CN113592476A - Cross-chain asset transfer method, computer device, and storage medium - Google Patents

Cross-chain asset transfer method, computer device, and storage medium Download PDF

Info

Publication number
CN113592476A
CN113592476A CN202110881827.8A CN202110881827A CN113592476A CN 113592476 A CN113592476 A CN 113592476A CN 202110881827 A CN202110881827 A CN 202110881827A CN 113592476 A CN113592476 A CN 113592476A
Authority
CN
China
Prior art keywords
asset
cross
chain
certificate
tree
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110881827.8A
Other languages
Chinese (zh)
Inventor
马登极
王志文
吴思进
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Fuzamei Technology Co Ltd
Original Assignee
Hangzhou Fuzamei Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Fuzamei Technology Co Ltd filed Critical Hangzhou Fuzamei Technology Co Ltd
Priority to CN202110881827.8A priority Critical patent/CN113592476A/en
Publication of CN113592476A publication Critical patent/CN113592476A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/102Bill distribution or payments
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Economics (AREA)
  • Development Economics (AREA)
  • Computer Security & Cryptography (AREA)
  • Marketing (AREA)
  • Technology Law (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention provides a cross-chain asset transfer method, computer equipment and a storage medium, wherein the method comprises the following steps: generating a first asset cross-chain transaction and sending the first asset cross-chain transaction to a network of a first blockchain; acquiring first signature information and a first elliptic curve random number; the method comprises the steps that a first certificate-storing Hash, a first tree root and information used for generating the first certificate-storing Hash are used as public input of a first certificate algorithm, a first address for paying first assets, a first private key corresponding to the first address, a Mercker path corresponding to the first certificate-storing Hash, first signature information and a first elliptic curve random number are used as private input, and first certificate information is generated; and generating a second asset cross-chain transaction comprising the first certificate-storing hash, the first tree root, information used for generating the first certificate-storing hash and the first certificate information, and sending the second asset cross-chain transaction to a network of a second block chain. The invention can ensure that the user assets are not lost in the process of chain crossing without synchronizing the block headers of mass data, and saves the commission charge of the relay.

Description

Cross-chain asset transfer method, computer device, and storage medium
Technical Field
The present application relates to the field of blockchain technologies, and in particular, to a cross-chain asset transfer method, a computer device, and a storage medium.
Background
Existing block chain cross-chain schemes can be broadly classified into categories such as side chains, relays, notary mechanisms, hash locking, and the like. Each category of solution presents its own security risk issues. Once the hacker seizes, the assets of the user are lost.
For relay-like schemes, one current approach in the art to address the above security risk problem is to synchronize all the tile headers of the endorsement chain to the target chain, so that the target chain can be authenticated based on the tile headers. This approach has the drawback that the amount of data in the header is too large for block chains where the number of blocks accumulates. For example, the data volume of all block header data of the current ether house has reached a height of 4.5G.
In addition, the relay-type scheme also typically requires relaying information between two block chains, which requires a constant handling fee.
Disclosure of Invention
In view of the above-mentioned drawbacks and deficiencies of the prior art, it is desirable to provide a cross-chain asset transfer method, a computer device, and a storage medium that can guarantee that user assets will not suffer loss during a cross-chain process without synchronizing the chunk headers of mass data, while saving the commission cost spent by relays.
In a first aspect, the present invention provides a cross-chain asset transfer method applicable to a user side, where a first block chain is deployed with a first cross-chain contract, the first cross-chain contract maintains a cross-chain asset tree, and the cross-chain asset tree is a merkel tree generated by using a proof hash of each cross-chain asset to be transferred to a second block chain as a leaf node; the second block chain is deployed with a second cross-chain contract, and the second cross-chain contract is configured with a first zero knowledge proof circuit used for verifying whether cross-chain assets are stored in the first cross-chain contract or not and a first verification parameter generated according to the first zero knowledge proof circuit and an administrator public key; the method comprises the following steps:
generating a first asset cross-chain transaction and sending the first asset cross-chain transaction to a network of a first block chain, so that a node of the first block chain executes through a first cross-chain contract, storing the first asset into the first cross-chain contract, and updating a cross-chain asset tree by taking a first evidence-storing hash of the first asset as a newly added leaf node of the cross-chain asset tree, so that an administrator terminal can:
acquiring a first root of the updated cross-chain asset tree; and the number of the first and second groups,
signing the first tree root to generate first signature information;
disclosing the first signature information and the corresponding first elliptic curve random number under the chain; the first asset can not be extracted from the first cross-link contract by the current user after the first asset cross-link transaction is successfully executed;
acquiring first signature information and a first elliptic curve random number;
taking the first certificate-storing Hash, the first tree root and various information for generating the first certificate-storing Hash as public input of a first certificate algorithm of a first zero-knowledge certificate circuit, and taking a first address of a first asset, a first private key corresponding to the first address, a Merck path corresponding to the first certificate-storing Hash, first signature information and a first elliptic curve random number as private input of the first certificate algorithm to generate first certificate information;
generating a second asset cross-chain transaction comprising a first certificate-storing hash, a first tree root, various information used for generating the first certificate-storing hash and first certification information, and sending the second asset cross-chain transaction to a network of a second block chain, so that nodes of the second block chain can execute the following verification through a second cross-chain contract respectively:
verifying whether a first credentialing hash submitted by a second asset cross-chain transaction is unused;
inputting a first certificate-storing Hash submitted by a second asset cross-chain transaction, a first tree root, various information used for generating the first certificate-storing Hash, first certificate information and first verification parameters into a verification algorithm of a first zero-knowledge certificate circuit for verification;
and if all the verification items pass, issuing a first mapping asset anchored to the first asset to the account of the current user.
In a second aspect, the present invention provides a cross-chain asset transfer method applicable to a node of a first blockchain, where the first blockchain is deployed with a first cross-chain contract, the first cross-chain contract maintains a cross-chain asset tree, and the cross-chain asset tree is a merkel tree generated by using a certified hash of each cross-chain asset to be transferred to a second blockchain as a leaf node; the second block chain is deployed with a second cross-chain contract, and the second cross-chain contract is configured with a first zero knowledge proof circuit used for verifying whether cross-chain assets are stored in the first cross-chain contract or not and a first verification parameter generated according to the first zero knowledge proof circuit and an administrator public key; the method comprises the following steps:
executing a first asset cross-chain transaction through a first cross-chain contract, storing the first asset into the first cross-chain contract, and updating a cross-chain asset tree by taking a first certificate-storing hash of the first asset as a newly added leaf node of the cross-chain asset tree so as to provide for an administrator terminal:
acquiring a first root of the updated cross-chain asset tree; and the number of the first and second groups,
signing the first tree root to generate first signature information;
the first signature information and the corresponding first elliptic curve random number are published under the chain.
The first asset can not be extracted from the first cross-link contract by the current user after the first asset cross-link transaction is successfully executed;
the first asset cross-chain transaction is generated by a first user end of a first user;
the first user terminal is further configured to:
acquiring first signature information and a first elliptic curve random number; and the number of the first and second groups,
taking the first certificate-storing Hash, the first tree root and various information for generating the first certificate-storing Hash as public input of a first certificate algorithm of a first zero-knowledge certificate circuit, and taking a first address of a first asset, a first private key corresponding to the first address, a Merck path corresponding to the first certificate-storing Hash, first signature information and a first elliptic curve random number as private input of the first certificate algorithm to generate first certificate information;
generating a second asset cross-chain transaction which comprises a first certificate-storing hash, a first tree root, various information used for generating the first certificate-storing hash and first certification information, and sending the second asset cross-chain transaction to a network of a second block chain;
the second cross-chain contract is configured for executing a second asset cross-chain transaction, respectively validated as follows:
verifying whether a first credentialing hash submitted by a second asset cross-chain transaction is unused; inputting a first certificate-storing Hash submitted by a second asset cross-chain transaction, a first tree root, various information used for generating the first certificate-storing Hash, first certificate information and first verification parameters into a verification algorithm of a first zero-knowledge certificate circuit for verification;
and if all the verification items pass, issuing a first mapping asset anchored to the first asset to the account of the first user.
In a third aspect, the present invention further provides a cross-chain asset transfer method applicable to a node of a second blockchain, where a first cross-chain contract is deployed on the first blockchain, the first cross-chain contract maintains a cross-chain asset tree, and the cross-chain asset tree is a merkel tree generated by using a certified hash of each cross-chain asset to be transferred to the second blockchain as a leaf node; the second block chain is deployed with a second cross-chain contract, and the second cross-chain contract is configured with a first zero knowledge proof circuit used for verifying whether cross-chain assets are stored in the first cross-chain contract or not and a first verification parameter generated according to the first zero knowledge proof circuit and an administrator public key; the method comprises the following steps:
performing a second asset cross-chain transaction through a second cross-chain contract, respectively verifying:
verifying whether a first credentialing hash submitted by a second asset cross-chain transaction is unused;
inputting a first certificate-storing Hash submitted by a second asset cross-chain transaction, a first tree root, various information used for generating the first certificate-storing Hash, first certificate information and first verification parameters into a verification algorithm of a first zero-knowledge certificate circuit for verification;
and if all the verification items pass, issuing a first mapping asset anchored to the first asset to the account of the first user.
The first cross-link contract is configured to execute a first asset cross-link transaction, store the first asset in the first cross-link contract, and update the cross-link asset tree by using a first certified hash of the first asset as a newly added leaf node of the cross-link asset tree, so that an administrator terminal:
acquiring a first root of the updated cross-chain asset tree; and the number of the first and second groups,
signing the first tree root to generate first signature information;
disclosing the first signature information and the corresponding first elliptic curve random number under the chain;
the first asset cannot be extracted from the first cross-chain contract by the first user after the first asset cross-chain transaction is successfully executed;
the first asset cross-chain transaction and the second asset cross-chain transaction are generated by a first user end of a first user;
the second asset cross-chain transaction comprises a first certificate-storing hash, a first tree root, various information used for generating the first certificate-storing hash and first certification information;
after the first user side acquires the first signature information and the first elliptic curve random number, the first certification information is generated by taking the first certificate-storing hash, the first tree root and various information used for generating the first certificate-storing hash as the public input of a first certification algorithm of a first zero-knowledge certification circuit, and taking a first address of the first asset, a first private key corresponding to the first address, a Mercker path corresponding to the first certificate-storing hash, the first signature information and the first elliptic curve random number as the private input of the first certification algorithm.
In a fourth aspect, the present invention also provides a computer apparatus comprising one or more processors and memory, wherein the memory contains instructions executable by the one or more processors to cause the one or more processors to perform a cross-chain asset transfer method provided according to embodiments of the present invention.
In a fifth aspect, the present invention also provides a storage medium storing a computer program that causes a computer to execute the cross-chain asset transfer method provided according to the embodiments of the present invention.
On one hand, the cross-chain asset transfer method, the computer equipment and the storage medium provided by the embodiments of the invention configure the first cross-chain contract stored in the first block chain, which cannot be retrieved, of the to-be-cross-chain asset, maintain the cross-chain asset tree used for storing the stored to-be-cross-chain asset in the first cross-chain contract, and configure the first zero-knowledge proof circuit used for verification in the second cross-chain contract of the second block chain, so that the asset cross-chain is completed by verifying the proof information submitted by the user through the zero-knowledge proof circuit, the hacker is guaranteed that the user's asset cannot be stolen no matter the hacker steals the administrator account or hijacks the proof information of the user, and the user's asset cannot be lost in the cross-chain process without synchronizing the block header of mass data; on the other hand, the verification parameters generated according to the first zero knowledge proof circuit and the administrator public key are configured in the second cross-link contract, and the administrator terminal discloses signature information and elliptic curve random numbers for signing the first tree root under the link, so that the second cross-link contract can verify whether the first tree root submitted by the second asset cross-link transaction is subjected to the signature confirmation of the administrator through the first zero knowledge proof circuit on the premise that the administrator does not verify the first tree root, and further the commission charge spent by the relay is saved;
the cross-chain asset transfer method, the computer device and the storage medium provided by some embodiments of the present invention further realize asset back-crossing by a method symmetrical to asset cross-chain.
Drawings
Other features, objects and advantages of the present application will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:
fig. 1 is a flowchart of a cross-chain asset transfer method according to an embodiment of the present invention.
FIG. 2 is a flow diagram of a preferred embodiment of the method shown in FIG. 1.
FIG. 3 is a flow chart of another cross-chain asset transfer method provided by an embodiment of the invention.
FIG. 4 is a flow chart of a preferred embodiment of the method shown in FIG. 3.
FIG. 5 is a flowchart of yet another cross-chain asset transfer method according to an embodiment of the invention.
FIG. 6 is a flow chart of a preferred embodiment of the method shown in FIG. 5.
Fig. 7 is a schematic structural diagram of a computer device according to an embodiment of the present invention.
Detailed Description
The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the present invention are shown in the drawings.
It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The present application will be described in detail below with reference to the embodiments with reference to the attached drawings.
Fig. 1 is a flowchart of a cross-chain asset transfer method according to an embodiment of the present invention.
As shown in fig. 1, in this embodiment, the present invention provides a cross-chain asset transfer method applicable to a user side, where a first block chain is deployed with a first cross-chain contract, the first cross-chain contract maintains a cross-chain asset tree, and the cross-chain asset tree is a merkel tree generated by using a certified hash of each cross-chain asset to be transferred to a second block chain as a leaf node; the second block chain is deployed with a second cross-chain contract, and the second cross-chain contract is configured with a first zero knowledge proof circuit used for verifying whether cross-chain assets are stored in the first cross-chain contract or not and a first verification parameter generated according to the first zero knowledge proof circuit and an administrator public key; the method comprises the following steps:
s11: generating a first asset cross-chain transaction and sending the first asset cross-chain transaction to a network of a first block chain, so that a node of the first block chain executes through a first cross-chain contract, storing the first asset into the first cross-chain contract, and updating a cross-chain asset tree by taking a first evidence-storing hash of the first asset as a newly added leaf node of the cross-chain asset tree, so that an administrator terminal can:
acquiring a first root of the updated cross-chain asset tree; and the number of the first and second groups,
signing the first tree root to generate first signature information;
disclosing the first signature information and the corresponding first elliptic curve random number under the chain; the first asset can not be extracted from the first cross-link contract by the current user after the first asset cross-link transaction is successfully executed;
s13: acquiring first signature information and a first elliptic curve random number;
s15: taking the first certificate-storing Hash, the first tree root and various information for generating the first certificate-storing Hash as public input of a first certificate algorithm of a first zero-knowledge certificate circuit, and taking a first address of a first asset, a first private key corresponding to the first address, a Merck path corresponding to the first certificate-storing Hash, first signature information and a first elliptic curve random number as private input of the first certificate algorithm to generate first certificate information;
s17: generating a second asset cross-chain transaction comprising a first certificate-storing hash, a first tree root, various information used for generating the first certificate-storing hash and first certification information, and sending the second asset cross-chain transaction to a network of a second block chain, so that nodes of the second block chain can execute the following verification through a second cross-chain contract respectively:
verifying whether a first credentialing hash submitted by a second asset cross-chain transaction is unused; inputting a first certificate-storing Hash submitted by a second asset cross-chain transaction, a first tree root, various information used for generating the first certificate-storing Hash, first certificate information and first verification parameters into a verification algorithm of a first zero-knowledge certificate circuit for verification;
and if all the verification items pass, issuing a first mapping asset anchored to the first asset to the account of the current user.
In this embodiment, the signature algorithm adopts a schnorr signature algorithm, and the signature data generation algorithm is as follows:
s1=r1+p*root1
wherein s is1Is first signature information, r1Is the first random number, p is the administrator private key, root1Is the first root of the tree.
The verification algorithm of the first signature information is as follows:
s1*G=(r1+p*root1)*G=r1*G+(p*G)root1=R1+P*root1
wherein G is an elliptic curve base point, R1Is according to r1And generating a first elliptic curve random number, wherein P is an administrator public key.
In the scheme provided by the invention, the principle of the verification of the first zero-knowledge proof circuit is as follows:
1. a verification parameter generated according to the administrator public key P is configured in the second cross-link contract;
the administrator is confirming the first root1After recording on the first blockchain, the first root is accessed by the administrator private key p1Signing is carried out and first signature information s is disclosed under the chain1And a first elliptic curve random number R1
Thus, the first zero knowledge proof of knowledge circuit may validate the first root of the cross-chain transaction submission of the second asset based on the algorithm described above1Whether it is signed by the administrator, thereby verifying the first root1Whether or not it has already been recorded on the first block chain;
2. verifying whether a first tree root can be generated according to a first proof hash as a leaf node and a corresponding Merck path: if so, verifying that the first verification hash is real and the first asset is actually stored in the first cross-link contract on the basis that the first tree root is recorded on the first blockchain;
3. the first address of the first asset for payment and the corresponding private key are used as private inputs of the attestation algorithm, so that whether the user providing the attestation information stores the first asset in the user of the first cross-link contract can be verified through the verification algorithm.
The first zero knowledge proof of knowledge circuit configured by the second cross-link contract of the present invention is generated according to the above-described verification principle. Those skilled in the art will understand how to generate a first zero knowledge proof circuit according to the above verification principle in a zero knowledge proof architecture, the generated first zero knowledge proof circuit including a generation algorithm Setup1(), a proof algorithm pro 1(), and a verification algorithm Verify1 (). The detailed process is not described herein.
The method is exemplarily described below by taking the first block chain as the game chain E, the second block chain as the game transaction chain F, and the user a transfers the 10000eee game coins held by the user a on the game chain E to the game transaction chain F for transaction.
First verification parameter ver _ key configured by second cross-link contract1Generated according to the generation algorithm Setup1() of the first zero knowledge proof of knowledge circuit and the administrator public key P:
Setup1(P)→ver_key1
in step S11, the user end of user a generates a request to transfer 10000eee tokens to the first asset cross-link transaction tx1 of game transaction chain F and sends to the network of game chain E.
The node of game chain E executes tx1 by the first cross-chain contract:
storing 10000eee game coins into a contract address of a first cross-link contract; after the written asset is stored in the contract address, the user A cannot extract the written asset in any way;
after successful deposit, according to the amount 10000 of the first asset and the public key P of the first user1Generating a first certificate-storing hash of the asset1And will hash1And updating the cross-chain asset tree as a newly added leaf node of the cross-chain asset tree.
The present embodiment exemplarily illustrates that a node of a first blockchain generates a first evidence hash of a first asset when performing a first asset cross-chain transaction through a first cross-chain contract; in further embodiments, the first evidence storing hash may be configured to be generated by the user side before the first asset cross-chain transaction is packaged and packaged in the first asset cross-chain transaction according to actual requirements, and the node of the first block chain does not need to generate the first evidence storing hash after the first asset is successfully stored in the contract address.
Preferably, the first certificate-preserving hash can be generated according to more information according to actual requirements and scene configuration.
For example, in order to distinguish different cross-chain assets with the same amount in the same account, the first credentialing hash can be configured to be generated according to the amount of the first asset, the public key of the first user and a random number (submitted by the first asset cross-chain transaction), and the random number can also be replaced by a leaf node serial number or a cross-chain order number, and other parameters, as long as the parameters are unique and can play a distinguishing role.
For another example, when a first cross-link contract is maintained with multiple cross-link asset trees, the first forensic hash may be configured to be generated based on a sequence number of the cross-link asset tree, an amount of the first asset, a public key of the first user, and a random number (submitted by the first asset cross-link transaction), and so on.
After monitoring the updating of the cross-chain asset tree through the data of the synchronous game chain E, the administrator terminal acquires the root of the updated cross-chain asset tree1Root pair by administrator private key p1Signing to generate first signature information s1=r1+p*root1The first signature information s1And a corresponding first elliptic curve random number R1(R1=r1G) are published under the chain, e.g., a centralized server under the chain, or a website, community, etc.
In step S13, the user side of the user a acquires the first signature information S from the above-described catenated position1And a first elliptic curve random number R1
In step S15, the user end of user a uses a first authentication hash1Root of the first tree1Generating information of each item of the first evidence hash as public input of a first evidence algorithm Prove1() of a first zero-knowledge proof circuit to pay for the first address addr of the first asset1Addr corresponding to the first address1First private key p of1The first certificate-storing hash1Corresponding merkel path1First signature information s1And a first elliptic curve random number R1As a private input of the first proof algorithm pro 1(), first proof information is generated:
Prove1(hash1、root1、10000、P1,addr1、p1、merkle_path1、s1、R1)→prove1。
in step S17, the user end of user a packages and generates a hash including the above public inputs1、root1、10000、P1And the second asset cross-chain transaction tx2 of the first proof information pro 1, tx2 is sent to the network of the game chain of transactions F.
The node of the game transaction chain F performs the following verification respectively through the second cross-chain contract execution tx 2:
verifying the first credential hash submitted by tx21Whether unused: if not, tx2 fails;
hash of submission of tx21、root1、10000、P1Pro 1 and a first verification parameter ver _ key configured in a contract1The verification algorithm Verify1() of the first zero knowledge proof of knowledge circuit is input for verification:
Verify1(hash1、root1、10000、P1,prove1,ver_key1)→Yes/No;
when the output result of the verification algorithm Verify1() is No, the verification fails, and the tx2 execution fails;
if all the verification items are passed, tx2 is executed successfully, a first mapping asset 10000F _ eee currency anchored to 10000eee game currency is issued to the account of the user A in the second cross-link contract, and the first certificate is hashed with hash1And (4) storing the hash into a check pool (so that the hash can be verified when other second asset cross-chain transactions are subsequently executed1Has been used).
After tx2 has performed successfully, user A may trade on game transaction chain F according to 10000F _ eee medals in his account, for example, trade 1000F _ aaa medals with user B in 5000F _ eee medals (similarly, F _ aaa medals are mapping assets for transferring aaa medals of game chain A to game transaction chain F), and so on.
In the process of transferring the eee game coins from the game chain E to the game transaction chain F in a cross-chain mode, a hacker steals an administrator account and counterfeits root roots through an administrator private key1' signing and disclosing corresponding signature information and elliptic curve random number asFor example, the following consequences can be expected:
1. a hacker may trick into a second cross-chain contract mapping asset issued from forged data (for which the administrator may request to destroy the mapping asset after retrieving the account);
2. tx2 will fail execution (for which account number is retrieved at administrator, for root)1After signing and disclosing the corresponding signature information and elliptic curve random number, the user A may reconstruct and send a second asset cross-chain transaction, at which point the reconstructed second asset cross-chain transaction may be performed successfully).
In this scenario, a hacker can only cheat the mapping assets issued according to the forged data, but cannot steal the mapping assets issued according to the 10000eee gaming chips paid by the user A, and the assets of the user A cannot be lost in this scenario.
Taking the example that the hacker intercepts tx2, no matter how the hacker tampers with the parameter of tx2, or generates the second asset cross-link transaction tx3 according to the parameter of tx2, it is obviously impossible to verify the second asset cross-link contract, so the asset of the user a is not lost in this scenario.
On one hand, the embodiment configures the first cross-link contract stored in the first block chain, which is irretrievable to be cross-link assets, and maintains the cross-link asset tree used for storing and certifying the stored cross-link assets in the first cross-link contract, and configures the first zero-knowledge certification circuit used for verification in the second cross-link contract of the second block chain, so that the certification information submitted by a user is verified through the zero-knowledge certification circuit to complete cross-link of the assets, a hacker is guaranteed that the assets of the user cannot be stolen no matter the hacker steals an account of an administrator or hijacks the certification information of the user, and the user assets can not be lost in the cross-link process without synchronizing block headers of mass data; on the other hand, the verification parameters generated according to the first zero knowledge proof circuit and the administrator public key are configured in the second cross-link contract, and the administrator terminal discloses signature information and the elliptic curve random number for signing the first tree root under the link, so that the second cross-link contract can verify whether the first tree root submitted by the second asset cross-link transaction is subjected to the signature confirmation of the administrator through the first zero knowledge proof circuit on the premise that the administrator does not verify the first tree root, and accordingly the commission charge spent by the relay is saved.
FIG. 2 is a flow diagram of a preferred embodiment of the method shown in FIG. 1. As shown in FIG. 2, in a preferred embodiment, the second cross-chain contract maintains an asset rotation tree that is a Merck tree generated with the destroyed witness hash of each mapped asset to be transferred back to the first blockchain as a leaf node; the first cross-link contract is configured with a second zero knowledge proof circuit for verifying whether the mapping asset is destroyed through the second cross-link contract, and a second verification parameter generated according to the second zero knowledge proof circuit and the administrator public key; the method further comprises the following steps:
s21: generating a first asset rotation transaction and sending the first asset rotation transaction to a network of a second block chain, so that nodes of the second block chain execute a second cross-chain contract, destroying a second mapping asset to be transferred back to the first block chain, and using a first destruction evidence-storing Hash of the second mapping asset as a newly-added leaf node of an asset rotation tree to update the asset rotation tree so as to provide for a manager terminal:
acquiring a second root of the updated asset rotation tree; and the number of the first and second groups,
signing the second tree root to generate second signature information;
disclosing the second signature information and the corresponding second elliptic curve random number under the chain;
s23: acquiring second signature information and a second elliptic curve random number;
s25: taking the first destroyed evidence storing Hash, the second tree root and various information for generating the first destroyed evidence storing Hash as the public input of a second proving algorithm of a second zero-knowledge proving circuit, and taking a second address of a second mapping asset, a second private key corresponding to the second address, a Mercker path corresponding to the first destroyed evidence storing Hash, second signature information and a second elliptic curve random number as the private input of the second proving algorithm to generate second proving information;
s27: generating a second asset rotation transaction comprising a first destruction evidence storage hash, a second tree root, and various information and second certification information used for generating the first destruction evidence storage hash, and sending the second asset rotation transaction to a network of the first block chain, so that nodes of the first block chain can execute through a first cross-chain contract, and respectively perform the following verifications:
verifying whether a first destruction evidence-storing hash submitted by a second asset rotation transaction is unused;
inputting a first destruction certificate-storing Hash submitted by a second asset rotation transaction, a second tree root, various information used for generating the first destruction certificate-storing Hash, second certification information and second verification parameters into a verification algorithm of a second zero-knowledge certification circuit for verification;
and if all the verification items pass, issuing a second asset anchored to the second mapping asset to the account of the current user.
Specifically, the principle of steps S21-S27 is substantially the same as that of steps S11-S17, except that:
1. the methods of steps S11-S17 are used to transfer assets from the first blockchain to the second blockchain, and the methods of steps S21-S27 are used to transfer assets from the second blockchain back to the first blockchain;
2. the first cross-chaining contract deposits the first asset into the contract (and does not allow retrieval) at about the time the first asset cross-chaining transaction is performed, and the second cross-chaining contract directly destroys the second mapped asset at about the time the first asset revolution transaction is performed.
Further, it should be noted that the methods of steps S21-S27 may be applied not only in a manner of combining steps S11-S17, but also individually. For example, user B, after trading user A for 5000F _ eee chips in 1000F _ aaa chips, transfers the 5000F _ eee chips traded to the Game chain E for 5000eee chips.
The above embodiments further enable asset backspan by a method that is symmetrical with asset backspan.
FIG. 3 is a flow chart of another cross-chain asset transfer method provided by an embodiment of the invention. The method illustrated in fig. 3 may be performed in conjunction with the method illustrated in fig. 1.
As shown in fig. 3, in this embodiment, the present invention further provides a cross-chain asset transfer method applied to a node of a first blockchain, where the first blockchain is deployed with a first cross-chain contract, the first cross-chain contract maintains a cross-chain asset tree, and the cross-chain asset tree is a merkel tree generated by using a certified hash of each cross-chain asset to be transferred to a second blockchain as a leaf node; the second block chain is deployed with a second cross-chain contract, and the second cross-chain contract is configured with a first zero knowledge proof circuit used for verifying whether cross-chain assets are stored in the first cross-chain contract or not and a first verification parameter generated according to the first zero knowledge proof circuit and an administrator public key; the method comprises the following steps:
s31: executing a first asset cross-chain transaction through a first cross-chain contract, storing the first asset into the first cross-chain contract, and updating a cross-chain asset tree by taking a first certificate-storing hash of the first asset as a newly added leaf node of the cross-chain asset tree so as to provide for an administrator terminal:
acquiring a first root of the updated cross-chain asset tree; and the number of the first and second groups,
signing the first tree root to generate first signature information;
the first signature information and the corresponding first elliptic curve random number are published under the chain.
The first asset can not be extracted from the first cross-link contract by the current user after the first asset cross-link transaction is successfully executed;
the first asset cross-chain transaction is generated by a first user end of a first user;
the first user terminal is further configured to:
acquiring first signature information and a first elliptic curve random number; and the number of the first and second groups,
taking the first certificate-storing Hash, the first tree root and various information for generating the first certificate-storing Hash as public input of a first certificate algorithm of a first zero-knowledge certificate circuit, and taking a first address of a first asset, a first private key corresponding to the first address, a Merck path corresponding to the first certificate-storing Hash, first signature information and a first elliptic curve random number as private input of the first certificate algorithm to generate first certificate information;
generating a second asset cross-chain transaction which comprises a first certificate-storing hash, a first tree root, various information used for generating the first certificate-storing hash and first certification information, and sending the second asset cross-chain transaction to a network of a second block chain;
the second cross-chain contract is configured for executing a second asset cross-chain transaction, respectively validated as follows:
verifying whether a first credentialing hash submitted by a second asset cross-chain transaction is unused;
inputting a first certificate-storing Hash submitted by a second asset cross-chain transaction, a first tree root, various information used for generating the first certificate-storing Hash, first certificate information and first verification parameters into a verification algorithm of a first zero-knowledge certificate circuit for verification;
and if all the verification items pass, issuing a first mapping asset anchored to the first asset to the account of the first user.
The cross-chain asset transfer principle of the method shown in fig. 3 can refer to the method shown in fig. 1, and the detailed description is not repeated here.
FIG. 4 is a flow chart of a preferred embodiment of the method shown in FIG. 3. The method illustrated in fig. 4 may be performed in conjunction with the method illustrated in fig. 2.
As shown in FIG. 4, in a preferred embodiment, the second cross-chain contract maintains an asset rotation tree that is a Merck tree generated with the destroyed witness hash of each mapped asset to be transferred back to the first blockchain as a leaf node; the first cross-link contract is configured with a second zero knowledge proof circuit for verifying whether the mapping asset is destroyed through the second cross-link contract, and a second verification parameter generated according to the second zero knowledge proof circuit and the administrator public key; the method further comprises the following steps:
executing a second asset rotation transaction through the first cross-link contract, respectively performing the following verifications:
verifying whether a first destruction evidence-storing hash submitted by a second asset rotation transaction is unused;
inputting a first destruction certificate-storing Hash submitted by a second asset rotation transaction, a second tree root, various information used for generating the first destruction certificate-storing Hash, second certification information and second verification parameters into a verification algorithm of a second zero-knowledge certification circuit for verification;
if all the verification items pass, a second asset anchored to the second mapping asset is issued to the account of the first user;
the second cross-chain contract is further configured to execute a first asset rotation transaction, destroy a second mapping asset to be transferred back to the first block chain, and update the asset rotation tree by using a first destruction evidence-storing hash of the second mapping asset as a newly added leaf node of the asset rotation tree, so that the administrator terminal:
acquiring a second root of the updated asset rotation tree; and the number of the first and second groups,
signing the second tree root to generate second signature information;
disclosing the second signature information and the corresponding second elliptic curve random number under the chain;
the first asset rotation transaction and the second asset rotation transaction are generated by a first user end, and the second asset rotation transaction comprises a first destruction certificate-storing Hash, a second tree root, various information used for generating the first destruction certificate-storing Hash and second certificate information;
and after the first user side acquires the second signature information and the second elliptic curve random number, the second certification information is generated by taking the first destroyed certificate-storing Hash, the second tree root and various information used for generating the first destroyed certificate-storing Hash as the public input of a second certification algorithm of a second zero-knowledge certification circuit, and paying the second address of the second mapping asset, a second private key corresponding to the second address, a Mercker path corresponding to the first destroyed certificate-storing Hash, the second signature information and the second elliptic curve random number as the private input of the second certification algorithm.
The cross-chain asset transfer principle of the method shown in fig. 4 can refer to the method shown in fig. 2, and the detailed description is not repeated here.
FIG. 5 is a flowchart of yet another cross-chain asset transfer method according to an embodiment of the invention. The method shown in fig. 5 may be performed in conjunction with the methods shown in fig. 1 and 3.
As shown in fig. 5, in this embodiment, the present invention further provides a cross-chain asset transfer method applied to a node of a second blockchain, where a first cross-chain contract is deployed on a first blockchain, the first cross-chain contract maintains a cross-chain asset tree, and the cross-chain asset tree is a merkel tree generated by using a proof hash of each cross-chain asset to be transferred to the second blockchain as a leaf node; the second block chain is deployed with a second cross-chain contract, and the second cross-chain contract is configured with a first zero knowledge proof circuit used for verifying whether cross-chain assets are stored in the first cross-chain contract or not and a first verification parameter generated according to the first zero knowledge proof circuit and an administrator public key; the method comprises the following steps:
s51: performing a second asset cross-chain transaction through a second cross-chain contract, respectively verifying:
s511: verifying whether a first credentialing hash submitted by a second asset cross-chain transaction is unused;
s513: inputting a first certificate-storing Hash submitted by a second asset cross-chain transaction, a first tree root, various information used for generating the first certificate-storing Hash, first certificate information and first verification parameters into a verification algorithm of a first zero-knowledge certificate circuit for verification;
if all the verification items pass, step S515 is executed: a first mapped asset anchored to a first asset is issued to an account of a first user.
The first cross-link contract is configured to execute a first asset cross-link transaction, store the first asset in the first cross-link contract, and update the cross-link asset tree by using a first certified hash of the first asset as a newly added leaf node of the cross-link asset tree, so that an administrator terminal:
acquiring a first root of the updated cross-chain asset tree; and the number of the first and second groups,
signing the first tree root to generate first signature information;
disclosing the first signature information and the corresponding first elliptic curve random number under the chain;
the first asset cannot be extracted from the first cross-chain contract by the first user after the first asset cross-chain transaction is successfully executed;
the first asset cross-chain transaction and the second asset cross-chain transaction are generated by a first user end of a first user;
the second asset cross-chain transaction comprises a first certificate-storing hash, a first tree root, various information used for generating the first certificate-storing hash and first certification information;
after the first user side acquires the first signature information and the first elliptic curve random number, the first certification information is generated by taking the first certificate-storing hash, the first tree root and various information used for generating the first certificate-storing hash as the public input of a first certification algorithm of a first zero-knowledge certification circuit, and taking a first address of the first asset, a first private key corresponding to the first address, a Mercker path corresponding to the first certificate-storing hash, the first signature information and the first elliptic curve random number as the private input of the first certification algorithm.
The cross-chain asset transfer principle of the method shown in fig. 5 can also refer to the method shown in fig. 1, and the detailed description is not repeated here.
FIG. 6 is a flow chart of a preferred embodiment of the method shown in FIG. 5. The method shown in fig. 6 may be performed in conjunction with the methods shown in fig. 2 and 4.
As shown in FIG. 6, in a preferred embodiment, the second cross-chain contract maintains an asset rotation tree that is a Merck tree generated with the destroyed witness hash of each mapped asset to be transferred back to the first blockchain as a leaf node; the first cross-link contract is configured with a second zero knowledge proof circuit for verifying whether the mapping asset is destroyed through the second cross-link contract, and a second verification parameter generated according to the second zero knowledge proof circuit and the administrator public key; the method further comprises the following steps:
s61: executing a first asset rotation transaction through a second cross-chain contract, destroying a second mapping asset to be transferred back to the first block chain, and updating the asset rotation tree by taking a first destroying evidence-storing Hash of the second mapping asset as a newly-added leaf node of the asset rotation tree so as to provide for an administrator terminal:
acquiring a second root of the updated asset rotation tree; and the number of the first and second groups,
signing the second tree root to generate second signature information;
the second signature information and corresponding second elliptic curve random numbers are published under the chain.
Wherein the first asset rotation transaction is generated by the first client;
the first user terminal is further configured to:
acquiring second signature information and a second elliptic curve random number; and the number of the first and second groups,
taking the first destroyed evidence storing Hash, the second tree root and various information for generating the first destroyed evidence storing Hash as the public input of a second proving algorithm of a second zero-knowledge proving circuit, and taking a second address of a second mapping asset, a second private key corresponding to the second address, a Mercker path corresponding to the first destroyed evidence storing Hash, second signature information and a second elliptic curve random number as the private input of the second proving algorithm to generate second proving information;
generating a second asset rotation transaction comprising a first destruction certificate-storing Hash, a second tree root, and various information and second certification information for generating the first destruction certificate-storing Hash, and sending the second asset rotation transaction to a network of a first block chain;
the first cross-link contract is further configured to execute a second asset rotation transaction, each verified as follows:
verifying whether a first destruction evidence-storing hash submitted by a second asset rotation transaction is unused;
inputting a first destruction certificate-storing Hash submitted by a second asset rotation transaction, a second tree root, various information used for generating the first destruction certificate-storing Hash, second certification information and second verification parameters into a verification algorithm of a second zero-knowledge certification circuit for verification;
and if all the verification items pass, issuing a second asset anchored to the second mapping asset to the account of the first user.
The cross-chain asset transfer principle of the method shown in fig. 6 can also refer to the method shown in fig. 2, and the detailed description is not repeated here.
Fig. 7 is a schematic structural diagram of a computer device according to an embodiment of the present invention.
As shown in fig. 7, as another aspect, the present application also provides a computer apparatus 700 including one or more Central Processing Units (CPUs) 701 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)702 or a program loaded from a storage section 708 into a Random Access Memory (RAM) 703. In the RAM703, various programs and data necessary for the operation of the apparatus 700 are also stored. The CPU701, the ROM702, and the RAM703 are connected to each other via a bus 704. An input/output (I/O) interface 705 is also connected to bus 704.
The following components are connected to the I/O interface 705: an input portion 706 including a keyboard, a mouse, and the like; an output section 707 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 708 including a hard disk and the like; and a communication section 709 including a network interface card such as a LAN card, a modem, or the like. The communication section 709 performs communication processing via a network such as the internet. A drive 710 is also connected to the I/O interface 705 as needed. A removable medium 711 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 710 as necessary, so that a computer program read out therefrom is mounted into the storage section 708 as necessary.
In particular, according to an embodiment of the present disclosure, the method described in any of the above embodiments may be implemented as a computer software program. For example, embodiments of the present disclosure include a computer program product comprising a computer program tangibly embodied on a machine-readable medium, the computer program comprising program code for performing any of the methods described above. In such an embodiment, the computer program can be downloaded and installed from a network through the communication section 709, and/or installed from the removable medium 711.
As yet another aspect, the present application also provides a computer-readable storage medium, which may be the computer-readable storage medium included in the apparatus of the above-described embodiment; or it may be a separate computer readable storage medium not incorporated into the device. The computer readable storage medium stores one or more programs for use by one or more processors in performing the methods described in the present application.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units or modules described in the embodiments of the present application may be implemented by software or hardware. The described units or modules may also be provided in a processor, for example, each unit may be a software program provided in a computer or a mobile intelligent device, or may be a separately configured hardware device. Wherein the designation of a unit or module does not in some way constitute a limitation of the unit or module itself.
The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention herein disclosed is not limited to the particular combination of features described above, but also encompasses other arrangements formed by any combination of the above features or their equivalents without departing from the spirit of the present application. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.

Claims (8)

1. A cross-chain asset transfer method is characterized in that a first block chain is deployed with a first cross-chain contract, the first cross-chain contract maintains a cross-chain asset tree, and the cross-chain asset tree is a Merck tree generated by taking a proof hash of each cross-chain asset to be transferred to a second block chain as a leaf node; the second block chain is deployed with a second cross-chain contract, and the second cross-chain contract is configured with a first zero knowledge proof circuit used for verifying whether cross-chain assets are stored in the first cross-chain contract or not and a first verification parameter generated according to the first zero knowledge proof circuit and an administrator public key; the method is applicable to a user side, and comprises the following steps:
generating a first asset cross-chain transaction and sending the first asset cross-chain transaction to a network of the first block chain, so that a node of the first block chain executes through the first cross-chain contract, storing a first asset into the first cross-chain contract, and updating the cross-chain asset tree by taking a first certificate-storing hash of the first asset as a newly added leaf node of the cross-chain asset tree, so that an administrator terminal:
acquiring a first root of the updated cross-chain asset tree; and the number of the first and second groups,
signing the first tree root to generate first signature information;
disclosing the first signature information and corresponding first elliptic curve random numbers under a chain; wherein the first asset cannot be extracted from the first cross-chain contract by a current user after the first asset cross-chain transaction is successfully executed;
acquiring the first signature information and the first elliptic curve random number;
taking the first certificate-storing hash, the first tree root and information for generating the first certificate-storing hash as public input of a first certificate algorithm of the first zero-knowledge certificate circuit, and paying a first address of the first asset, a first private key corresponding to the first address, a merkel path corresponding to the first certificate-storing hash, the first signature information and the first elliptic curve random number as private input of the first certificate algorithm to generate first certificate information;
generating a second asset cross-link transaction including the first certificate-storing hash, the first tree root, information used for generating the first certificate-storing hash and the first certification information, and sending the second asset cross-link transaction to a network of the second blockchain, so that nodes of the second blockchain can execute the following verification through the second cross-link contract respectively:
verifying whether a first credentialing hash submitted by the second asset cross-chain transaction is unused;
inputting a first certificate-storing Hash, a first tree root, various information used for generating the first certificate-storing Hash, first certificate information and first verification parameters submitted by the second asset cross-chain transaction into a verification algorithm of the first zero-knowledge certificate circuit for verification;
and if all the verification items pass, issuing a first mapping asset anchored to the first asset to the account of the current user.
2. The method of claim 1, wherein the second cross-chain contract maintains an asset rotation tree that is a merkel tree generated with a destruction proof hash of each mapped asset to be transferred back to the first blockchain as a leaf node; the first cross-link contract is configured with a second zero knowledge proof circuit for verifying whether the mapping asset is destroyed through a second cross-link contract, and a second verification parameter generated according to the second zero knowledge proof circuit and an administrator public key; the method further comprises the following steps:
generating a first asset rotation transaction and sending the first asset rotation transaction to a network of the second blockchain, so that nodes of the second blockchain execute through the second cross-chain contract, destroying a second mapping asset to be transferred back to the first blockchain, and using a first destruction evidence-storing hash of the second mapping asset as a new leaf node of the asset rotation tree to update the asset rotation tree, so that an administrator terminal:
acquiring a second root of the updated asset rotation tree; and the number of the first and second groups,
signing the second tree root to generate second signature information;
disclosing the second signature information and corresponding second elliptic curve random numbers under a chain;
acquiring the second signature information and the second elliptic curve random number;
taking the first destroyed evidence storing hash, the second tree root and various information for generating the first destroyed evidence storing hash as public input of a second proving algorithm of the second zero-knowledge proving circuit, and paying a second address of the second mapping asset, a second private key corresponding to the second address, a merkel path corresponding to the first destroyed evidence storing hash, the second signature information and the second elliptic curve random number as private input of the second proving algorithm to generate second proving information;
generating a second asset rotation transaction comprising the first destruction evidence-storing hash, the second tree root, and various information used for generating the first destruction evidence-storing hash and the second certification information, and sending the second asset rotation transaction to the network of the first block chain, so that the nodes of the first block chain can execute through the first cross-chain contract, and respectively perform the following verifications:
verifying whether a first destruction evidence-storing hash submitted by the second asset rotation transaction is not used;
inputting a first destruction evidence-storing Hash and a second tree root submitted by the second asset rotation transaction, and various information, second evidence information and second verification parameters for generating the first destruction evidence-storing Hash into a verification algorithm of the second zero knowledge proof circuit for verification;
and if all the verification items pass, issuing a second asset anchored to the second mapping asset to the account of the current user.
3. A cross-chain asset transfer method is characterized in that a first block chain is deployed with a first cross-chain contract, the first cross-chain contract maintains a cross-chain asset tree, and the cross-chain asset tree is a Merck tree generated by taking a proof hash of each cross-chain asset to be transferred to a second block chain as a leaf node; the second block chain is deployed with a second cross-chain contract, and the second cross-chain contract is configured with a first zero knowledge proof circuit used for verifying whether cross-chain assets are stored in the first cross-chain contract or not and a first verification parameter generated according to the first zero knowledge proof circuit and an administrator public key; the method is applicable to a node of a first blockchain, and comprises the following steps:
executing a first asset cross-chain transaction through the first cross-chain contract, storing a first asset into the first cross-chain contract, and updating the cross-chain asset tree by taking a first certified hash of the first asset as a new leaf node of the cross-chain asset tree, so that an administrator terminal:
acquiring a first root of the updated cross-chain asset tree; and the number of the first and second groups,
signing the first tree root to generate first signature information;
disclosing the first signature information and corresponding first elliptic curve random numbers under a chain;
wherein the first asset cannot be extracted from the first cross-chain contract by a current user after the first asset cross-chain transaction is successfully executed;
the first asset cross-chain transaction is generated by a first user end of a first user;
the first user terminal is further configured to:
acquiring the first signature information and the first elliptic curve random number; and the number of the first and second groups,
taking the first certificate-storing hash, the first tree root and information for generating the first certificate-storing hash as public input of a first certificate algorithm of the first zero-knowledge certificate circuit, and paying a first address of the first asset, a first private key corresponding to the first address, a merkel path corresponding to the first certificate-storing hash, the first signature information and the first elliptic curve random number as private input of the first certificate algorithm to generate first certificate information;
generating a second asset cross-chain transaction comprising the first certificate-storing hash, the first tree root, various information used for generating the first certificate-storing hash and the first certification information, and sending the second asset cross-chain transaction to a network of the second blockchain;
the second cross-chain contract is configured to execute the second asset cross-chain transaction, and perform the following verifications respectively:
verifying whether a first credentialing hash submitted by the second asset cross-chain transaction is unused;
inputting a first certificate-storing Hash, a first tree root, various information used for generating the first certificate-storing Hash, first certificate information and first verification parameters submitted by the second asset cross-chain transaction into a verification algorithm of the first zero-knowledge certificate circuit for verification;
and if all the verification items pass, issuing a first mapping asset anchored to the first asset to the account of the first user.
4. The method of claim 3, wherein the second cross-chain contract maintains an asset rotation tree that is a merkel tree generated with a destruction proof hash of each mapped asset to be transferred back to the first blockchain as a leaf node; the first cross-link contract is configured with a second zero knowledge proof circuit for verifying whether the mapping asset is destroyed through a second cross-link contract, and a second verification parameter generated according to the second zero knowledge proof circuit and an administrator public key; the method further comprises the following steps:
executing a second asset rotation transaction through the first cross-link contract, respectively performing the following verifications:
verifying whether a first destruction evidence-storing hash submitted by the second asset rotation transaction is not used;
inputting a first destruction evidence-storing Hash and a second tree root submitted by the second asset rotation transaction, and various information, second evidence information and second verification parameters for generating the first destruction evidence-storing Hash into a verification algorithm of the second zero knowledge proof circuit for verification;
if all the verification items pass, a second asset anchored to the second mapping asset is issued to the account of the first user;
wherein the second cross-link contract is further configured to execute a first asset rotation transaction, destroy a second mapped asset to be transferred back to the first blockchain, and update the asset rotation tree by using a first destroyed evidence-storing hash of the second mapped asset as a newly added leaf node of the asset rotation tree, so that an administrator terminal:
acquiring a second root of the updated asset rotation tree; and the number of the first and second groups,
signing the second tree root to generate second signature information;
disclosing the second signature information and corresponding second elliptic curve random numbers under a chain;
the first asset rotation transaction and the second asset rotation transaction are generated by the first user side, and the second asset rotation transaction comprises the first destruction evidence-storing Hash, the second tree root, various information used for generating the first destruction evidence-storing Hash and the second certification information;
and after the first user side acquires the second signature information and the second elliptic curve random number, the second certification information is generated by taking the first destruction verification hash, the second tree root and the information for generating the first destruction verification hash as the public input of a second certification algorithm of the second zero-knowledge certification circuit, and paying a second address of the second mapping asset, a second private key corresponding to the second address, a Mercury path corresponding to the first destruction verification hash, the second signature information and the second elliptic curve random number as the private input of the second certification algorithm.
5. A cross-chain asset transfer method is characterized in that a first block chain is deployed with a first cross-chain contract, the first cross-chain contract maintains a cross-chain asset tree, and the cross-chain asset tree is a Merck tree generated by taking a proof hash of each cross-chain asset to be transferred to a second block chain as a leaf node; the second block chain is deployed with a second cross-chain contract, and the second cross-chain contract is configured with a first zero knowledge proof circuit used for verifying whether cross-chain assets are stored in the first cross-chain contract or not and a first verification parameter generated according to the first zero knowledge proof circuit and an administrator public key; the method is applicable to a node of a second blockchain, and comprises the following steps:
performing a second asset cross-chain transaction through the second cross-chain contract, respectively verifying:
verifying whether a first credentialing hash submitted by the second asset cross-chain transaction is unused;
inputting a first certificate-storing Hash, a first tree root, various information used for generating the first certificate-storing Hash, first certificate information and first verification parameters submitted by the second asset cross-chain transaction into a verification algorithm of the first zero-knowledge certificate circuit for verification;
if all the verification items pass, a first mapping asset anchored to the first asset is issued to the account of the first user;
the first cross-link contract is configured to execute a first asset cross-link transaction, store a first asset into the first cross-link contract, and update the cross-link asset tree by using a first certified hash of the first asset as a newly added leaf node of the cross-link asset tree, so that an administrator terminal:
acquiring a first root of the updated cross-chain asset tree; and the number of the first and second groups,
signing the first tree root to generate first signature information;
disclosing the first signature information and corresponding first elliptic curve random numbers under a chain;
the first asset cannot be extracted from the first cross-chain contract by the first user after the first asset cross-chain transaction is successfully executed;
the first asset cross-chain transaction and the second asset cross-chain transaction are generated by a first user of the first user;
the second asset cross-chain transaction comprises the first certificate-deposit hash, the first tree root, various information used for generating the first certificate-deposit hash and the first certification information;
after the first user side acquires the first signature information and the first elliptic curve random number, the first certification information is generated by taking the first certificate-storing hash, the first tree root and various information used for generating the first certificate-storing hash as public input of a first certification algorithm of the first zero-knowledge certification circuit, and taking a first address of the first asset, a first private key corresponding to the first address, a Merck path corresponding to the first certificate-storing hash, the first signature information and the first elliptic curve random number as private input of the first certification algorithm.
6. The method of claim 5, wherein the second cross-chain contract maintains an asset rotation tree that is a merkel tree generated with a destruction proof hash of each mapped asset to be transferred back to the first blockchain as a leaf node; the first cross-link contract is configured with a second zero knowledge proof circuit for verifying whether the mapping asset is destroyed through a second cross-link contract, and a second verification parameter generated according to the second zero knowledge proof circuit and an administrator public key; the method further comprises the following steps:
executing a first asset rotation transaction through the second cross-chain contract, destroying a second mapping asset to be transferred back to the first block chain, and updating the asset rotation tree by taking a first destruction evidence-storing hash of the second mapping asset as a newly-added leaf node of the asset rotation tree, so that an administrator terminal:
acquiring a second root of the updated asset rotation tree; and the number of the first and second groups,
signing the second tree root to generate second signature information;
disclosing the second signature information and corresponding second elliptic curve random numbers under a chain;
wherein the first asset rotation transaction is generated by the first client;
the first user terminal is further configured to:
acquiring the second signature information and the second elliptic curve random number; and the number of the first and second groups,
taking the first destroyed evidence storing hash, the second tree root and various information for generating the first destroyed evidence storing hash as public input of a second proving algorithm of the second zero-knowledge proving circuit, and paying a second address of the second mapping asset, a second private key corresponding to the second address, a merkel path corresponding to the first destroyed evidence storing hash, the second signature information and the second elliptic curve random number as private input of the second proving algorithm to generate second proving information;
generating a second asset rotation transaction comprising the first destruction evidence-storing hash, the second tree root, and various information used for generating the first destruction evidence-storing hash and the second certification information, and sending the second asset rotation transaction to the network of the first block chain;
the first cross-link contract is further configured to execute the second asset rotation transaction, with respective verifications:
verifying whether a first destruction evidence-storing hash submitted by the second asset rotation transaction is not used;
inputting a first destruction evidence-storing Hash and a second tree root submitted by the second asset rotation transaction, and various information, second evidence information and second verification parameters for generating the first destruction evidence-storing Hash into a verification algorithm of the second zero knowledge proof circuit for verification;
and if all the verification items pass, issuing a second asset anchored to the second mapping asset to the account of the first user.
7. A computer device, the device comprising:
one or more processors;
a memory for storing one or more programs,
the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method recited in any of claims 1-6.
8. A storage medium storing a computer program, characterized in that the program, when executed by a processor, implements the method according to any one of claims 1-6.
CN202110881827.8A 2021-08-02 2021-08-02 Cross-chain asset transfer method, computer device, and storage medium Pending CN113592476A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110881827.8A CN113592476A (en) 2021-08-02 2021-08-02 Cross-chain asset transfer method, computer device, and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110881827.8A CN113592476A (en) 2021-08-02 2021-08-02 Cross-chain asset transfer method, computer device, and storage medium

Publications (1)

Publication Number Publication Date
CN113592476A true CN113592476A (en) 2021-11-02

Family

ID=78253850

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110881827.8A Pending CN113592476A (en) 2021-08-02 2021-08-02 Cross-chain asset transfer method, computer device, and storage medium

Country Status (1)

Country Link
CN (1) CN113592476A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114266665A (en) * 2021-12-31 2022-04-01 杭州复杂美科技有限公司 Contract multi-backbone cross-link method, device and storage medium
CN114283010A (en) * 2021-12-31 2022-04-05 杭州复杂美科技有限公司 Multi-main-chain cross-chain method based on multi-main-chain two-layer network state tree
CN115766037A (en) * 2022-11-28 2023-03-07 周加华 Cross-chain transaction method based on block chain

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106899698A (en) * 2017-04-11 2017-06-27 张铮文 A kind of across chain mutual operation method between block chain
CN109146448A (en) * 2018-07-13 2019-01-04 杭州复杂美科技有限公司 Across chain assets transfer method, equipment and storage medium
CN112150284A (en) * 2020-09-22 2020-12-29 浙江数秦科技有限公司 Block chain heterogeneous chain cross-chain transaction method
CN113095827A (en) * 2021-04-09 2021-07-09 杭州复杂美科技有限公司 Anonymous multiple signature method, computer device, and storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106899698A (en) * 2017-04-11 2017-06-27 张铮文 A kind of across chain mutual operation method between block chain
CN109146448A (en) * 2018-07-13 2019-01-04 杭州复杂美科技有限公司 Across chain assets transfer method, equipment and storage medium
CN112150284A (en) * 2020-09-22 2020-12-29 浙江数秦科技有限公司 Block chain heterogeneous chain cross-chain transaction method
CN113095827A (en) * 2021-04-09 2021-07-09 杭州复杂美科技有限公司 Anonymous multiple signature method, computer device, and storage medium

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114266665A (en) * 2021-12-31 2022-04-01 杭州复杂美科技有限公司 Contract multi-backbone cross-link method, device and storage medium
CN114283010A (en) * 2021-12-31 2022-04-05 杭州复杂美科技有限公司 Multi-main-chain cross-chain method based on multi-main-chain two-layer network state tree
CN114283010B (en) * 2021-12-31 2024-05-24 杭州复杂美科技有限公司 Multi-main-chain crossing method based on multi-main-chain two-layer network state tree
CN115766037A (en) * 2022-11-28 2023-03-07 周加华 Cross-chain transaction method based on block chain
CN115766037B (en) * 2022-11-28 2024-03-15 恒道礼创(深圳)发展合伙企业(有限合伙) Cross-chain transaction method based on block chain

Similar Documents

Publication Publication Date Title
Sunyaev et al. Distributed ledger technology
US20240119166A1 (en) Distributed privately subspaced blockchain data structures with secure access restriction management
TWI716140B (en) Data processing method and device based on blockchain
CN108389047B (en) Method for trading between parent chain and child chain in block chain and block chain network
CN106254374B (en) A kind of cloud data public audit method having duplicate removal function
KR102120703B1 (en) Apparatus for managing group of nodes which comprises transaction of dual signature based on group key on blockchain network and computing apparatus
JP2022153643A (en) Secure off-chain blockchain transactions
JP2020502857A (en) Information protection system and method
CN110311781A (en) Micro services information is provided
CN113592475B (en) Cross-chain asset transfer method, computer device, and storage medium
CN112733178B (en) Cross-chain trust method, device, equipment and medium based on digital certificate authentication
CN110601855B (en) Root certificate management method and device, electronic equipment and storage medium
CN113592476A (en) Cross-chain asset transfer method, computer device, and storage medium
CN111339116A (en) Block chain-based method for sharing open bank data
CN112801778B (en) Alliance type bad asset block chain system
JP2020048161A (en) Transaction device, transaction method and transaction program
CN109067544A (en) A kind of private key verification method, the apparatus and system of soft or hard combination
CN113706313A (en) Financing method, system and computer readable storage medium based on block chain
CN110930152A (en) Data processing method based on block chain and related equipment
Singh et al. Performance comparison of executing fast transactions in bitcoin network using verifiable code execution
CN114157428A (en) Block chain-based digital certificate management method and system
Kabiri et al. Blockchain and smart contracts
CN113869901B (en) Key generation method, key generation device, computer-readable storage medium and computer equipment
WO2022205959A1 (en) Method and apparatus for sending transaction in blockchain, and method and apparatus for executing transaction in blockchain
KR102494873B1 (en) Transaction execution device to implement a virtual machine based on a zero-knowledge proof circuit for general operation verification

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20211102