step S18 includes:
s182: requesting a plurality of fifth nodes to acquire verification request information of a second block with the same height as that of the first block so that each fifth node can return second block data of the second block;
s184: receiving second block data returned by each fifth node, and identifying the second block data;
s186: and verifying whether the first block data is correct according to whether the first block data is the same as the identified second block data.
Specifically, it is assumed that the fifth nodes are node a, node C, and node D, respectively, and the second block data of the second block returned by node a, node C, and node D are the same;
in step S182, the credential issuance server requests the node a, the node C, and the node D to acquire the authentication request information of the second block having the same height as the block height of the first block, where the node a returns a hash (100_ a), the node C returns a hash (100_ C), and the node D returns a hash (100_ D);
in step S184, the credential issuing server receives the hash (100_ a), the hash (100_ C), and the hash (100_ D), and identifies the hash (100_ a), the hash (100_ C), and the hash (100_ D) together;
in step S186, it is assumed that the identified second block data is hash (100) ' (the hash (100) ' is the same as the hash (100_ a), the hash (100_ C), and the hash (100_ D)), and the certification issuing server verifies whether the first block data is correct according to whether the hash (100_ B) is the same as the hash (100) '.
In further embodiments, several fifth nodes may be configured as other nodes, for example as node a, with the same technical effect.
In more embodiments, the fifth node is easily attacked due to a mechanism of configuring the fifth node as a fixed node, if the fifth node is attacked, the block data of the fifth node is forged block data, the passport voucher issuing server issues a passport voucher to a node having the same block data as the forged block data, and the passport voucher cannot be issued to a correct node participating in the construction and maintenance of the public link; in view of the above problem, step S182 is configured to: and randomly requesting a plurality of fifth nodes to acquire the verification request information of the second block with the same height as that of the first block, so that the same technical effect can be realized.
In more embodiments, because block chain link points have trendy, different block chain link points will falsify block data together due to benefit collusion; if more nodes in the randomly selected fifth nodes are colluded nodes, the pass certificate cannot be issued to the correct nodes participating in the construction and maintenance of the public link. In order to solve the above problem, the fifth node is an official configured node, and the block data of the official configured node is non-forged block data, and the step S182 is configured to: and the verification request message of the second block with the same height as the block of the first block is requested to be acquired from the fifth nodes, so that the same technical effect can be realized.
In a preferred embodiment, when the first block data is the same as the second block data, the synchronized block height is positively correlated to the number of issued passes.
The embodiment further stimulates the user-deployed public link points to correctly participate in the construction and maintenance of the public link, and the robustness of the public link is enhanced.
Fig. 7 is a schematic structural diagram of an apparatus according to an embodiment of the present invention.
As shown in fig. 7, as another aspect, the present application also provides an apparatus 700 including one or more Central Processing Units (CPUs) 701 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)702 or a program loaded from a storage section 708 into a Random Access Memory (RAM) 703. In the RAM703, various programs and data necessary for the operation of the apparatus 700 are also stored. The CPU701, the ROM702, and the RAM703 are connected to each other via a bus 704. An input/output (I/O) interface 705 is also connected to bus 704.
The following components are connected to the I/O interface 705: an input portion 706 including a keyboard, a mouse, and the like; an output section 707 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 708 including a hard disk and the like; and a communication section 709 including a network interface card such as a LAN card, a modem, or the like. The communication section 709 performs communication processing via a network such as the internet. A drive 710 is also connected to the I/O interface 705 as needed. A removable medium 711 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 710 as necessary, so that a computer program read out therefrom is mounted into the storage section 708 as necessary.
In particular, according to an embodiment of the present disclosure, the method for issuing a passport described in any of the above embodiments may be implemented as a computer software program. For example, embodiments of the present disclosure include a computer program product comprising a computer program tangibly embodied on a machine-readable medium, the computer program comprising program code for performing a method of passport issuance. In such an embodiment, the computer program can be downloaded and installed from a network through the communication section 709, and/or installed from the removable medium 711.
As yet another aspect, the present application also provides a computer-readable storage medium, which may be the computer-readable storage medium included in the apparatus of the above-described embodiment; or it may be a separate computer readable storage medium not incorporated into the device. The computer readable storage medium stores one or more programs for use by one or more processors in performing the method of credential issuance described herein.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units or modules described in the embodiments of the present application may be implemented by software or hardware. The described units or modules may also be provided in a processor, for example, each of the described units may be a software program provided in a computer or a mobile intelligent device, or may be a separately configured hardware device. Wherein the designation of a unit or module does not in some way constitute a limitation of the unit or module itself.
The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention herein disclosed is not limited to the particular combination of features described above, but also encompasses other arrangements formed by any combination of the above features or their equivalents without departing from the spirit of the present application. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.