CN111899019A - Method and system for cross validation and sharing of blacklist and multiple parties - Google Patents

Abstract

The invention discloses a system for cross validation and sharing of blacklist and multiple parties, which comprises a Bloom Filter blacklist sharing library module, a BloomFilter database module and a BloomFilter database module, wherein the BloomFilter blacklist sharing library module is used for acquiring blacklist data, performing calculation and storage based on the BloomFilter, and searching and inquiring the stored blacklist data; the blacklist submission record shared account book module is used for recording the submitted blacklist data detail information and sending the blacklist data detail information to the accounting nodes on the block chain, so that the accounting nodes can be packaged into blocks and transmitted to each node; the public chain consensus management module is used for deploying intelligent contracts on the public chain so as to perform node management and consensus mechanism management on the blockchain; the invention utilizes the advantages of Bloom Filter technology in space efficiency, query efficiency and safety, combines the block chain technology to realize the functions of sharing the blacklist without damaging privacy and efficiently retrieving, and breaks through the limitation of the storage capacity of the block chain; and the intelligent contract is used for constraining the data sharing and consensus among the participating nodes, and the automatic execution is realized, so that the credible data sharing system is realized.

Description

Method and system for cross validation and sharing of blacklist and multiple parties

Technical Field

The invention relates to the technical field of block chain application, in particular to a blacklist multi-party cross validation and sharing method and system.

Background

Blockchains are an underlying technology brought by bitcoin, and include a range of technologies, such as asymmetric cryptographic signatures, distributed ledgers, consensus mechanisms, point-to-point protocols, intelligent contracts, and the like. The block chain can realize value transfer, data consensus, contract automatic execution and the like in a point-to-point network environment. The block chain is divided into a public chain and a alliance chain, the public chain is an open structure, and any strange node can be added; a federation chain is a license joining structure, and only licensed nodes can participate in consensus and accounting.

Implementing blacklist sharing among multiple organizations or within an industry has been a difficult problem, both with technical difficulties in sharing data among multiple parties and achieving data consistency, and concerns about leakage of sensitive data and invasion of privacy. The blacklist sharing based on the blockchain technology also has privacy problem, even if the chain is linked by adopting the hash value, the retrieval efficiency problem and the capacity limitation problem of the blockchain are also existed. These problems lead to the sharing of black lists, which is an urgent requirement, but is difficult to be applied in all industries.

In view of the above, the present invention is particularly proposed.

Disclosure of Invention

Aiming at the defects in the prior art, the invention provides a method and a system for cross validation and sharing of multiple parts of a blacklist, aiming at realizing the functions of sharing the blacklist without damaging privacy and efficiently retrieving by using a Bloom Filter data structure and realizing the common identification and consistency of the Bloom Filter data and the blacklist submission record data in a coalition by using a block chain technology. The consensus mechanism and data consistency among the nodes forming the alliance chain are achieved by relying on the credible public chain.

In order to achieve the purpose, the technical scheme of the application is as follows:

a blacklist multiparty cross validation and sharing system is characterized by comprising

The system comprises a Bloom Filter blacklist shared library module, a BloomFilter blacklist database module and a BloomFilter database module, wherein the BloomFilter blacklist shared library module is used for acquiring blacklist data, performing calculation and storage based on the Bloom Filter, and searching and querying the stored blacklist data;

the blacklist submission record shared account book module is used for recording detailed information submitted to the Bloom Filter blacklist shared library module and sending the detailed information to the accounting nodes on the block chain, so that the accounting nodes can be packaged into blocks and transmitted to each node;

the public chain consensus management module is used for deploying an intelligent contract on a public chain so as to carry out node management and consensus mechanism management on the nodes on the blockchain;

and the interface module is used for providing a standardized program interface for a service system to access so as to submit the blacklist data and inquire the blacklist data.

Further, in the system for cross-validation and sharing of blacklists and multiple parties, the Bloom Filter blacklist sharing library module is specifically used for

Carrying out various Hash operations on the acquired blacklist data, mapping the obtained operation result to a Bit of the BloomFilter data structure of the module to verify whether the blacklist exists and the submission times of the blacklist, and returning a verification result;

storing each blacklist data subjected to operation verification to form a blacklist shared library based on a Bloom Filter data structure, and updating the shared library after the operation verification of each blacklist data for query;

when a blacklist query request is received, the module at least returns two results, namely whether the blacklist requested to be queried exists and the submission times of the blacklist.

Further, in the above system for cross-validation and sharing of a blacklist and multiple parties, the Bloom Filter is a Bloom Filter with a counter, and the number of Bit increment elements of a data structure of the Bloom Filter and the number of submission times of the blacklist are recorded by the counter.

Further, in the above system for cross validation and sharing of blacklists and multiple parties, when the blacklist submission record shared book module stores the detail information, a transaction is constructed according to the following data structure:

the node comprises a plurality of hash values of blacklist data, hash values obtained by performing encryption operation after the plurality of hash values are spliced, count values of the blacklist on a Bloom Filter, a timestamp, a public key and a private key digital signature of the node.

Further, in the above blacklist multiparty cross validation and sharing system, the blockchain includes a federation chain local node main body and a federation chain public chain intelligent contract main body;

the local node main body of the alliance chain comprises the Bloom Filter blacklist shared library module and a blacklist submission record shared account book module, and is deployed locally on all nodes together with the interface module;

the alliance chain public chain intelligent contract main body comprises a public chain consensus management module, and the public chain consensus management module deploys at least three intelligent contracts on a public chain in a program mode, wherein the intelligent contracts comprise an identity authentication intelligent contract, a consensus management intelligent contract and a storage intelligent contract.

Furthermore, in the system for cross-verifying and sharing the blacklist and the multiple parties, an intelligent contract for identity authentication is used for identity authentication management of the nodes participating in the alliance chain, and the public key of the alliance chain is stored in the intelligent contract; the consensus management intelligent contract is used for randomly distributing the accounting right of the nodes in the alliance chain and maintaining the accounting history; the evidence-preserving intelligent contract is used for preserving block data of the alliance chain, wherein the block data are related to the blacklist, and digital signatures of voting nodes aiming at the block data are preserved.

Further, in the system for cross validation and sharing of multiple parties of the blacklist, the blacklist submission record shared book module generates a data block every other preset time period, the node responsible for accounting at present collects all transaction information submitted by all nodes in the preset time period, performs validation and packaging to generate block data, attaches the hash value of the previous block, performs encryption operation to generate the block hash value of the cost block, and generates block header information; and then sending the block to a voting node, and entering a determined state by using more than half of the blocks verified and signed by the nodes.

The invention also provides a blacklist multiparty cross validation and sharing method, which comprises the following steps:

acquiring blacklist data, calculating and storing the blacklist data based on Bloom Filter, retrieving and querying the stored blacklist data, and determining whether the blacklist data exists in a shared library;

recording the submission detailed information of the blacklist data, and sending the submission detailed information to the accounting nodes on the block chain, so that the accounting nodes can be packaged into blocks and transmitted to each node;

and deploying an intelligent contract, and managing the nodes on the blockchain and a consensus mechanism.

Further, in the above method for cross validation and sharing of blacklist and multiple parties, the method includes acquiring blacklist data, performing operation and storage on the blacklist data based on Bloom Filter, retrieving and querying the stored blacklist data, and determining whether the blacklist data exists in a shared library, and specifically includes:

s1, obtaining suspected or determined blacklist data, and taking effective identification data of the blacklist data;

s2, in a local environment, performing 10 hash operations including 10 hash operations of APHash, BKDRHAsh, BPHash, DJBHASh, DEKHASh, FNVHASh, JSHHash, PJWHASh, RSHash and SDBMHash on the obtained effective identification data, and then obtaining 10 hash values;

s3, submitting 10 hash values to a blacklist shared library based on the Bloom Filter data structure, wherein:

s31, if the 10 hash values are mapped to corresponding bits of the Bloom Filter data structure to be 1, judging that other nodes submit the blacklist; entering a step S4;

s32, if the 10 hash values are mapped to corresponding bits of the Bloom Filter data structure and are all 0, setting the bits to be 1; entering a step S5;

s4, counting the 10 bits through a Bloom Filter counter, so that the submission of the blacklist for a plurality of times is known; and respectively adding 1 to 10 bits of the counter;

s5, setting the value of the corresponding 10 bits in the Bloom Filter data structure as 1; and 1 is added to 10 bits of the counter, respectively.

Further, in the above method for cross-verifying and sharing a blacklist and multiple parties, an intelligent contract is deployed to manage nodes and a consensus mechanism on the blockchain, which specifically includes:

three intelligent contracts are deployed on the public chain, wherein the three intelligent contracts comprise an identity authentication intelligent contract, a consensus management intelligent contract and a storage intelligent contract, and the identity authentication intelligent contract is used for identity authentication management of the nodes participating in the public chain; the consensus management intelligent contract is used for randomly distributing the accounting right of the nodes in the alliance chain and maintaining the accounting history; the evidence-storing intelligent contract is used for storing block data of the alliance chain, which relates to the blacklist, and a digital signature of the voting node aiming at the block data;

the alliance chain generates a data block every other preset time period, all transaction information submitted by all nodes in the preset time period is collected by the node which is currently responsible for accounting, verification and packaging are carried out to generate block data, the hash value of the previous block is attached, the block hash value of the cost block is generated through encryption operation, and block header information is generated; then, the block is sent to a voting node, and more than half of the blocks verified and signed by the node enter a determined state;

randomly selecting an address from public key addresses of all alliance nodes every a preset time period by the consensus management intelligent contract, designating the address as a next round of accounting node, and submitting the round of block header information to a certificate-storing intelligent contract for certificate storage by the node within the preset time period; otherwise, the consensus management intelligent contract randomly selects another public key address as the accounting node of the current round.

The invention has the beneficial effects that:

the system and the method of the invention utilize the advantages of the Bloom Filter technology in space efficiency, query efficiency and safety, realize the functions of blacklist sharing without privacy loss and high-efficiency retrieval by combining the block chain technology, and break through the limitation of the storage capacity of the block chain; in addition, the invention adopts the block chain technology, restricts the data sharing and consensus among the nodes participating in the alliance through the intelligent contract, and automatically executes, thereby realizing a credible and reliable data sharing system.

Drawings

In order to more clearly illustrate the detailed description of the invention or the technical solutions in the prior art, the drawings that are needed in the detailed description of the invention or the prior art will be briefly described below. Throughout the drawings, like elements or portions are generally identified by like reference numerals. In the drawings, elements or portions are not necessarily drawn to scale.

FIG. 1 is an architecture diagram of a blacklist multi-party cross validation and sharing system in an embodiment of the present invention;

FIG. 2 is a flow chart of blacklist submission and validation using a Bloom Filter data structure and federation connections in the system shown in FIG. 1;

fig. 3 is a schematic diagram of the system of fig. 1, in which a Bloom Filter with a counter stores, verifies, and retrieves blacklist data.

Detailed Description

Embodiments of the present invention will be described in detail below with reference to the accompanying drawings. The following examples are only for illustrating the technical solutions of the present invention more clearly, and therefore are only examples, and the protection scope of the present invention is not limited thereby.

It is to be noted that, unless otherwise specified, technical or scientific terms used herein shall have the ordinary meaning as understood by those skilled in the art to which the invention pertains.

The relevant nouns in the present invention explain:

bloom Filter: a bloom filter, a data storage and retrieval technology, was proposed by bloom (Burton Howardbloom) in 1970. The Bloom Filter data structure is formed by a long binary vector, and each binary bit can be 0 or 1. The Bloom Filter technique operates on data elements using a series of random mapping functions, such as hash functions, and then maps to a corresponding binary bit, which is set to 1. If the bit mapped by an element has a value of 1, it indicates that the element exists. The space efficiency and the operation efficiency of the Bloom Filter exceed those of a common retrieval algorithm.

As shown in FIGS. 1-2, the present invention relates to a system for cross-validation and sharing of blacklists and multiple parties, comprising

The system comprises a Bloom Filter blacklist shared library module, a BloomFilter blacklist database module and a BloomFilter database module, wherein the BloomFilter blacklist shared library module is used for acquiring blacklist data, performing calculation and storage based on the Bloom Filter, and searching and querying the stored blacklist data;

the blacklist submission record shared account book module is used for recording detailed information submitted to the Bloom Filter blacklist shared library module and sending the detailed information to the accounting nodes on the block chain, so that the accounting nodes can be packaged into blocks and transmitted to each node;

and the public chain consensus management module is used for deploying intelligent contracts on the public chain so as to perform node management and consensus mechanism management on the nodes on the blockchain.

The system for the multi-party cross validation and sharing of the blacklist, provided by the invention, uses the Bloom Filter data structure to store, validate and retrieve the blacklist, realizes the cross validation of the blacklist, does not reveal privacy, adopts a form of a coalition chain to share the data stored on the Bloom Filter blacklist shared library among the parties participating in the sharing, achieves consensus, and realizes the consensus mechanism and management depending on intelligent contracts deployed on public chains such as an ether house and the like, and is not falsifiable, ensures the execution and has high reliability.

In a specific embodiment of the present invention, the system further includes an SDK interface module, which is an SDK module for providing a standardized interface for the service systems of other organizations to access, so as to submit the blacklist data and query the blacklist data.

The Bloom Filter blacklist shared library module acquires blacklist data (which can be a universal unique identity such as an identity card) from the SDK module, performs multiple hash operations on the acquired data, maps the obtained operation result to a Bit of the Bloom Filter data structure of the module to verify whether the blacklist exists and the submission times of the blacklist, and returns a verification result; storing each blacklist data subjected to operation verification to form a blacklist shared library based on a BloomFilter data structure, and updating the shared library after the operation verification of each blacklist data for query; when other service systems initiate a blacklist query request, the module returns two results, namely whether the blacklist requested to be queried exists or not and the submission times of the blacklist.

Specifically, with reference to fig. 3, the Bloom Filter in the present invention adopts a Bloom Filter with a counter, and preferably adopts dlCBF (d-Left Counting Bloom Filter), and the structure can record the number of the element added to the Bit through the counter, so as to delete the element and calculate the number of times of submitting multiple parties of a blacklist; then, when the blacklist is inquired, whether the element exists or not can be returned, the number of times of submitting the element can be returned, and the method has important significance for verifying and confirming the multiple parties of the blacklist in the sharing of the blacklist.

In a specific example, the program steps of the Bloom Filter blacklist shared library module for operation and sharing are as follows:

s1, obtaining suspected (or determined) blacklist data, and obtaining effective identification data of the blacklist data, wherein the effective identification data is identity card data for example;

s2, in a local environment, performing 10 hash operations on the acquired ID card data, wherein the 10 hash operations comprise APHash, BKDRHAsh, BPHash, DJBHASh, DEKHASh, FNVHASh, JSHHash, PJWHASh, RSHash and SDBMHash, and then acquiring 10 hash values;

s3, submitting 10 hash values to a blacklist shared library based on the Bloom Filter data structure, wherein:

s31, if the 10 hash values are mapped to corresponding bits of the Bloom Filter data structure to be 1, indicating that other nodes submit the blacklist; step S4 is entered;

s32, if the 10 hash values are mapped to corresponding bits of the Bloom Filter data structure and are all 0, setting the bits to be 1; entering a step S5;

s4, counting the 10 bits through a Bloom Filter counter, so that the submission of the blacklist for a plurality of times is known; the more counts, the higher the severity of the blacklist; and respectively adding 1 to 10 bits of the counter;

s5, setting the value of the corresponding 10 bits in the Bloom Filter data structure as 1; and 1 is added to 10 bits of the counter, respectively.

In this embodiment, the number of bits m set by the Bloom Filter is 20 hundred million, the number of hash operations k is 10, and the storage rate of the Bloom Filter does not exceed 50%, so that 1 hundred million of blacklist elements can be accommodated, and the storage capacity is large.

The blacklist submission record shared account book module records detailed information of submitting blacklist data to the Bloom Filter blacklist shared library module, stores the detailed information to the local, and sends the detailed information to the accounting node, so that the accounting node packs the blacklist data into block data and then transmits the block data to each node, data consistency among the nodes is achieved, and verifiable consistency is formed between the blacklist submission record shared account book module and the Bloom Filter blacklist shared library; the commit record, here, may be considered a transaction in the blockchain.

When the blacklist submission record shared account book module stores the submission record details, a transaction is constructed according to the following data structure:

10 hash values of blacklist data, hash values obtained by splicing the 10 hash values and then performing SHA256, count values of the blacklist on a Bloom Filter, a timestamp, a public key and a private key digital signature of the node.

And the blacklist submission record shared book module sends the data blocks formed by the data structures to an accounting node so as to perform subsequent block uplink verification operation.

In the system, intelligent contracts are deployed on the public chain through a public chain consensus management module to perform identity authentication, consensus management and/or evidence storage on the transaction and consensus process among the nodes.

The block chain comprises a alliance chain local node main body and an alliance chain public chain intelligent contract main body; the local node main body of the alliance chain comprises the Bloom Filter blacklist shared library module and a blacklist submission record shared account book module, and is deployed locally on all nodes together with the SDK interface module.

The nodes of the alliance chain realize point-to-point data sharing through a Gossip protocol, and the shared data comprises data on a Bloom Filter blacklist shared library module and a blacklist submission record shared account book module.

In a preferred embodiment provided by this embodiment, the Bloom Filter blacklist shared library module and the blacklist submission record shared book module are developed by using a go language; wherein the Bloom Filter is based on a Bitset data structure and uses MarshalBinary for persistent file storage. The data of the shared account book module of the blacklist submission record is stored by adopting a Leveldb; data are transmitted between nodes through the gRPC.

The alliance chain public chain intelligent contract main body comprises a public chain consensus management module, and the public chain consensus management module deploys three intelligent contracts on public chains such as an Ethernet workshop and the like in a program mode, wherein the three intelligent contracts comprise an identity authentication intelligent contract, a consensus management intelligent contract and a evidence storage intelligent contract, so that node management and consensus mechanism management of an alliance chain local node main body are achieved.

The intelligent contract for identity authentication is used for identity authentication management of the nodes participating in the alliance chain, and the public key of the alliance chain is stored in the intelligent contract; the consensus management intelligent contract is used for randomly distributing the accounting right of the nodes in the alliance chain and maintaining the accounting history; the evidence-preserving intelligent contract is used for preserving block data of the alliance chain, wherein the block data are related to the blacklist, and digital signatures of voting nodes aiming at the block data are preserved.

In a preferred embodiment of the present invention, the consensus management module develops three intelligent contracts based on an ethereal public link and using a Solidity language;

in another alternative embodiment, a centralized consensus management module can be adopted, namely a go language development program is used for realizing identity authentication, consensus management and certificate storage functions and running on a centralized server.

The blacklist submission record shared book module generates a data block every 20 minutes, namely, a block is generated every 20 minutes in a federation chain (hereinafter also referred to as a "blacklist federation chain"), the round of nodes responsible for accounting collects all transaction information (namely, detail information of the blacklist submission record) submitted by all nodes in 20 minutes, verification and packaging are carried out to generate block data, the hash value of the previous block is attached, the block hash value of the SHA256 generation cost block is operated, and block header information is generated, wherein the block header information comprises: the block hash value of the previous block, the hash value of the block, the timestamp, the transaction number of the block and the private key signature of the accounting node; and then sending the block to other nodes (voting nodes), and entering a determined state by verifying and signing the block by more than half of the nodes.

Wherein the packing work of the accounting node comprises:

1) sorting all transaction information according to a time sequence and then splicing;

2) adding the hash value of the previous block;

3) performing SHA256 to generate block hash value of the cost block on the data in the steps 1) and 2);

4) generating block header information, the block header information including: the block hash value of the previous block, the hash value of the block, the timestamp, the transaction number in the block, and the private key signature of the accounting node.

And the packed block is sent to other nodes by the accounting node, the block which is verified and signed by more than half of the nodes enters a determined state, and the hash value of the block can be referred by the next block.

Furthermore, in the process of the verification consensus, the registration information and the public key address of all the alliance nodes are stored in the intelligent contract for the identity authentication, a new alliance node can be added through the intelligent contract, and a certain existing alliance node can be deleted.

And randomly selecting one address from the public key addresses of all the alliance nodes every 20 minutes by the consensus management intelligent contract, designating the address as a next round of accounting node, submitting block header information of the round to the intelligent contract for evidence storage by the node within 20 minutes, and randomly selecting another public key address as the accounting node of the round if the accounting node does not submit the block header information within 20 minutes, thereby ensuring contract execution.

In the alliance chain, the accounting node in the current round submits the block header information of the block in the current round to the intelligent contract for evidence storage, and the block header information of the block in the current round comprises the following steps: the block hash value of the previous block, the hash value of the block, the timestamp, the transaction number of the block and the private key signature of the accounting node.

And the non-accounting node (voting node) in the current round receives the block, verifies the transaction and the block, and submits the digital signature of the private key of the block to the verification intelligent contract for use as the verification vote after the verification is error-free.

The intelligent contract for storing the evidence stores the digital signature of the private key of each block from the non-accounting node, and records the number of the audited votes, if the number of the votes is more than half, the state of the block is set as the final state (qualified). Only the chunk in "final state" can its hash value be referenced by the next chunk.

Wherein, the verification work of the non-accounting node on the transaction comprises the following steps: 1) format correctness of transaction information, 2) consistency of 10 hash values in the transaction and Bloom Filter data structure state change, and 3) correctness verification of a private key digital signature in the transaction information.

The verification work of the non-accounting node on the block comprises the following steps: 1) consistency of transaction sequence and timestamp in the chunk, 2) consistency of all transaction executions in the chunk with the Bloom Filter data structure final state, 3) correctness of the chunk data format, 4) correctness of the chunk header hash value, 5) correctness of the private key digital signature of the accounting node.

And after the verification is correct, the non-accounting node submits the digital signature of the private key of the block to the evidence-storing intelligent contract.

After the identified block data is finished uplink, the participating nodes of the alliance chain can obtain credible blacklist data from the chain.

The system of the invention utilizes the advantages of Bloom Filter technology in space efficiency, query efficiency and safety, combines the block chain technology to realize the functions of sharing the blacklist without damaging privacy and efficiently retrieving, and breaks through the limitation of the storage capacity of the block chain; in addition, the invention adopts the block chain technology, restricts the data sharing and consensus among the nodes participating in the alliance through the intelligent contract, and automatically executes, thereby realizing a credible and reliable data sharing system.

Example 2

The present invention also provides a blacklist multiparty cross validation and sharing method, which is implemented based on the system in the above embodiment 1, as shown in fig. 2, and specifically includes the following steps

Acquiring blacklist data, calculating and storing the blacklist data based on Bloom Filter, retrieving and querying the stored blacklist data, and determining whether the blacklist data exists in a shared library;

recording the submission detailed information of the blacklist data, and sending the submission detailed information to the accounting nodes on the block chain, so that the accounting nodes can be packaged into blocks and transmitted to each node;

and deploying an intelligent contract, and managing the nodes on the blockchain and a consensus mechanism.

The method of the present invention aims to implement the verification and sharing of the blacklist data on the blockchain by using the Bloom Filter technology, and the implementation principle thereof can be referred to the relevant description in the above embodiment 1.

Specifically, with reference to fig. 1 and 3, the steps of "obtaining blacklist data, performing calculation and storage on the blacklist data based on Bloom Filter, retrieving and querying the stored blacklist data, and determining whether the blacklist data exists in a shared library" in the method of the present invention include:

obtaining blacklist data (which can be a universal unique identity such as an identity card) submitted by other organizations, carrying out various Hash operations on the obtained data, mapping the obtained operation result to a Bit of a Bloom Filter data structure to verify whether the blacklist exists and the submission times of the blacklist, and returning a verification result; storing each blacklist data subjected to operation verification to form a blacklist shared library based on a Bloom Filter data structure, and updating the shared library after the operation verification of each blacklist data for query; and when other business systems initiate a blacklist query request, returning two results, namely whether the blacklist requested to be queried exists and the submission times of the blacklist.

Specifically, in the method of the present invention, the Bloom Filter employs a Bloom Filter with a counter, preferably dlCBF (d-Left Counting Bloom Filter), and the structure can record the number of the element added to the Bit through the counter, thereby implementing element deletion and calculating the number of times of submitting multiple parties of a blacklist; then, when the blacklist is inquired, whether the element exists or not can be returned, the number of times of submitting the element can be returned, and the method has important significance for verifying and confirming the multiple parties of the blacklist in the sharing of the blacklist.

In a specific example, the step of "calculating and storing the data based on the Bloom Filter, retrieving and querying the stored blacklist data, and determining whether the blacklist data exists in the shared library" is as follows:

s1, obtaining suspected (or determined) blacklist data, and obtaining effective identification data of the blacklist data, wherein the effective identification data is identity card data for example;

s2, in a local environment, performing 10 hash operations on the acquired ID card data, wherein the 10 hash operations comprise APHash, BKDRHAsh, BPHash, DJBHASh, DEKHASh, FNVHASh, JSHHash, PJWHASh, RSHash and SDBMHash, and then acquiring 10 hash values;

s3, submitting 10 hash values to a blacklist shared library based on the Bloom Filter data structure, wherein:

s31, if the 10 hash values are mapped to corresponding bits of the Bloom Filter data structure to be 1, indicating that other nodes submit the blacklist; step S4 is entered;

s32, if the 10 hash values are mapped to corresponding bits of the Bloom Filter data structure and are all 0, setting the bits to be 1; entering a step S5;

s4, counting the 10 bits through a Bloom Filter counter, so that the submission of the blacklist for a plurality of times is known; the more counts, the higher the severity of the blacklist; and respectively adding 1 to 10 bits of the counter;

s5, setting the value of the corresponding 10 bits in the Bloom Filter data structure as 1; and 1 is added to 10 bits of the counter, respectively.

In this embodiment, the number of bits m set by the Bloom Filter is 20 hundred million, the number of hash operations k is 10, and the storage rate of the Bloom Filter does not exceed 50%, so that 1 hundred million of blacklist elements can be accommodated, and the storage capacity is large.

The step of recording the submission detailed information of the blacklist data and sending the submission detailed information to the accounting nodes on the block chain so that the accounting nodes can be packaged into blocks and transmitted to each node comprises the following steps:

recording detailed information submitted to the Bloom Filter blacklist shared library, storing the detailed information to the local, sending the detailed information to the accounting node for the accounting node to package the detailed information into block data, transmitting the block data to each node, achieving data consistency among the nodes, and forming verifiable consistency with the Bloom Filter blacklist shared library; the commit record, here, may be considered a transaction in the blockchain.

When detail information of submitting blacklist data to a Bloom Filter blacklist shared library is recorded, a transaction is constructed according to the following data structure:

10 hash values of blacklist data, hash values obtained by splicing the 10 hash values and then performing SHA256, count values of the blacklist on a Bloom Filter, a timestamp, a public key and a private key digital signature of the node.

And sending the data block formed by the data structure to an accounting node for subsequent block uplink verification operation.

The steps of constructing an intelligent contract and managing the nodes on the block chain and the consensus mechanism comprise:

and deploying intelligent contracts on the public chain to perform identity authentication, consensus management and/or evidence storage on the transaction and consensus process among the nodes.

The block chain constructed in the invention comprises a alliance chain local node main body and an alliance chain public chain intelligent contract main body; the local node main body of the alliance chain comprises the Bloom Filter blacklist shared library module and a blacklist submission record shared account book module, and is deployed locally on all nodes together with the SDK interface module.

The nodes of the alliance chain realize point-to-point data sharing through a Gossip protocol, and the shared data comprises data on a Bloom Filter blacklist shared library module and a blacklist submission record shared account book module.

The alliance chain public chain intelligent contract main body comprises a public chain consensus management module, and the public chain consensus management module deploys three intelligent contracts on public chains such as an Ethernet workshop and the like in a program mode, wherein the three intelligent contracts comprise an identity authentication intelligent contract, a consensus management intelligent contract and a evidence storage intelligent contract, so that node management and consensus mechanism management of an alliance chain local node main body are achieved.

The intelligent contract for identity authentication is used for identity authentication management of the nodes participating in the alliance chain, and the public key of the alliance chain is stored in the intelligent contract; the consensus management intelligent contract is used for randomly distributing the accounting right of the nodes in the alliance chain and maintaining the accounting history; the evidence-preserving intelligent contract is used for preserving block data of the alliance chain, wherein the block data are related to the blacklist, and digital signatures of voting nodes aiming at the block data are preserved.

In a preferred embodiment of the present invention, the consensus management module develops three intelligent contracts based on an ethereal public link and using a Solidity language;

in another alternative embodiment, a centralized consensus management module can be adopted, namely a go language development program is used for realizing identity authentication, consensus management and certificate storage functions and running on a centralized server.

A block is generated every 20 minutes by a alliance chain (hereinafter also referred to as a blacklist alliance chain), all transaction information (namely detail information of a blacklist submission record) submitted by all nodes in 20 minutes is collected by the nodes responsible for accounting in the round, verification is carried out, block data is generated in a packaging mode, a hash value of a previous block is attached, block hash values of the block are generated by operation of SHA256, block header information is generated, and the block header information comprises: the block hash value of the previous block, the hash value of the block, the timestamp, the transaction number of the block and the private key signature of the accounting node; and then sending the block to other nodes (voting nodes), and entering a determined state by verifying and signing the block by more than half of the nodes.

Wherein the packing work of the accounting node comprises:

1) sorting all transaction information according to a time sequence and then splicing;

2) adding the hash value of the previous block;

3) performing SHA256 to generate block hash value of the cost block on the data in the steps 1) and 2);

4) generating block header information, the block header information including: the block hash value of the previous block, the hash value of the block, the timestamp, the transaction number in the block, and the private key signature of the accounting node.

And the packed block is sent to other nodes by the accounting node, the block which is verified and signed by more than half of the nodes enters a determined state, and the hash value of the block can be referred by the next block.

Furthermore, in the process of the verification consensus, the registration information and the public key address of all the alliance nodes are stored in the intelligent contract for the identity authentication, a new alliance node can be added through the intelligent contract, and a certain existing alliance node can be deleted.

And randomly selecting one address from the public key addresses of all the alliance nodes every 20 minutes by the consensus management intelligent contract, designating the address as a next round of accounting node, submitting block header information of the round to the intelligent contract for evidence storage by the node within 20 minutes, and randomly selecting another public key address as the accounting node of the round if the accounting node does not submit the block header information within 20 minutes, thereby ensuring contract execution.

In the alliance chain, the accounting node in the current round submits the block header information of the block in the current round to the intelligent contract for evidence storage, and the block header information of the block in the current round comprises the following steps: the block hash value of the previous block, the hash value of the block, the timestamp, the transaction number of the block and the private key signature of the accounting node.

And the non-accounting node (voting node) in the current round receives the block, verifies the transaction and the block, and submits the digital signature of the private key of the block to the verification intelligent contract for use as the verification vote after the verification is error-free.

The intelligent contract for storing the evidence stores the digital signature of the private key of each block from the non-accounting node, and records the number of the audited votes, if the number of the votes is more than half, the state of the block is set as the final state (qualified). Only the chunk in "final state" can its hash value be referenced by the next chunk.

Wherein, the verification work of the non-accounting node on the transaction comprises the following steps: 1) format correctness of transaction information, 2) consistency of 10 hash values in the transaction and Bloom Filter data structure state change, and 3) correctness verification of a private key digital signature in the transaction information.

The verification work of the non-accounting node on the block comprises the following steps: 1) consistency of transaction sequence and timestamp in the chunk, 2) consistency of all transaction executions in the chunk with the Bloom Filter data structure final state, 3) correctness of the chunk data format, 4) correctness of the chunk header hash value, 5) correctness of the private key digital signature of the accounting node.

And after the verification is correct, the non-accounting node submits the digital signature of the private key of the block to the evidence-storing intelligent contract.

After the identified block data is finished uplink, the participating nodes of the alliance chain can obtain credible blacklist data from the chain.

It is noted that the implementation of the invention and all of the functional operations provided herein can be implemented in digital electronic circuitry, or in computer software, firmware, or hardware, including the structures disclosed in this specification and their structural equivalents, or in combinations of one or more of them. Implementations of the present disclosure may be implemented as one or more computer program products, i.e., one or more modules of computer program instructions encoded on a computer-readable medium for execution by, or to control the operation of, data processing apparatus. The computer readable medium can be a machine-readable storage device, a machine-readable storage substrate, a memory device, a composition of matter effecting a machine-readable propagated signal, or a combination of one or more of them. The term "data processing apparatus" encompasses all apparatus, devices, and machines for processing data, including by way of example a programmable processor, a computer, or multiple processors or computers. The apparatus can include, in addition to hardware, code that creates an execution environment for the described computer program, e.g., code that constitutes processor firmware, a protocol stack, a database management system, an operating system, or a combination of one or more of them.

A computer program (also known as a program, software application, script, or code) can be written in any form of programming language, including compiled or interpreted languages, and it can be deployed in any form, including as a stand-alone program or as a module, component, subroutine, or other unit suitable for use in a computing environment. A computer program does not necessarily correspond to a file in a file system. A program can be stored in a portion of a file that holds other programs or data (e.g., one or more scripts stored in a markup language document), in a single file dedicated to the program in question, or in multiple coordinated files (e.g., files that store one or more modules, sub programs, or portions of code). A computer program can be deployed to be executed on one computer or on multiple computers at one site or distributed across multiple sites and interconnected by a communication network.

Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; such modifications and substitutions do not depart from the spirit and scope of the present invention, and they should be construed as being included in the following claims and description.

Claims (10)

1. A blacklist multiparty cross validation and sharing system is characterized by comprising

The system comprises a Bloom Filter blacklist shared library module, a BloomFilter blacklist database module and a BloomFilter database module, wherein the BloomFilter blacklist shared library module is used for acquiring blacklist data, performing calculation and storage based on the Bloom Filter, and searching and querying the stored blacklist data;

the blacklist submission record shared account book module is used for recording detailed information submitted to the Bloom Filter blacklist shared library module and sending the detailed information to the accounting nodes on the block chain, so that the accounting nodes can be packaged into blocks and transmitted to each node;

the public chain consensus management module is used for deploying an intelligent contract on a public chain so as to carry out node management and consensus mechanism management on the nodes on the blockchain;

and the interface module is used for providing a standardized program interface for a service system to access so as to submit the blacklist data and inquire the blacklist data.

2. The blacklisting multi-party cross validation and sharing system according to claim 1, wherein the BloomFilter blacklisting shared library module is specifically used for

Carrying out various Hash operations on the acquired blacklist data, mapping the obtained operation result to a Bit of the module Bloom Filter data structure to verify whether the blacklist exists and the submission times of the blacklist, and returning the verification result;

storing each blacklist data subjected to operation verification to form a blacklist shared library based on a Bloom Filter data structure, and updating the shared library after the operation verification of each blacklist data for query;

when a blacklist query request is received, the module at least returns two results, namely whether the blacklist requested to be queried exists and the submission times of the blacklist.

3. The system of claim 2, wherein the Bloom Filter is a Bloom Filter with a counter, and the number of Bit increment elements of a data structure of the Bloom Filter and the number of times of submission of the blacklist are recorded by the counter.

4. The system of claim 2, wherein the blacklist multiparty cross validation and sharing system is configured to construct a transaction according to the following data structure when the blacklist submission record shared ledger module stores the detail information:

the node comprises a plurality of hash values of blacklist data, hash values obtained by performing encryption operation after the plurality of hash values are spliced, count values of the blacklist on a Bloom Filter, a timestamp, a public key and a private key digital signature of the node.

5. The blacklisted multi-party cross validation and sharing system of claim 1, wherein the blockchain includes a federation chain local node principal and a federation chain public chain intelligent contract principal;

the local node main body of the alliance chain comprises the Bloom Filter blacklist shared library module and a blacklist submission record shared account book module, and is deployed locally on all nodes together with the interface module;

the alliance chain public chain intelligent contract main body comprises a public chain consensus management module, and the public chain consensus management module deploys at least three intelligent contracts on a public chain in a program mode, wherein the intelligent contracts comprise an identity authentication intelligent contract, a consensus management intelligent contract and a storage intelligent contract.

6. The blacklisted multi-party cross-validation and sharing system according to claim 5, wherein an identity authentication intelligent contract is used for identity authentication management of federation chain participant nodes, the public key of a federation chain being stored in an intelligent contract; the consensus management intelligent contract is used for randomly distributing the accounting right of the nodes in the alliance chain and maintaining the accounting history; the evidence-preserving intelligent contract is used for preserving block data of the alliance chain, wherein the block data are related to the blacklist, and digital signatures of voting nodes aiming at the block data are preserved.

7. The blacklist multiparty cross validation and sharing system according to claim 4, wherein the blacklist submission record sharing book module generates a data block every other preset time period, the node currently responsible for accounting collects all transaction information submitted by all nodes in the preset time period, performs validation and packaging to generate block data, attaches the hash value of the previous block, performs encryption operation to generate the block hash value of the cost block, and generates block header information; and then sending the block to a voting node, and entering a determined state by using more than half of the blocks verified and signed by the nodes.

8. A blacklist multiparty cross validation and sharing method is characterized by comprising the following steps:

acquiring blacklist data, calculating and storing the blacklist data based on Bloom Filter, retrieving and querying the stored blacklist data, and determining whether the blacklist data exists in a shared library;

recording the submission detailed information of the blacklist data, and sending the submission detailed information to the accounting nodes on the block chain, so that the accounting nodes can be packaged into blocks and transmitted to each node;

and deploying an intelligent contract, and managing the nodes on the blockchain and a consensus mechanism.

9. The method for cross-validation and sharing of blacklist and multiple parties as claimed in claim 8, wherein obtaining blacklist data, performing operation and storage based on Bloom Filter, and searching and querying the stored blacklist data to determine whether the blacklist data exists in a shared library, specifically comprises:

s1, obtaining suspected or determined blacklist data, and taking effective identification data of the blacklist data;

s2, in a local environment, performing 10 hash operations including 10 hash operations of APHash, BKDRHAsh, BPHash, DJBHASh, DEKHASh, FNVHASh, JSHHash, PJWHASh, RSHash and SDBMHash on the obtained effective identification data, and then obtaining 10 hash values;

s3, submitting 10 hash values to a blacklist shared library based on the Bloom Filter data structure, wherein:

s31, if the 10 hash values are mapped to corresponding bits of the Bloom Filter data structure to be 1, judging that other nodes submit the blacklist; entering a step S4;

s32, if the 10 hash values are mapped to corresponding bits of the Bloom Filter data structure and are all 0, setting the bits to be 1; entering a step S5;

s4, counting the 10 bits through a Bloom Filter counter, so that the submission of the blacklist for a plurality of times is known;

s5, setting the value of the corresponding 10 bits in the Bloom Filter data structure as 1; and 1 is added to 10 bits of the counter, respectively.

10. The blacklisting multi-party cross validation and sharing method according to claim 8, wherein deploying an intelligent contract to manage nodes and a consensus mechanism on the blockchain specifically comprises:

three intelligent contracts are deployed on the public chain, wherein the three intelligent contracts comprise an identity authentication intelligent contract, a consensus management intelligent contract and a storage intelligent contract, and the identity authentication intelligent contract is used for identity authentication management of the nodes participating in the public chain; the consensus management intelligent contract is used for randomly distributing the accounting right of the nodes in the alliance chain and maintaining the accounting history; the evidence-storing intelligent contract is used for storing block data of the alliance chain, which relates to the blacklist, and a digital signature of the voting node aiming at the block data;

the alliance chain generates a data block every other preset time period, all transaction information submitted by all nodes in the preset time period is collected by the node which is currently responsible for accounting, verification and packaging are carried out to generate block data, the hash value of the previous block is attached, the block hash value of the cost block is generated through encryption operation, and block header information is generated; then, the block is sent to a voting node, and more than half of the blocks verified and signed by the node enter a determined state;

randomly selecting an address from public key addresses of all alliance nodes every a preset time period by the consensus management intelligent contract, designating the address as a next round of accounting node, and submitting the round of block header information to a certificate-storing intelligent contract for certificate storage by the node within the preset time period; otherwise, the consensus management intelligent contract randomly selects another public key address as the accounting node of the current round.

Images