CN113836548B - Data consistency guarantee method, system and equipment of intelligent contract and storage medium - Google Patents

Data consistency guarantee method, system and equipment of intelligent contract and storage medium Download PDF

Info

Publication number
CN113836548B
CN113836548B CN202111023787.XA CN202111023787A CN113836548B CN 113836548 B CN113836548 B CN 113836548B CN 202111023787 A CN202111023787 A CN 202111023787A CN 113836548 B CN113836548 B CN 113836548B
Authority
CN
China
Prior art keywords
state variable
intelligent contract
state
locking
variable name
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111023787.XA
Other languages
Chinese (zh)
Other versions
CN113836548A (en
Inventor
邓靖
田志宏
苏申
鲁辉
林链升
李柯斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou University
Original Assignee
Guangzhou University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou University filed Critical Guangzhou University
Priority to CN202111023787.XA priority Critical patent/CN113836548B/en
Publication of CN113836548A publication Critical patent/CN113836548A/en
Application granted granted Critical
Publication of CN113836548B publication Critical patent/CN113836548B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/23Updating
    • G06F16/2365Ensuring data consistency and integrity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides a data consistency guarantee method, a system, equipment and a storage medium of an intelligent contract, wherein the method comprises the following steps: receiving a state variable locking request of an intelligent contract; acquiring an intelligent contract address and a state variable name according to the state variable locking request; distributing a mutual exclusion lock according to the intelligent contract address and the state variable name, and locking a state variable corresponding to the state variable name by adopting the mutual exclusion lock; and responding to a state variable unlocking request of the intelligent contract, and executing unlocking operation of the state variable. According to the invention, the re-entry risk is identified by combining data read-write isolation and data lock state detection between the associated operation sequences, so that normal and stable processing of transaction business of the block chain system can be ensured, inconsistent data states caused by reading and writing data in a dirty state by an attacker can be effectively prevented, re-entry attack is prevented, transaction loss risk is reduced, external calling is not limited, and flexibility and universality of intelligent contract application development are ensured.

Description

Data consistency guarantee method, system and equipment of intelligent contract and storage medium
Technical Field
The present invention relates to the field of electronic and information technologies, and in particular, to a method, a system, a computer device, and a storage medium for guaranteeing data consistency of an intelligent contract.
Background
Intelligent contracts can be regarded from a technical level as a set of functions defined by bytecode instructions, in particular capable of receiving, storing, transmitting information and properties of currency. The existence of logical association constraints between intelligent contract state data that specifically bears an application business is referred to as data consistency. For example: constraints between "account" and "balance" hold a corresponding amount of tokens for each project participant, and during development, auditing and testing of smart contracts, it is generally assumed that their contextual environmental data logic is consistent, and when smart contracts perform data operations, particularly complex data operations, intermediate dirty states that do not satisfy the associated constraints may occur, which may make smart contracts more accessible to malicious attackers for profit if the developer is not sufficiently rigorous in designing the smart contracts. That is, a malicious attacker can construct a dirty state of the intelligent contract by means of reentry attack and the like, and an external contract has the opportunity to maliciously utilize the dirty state through reentry attack so as to break through the original constraint of the intelligent contract, tamper the control flow and the state of the original intelligent contract, and realize the attacks such as maliciously repeated transfer through a rollback function or the callback attack contract. For example: the DAO event that causes severe market fluctuations is an attacker taking advantage of The dirty status for excess withdrawal. Therefore, ensuring consistency of intelligent contract data and ensuring that dirty states are not maliciously utilized becomes a technical problem to be solved.
Existing solutions include two classes: (1) Ensuring that intelligence does not make (or cannot make) external calls in the dirty state, such as setting the Gas upper limit such that the account is insufficient to invoke the contract again, or strictly checking that the interaction effect of the statement and the execution order ensure that the state change is all before the external call, or providing a modifier applied to the function that can fail the operation when re-entry is detected; (2) The intelligent access method and the intelligent access system ensure that the dirty state cannot be accessed (read or written) again when external call is carried out, such as designing a safe library function safe call, so that state data is locked when the call function is used and the lock is released after the call function is finished, the call function is prevented from being utilized by an attacker, or a sensitive variable of a sensitive function is identified through a preset rule library and a sensitive area is determined, when the sensitive area is entered, the variable in the sensitive area is locked, and if the locked data is read, the transaction rolls back, so that the re-entry attack is prevented. Although the two methods can ensure the consistency of intelligent contract data to a certain extent, the two methods have the defects that the method for limiting the number of times of calling contracts by setting the upper limit of Gas is not flexible enough, has application limitation, and can not call callback functions due to insufficient Gas; the method for strictly checking the interactive effect and the execution sequence of the sentences has high requirement on auditing correctness and is easily influenced by human errors; the modifier of the function requires modifier definition for all functions; the method for safely calling the call function locks the state data only during the call function calling, and the reentry risk of changing some state data in the contract by calling other functions cannot be avoided; the method for locking the sensitive area of the sensitive function has no definite locking mode and is not compatible with the running mode of the existing block chain system.
Therefore, it is needed to provide a data consistency guaranteeing method and system for intelligent contracts, which can effectively prevent re-entry attacks, limit external calls and guarantee flexibility and universality of intelligent contract application development.
Disclosure of Invention
The invention aims to provide a data consistency guaranteeing method, a system, computer equipment and a storage medium of an intelligent contract, which are used for detecting the lock state of data by combining reentry depth to judge whether reentry is performed by realizing data read-write isolation between associated operation sequences, so that when the intelligent contract executes data operation to generate a dirty state and is externally called, the external contract can be ensured to be incapable of performing read-write operation on response state data, the external contract is prevented from using the dirty state to launch reentry attack to tamper data and cause loss, the reentry attack is effectively prevented, the external call is not limited, and the flexibility and the universality of intelligent contract application development are ensured.
In order to achieve the above object, it is necessary to provide a data consistency assurance method, system, computer device and storage medium for an intelligent contract, in accordance with the above technical problems.
In a first aspect, an embodiment of the present invention provides a method for guaranteeing data consistency of an intelligent contract, where the method includes the following steps:
receiving a state variable locking request of an intelligent contract;
acquiring an intelligent contract address and a state variable name according to the state variable locking request; the state variable name includes at least one state variable;
distributing a mutual exclusion lock according to the intelligent contract address and the state variable name, and locking a state variable corresponding to the state variable name by adopting the mutual exclusion lock;
and responding to a state variable unlocking request of the intelligent contract, and executing unlocking operation of the state variable.
Further, the mutual exclusion lock is realized by adopting a standard library method.
Further, the step of allocating a mutual exclusion lock according to the intelligent contract address and the state variable name and locking the state variable corresponding to the state variable name includes:
judging whether the mutual exclusion lock is allowed to be allocated or not according to the access data stack and the state variable name;
and if the allocation of the mutual exclusion lock is allowed, storing the intelligent contract address and the state variable name in the access data stack, and allocating the corresponding mutual exclusion lock, otherwise, rejecting the state variable locking request.
Further, the step of determining whether to allow allocation of the mutex lock according to the access data stack and the state variable name includes:
traversing the state variable names and judging whether the state variables stored in the access data stack exist or not;
and if the state variable name does not contain the state variable stored in the access data stack, allowing the allocation of the mutual exclusion lock, otherwise, refusing to allocate the mutual exclusion lock.
Further, the step of performing an unlocking operation of the state variable in response to a state variable unlocking request of the smart contract includes:
releasing the mutual exclusion lock corresponding to the state variable name, and clearing the intelligent contract address and the state variable name from the access data stack.
In a second aspect, an embodiment of the present invention provides a data consistency assurance system for an intelligent contract, the system including:
the request receiving module is used for receiving a state variable locking request of the intelligent contract;
the variable acquisition module is used for acquiring an intelligent contract address and a state variable name according to the state variable locking request; the state variable name includes at least one state variable;
the variable locking module is used for distributing mutual exclusion locks according to the intelligent contract address and the state variable names and locking state variables corresponding to the state variable names through the mutual exclusion locks;
and the variable unlocking module is used for responding to the state variable unlocking request of the intelligent contract and executing the unlocking operation of the state variable.
Further, the variable locking module includes:
the resource allocation module is used for judging whether the mutual exclusion lock is allowed to be allocated or not according to the access data stack and the state variable name;
and the access recording module is used for storing the intelligent contract address and the state variable name in the access data stack when the allocation of the mutual exclusion lock is allowed.
Further, the variable unlocking module includes:
the resource release module is used for releasing the mutual exclusion lock corresponding to the state variable name;
and the access clearing module is used for clearing the intelligent contract address and the state variable name from the access data stack.
In a third aspect, embodiments of the present invention further provide a computer device, including a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the above method when executing the computer program.
In a fourth aspect, embodiments of the present invention also provide a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the above method.
The application provides a data consistency guarantee method, a system, computer equipment and a storage medium of an intelligent contract, by the method, the technical scheme of receiving a state variable locking request of the intelligent contract, acquiring an intelligent contract address and a state variable name according to the state variable locking request, then distributing a mutual exclusion lock according to the intelligent contract address and the state variable name, performing locking operation on a state variable corresponding to the state variable name by adopting the mutual exclusion lock, and executing unlocking operation of the state variable in response to the state variable unlocking request of the intelligent contract is realized. Compared with the prior art, the data consistency guaranteeing method of the intelligent contract realizes data read-write isolation between related operation sequences based on a mutual exclusion lock mode, and detects and identifies the re-entry risk by combining the re-entry depth to the lock state of the data, so that normal and stable processing of transaction business of a block chain system can be ensured, moreover, inconsistent data states caused by reading and writing the data in a dirty state by an attacker can be effectively prevented, re-entry attacks are prevented, the risk of transaction loss is reduced, external calling is not limited, and flexibility and universality of intelligent contract application development are ensured.
Drawings
FIG. 1 is an application scenario intent of a data consistency assurance method for an intelligent contract in an embodiment of the present invention;
FIG. 2 is a schematic diagram of a data consistency assurance mechanism for an intelligent contract in accordance with an embodiment of the present invention;
FIG. 3 is a flow chart of a state variable access application of the present invention;
FIG. 4 is a flow chart of a method for data consistency assurance of an intelligent contract according to an embodiment of the present invention;
FIG. 5 is a flowchart illustrating the locking operation of the state variable in step S13 in FIG. 4;
FIG. 6 is a flowchart illustrating step S131 in FIG. 5 for determining whether to allow allocation of a mutex lock;
FIG. 7 is a schematic diagram of a data consistency assurance system for smart contracts in accordance with an embodiment of the present invention;
FIG. 8 is a schematic diagram of the variable locking module of FIG. 8;
FIG. 9 is a schematic diagram of the variable unlocking module of FIG. 8;
fig. 10 is an internal structural view of a computer device in the embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantageous effects of the present application more apparent, the present invention will be further described in detail with reference to the accompanying drawings and examples, and it should be understood that the examples described below are only illustrative of the present invention and are not intended to limit the scope of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The data consistency mentioned in the present invention conforms to the data consistency of a traditional relational database. In relational databases, the goal of ensuring data consistency is refined to the ACID principle, namely: 1) Atomicity (atomicity) transactions either commit fully or fail rollback fully, there is no partially successful state, and only a portion of the operations therein cannot be performed; 2) Consistency, the execution of a transaction cannot destroy the integrity and consistency of database data, and a database must be in a consistent state before and after the execution of a transaction; 3) Isolation (isolation), in which concurrent transactions are isolated from each other, execution of one transaction cannot be interfered with by other transactions; 4) Persistence (durability), once a transaction commits, changes to the state of the corresponding data are permanently saved.
The data in the blockchain system is difficult to tamper, the persistence principle is naturally met, and because the intelligent contract transaction is executed serially and is executed atomically, if the reentrant attack is not considered, the transaction result data under normal conditions is in a consistent state, and the consistency is met. Therefore, the key of ensuring the consistency of the intelligent contract data is to ensure that the operation sequences (comprising reading and writing, called associated operation sequences) of the same group of logic related state data are atomically executed and are isolated from each other, so that the principle of atomicity and isolation is met, the associated operation sequences are not influenced by each other when the reentry attack occurs, and further the risk of malicious utilization of the dirty state is avoided.
The data consistency guaranteeing method of the intelligent contract aims to solve the isolation problem between associated operation sequences in the intelligent contract, and is applied to a block chain service application scene shown in fig. 1. The terminal can be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers and portable wearable devices, and is used for realizing related business operations based on the blockchain service system; the server can be realized by an independent server or a server cluster formed by a plurality of servers, and is used for running a blockchain system supporting a specific service, the intelligent contract of the blockchain system is realized by adopting the data consistency guarantee technology of the invention, and the state variable data read-write isolation between the associated operation sequences is realized by adopting the mutual exclusion lock. As shown in fig. 2 and fig. 3, before performing a transaction association operation, an intelligent contract of the blockchain system needs to call an locking about application to lock state variable data accessed by an operation sequence, and the operation can be performed after the locking is successful, so that the data cannot be applied for access for multiple times in one association operation, that is, when the state variable data is locked, an external contract attempts to access the data and fails to apply for subsequent operation, and transaction rollback is performed, so that data reading in a dirty state is avoided, and after the transaction operation sequence is finished, the locked state variable data is released, and can be applied for in the next operation, so that the dirty state of the intelligent contract is ensured not to be maliciously utilized, and further, the consistency guarantee of the state data of the intelligent contract is realized. The following embodiments will explain the data consistency assurance method of the smart contract of the present invention in detail.
In one embodiment, as shown in fig. 4, there is provided a data consistency assurance method of an intelligent contract, the method comprising the steps of:
s11, receiving a state variable locking request of an intelligent contract;
the state variable locking request can be understood as that when the intelligent contract is called by an external contract to complete a certain transaction operation, the intelligent contract can involve reading operations of some state variables, writing operations of some state variables or writing operations of some state variables and writing operations of other state variables, and at this time, the intelligent contract firstly calls a locking about application to lock the state variables related to the transaction operation so as to manage the reading and writing operations of the state variables and then performs related transaction related operations.
S12, acquiring an intelligent contract address and a state variable name according to the state variable locking request; the state variable name includes at least one state variable;
after the locking is about to receive a state variable locking request of the intelligent contract, or the intelligent contract address and the state variable name of the contract are acquired, the intelligent contract address and the state variable name are used as a group of access data to be detected, so that the state variable access condition of each intelligent contract is effectively monitored. The addresses of the smart contracts are used to distinguish between different smart contracts to avoid the occurrence of a state variable of the smart contract being repeatedly accessed at the same time. The state variable name may be only one state variable as described above, or may include a plurality of state variables, where specific situations relate to corresponding transaction operations when the smart contract receives an external contract call, which are not described herein.
S13, distributing a mutual exclusion lock according to the intelligent contract address and the state variable name, and locking a state variable corresponding to the state variable name by adopting the mutual exclusion lock;
the mutual exclusion lock is a lock resource for managing and controlling access conditions of state variables, and can be realized by adopting the existing technology capable of realizing the function in principle. The embodiment distributes the mutual exclusion lock based on the intelligent contract address applying for locking the state variables and the state variable name applied for locking, applies and releases the mutual exclusion lock, namely, calls a library method, calls a locking method of the locking contract when the intelligent contract locks certain state variables, and the locking method detects the locking state of the state variable data applied for locking to judge whether the locked condition exists or not and determines whether to execute locking operation according to a detection result. As shown in fig. 5, the step S13 of allocating a mutual exclusion lock according to the smart contract address and the state variable name, and locking the state variable corresponding to the state variable name by using the mutual exclusion lock includes:
s131, judging whether the mutual exclusion lock is allowed to be allocated or not according to the access data stack and the state variable name;
the access data stack is a data stack preset for storing access data information when the current system runs, namely all state variables which are being accessed and intelligent contract addresses corresponding to the access, namely state variable related information which is locked by a mutual exclusion lock, when related transaction operations do not exist in the blockchain system, the access data stack is initialized to be an empty stack, along with the running of the transaction operations in the system, the state data information related to the transaction operations which are being executed in the current system can be stored at any time, and the corresponding state data information is cleared after the execution of the transaction operations is finished, so that whether the corresponding state variables are allowed to be accessed or not, namely whether the corresponding mutual exclusion lock resources are allowed to be allocated for preventing reentry use or not can be effectively judged when the state variable locking request of the intelligent contract is received each time. As shown in fig. 6, the step S131 of determining whether to allow allocation of the mutex lock according to the access data stack and the state variable name includes:
s1311, traversing the state variable names, and judging whether the state variables stored in the access data stack exist or not;
the state variable name may include a plurality of state variables as described above, and when detecting the state variables, it is necessary to determine whether all the state variables are not recorded in the current access data stack, that is, only when the state variables (state variables for which the smart contract applies for locking) accessed by the current foreign contract are not in the state of being accessed (locked), access (locking) is allowed, so that transaction operation in the dirty data state is effectively avoided, and occurrence of reentry risk is avoided. For example, the smart contract a has state variables a1, a2, a3, a4, and it is assumed that the smart contract a applies for locking a set of state variables { a1, a2} in a state of locking, that is, the smart contract a address and { a1, a2} are stored in the access data stack, in a state of locking the state variables { a1, a2}, in a state of accessing the state variables of the smart contract B. Based on this background, several different state variable access situations may occur, corresponding to the access result being: 1) When the intelligent contract B tries to access a1 and the intelligent contract A applies for locking { a1}, the locking constraint judges that a1 is in a locking state, records are in an access data stack, and false is returned, namely mutual exclusion lock is not allowed to be allocated; 2) When the intelligent contract B tries to access a3 and a1 and the intelligent contract A applies for locking { a3 and a1}, although a3 is not locked, the locking about judges that a1 is in a locking state, accesses a record in a data stack, returns false, namely, the mutual exclusion lock is not allowed to be allocated; 3) When the intelligent contract B tries to access a3 and a4, and the intelligent contract A applies for locking { a3 and a4}, the locking constraint judges that neither a3 nor a4 is locked, no record exists in the access data stack, returns true, namely allows the allocation of the exclusive lock, and stores the state variable names { a3 and a4} in the access data stack.
S1312, if the state variable name does not have the state variable stored in the access data stack, allowing the allocation of the mutual exclusion lock, otherwise, refusing to allocate the mutual exclusion lock.
In the embodiment, the mutual exclusion lock is adopted to isolate data read-write between associated operation sequences corresponding to state variable access of intelligent contract call to the intelligent contract, so that normal transaction processing is ensured, the locked and protected state variable is refused to be accessed again by the external contract, reliable guarantee is provided for intelligent contract consistency data, and further malicious reentry attack in a dirty data state is effectively prevented.
S132, if the allocation of the mutual exclusion lock is allowed, storing the intelligent contract address and the state variable name in the access data stack, and allocating the corresponding mutual exclusion lock, otherwise, rejecting the state variable locking request.
When the locking constraint judges that the exclusive lock is allowed to be allocated, the intelligent contract address and the state variable name are jointly used as a group of access data to be stored in an access data stack for subsequent reentrant risk detection. Meanwhile, the intelligent contract can execute corresponding transaction association operation, and update corresponding state variables according to the transaction association operation, so that the sequential completion of the transactions is ensured. It should be noted that, the transaction association operation corresponds to a function of a specific smart contract, and when the transaction association operation is performed, which state variables are updated specifically and how to update are different according to actual application situations, which is not limited herein.
When locking the state variable locking request about refusing the intelligent contract, in order to realize the atomization execution of the transaction association operation sequence, namely, a state which does not exist partially successfully, the intelligent contract rolls back the corresponding transaction association operation, namely, inquires whether other unreleased state variables corresponding to the transaction association operation access the locking state, if so, the corresponding state variable values are restored to the values before the transaction association operation is executed, and the values are unlocked, so that the transaction rollback is realized, and the normal execution of the transaction operation of other intelligent contracts is ensured.
S14, responding to a state variable unlocking request of the intelligent contract, and executing unlocking operation of the state variable.
After the transaction association operation of the intelligent contract processing is completed according to the actual system operation rule, in order to ensure that the state variable access of the subsequent transaction operation corresponding to the intelligent contract can be normally executed, so as to smoothly complete the corresponding transaction operation, the normal operation of the blockchain system service is effectively ensured, and the unlocking operation needs to be executed on the state variable of the locking processing corresponding to the transaction association operation, specifically: releasing the mutual exclusion lock corresponding to the state variable name, and clearing the intelligent contract address and the state variable name from the access data stack.
Examples of locking contracts implementing the above-described locking/unlocking function for intelligent contract state variable locking/unlocking requests are as follows, a set of state variable names are passed into a locking method in a parameter passing manner, if the locking method returns true, the intelligent contract continues to execute transaction-related operations, if false is returned, the intelligent contract rolls back transactions:
according to the method, when the locking about receives the state variable locking request of the intelligent contract, the intelligent contract address and the state variable name are obtained according to the state variable locking request, whether the mutual exclusion lock is allowed to be allocated or not is detected according to the intelligent contract address and the state variable name, when the mutual exclusion lock is allowed to be allocated, the mutual exclusion lock is adopted to firstly lock the state variable corresponding to the state variable name, then the intelligent contract is used for executing corresponding transaction association operation, the corresponding state variable is updated, when the transaction association operation is completed, unlocking operation of the locking about execution state variable is called, when the locking about judges that the mutual exclusion lock is not allowed to be allocated, the locking request of the state variable of the intelligent contract is refused, the technical scheme that the intelligent contract rolls back related transactions is realized, the data read-write isolation between related operation sequences is realized, the lock state of data is detected and identified by combining the reentry depth, normal stable processing of a block chain system transaction service can be guaranteed, moreover, the situation that an attacker reads and writes data in a dirty state and causes inconsistent state can be effectively prevented, reentry attack is prevented, external call is not limited, and flexibility and development of intelligent contract application is guaranteed.
The application of the intelligent contract consistency data assurance method of the present invention will be described below using the Loan contract Loan as an example. The total liabilities and Loan amounts in the Loan contract Loan are state variables. The external contract may deposit the mortgage into the Loan contract to obtain a Loan amount: when a Loan method is called, loan contracts transfer to external contracts; when the total liabilities are 0, the external contracts may take mortgage out.
When a reentry attack occurs on the Loan contract lon: after the attack is about to put in the mortgage, calling a Loan method of the Loan contract, and after the transfer of money and before the update of the total debt, calling a mortgage taking method, wherein the total debt is still 0 when the total debt is not updated. In this case, if the locking method is not used, the total debt and the debt amount can be reentered, and the attack contract can successfully call the mortgage taking method, resulting in loss of the Loan contract; if the locking method is used, when the mortgage taking method is called, the application of access to the total liabilities and the loan amount is required, namely, the application of the locking operation to the total liabilities and the loan amount is required, and as the total liabilities and the loan amount are recorded in the access data stack, the allocation of mutually exclusive lock resources is not allowed, the corresponding access state variable requests can be refused, and meanwhile, the corresponding transaction rollback operation can be executed if necessary, thereby effectively avoiding the re-entry attack and avoiding the occurrence of transaction loss risks.
Although the steps in the flowcharts described above are shown in order as indicated by arrows, these steps are not necessarily executed in order as indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders.
In one embodiment, as shown in FIG. 7, a data consistency assurance system for smart contracts is provided, the system comprising:
the request receiving module 1 is used for receiving a state variable locking request of the intelligent contract;
the variable acquisition module 2 is used for acquiring an intelligent contract address and a state variable name according to the state variable locking request; the state variable name includes at least one state variable;
the variable locking module 3 is used for distributing mutual exclusion locks according to the intelligent contract address and the state variable names, and locking state variables corresponding to the state variable names through the mutual exclusion locks;
and the variable unlocking module 4 is used for responding to the state variable unlocking request of the intelligent contract and executing the unlocking operation of the state variable.
In one embodiment, as shown in fig. 8, the variable locking module 3 includes:
a resource allocation module 31, configured to determine whether to allow allocation of the mutex lock according to an access data stack and the state variable name;
an access record module 32, configured to store the smart contract address and the state variable name in the access data stack when the exclusive lock is allowed to be allocated.
In one embodiment, as shown in fig. 9, the variable unlocking module 4 includes:
a resource releasing module 41, configured to release the mutex lock corresponding to the state variable name;
an access cleaning module 42 is configured to clean the smart contract address and the state variable name from the access data stack.
It should be noted that, for specific limitation of the data consistency assurance system of the smart contract, reference may be made to the limitation of the data consistency assurance method of the smart contract hereinabove, and the description thereof will not be repeated here. The modules in the data consistency assurance system of the intelligent contract can be all or partially implemented by software, hardware and combinations thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
Fig. 10 shows an internal structural diagram of a computer device, which may be a terminal or a server in particular, in one embodiment. As shown in fig. 10, the computer device includes a processor, a memory, a network interface, a display, and an input device connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program, when executed by the processor, implements the data consistency assurance method of the smart contract described above. The display screen of the computer equipment can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, can also be keys, a track ball or a touch pad arranged on the shell of the computer equipment, and can also be an external keyboard, a touch pad or a mouse and the like.
It will be appreciated by those of ordinary skill in the art that the architecture shown in fig. 10 is merely a block diagram of some of the architecture relevant to the present application and is not intended to limit the computer device on which the present application may be implemented, and that a particular computing device may include more or fewer components than shown, or may combine certain components, or have the same arrangement of components.
In one embodiment, a computer device is provided comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the above method when the computer program is executed.
In one embodiment, a computer readable storage medium is provided having a computer program stored thereon, which when executed by a processor, implements the steps of the above method.
In summary, the data consistency guarantee method, system, computer device and storage medium for an intelligent contract provided by the embodiments of the present invention realize the technical scheme that when a locking constraint receives a state variable locking request for the intelligent contract, an intelligent contract address and a state variable name are obtained according to the state variable locking request, whether a mutual exclusion lock is allowed to be allocated is detected according to the intelligent contract address and the state variable name, when the mutual exclusion lock is allowed to be allocated, the mutual exclusion lock is adopted to firstly lock a state variable corresponding to the state variable name, then the intelligent contract is used to execute a corresponding transaction association operation, and the corresponding state variable is updated, and when the transaction association operation is completed, the locking constraint is called to execute an unlocking operation for the state variable, and when the locking constraint judges that the mutual exclusion lock is not allowed to be allocated, the state variable locking request for the intelligent contract is refused, and the intelligent contract rolls back related transactions. The data consistency guaranteeing method of the intelligent contract realizes data read-write isolation between related operation sequences based on a mutual exclusion lock mode, and detects and identifies the re-entry risk by combining the re-entry depth to the lock state of the data, so that normal and stable processing of transaction business of a block chain system can be ensured, moreover, inconsistent data states caused by reading and writing the data in a dirty state by an attacker can be effectively prevented, re-entry attacks are prevented, the risk of transaction loss is reduced, external calling is not limited, and flexibility and universality of intelligent contract application development are ensured.
In this specification, each embodiment is described in a progressive manner, and all the embodiments are directly the same or similar parts referring to each other, and each embodiment mainly describes differences from other embodiments. In particular, for system embodiments, since they are substantially similar to method embodiments, the description is relatively simple, as relevant to see a section of the description of method embodiments. It should be noted that, any combination of the technical features of the foregoing embodiments may be used, and for brevity, all of the possible combinations of the technical features of the foregoing embodiments are not described, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The foregoing examples represent only a few preferred embodiments of the present application, which are described in more detail and are not thereby to be construed as limiting the scope of the invention. It should be noted that modifications and substitutions can be made by those skilled in the art without departing from the technical principles of the present invention, and such modifications and substitutions should also be considered to be within the scope of the present application. Therefore, the protection scope of the patent application is subject to the protection scope of the claims.

Claims (5)

1. A data consistency assurance method of an intelligent contract, the method comprising the steps of:
receiving a state variable locking request of an intelligent contract;
acquiring an intelligent contract address and a state variable name according to the state variable locking request; the state variable name includes at least one state variable;
distributing a mutual exclusion lock according to the intelligent contract address and the state variable name, and locking a state variable corresponding to the state variable name by adopting the mutual exclusion lock;
responding to a state variable unlocking request of the intelligent contract, and executing unlocking operation of the state variable;
the step of distributing the mutual exclusion lock according to the intelligent contract address and the state variable name and locking the state variable corresponding to the state variable name comprises the following steps:
judging whether the mutual exclusion lock is allowed to be allocated or not according to the access data stack and the state variable name;
if the exclusive lock is allowed to be allocated, storing the intelligent contract address and the state variable name in the access data stack, and allocating the corresponding exclusive lock, otherwise, rejecting the state variable locking request;
the step of judging whether the exclusive lock is allowed to be allocated according to the access data stack and the state variable name comprises the following steps:
traversing the state variable names and judging whether the state variables stored in the access data stack exist or not;
if the state variable name does not have the state variable stored in the access data stack, the exclusive lock is allowed to be allocated, otherwise, the exclusive lock is refused to be allocated, and the method specifically comprises the following steps:
when the state variable name comprises a plurality of state variables, judging whether all the state variables are not recorded in the current access data stack, and allowing locking access when the state variables of the current intelligent contract applying for locking are not in the locking state of being accessed;
the step of performing an unlocking operation of the state variable in response to a state variable unlocking request of the smart contract includes:
releasing the mutual exclusion lock corresponding to the state variable name, and clearing the intelligent contract address and the state variable name from the access data stack.
2. The data consistency assurance method of intelligent contracts according to claim 1, wherein the mutual exclusion lock is implemented using a standard library method.
3. A data consistency assurance system for an intelligent contract, the system comprising:
the request receiving module is used for receiving a state variable locking request of the intelligent contract;
the variable acquisition module is used for acquiring an intelligent contract address and a state variable name according to the state variable locking request; the state variable name includes at least one state variable;
the variable locking module is used for distributing mutual exclusion locks according to the intelligent contract address and the state variable names and locking state variables corresponding to the state variable names through the mutual exclusion locks;
the variable unlocking module is used for responding to a state variable unlocking request of the intelligent contract and executing unlocking operation of the state variable;
wherein, the variable locking module includes:
the resource allocation module is used for judging whether the mutual exclusion lock is allowed to be allocated or not according to the access data stack and the state variable name; the system is also used for judging whether all the state variables are not recorded in the current access data stack when the state variable names comprise a plurality of state variables, and allowing locking access when the state variables which are applied for locking by the current intelligent contract are not in the locking state which is being accessed;
the access recording module is used for storing the intelligent contract address and the state variable name in the access data stack when the exclusive lock is allowed to be allocated;
the variable unlocking module comprises:
the resource release module is used for releasing the mutual exclusion lock corresponding to the state variable name;
and the access clearing module is used for clearing the intelligent contract address and the state variable name from the access data stack.
4. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the steps of the method of claim 1 when executing the computer program.
5. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of claim 1.
CN202111023787.XA 2021-09-01 2021-09-01 Data consistency guarantee method, system and equipment of intelligent contract and storage medium Active CN113836548B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111023787.XA CN113836548B (en) 2021-09-01 2021-09-01 Data consistency guarantee method, system and equipment of intelligent contract and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111023787.XA CN113836548B (en) 2021-09-01 2021-09-01 Data consistency guarantee method, system and equipment of intelligent contract and storage medium

Publications (2)

Publication Number Publication Date
CN113836548A CN113836548A (en) 2021-12-24
CN113836548B true CN113836548B (en) 2023-07-25

Family

ID=78961977

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111023787.XA Active CN113836548B (en) 2021-09-01 2021-09-01 Data consistency guarantee method, system and equipment of intelligent contract and storage medium

Country Status (1)

Country Link
CN (1) CN113836548B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105955804A (en) * 2016-04-22 2016-09-21 星环信息科技(上海)有限公司 Method and device for processing distributed transaction
KR20210048241A (en) * 2019-10-23 2021-05-03 전북대학교산학협력단 Apparatus and method for surveilling smart contract

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105955804A (en) * 2016-04-22 2016-09-21 星环信息科技(上海)有限公司 Method and device for processing distributed transaction
KR20210048241A (en) * 2019-10-23 2021-05-03 전북대학교산학협력단 Apparatus and method for surveilling smart contract

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
区块链对传统银行业务的影响与对策;陈向阳等;征信(第01期);第76-82页 *
基于区块链的数字资产安全发行及管理技术实现;孟嘉霖等;网络空间安全;第10卷(第9期);第92-101页 *

Also Published As

Publication number Publication date
CN113836548A (en) 2021-12-24

Similar Documents

Publication Publication Date Title
KR101203297B1 (en) Direct update software transactional memory
US7941616B2 (en) System to reduce interference in concurrent programs
US8776063B2 (en) Method and system for hardware feedback in transactional memory
CN101410797B (en) Method, device and system for transactional memory in out-of-order processors
US8732220B2 (en) Virtualized file system
US11966385B2 (en) Database transaction log writing and integrity checking
US5504814A (en) Efficient security kernel for the 80960 extended architecture
US11200226B2 (en) Data read and write method and apparatus, and electronic device
CN108475217A (en) System and method for virtual machine of auditing
US8645650B2 (en) Augmented advisory lock mechanism for tightly-coupled clusters
US20150269040A1 (en) Restoring distributed shared memory data consistency within a recovery process from a cluster node failure
US20180267841A1 (en) Speculative execution management in a coherent accelerator architecture
US20190073371A1 (en) Method for managing files and apparatus using the same
EP1380948A2 (en) Process group resource manager
CN107402821A (en) Access control method, device and the equipment of shared resource
US20050216466A1 (en) Method and system for acquiring resource usage log and computer product
CN112990823A (en) Method, system and storage medium for realizing inventory management
US7260831B1 (en) Method and system for authorization and access to protected resources
US9262626B2 (en) Stack entry overwrite protection
CN113836548B (en) Data consistency guarantee method, system and equipment of intelligent contract and storage medium
US20110061052A1 (en) Method and system using a temporary object handle
US7539678B2 (en) Systems and methods for controlling access to an object
EP1977551B1 (en) Binding a protected application program to shell code
CN114461409A (en) Auxiliary analysis method, system and storage medium for abnormal blocking of mutual exclusion semaphore
CN100465980C (en) Method for improving operation system safety through incompatiblity of process behavour

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant