CN110855777A - Node management method and device based on block chain - Google Patents

Node management method and device based on block chain Download PDF

Info

Publication number
CN110855777A
CN110855777A CN201911099879.9A CN201911099879A CN110855777A CN 110855777 A CN110855777 A CN 110855777A CN 201911099879 A CN201911099879 A CN 201911099879A CN 110855777 A CN110855777 A CN 110855777A
Authority
CN
China
Prior art keywords
node
intelligent contract
deployment
target node
result
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911099879.9A
Other languages
Chinese (zh)
Other versions
CN110855777B (en
Inventor
刘攀
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201911099879.9A priority Critical patent/CN110855777B/en
Publication of CN110855777A publication Critical patent/CN110855777A/en
Application granted granted Critical
Publication of CN110855777B publication Critical patent/CN110855777B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/568Storing data temporarily at an intermediate stage, e.g. caching
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3255Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Abstract

The embodiment of the invention provides a node management method and device based on a block chain, which are used for realizing the control of adding a new node. The method comprises the steps of receiving an intelligent contract deployment request carrying node management rule information, wherein the intelligent contract deployment request is used for requesting to deploy an intelligent contract comprising the node management rule information; if the intelligent contract deployment request and the intelligent contract meet the contract deployment condition, deploying the intelligent contract to obtain a deployment result, and performing first consensus on the deployment result in the block chain network; if the blockchain network achieves the first consensus, adding the deployment result to a blockchain account book in the blockchain network; and sending an intelligent contract deployment response, wherein the intelligent contract deployment response is used for indicating that the intelligent contract deployment is successful. By adopting the embodiment of the invention, the block chain network can be effectively prevented from being attacked, thereby improving the safety and reliability of the block chain network.

Description

Node management method and device based on block chain
Technical Field
The present invention relates to the field of blockchain technologies, and in particular, to a method and an apparatus for managing nodes based on blockchains.
Background
The Blockchain (Blockchain) is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. The block chain, which is essentially a decentralized database, is a string of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, which is used for verifying the validity (anti-counterfeiting) of the information and generating a next block. A blockchain is a data structure used to store transactions, while a blockchain network is a network of computing nodes used to manage, update, and maintain one or more blockchains. The compute nodes of a blockchain may be referred to simply as blockchain nodes.
Currently, in the case where a certain blockchain node wants to join a certain blockchain network, whether the blockchain node is allowed to join the blockchain network is controlled by an administrator operation of the blockchain network. But the administrator's account number may be compromised and once compromised, the blockchain network is at risk of being attacked.
Disclosure of Invention
The embodiment of the invention provides a node management method and device based on a block chain, which can effectively prevent the block chain network from being attacked, thereby improving the safety and reliability of the block chain network.
In a first aspect, an embodiment of the present invention provides a node management method based on a block chain, where the method may include:
receiving an intelligent contract deployment request carrying node management rule information, wherein the intelligent contract deployment request is used for requesting to deploy an intelligent contract comprising the node management rule information;
if the intelligent contract deployment request and the intelligent contract meet contract deployment conditions, deploying the intelligent contract to obtain a deployment result, and performing first consensus on the deployment result in the block chain network;
if the blockchain network achieves the first consensus, adding the deployment result to a blockchain account book in the blockchain network;
sending an intelligent contract deployment response, wherein the intelligent contract deployment response is used for indicating that the intelligent contract deployment is successful;
the deployment result comprises address information of the intelligent contract and a deployment state of the intelligent contract, and the deployment state is successful.
In one embodiment, the method further comprises:
receiving a joining request from a target node, wherein the joining request carries an identifier of the target node and is used for requesting to join the block chain network;
if the joining request has validity, calling the intelligent contract and loading the node management rule information;
and controlling the target node to join the block chain network according to the identification of the target node and the node management rule information, and sending a joining response to the target node.
In one embodiment, the node management rule information includes a list of nodes allowed to join;
controlling the target node to join the block chain network according to the identification of the target node and the node management rule information, and sending a joining response to the target node, wherein the joining response comprises:
if the list of nodes allowed to be added comprises the identification of the target node, allowing the target node to be added into the block chain network to obtain a first result, and performing second consensus on the first result in the block chain network;
adding the first result to a blockchain account book if the blockchain network achieves a second consensus;
sending a join response to the target node, the join response indicating that the target node is allowed to join the blockchain network.
In an embodiment, the node management rule information further includes a list of nodes that are not allowed to be added;
controlling the target node to join the block chain network according to the identification of the target node and the node management rule information, and sending a joining response to the target node, wherein the joining response comprises:
if the list of the nodes allowed to be added does not comprise the identifier of the target node and the list of the nodes not allowed to be added comprises the identifier of the target node, the target node is not allowed to be added into the block chain network to obtain a second result, and the second result is subjected to third consensus in the block chain network;
if the blockchain network achieves a third consensus, adding the second result to the blockchain account book;
and sending a joining response to the target node, wherein the joining response is used for indicating that the target node is not allowed to join the blockchain network.
In one embodiment, controlling the target node to join the blockchain network according to the identifier of the target node and the node management rule information, and sending a join response to the target node includes:
if the allowed node list does not include the identifier of the target node and the disallowed node list does not include the identifier of the target node, allowing the designated node in the block chain network connected to the target node to obtain a third result, and performing fourth consensus on the third result in the block chain network;
if the blockchain network achieves a fourth consensus, adding the third result to the blockchain account book;
and sending a joining response to the target node, wherein the joining response is used for indicating that the target node allows connecting the designated node in the blockchain network.
In one embodiment, the method further comprises: and if the intelligent contract deployment request is legal and the intelligent contract is legal, determining that the intelligent contract deployment request and the intelligent contract meet contract deployment conditions.
In one embodiment, the method further comprises:
receiving a contract modification request for the intelligent contract;
if the contract modification request is legal, calling the intelligent contract, and modifying the intelligent contract according to the contract modification request to obtain a modification result;
performing a fifth consensus on the modification result in the blockchain network;
if the blockchain network achieves a fifth consensus, adding the modification result to the blockchain account book;
a contract modification response is sent indicating that the intelligent contract modification is complete.
In a second aspect, an embodiment of the present invention provides a node management apparatus, which includes a transceiver unit and a processing unit.
The system comprises a receiving and sending unit, a sending and receiving unit and a processing unit, wherein the receiving and sending unit is used for receiving an intelligent contract deployment request carrying node management rule information, and the intelligent contract deployment request is used for requesting to deploy an intelligent contract comprising the node management rule information;
the processing unit is used for deploying the intelligent contract to obtain a deployment result if the intelligent contract deployment request and the intelligent contract meet contract deployment conditions, and performing first consensus on the deployment result in the block chain network; if the blockchain network achieves the first consensus, adding the deployment result to a blockchain account book in the blockchain network;
a transceiving unit, further configured to send an intelligent contract deployment response, where the intelligent contract deployment response is used to indicate that the intelligent contract deployment is successful;
wherein the deployment result comprises address information of the intelligent contract and a deployment state of the intelligent contract, and the deployment state is successful.
In a third aspect, an embodiment of the present invention provides a certificate management apparatus, which includes a processor and a memory, where the processor and the memory are coupled to each other, where the memory is configured to store a computer program, and the computer program includes program instructions, and the processor is configured to call the program instructions to perform the operations recited in the first aspect.
In a fourth aspect, an embodiment of the present invention provides a storage device, which may include a computer-readable storage medium, in which a computer program is stored, the computer program including program instructions, which, when executed by a processor, cause the processor to execute the method of the first aspect.
According to the embodiment of the invention, the intelligent contract comprising the node management rule information is deployed on the blockchain network, so that the blockchain network can be effectively prevented from being attacked, and the safety and reliability of the blockchain network are improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1A is a schematic diagram of a data sharing system;
FIG. 1B is a schematic diagram of a blockchain;
FIG. 2 is a diagram of a network architecture to which embodiments of the present invention are applied;
FIG. 3 is a schematic diagram of the blockchain network 203 of FIG. 2;
fig. 4 is a flowchart illustrating a node management method according to an embodiment of the present invention;
fig. 5 is a schematic flowchart of another node management method according to an embodiment of the present invention;
fig. 6 is a schematic flowchart of another node management method according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a certificate management apparatus according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of another certificate management apparatus according to an embodiment of the present invention.
Detailed Description
Before describing embodiments of the present invention, names or terms related to the embodiments of the present invention will be described.
(1) Data sharing system and block chain
Referring to the data sharing system shown in fig. 1A, the data sharing system 100 refers to a system for performing data sharing between nodes, the data sharing system may include a plurality of nodes 101, and the plurality of nodes 101 may refer to respective clients in the data sharing system. Each node 101 may receive input information while operating normally and maintain shared data within the data sharing system based on the received input information. In order to ensure information intercommunication in the data sharing system, information connection can exist between each node in the data sharing system, and information transmission can be carried out between the nodes through the information connection. For example, when an arbitrary node in the data sharing system receives input information, other nodes in the data sharing system acquire the input information according to a consensus algorithm, and store the input information as data in shared data, so that the data stored on all the nodes in the data sharing system are consistent.
Each node in the data sharing system has a node identifier corresponding thereto, and each node in the data sharing system may store a node identifier of another node in the data sharing system, so that the generated block is broadcast to the other node in the data sharing system according to the node identifier of the other node in the following. Each node may maintain a node identifier list as shown in the following table, and store the node name and the node identifier in the node identifier list correspondingly. The node identifier may be an Internet Protocol (IP) address and any other information that can be used to identify the node, and only the IP address is used as an example in table 1.
Node name Node identification
Node 1 117.114.151.174
Node 2 117.116.189.145
Node N 119.123.789.258
The data sharing system may also be referred to as a blockchain network, and the nodes in the data sharing system may also be referred to as blockchain nodes. Each blockchain node in the blockchain network stores one identical blockchain. The block chain is composed of a plurality of blocks, referring to fig. 1B, the block chain is composed of a plurality of blocks, the starting block includes a block header and a block main body, the block header stores an input information characteristic value, a version number, a timestamp and a difficulty value, and the block main body stores input information; the next block of the starting block takes the starting block as a parent block, the next block also comprises a block head and a block main body, the block head stores the input information characteristic value of the current block, the block head characteristic value of the parent block, the version number, the timestamp and the difficulty value, and the like, so that the block data stored in each block in the block chain is associated with the block data stored in the parent block, and the safety of the input information in the block is ensured.
When each block in the block chain is generated, when a node where the block chain is located receives input information, the input information is verified, after the verification is completed, the input information is stored in a memory pool, and a hash tree used for recording the input information is updated; and then, updating the updating time stamp to the time when the input information is received, trying different random numbers, and calculating the characteristic value for multiple times, so that the calculated characteristic value can meet the following formula:
SHA256(SHA256(version+prev_hash+merkle_root+ntime+nbits+x))<TARGET
wherein, SHA256 is a characteristic value algorithm used for calculating a characteristic value; version is version information of the relevant block protocol in the block chain; prev _ hash is a block head characteristic value of a parent block of the current block; merkle _ root is a characteristic value of the input information; ntime is the update time of the update timestamp; nbits is the current difficulty, is a fixed value within a period of time, and is determined again after exceeding a fixed time period; x is a random number; TARGET is a feature threshold, which can be determined from nbits.
Therefore, when the random number meeting the formula is obtained through calculation, the information can be correspondingly stored, and the block head and the block main body are generated to obtain the current block. And then, the node where the block chain is located respectively sends the newly generated blocks to other block chain nodes in the block chain network where the newly generated blocks are located according to the node identifiers of the other block chain nodes in the block chain network, the newly generated blocks are verified by the other block chain nodes, and the newly generated blocks are added into the block chain stored in the newly generated blocks after the verification is completed.
The Blockchain (Blockchain) is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism and an encryption algorithm. The block chain, which is essentially a decentralized database, is a string of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, which is used for verifying the validity (anti-counterfeiting) of the information and generating a next block.
(2) Accounting node and verification node
In the blockchain network, each blockchain link point maintains a blockchain account book, the blockchain account book records all transaction records, and a transaction only recorded in the blockchain account book means that the transaction is completed. The block chain link points in the block chain network can be divided into verification nodes and accounting nodes.
The verification node can verify the transaction, namely verify the validity of the transaction, and issue the transaction to the blockchain through a consensus mechanism, namely under the condition that the blockchain network achieves consensus, the accounting node records the transaction in a blockchain account book.
And the accounting node records the verified transaction information and generates a block in the block chain, namely, the verified transaction information is recorded in the block chain account book. The accounting node may also verify the transaction.
One or more accounting nodes and one or more validation nodes may be included in the blockchain network.
Further, in the embodiments of the present invention, the block chain nodes in the block chain network may be prioritized, for example, the priority of the accounting node is higher than that of the verification node. If other types of blockchain nodes exist in the blockchain network, the priority of the type of blockchain node can be determined.
(2) Intelligent contract
A Smart Contract (Smart Contract) is a set of conventions that are defined, propagated, verified, or executed in digital form, including protocols on which Contract participants may execute such conventions. Smart contracts allow trusted transactions to be conducted without third parties, which transactions are traceable and irreversible.
In view of the disadvantage that whether a new blockchain link point is allowed to join the blockchain network or not by the operation and control of an administrator of the blockchain network, embodiments of the present invention provide a method and an apparatus for node management based on a blockchain, which can effectively prevent the blockchain network from being attacked, thereby improving the security and reliability of the blockchain network.
In order to facilitate clear description of the technical solutions of the embodiments of the present invention, in the embodiments of the present invention, terms such as "first" and "second" are used to distinguish the same items or similar items having substantially the same functions and actions. Those skilled in the art will appreciate that the terms "first," "second," etc. do not denote any order or quantity, nor do the terms "first," "second," etc. denote any order or importance.
Referring to fig. 2, a network architecture 200 according to an embodiment of the present invention includes a management node 201, a target node 202, and a blockchain network 203. It should be noted that the number and the form of each device in fig. 2 are used for example, and do not constitute a limitation to the embodiment of the present invention, for example, one target node is taken as an example, and a plurality of target nodes may exist in an actual application.
The management node 201 and the target node 202 may be Mobile phones (or smart phones), tablet computers, personal computers, notebooks, laptops, Mobile Internet Devices (MIDs), servers, and the like. The management node 201, which is a device used by the blockchain platform committee, may be a blockchain link point in the blockchain network 203 or may not be a blockchain node in the blockchain network 203. The target node 202, which is a node requesting to join the blockchain network 203, may be a node corresponding to an individual or a business or organization.
The blockchain network 203 may be a public blockchain network, a private blockchain network, or a federated blockchain network, among others. In a blockchain network, one or more nodes may be operated by respective entities (e.g., financial institutions, educational institutions, insurance companies, etc.), and an entity may operate one or more nodes in the blockchain network. The block chain network 203 is shown in fig. 3, and the block chain network 203 includes 5 block chain nodes, where the 5 block chain nodes include 3 non-accounting nodes and 2 accounting nodes, the 3 non-accounting nodes are numbered 2031 to 2033, and the 2 accounting nodes are numbered 2034 to 2035. The accounting node is used for recording the verified transaction information, generating a block in the block chain, and adding the newly generated block to the block chain account book. The non-accounting node can be a verification node or other blockchain nodes besides the accounting node, and can also be called a common node.
Taking a blockchain network composed of a plurality of education institutions as an example, the blockchain platform committee may select one education institution from the plurality of education institutions as a representative education institution, and then the management node 201 may be a node corresponding to the representative education institution. Alternatively, the blockchain platform committee may be a blockchain platform committee for education consisting of a plurality of education institutions, and the management node 201 may be a node corresponding to the committee. The target node 202 may be a node corresponding to a target educational institution requesting to join the blockchain network.
The management node 201 may send an intelligent contract deployment request to the blockchain network 203 and receive an intelligent contract deployment response from the blockchain network 203. The block chain network 203 is requested to deploy a corresponding intelligent contract through an intelligent contract deployment request, and in the embodiment of the invention, the intelligent contract deployment request is used for requesting the block chain network 203 to deploy an intelligent contract comprising node management rule information. Through the intelligent contract deployment response, the management node 201 can know the deployment result of the blockchain network 203, that is, whether the deployment is successful.
If a blockchain network corresponds to a blockchain platform committee, the blockchain platform committee sets node management rule information for the blockchain network.
If a plurality of blockchain networks correspond to one blockchain platform committee, the blockchain platform committee may set different node management rule information for different blockchain networks, and the management node 201 may send different intelligent contract deployment requests for different blockchain networks, for example, send an intelligent contract deployment request including first node management rule information for the blockchain network 203 and send an intelligent contract deployment request including second node management rule information for the blockchain network 206. The first node management rule information is different from the second node management rule information, for example, the block link point with the node mark a is allowed to join in the first node management rule information, and is not allowed to join in the second node management rule information.
The block chain network 203 receives a join request from the target node 202, wherein the join request carries an identifier of the target node 202 and is used for requesting to join the block chain network 203; when determining that the join request is legal, the blockchain network 203 invokes an intelligent contract including node management rule information, determines whether to allow the target node 202 to join the blockchain network 203, and sends a join response to the target node 202, where the join response is used to indicate whether the target node 202 is allowed to join the blockchain network 203.
The node management device provided by the embodiment of the invention can be any accounting node in a block chain network, and also can be a part of the accounting node, such as a chip in the accounting node.
Based on the network architecture shown in fig. 2, the node management method provided by the embodiment of the present invention will be described in detail below with reference to fig. 4 to 6. In the introduction, the node management apparatus takes the accounting node 2034 in fig. 3 as an example.
Referring to fig. 4, a flowchart of a node management method according to an embodiment of the present invention includes, but is not limited to, the following steps:
in step 401, the management node 201 sends an intelligent contract deployment request to the accounting node 2034 in the blockchain network 203. Accordingly, the accounting node 2034 receives the intelligent contract deployment request from the management node 201.
The intelligent contract deployment request carries node management rule information, and the node management rule information can be set on the management node 201 by a blockchain platform committee and is used for limiting which nodes can join the blockchain network 203 and which nodes cannot join the blockchain network 203. Further, the node management rule information may also define which nodes may join the blockchain network 203 under what circumstances.
The intelligent contract deployment request may further include an identification of the blockchain network 203 for distinguishing between different blockchain networks. The intelligent contract deployment request also includes a signature of the management node 201 so that the blockchain network 203 checks the validity of the signature.
In a first possible implementation manner, the node management rule information includes a join-allowed node list, where the join-allowed node list includes one or more node identifiers, and a node corresponding to each node identifier may join the blockchain network 203, and further may connect an accounting node in the blockchain network 203. In the embodiment of the present invention, the list of nodes allowed to be added may be understood as a white list, and a node corresponding to a node identifier in the white list may be added to the blockchain 203, and further may be connected to any accounting node or multiple accounting nodes in the blockchain network 203. For example, the list of allowed nodes includes a node identifier a and a node identifier B, then the node a corresponding to the node identifier a may join the blockchain network 203, and the node B corresponding to the node identifier B may join the blockchain network 203; further, node a may be connected to the accounting node 2034 and node B may be connected to the accounting node 2034.
Further, the node management rule information further includes a limiting condition corresponding to each node identifier in the white list, such as an effective time and/or an effective geographic location range. The valid time is used to define a time period during which each node in the white list can join the blockchain network 203, for example, the valid time corresponding to the node identifier a is 9: 00-12: 00, then node a may join the blockchain network 203 during this time period. The valid geographic location is used to define at which locations each node in the white list can join the blockchain network 203, for example, the valid geographic location range corresponding to the node identifier a is a Shenzhen nan mountain region, and then the node a can join the blockchain network 203 in the Shenzhen nan mountain region.
For the first way, for nodes not belonging to the white list, the nodes may default to be nodes not allowed to join the blockchain network 203.
In a second possible implementation manner, the node management rule information includes a non-join permission node list, where the non-join permission node list includes one or more node identifiers, and a node corresponding to each node identifier may not join the blockchain network 203. In the embodiment of the present invention, the node list which is not allowed to be added may be understood as a blacklist, and a node corresponding to a node identifier in the blacklist may not be added to the block chain 203. For example, the joining permission node list includes a node identifier C and a node identifier D, then the node C corresponding to the node identifier C may not join the blockchain network 203, and the node D corresponding to the node identifier D may not join the blockchain network 203.
For the second way, for nodes not belonging to the blacklist, it may default to a node allowed to join the blockchain network 203.
In a third possible implementation manner, the node management rule information includes a list of allowed nodes and a list of disallowed nodes, that is, a white list and a black list. Further, the node management rule information further includes a limiting condition corresponding to each node identifier in the white list, such as an effective time and/or an effective geographic location.
Further, the node management rule information further includes a rule for defining nodes that are neither whitelisted nor blacklisted, and that can connect to a specific node in the blockchain network 203, but that does not allow a billing node in the blockchain network 203 to be connected. Wherein the designated node is a non-accounting node, such as a verification node. For example, node identification N is neither in the white list nor in the black list, then node N cannot connect to an accounting node in blockchain network 203 and can connect to a designated node in blockchain network 203.
The blockchain platform committee sets the node management rule information on the management node 201, and sets the node management rule information to be deployed on the blockchain of the blockchain network 203 through an intelligent contract. After the completion of the blockchain platform committee setting, the management node 201 transmits the intelligent contract to the blockchain network 203 in the form of transaction, and the accounting node 2034 in the blockchain network 203 receives the intelligent contract deployment request. The smart contract deployment request may be understood as a transaction. The management node 201 may directly send the intelligent contract deployment request to the accounting node 2034 to improve processing efficiency. In the case that the management node 201 does not know which of the accounting nodes are normal nodes, the management node 201 may first send the intelligent contract deployment request to a normal node in the blockchain network 203, and then the normal node sends the intelligent contract deployment request to the accounting node 2034, so as to ensure that the accounting node 2034 can receive the intelligent contract deployment request.
The intelligent contract deployment request is used for requesting the accounting node in the blockchain network 203 to deploy the intelligent contract including the node management rule information, and the embodiment of the present invention is used for requesting the accounting node 2034 to deploy the intelligent contract including the node management rule information.
In step 402, the accounting node 2034 determines whether the intelligent contract deployment request and the intelligent contract satisfy the contract deployment condition.
The accounting node 2034, when receiving the intelligent contract deployment request, determines whether the intelligent contract deployment request and the intelligent contract meet contract deployment conditions, and may specifically include determining whether the intelligent contract deployment request is legal and whether the intelligent contract is legal.
The accounting node 2034 determines whether the intelligent contract deployment request is legal, i.e., whether the transaction is legal. Determining whether the transaction is legal may include determining whether the signature of the transaction is legal, that is, determining whether the signature of the management node 201 carried by the transaction is legal. The accounting node acquires a public key of the management node 201 from a Certificate Authority (CA), and decrypts the carried signature by using the public key to obtain a first digest; acquiring a second abstract of the signature generated by the management node from the transaction; and if the first abstract is the same as the second abstract, determining that the signature is legal, and further determining that the transaction is legal. Determining whether the transaction is legal may further include determining whether the identifier of the management node 201 is included in a preset management node identifier list, and if the identifier is included in the preset management node identifier list and the signature is legal, determining that the transaction is legal. The identifier of the management node may be a node name of the management node, an IP address, or any other information that can identify the management node.
The accounting node 2034 determines whether the intelligent contract is legal, which may include determining whether the intelligent contract has read/write and modification rights (i.e., whether read/write and modification are allowed), whether multiple signatures exist, whether each signature in the multiple signatures is legal, etc. Where multiple signatures are multiple signatures, for example, each bmc corresponds to one signature, the accounting node 2034 needs to determine whether the signature corresponding to each bmc is legal. And determining that the intelligent contract is legal under the condition that the intelligent contract has read-write and modification rights and multiple signatures, and each signature is legal.
In the case where the intelligent contract deployment request is legal and the intelligent contract is legal, the accounting node 2034 may determine that the intelligent contract deployment request and the intelligent contract satisfy the contract deployment condition, and then in this case, step 403 is performed.
If the intelligent contract deployment request is not legal, or the intelligent contract is not legal, or neither is legal, the accounting node 2034 may determine that the intelligent contract deployment request and the intelligent contract do not satisfy the contract deployment condition, in which case the accounting node 2034 transmits an intelligent contract deployment response to the management node 201, the intelligent contract deployment response being used to indicate that the contract deployment condition is not satisfied, or the accounting node 2034 refuses to deploy the intelligent contract.
In step 403, in the case that the determination result in step 402 is yes, the accounting node 2034 deploys the intelligent contract to obtain a deployment result.
If the determination result in step 402 is yes, the accounting node 2034 calls the virtual machine to perform the operation of deploying the intelligent contract, obtains a deployment result, and caches the deployment result, so as to subsequently add the deployment result to the blockchain ledger of the blockchain network 203. The operation of deploying the intelligent contract is executed by calling the virtual machine, so that the intelligent contract can be effectively prevented from being attacked.
Wherein the deployment result may indicate that the intelligent contract is deployed, the intelligent contract including the node management rule information. The deployment result may include address information of the intelligent contract and a deployment status of the intelligent contract, the deployment status being successful. The address information of the intelligent contract is used to indicate where the intelligent contract is cached.
If the deployment state of the intelligent contract included in the deployment result is failure, the accounting node 2034 sends an intelligent contract deployment response to the management node 201, where the intelligent contract deployment response is used to indicate that the deployment has failed. Otherwise, accounting node 2034 performs step 404.
In step 404, the billing node 2034 performs a first consensus on the deployment result in the blockchain network 203.
The accounting node 2034 performs the first consensus on the deployment result in the blockchain network 203 under the condition that the deployment result is obtained and cached. Specifically, the accounting node 2034 sends the deployment result to each blockchain node in the blockchain network 203, and if more than half of the blockchain nodes agree with the deployment result, it may be determined that the blockchain network 203 agrees with the first consensus, that is, agree with deployment of the intelligent contract on the blockchain of the blockchain network 203. For example, if the blockchain network 203 includes 5 blockchain nodes, if 3 blockchain nodes agree to deploy the intelligent contract on a blockchain of the blockchain network 203, then it may be determined that the blockchain network 203 has achieved the first consensus.
Step 405 may be performed where the first consensus is achieved by the blockchain network 203. In the event that the blockchain network 203 does not reach the first consensus, the accounting node 2034 sends an intelligent contract deployment response to the management node 201, the intelligent contract deployment response indicating a deployment failure.
In step 405, the accounting node 2034 adds the deployment result to the blockchain ledger of the blockchain network 203 if the blockchain network 203 achieves the first consensus.
In the case where the blockchain network 203 achieves the first consensus, the accounting node 2034 adds the deployment result to the blockchain ledger of the blockchain network 203, i.e., generates a new block from the deployment result and writes the block into the blockchain ledger.
In step 406, the accounting node 2034 sends an intelligent contract deployment response to the management node 201. Accordingly, the management node 201 receives the intelligent contract deployment response from the accounting node 2034.
Wherein the intelligent contract deployment response is used to indicate that the intelligent contract deployment is successful.
In the embodiment shown in fig. 4, the management node 201 requests, through an intelligent contract deployment request carrying node management rule information, an accounting node in the blockchain network 203 to deploy an intelligent contract including the node management rule information, and the accounting node deploys the intelligent contract, so that the blockchain network 203 can control the joining of the nodes according to the intelligent contract, thereby effectively preventing the blockchain network from being attacked, and further improving the security and reliability of the blockchain network 203.
Referring to fig. 5, a flow chart of another node management method according to an embodiment of the present invention includes, but is not limited to, the following steps:
in step 501, the target node 202 sends a join request to a billing node 2034 in the blockchain network 203. Accordingly, the accounting node 2034 receives the join request from the target node 202.
The join request carries an identifier of the target node 202, where the identifier of the target node 202 may be a device identifier, an IP address, a node name, or the like. The join request is for requesting to join the blockchain network 203. The join request may also include an identification of the blockchain network 203.
Optionally, the join request further includes description information of the target node 202, where the description information is used to describe the type of the target node 202, the purpose of the target node 203 joining the blockchain network 203, and the like. The types can be divided into individual nodes, enterprise nodes or organization nodes, and the like. For example, join the blockchain network 203 to view or access or invoke other intelligent contracts in the blockchain network, etc.
In step 502, the accounting node 2034 determines whether the join request is legitimate.
It will be appreciated that the target node 202 sends the join request to the billing node 2034 in the form of a transaction, and the billing node 2034 determines whether the join request is legitimate, i.e., whether the transaction is legitimate. The process of determining whether the transaction is legal may refer to the detailed description of determining whether the transaction is legal in step 402, which is not repeated herein.
In the case where the join request is legitimate, step 503 is performed. In the event that the join request is not legitimate, a join response is sent to the target node 202 indicating that the transaction is not legitimate or rejecting the join request.
In step 503, in the case that the determination result in step 502 is yes, the accounting node 2034 calls the intelligent contract and loads the node management rule information.
If the determination result in step 502 is yes, the accounting node 2034 calls the virtual machine to execute the transaction, and in the process of executing the transaction, calls the intelligent contract deployed in the embodiment shown in fig. 4, and loads the node management rule information, that is, obtains the node management rule information from the intelligent contract. The content included in the node management rule information may refer to the specific description of the node management rule information in step 401, and is not described herein again.
In step 504, the accounting node 2034 controls the target node 202 to join the blockchain network 203 according to the identification of the target node 202 and the node management rule information.
For the first way in step 401, the accounting node 2034 looks up the identification of the target node 202 in the list of allowed-to-join nodes included in the node management rule information.
If the identity of the target node 202 exists, the target node 202 is allowed to join the blockchain network 203 with a first result. The first result is used to indicate that the target node 202 is allowed to join the blockchain network 203, i.e. the target node 202 may join the blockchain network 203. The accounting node 2034 performs a second consensus on the blockchain network 203 on the first result, and adds the first result to the blockchain ledger if the blockchain network 203 achieves the second consensus.
If the identifier of the target node 202 does not exist, the target node 202 is not allowed to join the blockchain network 203, and a second result is obtained. The second result is used to indicate that the target node 202 is not allowed to join the blockchain network 203, i.e. the target node 202 may not join the blockchain network 203. The accounting node 2034 performs a third consensus on the blockchain network 203 on the second result, and adds the second result to the blockchain ledger if the blockchain network 203 achieves the third consensus.
Optionally, the node management rule information further includes a limiting condition corresponding to each node identifier in the white list, for example, an effective time and/or an effective geographic location. For example, if there is an identifier of the target node 202 and the current time is within the valid time corresponding to the identifier, the target node 202 is allowed to join the blockchain network 203; on the contrary, if the identifier of the target node 202 exists, but the current time is not within the valid time corresponding to the identifier, the target node 202 is not allowed to join the blockchain network. For another example, if there is an identifier of the target 202 and the IP address of the target node 202 is within the valid geographic location range corresponding to the identifier, the target node 202 is allowed to join the blockchain network 203; on the contrary, if the identifier of the target node 202 exists, but the IP address of the target node 202 does not belong to the valid geographic location range corresponding to the identifier, the target node 202 is not allowed to join the blockchain network.
For the second way in step 401, the accounting node 2034 looks up the identification of the target node 202 in the list of disallowed-to-join nodes included in the node management rule information.
If the identity of the target node 202 exists, the target node 202 is not allowed to join the blockchain network 203 with the second result. The second result is used to indicate that the target node 202 is not allowed to join the blockchain network 203. The accounting node 2034 performs a third consensus on the blockchain network 203 on the second result, and adds the second result to the blockchain ledger if the blockchain network 203 achieves the third consensus.
If the identity of the target node 202 exists, the target node 202 is allowed to join the blockchain network 203 with a first result. The first result is used to indicate that the target node 202 is allowed to join the blockchain network 203. The accounting node 2034 performs a second consensus on the blockchain network 203 on the first result, and adds the first result to the blockchain ledger if the blockchain network 203 achieves the second consensus.
For the third way in step 401, the accounting node 2034 finds the identification of the target node 202 in the allowed join node list and the disallowed join node list included in the node management rule information.
If the allowed join node list includes the identity of the target node 202 and the disallowed join node list does not include the identity of the target node 202, then the target node 202 is allowed to join the blockchain network 203 with a first result. The first result is used to indicate that the target node 202 is allowed to join the blockchain network 203. The accounting node 2034 performs a second consensus on the blockchain network 203 on the first result, and adds the first result to the blockchain ledger if the blockchain network 203 achieves the second consensus. Generally, the node identifier of a node exists in a white list or a black list, and does not exist in both the white list and the black list, unless the node identifier exists in the white list under a certain condition and the node identifier exists in the black list under a certain condition.
If the list of allowed nodes does not include the identity of the target node 202 and the list of allowed nodes does not include the identity of the target node 202, then the target node 202 is not allowed to join the blockchain network 203 with a second result. The second result is used to indicate that the target node 202 is not allowed to join the blockchain network 203. The accounting node 2034 performs a third consensus on the blockchain network 203 on the second result, and adds the second result to the blockchain ledger if the blockchain network 203 achieves the third consensus.
If the list of allowed nodes does not include the identity of the target node 202 and the list of allowed nodes does not include the identity of the target node 202, then the target node 202 is allowed to connect to a designated node in the blockchain network 203, but the accounting node in the blockchain network 203 is not allowed to obtain a third result. This third result is used to indicate that target node 202 is allowed to connect to a specified node in blockchain network 203 but not to allow a billing node in blockchain network 203, i.e., target node 202 may connect to a specified node in blockchain network 203 but not to a billing node in blockchain network 203. The accounting node 2034 performs a fourth consensus on the blockchain network 203 on the third result, and adds the third result to the blockchain account book if the blockchain network 203 achieves the fourth consensus. Allowing the target node 202 to connect to a designated node in the blockchain network 203, but not allowing the accounting node in the blockchain network 203, may effectively prevent the target node 202 from attacking the accounting node in case it is a hacker.
At step 505, the accounting node 2034 sends a join response to the target node 202. Accordingly, the target node 202 receives the join response from the accounting node 2034.
For the case where the target node 202 is allowed to join the blockchain network 203, the accounting node 2034 sends a join response to the target node 202 indicating that the target node 202 is allowed to join the blockchain network 203.
For the case where the target node 202 is not allowed to join the blockchain network 203, the accounting node 2034 sends a join response to the target node 202 indicating that the target node 202 is not allowed to join the blockchain network 203.
For the case where target node 202 is allowed to connect to a specified node in blockchain network 203, but the billing node in connected blockchain network 203 is not allowed, billing node 2034 sends a join response to target node 202 indicating that target node 202 is allowed to connect to the specified node in blockchain network 203, but the billing node in connected blockchain network 203 is not allowed.
The embodiment shown in fig. 5 takes the example that the accounting node 2034 receives the join request, and in practical applications, any one of the block chain nodes in the block chain network 203 may receive the join request, and any one of the block chain nodes may perform the embodiment shown in fig. 5, but in the case that the ordinary node performs the embodiment shown in fig. 5, the accounting node adds the execution result (e.g., the first result, the second result, or the third result) to the block chain ledger.
In the embodiment shown in fig. 5, when receiving a join request from a target node, a blockchain node may control the target node to join a blockchain network by calling an intelligent contract deployed in the embodiment shown in fig. 4, so that the blockchain network may be effectively prevented from being attacked, and the security and reliability of the blockchain network 203 may be improved.
Referring to fig. 6, a flowchart of another node management method according to an embodiment of the present invention includes, but is not limited to, the following steps:
in step 601, the management node 201 sends a contract modification request to the accounting node 2034 in the blockchain network 203. Accordingly, accounting node 2034 receives contract modification requests from management node 201.
The contract modification request is used to request modification of the intelligent contract deployed in the embodiment shown in fig. 4, and may include the contract identifier of the intelligent contract, and the accounting node 2034 may carry the contract identifier of the intelligent contract in the intelligent contract deployment response. The contract modification request also comprises modified contents, for example, a certain node identifier is removed from a white list, or a certain node identifier is moved from the white list to a black list, or the effective time corresponding to a certain node identifier in the white list is modified, or a certain rogue node is added into the black list, or a certain node is added into the white list for new services, etc. The modified content may be one or more pieces, as the case may be. The contract modification request also includes an identification of management node 201 for verifying the legitimacy of management node 201.
The blockchain platform committee sets up the modified content for the intelligent contract on the management node 201, the management node 201 transmits the modified content to the blockchain network 203 in the form of transaction after the completion of the setting up of the blockchain platform committee, and the accounting node 2034 in the blockchain network 203 receives the contract modification request. The contract modification request may be understood as a transaction.
At step 602, the accounting node 2034 determines whether the contract modification request is legal.
The accounting node 2034, upon receiving the contract modification request, may determine whether the contract modification request is legal, and may specifically include determining whether the contract modification request is legal and whether the modified content is correct.
Judging whether the contract modification request is legal, that is, judging whether the signature of the transaction is legal, reference may be made to step 402 to judge whether the signature of the transaction is legal, which is not described herein again. The signature of the transaction is the signature of the management node 201.
And judging whether the modified content is correct or not, namely judging whether the modified content conforms to the node management rule or not. For example, the modified content is that the node identifier a is removed from the white list, and if the white list does not include the node identifier a, it may be determined that the modified content is incorrect; if node identification a is included in the white list, it may be determined that the modified content is correct.
In the case where the signature is legitimate and the modification is correct, the accounting node 2034 may determine that the contract modification request is legitimate and then, in this case, perform step 603.
In the event that the signature is not legitimate, or the modified content is incorrect, or the signature is not legitimate and the modified content is incorrect, then the accounting node 2034 may determine that the contract modification request is not legitimate, then in this event the accounting node 2034 sends a contract modification response to the management node 201 indicating that the contract modification request is not legitimate, or the accounting node 2034 refuses to modify the intelligent contract.
Step 603, in the case that the determination result in step 602 is yes, the accounting node 2034 calls the intelligent contract, and modifies the intelligent contract according to the contract modification request to obtain a modification result.
If the determination result in step 602 is yes, the accounting node 2034 calls the virtual machine to execute the transaction, during the process of executing the transaction, the intelligent contract date checks whether the identifier of the management node 201 is legal, and if the check is passed, the accounting node 2034 modifies the intelligent contract according to the contract modification request to obtain a modification result, and caches the modification result.
Wherein, the checking whether the identification of the management node 201 has validity by the intelligent contract may include: comparing the identifier of the management node 201 carried by the contract modification request with the identifier of the management node carried by the intelligent contract, and if the identifiers are consistent, determining that the contract modification request is legal; if not, then there is no legitimacy, the accounting node 2034 sends a contract modification response to the management node 201 indicating that the accounting node 2034 refuses to modify the intelligent contract.
The accounting node 2034 modifies the intelligent contract according to the contract modification request to obtain a modification result, which may include: and modifying the intelligent contract according to the modification content included in the contract modification request to obtain a modification result. The modification result is used to indicate a result of modifying the intelligent contract. For example, if the modified content is that the node identifier M is added to the blacklist, the accounting node 2034 adds the node identifier M to the blacklist to obtain a modified result, where the modified result is used to indicate that the node identifier M is added to the blacklist, or the node identifier M is added to the blacklist.
At step 604, the accounting node 2034 performs a fifth consensus on the modification results in the blockchain network 203.
In step 605, in the case that the blockchain network 203 achieves the fifth consensus, the accounting node 2034 adds the modification result to the blockchain ledger of the blockchain network 203.
In step 606, accounting node 2034 sends a contract modification response to management node 201. Accordingly, management node 201 receives the contract modification response from accounting node 2034.
Wherein the contract modification response is used to indicate that the intelligent contract modification is complete.
In the embodiment shown in fig. 6, the management node 201 modifies the intelligent contract deployed in the embodiment shown in fig. 4 through a contract modification request, so that the intelligent contract can be updated on the blockchain in real time, and the blockchain link points monitor new nodes requesting to join in real time, thereby effectively preventing the blockchain network from being attacked in real time, and further improving the security and reliability of the blockchain network.
It should be noted that the embodiment shown in fig. 4 is the basis of the embodiments shown in fig. 5 and 6, i.e., fig. 5 and 6 are executed after fig. 4. The embodiment shown in fig. 5 and the embodiment shown in fig. 6 do not limit the execution sequence.
Based on the above description of the method embodiments, the embodiment of the present invention further provides a corresponding node management apparatus, which may be a computer program (including program code) running in the accounting node.
Referring to fig. 7, a schematic structural diagram of a node management apparatus according to an embodiment of the present invention is shown, where the apparatus includes: a transceiver unit 701 and a processing unit 702.
A transceiving unit 701, configured to receive an intelligent contract deployment request carrying node management rule information, where the intelligent contract deployment request is used to request to deploy an intelligent contract including the node management rule information;
a processing unit 702, configured to deploy the intelligent contract to obtain a deployment result if the intelligent contract deployment request and the intelligent contract meet a contract deployment condition, and perform a first consensus on the deployment result in a blockchain network; if the blockchain network achieves the first consensus, adding the deployment result to a blockchain account book in the blockchain network;
a transceiving unit 701, further configured to send an intelligent contract deployment response, where the intelligent contract deployment response is used to indicate that the intelligent contract deployment is successful;
the deployment result comprises address information of the intelligent contract and a deployment state of the intelligent contract, and the deployment state is successful.
Optionally, the transceiver 701 is further configured to receive a join request from a target node, where the join request carries an identifier of the target node, and the join request is used to request to join the blockchain network;
the processing unit 702 is further configured to invoke the intelligent contract and load the node management rule information if the join request is legal; controlling the target node to join the block chain network according to the identification of the target node and the node management rule information;
the transceiving unit 701 is further configured to send a join response to the target node.
Optionally, the node management rule information includes a list of nodes allowed to join;
a processing unit 702, configured to allow the target node to join the blockchain network to obtain a first result if the list of allowed nodes includes the identifier of the target node, and perform a second consensus on the first result in the blockchain network; adding the first result to a blockchain account book if the blockchain network achieves a second consensus;
the transceiver unit 701 is specifically configured to send a join response to the target node, where the join response is used to indicate that the target node is allowed to join the blockchain network.
In an embodiment, the node management rule information further includes a list of nodes that are not allowed to be added;
a processing unit 702, configured to, if the list of allowed nodes does not include the identifier of the target node, and the list of disallowed nodes includes the identifier of the target node, disallow the target node to join the blockchain network to obtain a second result, and perform a third consensus on the second result in the blockchain network; if the blockchain network achieves a third consensus, adding the second result to the blockchain account book;
the transceiver 701 is specifically configured to send a join response to the target node, where the join response is used to indicate that the target node is not allowed to join the blockchain network.
Optionally, the processing unit 702 is specifically configured to, if the list of allowed nodes does not include the identifier of the target node, and the list of disallowed nodes does not include the identifier of the target node, allow the target node to connect to a designated node in the blockchain network to obtain a third result, and perform a fourth consensus on the third result in the blockchain network; if the blockchain network achieves a fourth consensus, adding the third result to the blockchain account book;
the transceiving unit 701 is specifically configured to send a join response to the target node, where the join response is used to indicate that the target node allows to connect a designated node in the blockchain network.
Optionally, the processing unit 702 is further configured to determine that the intelligent contract deployment request and the intelligent contract satisfy the contract deployment condition if the intelligent contract deployment request is legal and the intelligent contract is legal.
Optionally, the transceiving unit 701 is further configured to receive a contract modification request for the intelligent contract;
the processing unit 702 is further configured to, if the contract modification request is legal, invoke the intelligent contract, and modify the intelligent contract according to the contract modification request to obtain a modification result; performing a fifth consensus on the modification result in the blockchain network; if the blockchain network achieves a fifth consensus, adding the modification result to the blockchain account book;
the transceiving unit 701 is further configured to send a contract modification response, where the contract modification response is used to indicate that the intelligent contract modification is completed.
Referring to fig. 8, a schematic structural diagram of another node management apparatus according to an embodiment of the present invention is provided, where the apparatus includes a processor 801, a memory 802, and a communication interface 803, and the processor 801, the memory 802, and the communication interface 803 are connected by one or more communication buses.
The processor 801 is configured to support block chain link points to perform the corresponding functions of the block chain node 2044 in the methods of fig. 4-6. The processor 801 may be a Central Processing Unit (CPU), a Network Processor (NP), a hardware chip, or any combination thereof.
The memory 802 is used for storing program codes and the like. The memory 802 may include volatile memory (volatile), such as Random Access Memory (RAM); the memory 802 may also include a non-volatile memory (non-volatile memory), such as a read-only memory (ROM), a flash memory (flash memory), a hard disk (HDD) or a solid-state drive (SSD); the memory 802 may also comprise a combination of the above-described types of memory.
The communication interface 803 is used for transmitting and receiving data, information, messages or the like, and may also be described as a transceiver, a transmitting and receiving circuit or the like.
In an embodiment of the present invention, the processor 801 may call the program code stored in the memory 802 to perform the following operations:
in one embodiment, the control communication interface 803 receives an intelligent contract deployment request carrying node management rule information, where the intelligent contract deployment request is used to request deployment of an intelligent contract including the node management rule information; if the intelligent contract deployment request and the intelligent contract meet contract deployment conditions, deploying the intelligent contract to obtain a deployment result, and performing first consensus on the deployment result in the block chain network; if the blockchain network achieves the first consensus, adding the deployment result to a blockchain account book in the blockchain network; the control communication interface 803 sends an intelligent contract deployment response, which is used to indicate that the intelligent contract deployment is successful;
the deployment result comprises address information of the intelligent contract and a deployment state of the intelligent contract, and the deployment state is successful.
Optionally, the processor 801 is further configured to control the communication interface 803 to receive a join request from a target node, where the join request carries an identifier of the target node, and the join request is used to request to join the blockchain network; if the joining request has validity, calling the intelligent contract and loading the node management rule information; controlling the target node to join the block chain network according to the identification of the target node and the node management rule information; the control communication interface 803 sends a join response to the target node.
Optionally, the node management rule information includes a list of nodes allowed to join;
the processor 801 is specifically configured to allow the target node to join the blockchain network to obtain a first result if the list of allowed nodes includes the identifier of the target node, and perform a second consensus on the first result in the blockchain network; adding the first result to a blockchain account book if the blockchain network achieves a second consensus; the control communication interface 803 sends a join response to the target node indicating that the target node is allowed to join the blockchain network.
In an embodiment, the node management rule information further includes a list of nodes that are not allowed to be added;
the processor 801 is specifically configured to disallow the target node to join the blockchain network to obtain a second result if the allowed node list does not include the identifier of the target node and the disallowed node list includes the identifier of the target node, and perform a third consensus on the second result in the blockchain network; if the blockchain network achieves a third consensus, adding the second result to the blockchain account book; the control communication interface 803 sends a join response to the target node indicating that the target node is not allowed to join the blockchain network.
Optionally, the processor 801 is specifically configured to, if the list of allowed nodes does not include the identifier of the target node, and the list of disallowed nodes does not include the identifier of the target node, allow the target node to connect to a designated node in the blockchain network to obtain a third result, and perform a fourth consensus on the third result in the blockchain network; if the blockchain network achieves a fourth consensus, adding the third result to the blockchain account book; the control communication interface 803 sends a join response to the target node indicating that the target node is allowed to connect to a designated node in the blockchain network.
Optionally, the processor 801 is further configured to determine that the intelligent contract deployment request and the intelligent contract satisfy the contract deployment condition if the intelligent contract deployment request is legal and the intelligent contract is legal.
Optionally, the processor 801 is further configured to control the communication interface 803 to receive a contract modification request for the intelligent contract; if the contract modification request is legal, calling the intelligent contract, and modifying the intelligent contract according to the contract modification request to obtain a modification result; performing a fifth consensus on the modification result in the blockchain network; if the blockchain network achieves a fifth consensus, adding the modification result to the blockchain account book; the control communication interface 803 sends a contract modification response indicating that the intelligent contract modification is complete.
It should be noted that, in the foregoing embodiments, the descriptions of the respective embodiments have respective emphasis, and reference may be made to relevant descriptions of other embodiments for parts that are not described in detail in a certain embodiment.
The steps in the method of the embodiment of the invention can be sequentially adjusted, combined and deleted according to actual needs.
The modules in the processing equipment of the embodiment of the invention can be merged, divided and deleted according to actual needs. In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. The procedures or functions according to the embodiments of the present application are all or partially generated when the computer program instructions are loaded and executed on a computer. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored on a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, the computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by wire (e.g., coaxial cable, fiber optic, digital subscriber line) or wirelessly (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, memory Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
Finally, it should be noted that: the above embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present application.

Claims (10)

1. A node management method based on a block chain is characterized by comprising the following steps:
receiving an intelligent contract deployment request carrying node management rule information, wherein the intelligent contract deployment request is used for requesting to deploy an intelligent contract comprising the node management rule information;
if the intelligent contract deployment request and the intelligent contract meet contract deployment conditions, deploying the intelligent contract to obtain a deployment result, and performing first consensus on the deployment result in a block chain network;
if the blockchain network achieves the first consensus, adding the deployment result to a blockchain account book in the blockchain network;
sending an intelligent contract deployment response, wherein the intelligent contract deployment response is used for indicating that the intelligent contract deployment is successful;
wherein the deployment result comprises address information of the intelligent contract and a deployment state of the intelligent contract, and the deployment state is successful.
2. The method of claim 1, further comprising:
receiving a joining request from a target node, wherein the joining request carries an identifier of the target node, and the joining request is used for requesting to join the block chain network;
if the joining request is legal, calling the intelligent contract and loading the node management rule information;
and controlling the target node to join the block chain network according to the identification of the target node and the node management rule information, and sending a joining response to the target node.
3. The method of claim 2, wherein the node management rule information includes a list of allowed nodes;
the controlling the target node to join the block chain network according to the identifier of the target node and the node management rule information, and sending a joining response to the target node includes:
if the join-allowed node list comprises the identification of the target node, allowing the target node to join the block chain network to obtain a first result, and performing second consensus on the first result in the block chain network;
adding the first result to the blockchain ledger if the blockchain network achieves the second consensus;
and sending a joining response to the target node, wherein the joining response is used for indicating that the target node is allowed to join the block chain network.
4. The method of claim 3, wherein the node management rule information further comprises a list of disallowed join nodes;
the controlling the target node to join the block chain network according to the identifier of the target node and the node management rule information, and sending a joining response to the target node includes:
if the allowed node list does not include the identifier of the target node and the disallowed node list includes the identifier of the target node, disallowing the target node to join the blockchain network to obtain a second result, and performing third consensus on the second result in the blockchain network;
adding the second result to the blockchain ledger if the blockchain network achieves the third consensus;
and sending a joining response to the target node, wherein the joining response is used for indicating that the target node is not allowed to join the block chain network.
5. The method of claim 4, wherein the controlling the target node to join the blockchain network according to the identifier of the target node and the node management rule information, and sending a join response to the target node comprises:
if the allowed node list does not include the identifier of the target node and the disallowed node list does not include the identifier of the target node, allowing the target node to connect with a specified node in the block chain network to obtain a third result, and performing fourth consensus on the third result in the block chain network;
adding the third result to the blockchain ledger if the blockchain network achieves the fourth consensus;
and sending a joining response to the target node, wherein the joining response is used for indicating that the target node is allowed to connect to a specified node in the block chain network.
6. The method according to any one of claims 1-5, further comprising:
and if the intelligent contract deployment request is legal and the intelligent contract is legal, determining that the intelligent contract deployment request and the intelligent contract meet contract deployment conditions.
7. The method according to any one of claims 1-5, further comprising:
receiving a contract modification request for the intelligent contract;
if the contract modification request is legal, calling the intelligent contract, and modifying the intelligent contract according to the contract modification request to obtain a modification result;
performing a fifth consensus on the modification result in the blockchain network;
adding the modification result to the blockchain ledger if the blockchain network achieves the fifth consensus;
sending a contract modification response indicating that the intelligent contract modification is complete.
8. A node management apparatus, comprising:
the intelligent contract deploying method comprises a transceiving unit and a processing unit, wherein the transceiving unit is used for receiving an intelligent contract deploying request carrying node management rule information, and the intelligent contract deploying request is used for requesting to deploy an intelligent contract comprising the node management rule information;
the processing unit is used for deploying the intelligent contract to obtain a deployment result if the intelligent contract deployment request and the intelligent contract meet contract deployment conditions, and performing first consensus on the deployment result in a block chain network; if the blockchain network achieves the first consensus, adding the deployment result to a blockchain account book in the blockchain network;
the transceiving unit is further used for sending an intelligent contract deployment response, and the intelligent contract deployment response is used for indicating that the intelligent contract deployment is successful;
the deployment result comprises address information of the intelligent contract and a deployment state of the intelligent contract, and the deployment state is success or failure.
9. A node management apparatus, comprising:
a processor and a memory, the processor and the memory being coupled to each other, wherein the memory is configured to store a computer program comprising program instructions, the processor being configured to invoke the program instructions to perform the method of any of claims 1 to 7.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program comprising program instructions that, when executed by a processor, cause the processor to perform the method according to any of claims 1 to 7.
CN201911099879.9A 2019-11-12 2019-11-12 Node management method and device based on block chain Active CN110855777B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911099879.9A CN110855777B (en) 2019-11-12 2019-11-12 Node management method and device based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911099879.9A CN110855777B (en) 2019-11-12 2019-11-12 Node management method and device based on block chain

Publications (2)

Publication Number Publication Date
CN110855777A true CN110855777A (en) 2020-02-28
CN110855777B CN110855777B (en) 2022-09-13

Family

ID=69601815

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911099879.9A Active CN110855777B (en) 2019-11-12 2019-11-12 Node management method and device based on block chain

Country Status (1)

Country Link
CN (1) CN110855777B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111786812A (en) * 2020-05-27 2020-10-16 金蝶软件(中国)有限公司 Node management method, node management device, computer equipment and storage medium
CN112235251A (en) * 2020-09-21 2021-01-15 建信金融科技有限责任公司 Block chain management method and device, computer equipment and storage medium
CN113098984A (en) * 2021-06-02 2021-07-09 支付宝(杭州)信息技术有限公司 Method for forming multi-layer block chain system based on registration mechanism and block chain system
CN113672988A (en) * 2020-05-14 2021-11-19 腾讯科技(深圳)有限公司 Block chain-based information management method, system, medium, and electronic device
CN114650231A (en) * 2022-05-13 2022-06-21 南京金宁汇科技有限公司 Visual containerized union link point deployment method and system
WO2023279971A1 (en) * 2021-07-05 2023-01-12 支付宝(杭州)信息技术有限公司 Block synchronization method, and method for making node join blockchain network
CN117349867A (en) * 2023-12-04 2024-01-05 成都峰潮信息技术有限公司 Intelligent contract deployment method, system, equipment and medium
CN117478299A (en) * 2023-12-27 2024-01-30 湖南天河国云科技有限公司 Block chain consensus algorithm switching method, device and computer equipment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180123779A1 (en) * 2016-11-01 2018-05-03 Jiangang Zhang Flexible Blockchain Smart-Contract Deployment
CN109360091A (en) * 2018-08-30 2019-02-19 阿里巴巴集团控股有限公司 A kind of arbitrary object choosing method and device based on block chain
CN109358881A (en) * 2018-10-24 2019-02-19 杭州趣链科技有限公司 A kind of intelligent contract upgrade method that the permission based on intelligent contract is controllable
CN109840429A (en) * 2019-01-08 2019-06-04 北京众享比特科技有限公司 Intelligent contract deployment, call method and device
CN110221837A (en) * 2019-05-21 2019-09-10 深圳壹账通智能科技有限公司 Intelligent contract call method, device, equipment and storage medium
CN110290111A (en) * 2019-05-29 2019-09-27 深圳前海达闼云端智能科技有限公司 Operating right management method, device and block chain node, storage medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180123779A1 (en) * 2016-11-01 2018-05-03 Jiangang Zhang Flexible Blockchain Smart-Contract Deployment
CN109360091A (en) * 2018-08-30 2019-02-19 阿里巴巴集团控股有限公司 A kind of arbitrary object choosing method and device based on block chain
CN109358881A (en) * 2018-10-24 2019-02-19 杭州趣链科技有限公司 A kind of intelligent contract upgrade method that the permission based on intelligent contract is controllable
CN109840429A (en) * 2019-01-08 2019-06-04 北京众享比特科技有限公司 Intelligent contract deployment, call method and device
CN110221837A (en) * 2019-05-21 2019-09-10 深圳壹账通智能科技有限公司 Intelligent contract call method, device, equipment and storage medium
CN110290111A (en) * 2019-05-29 2019-09-27 深圳前海达闼云端智能科技有限公司 Operating right management method, device and block chain node, storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
范吉立等: ""区块链系统中智能合约技术综述"", 《计算机科学》 *

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113672988A (en) * 2020-05-14 2021-11-19 腾讯科技(深圳)有限公司 Block chain-based information management method, system, medium, and electronic device
CN113672988B (en) * 2020-05-14 2023-11-10 腾讯科技(深圳)有限公司 Information management method, system, medium and electronic equipment based on block chain
CN111786812A (en) * 2020-05-27 2020-10-16 金蝶软件(中国)有限公司 Node management method, node management device, computer equipment and storage medium
CN111786812B (en) * 2020-05-27 2023-06-20 金蝶软件(中国)有限公司 Node management method, device, computer equipment and storage medium
CN112235251A (en) * 2020-09-21 2021-01-15 建信金融科技有限责任公司 Block chain management method and device, computer equipment and storage medium
CN113098984A (en) * 2021-06-02 2021-07-09 支付宝(杭州)信息技术有限公司 Method for forming multi-layer block chain system based on registration mechanism and block chain system
WO2023279971A1 (en) * 2021-07-05 2023-01-12 支付宝(杭州)信息技术有限公司 Block synchronization method, and method for making node join blockchain network
CN114650231B (en) * 2022-05-13 2022-10-18 南京金宁汇科技有限公司 Visual containerized union link point deployment method and system
CN114650231A (en) * 2022-05-13 2022-06-21 南京金宁汇科技有限公司 Visual containerized union link point deployment method and system
CN117349867A (en) * 2023-12-04 2024-01-05 成都峰潮信息技术有限公司 Intelligent contract deployment method, system, equipment and medium
CN117349867B (en) * 2023-12-04 2024-02-09 成都峰潮信息技术有限公司 Intelligent contract deployment method, system, equipment and medium
CN117478299A (en) * 2023-12-27 2024-01-30 湖南天河国云科技有限公司 Block chain consensus algorithm switching method, device and computer equipment
CN117478299B (en) * 2023-12-27 2024-03-01 湖南天河国云科技有限公司 Block chain consensus algorithm switching method, device and computer equipment

Also Published As

Publication number Publication date
CN110855777B (en) 2022-09-13

Similar Documents

Publication Publication Date Title
CN110855777B (en) Node management method and device based on block chain
CN109190410B (en) Log behavior auditing method based on block chain in cloud storage environment
CN110636492B (en) Handover of mobile service providers using blockchains
US10790976B1 (en) System and method of blockchain wallet recovery
CN108881187B (en) Cross-link data transmission method and device suitable for permission link scene
KR102002509B1 (en) Privite blockchain system including notarizing center and notarial method thereof
US8549326B2 (en) Method and system for extending encrypting file system
CN110870254A (en) Distributed private subspace blockchain data structure with secure access restriction management
CN110944046B (en) Control method of consensus mechanism and related equipment
CN111476572B (en) Block chain-based data processing method, device, storage medium and equipment
CN111460458B (en) Data processing method, related device and computer storage medium
CN110119390B (en) Financial information outsourcing management system based on block chain
CN110908786A (en) Intelligent contract calling method, device and medium
CN113255014B (en) Data processing method based on block chain and related equipment
JP2024505692A (en) Data processing methods, devices and computer equipment based on blockchain networks
CN113328997A (en) Alliance chain cross-chain system and method
JP2022525551A (en) Preventing erroneous transmission of copies of data records to distributed ledger systems
CN114978635A (en) Cross-domain authentication method and device, and user registration method and device
CN111260475A (en) Data processing method, block chain node point equipment and storage medium
CN113271366B (en) Data sharing system based on block chain and safety calculation
CN110620776A (en) Data transfer information transmission method and device
CN112329058B (en) Access control method, device and medium for multi-organization user information
CN112837023A (en) Business collaboration platform, method and device of organization and electronic equipment
CN114401091B (en) Device cross-domain authentication management method and device based on block chain
CN117118640A (en) Data processing method, device, computer equipment and readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant