CN110855432B - Asynchronous BFT & DPOS consensus mechanism for assigning verifier rewards based on verifiable random functions - Google Patents

Asynchronous BFT & DPOS consensus mechanism for assigning verifier rewards based on verifiable random functions Download PDF

Info

Publication number
CN110855432B
CN110855432B CN201911049650.4A CN201911049650A CN110855432B CN 110855432 B CN110855432 B CN 110855432B CN 201911049650 A CN201911049650 A CN 201911049650A CN 110855432 B CN110855432 B CN 110855432B
Authority
CN
China
Prior art keywords
block
verifier
round
super
verification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911049650.4A
Other languages
Chinese (zh)
Other versions
CN110855432A (en
Inventor
蒋丽
黄�俊
陈彬
陈梅云
刘义
杨超
谢胜利
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong University of Technology
Original Assignee
Guangdong University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong University of Technology filed Critical Guangdong University of Technology
Priority to CN201911049650.4A priority Critical patent/CN110855432B/en
Publication of CN110855432A publication Critical patent/CN110855432A/en
Application granted granted Critical
Publication of CN110855432B publication Critical patent/CN110855432B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Abstract

The invention discloses an asynchronous BFT & DPOS consensus mechanism based on verifiable random function distribution verifier rewards, which mainly comprises the following steps: s1: initializing a system; s2: selecting a super node; s3: selecting a verifier; s4: generating a block; s5: confirming the block; s6: the distribution of the reward; s7: and switching the super nodes. The role of the verifier is introduced, the verifier enables the standby node not to be idle any more but to participate in the verification work of the block, and the verifier can enable the system to stop running by exercising the verification right at the first moment when the super node runs through the malicious attack system, so that the system based on the VBDPOS common identification mechanism can prevent the attack of the attacker on the system at the first moment, and the safety of the system is improved. Through the design of the block confirmation scheme, the VBDPOS consensus mechanism can meet the existing commercial requirements on the basis of improving the overall safety and simultaneously not reducing the performance too much.

Description

Asynchronous BFT & DPOS consensus mechanism for verifiable random function based allocation of verifier rewards
Technical Field
The invention relates to the technical field of block chains, in particular to an asynchronous BFT & DPOS consensus mechanism based on verifiable random function distribution verifier reward.
Background
The advent of the blockchain technology is called a new revolution, and the advent of the blockchain technology enables the rapid development of distributed systems and distributed applications, the blockchain technology is a combination of multiple technologies and subjects, and the most important blockchain technology in determining the quality of a blockchain distributed system is a consensus mechanism, which is a core technology for the safety and the development of the blockchain distributed system.
The blockchain system is decentralized, and nodes are distributed and parallel throughout, so a system must be designed to maintain the order and fairness of operation of the distributed system, unify the version of the blockchain, reward users who provide resource to maintain the blockchain, and punish malicious jeopardizers. Such a system must rely on some way to prove who has obtained the packaging rights (or billing rights) for a block chain and can obtain the reward of packaging the block; or who intends to do harm, a certain penalty is obtained, a system for operating the distributed system is called a consensus mechanism, the background problem of the consensus mechanism is the Byzantine problem, and in a distributed decentralized network, how to achieve consensus by nodes, keep data consistent and maintain system operation. After about 10 years of development, the blockchain is currently recognized as a POW consensus mechanism represented by bitcoin, a POS consensus mechanism represented by ether house, and a DPOS consensus mechanism represented by EOS.
Currently, the top ten commercially available blockchain distributed system named EOS is a high-performance blockchain underlying operating system developed by block.one corporation, and the consensus mechanism adopted by EOS is DPOS (trusted rights attestation) consensus mechanism. The DPOS consensus mechanism votes for 21-bit super nodes through a decentralized voting mechanism, the 21-bit super nodes representing all EOS holders to fulfill rights and obligations. The super nodes are endowed with the accounting right, collect transaction information, pack the transaction information into blocks, broadcast the blocks to other super nodes, upload the blocks to a block chain after passing verification, and obtain corresponding rewards. The DPOS (delegation rights and interests) mechanism is optimized on the basis of PoS, and producers are selected by voting to fulfill rights and obligations on their behalf instead of being determined with effort. If the producer is out of position, the producer may be voted out by the bearer at any time.
The reward distribution of the DPOS consensus mechanism of the existing EOS design is unreasonable, and the existing EOS adopts a continuous reissue mode triggered by drawing on the basis of 10 hundred million tokens, and the reissue is approximately 5% annually. The enhanced EOS tokens are used for both node awards and proposal funds, where the node awards account for one fifth, i.e. 5% of the enhanced tokens in the EOS system, with 1% of the tokens being node awards and the remaining 4% being proposal funds. The 1% node reward is divided into two rewards, namely a super node block reward and a super node and spare node ticket rate reward. The block awarding accounts for one fourth of 1%, namely 0.25% of the 5-percent EOS token increased each year is awarded to the super node as the awarding of the block, 0.75% of the 5-percent EOS token increased each year is awarded to the super node and the standby node as the winning ticket, the allocation rule of the winning ticket rate awards is that awarding allocation is carried out according to the winning ticket rate, and when the winning ticket rate is too low, the actual winning voting award of the standby node is less than 100EOS tokens, the standby node cannot obtain the voting awards.
Due to the fact that the punishment mechanism of the DPOS consensus mechanism of the existing EOS system is not timely, potential safety hazards exist in the EOS system. When a super node colludes to launch an attack on the EOS system, for example, by means of verifying false transactions, packaging false transactions, producing blocks containing these false transactions, packaging multiple blocks simultaneously, and a double-flower attack, irreparable loss is caused to the EOS system, so that the benefit of a money carrier is greatly lost.
Even if the system or the user finds the collusion behavior of the super node, the punishment on the attacker or the maintenance of the system is postpositive, even if the last money holder votes to cast the malicious attacker out of the super node, the punishment is caused on the attacker, the stability of the EOS system is maintained, but the loss caused by the attacker cannot be recovered, so that the safety of the EOS system and the benefit of the EOS system user cannot be guaranteed in time.
Disclosure of Invention
The invention provides an asynchronous BFT & DPOS consensus mechanism for distributing verifier rewards based on verifiable random functions, aiming at solving the problem that the punishment mechanism of the DPOS consensus mechanism of the EOS system in the prior art is not timely.
In order to solve the technical problems, the invention adopts the technical scheme that: an asynchronous BFT & DPOS consensus mechanism for assigning verifier rewards based on verifiable random functions, comprising the steps of:
s1, initializing a system, and in a VBDPOS consensus mechanism, an applicant who wants to become a node candidate becomes a node after applying for by submitting equipment, facilities and personnel data description and certification;
s2: selecting a super node, voting the candidate of each node by a token holder through a voting system, selecting 21 nodes with the highest votes as the super nodes according to the ranking of the votes, generating 252 blocks as one block period, updating the votes in real time when each block period starts, and updating the rankings of the super nodes and the verifiers;
s3: selecting a verifier, and applying to become the verifier when the standby node meets the following three conditions to participate in the block verification and confirmation work of the system; the three conditions are: the ticket number weight acquired by the standby node is required to be larger than the total ticket number of the system by X%, and X% is the lowest ticket number weight which can receive 100EOS rewards and is calculated in real time according to the ticket rate of the network; the standby nodes participating in verification need to lock a certain amount of EOS deposit to a specific account, and the specific account submitted by the deposit can be an appointed account of an authority or a specific account guaranteed by an intelligent contract; the verifier needs to keep a real-time communication state with all the super nodes and other verifiers continuously;
s4: the block generation is consistent with an asynchronous BFT-DPOS common identification mechanism, in a block production process, a super node can arrange a sequence to produce the blocks according to a specified algorithm, the super node which is currently responsible for block output can collect transaction information and pack the transaction information into the blocks, the packed blocks are broadcasted to other super nodes and a verifier to verify, and in the process of waiting for block confirmation, a new block can be generated at the same time; if a node has not generated a block within the last 24 hours, it will be moved out of the supernode's candidate list;
s5: the method comprises the following steps that (1) in block confirmation, other super nodes and verifiers verify a new block and broadcast verification and signature results, when the super nodes responsible for the block continuously monitor a network after broadcasting, signature confirmation of 15 super nodes and signature confirmation and credentials of more than 2/3 verifiers are collected, and the super nodes and the verifiers make different selections according to different conditions and a block confirmation scheme of a VBDPOS common identification mechanism;
s6: distributing the rewards, namely comparing a minimum certificate by nodes in the system after each round of block confirmation is completed according to a reward distribution mechanism for selecting winners based on a verifiable random function, achieving consensus on the minimum certificate, and obtaining the verification rewards of the round of block by a verifier holding the minimum certificate, namely the winners of the round of block;
s7: in the process of block generation, if the last block is not confirmed in 12 blocks belonging to the a super node, the a super node will start to produce the next block because the a super node can believe that it has not been forged. However, if the super node a finishes producing 12 blocks, when the super node B is in turn producing the blocks, the super node B will wait until it confirms that the 12 th block of the super node a has obtained the confirmation of the other 15 super nodes and the verifier, and then will follow the producing blocks.
It should be noted that step S3 may be performed simultaneously with step S4, but step S4 needs to precede step S5.
Preferably, in step S5, the number of all verifiers is set to N all And the number of 2/3 verifiers is N 2/3 The block height is the r-th round, the block generated by the r-th round is B1, the block generated by the r +1 round is B2, and the seed parameter of the r-th round is Q r The super node responsible for block output is an A super node, the number of the verifiers and the certificates received by the A super node at a certain moment is set to be X, and the specific steps of the confirmation of the VBDPOS block are as follows:
s51: block, seed parameter production and broadcast, r-1 round minimal voucher Q r I.e. the seed parameter Q of the r-th round r In the r-th round of block production process, the super nodes can arrange the blocks to be produced in sequence according to a specified algorithm, the super nodes which are currently responsible for block production can collect transaction information and pack the transaction information into the blocks, and the packed blocks B1 and the seed parameters Q of the round of blocks are obtained r The information is broadcasted to other super nodes and verifiers for verification, and a new block B2 is generated simultaneously in the process of waiting for block confirmation;
s52: the verification of the block and the generation of the certificate, the super node and the verifier in the system are on line all the time, and the network is monitoredWhen they receive the new block B1 and the seed parameter Q r Then, firstly, generating respective certificates according to an algorithm flow for selecting winners based on a verifiable random function; and then, the blocks B1 are independently verified, so that the transaction information is ensured to be correct and false.
Each super node and verifier broadcasts the block B1 of round r and its respective "signature + credential" over the network;
s53: the block B1 is confirmed by a system, the super node A continuously monitors the network after broadcasting the block B1, when signature confirmations of more than 15 super nodes and signature confirmations and certificates of more than 2/3 verifiers are collected, the super node A can be regarded that the block B1 is confirmed by the system, the super node B1 is added to a block chain, and the block B2 and the seed parameter Q of the r +1 th round produced in the past are added r+1 Broadcasting, entering block confirmation of the r +1 th round; the block B1 is confirmed by the system, because of the network delay, two different processing modes are provided, two different processing results are obtained, the normal operation of the system is ensured, and the delay is controlled within one second; the super node A can constantly judge the number of the collected signature confirmations of the super nodes, and once the number of the signature confirmations of the super nodes exceeds (includes) 15, the super node A can enter a timing state and judge the number of the collected signature confirmations of the verifiers.
Preferably, the step s53 specifically includes:
1) When entering the timing state, if X = N all The super node A can automatically compare the certificate sizes of all verifiers to obtain a minimum certificate, and the minimum certificate in the r round is the seed parameter Q of the r +1 round r+1 The super node A will add the block B1 to the block chain, and will produce the block B2 of the r +1 th round and the seed parameter Q r+1 Broadcasting, entering block confirmation of round r + 1;
2) Upon entering the timed state, N 2/3 <X<N all The A super node waits for one second and collects N at any time timed in one second all The number of signatures of each verifier is increased, and the super node A can automatically compare the sizes of the certificates of all verifiers to obtain a minimum certificateThe minimum voucher of the round r is the seed parameter Q of the round r +1 r+1 Then the super node A will add block B1 to the block chain, and will produce block B2 of round r +1 and seed parameter Q r+1 Broadcasting, entering block confirmation of the r +1 th round;
3) When entering the timing state, if X<N 2/3 The A super node waits for one second and does not collect N after one second all The number of signatures of each verifier, but when the settlement is performed after one second, the number of signatures of the verifiers that have been collected exceeds (includes) N 2/3 The super node A can automatically compare the collected certificate sizes of the verifiers to obtain a minimum certificate, and the minimum certificate of the round r is the seed parameter Q of the round r +1 r+1 Then, the super node a adds the block B1 to the block chain, and adds the block B2 of the previous round (r + 1) and the seed parameter Q r+1 Broadcast, enter chunk ack for round r + 1.
4) When entering the timing state, if X<N 2/3 The A super node waits for one second and does not collect N after one second is timed 2/3 The number of signatures of each verifier is regarded as that a problem occurs in the block chain system, and the verifier exercises the verification right to make the block unable to be confirmed, or the verifier is attacked, and the block stops production.
In the above technical solution, after the verifier is introduced at the step of block verification, the block verification is changed from the previous verification and verification requiring only 15 super nodes to the verification and verification requiring 15 super nodes and more than 2/3 verifier, and compared with the existing system based on the DPOS consensus mechanism, the security of the system based on the VBDPOS consensus mechanism is greatly improved, and the problem is that the number of verification and verification required for the current block is increased, which affects the generation of the next block in the block chain system (each block is generated on the basis of the previous block), so in the VBDPOS consensus mechanism, the scheme for verifying the block is newly designed, so that the VBDPOS consensus mechanism does not have an excessive impression on the performance of the system on the basis of improving the security of the system, because in the scheme design, the delay is controlled within one second during normal operation of the system, and the block-out efficiency is in the block chain field, which can satisfy the commercial requirement and is enough to be put into commercial use.
The verifier is forced online and forced to participate in each round of block validation, but the system will not be down due to the verifier's problem, but will continue to operate steadily. In the existing network state, one second is enough time for all nodes to finish synchronizing the same certificate, and in the process of participating in verification, the signature confirmation and the certificate of the A verifier are not received by the super node which is producing within one second, and the A verifier is regarded as being absent from the round of block confirmation. That is, if the two situations occur, the a verifier directly sends the signature and the certificate point to point without being received by the super node in production, and the signature and the verification randomly broadcasted by the a verifier are not received by the super node in production, then the a verifier is regarded as lacking the confirmation of the round block, and cannot participate in the selection of the winner in the round block production, a is deducted by 5% of the guarantee fund, the 5% of the guarantee fund is awarded to the verifier in the round, and the a verifier is rejected because the guarantee fund is insufficient, and the verification job and the verification reward obtaining cannot be participated in the next round of block period until the a resubmits the guarantee fund to obtain the verifier qualification. Regardless of what problem the a-verifier is unable to participate in the verification, the absence of the a-verifier affects the choice of the minimum credential, since the minimum credential changes due to the absence of the verifier.
Preferably, the step S6 specifically includes the following steps:
s61, the verifier condition is satisfied;
s62, generating the certificate of the verifier;
s63: the verifier participates in the verification work;
s64: the process of winner selection and verification.
In the technical scheme, the reward distribution mechanism for selecting the winners based on the verifiable random function can ensure that each turn of verifier reward distribution of the VBDPOS consensus mechanism is random and unpredictable, so that the reward distribution is fair for the verifier. In addition, each round of block verification rewards are randomly distributed, and two advantages are that the rewards are intuitive, and the block verification rewards of each round are fixed amount and cannot be reduced due to the increase of the number of verifiers. The other is that the fully randomly distributed reward is the average distribution with time attribute, so that the verifier can not participate in the block verification any more when the verifier is not drawn as a winner because of participating in the block verification, because the round number is enough and continuously participates as long as the time for participating in the verification is long enough, and the frequency of drawing as the winner of the verifier approaches the probability according to the law of large numbers.
Preferably, in step s61, at the beginning of a block period, the standby node is qualified as the verifier by satisfying the following conditions:
a: the ticket weight acquired by the standby node is required to be larger than the total ticket weight of X% of the system, and X% is the lowest ticket weight which can be calculated in real time and can receive 100EOS rewards;
b: the standby nodes participating in the verification need to lock a certain amount of EOS deposit to a specific account;
c: the verifier needs to maintain a real-time communication state with all supernodes and other verifiers continuously.
In the technical scheme, the standby node which does not meet the condition cannot obtain the reward even if the standby node participates in the verification process (sends the signature and the certificate) and is not approved by the super node and the system. There must be a certain requirement for the number of votes, since the validation does not require a too large threshold, which is a means for allocating rewards to the standby nodes from the point of view of the health consensus mechanism, and there is a certain requirement for the standby nodes in order for the rewards to be given to the contributing standby nodes.
Preferably, in step s62, the VBDPOS consensus mechanism is different from the existing DPOS consensus mechanism in that the VBDPOS has more verifiers for qualification verification and verifiers for participating in block verification in the verification step, and the VBDPOS publishes a random algorithm based on the current seed parameter, namely, a verifiable random function VRF, and a key parameter of the VRF is the private key of the user, and the private key is known only by the user himself; then, each standby node signs the seed parameters by using a private key thereof and inputs a hash function to obtain a certificate thereof; the certificate is proved through zero knowledge, and the ownership of a certain certificate can be proved on the basis of completely not revealing a private key; the credential contains 5 properties:
a: the seed parameters are continuously updated and unpredictable, so that the voucher is also continuously updated and is a random number;
B. the hash function and private key ensure that the owner of each credential is specific;
C. asymmetric key algorithms and zero knowledge proof ensure that the owner of the credential can prove ownership of the credential;
D. the voucher can not be forged;
E. the credentials are generated locally, requiring private key generation but may be validated over the network at the same time without the public private key.
Preferably, in step s63, before the new block is not published, the standby node only knows whether the standby node is a verifier or not, and cannot know whether the standby node is a winner, and only after the block is produced and verified, the verifier knows whether the standby node obtains a verification reward for the round of block verification; before the result is gone, the attacker cannot predict the credentials, does not know which credentials are the smallest, and after the result is come, the attacker cannot change the history.
Preferably, in step s64, the super node a responsible for the round of block generation sends the block to other super nodes and standby nodes, and the block sending adopts a combination of random broadcast and point-to-point transmission, so that the propagation delay is extremely low, the consensus is fast, and the verification can be performed afterwards. The verifier of the verification process broadcasts the certificate, the signature of the block, the block and the verification result generated by the block in the round to all the super nodes and the standby nodes, the nodes can continuously monitor and collect the verification result and the certificate in the confirmation process of the new block, the size of the certificate is automatically compared, the minimum certificate is selected, the verifier with the minimum certificate is the verifier of the round winning the prize, the verification reward can be obtained, the verification reward is not distributed in time, and according to the minimum certificate, the winner can obtain the reward only after knowing that the block is in an irreversible state.
Preferably, the step s64 mainly comprises the following steps:
s641: generating a public key and a private key; s642: the implementation of the signature; s643: verifying the signature; s644: updating seed parameters; s645: generating a certificate; s646: selecting a winner; s647: authentication of the credential; s648: distribution of the reward.
In the VBDPOS consensus mechanism, the verifier is a backup node that passes conditional screening, the verifier must be a backup node, and the backup node is not necessarily a verifier. The system roles are explained as follows, user: initiating a transaction, and voting out a standby node and a super node; the super node: collecting transaction information, packaging the transaction information into a block, broadcasting the block to other super nodes, uploading the block to a block chain after verification, and obtaining corresponding rewards; and (3) standby nodes: if the ticket number of the standby node enters the front 21 after one round of block production is started, the standby node becomes the super node, the right of the super node is exercised, the obligation of the super node is completed, and the benefit of the super node is obtained; and (3) verifier: the new verification authority is the spare node meeting the condition, participates in the verification of the block confirmation, and participates in the distribution of the verification reward.
Compared with the prior art, the beneficial effects are:
the VBDPOS consensus mechanism introduces the role of a verifier on the basis of a super node and a spare node of the existing DPOS consensus mechanism, the spare node meeting specific requirements becomes the verifier, the role of the verifier is introduced to ensure that the spare node is not idle any more and can participate in verification work of a block, and the verifier can stop running the system by exercising verification right at the first moment when the super node is communicated with a malicious attack system, so that the system based on the VBDPOS consensus mechanism can prevent an attacker from attacking the system at the first moment, the problem that a punishment mechanism in the system is not timely is solved, and the safety of the system is improved. Through the design of the block confirmation scheme, the VBDPOS consensus mechanism can meet the existing commercial requirements on the basis of improving the overall safety without reducing the performance too much. By means of a reward distribution mechanism that picks winners based on a verifiable random function, a random, unpredictable, fair distribution of rewards is achieved.
The method has the advantages that winners are selected to distribute rewards based on a verifiable random function, so that the standby nodes can participate in verification work of blocks, the rewards can be obtained by the standby nodes according to the ticket rate compared with the conventional DPOS (distributed data operating System) consensus mechanism, the verifier is cognizant and approved to ensure that the verification work is carried out, the verifier must be kept online and available for equipment all the time, on one hand, the influence of loopholes of incapability of the standby nodes only for reward incapability and invisibility is reduced by using reward distribution rules, on the other hand, rewards are increased for honest and donated workers, and therefore when the super nodes of the system fail, the competent verifier who keeps data backup and keeps online can take over the failed super nodes to work more quickly, and the system can operate stably.
The voting reward of the existing DPOS consensus mechanism cannot directly correspond to the contribution of the standby nodes on one hand, and is too low in reward, so that most of the standby nodes are in loss states, and under the condition of long-term loss, the standby nodes can be selected to leave the EOS, and the stability and the distributed performance of the EOS system are reduced. The VBDPOS consensus mechanism improves the prize of the standby node and guarantees the fairness of prize distribution by picking up winners to distribute the prize based on verifiable random functions. This may facilitate the selection of the standby node to operate as a system rather than leaving the system.
Compared with the existing DPOS consensus mechanism, the VBDPOS consensus mechanism has the difference that the verifying and confirming of the blocks are not completed by the super nodes any more, but are participated by the super nodes and the verifiers at the same time. The verifier does not participate in the production of the block but participates in the verification and validation of the block. When the super node attacks such as malicious/non-malicious/collusion, the independent verifier can give 'non-confirmed' block signature confirmation in the first time, so that the malicious block cannot take effect, the system is prevented from being attacked in the first time, and the safety of the system and the benefit of a system user are protected.
The VBDPOS consensus mechanism improves the system safety, does not have excessive influence on the system performance, and can be put into commercial use.
The improvement of the security performance usually represents the cost payment, for example, in order to guarantee the security of the POW common identification mechanism in the bit token system, miners spend a large amount of power, equipment and other resources to guarantee the stable operation of the bit token system and are not attacked. But the VBDPOS consensus mechanism greatly improves the safety performance of the system while improving the cost in a small scale. Compared with the existing EOS node, the VBDPOS consensus mechanism has the advantages that the requirement of the VBDPOS consensus mechanism is consistent with the requirement of the DPOS consensus mechanism, and other hardware and equipment are not required to be added. The cost of VBDPOS is only communication cost and calculation cost, the communication cost is only simple information receiving and sending, the calculation cost is mainly calculation and verification of the hash function, a large amount of resources are not needed to be spent on the two costs, and the two costs can be completed by using a home computer and a home network, so that the VBDPOS consensus mechanism does not greatly increase the cost when the safety is greatly improved, and only slightly increases the network communication cost and the small power cost.
The VBDPOS common identification mechanism not only has safety, but also has growing performance in safety, the price of the block chain common identification is increased, the number of verifiers is increased, the safety of a block chain system based on the VBDPOS common identification mechanism can be increased, the malicious bifurcation resistance of the VBDPOS can be directly improved by increasing the price of the common identification, more verifiers can be attracted, and therefore the malicious bifurcation resistance of the VBDPOS can be indirectly improved, and the VBDPOS common identification mechanism not only has higher safety performance than the existing DPOS common identification mechanism, but also has higher growing performance in safety.
Drawings
FIG. 1 is a flow diagram of the asynchronous BFT & DPOS consensus mechanism of the present invention based on verifiable random function distribution verifier rewards;
FIG. 2 is a block diagram of the VBDPOS consensus mechanism of the present invention;
FIG. 3 is a logic flow diagram of the VRF-based winners selection in the present invention;
fig. 4 is a flowchart of selecting winners based on a verifiable function in an embodiment of the present invention.
Detailed Description
The drawings are for illustrative purposes only and are not to be construed as limiting the patent; for the purpose of better illustrating the embodiments, certain features of the drawings may be omitted, enlarged or reduced, and do not represent the size of an actual product; it will be understood by those skilled in the art that certain well-known structures in the drawings and descriptions thereof may be omitted. The positional relationships depicted in the drawings are for illustrative purposes only and should not be construed as limiting the present patent.
The same or similar reference numerals in the drawings of the embodiments of the present invention correspond to the same or similar components; in the description of the present invention, it should be understood that if there are orientations or positional relationships indicated by the terms "upper", "lower", "left", "right", "long", "short", etc., based on the orientations or positional relationships shown in the drawings, the description is merely for convenience of description and simplification, but it is not intended to indicate or imply that the device or element referred to must have a specific orientation, be constructed in a specific orientation and be operated, and therefore, the terms describing the positional relationships in the drawings are only used for illustrative purposes and are not to be construed as limitations of the present patent, and specific meanings of the terms described above can be understood according to specific situations by those skilled in the art.
The technical scheme of the invention is further described in detail by the following specific embodiments in combination with the attached drawings:
example 1
As shown in fig. 1, an asynchronous BFT & DPOS consensus mechanism for assigning verifier rewards based on verifiable random functions includes the following steps:
s1, initializing a system, and in a VBDPOS consensus mechanism, an applicant who wants to become a node candidate becomes a node after applying for by submitting equipment, facilities and personnel data description and certification;
s2: selecting a super node, voting the candidate of each node by a token holder through a voting system, selecting 21 nodes with the highest votes as the super nodes according to the ranking of the votes, generating 252 blocks as one block period, updating the votes in real time when each block period starts, and updating the rankings of the super nodes and the verifiers;
s3: selecting a verifier, and applying to become the verifier when the standby node meets the following three conditions, so as to participate in the block verification and confirmation work of the system; the three conditions are: the ticket number weight acquired by the standby node is required to be larger than the total ticket number of the system by X%, and X% is the lowest ticket number weight which can receive 100EOS rewards and is calculated in real time according to the ticket rate of the network; the standby nodes participating in the verification need to lock a certain amount of EOS deposit to a specific account, and the specific account submitted by the deposit can be a specified account of an authority or a specific account guaranteed by an intelligent contract; the verifier needs to keep a real-time communication state with all the super nodes and other verifiers continuously;
s4: the block generation is consistent with an asynchronous BFT-DPOS common identification mechanism, in a block production process, a super node can arrange a sequence to produce the blocks according to a specified algorithm, the super node which is currently responsible for block output can collect transaction information and pack the transaction information into the blocks, the packed blocks are broadcasted to other super nodes and a verifier to verify, and in the process of waiting for block confirmation, a new block can be generated at the same time; if a node has not generated a block within the last 24 hours, it will be moved out of the supernode's candidate list;
s5: the method comprises the steps that in block confirmation, other super nodes and verifiers can verify a new block and broadcast verification and signature results, when the super node responsible for the block continuously monitors a network after broadcasting, signature confirmation of 15 super nodes and signature confirmation and credentials of more than 2/3 verifiers are collected, and the super nodes and the verifiers can make different selections according to different conditions and a block confirmation scheme of a VBDPOS common identification mechanism;
s6: distributing the rewards, namely comparing a minimum certificate by nodes in the system after each round of block confirmation is finished according to a reward distribution mechanism for selecting winners based on a verifiable random function, and obtaining a consensus on the minimum certificate, wherein a verifier holding the minimum certificate is the winners of the round of blocks and can obtain verification rewards of the round of blocks;
s7: in the process of block generation, if the last block is not confirmed in 12 blocks belonging to the super node a, the super node a will start to produce the next block because the super node a can believe that it has not been fake. However, if the super node a has produced 12 blocks, when it is time for the super node B to produce a block, the super node B will wait until it confirms that the 12 th block of the super node a has obtained other 15 super nodes and the verifier confirms that it will be able to continue producing the block.
As shown in fig. 2, in step S5, the number of all verifiers is set to N all And the number of 2/3 verifiers is N 2/3 The block height is the r-th round, the block generated by the r-th round is B1, the block generated by the r + 1-th round is B2, and the seed parameter of the r-th round is Q r The super node responsible for block output is a super node a, the number of the verifier signatures and the certificates received by the super node a at a certain time is set to be X, and the specific steps of the VBDPOS block validation are as follows:
s51: block, seed parameter production and broadcast, r-1 round minimal voucher Q r I.e. the seed parameter Q of the r-th round r In the r-th round of block production process, the super nodes can arrange blocks in a well-ordered production sequence according to a specified algorithm, the super nodes which are currently responsible for block production can collect transaction information and pack the transaction information into the blocks, and the packed blocks B1 and the seed parameters Q of the round of blocks are obtained r The information is broadcasted to other super nodes and verifiers for verification, and a new block B2 is generated simultaneously in the process of waiting for block confirmation;
s52: the verification of the block and the generation of the certificate, the super node and the verifier in the system are on line all the time, the network is monitored, and when the super node and the verifier receive the new block B1 and the seed parameter Q r Then, firstly, generating respective certificates according to an algorithm flow for selecting winners based on a verifiable random function; and then, the blocks B1 are independently verified, so that the transaction information is ensured to be correct and false.
Each super node and verifier broadcasts the block B1 of round r and the respective "signature + credential" in the network;
s53: the block B1 is confirmed by a system, the super node A continuously monitors the network after broadcasting the block B1, when signature confirmations of more than 15 super nodes and signature confirmations and certificates of more than 2/3 verifiers are collected, the super node A can be regarded that the block B1 is confirmed by the system, the super node B1 is added to a block chain, and the block B2 and the seed parameter Q of the r +1 th round produced in the past are added r+1 Broadcasting, entering block confirmation of the r +1 th round; the block B1 is confirmed by the system, because of the network delay, two different processing modes are provided, two different processing results are obtained, the normal operation of the system is ensured, and the delay is controlled within one second; the super node A can constantly judge the number of the collected signature confirmations of the super nodes, and once the number of the signature confirmations of the super nodes exceeds (includes) 15, the super node A can enter a timing state and judge the number of the collected signature confirmations of the verifiers.
In addition, step s53 specifically includes:
1) When entering the timing state, if X = N all The super node A can automatically compare the certificate sizes of all verifiers to obtain a minimum certificate, and the minimum certificate in the r round is the seed parameter Q of the r +1 round r+1 The super node A will add the block B1 to the block chain, and will produce the block B2 of the r +1 th round and the seed parameter Q r+1 Broadcasting, entering block confirmation of the r +1 th round;
2) When entering the timing state, if N 2/3 <X<N all The A super node waits for one second and collects N at any time timed in one second all The signature quantity of each verifier, the super node A can automatically compare the voucher sizes of all verifiers to obtain a minimum voucher, and the minimum voucher of the round r is the seed parameter Q of the round r +1 r+1 Then, the super node a adds the block B1 to the block chain, and adds the block B2 of the previous round (r + 1) and the seed parameter Q r+1 Broadcasting, entering block confirmation of the r +1 th round;
3) When entering the timing state, if X<N 2/3 The A super node waits for one second and does not receive the data after one second of timingCollective N all The number of signatures of each verifier, but when the settlement is performed after one second, the number of signatures of the verifier which is collected exceeds (includes) N 2/3 The super node A can automatically compare the collected certifications of the certifiers to obtain a minimum certifications, and the minimum certifications of the round r are the seed parameters Q of the round r +1 r+1 Then the super node A will add block B1 to the block chain, and will produce block B2 of round r +1 and seed parameter Q r+1 ' broadcast, enter chunk ack for round r + 1.
4) When entering the timing state, if X<N 2/3 If the super node a waits for one second and does not collect the number of signatures of N2/3 verifiers after one second is counted, it is determined that a problem occurs in the block chain system, and the verifier exercises the verification right to make the block not be confirmed, or the verifier is attacked, and the block stops production.
In this embodiment, after the verifier is introduced at the step of confirming the blocks, the confirmation of the blocks is verified and confirmed by only 15 super nodes before, which becomes a verification and confirmation requiring 15 super nodes and more than 2/3 of the verifier, and compared with the existing system based on the DPOS consensus mechanism, the security of the system based on the VBDPOS consensus mechanism is greatly improved, and there is a problem that the increased number of verifications and confirmations required by the current blocks affects the generation of the next block in the block chain system (each block is generated on the basis of the previous block), so in the VBDPOS consensus mechanism, a scheme for confirming the blocks is newly designed, so that the VBDPOS consensus mechanism does not have an excessive impression on the performance of the system on the basis of improving the security of the system, because in the scheme design, the delay is controlled within one second when the system normally operates, and the block output efficiency in the block chain field can satisfy commercial requirements and is sufficient for commercial use.
The verifier is forced online and forced to participate in each round of block validation, but the system will not be down because the verifier is out of order, but will continue to operate steadily. In the existing network state, one second is enough time for all nodes to finish synchronizing the same certificate, and in the process of participating in verification, the signature confirmation and the certificate of the A verifier are not received by the producing super node within one second, and the A verifier is regarded as lacking the block confirmation. That is, if these two situations occur, the a verifier directly sends the signature and the credential point-to-point without being received by the producing super node, and the signature and the verification randomly broadcasted by the a verifier are not received by the producing super node, then it is considered that the a verifier is absent from the round of block confirmation and cannot participate in the selection of the winner of the round of block production, a is deducted by 5% of the deposit, the 5% of the deposit is awarded by the verifier of the round, and the a verifier is rejected because the deposit is insufficient, and cannot participate in the verification work and obtain the verification award in the next round of block cycle until the a resubmits the deposit to obtain the verifier eligibility. Regardless of what problem the a-verifier is unable to participate in the verification, the absence of the a-verifier affects the choice of the minimum credential, since the minimum credential changes due to the absence of the verifier.
As shown in fig. 3, step S6 specifically includes the following steps:
s61, the verifier condition is satisfied;
s62, generating the certificate of the verifier;
s63: the verifier participates in the verification work;
s64: the process of winner selection and verification.
In this embodiment, the prize distribution mechanism that picks winners based on a verifiable random function can make each round of verifier prize distribution of the VBDPOS consensus mechanism random, unpredictable, and thus fair to the verifier. In addition, each round of block verification rewards are randomly distributed, and two advantages are that the rewards are intuitive, and the block verification rewards of each round are fixed amount and cannot be reduced due to the increase of the number of verifiers. The other is that the fully randomly distributed reward is the average distribution with time attribute, so that the verifier can not participate in the block verification any more when the verifier is not drawn as a winner because of participating in the block verification, because the round number is enough and continuously participates as long as the time for participating in the verification is long enough, and the frequency of drawing as the winner of the verifier approaches the probability according to the law of large numbers.
In step s61, at the beginning of a block cycle, the standby node must satisfy the following conditions to become the verifier:
a: the ticket weight acquired by the standby node is required to be larger than the total ticket weight of X% of the system, and X% is the lowest ticket weight which can be calculated in real time and can receive 100EOS rewards;
b: the standby nodes participating in the verification need to lock a certain amount of EOS deposit to a specific account;
c: the verifier needs to maintain a real-time communication state with all supernodes and other verifiers continuously.
In this embodiment, the standby node that does not satisfy the condition, even if participating in the verification process (sending signatures and certificates), will not be recognized by the super node and the system, and will not receive the reward. There must be a certain requirement for the number of votes, since the validation does not require too large a threshold, which is a means for allocating rewards to the standby nodes from the point of view of a health consensus mechanism, and there is a certain requirement for the standby nodes in order for the rewards to be given to the contributing standby nodes.
In addition, in step s62, the difference between the process of the VBDPOS consensus mechanism for achieving consensus on the new block and the existing DPOS consensus mechanism is that the VBDPOS has more verifiers for qualification audit and the verifiers participate in block verification in the verification step, and the VBDPOS publishes a random algorithm based on the current seed parameter, namely a verifiable random function VRF, wherein a key parameter of the VRF is a private key of the user, and the private key is known only by the user himself; then, each standby node signs the seed parameters by using a private key thereof and inputs a hash function to obtain a certificate thereof; the certificate is proved by zero knowledge, and the ownership of the owner of a certain certificate can be proved on the basis of not revealing the private key completely; the credential contains 5 properties:
a: the seed parameters are continuously updated and unpredictable, so that the voucher is also continuously updated and is a random number;
B. the hash function and private key ensure that the owner of each credential is specific;
C. asymmetric key algorithms and zero knowledge proof ensure that the owner of the credential can prove ownership of the credential;
D. the voucher can not be forged;
E. the credentials are generated locally, requiring private key generation but can be verified over the network at the same time without the public private key.
In step s63, before the new block is not published, the standby node only knows whether the standby node is a verifier or not, and cannot know whether the standby node is a winner, and only after the block is produced and verified, the verifier knows whether the standby node obtains verification rewards for the round of block verification; before the result is gone, the attacker cannot predict the credentials, does not know which credentials are the smallest, and after the result is come, the attacker cannot change the history.
In addition, in step s64, the super node a responsible for the round of block generation sends the block to other super nodes and standby nodes, and the block sending adopts a combination of random broadcast and point-to-point transmission, so that the propagation delay is extremely low, the consensus is fast, and the verification can be performed afterwards. The verifier of the verification process broadcasts the certificate, the signature of the block, the block and the verification result generated by the block in the round to all the super nodes and the standby nodes, the nodes can continuously monitor and collect the verification result and the certificate in the confirmation process of the new block, the size of the certificate is automatically compared, the minimum certificate is selected, the verifier with the minimum certificate is the verifier of the round winning the prize, the verification reward can be obtained, the verification reward is not distributed in time, and according to the minimum certificate, the winner can obtain the reward only after knowing that the block is in an irreversible state.
In addition, as shown in fig. 4, step s64 mainly includes the steps of:
s641: generating a public and private key, namely generating a private key SK and a public key PK by a verifier A through an elliptic curve encryption ECC algorithm;
s642: the signature is implemented by inputting block a into SHA256 hash function to output hash digest H (a), and then using private key signature Sig (H (a)) on the hash digest, where the signature for block a is obtained. The verifier transmits "block a + signature Sig (H (a))", to other nodes.
s643: verifying the signature, namely after the other nodes have the public key PK of the verifier and obtain the block A and the signature Sig (H (A)), inputting the public key PK + the block A + the signature Sig (H (A))) into a verification function, and obtaining a verification result according to the principle of the digital signature;
s644: and updating the seed parameter, wherein the seed parameter of the first round is a random number updated by a random algorithm (such as SHA-256). Each round of block production process has a continuously updated parameter Q, called seed parameter, where the seed parameter is essentially a 256-bit character string composed of 0 and 1, and is an output hash value input through SHA-256 hash function, the seed parameter is continuously updated, and the seed parameter is unpredictable. The generation of the seed parameter Qr is the output of the generated random number in the corresponding verifiable random function, and the formula is as follows:
Q r =H(SIG A (Q r-1 ,r)),r>1
s645: and generating the certificate, namely generating the unique certificate of the verifier A through a verifiable random function. In the process of the r round block verification, the verifier A uses the private key thereof to verify the seed parameter Q of the previous round r-1 Signing with the round number r to obtain SigA (Q) r-1 R), the signature is essentially a pair of Q's using a private key r-1 And r, encrypting the character string after the character string is connected in series. Sign SigA (Q) r-1 R) generating zero-knowledge PROOF byte string PROOFA by function conversion, and inputting PROOF into hash function to obtain user A's certificate H (SigA (Q) r-1 ,r))。
1. The credential is a binary expansion of a random 256-bit number between 0 and 1, and it is unlikely that credentials of different users will be identical.
2. The seed parameter is a random number in the design of the mechanism, and before the final verification result comes out, no one knows what the seed parameter is in the next round.
3. Zero knowledge proof PROOFA is used to generate credentials, and to verify ownership of credentials to others.
4. Credential H (SigA (Q) of round r, A r-1 R)) is not generatedIt is immediately announced, but is broadcast following the verification of the r-th round block.
s646: the winners are selected, and the 2 decimal number 0.H (SigA (Q) constructed by the voucher r-1 R)) (i.e. after writing the character string of the certificate to the decimal point) are uniformly distributed between 0 and 1, and in the course of one round of verification, the verifiers are required to be on-line in the qualification verification, so that every verifier can finally receive the certificates of all other verifiers in round r, and the minimum certificate after size comparison is the "winner" of the agreed round r.
s647: and (3) verifying the certificate, in the round r, after the other verifiers receive the certificate of the verifier A and the PROOFA given by the verifier A, the other verifiers verify the PROOFA, and if the public key of the verifier A guaranteed by the digital certificate is used for decrypting the PROOFA given by the verifier A, the obtained result and the seed parameter Q are obtained r-1 Consistently, the proof is a proof of a unique and verified PROOFA derived credential H (SigA (Q) r-1 R)) is unique and ownership is proven to belong to verifier a, the credential is not forgeable and can be verified quickly due to the nature of the hash function.
s648: and the super node and the verifier in charge of the block keep real-time communication, and the super node and the verifier are in real-time point-to-point communication, so that the super node in the block can collect signature confirmation and certificate of the verifier at the fastest speed, the rank can be given first, and then the randomly broadcasted signature + certificate can be confirmed by other super nodes and verifiers successively. The system and the nodes automatically collect and verify the awards through the intelligent contracts, the awards are automatically distributed in the current round of verification, and the awards are automatically distributed by the intelligent contracts after the r-th round of blocks become irreversible. The certificate of r-1 round winner is the seed parameter Q of the next round r
It should be understood that the above-described embodiments of the present invention are merely examples for clearly illustrating the present invention, and are not intended to limit the embodiments of the present invention. Other variations and modifications will be apparent to persons skilled in the art in light of the above description. And are neither required nor exhaustive of all embodiments. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the claims of the present invention.

Claims (3)

1. An asynchronous BFT & DPOS consensus method for assigning verifier rewards based on verifiable random functions, comprising the steps of:
s1, initializing a system, and in a VBDPOS consensus method, an applicant who wants to become a node candidate becomes a node after applying for by submitting equipment, facilities and personnel data description and certification;
s2: selecting a super node, voting the candidate of each node by a token holder through a voting system, selecting 21 nodes with the highest votes as the super nodes according to the ranking of the votes, generating 252 blocks as one block period, updating the votes in real time when each block period starts, and updating the rankings of the super nodes and the verifiers;
s3: selecting a verifier, and applying to become the verifier when the standby node meets the following three conditions, so as to participate in the block verification and confirmation work of the system; the three conditions are: the ticket number weight acquired by the standby node is required to be larger than the total ticket number of the system by X%, and X% is the lowest ticket number weight which can receive 100EOS rewards and is calculated in real time according to the ticket rate of the network; the standby nodes participating in verification need to lock a certain amount of EOS deposit to a specific account, and the specific account submitted by the deposit can be an appointed account of an authority or a specific account guaranteed by an intelligent contract; the verifier needs to keep a real-time communication state with all the super nodes and other verifiers continuously;
s4: the block generation is consistent with the asynchronous BFT-DPOS common identification method, in a block production process, the super nodes can arrange the sequential block production according to a specified algorithm, the super nodes which are currently responsible for block production can collect transaction information and pack the transaction information into the block, the packed block is broadcasted to other super nodes and a verifier for verification, and in the process of waiting for block confirmation, a new block can be generated at the same time; if a node has not generated a block within the last 24 hours, it will be moved out of the supernode's candidate list;
s5: the method comprises the following steps that (1) in block confirmation, other super nodes and verifiers verify a new block and broadcast verification and signature results, when the super nodes responsible for the block continuously monitor a network after broadcasting, signature confirmation of 15 super nodes and signature confirmation and credentials of more than 2/3 verifiers are collected, and the super nodes and the verifiers make different selections according to different conditions and a block confirmation scheme of a VBDPOS common identification method;
s6: distributing the rewards, namely comparing a minimum certificate by nodes in the system after each round of block confirmation is finished according to a reward distribution mechanism of a reward distribution method for selecting winners based on a verifiable random function, and achieving consensus on the minimum certificate, wherein a verifier holding the minimum certificate is the winners of the round of blocks and can obtain verification rewards of the round of blocks;
s7: switching the super node, in the generation process of the block, if the last block is not confirmed in 12 blocks belonging to the super node A, the super node A starts to produce the next block because the super node A can believe that the super node A does not make a false; if the super node A finishes producing 12 blocks, when the super node B produces the blocks, the super node B waits until the super node B confirms that the 12 th block of the super node A obtains other 15 super nodes and verifiers to confirm and then follows the production blocks;
the step S6 specifically includes the following steps:
s61, the verifier condition is satisfied;
s62, generating the certificate of the verifier;
s63: the verifier participates in the verification work;
s64: a winner selection and verification process of the winners;
at the beginning of a block period, the standby node qualifies as a verifier by satisfying the following conditions in step s61:
a: the ticket weight acquired by the standby node is required to be larger than the total ticket weight of X% of the system, and X% is the lowest ticket weight which can be calculated in real time and can receive 100EOS rewards;
b: the standby nodes participating in the verification need to lock a certain amount of EOS deposit to a specific account;
c: the verifier needs to keep a real-time communication state with all the super nodes and other verifiers continuously;
in step s62, the difference between the VBDPOS consensus method and the existing DPOS consensus method is that VBDPOS adds verifier qualification verification and verifier participation in block verification at the verification step, VBDPOS publishes a random algorithm based on the current seed parameter, that is, a verifiable random function VRF, one key parameter of the VRF is the private key of the user, and the private key is known only by the user himself; then, each standby node signs the seed parameters by using a private key thereof and inputs a hash function to obtain a certificate thereof; the certificate is proved through zero knowledge, and the ownership of a certain certificate can be proved on the basis of completely not revealing a private key; the credential contains 5 properties:
a: the seed parameters are continuously updated and unpredictable, so that the voucher is also continuously updated and is a random number;
B. the hash function and private key ensure that the owner of each credential is specific;
C. asymmetric key algorithms and zero knowledge proof ensure that the owner of the credential can prove ownership of the credential;
D. the voucher can not be forged;
E. the certificate is locally carried out, and the whole network verification can be carried out at the same time without the public private key when the private key is required to be generated;
in step s63, before the new block is not published, the standby node only knows whether the standby node is a verifier or not, and cannot know whether the standby node is a winner, and only after the block is produced and verified, the verifier knows whether the standby node obtains verification rewards for the round of block verification; before the result is not obtained, an attacker cannot predict the certificates and does not know which certificate is the minimum, and after the result is obtained, the attacker cannot change the history;
in step S5, the number of all verifiers is set to N all And the number of 2/3 verifiers is N 2/3 Region ofThe block height is the r-th round, the block generated by the r-th round is B1, the block generated by the r + 1-th round is B2, and the seed parameter of the r-th round is Q r The super node responsible for block generation is a super node A, the number of the verifiers' signatures and the certificates received by the super node A at a certain moment is set to be X, and the block confirmation specifically comprises the following steps:
s51: block, seed parameter production and broadcast, r-1 round minimal voucher Q r I.e. the seed parameter Q of the r-th round r In the r-th round of block production process, the super nodes can arrange blocks in a well-ordered production sequence according to a specified algorithm, the super nodes which are currently responsible for block production can collect transaction information and pack the transaction information into the blocks, and the packed blocks B1 and the seed parameters Q of the round of blocks are obtained r The information is broadcasted to other super nodes and verifiers for verification, and a new block B2 is generated simultaneously in the process of waiting for block confirmation;
s52: the verification of the block and the generation of the certificate, the super node and the verifier in the system are on line all the time, the network is monitored, and when the super node and the verifier receive the new block B1 and the seed parameter Q r Then, firstly, generating respective certificates according to an algorithm flow for selecting winners based on a verifiable random function; then, the block B1 is independently verified, and the transaction information is ensured to be correct and not fake;
each super node and verifier broadcasts the block B1 of round r and the respective "signature + credential" in the network;
s53: the block B1 is confirmed by the system, the super node A continuously monitors the network after broadcasting the block B1, when signature confirmations of more than 15 super nodes and signature confirmations and vouchers of more than 2/3 verifiers are collected, the super node A can be regarded as the block B1 is confirmed by the system, the super node B1 is added to a block chain, and the block B2 and the seed parameter Q of the previous r +1 round are produced r+1 Broadcasting, entering block confirmation of round r + 1; the block B1 obtains system confirmation, because of network delay, two different processing modes are available, two different processing results are obtained, normal operation of the system is ensured, and the delay is controlled within one second; the A super node can constantly judge the number of the collected signature confirmations of the super nodes, and once the super nodes are in useAnd if the number of the signature confirmations of the nodes is more than or equal to 15, the super node A enters a timing state and judges the collected number of the signature confirmations of the verifiers.
2. The asynchronous BFT & DPOS consensus method for verifiable random function based distribution of verifier rewards as claimed in claim 1, wherein said step s53 specifically comprises:
1) When entering the timing state, if X = N all The super node A can automatically compare the voucher sizes of all the verifiers to obtain a minimum voucher, and the minimum voucher of the round r is the seed parameter Q of the round r +1 r+1 The super node A adds the block B1 to the block chain, and adds the block B2 of the previous round (r + 1) and the seed parameter Q r+1 Broadcasting, entering block confirmation of the r +1 th round;
2) When entering the timing state, if N 2/3 <X<N all The A super node waits for one second and collects N at any time timed in one second all The signature quantity of each verifier, the super node A can automatically compare the sizes of the certificates of all verifiers to obtain a minimum certificate, and the minimum certificate of the round r is the seed parameter Q of the round r +1 r+1 Then the super node A will add block B1 to the block chain, and will produce block B2 of round r +1 and seed parameter Q r+1 Broadcasting, entering block confirmation of the r +1 th round;
3) When entering the timing state, if X<N 2/3 The A super node waits for one second and does not collect N after one second all The number of signatures of each verifier is greater than or equal to N when the settlement is performed after one second of timing 2/3 The super node A can automatically compare the collected certifications of the certifiers to obtain a minimum certifications, and the minimum certifications of the round r are the seed parameters Q of the round r +1 r+1 Then the super node A will add block B1 to the block chain, and will produce block B2 of round r +1 and seed parameter Q r+1 Broadcasting, entering block confirmation of the r +1 th round;
4) When entering the timing state, if X<N 2/3 The A super node waits for one second and does not collect N after one second is timed 2/3 The number of signatures of each verifier is regarded as that the block chain system has a problem, and the verifier exercises the verification right to ensure that the block cannot be confirmed, or the verifier is attacked, and the block stops production.
3. The asynchronous BFT & DPOS consensus method for assigning verifier rewards based on verifiable random functions according to claim 1, wherein said step s64 essentially comprises the steps of:
s641: generating a public and private key, namely generating a private key SK and a public key PK by a verifier A through an elliptic curve encryption ECC algorithm;
s642: the signature is realized by inputting the block A into an SHA256 hash function to output a hash digest H (A), then using a private key signature Sig (H (A)) to the hash digest, obtaining a signature to the block A, and sending the block A + signature Sig (H (A)) to other nodes by a verifier;
s643: verifying the signature, namely, after the other nodes have the public key PK of the verifier and obtain the block A and the signature Sig (H (A)), inputting the public key PK + the block A + the signature Sig (H (A))) into a verification function, and obtaining a verification result according to the principle of the digital signature;
s644: updating seed parameters, wherein the seed parameters in the first round are random algorithms, a parameter Q which is continuously updated is generated in the block production process of each round and is called as a seed parameter, the seed parameters are character strings which are composed of 0 and 1 and have the length of 256 bits, the character strings are output hash values after being input through an SHA-256 hash function, the seed parameters are continuously updated, the seed parameters are unpredictable, and the generation of the seed parameters Qr is the output of random numbers generated in a corresponding verifiable random function, and the formula is as follows:
Q r =H(SIG A (Q r-1 ,r)),r>1
s645: generating a unique certificate of the verifier A through a verifiable random function, wherein in the round of block verification, the verifier A uses a private key thereof to perform the previous round of seed parameter Q r-1 Signing with the round number r to obtain the resultTo SigA (Q) r-1 R), the signature is essentially a pair of Q's using a private key r-1 And r the string after concatenation, encrypt the signature SigA (Q) r -1 R) generating zero-knowledge PROOF byte string PROOFA by function conversion, wherein PROOF inputs hash function to obtain user A's certificate H (SigA (Q) r-1 ,r));
s646: winners are selected, 2 decimal 0.H (SigA (Q) constructed from the vouchers r-1 R)) are uniformly distributed between 0 and 1, and in a round of verification process, the verifiers are required to be online in qualification verification, so that each verifier finally receives the certificates of all other verifiers in the round r, and the certificate with the smallest size after comparison is the 'winner' achieving consensus in the round r;
s647: and (3) verifying the certificate, in the round r, after the other verifiers receive the certificate of the verifier A and the PROOFA given by the verifier A, the other verifiers verify the PROOFA, if the public key of the verifier A guaranteed by the digital certificate is used for decrypting the PROOFA given by the verifier A, the obtained result and the seed parameter Q are obtained r-1 Consistently, the proof is a proof of a unique and verified PROOFA derived credential H (SigA (Q) r-1 R)) is unique and ownership is certified as belonging to verifier a, the credential is not forgeable and can be verified quickly due to the nature of the hash function;
s648: distribution of the reward; the super node and the verifier which are responsible for the block play can keep real-time communication, because the super node and the verifier are in real-time point-to-point communication, the super node which plays the block can collect signature confirmation and certificate of the verifier at the fastest speed, the rank can be given first, then the randomly broadcasted 'signature + certificate' can be continuously confirmed by other super nodes and verifiers, the system and the nodes can automatically collect through an intelligent contract, automatically verify and automatically distribute rewards verified in the current round, the rewards can be automatically distributed by the intelligent contract after the block in the r-th round becomes in an irreversible state, and the certificate of a winner in the r-1 round is the seed parameter Q of the next round r
In step s64, the super node a responsible for the block production sends the block to other super nodes and standby nodes, and the block sending adopts a combination of random broadcasting and point-to-point transmission, so that the propagation delay is extremely low, the consensus is fast, and the block can be verified afterwards; the verifier of the verification process broadcasts the certificates, the signatures of the blocks and the verification results generated by the blocks in the round to all the super nodes and the standby nodes, the nodes can continuously monitor and collect the verification results and the certificates in the confirmation process of the new blocks, the sizes of the certificates are automatically compared, the minimum certificate is selected, the verifier with the minimum certificate is the verifier of the round winning the prize, the verification reward can be obtained, the verification reward is not distributed in time, and according to the minimum certificate, the winner of the prize can obtain the reward after knowing that the block is won the prize.
CN201911049650.4A 2019-10-31 2019-10-31 Asynchronous BFT & DPOS consensus mechanism for assigning verifier rewards based on verifiable random functions Active CN110855432B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911049650.4A CN110855432B (en) 2019-10-31 2019-10-31 Asynchronous BFT & DPOS consensus mechanism for assigning verifier rewards based on verifiable random functions

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911049650.4A CN110855432B (en) 2019-10-31 2019-10-31 Asynchronous BFT & DPOS consensus mechanism for assigning verifier rewards based on verifiable random functions

Publications (2)

Publication Number Publication Date
CN110855432A CN110855432A (en) 2020-02-28
CN110855432B true CN110855432B (en) 2023-03-14

Family

ID=69598881

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911049650.4A Active CN110855432B (en) 2019-10-31 2019-10-31 Asynchronous BFT & DPOS consensus mechanism for assigning verifier rewards based on verifiable random functions

Country Status (1)

Country Link
CN (1) CN110855432B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111047330B (en) * 2020-03-18 2020-09-22 杭州智块网络科技有限公司 Verification bonus awarding method and device for blocks
CN111600709B (en) * 2020-05-26 2023-03-14 牛津(海南)区块链研究院有限公司 Verifiable random number generation method and device
JP2023537827A (en) * 2020-07-07 2023-09-06 ライン プラス コーポレーション Random sampling BFT consensus method and system, and computer program
CN112101940A (en) * 2020-09-16 2020-12-18 上海万向区块链股份公司 Random verifiable sample selection system implemented with block chains
CN112511338A (en) * 2020-11-09 2021-03-16 迅鳐成都科技有限公司 Block chain consensus network dynamic recovery method, electronic device, system and medium
CN113300889A (en) * 2020-12-31 2021-08-24 恬家(上海)信息科技有限公司 Method for adjusting link width and block link network system
CN113111373B (en) * 2021-05-13 2022-06-07 北京邮电大学 Random number generation method of VBFT (visual basic FT) consensus mechanism and consensus mechanism system
CN115643043B (en) * 2022-09-09 2024-04-19 北京航空航天大学 Cross-chain consensus election method and system based on verification delay function

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109165092B (en) * 2018-07-10 2021-07-20 矩阵元技术(深圳)有限公司 Consensus method, device and system based on effective computing power contribution
CN109039713B (en) * 2018-07-16 2021-06-18 夸克链科技(深圳)有限公司 Block chain consensus device and algorithm
CN109639837B (en) * 2019-01-31 2021-04-06 东南大学 Block chain DPoS (distributed denial of service) consensus method based on trust mechanism

Also Published As

Publication number Publication date
CN110855432A (en) 2020-02-28

Similar Documents

Publication Publication Date Title
CN110855432B (en) Asynchronous BFT &amp; DPOS consensus mechanism for assigning verifier rewards based on verifiable random functions
CN109544334B (en) Method for realizing network extensible block chain
CN109842606B (en) Block chain consensus algorithm and system based on consistent Hash algorithm
CN108880863B (en) Smart power grid equipment safety diagnosis service system based on block chain technology
CN111988137B (en) DPoS (dual port service) consensus method and system based on threshold signature and fair reward
CN110351067B (en) Block chain consensus method for master-slave multi-chains
KR102240939B1 (en) Blockchain system with consensus algorithm based on proof-of -transaction and method there of
CN109639430B (en) Safe high-speed lightweight block chain system and method
CN111090892A (en) Block chain consensus method and device based on VRF and threshold signature
Shibata Proof-of-search: combining blockchain consensus formation with solving optimization problems
US11190341B2 (en) System architecture for executing a distributed key generation protocol
CN110892674A (en) Transaction generation method and block verification method of block chain
CN110610421B (en) Guarantee fund management method and device under fragment framework
CN112651830B (en) Block chain consensus method applied to power resource sharing network
US20220035808A1 (en) Blockchain system comprising consensus protocol using search for good approximate solutions to any optimization problem and its computor program
Sun et al. Rtchain: A reputation system with transaction and consensus incentives for e-commerce blockchain
CN114362987B (en) Distributed voting system and method based on block chain and intelligent contract
CN106920097A (en) A kind of generation time block chain method of Quantum Chain common recognition agreement
CN111104678A (en) Block chain consensus method and device
CN112118138B (en) System and method for realizing block chain consensus mechanism
Wang et al. Blockchain-based dynamic energy management mode for distributed energy system with high penetration of renewable energy
CN116595094A (en) Federal learning incentive method, device, equipment and storage medium based on block chain
CN114422146A (en) Anonymous sorting method for block chain main nodes
CN110930158A (en) Block chain DPoS common recognition method based on reward and punishment mechanism
EP3520370B1 (en) A decentralised database

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB03 Change of inventor or designer information
CB03 Change of inventor or designer information

Inventor after: Jiang Li

Inventor after: Huang Jun

Inventor after: Chen Bin

Inventor after: Chen Meiyun

Inventor after: Liu Yi

Inventor after: Yang Chao

Inventor after: Xie Shengli

Inventor before: Huang Jun

Inventor before: Jiang Li

Inventor before: Chen Bin

Inventor before: Chen Meiyun

Inventor before: Liu Yi

Inventor before: Yang Chao

Inventor before: Xie Shengli

GR01 Patent grant
GR01 Patent grant