CN112801778B - Alliance type bad asset block chain system - Google Patents

Alliance type bad asset block chain system Download PDF

Info

Publication number
CN112801778B
CN112801778B CN202110224526.8A CN202110224526A CN112801778B CN 112801778 B CN112801778 B CN 112801778B CN 202110224526 A CN202110224526 A CN 202110224526A CN 112801778 B CN112801778 B CN 112801778B
Authority
CN
China
Prior art keywords
information
bank
asset
transaction
node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110224526.8A
Other languages
Chinese (zh)
Other versions
CN112801778A (en
Inventor
王春源
傅湘玲
杨欣勇
陈松龄
司洪超
王菲
苗丛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huarong Rongtong Beijing Technology Co ltd
Original Assignee
Huarong Rongtong Beijing Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huarong Rongtong Beijing Technology Co ltd filed Critical Huarong Rongtong Beijing Technology Co ltd
Priority to CN202110224526.8A priority Critical patent/CN112801778B/en
Publication of CN112801778A publication Critical patent/CN112801778A/en
Application granted granted Critical
Publication of CN112801778B publication Critical patent/CN112801778B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/03Credit; Loans; Processing thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • G06Q30/08Auctions

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Finance (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • General Health & Medical Sciences (AREA)
  • Accounting & Taxation (AREA)
  • Bioethics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Marketing (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Economics (AREA)
  • Development Economics (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Technology Law (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a alliance type bad asset blockchain system and a storage, privacy protection and consensus method based on the blockchain system. The method comprises the following steps: (1) a storage method for storing a hash value of picture data on a chain; (2) The privacy protection method for controlling access rights and data hiding comprises a privacy protection model for controlling access rights of organizations to various databases and a CES-based privacy data protection method, wherein signature-selective verifiable hidden privacy data are extracted through contents; (3) The method comprises the steps of setting up a VRF-based Fabric consensus optimization scheme, and controlling Leader election by setting up a Listener; the invention has the advantages that: the problem of asymmetric information and efficiency of bad asset markets is solved, privacy security of bad asset transactions is guaranteed, fabric consensus is improved, and safety and resource utilization rate of the bad asset markets can be improved.

Description

Alliance type bad asset block chain system
Technical Field
The invention relates to a blockchain, in particular to a alliance type bad asset blockchain and a storage, privacy protection and consensus method based on the blockchain, belonging to the field of blockchains.
Background
Bad assets mainly refer to financial assets which are generated in the process of developing credit business by a financial institution and cannot bring normal interest income or even hardly withdraw principal. Most of the bad assets in our country originate from banking financial institutions and national enterprises and are transferred to national property Asset Management Companies (AMC) such as huaman, xinda, great wall and the like, which are responsible for disposal. In the primary market for bad asset transactions, banks sell bad assets as bad asset owners and AMC purchases bad assets as bad asset disposers, which are often implemented based on internet platforms. In the financial mode of 'Internet+', a bank gathers network information for bad assets to conduct due investigation, estimates the value of the bad assets based on investigation results, and determines the auction price of the bad assets; AMC requires secondary reconciliation of the bad assets in order to determine their true value, ultimately proposing an auction price.
Because the internet has the problems of easy leakage, easy outdated and easy malicious tampering of data, an information sharer does not want to share core data of bad assets, and meanwhile, the information collector cannot acquire timeliness perfect information. On the internet platform, serious information asymmetry problem exists between AMC and banks, and AMC must make full secondary adjustment to bad assets, which will greatly reduce the efficiency of market transaction, resulting in slow market funds circulation and long transaction period of bad assets. In recent years, the market size of bad assets is continuously improved, national financial security is influenced, the traditional low-efficiency transaction method can not meet market demands, and a safe and efficient bad asset transaction method is required to be provided, so that the capability of digesting bad assets in the market is ensured to be larger than the capability of generating the bad assets.
Disclosure of Invention
The invention aims to design a alliance type bad asset block chain system and a storage, privacy protection and consensus method based on the block chain system so as to solve the problems of information asymmetry and efficiency in bad asset transaction. On one hand, the invention ensures safe and reliable bad asset transaction and evidence storage by virtue of the property of the blockchain; on the other hand, the lightweight storage of the alliance chain is ensured through the data storage in a chain-on-chain and chain-off mode, and the privacy safety is ensured through the design of a private information protection model and a CES-based privacy data protection method; while an improved blockchain consensus is designed for the characteristics of bad asset transactions.
The technical scheme of the invention is as follows:
a federated bad asset blockchain system, the transaction flow of which is as follows:
s1, data processing
The method comprises the steps that large file data such as pictures of bad asset packages are firstly stored in a distributed database, and are stored on a block chain after hash processing; the method comprises the steps that a due diligence investigation professional organization signs due diligence investigation information of bad assets by using a content extraction signature algorithm, then sends the signature to a bank, the bank can hide sensitive due diligence information and generate an effective extraction signature, and finally the desensitized due diligence information is sent to AMC (advanced media control) requesting access;
s2, constructing bad asset package blocks
In the present invention, the block stores bad asset pack information, comprising the following data structures:
public information: recording basic information such as asset package names, asset lists and the like, and carrying out hash processing on large file data;
private information: storing desensitized due-job investigation information and bidding information of each organization;
auction information: storing information such as the lowest bid price, auction ending time, auction state and the like, updating auction information after confirming the auction state of the asset pack, and storing the auction information in a new zone block as public information for providing data storage evidence;
S3, participating in bidding
Each AMC may participate in the auction before the end time of the asset pack auction, after submitting the bid, the bid information will restrict access as private information; the bank can inquire the bidding of all organizations, and the AMC can not inquire the bidding information of other organizations; the protection mechanism of the private information ensures privacy security in bad asset transaction;
s4, inquiring bad asset package information
The bank as the publisher of the bad asset pack has the highest rights to the asset pack; each AMC has the authority to access the public information of the bad asset pack, and when the private information of the asset pack is inquired, an application needs to be sent to a bank to obtain the private information of the asset pack after the authorization of the bank;
s5, auction information uplink
When the auction of the asset pack is finished, the maximum bid is required to be acquired so as to confirm the final transaction state; if the maximum bid is lower than the minimum bid, the transaction is considered to be failed, otherwise, the transaction is considered to be successful and the auction person and the bid price of the asset pack are updated; at this time, a new block is generated, and an updated bad asset pack is recorded;
the alliance type bad asset blockchain system is combined with an organization with bad asset purchasing qualification, and provides combined credit investigation and record auditable bad asset transaction through a blockchain technology; in the invention, the bank can define public information and private information, so as to avoid the situation of excessive leakage of bad asset information; the AMC can acquire the due-job investigation report provided by the bank, so that the resource waste of secondary full adjustment is greatly reduced; in addition, the bid information of the AMC cannot be stolen by other AMCs, the privacy security of the transaction is guaranteed, bad asset package information stored in the blockchain forms evidence of postshooting audit, and the risk of data counterfeiting is greatly improved.
The invention designs a CES-based privacy data protection method, creatively realizes privacy data protection in bad asset transaction through CES, and considers protection of data per se while realizing an access control mechanism, wherein the CES-based privacy data protection method comprises the following steps:
step1: generating a key of the Client node; in the framework of privacy data protection, all Client nodes are divided into three roles of a data Provider, a data owner Bank and a data user AMC, and the specific process of generating public keys and private keys by all Client nodes is as follows:
(1) The certificate authority selects a big prime number p, at Z p Selecting a primitive root g of prime number p in the range, if i is not equal to j and p is prime number, g i (mod p)≠g j (mod p)), defineA hash function H {0,1 }. Fwdarw.Z p
(2) The Client node selects a random number sk epsilon Z p * As a private key, calculate w=g sk (mod p), the public key is pk= { p, g, w };
step2: provider signs information; the Provider signature of the message is used as the basis for other nodes to verify the accuracy of the message, and the signing and encrypting processes are as follows:
(1) Splitting the information M to be signed into a plurality of sub-information, i.e. m=m 1 ,m 2 ,…m n Dividing the bad asset transaction into debtor information, creditor information, deposit information and prosecution information, setting CEAS for defining content extraction attribute of each sub-information, if CEAS i =0, indicating that the bank can hide the sub-information;
(2) Selecting a random number t E Z p-1 * Calculate r=g t (mod p) for any m i E M, calculate V i =H(m i ,CEAS i,r ) Calculating sigma i =(V i -sk*r)*k -1 (mod p-1), finally generating a signature σ full =<CEAS,r,Conc i∈[1,n]i >,Conc i∈[1,n]i Representing all sigma in order from 1 to n i Are connected;
(3) Uploading each sub-message to a kv database, and setting key to provider+v i Value is m i
(4) Finally, the encryption operation is executed, and Provider uses the symmetric key KP pair<σ full , Conc i∈[1,n] =V i >Symmetric encryption is carried out, and then the public key pkB of the Bank is utilized to pair K P Encryption ensures that only the corresponding Bank can decrypt the information, and finally Provider sends two encrypted messages to Bank: info= { Ekp (σ) full , Conc i∈[1,n] =V i ),E pkB (KP)};
Step3: bank extraction signature
The Bank firstly decrypts the received information, verifies the signature of the Provider, ensures the correctness of the signature, finally generates an extracted signature, and realizes the selectable hiding of the privacy information; the specific process is as follows:
(1) Bank decrypts E using its own private key pkB (K P ) Obtaining K P By K P Decryption E kpfull , Conc i∈[1,n] =V i ) Obtaining<σ full , Conc i∈[1,n] =V i >;
(2) By determining w r* r σi = g Vi (mod p) whether or not it is true, determine σ full Each sigma of (2) i Whether or not to be correct, thereby judging sigma full Wherein { p, g, w } is the public key of Provider, and w r* r σi = g sk*r* g t*σi = g sk*r+t*σi = g Vi
(3) Bank self-defines the extractable message set ANS based on CEAS content, if CEAS i =1,ANS i =1, if CEAS i =0,ANS i =0 or 1, obtaining an extractable set of messages M' from the kv database according to the ANS;
(4) Generating an extracted signature sigma Ext =<ANS,σ full >Finally, encryption is carried out, and the symmetric key K is used by the Bank B For a pair of<σ Ext , M′>Symmetric encryption is performed, then the public key pkA of the AMC is used for encrypting KB, so that only the corresponding AMC can decrypt the information, and finally the Bank sends two encrypted information to the AMC: info= { E kBExt , M′),E pkA (K B )}。
Step4: AMC verifies signature
After the AMC obtains the encrypted information of the Bank, it decrypts it and verifies the extracted signature, if the extracted signature is correct, it considers that the correct message M' is received, and the specific process is as follows:
(1) AMC decrypts E using its own private key pkA (K B ) Obtaining K B By K B Decryption E kBExt M') to give<σ Ext , M′>;
(2) Firstly, checking the correctness of ANS, if CEAS i =1,ANS i =0, then ANS is illegal, refusing to receive the message;
(3) Second, for any m j E M', calculate V j =H(m j ,CEAS j,r ) And judge w r* r σj = g Vj (mod p) whether or not;
(4) If sigma full The AMC considers that the received legal information M ', M' without tampering is a result after the Bank selectively conceals the private data from the original information M within the range allowed by the Provider.
S1, the CES-based privacy data protection method ensures that the due-job investigation professional institution, the bank and the AMC party transmit due-job investigation information under the condition that the due-job investigation professional institution, the bank and the AMC party can mutually verify; in the information transmission process, the bank can verify the signature of the due-job investigation professional, and can selectively hide part of privacy data within the allowable range of the due-job investigation professional; AMC can verify the extracted signature of the bank to receive the legitimate due diligence survey information that has not been tampered with.
The S2 is a storage method based on the blockchain, and the invention realizes the lightweight storage of the blockchain by storing large files on and off the chain aiming at the characteristic that bad assets contain large files.
If the pictures are directly stored in the block without processing, the endorsement confirmation time can be prolonged, and the maximum transaction number which can be accommodated by the block can be greatly reduced; in the invention, a bank stores picture source data into a file storage service, the service supports accessing files through a hash and provides services for an external network by adopting an HTTP protocol, and the hash value of a large file is stored on a blockchain; AMC obtains asset package data through a blockchain network, obtains a picture hash value of an asset package in a service logic layer and obtains a source file from a file storage service of a bank, so that safe transmission of a large file is ensured, and the pressure of the blockchain network is reduced; on the other hand, pictures can be reserved in the blockchain for evidence collection.
And S3 is a privacy protection model, and the privacy security in bad asset transaction is further ensured by controlling the access authority of the blockchain network node.
The principle of the private information protection model is that different access rights are divided for different data structures, and the bank controls the access rights of private information; the transaction involving the private information stores the transaction original in the side database, and uses the hash function to process the keys and values of the private information, the private information is not sent to other irrelevant nodes, the bidding of each AMC on the asset package is hidden from each other, and the bank can see all bidding data, thus realizing the protection of the private information.
Privacy protection includes two parts, namely a CES-based privacy data protection method and a privacy protection model.
Compared with Bitcoin and Etherum technologies, the alliance bad asset blockchain system is realized based on Fabric, which has an admission qualification authorization mechanism, cancels a token mechanism, can write intelligent contracts in almost any high-level language, and is more suitable for realizing financial services. In addition, based on the improved Raft consensus protocol of Fabric application, fewer than half of nodes in the network can still work normally when crashed, and meanwhile, each Peer node in the network is provided with an intelligent contract, so that higher degree of crashed fault tolerance is ensured.
Verifiable random functions are a class of pseudo-random functions that have a verification function by which a verifier can verify whether a random number was generated by a publisher without knowing the private key of the publisher.
The invention provides a VRF-based Fabric consensus optimization scheme aiming at two aspects of a consensus mechanism, wherein the VRF-based Fabric consensus scheme is a method for randomizing endorsement nodes, and the method for randomizing endorsement nodes comprises the following steps:
step1: dividing endorsement node candidate groups in all endorsement nodes, wherein one committee comprises 1 meeting length and 2-3 members, each member is from different organizations, and numbers of 1-10 are used as identifiers to distinguish different committees;
step2: the endorsement node in the candidate set generates a public key and a private key based on the elliptic curve, and specifically comprises the following steps:
(1) Selecting a base point P of an elliptic curve, wherein the order is n;
(2) Selecting a random number sk epsilon [1, n-1];
(3) Generating a pair of elliptic curve keys, wherein the private key is sk and the public key is pk=sk *P . The public key PK can be simply obtained by knowing the private key sk and the base point P, and on the contrary, the process of solving sk is extremely difficult by knowing PK and P;
Step3: the Client node generates a transaction proposal < tx, r > and sends the transaction proposal < tx, r > to the conference length of all committees, wherein tx is transaction data comprising a called chain code function name and parameters thereof, and r is a random number selected by the Client node;
step4: after receiving the proposal, the meeting-length node generates a random number value and a zero knowledge proof thereof through an identity extraction algorithm according to r and a private key sk of the node, wherein the value determines whether the committee is an endorsement node or not, and the endorsement node identity extraction algorithm is as follows:
(1) By a hash function h 1 Mapping tx to a point H on the elliptic curve, h=h 1 (tx);
(2) By a hash function h 2 Encode the input into an integer s, and s=h 2 (r*H,r*P);
(3) Calculating t= (r-s sk) mod n, v=sk H;
(4) By a hash function h 3 Points on the elliptic curve are encoded into an integer to obtain a random number value=h 3 (V) and generate a zero knowledge proof of =<V,t,s>;
(5) If hash (value)> λ*2 hashlen The committee is selected to endorse, wherein hash () is a cryptographic hash algorithm, hashlen is the output length of the hash function, λ is a artificially set threshold, and if the number of committees is 10, λ=0.2, then the probability that one transaction has no committee to endorse it is (0.2) 10 1.0240000000 e-7, i.e. there may be one transaction out of ten millions of transactions that is not endorsed, at which time the transaction may be resubmitted by setting a timer;
Step5: if the committee is determined to be selected for endorsement, the long node synchronizes data < proposal, value, proof > to other member nodes, each node executes proposal and generates an endorsement signature sig read-write set rw_set, and then generates proposal response information response < sig, rw_set, tx, PK, P, < value, proof > and PK is a public key of the endorsement node;
step6: during the message receiving time, the Client continuously collects response < sig, rw_set, tx ', PK, P, < value, proof' >, verifies endorsement signature for each response and performs endorsement node identity verification according to < PK, tx ', proof' >; finally, if more than half of the read-write sets are consistent, the client generates transaction information tx < rw_set, < sig > k >, and sends the transaction information tx < rw_set, < sig > k > to the Order cluster for the next-stage consensus after signing; the endorsement node identity verification algorithm is as follows:
(1) Tx ' is mapped to a point H ', H ' =h on the elliptic curve by a hash function H1 1 (tx′);
Calculate M 1 =t′ * H′+s′ * V′,M 2 =t′ * P+s ′* PK;
By a hash function h 2 Will M 1 、M 2 Encoded as an integer res, i.e. res=h 2 (M 1 ,M 2 );
If res=s', it indicates that the random number value is valid, and the random number value is validated, otherwise, the random number value is considered as invalid.
The consensus method is an improved Raft consensus method for randomly selecting a Leader and a Listener, and comprises the following steps:
Step1: defining a Leader node in a cluster formed by the Order nodes, which is responsible for ordering transaction information and synchronizing to other Order nodes, defining a list node, and responsible for monitoring Heartbase of the Leader, thereby deciding whether to start a new round of election; in each round of election, a new Leader and a new Listener are confirmed, if the Listener does not receive a Heartbean signal on time or the election is not carried out within 5 seconds, the new round of election is started and is responsible;
step2: when a new election starts, the Listener generates an election proposal < r > and sends the election proposal < r > to all Order nodes except the Listener, wherein r is a random number selected by the Listener;
step3: after the Order node receives the proposal, generating a random number value and a zero knowledge proof of the random number value according to r and a private key sk of the node through the identity extraction algorithm, and then generating proposal response information response < sig, PK, r, < value, proof > and PK as public keys of the Order node;
step4: during the message receiving time, the Listener continuously collects responses, and verifies sig for each response, and meanwhile performs order node identity verification through an identity verification algorithm according to < r ', PK, proof' >. Finally, the identity is confirmed by comparing the value values of the response, wherein the value with the largest value is confirmed as a new Leader, and the value with the smallest value is confirmed as a new Listener.
The verifiable random function algorithm described above needs to satisfy randomness, verifiability, and uniqueness. The randomness of the algorithm is ensured because the private key of an endorsement node or an Order node and the random number generated by a Client node or an Order node serving as a Listener are used in the calculation process; as the same data is subjected to consistent calculation to obtain a consistent result, the uniqueness of the algorithm is ensured; the verifiability of the algorithm will be analyzed as follows:
if proof is not tampered with, and tx = tx', then
H′ = H , t′ = t , V′ = V , s′ = s
M 1 = t′ * H′+s′ * V′ = t * H+s * V = t * H+sk * H = (t+sk) * H = r * H
M 2 = t′ * P+s′ * PK = t * P+s * (sk * P)= (t+s * sk) * P = r * P
Res=h 2 (M 1 ,M 2) = h 2 (r * H,r * P) =s'. If res not equal s ', proof ' =proof and tx ' =tx are not true, proof or tx has been maliciously altered, thus ensuring the verifiability of the algorithm.
According to the invention, the bad asset package information and the transaction information thereof are recorded through the blockchain, the blockchain has the characteristics of decentralization, non-tampering, safety, reliability and the like, and the bad asset transaction with high efficiency, safety and reliability can be realized by energizing the blockchain to the bad asset.
When data is stored, since bad assets often contain several GB of picture information, storing all pictures on a blockchain wastes a lot of storage space and synchronization time. The invention carries out hash processing on the picture data, stores the hash value of the picture data in a block chain, and uses an additional file storage system to store a source file.
In bad asset transaction, the invention distinguishes the data into public information, private information and auction information, and designs a privacy protection model of bad asset based on the public information, private information and auction information, which essentially controls the access rights of each organization in the network to different databases. In the model, private information of the node is hidden from outside, and access to the private information can be realized only through bank authorization. In order to further enhance privacy protection, the invention provides privacy protection for the data layer of the bad asset package, and the selective hiding of part of non-public data in the due job investigation information of the bank is realized by designing a CES-based privacy data protection method, so that any illegal actions of maliciously tampering with the original data can be verified and found.
The alliance type bad asset block chain system is realized based on Fabric, and innovations are carried out on the basis:
high fault tolerance of the network is guaranteed by applying a Raft consensus mechanism and deploying intelligent contracts at multiple nodes, which is the first application of a alliance chain based on the Raft consensus in the field of bad assets;
through a method for designing the randomized endorsement node, the random selection of the endorsement node in a non-interactive mode is realized, on one hand, the centralization degree of the endorsement node is reduced, the anti-attack capability of a blockchain network is increased, on the other hand, the randomness of a VRF algorithm is used for ensuring that all transaction requests in the blockchain network are uniformly distributed on all endorsement nodes, the resource utilization rate is improved, and in addition, the transaction processing speed can be improved through a parallel processing mode;
By designing an improved random consensus method for randomly selecting a Leader and a Listener, random and reliable random consensus is realized. In the improved method of the Raft consensus, when no election occurs in a shorter fixed time or a Heartbean signal is received by a Listener (head crashing) in time, the Leader and the corresponding Listener are randomly reselected through VRF, so that the randomness of the Leader and the security of the blockchain network are ensured.
The beneficial effects of the invention are as follows: the problems of information asymmetry and efficiency between the bank and the AMC are solved. The AMC can perform secondary adjustment based on due-job investigation data in the bad asset pack information, so that resource waste is greatly reduced, bidding information and asset circulation information on the blockchain are stored, and inspection cost is reduced. Advantages and innovations of the present invention are embodied in the following aspects: firstly, the invention provides a Fabric consensus optimization scheme based on VRF, which improves the resource utilization rate and avoids huge resource waste caused by PoW consensus and possible Order attack in the traditional Raft consensus mechanism; secondly, the invention reduces the waste of storage space and synchronization time by using a mode of storing the large file hash on the chain; in addition, the invention provides a privacy protection model of the bad asset and a CES-based privacy data protection method, which ensure the safe access to the private information of the bad asset. And finally, performing pressure test on the query and invoke interfaces of the alliance chain network, wherein the results show that the throughput of the query and invoke interfaces is 168RPS and 22RPS respectively, and the application requirements are met.
The invention is further described below with reference to the drawings and examples.
Drawings
FIG. 1 is a main flow diagram of a federated bad asset blockchain system in accordance with embodiments of the present invention;
FIG. 2 is a schematic diagram of large file storage according to an embodiment of the present invention;
FIG. 3 is a diagram of a private information protection (privacy protection method, and CES-based privacy data protection method, respectively) model according to an embodiment of the present invention;
FIG. 4 is a network architecture diagram of VRF-based Fabric consensus optimization in accordance with an embodiment of the present invention.
Detailed Description
The following description of the preferred embodiments of the present invention is provided for the purpose of illustration and explanation only and is not intended to limit the present invention.
Examples
As shown in fig. 1, a federated bad asset blockchain system has a transaction flow as follows:
s1, data processing
The method comprises the steps that large file data such as pictures of bad asset packages are firstly stored in a distributed database, and are stored on a block chain after hash processing; the method comprises the steps that a due diligence investigation professional organization signs due diligence investigation information of bad assets by using a Content Extraction Signature (CES) algorithm, then sends the signature to a bank, the bank can hide (but not tamper) sensitive due diligence information, an effective extraction signature is generated, and finally the desensitized due diligence information is sent to AMC (advanced media control system) which requests access;
S2, constructing bad asset package blocks
In the present invention, the block stores bad asset pack information, comprising the following data structures:
public information: recording basic information such as asset package names, asset lists and the like, and carrying out hash processing on large file data;
private information: storing desensitized due-job investigation information and bidding information of each organization;
auction information: storing information such as the lowest bid price, auction ending time, auction state and the like, updating auction information after confirming the auction state of the asset pack, and storing the auction information in a new zone block as public information for providing data storage evidence;
s3, participating in bidding
Each AMC may participate in the auction before the end time of the asset pack auction, after submitting the bid, the bid information will restrict access as private information; the bank can inquire the bidding of all organizations, and the AMC can not inquire the bidding information of other organizations; the protection mechanism of the private information ensures privacy security in bad asset transaction;
s4, inquiring bad asset package information
The bank as the publisher of the bad asset pack has the highest rights to the asset pack; each AMC has the authority to access the public information of the bad asset pack, and when the private information of the asset pack is inquired, an application needs to be sent to a bank to obtain the private information of the asset pack after the authorization of the bank;
S5, auction information uplink
When the auction of the asset pack is finished, the maximum bid is required to be acquired so as to confirm the final transaction state; if the maximum bid is lower than the minimum bid, the transaction is considered to be failed, otherwise, the transaction is considered to be successful and the auction person and the bid price of the asset pack are updated; at this time, a new block is generated, and an updated bad asset pack is recorded;
the alliance type bad asset blockchain system is combined with an organization with bad asset purchasing qualification, and provides combined credit investigation and record auditable bad asset transaction through a blockchain technology; in the invention, the bank can define public information and private information, so as to avoid the situation of excessive leakage of bad asset information; the AMC can acquire the due-job investigation report (part of public information) provided by the bank, so that the resource waste of secondary full adjustment is greatly reduced; in addition, the bid information of the AMC cannot be stolen by other AMCs, the privacy security of the transaction is guaranteed, bad asset package information stored in the blockchain forms evidence of postshooting audit, and the risk of data counterfeiting is greatly improved.
The invention designs a CES-based privacy data protection method (one of privacy protection methods), creatively realizes privacy data protection in bad asset transaction through CES, and considers protection of data per se while realizing an access control mechanism, wherein the CES-based privacy data protection method comprises the following steps:
Step1: generating a key of the Client node; in the framework of privacy data protection, all Client nodes are divided into three roles of a data Provider (due diligence professional organization), a data owner Bank (Bank) and a data user AMC (AMC), and the specific processes of all Client nodes are as follows:
(1) The certificate authority selects a big prime number p, at Z p Selecting a primitive root g of prime number p (if i.noteq.j, p is prime number g) i (mod p)≠g j (mod p)), a hash function H: {0,1} → Z is defined p
(2) The Client node selects a random number sk epsilon Z p * As a private key, calculate w=g sk (mod p), the public key is pk= { p, g, w };
step2: provider signs information; the Provider signature of the message is used as the basis for other nodes to verify the accuracy of the message, and the signing and encrypting processes are as follows:
(1) Splitting the information M to be signed into a plurality of sub-information, i.e. m=m 1 ,m 2 ,…m n The bad asset transaction can be divided into (debtor information, right information, deposit information, complaint information), and CEAS is provided for defining the content extraction attribute of each sub-information, if CEAS i =0, indicating that the bank can hide the sub-information;
(2) Selecting a random number t E Z p-1 * Calculate r=g t (mod p) for any m i E M, calculate V i =H(m i ,CEAS i,r ) Calculating sigma i =(V i -sk*r)*k -1 (mod p-1), finally generating a signature σ full =<CEAS,r,Conc i∈[1,n]i >,Conc i∈[1,n]i Representing all sigma in order from 1 to n i Are connected;
(3) Uploading each sub-message to a kv database, and setting key to provider+v i Value is m i
(4) Finally, the encryption operation is executed, and Provider uses the symmetric key KP pair<σ full , Conc i∈[1,n] =V i >Symmetric encryption is carried out, and then the public key pkB of the Bank is utilized to pair K P Encryption ensures that only the corresponding Bank can decrypt the information, and finally Provider sends two encrypted messages to Bank: info= { Ekp (σ) full , Conc i∈[1,n] =V i ),E pkB (KP)};
Step3: bank extraction signature
The Bank firstly decrypts the received information, verifies the signature of the Provider, ensures the correctness of the signature, finally generates an extracted signature, and realizes the selectable hiding of the privacy information; the specific process is as follows:
(1) Bank decrypts E using its own private key pkB (K P ) Obtaining K P By K P Decryption E kpfull , Conc i∈[1,n] =V i ) Obtaining<σ full , Conc i∈[1,n] =V i >;
(2) By determining w r* r σi = g Vi (mod p) whether or not it is true, determine σ full Each sigma of (2) i Whether or not to be correct, thereby judging sigma full Wherein { p, g, w } is the public key of Provider, and w r* r σi = g sk*r* g t*σi = g sk*r+t*σi = g Vi
(3) Bank self-defines the extractable message set ANS based on CEAS content, if CEAS i =1,ANS i =1, if CEAS i =0,ANS i =0 or 1, obtaining an extractable set of messages M' from the kv database according to the ANS;
(4) Generating an extracted signature sigma Ext =<ANS,σ full >Finally, encryption is carried out, and the symmetric key K is used by the Bank B For a pair of<σ Ext , M′>Symmetric encryption is performed, then the public key pkA of the AMC is used for encrypting KB, so that only the corresponding AMC can decrypt the information, and finally the Bank sends two encrypted information to the AMC: info= { E kBExt , M′),E pkA (K B )}。
Step4: AMC verifies signature
After the AMC obtains the encrypted information of the Bank, it decrypts it and verifies the extracted signature, if the extracted signature is correct, it considers that the correct message M' is received, and the specific process is as follows:
(1) AMC decrypts E using its own private key pkA (K B ) Obtaining K B By K B Decryption E kBExt M') to give<σ Ext , M′>;
(2) Firstly, checking the correctness of ANS, if CEAS i =1,ANS i =0, then ANS is illegal, refusing to receive the message;
(3) Second, for any m j E M', calculate V j =H(m j ,CEAS j,r ) And judge w r* r σj = g Vj (mod p) whether or not;
(4) If sigma full The AMC considers that the received legal information M ', M' without tampering is a result after the Bank selectively conceals the private data from the original information M within the range allowed by the Provider.
S1, the CES-based privacy data protection method ensures that the due-job investigation professional institution, the bank and the AMC party transmit due-job investigation information under the condition that the due-job investigation professional institution, the bank and the AMC party can mutually verify; in the information transmission process, the bank can verify the signature of the due-job investigation professional, and can selectively hide part of privacy data within the allowable range of the due-job investigation professional; AMC can verify the extracted signature of the bank to receive the legitimate due diligence survey information that has not been tampered with.
The S2 is a storage method based on the blockchain, and the invention realizes the lightweight storage of the blockchain by storing large files on and off the chain aiming at the characteristic that bad assets contain large files.
If the pictures are directly stored in the block without processing, the endorsement confirmation time can be prolonged, and the maximum transaction number which can be accommodated by the block can be greatly reduced; in the present invention, as shown in fig. 2, which is a schematic diagram of storing large files, a bank stores the picture source data in a file storage service, the service supports accessing files through a hash and providing services to an external network by adopting an HTTP protocol, and the hash value of the large file is stored on a blockchain; AMC obtains asset package data through a blockchain network, obtains a picture hash value of an asset package in a service logic layer and obtains a source file from a file storage service of a bank, so that safe transmission of a large file is ensured, and the pressure of the blockchain network is reduced; on the other hand, pictures can be reserved in the blockchain for evidence collection.
And S3 is a privacy protection model, and the privacy security in bad asset transaction is further ensured by controlling the access authority of the blockchain network node.
FIG. 3 is a private information protection model diagram (second privacy protection method) based on the principle that different access rights are divided for different data structures, and the bank controls the access rights of private information; the transaction involving the private information stores the transaction original in the side database, and uses the hash function to process the keys and values of the private information, the private information is not sent to other irrelevant nodes, the bidding of each AMC on the asset package is hidden from each other, and the bank can see all bidding data, thus realizing the protection of the private information.
Privacy protection includes two parts, namely a CES-based privacy data protection method (one of the privacy protection methods) and a privacy protection model (the second privacy protection method).
Compared with Bitcoin and Etherum technologies, the alliance bad asset blockchain system is realized based on Fabric, which has an admission qualification authorization mechanism, cancels a token mechanism, can write intelligent contracts in almost any high-level language, and is more suitable for realizing financial services. In addition, based on the improved Raft consensus protocol of Fabric application, fewer than half of nodes in the network can still work normally when crashed, and meanwhile, each Peer node in the network is provided with an intelligent contract, so that higher degree of crashed fault tolerance is ensured.
Verifiable Random Functions (VRFs) are a class of pseudo-random functions with verification functions by which a verifier can verify whether a random number was generated by a publisher without knowing the private key of the publisher.
The invention provides a VRF-based Fabric consensus optimization scheme (the Fabric consensus scheme comprises two aspects (steps), wherein the VRF-based Fabric consensus optimization scheme is respectively provided for the two aspects of consensus, namely a method for randomizing endorsement nodes (Peer nodes), an improved random consensus method for randomly selecting a Leader and a Listener, and a Fabric consensus optimization scheme based on VRF, and the VRF-based Fabric consensus scheme is a method for randomizing endorsement nodes (Peer nodes), and the method for randomizing endorsement nodes comprises the following steps:
step1: dividing endorsement node candidate groups (committees) among all endorsement nodes (candidate sets), wherein one committee comprises 1 meeting-length and 2-3 members, each member is from different organizations, and numbers of 1-10 are used as identifiers to distinguish different committees;
Step2: the endorsement node in the candidate set generates a public key and a private key based on the elliptic curve, and specifically comprises the following steps:
(1) Selecting a base point P of an elliptic curve, wherein the order is n;
(2) Selecting a random number sk epsilon [1, n-1];
(3) Generating a pair of elliptic curve keys, wherein the private key is sk and the public key is pk=sk *P . The public key PK can be simply obtained by knowing the private key sk and the base point P, and on the contrary, the process of solving sk is extremely difficult by knowing PK and P;
step3: the Client node generates a transaction proposal < tx, r > and sends the transaction proposal < tx, r > to the conference length of all committees, wherein tx is transaction data comprising a called chain code function name and parameters thereof, and r is a random number selected by the Client node;
step4: after receiving the proposal, the meeting-length node generates a random number value and a zero knowledge proof thereof through an identity extraction algorithm according to r and a private key sk of the node, wherein the value determines whether the committee is an endorsement node or not, and the endorsement node identity extraction algorithm is as follows:
(1) By a hash function h 1 Mapping tx to a point H on the elliptic curve, h=h 1 (tx);
(2) General purpose medicineOverspray function h 2 Encode the input into an integer s, and s=h 2 (r*H,r*P);
(3) Calculating t= (r-s sk) mod n, v=sk H;
(4) By a hash function h 3 Points on the elliptic curve are encoded into an integer to obtain a random number value=h 3 (V) and generate a zero knowledge proof of =<V,t,s>;
(5) If hash (value)> λ*2 hashlen The committee is selected to endorse, wherein hash () is a cryptographic hash algorithm, hashlen is the output length of the hash function, λ is a artificially set threshold, and if the number of committees is 10, λ=0.2, then the probability that one transaction has no committee to endorse it is (0.2) 10 1.0240000000 e-7, i.e. there may be one transaction out of ten millions of transactions that is not endorsed, at which time the transaction may be resubmitted by setting a timer;
step5: if the committee is determined to be selected for endorsement, the long node synchronizes data < proposal, value, proof > to other member nodes, each node executes proposal and generates an endorsement signature sig read-write set rw_set, and then generates proposal response information response < sig, rw_set, tx, PK, P, < value, proof > and PK is a public key of the endorsement node;
step6: during the message receiving time, the Client continuously collects response < sig, rw_set, tx ', PK, P, < value, proof' >, verifies endorsement signature for each response and performs endorsement node identity verification according to < PK, tx ', proof' >; finally, if more than half of the read-write sets are consistent, the client generates transaction information tx < rw_set, < sig > k >, and sends the transaction information tx < rw_set, < sig > k > to the Order cluster for the next-stage consensus after signing; the endorsement node identity verification algorithm is as follows:
(1) Tx ' is mapped to a point H ', H ' =h on the elliptic curve by a hash function H1 1 (tx′);
Calculate M 1 =t′ * H′+s′ * V′,M 2 =t′ * P+s ′* PK;
By a hash function h 2 Will M 1 、M 2 Encoded as an integer res, i.e. res=h 2 (M 1 ,M 2 );
If res=s', it indicates that the random number value is valid, and the random number value is validated, otherwise, the random number value is considered as invalid.
The consensus method is an improved Raft consensus method for randomly selecting a Leader and a Listener, and comprises the following steps:
step1: defining a Leader node in a cluster formed by the Order nodes, which is responsible for ordering transaction information and synchronizing to other Order nodes, defining a list node, and responsible for monitoring Heartbase of the Leader, thereby deciding whether to start a new round of election; in each round of election, a new Leader and a new Listener are confirmed, if the Listener does not receive a Heartbean signal on time or the election is not carried out within 5 seconds, the new round of election is started and is responsible;
step2: when a new election starts, the Listener generates an election proposal < r > and sends the election proposal < r > to all Order nodes except the Listener, wherein r is a random number selected by the Listener;
step3: after the Order node receives the proposal, generating a random number value and a zero knowledge proof of the random number value according to r and a private key sk of the node through the identity extraction algorithm, and then generating proposal response information response < sig, PK, r, < value, proof > and PK as public keys of the Order node;
Step4: during the message receiving time, the Listener continuously collects responses, and verifies sig for each response, and meanwhile performs order node identity verification through an identity verification algorithm according to < r ', PK, proof' >. Finally, the identity is confirmed by comparing the value values of the response, wherein the value with the largest value is confirmed as a new Leader, and the value with the smallest value is confirmed as a new Listener.
The verifiable random function algorithm described above needs to satisfy randomness, verifiability, and uniqueness. The randomness of the algorithm is ensured because the private key of an endorsement node (or an Order node) and the random number generated by a Client node (or the Order node serving as a Listener) are used in the calculation process; as the same data is subjected to consistent calculation to obtain a consistent result, the uniqueness of the algorithm is ensured; the verifiability of the algorithm will be analyzed as follows:
if proof is not tampered with, and tx = tx', then
H′ = H , t′ = t , V′ = V , s′ = s
M 1 = t′ * H′+s′ * V′ = t * H+s * V = t * H+sk * H = (t+sk) * H = r * H
M 2 = t′ * P+s′ * PK = t * P+s * (sk * P)= (t+s * sk) * P = r * P
Res=h 2 (M 1 ,M 2) = h 2 (r * H,r * P) =s'. If res not equal s ', proof ' =proof and tx ' =tx are not true, proof or tx has been maliciously altered, thus ensuring the verifiability of the algorithm.
FIG. 4 is a network block diagram of the VRF-based Fabric consensus optimization scheme of the present invention. The network consists of M due diligence specialized institutions, N Client nodes, N Order nodes and 3N Peer nodes, wherein the N Order nodes and the 3N Peer nodes are organized together, and each Order node forms a cluster through a shift consensus protocol. Wherein, part of Order nodes take on the role of Leader, listener, part of peers take on the role of meeting when taking on endorsement function, and members in the committee come from different organizations.

Claims (6)

1. A federated bad asset blockchain system, characterized by: the transaction flow of the alliance type bad asset block chain system is as follows:
s1, data processing
Firstly, storing bad asset package large file data in a distributed database, and storing the bad asset package large file data on a block chain after hash processing; the method comprises the steps that a due diligence investigation professional organization signs due diligence investigation information of bad assets by using a content extraction signature algorithm, then sends the signature to a bank, the bank can hide sensitive due diligence information and generate an effective extraction signature, and finally the desensitized due diligence information is sent to AMC (advanced media control) requesting access;
s2, constructing bad asset package blocks
The block stores bad asset pack information, including the following data structures:
public information: recording asset package basic information and hash-processed large file data;
private information: storing desensitized due-job investigation information and bidding information of each organization;
auction information: storing the lowest bid price, auction ending time and auction state information, updating the auction information after the status confirmation of the asset pack auction and storing the auction information in a new zone block as public information for providing data storage evidence;
s3, participating in bidding
Each AMC may participate in the auction before the end time of the asset pack auction, after submitting the bid, the bid information will restrict access as private information; the bank can inquire the bidding of all organizations, and the AMC can not inquire the bidding information of other organizations; the protection mechanism of the private information ensures privacy security in bad asset transaction;
s4, inquiring bad asset package information
The bank as the publisher of the bad asset pack has the highest rights to the asset pack; each AMC has the authority to access the public information of the bad asset pack, and when the private information of the asset pack is inquired, an application needs to be sent to a bank to obtain the private information of the asset pack after the authorization of the bank;
s5, auction information uplink
When the auction of the asset pack is finished, the maximum bid is required to be acquired so as to confirm the final transaction state; if the maximum bid is lower than the minimum bid, the transaction is considered to be failed, otherwise, the transaction is considered to be successful and the auction person and the bid price of the asset pack are updated; at this time, a new block is generated, and an updated bad asset pack is recorded;
the alliance type bad asset blockchain system is combined with an organization with bad asset purchasing qualification, and provides combined credit investigation and record auditable bad asset transaction through a blockchain technology.
2. The federated bad asset blockchain system of claim 1, wherein: the S1 is a CES-based privacy data protection method, which comprises the following steps:
step1: generating a key of the Client node; in the framework of privacy data protection, all Client nodes are divided into three roles of a data Provider, a data owner Bank and a data user AMC, and the specific process of generating public keys and private keys by all Client nodes is as follows:
(1) The certificate authority selects a big prime number p, at Z p Selecting a primitive root g of prime number p in the range, if i is not equal to j and p is prime number, g i (mod p)≠g j (mod p) defining a hash function H {0,1} → Z p
(2) The Client node selects a random number sk epsilon Z p * As a private key, calculate w=g sk (mod p), the public key is pk= { p, g, w };
step2: provider signs information; the Provider signature of the message is used as the basis for other nodes to verify the accuracy of the message, and the signing and encrypting processes are as follows:
(1) Splitting the information M to be signed into a plurality of sub-information, i.e. m=m 1 ,m 2 ,…m n Dividing the bad asset transaction into debtor information, creditor information, deposit information and prosecution information, setting CEAS for defining content extraction attribute of each sub-information, if CEAS i =0, indicating that the bank can hide the sub-information;
(2) Selecting a random number t E Z p-1 * Calculate r=g t (mod p) for any m i E M, calculate V i =H(m i ,CEAS i,r ) Calculating sigma i =(V i -sk*r)*k -1 (mod p-1), finally generating a signature σ full =<CEAS,r,Conc i∈[1,n]i >,Conc i∈[1,n]i Representing all sigma in order from 1 to n i Are connected;
(3) Uploading each sub-message to a kv database, and setting key to provider+v i Value is m i
(4) Finally, the encryption operation is executed, and Provider uses the symmetric key KP pair<σ full , Conc i∈[1,n] =V i >Symmetric encryption is carried out, and then the public key pkB of the Bank is utilized to pair K P Encryption ensures that only the corresponding Bank can decrypt the information, and finally Provider sends two encrypted messages to Bank: info= { Ekp (σ) full , Conc i∈[1,n] =V i ),E pkB (KP)};
Step3: bank extraction signature
The Bank firstly decrypts the received information, verifies the signature of the Provider, ensures the correctness of the signature, finally generates an extracted signature, and realizes the selectable hiding of the privacy information; the specific process is as follows:
(1) Bank decrypts E using its own private key pkB (K P ) Obtaining K P By K P Decryption E kpfull , Conc i∈[1,n] =V i ) Obtaining<σ full , Conc i∈[1,n] =V i >;
(2) By determining w r* r σi = g Vi (mod p) whether or not it is true, determine σ full Each sigma of (2) i Whether or not to be correct, thereby judging sigma full Wherein { p, g, w } is the public key of Provider, and w r* r σi = g sk*r* g t*σi = g sk*r+t*σi = g Vi
(3) Bank self-defines the extractable message set ANS based on CEAS content, if CEAS i =1,ANS i =1, if CEAS i =0,ANS i =0 or 1, obtaining an extractable set of messages M' from the kv database according to the ANS;
(4) Generating an extracted signature sigma Ext =<ANS,σ full >Finally, encryption is carried out, and the symmetric key K is used by the Bank B For a pair of<σ Ext , M′>Symmetric encryption is performed, then the public key pkA of the AMC is used for encrypting KB, so that only the corresponding AMC can decrypt the information, and finally the Bank sends two encrypted information to the AMC: info= { E kBExt , M′),E pkA (K B )};
Step4: AMC verifies signature
After the AMC obtains the encrypted information of the Bank, it decrypts it and verifies the extracted signature, if the extracted signature is correct, it considers that the correct message M' is received, and the specific process is as follows:
(1) AMC decrypts E using its own private key pkA (K B ) Obtaining K B By K B Decryption E kBExt M') to give<σ Ext , M′>;
(2) Firstly, checking the correctness of ANS, if CEAS i =1,ANS i =0, then ANS is illegal, refusing to receive the message;
(3) Second, for any m j E M', calculate V j =H(m j ,CEAS j,r ) And judge w r* r σj = g Vj (mod p) whether or not;
(4) If sigma full The AMC considers that the received legal information M ', M' without tampering is a result after the Bank selectively conceals the private data from the original information M within the range allowed by the Provider.
3. The federated bad asset blockchain system of claim 1, wherein: s2 is a storage method based on the block chain;
The bank stores the picture source data into a file storage service, the service supports accessing files through a hash and providing services for an external network by adopting an HTTP protocol, and the hash value of a large file is stored on a blockchain; the AMC acquires asset package data through a blockchain network, acquires a picture hash value of the asset package in a service logic layer and acquires a source file from a file storage service of a bank.
4. The federated bad asset blockchain system of claim 1, wherein: s3 is a privacy protection model; the private information protection model divides different access rights to different data structures, and the bank controls the access rights of the private information; the transaction involving the private information stores the transaction original in the side database, and uses the hash function to process the keys and values of the private information, the private information is not sent to other irrelevant nodes, the bidding of each AMC on the asset package is hidden from each other, and the bank can see all bidding data, thus realizing the protection of the private information.
5. The federated bad asset blockchain system of claim 1, wherein: the alliance type bad asset block chain system comprises a VRF-based Fabric consensus scheme, and is a method for randomizing endorsement nodes, wherein the method for randomizing endorsement nodes comprises the following steps:
Step1: dividing endorsement node candidate groups in all endorsement nodes, wherein one committee comprises 1 meeting length and 2-3 members, each member is from different organizations, and numbers of 1-10 are used as identifiers to distinguish different committees;
step2: the endorsement node in the candidate set generates a public key and a private key based on the elliptic curve, and specifically comprises the following steps:
(1) Selecting a base point P of an elliptic curve, wherein the order is n;
(2) Selecting a random number sk epsilon [1, n-1];
(3) Generating a pair of elliptic curve keys, wherein the private key is sk and the public key is pk=sk *P The method comprises the steps of carrying out a first treatment on the surface of the The public key PK can be simply obtained by knowing the private key sk and the base point P, and on the contrary, the process of solving sk is extremely difficult by knowing PK and P;
step3: the Client node generates a transaction proposal < tx, r > and sends the transaction proposal < tx, r > to the conference length of all committees, wherein tx is transaction data comprising a called chain code function name and parameters thereof, and r is a random number selected by the Client node;
step4: after receiving the proposal, the meeting-length node generates a random number value and a zero knowledge proof thereof through an identity extraction algorithm according to r and a private key sk of the node, wherein the value determines whether the committee is an endorsement node or not, and the endorsement node identity extraction algorithm is as follows:
(1) By a hash function h 1 Mapping tx to a point H on the elliptic curve, h=h 1 (tx);
(2) By means of a hash functionh 2 Encode the input into an integer s, and s=h 2 (r*H,r*P);
(3) Calculating t= (r-s sk) mod n, v=sk H;
(4) By a hash function h 3 Points on the elliptic curve are encoded into an integer to obtain a random number value=h 3 (V) and generate a zero knowledge proof of =<V,t,s>;
(5) If hash (value)> λ*2 hashlen The committee is selected to endorse, wherein hash () is a cryptographic hash algorithm, hashlen is the output length of the hash function, λ is a artificially set threshold, and if the number of committees is 10, λ=0.2, then the probability that one transaction has no committee to endorse it is (0.2) 10 1.0240000000 e-7, i.e. there may be one transaction out of ten millions of transactions that is not endorsed, at which time the transaction may be resubmitted by setting a timer;
step5: if the committee is determined to be selected for endorsement, the long node synchronizes data < proposal, value, proof > to other member nodes, each node executes proposal and generates an endorsement signature sig read-write set rw_set, and then generates proposal response information response < sig, rw_set, tx, PK, P, < value, proof > and PK is a public key of the endorsement node;
step6: during the message receiving time, the Client continuously collects response < sig, rw_set, tx ', PK, P, < value, proof' >, verifies endorsement signature for each response and performs endorsement node identity verification according to < PK, tx ', proof' >; finally, if more than half of the read-write sets are consistent, the client generates transaction information tx < rw_set, < sig > k >, and sends the transaction information tx < rw_set, < sig > k > to the Order cluster for the next-stage consensus after signing; the endorsement node identity verification algorithm is as follows:
(1) Tx ' is mapped to a point H ', H ' =h on the elliptic curve by a hash function H1 1 (tx′);
Calculate M 1 =t′ * H′+s′ * V′,M 2 =t′ * P+s ′* PK;
By a hash function h 2 Will M 1 、M 2 Encoded as a wholeNumber res, i.e. res=h 2 (M 1 ,M 2 );
If res=s', it indicates that the random number value is valid, and the random number value is validated, otherwise, the random number value is considered as invalid.
6. The federated bad asset blockchain system of claim 5, wherein: the consensus method of the alliance type bad asset block chain system is an improved Raft consensus method for randomly selecting a Leader and a Listener, and comprises the following steps of:
step1: defining a Leader node in a cluster formed by the Order nodes, which is responsible for ordering transaction information and synchronizing to other Order nodes, defining a list node, and responsible for monitoring Heartbase of the Leader, thereby deciding whether to start a new round of election; in each round of election, a new Leader and a new Listener are confirmed, if the Listener does not receive a Heartbean signal on time or the election is not carried out within 5 seconds, the new round of election is started and is responsible;
step2: when a new election starts, the Listener generates an election proposal < r > and sends the election proposal < r > to all Order nodes except the Listener, wherein r is a random number selected by the Listener;
step3: after the Order node receives the proposal, generating a random number value and a zero knowledge proof thereof through the identity extraction algorithm according to r and a private key sk of the node, and then generating proposal response information response < sig, PK, r, < value, proof > and PK as a public key of the Order node;
Step4: during the message receiving time, the Listener continuously collects response, and verifies sig for each response, and meanwhile, performs order node identity verification through an identity verification algorithm according to < r ', PK, proof' >; finally, the identity is confirmed by comparing the value values of the response, wherein the value with the largest value is confirmed as a new Leader, and the value with the smallest value is confirmed as a new Listener.
CN202110224526.8A 2021-03-01 2021-03-01 Alliance type bad asset block chain system Active CN112801778B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110224526.8A CN112801778B (en) 2021-03-01 2021-03-01 Alliance type bad asset block chain system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110224526.8A CN112801778B (en) 2021-03-01 2021-03-01 Alliance type bad asset block chain system

Publications (2)

Publication Number Publication Date
CN112801778A CN112801778A (en) 2021-05-14
CN112801778B true CN112801778B (en) 2024-04-09

Family

ID=75815540

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110224526.8A Active CN112801778B (en) 2021-03-01 2021-03-01 Alliance type bad asset block chain system

Country Status (1)

Country Link
CN (1) CN112801778B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113518126A (en) * 2021-06-30 2021-10-19 深圳市前海泽金产融科技有限公司 Cross fault-tolerant method for alliance chain
CN113810497B (en) * 2021-09-17 2022-07-26 北京邮电大学 Medical data sharing method and device based on block chain
CN114528346B (en) * 2022-01-27 2023-01-13 中科大数据研究院 Method for sharing transaction of multi-source heterogeneous data assets by depending on block chain
CN114708103B (en) * 2022-06-06 2022-08-30 杭州费尔斯通科技有限公司 Data asset transaction method, computer device and readable storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107025602A (en) * 2017-02-24 2017-08-08 杭州象链网络技术有限公司 A kind of financial asset transaction system construction method based on alliance's chain
CN108830686A (en) * 2018-06-08 2018-11-16 中链科技有限公司 A kind of assets information processing method and server based on block chain
CN109102377A (en) * 2018-08-06 2018-12-28 河南真二互联网科技有限公司 A kind of non-performing asset auction disposition platform based on block chain technology
CN111369245A (en) * 2020-02-28 2020-07-03 杭州云象网络技术有限公司 Alliance chain system for financial product sales
KR20200093953A (en) * 2019-01-29 2020-08-06 주식회사 하나은행 System and method of financial instruments auction
CN111639925A (en) * 2020-06-01 2020-09-08 上海旺链信息科技有限公司 Sealed auction method and system based on block chain
CN111815119A (en) * 2020-06-12 2020-10-23 杭州东岸网络信息服务有限公司 Bad asset management system and method based on block chain

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200242595A1 (en) * 2019-01-30 2020-07-30 Salesforce.Com, Inc. Systems, methods, and apparatuses utilizing a blended blockchain ledger in a cloud service to address local storage
US20200342528A1 (en) * 2019-04-29 2020-10-29 Rose Logic Inc. Methods for building assets blockchain for asset backed digitization and securitization

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107025602A (en) * 2017-02-24 2017-08-08 杭州象链网络技术有限公司 A kind of financial asset transaction system construction method based on alliance's chain
CN108830686A (en) * 2018-06-08 2018-11-16 中链科技有限公司 A kind of assets information processing method and server based on block chain
CN109102377A (en) * 2018-08-06 2018-12-28 河南真二互联网科技有限公司 A kind of non-performing asset auction disposition platform based on block chain technology
KR20200093953A (en) * 2019-01-29 2020-08-06 주식회사 하나은행 System and method of financial instruments auction
CN111369245A (en) * 2020-02-28 2020-07-03 杭州云象网络技术有限公司 Alliance chain system for financial product sales
CN111639925A (en) * 2020-06-01 2020-09-08 上海旺链信息科技有限公司 Sealed auction method and system based on block chain
CN111815119A (en) * 2020-06-12 2020-10-23 杭州东岸网络信息服务有限公司 Bad asset management system and method based on block chain

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Indian banking sector: blockchain implementation, challenges and way forward;Aarti Patki et al.;《Journal of Banking and Financial Technology 》;1-9 *
基于联盟区块链技术的V2V电力交易研究;王惠洲 等;《现代电力》;34-41 *

Also Published As

Publication number Publication date
CN112801778A (en) 2021-05-14

Similar Documents

Publication Publication Date Title
JP6873270B2 (en) Handling of transaction activities based on smart contracts in the blockchain Caution Methods and devices for protecting data
US12021992B2 (en) System and method for authenticating user identity
CN107180350B (en) Method, device and system for multi-party sharing transaction metadata based on block chain
CN108389047B (en) Method for trading between parent chain and child chain in block chain and block chain network
CN112801778B (en) Alliance type bad asset block chain system
WO2020155789A1 (en) Blockchain-based certificate storage method and apparatus
US20150356523A1 (en) Decentralized identity verification systems and methods
CN110612547A (en) System and method for information protection
JP7319961B2 (en) Computer-implemented systems and methods related to binary blockchains forming a pair of coupled blockchains
JP7114078B2 (en) Electronic authentication method and program
US11663595B1 (en) Blockchain transactional identity verification
US20220329436A1 (en) Token-based identity validation via blockchain
US20220172198A1 (en) Real-time blockchain settlement network
KR20230005353A (en) Sanctioned Events in a Decentralized Database
CN112052474A (en) Blu-ray copy service
KR102195830B1 (en) System for security enforced crypto currency based on block chain
CN111539719A (en) Auditable mixed currency service method and system model based on blind signature
JP2023098847A (en) Apparatus, method and computer program (selective audit process for privacy-preserving blockchain)
JP6967211B1 (en) Fully decentralized blockchain system and computer program for trading crypto assets that prevents illegal transactions while also allowing anonymous users to participate
CN114846765B (en) Method and apparatus for providing decentralised identity verification
CN113159940A (en) Transaction method, system and computer equipment for enhanced bit currency wallet
CN111402037A (en) User data processing method and device
CN113382025B (en) Method for checking user identity in process of exchanging certificates
CN112633890B (en) Verification method and device for hidden rights and interests evidence based on blockchain
Appelbaum Consensus Mechanisms and Related Issues

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant