CN112488725B - Private authorized transfer method, device and storage medium - Google Patents

Private authorized transfer method, device and storage medium Download PDF

Info

Publication number
CN112488725B
CN112488725B CN202011565387.7A CN202011565387A CN112488725B CN 112488725 B CN112488725 B CN 112488725B CN 202011565387 A CN202011565387 A CN 202011565387A CN 112488725 B CN112488725 B CN 112488725B
Authority
CN
China
Prior art keywords
expendable
asset
authorization
authorized
warehouse
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011565387.7A
Other languages
Chinese (zh)
Other versions
CN112488725A (en
Inventor
马登极
应秋敏
王志文
吴思进
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Fuzamei Technology Co Ltd
Original Assignee
Hangzhou Fuzamei Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Fuzamei Technology Co Ltd filed Critical Hangzhou Fuzamei Technology Co Ltd
Priority to CN202011565387.7A priority Critical patent/CN112488725B/en
Publication of CN112488725A publication Critical patent/CN112488725A/en
Priority to PCT/CN2021/111850 priority patent/WO2022134612A1/en
Application granted granted Critical
Publication of CN112488725B publication Critical patent/CN112488725B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/389Keeping log of transactions for guaranteeing non-repudiation of a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Technology Law (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention provides a privacy authorization transfer method, a device and a storage medium, wherein the method comprises the following steps: generating a first privacy-authorized transfer transaction using the first expendable asset, paying the payee a second expendable asset to be authorized, and changing a third expendable asset in response to the privacy-authorized transfer command; wherein the first private authorized transfer transaction includes presence credential information for the first expendable asset, a payee public key and an authorizer public key for the second expendable asset; when the first expendable asset requires authorization, the transaction also includes its proof of authorization information; sending the first privacy authorized transfer transaction to the blockchain network for execution by the blockchain node: performing a presence verification, a double flower verification, of the first expendable asset; performing authorization verification when the first expendable asset requires authorization; when each verification passes, the first expendable asset is recorded into the expended warehouse, the second expendable asset and the third expendable asset are recorded into the expendable warehouse.

Description

Private authorized transfer method, device and storage medium
Technical Field
The application relates to the technical field of internet, in particular to a privacy authorization transfer method, equipment and a storage medium.
Background
Current blockchain privacy transfer schemes based on zero knowledge proof transfer assets directly to the payee, i.e., the payee may spend the assets directly after the transaction is successfully performed.
The above scheme has the disadvantage that the requirement of some privacy transaction scenarios requiring arbitration on the privacy transfer technical scheme requiring the authorization of the arbitrator is difficult to satisfy. For example, in an e-commerce scenario, after a payer pays, a payee should arbitrate permission at a platform side before spending the asset; or, in the auction scenario, after the winning bidder pays, the payee should pay the asset after the platform side delivers the target item and arbitrates the permission, and so on.
Disclosure of Invention
In view of the above-mentioned deficiencies or inadequacies in the prior art, it would be desirable to provide a private authorized transfer method, apparatus, and storage medium that implements a private transfer solution that requires authorization by an arbitrator.
In a first aspect, the present invention provides a private authorized transfer method suitable for a user side, wherein a block chain database is configured with a expendable warehouse for crediting expendable assets, an authorization warehouse for crediting authorized expendable assets, and a spent warehouse for crediting used expendable assets, the method includes:
generating a first privacy-authorized transfer transaction using the first expendable asset, paying the payee a second expendable asset to be authorized, and changing a third expendable asset in response to the privacy-authorized transfer command; wherein the first private authorized transfer transaction includes presence credential information for the first expendable asset, a payee public key and an authorizer public key for the second expendable asset; when the first expendable asset is a expendable asset requiring authorization, the first private authorized transfer transaction further includes proof of authorization information for the first expendable asset;
sending the first privacy authorization transfer transaction to a blockchain network for blockchain nodes to package and execute:
performing presence verification of the first expendable asset based on the presence attestation information and data attested by the expendable warehouse; and the number of the first and second groups,
performing double-flower verification of the first expendable asset according to the presence certificate information and the data certified by the expended warehouse;
when the first expendable asset is an expendable asset requiring authorization, performing authorization verification of the first expendable asset according to the authorization certification information and an authorization hash of the first expendable asset in the authorization repository;
when each verification made passes, the first expendable asset is recorded into the expended warehouse, the second expendable asset and the third expendable asset are recorded into the expendable warehouse.
The block chain node is also used for executing a first authorization transaction, verifying the signature of the corresponding authorizer private key according to the authorizer public key, and storing the authorization hash of the second expendable asset into the authorization warehouse after the verification is successful;
and the first authorized transaction is generated according to the private key signature of the authorizer in response to the authorization instruction after the terminal of the corresponding first authorizer monitors the first privacy authorized transfer transaction.
In a second aspect, the present invention provides a private authorized transfer method for blockchain nodes, wherein a block chain database is configured with a expendable warehouse for certifying expendable assets, an authorization warehouse for certifying an authorized hash of the authorized expendable assets, and an expended warehouse for certifying used expendable assets, the method comprising:
receiving a first privacy-authorized transfer transaction using the first expendable asset, paying the payee a second expendable asset for authorization, and changing a third expendable asset; wherein the first private authorized transfer transaction is generated by the first user in response to the private authorized transfer command and includes proof of presence information for the first expendable asset, a payee public key and an authorizer public key for the second expendable asset; when the first expendable asset is a expendable asset requiring authorization, the first private authorized transfer transaction further includes proof of authorization information for the first expendable asset;
performing a first privacy-authorized transfer transaction:
performing presence verification of the first expendable asset based on the presence attestation information and data attested by the expendable warehouse; and the number of the first and second groups,
performing double-flower verification of the first expendable asset according to the presence certificate information and the data certified by the expended warehouse;
when the first expendable asset is an expendable asset requiring authorization, performing authorization verification of the first expendable asset according to the authorization certification information and an authorization hash of the first expendable asset in the authorization repository;
recording the first expendable asset into the expended warehouse, the second expendable asset and the third expendable asset into the expendable warehouse when the verification passes;
executing a first authorization transaction, verifying the signature of the corresponding private key of the authorizer according to the public key of the authorizer, and storing the authorized hash of the second expendable asset into an authorization warehouse after the verification is successful; and the first authorized transaction is generated according to the private key signature of the authorized party in response to the authorization instruction after the terminal of the corresponding first authorized party monitors the first privacy authorized transfer transaction.
In a third aspect, the present invention also provides an apparatus comprising one or more processors and memory, wherein the memory contains instructions executable by the one or more processors to cause the one or more processors to perform a privacy-authorized transfer method provided in accordance with embodiments of the present invention.
In a fourth aspect, the present invention also provides a storage medium storing a computer program that causes a computer to execute the privacy-authorized transfer method provided according to the embodiments of the present invention.
According to the privacy authorized transfer method, the device and the storage medium provided by the embodiments of the invention, the authorization warehouse is configured in the block chain database, the authorization verification mechanism of zero knowledge proof is configured in the privacy transfer transaction (it is guaranteed that the expendable assets which need authorization and are not authorized can not be used), and the authorization mechanism that the arbitrator authorizes the expendable assets which need authorization in the privacy transfer transaction is configured, so that the privacy transfer technical scheme which needs the authorization of the arbitrator is finally and completely realized;
the privacy authorization transfer method, the device and the storage medium provided by some embodiments of the invention further configure a presence verification mechanism which can verify whether the expendable assets which do not need authorization really do not need authorization, thereby realizing that the expendable assets which do not need authorization verification;
the privacy authorization transfer method, the device and the storage medium provided by some embodiments of the invention further ensure the privacy of the certificate-stored data of the authorization warehouse by configuring the authorization hash of the authorization warehouse into the hash value of the corresponding certificate-stored hash;
the privacy authorized transfer method, the device and the storage medium provided by some embodiments of the invention further meet the business requirement of paying the subscription without authorization in the privacy transfer technical scheme requiring authorization of the arbitrator by simultaneously paying the expendable assets requiring authorization and the expendable assets not requiring authorization in the privacy authorized transfer transaction.
Drawings
Other features, objects and advantages of the present application will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:
fig. 1 is a flowchart of a private authorized transfer method according to an embodiment of the present invention.
Fig. 2 is a flowchart of another private authorized transfer method according to an embodiment of the present invention.
Fig. 3 is a schematic structural diagram of an apparatus according to an embodiment of the present invention.
Detailed Description
The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the present invention are shown in the drawings.
It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The present application will be described in detail below with reference to the embodiments with reference to the attached drawings.
Fig. 1 is a flowchart of a private authorized transfer method according to an embodiment of the present invention.
As shown in fig. 1, in the present embodiment, the present invention provides a privacy authorization transfer method suitable for a user side, where a costable repository for certifying a costable asset, an authorization repository for certifying an authorization hash of the authorized costable asset, and a spent repository for certifying a used costable asset are configured in a blockchain database, the method includes:
s11: generating a first privacy-authorized transfer transaction using the first expendable asset, paying the payee a second expendable asset to be authorized, and changing a third expendable asset in response to the privacy-authorized transfer command; wherein the first private authorized transfer transaction includes presence credential information for the first expendable asset, a payee public key and an authorizer public key for the second expendable asset; when the first expendable asset is a expendable asset requiring authorization, the first private authorized transfer transaction further includes proof of authorization information for the first expendable asset;
s13: sending the first privacy authorization transfer transaction to a blockchain network for blockchain nodes to package and execute:
performing presence verification of the first expendable asset based on the presence attestation information and data attested by the expendable warehouse; and the number of the first and second groups,
performing double-flower verification of the first expendable asset according to the presence certificate information and the data certified by the expended warehouse;
when the first expendable asset is an expendable asset requiring authorization, performing authorization verification of the first expendable asset according to the authorization certification information and an authorization hash of the first expendable asset in the authorization repository;
when each verification made passes, the first expendable asset is recorded into the expended warehouse, the second expendable asset and the third expendable asset are recorded into the expendable warehouse.
The block chain node is also used for executing a first authorization transaction, verifying the signature of the corresponding authorizer private key according to the authorizer public key, and storing the authorization hash of the second expendable asset into the authorization warehouse after the verification is successful;
and the first authorized transaction is generated according to the private key signature of the authorizer in response to the authorization instruction after the terminal of the corresponding first authorizer monitors the first privacy authorized transfer transaction.
It should be noted that the expendable assets in this application are similar to the UTXO model (Unspent Transaction Outputs) of BTC, and have the following characteristics:
1. each expendable asset is derived from spent expendable assets, i.e., expended assets;
2. the total amount of the expendable assets used for each transaction is equal to the total amount of the expendable assets generated, including the commission.
In this embodiment, the expendable warehouse stores each expendable asset in the merkel tree in the form of a leaf node of the merkel tree, and in further embodiments, the expendable warehouse may be configured to store each expendable asset in different data structures such as an array or a linked list according to actual needs.
The scheme is exemplarily explained below by taking an example that a user A anonymously sells an item with a selling price of 100 yuan (central row digital currency), a user B anonymously purchases the item, and two parties agree to take a second-hand item transaction platform C as an arbitrator.
In step S11, the user side of the user b generates a privacy authorized transfer transaction according to the expendable assets in the account of the user b in response to the input of the user b that performs the 100-element privacy transfer to the user a to be authorized and the privacy authorized transfer command with the platform c as the arbitrator.
Specifically, taking the example that there is expendable asset a1(180 yuan) which needs authorization and is authorized, expendable asset a2(150 yuan) which does not need authorization, expendable asset a3(200 yuan) which needs authorization and is not authorized at present in the account of user B, the following exemplary explanation takes the example that the user side of user B generates the privacy authorization transfer transaction by using expendable asset a1/a2/a3 respectively:
when the user side of user B generates a privacy authorized transfer transaction tx1 of paying the second expendable asset b1(100 yuan) requiring authorization to user A, and paying the third expendable asset b2(80 yuan) to user B using expendable asset a1(180 yuan) requiring authorization and having been authorized, tx1 includes:
presence attestation information for a costable asset a1, including tachr root MR1 corresponding to tachr leaf node L1 corresponding to a1 in the costable repository, path information for leaf node L1, a number of parameters (e.g., amount of a1, public key of authorizer of a1, signature of owner of a1, public key of owner of a1, etc.) for verifying a 1's provable hash1 stored by leaf node L1;
the proof of authorization information hash for the expendable asset a1 (hash 1);
payee public key P for costable asset b1First of allAnd the public key P of the authorizerC3
Payee public key P for costable asset b2Second step
And so on.
In step S13, the user end of user B sends the privacy authorized transfer transaction tx1 into the blockchain network.
The blockchain node receives, broadcasts, packages and executes tx1 (the present invention mainly explains how to implement authorization of private transfer transaction, and regarding the principle of how to implement private transfer, reference may be made to applications such as CN201810855508.8, CN201810855516.2, and CN201810855507.3, etc. filed by the applicant before, and reference may also be made to other private transfer schemes based on UTXO model disclosed in the art, and those skilled in the art can understand that this part of the content is not repeatedly described in the present application):
in the present embodiment, the presence verification of a1 includes:
finding the L1 and the evidence-storing hash1 stored in the L1 according to the path information of the MRs 1 and L1 in the tx1 existence evidence information;
generating a hash value hash2 according to a generation mode of the certificate-storing hash used for verifying multiple parameters of the certificate-storing hash and stored in the block chain contract in the existence certificate information of tx 1;
verify that hash2 is the same as hash 1: if not, the existence verification fails; if so, the presence verification is successful.
In this embodiment, the double flower verification of a1 includes:
generating a hash value hash3 according to the plurality of parameters in tx1 and a generated way of the spent hash stored by the chunk chain contract;
find if there is a hash3 in the spent repository: if yes, the double flower verification fails; and if not, the double flowers are successfully verified.
In the present embodiment, the authorization verification of a1 includes:
find if there is an authorization credential hash (hash1) of the expendable asset a1 already stored in tx1 in the authorization repository: if not, the authorization verification fails; if so, authorization verification is successful.
When any of the above verifications fail, tx1 fails to execute;
when all three of the above verifications pass, tx1 performed successfully, recorded hash3 into the spent warehouse, generated a provenance hash4 for expendable asset b1 and a provenance hash5 for expendable asset b2, recorded hash4 and hash5 into the expendable warehouse.
At this point, the expendable asset b1 is an unauthorized expendable asset requiring authorization, and the user terminal of user a can detect that user b paid the expendable asset b1 to user a, but temporarily failed to expend b1 (see the discussion below regarding a 3); and b2 is a expendable asset without authorization, user b can spend b2 (see the discussion below regarding a 2).
After the user side of the user A monitors that the user B pays b1 to the user A, the user A can be reminded to deliver goods;
after the user A delivers the goods, the logistics list number is provided to the third arbitrator;
the arbitrator may arbitrate based on information provided by the logistics party (e.g., determine whether the item is wrong based on the information collected by the logistics party, determine whether the item is delivered based on the logistics information, etc.):
after the article is delivered, the terminal of the arbitration party C according to the public key P of the authorization partyC3Corresponding authorizer private key pC3The signature generates an authorized transaction tx2 authorizing expendable asset b1, sending tx2 to the blockchain network.
The blockchain node receives, broadcasts, packages, and executes tx2 according to the authorizer public key PC3Verify the signature of tx 2:
if the verification is successful, an authorized hash6 of the expendable asset b1 is generated and the hash6 is stored in the authorized repository.
At this point, the expendable asset b1 is an expendable asset that needs authorization and has been authorized, and the user A may spend b 1.
When the user side of user B generates a private authorized transfer transaction tx3 that pays to user A a second expendable asset b3 (100) that requires authorization, using an unauthorized expendable asset a2 (150), and pays to user B a third expendable asset b4 (50), tx3 differs from tx1 in that authorization credential information for a2 need not be included.
In step S13, the ue of user b also sends tx3 to the blockchain network.
The blockchain node performs tx3 differently from tx1 in that authentication of a2 is not required.
The process of generating the authorized transaction tx4 by the terminal of the arbitrator C is the same as the process of generating tx2, and the process of executing tx4 by the block chain node is the same as the process of executing tx2, and the description thereof is omitted.
When the user side of user B generates a privacy authorized transfer transaction tx5 using expendable asset a3(200 yuan) that requires authorization and has not been authorized:
if tx5 marks a3 as a expendable asset requiring authorization, then a3 obviously cannot pass the authorization verification described above;
if tx5 marks a3 as a expendable asset that does not require authorization, the block link point, when executing tx5, would assume that a3 apparently does not have an authorizer public key (a3 is actually having an authorizer public key), resulting in a certain failure of the presence verification of a3 and a failure of tx5 to execute successfully.
Thus, any expendable asset that requires authorization and is not authorized cannot be expended in the above scheme.
The above embodiments take the example of the user a trading an item with the user b, and the above method is exemplarily described, and in further embodiments, the above method may also be applied to different scenarios such as user auctions/auction items (an auction organizer acts as an arbitrator).
The above embodiments are exemplarily illustrated by taking the example that the existence certification information of the first expendable asset includes the path information of the corresponding mercker tree root and leaf node, and a plurality of parameters for verifying the evidence hash, in further embodiments, when the expendable warehouse configures different data structures, a person skilled in the art may understand that the existence certification information should include the data path information of the corresponding data structure, and the plurality of parameters for verifying the evidence hash may be configured to include different parameters according to actual requirements.
It should be noted that, in this embodiment, the multiple parameters for verifying the certificate-storing hash must include the public key of the authorizer of the first expendable asset, and when the first expendable asset is the expendable asset without authorization, the public key of the authorizer of the first expendable asset is null, so that it can be realized that whether the "expendable asset without authorization" really does not need authorization is verified through the presence verification, and it is not necessary to perform authorization verification on the expendable asset without authorization;
in other embodiments, the method may further include, based on configuring the expendable repository to record authorization types (requiring authorization and not requiring authorization) of the expendable assets, and adding an authorization type verification of the first expendable asset during execution of the first privacy-authorized transfer transaction, in which case the plurality of parameters for verifying the forensic hash may not include the public key of the authorizer of the first expendable asset.
In the above embodiments, the authorization hash is taken as a hash value of the corresponding certificate-storing hash for example, and in further embodiments, the authorization hash may be configured as the corresponding certificate-storing hash according to actual requirements, or data obtained by encrypting the corresponding certificate-storing hash according to other encryption manners.
While the above embodiments have been described with the example of the first privacy-authorized transfer transaction using only one first expendable asset, in further embodiments, the first privacy-authorized transfer transaction may be configured to use multiple expendable assets simultaneously, depending on the actual requirements. Specifically, when multiple expendable assets are used simultaneously, the verification method for each expendable asset is the same as that for the first expendable asset, and the detailed description thereof is omitted here.
While the above embodiments have been described with the example of the first privacy-authorized transfer transaction paying only one payee, in further embodiments, the first privacy-authorized transfer transaction may be configured to pay multiple payees simultaneously, depending on the actual needs.
In the embodiment, the authorization warehouse is configured in the blockchain database, the authorization verification mechanism of zero knowledge proof (ensuring that expendable assets which need authorization and are not authorized can not be used) is configured in the privacy transfer transaction, and the authorization mechanism that the arbitrator authorizes the expendable assets which need authorization in the privacy transfer transaction is configured, so that the technical scheme of privacy transfer requiring authorization of the arbitrator is finally and completely realized; and the number of the first and second groups,
furthermore, the existence verification mechanism which can verify whether the expendable assets which do not need authorization really do not need authorization is configured, so that the expendable assets which do not need authorization verification; and the number of the first and second groups,
and the privacy of the certificate-storing data stored in the authorization warehouse is further ensured by configuring the authorization hash of the authorization warehouse into the hash value of the corresponding certificate-storing hash.
In a preferred embodiment, the first privacy authorizes the transfer transaction while also paying the payee a fourth expendable asset that does not require authorization.
Specifically, in some service scenarios, there is a service requirement that a part of the payment without authorization needs to be paid first, and the embodiment further satisfies the service requirement by paying the expendable assets needing authorization and the expendable assets without authorization simultaneously in the privacy authorized transfer transaction.
Fig. 2 is a flowchart of another private authorized transfer method according to an embodiment of the present invention. The method illustrated in fig. 2 may be performed in conjunction with the method illustrated in fig. 1.
As shown in fig. 2, in this embodiment, the present invention further provides a privacy authorized transfer method suitable for blockchain nodes, where a costable repository for certifying a costable asset, an authorization repository for certifying an authorized hash of the costable asset, and a spent repository for certifying a used costable asset are configured in a blockchain database, the method includes:
s21: receiving a first privacy-authorized transfer transaction using the first expendable asset, paying the payee a second expendable asset for authorization, and changing a third expendable asset; wherein the first private authorized transfer transaction is generated by the first user in response to the private authorized transfer command and includes proof of presence information for the first expendable asset, a payee public key and an authorizer public key for the second expendable asset; when the first expendable asset is a expendable asset requiring authorization, the first private authorized transfer transaction further includes proof of authorization information for the first expendable asset;
s23: performing a first privacy-authorized transfer transaction:
s231: performing presence verification of the first expendable asset based on the presence attestation information and data attested by the expendable warehouse; and the number of the first and second groups,
s233: performing double-flower verification of the first expendable asset according to the presence certificate information and the data certified by the expended warehouse;
s235: when the first expendable asset is an expendable asset requiring authorization, performing authorization verification of the first expendable asset according to the authorization certification information and an authorization hash of the first expendable asset in the authorization repository;
s237: recording the first expendable asset into the expended warehouse, the second expendable asset and the third expendable asset into the expendable warehouse when the verification passes;
s25: and executing the first authorization transaction, verifying the signature of the corresponding private key of the authorizer according to the public key of the authorizer, and storing the authorized hash of the second expendable asset into the authorization repository after the verification is successful. And the first authorized transaction is generated according to the private key signature of the authorized party in response to the authorization instruction after the terminal of the corresponding first authorized party monitors the first privacy authorized transfer transaction.
In a preferred embodiment, the proof of presence information for the first expendable asset comprises a plurality of parameters for the first expendable asset; the plurality of parameters includes an authorizer public key of the first expendable asset; when the first expendable asset is an expendable asset without authorization, the public key of the authorizer of the first expendable asset is null;
the verification of the presence of the first expendable asset includes generating a proof hash of the first expendable asset based on the public key of the authorizer of the first expendable asset and several other parameters of the plurality of parameters, and verifying whether the proof hash exists in the expendable warehouse.
In a preferred embodiment, the expendable warehouse stores each expendable asset in the Mercker tree in the form of a leaf node of the Mercker tree; the plurality of parameters further includes a root of the merck tree corresponding to a first leaf node corresponding to the first expendable asset and path information.
In a preferred embodiment, the authorization hash of the first expendable asset is a hash value of a credentialing hash of the first expendable asset.
In a preferred embodiment, the first privacy authorizes the transfer transaction while also paying the payee a fourth expendable asset that does not require authorization.
In a preferred embodiment, the first privacy authorizes the transfer transaction using multiple expendable assets simultaneously.
The privacy authorization transfer principle of the method shown in fig. 2 can refer to the method shown in fig. 1, and is not described in detail here.
Fig. 3 is a schematic structural diagram of an apparatus according to an embodiment of the present invention.
As shown in fig. 3, as another aspect, the present application also provides an apparatus 300 including one or more Central Processing Units (CPUs) 301 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)302 or a program loaded from a storage section 308 into a Random Access Memory (RAM) 303. In the RAM303, various programs and data necessary for the operation of the apparatus 300 are also stored. The CPU301, ROM302, and RAM303 are connected to each other via a bus 304. An input/output (I/O) interface 305 is also connected to bus 304.
The following components are connected to the I/O interface 305: an input portion 306 including a keyboard, a mouse, and the like; an output section 307 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 308 including a hard disk and the like; and a communication section 309 including a network interface card such as a LAN card, a modem, or the like. The communication section 309 performs communication processing via a network such as the internet. A drive 310 is also connected to the I/O interface 305 as needed. A removable medium 311 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 310 as necessary, so that a computer program read out therefrom is mounted into the storage section 308 as necessary.
In particular, according to an embodiment of the present disclosure, the method described in any of the above embodiments may be implemented as a computer software program. For example, embodiments of the present disclosure include a computer program product comprising a computer program tangibly embodied on a machine-readable medium, the computer program comprising program code for performing any of the methods described above. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 309, and/or installed from the removable medium 311.
As yet another aspect, the present application also provides a computer-readable storage medium, which may be the computer-readable storage medium included in the apparatus of the above-described embodiment; or it may be a separate computer readable storage medium not incorporated into the device. The computer readable storage medium stores one or more programs for use by one or more processors in performing the methods described in the present application.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units or modules described in the embodiments of the present application may be implemented by software or hardware. The described units or modules may also be provided in a processor, for example, each unit may be a software program provided in a computer or a mobile intelligent device, or may be a separately configured hardware device. Wherein the designation of a unit or module does not in some way constitute a limitation of the unit or module itself.
The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention herein disclosed is not limited to the particular combination of features described above, but also encompasses other arrangements formed by any combination of the above features or their equivalents without departing from the spirit of the present application. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.

Claims (12)

1. A private authorized transfer method, characterized in that a blockchain database is configured with a expendable warehouse for crediting expendable assets, an authorization warehouse for crediting an authorized hash of the authorized expendable assets, and an expended warehouse for crediting used expendable assets, the method being applicable to a user terminal, the method comprising:
generating a first privacy-authorized transfer transaction using the first expendable asset, paying the payee a second expendable asset to be authorized, and changing a third expendable asset in response to the privacy-authorized transfer command; wherein the first privacy authorized transfer transaction includes the proof of presence information for the first expendable asset, the payee public key and the authorizer public key for the second expendable asset; when the first expendable asset is an expendable asset requiring authorization, the first private authorized transfer transaction further includes proof of authorization information for the first expendable asset;
sending the first privacy authorized transfer transaction to a blockchain network for blockchain nodes to package and execute:
performing a presence verification of the first expendable asset based on the proof of presence information and data certified by the expendable warehouse; and the number of the first and second groups,
performing double-flower validation of the first expendable asset based on the proof of presence information and the data certified by the expended warehouse;
when the first expendable asset is a expendable asset requiring authorization, performing authorization verification of the first expendable asset according to the authorization certification information and an authorization hash of the first expendable asset in the authorization repository;
recording the first expendable asset into the expended warehouse, the second expendable asset and the third expendable asset into the expendable warehouse when each verification performed passes;
the block chain node is further configured to execute a first authorization transaction, verify a signature of a corresponding authorizer private key according to the authorizer public key, and store the authorized hash of the second expendable asset in the authorization repository after the verification is successful;
and the first authorized transaction is generated according to the private key signature of the authorizer in response to an authorization instruction after the terminal of the corresponding first authorizer monitors the first privacy authorized transfer transaction.
2. The method of claim 1, wherein the proof of presence information for the first expendable asset comprises a plurality of parameters for the first expendable asset;
the plurality of parameters includes an authorizer public key of the first expendable asset;
when the first expendable asset is an expendable asset without authorization, an authorizer public key of the first expendable asset is null;
the verification of the presence of the first expendable asset comprises generating a certificate-holding hash of the first expendable asset based on the first expendable asset's authorizer public key and several other parameters of the plurality of parameters, and verifying whether the certificate-holding hash exists in the expendable warehouse.
3. The method of claim 2 wherein the expendable warehouse stores each expendable asset in the merkel tree as a leaf node of the merkel tree;
the plurality of parameters further includes a root of the merkel tree corresponding to a first leaf node corresponding to the first expendable asset and path information.
4. The method of claim 2, wherein the authorized hash of the first expendable asset is a hash value of a certified hash of the first expendable asset.
5. The method of any of claims 1-4, wherein the first privacy authorizes the transfer transaction while also paying the payee a fourth expendable asset that does not require authorization.
6. A private authorized transfer method, characterized in that a blockchain database is configured with a costable repository for crediting a costable asset, an authorization repository for crediting an authorized hash of the costable asset, a spent repository for crediting a used costable asset, the method being applicable to a blockchain node, the method comprising:
receiving a first privacy-authorized transfer transaction using the first expendable asset, paying the payee a second expendable asset for authorization, and changing a third expendable asset; wherein the first private authorized transfer transaction is generated by the first user in response to the private authorized transfer command, including the proof of presence information for the first expendable asset, the payee public key and the authorizer public key for the second expendable asset; when the first expendable asset is an expendable asset requiring authorization, the first private authorized transfer transaction further includes proof of authorization information for the first expendable asset;
executing the first privacy-authorized transfer transaction:
performing a presence verification of the first expendable asset based on the proof of presence information and data certified by the expendable warehouse; and the number of the first and second groups,
performing double-flower validation of the first expendable asset based on the proof of presence information and the data certified by the expended warehouse;
when the first expendable asset is a expendable asset requiring authorization, performing authorization verification of the first expendable asset according to the authorization certification information and an authorization hash of the first expendable asset in the authorization repository;
recording the first expendable asset into the expended warehouse, the second expendable asset and the third expendable asset into the expendable warehouse when each verification performed passes;
executing a first authorization transaction, verifying the signature of the corresponding authorizer private key according to the authorizer public key, and storing the authorized hash of the second expendable asset into the authorization repository after the verification is successful; and responding to an authorization instruction after the first authorized transfer transaction is monitored by the terminal of the corresponding first authorized party, and generating the first authorized transfer transaction according to the private key signature of the authorized party.
7. The method of claim 6, wherein the proof of presence information for the first expendable asset comprises a plurality of parameters for the first expendable asset;
the plurality of parameters includes an authorizer public key of the first expendable asset;
when the first expendable asset is an expendable asset without authorization, an authorizer public key of the first expendable asset is null;
the verification of the presence of the first expendable asset comprises generating a certificate-holding hash of the first expendable asset based on the first expendable asset's authorizer public key and several other parameters of the plurality of parameters, and verifying whether the certificate-holding hash exists in the expendable warehouse.
8. The method of claim 7 wherein the expendable warehouse stores each expendable asset in the merkel tree as a leaf node of the merkel tree;
the plurality of parameters further includes a root of the merkel tree corresponding to a first leaf node corresponding to the first expendable asset and path information.
9. The method of claim 7, wherein the authorized hash of the first expendable asset is a hash value of a certified hash of the first expendable asset.
10. The method of any of claims 6-9, wherein the first privacy authorizes the transfer transaction while also paying the payee a fourth expendable asset that does not require authorization.
11. A computer device, the device comprising:
one or more processors;
a memory for storing one or more programs,
the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method recited in any of claims 1-10.
12. A storage medium storing a computer program, characterized in that the program, when executed by a processor, implements the method according to any one of claims 1-10.
CN202011565387.7A 2020-12-25 2020-12-25 Private authorized transfer method, device and storage medium Active CN112488725B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202011565387.7A CN112488725B (en) 2020-12-25 2020-12-25 Private authorized transfer method, device and storage medium
PCT/CN2021/111850 WO2022134612A1 (en) 2020-12-25 2021-08-10 Confidential authorized transfer method, device, and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011565387.7A CN112488725B (en) 2020-12-25 2020-12-25 Private authorized transfer method, device and storage medium

Publications (2)

Publication Number Publication Date
CN112488725A CN112488725A (en) 2021-03-12
CN112488725B true CN112488725B (en) 2022-04-05

Family

ID=74915611

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011565387.7A Active CN112488725B (en) 2020-12-25 2020-12-25 Private authorized transfer method, device and storage medium

Country Status (2)

Country Link
CN (1) CN112488725B (en)
WO (1) WO2022134612A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112488725B (en) * 2020-12-25 2022-04-05 杭州复杂美科技有限公司 Private authorized transfer method, device and storage medium
CN113379552A (en) * 2021-07-09 2021-09-10 杭州复杂美科技有限公司 Method for authorizing a transaction, computer device and storage medium
CN117196626B (en) * 2023-11-06 2024-02-02 北京天润基业科技发展股份有限公司 Transfer data processing method and device and electronic equipment

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3376452A1 (en) * 2017-03-15 2018-09-19 Nokia Technologies Oy Blockchain-based electronic transfer method and network
CN108876335A (en) * 2018-09-07 2018-11-23 杭州复杂美科技有限公司 A kind of management of balance method and system, equipment and storage medium
CN109034800A (en) * 2018-07-31 2018-12-18 杭州复杂美科技有限公司 A kind of privacy method of commerce, system and equipment
CN110009349A (en) * 2019-03-26 2019-07-12 阿里巴巴集团控股有限公司 The method and device of linkable ring signature is generated and verified in block chain
CN110189131A (en) * 2019-06-26 2019-08-30 阿里巴巴集团控股有限公司 The implementation method and device traded using the secret block chain of ring signatures
US10540654B1 (en) * 2018-02-12 2020-01-21 Winklevoss Ip, Llc System, method and program product for generating and utilizing stable value digital assets
CN111027973A (en) * 2019-12-04 2020-04-17 杭州复杂美科技有限公司 Transfer certificate authorization submitting method, device and storage medium

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10318938B2 (en) * 2016-02-22 2019-06-11 Bank Of America Corporation System for routing of process authorization and settlement to a user in process data network based on specified parameters
US20190318424A1 (en) * 2018-04-13 2019-10-17 Moneygram International, Inc. Systems and methods for implementing a blockchain-based money transfer
CN110163590B (en) * 2019-04-29 2021-02-19 创新先进技术有限公司 Payment withholding method and device based on block chain, electronic equipment and storage medium
US11238447B2 (en) * 2019-06-26 2022-02-01 Advanced New Technologies Co., Ltd. Blockchain transactions with ring signatures
CN111008836B (en) * 2019-11-15 2023-09-05 哈尔滨工业大学(深圳) Privacy security transfer payment method, device, system and storage medium
CN111563743B (en) * 2020-07-15 2020-11-03 百度在线网络技术(北京)有限公司 Block chain transfer processing method, device, equipment and medium
CN111988290B (en) * 2020-08-05 2022-10-14 上海交通大学 Transaction deletion method and system under user balance privacy protection and authorization supervision
CN112488725B (en) * 2020-12-25 2022-04-05 杭州复杂美科技有限公司 Private authorized transfer method, device and storage medium

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3376452A1 (en) * 2017-03-15 2018-09-19 Nokia Technologies Oy Blockchain-based electronic transfer method and network
US10540654B1 (en) * 2018-02-12 2020-01-21 Winklevoss Ip, Llc System, method and program product for generating and utilizing stable value digital assets
CN109034800A (en) * 2018-07-31 2018-12-18 杭州复杂美科技有限公司 A kind of privacy method of commerce, system and equipment
CN108876335A (en) * 2018-09-07 2018-11-23 杭州复杂美科技有限公司 A kind of management of balance method and system, equipment and storage medium
CN110009349A (en) * 2019-03-26 2019-07-12 阿里巴巴集团控股有限公司 The method and device of linkable ring signature is generated and verified in block chain
CN110189131A (en) * 2019-06-26 2019-08-30 阿里巴巴集团控股有限公司 The implementation method and device traded using the secret block chain of ring signatures
CN111027973A (en) * 2019-12-04 2020-04-17 杭州复杂美科技有限公司 Transfer certificate authorization submitting method, device and storage medium

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Towards a Novel Privacy-Preserving Access Control Model Based on Blockchain Technology in IoT;Aafaf Ouaddah 等;《Europe and MENA Cooperation Advances in Information and Communication Technologies》;20160923;第520卷;第523-533页 *
区块链系统中的分布式数据管理技术-挑战与展望;于戈 等;《计算机学报》;20191029;第42卷;第1-28页 *
基于以太坊的分层区块链架构研究;黄振业 等;《计算机应用与软件》;20200910;第37卷(第09期);第16-19页 *

Also Published As

Publication number Publication date
WO2022134612A1 (en) 2022-06-30
CN112488725A (en) 2021-03-12

Similar Documents

Publication Publication Date Title
CN110766550B (en) Asset query method and device based on block chain and electronic equipment
CN112488725B (en) Private authorized transfer method, device and storage medium
US10225076B2 (en) Splitting digital promises recorded in a blockchain
US11587008B2 (en) Workflow management via block chains
US10592985B2 (en) Systems and methods for a commodity contracts market using a secure distributed transaction ledger
US11887115B2 (en) Systems and methods to validate transactions for inclusion in electronic blockchains
CN111026789B (en) Block chain-based electronic bill query method and device and electronic equipment
US20220309505A1 (en) Reissuing obligations to preserve privacy
CN108737114A (en) A kind of endorsement method and device of the block catenary system based on quantum key distribution
CN112328689A (en) Universal asset business ecosystem based on block chain
CN112767163B (en) Block chain-based digital commodity transaction method and device
WO2021204044A1 (en) Correction of blockchain data
CN112766854B (en) Block chain-based digital commodity transaction method and device
CN112513904B (en) Digital asset transaction control method, device, terminal equipment and storage medium
US20240205019A1 (en) Universally trusted bridges for heterogenous blockchain networks
CN113706313A (en) Financing method, system and computer readable storage medium based on block chain
CN117616410A (en) Multiparty computing in a computer slicing environment
CN114708093A (en) Block chain-based digital resource processing method and device
CN112598411B (en) Method, apparatus and storage medium for revocable privacy-authorized transfer
CN115983853A (en) Client side green electricity application service method and system based on block chain and electronic equipment
CN115063244A (en) Commodity trading system and method based on carbon emission and intelligent contract
KR20230006535A (en) A privacy-preserving decentralized payment network
CA3065762C (en) Workflow management via block chains
Lisi et al. Automated responsible disclosure of security vulnerabilities
Lesavre et al. Token Design and Management Overview

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant