CN111563253A - Intelligent contract operation method, device, equipment and storage medium - Google Patents
Intelligent contract operation method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN111563253A CN111563253A CN202010683529.3A CN202010683529A CN111563253A CN 111563253 A CN111563253 A CN 111563253A CN 202010683529 A CN202010683529 A CN 202010683529A CN 111563253 A CN111563253 A CN 111563253A
- Authority
- CN
- China
- Prior art keywords
- target
- contract
- link library
- intelligent contract
- transaction request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 153
- 230000008569 process Effects 0.000 claims abstract description 38
- 238000012545 processing Methods 0.000 claims abstract description 22
- 230000015654 memory Effects 0.000 claims description 28
- 230000003068 static effect Effects 0.000 claims description 27
- 230000004044 response Effects 0.000 claims description 3
- 230000006870 function Effects 0.000 description 13
- 238000004891 communication Methods 0.000 description 4
- 238000004590 computer program Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 238000002955 isolation Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 238000010276 construction Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 238000013523 data management Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000004069 differentiation Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 230000005012 migration Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000001953 sensory effect Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44521—Dynamic linking or loading; Link editing at or after load time, e.g. Java class loading
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application discloses an intelligent contract operation method, an intelligent contract operation device, intelligent contract operation equipment and a storage medium, relates to the technical field of block chains, and can be applied to cloud computing and cloud services. The specific implementation scheme is as follows: acquiring a target transaction request initiated based on a target intelligent contract; the target transaction request comprises a target contract method to be called in a target intelligent contract; calling a target contract method based on the shared link library, and processing a target transaction request in a trusted execution environment; wherein the shared link library is determined by: compiling the target intelligent contract to generate a shared link library linked with a trusted execution environment; and loading the shared link library. The method and the device improve the safety in the running process of the intelligent contract, reduce the resource loss and simultaneously consider the universality of the block chain system.
Description
Technical Field
The application relates to the technical field of computers, in particular to a block chain technology, and specifically relates to an intelligent contract operation method, an intelligent contract operation device, intelligent contract operation equipment and a storage medium.
Background
Smart contracts have complex logical processing capabilities for enabling the mapping of real-world transactions and economic activities to the blockchain world. When data needing privacy protection is processed by using contracts, the existing virtual machine cannot protect the execution process of the intelligent contracts.
Disclosure of Invention
The application provides an intelligent contract operation method, device, equipment and storage medium with higher safety, less resource loss and better universality.
According to an aspect of the present application, there is provided an intelligent contract running method, including:
acquiring a target transaction request initiated based on a target intelligent contract; the target transaction request comprises a target contract method to be called in the target intelligent contract;
calling the target contract method based on a shared link library, and processing the target transaction request in a trusted execution environment; wherein the shared link library is determined by: compiling the target intelligent contract to generate a shared link library linked with a trusted execution environment; and loading the shared link library.
According to another aspect of the present application, there is provided an intelligent contract running apparatus including:
the target transaction request acquisition module is used for acquiring a target transaction request initiated based on a target intelligent contract; the target transaction request comprises a target contract method to be called in the target intelligent contract;
the target transaction request execution module is used for calling the target contract method based on the shared link library and processing the target transaction request in a trusted execution environment;
wherein the shared link library is determined by: compiling the target intelligent contract through a shared link library generating module to generate a shared link library linked with a trusted execution environment; and loading the shared link library through a loading module.
According to yet another aspect of the present application, there is provided an electronic device including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor, and the instructions are executed by the at least one processor to enable the at least one processor to execute any one of the intelligent contract running methods provided by the embodiments of the present application.
According to still another aspect of the present application, there is provided a non-transitory computer-readable storage medium storing computer instructions for causing a computer to execute any one of the intelligent contract execution methods provided by the embodiments of the present application.
The embodiment of the application improves the safety in the running process of the intelligent contract, reduces the resource loss and considers the universality of the block chain system.
It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present disclosure, nor do they limit the scope of the present disclosure. Other features of the present disclosure will become apparent from the following description.
Drawings
The drawings are included to provide a better understanding of the present solution and are not intended to limit the present application. Wherein:
FIG. 1 is a flow chart of a method for running an intelligent contract according to an embodiment of the present disclosure;
FIG. 2 is a flow chart of another method for running intelligent contracts provided by the embodiments of the present application;
FIG. 3 is a flow chart of another method for running intelligent contracts provided by embodiments of the present application;
fig. 4 is a structural diagram of an intelligent contract running apparatus provided in an embodiment of the present application;
fig. 5 is a block diagram of an electronic device for implementing the intelligent contract running method according to the embodiment of the present application.
Detailed Description
The following description of the exemplary embodiments of the present application, taken in conjunction with the accompanying drawings, includes various details of the embodiments of the application for the understanding of the same, which are to be considered exemplary only. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present application. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
The intelligent contract operation method and the intelligent contract operation device provided by the embodiment of the application are suitable for the situation that the intelligent contract is called through the block chain nodes to realize corresponding functions in the block chain system. Each intelligent contract running method provided in the embodiment of the present application may be executed by an intelligent contract running apparatus, where the apparatus is implemented by software and/or hardware, and is specifically configured in an electronic device carrying a block chain node.
Fig. 1 is a flowchart of an intelligent contract running method provided in an embodiment of the present application, where the method includes:
s101, acquiring a target transaction request initiated based on a target intelligent contract; and the target transaction request comprises a target contract method to be called in the target intelligent contract.
The target intelligent contract is an intelligent contract with a certain service function, and the corresponding service function can be realized by calling the target intelligent contract.
S102, calling a target contract method based on a shared link library, and processing a target transaction request in a trusted execution environment; wherein the shared link library is determined by: compiling the target intelligent contract to generate a shared link library linked with a trusted execution environment; and loading the shared link library.
The shared link library can be understood as the existing, mature and reusable executable code, can be loaded into the memory by the operating system to be directly executed, and can be shared by a plurality of programs so as to improve the software development efficiency.
Alternatively, the shared link library may be a static link library for storing a library function used in a source file of the target intelligent contract and an executable file generated by merging the library function with target code generated by the assembly.
It can be understood that the executable file in the statically linked library contains library functions, so that the executable program has no relation with the library functions, can be executed in any environment, and is convenient for program migration.
Optionally, the shared link library may be a dynamic link library, and the stored compiled executable file is not connected to the object code, so that the purpose of hiding the source code is achieved, meanwhile, the space occupation of the shared link library is reduced, and the problem of code coupling is alleviated.
Wherein the Trusted Execution Environment (TEE) is a secure area within the host processor. It runs in a separate environment and in parallel with the operating system. It ensures that the confidentiality and integrity of the code and data loaded in the TEE are protected. By using both hardware and software to protect data and code, this parallel system is more secure than a traditional system, i.e., a Rich Execution Environment (REE). Trusted Applications (TAs) running in the TEE can access all functions of the device main processor and memory, while hardware isolation protects these components from user-installed applications running in the main operating system. Software and cryptographic isolation in the TEE protects different trusted applications from each other.
If the shared link library is a static link library, the object code of the static link library needs to be loaded in advance, and the link to the function library needs to be completed in the compiling period, so that the static link library can be generated only when the electronic equipment is accessed to the block chain system. Illustratively, compiling the target intelligent contract to generate a shared link library linked with the trusted execution environment may be: receiving a target intelligent contract deployment instruction; in response to a target intelligent contract deployment instruction, compiling a target intelligent contract to generate a static link library connected with a trusted execution environment; the shared linked library is loaded.
If the shared link library is a dynamic link library, because the object code of the dynamic link library is loaded when the program runs, the generation of the dynamic link library can be carried out when the electronic equipment is accessed to the blockchain system or in the running process of the blockchain system, thereby facilitating the dynamic deployment, updating and upgrading of the intelligent contract at different running periods of the blockchain system. Illustratively, compiling the target intelligent contract to generate a shared link library linked with the trusted execution environment may be: receiving a target intelligent contract deployment instruction when accessing a blockchain system or in the running process of the blockchain system; and compiling the target intelligent contract in response to the target intelligent contract deployment instruction to generate a dynamic link library linked with the trusted execution environment. The blockchain system may be a conventional blockchain system or a super blockchain system.
Alternatively, the target method may be invoked directly based on the shared linked library to process the target transaction request in the trusted execution environment. In order to avoid confusion when multiple calls of the same target contract method are performed in a target transaction request, in an optional implementation manner of the embodiment of the present application, the target contract method is called based on a shared link library, and the target transaction request is processed in a trusted execution environment, where the steps may be: creating a target contract instance according to the shared link library associated with the contract identifier in the target transaction request; and calling a target contract method in the target contract instance in a trusted execution environment according to the method identification in the target transaction request.
Specifically, selecting a shared link library associated with the target intelligent contract according to the contract identifier in the target transaction request; creating a target contract instance according to the selected shared link library; and calling the corresponding target contract method in the target contract instance according to the method identifier in the target transaction request.
In order to realize the differentiation of different transaction requests, avoid the loss, the leakage or the data confusion of information in the execution process of a target contract method and facilitate the data management, a target session can be established before a target contract instance is established according to a shared link library associated with a contract identifier in a target transaction request; correspondingly, the target contract instance is created according to the shared link library associated with the contract identifier in the target transaction request, which may be: in the target session, a target contract instance is created according to the shared link library associated with the contract identifier in the target transaction request.
Specifically, a target session is created for managing the memory and global variables used in the call, thereby realizing context isolation; initializing a memory and a global variable required by the operation of a contract method in a target session; selecting a shared link library associated with the target intelligent contract according to the contract identifier in the target transaction request; in the target session, a target contract instance is created according to the selected shared link library; calling a corresponding target contract method in the target contract instance according to the method identifier in the target transaction request; and copying the execution result from the contract to the virtual machine memory initialized by the target session.
The method comprises the steps of obtaining a target transaction request initiated based on a target intelligent contract, wherein the target transaction request comprises a target contract method to be called in the target intelligent contract; calling a target contract method based on the shared link library, and processing a target transaction request in a trusted execution environment; wherein the shared link library is determined by: compiling the target intelligent contract to generate a shared link library connected with a trusted execution environment; and loading the shared link library. By adopting the technical scheme, the running process of the target intelligent contract can be migrated from the rich execution environment to the trusted execution environment, so that the safety of the target intelligent contract execution process is improved. Meanwhile, only the process of intelligent contract operation of the virtual machine is migrated to the trusted execution environment, and the generation and loading processes of the shared link library are isolated outside the trusted execution environment. Moreover, the generation of the shared link library connected with the trusted execution environment can be realized by compiling the target intelligent contract, the contract content is not required to be modified, the method can be adapted to the intelligent contract operation method in the existing block chain system, and the universality is good.
Fig. 2 is a flowchart of another intelligent contract running method provided in the embodiment of the present application, which is optimized and improved based on the above technical solutions.
Further, the operation of compiling the target intelligent contract to generate a shared link library linked with a trusted execution environment is refined into compiling the target intelligent contract to obtain a static link library; linking the statically linked library to a target trusted application associated with the target intelligent contract; and compiling the target trusted application linked with the static link library to obtain a shared link library so as to perfect a construction mechanism of the shared link library.
An intelligent contract running method as shown in fig. 2 includes:
s201, compiling the target intelligent contract to obtain a static link library.
S202, linking the static link library to a target trusted application associated with the target intelligent contract.
A trusted application may be understood as an application running in a trusted execution environment. Generally, a plurality of trusted applications may be installed in a trusted execution environment, and different trusted applications are isolated from each other by a cryptographic technique, so that data of other trusted applications cannot be read and operated at will, thereby ensuring data security. In addition, integrity verification is required to be performed on the trusted application before execution, so that the application is not tampered, and the reliability of an operation result is guaranteed.
In the intelligent contract development stage, a trusted application associated with each intelligent contract can be set in the trusted execution environment, so that the associated intelligent contract is run in the trusted execution environment by means of the trusted application.
The target trusted application may be a dynamically linked library, or a binary readable file, among others.
S203, compiling the target trusted application linked with the static link library to obtain the shared link library.
It should be noted that the shared link library is obtained by compiling the target trusted application linked with the static link library, so that when the shared link library is used for target transaction request processing, a target intelligent contract can be called in a trusted execution environment, and the security of the intelligent contract operation process is improved.
And S204, loading the shared link library.
It should be noted that, when the shared link library is a static link library, the shared link library needs to be loaded when the static link library is generated; when the shared link library is a dynamic link library, the shared link library only needs to be loaded before the intelligent contract is called, and convenience is provided for updating and upgrading the intelligent contract.
S205, acquiring a target transaction request initiated based on a target intelligent contract; and the target transaction request comprises a target contract method to be called in the target intelligent contract.
S206, calling a target contract method based on the shared link library, and processing the target transaction request in the trusted execution environment.
Illustratively, invoking a target contract method based on a shared link library to process a target transaction request in a trusted execution environment may be: and accessing the target trusted application in the process, calling a target contract method based on the shared link library through the target trusted application, and processing the target transaction request in the trusted execution environment. It should be noted that, because the access of the target trusted application is performed in the processing process of the virtual machine, the processing process of the target transaction request is more convenient, and the processing efficiency is improved.
It should be noted that S201 to S203 may be executed when the smart contract is deployed, and S204 may be executed when the smart contract is deployed, or may be executed when the smart contract has a call requirement.
According to the method, the target intelligent contract is compiled to generate the shared link library linked with the trusted execution environment, and the shared link library is refined to be compiled to the target intelligent contract to obtain the static link library; linking the static link library to a target trusted application associated with the target intelligent contract; the method has the advantages that the target trusted application linked with the static link library is compiled to obtain the shared link library, so that the generation mechanism of the shared link library is perfected, and the generation process of the shared link library is separated from the subsequent execution process, so that the generation process of the shared link library is isolated outside the trusted execution environment, the endless consumption of resources is avoided, and the reasonable utilization of the resources is realized. Meanwhile, the target intelligent contract is directly compiled and linked, and the code of the target intelligent contract is not processed, so that the intelligent contract running mode in the application can be multiplexed in the existing block chain system, and the universality is high.
Fig. 3 is a flowchart of another intelligent contract running method provided in an embodiment of the present application, and the method provides a preferred implementation manner based on the above technical solutions.
An intelligent contract running method as shown in fig. 3 includes:
s310, compiling;
s320, preloading; and the number of the first and second groups,
s330, operating.
Illustratively, the compilation stage includes:
and S311, calling a contract compiler to compile contract codes of the target intelligent contract into a static link library when receiving the target intelligent contract deployment instruction.
The target intelligent contract deployment instruction can be generated when the electronic device accesses the blockchain system or during the operation of the blockchain system.
S312, linking the static link library into a target trusted application associated with the target intelligent contract in the trusted execution environment; wherein the target trusted application is a dynamic link library.
And S313, compiling the target trusted application associated with the static link library to obtain the dynamic link library.
Illustratively, the preloading phase includes:
s321, loading the dynamic link library into a memory space of the virtual machine.
Illustratively, the operational phase includes:
s331, receiving a target transaction request generated based on a target intelligent contract;
s332, responding to the target transaction request, and creating a target session;
s333, initializing a virtual machine memory and global variables required by contract operation in a target session;
s334, in the target session, creating a target contract instance according to the shared link library associated with the contract identifier in the target transaction request;
s335, accessing the target trusted application in the process according to the method identifier in the target transaction request, and calling the target contract method in the target contract instance in the trusted execution environment;
s336, executing a target contract method in a trusted execution environment according to the global variable and the input parameter in the target transaction request to obtain an execution result;
s337, copying the execution result from the contract to the virtual machine memory associated with the target session.
The method has the advantages that the compiling stage and the preloading stage are separated from the running stage in real time, the running stage is only migrated to the trusted execution environment, the compiling stage and the preloading stage are isolated outside the trusted execution environment, the reasonable utilization of resources can be realized by adopting the light-weight mode while the safety of the running process of the intelligent contract is ensured, and the resource waste is avoided. In addition, the method and the device can realize the connection of the trusted execution environment without modifying the codes of the intelligent contracts, so that the intelligent contract operation method provided by the method and the device has higher universality and universality.
Fig. 4 is a block diagram of an intelligent contract running apparatus according to an embodiment of the present application, where the intelligent contract running apparatus 400 includes: a target transaction request acquisition module 401 and a target transaction request execution module 402.
A target transaction request obtaining module 401, configured to obtain a target transaction request initiated based on a target intelligent contract; the target transaction request comprises a target contract method to be called in a target intelligent contract;
a target transaction request execution module 402, configured to invoke a target contract method based on the shared link library, and process the target transaction request in the trusted execution environment;
wherein the shared link library is determined by: compiling the target intelligent contract to generate a shared link library linked with a trusted execution environment; and loading the shared link library.
The method comprises the steps that a target transaction request initiated based on a target intelligent contract is obtained through a target transaction request obtaining module, wherein the target transaction request comprises a target contract method to be called in the target intelligent contract; calling a target contract method based on a shared link library through a target transaction request execution module, and processing a target transaction request in a trusted execution environment; wherein the shared link library is determined by: compiling the target intelligent contract to generate a shared link library connected with a trusted execution environment; and loading the shared link library. By adopting the technical scheme, the running process of the target intelligent contract can be migrated from the rich execution environment to the trusted execution environment, so that the safety of the target intelligent contract execution process is improved. Meanwhile, only the process of intelligent contract operation of the virtual machine is migrated to the trusted execution environment, and the generation and loading processes of the shared link library are isolated outside the trusted execution environment. Moreover, the generation of the shared link library connected with the trusted execution environment can be realized by compiling the target intelligent contract, the contract content is not required to be modified, the method can be adapted to the intelligent contract operation method in the existing block chain system, and the universality is good.
Furthermore, the device also comprises a shared link library generating module which is used for compiling the target intelligent contract, generating a shared link library linked with the trusted execution environment and loading the shared link library;
the shared link library generation module specifically comprises:
the static link library obtaining unit is used for compiling the target intelligent contract to obtain a static link library;
a statically linked library linking unit for linking the statically linked library to a target trusted application associated with a target intelligent contract;
and the shared link library obtaining unit is used for compiling the target trusted application linked with the static link library to obtain the shared link library.
Further, the target transaction request executing module 402 includes:
and the in-process access unit is used for accessing the target trusted application in a process, calling the target contract method based on the shared link library through the target trusted application and processing the target transaction request in the trusted execution environment.
Further, the shared link library is a dynamic link library; the shared link library generation module comprises:
the deployment instruction receiving unit is used for receiving a target intelligent contract deployment instruction when the blockchain system is accessed or in the operation process of the blockchain system;
and the dynamic link library generating unit is used for responding to a target intelligent contract deployment instruction, compiling the target intelligent contract and generating a dynamic link library linked with a trusted execution environment.
Further, the target transaction request execution module 402 includes:
a target contract instance creating unit, configured to create a target contract instance according to the shared link library associated with the contract identifier in the target transaction request;
and the target contract method calling unit is used for calling the target contract method in the target contract instance in the trusted execution environment according to the method identification in the target transaction request.
Further, the apparatus further comprises:
the target session creating module is used for creating a target session before creating a target contract instance according to the shared link library associated with the contract identifier in the target transaction request;
a target contract instance creation unit comprising:
and the target contract instance creating subunit is used for creating a target contract instance according to the shared link library associated with the contract identifier in the target transaction request in the target session.
The product can execute the method provided by any embodiment of the invention, and has corresponding functional modules and beneficial effects of the execution method.
According to an embodiment of the present application, an electronic device and a readable storage medium are also provided.
Fig. 5 is a block diagram of an electronic device implementing the intelligent contract running method according to the embodiment of the present application. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular phones, smart phones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not meant to limit implementations of the present application that are described and/or claimed herein.
As shown in fig. 5, the electronic apparatus includes: one or more processors 501, memory 502, and interfaces for connecting the various components, including high-speed interfaces and low-speed interfaces. The various components are interconnected using different buses and may be mounted on a common motherboard or in other manners as desired. The processor may process instructions for execution within the electronic device, including instructions stored in or on the memory to display graphical information of a GUI on an external input/output apparatus (such as a display device coupled to the interface). In other embodiments, multiple processors and/or multiple buses may be used, along with multiple memories and multiple memories, as desired. Also, multiple electronic devices may be connected, with each device providing portions of the necessary operations (e.g., as a server array, a group of blade servers, or a multi-processor system). In fig. 5, one processor 501 is taken as an example.
The memory 502, which is a non-transitory computer readable storage medium, may be used to store non-transitory software programs, non-transitory computer executable programs, and modules, such as program instructions/modules (e.g., the target transaction request acquisition module 401 and the target transaction request execution module 402 shown in fig. 4) corresponding to the intelligent contract execution method in the embodiment of the present application. The processor 501 executes various functional applications and data processing of the server by executing the non-transitory software programs, instructions and modules stored in the memory 502, that is, the intelligent contract execution method in the above method embodiment is implemented.
The memory 502 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created by use of the electronic device implementing the intelligent contract execution method, and the like. Further, the memory 502 may include high speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, memory 502 may optionally include memory located remotely from processor 501, and these remote memories may be connected over a network to an electronic device implementing the intelligent contract execution method. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The electronic device for implementing the intelligent contract running method may further include: an input device 503 and an output device 504. The processor 501, the memory 502, the input device 503 and the output device 504 may be connected by a bus or other means, and fig. 5 illustrates the connection by a bus as an example.
The input device 503 may receive input numeric or character information and generate key signal inputs related to user settings and function control of an electronic apparatus implementing the intelligent contract running method, such as a touch screen, a keypad, a mouse, a track pad, a touch pad, a pointing stick, one or more mouse buttons, a track ball, a joystick, or other input devices. The output devices 504 may include a display device, auxiliary lighting devices (e.g., LEDs), and haptic feedback devices (e.g., vibrating motors), among others. The display device may include, but is not limited to, a Liquid Crystal Display (LCD), a Light Emitting Diode (LED) display, and a plasma display. In some implementations, the display device can be a touch screen.
Various implementations of the systems and techniques described here can be realized in digital electronic circuitry, integrated circuitry, application specific ASICs (application specific integrated circuits), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
These computer programs (also known as programs, software applications, or code) include machine instructions for a programmable processor, and may be implemented using high-level procedural and/or object-oriented programming languages, and/or assembly/machine languages. As used herein, the terms "machine-readable medium" and "computer-readable medium" refer to any computer program product, apparatus, and/or device (e.g., magnetic discs, optical disks, memory, Programmable Logic Devices (PLDs)) used to provide machine instructions and/or data to a programmable processor, including a machine-readable medium that receives machine instructions as a machine-readable signal. The term "machine-readable signal" refers to any signal used to provide machine instructions and/or data to a programmable processor.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), Wide Area Networks (WANs), the internet, and blockchain networks.
The computer system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical host and VPS service are overcome.
According to the technical scheme of the embodiment of the application, a target transaction request initiated based on a target intelligent contract is obtained, wherein the target transaction request comprises a target contract method to be called in the target intelligent contract; calling a target contract method based on the shared link library, and processing a target transaction request in a trusted execution environment; wherein the shared link library is determined by: compiling the target intelligent contract to generate a shared link library connected with a trusted execution environment; and loading the shared link library. By adopting the technical scheme, the running process of the target intelligent contract can be migrated from the rich execution environment to the trusted execution environment, so that the safety of the target intelligent contract execution process is improved. Meanwhile, only the process of intelligent contract operation of the virtual machine is migrated to the trusted execution environment, and the generation and loading processes of the shared link library are isolated outside the trusted execution environment. Moreover, the generation of the shared link library connected with the trusted execution environment can be realized by compiling the target intelligent contract, the contract content is not required to be modified, the method can be adapted to the intelligent contract operation method in the existing block chain system, and the universality is good.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present application may be executed in parallel, sequentially, or in different orders, as long as the desired results of the technical solutions disclosed in the present application can be achieved, and the present invention is not limited herein.
The above-described embodiments should not be construed as limiting the scope of the present application. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present application shall be included in the protection scope of the present application.
Claims (14)
1. An intelligent contract running method comprises the following steps:
acquiring a target transaction request initiated based on a target intelligent contract; the target transaction request comprises a target contract method to be called in the target intelligent contract;
calling the target contract method based on a shared link library, and processing the target transaction request in a trusted execution environment; wherein the shared link library is determined by: compiling the target intelligent contract to generate a shared link library linked with a trusted execution environment; and loading the shared link library.
2. The method of claim 1, wherein the compiling the target smart contract to generate a shared linked-library linked with a trusted execution environment comprises:
compiling the target intelligent contract to obtain a static link library;
linking the statically linked library to a target trusted application associated with the target intelligent contract;
compiling the target trusted application linked with the static link library to obtain the shared link library.
3. The method of claim 1, wherein the invoking the target contract method based on a shared-linked library, the processing the target transaction request in a trusted execution environment, comprises:
and accessing the target trusted application in the process, and calling the target contract method through the target trusted application based on the shared link library to process the target transaction request in the trusted execution environment.
4. The method of claim 2, wherein the shared linked library is a dynamic linked library; the compiling the target intelligent contract to generate a shared link library linked with a trusted execution environment comprises:
receiving a target intelligent contract deployment instruction when accessing a blockchain system or in the running process of the blockchain system;
and in response to a target intelligent contract deployment instruction, compiling the target intelligent contract to generate a dynamic link library linked with a trusted execution environment.
5. The method of any of claims 1-4, wherein the invoking the target contract method based on a shared linked library, processing the target transaction request in a trusted execution environment, comprises:
creating a target contract instance according to the shared link library associated with the contract identifier in the target transaction request;
and calling a target contract method in the target contract instance in a trusted execution environment according to the method identification in the target transaction request.
6. The method of claim 5, prior to said creating a target contract instance according to the shared linked-library with which the contract identification in the target transaction request is associated, the method further comprising:
creating a target session;
the creating a target contract instance according to the shared link library associated with the contract identifier in the target transaction request comprises:
and in the target session, creating a target contract instance according to the shared link library associated with the contract identifier in the target transaction request.
7. An intelligent contract running apparatus comprising:
the target transaction request acquisition module is used for acquiring a target transaction request initiated based on a target intelligent contract; the target transaction request comprises a target contract method to be called in the target intelligent contract;
the target transaction request execution module is used for calling the target contract method based on the shared link library and processing the target transaction request in a trusted execution environment;
wherein the shared link library is determined by: compiling the target intelligent contract to generate a shared link library linked with a trusted execution environment; and loading the shared link library.
8. The apparatus of claim 7, wherein the apparatus further comprises:
the shared link library generating module is used for compiling the target intelligent contract, generating a shared link library linked with a trusted execution environment and loading the shared link library;
the shared link library generation module specifically includes:
a static link library obtaining unit, configured to compile the target intelligent contract to obtain a static link library;
a statically linked library linking unit for linking the statically linked library to a target trusted application associated with the target intelligent contract;
and the shared link library obtaining unit is used for compiling the target trusted application linked with the static link library to obtain the shared link library.
9. The apparatus of claim 7, wherein the target transaction request execution module comprises:
and the in-process access unit is used for accessing the target trusted application in a process, calling the target contract method based on the shared link library through the target trusted application and processing the target transaction request in the trusted execution environment.
10. The apparatus of claim 8, wherein the shared linked library is a dynamically linked library; the shared link library generation module comprises:
the deployment instruction receiving unit is used for receiving a target intelligent contract deployment instruction when the blockchain system is accessed or in the operation process of the blockchain system;
and the dynamic link library generating unit is used for responding to a target intelligent contract deployment instruction, compiling the target intelligent contract and generating a dynamic link library linked with a trusted execution environment.
11. The apparatus of any of claims 7-10, wherein the target transaction request execution module comprises:
a target contract instance creating unit, configured to create a target contract instance according to the shared link library associated with the contract identifier in the target transaction request;
and the target contract method calling unit is used for calling the target contract method in the target contract instance in the trusted execution environment according to the method identification in the target transaction request.
12. The apparatus of claim 11, the apparatus further comprising:
a target session creating module, configured to create a target session before creating a target contract instance according to the shared link library associated with the contract identifier in the target transaction request;
the target contract instance creating unit comprises:
and the target contract instance creating subunit is used for creating a target contract instance according to the shared link library associated with the contract identifier in the target transaction request in the target session.
13. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform a method of operating an intelligent contract as claimed in any of claims 1-6.
14. A non-transitory computer-readable storage medium storing computer instructions for causing a computer to perform a smart contract execution method of any one of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010683529.3A CN111563253B (en) | 2020-07-16 | 2020-07-16 | Intelligent contract operation method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010683529.3A CN111563253B (en) | 2020-07-16 | 2020-07-16 | Intelligent contract operation method, device, equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111563253A true CN111563253A (en) | 2020-08-21 |
| CN111563253B CN111563253B (en) | 2020-11-03 |
Family
ID=72071298
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010683529.3A Active CN111563253B (en) | 2020-07-16 | 2020-07-16 | Intelligent contract operation method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111563253B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112215682A (en) * | 2020-10-29 | 2021-01-12 | 支付宝(杭州)信息技术有限公司 | E-commerce live broadcast sale transaction processing method and system based on block chain |
| EP3971742A1 (en) * | 2020-08-31 | 2022-03-23 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods, blockchain nodes and storage media for deploying smart contract |
| WO2024131083A1 (en) * | 2022-12-22 | 2024-06-27 | 腾讯科技(深圳)有限公司 | Data processing method and apparatus, electronic device, computer storage medium and computer program product |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101013368A (en) * | 2007-02-02 | 2007-08-08 | 浙江大学 | Performance optimal design method for graph library of embedded system development platform |
| CN105787353A (en) * | 2014-12-17 | 2016-07-20 | 联芯科技有限公司 | Credible application management system and loading method for credible applications |
| US20180254898A1 (en) * | 2017-03-06 | 2018-09-06 | Rivetz Corp. | Device enrollment protocol |
| CN110032883A (en) * | 2019-01-31 | 2019-07-19 | 阿里巴巴集团控股有限公司 | Method, system and the node of secret protection are realized in block chain |
| WO2019185710A1 (en) * | 2018-03-29 | 2019-10-03 | NEC Laboratories Europe GmbH | Method and system of preserving privacy for usage of lightweight blockchain clients |
| CN111095256A (en) * | 2019-04-26 | 2020-05-01 | 阿里巴巴集团控股有限公司 | Securely executing intelligent contract operations in a trusted execution environment |
-
2020
- 2020-07-16 CN CN202010683529.3A patent/CN111563253B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101013368A (en) * | 2007-02-02 | 2007-08-08 | 浙江大学 | Performance optimal design method for graph library of embedded system development platform |
| CN105787353A (en) * | 2014-12-17 | 2016-07-20 | 联芯科技有限公司 | Credible application management system and loading method for credible applications |
| US20180254898A1 (en) * | 2017-03-06 | 2018-09-06 | Rivetz Corp. | Device enrollment protocol |
| WO2019185710A1 (en) * | 2018-03-29 | 2019-10-03 | NEC Laboratories Europe GmbH | Method and system of preserving privacy for usage of lightweight blockchain clients |
| CN110032883A (en) * | 2019-01-31 | 2019-07-19 | 阿里巴巴集团控股有限公司 | Method, system and the node of secret protection are realized in block chain |
| CN111095256A (en) * | 2019-04-26 | 2020-05-01 | 阿里巴巴集团控股有限公司 | Securely executing intelligent contract operations in a trusted execution environment |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3971742A1 (en) * | 2020-08-31 | 2022-03-23 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods, blockchain nodes and storage media for deploying smart contract |
| US11513780B2 (en) | 2020-08-31 | 2022-11-29 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods, blockchain nodes and storage media for deploying smart contract |
| CN112215682A (en) * | 2020-10-29 | 2021-01-12 | 支付宝(杭州)信息技术有限公司 | E-commerce live broadcast sale transaction processing method and system based on block chain |
| WO2024131083A1 (en) * | 2022-12-22 | 2024-06-27 | 腾讯科技(深圳)有限公司 | Data processing method and apparatus, electronic device, computer storage medium and computer program product |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111563253B (en) | 2020-11-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20210208951A1 (en) | Method and apparatus for sharing gpu, electronic device and readable storage medium | |
| CN111563253B (en) | Intelligent contract operation method, device, equipment and storage medium | |
| CN110806923B (en) | Parallel processing method and device for block chain tasks, electronic equipment and medium | |
| CN109032706B (en) | Intelligent contract execution method, device, equipment and storage medium | |
| JP5936157B2 (en) | Systems, methods, and computer programs for hidden automated data mirroring for native interfaces in distributed virtual machines (hidden automated data mirroring for native interfaces in distributed virtual machines ) | |
| CN110704162B (en) | Method, device and equipment for sharing container mirror image by physical machine and storage medium | |
| US20210191780A1 (en) | Method and apparatus for processing development machine operation task, device and storage medium | |
| US11520606B2 (en) | Dynamic generation of user interface components based on hierarchical component factories | |
| WO2017213846A1 (en) | Automating feature graduation | |
| Zhu et al. | If docker is the answer, what is the question? | |
| CN111782181A (en) | Code generation method and device, electronic equipment and storage medium | |
| CN111783952A (en) | Configuration method, device, system, electronic equipment and storage medium | |
| US20210263912A1 (en) | Method for data processing based on smart contract and device | |
| CN110908675B (en) | Method and device for acquiring running environment and electronic equipment | |
| CN112328301A (en) | Method and device for maintaining consistency of operating environments, storage medium and electronic equipment | |
| CN111767059B (en) | Deployment method and device of deep learning model, electronic equipment and storage medium | |
| US11689630B2 (en) | Request processing method and apparatus, electronic device, and computer storage medium | |
| CN116685946A (en) | Reloading of updated shared libraries without stopping execution of an application | |
| US11275827B2 (en) | Multi-tenant actor systems with web assembly | |
| CN111857825A (en) | Instruction execution method and device, electronic equipment and computer-readable storage medium | |
| CN111767149A (en) | Scheduling method, device, equipment and storage equipment | |
| CN111966877A (en) | Front-end service method, device, equipment and storage medium | |
| CN114661274A (en) | Method and device for generating intelligent contract | |
| US10761914B2 (en) | Replacing generated procedure calls with generated inter-process communication | |
| CN111614494B (en) | Network resource simulation method and device, electronic equipment and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |