Disclosure of Invention
In order to solve the above problems, the present invention provides a method for recovering a blockchain HD private key, so as to solve the problem that the blockchain HD private key cannot be recovered when lost or damaged.
The invention provides a method for retrieving a blockchain HD private key, which comprises the following steps:
creating a root key and a root chain code from the random number via the root seed;
generating a key tree according to the root key, the root chain code and the path identifier, wherein the key tree comprises a plurality of pairs of keys and chain codes;
obtaining a public key address of the secret key according to the path identifier;
creating an address table according to the address and the path identifier of the corresponding public key;
searching a path identifier of a public key address corresponding to the lost service private key based on the address table;
and calculating to obtain the service private key by using the root key, the root chain code and the path identifier.
According to a specific embodiment of the present invention, the root key includes a root private key and a root public key, and the creating the root key and the root chain code from the random number via the root seed further includes:
calculating a root seed by adopting any one of HMAC-SHA512, HMAC-SHA256 and HMAC-SHA128 algorithms to obtain the root private key and the root chain code;
and calculating the root public key by adopting an asymmetric algorithm based on the root private key.
According to a specific embodiment of the present invention, the asymmetric algorithm includes any one of an RSA algorithm, an ECC algorithm, an ECDSA algorithm, an SM2 algorithm, and an SM9 algorithm.
According to a specific embodiment of the present invention, generating a key tree according to the root private key, the root chain code and the path identifier includes:
calculating the root key and the root chain code by adopting a CKD algorithm (Child Key Derivation function or called CKD function) to obtain a plurality of pairs of sub-keys and sub-chain codes;
repeating CKD calculation on the sub-key and the sub-chain code to obtain a new pair of sub-key and sub-chain code;
and generating a key tree from all the key pairs, the chain codes and the path identifiers obtained through calculation.
According to a specific embodiment of the present invention, the obtaining the public key address of the secret key according to the path identifier includes:
carrying out hash operation on the public key of the secret key to obtain a hash value of the public key;
and performing visual coding on the hash value to obtain a visual ASCII code, namely the public key address of the key.
According to a specific embodiment of the present invention, the visually encoding the hash value includes:
the visual encoding of the hash value is performed by adopting a Base58 algorithm or a Base64 algorithm.
According to a specific embodiment of the present invention, the creating an address table according to the address and the path identifier of the corresponding public key includes:
acquiring the corresponding relation between each public key address and the path identifier;
and establishing the address table according to the corresponding relation.
According to a specific embodiment of the present invention, the calculating the service private key using the root private key, the root chain code, and the path identifier includes:
and calculating the root private key, the root chain code and the path identifier by adopting a CKD algorithm to obtain a service private key.
According to the method for retrieving the blockchain HD private key, when the root private key is known, and the service key is lost or damaged, the path identifier corresponding to the public key address of the lost service private key is reversely queried through the created address table, the service private key of any node can be calculated based on the root private key, the root chain code and the path identifier, and then the lost service key is retrieved, so that ownership and punishment rights of electronic files (including electronic judicial documents) and digital assets and related operation functions are ensured.
Detailed Description
In order to make the concept and idea of the present invention more clearly understood by those skilled in the art, the present invention is described in detail with reference to specific embodiments. It is to be understood that the embodiments presented herein are only a portion of all embodiments that the invention may have. Those skilled in the art, after having read the present specification, will be able to make modifications, alterations, or substitutions to some or all of the embodiments described below, which are also within the scope of the invention as claimed.
The terms "first," "second," and the like, herein do not denote any order, quantity, or importance, but rather are used to distinguish one element from another. The terms "a," "an," and other similar words are not intended to mean that there is only one of the things, but rather that the description is directed to only one of the things, which may have one or more. In this document, the terms "comprise," "include," and other similar words are intended to denote a logical relationship, but not to be construed as implying a spatial structural relationship. For example, "a includes B" is intended to mean that logically B belongs to a, and not that spatially B is located inside a. In addition, the terms "comprising," "including," and other similar terms should be construed as open-ended, rather than closed-ended. For example, "a includes B" is intended to mean that B belongs to a, but B does not necessarily constitute all of a, and a may also include other elements such as C, D, E.
The terms "embodiment," "this embodiment," "an embodiment," "one embodiment," and the like herein do not denote that the descriptions are merely applicable to one particular embodiment, but rather denote that the descriptions are also applicable to one or more other embodiments. It will be appreciated by those skilled in the art that any descriptions of one embodiment herein may be substituted for, combined with, or otherwise combined with the descriptions of another embodiment or embodiments, such substitution, combination, or other combination resulting in a new embodiment as would be apparent to one of ordinary skill in the art and would be within the scope of this invention.
Example 1
Additional aspects and advantages of embodiments of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of embodiments of the invention.
FIG. 1 is a flow chart of a private key recovery method according to an embodiment of the invention, as shown in FIG. 1, the method comprises the following steps:
s1: creating a root key and a root chain code from the random number via the root seed;
s2: generating a key tree according to the root key, the root chain code and the path identifier, wherein the key tree comprises a plurality of pairs of keys and chain codes;
s3: obtaining a public key address of the secret key according to the path identifier;
s4: creating an address table according to the address and the path identifier of the corresponding public key;
s5: searching a path identifier of a public key address corresponding to the lost service private key based on the address table;
s6: and calculating to obtain the service private key by using the root private key, the root chain code and the path identifier.
Specifically, fig. 2 is a flowchart of a method for creating a root key and a root chain code according to an embodiment of the present invention, and as shown in fig. 2, the step S1 of creating the root key and the root chain code according to a random number via a root seed further includes:
s11: calculating a root seed by adopting any one of HMAC-SHA512, HMAC-SHA256 and HMAC-SHA128 algorithms to obtain the root private key and the root chain code;
s12: and calculating the root public key by adopting an asymmetric algorithm based on the root private key.
In this embodiment, under the condition that the root seed is known, firstly, performing hash operation on the root seed by adopting HMAC-SHA512 algorithm to generate a hash value, wherein the first half part of the hash value is a root private key, the second half part of the hash value is a root chain code, then, based on the root private key, performing operation on the root private key by adopting an asymmetric encryption algorithm to obtain a root public key, and the root private key and the root public key form a root key, so as to obtain the root key and the root chain code. Wherein the asymmetric algorithm includes, but is not limited to, RSA algorithm, ECC algorithm, ECDSA algorithm, SM2 algorithm, and SM9 algorithm.
Specifically, fig. 3 is a flowchart of a method for generating a key tree according to an embodiment of the present invention, as shown in fig. 3, the step S2 of generating a key tree according to the root key, the root chain code and the path identifier further includes:
s21: and calculating the root key and the root chain code by adopting a CKD algorithm to obtain a plurality of pairs of sub-keys and sub-chain codes.
S22: and repeating CKD calculation on the pairs of sub-keys and sub-chain codes to obtain new pairs of sub-keys and sub-chain codes.
S23: and generating a key tree from all the key pairs, the chain codes and the path identifiers obtained through calculation.
For example, the root key and the root chain code can be expanded to generate N pairs of keys and sub-chain codes through CKD algorithm, where n=2ζ, N is generally 32, and then the sub-keys and sub-chain codes of the next stage are expanded by repeating the above algorithm, so that D times are repeated, and finally a key tree with depth D is generated, where each stage includes N pairs of keys, and the root of each pair of keys is the root key, and each pair of keys corresponds to a path identifier, in other words, a unique sub-key pair and a corresponding sub-chain code can be defined and calculated by the root key pair, the root chain code and the path identifier. In practice, the leaves of the key tree are leaf keys, end point keys or service keys, the bifurcation points (including tree roots) of the key tree are bifurcation point keys, fulcrum keys or management keys (according to different application scenes, the management keys can also be used as service keys), the service keys under the management nodes can be calculated by the management private keys, the management chain codes and the path identifiers, and the root private keys, the root chain codes and the path identifiers can calculate any service keys and management keys in the whole tree (HD structure).
Specifically, fig. 4 is a flowchart of a method for obtaining a public key address according to an embodiment of the present invention, as shown in fig. 4, the step S3 of obtaining the public key address of the secret key according to the path identifier includes:
s31: carrying out hash operation on the public key of the secret key to obtain a hash value of the public key;
s32: and performing visual coding on the hash value to obtain a visual ASCII code, namely the public key address of the secret key. The hash value is visually encoded, for example, using the Base58 algorithm or the Base64 algorithm.
The public key address (also called as "node address", also called as "address" or "account number") is a visualized ASCII code generated by hash operation of the public key to be used as an external expression form of the service public key, so as to protect the privacy of the service public key. Although the public key of the business is disclosed to a certain extent, but only to the interested persons, but not to the unrelated persons, since the hash value is invisible binary, the hash value is generally subjected to visual coding operation, and the embodiment of the invention adopts the Base58 or Base64 algorithm to carry out visual coding, the visual coding operation is one-to-one reversible, that is to say, the binary input value can be converted into a visual and unique visual ASCII output value, and the input value can be restored by the output value.
Specifically, fig. 5 is a flowchart of a method for creating an address table according to an embodiment of the present invention, as shown in fig. 5, step S4 of creating the address table according to the address and the path identifier of the corresponding public key includes:
s41: acquiring the corresponding relation between each public key address and the path identifier;
s42: and establishing the address table according to the corresponding relation.
In particular, step S5 searches the path identification of the public key address corresponding to the lost service private key based on the address table,
because the path identifier is implicit to the user, and the user sees the address, the user needs to look up the corresponding path identifier reversely from the corresponding relationship between the address recorded in the address table and the path identifier by looking up the address table.
Specifically, step S6 calculates the service private key by using the root private key, the root chain code and the path identifier. The embodiment of the invention adopts an HD algorithm to calculate the root private key, the root chain code and the path identifier to obtain the service private key.
In summary, the invention searches the path identifier by creating the address table reversely, and calculates the service private key by the root private key, the root chain code and the path identifier, thereby retrieving the lost or damaged service private key, and ensuring the safety of the digital asset.
The concepts, principles and concepts of the invention have been described above in connection with specific embodiments (including examples and illustrations). It will be appreciated by those skilled in the art that embodiments of the invention are not limited to the several forms set forth above, and that after reading this specification, those skilled in the art may make any possible modifications, substitutions, and equivalents of the steps, methods, apparatuses, and components of the above embodiments, which are intended to be within the scope of the invention. The protection scope of the invention is only subject to the claims.