CN112288434B - Privacy transaction method, device, zero knowledge proof system and privacy transaction architecture model - Google Patents

Privacy transaction method, device, zero knowledge proof system and privacy transaction architecture model Download PDF

Info

Publication number
CN112288434B
CN112288434B CN202011313366.6A CN202011313366A CN112288434B CN 112288434 B CN112288434 B CN 112288434B CN 202011313366 A CN202011313366 A CN 202011313366A CN 112288434 B CN112288434 B CN 112288434B
Authority
CN
China
Prior art keywords
privacy
transaction
transfer
account
bill
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011313366.6A
Other languages
Chinese (zh)
Other versions
CN112288434A (en
Inventor
杜茂兵
赖奕宇
徐昊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Netease Hangzhou Network Co Ltd
Original Assignee
Netease Hangzhou Network Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Netease Hangzhou Network Co Ltd filed Critical Netease Hangzhou Network Co Ltd
Priority to CN202011313366.6A priority Critical patent/CN112288434B/en
Publication of CN112288434A publication Critical patent/CN112288434A/en
Application granted granted Critical
Publication of CN112288434B publication Critical patent/CN112288434B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Abstract

The invention provides a privacy transaction method, a device, a zero knowledge proof system and a privacy transaction architecture model, which relate to the technical field of blockchain, and are applied to a client side, wherein the privacy transaction method comprises the following steps: generating zero-knowledge transaction proof information; the zero-knowledge transaction proof information comprises the proof parameters of the user account encrypted by the public key of the supervision party; the proving parameters comprise the current privacy bill of the user account, the privacy bill to be transacted and the updated privacy bill; uploading the zero-knowledge transaction proof information to a blockchain node of the blockchain system so that the blockchain node can verify the validity of the zero-knowledge transaction proof information; if the verification is passed, carrying out privacy transaction with a pre-established privacy bill pool; the privacy bill pool is used for storing privacy bills to be transacted. The invention reduces the cost of bill management, can ensure higher security guarantee during transaction, and ensures the legitimacy and compliance of the transaction.

Description

Privacy transaction method, device, zero knowledge proof system and privacy transaction architecture model
Technical Field
The invention relates to the technical field of blockchains, in particular to a privacy transaction method, a device, a zero knowledge proof system and a privacy transaction architecture model.
Background
Data privacy is an important issue at present, and currently, in blockchain transactions, in order to ensure more privacy of transaction data, a zero-knowledge proof transaction mode is generally adopted. Existing zero-knowledge-based privacy transaction models, such as bill models, for example zflash coin, are cryptocurrency that maintains the overall privacy of the sender and receiver through zero-knowledge encryption techniques. However, the existing bill model is usually that one user owns a plurality of bills, so that the bill is often involved in merging or splitting when the transaction is performed, and if the user wants to know how much privacy amount one user owns, all the bills of the user need to be merged to know, so that the existing zero-knowledge-based privacy transaction has the problems of inconvenient use and high cost for managing own bills by the user.
Disclosure of Invention
The invention aims to provide a privacy transaction method, a device, a zero knowledge proof system and a privacy transaction architecture model, which improve the use convenience, reduce the bill management cost, ensure higher security guarantee during transaction and ensure the validity and compliance of the transaction.
In a first aspect, an embodiment of the present invention provides a method for private transaction, where the method is applied to a client; the client is provided with information of a user account; the user account corresponds to a unique privacy bill; the unique privacy ticket is used to characterize the existing total ticket of the user account; the method comprises the following steps: generating zero-knowledge transaction proof information; the zero-knowledge transaction proof information comprises the proof parameters of the user account encrypted by the public key of the supervision party; the proving parameters comprise the current privacy bill of the user account, the privacy bill to be transacted and the updated privacy bill; uploading the zero-knowledge transaction proof information to a blockchain node of the blockchain system so that the blockchain node can verify the validity of the zero-knowledge transaction proof information; if the verification is passed, carrying out privacy transaction with a pre-established privacy bill pool; the privacy bill pool is used for storing privacy bills to be transacted.
In an alternative embodiment, the user accounts include a transfer-out account and a transfer-in account; when the user account is a transfer-out account, the zero-knowledge transaction proof information is transfer-out proof information; a step of generating zero-knowledge proof of transaction information, comprising: determining a first proving parameter of the transfer-out account based on the constraint proving parameter and a pre-established zero knowledge proving system; the constraint proof parameters at least comprise: a private key of the transfer-out account, a balance of the transfer-out account, a private key of the balance of the transfer-out account, an amount to be transacted and a public key of a supervisor; the first proving parameters comprise a first current privacy bill, a privacy bill to be transacted and a first updated privacy bill which are transferred out of the account; encrypting the first proving parameter through the public key of the supervision party to generate an encrypted first proving parameter; generating roll-out certification information based on the encrypted first certification parameter and a preselected certification generation function; the pre-selected generated attestation functions include attestation generation functions of a pre-set function library.
In an alternative embodiment, the current privacy ticket is current account information of the user subjected to the first hash operation; the user current account information comprises a user current privacy amount and a current amount privacy key; the privacy bill to be transacted is the information to be transacted of the user through the second hash operation; the information to be transacted comprises the amount to be transacted and the privacy key to be transacted; updating account information for the user subjected to the third hash operation by the updated privacy bill; the user updated account information includes an updated privacy amount and an updated amount privacy key.
In an alternative embodiment, when the user account is a transfer-out account, the step of conducting a private transaction with a pre-established private bill pool includes: determining a first updated privacy ticket after performing the privacy transaction based on the privacy ticket to be transacted and the first current privacy ticket; transferring the bill to be transacted out to a pre-established bill privacy pool; transmitting transaction notification information to a transfer account through a preset instant messaging mode; the transaction notification information includes an amount to be transacted and a transaction key corresponding to the privacy instrument to be transacted.
In an alternative embodiment, when the user account is a transfer account, the zero-knowledge transaction proof information is transfer proof information; a step of generating zero-knowledge proof of transaction information, comprising: determining a second proving parameter of the account transferred to the user based on the transaction notification information and a pre-established zero knowledge proving system; encrypting the second proving parameter through the public key of the supervision party to generate an encrypted second proving parameter; the second proving parameters comprise a second current privacy bill transferred into the account, a privacy bill to be transacted and a second updated privacy bill; and generating transfer-in certification information based on the encrypted second certification parameters and the preselected certification generation function.
In an alternative embodiment, when the user account is a transfer account, the step of performing a private transaction with a pre-established private bill pool includes: the account is transferred to determine a second updated privacy bill after the privacy transaction is carried out based on the privacy bill to be transacted, and the privacy bill to be receipts of the privacy bill pool is consumed; and after the privacy notes to be transacted are consumed, removing the corresponding privacy notes to be transacted in the privacy note pool.
In an alternative embodiment, the method further comprises: and decrypting the private transaction data when the private transaction is carried out through the private key of the supervision party, and obtaining the decrypted transaction data so as to supervise the transaction.
In a second aspect, an embodiment of the present invention provides a method for private transaction, where the method is applied to a blockchain node; the method comprises the following steps: acquiring zero-knowledge transaction proof information of a user account; the zero-knowledge transaction proof information comprises the proof parameters of the user account encrypted by the public key of the supervision party; the proving parameters comprise the current privacy bill of the user account, the privacy bill to be transacted and the updated privacy bill; verifying the validity of the zero-knowledge transaction proof information; if the verification is passed, carrying out privacy transaction by the user account and a pre-established privacy bill pool; the privacy bill pool is used for storing privacy bills to be transacted.
In an alternative embodiment, the step of verifying the validity of the zero-knowledge transaction proof information includes: verifying the validity of the user bill for the user account; the user bill validity verification is used for verifying whether the current privacy bill of the user account is valid or not; if the verification is passed, verifying the validity of the zero-knowledge transaction verification information based on the verification parameters and a preselected verification function; the preselected verification function comprises a verification function of a preset function library; if the validity verification of the zero-knowledge transaction proof information is passed, a verification success message is returned.
In a third aspect, an embodiment of the present invention provides a method for private transaction, including: creating a user account on the blockchain node; the user account corresponds to a unique privacy bill; the unique privacy ticket is used to characterize the existing total ticket of the user account; the user accounts comprise a transfer-out account and a transfer-in account; the transfer-out account generates transfer-out certification information; the transfer-out certification information comprises a first certification parameter of the transfer-out account encrypted by a public key of the supervision party; the first proving parameters comprise a first current privacy bill, a privacy bill to be transacted and a first updated privacy bill which are transferred out of the account; the transfer-out account uploads transfer-out attestation information to the blockchain node based on the first communication protocol; the block chain node verifies the transfer-out certification information; if the verification is passed, the transfer-out account determines a first updated privacy bill after the privacy transaction is carried out based on the privacy bill to be transacted and the first current privacy bill, and transfers the bill to be transacted out to a bill privacy pool established in advance; the transfer-out account sends transaction notification information to the transfer-in account through a second communication protocol; the transaction notification information comprises an amount to be transacted and a transaction key corresponding to the privacy instrument to be transacted; the transfer account generates transfer-in proving information based on the transaction notification information; the transfer-in proving information comprises a second proving parameter of the transfer-in account encrypted by the public key of the supervision party; the second proving parameters comprise a second current privacy bill transferred into the account, a privacy bill to be transacted and a second updated privacy bill; the transfer-out account uploads transfer-in certification information to the blockchain node based on the first communication protocol; the block chain node verifies the transfer-in certification information; if the verification is passed, the account is transferred to determine a second updated privacy bill after the privacy transaction is carried out based on the privacy bill to be transacted, the privacy bill to be receipts in the privacy bill pool is consumed, and after the privacy bill to be transacted is consumed, the corresponding privacy bill to be transacted in the privacy bill pool is removed.
In a fourth aspect, an embodiment of the present invention provides a private transaction apparatus, where the apparatus is disposed at a client; the client is provided with a user account; the user account corresponds to a unique privacy bill; the unique privacy ticket is used to characterize the existing total ticket of the user account; the device comprises: the zero-knowledge transaction proof information generation module is used for generating zero-knowledge transaction proof information; the zero-knowledge transaction proof information comprises the proof parameters of the user account encrypted by the public key of the supervision party; the proving parameters comprise the current privacy bill of the user account, the privacy bill to be transacted and the updated privacy bill; the proving information sending module is used for uploading the zero-knowledge transaction proving information to a blockchain node of the blockchain system so that the blockchain link point can conduct validity verification on the zero-knowledge transaction proving information; the first privacy transaction module is used for carrying out privacy transaction with a pre-established privacy bill pool if verification is passed; the privacy bill pool is used for storing privacy bills to be transacted.
In a fifth aspect, an embodiment of the present invention provides a private transaction apparatus, including: the zero-knowledge transaction proof information acquisition module is used for acquiring zero-knowledge transaction proof information of the user account; the zero-knowledge transaction proof information comprises the proof parameters of the user account encrypted by the public key of the supervision party; the proving parameters comprise the current privacy bill of the user account, the privacy bill to be transacted and the updated privacy bill; the validity verification module is used for verifying the validity of the zero-knowledge transaction proof information; the second privacy transaction module is used for carrying out privacy transaction with a pre-established privacy bill pool by the user account if the verification is passed; the privacy bill pool is used for storing privacy bills to be transacted.
In a sixth aspect, an embodiment of the present invention provides a private transaction apparatus, including: an account creation module for creating a user account on the blockchain node; the user account corresponds to a unique privacy bill; the unique privacy ticket is used to characterize the existing total ticket of the user account; the user accounts comprise a transfer-out account and a transfer-in account; the first generation module is used for generating transfer-out certification information by the transfer-out account; the transfer-out certification information comprises a first certification parameter of the transfer-out account encrypted by a public key of the supervision party; the first proving parameters comprise a first current privacy bill, a privacy bill to be transacted and a first updated privacy bill which are transferred out of the account; the first sending module is used for uploading the transfer-out certification information to the blockchain node by the transfer-out account based on a first communication protocol; the first verification module is used for verifying the transfer-out certification information by the blockchain node; the transfer module is used for determining a first updated privacy bill after the privacy transaction by the transfer account based on the privacy bill to be transacted and the first current privacy bill if the verification is passed, and transferring the bill to be transacted to a bill privacy pool established in advance; the under-chain notification module is used for transmitting transaction notification information to the transfer account by the transfer account based on a second communication protocol; the transaction notification information comprises an amount to be transacted and a transaction key corresponding to the privacy instrument to be transacted; the second generation module is used for generating transfer-in proving information based on the transaction notification information by the transfer-in account; the transfer-in proving information comprises a second proving parameter of the transfer-in account encrypted by the public key of the supervision party; the second proving parameters comprise a second current privacy bill transferred into the account, a privacy bill to be transacted and a second updated privacy bill; the second sending module is used for uploading the transfer-in certification information to the blockchain node by the transfer-out account based on the first communication protocol; the second verification module is used for verifying the transfer-in certification information by the block chain node; and the accounting module is used for consuming the privacy bill to be accounted of the privacy bill pool if the account transfer account passes the verification and determines the second updated privacy bill after the privacy transaction is carried out based on the privacy bill to be transacted, and removing the corresponding privacy bill to be transacted in the privacy bill pool after consuming the privacy bill to be transacted.
In a seventh aspect, an embodiment of the present invention provides a zero-knowledge proof system, where the zero-knowledge proof system is respectively disposed in a client and a blockchain system; the zero knowledge proof system comprises: a transaction transfer-out circuit and a transaction transfer-in circuit; the transaction transfer-out circuit comprises a first user account subunit, a first intermediate amount subunit, a transaction transfer-out subunit, a first updated user account subunit and a first supervision subunit; the first user account subunit is used for proving that the user holds a transaction account; the first intermediate amount subunit is used for proving the transfer amount; the first transaction transfer-out subunit is used for ensuring the consistency of transaction amounts; the first supervision subunit is used for supervising the actual amount of the transaction process; the transaction transfer-in circuit comprises a second user account subunit, a second intermediate amount subunit, a transaction transfer-in subunit, a second updated user account subunit and a second supervision subunit; the second user account subunit is used for proving that the user holds a transaction account; the second intermediate amount subunit is used for proving the transfer amount; the transaction transfer-in subunit is used for ensuring the consistency of transaction amount; the second supervising subunit is used for supervising the actual amount of the transaction process.
In an eighth aspect, an embodiment of the present invention provides a private transaction architecture model, where the private transaction architecture model includes a client, a blockchain system, and a zero knowledge proof system as in the foregoing embodiment; the client communicates with the blockchain system; the zero knowledge proof system is respectively arranged on the client and the blockchain system; the client is configured to perform the method according to any of the preceding embodiments; the blockchain node is configured to perform the method of any of the previous embodiments.
In a ninth aspect, an embodiment of the present invention provides an electronic device, including a processor and a memory; a computer program is stored on a memory, which when run by a processor performs the method of any of the previous embodiments.
In a tenth aspect, embodiments of the invention provide a computer readable storage medium for storing a method according to any of the preceding embodiments, or for storing computer software instructions for use in a method according to any of the preceding embodiments.
The privacy transaction method, the device, the zero knowledge proof system and the privacy transaction architecture model provided by the invention are applied to a client privacy transaction method, and a user account is arranged on the client and corresponds to a unique privacy bill (an existing total bill for representing the user account). Firstly, generating zero-knowledge transaction verification information by a client, wherein the zero-knowledge transaction verification information comprises a verification parameter of a user account encrypted by a public key of a supervisor, the verification parameter comprises a current privacy bill of the user account, a privacy bill to be transacted and an updated privacy bill, the zero-knowledge transaction verification information is uploaded to a blockchain node of a blockchain system, so that the blockchain node performs validity verification on the zero-knowledge transaction verification information, and after the verification is passed, the zero-knowledge transaction verification information performs privacy transaction with a pre-established privacy bill pool, and the privacy bill pool is used for storing the privacy bill to be transacted. According to the method, the unique privacy bill is arranged at the client side, so that a user does not need to combine or split a plurality of bills during transaction, the using convenience is improved, and the bill management cost (such as time cost) is reduced; because the zero knowledge proof information is generated, higher security guarantee can be ensured during transaction, and the zero knowledge transaction information is obtained through public key encryption of a supervision party, so that the validity and compliance of the transaction are ensured.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are needed in the description of the embodiments or the prior art will be briefly described, and it is obvious that the drawings in the description below are some embodiments of the present invention, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a method for privacy trading provided in an embodiment of the present invention;
FIG. 2 is a flow chart of another method of privacy trading provided by an embodiment of the present invention;
FIG. 3 is a flowchart of a specific method for privacy trading according to an embodiment of the present invention;
FIG. 4 is a flowchart of another specific method of private transaction according to an embodiment of the present invention;
fig. 5 is a block diagram of a privacy trading device according to an embodiment of the present invention;
FIG. 6 is a block diagram of another privacy trading device according to an embodiment of the present invention;
FIG. 7 is a block diagram of a specific privacy trading device according to an embodiment of the present invention;
FIG. 8 is a block diagram of a zero knowledge proof system provided by an embodiment of the present invention;
FIG. 9 is a block diagram of a privacy transaction architecture model provided by an embodiment of the present invention;
fig. 10 is a block diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. The components of the embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations.
Thus, the following detailed description of the embodiments of the invention, as presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further definition or explanation thereof is necessary in the following figures.
In the description of the present invention, it should be noted that the terms "first," "second," and the like are used merely to distinguish between descriptions and should not be construed as indicating or implying relative importance.
Some embodiments of the present invention are described in detail below with reference to the accompanying drawings. The following embodiments and features of the embodiments may be combined with each other without conflict.
Considering the existing zero-knowledge based privacy transaction model, a user typically owns multiple notes, but may involve merging or splitting notes when conducting a transaction, and if one wants to know how much of a privacy amount a user owns, multiple notes must be merged to know. However, the bills are combined or split during transaction, or all user bills need to be combined when the balance of the user is inquired, so that the bill is inconvenient to use; if the user is a collection account, the user has a very high cost of managing his own notes. Based on the above, the invention provides a privacy transaction method, a device, a zero knowledge proof system and a privacy transaction architecture model, which improve the use convenience, reduce the cost of managing bills, ensure that higher security guarantee is provided during transaction, and ensure the legitimacy and compliance of the transaction.
For easy understanding, a detailed description will be given first of all of a private transaction method provided in an embodiment of the present invention, referring to a flowchart of a private transaction method shown in fig. 1, the method is applied to a client, before conducting a transaction, a user account is first created for each user on a blockchain, the user account corresponds to a unique private ticket, the unique private ticket is used to represent an existing total ticket of the user account, and a pool of private tickets to be billed is additionally created. The client is provided with a user account, that is, account information of the user account, such as user information of the user account, user privacy amount (represented by numerical value), amount privacy key, and the like, is stored on the client. The method mainly comprises the following steps of S102 to S106:
step S102, generating zero-knowledge transaction verification information.
When a user account carries out transaction, firstly, a client generates zero-knowledge proof transaction information, wherein the zero-knowledge proof transaction information comprises the proof parameters of the user account encrypted by a public key of a supervisor, the supervisor is a third party client which is distinguished from the client and a blockchain and is used for supervising the transaction process and the transaction data so as to ensure legal compliance of the transaction, and the public key of the supervisor is arranged at the client so as to be encrypted by the public key when the zero-knowledge proof transaction information is generated. The attestation parameters include a current privacy ticket for the user account, a to-be-transacted privacy ticket, and an updated privacy ticket. The ticket, i.e. the hidden balance value of the user, is usually obtained by hashing the balance value and is represented by a string of characters. It will be appreciated that the current privacy ticket of the user account, i.e. the existing total ticket of the user account, is the updated privacy ticket of the user account, i.e. the existing total ticket, when the user account is transacted.
Step S104, uploading the zero-knowledge transaction proof information to a blockchain node of the blockchain system so that the blockchain node can verify the validity of the zero-knowledge transaction proof information.
After the zero knowledge proof information is generated, the user account initiates the uplink verification, namely, the zero knowledge transaction proof information is uploaded to the blockchain node of the blockchain system. Because each user account corresponds to a unique privacy ticket, the privacy ticket is uploaded to the blockchain node so as to verify whether the unique privacy ticket held by the user is valid, and if so, the validity verification is further carried out on the generated zero-knowledge transaction information.
And step S106, if the verification is passed, carrying out privacy transaction with a pre-established privacy bill pool.
The pre-established pool of privacy notes is used to store (also referred to as deposit) privacy notes to be transacted when a transaction is initiated. It can be appreciated that the privacy notes generated by the user account when conducting the transaction (i.e., the privacy notes to be transacted described above) are all first deposited in the privacy note pool, such as when the user account initiates a transfer, the privacy notes to be transferred are added to the privacy note pool; when the user account initiates receipt, the privacy ticket is received from the privacy ticket pool. In one embodiment, when the initiated uplink authentication of the blockchain node to the user account passes, the user account transfers the privacy ticket to be transacted out or into a privacy ticket pool, and determines an updated privacy ticket based on the privacy ticket to be transacted and the current privacy ticket.
According to the privacy transaction method provided by the embodiment of the invention, the unique privacy bill is arranged at the client side, so that a user does not need to combine or split a plurality of bills during transaction, the convenience of use is improved, and the cost (such as time cost) for managing the bills is reduced; because the zero knowledge proof information is generated, higher security guarantee can be ensured during transaction, and the zero knowledge transaction information is obtained through public key encryption of a supervision party, so that the validity and compliance of the transaction are ensured.
Generally, when the transaction is performed, the main transaction types are respectively account transfer and account receipt, so the user account may further include a transfer account and a transfer account, and when the user account is a transfer account, the zero-knowledge transaction proof information is transfer proof information, and the step S102 may further include the following steps 1 to 3:
step 1, determining a first proving parameter of a transfer account based on constraint proving parameters and a pre-established zero knowledge proving system. The constraint proof parameters at least comprise: the private key of the transfer-out account, the balance privacy key of the transfer-out account, the amount to be transacted and the public key of the supervisor, and the first proving parameter comprises a first current privacy bill of the transfer-out account, a privacy bill to be transacted and a first updated privacy bill. The pre-established zero knowledge proof system can be integrated in the client and the blockchain system respectively so as to ensure the contract consistency of the client and the blockchain system when privacy transactions are carried out.
And 2, encrypting the first proving parameter through the public key of the supervision party, and generating the encrypted first proving parameter. When the transaction proof information is generated, the public key of the supervision party is used for encryption, so that the purposes of protecting the transaction completely in privacy and supervising by a third party can be achieved, and the privacy of the transaction and the legitimacy and compliance of the transaction are improved.
And 3, generating transfer-out certification information based on the encrypted first certification parameters and a preselected certification generation function, wherein the preselected generation certification function comprises a certification generation function of a preset function library, the preset function library can be various, such as a libsnark library, and the corresponding generation certification function is a r1cs_ppzksnark_provider function. In one embodiment, the first certification parameter is passed into the r1cs_ppzksnark_cover function, which may result in a string of characters, i.e., a transfer of certification information.
In one embodiment, the current privacy ticket is user current account information subjected to the first hash operation, where the user current account information includes a user current privacy amount and a current amount privacy key; the privacy bill to be transacted is user information to be transacted which is subjected to the second hash operation, the information to be transacted comprises the amount to be transacted and a privacy key to be transacted, the updated privacy bill is user updated account information which is subjected to the third hash operation, and the user updated account information comprises the updated privacy amount and the updated amount privacy key. It will be appreciated that when the user account is a transfer account, the zero-knowledge proof information may be expressed as zero-knowledge proof information based on [ Hash (current privacy amount value+current amount privacy key) =hash (updated privacy amount value+updated amount privacy key) +hash (amount to be transacted+privacy key to be transacted) AND supervisor public key encryption amount information data ], wherein "AND supervisor public key encryption amount information data" characterizes data (i.e., data) obtained by encrypting the privacy amount information with the supervisor public key. When the user account is a transfer account, the zero knowledge proof information may be expressed as [ Hash (current privacy amount value+current amount privacy key) +hash (amount to be transacted+privacy key to be transacted) =hash (updated privacy amount value+updated amount privacy key) AND supervisor public key encryption amount information data ].
When the user account is a transfer account, the step S106 further includes the following steps (1) to (3):
step (1), determining a first updated privacy ticket after performing the private transaction based on the to-be-transacted privacy ticket and the first current privacy ticket, wherein the transfer transaction is performed by the transfer account, so that the first updated privacy ticket transferred out of the account is necessarily reduced after the transaction, and therefore the first updated privacy ticket can be expressed as Hash (updated privacy amount value+updated amount privacy key) =hash (current privacy amount value+current amount privacy key) -Hash (to-be-transacted amount+to-be-transacted privacy key).
And (2) transferring the bill to be transacted out to a pre-established bill privacy pool.
And (3) sending transaction notification information to the transfer account through a preset instant messaging mode, wherein the transaction notification information comprises an amount to be transacted and a transaction key corresponding to a privacy bill to be transacted, the transaction notification information can also be called a receipt, the amount to be transacted is the receipt (as a numerical value), and the transaction password is the privacy key corresponding to the receipt (as a random 256 numerical value). It will be appreciated that the transaction processes described above are all implemented on-chain transactions, and the transaction notification information is sent using a preset instant messaging mode, which may include, for example, an end-to-end mode, or other communication modes off-chain, such as notification of transaction information via social APP or the like. The amount to be transacted and the transaction key are informed to the account through the communication mode under the chain, so that the privacy of the transaction on the chain can be further ensured, namely no one knows the specific amount of the transaction.
When the transfer account receives the transaction notification information under the chain, generating transfer proving information, wherein the step of generating the transfer proving information can comprise the following steps 1) to 3):
step 1), determining a second proving parameter of the account of the transfer-in user based on the transaction notification information and a pre-established zero knowledge proving system.
Step 2), encrypting the second proving parameter through the public key of the supervision party to generate an encrypted second proving parameter; the second attestation parameters include a second current privacy ticket that is transferred to the account, a privacy ticket to be transacted, and a second updated privacy ticket.
And 3) generating transfer-in certification information based on the encrypted second certification parameters and a preselected certification generation function.
After the transfer account generates transfer proving information, the uplink operation is executed, namely the transfer proving information is uploaded to the blockchain node, verification is carried out by the blockchain node so as to carry out privacy transaction with a pre-established privacy bill pool after the verification is passed, the transfer account determines a second updated privacy bill after the privacy transaction is carried out based on the privacy bill to be transacted, the privacy bill to be checked of the privacy bill pool is consumed, and after the privacy bill to be transacted is consumed, the corresponding privacy bill to be transacted in the privacy bill pool is removed.
In order to realize the complete privacy protection transaction and the third party supervision at the same time, the supervision party can export the uplink transaction at any time, and the supervision party decrypts the encrypted data of the account transfer by utilizing the private key of the supervision party so as to obtain the specific data of the transaction, so that the privacy transaction process of the bill is supervised.
The embodiment of the invention also provides a privacy transaction method applied to the block link points, referring to a flow chart of another privacy transaction method shown in fig. 2, the method mainly comprises the following steps S202 to S206:
step S202, obtaining zero-knowledge transaction evidence information of a user account; the zero-knowledge transaction proof information comprises the proof parameters of the user account encrypted by the public key of the supervision party; the proving parameters comprise the current privacy bill of the user account, the privacy bill to be transacted and the updated privacy bill;
step S204, validity verification is carried out on the zero-knowledge transaction proof information;
step S206, if the verification is passed, carrying out privacy transaction by the user account and a pre-established privacy bill pool; the privacy bill pool is used for storing privacy bills to be transacted.
According to the privacy transaction method provided by the embodiment of the invention, the zero knowledge proof information generated by the client is firstly obtained, and the validity of the zero knowledge transaction proof information is verified, so that higher security guarantee can be ensured during transaction, and the zero knowledge transaction information is obtained through public key encryption of the supervision party, so that the validity and compliance of the transaction are ensured.
After the client generates the zero knowledge proof information, the block chain node initiates the uplink verification, the block chain node executes the verification, and because each user account corresponds to a unique privacy bill, the user account is firstly subjected to user bill validity verification, the user bill validity verification is used for verifying whether the current privacy bill of the user account is valid, when the user bill is determined to be valid, the zero knowledge transaction proof information is subjected to validity verification based on the proof parameters and a preselected verification function, namely the proof parameters are input into the preselected verification function, if the verification is successful, a verification success message (true) is returned, and if the verification is failed, a verification failure message (false) is returned, wherein the preselected verification function can comprise a preset function library of which a plurality of functions can be adopted, such as a function r1cs_ppzksrk_verifier can be adopted when the preset function library is a libsrna library.
In one embodiment, the method may be represented in the form of pseudo code:
(one) build on-chain smart contracts, such as:
authentication & user privacy ticket-contract {
Each user holds a valid ticket;
A bill pool to be checked out;
transaction encryption data;
verifying and transferring out;
verification transfer;
}
(II) storing the following information for each user account client:
user information {
An account: an account on the blockchain;
user privacy amount: a numerical value;
monetary privacy key: random 256-bit values;
}
(III) user-generated roll-out proof
Outturn proof {
Account current privacy ticket: hash (user current privacy amount + amount privacy key);
privacy ticket to be checked out: hash (amount to be billed+privacy key to be billed);
account latest privacy ticket: hash (user latest privacy amount + amount privacy key);
transaction encrypted data: supervision public key encryption (plaintext information described above);
zero knowledge proof: transferring out the proving data;
}
and performs a chaining;
(IV) executing Smart contracts
Func performs roll-out {
1. Step one: checking the current privacy ticket validity ();
step two: judging the validity ()' of the zero knowledge proof information;
step three: updating the user latest privacy ticket ();
step four: adding the privacy ticket to be billed to the pool ();
step five: storing the encrypted data ();
}
(V) sending the bill to be billed to the bill receiving party end-to-end under line through client execution
Receipt {
Receipt amount: a numerical value;
The receipt amount corresponds to the privacy key: random 256-bit values;
}
sixth, the user generates a receipt zero knowledge proof
Transfer-in evidence {
Account current privacy ticket: hash (user current privacy amount + amount privacy key);
privacy ticket to be checked out: hash (amount to be billed+privacy key to be billed);
account latest privacy ticket: hash (user latest privacy amount + amount privacy key);
transaction encrypted data: supervision public key encryption (plaintext information described above);
zero knowledge proof: transferring into the proving data;
}
and performs a chaining;
the contract execution logic is as follows
Func performs roll-out {
Step one: checking the current privacy ticket validity ();
step two: judging the validity ()' of the zero knowledge proof information;
step three: updating the user latest privacy ticket ();
step four: consuming the privacy ticket to be checked out and removing ();
step five: storing the encrypted data ();
}
eighth, the supervisor pulls the transaction and decrypts the transaction by the private key to perform supervision
Func performs supervision {
Step one: pull on-chain transaction ();
step two: decrypting the transaction data and performing auditing;
step three: updating the user latest privacy ticket ();
step four: consuming the privacy ticket to be checked out and removing ();
Step five: storing the encrypted data ();
}
thus, the entire privacy transaction flow is completed.
Further, an embodiment of the present invention provides a specific private transaction method, referring to a flowchart of a specific private transaction method shown in fig. 3, the method mainly includes steps S302 to S320 as follows:
in step S302, a user account is created on the blockchain node, the user account corresponding to a unique privacy ticket, the unique privacy ticket being used to characterize an existing total ticket for the user account, the user account including a transfer-out account and a transfer-in account.
In step S304, the transfer-out account generates transfer-out attestation information, where the transfer-out attestation information includes a first attestation parameter of the transfer-out account encrypted by a public key of the supervisor, and the first attestation parameter includes a first current privacy ticket of the transfer-out account, a privacy ticket to be transacted, and a first updated privacy ticket.
In step S306, the roll-out account uploads roll-out attestation information to the blockchain node based on the first communication protocol.
Step S308, the blockchain node verifies the transfer-out certification information.
Step S310, if the verification is passed, the transfer-out account determines a first updated privacy ticket after the privacy transaction is performed based on the privacy ticket to be transacted and the first current privacy ticket, and transfers the ticket to be transacted out to a pre-established ticket privacy pool.
In step S312, the transfer account sends the transaction notification information to the transfer account via the second communication protocol. The transaction notification information includes an amount to be transacted and a transaction key corresponding to the privacy instrument to be transacted.
In step S314, the transfer account generates transfer-in certification information based on the transaction notification information. The transfer-in proving information comprises a second proving parameter of the transfer-in account encrypted by the public key of the supervision party, and the second proving parameter comprises a second current privacy bill of the transfer-in account, a privacy bill to be transacted and a second updated privacy bill.
In step S316, the roll-out account uploads roll-in attestation information to the blockchain node based on the first communication protocol.
In step S318, the blockchain node verifies the transfer-in certification information.
Step S320, if the verification is passed, the account is transferred to determine a second updated privacy ticket after the privacy transaction is performed based on the privacy ticket to be transacted, the privacy ticket to be collected in the privacy ticket pool is consumed, and after the privacy ticket to be transacted is consumed, the corresponding privacy ticket to be transacted in the privacy ticket pool is removed.
For ease of understanding, referring to the flowchart of another specific private transaction method shown in fig. 4, a user a (i.e. transfer out of an account) initiates a transfer, that is, generates zero knowledge proof information of [ Hash (existing value+private key) =hash (remaining value+private key) +hash (to-be-debited amount+to-be-debited private key) AND supervisor public key encryption amount information data ]; and then the user A performs uplink, namely, uploads the privacy bill, the encryption information, the certification data and the like to the blockchain, performs zero knowledge certification verification, performs message verification on the user bill, updates the account balance privacy bill after the verification is passed, and adds the privacy bill to be billed to the transaction pool. And the user A sends the amount of the privacy bill to be checked out and the privacy key to the receiver under the chain, and informs the receiver to check out. AND then the user B initiates receipt, namely zero knowledge proof information of [ Hash (existing amount+privacy key) +Hash (amount to be received+privacy key to be received) =Hash (new amount+privacy key) AND supervision public key encryption amount information data ] is generated, AND then the user B performs uplink, namely, the privacy bill, encryption information, proof data AND the like are uploaded to a blockchain, performs receipt zero knowledge proof verification, AND the user bill has message verification, AND after verification is passed, the account balance privacy bill is updated, the privacy bill to be received is updated into a consumed bill, AND a transaction pool is removed. In addition, the supervisor can export the uplink transaction, namely, the supervisor can decrypt the encrypted data of the transfer and receipt through the private key to obtain the transaction specific data, so as to supervise. In the above process shown in fig. 4, the user a and the user B hold the latest value+the value privacy key under the chain, and hold the privacy ticket Hash (value+value privacy key) of the user on the chain, and complete the transfer process by generating and receiving the ticket to be checked, and generate the encryption information by the supervisor public key when the certificate is generated, and decrypt the data by the supervisor private key, thereby achieving the purpose of completely protecting the transaction in privacy and realizing the supervision of the third party.
For the privacy transaction method corresponding to fig. 1, an embodiment of the present invention provides a privacy transaction device, referring to a structure diagram of the privacy transaction device shown in fig. 5, the device is disposed at a client, a user account is disposed on the client, the user account corresponds to a unique privacy ticket, and the unique privacy ticket is used for representing an existing total ticket of the user account, and the device mainly includes the following parts:
a zero-knowledge transaction proof information generation module 502, configured to generate zero-knowledge transaction proof information; the zero-knowledge transaction proof information comprises the proof parameters of the user account encrypted by the public key of the supervision party; the proving parameters comprise the current privacy bill of the user account, the privacy bill to be transacted and the updated privacy bill;
a certification information sending module 504, configured to upload zero-knowledge transaction certification information to a blockchain node of the blockchain system, so that the blockchain node performs validity verification on the zero-knowledge transaction certification information;
a first private transaction module 506, configured to perform a private transaction with a pre-established private ticket pool if the verification is passed; the privacy bill pool is used for storing privacy bills to be transacted.
According to the privacy transaction device provided by the embodiment of the invention, the unique privacy bill is arranged at the client side, so that a user does not need to combine or split a plurality of bills during transaction, the convenience of use is improved, and the cost (such as time cost) for managing the bills is reduced; because the zero knowledge proof information is generated, higher security guarantee can be ensured during transaction, and the zero knowledge transaction information is obtained through public key encryption of a supervision party, so that the validity and compliance of the transaction are ensured.
In one embodiment, the user accounts include a transfer-out account and a transfer-in account; when the user account is the transfer-out account, the zero-knowledge transaction proof information is the transfer-out proof information; the zero-knowledge transaction verification information generation module 502 is further configured to determine a first verification parameter of the transfer account based on a constraint verification parameter and a pre-established zero-knowledge verification system; the constraint proving parameters at least comprise: the private key of the transfer-out account, the balance of the transfer-out account, the private key of the balance of the transfer-out account, the amount to be transacted and the public key of the supervisor; the first proving parameter comprises a first current privacy bill of the transfer account, the privacy bill to be transacted and a first updated privacy bill; encrypting the first proving parameter through the public key of the supervision party to generate an encrypted first proving parameter; generating the roll-out attestation information based on the encrypted first attestation parameters and a preselected attestation generation function; the pre-selected generated attestation functions include attestation generation functions of a pre-set function library.
In one embodiment, when the user account is the transfer account, the first privacy transaction module 506 is further configured to determine the first updated privacy ticket after performing the privacy transaction based on the to-be-transacted privacy ticket and the first current privacy ticket; transferring the bill to be transacted out to the pre-established bill privacy pool; transmitting transaction notification information to the transfer account through a preset instant messaging mode; the transaction notification information comprises an amount to be transacted and a transaction key corresponding to the privacy instrument to be transacted.
In one embodiment, when the user account is the transfer account, the zero-knowledge transaction proof information is transfer proof information; the zero-knowledge transaction verification information generation module 502 is further configured to determine a second verification parameter of the account of the transfer-in user based on the transaction notification information and a pre-established zero-knowledge verification system; encrypting the second proving parameter through the public key of the supervision party to generate an encrypted second proving parameter; the second proving parameter comprises a second current privacy bill of the transferred account, the privacy bill to be transacted and a second updated privacy bill; and generating the transfer-in certification information based on the encrypted second certification parameter and the preselected certification generation function.
In one embodiment, when the user account is the transfer account, the first private transaction module 506 is further configured to determine, based on the to-be-transacted private ticket, the second updated private ticket after performing the private transaction, and consume the to-be-billed private ticket in the private ticket pool; and after the privacy notes to be transacted are consumed, removing the corresponding privacy notes to be transacted in the privacy note pool.
In one embodiment, the apparatus further comprises: and the supervision module is used for decrypting the private transaction data during private transaction through the private key of the supervision party to obtain decrypted transaction data so as to supervise the transaction.
The device provided in this embodiment has the same implementation principle and technical effects as those of the foregoing embodiment, and for brevity, reference may be made to the corresponding content in the foregoing method embodiment for a part of the description of the device embodiment that is not mentioned.
For the above-mentioned private transaction method shown in fig. 2, an embodiment of the present invention provides a private transaction apparatus, referring to a block diagram of another private transaction apparatus shown in fig. 6, the apparatus mainly includes the following parts:
a zero-knowledge transaction proof information acquisition module 602, configured to acquire zero-knowledge transaction proof information of a user account; the zero-knowledge transaction proof information comprises the proof parameters of the user account encrypted by the public key of the supervision party; the proving parameters comprise the current privacy bill of the user account, the privacy bill to be transacted and the updated privacy bill;
a validity verification module 604, configured to perform validity verification on the zero-knowledge transaction proof information;
a second private transaction module 606, configured to conduct a private transaction with a pre-established private bill pool by the user account if the verification is passed; the privacy bill pool is used for storing privacy bills to be transacted.
According to the privacy transaction device provided by the embodiment of the invention, the zero knowledge proof information generated by the client is firstly obtained, and the validity of the zero knowledge transaction proof information is verified, so that higher security guarantee can be ensured during transaction, and the zero knowledge transaction information is obtained through public key encryption of the supervision party, so that the validity and compliance of the transaction are ensured.
In one embodiment, the validity verification module 604 is further configured to perform user ticket validity verification on the user account; the user ticket validity verification is used for verifying whether the current privacy ticket of the user account is valid or not; if the verification is passed, verifying the validity of the zero-knowledge transaction verification information based on the verification parameters and a preselected verification function; the preselected verification function comprises a verification function of a preset function library; and if the validity verification of the zero-knowledge transaction proof information is passed, returning a verification success message.
The device provided in this embodiment has the same implementation principle and technical effects as those of the foregoing embodiment, and for brevity, reference may be made to the corresponding content in the foregoing method embodiment for a part of the description of the device embodiment that is not mentioned.
The embodiment of the invention also provides a specific privacy transaction device, referring to a structural diagram of the specific privacy transaction device shown in fig. 7, the device mainly comprises the following parts:
an account creation module 702 for creating a user account on a blockchain node; the user account corresponds to a unique privacy bill; the unique privacy ticket is used to characterize the existing total ticket of the user account; the user accounts comprise a transfer-out account and a transfer-in account;
a first generation module 704, configured to generate transfer-out proof information from a transfer-out account; the transfer-out certification information comprises a first certification parameter of the transfer-out account encrypted by a public key of the supervision party; the first proving parameters comprise a first current privacy bill, a privacy bill to be transacted and a first updated privacy bill which are transferred out of the account;
a first sending module 706, configured to upload the roll-out proof information to the blockchain node by the roll-out account based on the first communication protocol;
a first verification module 708, configured to verify the transfer-out proof information by the blockchain node;
the transfer module 710 is configured to, if the verification is passed, determine, by the transfer account, a first updated privacy ticket after performing the private transaction based on the to-be-transacted privacy ticket and the first current privacy ticket, and transfer the to-be-transacted ticket to a pre-established ticket privacy pool;
An under-chain notification module 712 for the transfer-out account transmitting transaction notification information to the transfer-in account based on the second communication protocol; the transaction notification information comprises an amount to be transacted and a transaction key corresponding to the privacy instrument to be transacted;
a second generation module 714 for generating transfer-in attestation information based on the transaction notification information for the transfer-in account; the transfer-in proving information comprises a second proving parameter of the transfer-in account encrypted by the public key of the supervision party; the second proving parameters comprise a second current privacy bill transferred into the account, a privacy bill to be transacted and a second updated privacy bill;
a second sending module 716, configured to upload the transfer-in proof information to the blockchain node by the transfer-out account based on the first communication protocol;
the second verification module 718 is configured to verify the transfer-in certification information by using the blockchain node;
the accounting module 720 is configured to, if the verification is passed, transfer into the account to determine a second updated privacy ticket after performing the privacy transaction based on the privacy ticket to be transacted, consume the privacy ticket to be accounting in the privacy ticket pool, and remove the privacy ticket to be transacted corresponding to the privacy ticket pool after consuming the privacy ticket to be transacted.
According to the privacy transaction device provided by the embodiment of the invention, the transfer-out proving information generated by the transfer-out account client is firstly obtained, and the validity of the transfer-out proving information is verified, so that higher security guarantee can be ensured during transaction, and the transfer-out proving information is obtained through public key encryption of a supervision party, so that the validity and compliance of the transaction are ensured.
The embodiment of the invention provides a zero knowledge proof system which is respectively arranged on a client and a blockchain system, and is shown in a structural diagram of the zero knowledge proof system in fig. 8, wherein the zero knowledge proof system comprises a transaction transfer-out circuit and a transaction transfer-in circuit, the transaction transfer-out circuit comprises a first user account subunit, a first intermediate amount subunit, a transaction transfer-out subunit, a first updated user account subunit and a first supervision subunit, the first user account subunit is used for proving that a user holds a transaction account, the first intermediate amount subunit is used for proving transfer-out amount, the first transaction transfer-out subunit is used for guaranteeing consistency of transaction amount, and the first supervision subunit is used for supervising the actual amount of a transaction process; the transaction transfer-in circuit comprises a second user account subunit, a second intermediate amount subunit, a transaction transfer-in subunit, a second updated user account subunit and a second supervision subunit, wherein the second user account subunit is used for proving that a user holds a transaction account, the second intermediate amount subunit is used for proving transfer-out amount, the transaction transfer-in subunit is used for guaranteeing consistency of transaction amount, and the second supervision subunit is used for supervising actual amount in a transaction process.
Any one of the privacy trading methods in the above embodiments may be implemented by the zero knowledge proof system of the present embodiment, and the implementation principle and the generated technical effects are the same as those of the foregoing embodiments, and are not described herein for brevity.
The embodiment of the invention also provides a privacy transaction architecture model, referring to a structural diagram of the privacy transaction architecture model shown in fig. 9, wherein the privacy transaction architecture model comprises a zero knowledge proof generation client, a blockchain system and the zero knowledge proof system, the client is communicated with the blockchain system, the zero knowledge proof system is respectively arranged at the client and the blockchain system, and the client and the blockchain point are used for executing the privacy transaction method in the embodiment.
The embodiment of the invention provides electronic equipment, which comprises a processor and a storage device; the storage means has stored thereon a computer program which, when executed by the processor, performs the method of any of the embodiments described above.
Fig. 10 is a schematic structural diagram of an electronic device according to an embodiment of the present invention, where the electronic device 1000 includes: a processor 100, a memory 101, a bus 102 and a communication interface 103, the processor 100, the communication interface 103 and the memory 101 being connected by the bus 102; the processor 100 is arranged to execute executable modules, such as computer programs, stored in the memory 101.
The memory 101 may include a high-speed random access memory (RAM, randomAccessMemory) and may further include a non-volatile memory (non-volatile memory), such as at least one magnetic disk memory. The communication connection between the system network element and at least one other network element is implemented via at least one communication interface 103 (which may be wired or wireless), and may use the internet, a wide area network, a local network, a metropolitan area network, etc.
Bus 102 may be an ISA bus, a PCI bus, an EISA bus, or the like. The buses may be classified as address buses, data buses, control buses, etc. For ease of illustration, only one bi-directional arrow is shown in FIG. 10, but not only one bus or type of bus.
The memory 101 is configured to store a program, and the processor 100 executes the program after receiving an execution instruction, where the method executed by the apparatus for flow defining disclosed in any of the foregoing embodiments of the present invention may be applied to the processor 100 or implemented by the processor 100.
The processor 100 may be an integrated circuit chip with signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in the processor 100 or by instructions in the form of software. The processor 100 may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU for short), a network processor (Network Processor, NP for short), etc.; but may also be a digital signal processor (Digital Signal Processing, DSP for short), application specific integrated circuit (Application Specific Integrated Circuit, ASIC for short), off-the-shelf programmable gate array (Field-Programmable Gate Array, FPGA for short), or other programmable logic device, discrete gate or transistor logic device, discrete hardware components. The disclosed methods, steps, and logic blocks in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be embodied directly in the execution of a hardware decoding processor, or in the execution of a combination of hardware and software modules in a decoding processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in the memory 101, and the processor 100 reads the information in the memory 101 and, in combination with its hardware, performs the steps of the method described above.
The embodiment of the invention provides a privacy transaction method, a device, a zero knowledge proof system and a computer program product of a privacy transaction architecture model, which comprise a computer readable storage medium storing nonvolatile program codes executable by a processor, wherein the computer readable storage medium stores a computer program, and when the computer program is executed by the processor, the method described in the previous method embodiment is executed, and specific implementation can be seen in the method embodiment and will not be repeated herein.
It will be clear to those skilled in the art that, for convenience and brevity of description, the specific working process of the system described above may refer to the corresponding process in the foregoing embodiment, which is not described in detail herein.
The computer program product of the readable storage medium provided by the embodiment of the present invention includes a computer readable storage medium storing a program code, where the program code includes instructions for executing the method described in the foregoing method embodiment, and specific implementation may refer to the method embodiment and will not be described herein.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present invention, and not for limiting the same; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some or all of the technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit of the invention.

Claims (17)

1. A method of private transaction, the method being applied to a client; the client is provided with information of a user account; the user account corresponds to a unique privacy bill; the unique privacy ticket is used for characterizing an existing total ticket of the user account; the method comprises the following steps:
generating zero-knowledge transaction proof information; the zero-knowledge transaction certification information comprises certification parameters of the user account encrypted by a public key of a supervision party; the proving parameters comprise a current privacy bill, a to-be-transacted privacy bill and an updated privacy bill of the user account;
uploading the zero-knowledge transaction proof information to a blockchain node of a blockchain system so that the blockchain node can conduct validity verification on the zero-knowledge transaction proof information;
If the verification is passed, carrying out privacy transaction with a pre-established privacy bill pool; the privacy bill pool is used for storing the privacy bill to be transacted.
2. The method of claim 1, wherein the user account comprises a transfer-out account and a transfer-in account; when the user account is the transfer-out account, the zero-knowledge transaction proof information is the transfer-out proof information;
the step of generating the zero-knowledge proof of transaction information includes:
determining a first attestation parameter of the transfer-out account based on a constraint attestation parameter and a pre-established zero knowledge attestation system; the constraint proving parameters at least comprise: the private key of the transfer-out account, the balance of the transfer-out account, the private key of the balance of the transfer-out account, the amount to be transacted and the public key of the supervisor; the first proving parameter comprises a first current privacy bill of the transfer account, the privacy bill to be transacted and a first updated privacy bill;
encrypting the first proving parameter through the public key of the supervision party to generate an encrypted first proving parameter;
generating the roll-out attestation information based on the encrypted first attestation parameters and a preselected attestation generation function; the pre-selected generated attestation functions include attestation generation functions of a pre-set function library.
3. The method of claim 1, wherein the step of determining the position of the substrate comprises,
the current privacy bill is the current account information of the user subjected to the first hash operation; the user current account information comprises a user current privacy amount and a current amount privacy key;
the privacy bill to be transacted is user information to be transacted through a second hash operation; the information to be transacted comprises the amount to be transacted and the privacy key to be transacted;
the updated privacy bill updates account information for the user subjected to the third hash operation; the user updated account information includes an updated privacy amount and an updated amount privacy key.
4. The method of claim 2, wherein the step of conducting a private transaction with a pre-established pool of private notes when the user account is the transfer-out account comprises:
determining the first updated privacy ticket after carrying out privacy transaction based on the privacy ticket to be transacted and the first current privacy ticket;
transferring the privacy bill to be transacted out to the pre-established bill privacy pool;
transmitting transaction notification information to the transfer account through a preset instant messaging mode; the transaction notification information comprises an amount to be transacted and a transaction key corresponding to the privacy instrument to be transacted.
5. The method of claim 4, wherein the zero-knowledge transaction verification information is transfer verification information when the user account is the transfer account;
the step of generating zero-knowledge proof of transaction information includes:
determining a second proving parameter of the transfer account based on the transaction notification information and a pre-established zero knowledge proving system;
encrypting the second proving parameter through the public key of the supervision party to generate an encrypted second proving parameter; the second proving parameter comprises a second current privacy bill of the transferred account, the privacy bill to be transacted and a second updated privacy bill;
and generating the transfer-in certification information based on the encrypted second certification parameter and the preselected certification generation function.
6. The method of claim 5, wherein the step of conducting a private transaction with a pre-established pool of private notes when the user account is the transfer account comprises:
the transfer account determines the second updated privacy ticket after privacy transaction based on the privacy ticket to be transacted, and consumes the privacy ticket to be transacted in the privacy ticket pool;
And after the privacy notes to be transacted are consumed, removing the corresponding privacy notes to be transacted in the privacy note pool.
7. The method according to claim 1, wherein the method further comprises:
and decrypting the private transaction data when the private transaction is carried out by the private key of the supervision party to obtain decrypted transaction data so as to supervise the transaction.
8. A method of private transaction, characterized in that it is applied to a blockchain node that communicates with a client that performs the method of private transaction of any of claims 1 to 7, said client having information of a user account provided thereon; the user account corresponds to a unique privacy bill; the unique privacy ticket is used for characterizing an existing total ticket of the user account; the method comprises the following steps:
acquiring zero-knowledge transaction evidence information of a user account generated by a client; the zero-knowledge transaction certification information comprises certification parameters of the user account encrypted by a public key of a supervision party; the proving parameters comprise a current privacy bill, a to-be-transacted privacy bill and an updated privacy bill of the user account;
Carrying out validity verification on the zero-knowledge transaction proof information;
if the verification is passed, carrying out privacy transaction with a pre-established privacy bill pool by the user account; the privacy bill pool is used for storing the privacy bill to be transacted.
9. The method of claim 8, wherein the step of validating the zero-knowledge proof of transaction information comprises:
verifying the validity of the user bill for the user account; the user ticket validity verification is used for verifying whether the current privacy ticket of the user account is valid or not;
if the verification is passed, verifying the validity of the zero-knowledge transaction verification information based on the verification parameters and a preselected verification function; the preselected verification function comprises a verification function of a preset function library;
and if the validity verification of the zero-knowledge transaction proof information is passed, returning a verification success message.
10. A method of private trading, the method comprising:
creating a user account on the blockchain node; the user account corresponds to a unique privacy bill; the unique privacy ticket is used for characterizing an existing total ticket of the user account; the user accounts comprise a transfer-out account and a transfer-in account;
The client of the transfer-out account generates transfer-out certification information; the transfer-out certification information comprises a first certification parameter of the transfer-out account encrypted by a public key of a supervision party; the first proving parameters comprise a first current privacy bill, a privacy bill to be transacted and a first updated privacy bill of the transfer account;
the client of the transfer-out account uploads the transfer-out evidence information to a blockchain node based on a first communication protocol;
the blockchain node verifies the transfer-out certification information;
if the verification is passed, the transfer-out account determines the first updated privacy bill after the privacy transaction is carried out based on the privacy bill to be transacted and the first current privacy bill, and transfers the privacy bill to be transacted to a privacy bill pool;
the transfer-out account sends transaction notification information to the transfer-in account based on a second communication protocol; the transaction notification information comprises an amount to be transacted and a transaction key corresponding to the privacy ticket to be transacted;
the transfer account generates transfer proving information based on the transaction notification information; the transfer-in proving information comprises a second proving parameter of the transfer-in account encrypted by a public key of a supervision party; the second proving parameter comprises a second current privacy bill of the transferred account, the privacy bill to be transacted and a second updated privacy bill;
The transfer-out account uploads the transfer-in proof information to a blockchain node based on a first communication protocol;
the blockchain node verifies the transfer-in proving information;
and if the verification is passed, the transfer account determines the second updated privacy bill after the privacy transaction based on the privacy bill to be transacted, consumes the privacy bill to be transacted in the privacy bill pool, and removes the corresponding privacy bill to be transacted in the privacy bill pool after consuming the privacy bill to be transacted.
11. A privacy trading device, characterized in that the device is arranged at a client; the client is provided with a user account; the user account corresponds to a unique privacy bill; the unique privacy ticket is used for characterizing an existing total ticket of the user account; the device comprises:
the zero-knowledge transaction proof information generation module is used for generating zero-knowledge transaction proof information; the zero-knowledge transaction certification information comprises certification parameters of the user account encrypted by a public key of a supervision party; the proving parameters comprise a current privacy bill, a to-be-transacted privacy bill and an updated privacy bill of the user account;
The proving information sending module is used for uploading the zero-knowledge transaction proving information to a blockchain node of a blockchain system so that the blockchain node can conduct validity verification on the zero-knowledge transaction proving information;
the first privacy transaction module is used for carrying out privacy transaction with a pre-established privacy bill pool if verification is passed; the privacy bill pool is used for storing the privacy bill to be transacted.
12. A private transaction device, characterized in that the device application communicates with a blockchain node, which is in communication with a client performing the private transaction method of any of claims 1 to 7, the client having information of a user account provided thereon; the user account corresponds to a unique privacy bill; the means for the unique privacy ticket to characterize an existing total ticket for the user account comprises:
the zero-knowledge transaction proof information acquisition module is used for acquiring zero-knowledge transaction proof information of a user account generated by the client; the zero-knowledge transaction certification information comprises certification parameters of the user account encrypted by a public key of a supervision party; the proving parameters comprise a current privacy bill, a to-be-transacted privacy bill and an updated privacy bill of the user account;
The validity verification module is used for verifying the validity of the zero-knowledge transaction proof information;
the second privacy transaction module is used for carrying out privacy transaction with a pre-established privacy bill pool by the user account if the verification is passed; the privacy bill pool is used for storing the privacy bill to be transacted.
13. A private transaction device, the device comprising:
an account creation module for creating a user account on the blockchain node; the user account corresponds to a unique privacy bill; the unique privacy ticket is used for characterizing an existing total ticket of the user account; the user accounts comprise a transfer-out account and a transfer-in account;
the first generation module is used for generating transfer-out certification information by the transfer-out account; the transfer-out certification information comprises a first certification parameter of the transfer-out account encrypted by a public key of a supervision party; the first proving parameters comprise a first current privacy bill, a privacy bill to be transacted and a first updated privacy bill of the transfer account;
the first sending module is used for uploading the transfer-out proving information to a blockchain node by the transfer-out account based on a first communication protocol;
The first verification module is used for verifying the transfer-out certification information by the blockchain node;
the transfer module is used for determining the first updated privacy bill after the privacy transaction based on the privacy bill to be transacted and the first current privacy bill by the transfer account if verification is passed, and transferring the privacy bill to be transacted out to the privacy bill pool;
the under-chain notification module is used for sending transaction notification information to the transfer account based on a second communication protocol by the transfer account; the transaction notification information comprises an amount to be transacted and a transaction key corresponding to the privacy ticket to be transacted;
the second generation module is used for generating transfer-in proving information based on the transaction notification information by the transfer-in account; the transfer-in proving information comprises a second proving parameter of the transfer-in account encrypted by a public key of a supervision party; the second proving parameter comprises a second current privacy bill of the transferred account, the privacy bill to be transacted and a second updated privacy bill;
the second sending module is used for uploading the transfer-in proving information to the blockchain node by the transfer-out account based on a first communication protocol;
The second verification module is used for verifying the transfer-in certification information by the blockchain node;
and the receipt module is used for consuming the privacy bill to be transacted in the privacy bill pool if the verification is passed and the transfer account determines the second updated privacy bill after the privacy transaction is carried out based on the privacy bill to be transacted, and removing the corresponding privacy bill to be transacted in the privacy bill pool after the privacy bill to be transacted is consumed.
14. The zero knowledge proof system is characterized by being respectively arranged at a client and a blockchain system; the zero knowledge proof system comprises: a transaction transfer-out circuit and a transaction transfer-in circuit;
the transaction transfer-out circuit comprises a first user account subunit, a first intermediate amount subunit, a transaction transfer-out subunit, a first updated user account subunit and a first supervision subunit; the first user account subunit is used for proving that the user holds a transaction account; the first intermediate amount subunit is used for proving the transfer amount; the transaction transfer-out subunit is used for ensuring the consistency of transaction amount; the first supervision subunit is used for supervising the actual amount of the transaction process;
The transaction transfer-in circuit comprises a second user account subunit, a second intermediate amount subunit, a transaction transfer-in subunit, a second updated user account subunit and a second supervision subunit; the second user account subunit is used for proving that the user holds a transaction account; the second intermediate amount subunit is used for proving the transfer amount; the transaction transfer-in subunit is used for ensuring the consistency of transaction amount; the second supervising subunit is configured to supervise an actual amount of the transaction process.
15. A privacy transaction architecture model comprising a client, a blockchain system, and the zero knowledge proof system of claim 14; the client communicates with the blockchain system; the zero knowledge proof system is respectively arranged at the client and the blockchain system; the client being adapted to perform the method of any of claims 1 to 7; the blockchain node is configured to perform the method of any of claims 8 to 9.
16. An electronic device comprising a processor and a memory;
the memory has stored thereon a computer program which, when executed by the processor, performs the method of any of claims 1 to 7, claims 8 to 9 or claim 10.
17. A computer readable storage medium storing computer software instructions for use in the method of any one of claims 1 to 7, 8 to 9 or 10.
CN202011313366.6A 2020-11-20 2020-11-20 Privacy transaction method, device, zero knowledge proof system and privacy transaction architecture model Active CN112288434B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011313366.6A CN112288434B (en) 2020-11-20 2020-11-20 Privacy transaction method, device, zero knowledge proof system and privacy transaction architecture model

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011313366.6A CN112288434B (en) 2020-11-20 2020-11-20 Privacy transaction method, device, zero knowledge proof system and privacy transaction architecture model

Publications (2)

Publication Number Publication Date
CN112288434A CN112288434A (en) 2021-01-29
CN112288434B true CN112288434B (en) 2023-07-25

Family

ID=74399732

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011313366.6A Active CN112288434B (en) 2020-11-20 2020-11-20 Privacy transaction method, device, zero knowledge proof system and privacy transaction architecture model

Country Status (1)

Country Link
CN (1) CN112288434B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113112252B (en) * 2021-04-28 2023-03-10 深圳壹账通智能科技有限公司 Resource transfer method and device based on block chain, electronic equipment and storage medium
CN113221148A (en) * 2021-05-27 2021-08-06 中国人民银行数字货币研究所 Information verification method and device
CN114707167A (en) * 2021-11-22 2022-07-05 支付宝(杭州)信息技术有限公司 Data processing method, device, equipment and system based on block chain
CN114244534A (en) * 2021-12-21 2022-03-25 杭州趣链科技有限公司 Data storage method, device, equipment and storage medium
CN113988863B (en) * 2021-12-28 2022-03-29 浙江大学 Supervision-capable online payment privacy protection method and device and electronic equipment
CN115129787A (en) * 2022-06-29 2022-09-30 蚂蚁区块链科技(上海)有限公司 Method and device for maintaining block chain data, electronic equipment and storage medium

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106982205A (en) * 2017-03-01 2017-07-25 中钞信用卡产业发展有限公司北京智能卡技术研究院 Digital asset treating method and apparatus based on block chain
CN108389046A (en) * 2018-02-07 2018-08-10 西安交通大学 Secret protection method of commerce based on block chain technology in a kind of e-commerce
CN109145629A (en) * 2018-09-12 2019-01-04 方欣科技有限公司 One kind being based on electronic bill structural data message transmissions and memory technology
CN109274501A (en) * 2018-10-25 2019-01-25 广西师范大学 License block chain method for secret protection based on Proxy Signature
US10438290B1 (en) * 2018-03-05 2019-10-08 Winklevoss Ip, Llc System, method and program product for generating and utilizing stable value digital assets
CN110428334A (en) * 2019-08-09 2019-11-08 中国工商银行股份有限公司 Bill processing method and device based on block chain network
CN110473105A (en) * 2019-08-20 2019-11-19 深圳市网心科技有限公司 A kind of block chain transaction settlement method, system and relevant device
CN110545279A (en) * 2019-09-05 2019-12-06 国网区块链科技(北京)有限公司 block chain transaction method, device and system with privacy and supervision functions
CN110599137A (en) * 2019-09-16 2019-12-20 腾讯科技(深圳)有限公司 Electronic bill data processing method and device and computer equipment
CN110648229A (en) * 2019-08-07 2020-01-03 中国科学院信息工程研究所 Semi-public block chain system and transaction method
US10652019B1 (en) * 2019-08-28 2020-05-12 Qed-It Systems Ltd. Atomic swap using zero-knowledge proofs, and applications thereof
CN111314086A (en) * 2020-02-11 2020-06-19 上海宓猿信息技术有限公司 Method for implementing block chain privacy protocol
CN111861467A (en) * 2020-07-23 2020-10-30 浙江永旗区块链科技有限公司 Supply chain financial transaction privacy protection method and system
CN111971930A (en) * 2018-04-13 2020-11-20 区块链控股有限公司 Computer-implemented system and method adapted to improve instant offline blockchain transaction security

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190108517A1 (en) * 2017-10-06 2019-04-11 Allocrypt, Llc Digital currency for performing cash-equivalent transactions
SG11201903566XA (en) * 2018-11-07 2019-05-30 Alibaba Group Holding Ltd Regulating blockchain confidential transactions

Patent Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106982205A (en) * 2017-03-01 2017-07-25 中钞信用卡产业发展有限公司北京智能卡技术研究院 Digital asset treating method and apparatus based on block chain
CN108389046A (en) * 2018-02-07 2018-08-10 西安交通大学 Secret protection method of commerce based on block chain technology in a kind of e-commerce
US10438290B1 (en) * 2018-03-05 2019-10-08 Winklevoss Ip, Llc System, method and program product for generating and utilizing stable value digital assets
CN111971930A (en) * 2018-04-13 2020-11-20 区块链控股有限公司 Computer-implemented system and method adapted to improve instant offline blockchain transaction security
CN109145629A (en) * 2018-09-12 2019-01-04 方欣科技有限公司 One kind being based on electronic bill structural data message transmissions and memory technology
CN109274501A (en) * 2018-10-25 2019-01-25 广西师范大学 License block chain method for secret protection based on Proxy Signature
CN110648229A (en) * 2019-08-07 2020-01-03 中国科学院信息工程研究所 Semi-public block chain system and transaction method
CN110428334A (en) * 2019-08-09 2019-11-08 中国工商银行股份有限公司 Bill processing method and device based on block chain network
CN110473105A (en) * 2019-08-20 2019-11-19 深圳市网心科技有限公司 A kind of block chain transaction settlement method, system and relevant device
US10652019B1 (en) * 2019-08-28 2020-05-12 Qed-It Systems Ltd. Atomic swap using zero-knowledge proofs, and applications thereof
CN110545279A (en) * 2019-09-05 2019-12-06 国网区块链科技(北京)有限公司 block chain transaction method, device and system with privacy and supervision functions
CN110599137A (en) * 2019-09-16 2019-12-20 腾讯科技(深圳)有限公司 Electronic bill data processing method and device and computer equipment
CN111314086A (en) * 2020-02-11 2020-06-19 上海宓猿信息技术有限公司 Method for implementing block chain privacy protocol
CN111861467A (en) * 2020-07-23 2020-10-30 浙江永旗区块链科技有限公司 Supply chain financial transaction privacy protection method and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于区块链的军事数据云存储共享方案;张先洪;劳宪银;谭仁杨;梁海;;网络安全技术与应用(第06期);第94-97页 *

Also Published As

Publication number Publication date
CN112288434A (en) 2021-01-29

Similar Documents

Publication Publication Date Title
CN112288434B (en) Privacy transaction method, device, zero knowledge proof system and privacy transaction architecture model
EP3607728B1 (en) Methods and devices for protecting sensitive data of transaction activity based on smart contract in blockchain
US20210314313A1 (en) Certificate issuing system based on block chain
CN111737724B (en) Data processing method and device, intelligent equipment and storage medium
KR101780636B1 (en) Method for issuing certificate information and blockchain-based server using the same
CN110851870B (en) Block chain privacy protection method, system and medium based on trusted execution environment
CN109754226B (en) Data management method, device and storage medium
CN110597836B (en) Information inquiry request response method and device based on block chain network
CN115203749B (en) Data transaction method and system based on block chain
CN110599270A (en) Electronic bill generation method and device and computer equipment
CN109961288B (en) Transaction method and device based on blind signature
CN111079190A (en) Block chain supply chain transaction hiding dynamic supervision system and method
CN111461799B (en) Data processing method, data processing device, computer equipment and medium
CN112347516A (en) Asset certification method and device based on block chain
US10972349B1 (en) Cryptographic verification of data inputs for executables on a network
CN113055178B (en) Block chain system, and method, system, device and medium for transmitting numerical information
CN112163917A (en) Bill processing method, device, medium and electronic equipment based on block chain
CN110766407A (en) Transaction verification method, accounting node and medium based on block chain
CN108848089B (en) Data encryption method and data transmission system
CN112862466A (en) Resource transfer method, account settling terminal and server node
CN111144958A (en) Block chain-based electronic invoice issuing method, device and system
KR102162764B1 (en) Resource trading system based on blockchain data
CN113055177B (en) Block chain system, and method, system, device and medium for transmitting numerical information
Du et al. A Blockchain-based Online Transaction System for Physical Products Trading with Fairness, Privacy Preservation, and Auditability
Oliveira Dynamic QR codes for Ticketing Systems

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant