CN112990928A - Monitorable anonymous legal digital currency issuing and circulating method - Google Patents
Monitorable anonymous legal digital currency issuing and circulating method Download PDFInfo
- Publication number
- CN112990928A CN112990928A CN202110502915.2A CN202110502915A CN112990928A CN 112990928 A CN112990928 A CN 112990928A CN 202110502915 A CN202110502915 A CN 202110502915A CN 112990928 A CN112990928 A CN 112990928A
- Authority
- CN
- China
- Prior art keywords
- transaction
- amount
- tracking
- key
- initiator
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 19
- 239000003999 initiator Substances 0.000 claims abstract description 48
- 238000012795 verification Methods 0.000 claims description 36
- 238000004422 calculation algorithm Methods 0.000 claims description 35
- 238000012546 transfer Methods 0.000 claims description 18
- 238000004364 calculation method Methods 0.000 claims description 6
- 238000003860 storage Methods 0.000 claims description 6
- 230000000977 initiatory effect Effects 0.000 claims description 3
- 238000000638 solvent extraction Methods 0.000 claims description 3
- 239000000126 substance Substances 0.000 claims description 2
- 238000004590 computer program Methods 0.000 claims 1
- 238000006243 chemical reaction Methods 0.000 description 8
- 230000006399 behavior Effects 0.000 description 7
- 238000012360 testing method Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 5
- 238000002474 experimental method Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 5
- CURLTUGMZLYLDI-UHFFFAOYSA-N Carbon dioxide Chemical compound O=C=O CURLTUGMZLYLDI-UHFFFAOYSA-N 0.000 description 4
- 238000004900 laundering Methods 0.000 description 3
- XLYOFNOQVPJJNP-UHFFFAOYSA-N water Substances O XLYOFNOQVPJJNP-UHFFFAOYSA-N 0.000 description 3
- RTZKZFJDLAIYFH-UHFFFAOYSA-N Diethyl ether Chemical compound CCOCC RTZKZFJDLAIYFH-UHFFFAOYSA-N 0.000 description 2
- 239000000654 additive Substances 0.000 description 2
- 230000000996 additive effect Effects 0.000 description 2
- 229910002092 carbon dioxide Inorganic materials 0.000 description 2
- 239000001569 carbon dioxide Substances 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000010200 validation analysis Methods 0.000 description 2
- 238000009825 accumulation Methods 0.000 description 1
- 230000002776 aggregation Effects 0.000 description 1
- 238000004220 aggregation Methods 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 230000014759 maintenance of location Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 238000005070 sampling Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G06Q20/06—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
- G06Q20/065—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
Abstract
The invention discloses a supervised anonymous legal digital currency issuing and circulating method, wherein the currency issuing transaction and circulating transaction are recorded in a table format distributed account book, each row of the account book represents a system participant, each row represents a transaction message, and the system participant comprises: the central bank, commercial bank, general user; when a transaction is initiated, the following is recorded in its corresponding column: pedersen commitments to transaction amounts, commitments to account balances, scope attestation, tracking keys, and tracking key attestation; and during transaction, verifying whether the sum of all transaction amounts which are promised to be hidden in each transaction is 0, and verifying whether the scope certification and the tracking key certification which are created by the transaction initiator are correct.
Description
Technical Field
The invention belongs to the technical field of digital currency, and particularly relates to a supervised anonymous legal digital currency issuing and circulating method.
Background
With the development of modern technology, electronic payment mode has gradually become an important payment means in people's life, and the use scene of traditional paper currency has gradually shriveled due to lack of portability. Secondly, the printing, issuing and circulating links of the paper money are high in cost. In addition, the traditional paper money is easy to forge, the identity of a currency owner cannot be confirmed, supervision is difficult, and the risk of being used for money laundering, terrorist financing and the like exists. Thus, in today's highly digital age, it has been a trend to implement monitorable anonymous digital currency.
Today, digital currencies are largely divided into three categories, centralized digital currency, decentralized digital currency, and legal digital currency. Among them, a typical representative of centralized digital currency is the E-Cash scheme proposed by Chaum, which is a trusted "bank-person-merchant" based cryptographic digital currency model proposed in 1982, which is considered to be the earliest cryptographic digital currency system. In the model, the transaction of the individual and the merchant depends on an authoritative centralized institution bank, and the bank cannot acquire the transaction information by using the blind signature technology, so that the anonymity and privacy of both transaction parties are ensured, but the scheme is difficult to realize currency tracking. Later, although the E-Cash scheme proposed by Jules realizes the tracking of anonymous currency by introducing a trusted authority, the scheme requires the bank to participate in the currency circulation, and cannot complete large-scale transactions.
A typical representation of decentralized digital currency is Bitcoin, the first fully decentralized encrypted digital currency system proposed by Satoshi Nakamoto in 2008. In the scheme, the issuing and circulation of the digital currency are independent of any centralized mechanism of a third party, transaction information is stored in a distributed account book called a block chain, and the account book is commonly maintained by nodes in a P2P network by means of technologies such as cryptography, distributed account book storage technology, P2P consensus and the like. Although bitjoin uses a pseudonym, it cannot be guaranteed that private information of the user is not leaked. A large number of decentralized encrypted digital currency systems such as Monero, Zerocoin and Zerocash are proposed later on the basis of the Bitcoin idea, but the schemes are difficult to realize currency supervision, the currency value fluctuates severely, and the currency is difficult to maintain stable.
Unlike the two kinds of digital currencies, the legal digital currency takes the national credit as endorsement, and the issuance of the currency is regulated by the central line, so the legal digital currency can maintain the stability of the currency economic system. Currently, many countries are taking active attitudes towards studying legal digital currency. Although the legal digital currency takes national credit as endorsement and the issuance of the currency is controlled by the central row, the client-server architecture of the public-to-central row is not suitable for the technical application, otherwise, a single point of failure occurs and the currency is easy to attack by an attacker, thereby causing disastrous results. The blockchain is used as a distributed storage technology, the distributed ledger is commonly maintained by each node in the P2P network, and has the characteristics of non-tampering, public verifiability and the like, so that compared with a client-server architecture, the blockchain has better transparency and stability. However, while the data is publicly verifiable, the privacy information of the user is difficult to be protected, so how to construct a block chain-based legal digital currency system which can protect the privacy of the user and realize supervision is necessary.
Disclosure of Invention
The invention aims to solve the following technical problems:
1. how to protect the privacy of the transaction of the system participants from being divulged, namely, the identity of the transaction participants and the transaction amount need to be hidden, and the transaction is guaranteed not to be tracked by other system participants at the center.
2. The method is used for verifying the validity of the transaction on line under the conditions that the identity of a transaction participant is hidden and the transaction amount is in a secret state.
3. When illegal criminal behaviors such as money laundering or terrorist financing occur, the central bank has a certain checking means to track related transaction information.
4. On the premise of realizing anonymous traceability, the throughput rate of the system is improved as much as possible, and the redundancy of the account book storage is reduced as much as possible.
Therefore, the invention provides a supervised anonymous legal digital currency issuing and circulating method.
The invention is realized by the following technical scheme:
a method for issuing and circulating monitorable anonymous legal digital currency,
the currency issuing transaction and the circulation transaction are recorded in a tabular distributed book, each column of the book represents a system participant, each row represents a transaction message, and the system participant comprises: the central bank, commercial bank, general user;
after initiating a transaction
At first, the transaction initiator randomly selects a reservoir algorithm
A non-trading participant forming a member set together with the trading participant
(ii) a And then for each member
The following is recorded in its corresponding column: (1) pedersen commitments to transaction amounts
And (2) commitments to account balances
(3) a range attestation, (4) a tracking key, and (5) a tracking key attestation; wherein the content of the first and second substances,
is a member of
One transaction of
The amount of the transaction in (1) is,
is a random value that is not disclosed, as is the Pedersen commitment to the transaction amount
In
Acceptance of account balance at > 0
Is to use a new random value
To pair
Another Pedersen commitment is made, the amount parameter is
(ii) a Pedersen commitments as transaction amount
In
Below 0, commitment of account balance
Is to calculate
Pedersen commitment sum of all current transactions of the column, this time the fundVolume parameter
,
TxID of the current transaction, wherein TxID represents transaction ID;
and (3) verifying the validity of the transaction during the transaction: (1) verifying whether the sum of all transaction amounts promised to be hidden in each transaction is 0; (2) and verifying whether the scope certificate and the tracking key certificate created by the transaction initiator are correct.
In the technical scheme, the transactions include three types, namely, a money transaction issued by a central bank to a commercial bank, a transaction in which the commercial bank exchanges digital money for common users, and a transfer transaction between the common users, wherein the three types of transactions are recorded in the table format distributed account book in the same format.
In the above technical solution, the Pedersen commitment to the transaction amount
Is calculated as member of
Is a transaction
The sender of (2), the transaction amount
Is a negative value; if member
Is a transaction
The recipient of (2), the transaction amount
Is a positive value; if becomePersonnel
Is not a transaction
The participant of (2), the transaction amount
Is 0.
In the above technical solution, the scope certification is a commitment to certify the balance of the account
Amount of money parameter of
If the value of (a) is within the set range, then proving that the participant in the transaction did not create or destroy an asset by default, the total amount of digital currency currently exchanged by the commercial bank is within the range of the amount specified by the central bank, and the balance of the digital currency exporter is sufficient to complete the transfer transaction.
In the technical scheme, when a central row serving as a supervisor supervises a transaction, a tracking key calculated by a Bit traceable Bulletprofo zero knowledge range proof cryptographic algorithm and a supervision trapdoor owned by the central row track a specific value of a transaction amount concealed by using Pedersen commitment, so that related transaction behaviors are tracked;
the Bit traceable Bulletprof zero knowledge range proof cryptographic algorithm comprises the following steps:
the method comprises the following steps:
generating parameters, performing at system initialization, inputting security parameters
And supervisor generated supervision trapdoors
Outputting public parameters
The details are as follows:
(1) system randomly selecting generator
…, 
;
(2) Supervisor-generated trapdoor (
… 
)
Calculating
;
(3) System disclosure parameter
Wherein
,
Is a large prime number, group
The order of (1);
step two:
generating a certified algorithm, executed by a transaction initiator when creating a transaction, inputting a transaction amount and an amount range to be certified by the algorithm, and outputting a range certification, a tracking key and a tracking key certification; the transaction initiator performs the following steps to calculate the proof under each member correspondence column:
(1) for transaction amount
The transaction initiator selects a random number
Calculating the transaction amount
Promise of (1)
: 
;
(2) The transaction initiator will exchange the transaction amount
Bit-by-bit partitioning:
,
, 
;
indicating an amount of money
Is represented by a binary vector of (a),
vector is composed of
Vector press upInducing generation of a rule defined by the formula;
(3) random number is randomly selected by transaction initiator
For the amount of the transaction
Is committed to
:
;
(4) Random number selection by transaction initiator
To blind vector
Make a commitment to obtain
:
;
(5) Random number for a challenge sent by a transaction verifier
Making inner product proof for transaction initiator and transaction initiator to generate proof
Wherein:
Wherein
Here, the
,
,
The representation is defined in
An n-dimensional vector of (a);
(6) random number selection by transaction initiator
Generating a proof
To a verifier, wherein:
(7) the transaction initiator will commit
And prove that
Sending to a transaction verifier;
(8) transaction initiator adding tracking key to each bit of money
And
and giving a tracing key certificate for all tracing keys
:
Tracking the key:
;
tracing key certification:
;
(9) transaction initiator in transaction
Each of (1)Member
Corresponding to the following write Range certificate
(
) Tracking a key
And
and tracing key attestation
To build a transaction;
step three:
the algorithm of the verification certification is executed by the transaction verifier, and whether the range certification and the tracking key certification generated by the transaction initiator during the transaction creation are correct or not is verified; inputting public parameters
And range certification and tracking key certification, wherein output 1 represents that certification verification is passed, and output 0 represents that certification verification is not passed; for transactions
Each member of
The following steps are performed by the transaction verifier:
(1) verifier computation
;
(2) Verifier computation
;
(3) Verifier computation
;
(4) Verifier computation
;
(5) The verifier verifies whether the following equation is true, if true, the verification is passed, otherwise the verification is not passed:
(6) verifier verification tracking key attestation
Judging the legitimacy of
If the equation is true, the verification is passed, otherwise the verification is not passed, and the proof of the equation is as follows:
=
;
(7) after the verifier verifies the transaction, the range certificate, the tracking key and the tracking secret key certificate are recorded in the distributed account book;
step four:
the algorithm for tracking the transaction amount is executed by a transaction supervisor during transaction supervision, a supervision trap and a tracking key which are only mastered by the supervisor are input, the transaction amount which is promised to be hidden is output, and for the following columns of each member of each transaction, the transaction tracker executes the following steps to track the transaction amount of each member corresponding to each transaction:
(1) for each one
The supervisor reads the transaction in the account book
Each of (1)
Tracking key for column records
Using supervision trapdoors known only by themselves
Calculating each transaction separately
Each member of
Of corresponding column
;
(2) Supervisor use tracking key
、
And a supervisory trapdoor
For each bit
Performing a tracking calculation, in particular for each
:
If it is
=1, then output
=0;
If it is
= 
Then output
=1;
(3) The supervisor calculates each member
Amount of money of corresponding column
。
The invention has the advantages and beneficial effects that:
(1) transaction details can be hidden: the invention provides a table format distributed account book, and the Pedersen promises with homomorphic property are used, so that the identity information and the transaction amount of transaction participants can be effectively hidden when a user initiates a transaction; moreover, the invention does not directly select the Pedersen commitment with the sum of 0 from the column record of all the non-trading participants, but randomly selects the petdersen commitment from all the non-trading participants by using the impounding reservoir algorithm
The column in which the individual non-trading participant is located records the commitment to 0, specifically
The value of (c) is determined by the user. Thus, the storage redundancy of the distributed account book is not large, and
the larger the value, the more privacy of the transaction, but the slower the transaction speed.
(2) The digital currency is controlled to be transferred out: in the transaction content, the invention records a new commitment under the corresponding column of the transaction content of each system participant
So that only one range proof need be used
It may be determined whether the concealed transaction amount is within a specific range or not, and whether the sum of each column of the tabular ledger, i.e., the user account balance, is greater than 0. It is thus possible by this proof to check online whether the total amount of digital money currently exchanged by the commercial bank is within the total amount specified in the central bank and whether the balance of the digital money-transferor is sufficient to complete the transfer transaction.
(3) Supervision can be carried out: the invention provides a Bit traceable Bulletprofof zero knowledge range proof cryptographic algorithm (BTBURP), which can not only prove that a user uses the transaction amount concealed by Pedersen commitment in transaction
In a certain specific range, the specific value of the transaction amount can be known, so that when the central bank needs to check the transaction behavior of the system participant, the traceable secret key of the transaction content and the supervision trap door mastered by the supervisor can be used for checking the historical transaction amount of a certain column in the tabular distributed account book, and the transaction behavior of the corresponding user of the column is checked.
(4) A malicious node cannot create or destroy an asset of a certain user by means of vacancy: when the verifier verifies the transaction, the invention can verify all the transactions
Performing an accumulation calculation to prove
The sum of the transaction amounts concealed by all commitments is 0. In addition, the invention introduces the scope to prove
Hidden transaction amount
Within a certain range, this means that a piece of assets is not created or destroyed by the system.
Drawings
FIG. 1 is a table format distributed ledger detail view of the present invention;
FIG. 2 is a transaction type and transaction example ledger diagram of the present invention;
FIG. 3 is a data diagram of generation time, verification time, and trace time for a traceable Bulletprof zero knowledge range proof of knowledge cryptographic algorithm used in the present invention;
FIG. 4 is a diagram of time data generated for each content included in a row in a transaction according to the present invention;
FIG. 5 is a diagram showing the relationship between the transaction creation time and the number of columns included in a transaction according to the present invention;
FIG. 6 is a graph of verification time data for each content included in a row in a transaction according to the present invention;
FIG. 7 is a diagram showing the relationship between the transaction verification time and the number of columns included in a transaction according to the present invention.
Detailed Description
In order to make the technical solution of the present invention better understood, the technical solution of the present invention is further described below with reference to specific examples.
A monitorable anonymous legal digital currency issuing and circulating method is characterized in that currency issuing transactions and circulating transactions are recorded in a tabular distributed account book, the content of the account book is designed into a tabular distributed account book, each column of the account book represents a system participant, and each row represents a transaction message; the system participants include: central bank, commercial bank, general user.
In the system, a double-layer operation system of a central bank to a commercial bank and the commercial bank to the public is formed. The central bank and the commercial bank respectively and independently maintain a distributed account book, and the account book ensures the consistency of storage by means of the consensus of the banks. The specific functions of the three system participants are described below:
(1) in the central row: there are two main functions in the central row: firstly, the system plays a role in issuing currencies and issues currencies of different limits to different commercial banks according to economic trends; and the second is to use the monitoring means as a monitor to monitor the transaction behaviors of the commercial bank and the common users.
(2) Commercial banks have two main functions: firstly, exchanging the same amount of digital currency for the user according to the assets owned by the user, namely initiating a currency exchange transaction; and secondly, when a transaction is initiated in the system, the validity of the transaction is verified, and the system is responsible for consistency consensus of the account book.
(3) The ordinary user has two main functions: firstly, the commercial bank is exchanged with cash or assets in the existing bank account for the same amount of digital currency, and the transaction is initiated by the commercial bank; secondly, the ordinary users initiate transfer transactions and submit the transactions to the network.
Fig. 1 shows the details of the ledger of the present invention. Different from the account book structure of the bitcoin and the ether house, the invention uses a unique table format distributed account book, and the table format account book structure can hide the identity of a transaction participant, hide the transaction amount and ensure that the transaction cannot be tracked. The central bank serves as a supervisor, and can track the transaction amount according to the tracking key when needing supervision. In the account, each row of the account represents one transaction, and the figure has 5 transactions (TxID is 0 to 4); each column of the ledger represents an attribute or a system participant, with the first two columns representing transaction ID (TxID) and transaction timestamp (Time), and each column (i.e., in the table) starting with the third column
To
) Represents a system participant, wherein
A representative of the central row is,
to
Represents
The home business bank is provided with a bank,
to
Represents
The user can be identified as a normal user,
is far greater than
. When a transaction is initiated, the Pedersen commitments for the transaction amount are recorded under the column corresponding to the transaction participants, and a series of proofs are generated corresponding to each Pedersen commitment.
For each transaction
System participants
The transaction content in the corresponding column contains the following information, as shown in fig. 1:
1. pedersen commitments for transaction amounts
The invention uses the Pedersen commitment to hide the transaction amount, and the Pedersen commitment algorithm is based on the elliptic curve cycle group
Is realized by the following main forms
Here, the
Is the secret value promised to be concealed, i.e. the transaction amount;
is an undisclosed random number;
is that
The random generator of (1). The commitment has the following characteristics: (1) perfect concealment: due to the fact that
Is a random number, therefore
And
is computationally indistinguishable, so that the commitment value perfectly hides the secret value
(ii) a (2) Calculating binding property: the prompter cannot change the secret value of the promption after making the promption
I.e. the commitment cannot use a new secret value
And generating the same commitment value to realize non-repudiation. Computing binding is based on the difficult assumption of discrete logarithms, i.e. the assumption exists
So that
Then there is
This is not possible under the difficult assumption of discrete logarithms; (3) in addition to meeting the basic characteristics of the two commitments, the Pedersen commitment also has additive homomorphism, namely:
Further, the invention does not directly select the Pedersen commitment with the sum of 0 from the column record of all the non-trading participants, but randomly selects the commitment from all the non-trading participants by using the water reservoir algorithm
The column record of the individual non-trading participant is the Pedersen commitment to 0, the specific size of the retention reservoir
Is determined by the user(s) ((
The larger the value, the more private the user information is, but the slower the transaction speed). The impounding reservoir algorithm is mainly used for big data sampling and aims to extract big data from
With non-repeating random selection of equal probability among system participants
Each system participant records the commitment of the amount of 0, and the idea of the algorithm is as follows: (1) construct a size of
The water reservoir; (2) will 0 to
Sequentially putting the data (transaction participants) into a reservoir; (3) when it is calculated to the first
A data, and
when it is in the range
Internally selecting random numbers
(ii) a (4) If it is
Fall on
Within the range, use
The first data in the replacement reservoir
And (4) otherwise, repeating the step (3).
Here, the first and second liquid crystal display panels are,
is to the transaction amount
The petersen commitment of (a),
is a random value. When a transaction is initiated, the amount of the transaction involved with the system participant
Using Pedersen commitment encryption and writing the commitment value to the transaction participants in the ledger
Below the corresponding column. For example, when a central row issues money of 500 credits to a commercial bank 1, the corresponding column at the central row records the commitment value made to "-500", the corresponding column at the commercial bank 1 records the commitment value made to "500", and then optionally
The column in which each non-trading participant resides records the commitment value to "0". Thus, in one transaction, the column containing the transaction amount and the column with the transaction amount of 0 cannot be distinguished, so that other people cannot analyze the participant identity of the transaction and the transaction amount through the account.
2. Commitment of balance
The invention records the Pedersen promise under the trade content of the corresponding column of each system participant
And recording a balance commitment under the corresponding column of transaction contents of each system participant
。
When in use
In
Acceptance of balance greater than or equal to 0 (i.e. receiving transaction amount)
Is to use a new pair of random values
Making another Pedersen commitment to obtain
At this time
。
When in use
In
Commitment of balance < 0 (i.e. roll-out transaction amount)
Is to calculate
The Pedersen commitment sum of all current transactions of the column, i.e.
At this time
,
Is the TxID of the current transaction.
By using
Only needs to use the range certification once
Can both judge
In (1)
And can also judge
The sum of the commitments listed, i.e., the account balance, is greater than 0.
3、Demonstration of scope
Demonstration of scope
Is certified using a Bulletprof range-certified cryptographic algorithm
Is/are as follows
Is a value of
. By checking this range proof, it is possible to check online:
(1) when in use
In
When the concentration of the carbon dioxide is more than 0,
hidden transaction amount
In that
Within range, a participant in a transaction cannot create or destroy an asset by default;
(2) when in use
In
When the concentration of the carbon dioxide is less than 0,
hidden transaction amount
In that
Within the range of because
Is calculated as
The sum of all historical transaction amounts of the participants of the column system, so that the proof can be used to check whether the total amount of digital currency currently exchanged by the commercial bank is within the total amount range specified by the central bank and whether the balance of the digital currency roll-out is sufficient to complete the transfer transaction.
4. Tracking keys
&
And tracking the proof of validity of the key
Under the condition that the identity and the transaction amount of the transaction participant are hidden, illegal criminal phenomena can occur, so that the central bank is taken as a supervisor, and the identity and the transaction amount of the transaction participant need to be checked when illegal criminal behaviors such as money laundering or terrorist financing occur. Since the identity of the transaction participants in the tabular form book corresponds to each column, we only need to check the transaction amount of a certain column of users at the time of needing supervision in the central row, and for this reason we introduce a tracking key based on range certification
&
And corresponding proof of legitimacy
Through the tracking key and the supervision trap door, the supervisor can check the range certification of the corresponding column of the transaction participant
The specific amount of money.
Specifically, the present invention uses a Bit traceable Bulletprof zero knowledge Range proof of cryptography algorithm (hereinafter BTBuPR) that is correct, cryptic, and binding. Since the commitment value is in an elliptic curve cycle group, the commitment value depends on the order of the base point of the elliptic curve group
Thus selecting the same random value
Amount of transaction
The commitment value of and
are equal in their commitment values, i.e.
In digital currency applications, this means that a system participant can create an asset by default. Therefore, in a transaction, the BTBurP algorithm can prove that the transaction amount concealed by the user using Pedersen in the transaction is within a certain specific range, and the BTBurP used by the supervisor at the central row only needs to generate the supervision trapdoor in advance, so that the specific amount concealed by the range proof can be calculated according to the tracking key under the condition of not interacting with the related system participants, and the transaction behaviors of the system participants are tracked. The BTBuRP algorithm is divided into four steps, and the implementation of the four steps is described below:
the method comprises the following steps:
(1) system randomly selecting generator
…, 
;
(2) Supervisor (central row) generating trapdoors (
… 
)
Calculating
;
(3) System disclosure parameter
Wherein
,
Is a large prime number, group
The order of (1);
step two:
(1) for transaction amount
The transaction initiator selects a random number
Calculating the transaction amount
Promise of (1)
: 
;
(2) The transaction initiator will exchange the transaction amount
Bit-by-bit partitioning:
,
, 
;
indicating an amount of money
Is represented by a binary vector of (a),
vector is composed of
The vector is induced and generated according to the rule defined by the formula;
(3) random number is randomly selected by transaction initiator
For the amount of the transaction
Is committed to
:
;
(4) Random number selection by transaction initiator
To blind vector
Make a commitment to obtain
:
;
(5) Random number for a challenge sent by a transaction verifier
Making inner product proof for transaction initiator and transaction initiator to generate proof
Wherein:
Wherein
Here, the
,
,
The representation is defined in
An n-dimensional vector of (a);
(6) random number selection by transaction initiator
Generating a proof
To a verifier, wherein:
(7) the transaction initiator will commit
And prove that
And sending to the transaction verifier.
(8) Transaction initiator adding tracking key to each bit of money
And a validity proof is given to all tracking keys:
tracking the key:
;
tracing key attestation (i.e., proof of validity of a key):
。
(9) transaction initiator in transaction
Each of (1)A member
Corresponding to the following write Range certificate
(
) Tracking a key
And
and tracing key attestation
To build a transaction. Here, the
、
Refer to for
Line of
Tracking keys for all bits of the column transaction amount, i.e.
,
。
Step three:
(1) verifier computation
;
(2) Verifier computation
;
(3) Verifier computation
;
(4) Verifier computation
;
(5) The verifier verifies whether the following equation is true, if true, the verification is passed, otherwise the verification is not passed:
(6) verifier verification
Judging the legitimacy of
If the equation is true, the verification is passed, otherwise the verification is not passed, and the proof of the equation is as follows:
=
。
(7) after the verifier verifies the transaction, the range is proved
Tracking a key
And tracing key attestation
And recording the data into the distributed account book.
Step four:
(1)for each one
The supervisor reads the transaction in the account book
Each of (1)
Tracking key for column records
Using supervision trapdoors known only by themselves
Calculating each transaction separately
Each member of
Of corresponding column
;
(2) Supervisor use tracking key
、
And a supervisory trapdoor
For each bit
Performing a tracking calculation, in particular for each
:
If it is
=1, then output
=0;
If it is
= 
Then output
=1;
(3) The supervisor calculates each member
Amount of money of corresponding column
。
For the (2) th step of the fourth step, the following steps can be also optimized: supervisor use tracking key
、
And a supervisory trapdoor (
…
) For each bit
Performing tracking calculation: for each one
If, if
Further, in the distribution of legal digital currency based on block chain, we need to guarantee: (1) the commercial bank can not freely stipulate the issuing amount without the authorization of the central bank; (2) ordinary users cannot add an amount under their own account at will. Therefore, our verifier will prove the transaction when verifying
In
That is to say prove
The sum of the transaction amounts concealed by all commitments in the pen transaction is 0. Thus, the transaction initiator generates commitments at the option
Random number of
When it is needed to satisfy
So that the verifier only needs to verify
And (4) finishing.
The symbols referred to above correspond to the descriptions given in the following table:
as shown in fig. 2, which is an example of a distributed ledger designed in the present invention, in the ledger, each column represents a system participant, each row represents a transaction, the ledger contents cannot be deleted and changed, and when a new transaction is verified, a new record is added to the ledger contents. There are three transactions in the account, a money issue transaction, a money exchange transaction and a public transfer transaction, and each transaction in the system includes a Pedersen commitment to the transaction amount
The transaction proof and tracking key described in fig. 1 is generated for each commitment, and the functions exercised by the three transactions and examples of the three transactions are described below:
money issuance transactions
According to the practical scene, the currency issuing generally comprises two situations, namely, a central bank issues digital currency to a commercial bank, and the specific issuing time and the issuing total amount are dynamically determined according to the requirements of the commercial bank; the second is the central line issuing digital currency to a particular institution based on a particular use. The first type of currency issue is illustrated and discussed below, and for the second type of currency issue, the transaction is structured in the same manner as set forth below.
Shown in FIG. 2
=0 transaction shows central bank 1A total of 500 digital currencies were set. In the transaction data, it can be seen that a promise of "-500" transaction amount is written in the column corresponding to the central row, a promise of "500" transaction amount is written in the column corresponding to the commercial bank 1, and then a water reservoir algorithm is used to arbitrarily select from all non-transaction participants
A user and in its corresponding column
A commitment to a transaction amount of "0" is written. From this transaction data, we cannot know the identity of the initiator and recipient of the transaction, nor the transaction amount.
Currency conversion transactions
The currency conversion transaction is initiated by the commercial bank, converting the cash of the ordinary user or assets in the bank account into digital currency. In FIG. 2
=1 and
the transaction of =2 is a currency conversion transaction, wherein
A currency conversion transaction of =1 was successful,
a currency conversion transaction failure of = 2.
In that
In transaction of =1, user
To commercial banks
Exchange amount of 300 digital currency, commercial bank
Writing a commitment of transaction amount of-300' in the corresponding column of the user
The corresponding column writes a commitment to the transaction amount of "300" and optionally
A non-trading participant
The column writes a commitment to the transaction amount of "0". From this transaction data, we cannot know the identity of the initiator and recipient of the transaction, nor the transaction amount. However, the identity and scope certification cryptographic algorithm using Pedersen promises can be verified, commercial banks
To the user
The total 300 issued is less than the central bank to the commercial bank
500, i.e. commercial bank
The transaction amount does not exceed that of the commercial bank
The total amount of money held. Thus, the transaction can be verified, and the user
To commercial banks
The conversion of digital currency was successful.
In that
In a transaction of =2, commercial bank
Transfer of funds to three recipients in a transaction, wherein the user is presented with
And
the transfer of (2) is currency conversion, and the amount is 100; to commercial banks
The transfer amount is 200. Commercial bank
Writing a commitment of transaction amount-400' in its corresponding column, and making the user obtain the commitment
And
the corresponding column writes a commitment to the transaction amount of "100" at the commercial bank
The corresponding column writes a commitment to the transaction amount of "200" and optionally
The column in which the other non-trading participants are located writes a commitment to the trade amount of "0". From this transactionIn the data, the identities of the initiator and recipient of the transaction and the transaction amount cannot be known. However, the cryptographic algorithm can be verified using the Pedersen promised homomorphism and scope certification
In a transaction of =2, commercial bank
The amount 400 of the roll-out account is greater than the amount of the central bank to the commercial bank
Is 200, exceeds the commercial bank
The total amount of money currently held. Thus commercial bank
The transaction verification of this time is not passed, and the distributed account book is not counted.
Public account transfer transaction
Public transfer transactions are transactions initiated by the public, for daily payment transfers, etc., as in fig. 2
=3 and
a transaction of =4 is a public transfer transaction, and in both transactions,
a transaction transfer of =3 was successful,
a transaction transfer of =4 fails (because the transaction amount exceeds the total amount of money held by the account). The specific transaction flow and verification process are the same as the above digital currency conversion transactionAnd will not be described herein.
Fig. 3 shows generation time (pro), verification time (Verify), and tracking time (Trace) of the traceable Bulletproof range algorithm (BTBuRP) based on the secret SM2 used in the present invention. The experiment is operated in the environment of Intel i7-8556U 1.80GHz processor, 8G memory and 64-bit Windows10 operating system, and the scheme is realized by using go language. During the experiment, the sum of money
Respectively select
And (6) testing. It can be seen that
The larger the value (i.e., the larger the range verifiable by the BTBuRP algorithm), the larger the generation time, verification time, and tracking time of the supervisor tracking key are certified. When in use
In the invention, the supportable maximum transaction amount reaches more than 42 hundred million, and the transfer transaction in the legal digital currency issuing and circulating process can be basically met, so the legal digital currency scheme of the invention recommends the provable range of the selection range certification to be
. In the Bulletprofof range certification, multiple range certifications may be aggregated into one range certification, and thus, when the Bulletprofof range aggregation certification is used, the average time of the Prove and Verify of the above experiment may be shorter.
FIG. 4 shows the generation time of each content included in a row in a transaction. Each column in a transaction contains commitments
Commitment of balance
And a Bit traceable Bulletprof range attestation, wherein the Bit traceable Bulletprof range attestation comprises: (1) demonstration of scope
(2) tracking the key
(3) tracing key attestation
. During the test, the selection is carried out
=32 test the time to generate commitments, tracking keys, and tracking key certificates (Create). It can be seen that the generation time of the range certificate substantially determines the generation time of a single column in a transaction.
FIG. 5 shows the relationship between the transaction creation time and the number of columns included in a transaction. In the experiment, a plurality of BTBURP range proving times are created by single-thread testing and multi-thread testing respectively. As can be seen, the transaction is created in multiple threads faster than in a single thread, and as the number of columns included in a transaction increases, the transaction is created in a slower time.
FIG. 6 shows the verification time for each content included in a row in a transaction. During the test, the selection is carried out
=32 test range certification and verification time of tracking key certification (Verify). It can be seen that the validation time of the range certificate substantially determines the validation time of a single column in a transaction.
FIG. 7 shows the relationship between the transaction verification time and the number of columns included in a transaction. In the experiment, the times proved by a plurality of BTBURP ranges are verified by single thread and multithreading respectively. As can be readily seen, the time for a multi-threaded verification transaction is faster than the time for a single threaded verification transaction, and as the number of columns included in a transaction increases, the verification time for the transaction becomes slower.
The invention has been described in an illustrative manner, and it is to be understood that any simple variations, modifications or other equivalent changes which can be made by one skilled in the art without departing from the spirit of the invention fall within the scope of the invention.
Claims (6)
1. A supervised anonymous legal digital currency issuing and circulating method is characterized in that:
the currency issuing transaction and the circulation transaction are recorded in a tabular distributed book, each column of the book represents a system participant, each row represents a transaction message, and the system participant comprises: the central bank, commercial bank, general user;
after initiating a transaction
At first, the transaction initiator randomly selects a reservoir algorithm
A non-trading participant forming a member set together with the trading participant
(ii) a And then for each member
The following is recorded in its corresponding column: (1) pedersen commitments to transaction amounts
And (2) commitments to account balances
(3) a range attestation, (4) a tracking key, and (5) a tracking key attestation; wherein the content of the first and second substances,
is a member of
One transaction of
The amount of the transaction in (1) is,
is a random value that is not disclosed, as is the Pedersen commitment to the transaction amount
In
Acceptance of account balance at > 0
Is to use a new random value
To pair
Another Pedersen commitment is made, the amount parameter is
(ii) a Pedersen commitments as transaction amount
In
Below 0, commitment of account balance
Is to calculate
Pedersen commitment sum of all current transactions of column, when amount parameter
,
TxID of the current transaction, wherein TxID represents transaction ID;
and (3) verifying the validity of the transaction during the transaction: (1) verifying whether the sum of all transaction amounts promised to be hidden in each transaction is 0; (2) and verifying whether the scope certificate and the tracking key certificate created by the transaction initiator are correct.
2. The administrable anonymous legal digital currency issuing and circulating method of claim 1, wherein: the transaction includes three types, namely, a money transaction issued by the central bank to a commercial bank, a digital money transaction exchanged by the commercial bank for common users, and a transfer transaction among the common users, wherein the three types of transactions are recorded in the table format distributed account book in the same format.
3. The administrable anonymous legal digital currency issuing and circulating method of claim 1, wherein: pedersen commitments for transaction amounts
Is calculated as member of
Is a transaction
The sender of (2), the transaction amount
Is a negative value; if member
Is a transaction
The recipient of (2), the transaction amount
Is a positive value; if member
Is not a transaction
The participant of (2), the transaction amount
Is 0.
4. The administrable anonymous legal digital currency issuing and circulating method of claim 1, wherein: scope certification is a commitment to certify an account balance
Amount of money parameter of
If the value of (A) is within the set range, the participant in the transaction is proved not to be emptyCreating or destroying an asset, the total amount of digital currency currently exchanged by the commercial bank being within the total amount specified by the central bank, and the balance of the digital currency transferor being sufficient to complete the transfer transaction.
5. The curatable anonymous legal digital currency issuance and circulation method according to claim 4, wherein: when the transaction is monitored by the central row as a supervisor, tracking keys calculated by a Bit traceable Bulletprofo zero knowledge range proof cryptographic algorithm and a supervision trap door owned by the central row track the specific value of the transaction amount concealed by using Pedersen commitment;
the Bit traceable Bulletprof zero knowledge range proof cryptographic algorithm comprises the following steps:
the method comprises the following steps:
generating parameters, performing at system initialization, inputting security parameters
And supervisor generated supervision trapdoors
Outputting public parameters
The details are as follows:
(1) system randomly selecting generator
…, 
;
(2) Supervisor-generated trapdoor (
… 
)
Calculating
;
(3) System disclosure parameter
Wherein
,
Is a large prime number, group
The order of (1);
step two:
generating a certified algorithm, executed by a transaction initiator when creating a transaction, inputting a transaction amount and an amount range to be certified by the algorithm, and outputting a range certification, a tracking key and a tracking key certification; the transaction initiator performs the following steps to calculate the proof under each member correspondence column:
(1) for transaction amount
The transaction initiator selects a random number
Calculating the transaction amount
Promise of (1)
: 
;
(2) The transaction initiator will exchange the transaction amount
Bit-by-bit partitioning:
,
,
;
indicating an amount of money
Is represented by a binary vector of (a),
vector is composed of
The vector is induced and generated according to the rule defined by the formula;
(3) random number is randomly selected by transaction initiator
For the amount of the transaction
Is committed to
:
;
(4) Random number selection by transaction initiator
To blind vector
Make a commitment to obtain
:
;
(5) Random number for a challenge sent by a transaction verifier
Making inner product proof for transaction initiator and transaction initiator to generate proof
Wherein:
Wherein
Here, the
,
,
The representation is defined in
An n-dimensional vector of (a);
(6) random number selection by transaction initiator
Generating a proof
To a verifier, wherein:
(7) the transaction initiator will commit
And prove that
Sending to a transaction verifier;
(8) transaction initiator adding tracking key to each bit of money
And
and giving a tracing key certificate for all tracing keys
:
Tracking the key:
;
tracing key certification:
;
(9) transaction initiator in transaction
Each member of
Corresponding to the following write Range certificate
(
) Tracking a key
And
and tracing key attestation
To build a transaction;
step three:
the algorithm of the verification certification is executed by the transaction verifier, and whether the range certification and the tracking key certification generated by the transaction initiator during the transaction creation are correct or not is verified; inputting public parameters
And range certification and tracking key certification, wherein output 1 represents that certification verification is passed, and output 0 represents that certification verification is not passed; for transactions
Each member of
The following steps are performed by the transaction verifier:
(1) verifier computation
;
(2) Verifier computation
;
(3) Verifier computation
;
(4) Verifier computation
;
(5) The verifier verifies whether the following equation is true, if true, the verification is passed, otherwise the verification is not passed:
(6) verifier verification tracking key attestation
Judging the legitimacy of
If the equation is true, the verification is passed, otherwise the verification is not passed, and the proof of the equation is as follows:
=
;
(7) after the verifier verifies the transaction, the range certificate, the tracking key and the tracking secret key certificate are recorded in the distributed account book;
step four:
the algorithm for tracking the transaction amount is executed by a transaction supervisor during transaction supervision, a supervision trap and a tracking key which are only mastered by the supervisor are input, the transaction amount which is promised to be hidden is output, and for the following columns of each member of each transaction, the transaction tracker executes the following steps to track the transaction amount of each member corresponding to each transaction:
(1) for theEach one of which is
The supervisor reads the transaction in the account book
Each of (1)
Tracking key for column records
Using supervision trapdoors known only by themselves
Calculating each transaction separately
Each member of
Of corresponding column
;
(2) Supervisor use tracking key
、
And a supervisory trapdoor
For each bit
Performing trace calculations, in particularTo each one
:
If it is
=1, then output
=0;
If it is
= 
Then output
=1;
(3) The supervisor calculates each member
Amount of money of corresponding column
。
6. A computer-readable storage medium, characterized in that a computer program is stored which, when executed, implements the method of any of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110502915.2A CN112990928B (en) | 2021-05-10 | 2021-05-10 | Safety protection method for digital currency transaction data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110502915.2A CN112990928B (en) | 2021-05-10 | 2021-05-10 | Safety protection method for digital currency transaction data |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112990928A true CN112990928A (en) | 2021-06-18 |
| CN112990928B CN112990928B (en) | 2021-08-24 |
Family
ID=76337343
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110502915.2A Active CN112990928B (en) | 2021-05-10 | 2021-05-10 | Safety protection method for digital currency transaction data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112990928B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115906183A (en) * | 2023-01-06 | 2023-04-04 | 南京理工大学 | Auditable and traceable block chain privacy protection system and method |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108628889A (en) * | 2017-03-21 | 2018-10-09 | 北京京东尚科信息技术有限公司 | Sampling of data mthods, systems and devices based on timeslice |
| CN109325747A (en) * | 2018-08-30 | 2019-02-12 | 阿里巴巴集团控股有限公司 | Money transfer method and device based on block chain |
| CN110009318A (en) * | 2019-03-22 | 2019-07-12 | 陕西师范大学 | A kind of digital cash method for tracing based on door sieve coin |
| US20200042994A1 (en) * | 2018-08-06 | 2020-02-06 | Alibaba Group Holding Limited | Method, apparatus and electronic device for blockchain transactions |
| CN111079190A (en) * | 2019-12-31 | 2020-04-28 | 深圳市网心科技有限公司 | Block chain supply chain transaction hiding dynamic supervision system and method |
| CN111160909A (en) * | 2019-12-31 | 2020-05-15 | 深圳市网心科技有限公司 | Block chain supply chain transaction hiding static supervision system and method |
| CN111340488A (en) * | 2020-02-21 | 2020-06-26 | 数据通信科学技术研究所 | Method and device for generating monitorable secret transaction amount |
| CN111401875A (en) * | 2020-05-29 | 2020-07-10 | 支付宝(杭州)信息技术有限公司 | Block chain transfer method and device based on account model |
| CN111815322A (en) * | 2020-06-08 | 2020-10-23 | 北京邮电大学 | Distributed payment method with selectable privacy service based on Ether house |
| CN112771562A (en) * | 2019-10-31 | 2021-05-07 | 深圳市网心科技有限公司 | Account model-based transaction method, device, system and storage medium |
-
2021
- 2021-05-10 CN CN202110502915.2A patent/CN112990928B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108628889A (en) * | 2017-03-21 | 2018-10-09 | 北京京东尚科信息技术有限公司 | Sampling of data mthods, systems and devices based on timeslice |
| US20200042994A1 (en) * | 2018-08-06 | 2020-02-06 | Alibaba Group Holding Limited | Method, apparatus and electronic device for blockchain transactions |
| CN109325747A (en) * | 2018-08-30 | 2019-02-12 | 阿里巴巴集团控股有限公司 | Money transfer method and device based on block chain |
| CN110009318A (en) * | 2019-03-22 | 2019-07-12 | 陕西师范大学 | A kind of digital cash method for tracing based on door sieve coin |
| CN112771562A (en) * | 2019-10-31 | 2021-05-07 | 深圳市网心科技有限公司 | Account model-based transaction method, device, system and storage medium |
| CN111079190A (en) * | 2019-12-31 | 2020-04-28 | 深圳市网心科技有限公司 | Block chain supply chain transaction hiding dynamic supervision system and method |
| CN111160909A (en) * | 2019-12-31 | 2020-05-15 | 深圳市网心科技有限公司 | Block chain supply chain transaction hiding static supervision system and method |
| CN111340488A (en) * | 2020-02-21 | 2020-06-26 | 数据通信科学技术研究所 | Method and device for generating monitorable secret transaction amount |
| CN111401875A (en) * | 2020-05-29 | 2020-07-10 | 支付宝(杭州)信息技术有限公司 | Block chain transfer method and device based on account model |
| CN111815322A (en) * | 2020-06-08 | 2020-10-23 | 北京邮电大学 | Distributed payment method with selectable privacy service based on Ether house |
Non-Patent Citations (3)
| Title |
|---|
| BENEDIKT BUNZ等: "Bulletproofs: Short Proofs for Confidential Transactions and More", 《IEEE XPLORE》 * |
| 张凡等: "一种高效的范围证明方案", 《密码学报》 * |
| 陈逸涛等: "基于隐私保护的央行数字货币监管审计架构", 《通信技术》 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115906183A (en) * | 2023-01-06 | 2023-04-04 | 南京理工大学 | Auditable and traceable block chain privacy protection system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112990928B (en) | 2021-08-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111008836B (en) | Privacy security transfer payment method, device, system and storage medium | |
| Franco | Understanding Bitcoin: Cryptography, engineering and economics | |
| CN109242675B (en) | Asset publishing method and device based on block chain and electronic equipment | |
| JP2023134800A (en) | Smart contract execution using distributed coordination | |
| CN110520881A (en) | Method and system for secure data record distribution using blockchains | |
| KR20200066260A (en) | System and method for information protection | |
| Lee et al. | A Survey on Security and Privacy in Blockchain-based Central Bank Digital Currencies. | |
| CN102170356B (en) | Authentication system realizing method supporting exclusive control of digital signature key | |
| Kumar et al. | Decentralising finance using decentralised blockchain oracles | |
| CN110784320A (en) | Distributed key implementation method and system and user identity management method and system | |
| US20230254299A1 (en) | Apparatus and methods for credentialing users across user devices | |
| Jain et al. | A blockchain-based distributed network for secure credit scoring | |
| US11424938B1 (en) | Credentialed miners for a blockchain | |
| Nica et al. | Cryptocurrencies: Concept and current market structure | |
| Naik et al. | From portfolio optimization to quantum blockchain and security: A systematic review of quantum computing in finance | |
| CN112990928B (en) | Safety protection method for digital currency transaction data | |
| Blanton | Improved conditional e-payments | |
| Islam | A privacy-preserving transparent central bank digital currency system based on consortium blockchain and unspent transaction outputs | |
| CN111523892B (en) | Block chain cross-chain transaction method and device | |
| Tomov | Challenges of blockchain technologies in the future | |
| Adam | Blockchain Technology for Business Processes: Meaningful Use of the New Technology in Businesses | |
| Meng et al. | Themis: Towards decentralized escrow of cryptocurrencies without trusted third parties | |
| Sorrell et al. | Blockchain Technology: Opportunities and Risks | |
| Shaikh et al. | Applications of Blockchain Technology and Crypto Currencies: Current Practice and Future Trends | |
| Thomas | Blockchain technology: addressing the risk of digital assets exchange |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| OL01 | Intention to license declared |