CN110750762A - Blockchain-based open source software right confirmation method and system - Google Patents

Blockchain-based open source software right confirmation method and system Download PDF

Info

Publication number
CN110750762A
CN110750762A CN201911000670.2A CN201911000670A CN110750762A CN 110750762 A CN110750762 A CN 110750762A CN 201911000670 A CN201911000670 A CN 201911000670A CN 110750762 A CN110750762 A CN 110750762A
Authority
CN
China
Prior art keywords
project
code
developer
source software
block chain
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911000670.2A
Other languages
Chinese (zh)
Other versions
CN110750762B (en
Inventor
王涛
王怀民
张迅晖
曾求兵
余跃
张洋
史佩昌
范强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
National University of Defense Technology
Original Assignee
National University of Defense Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by National University of Defense Technology filed Critical National University of Defense Technology
Priority to CN201911000670.2A priority Critical patent/CN110750762B/en
Publication of CN110750762A publication Critical patent/CN110750762A/en
Application granted granted Critical
Publication of CN110750762B publication Critical patent/CN110750762B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

一种基于区块链的开源软件确权方法及其系统,在开源软件区块链服务平台上,初始化一个区块链服务,并部署用于区块链网络中各节点传递贡献信息的智能合约。开源软件区块链服务平台依请求完成项目的创建并生成对应的软件仓库。各项目开发者客户端进行代码克隆,将软件仓库中的代码信息复制到各项目开发者客户端,并完成网络接入。项目开发者完成代码提交,开源软件区块链服务平台根据项目开发者的贡献代码量完成权益分配,实现对项目开发者对应的贡献信息的权益确认。本发明可以将开源软件项目开发过程中各项目开发者的代码贡献情况以不可篡改的形式记录到区块链网络中,从而实现对各项目开发者的代码贡献量到权益的转化,并形成有效的保护。

Figure 201911000670

A blockchain-based open-source software right confirmation method and system. On the open-source software blockchain service platform, a blockchain service is initialized, and a smart contract for each node in the blockchain network to transmit contribution information is deployed. . The open source software blockchain service platform completes the creation of the project and generates the corresponding software warehouse according to the request. The developer client of each project performs code cloning, copies the code information in the software warehouse to the developer client of each project, and completes network access. The project developer completes the code submission, and the open source software blockchain service platform completes the distribution of rights and interests according to the amount of code contributed by the project developer, and realizes the confirmation of the rights and interests of the contribution information corresponding to the project developer. The invention can record the code contribution of each project developer in the open source software project development process in the block chain network in a non-tamperable form, so as to realize the conversion of the code contribution to the rights and interests of each project developer, and form an effective protection of.

Figure 201911000670

Description

基于区块链的开源软件确权方法及其系统Blockchain-based open source software right confirmation method and system

技术领域technical field

本申请涉及区块链应用技术领域,特别是涉及一种基于区块链的开源软件确权方法及其系统。The present application relates to the field of blockchain application technology, in particular to a blockchain-based open source software right confirmation method and system.

背景技术Background technique

开源软件的运作机理是在承认传统著作权的基础上,在不同种类许可证制度下公开程序源代码使公众得以开发和利用。目前的开源许可证主要有6种,分别为:LGPL、Mozilla、GPL、BSD、MIT、Apache,这6中许可证分别对修改代码后是否可闭源、新增代码是否采用同样的许可证、是否需要对源代码修改提供说明文档、每一个修改的文件是否都需要放置版权说明以及衍生软件广告是否可用本名促销进行了限定。但实际上使用软件许可证限制开源软件的传播还存在很多缺陷,主要问题如下:The operating mechanism of open source software is to open the source code of the program under different types of license systems on the basis of recognizing the traditional copyright, so that the public can develop and use it. There are currently six main types of open source licenses, namely: LGPL, Mozilla, GPL, BSD, MIT, and Apache. These six licenses respectively determine whether the modified code can be closed source, whether the new code adopts the same license, Whether it is necessary to provide documentation for source code modification, whether each modified file needs to place a copyright notice, and whether derivative software advertisements can be limited by the promotion of their own name. But in fact, there are still many flaws in the use of software licenses to restrict the spread of open source software. The main problems are as follows:

1、存在大量非代码类软件制品。目前对于软件确权主要关注与软件代码本身,但实际上在开源软件发展过程中,存在大量过程制品,例如:issue、comment等,其中不乏大量对软件发展有重大影响的过程制品,对于这些非代码类的软件制品,开源许可证没有涵盖在内。1. There are a large number of non-code software products. At present, the software code itself is mainly concerned with the confirmation of software rights, but in fact, in the development process of open source software, there are a large number of process products, such as: issues, comments, etc., among which there are a large number of process products that have a significant impact on software development. Code-like software products that are not covered by open source licenses.

2、多种多样的利益相关者。在开源软件发展过程中,存在多种利益相关者,包括:软件创建初期的核心开发人员,群体开放参与过程中的内容贡献者、投资者以及传播者,以及项目成型后的软件使用者。多种利益相关者使得现有方法很难对每个参与者进行权益的确认。2. Diverse stakeholders. In the process of open source software development, there are various stakeholders, including: core developers in the early stage of software creation, content contributors, investors and communicators in the process of group open participation, and software users after the project is formed. Multiple stakeholders make it difficult for existing methods to confirm the stake of each participant.

3、代码引用频繁,关系复杂。在软件开发中,涉及到对已有API的调用,新API可能是在已有API的基础上进行封装得到的。对于开源许可证来说,很难在庞大的开源生态中形成关联关系网络,进而就难以对所有代码溯源,实现确权。3. Code references are frequent and the relationship is complex. In software development, calls to existing APIs are involved, and new APIs may be encapsulated on the basis of existing APIs. For open source licenses, it is difficult to form a network of associations in the huge open source ecosystem, and it is difficult to trace the source of all codes and realize rights confirmation.

4、粗粒度指示。对于开源许可证来说,主要是项目或者文件级别的指示,但在实际编码过程中,存在大量方法级别的复用。这样现有的开源许可证方法不适用更细粒度的软件确权。4. Coarse-grained indication. For open source licenses, it is mainly a project or file-level indication, but in the actual coding process, there is a lot of method-level reuse. As such, the existing open source licensing approach does not apply to more fine-grained software confirmation.

5、未知的侵权风险。在开源项目的使用过程中,由于开发者对不同类型的开源许可证不了解,或者因为没有认真查看复用软件的开源许可证,很可能带来无意识的侵权。5. Unknown infringement risk. In the process of using open source projects, because developers do not understand different types of open source licenses, or because they do not carefully check the open source licenses of reused software, it is likely to cause unintentional infringement.

由于开源许可证的缺陷,实际上大量开源软件开发的侵权行为并没有被发现,这在一定程度上导致贡献者的贡献行为受到损害,使开源软件和开源生态的快速发展受到制约。Due to the defects of the open source license, in fact, a large number of infringements in the development of open source software have not been discovered, which to a certain extent leads to the damage to the contribution behavior of contributors and restricts the rapid development of open source software and the open source ecosystem.

目前在该领域还没有完全相关的工作,尽管美国的Digital Guardian公司,中国的安妮股份公司等已经在数字确权领域有了相关研究,其主要还是面向数据隐私保护。相比而言,开源软件还涉及到代码的传播以及软件的使用,因此更加多元复杂。At present, there is no fully related work in this field. Although Digital Guardian in the United States and Annie Co., Ltd. in China have already conducted relevant research in the field of digital rights confirmation, they are mainly oriented to data privacy protection. In contrast, open source software also involves the dissemination of code and the use of software, so it is more diverse and complex.

发明内容SUMMARY OF THE INVENTION

针对开源软件在确权方法方面的空白,本发明提供一种基于区块链的开源软件确权方法及其系统。Aiming at the blank of open source software in terms of right confirmation method, the present invention provides a blockchain-based open source software right confirmation method and system.

为实现上述技术目的,本发明的技术方案是:For realizing the above-mentioned technical purpose, the technical scheme of the present invention is:

基于区块链的开源软件确权方法,包括:Blockchain-based open source software rights confirmation methods, including:

步骤(1),初始化区块链。Step (1), initialize the blockchain.

在开源软件区块链服务平台上,初始化一个区块链服务,并部署用于区块链网络中各节点传递贡献信息的智能合约;开源软件区块链服务平台将作为静态接入节点供区域链网络中的其他节点接入区域链网络。On the open source software blockchain service platform, initialize a blockchain service and deploy smart contracts for each node in the blockchain network to transmit contribution information; the open source software blockchain service platform will serve as a static access node for regional Other nodes in the chain network access the regional chain network.

步骤(2),项目创建。Step (2), project creation.

项目创建者客户端发送项目创建请求到开源软件区块链服务平台,开源软件区块链服务平台完成该项目的创建并生成对应的软件仓库。The project creator client sends a project creation request to the open source software blockchain service platform, and the open source software blockchain service platform completes the creation of the project and generates the corresponding software warehouse.

步骤(3),项目开发者代码克隆与网络接入。Step (3), project developer code clone and network access.

各项目开发者客户端进行代码克隆,将软件仓库中的代码信息复制到各项目开发者客户端,完成代码克隆的各项目开发者客户端连入以开源软件区块链服务平台为静态接入节点的区块链网络。The developer clients of each project perform code cloning, copy the code information in the software repository to the developer clients of each project, and the developer clients of each project who have completed the code cloning are connected to the open source software blockchain service platform as static access A blockchain network of nodes.

步骤(4),项目开发者代码提交以及权益确认。Step (4), project developer code submission and rights confirmation.

各项目开发者完成项目代码的开发后通过各自对应的客户端向开源软件区块链服务平台提交代码,将代码合并到开源软件区块链服务平台对应的软件仓库;开源软件区块链服务平台根据项目开发者的贡献代码量完成权益分配,并将项目开发者对应的贡献信息向区域链网络中的其他项目开发者客户端进行广播,其他项目开发者客户端接收到该贡献信息后,访问开源软件区块链服务平台,完成对该贡献信息的确认,从而完成对项目开发者对应的贡献信息的权益确认。After completing the development of the project code, each project developer submits the code to the open-source software blockchain service platform through their corresponding clients, and merges the code into the software warehouse corresponding to the open-source software blockchain service platform; the open-source software blockchain service platform Equity is allocated according to the amount of code contributed by the project developer, and the contribution information corresponding to the project developer is broadcast to other project developer clients in the blockchain network. After receiving the contribution information, other project developer clients access the The open source software blockchain service platform completes the confirmation of the contribution information, thereby completing the confirmation of the rights and interests of the contribution information corresponding to the project developer.

本发明中,将Trustie服务器作为开源软件区块链服务平台,通过区块链的init命令初始化一个区块链服务。In the present invention, the Trustie server is used as an open source software blockchain service platform, and a blockchain service is initialized through the init command of the blockchain.

本发明步骤(2)中,项目创建者客户端发送项目创建请求之前还包括项目创建者身份验证步骤。创建者客户端提交项目创建者的身份验证请求,Trustie服务器对接收到的身份验证请求进行身份验证处理,判断身份验证请求中携带的身份信息如项目创建者用户名和密码是否正确,如身份信息正确,则项目创建者客户端连入以Trustie服务器为接入节点的区块链网络。In step (2) of the present invention, the project creator client further includes a project creator identity verification step before sending the project creation request. The creator client submits the project creator's authentication request, and the Trustie server performs authentication processing on the received authentication request, and determines whether the identity information carried in the authentication request, such as the user name and password of the project creator, is correct. , the project creator client connects to the blockchain network with the Trustie server as the access node.

本发明步骤(2)中,所述创建项目请求携带有待创建开源软件项目名称,项目创建者客户端通过Restful API发送创建项目请求到Trustie服务器;Trustie服务器通过Restful API接收到的所述创建项目请求并对所述创建项目请求进行核实判断,判断创建项目请求中携带的项目名称是否与Trustie服务器中其他已创建的项目名称重名,如没有重名则该项目为可创建项目,则Trustie服务器完成该项目的创建并生成对应的软件仓库,同时反馈代表“创建成功”的信息给项目创建者客户端;如果未通过判断,则反馈代表“不可创建项目”的结果信息给项目创建者客户端,以便项目创建者重新确定待创建的项目名称。In step (2) of the present invention, the project creation request carries the name of the open source software project to be created, and the project creator client sends the project creation request to the Trustie server through the Restful API; the project creation request received by the Trustie server through the Restful API Verification and judgment are carried out on the project creation request, and it is judged whether the project name carried in the project creation request has the same name as other created project names in the Trustie server. If there is no overlapping name, the project can be created. The project is created and the corresponding software warehouse is generated, and the information representing "successful creation" is fed back to the project creator client; if the judgment is not passed, the result information representing "cannot create the project" is fed back to the project creator client. So that the project creator can re-determine the name of the project to be created.

本发明步骤(3)中,各项目开发者客户端接入区块链网络之前还包括项目开发者身份验证步骤。各项目开发者客户端提交项目开发者的身份验证请求,Trustie服务器对接收到的身份验证请求进行身份验证处理,判断身份验证请求中携带的身份信息如项目开发者用户名和密码是否正确,如身份信息正确,则项目开发者客户端连入以Trustie服务器为接入节点的区块链网络。In step (3) of the present invention, each project developer client also includes a project developer identity verification step before accessing the blockchain network. The client of each project developer submits the authentication request of the project developer, and the Trustie server performs authentication processing on the received authentication request, and judges whether the identity information carried in the authentication request, such as the user name and password of the project developer, is correct. If the information is correct, the project developer client is connected to the blockchain network with the Trustie server as the access node.

本发明步骤(3)中,各项目开发者客户端获取Trustie服务器中对应项目的项目名称,并通过对git服务的调用,发送代码克隆指令到Trustie服务器,Trustie服务器收到代码克隆指令后,响应各项目开发者客户端发出的代码克隆请求,通过git传输协议发送对应项目软件仓库中的代码信息到各项目开发者客户端,完成软件仓库的克隆。In step (3) of the present invention, each project developer client obtains the project name of the corresponding project in the Trustie server, and sends a code cloning instruction to the Trustie server by invoking the git service. After receiving the code cloning instruction, the Trustie server responds The code clone request sent by the client of each project developer sends the code information in the software warehouse of the corresponding project to the client of each project developer through the git transmission protocol, so as to complete the cloning of the software warehouse.

本发明步骤(4)中,权益分配的方法是:In step (4) of the present invention, the method for rights and interests distribution is:

对于任一项目开发者a,开源软件区块链服务平台记录项目开发者a每次提交的代码行数即贡献代码量,则项目开发者a在当前项目开发过程中所提交的贡献代码量总和即代表项目开发者a对当前项目的知识产权贡献量A;当前项目开发过程中所有项目开发者对该项目的贡献代码量总和即为整个项目的知识产权总贡献量B,则项目开发者a的权益为A/B。For any project developer a, the open source software blockchain service platform records the number of lines of code submitted by project developer a each time, that is, the amount of contributed code, then the sum of the amount of contributed code submitted by project developer a during the current project development process It represents the intellectual property contribution amount A of the project developer a to the current project; the total amount of code contributed by all project developers to the project during the current project development process is the total intellectual property contribution amount B of the entire project, then the project developer a The stake is A/B.

本发明步骤(4)中,贡献信息的确认方法是:In step (4) of the present invention, the confirmation method of contribution information is:

项目开发者客户端从接收到的贡献信息中获取其中包含的文本信息;项目开发者客户端向开源软件区块链服务平台通过Restful API发送贡献信息查询命令,开源软件区块链服务平台接收到文本信息后查询后台数据库,得到当前代码合并对应的代码变更信息并将代码变更信息发送给项目开发者客户端,项目开发者客户端收到该代码变更信息后,与接收到的文本信息进行比较,完成贡献信息的确认,最后将贡献信息记录到区块链上。The project developer client obtains the text information contained in the received contribution information; the project developer client sends the contribution information query command to the open source software blockchain service platform through the Restful API, and the open source software blockchain service platform receives it. After text information, query the background database to obtain the code change information corresponding to the current code merge and send the code change information to the project developer client. After receiving the code change information, the project developer client compares it with the received text information , complete the confirmation of the contribution information, and finally record the contribution information on the blockchain.

本发明步骤(4)中,各项目开发者对应的角色分为核心开发者和外围贡献者,开源软件区块链服务平台的后台数据库存储有各项目开发者对应的角色信息。本发明中代码是否可以直接提交到软件仓库是外围贡献者和核心开发者权限最直接的区别。In step (4) of the present invention, the roles corresponding to each project developer are divided into core developers and peripheral contributors, and the background database of the open source software blockchain service platform stores the role information corresponding to each project developer. Whether the code can be directly submitted to the software warehouse in the present invention is the most direct difference between the permissions of peripheral contributors and core developers.

其中核心开发者代码提交以及权益确认方法如下:The core developer code submission and rights confirmation methods are as follows:

核心开发者完成项目代码的开发后通过对应的客户端发送代码提交请求给开源软件区块链服务平台,将项目代码直接合并到开源软件区块链服务平台对应项目的软件仓库,开源软件区块链服务平台根据核心开发者的贡献代码量完成权益分配;核心开发者通过对应的客户端广播其贡献信息到区域链网络的其他项目开发者客户端,其他项目开发者客户端接收到该贡献信息后,访问开源软件区块链服务平台,完成对该贡献信息的确认,从而完成核心开发者权益确认;After the core developer completes the development of the project code, the corresponding client sends a code submission request to the open source software blockchain service platform, and the project code is directly merged into the software warehouse of the corresponding project of the open source software blockchain service platform, and the open source software block The chain service platform completes the distribution of rights and interests according to the amount of code contributed by the core developers; the core developers broadcast their contribution information to other project developer clients of the blockchain network through the corresponding clients, and other project developer clients receive the contribution information After that, access the open source software blockchain service platform to complete the confirmation of the contribution information, thereby completing the confirmation of core developer rights;

其中外围开发者代码提交以及权益确认方法如下:Among them, the methods of code submission of peripheral developers and confirmation of rights and interests are as follows:

外围贡献者完成项目代码的开发后通过对应的客户端发送代码提交请求给开源软件区块链服务平台,核心开发者客户端通过开源软件区块链服务平台接受该代码请求并获取该请求中携带的代码信息,确定是否通过其代码合并请求,如确定通过该代码合并请求,则将该外围贡献者所提交的项目代码合并到开源软件区块链服务平台对应项目的软件仓库中,开源软件区块链服务平台根据该外围贡献者的贡献代码量完成权益分配,并广播其贡献信息到区域链网络的其他项目开发者客户端,其他项目开发者客户端接收到该贡献信息后,访问开源软件区块链服务平台,完成对该贡献信息的确认,从而完成外围贡献者权益确认。After the peripheral contributors complete the development of the project code, the corresponding client sends a code submission request to the open source software blockchain service platform, and the core developer client accepts the code request through the open source software blockchain service platform and obtains the code contained in the request. The code information, determine whether to pass its code merge request, if it is determined to pass the code merge request, then merge the project code submitted by the external contributor into the software warehouse of the corresponding project of the open source software blockchain service platform, open source software area The blockchain service platform completes the distribution of rights and interests according to the amount of code contributed by the peripheral contributor, and broadcasts its contribution information to other project developer clients of the blockchain network. After receiving the contribution information, other project developer clients access the open source software The blockchain service platform completes the confirmation of the contribution information, thereby completing the confirmation of the rights and interests of peripheral contributors.

本发明提供一种基于区块链的开源软件确权系统,包括:The present invention provides a blockchain-based open source software right confirmation system, including:

构建模块,用于在开源软件区块链服务平台上,初始化一个区块链服务,并部署用于区块链网络中各节点传递贡献信息的智能合约;开源软件区块链服务平台将作为静态接入节点供区域链网络中的其他节点接入区域链网络。The building module is used to initialize a blockchain service on the open source software blockchain service platform, and deploy smart contracts for each node in the blockchain network to transmit contribution information; the open source software blockchain service platform will serve as a static The access node is for other nodes in the area chain network to access the area chain network.

项目创建模块,用于接收项目创建者客户端发送项目创建请求,完成对应项目的创建并生成对应的软件仓库。The project creation module is used to receive the project creation request sent by the project creator client, complete the creation of the corresponding project and generate the corresponding software warehouse.

项目开发者代码克隆与网络接入模块,用于接收各项目开发者客户端发送的代码克隆请求,将软件仓库中的代码信息复制到各项目开发者客户端,并将完成代码克隆的各项目开发者客户端连入以开源软件区块链服务平台为静态接入节点的区块链网络。The project developer code cloning and network access module is used to receive the code cloning request sent by each project developer client, copy the code information in the software repository to each project developer client, and complete the code cloning of each project. The developer client is connected to the blockchain network with the open source software blockchain service platform as the static access node.

项目开发者代码提交以及权益确认模块,用于接收处理各项目开发者客户端的提交代码请求,将各项目开发者客户端提交的代码合并到开源软件区块链服务平台对应的软件仓库;根据项目开发者的贡献代码量完成权益分配,并将项目开发者对应的贡献信息向区域链网络中的其他项目开发者客户端进行广播,完成对项目开发者对应的贡献信息的权益确认。The project developer code submission and rights confirmation module is used to receive and process the submitted code requests from each project developer client, and merge the code submitted by each project developer client into the software repository corresponding to the open source software blockchain service platform; according to the project The developer's contribution code amount completes the equity distribution, and broadcasts the contribution information corresponding to the project developer to other project developer clients in the blockchain network to complete the equity confirmation of the contribution information corresponding to the project developer.

采用本发明可以达到以下技术效果:The following technical effects can be achieved by adopting the present invention:

本发明可以将开源软件项目开发过程中各项目开发者的代码贡献情况以不可篡改的形式记录到区块链网络中,从而实现对各项目开发者的代码贡献量到权益的转化,并形成有效的保护,进而实现传统的开源社区从权益由少数人占有的模式变为由所有项目开发者共享的模式。The invention can record the code contribution of each project developer in the open source software project development process in the blockchain network in an untamperable form, thereby realizing the conversion of the code contribution to the rights and interests of each project developer, and forming an effective Therefore, the traditional open source community has changed from the mode of rights and interests owned by a few people to the mode of sharing by all project developers.

附图说明Description of drawings

图1为本发明一个实施例的流程图。FIG. 1 is a flowchart of an embodiment of the present invention.

具体实施方式Detailed ways

为使本发明实施例的目的、技术方案和优点更加清楚明白,下面将以附图及详细叙述清楚说明本发明所揭示内容的精神,任何所属技术领域技术人员在了解本发明内容的实施例后,当可由本发明内容所教示的技术,加以改变及修饰,其并不脱离本发明内容的精神与范围。本发明的示意性实施例及其说明用于解释本发明,但并不作为对本发明的限定。In order to make the purposes, technical solutions and advantages of the embodiments of the present invention clearer, the following will clearly illustrate the spirit of the disclosed contents of the present invention with the accompanying drawings and detailed description. , when changes and modifications can be made by the technology taught by the content of the present invention, it does not depart from the spirit and scope of the content of the present invention. The exemplary embodiments of the present invention and their descriptions are used to explain the present invention, but are not intended to limit the present invention.

如图1所示,为一实施例中基于区块链的开源软件确权的构流程图。As shown in FIG. 1 , it is a structural flowchart of the blockchain-based open source software right confirmation in one embodiment.

步骤(1),初始化区块链。Step (1), initialize the blockchain.

将Trustie服务器作为开源软件区块链服务平台,通过区块链的init命令初始化一个区块链服务,并部署用于区块链网络中各节点传递贡献信息的智能合约。Trustie服务器将作为静态接入节点供区域链网络中的其他节点接入区域链网络。贡献信息中包含的文本信息有如项目开发者名称、项目代码提交时间、项目名称、所提交的项目代码、代码提交sha值、代码增删行数情况等。Using the Trustie server as an open source software blockchain service platform, initialize a blockchain service through the init command of the blockchain, and deploy a smart contract for each node in the blockchain network to transmit contribution information. The Trustie server will serve as a static access node for other nodes in the blockchain network to access the blockchain network. The text information contained in the contribution information includes the name of the project developer, the time when the project code was submitted, the project name, the submitted project code, the sha value of the code submission, and the number of lines added or deleted.

步骤(2),项目创建。Step (2), project creation.

(2.1)项目创建者身份验证;(2.1) Project creator identity verification;

项目创建者客户端提交项目创建者的身份验证请求,Trustie服务器对接收到的身份验证请求进行身份验证处理,判断身份验证请求中携带的身份信息如项目创建者用户名和密码是否正确,如身份信息正确,则项目创建者客户端连入以Trustie服务器为接入节点的区块链网络。The project creator client submits the project creator's authentication request, and the Trustie server performs authentication processing on the received authentication request, and determines whether the identity information carried in the authentication request, such as the project creator's username and password, is correct, such as identity information If it is correct, the project creator client is connected to the blockchain network with the Trustie server as the access node.

(2.2)项目创建;(2.2) Project creation;

项目创建者客户端将携带有待创建开源软件项目名称的创建项目请求通过Restful API发送到Trustie服务器。The project creator client sends the project creation request carrying the name of the open source software project to be created to the Trustie server through the Restful API.

Trustie服务器通过Restful API接收到的所述创建项目请求并对所述创建项目请求进行核实判断,判断创建项目请求中携带的项目名称是否与Trustie服务器中其他已创建的项目名称重名,如没有重名则该项目为可创建项目,则Trustie服务器完成该项目的创建并生成对应的软件仓库,同时反馈代表“创建成功”的信息给项目创建者客户端;如果未通过判断,则反馈代表“不可创建项目”的结果信息给项目创建者客户端,以便项目创建者重新确定待创建的项目名称。The Trustie server receives the project creation request through Restful API and verifies and judges the project creation request, and judges whether the project name carried in the project creation request is the same as the name of other created projects in the Trustie server. If the project is a creatable project, the Trustie server completes the creation of the project and generates the corresponding software repository, and at the same time feeds back information representing "successful creation" to the project creator client; The result information of "Create Project" is sent to the project creator client, so that the project creator can re-determine the name of the project to be created.

步骤(3),项目开发者代码克隆与网络接入。Step (3), project developer code clone and network access.

(3.1)项目开发者身份验证。(3.1) Project developer identity verification.

各项目开发者客户端提交项目开发者的身份验证请求,Trustie服务器对接收到的身份验证请求进行身份验证处理,判断身份验证请求中携带的身份信息如项目开发者用户名和密码是否正确,如身份信息正确,则项目开发者客户端连入以Trustie服务器为接入节点的区块链网络。The client of each project developer submits the authentication request of the project developer, and the Trustie server performs authentication processing on the received authentication request, and judges whether the identity information carried in the authentication request, such as the user name and password of the project developer, is correct. If the information is correct, the project developer client is connected to the blockchain network with the Trustie server as the access node.

(3.2)项目开发者代码克隆。(3.2) Project developer code clone.

各项目开发者客户端获取Trustie服务器中对应项目的项目名称,并通过对git服务的调用,发送代码克隆指令到Trustie服务器,Trustie服务器收到代码克隆指令后,响应各项目开发者客户端发出的代码克隆请求,通过git传输协议发送对应项目软件仓库中的代码信息到各项目开发者客户端,完成软件仓库的克隆。The developer client of each project obtains the project name of the corresponding project in the Trustie server, and sends the code cloning instruction to the Trustie server by calling the git service. After receiving the code cloning instruction, the Trustie server responds to each project developer client. The code clone request sends the code information in the software warehouse of the corresponding project to the client of each project developer through the git transmission protocol to complete the cloning of the software warehouse.

如果克隆失败,克隆失败的原因包括网络异常、身份认证失败等,则对应项目开发者客户端终止运行,并显示git命令的返回值;如果克隆成功,则自动发送命令连入以Trustie服务器为接入节点的区块链网络,并与项目中其他开发者的客户端形成项目开发联盟,客户端会根据连接情况自动反馈是否成功连入区块链网络的结果。If the cloning fails, and the reasons for the failure include network abnormality, authentication failure, etc., the corresponding project developer client will terminate the operation, and the return value of the git command will be displayed; if the cloning is successful, the command will be automatically sent to connect to the Trustie server. Enter the blockchain network of the node, and form a project development alliance with the clients of other developers in the project. The client will automatically feedback the result of successfully connecting to the blockchain network according to the connection situation.

步骤(4),项目开发者代码提交以及权益确认。Step (4), project developer code submission and rights confirmation.

本发明将各项目开发者对应的角色分为核心开发者和外围贡献者,开源软件区块链服务平台的后台数据库存储有各项目开发者对应的角色信息。本发明中代码是否可以直接提交到软件仓库是外围贡献者和核心开发者权限最直接的区别。The present invention divides the roles corresponding to each project developer into core developers and peripheral contributors, and the background database of the open source software blockchain service platform stores the role information corresponding to each project developer. Whether the code can be directly submitted to the software warehouse in the present invention is the most direct difference between the permissions of peripheral contributors and core developers.

其中核心开发者代码提交以及权益确认方法如下:The core developer code submission and rights confirmation methods are as follows:

核心开发者完成项目代码的开发后通过对应的客户端发送代码提交请求给开源软件区块链服务平台,将项目代码直接合并到开源软件区块链服务平台对应项目的软件仓库,开源软件区块链服务平台根据核心开发者的贡献代码量完成权益分配;核心开发者通过对应的客户端广播其贡献信息到区域链网络的其他项目开发者客户端,其他项目开发者客户端接收到该贡献信息后,访问开源软件区块链服务平台,完成对该贡献信息的确认,从而完成核心开发者权益确认;After the core developer completes the development of the project code, the corresponding client sends a code submission request to the open source software blockchain service platform, and the project code is directly merged into the software warehouse of the corresponding project of the open source software blockchain service platform, and the open source software block The chain service platform completes the distribution of rights and interests according to the amount of code contributed by the core developers; the core developers broadcast their contribution information to other project developer clients of the blockchain network through the corresponding clients, and other project developer clients receive the contribution information After that, access the open source software blockchain service platform to complete the confirmation of the contribution information, thereby completing the confirmation of core developer rights;

其中外围开发者代码提交以及权益确认方法如下:Among them, the methods of code submission of peripheral developers and confirmation of rights and interests are as follows:

外围贡献者完成项目代码的开发后通过对应的客户端发送代码提交请求给开源软件区块链服务平台,核心开发者客户端通过开源软件区块链服务平台接受该代码请求并获取该请求中携带的代码信息,确定是否通过其代码提交请求,如确定通过该代码提交请求,则将该外围贡献者所提交的项目代码合并到开源软件区块链服务平台对应项目的软件仓库中,开源软件区块链服务平台根据该外围贡献者的贡献代码量完成权益分配,并广播其贡献信息到区域链网络的其他项目开发者客户端,其他项目开发者客户端接收到该贡献信息后,访问开源软件区块链服务平台,完成对该贡献信息的确认,从而完成外围贡献者权益确认。After the peripheral contributors complete the development of the project code, the corresponding client sends a code submission request to the open source software blockchain service platform, and the core developer client accepts the code request through the open source software blockchain service platform and obtains the code contained in the request. If the request is submitted through the code, the project code submitted by the external contributor will be merged into the software warehouse of the corresponding project of the open source software blockchain service platform, and the open source software area The blockchain service platform completes the distribution of rights and interests according to the amount of code contributed by the peripheral contributor, and broadcasts its contribution information to other project developer clients of the blockchain network. After receiving the contribution information, other project developer clients access the open source software The blockchain service platform completes the confirmation of the contribution information, thereby completing the confirmation of the rights and interests of peripheral contributors.

其中,对于权益分配,方法是:Among them, for equity distribution, the method is:

对于任一项目开发者a,开源软件区块链服务平台记录项目开发者a每次提交的代码行数即贡献代码量,则项目开发者a在当前项目开发过程中所提交的贡献代码量总和即代表项目开发者a对当前项目的知识产权贡献量A;当前项目开发过程中所有项目开发者对该项目的贡献代码量总和即为整个项目的知识产权总贡献量B,则项目开发者a的权益为A/B。For any project developer a, the open source software blockchain service platform records the number of lines of code submitted by project developer a each time, that is, the amount of contributed code, then the sum of the amount of contributed code submitted by project developer a during the current project development process It represents the intellectual property contribution amount A of the project developer a to the current project; the total amount of code contributed by all project developers to the project during the current project development process is the total intellectual property contribution amount B of the entire project, then the project developer a The stake is A/B.

对于贡献信息的确认,方法是:For the confirmation of contributed information, the methods are:

项目开发者客户端从接收到的贡献信息中获取其中包含的文本信息;项目开发者客户端向开源软件区块链服务平台传输所述文本信息,开源软件区块链服务平台接收到文本信息后查询后台数据库,得到当前代码合并对应的代码变更信息并将代码变更信息发送给项目开发者客户端,项目开发者客户端收到该代码变更信息后,完成贡献信息的确认,最后将贡献信息记录到区块链上。The project developer client obtains the text information contained in the received contribution information; the project developer client transmits the text information to the open source software blockchain service platform, and after the open source software blockchain service platform receives the text information Query the background database to obtain the code change information corresponding to the current code merge and send the code change information to the project developer client. After the project developer client receives the code change information, it completes the confirmation of the contribution information, and finally records the contribution information onto the blockchain.

以上所述实施例仅表达了本申请的一具体实施方式,其描述较为具体和详细,但并不能因此而理解为对发明专利范围的限制。应当指出的是,对于本领域的普通技术人员来说,在不脱离本申请构思的前提下,还可以做出若干变形和改进,这些都属于本申请的保护范围。因此,本申请专利的保护范围应以所附权利要求为准。The above-mentioned embodiment only expresses a specific embodiment of the present application, and the description thereof is specific and detailed, but it should not be construed as a limitation on the scope of the invention patent. It should be pointed out that for those skilled in the art, without departing from the concept of the present application, several modifications and improvements can be made, which all belong to the protection scope of the present application. Therefore, the scope of protection of the patent of the present application shall be subject to the appended claims.

Claims (10)

1. The open source software right determining method based on the block chain is characterized by comprising the following steps:
step (1), initializing a block chain;
initializing a block chain service on an open source software block chain service platform, and deploying an intelligent contract for each node in a block chain network to transmit contribution information; the open source software block chain service platform is used as a static access node for other nodes in the area chain network to access the area chain network;
step (2), project creation;
the project creator client sends a project creation request to the open source software block chain service platform, and the open source software block chain service platform completes creation of the project and generates a corresponding software warehouse;
step (3), cloning a code of a project developer and accessing a network;
code cloning is carried out on each project developer client, code information in the software warehouse is copied to each project developer client, and each project developer client which completes code cloning is connected to a block chain network which takes an open source software block chain service platform as a static access node;
step (4), submitting codes of the project developers and confirming rights and interests;
after completing the development of project codes, each project developer submits the codes to the open-source software blockchain service platform through the corresponding client and combines the codes into a software warehouse corresponding to the open-source software blockchain service platform; and the open-source software blockchain service platform completes rights and interests distribution according to the contribution code quantity of the project developer, broadcasts the contribution information corresponding to the project developer to other project developer clients in the local area chain network, and the other project developer clients access the open-source software blockchain service platform after receiving the contribution information to complete the confirmation of the contribution information, thereby completing rights and interests confirmation of the contribution information corresponding to the project developer.
2. The method for determining the authority of the open source software based on the block chain as claimed in claim 1, wherein in the step (1), the Trustie server is used as an open source software block chain service platform, and a block chain service is initialized through an init command of the block chain.
3. The open source software authorization method based on the block chain according to claim 2, characterized in that in step (2), before the project creator client sends the project creation request, the project creator client further comprises a project creator authentication step, the project creator client submits the project creator authentication request, the trustee server performs authentication processing on the received authentication request, and determines whether the identity information carried in the authentication request, such as the project creator user name and password, is correct, if the identity information is correct, the project creator client connects to the block chain network using the trustee server as the access node.
4. The open source software authorization method based on block chaining according to claim 3, characterized in that in step (2), the project creation request carries the name of the open source software project to be created, and the project creator client sends the project creation request to the Trustie server through restful API; the Trustie server receives the project creating request through the Restful API and verifies and judges the project creating request, whether the project name carried in the project creating request is duplicated with other created project names in the Trustie server is judged, if no duplication name exists, the project is a creatable project, the Trustie server completes the creation of the project and generates a corresponding software warehouse, and meanwhile, information representing 'successful creation' is fed back to a project creator client; if the judgment is not passed, feeding back result information representing that the project cannot be created to the project creator client so that the project creator can determine the name of the project to be created again.
5. The blockchain-based open source software authentication method according to claim 1, wherein in the step (3), before each project developer client accesses the blockchain network, a project developer identity verification step is further included; and each project developer client submits an identity authentication request of the project developer, the Trustie server performs identity authentication processing on the received identity authentication request, whether identity information carried in the identity authentication request, such as a project developer user name and a password, is correct or not is judged, and if the identity information is correct, the project developer client is connected to a block chain network which takes the Trustie server as an access node.
6. The open source software right determining method based on the block chain as claimed in claim 5, characterized in that in the step (3), each project developer client obtains the project name of the corresponding project in the Trustie server, and sends the code cloning instruction to the Trustie server by calling the git service, after receiving the code cloning instruction, the Trustie server responds to the code cloning request sent by each project developer client, and sends the code information in the corresponding project software warehouse to each project developer client through the git transmission protocol, thereby completing the cloning of the software warehouse.
7. The method for determining the rights of the open source software based on the block chain as claimed in claim 6, wherein in the step (4), the rights and interests are allocated by:
for any project developer a, the open source software blockchain service platform records the code line number submitted by the project developer a each time, namely the contribution code quantity, and the sum of the contribution code quantity submitted by the project developer a in the current project development process represents the intellectual property contribution quantity A of the project developer a to the current project; in the current project development process, the sum of the contribution code amounts of all the project developers to the project is the total contribution amount B of the intellectual property of the whole project, and the rights and interests of the project developers a are A/B.
8. The method for determining the authority of the open source software based on the block chain according to claim 6, wherein in the step (4), the roles corresponding to the project developers are divided into a core developer and a peripheral contributor, and role information corresponding to the project developers is stored in a background database of the open source software block chain service platform;
the method for submitting the core developer code and confirming the rights and interests comprises the following steps:
after completing the development of project codes, a core developer sends a code submission request to an open-source software block chain service platform through a corresponding client, the project codes are directly merged to a software warehouse of a project corresponding to the open-source software block chain service platform, and the open-source software block chain service platform completes rights and interests distribution according to the contribution code quantity of the core developer; the core developer broadcasts the contribution information to other project developer clients of the regional chain network through the corresponding client, and after receiving the contribution information, the other project developer clients access the open-source software blockchain service platform to complete the confirmation of the contribution information, so that the rights and interests of the core developer are confirmed;
the method for submitting the codes of the peripheral developers and confirming the rights and interests comprises the following steps:
after completing the development of project codes, a peripheral contributor sends a code submission request to an open-source software blockchain service platform through a corresponding client, a core developer client receives the code request through the open-source software blockchain service platform and acquires code information carried in the request, determines whether the code combination request passes through the code combination request, if the code combination request passes through the code combination request, combines the project codes submitted by the peripheral contributor into a software warehouse of a project corresponding to the open-source software blockchain service platform, the open-source software blockchain service platform completes rights and interests distribution according to the contribution code quantity of the peripheral contributor and broadcasts contribution information to other project developer clients of an area chain network, and after receiving the contribution information, other project developer clients access the open-source software blockchain service platform to complete the confirmation of the contribution information, thereby completing the peripheral contributor equity validation.
9. The method for determining the authority of the open source software based on the block chain according to claim 8, wherein in the step (4), the method for confirming the contribution information is as follows:
the project developer client acquires the text information contained in the received contribution information; the project developer client sends a contribution information query command to the open source software blockchain service platform through the restful API, the open source software blockchain service platform queries the background database after receiving the text information to obtain code change information corresponding to current code combination and sends the code change information to the project developer client, the project developer client compares the code change information with the received text information after receiving the code change information to complete confirmation of the contribution information, and finally the contribution information is recorded to a blockchain.
10. Open source software right confirming system based on block chains is characterized by comprising:
the system comprises a building module, a block chain service module and a block chain management module, wherein the building module is used for initializing a block chain service on an open source software block chain service platform and deploying an intelligent contract used for transmitting contribution information by each node in a block chain network; the open source software block chain service platform is used as a static access node for other nodes in the area chain network to access the area chain network;
the project creation module is used for receiving a project creation request sent by a project creator client, completing the creation of a corresponding project and generating a corresponding software warehouse;
the system comprises a project developer code cloning and network access module, a block chain network and a software database, wherein the project developer code cloning and network access module is used for receiving a code cloning request sent by each project developer client, copying code information in a software warehouse to each project developer client, and connecting each project developer client which completes code cloning into the block chain network with an open-source software block chain service platform as a static access node;
a project developer code submission and rights and interests confirmation module; the system comprises a code submitting module, a code receiving module, a code submitting module, a code merging module and a software warehouse, wherein the code submitting module is used for receiving and processing a code submitting request of each project developer client and merging codes submitted by each project developer client to the software warehouse corresponding to the open source software block chain service platform; and completing rights and interests distribution according to the contribution code quantity of the project developer, broadcasting the contribution information corresponding to the project developer to other project developer clients in the area chain network, and completing rights and interests confirmation of the contribution information corresponding to the project developer.
CN201911000670.2A 2019-10-21 2019-10-21 Blockchain-based open source software right confirmation method and system Active CN110750762B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911000670.2A CN110750762B (en) 2019-10-21 2019-10-21 Blockchain-based open source software right confirmation method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911000670.2A CN110750762B (en) 2019-10-21 2019-10-21 Blockchain-based open source software right confirmation method and system

Publications (2)

Publication Number Publication Date
CN110750762A true CN110750762A (en) 2020-02-04
CN110750762B CN110750762B (en) 2021-09-24

Family

ID=69279113

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911000670.2A Active CN110750762B (en) 2019-10-21 2019-10-21 Blockchain-based open source software right confirmation method and system

Country Status (1)

Country Link
CN (1) CN110750762B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113268711A (en) * 2021-05-25 2021-08-17 国网山东省电力公司电力科学研究院 Transformer substation relay protection device software version management method based on Git and block chain
CN113379271A (en) * 2021-06-22 2021-09-10 中国人民解放军国防科技大学 Open source platform-oriented abandoned contribution takeover recommendation method, device and equipment
CN114693482A (en) * 2022-04-14 2022-07-01 湖南智擎科技有限公司 Online programming experiment and open source project contribution conversion method and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106408190A (en) * 2016-09-20 2017-02-15 浙江工业大学 Software project core developer evaluation method based on file association network
CN108304696A (en) * 2018-03-12 2018-07-20 黄君 Method for protecting software based on block chain and security system for software
KR20190068886A (en) * 2017-12-11 2019-06-19 엘에스웨어(주) Blockchain based Method and system for supporting open source software license compliance
CN110046480A (en) * 2019-03-29 2019-07-23 阿里巴巴集团控股有限公司 Works copyright distribution method and device based on block chain

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106408190A (en) * 2016-09-20 2017-02-15 浙江工业大学 Software project core developer evaluation method based on file association network
KR20190068886A (en) * 2017-12-11 2019-06-19 엘에스웨어(주) Blockchain based Method and system for supporting open source software license compliance
CN108304696A (en) * 2018-03-12 2018-07-20 黄君 Method for protecting software based on block chain and security system for software
CN110046480A (en) * 2019-03-29 2019-07-23 阿里巴巴集团控股有限公司 Works copyright distribution method and device based on block chain

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
YIYANG BIAN,ETC: "Online Leadership for Open Source Project Success: Evidence from the GitHub Blockchain Projects", 《HTTPS://AISEL.AISNET.ORG/PACIS2018/189/》 *
崔宝江等: "区块链在软件供应链管理中的应用探索", 《保密科学技术》 *
裔隽等: "《Python机器学习实战》", 28 February 2018 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113268711A (en) * 2021-05-25 2021-08-17 国网山东省电力公司电力科学研究院 Transformer substation relay protection device software version management method based on Git and block chain
CN113268711B (en) * 2021-05-25 2022-03-08 国网山东省电力公司电力科学研究院 Transformer substation relay protection device software version management method based on Git and block chain
CN113379271A (en) * 2021-06-22 2021-09-10 中国人民解放军国防科技大学 Open source platform-oriented abandoned contribution takeover recommendation method, device and equipment
CN114693482A (en) * 2022-04-14 2022-07-01 湖南智擎科技有限公司 Online programming experiment and open source project contribution conversion method and device
CN114693482B (en) * 2022-04-14 2024-04-16 湖南智擎科技有限公司 Online programming experiment and open source project contribution conversion method and device

Also Published As

Publication number Publication date
CN110750762B (en) 2021-09-24

Similar Documents

Publication Publication Date Title
CN110620810B (en) Non-linked ownership of continuous asset transfer over blockchain
US10476847B1 (en) Systems, methods, and devices for implementing a smart contract on a distributed ledger technology platform
CN110278462B (en) A blockchain-based mobile screening authorization management method
WO2018024062A1 (en) Copyright authorisation management method and system
US10628578B2 (en) Systems and methods for determining trust levels for computing components using blockchain
CN108573381B (en) Data processing method and device
US7127429B2 (en) Digital contents superdistribution system and method of distributing digital contents
US20180293363A1 (en) Blockchain based software licensing enforcement
CN115485686A (en) Distributed and blockchain-based account book for data cloud services
CN110750762A (en) Blockchain-based open source software right confirmation method and system
CN112907244B (en) Data processing methods, devices, equipment and readable storage media based on blockchain
US11290294B2 (en) Collaboration hub with blockchain verification
US20240104642A1 (en) Apparatus for processing non-fungible token
US11693824B2 (en) Computer-readable recording medium recording communication program, communication method, and communication device
CN110147683A (en) Safety of image sharing platform construction method based on block chain
CN114297598B (en) User permission processing method and device
CN111124591B (en) Image transmission method, device, electronic equipment and storage medium
US20240169320A1 (en) Computer System and Methods for Managing Data, Data Access, and Data Retention
EP3142320B1 (en) Remote modification of a document database by a mobile telephone device
CN116501652B (en) Automatic testing method and system for sustainable integration based on SAAS (software as a service) system
CN109753769B (en) Software authorization method and system based on block chain
CN112163917A (en) Bill processing method, device, medium and electronic equipment based on block chain
JP2002117167A (en) Method and device for managing copyright
CA3099814C (en) Distributed ledger platform for computing applications
CN114329567A (en) Bid file generation method, verification method, electronic device and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant