CN111709742A - Method for preventing root address exposure in blockchain system, computer readable storage medium and blockchain system - Google Patents

Method for preventing root address exposure in blockchain system, computer readable storage medium and blockchain system Download PDF

Info

Publication number
CN111709742A
CN111709742A CN202010418135.5A CN202010418135A CN111709742A CN 111709742 A CN111709742 A CN 111709742A CN 202010418135 A CN202010418135 A CN 202010418135A CN 111709742 A CN111709742 A CN 111709742A
Authority
CN
China
Prior art keywords
receiver
transaction
address
public key
initiator
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010418135.5A
Other languages
Chinese (zh)
Other versions
CN111709742B (en
Inventor
杜晓楠
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN202010418135.5A priority Critical patent/CN111709742B/en
Publication of CN111709742A publication Critical patent/CN111709742A/en
Application granted granted Critical
Publication of CN111709742B publication Critical patent/CN111709742B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Abstract

The invention relates to a method for preventing root address exposure in a block chain system, which comprises that a transaction user respectively generates a read key pair and a write key pair; the transaction receiver takes the receiver read public key and the receiver write public key as a receiver root address, generates a receiver subaddress based on the receiver root address, and sends the receiver subaddress to the transaction initiator; the transaction initiator generates a session key pair and generates a change amount output and an initiation amount output based on the session key pair, the recipient subaddress and the initiator address. And the transaction receiver searches and matches the initiated amount in the transaction information by adopting the transaction public key, the receiver read key and the self transaction amount and outputs the initiated amount. The invention also relates to a computer readable storage medium and a blockchain system. The invention can ensure the safety of the root address of the receiver, thereby preventing the root address from being exposed in the block chain system for ensuring the transaction safety. The transaction receiver does not need to store the different addresses, and the transaction safety is further ensured.

Description

Method for preventing root address exposure in blockchain system, computer readable storage medium and blockchain system
Technical Field
The present invention relates to the field of blockchain, and more particularly, to a method, a computer-readable storage medium, and a blockchain system for preventing exposure of a root address in a blockchain system.
Background
The blockchain technology is a shared distributed database technology, and the advantages of the blockchain technology are mainly highlighted in aspects of distributed decentralization, no need of trusting a system, no tampering, encryption security and the like. The method is a technology for maintaining a complete, distributed and non-falsifiable account book database by using a decentralized consensus mechanism, and can realize a uniform account book system by participants in a block chain on the premise of not establishing a trust relationship.
The blockchain wallet is broadly an application that provides an interactive interface for users, controls user access rights, manages keys and addresses, tracks balances, and creates and signs transactions. The secret key comprises a public key and a private key, the private key is generated by a random number seed, and the public key is obtained by deducing the private key through an algorithm. Since the public key is too long, for simplicity and practicality, an address is required, which is a string of numbers and letters that can be shared with anyone who wants to trade with you.
During the transaction, the receiver needs to send its address to the initiator. Since the address issued to each initiator is the same, there is a significant risk to the recipient of the funds security if any one of the initiators is intercepted by a hacker, resulting in an exposed address.
Disclosure of Invention
The present invention provides a method, a computer-readable storage medium, and a block chain system for preventing root address exposure in a block chain system, which can initiate different sub-addresses for different transaction initiators, thereby ensuring the root address security of a receiver and further ensuring the transaction security, in view of the above-mentioned drawbacks of the prior art.
The technical scheme adopted by the invention for solving the technical problems is as follows: a method for preventing root address exposure in a block chain system is constructed, and the method comprises the following steps:
s1, the transaction user respectively generates a read key pair and a write key pair; the read key pair comprises a read public key and a read private key, and the write key pair comprises a write public key and a write private key;
s2, the transaction receiver takes the receiver read public key and the receiver write public key as the receiver root address, generates the receiver sub-address based on the receiver root address, and sends the receiver sub-address to the transaction initiator;
s3, the transaction initiator generates a session key pair, the session key pair comprises a transaction public key and a transaction private key, the transaction initiator generates a change amount output and an initiation amount output based on the session key pair, the receiver sub-address and the initiator address, wherein the transaction initiator uses an initiator write public key and an initiator read public key as the initiator address;
s4, the transaction initiator writes the transaction public key, the initiation amount output and the change amount output into transaction information and initiates the transaction information into a blockchain system;
and S5, the transaction receiver adopts the transaction public key, the receiver read key and the self transaction amount to search and match the initiation amount in the transaction information and output the initiation amount.
In the method for preventing root address exposure in the blockchain system according to the present invention, the step S1 further includes:
s11, the transaction receiver selects an elliptic curve, selects a base point on the elliptic curve as a general base point, uses a scalar on the elliptic curve as a receiver reading private key, and generates a receiver reading public key by carrying out elliptic curve multiplication on the basis of the general base point and the receiver reading private key;
s12, the transaction receiver selects an elliptic curve, selects a base point on the elliptic curve as a general base point, uses a scalar on the elliptic curve as a receiver writing private key, and generates a receiver writing public key by carrying out elliptic curve multiplication on the basis of the general base point and the receiver writing private key;
s13, the transaction initiator selects an elliptic curve, selects a base point on the elliptic curve as a general base point, uses a scalar on the elliptic curve as an initiator read private key, and then generates the initiator read public key by carrying out elliptic curve multiplication on the basis of the general base point and the initiator read private key;
s14, the transaction initiator selects an elliptic curve, selects a base point on the elliptic curve as a general base point, uses a scalar on the elliptic curve as an initiator write private key, and then generates the initiator write public key by carrying out elliptic curve multiplication on the basis of the general base point and the initiator write private key.
In the method for preventing root address exposure in the blockchain system according to the present invention, the step S2 further includes:
s21, the transaction receiver takes the receiver read public key and the receiver write public key as the receiver root address;
s22, the transaction receiver generates the receiver subaddress based on the receiver root address, the receiver writing public key of the old subaddress and the address generation scalar, wherein the receiver subaddress comprises a subaddress reading public key and a subaddress writing public key;
and S23, the transaction receiver sends the receiver sub-address to the transaction initiator.
In the method for preventing root address exposure in the blockchain system according to the present invention, the step S22 further includes:
s221, constructing a hash table list consisting of a receiver public writing key of the old sub-address and an address generation scalar;
s222, selecting an unused address generation scalar, and calculating the sub-address reading public key and the sub-address writing public key based on the receiver writing public key, the receiver reading private key, the address generation scalar and a universal base point.
And S223, performing Hash mapping on the sub-address writing public key and the address generation scalar.
In the method for preventing root address exposure in the block chain system according to the present invention, in the step S222,
Di=B+Hs(a,i)G
Ci=aDi
wherein D isiWriting a public key for said sub-address, CiReading a public key for the sub-address, G being a common base point, a being the receiver-read private key, HsAnd B, writing a public key for the receiver for the hash function.
In the method for preventing root address exposure in the blockchain system according to the present invention, the step S3 further includes:
s31, the transaction initiator selects an elliptic curve and a scalar on the elliptic curve as a transaction private key, and generates the transaction public key by using the sub-address write public key as a base point;
s32, the transaction initiator generates an initiation amount output based on the sub-address write public key, the sub-address read public key and the transaction private key; and generating and outputting the change amount based on the transaction private key, the initiator write public key and the initiator read public key.
In the method for preventing root address exposure in the blockchain system according to the present invention, in the step S32,
P=Hs(sCi)+Di
Pc=Hs(Xs)+Y;
wherein DiWriting a public key, C, for said sub-addressiReading the public key for the sub-address, s is the transaction private key, P is the initiation amount output, Y is the initiator write public key, X is the initiator read public key, PcAnd outputting the change amount.
In the method for preventing root address exposure in the blockchain system according to the present invention, the step S5 further includes:
s51, the transaction receiver scans the transaction information to output and calculate the address to be verified based on the receiver read private key, the transaction public key and the initiation amount;
s52, the transaction receiver judges whether the output points to the transaction receiver or not based on whether the address to be verified corresponds to the address generation scalar in the hash table list or not;
s53, the transaction receiver generates scalar spending the initiation amount output based on the receiver read private key, the receiver write private key, the transaction public key and the address.
Another technical solution to solve the technical problem of the present invention is to configure a computer-readable storage medium, on which a computer program is stored, wherein the computer program, when executed by a processor, implements the method for preventing root address exposure in a blockchain system.
In order to solve the technical problems, the present invention adopts another technical solution in which a blockchain system is constructed, the blockchain system including a plurality of blockchain nodes, the blockchain nodes having stored thereon a computer program, the computer program, when executed by a processor, implementing a method for preventing root address exposure in the blockchain system.
By implementing the method for preventing the root address from being exposed in the blockchain system, the computer-readable storage medium and the blockchain system, the transaction receiver can disclose different addresses to different transaction initiators when receiving transaction amount in a manner of constructing the sub-address based on the root address, so that the root address of the receiver can be ensured to be safe, and the root address can be prevented from being exposed in the blockchain system for ensuring the transaction safety. Furthermore, the transaction receiver does not need to store the different addresses, and can retrieve all the money by only needing the root address, so that resources are saved, and the transaction safety is further ensured.
Drawings
The invention will be further described with reference to the accompanying drawings and examples, in which:
FIG. 1 is a flow chart of a first preferred embodiment of a method for preventing root address exposure in a blockchain system according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The present invention actually provides a method for preventing root address exposure in a blockchain system suitable for UTXO transaction model, which can make the user disclose different addresses to different initiators when receiving money, but can retrieve all money by only retaining the private key of the root address without retaining these different addresses.
In the invention, a transaction receiver adopts an elliptic curve encryption algorithm to generate a pair of root key pairs, wherein one key pair has the right to retrieve the user amount, and the other key pair has the right to spend the user amount. The public key combination of the two key pairs may generate the receiver root address. The transaction receiver uses a different address to receive the amount to prevent its own root address from being exposed, so a new sub-address needs to be generated using the root key, which also consists of two pairs of public keys, which do not have private keys. The transaction receiver publishes its own sub-address to the transaction initiator. The transaction initiator sends the transaction to the user, firstly, a transaction key pair is generated, a private key of the key pair and a public key of the opposite party are used for generating a sub-address which outputs to the transaction receiver for disclosure, the other output directs to the initiator for receiving the change address, then the transaction is sent to a block chain, and after the block chain is verified, the transaction is packaged into a block. And then the transaction receiver uses the root key of the transaction receiver to perform transaction on the scanning block chain, and if the output points to the same output derived by the root key and the transaction public key of the transaction receiver, the sum of money is considered to belong to the transaction receiver.
FIG. 1 is a flow chart of a first preferred embodiment of a method for preventing root address exposure in a blockchain system according to the present invention. As shown in fig. 1, in step S1, the transaction user generates a read key pair and a write key pair, respectively. The read key pair comprises a read public key and a read private key, and the write key pair comprises a write public key and a write private key. In a preferred embodiment of the present invention, the read key pair and the write key pair are generated using an elliptic key system. In other preferred embodiments of the present invention, other key generation architectures may be employed to generate the read key pair and write key pair of the present invention. Where the read key has asset read rights and the write key pair has asset spending rights.
In a preferred embodiment of the present invention, the transaction receiving party selects an elliptic curve, selects a base point on the elliptic curve as a general base point, uses a scalar on the elliptic curve as a receiving party reading private key, and then generates the receiving party reading public key by performing elliptic curve multiplication based on the general base point and the receiving party reading private key. Similarly, the transaction receiving party selects an elliptic curve, selects a base point on the elliptic curve as a general base point, uses a scalar on the elliptic curve as a writing private key of the receiving party, and then generates the writing public key of the receiving party by carrying out elliptic curve multiplication on the basis of the general base point and the writing private key of the receiving party. The transaction initiator selects an elliptic curve, selects a base point on the elliptic curve as a general base point, uses a scalar on the elliptic curve as an initiator read private key, and then generates the initiator read public key by carrying out elliptic curve multiplication on the basis of the general base point and the initiator read private key. Similarly, the transaction initiator selects an elliptic curve, selects a base point on the elliptic curve as a general base point, uses a scalar on the elliptic curve as an initiator write private key, and then generates the initiator write public key by carrying out elliptic curve multiplication on the basis of the general base point and the initiator write private key.
In step S2, the transaction receiver takes the receiver read public key and the receiver write public key as the receiver root address, generates a receiver sub-address based on the receiver root address, and initiates the receiver sub-address to the transaction initiator.
In a preferred embodiment of the present invention, the transaction receiver uses the receiver read public key and the receiver write public key as the receiver root address. And the transaction receiver generates the receiver subaddress based on the receiver root address, the receiver write public key of the old subaddress and an address generation scalar, wherein the receiver subaddress comprises a subaddress read public key and a subaddress write public key. The transaction recipient then initiates the recipient sub-address to a transaction initiator.
Preferably, the construction process of the receiver sub-address is as follows. A hash table list consisting of a receiver write public key of an old sub-address and an address generation scalar is constructed. An unused address generation scalar is then selected, and the sub-address read public key and the sub-address write public key are calculated based on the receiver write public key, the receiver read private key, the address generation scalar, and a common base point. And finally, performing Hash mapping on the sub-address writing public key and the address generation scalar.
In step S3, the transaction initiator generates a session key pair, where the session key pair includes a transaction public key and a transaction private key, and the transaction initiator generates a change amount output and an initiation amount output based on the session key pair, the recipient sub-address and the initiator address, where the transaction initiator uses an initiator write public key and an initiator read public key as the initiator address.
In a preferred embodiment of the present invention, the transaction initiator selects an elliptic curve and a scalar on the elliptic curve as a transaction private key, and generates the transaction public key using the subaddress write public key as a base point. Then the transaction initiator generates an initiation amount output based on the sub-address write public key, the sub-address read public key and the transaction private key; and generating and outputting the change amount based on the transaction private key, the initiator write public key and the initiator read public key.
In step S4, the transaction initiator writes the transaction public key, the initiation amount output, and the change amount output into transaction information and initiates the transaction information to the blockchain system. Those skilled in the art will appreciate that any signature generation and signature verification techniques known in the art may be used in the steps to implement the steps, and will not be described in further detail herein.
In step S5, the transaction receiver searches for and matches the initiation amount in the transaction information with the transaction public key, the receiver read key, and the self-transaction amount, and outputs the initiation amount.
In a preferred embodiment of the present invention, the transaction receiver scans the transaction information to calculate an address to be verified based on the receiver read private key, the transaction public key, and the initiation amount output. And the transaction receiver judges whether the output points to the transaction receiver or not based on whether the address to be verified corresponds to the address generation scalar in the hash table list or not. If the transaction recipient needs to spend the initiation amount output, the transaction recipient generates a scalar spending the initiation amount output based on the recipient read private key, the recipient write private key, the transaction public key, and the address.
By implementing the method for preventing the root address from being exposed in the blockchain system, the transaction receiver can disclose different addresses to different transaction initiators when receiving transaction amount in a mode of constructing the sub-address based on the root address, so that the root address of the receiver can be ensured to be safe, and the root address can be prevented from being exposed in the blockchain system for ensuring the transaction safety. Furthermore, the transaction receiver does not need to store the different addresses, and can retrieve all the money by only needing the root address, so that resources are saved, and the transaction safety is further ensured.
Specific embodiments of the present invention are further described below. In the present invention, all the key pairs can be generated in the following manner.
The method is characterized in that an elliptic curve is selected, a general base point G is selected on the curve, and the private key can be deduced from the public key by carrying out elliptic curve multiplication on scalars a and G, and the process is irreversible. For example: and a scalar a is selected as a private key to be subjected to elliptic curve multiplication with G, and aG can be deduced to be A, but a cannot be deduced through A. Selecting a Hash scalar function Hs() The function may perform an irreversible hash mapping of a scalar on an elliptic curve and a product of the scalar and a base point.
Based on this, the transaction receiver generates a pair of key pairs (a, a) (B, B) on an elliptic curve, where a is the receiver read private key, a is the receiver read public key, B is the receiver write private key and B is the receiver write public key. The receiver reads the public key A and writes the public key B as the receiver root address (A, B).
The transaction receiver wants to disclose different addresses to different transaction initiators to prevent the root addresses (a, B) from being exposed, it needs to maintain a list implemented by a hash table in the wallet, the list is composed of the receiver public writing keys of the old sub-addresses and the address generation scalar.
To create the sub-address, the recipient selects an unused address generation scalar i (i may or may not be selected randomly), and then follows the following procedure for sub-address generation:
Di=B+Hs(a,i)G
Ci=aDi
wherein D isiWriting a public key for said sub-address, CiReading a public key for the sub-address, G being a common base point, a being the receiver-read private key, HsAnd B, writing a public key for the receiver for the hash function.
Then the transaction receivesThe party writes the newly generated sub-address into the public key DiHash mapping with scalar i Di→ i. Generating a receiver sub-address (C) consisting of a sub-address write public key and a sub-address read public key at the transaction receiveri,Di) Thereafter, the recipient subaddress is published to the transaction initiator.
As previously described, the transaction initiator also generates a pair of keys (X, X) (Y, Y) on an elliptic curve at this time, where X is the initiator read private key, X is the initiator read public key, Y is the initiator write private key and Y is the initiator write public key.
When initiating transaction, the transaction initiator selects an elliptic curve and a random scalar on the elliptic curve as a transaction private key s, and uses the sub-address write public key as DiGenerating the transaction public key R for the base point
R=sDi
The transaction initiator generates an initiation amount output based on the subaddress write public key, the subaddress read public key and the transaction private key; and generating and outputting the change amount based on the transaction private key, the initiator write public key and the initiator read public key.
P=Hs(sCi)+Di
Pc=Hs(Xs)+Y;
Wherein DiWriting a public key, C, for said sub-addressiReading the public key for the sub-address, s is the transaction private key, P is the initiation amount output, Y is the initiator write public key, X is the initiator read public key, PcAnd outputting the change amount. Thus, P finds its own output for the transaction recipient to find the amount of money in the transaction, and PcIn order to allow the initiator to find the change-making output belonging to the initiator in the transaction.
And then, the transaction initiator writes the transaction public key, the initiation amount output and the change amount output into transaction information and initiates the transaction information into a blockchain system. Those skilled in the art will appreciate that any signature generation and signature verification techniques known in the art may be used in the steps to implement the steps, and will not be described in further detail herein.
Then, the transaction receiver scans the output of the transaction on the blockchain, namely, the output includes P initiated amount output P and P change amount output Pc. At this time, the transaction public key is R, and the address D' to be verified of the receiver is calculated as follows:
D′=P-Hs(aR)G
if the transaction recipient finds that D' maps to the address of the hash table list in his wallet, generating a scalar i, he considers that the output is directed to his subaddress (C)i,Di) The reason is as follows:
P-Hs(aR)G=Hs(sCi)G+Di-Hs(a(sDi))G
=Hs(sCi)G+Di-Hs(s(aDi))G
=Hs(sCi)G+Di-Hs(s(Ci))G
=Di
to use the funds of P, the transaction recipient needs to be able to determine the private key associated with P, which can be done using a hash table manifest to look up the index returned
p=Hs(aR)+b+Hs(a,i)。
The principle is as follows:
pG=(Hs(aR)+b+Hs(a,i))G
because R ═ sDi
=(Hs(a(sDi))+b+Hs(a,i))G
Elliptic curve multiplication conforms to the commutative law
=(Hs(s(aDi))+b+Hs(a,i))G
Because of Ci=aDi
=(Hs(s(Ci))+b+Hs(a,i))G
Because of bG + Hs(a,i)G=Hs(a,i)G+B=Di
=Hs(s(Ci))G+bG+Hs(a,i)G
=Hs(s(Ci))G+Di
=P
Thus, from the above process, in the lookup process D' ═ P-Hs(aR) G, the recipient does not need to keep an additional address to look up the amount, but rather derives P as H from the spending process, i.e. the private key process of Ps(aR)+b+Hs(a, i) there is also no need to save the sub-addresses.
Therefore, by implementing the method for preventing the root address from being exposed in the blockchain system, the transaction receiver can disclose different addresses to different transaction initiators when receiving transaction amount in a mode of constructing the sub-address based on the root address, so that the root address of the receiver can be ensured to be safe, and the root address can be prevented from being exposed in the blockchain system for ensuring the transaction safety. Furthermore, the transaction receiver does not need to store the different addresses, and can retrieve all the money by only needing the root address, so that resources are saved, and the transaction safety is further ensured.
Another technical solution to solve the technical problem of the present invention is to configure a computer-readable storage medium, on which a computer program is stored, which when executed by a processor implements the method for preventing root address exposure in the block chain system of the present invention.
Another technical solution to solve the technical problem of the present invention is to construct a blockchain system, which includes a plurality of blockchain nodes, where the blockchain nodes store computer programs, and the computer programs, when executed by a processor, implement the method for preventing root address exposure in the blockchain system of the present invention.
By implementing the computer-readable storage medium and the blockchain system, the transaction receiver can disclose different addresses to different transaction initiators when receiving transaction amount in a manner of constructing the sub-address based on the root address, so that the root address of the receiver can be ensured to be safe, and the root address can be prevented from being exposed in the blockchain system for ensuring the transaction safety. Furthermore, the transaction receiver does not need to store the different addresses, and can retrieve all the money by only needing the root address, so that resources are saved, and the transaction safety is further ensured.
Accordingly, the present invention can be realized in hardware, software, or a combination of hardware and software. The present invention can be realized in a centralized fashion in at least one computer system, or in a distributed fashion where different elements are spread across several interconnected computer systems. Any kind of computer system or other apparatus adapted for carrying out the methods of the present invention is suited. A typical combination of hardware and software could be a general purpose computer system with a computer program that, when being loaded and executed, controls the computer system such that it carries out the methods described herein.
The present invention may also be implemented by a computer program product, comprising all the features enabling the implementation of the methods of the invention, when loaded in a computer system. The computer program in this document refers to: any expression, in any programming language, code or notation, of a set of instructions intended to cause a system having an information processing capability to perform a particular function either directly or after either or both of the following: a) conversion to other languages, codes or symbols; b) reproduced in a different format.
While the invention has been described with reference to specific embodiments, it will be understood by those skilled in the art that various changes may be made and equivalents may be substituted without departing from the scope of the invention. In addition, many modifications may be made to adapt a particular situation or material to the teachings of the invention without departing from its scope. Therefore, it is intended that the invention not be limited to the particular embodiment disclosed, but that the invention will include all embodiments falling within the scope of the appended claims.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims (10)

1. A method for preventing root address exposure in a blockchain system, comprising the steps of:
s1, the transaction user respectively generates a read key pair and a write key pair; the read key pair comprises a read public key and a read private key, and the write key pair comprises a write public key and a write private key;
s2, the transaction receiver takes the receiver read public key and the receiver write public key as the receiver root address, generates the receiver sub-address based on the receiver root address, and sends the receiver sub-address to the transaction initiator;
s3, the transaction initiator generates a session key pair, the session key pair comprises a transaction public key and a transaction private key, the transaction initiator generates a change amount output and an initiation amount output based on the session key pair, the receiver sub-address and the initiator address, wherein the transaction initiator uses an initiator write public key and an initiator read public key as the initiator address;
s4, the transaction initiator writes the transaction public key, the initiation amount output and the change amount output into transaction information and initiates the transaction information into a blockchain system;
and S5, the transaction receiver adopts the transaction public key, the receiver read key and the self transaction amount to search and match the initiation amount in the transaction information and output the initiation amount.
2. The method of claim 1, wherein the step S1 further comprises:
s11, the transaction receiver selects an elliptic curve, selects a base point on the elliptic curve as a general base point, uses a scalar on the elliptic curve as a receiver reading private key, and generates a receiver reading public key by carrying out elliptic curve multiplication on the basis of the general base point and the receiver reading private key;
s12, the transaction receiver selects an elliptic curve, selects a base point on the elliptic curve as a general base point, uses a scalar on the elliptic curve as a receiver writing private key, and generates a receiver writing public key by carrying out elliptic curve multiplication on the basis of the general base point and the receiver writing private key;
s13, the transaction initiator selects an elliptic curve, selects a base point on the elliptic curve as a general base point, uses a scalar on the elliptic curve as an initiator read private key, and then generates the initiator read public key by carrying out elliptic curve multiplication on the basis of the general base point and the initiator read private key;
s14, the transaction initiator selects an elliptic curve, selects a base point on the elliptic curve as a general base point, uses a scalar on the elliptic curve as an initiator write private key, and then generates the initiator write public key by carrying out elliptic curve multiplication on the basis of the general base point and the initiator write private key.
3. The method of claim 2, wherein the step S2 further comprises:
s21, the transaction receiver takes the receiver read public key and the receiver write public key as the receiver root address;
s22, the transaction receiver generates the receiver subaddress based on the receiver root address, the receiver writing public key of the old subaddress and the address generation scalar, wherein the receiver subaddress comprises a subaddress reading public key and a subaddress writing public key;
and S23, the transaction receiver sends the receiver sub-address to the transaction initiator.
4. The method of claim 3, wherein the step S22 further comprises:
s221, constructing a hash table list consisting of a receiver public writing key of the old sub-address and an address generation scalar;
s222, selecting an unused address generation scalar, and calculating the sub-address reading public key and the sub-address writing public key based on the receiver writing public key, the receiver reading private key, the address generation scalar and a universal base point.
And S223, performing Hash mapping on the sub-address writing public key and the address generation scalar.
5. The method of claim 4, wherein in step S222,
Di=B+Hs(a,i)G
Ci=aDi
wherein D isiWriting a public key for said sub-address, CiReading a public key for the sub-address, G being a common base point, a being the receiver-read private key, HsAnd B, writing a public key for the receiver for the hash function.
6. The method of claim 4, wherein the step S3 further comprises:
s31, the transaction initiator selects an elliptic curve and a scalar on the elliptic curve as a transaction private key, and generates the transaction public key by using the sub-address write public key as a base point;
s32, the transaction initiator generates an initiation amount output based on the sub-address write public key, the sub-address read public key and the transaction private key; and generating and outputting the change amount based on the transaction private key, the initiator write public key and the initiator read public key.
7. The method of claim 6, wherein in step S32,
P=Hs(sCi)+Di
Pc=Hs(Xs)+Y;
wherein DiWriting a public key, C, for said sub-addressiReading the public key for the sub-address, s is the transaction private key, P is the initiation amount output, Y is the initiator write public key, X is the initiator read public key, PcAnd outputting the change amount.
8. The method of claim 6, wherein the step S5 further comprises:
s51, the transaction receiver scans the transaction information to output and calculate the address to be verified based on the receiver read private key, the transaction public key and the initiation amount;
s52, the transaction receiver judges whether the output points to the transaction receiver or not based on whether the address to be verified corresponds to the address generation scalar in the hash table list or not;
s53, the transaction receiver generates scalar spending the initiation amount output based on the receiver read private key, the receiver write private key, the transaction public key and the address.
9. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out a method of preventing root address exposure in a block chain system according to any one of claims 1 to 8.
10. A blockchain system comprising a plurality of blockchain nodes having stored thereon a computer program, characterized in that the program, when being executed by a processor, implements a method for preventing root address exposure in a blockchain system according to any one of claims 1 to 8.
CN202010418135.5A 2020-05-18 2020-05-18 Method for preventing root address exposure in blockchain system, computer readable storage medium and blockchain system Active CN111709742B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010418135.5A CN111709742B (en) 2020-05-18 2020-05-18 Method for preventing root address exposure in blockchain system, computer readable storage medium and blockchain system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010418135.5A CN111709742B (en) 2020-05-18 2020-05-18 Method for preventing root address exposure in blockchain system, computer readable storage medium and blockchain system

Publications (2)

Publication Number Publication Date
CN111709742A true CN111709742A (en) 2020-09-25
CN111709742B CN111709742B (en) 2023-08-01

Family

ID=72537673

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010418135.5A Active CN111709742B (en) 2020-05-18 2020-05-18 Method for preventing root address exposure in blockchain system, computer readable storage medium and blockchain system

Country Status (1)

Country Link
CN (1) CN111709742B (en)

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107937557A (en) * 2017-11-14 2018-04-20 中国农业大学 One and the relevant SNP site of pig economic characters and its application
CN108694668A (en) * 2018-06-15 2018-10-23 腾讯科技(深圳)有限公司 Digital asset method of commerce, device, medium and equipment
CN108876335A (en) * 2018-09-07 2018-11-23 杭州复杂美科技有限公司 A kind of management of balance method and system, equipment and storage medium
CN109285073A (en) * 2018-09-29 2019-01-29 数字钱包(北京)科技有限公司 Digital cash method of commerce and device
CN110289968A (en) * 2019-06-27 2019-09-27 矩阵元技术(深圳)有限公司 Private key restores, cooperates with creation, endorsement method and device, the storage medium of address
CN110519059A (en) * 2019-09-29 2019-11-29 四川师范大学 A kind of block chain dual key concealment address processing method based on bilinear map
CN110675265A (en) * 2019-09-29 2020-01-10 四川师范大学 Method for realizing block chain double-key hiding address protocol without temporary key leakage
US20200127813A1 (en) * 2017-04-24 2020-04-23 Blocksettle Ab Method and system for creating a user identity
CN111127011A (en) * 2019-12-13 2020-05-08 杜晓楠 Transaction method, system and computer-readable storage medium for checking account based on block chain

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200127813A1 (en) * 2017-04-24 2020-04-23 Blocksettle Ab Method and system for creating a user identity
CN107937557A (en) * 2017-11-14 2018-04-20 中国农业大学 One and the relevant SNP site of pig economic characters and its application
CN108694668A (en) * 2018-06-15 2018-10-23 腾讯科技(深圳)有限公司 Digital asset method of commerce, device, medium and equipment
CN108876335A (en) * 2018-09-07 2018-11-23 杭州复杂美科技有限公司 A kind of management of balance method and system, equipment and storage medium
CN109285073A (en) * 2018-09-29 2019-01-29 数字钱包(北京)科技有限公司 Digital cash method of commerce and device
CN110289968A (en) * 2019-06-27 2019-09-27 矩阵元技术(深圳)有限公司 Private key restores, cooperates with creation, endorsement method and device, the storage medium of address
CN110519059A (en) * 2019-09-29 2019-11-29 四川师范大学 A kind of block chain dual key concealment address processing method based on bilinear map
CN110675265A (en) * 2019-09-29 2020-01-10 四川师范大学 Method for realizing block chain double-key hiding address protocol without temporary key leakage
CN111127011A (en) * 2019-12-13 2020-05-08 杜晓楠 Transaction method, system and computer-readable storage medium for checking account based on block chain

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
杨茂江: "基于密码和区块链技术的数据交易平台设计", 《信息通信技术》, vol. 10, no. 04, pages 24 - 31 *

Also Published As

Publication number Publication date
CN111709742B (en) 2023-08-01

Similar Documents

Publication Publication Date Title
JP6841911B2 (en) Information protection systems and methods
US10547446B2 (en) Method and apparatus for providing a universal deterministically reproducible cryptographic key-pair representation for all SKUs, shipping cartons, and items
US20230147842A1 (en) Computer-implemented systems and methods for performing computational tasks across a group operating in a trust-less or dealer-free manner
US10819505B2 (en) System and method for information protection
US6704870B2 (en) Digital signatures on a Smartcard
TW202020710A (en) System and method for information protection
JP2023040202A (en) System and method for distributing data records using block chain
EP3552158B1 (en) System and method for information protection
US7000110B1 (en) One-way function generation method, one-way function value generation device, proving device, authentication method, and authentication device
EP1000481A1 (en) Initial secret key establishment including facilities for verification of identity
BRPI0016507B1 (en) method and equipment for a software provider to authenticate software users
JP7231630B2 (en) Blockchain-implemented security systems and methods for blinded consequent selection
JP2023133560A (en) Computer-implemented voting process and system
CN111325535A (en) Block chain private key management method, system and storage medium based on elliptic curve migration
JP2021064891A (en) Consortium block chain system, computer, and transaction approval method
Juels Trustee tokens: Simple and practical anonymous digital coin tracing
EP3954101A1 (en) Computer implemented method and system for knowledge proof in blockchain transactions
CN111709742B (en) Method for preventing root address exposure in blockchain system, computer readable storage medium and blockchain system
JP3333503B2 (en) One-time presentation blind sign system
WO2022205959A1 (en) Method and apparatus for sending transaction in blockchain, and method and apparatus for executing transaction in blockchain
TWI701931B (en) Digital signature method with hierarchical mechanism and hardware wallet device suitable therefore
Ellison Naming and certificates
CN111709727A (en) Method and computer-readable storage medium for preserving multiple signatures in a blockchain wallet
Careja et al. Digital Identity Using Blockchain Technology
CN113254731A (en) Block link point connection method and device and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant