CN111488614A - Digital identity storage method and device based on service data block chain - Google Patents

Digital identity storage method and device based on service data block chain Download PDF

Info

Publication number
CN111488614A
CN111488614A CN202010271057.0A CN202010271057A CN111488614A CN 111488614 A CN111488614 A CN 111488614A CN 202010271057 A CN202010271057 A CN 202010271057A CN 111488614 A CN111488614 A CN 111488614A
Authority
CN
China
Prior art keywords
tree
data
stored
user
state
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010271057.0A
Other languages
Chinese (zh)
Inventor
吉建勋
杨慧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Ruice Technology Co Ltd
Original Assignee
Beijing Ruice Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Ruice Technology Co Ltd filed Critical Beijing Ruice Technology Co Ltd
Priority to CN202010271057.0A priority Critical patent/CN111488614A/en
Publication of CN111488614A publication Critical patent/CN111488614A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/22Indexing; Data structures therefor; Storage structures
    • G06F16/2228Indexing structures
    • G06F16/2246Trees, e.g. B+trees
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/22Indexing; Data structures therefor; Storage structures
    • G06F16/2228Indexing structures
    • G06F16/2255Hash tables
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2455Query execution
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Abstract

The invention provides a digital identity storage method and a digital identity storage device based on a service data block chain, which relate to the technical field of block chains and comprise the following steps: determining operation data to be stored, wherein the digital identity corresponds to the operation data to be stored; recording the operation data to be stored in a new block of the service data block chain, wherein the service data block chain corresponds to a tree structure before recording the operation data to be stored, and the tree structure comprises a state tree and a relation tree; the state tree is used for storing the global states after user operation, and the relation tree is used for storing the incidence relation among the global states after user operation; and updating the digital identity corresponding state and the incidence relation in the tree structure based on the operation data to be stored. Therefore, the efficiency of the authorized data processing of the data right can be improved, and the data right information is real and accurate, convenient to query and not capable of being tampered.

Description

Digital identity storage method and device based on service data block chain
Technical Field
The present invention relates to the field of block chain technology, and in particular, to a method and an apparatus for storing digital identities based on a service data block chain.
Background
Currently, the blockchain technology is a distributed stored ledger that uses technologies such as encryption algorithm and consensus mechanism. With the use of blockchain technology, more and more internet data is stored on the blockchain.
In the existing block chain, only transaction data can be stored, wherein the transaction data comprises a transfer party address, a receiving party address and a transfer amount; for various service data (such as evidence storage data, traceability data, financial data, travel data, search data, self-media data, research data, advertisement data, e-commerce data, community data, knowledge question and answer data, knowledge payment data, shared bicycle data, recruitment data, living service data, renting data, voting data, OTO data (also called online to offline data), social data, praise data, evaluation data, internet appointment data and other internet related data), not only the data per se but also the association relationship between the data on the block chain need to be expressed.
Therefore, how to store the service data on the block chain, in other words, how to implement the service data block chain, becomes a problem to be solved urgently.
Disclosure of Invention
The invention aims to provide a digital identity storage method and a digital identity storage device based on a service data block chain, so as to solve the technical problem of low data processing efficiency of data rights in the prior art.
In a first aspect, an embodiment provides a digital identity storage method based on a service data blockchain, which is applied to a service data blockchain system in the internet field, where the service data blockchain system includes a plurality of blockchain nodes, and the method includes:
determining operation data to be stored by a block chain node, wherein the digital identity corresponds to the operation data to be stored;
recording the operation data to be stored in a new block of the service data block chain, wherein the service data block chain corresponds to a tree structure before recording the operation data to be stored, and the tree structure comprises a state tree and a relation tree; the state tree is used for storing the global states after user operation, and the relation tree is used for storing the incidence relation among the global states after user operation;
and updating the digital identity corresponding state and the incidence relation in the tree structure based on the operation data to be stored.
In an optional embodiment, the operation data is user operation data, and the operation data comprises one or more of a timestamp, an operation user address, an operated address, an operation type, a value of transfer, a credit address, a signature of the user on the user operation data, and a hash value of the user operation data; the operation type comprises an operation and a transfer operation of a user on an entity, and the operated address comprises an operation address on the entity and addresses of other operation users.
In an alternative embodiment, the state data stored by the state tree includes one or both of user information and entity information states.
In an alternative embodiment, the state data stored in the on-chain state tree includes integral data, and the attribute type of the integral data includes an associated attribute and a non-associated attribute; and the attribute value of the associated attribute is automatically increased or decreased according to the user operation data.
In an optional embodiment, the tree structure is stored in a database supporting attribute query or a KV database, where the database supporting attribute query includes a relational database and an in-memory database.
In an alternative embodiment, the state tree and/or the relationship tree are organized as an MPT state tree; the MPT state Tree is a Merkle variety of a Merkle Tree of a Tree structure fused with a prefix Tree Trie, and the Merkle Tree is a Merkle Patricia Tree state Tree.
In a second aspect, an embodiment provides a digital identity storage device based on a service data blockchain, which is applied to a service data blockchain system in the internet field, where the service data blockchain system includes a plurality of blockchain nodes, and the device includes:
the device comprises a determining module, a storage module and a processing module, wherein the determining module is used for determining operation data to be stored, and the digital identity corresponding to the operation data to be stored;
the recording module is used for recording the operation data to be stored in a new block of the service data block chain, the service data block chain is corresponding to a tree structure before recording the operation data to be stored, and the tree structure comprises a state tree and a relation tree; the state tree is used for storing the global states after user operation, and the relation tree is used for storing the incidence relation among the global states after user operation;
and the updating module is used for updating the digital identity corresponding state and the incidence relation in the tree structure based on the operation data to be stored.
In a third aspect, an embodiment provides a block link point, including a memory, a processor, and a computer program stored on the memory and executable on the processor, where the processor executes the program to implement the method of any one of the foregoing embodiments.
In a fourth aspect, embodiments provide a blockchain system comprising a plurality of blockchain nodes and a plurality of user equipments, wherein the blockchain nodes are configured to implement the method according to any one of the foregoing embodiments.
In a fifth aspect, embodiments provide a computer-readable storage medium, on which a computer program is stored, and the computer program, when executed by a processor, implements the method of any one of the foregoing embodiments.
The invention provides a digital identity storage method and device based on a service data block chain. Determining operation data to be stored by a block chain node, wherein the digital identity corresponds to the operation data to be stored; recording the operation data to be stored in a new block of the service data block chain, wherein the service data block chain corresponds to a tree structure before recording the operation data to be stored, and the tree structure comprises a state tree and a relation tree; the state tree is used for storing the global states after user operation, and the relation tree is used for storing the incidence relation among the global states after user operation; and updating the digital identity corresponding state and the incidence relation in the tree structure based on the operation data to be stored. Therefore, data can be stored in the block chain, and state information such as ownership of the data is recorded in the block chain, so that the data processing efficiency of data ownership can be improved, the number of times of accessing the block is reduced, and the data ownership information is real, accurate, convenient to query and not to be tampered.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
FIG. 1 is a schematic diagram of an application scenario disclosed in the present application;
FIG. 2 is a diagram illustrating an existing method for organizing account state data of a blockchain into an MPT state tree;
fig. 3 is a schematic diagram of node multiplexing on an existing MPT state tree;
fig. 4 is a schematic flow chart illustrating a digital identity storage method based on a service data block chain according to the present application;
fig. 5 is a schematic block head structure diagram of a service data block chain according to the present application;
fig. 6 is a schematic structural diagram of a digital identity storage device based on a service data block chain according to the present application;
fig. 7 is a schematic diagram of a block link point structure disclosed in the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations.
Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
The embodiment of the application provides a digital identity storage method and device based on a service data block chain. Fig. 1 shows an exemplary architecture of a blockchain network provided for the present application.
As shown in fig. 1, the exemplary architecture may include one or more user equipments 101 and one or more blockchain nodes 102, and when there are a plurality of blockchain nodes 102 and user equipments 101, a blockchain network is formed, where the blockchain nodes in the blockchain network may include storage nodes and out-blocking nodes. User equipment 101 may be configured to interact with blockchain nodes 102, e.g., user equipment 101 sends a user action to a blockchain node; the block chain link point stores the user operation in a block chain; user equipment 101 may also send a query request to the blockchain node, the query request being used to query data in the blockchain.
It should be noted that the architecture of this embodiment is not limited to implement other functions, for example, the user equipment 101 may also be used as a block link node.
For the purpose of facilitating understanding of the embodiments of the present application, the following description will be further explained with reference to specific embodiments, which are not to be construed as limiting the embodiments of the present application.
Blockchains are generally divided into three types: public chain (Public Blockchain), private chain (PrivateBlockchain) and alliance chain (Consortium Blockchain). In addition, there are various types of combinations, such as private chain + federation chain, federation chain + public chain, and other different combinations. The most decentralized of these is the public chain. The public chain is represented by bitcoin and ether house, and the participators joining the public chain can read the data record on the chain, participate in transaction, compete for accounting right of new blocks, and the like.
Furthermore, each participant (i.e., node) is free to join and leave the network and perform related operations. Private chains are the opposite, with the network's write rights controlled by an organization or organization and the data read rights specified by the organization. Briefly, a private chain can be a weakly centralized system with strictly limited and few participating nodes. This type of blockchain is more suitable for use within a particular establishment.
Based on the basic characteristics of a blockchain, a blockchain is usually composed of several blocks. The time stamps corresponding to the creation time of the block are recorded in the blocks respectively, and all the blocks form a time-ordered data chain according to the time stamps recorded in the blocks strictly.
The real data generated by the physical world can be constructed into a standard transaction (transaction) format supported by a block chain, then is issued to the block chain, is identified by node equipment in the block chain, and is packed into a block by the node equipment serving as an accounting node in the block chain after the identification is achieved, and is subjected to persistent evidence storage in the block chain.
In the field of blockchain, an important concept is Account (Account); taking an ether house as an example, the ether house generally divides an account into an external account and a contract account; the external account is an account directly controlled by the user; and the contract account is created by the user through an external account, the account containing the contract code (i.e. the smart contract).
Of course, for some blockchain items derived based on the ethernet framework, the account types supported by the blockchain may be further expanded, and are not particularly limited in this specification.
For accounts in a blockchain, the account status of the account is usually maintained through a structure. When a transaction in a block is executed, the status of the account associated with the transaction in the block chain is also typically changed.
Taking etherhouses as an example, the structure of an account usually includes fields such as Balance, Nonce, Code, and storage. Wherein:
a Balance field for maintaining the current account Balance of the account;
a Nonce field for the number of transactions for the account; the counter is used for guaranteeing that each transaction can be processed only once, and replay attack is effectively avoided.
A code field for maintaining a contract code for the account; in practical applications, only the hash value of the contract code is typically maintained in the code field; thus, the code field is also commonly referred to as a codehash field. For external accounts, this field is null.
storage field to maintain the storage of the account (default to empty). In practical application, the storage field only maintains the root node of an MPT (Merkle Patricia Trie) tree constructed based on the storage content of the account; thus, the storage field is also commonly referred to as the storageRoot field.
Wherein, for the external account, the code field and storage field shown above are null values.
Most blockchain items typically use Merkle trees; alternatively, the data is stored and maintained based on the data structure of the Merkle tree. Taking etherhouses as an example, the etherhouses use MPT tree (a Merkle tree variation) as a data organization form for organizing and managing important data such as account status, transaction information, and the like.
The Etherhouse designs three MPT trees, namely an MPT state tree, an MPT transaction tree and an MPT receipt tree, aiming at data needing to be stored and maintained in a block chain.
The MPT state tree is an MPT tree organized by account state data (state) of all accounts in the block chain; the MPT transaction tree is transaction data (transaction) in a block and is organized into the MPT tree; the MPT receipt tree is an MPT tree organized by transaction receipts (receipts) corresponding to each transaction generated after the transaction in the block is completed. The hash values of the root nodes of the MPT state tree, MPT transaction tree, and MPT receipt tree shown above are all added to the block header.
Wherein the MPT transaction tree and the MPT receipt tree correspond to tiles, each tile having its own MPT transaction tree and MPT receipt tree. The MPT state tree is a global MPT tree, which does not correspond to a specific tile, but covers account state data of all accounts in the tile chain.
For the MPT transaction tree, the MPT receipt tree and the MPT state tree which are organized, the MPT transaction tree, the MPT receipt tree and the MPT state tree are finally stored in a Key-Value type database (for example, L ev DB) which adopts a multi-level data storage structure.
The database adopting the multi-level storage structure can be generally divided into n-level data storage, for example, each level of data storage can be L0, L1, L2, L3.. L (n-1) in sequence, for each level of data storage in the database, the lower the level number is, the higher the level is, for example, L0 stores the latest data of a plurality of blocks, L1 stores the next-to-new data of a plurality of blocks, and so on.
Wherein, the read-write performance of the storage medium corresponding to each level of data storage may also have performance difference in general; the read/write performance of the storage medium corresponding to the data storage with a higher rank (i.e., with a smaller rank number) may be higher than the read/write performance of the storage medium corresponding to the data storage with a lower rank.
For example, in practical applications, a storage medium with higher read-write performance can be used for data storage with a higher level; and the storage medium with low unit cost and large capacity can be used for storing the data with low level.
In practical applications, as the block height increases, the data stored in the database may contain a lot of historical data; also, the longer the data in a block with a smaller block number is, the less important it is. Therefore, in order to reduce the overall storage cost, data of different block heights generally needs to be "treated differently";
for example, the data in the block with the smaller block number can be stored on a storage medium with lower cost; and the data in the block with larger block number is stored on the storage medium with higher cost.
When data such as an MPT transaction tree, an MPT receipt tree and an MPT state tree stored in a database are hierarchically stored, the data are actually irrelevant between blocks due to the fact that the MPT transaction tree and the MPT receipt tree correspond to each block; thus, hierarchical storage is easy for the MPT transaction tree and the MPT receipt tree; for example, the hierarchical storage can be completed by directly performing data migration according to the block numbers to which the nodes on the MPT transaction tree and the MPT receipt tree belong.
Based on this, the present specification will not specifically explain the hierarchical storage of the MPT transaction tree and the MPT receipt tree, but rather the hierarchical storage of the MPT status tree.
Referring to fig. 2, fig. 2 is a schematic diagram illustrating organization of account status data of a blockchain into an MPT status tree according to the present disclosure.
The MPT tree is an improved Merkle tree variety which combines the advantages of two tree structures, namely a Merkle tree and a Trie dictionary tree (also called as a prefix tree).
Three data nodes, a leaf node (leaf node), an extension node (extension node), and a branch node (branch node), are typically included in the MPT tree.
Leaf node, one key-value pair denoted [ key, value ], where key is a special hexadecimal code.
An extension node is also a key-value pair of [ key, value ], but here value is the hash value (hash pointer) of other nodes. I.e. linked to other nodes by hash pointers.
The branch node, because the key in the MPT tree is encoded into a special 16-ary representation, plus the last value, is a list of length 17, the first 16 elements corresponding to the 16 possible hexadecimal characters in the key (one character corresponding to a nibble). If there is a [ key, value ] pair terminating at this branch node, the last element represents a value, i.e., the branch node can be either the termination of the search path or the intermediate node of the path.
Assume that account state data that needs to be organized into an MPT state tree is shown in table 1 below:
Figure BDA0002443174960000101
TABLE 1
In table 1, the account address is a character string composed of several 16-ary characters. The account status state is a structure composed of fields such as Balance, Nonce, Code, and storage.
The MPT state tree is finally organized according to the account state data in the table 1, which is shown in the figure 2; as shown in fig. 2, the MPT state tree organized according to the account state data in table 1 is composed of 4 leaf nodes, 2 branch nodes, and 2 extension nodes.
In fig. 2, the prefix field is a prefix field that the extension node and the leaf node have in common. The value of the prefix field can be used to indicate the node type in practical applications.
The value of the prefix field is 0, which represents an expansion node containing an even number of nibbles; as previously mentioned, a nibble represents a nibble, consisting of a 4-bit binary, and one nibble may correspond to one character that makes up an account address.
The value of the prefix field is 1, and the prefix field represents an expansion node containing odd number of nibbles(s);
the value of the prefix field is 2, which represents a leaf node containing an even number of nibbles;
the value of the prefix field is 3, which indicates that the leaf node contains an odd number of nibbles(s).
And the branch node does not have the prefix field because the branch node is a prefix node of the parallel single neighbor.
A Sharednib field in the extension node, corresponding to a key value of a key-value pair contained in the extension node, representing a common character prefix between account addresses; for example, all account addresses in the table above have a common character prefix a 7. The NextNode field is populated with the hash value (hash pointer) of the next node.
The fields of the 16-system characters 0-f in the branch nodes correspond to the key values of the key value pairs contained in the branch nodes; if the branch node is an intermediate node of the account address on the search path on the MPT tree, the Value field of the branch node may be null. And the hash value used for filling the next node is in the fields 0-f.
The Key-end in a leaf node corresponds to the Key value of the Key-value pair contained in the leaf node and represents the last characters of the account address. The key values of the nodes on the search path from the root node to the leaf nodes form a complete account address. Filling account state data corresponding to the account address in a Value field of the leaf node; for example, the structure composed of the fields such as Balance, Nonce, Code, and storage may be numbered and filled in the Value field of the leaf node.
Further, the node on the MPT state tree shown in fig. 2 is finally stored in the database in the form of Key-Value Key Value pair;
when a node on the MPT state tree is stored in a database, a key in a key value pair of the node on the MPT state tree is a hash value of data content contained in the node; value in the key Value pair of the node on the MPT state tree is the data content contained in the node.
That is, when a node in the MPT state tree is stored in the database, a hash Value of data content contained in the node may be calculated (that is, the whole node is subjected to hash calculation), the calculated hash Value is used as a Key, the data content contained in the node is used as a Value, and a Key-Value Key Value pair is generated; and then storing the generated Key-Value Key Value pair into a database.
Because the node in the MPT state tree takes the hash value of the data content contained in the node as Key and the data content contained in the node as value for storage; therefore, when a node on the MPT state tree needs to be queried, content addressing can be performed as a key based on the hash value of the data content contained in the node. By adopting the content addressing, for some nodes with repeated content, the node can be generally multiplexed to save the storage space of data storage.
As shown in fig. 3, fig. 3 is a schematic diagram of node multiplexing on an MPT state tree shown in this specification.
In practical applications, each time a block chain generates a latest block, the account status of the accounts in the block chain related to the executed transactions will generally change after the transaction in the latest block is executed;
for example, when a "transfer transaction" in a block is completed, the balances of the transferring party account and the transferring party account related to the "transfer transaction" (i.e., the value of the Balance field of these accounts) will usually change accordingly.
After the transaction in the latest block generated by the blockchain is completed, the node device needs to construct an MPT tree according to the current account status data of all accounts in the blockchain because the account status in the current blockchain changes, so as to maintain the latest status of all accounts in the blockchain.
That is, each time a latest block is generated in the block chain and the account status in the block chain changes after the transaction in the latest block is completed, the node device needs to reconstruct an MPT tree based on the latest account status data of all accounts in the block chain.
In other words, each block in the block chain has a corresponding MPT state tree; the MPT status tree maintains the latest account status of all accounts in the blockchain after the transaction in the block is completed.
It should be noted that, after the transaction in the latest block is completed, the account status of only part of the accounts may be changed; therefore, when updating the MPT state tree, it is not necessary to reconstruct a complete MPT state tree based on the current state data of all accounts in the block chain, but only to update the node corresponding to the account whose partial account state changes on the basis of the MPT state tree corresponding to the block before the latest block. For the nodes corresponding to the accounts whose account statuses in the MPT status tree have not changed, since the nodes are updated, the nodes corresponding to the blocks before the latest block can be directly multiplexed.
As shown in fig. 3, it is assumed that the account status data in table 1 is the latest account status of all accounts on the Block chain after the transaction in Block N is completed; the MPT state tree, organized based on the account state data in table 1, is also shown in fig. 2.
Suppose that when the transaction in Block N +1 is completed, the account status that results in the account address "a 7f 9365" in table 1 above is updated to "state 5" from "state 3"; at this time, when Block N +1 updates the MPT state tree, it is not necessary to reconstruct an MPT state tree based on the current state data of all accounts in the Block chain after the transaction in Block N +1 is completed.
Referring to fig. 3, in this case, it is possible to update the Value in the leaf node with "key-end" of "9365" to "state 5" from "state 3" only on the MPT tree corresponding to Block N (i.e., the MPT state tree shown in fig. 2), and continue to update the hash pointers of all nodes on the path from the root node to the leaf node; that is, when a leaf node on the MPT state tree is updated, the hash value of the whole leaf node is updated, and then the hash pointers of all nodes on the path from the root node to the leaf node are also updated accordingly. For example, with continued reference to fig. 3, in addition to the Value in the leaf Node whose "key-end" is "9365", the hash pointer pointing to the leaf Node filled in the f field of the last Branch Node (Branch Node) of the leaf Node needs to be updated; furthermore, the Root Node can be traced back continuously, and the hash pointer pointing to the branch Node filled in the "NextNode" field of the last Root Node (Root Extension Node) of the branch Node is updated continuously.
Except the nodes which are updated, other nodes which are not updated can directly multiplex the corresponding nodes on the MPT state tree of the Block N;
the MPT tree corresponding to the Block N is finally reserved as historical data; therefore, when Block N +1 updates the MPT state tree, these updated nodes are not modified and updated directly on the basis of the original nodes in the MPT state tree corresponding to Block N, but are newly created in the MPT tree corresponding to Block N + 1.
That is, for the MPT state tree corresponding to Block N +1, only a small number of nodes that are updated need to be created again, and for other nodes that are not updated, the corresponding nodes on the MPT state tree corresponding to Block N may be directly multiplexed.
For example, as shown in fig. 3, for an MPT state tree corresponding to Block N +1, only a few nodes that are updated need to be created again; for example, only one extension node, one branch node and one leaf node as a root node need to be created again in fig. 3; for nodes which are not updated, the nodes can be multiplexed by adding hash pointers pointing to corresponding nodes on the MPT state tree corresponding to Block N in the nodes which are re-created on the MPT state tree. The nodes before updating on the MPT state tree corresponding to Block N are used as historical account state data to be stored; for example, the leaf node shown in fig. 3, in which "key-end" is "9365" and Value is "state 3", is to be retained as the history data. In the above example, the content update is performed on a small number of nodes in the MPT state tree of Block N +1, and most of the nodes in the previous Block N can be "multiplexed". In practical applications, a node may be added to the MPT state tree of Block N +1 more than the previous Block N.
In this case, although the newly added node cannot be directly multiplexed from the MPT tree of the previous Block N, it may be "multiplexed" from the MPT state tree of the earlier Block;
for example, a node newly added to the MPT state tree of Block N +1, although appearing in the MPT state tree of Block N, appears in the MPT state tree of an earlier Block; for example, appear on the MPT state tree of Block N-1; therefore, the newly added node on the MPT state tree of Block N +1 can directly multiplex the corresponding node on the MPT state tree of Block N-1.
The above is a description of a storage structure in a conventional block chain, and the following is a description of a storage structure of a service data block chain in the present application.
Fig. 4 is a schematic flow chart of a digital identity storage method based on a service data block chain according to the present application. As shown in fig. 4, the method applied to a service data blockchain system, the blockchain system including a plurality of blockchain nodes, such as the blockchain node 102 in fig. 1, may specifically include the following steps:
s410, determining to-be-stored operation data and a digital identity corresponding to the to-be-stored operation data;
the business data blockchain may be used to store user operation data, which may be operation data of a user on the internet, the user operation data including one or more of evidence storage data, traceability data, financial data, travel data, search data, self-media data, research data, advertisement data, e-commerce data, community data, knowledge question and answer data, payment for knowledge data, shared bicycle data, recruitment data, life service data, renter data, voting data, online-to-offline data, social data, praise data, evaluation data, and online booking data.
In one example, the user operation data includes one or more of a timestamp, an operation user address, an operated address, an operation type, a value of a transfer, a credit address, a signature of the user on the user operation data, and a hash value of the user operation data; the operation type comprises an operation and a transfer operation of a user on the entity, and the operated address comprises an operation address on the entity and addresses of other users.
S420, recording the operation data to be stored in a new block of a service data block chain, wherein the service data block chain corresponds to a tree structure before recording the operation data to be stored, and the tree structure comprises a state tree and a relation tree; the state tree is used for storing the overall states after the user operation, and the relation tree is used for storing the incidence relation among the overall states after the user operation;
the state recorded in the state tree may be a global state after a user operation. The global state after the user operation comprises one or more of integral information, user information and entity information; the user operation is the operation of the user on the service data. The user information may be used to indicate a digital identity of the asset. The assets may be data assets and/or bonus assets. The entity information may be used to indicate data asset information and the credit information may be used to indicate credit asset information. For example, one may be considered an entity, which is a data asset.
For example, the entity may be an article in the self-media platform, and the user may initiate an operation of publishing or selling the article, that is, a transfer operation for the article entity; the user can also initiate a comment, a like or a reward operation for the article, namely a user operation for the article entity.
The points may be user issued points, for example: after a user can pass the notarization and securitize the house, a point is issued on the block chain, and the point uniquely represents the house property on the block chain; alternatively, the house may be securitized, a predetermined number of points issued, possession of the point will have ownership of the house, and will have equal ownership of the house lease or change. In addition, the block chain is provided with native scores which can be used for restricting the operation of the user on the block chain, so that the user is prevented from using the resources of the block chain system without limit; for example: after the users on the blockchain are registered, the users are operated on the blockchain, and the native credits are required to be collated so as to uplink the user operation data.
As an example, any one of the state information (e.g., Account field), credit information (e.g., Asset field), and entity information (e.g., Object field) may be implemented by using an MPT state tree, and the tree root of each MPT state tree is stored in the block header. As shown in FIG. 5, the user Action of the tile store (e.g., the Action field), and the root of the MPT state tree of the Receipt information stored by the on-chain database (e.g., the Recept field) are also stored in the tile header.
The relationship tree may be a relationship between global states after a user operation. The incidence relation indicated by the relation tree comprises one or more of user information-integral information, entity information-integral information and entity information-user information; the user operation is the operation of the user on the service data.
As an example, any one of the association relationship of entity information-user information (e.g., Object-Account field), user information-score information (e.g., Account-Asset field), and entity information-score information (e.g., Object-Asset field) may be implemented by using an MPT relationship tree, and the tree root of each MPT relationship tree is stored in the block header. As shown in FIG. 5, the user Action of the tile store (e.g., Action field), and the root of the MPT relationship tree for Receipt information stored by the on-chain database (e.g., the Recept field) are also stored in the tile header.
In one example, the incidence relation stored by the relation tree comprises the incidence relation of entity information and user information; wherein, one entity information corresponds to one or more user information.
For example: on a self-media platform (such as WeChat, microblog or head bar) on the Internet, one piece of self-media data is praised or commented by a plurality of users; the one-to-many relationship between such entities and users can be expressed by using the association relationship between the entity information and the user information. The method and the device facilitate chaining of the service data and query of the service data by the user.
In another example, the association of the relationship tree includes an association of user information and point information; wherein one user information corresponds to one or more point information.
At this time, a user may have multiple points; for example: a user has both native credits on the blockchain and other types of credits. The incidence relation can describe the one-to-many relation between the user and the score, and meanwhile, the user can conveniently inquire. It should be noted that a user in the blockchain system at least has the native scores of the blockchain system; it is possible to have credits issued by other users or by themselves.
In another example, the incidence relation stored in the relation tree comprises the incidence relation of the entity information and the integral information; wherein one entity information corresponds to one or more integral information.
At this time, equivalently, on the block chain, the securitization of the entity is realized; for example: the ownership of a commodity corresponds to an integral, and the transfer of the integral corresponds to the transfer of the ownership of the commodity; the ownership of a set of houses corresponds to a predetermined number of points, the number of owned points corresponds to the ownership proportion of the houses, and namely, the houses are owned to sell or rent the prices in the same proportion.
The attribute type of the integration data comprises an associated attribute and a non-associated attribute; the attribute types of the user information and/or the entity information include an associated attribute and a non-associated attribute. Wherein the attribute value of the associated attribute is automatically increased or decreased according to the user operation data.
It should be noted that the block in the blockchain system includes a block header and a block body, the block header stores summary information, and the block body stores transfer information (also called transaction information). In this specification, the user operation is stored in a block of the block, and a digest value (also referred to as a hash value) of the user operation is stored in a block header; the on-chain state database in this specification is also part of the storage of the blockchain system, and each blockchain node has the on-chain state database and the block to store the service data in this specification.
And S430, updating the corresponding state and the incidence relation of the digital identity in the tree structure based on the operation data to be stored.
The embodiment of the invention can realize that the data is stored in the block chain, and the state information of the data such as the right (digital identity) and the like is also recorded in the block chain, thereby improving the right determining difficulty of the data right, and ensuring that the data right information is real, accurate, convenient to inquire and not to be falsified.
In one example, any one of the user information, the entity information, the point information, the entity information-user information, the user information-point information, and the entity information-point information is organized into an MPT state tree; the MPT state Tree is a Merkle variety of a Merkle Tree of a Tree structure fused with a prefix Tree Trie, and the Merkle Tree is a Merkle Patricia Tree state Tree.
In one example, any one of the user information, the entity information, the point information, the entity information-user information, the user information-point information, and the entity information-point information is organized into an MPT state tree; wherein the root of any one of the MPT state trees is stored in the block header.
In the above, the information is stored in the way of the MPT state tree, and the user can query through the address information; directly adopting a user address, a point address and an entity address message to inquire information aiming at user information, point information and entity information; and aiming at the entity information-user information, the user information-integral information and the entity information-integral information, respectively adopting an entity address, a user address and an entity address to carry out information inquiry.
In addition, the user address can be obtained by carrying out multiple times of hash operation according to the user public key; the point address or the entity address may be obtained by a user operation of creating a point or an entity, for example: and carrying out multiple times of hash operation on the user operation, and selecting characters with preset digits from the obtained hash value as integral addresses or entity addresses.
In one example, the on-chain database employs a database supporting attribute queries, wherein the on-chain database includes a relational database and an in-memory database. That is, any state information of user information, point information, entity information-user information, user information-point information, and entity information-point information is stored by using a database supporting attribute query, the relational database can be MySql, and the memory database can be MongoDB.
At this time, by using the database supporting attribute query, the user information, the point information, the entity information-user information, the user information-point information, and the entity information-point information can be queried by using corresponding attributes, and the query efficiency of attribute query is higher compared with the query by using an address on a block chain. Meanwhile, the MPT state tree root of the above information is stored in the chunk header, as shown in fig. 5. In actual use, if any of the MPT state trees is not used, the MPT state tree can be set to empty.
In the specification, any one of user information, point information, entity information-user information, user information-point information and entity information-point information is organized into a data structure of an MPT state tree, namely a data logic structure, the adopted storage structure can be a KV database, such as L evalDB database, and also can be a MySql and MongoDB database which support attribute query, and the databases are physical storage structures.
The present specification enables the business data to be uplink, and enables various association relationships of the business data to be uplink; the benefits of the business data uplink include, but are not limited to, true trustworthiness, traceability, personal attribution of data rights, etc.
According to the method and the device, the user operation data are stored in the blocks, the state database on the chain stores the state data and the state associated data, and various attributes of the service data can be stored in the block chain, so that the problem of chaining the service data is solved; in addition, the state data and the state associated data stored in the state database on the chain are convenient for the user to access.
In addition, it should be noted that, the present specification discloses a service data uplink, which employs block-stored user operation data, user information and entity information stored in the link; the user operation data, user information, and entity information may also be referred to as a three-dimensional data model, which is distinguished from two-dimensional data of a user address and a transfer balance in the prior art. The user information, the entity information, the point information and the associated information among the user information, the entity information and the point information also become multi-state information; the storage of the multi-state information uplink, i.e. the uplink of the traffic data.
Fig. 6 is a schematic structural diagram of a digital identity storage device based on a service data block chain according to an embodiment of the present application. As shown in fig. 6, the service data blockchain system applied to the internet field includes a plurality of blockchain nodes, and the apparatus includes:
the determining module 601 is configured to determine to-be-stored operation data and a digital identity corresponding to the to-be-stored operation data;
a recording module 602, configured to record to-be-stored operation data in a new block of a service data block chain, where the service data block chain corresponds to a tree structure before recording to-be-stored operation data, where the tree structure includes a state tree and a relationship tree; the state tree is used for storing the overall states after the user operation, and the relation tree is used for storing the incidence relation among the overall states after the user operation;
the updating module 603 is configured to update the digital identity corresponding state and the association relation in the tree structure based on the operation data to be stored.
In some embodiments, the operation data is user operation data, the operation data comprises one or more of a timestamp, an operation user address, an operated address, an operation type, a value of a transfer, a credit address, a signature of the user on the user operation data, and a hash value of the user operation data; the operation type comprises the operation and the transfer operation of the user on the entity, and the operated address comprises the operation address on the entity and the addresses of other operation users.
In some embodiments, the state tree stores state data including one or both of user information and entity information states.
In some embodiments, the state data stored by the on-chain state tree includes integral data, and the attribute type of the integral data includes an associated attribute and a non-associated attribute; wherein the attribute value of the associated attribute is automatically increased or decreased according to the user operation data.
In some embodiments, the tree structure is stored in a database supporting attribute query or KV database, wherein the database supporting attribute query includes a relational database and an in-memory database.
In some embodiments, the state tree and/or relationship tree is organized as an MPT state tree; the MPT state tree is a Merkle variety of a Merkle tree of a tree structure fused with a prefix tree Trie, and the Merkle tree is a Merkle Patricia tree state tree.
It can be understood that the digital identity storage device based on the service data block chain in this embodiment corresponds to the method embodiment shown in fig. 4, and therefore, the above description about the method embodiment shown in fig. 4 is also applicable to the device in this embodiment, and is not repeated herein.
Fig. 7 shows a block link point structure diagram provided in an embodiment of the present application, and the computer apparatus may include: processor 710, memory 720, input/output interface 730, communication interface 740, and bus 750. Wherein processor 710, memory 720, input/output interface 730, and communication interface 740 are communicatively coupled to each other within the device via bus 750. Processor 710 is configured to execute executable modules stored in memory 720, such as computer programs corresponding to the method embodiments shown in fig. 4.
As for the above fig. 7, the processor may be implemented by a general-purpose CPU (Central Processing Unit), a microprocessor, an Application Specific Integrated Circuit (ASIC), or one or more Integrated circuits, and is configured to execute the relevant programs to implement the technical solutions provided in the embodiments of the present Application.
The Memory may be implemented in the form of a ROM (Read Only Memory), a RAM (Random access Memory), a static storage device, a dynamic storage device, or the like. The memory can store an operating system and other application programs, and when the technical solution provided by the embodiments of the present application is implemented by software or firmware, the relevant program codes are stored in the memory and called by the processor to be executed.
The input/output interface is used for connecting the input/output module to realize information input and output. The i/o module may be configured as a component in a device (not shown) or may be external to the device to provide a corresponding function. The input devices may include a keyboard, a mouse, a touch screen, a microphone, various sensors, etc., and the output devices may include a display, a speaker, a vibrator, an indicator light, etc.
The communication interface is used for connecting a communication module (not shown in the figure) to realize the communication interaction of the equipment and other equipment. The communication module can realize communication in a wired mode (such as USB, network cable and the like) and also can realize communication in a wireless mode (such as mobile network, WIFI, Bluetooth and the like).
A bus includes a path that transfers information between the various components of the device, such as the processor, memory, input/output interfaces, and communication interfaces.
It should be noted that although the above-described device shows only a processor, a memory, an input/output interface, a communication interface and a bus, in a specific implementation, the device may also include other components necessary for normal operation. Furthermore, it will be understood by those skilled in the art that the above-described apparatus may also include only those components necessary to implement the embodiments of the present application, and not necessarily all of the components shown in the figures.
Those of skill would further appreciate that the various illustrative components and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied in hardware, a software module executed by a processor, or a combination of the two. A software module may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The above-mentioned embodiments are further described in detail for the purpose of illustrating the invention, and it should be understood that the above-mentioned embodiments are only illustrative and not intended to limit the scope of the invention, and any modifications, equivalent substitutions, improvements, etc. made within the scope of the invention should be included in the scope of the invention.

Claims (10)

1. A digital identity storage method based on a service data block chain is characterized in that the method is applied to a service data block chain system in the Internet field, the service data block chain system comprises a plurality of block chain nodes, and the method comprises the following steps:
determining operation data to be stored by a block chain node, wherein the digital identity corresponds to the operation data to be stored;
recording the operation data to be stored in a new block of the service data block chain, wherein the service data block chain corresponds to a tree structure before recording the operation data to be stored, and the tree structure comprises a state tree and a relation tree; the state tree is used for storing the global states after user operation, and the relation tree is used for storing the incidence relation among the global states after user operation;
and updating the digital identity corresponding state and the incidence relation in the tree structure based on the operation data to be stored.
2. The digital identity storage method according to claim 1, wherein the operation data is user operation data, and the operation data comprises one or more of a timestamp, an operation user address, an operated address, an operation type, a value of a transfer, a credit address, a signature of the user on the user operation data, and a hash value of the user operation data; the operation type comprises an operation and a transfer operation of a user on an entity, and the operated address comprises an operation address on the entity and addresses of other operation users.
3. The digital identity storage method of claim 1, wherein the state data stored by the state tree includes one or both of user information and entity information states.
4. The digital identity storage method according to claim 1 or 3, wherein the state data stored by the on-chain state tree comprises integral data, and the attribute type of the integral data comprises an associated attribute and a non-associated attribute; and the attribute value of the associated attribute is automatically increased or decreased according to the user operation data.
5. The digital identity storage method according to claim 1, wherein the tree structure is stored by using a database supporting attribute query or a KV database, wherein the database supporting attribute query includes a relational database and an in-memory database.
6. The digital identity storage method of claim 5, wherein the state tree and/or the relationship tree are organized as an MPT state tree; the MPT state Tree is a Merkle variety of a Merkle Tree of a Tree structure fused with a prefix Tree Trie, and the Merkle Tree is a Merkle Patricia Tree state Tree.
7. A service data blockchain-based digital identity storage device, which is applied to a service data blockchain system in the internet field, wherein the service data blockchain system includes a plurality of blockchain nodes, and the device includes:
the device comprises a determining module, a storage module and a processing module, wherein the determining module is used for determining operation data to be stored, and the digital identity corresponding to the operation data to be stored;
the recording module is used for recording the operation data to be stored in a new block of the service data block chain, the service data block chain is corresponding to a tree structure before recording the operation data to be stored, and the tree structure comprises a state tree and a relation tree; the state tree is used for storing the global states after user operation, and the relation tree is used for storing the incidence relation among the global states after user operation;
and the updating module is used for updating the digital identity corresponding state and the incidence relation in the tree structure based on the operation data to be stored.
8. A block link point comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of any one of claims 1 to 6 when executing the program.
9. A blockchain system comprising a plurality of blockchain nodes and a plurality of user equipments, the blockchain nodes being configured to implement the method of any one of claims 1 to 6.
10. A computer-readable storage medium, having stored thereon a computer program which, when executed by a processor, implements the method of any of claims 1-6.
CN202010271057.0A 2020-04-08 2020-04-08 Digital identity storage method and device based on service data block chain Pending CN111488614A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010271057.0A CN111488614A (en) 2020-04-08 2020-04-08 Digital identity storage method and device based on service data block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010271057.0A CN111488614A (en) 2020-04-08 2020-04-08 Digital identity storage method and device based on service data block chain

Publications (1)

Publication Number Publication Date
CN111488614A true CN111488614A (en) 2020-08-04

Family

ID=71812684

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010271057.0A Pending CN111488614A (en) 2020-04-08 2020-04-08 Digital identity storage method and device based on service data block chain

Country Status (1)

Country Link
CN (1) CN111488614A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112653767A (en) * 2020-12-25 2021-04-13 北京天融信网络安全技术有限公司 Digital identity management method and device, electronic equipment and readable storage medium
CN112800132A (en) * 2021-01-12 2021-05-14 东北大学 Block chain storage method of electronic file
CN112866241A (en) * 2021-01-15 2021-05-28 迅鳐成都科技有限公司 Block chain-based digital identity updating method, equipment and storage medium
CN112988910A (en) * 2021-05-07 2021-06-18 支付宝(杭州)信息技术有限公司 Block chain data storage method and device and electronic equipment

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112653767A (en) * 2020-12-25 2021-04-13 北京天融信网络安全技术有限公司 Digital identity management method and device, electronic equipment and readable storage medium
CN112653767B (en) * 2020-12-25 2022-07-12 北京天融信网络安全技术有限公司 Digital identity management method and device, electronic equipment and readable storage medium
CN112800132A (en) * 2021-01-12 2021-05-14 东北大学 Block chain storage method of electronic file
CN112800132B (en) * 2021-01-12 2023-08-08 东北大学 Block chain storage method of electronic file
CN112866241A (en) * 2021-01-15 2021-05-28 迅鳐成都科技有限公司 Block chain-based digital identity updating method, equipment and storage medium
CN112988910A (en) * 2021-05-07 2021-06-18 支付宝(杭州)信息技术有限公司 Block chain data storage method and device and electronic equipment
CN112988910B (en) * 2021-05-07 2021-09-24 支付宝(杭州)信息技术有限公司 Block chain data storage method and device and electronic equipment
WO2022233274A1 (en) * 2021-05-07 2022-11-10 支付宝(杭州)信息技术有限公司 Block chain data storage method and apparatus, and electronic device

Similar Documents

Publication Publication Date Title
CN111488396B (en) Data synchronization method and device for service data block chain
CN111488614A (en) Digital identity storage method and device based on service data block chain
CN111694837A (en) Shared data storage method and device based on service data block chain
CN111737726A (en) Relation data query method and device based on business data block chain
CN111488608A (en) Data verification method and device for service data block chain
CN111488610A (en) State data query method and device based on service data block chain
CN111488611B (en) Relation data storage method and device of business data block chain
CN111695136A (en) Method and system for realizing service data block chain
CN111488607A (en) Data processing method and device for service data block chain
CN111523137A (en) Data recommendation method and device based on service data block chain
CN111695137A (en) Travel data storage method and system based on business data block chain
CN111695139A (en) Knowledge question-answer data storage method and system based on service data block chain
CN111488606B (en) Data sharing method and device based on service data block chain
CN111737728A (en) Self-media data storage method and system based on service data block chain
CN111488356A (en) Data storage method and device for service data block chain
CN111695132A (en) Voting data storage method and system based on service data block chain
CN111488345A (en) Storage optimization method and device for service data block chain
CN111488352A (en) Point exchange method and device based on business data block chain
CN111737729A (en) Evaluation data storage method and system based on service data block chain
CN111737732A (en) Contract data storage method and device based on business data block chain
CN111488612A (en) State data query method and device based on service data block chain
CN111488605A (en) Data uplink method and device of service data block chain
CN111695135A (en) Relation data query method and device based on business data block chain
CN111737733A (en) Method and system for realizing service data block chain
CN111737734A (en) Intellectual property data storage method and device based on service data block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20200804