CN113554435A

CN113554435A - Data verification method, device, equipment and medium based on block chain

Info

Publication number: CN113554435A
Application number: CN202010329707.2A
Authority: CN
Inventors: 蓝虎
Original assignee: Tencent Technology Shenzhen Co Ltd
Current assignee: Tencent Technology Shenzhen Co Ltd
Priority date: 2020-04-23
Filing date: 2020-04-23
Publication date: 2021-10-26

Abstract

The embodiment of the application discloses a data verification method, a device, equipment and a medium based on a block chain, wherein the method comprises the following steps: when a first terminal and a block chain network are in an unconnected state, the first terminal receives a processing request of a second terminal for a target service; the first terminal reads a block set to be selected from a local cache, wherein the blocks to be selected in the block set to be selected all comprise electronic certificates of a terminal user of the second terminal; the first terminal acquires the block information of the block to be selected in the block set to be selected, determines the updating time of the electronic certificate of the terminal user according to the block information of the block to be selected in the block set to be selected, and verifies the validity of the electronic certificate in the block to be selected in the block set to be selected according to the updating time; and the first terminal processes the target service according to the electronic certificate with validity. By adopting the embodiment of the application, the validity of the electronic certificate can be verified.

Description

Data verification method, device, equipment and medium based on block chain

Technical Field

The present application relates to the field of blockchain technologies, and in particular, to a method, an apparatus, a device, and a medium for data verification based on a blockchain.

Background

The certificate is the basis for proving the identity of a certificate holder, such as an identity card, a passport, a port and Australia pass, a motor vehicle driving license and the like, and can be used for recording identity information of a user; in some situations where it is desirable to determine identity information of a document holder, the document holder can prove his or her identity by providing the relevant document. Meanwhile, the certificate is updated along with the change of the identity information of the user, for example, the certificate is an identity card, and when the account address of the user changes, the user needs to handle a new identity card; when the user transacts the new identity card, only the newly transacted identity card has validity.

In practice, when the service processing terminal is in an off-line state, the user can only provide the certificate (such as a card type certificate and a file type certificate) to the service processing terminal. However, only static user information is stored in the certificate, and the validity of the certificate cannot be verified, so that the service cannot be processed normally.

Disclosure of Invention

The embodiment of the application provides a data verification method, a data verification device, data verification equipment and a data verification medium based on a block chain, and the authenticity of an electronic certificate can be improved.

An aspect of the present application provides a data verification method based on a block chain, including:

when a first terminal and a block chain network are in an unconnected state, the first terminal receives a processing request of a second terminal for a target service;

the first terminal reads a block set to be selected from a local cache, wherein the blocks to be selected in the block set to be selected all comprise electronic certificates of a terminal user of the second terminal, and the blocks to be selected in the block set to be selected are read from the block chain network when the first terminal is in a connection state with the block chain network;

the first terminal acquires the block information of a block to be selected in the block set to be selected, determines the updating time of the electronic certificate of the terminal user according to the block information of the block to be selected in the block set to be selected, and verifies the validity of the electronic certificate in the block to be selected in the block set to be selected according to the updating time;

and the first terminal processes the target service according to the electronic certificate with validity.

Optionally, the determining the update time of the electronic certificate of the terminal user according to the block information of the block to be selected in the block set to be selected includes: the first terminal acquires a first time corresponding to a timestamp of a block to be selected in the block set to be selected and acquires a system time of the first terminal as a second time; the first terminal acquires a time interval between the first time and the second time; the first terminal determines a block to be selected with the minimum time interval in the block set to be selected as a target block; and the first terminal determines the time corresponding to the time stamp of the target block as the updating time of the electronic certificate of the terminal user.

Optionally, the determining the update time of the electronic certificate of the terminal user according to the block information of the to-be-selected block in the to-be-selected block set includes: the first terminal acquires a block to be selected with the largest block height from the block set to be selected as a target block; and the first terminal determines the time corresponding to the time stamp of the target block as the updating time of the electronic certificate of the terminal user.

Optionally, the determining, by the block information of the block to be selected in the block set to be selected, the update time of the electronic certificate of the terminal user according to the block information of the block to be selected includes: the first terminal acquires a public key of the third terminal; the first terminal adopts the public key of the third terminal to verify the signature of the third terminal; the first terminal determines the blocks to be selected which pass the verification in the block set to be selected as authentication blocks; the first terminal determines a block with the highest block height in the authentication blocks as a target block; and the first terminal determines the time corresponding to the time stamp of the target block as the updating time of the electronic certificate of the terminal user.

Optionally, the method further includes: verifying the validity of the electronic certificate in the candidate blocks in the candidate block set according to the updating time, wherein the verifying the validity comprises the following steps: and if the updating time is within a first time period, the first terminal determines that the electronic certificate in the target block has validity.

Optionally, the method further includes: the first terminal receives a change request of the second terminal for the electronic certificate of the terminal user, wherein the change request comprises the changed electronic certificate; if the first terminal verifies that the changed electronic certificate has validity, the first terminal signs the changed electronic certificate by using a private key of the first terminal to obtain a signature of the first terminal; and the first terminal uploads the signature of the first terminal and the changed electronic certificate to the block chain network.

Optionally, the method further includes: when the first terminal is in a connection state with a block chain network, the first terminal acquires a newly added block from the block chain network at intervals of a second time; and the first terminal caches the newly added block locally.

Optionally, the first terminal, the first sub-terminal, and the second sub-terminal are all in a connected state, a local cache of the first sub-terminal has a first sub-block to be selected, and a local cache of the second sub-terminal has a second sub-block to be selected; the first sub candidate block and the second sub candidate block both include the electronic certificate of the terminal user, and the method further includes: the first terminal obtains a first block height of the first sub-block to be selected and a second block height of the second sub-block to be selected; if the height of the first block is larger than the height of the second block, the first terminal acquires the first sub-block to be selected from the first sub-terminal, and adds the first sub-block to be selected to the block set to be selected; and if the height of the first block is smaller than that of the second block, the first terminal acquires the second sub-block to be selected from the second sub-terminal and adds the second sub-block to be selected to the block set to be selected.

An aspect of an embodiment of the present application provides a data verification apparatus based on a block chain, including:

the first data processing module is used for receiving a processing request of a second terminal for a target service when the first terminal is in an unconnected state with a block chain network;

a data reading module, configured to read a block set to be selected from a local cache, where the blocks to be selected in the block set to be selected all include an electronic certificate of a terminal user of the second terminal, and the blocks to be selected in the block set to be selected are read from the block chain network by the first terminal when the first terminal is in a connection state with the block chain network;

the data verification module is used for acquiring the block information of the block to be selected in the block set to be selected, determining the updating time of the electronic certificate of the terminal user according to the block information of the block to be selected in the block set to be selected, and verifying the validity of the electronic certificate in the block to be selected in the block set to be selected according to the updating time;

and the second data processing module is used for processing the target service according to the electronic certificate with validity.

Optionally, the block information includes a timestamp, and the data verification module is specifically configured to obtain a first time corresponding to the timestamp of the block to be selected in the block set to be selected, and obtain a system time of the first terminal as a second time; acquiring a time interval between the first time and the second time; determining a block to be selected with the minimum time interval in the block set to be selected as a target block; and determining the time corresponding to the time stamp of the target block as the updating time of the electronic certificate of the terminal user.

Optionally, the block information includes a block height, and the data verification module is specifically configured to obtain a candidate block with a largest block height from the candidate block set, and use the candidate block as a target block; and determining the time corresponding to the time stamp of the target block as the updating time of the electronic certificate of the terminal user.

Optionally, the block information includes a signature of the first terminal, and the data verification module is specifically configured to obtain a public key of the first terminal; adopting the public key of the first terminal to verify the signature of the first terminal; determining the blocks to be selected which pass the verification in the block set to be selected as authentication blocks; determining the block with the highest block height in the authentication blocks as a target block; and determining the time corresponding to the time stamp of the target block as the updating time of the electronic certificate of the terminal user.

Optionally, the data verification module is specifically configured to determine that the electronic certificate in the target block has validity if the update time is within a first time period.

Optionally, the apparatus further comprises: a data change module, configured to receive a change request of the second terminal for the electronic certificate of the terminal user, where the change request includes a changed electronic certificate; if the changed electronic certificate is verified to be valid, signing the changed electronic certificate by using the private key of the first terminal to obtain the signature of the first terminal; and uploading the signature of the first terminal and the changed electronic certificate to the block chain network.

Optionally, the apparatus further comprises: the first data storage module is used for acquiring newly added blocks from the block chain network at intervals of second time when the first terminal is in a connection state with the block chain network; and caching the newly added block locally.

Optionally, the first terminal, the first sub-terminal, and the second sub-terminal are all in a connected state, a local cache of the first sub-terminal has a first sub-block to be selected, and a local cache of the second sub-terminal has a second sub-block to be selected; the first sub-candidate block and the second sub-candidate block both include the electronic certificate of the terminal user, and the apparatus further includes: the second data storage module is used for acquiring the first block height of the first sub-block to be selected and the second block height of the second sub-block to be selected; if the height of the first block is larger than the height of the second block, acquiring the first sub-block to be selected from the first sub-terminal, and adding the first sub-block to be selected to the block set to be selected; and if the height of the first block is smaller than that of the second block, acquiring the second sub-block to be selected from the second sub-terminal, and adding the second sub-block to be selected to the block set to be selected.

One aspect of the present application provides a computer device, comprising: a processor, a memory, a network interface;

the processor is connected to a memory and a network interface, wherein the network interface is used for providing a data communication function, the memory is used for storing a computer program, and the processor is used for calling the computer program to execute the method in the aspect in the embodiment of the present application.

An aspect of the embodiments of the present application provides a computer-readable storage medium, in which a computer program is stored, where the computer program includes program instructions, and the program instructions, when executed by a processor, cause the processor to execute the block chain based data verification method of the first aspect.

In the embodiment of the application, a first terminal reads a block to be selected in a block chain network to a local block set to be selected in advance, wherein the block to be selected comprises an electronic certificate of a terminal user of a second terminal; therefore, when the first terminal and the block chain network are in an unconnected state and a service processing request of the second terminal is received, the block set to be selected can be read from the local; therefore, the problem that the target service cannot be processed due to the fact that the first terminal cannot read the electronic certificate of the terminal user of the second terminal because the first terminal is not connected with the block chain network can be effectively avoided; the method can ensure that the target service is normally processed and improve the service processing efficiency. Further, different blocks to be selected in the block set to be selected record electronic certificates of the terminal user at different times, that is, the blocks to be selected in the block set to be selected record dynamic electronic certificates (that is, dynamic user information) of the terminal user. Therefore, the first terminal can determine the updating time of the electronic certificate of the terminal user according to the block information of the to-be-selected block in the to-be-selected block set by acquiring the block information of the to-be-selected block in the to-be-selected block set, verify the validity of the electronic certificate in the to-be-selected block set according to the updating time, effectively acquire the updated electronic certificate of the terminal user, and ensure the accuracy of the electronic certificate. Therefore, under the condition that the electronic certificate has validity, the first terminal processes the target service according to the electronic certificate with validity, namely, the target service can be accurately and effectively executed by improving the accuracy and the authenticity of the electronic certificate.

Drawings

In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.

Fig. 1a is a schematic structural diagram of a data verification system according to an embodiment of the present application;

FIG. 1b is a schematic diagram of a block link point system according to an embodiment of the present disclosure;

fig. 1c is a block chain diagram according to an embodiment of the present application;

fig. 2 is a schematic flowchart of a data verification method based on a blockchain according to an embodiment of the present disclosure;

fig. 3 is a schematic diagram of an electronic certificate information chaining process according to an embodiment of the present application;

fig. 4 is a schematic flowchart of a data verification method based on a blockchain according to an embodiment of the present disclosure;

fig. 5 is a schematic flowchart of a data verification method based on a blockchain according to an embodiment of the present disclosure;

fig. 6 is a schematic structural diagram illustrating a block chain-based data verification apparatus according to an embodiment of the present disclosure;

fig. 7 is a schematic structural diagram of a computer device according to an embodiment of the present application.

Detailed Description

The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

Referring to fig. 1a, fig. 1a is a schematic diagram of an architecture of a data verification system according to an embodiment of the present disclosure. The system architecture schematic diagram comprises a block chain node system, a first terminal and a second terminal, wherein the first terminal can be a terminal corresponding to a mechanism to which a business office belongs, the second terminal can be a terminal held by a terminal user who needs to transact a target service in the business office, and the block chain node system can be a terminal corresponding to a mechanism to which the national business office belongs, namely, electronic certificates of the national terminal users are recorded in the block chain node system. The first terminal can be used for providing various services, performing service processing, reading electronic certificates of terminal users of the second terminal from a local cache, and the like; the services may include services requiring authentication, such as bank card handling, identity card replacement, and marital status change. The process of business processing may mean that a terminal user holding the second terminal needs to perform business processing, such as handling bank card business, the first terminal reads the locally cached electronic certificate of the terminal user of the second terminal and verifies the electronic certificate, after the first terminal verifies that the electronic certificate has validity, the first terminal processes the business handling the bank card, that is, the first terminal starts handling the bank card for the terminal user of the second terminal. The electronic certificate of the terminal user may refer to an electronic certificate for proving the identity of the terminal user, and may specifically refer to an electronic identity card, an electronic passport, and the like, and the electronic certificate may include identity information of the user, such as name, gender, age, place of residence, duration of the certificate, and the like. The second terminal may be configured to send a processing request for the target service to the first terminal.

The node device, the first terminal and the second terminal in the block link Point system may be computer devices, including mobile phones, tablet computers, notebook computers, palmtop computers, smart audio devices, Mobile Internet Devices (MID), Point Of Sale (POS) machines, wearable devices (e.g., smart watches, smart bracelets, etc.), and the like; the method can also refer to an independent server, a server cluster consisting of a plurality of servers, or a cloud computing center.

In addition, please refer to fig. 1b, fig. 1b is a schematic diagram of a block link point system according to an embodiment of the present disclosure. As shown in fig. 1b, a block-linked point system may include a plurality of nodes, each of which may receive input information during normal operation and maintain verification information data in the block-linked point system based on the received input information. In order to ensure information intercommunication in the block link point system, information connection can exist between each node in the block link point system, and information transmission can be carried out between the nodes through the information connection. For example, when any node in the blockchain node system receives input information, other nodes in the blockchain node system acquire the input information according to a consensus algorithm, and store the input information as data in transaction information data, so that the data stored in all nodes in the blockchain node system are consistent.

Each node in the block chain node point system has a corresponding node identifier, and each node in the block chain node point system can store the node identifiers of other nodes in the block chain node point system, so that the generated block can be broadcast to other nodes in the block chain node point system according to the node identifiers of other nodes. Each node may maintain a node identifier list as shown in the following table, and store the node name and the node identifier in the node identifier list correspondingly. The node identifier may be an IP (Internet Protocol) address and any other information that can be used to identify the node, and table 1 only illustrates the IP address as an example.

TABLE 1

Node name	Node identification
		Node 1	117.114.151.174
Node 2	117.116.189.145
		…	…
Node N	119.123.789.258

Each node in the blockchain nodal system stores one identical blockchain. Referring to fig. 1c, fig. 1c is a schematic block chain diagram provided in an embodiment of the present application, as shown in fig. 1c, the block chain is composed of a plurality of blocks, a starting block includes a block header and a block main body, the block header stores an input information characteristic value, a version number, a timestamp, and a difficulty value, and the block main body stores input information; the next block of the starting block takes the starting block as a parent block, the next block also comprises a block head and a block main body, the block head stores the input information characteristic value of the current block, the block head characteristic value of the parent block, the version number, the timestamp and the difficulty value, and the like, so that the block data stored in each block in the block chain is associated with the block data stored in the parent block, and the safety of the input information in the block is ensured.

The embodiment of the application processes data by using intelligent contracts in a blockchain technology and the characteristic that a blockchain is not falsifiable, namely, provides a data verification method based on the blockchain, wherein the intelligent contracts, namely computerized agreements, can execute the terms of a certain contract, and are realized by codes which are deployed on a shared book and used for being executed when a certain condition is met, and the codes are used for completing automated transactions according to actual business requirement codes, and of course, the intelligent contracts are not limited to executing the contracts for the transactions, but also can execute the contracts for processing received information. The block chain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission (P2P transmission), consensus mechanism, encryption algorithm and the like, and is essentially a decentralized database; the blockchain can be composed of a plurality of serial transaction records (also called blocks) which are connected in series by cryptography and protect the contents, and the distributed accounts connected in series by the blockchain can effectively record the transactions by multiple parties and can permanently check the transactions (can not be tampered). The consensus mechanism is a mathematical algorithm for establishing trust and obtaining rights and interests among different nodes in the block chain network; that is, the consensus mechanism is a mathematical algorithm commonly recognized by network nodes in the blockchain.

Further, as shown in fig. 1a, in the process of implementing the data verification method based on the blockchain, for example, when the first terminal is in a connected state with the blockchain network, the first terminal may read a block including the electronic certificate of the user from the blockchain network and store the read block; therefore, when the first terminal is not connected with the block chain network, the required electronic certificate can be read locally, and the normal execution of the service is facilitated. For example, if the first terminal is in an unconnected state with the blockchain network, the first terminal receives a processing request of the second terminal for a target service, the processing request indicating that electronic credentials of an end user of the second terminal are required to process the target service. Therefore, the first terminal can read the block including the electronic certificate of the terminal user from the local cache to serve as the block to be selected, and the block information of the block to be selected is obtained. Further, determining the updating time of the electronic certificate of the terminal user according to the block information, verifying the validity of the electronic certificate in the block to be selected in the block set to be selected according to the updating time, if the electronic certificate has validity, indicating that the electronic certificate in the block to be selected is not tampered, or if the electronic certificate in the block to be selected is the updated electronic certificate, processing the target service according to the electronic certificate in the block to be selected. If the electronic certificate does not have validity, the electronic certificate in the candidate block is falsified, or the electronic certificate in the candidate block is not the updated electronic certificate, the block with the electronic certificate of the terminal user can be acquired again, the validity of the electronic certificate in the acquired block is verified, and the target service is processed according to the electronic certificate in the acquired block until the electronic certificate is determined to have validity.

For example, when a first terminal corresponding to a department of affairs of the department of civil affairs is in an unconnected state with a blockchain network, a terminal user holding a second terminal needs to perform marital registration service handling at the second terminal, and after the first terminal receives a processing request of the second terminal for the marital registration service, the first terminal reads a block including an electronic certificate a of the terminal user of the second terminal from a local cache of the first terminal to serve as a block to be selected, and acquires block information of the block to be selected; further, the first terminal determines the updating time of the electronic certificate A of the terminal user according to the block information, verifies the validity of the electronic certificate A in the block to be selected according to the updating time, and processes the marital registration service of the terminal user according to the electronic certificate A if the updating time of the electronic certificate A is within the first time period, which indicates that the electronic certificate A has the validity. If the updating time of the electronic certificate A is not within the first time period, the electronic certificate A is not valid, the electronic certificate A is tampered, or the electronic certificate A is not an updated electronic certificate. For example, if the name of the terminal user is one, but the terminal user changes the name into two at the office of the department of public security, but the name on the electronic certificate a is still one, then the electronic certificate a is not the updated electronic certificate, the first terminal reacquires the block with the electronic certificate of the terminal user, namely acquires the electronic certificate B, the name in the electronic certificate B is two, verifies the validity of the electronic certificate B in the reacquired block, and processes the marital registration service of the terminal user according to the electronic certificate B in the reacquired block until the electronic certificate B is determined to be valid.

Further, please refer to fig. 2, where fig. 2 is a schematic flowchart of a block chain-based data verification method according to an embodiment of the present application, and as shown in the figure, the method includes:

s101, when the first terminal and the block chain network are in an unconnected state, the first terminal receives a processing request of a second terminal for a target service.

Here, the unconnected state between the first terminal and the blockchain network may refer to: network interruption between the first terminal and the blockchain network, or a node device in the blockchain network fails; at this point the first terminal cannot acquire data or the like over the blockchain network. The first terminal may be a terminal corresponding to an institution belonging to the office, such as a terminal corresponding to the civil administration department, a terminal corresponding to the public security department, a terminal corresponding to a bank, and the like. The second terminal may be a terminal owned by a terminal user who needs to transact a target service at a transaction office, for example, a terminal owned by a terminal user who needs to transact a bank card, a terminal owned by a terminal user who needs to transact marital registration, a terminal owned by a terminal user who needs to transact a passage in hong Kong and Macau, a terminal owned by a terminal user who needs to transact a passport, or the like. The target service is a service that the end user holding the second terminal needs to transact, such as a marital registration service, a bank card transaction service, a passport transaction service, and the like. The first terminal can be connected with the second terminal by a connection mode such as a Bluetooth connection, a near field communication connection and the like. After the first terminal and the second terminal are connected, the second terminal may send a processing request for the target service to the first terminal, and the first terminal receives the processing request for the target service sent by the second terminal.

Optionally, before the first terminal receives the processing request of the second terminal for the target service, the first terminal may pre-establish a connection with the blockchain network, and when the first terminal is in a connection state with the blockchain network, the first terminal acquires a newly added blockfrom the blockchain network at intervals of a second time; the first terminal caches a newly added block locally, wherein the newly added block can be a block newly written in the block chain network; alternatively, the new chunk may refer to a chunk that is newly written in the blockchain network and is associated with a service processed by the first terminal.

Here, the second time may be 1 hour, one day, one week, one month, and the second time is not limited in the embodiment of the present application. For example, the second time is 1 hour, and when the first terminal is in a connection state with the blockchain network, the first terminal acquires a newly added block from the blockchain network every 1 hour and caches the newly added block locally. The tile includes the electronic certificate of the end user, which can refer to any end user.

Optionally, before the first terminal acquires the newly added blocks from the block chain network at every second time, the block chain link point system may generate each block in the block chain according to the electronic certificate of the terminal user uploaded by the third terminal. The third terminal may include the first terminal, and the number of the third terminals may be plural, for example, the third terminal includes a terminal corresponding to a office of the public security department and a terminal corresponding to a civil office of the national security department, and the third terminal may include a terminal corresponding to a civil office of the precious security district, a terminal corresponding to a civil office of the southern mountain, terminals corresponding to a civil office of the national security department of other regions, a terminal corresponding to a public office of the precious security district, a terminal corresponding to a public office of the southern mountain, a terminal corresponding to a public office of the national security department of other regions, and the like. For example, the terminal corresponding to the office of the Ministry of public Security in the south mountain area uploads the electronic certificate C of the terminal user after the verification by the terminal corresponding to the office of the Ministry of public Security in the south mountain area, and uploads the electronic certificate C to the block chain network; when the marital state of the terminal user changes, a terminal corresponding to a office of the Ministry of southern mountain area verifies the identity state of the terminal user, generates an electronic certificate D after the verification, and uploads the electronic certificate D to a block chain network. The first terminal may be, for example, a office of the department of public security in the foprisa area, and the first terminal acquires an additional block from the block chain network, where the additional block includes the electronic certificate D. When each block in the block chain is generated, referring to fig. 3, fig. 3 is a schematic diagram of an electronic certificate information chaining process provided in an embodiment of the present application, a node where the block chain is located verifies input information (electronic certificate information) when receiving the input information, stores the input information into a memory pool after completing the verification, and updates a hash tree used for recording the input information; and then, updating the updating time stamp to the time when the input information is received, trying different random numbers, and calculating the characteristic value for multiple times, so that the calculated characteristic value can meet the following formula:

SHA256(SHA256(version+prev_hash+merkle_root+ntime+nbits+x))<TARGET

wherein SHA256 is a eigenvalue algorithm used to calculate eigenvalues; version is version information of the relevant block protocol in the block chain; prev _ hash is a block head characteristic value of a parent block of the current block; merkle _ root is a characteristic value of the input information; ntime is the update time of the update timestamp; nbits is the current difficulty, is a fixed value within a period of time, and is determined again after exceeding a fixed time period; x is a random number; TARGET is a feature threshold, which can be determined from nbits.

Therefore, when the random number meeting the formula is obtained through calculation, the information can be correspondingly stored, and the block head and the block main body are generated to obtain the current block. And then, the node where the block chain is located respectively sends the newly generated blocks to other nodes in the block chain link point system where the newly generated blocks are located according to the node identifications of the other nodes in the block chain link point system, the newly generated blocks are verified by the other nodes, and the newly generated blocks are added to the block chain stored in the newly generated blocks after the verification is completed.

After the block chain link point system generates each block in the block chain according to the electronic certificate of the terminal user uploaded by the third terminal, the first terminal can cache the block in the block chain link point system locally, and acquire a newly increased block from the block chain network at a second time interval.

S102, the first terminal reads the block set to be selected from the local cache.

The blocks to be selected in the block set to be selected all comprise electronic certificates of a terminal user of the second terminal, the blocks to be selected in the block set to be selected are read from the block chain network when the first terminal is in a connection state with the block chain network, and the block set to be selected comprises one or more blocks to be selected.

It can be understood that, when the first terminal is in a connected state with the blockchain network, the first terminal reads at least one candidate block matched with the user information of the end user from the blockchain network to obtain a candidate block set, and acquires a newly added block from the blockchain network at intervals of the second time, and caches the newly added block locally, that is, the newly added block is cached in the candidate block set. Therefore, each candidate block in the candidate block set comprises the electronic certificate of the terminal user, and the electronic certificate in each candidate block is the electronic certificate of the terminal user in different time periods. The processing request of the target service may include user information, and the user information may include a name of a user, face information of the user, fingerprint information of the user, and the like. For example, when the user information is face information of a user, when a face of a terminal user is directly opposite to a face acquisition device of a first terminal, and when the first terminal acquires the face information of the terminal user, that is, the first terminal receives a processing request of a second terminal for a target service, a block to be selected, which is matched with the face information of the terminal user, is queried in a local cache.

When the first terminal inquires a plurality of candidate blocks matched with the terminal user and each candidate block contains the electronic certificate of the terminal user, the fact that the terminal user updates the electronic certificate in different time periods is shown, for example, the terminal user transacts the electronic certificate when the terminal user is immature, the terminal user updates the electronic certificate after adult, the terminal user updates the electronic certificate when the name of the terminal user changes, and the terminal user updates the electronic certificate when the terminal user accepts penalty of criminal, namely, each electronic certificate corresponds to one state of the terminal user.

S103, the first terminal acquires the block information of the block to be selected in the block set to be selected, determines the updating time of the electronic certificate of the terminal user according to the block information of the block to be selected in the block set to be selected, and verifies the validity of the electronic certificate in the block to be selected in the block set to be selected according to the updating time.

Here, the update time of the electronic certificate is the latest update time of the electronic certificate. For example, the current system time is 3 months and 5 days on thursday 2020, and the corresponding update times of the electronic certificate are 3 months and 5 days in 2005, 3 months and 5 days in 2010, and 3 months and 5 days in 2019, respectively, so that the update time of the electronic certificate is 3 months and 5 days in 2019, that is, the update time of the electronic certificate is the latest update time from the current system time. The tile information may include a time stamp, which may be a sequence of characters that uniquely identifies the time of a certain moment, a tile height, a signature of a third terminal, and the like. The block height can be used for identifying the position of the block to be selected in the block chain, and finding all basic attributes and transaction records related to the block to be selected according to the position, wherein the larger the block height is, the more recently uploaded the electronic certificate in the block is shown, namely the electronic certificate in the block is the updated electronic certificate, namely the higher the accuracy of the electronic certificate is; the smaller the zone height, the less accurate the electronic certificate in the zone is, the more recently uploaded the electronic certificate is, i.e., the electronic certificate in the zone is the electronic certificate before update. The signature of the third terminal is used for indicating that the block to be selected passes the verification of the third terminal and has validity after the verification.

Optionally, verifying the validity of the electronic certificate may refer to: verifying whether the electronic certificate in the block to be selected is an updated electronic certificate or not, and if the electronic certificate is the updated electronic certificate, determining that the electronic certificate has validity; if the electronic document is not an updated electronic document, determining that the electronic document is not valid. For example, the update time of the electronic certificate in the candidate block can be determined according to the time interval between the time corresponding to the timestamp of the candidate block corresponding to the electronic certificate and the system time of the first terminal, so as to determine whether the electronic certificate in the candidate block is the updated electronic certificate.

Optionally, verifying the validity of the electronic certificate may refer to: and verifying the block to be selected with the largest block height in the blocks to be selected, and determining the time corresponding to the timestamp of the block to be selected with the largest block height as the updating time of the electronic certificate of the terminal user. If the time corresponding to the time stamp of the block to be selected is within the first time period, the electronic certificate in the block to be selected is determined to be the updated electronic certificate, and the electronic certificate has validity; and if the time corresponding to the time stamp of the block to be selected is not within the first time period, determining that the electronic certificate in the block to be selected is not the updated electronic certificate, and the electronic certificate has no validity.

Optionally, verifying the validity of the electronic certificate may refer to: verifying whether the signature of the to-be-selected block is the signature of the third terminal, if the signature of the to-be-selected block is the signature of the third terminal, namely the electronic certificate in the to-be-selected block is verified by the third terminal, namely the electronic certificate is real, namely the electronic certificate is not tampered, determining the time corresponding to the timestamp of the to-be-selected block with the highest block height in the to-be-selected block as the updating time of the electronic certificate of the terminal user, and comparing the updating time of the electronic certificate with the first time period so as to determine the validity of the electronic certificate. And if the signature of the candidate block is not the signature of the third terminal, namely the electronic certificate in the candidate block is not verified by the third terminal, namely the electronic certificate is not real, namely the electronic certificate is tampered, determining that the electronic certificate in the candidate block does not have validity.

In the embodiment of the application, the updating time of the electronic certificate of the terminal user can be determined according to the block information of the block to be selected in the block set to be selected in any one or combination of the following modes, and the validity of the electronic certificate in the block to be selected in the block set to be selected is verified according to the updating time;

in the first mode, the first terminal may obtain a first time corresponding to a timestamp of a block to be selected in the set of blocks to be selected, and obtain a system time of the first terminal as a second time; the method comprises the steps that a first terminal obtains a time interval between first time and second time; the first terminal determines a block to be selected with the minimum time interval in a block set to be selected as a target block; and the first terminal determines the time corresponding to the time stamp of the target block as the updating time of the electronic certificate of the terminal user. Alternatively, the first terminal may determine, as the target block, a candidate block corresponding to a timestamp corresponding to a first time at which the time interval between the second times is minimum.

For example, the first time corresponding to the timestamp of the block a to be selected in the block set to be selected is 17:00 at 1 month and 22 days at 2020, 17:00 at 2 months and 22 days at 2 months at 2020, 10:00 at 22 days at 2 months at 2020, 17:00 at 22 days at 2 months at 2020, the time interval between the block a to be selected and the second time is 1 month, and the time interval between the block B to be selected and the second time is 7 hours, it can be known that 7 hours is less than 1 month, the block B to be selected is determined as the target block, and the time corresponding to the timestamp of the block B to be selected is determined as the update time of the electronic certificate of the terminal user. If the time interval between the first time and the second time corresponding to the time stamp of the to-be-selected block a in the to-be-selected block set is greater than the time interval between the first time and the second time corresponding to the time stamp of the to-be-selected block B in the to-be-selected block set, the time interval indicates that the to-be-selected block a is not in an updated state, that is, the electronic certificate in the to-be-selected block a is not an updated electronic certificate, for example, the state of the electronic certificate of the end user in the to-be-selected block a has changed, for example, the user name, the marital status, and the like have changed, but are not synchronized in the block chain network.

In the second mode, the first terminal acquires a block to be selected with the largest block height from the block set to be selected as a target block; and the first terminal determines the time corresponding to the time stamp of the target block as the updating time of the electronic certificate of the terminal user.

For example, the candidate block with the largest block height in the candidate block set is the candidate block C, the target block is the candidate block C, and the first terminal determines the time corresponding to the timestamp of the candidate block C as the update time of the electronic certificate of the terminal user.

In the third mode, the first terminal acquires a public key of the third terminal; the first terminal adopts the public key of the third terminal to verify the signature of the third terminal; the first terminal determines the blocks to be selected which pass the verification in the block set to be selected as authentication blocks; the first terminal determines a block with the highest block height in the authentication blocks as a target block; and the first terminal determines the time corresponding to the time stamp of the target block as the updating time of the electronic certificate of the terminal user.

Here, the number of authentication blocks may be greater than or equal to one, the number of target blocks is one, and the target block is a block having a largest block height among the at least one authentication block. It can be understood that the authentication block is a block that passes the verification of the selected block set, that is, the authentication block is confirmed by the third terminal and then uploaded to a block in the blockchain network, and the authentication block includes the signature of the third terminal. Therefore, the target block also includes the signature of the third terminal. The third terminal may refer to a terminal belonging to an authority, such as a terminal belonging to an organization of the ministry of public security, the ministry of civility, and the like.

In the specific implementation, the electronic certificate carries a signature of a third terminal, before the first terminal acquires the public key of the third terminal, the third terminal can perform hash operation on the electronic certificate to obtain a hash value of the electronic certificate, the hash value of the electronic certificate is encrypted by using a private key of the third terminal to obtain the electronic certificate carrying the signature of the third terminal, the electronic certificate carrying the signature of the third terminal and the electronic certificate (i.e. original text) are broadcasted to each node device in the block chain node system, and the electronic certificate carrying the signature of the third terminal and the electronic certificate (i.e. original text) are recorded to a block in the block chain network by each node device.

The method comprises the steps that a first terminal obtains a block chain network including an electronic certificate signed by a third terminal and a block of the electronic certificate as a block to be selected, the first terminal can obtain a public key of the third terminal, and the public key of the third terminal is adopted to carry out hash operation on the electronic certificate to obtain a first hash value; and adopting the public key of the third terminal to perform de-signing (namely decryption) on the signature of the third terminal to obtain a second hash value. If the first hash value is the same as the second hash value, determining that the signature in the block to be selected passes the verification, determining that the electronic certificate in the block to be selected is not tampered, and uploading the electronic certificate by a third terminal, namely the electronic certificate is verified by an authority; therefore, the block to be selected is taken as a target block; determining that the target block has validity; if the first hash value is different from the second hash value, determining that the signature in the block to be selected is not verified and passed, and determining that the electronic certificate in the block to be selected is tampered, wherein the electronic certificate is not uploaded by a third terminal; therefore, the candidate block is determined to be an invalid block. Optionally, the signatures carried in the multiple candidate blocks are all passed through by the verification, and the candidate block with the highest block height is used as the target block.

Optionally, after determining the update time of the electronic certificate of the terminal user according to the block information of the to-be-selected block in the to-be-selected block set through any one of the three manners or a combination of the following manners, if the update time of the electronic certificate of the terminal user is within the first time period, the first terminal determines that the electronic certificate in the target block has validity.

Here, the first time period is a valid period of the electronic certificate, for example, the valid period of the identity card includes 5 years, 10 years, 20 years, etc., the valid period of the hong Kong and Australia pass includes 5 years, 10 years, etc., the valid period is calculated from the date of handling the electronic certificate, if the update time of the electronic certificate determined in the above manner is within the first time period, that is, the electronic certificate is still within the valid period, it is determined that the electronic certificate in the target block has validity, and the electronic certificate in the candidate block except the target block in the candidate block chain set does not have validity; if the updating time of the electronic certificate is not within the first time period, namely the electronic certificate is not within the valid period, namely the electronic certificate is invalid, it is determined that the electronic certificate in the target block has no validity, and the electronic certificate in the candidate blocks except the target block in the candidate block chain set also has no validity.

Whether the state of the to-be-selected block is the updated state in the to-be-selected block set or not can be determined by verifying the time interval between the time corresponding to the timestamp of the to-be-selected block and the system time of the first terminal and the block height of the to-be-selected block, namely whether the electronic certificate in the to-be-selected block is the latest electronic certificate in the local cache or not is determined, whether the to-be-selected block is verified by the third terminal or not can be determined by verifying the signature of the third terminal of the to-be-selected block, and the authenticity of the to-be-selected block can be determined.

And S104, the first terminal processes the target service according to the electronic certificate with validity.

Here, whether the electronic certificate in the candidate block has validity can be verified through the steps, if the electronic certificate in the candidate block has validity, the first terminal processes the target service, for example, the target service is marital registration, and the first terminal processes the marital registration service; and if the electronic certificate in the block to be selected does not have validity, the first terminal does not process the target service any more.

Optionally, after the first terminal processes the target service, a block may also be generated according to the target service, and uploaded to the block chain network, and the block corresponding to the target service is stored in the to-be-selected block set in the local cache. For example, the target service is marital registration, and the first terminal processes the marital registration service and then generates a block according to the electronic certificate and the target service in the block to be selected. For example, if the marriage status of the end user in the electronic certificate in the candidate block is not married, the marriage status of the end user in the block generated from the electronic certificate and the target service in the candidate block is married.

Optionally, the first terminal may change the electronic certificate of the terminal user, and upload the changed information to the blockchain network, specifically, please refer to fig. 4, where fig. 4 is a schematic flowchart of a data verification method based on a blockchain provided in an embodiment of the present application, and as shown in the drawing, the method includes:

s201, when the first terminal and the block chain network are in an unconnected state, the first terminal receives a processing request of a second terminal for a target service.

S202, the first terminal reads the block set to be selected from the local cache.

S203, the first terminal acquires the block information of the block to be selected in the block set to be selected, determines the updating time of the electronic certificate of the terminal user according to the block information of the block to be selected in the block set to be selected, and verifies the validity of the electronic certificate in the block to be selected in the block set to be selected according to the updating time.

And S204, the first terminal processes the target service according to the electronic certificate with validity.

Here, the specific implementation manner of steps S201 to S204 may refer to the description of steps S101 to S104 in the embodiment corresponding to fig. 2, and is not described herein again.

S205, the first terminal receives a change request of the second terminal for the electronic certificate of the terminal user.

Wherein the change request includes the changed electronic certificate. When the state in the electronic certificate of the terminal user holding the second terminal is changed, the second terminal can send a change request aiming at the electronic certificate of the terminal user, and then the first terminal receives the change request aiming at the electronic certificate of the terminal user from the second terminal. For example, when the name of the terminal user having the second terminal is changed, the second terminal transmits the changed name to the first terminal, and the first terminal receives the changed name transmitted from the second terminal.

S206, if the first terminal verifies that the changed electronic certificate has validity, the first terminal signs the changed electronic certificate by using the private key of the first terminal to obtain the signature of the first terminal.

Here, in the specific signature verification process, reference may be made to the process in which the first terminal adopts the public key of the third terminal to verify the signature of the third terminal in step S103, and details are not described here. Optionally, the verification that the changed electronic certificate has validity by the first terminal may refer to the verification by the first terminal whether the changed electronic certificate sent by the second terminal is valid, where the validity of the changed electronic certificate may refer to whether the changed electronic certificate meets relevant regulations. For example, if the name of the terminal user is two words in the electronic certificate before the change, but the number of words of the name of the terminal user exceeds a predetermined number of words in the electronic certificate after the change, the first terminal verifies that the electronic certificate after the change is not valid. Or the marriage state of the terminal user in the electronic certificate before the change is married, a new spouse is added to the terminal user in the electronic certificate after the change, and the first terminal verifies that the electronic certificate after the change is not valid because the marriage state does not meet the regulation.

And if the first terminal verifies that the changed electronic certificate has validity, the changed electronic certificate is in accordance with relevant regulations, and the first terminal signs the changed electronic certificate by using the private key of the first terminal to obtain the signature of the first terminal. The first terminal signs the changed electronic certificate by adopting the private key of the first terminal, which can indicate that the changed electronic certificate conforms to the relevant regulations by the confirmation of the office where the first terminal is located. Because the changed electronic certificate has the signature of the first terminal, when other terminals read the signature of the first terminal, the changed electronic certificate can be shown to be true and legal.

And S207, the first terminal uploads the signature of the first terminal and the changed electronic certificate to a block chain network.

After the signature of the first terminal and the changed electronic certificate are uploaded to the block chain network, in the subsequent service processing process, any terminal can determine that the changed electronic certificate is real and legal by reading the signature of the first terminal, and the electronic certificate is not tampered by an illegal terminal.

In the embodiment of the application, the first terminal verifies the changed electronic certificate by using the signature of the first terminal, and uploads the changed electronic certificate to the blockchain network when the verification is passed, so that all office terminals connected to the blockchain network can share the changed electronic certificate, and the situations of service processing errors and the like caused by the fact that the office terminals do not acquire the changed electronic certificate under the condition that the identity state of a terminal user is changed can be avoided.

Optionally, the first terminal may further add the blocks of other terminals to the first terminal, and please refer to fig. 5 for a specific block adding method, fig. 5 is a schematic flow chart of a data verification method based on a block chain according to an embodiment of the present application, where as shown in the figure, the method includes:

s301, the first terminal obtains a first block height of the first sub-block to be selected and a second block height of the second sub-block to be selected.

The first terminal, the first sub-terminal and the second sub-terminal are in a connection state, a first sub-block to be selected is locally cached in the first sub-terminal, a second sub-block to be selected is locally cached in the second sub-terminal, and the first sub-block to be selected and the second sub-block to be selected both comprise electronic certificates of terminal users.

Here, the first terminal may be a terminal corresponding to an office, the first sub-terminal may be a terminal corresponding to a clerk at the office, and the second sub-terminal may be a terminal corresponding to a clerk at the office. For example, the first terminal may be a terminal at a manual window of a bank, the first sub-terminal may be an automatic teller machine or a self-service banking machine, and the second sub-terminal may be an automatic teller machine or a self-service banking machine. The first sub-terminal may be a terminal held by a clerk when going out to process the service, and the second sub-terminal may be a terminal held by the clerk when going out to process the service. The connection state between the first terminal and the first and second sub-terminals may include a wired connection or a short-range wireless communication connection. The wired connection may include a data line connection; the short-range Wireless Communication connection may include a Near Field Communication (NFC) connection, a bluetooth connection, a ZigBee (ZigBee) connection, a Wireless Local Area Network (WLAN) connection, an Infrared Data Association (IrDA) connection, a Radio Frequency Identification (RFID) connection, an Ultra Wide Band (UWB) connection, and the like.

In a specific implementation, when the first sub-terminal and the second sub-terminal are in a connected state in the blockchain network, the first sub-terminal and the second sub-terminal may cache the first sub-block to be selected and the second sub-block to be selected from the blockchain network, respectively. Due to the influence of network signals or terminal equipment and other factors, the first sub candidate block and the second sub candidate block may have differences.

S302, if the height of the first block is greater than the height of the second block, the first terminal obtains a first sub-block to be selected from the first sub-terminal, and adds the first sub-block to be selected to the set of blocks to be selected.

S303, if the height of the first block is smaller than the height of the second block, the first terminal obtains a second sub-block to be selected from the second sub-terminal, and adds the second sub-block to be selected to the set of blocks to be selected.

Here, in steps S302 to S303, the block height of the block may be used to indicate the status of the block to be selected, and a larger block height indicates that the block information in the block to be selected corresponding to the block is newer, that is, the electronic certificate in the block to be selected is newer, that is, the status of the end user in the electronic certificate is more accurate.

Specifically, the first block height is greater than the second block height, that is, the block information in the first sub-candidate block cached by the first sub-terminal is newer than the block information in the second sub-candidate block cached by the second sub-terminal. The first terminal acquires the sub candidate blocks corresponding to the terminal with the larger block height and adds the sub candidate blocks to the candidate block set, so that the candidate blocks in the candidate block set of the first terminal can be more accurate, and the states of the electronic certificates of the terminal user included in the candidate blocks are more accurate. It can be known that the larger the block height is, the more accurate the electronic certificate information representing the terminal user of the second terminal included in the block to be selected is.

For example, if the electronic certificate of the end user has changed three times, the first time the end user changes from the unmarried status to divorced status, the second time the end user changes from divorced to married, the third time the end user changes from married to married, and the first block height is greater than the second block height, then the marital status of the end user in the candidate block cached by the first sub-terminal may be divorced, the marital status of the end user in the electronic certificate of the end user in the first sub-candidate block cached by the first sub-terminal may be married, and the marital status of the end user in the electronic certificate of the end user in the second sub-candidate block cached by the second sub-terminal may be married.

If the first block height is smaller than the second block height, the marital status of the end user in the electronic certificate of the end user in the first sub-candidate block cached by the first sub-terminal may be married, and the marital status of the end user in the electronic certificate of the end user in the second sub-candidate block cached by the second sub-terminal may be funeral. The first terminal adds the sub-candidate block corresponding to the terminal to be selected with the larger block height to the candidate block set, that is, the marital status "funeral couple" of the terminal user is added to the candidate block set of the first terminal.

Optionally, if the block height of the to-be-selected block of the first terminal is greater than the first block height and the second block height, the to-be-selected block may be added to the local cache of the first sub-terminal and the local cache of the second sub-terminal. Or, if the height of the first block is greater than the height of the second block, the first sub-block to be selected may be added to the local cache of the second sub-terminal; if the first block height is smaller than the second block height, the second sub-candidate block may be added to the local cache of the first sub-terminal. By comparing the block heights of the blocks in the first terminal, the first sub-terminal and the second sub-terminal, the block in the terminal with the highest block height can be added to the terminal with the lower block height, so that data updating between the terminals is realized, and the accuracy of subsequent service processing is improved.

S304, when the first terminal and the block chain network are in an unconnected state, the first terminal receives a processing request of the second terminal for the target service.

S305, the first terminal reads the block set to be selected from the local cache.

S306, the first terminal acquires the block information of the block to be selected in the block set to be selected, determines the updating time of the electronic certificate of the terminal user according to the block information of the block to be selected in the block set to be selected, and verifies the validity of the electronic certificate in the block to be selected in the block set to be selected according to the updating time.

And S307, the first terminal processes the target service according to the electronic certificate with validity.

Here, the specific implementation manner of steps S304 to S307 may refer to the description of steps S101 to S104 in the embodiment corresponding to fig. 2, and is not described herein again.

In the embodiment of the application, the first terminal determines the block state of the sub-block to be selected of each sub-terminal by comparing the block heights of the plurality of sub-terminals, and adds the sub-block to be selected of the sub-terminal with the highest block height to the block set to be selected of the first terminal, so that the state of the electronic certificate of the terminal user in the block to be selected of the first terminal can be an updated state, and the accuracy of subsequent service processing is improved.

The method of the embodiments of the present application is described above, and the apparatus of the embodiments of the present application is described below.

Referring to fig. 6, fig. 6 is a schematic structural diagram illustrating a composition structure of a blockchain-based data verification apparatus according to an embodiment of the present application, where the blockchain-based data verification apparatus may be a computer program (including program code) running in a computer device, for example, the blockchain-based data verification apparatus is an application software; the apparatus may be used to perform the corresponding steps in the methods provided by the embodiments of the present application. The apparatus 60 comprises:

a first data processing module 601, configured to receive a processing request of a second terminal for a target service when a first terminal is in an unconnected state with a blockchain network;

a data reading module 602, configured to read a candidate block set from a local cache, where candidate blocks in the candidate block set all include an electronic certificate of an end user of the second terminal, and the candidate blocks in the candidate block set are read from the blockchain network by the first terminal when the first terminal is in a connection state with the blockchain network;

the data verification module 603 is configured to acquire block information of a block to be selected in the block set to be selected, determine update time of the electronic certificate of the terminal user according to the block information of the block to be selected in the block set to be selected, and verify validity of the electronic certificate in the block to be selected in the block set to be selected according to the update time;

and the second data processing module 604 is used for processing the target service according to the electronic certificate with validity.

Optionally, the block information includes a timestamp, and the data verification module 603 is specifically configured to:

acquiring a first time corresponding to a timestamp of a block to be selected in the block set to be selected, and acquiring a system time of the first terminal as a second time;

acquiring a time interval between the first time and the second time;

determining a block to be selected with the minimum time interval in the block set to be selected as a target block;

and determining the time corresponding to the time stamp of the target block as the updating time of the electronic certificate of the terminal user.

Optionally, the block information includes a block height, and the data verification module 603 is specifically configured to:

acquiring a block to be selected with the largest block height from the block set to be selected as a target block;

Optionally, the block information includes a signature of the third terminal, and the data verification module 603 is specifically configured to:

acquiring a public key of the third terminal;

verifying the signature of the third terminal by adopting the public key of the third terminal;

determining the blocks to be selected which pass the verification in the block set to be selected as authentication blocks; determining the block with the highest block height in the authentication blocks as a target block;

Optionally, the data verification module 603 is specifically configured to: and if the updating time is within the first time period, determining that the electronic certificate in the target block has validity.

Optionally, the apparatus 60 further includes:

a data change module 605, configured to receive a change request of the second terminal for the electronic certificate of the terminal user, where the change request includes a changed electronic certificate;

the data change module 605 is configured to sign the changed electronic certificate with the private key of the first terminal to obtain the signature of the first terminal if the changed electronic certificate is verified to have validity;

and uploading the signature of the first terminal and the changed electronic certificate to the block chain network.

Optionally, the apparatus 60 further includes:

a first data storage module 606, configured to obtain a newly added block from the blockchain network every second time when the first terminal is in a connected state with the blockchain network;

the first data storage module 606 is configured to locally cache the newly added block.

Optionally, the first terminal, the first sub-terminal, and the second sub-terminal are all in a connected state, a local cache of the first sub-terminal has a first sub-block to be selected, and a local cache of the second sub-terminal has a second sub-block to be selected; the first sub candidate block and the second sub candidate block both include the electronic certificate of the terminal user, and the apparatus 60 further includes:

a second data storage module 607, configured to obtain a first block height of the first sub-candidate block and a second block height of the second sub-candidate block;

the second data storage module 607 is configured to, if the height of the first block is greater than the height of the second block, obtain the first sub-candidate block from the first sub-terminal, and add the first sub-candidate block to the candidate block set;

the second data storage module 607 is configured to, if the first block height is smaller than the second block height, obtain the second sub-candidate block from the second sub-terminal, and add the second sub-candidate block to the candidate block set.

It should be noted that, for the content that is not mentioned in the embodiment corresponding to fig. 6, reference may be made to the description of the method embodiment, and details are not described here again.

According to an embodiment of the present application, the steps involved in the block chain based data verification method shown in fig. 2 may be performed by respective modules in the block chain based data verification apparatus shown in fig. 6. For example, step S101 shown in fig. 2 may be performed by the first data processing 601 in fig. 6, and step S102 shown in fig. 2 may be performed by the data reading module 602 in fig. 6; step S103 shown in fig. 2 may be performed by the data verification module 603 in fig. 6; step S104 shown in fig. 2 may be performed by the second data processing module 603 in fig. 6. According to an embodiment of the present application, each module in the data verification apparatus shown in fig. 6 may be respectively or entirely combined into one or several units to form the data verification apparatus, or some unit(s) may be further split into multiple sub-units with smaller functions, which may implement the same operation without affecting implementation of technical effects of embodiments of the present application. The modules are divided based on logic functions, and in practical application, the functions of one module can be realized by a plurality of units, or the functions of a plurality of modules can be realized by one unit. In other embodiments of the present application, the data processing apparatus based on the blockchain may also include other units, and in practical applications, these functions may also be implemented by assistance of other units, and may be implemented by cooperation of a plurality of units.

According to another embodiment of the present application, the block chain based data verification apparatus as shown in fig. 6 may be constructed by running a computer program (including program codes) capable of executing the steps involved in the corresponding method as shown in fig. 2 on a general-purpose computer device such as a computer including a processing element such as a Central Processing Unit (CPU), a random access storage medium (RAM), a read only storage medium (ROM), and a storage element, and the block chain based data verification method of the embodiment of the present application may be implemented. The computer program may be recorded on a computer-readable recording medium, for example, and loaded into and executed by the computing apparatus via the computer-readable recording medium.

Referring to fig. 7, fig. 7 is a schematic structural diagram of a computer device according to an embodiment of the present disclosure. As shown in fig. 7, the computer device 70 may include: the processor 701, the network interface 704 and the memory 705, and the computer device 70 may further include: a user interface 703, and at least one communication bus 702. Wherein a communication bus 702 is used to enable connective communication between these components. The user interface 703 may include a Display screen (Display) and a Keyboard (Keyboard), and the optional user interface 703 may also include a standard wired interface and a standard wireless interface. The network interface 704 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface). The memory 705 may be a high-speed RAM memory or a non-volatile memory (e.g., at least one disk memory). The memory 705 may optionally be at least one memory device located remotely from the processor 701. As shown in fig. 7, the memory 705, which is a kind of computer-readable storage medium, may include therein an operating system, a network communication module, a user interface module, and a device control application program.

In the computer arrangement 70 shown in FIG. 7, the network interface 704 may provide network communication functions; the user interface 703 is mainly used as an interface for providing input to the user; and processor 701 may be used to invoke a device control application stored in memory 705 to implement:

when the first terminal and the block chain network are in an unconnected state, receiving a processing request of a second terminal for a target service;

reading a block set to be selected from a local cache, wherein the blocks to be selected in the block set to be selected all comprise electronic certificates of a terminal user of the second terminal, and the blocks to be selected in the block set to be selected are read from the block chain network by the first terminal when the first terminal is in a connection state with the block chain network;

acquiring block information of a block to be selected in the block set to be selected, determining the updating time of the electronic certificate of the terminal user according to the block information of the block to be selected in the block set to be selected, and verifying the validity of the electronic certificate in the block to be selected in the block set to be selected according to the updating time;

and processing the target service according to the electronic certificate with validity.

In an embodiment, the block information includes a timestamp, and the processor 701 executes the determining of the update time of the electronic certificate of the end user according to the block information of the candidate blocks in the candidate block set, including:

acquiring a time interval between the first time and the second time;

In one embodiment, the block information includes a block height; the processor 701 executes the update time determining the electronic certificate of the terminal user according to the block information of the block to be selected in the block set to be selected, including:

In an embodiment, the block information includes a signature of the third terminal, and the processor 701 executes the determining of the update time of the electronic certificate of the end user according to the block information of the candidate blocks in the candidate block set includes:

acquiring a public key of the third terminal;

determining the blocks to be selected which pass the verification in the block set to be selected as authentication blocks;

determining the block with the highest block height in the authentication blocks as a target block;

In an embodiment, the block information includes a signature of the third terminal, and the processor 701 performs the verifying validity of the electronic certificate in the candidate blocks in the candidate block set according to the update time, including:

and if the updating time is within a first time period, the first terminal determines that the electronic certificate in the target block has validity.

In one embodiment, the processor 701 may call the program code to perform the following operations:

receiving a change request of the second terminal for the electronic certificate of the terminal user, wherein the change request comprises the changed electronic certificate;

if the changed electronic certificate is verified to be valid, signing the changed electronic certificate by using the private key of the first terminal to obtain the signature of the first terminal;

when the first terminal is in a connection state with the block chain network, acquiring newly added blocks from the block chain network at intervals of a second time;

and caching the newly added block locally.

In an embodiment, the first terminal and the first sub-terminal and the second sub-terminal are in a connected state, a local cache of the first sub-terminal has a first sub-candidate block, a local cache of the second sub-terminal has a second sub-candidate block, and the first sub-candidate block and the second sub-candidate block each include an electronic certificate of the terminal user, and the processor 701 may call the program code to perform the following operations:

acquiring a first block height of the first sub-block to be selected and a second block height of the second sub-block to be selected;

if the height of the first block is larger than the height of the second block, acquiring the first sub-block to be selected from the first sub-terminal, and adding the first sub-block to be selected to the block set to be selected;

and if the height of the first block is smaller than that of the second block, acquiring the second sub-block to be selected from the second sub-terminal, and adding the second sub-block to be selected to the block set to be selected.

It should be understood that the computer device 70 described in this embodiment of the present application may perform the description of the above data verification method based on the block chain in the embodiment corresponding to fig. 2, fig. 4, and fig. 5, and may also perform the description of the data verification apparatus based on the master block chain in the embodiment corresponding to fig. 6, which is not described herein again. In addition, the beneficial effects of the same method are not described in detail.

Embodiments of the present application also provide a computer-readable storage medium storing a computer program, the computer program comprising program instructions, which, when executed by a computer, cause the computer to perform the method according to the foregoing embodiments, and the computer may be a part of the above-mentioned computer device. Such as the processor 701 described above. By way of example, the program instructions may be executed on one computer device, or on multiple computer devices located at one site, or distributed across multiple sites and interconnected by a communication network, which may comprise a blockchain network.

The terms "first," "second," "third," and "fourth," etc. in the description and claims of this application and the above-described drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the terms "include" and "have," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus.

In the present application, "a and/or B" means one of the following cases: a, B, A and B. "at least one of … …" refers to any combination of the listed items or any number of the listed items, e.g., "at least one of A, B and C" refers to one of: any one of seven cases, a, B, C, a and B, B and C, a and C, A, B and C.

It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.

The method and the related apparatus provided by the embodiments of the present application are described with reference to the flowchart and/or the structural diagram of the method provided by the embodiments of the present application, and each flow and/or block of the flowchart and/or the structural diagram of the method, and the combination of the flow and/or block in the flowchart and/or the block diagram can be specifically implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block or blocks of the block diagram. These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block or blocks of the block diagram. These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block or blocks.

The above disclosure is only for the purpose of illustrating the preferred embodiments of the present application and is not to be construed as limiting the scope of the present application, so that the present application is not limited thereto, and all equivalent variations and modifications can be made to the present application.

Claims

1. A data verification method based on a block chain is characterized by comprising the following steps:

the first terminal reads a block set to be selected from a local cache, the blocks to be selected in the block set to be selected all comprise electronic certificates of a terminal user of the second terminal, and the blocks to be selected in the block set to be selected are read from the block chain network by the first terminal when the first terminal is in a connection state with the block chain network;

the first terminal acquires the block information of the block to be selected in the block set to be selected, determines the updating time of the electronic certificate of the terminal user according to the block information of the block to be selected in the block set to be selected, and verifies the validity of the electronic certificate in the block to be selected in the block set to be selected according to the updating time;

2. The method of claim 1, wherein the tile information comprises a timestamp, and wherein determining the update time of the electronic certificate of the end user according to the tile information of the candidate tiles in the candidate tile set comprises:

the first terminal acquires first time corresponding to the timestamp of the block to be selected in the block set to be selected and acquires system time of the first terminal as second time;

the first terminal acquires a time interval between the first time and the second time;

the first terminal determines a block to be selected with the minimum time interval in the block set to be selected as a target block;

and the first terminal determines the time corresponding to the time stamp of the target block as the updating time of the electronic certificate of the terminal user.

3. The method of claim 1, wherein the tile information comprises a tile height, and wherein determining the update time of the electronic document of the end user according to the tile information of the candidate tiles in the candidate tile set comprises:

the first terminal acquires a block to be selected with the highest block height from the block set to be selected as a target block;

4. The method of claim 1, wherein the tile information comprises a signature of the third terminal, and wherein determining the update time of the electronic certificate of the end user according to the tile information of the candidate tiles in the candidate tile set comprises:

the first terminal acquires a public key of the third terminal;

the first terminal adopts the public key of the third terminal to verify the signature of the third terminal;

the first terminal determines the blocks to be selected which pass the verification in the block set to be selected as authentication blocks;

the first terminal determines a block with the highest block height in the authentication blocks as a target block;

5. The method of any of claims 2-4, the verifying validity of the electronic document in the candidate blocks of the set of candidate blocks according to the update time, comprising:

6. The method according to any one of claims 1-4, further comprising:

the first terminal receives a change request of the second terminal for the electronic certificate of the terminal user, wherein the change request comprises the changed electronic certificate;

if the first terminal verifies that the changed electronic certificate has validity, the first terminal signs the changed electronic certificate by using a private key of the first terminal to obtain a signature of the first terminal;

and the first terminal uploads the signature of the first terminal and the changed electronic certificate to the block chain network.

7. The method of claim 6, further comprising:

when the first terminal is in a connection state with the block chain network, the first terminal acquires newly added blocks from the block chain network at intervals of second time;

and the first terminal caches the newly added block locally.

8. The method according to claim 1, wherein the first terminal is in a connection state with a first sub-terminal and a second sub-terminal, a local cache of the first sub-terminal has a first sub-candidate block, a local cache of the second sub-terminal has a second sub-candidate block, and the first sub-candidate block and the second sub-candidate block each include an electronic certificate of the end user, and the method further includes:

the first terminal obtains a first block height of the first sub-block to be selected and a second block height of the second sub-block to be selected;

if the height of the first block is larger than the height of the second block, the first terminal acquires the first sub-block to be selected from the first sub-terminal, and adds the first sub-block to be selected to the block set to be selected;

and if the height of the first block is smaller than that of the second block, the first terminal acquires the second sub-block to be selected from the second sub-terminal and adds the second sub-block to be selected to the block set to be selected.

9. A blockchain-based data verification apparatus, comprising:

the first data processing module is used for receiving a processing request of a second terminal for a target service when the first terminal is not connected with the block chain network;

the data reading module is used for reading a block set to be selected from a local cache, wherein the blocks to be selected in the block set to be selected all comprise electronic certificates of a terminal user of the second terminal, and the blocks to be selected in the block set to be selected are read from the block chain network by the first terminal when the blocks to be selected in the block set to be selected are connected with the block chain network;

10. A computer device, comprising: a processor, a memory, and a network interface;

the processor is connected to a memory for providing data communication functions, a network interface for storing program code, and a processor for calling the program code to perform the method of any one of claims 1 to 8.