CN115085934A - Contract management method based on block chain and combined key and related equipment - Google Patents

Abstract

The embodiments of the present application belong to the field of blockchain information security, and relate to a contract management method and related equipment based on a blockchain and a combined key, including acquiring all participants on the blockchain, combining the participants in pairs, and obtaining Combining the result, generating a public-private key pair corresponding to each combination according to the combination result, wherein the public-private key pair includes a combined public key and a combined private key, and sending the combined private key to the corresponding participants in each combination; obtaining the identifiers of the participants in the combination information, hash the identification information to obtain a combined hash value, map the combined hash value and the combined public key of the corresponding public-private key pair and store it in the blockchain; The key information in the corresponding contract is encrypted to obtain the encrypted contract; the encrypted contract is hashed to obtain the contract hash value, and the encrypted contract and the contract hash value are uploaded to the blockchain. This application can improve the security of data and avoid exposing commercial secrets.

Description

Contract management method and related equipment based on blockchain and combined key

technical field

The present application relates to the technical field of blockchain information security, and in particular, to a contract management method and related equipment based on a blockchain and a combined key.

Background technique

In recent years, under the background of the country's vigorous development of inclusive finance, along with the development of digital technology, data assets have become one of the preferred factors for judging the credit issuance of small, medium and micro enterprises. As a direct embodiment of inclusive finance, supply chain finance business has attracted the attention of financial institutions. Traditional supply chain finance is subject to information asymmetry, difficulty in multi-layer penetration of credit, cumbersome offline operations, and difficulty in identifying trade authenticity. Using the decentralization, anti-tampering, and traceability features of the blockchain, combined with the Internet of Things, AIoT and other technologies can enhance the rigid trust ability, so that the core enterprise credit can be reliably and credibly circulated on the blockchain synchronously, effectively revitalizing the enterprise It can realize the credibility of the whole process of trade, so as to solve the problems of difficult and expensive financing for small and medium-sized enterprises.

However, the current application of technologies such as blockchain, Internet of Things, and AIoT cannot solve all problems. In the process of business landing, whether it is a core enterprise or its upstream and downstream suppliers and distributors, uploading core business data to the blockchain still has the possibility of data leakage, resulting in corporate privacy and business data leakage.

SUMMARY OF THE INVENTION

The purpose of the embodiments of this application is to propose a contract management method and related equipment based on a blockchain and a combined key, so as to solve the problem of uploading core business data to the blockchain in the related art, there is still the possibility of data leakage, causing enterprise Technical aspects of privacy and commercial data breaches.

In order to solve the above technical problems, the embodiments of the present application provide a contract management method based on a blockchain and a combined key, which is applied to the contract side and adopts the following technical solutions:

Obtain all participants on the blockchain, combine the participants in pairs to obtain a combination result, and generate a public-private key pair corresponding to each combination according to the combination result, wherein the public-private key pair includes a combination public key and a combination private key;

sending the combination private key to the corresponding participants in each combination;

Obtain the identification information of the participants in the combination, perform hash calculation on the identification information, and obtain a combined hash value;

mapping the combined hash value and the combined public key of the corresponding public-private key pair to the blockchain;

Using the combination public key, encrypt the key information in the contract corresponding to the participants in the combination to obtain an encrypted contract;

Hash calculation is performed on the encrypted contract to obtain a contract hash value;

Upload the encrypted contract and the contract hash to the blockchain.

Further, the step of mapping the combined hash value and the corresponding combined public key of the public-private key pair to the blockchain includes:

Using the combined hash value as a key name and the combined public key as a key value;

The combined hash value and the corresponding combined public key are stored in the blockchain in the form of a key-value pair.

In order to solve the above technical problems, the embodiments of the present application provide a contract management method based on a blockchain and a combined key, which is applied to the contract verification terminal and adopts the following technical solutions:

Send the contract acquisition request to the client corresponding to the target participant;

receiving the partially decrypted contract and the corresponding target combined hash value sent by the client, wherein the partially decrypted contract is obtained by the client by decrypting the target encrypted contract obtained based on the contract acquisition request;

Obtain the corresponding target combination public key according to the target combination hash value, and use the target combination public key to re-encrypt part of the decrypted contract to obtain the contract to be verified;

Hash calculation is performed on the contract to be verified to obtain a hash value to be verified;

The hash value to be verified is verified to obtain a verification result.

Further, the step of verifying the hash value to be verified to obtain a verification result includes:

Obtain the target contract hash value corresponding to the target encrypted contract from the blockchain;

Compare the hash value to be verified with the target contract hash value to obtain a comparison result;

If the comparison results are consistent, the contract verification passes, otherwise, the contract verification fails.

In order to solve the above technical problems, the embodiments of the present application provide a contract management method based on a blockchain and a combined key, which is applied to the client and adopts the following technical solutions:

Receive the contract acquisition request sent by the contract verification terminal, and obtain the corresponding target encrypted contract from the blockchain according to the contract acquisition request;

Decrypt the target encrypted contract by calling the combined private key of the target participant to obtain a partially decrypted contract;

Obtain the target combination hash value according to the identification information of the participants in the partial decryption contract;

Sending the partially decrypted contract and the target hash value to the contract verification terminal.

In order to solve the above technical problems, the embodiments of the present application also provide a contract management device based on a blockchain and a combined key, which is applied to the contract side and adopts the following technical solutions:

The combination module is used to obtain all the participants on the blockchain, combine the participants in pairs to obtain a combination result, and generate a public-private key pair corresponding to each combination according to the combination result, wherein the public-private key pair includes Combined public key and combined private key;

a sending module, configured to send the combination private key to the corresponding participants in each combination;

a first calculation module, configured to obtain the identification information of the participants in the combination, perform hash calculation on the identification information, and obtain a combined hash value;

a mapping module, configured to map and store the combined hash value and the combined public key of the corresponding public-private key pair to the blockchain;

an encryption module, configured to encrypt key information in the contract corresponding to the participants in the combination by using the combination public key to obtain an encrypted contract;

a second computing module, configured to perform hash calculation on the encrypted contract to obtain a contract hash value;

An uploading module, configured to upload the encrypted contract and the contract hash value to the blockchain.

In order to solve the above technical problems, the embodiments of the present application also provide a contract management device based on a blockchain and a combined key, which is applied to the contract verification terminal, and adopts the following technical solutions:

The sending module is used to send the contract acquisition request to the client corresponding to the target participant;

A receiving module, configured to receive the partially decrypted contract and the corresponding target combined hash value sent by the client, wherein the partially decrypted contract is obtained by the client by decrypting the target encrypted contract obtained based on the contract acquisition request ;

an encryption module, configured to obtain the corresponding target combination public key according to the target combination hash value, and use the target combination public key to re-encrypt part of the decrypted contract to obtain the contract to be verified;

a third calculation module, configured to perform hash calculation on the contract to be verified to obtain a hash value to be verified;

A verification module, configured to verify the hash value to be verified to obtain a verification result.

In order to solve the above technical problems, the embodiments of the present application also provide a contract management device based on a blockchain and a combined key, which is applied to the client and adopts the following technical solutions:

an acquisition module, configured to receive the contract acquisition request sent by the contract verification terminal, and obtain the corresponding target encrypted contract from the blockchain according to the contract acquisition request;

a decryption module for decrypting the target encrypted contract using the combined private key of the target participant to obtain a partial decryption contract;

a fourth calculation module, used for obtaining the target combination hash value according to the identification information of the participants in the partial decryption contract;

A sending module, configured to send the partially decrypted contract and the target hash value to the contract verification terminal.

In order to solve the above-mentioned technical problems, the embodiment of the present application also provides a computer device, which adopts the following technical solutions:

The computer equipment includes a contract terminal, a contract verification terminal and a client terminal, the contract terminal includes a first memory and a first processor, the first memory stores computer-readable instructions, and the first processor executes The computer-readable instructions implement the steps of the above-mentioned contract management method based on block chain and combined key; the contract verification terminal includes a second memory and a second processor, and the second memory stores There are computer-readable instructions, and when the second processor executes the computer-readable instructions, the steps of the above-mentioned contract management method based on block chain and combined key are realized; the client includes a third memory and a third memory; Three processors, the third memory stores computer-readable instructions, and when the third processor executes the computer-readable instructions, implements the steps of the above-mentioned contract management method based on blockchain and combined keys .

In order to solve the above technical problems, the embodiments of the present application also provide a computer-readable storage medium, which adopts the following technical solutions:

The computer-readable storage medium stores computer-readable instructions, and when the computer-readable instructions are executed by the processor, implements the steps of the above-mentioned blockchain and combined key-based contract management method.

Compared with the prior art, the embodiments of the present application mainly have the following beneficial effects:

This application obtains all the participants on the blockchain, combines the participants in pairs to obtain a combination result, and generates a public-private key pair corresponding to each combination according to the combination result, wherein the public-private key pair includes a combined public key and a combined private key, Send the combined private key to the corresponding participants in each combination. By combining all the participants on the blockchain in pairs, and generating the public and private keys corresponding to the combination, the participants store their own private keys for use. Decrypting the information related to oneself can protect the privacy of the other party; obtain the identification information of the participants in the combination, perform hash calculation on the identification information, obtain the combined hash value, and combine the combined hash value and the corresponding public-private key pair. The public key is mapped and stored in the blockchain, and the combined public key can be obtained by combining the hash value, so as to avoid exposing too much information of the participants and ensure information security; using the combined public key, the combined public key in the contract corresponding to the participants in the combination can be saved. Encrypting key information to obtain an encrypted contract, and encrypting key information can improve data security and avoid exposing commercial secrets; perform hash calculation on the encrypted contract to obtain the contract hash value, and upload the encrypted contract and contract hash value. To the blockchain, the contract is verified by the contract hash value to ensure that the contract content is authentic and credible without tampering.

Description of drawings

In order to illustrate the solutions in the present application more clearly, the following will briefly introduce the accompanying drawings used in the description of the embodiments of the present application. For those of ordinary skill, other drawings can also be obtained from these drawings without any creative effort.

FIG. 1 is an exemplary system architecture diagram to which the present application can be applied;

FIG. 2 is a flowchart of one embodiment of a contract management method based on blockchain and combined keys according to the present application;

3 is a schematic structural diagram of an embodiment of a contract management device based on a blockchain and a combined key according to the present application;

4 is a schematic structural diagram of a second embodiment of a contract management device based on a blockchain and a combined key according to the present application;

5 is a schematic structural diagram of a third embodiment of a contract management device based on a blockchain and a combined key according to the present application;

FIG. 6 is a schematic structural diagram of an embodiment of a computer device according to the present application.

Detailed ways

Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the technical field of this application; the terms used herein in the specification of the application are for the purpose of describing specific embodiments only It is not intended to limit the application; the terms "comprising" and "having" and any variations thereof in the description and claims of this application and the above description of the drawings are intended to cover non-exclusive inclusion. The terms "first", "second" and the like in the description and claims of the present application or the above drawings are used to distinguish different objects, rather than to describe a specific order.

Reference herein to an "embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the present application. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor a separate or alternative embodiment that is mutually exclusive of other embodiments. It is explicitly and implicitly understood by those skilled in the art that the embodiments described herein may be combined with other embodiments.

In order to make those skilled in the art better understand the solutions of the present application, the technical solutions in the embodiments of the present application will be described clearly and completely below with reference to the accompanying drawings.

This application provides a contract management method based on blockchain and combined keys, which can be applied to the system architecture 100 shown in FIG. 1 , and the system architecture 100 may include terminal devices 101 , 102 , 103 , a network 104 and a server 105. The network 104 is a medium used to provide a communication link between the terminal devices 101 , 102 , 103 and the server 105 . The network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.

The user can use the terminal devices 101, 102, 103 to interact with the server 105 through the network 104 to receive or send messages and the like. Various communication client applications may be installed on the terminal devices 101 , 102 and 103 , such as web browser applications, shopping applications, search applications, instant messaging tools, email clients, social platform software, and the like.

The terminal devices 101, 102, and 103 may be various electronic devices that have a display screen and support web browsing, including but not limited to smart phones, tablet computers, e-book readers, MP3 players (Moving Picture Experts Group Audio Layer III, moving image Expert Compression Standard Audio Layer 3), MP4 (Moving PictureExperts Group Audio Layer IV, Moving Picture Experts Group Audio Layer 4) Players, Laptops and Desktops, etc.

The server 105 may be a server that provides various services, such as a background server that provides support for the pages displayed on the terminal devices 101 , 102 , and 103 .

It should be noted that the contract management method based on the blockchain and the combined key provided by the embodiments of the present application is generally executed by the server/terminal device. Correspondingly, the contract management device based on the blockchain and the combined key is generally set in the server/terminal device.

It should be understood that the numbers of terminal devices, networks and servers in FIG. 1 are merely illustrative. There can be any number of terminal devices, networks and servers according to implementation needs.

Continuing to refer to FIG. 2 , there is shown a flow chart of an embodiment of a contract management method based on blockchain and combined keys according to the present application, including the following steps:

Step S201: Obtain all participants on the blockchain, combine the participants in pairs to obtain a combination result, and generate a public-private key pair corresponding to each combination according to the combination result, wherein the public-private key pair includes a combined public key and a combined private key.

In this embodiment, each participant joins the blockchain network, and the contract terminal invokes the smart contract to generate a public-private key pair corresponding to the number of combinations according to the possibility of a pairwise combination according to the participant information on the chain. For each enterprise, the participant information includes enterprise name, enterprise address, enterprise type, enterprise operation mode and business scope, etc. The public-private key pair can be asymmetrically encrypted public-private key pair.

Among them, a smart contract is a code written on the blockchain. It is a computer transaction agreement that does not require intermediaries, self-verifies, and automatically executes contract terms. When the terms in the contract are triggered, the program can automatically execute them. Smart contracts on the blockchain have the characteristics of decentralization, trustlessness, programmability, and immutability, and can flexibly embed various data and assets to help achieve safe and efficient information exchange, value transfer, and asset management.

For example, suppose there are three parties A, B, and C on the blockchain, and the possible pairwise combinations are AB, AC, and BC. Call the smart contract to generate three pairs of public and private keys, which are respectively related to the combinations AB, AC, and BC. Correspondingly, the public-private key pair includes a combined public key and a combined private key, the private key is stored locally on the client corresponding to the participant, and the public key is stored on the blockchain.

Step S202, sending the combined private key to the corresponding participants in each combination.

Each combination has its corresponding public-private key pair, and the combined private key of the public-private key pair corresponding to a certain combination is sent to the clients corresponding to both parties in the combination and stored locally. In this way, each participant only stores The combined private key associated with it.

For example, the public-private key pair of the combination AB is the first public key and the first private key, the public-private key pair of the combination AC is the second public key and the second private key, and the public-private key pair of the combination BC is the third public key and the first private key. Three private keys, send the first private key to Participant A and Participant B respectively, send the second private key to Participant A and Participant C respectively, send the third private key to Participant B and Participant respectively C. In this way, Participant A only stores the private key related to Participant A, namely AB (the storage method of the first private key in Participant A), AC (the storage method of the second private key in Participant A), and cannot obtain BC Similarly, Participant B only stores the private key related to Participant B, that is, BA (the storage method of the first private key in Participant B), BC (the storage of the third private key in Participant B) method), the private key of AC cannot be obtained; Participant C only stores the private key related to Participant C, namely CA (the storage method of the second private key in Participant C), CB (the third private key in Participant C) storage method), the private key of AB cannot be obtained. This approach preserves the privacy of the other party in the portfolio.

Step S203: Obtain the identification information of the participants in the combination, perform hash calculation on the identification information, and obtain a combined hash value.

In this embodiment, the identification information of both parties is acquired, the identification information of both parties is combined, and a hash algorithm is used to perform a hash calculation on the combined identification information to obtain a combined hash value. The identification information can be used as the unique identification of the participant, which can be a name or an organization code, which is not limited here.

Hash algorithm (Hash Algorithms), also known as hash algorithm, hash algorithm or digital fingerprint, is an algorithm that can compress messages of any length into a fixed-length message. Commonly used hash algorithms include MD series algorithms and SHA series algorithms. .

The mathematical expression of the hash algorithm is as follows:

h=Hash(m)

In the formula, h is the output value of fixed length; m is the input value of arbitrary length. After the binary code of any input value (Message) is calculated by the hash algorithm, the hash value of a 0, 1 string of n bits can be obtained. The value of n may be different in different hash algorithms, such as 128, 160 , 192, 256, 384 or 512 etc.

If the initial value of the input is text, you need to convert the text into a string before performing the hash calculation. Specifically, the identification information is the name of the participant, a regular matching algorithm is used to generate an alphabetic array of the participant's name, and the alphabetic array is reconstituted into a string as the input value of the hashing algorithm; The name of party B is B, and the names of both parties are combined into the string "AB", and then "AB" is hashed to obtain the combined hash value.

Step S204, the combined hash value and the combined public key of the corresponding public-private key pair are mapped and stored in the blockchain.

In this embodiment, the combined hash value and the combined public key of the public-private key pair corresponding to the combination are mapped in the form of key-value pairs. Specifically, the combined hash value is used as the key name key, and the combined public key is used as the key value value , store the combined hash value and combined public key on the blockchain in the form of a key-value pair (key:value), that is, the combined hash value and combined public key on the blockchain are in one-to-one correspondence. The saved state on the blockchain is Hash(a+b), which is the combined public key of participant A and participant B.

By mapping storage, the corresponding combined public key can be obtained faster according to the combined hash value.

Step S205, using the combination public key, encrypt the key information in the contract corresponding to the participants in the combination to obtain an encrypted contract.

In this embodiment, the key information in the contract involving both parties involved in the combination is encrypted with the combined public key and turned into ciphertext, and then the corresponding plaintext in the original contract is replaced, so that the contract is encrypted in the form of a combination of normal text and ciphertext contract.

Among them, the key information includes but is not limited to the names of the participants, contract content, etc. These information are encrypted to avoid leaking the privacy of the participants and improve information security.

Step S206, perform hash calculation on the encrypted contract to obtain a contract hash value.

In this embodiment, a hash algorithm is used to perform hash calculation on the encrypted contract, and the hash algorithm is the same as that described in step S203.

The contract hash value is used to verify the contract, which can ensure the authenticity of the contract content without tampering.

Step S207, upload the encrypted contract and the contract hash value to the blockchain.

In this embodiment, the encrypted contract is uploaded to the blockchain, and the decryption key is only held by both parties involved in the contract, which can ensure that a third party other than the two parties cannot decrypt the contract and ensure the security of information.

It should be emphasized that, in order to further ensure the privacy and security of the encrypted contract and contract hash value, the above encrypted contract and contract hash value can also be stored in a node of a blockchain.

The blockchain referred to in this application is a new application mode of computer technology such as distributed data storage, point-to-point transmission, consensus mechanism, and encryption algorithm. Blockchain, essentially a decentralized database, is a series of data blocks associated with cryptographic methods. Each data block contains a batch of network transaction information to verify its Validity of information (anti-counterfeiting) and generation of the next block. The blockchain can include the underlying platform of the blockchain, the platform product service layer, and the application service layer.

In this embodiment, if the contract verification terminal needs to verify the contract, it sends the contract acquisition request to the client corresponding to the target participant. The contract verification terminal may be a financial institution, and the target participant receives the contract acquisition request through the client terminal. , where the contract acquisition request includes the information of the parties involved in the contract, the contract identifier, etc., and the corresponding target encrypted contract is pulled from the blockchain according to the contract identifier in the contract acquisition request, and the target participant is called to have a local combined private key pair When decrypting the target encrypted contract, it should be understood that only the information related to the target participant is decrypted, and the partially decrypted contract is obtained. hash value.

In this embodiment, decryption is performed at the client to further ensure the security of information.

The client sends the partially decrypted contract and the target combined hash value to the contract verification terminal, and the contract verification terminal receives the partially decrypted contract and can view the contract content.

In this embodiment, the combined hash value and the combined public key are stored correspondingly, and the contract verification end can obtain the corresponding target combined public key from the blockchain according to the target combined hash value, and use the target combined public key to pair part of the Decrypt the contract and re-encrypt it to obtain the contract to be verified, perform hash calculation on the contract to be verified, obtain the hash value to be verified, verify the hash value to be verified, and obtain the verification result, which includes the contract verification result. The verification passed and the contract verification failed.

In this embodiment, the decrypted contract is re-encrypted and hash calculation is performed, and verification is performed according to the obtained hash value, which can improve verification efficiency and verification accuracy.

In this embodiment, the above-mentioned steps of verifying the hash value to be verified and obtaining the verification result include:

Obtain the target contract hash value corresponding to the target encrypted contract from the blockchain;

Compare the hash value to be verified with the hash value of the target contract to obtain a comparison result;

If the comparison results are consistent, the contract verification passes, otherwise, the contract verification fails.

In this embodiment, if the comparison results are consistent and the contract verification is passed, it means that the contract is true and has not been tampered with.

In this application, all participants on the blockchain are combined in pairs, and the public and private keys corresponding to the combination are generated, and the participants can store their own private keys for decrypting their own information. Privacy; map the combined hash value and the combined public key of the corresponding public-private key pair to the blockchain, and obtain the combined public key by combining the hash value, avoiding exposing too much participant information and ensuring information security; Encrypting key information can improve data security and avoid exposing commercial secrets; in addition, contract verification is performed through the contract hash value to ensure that the contract content is authentic and credible without tampering.

The present application may be used in numerous general purpose or special purpose computer system environments or configurations. For example: personal computers, server computers, handheld or portable devices, tablet devices, multiprocessor systems, microprocessor-based systems, set-top boxes, programmable consumer electronics, network PCs, minicomputers, mainframe computers, including A distributed computing environment for any of the above systems or devices, and the like. The application may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The application may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including storage devices.

Those of ordinary skill in the art can understand that all or part of the processes in the methods of the above embodiments can be implemented by instructing relevant hardware through computer-readable instructions, and the computer-readable instructions can be stored in a computer-readable storage medium. , when the program is executed, it may include the processes of the foregoing method embodiments. The aforementioned storage medium may be a non-volatile storage medium such as a magnetic disk, an optical disk, a read-only memory (Read-Only Memory, ROM), or a random access memory (Random Access Memory, RAM).

It should be understood that although the various steps in the flowchart of the accompanying drawings are sequentially shown in the order indicated by the arrows, these steps are not necessarily executed in sequence in the order indicated by the arrows. Unless explicitly stated herein, the execution of these steps is not strictly limited to the order and may be performed in other orders. Moreover, at least a part of the steps in the flowchart of the accompanying drawings may include multiple sub-steps or multiple stages, and these sub-steps or stages are not necessarily executed at the same time, but may be executed at different times, and the execution sequence is also It does not have to be performed sequentially, but may be performed alternately or alternately with other steps or at least a portion of sub-steps or stages of other steps.

With further reference to FIG. 3 , as an implementation of the method shown in FIG. 2 above, the present application provides an embodiment of a contract management device based on blockchain and combined keys applied to a contract end. The embodiment of the device is the same as that shown in FIG. 2 . Corresponding to the method embodiments shown, the apparatus can be specifically applied to various electronic devices.

As shown in FIG. 3 , the contract management apparatus 300 based on blockchain and combined key described in this embodiment includes: a combining module 301, a sending module 302, a first computing module 303, a mapping module 304, an encryption module 305, a first Two calculation module 306 and upload module 307. in:

The combination module 301 is used to obtain all participants on the blockchain, combine the participants in pairs to obtain a combination result, and generate a public-private key pair corresponding to each combination according to the combination result, wherein the public-private key pair includes Combined public key and combined private key;

The sending module 302 is configured to send the combination private key to the corresponding participant in each combination;

The first calculation module 303 is used to obtain the identification information of the participants in the combination, and perform a hash calculation on the identification information to obtain a combined hash value;

The mapping module 304 is configured to map and store the combined hash value and the combined public key of the corresponding public-private key pair to the blockchain;

The encryption module 305 is configured to use the combination public key to encrypt key information in the contract corresponding to the participants in the combination to obtain an encrypted contract;

The second calculation module 306 is configured to perform hash calculation on the encrypted contract to obtain a contract hash value;

The uploading module 307 is configured to upload the encrypted contract and the contract hash value to the blockchain.

Based on the above-mentioned contract management device based on blockchain and combined key, by combining all participants on the blockchain in pairs, and generating the public and private keys corresponding to the combination, the participants store their own private keys and use To decrypt the information related to oneself, it can protect the privacy of the other party; the combined hash value and the combined public key of the corresponding public-private key pair are mapped and stored in the blockchain, and the combined public key can be obtained by combining the hash value, Avoid exposing too much participant information to ensure information security; encrypting key information can improve data security and avoid exposing commercial secrets; in addition, contract verification is performed through the contract hash value to ensure the authenticity of the contract content. tamper.

In some optional implementations of this embodiment, the mapping module 304 is further configured to: use the combined hash value as a key name and the combined public key as a key value; convert the combined hash value in the form of a key-value pair The hash value and the corresponding combined public key are stored in the blockchain.

Referring to FIG. 4 , the present application provides another embodiment of a contract management device based on blockchain and combined key applied to a contract verification end. The contract based on blockchain and combined key described in this embodiment The management apparatus 400 includes: a sending module 401 , a receiving module 402 , an encryption module 403 , a third calculation module 404 and a verification module 405 . in:

The sending module 401 is configured to send the contract acquisition request to the client corresponding to the target participant;

The receiving module 402 is configured to receive the partially decrypted contract and the corresponding target combined hash value sent by the client, wherein the partially decrypted contract is obtained by the client by decrypting the target encrypted contract obtained based on the contract acquisition request. ;

The encryption module 403 is configured to obtain the corresponding target combination public key according to the target combination hash value, and use the target combination public key to re-encrypt part of the decrypted contract to obtain the contract to be verified;

The third calculation module 404 is configured to perform hash calculation on the contract to be verified to obtain a hash value to be verified;

The verification module 405 is configured to verify the hash value to be verified to obtain a verification result.

In this embodiment, the verification module 405 is further used for:

Obtain the target contract hash value corresponding to the target encrypted contract from the blockchain;

Compare the hash value to be verified with the target contract hash value to obtain a comparison result;

If the comparison results are consistent, the contract verification passes, otherwise, the contract verification fails.

In this embodiment, the decrypted contract is re-encrypted and hash calculation is performed, and verification is performed according to the obtained hash value, which can improve verification efficiency and verification accuracy.

As shown in FIG. 5 , the contract management apparatus 500 based on blockchain and combined key described in this embodiment is applied to the client, and includes: an acquisition module 501 , a decryption module 502 , a fourth calculation module 503 and a transmission module 504 . in:

an acquisition module, configured to receive the contract acquisition request sent by the contract verification terminal, and obtain the corresponding target encrypted contract from the blockchain according to the contract acquisition request;

a decryption module for decrypting the target encrypted contract using the combined private key of the target participant to obtain a partial decryption contract;

a fourth calculation module, used for obtaining the target combination hash value according to the identification information of the participants in the partial decryption contract;

A sending module, configured to send the partially decrypted contract and the target hash value to the contract verification terminal.

In this embodiment, decryption is performed at the client to further ensure the security of information.

To solve the above technical problems, the embodiments of the present application also provide computer equipment. Please refer to FIG. 6 for details. FIG. 6 is a block diagram of the basic structure of a computer device according to this embodiment.

The computer device 6 includes a contract terminal 61, a contract verification terminal 62 and a client terminal 63, the contract terminal 61 includes a first memory 611 and a first processor 612, and the contract verification terminal 62 includes a second memory 621 and a second processor 622, the client 63 includes a third memory 631 and a third processor 632, the first memory 611, the first processor 612, and the first network interface 613 are connected to each other through the system bus, and the second memory 621 is connected to each other through the system bus. , the second processor 622, and the second network interface 623, which communicate with each other through the system bus to connect the third memory 631, the second processor 632, and the third network interface 633. It should be pointed out that only the computer device 6 with components 61-63 is shown in the figure, but it should be understood that it is not required to implement all of the shown components, and more or less components may be implemented instead. Among them, those skilled in the art can understand that the computer device here is a device that can automatically perform numerical calculation and/or information processing according to pre-set or stored instructions, and its hardware includes but is not limited to microprocessors, special-purpose Integrated circuit (ApplicationSpecific Integrated Circuit, ASIC), programmable gate array (Field-Programmable GateArray, FPGA), digital processor (Digital Signal Processor, DSP), embedded equipment, etc.

The computer equipment may be a desktop computer, a notebook computer, a palmtop computer, a cloud server and other computing equipment. The computer device can perform human-computer interaction with the user through a keyboard, a mouse, a remote control, a touch pad or a voice control device.

The first memory 611, the second memory 621 and the third memory 631 all include at least one type of readable storage medium, and the readable storage medium includes a flash memory, a hard disk, a multimedia card, a card-type memory ( For example, SD or DX memory, etc.), random access memory (RAM), static random access memory (SRAM), read only memory (ROM), electrically erasable programmable read only memory (EEPROM), programmable read only memory ( PROM), magnetic memory, magnetic disk, optical disk, etc. In some embodiments, the first memory 611 , the second memory 621 and the third memory 631 may be internal storage units of the computer device 6 , such as a hard disk or a memory of the computer device 6 . In other embodiments, the first memory 611 , the second memory 621 and the third memory 631 may also be external storage devices of the computer device 6 , for example, a plug-in device equipped on the computer device 6 hard disk, Smart Media Card (SMC), Secure Digital (SD) card, Flash Card, etc. Of course, the first memory 611 , the second memory 621 and the third memory 631 may also include both the internal storage unit of the computer device 6 and its external storage device. In this embodiment, the first memory 611, the second memory 621 and the third memory 631 are generally used to store the operating system and various application software installed on the computer device 6, for example, based on blockchain and computer-readable instructions for a contract management method for combining keys, etc. In addition, the first memory 611, the second memory 621 and the third memory 631 can also be used to temporarily store various types of data that have been output or will be output.

The first processor 612, the second processor 622, and the third processor 632 may be a central processing unit (Central Processing Unit, CPU), a controller, a microcontroller, a microprocessor, or others in some embodiments data processing chip. The first processor 612 , the second processor 622 and the third processor 632 are generally used to control the overall operation of the computer device 6 . In this embodiment, the first processor 612 , the second processor 622 and the third processor 632 are configured to run the corresponding first memory 611 , the second memory 621 and the third memory 631 Stored computer-readable instructions or processing data, such as computer-readable instructions for executing the blockchain and combined key-based contract management method.

The first network interface 613, the second network interface 623 and the third network interface 633 may include a wireless network interface or a wired network interface, the first network interface 613, the second network interface 623 and the third network interface The three network interfaces 633 are generally used to establish a communication connection between the computer device 6 and other electronic devices.

In this embodiment, when the processor executes the computer-readable instructions stored in the memory, the steps of the contract management method based on the blockchain and the combined key are implemented as in the above-mentioned embodiment, by combining all the participants on the blockchain in pairs , and generate the public and private keys corresponding to the combination, and the participants store the private key related to themselves, which is used to decrypt the information related to themselves, which can protect the privacy of the other party; The key is mapped and stored in the blockchain, and the combined public key can be obtained by combining the hash value, so as to avoid exposing too much participant information and ensure information security; encrypting key information can improve data security and avoid exposing commercial Confidentiality; in addition, contract verification is performed through the contract hash value to ensure that the contract content is authentic and credible without tampering.

The present application also provides another embodiment, that is, to provide a computer-readable storage medium, where the computer-readable storage medium stores computer-readable instructions, and the computer-readable instructions can be executed by at least one processor to Make the at least one processor execute the steps of the above-mentioned contract management method based on the blockchain and the combined key, by combining all the participants on the blockchain, and generating the public and private keys corresponding to the combination, participating in the process. The party stores the private key related to itself, which is used to decrypt the information related to itself, which can protect the privacy of the other party; the combined hash value and the combined public key of the corresponding public-private key pair are mapped and stored in the blockchain, The combined public key can be obtained by combining the hash value to avoid exposing too much participant information and ensure information security; encrypting key information can improve data security and avoid exposing commercial secrets; Contract verification to ensure that the content of the contract is authentic and credible without tampering.

From the description of the above embodiments, those skilled in the art can clearly understand that the method of the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course can also be implemented by hardware, but in many cases the former is better implementation. Based on this understanding, the technical solution of the present application can be embodied in the form of a software product in essence or in a part that contributes to the prior art, and the computer software product is stored in a storage medium (such as ROM/RAM, magnetic disk, CD-ROM), including several instructions to make a terminal device (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) execute the methods described in the various embodiments of this application.

Obviously, the above-described embodiments are only a part of the embodiments of the present application, rather than all of the embodiments. The accompanying drawings show the preferred embodiments of the present application, but do not limit the scope of the patent of the present application. This application may be embodied in many different forms, rather these embodiments are provided so that a thorough and complete understanding of the disclosure of this application is provided. Although the present application has been described in detail with reference to the foregoing embodiments, those skilled in the art can still modify the technical solutions described in the foregoing specific embodiments, or perform equivalent replacements for some of the technical features. . Any equivalent structure made by using the contents of the description and drawings of the present application, which is directly or indirectly used in other related technical fields, is also within the scope of protection of the patent of the present application.

Claims (10)

1. A contract management method based on block chain and combined key, applied to a contract terminal, is characterized in that, comprises the following steps: Obtain all participants on the blockchain, combine the participants in pairs to obtain a combination result, and generate a public-private key pair corresponding to each combination according to the combination result, wherein the public-private key pair includes a combination public key and a combination private key; sending the combination private key to the corresponding participants in each combination; Obtain the identification information of the participants in the combination, perform hash calculation on the identification information, and obtain a combined hash value; mapping the combined hash value and the combined public key of the corresponding public-private key pair to the blockchain; Using the combination public key, encrypt the key information in the contract corresponding to the participants in the combination to obtain an encrypted contract; Hash calculation is performed on the encrypted contract to obtain a contract hash value; Upload the encrypted contract and the contract hash to the blockchain. 2. The contract management method based on blockchain and combined key according to claim 1, characterized in that, by mapping the combined hash value and the combined public key of the corresponding public-private key pair, and The steps of storing to the blockchain include: Using the combined hash value as a key name and the combined public key as a key value; The combined hash value and the corresponding combined public key are stored in the blockchain in the form of a key-value pair. 3. A contract management method based on block chain and combined key, applied to the contract verification terminal, is characterized in that, comprises the following steps: Send the contract acquisition request to the client corresponding to the target participant; receiving the partially decrypted contract and the corresponding target combined hash value sent by the client, wherein the partially decrypted contract is obtained by the client by decrypting the target encrypted contract obtained based on the contract acquisition request; Obtain the corresponding target combination public key according to the target combination hash value, and use the target combination public key to re-encrypt part of the decrypted contract to obtain the contract to be verified; Hash calculation is performed on the contract to be verified to obtain a hash value to be verified; The hash value to be verified is verified to obtain a verification result. 4. The contract management method based on blockchain and combined key according to claim 3, wherein the step of verifying the hash value to be verified and obtaining a verification result comprises: Obtain the target contract hash value corresponding to the target encrypted contract from the blockchain; Compare the hash value to be verified with the target contract hash value to obtain a comparison result; If the comparison results are consistent, the contract verification passes, otherwise, the contract verification fails. 5. A contract management method based on block chain and combined key, applied to client, is characterized in that, comprises the following steps: Receive the contract acquisition request sent by the contract verification terminal, and obtain the corresponding target encrypted contract from the blockchain according to the contract acquisition request; Decrypt the target encrypted contract by calling the combined private key of the target participant to obtain a partially decrypted contract; Obtain the target combination hash value according to the identification information of the participants in the partial decryption contract; Sending the partially decrypted contract and the target hash value to the contract verification terminal. 6. A contract management device based on a block chain and a combined key, applied to a contract terminal, characterized in that it comprises: The combination module is used to obtain all the participants on the blockchain, combine the participants in pairs to obtain a combination result, and generate a public-private key pair corresponding to each combination according to the combination result, wherein the public-private key pair includes Combined public key and combined private key; a sending module, configured to send the combination private key to the corresponding participants in each combination; a first calculation module, configured to obtain the identification information of the participants in the combination, perform hash calculation on the identification information, and obtain a combined hash value; a mapping module, configured to map and store the combined hash value and the combined public key of the corresponding public-private key pair to the blockchain; an encryption module, configured to encrypt key information in the contract corresponding to the participants in the combination by using the combination public key to obtain an encrypted contract; a second computing module, configured to perform hash calculation on the encrypted contract to obtain a contract hash value; An uploading module, configured to upload the encrypted contract and the contract hash value to the blockchain. 7. A contract management device based on a block chain and a combined key, applied to a contract verification terminal, characterized in that it comprises: The sending module is used to send the contract acquisition request to the client corresponding to the target participant; A receiving module, configured to receive the partially decrypted contract and the corresponding target combined hash value sent by the client, wherein the partially decrypted contract is obtained by the client by decrypting the target encrypted contract obtained based on the contract acquisition request ; an encryption module, configured to obtain the corresponding target combination public key according to the target combination hash value, and use the target combination public key to re-encrypt part of the decrypted contract to obtain the contract to be verified; a third calculation module, configured to perform hash calculation on the contract to be verified to obtain a hash value to be verified; A verification module, configured to verify the hash value to be verified to obtain a verification result. 8. A contract management device based on a block chain and a combined key, applied to a client, characterized in that it comprises: an acquisition module, configured to receive the contract acquisition request sent by the contract verification terminal, and obtain the corresponding target encrypted contract from the blockchain according to the contract acquisition request; a decryption module for decrypting the target encrypted contract using the combined private key of the target participant to obtain a partial decryption contract; a fourth calculation module, used for obtaining the target combination hash value according to the identification information of the participants in the partial decryption contract; A sending module, configured to send the partially decrypted contract and the target hash value to the contract verification terminal. 9. A computer device, comprising a contract terminal, a contract verification terminal and a client, the contract terminal comprises a first memory and a first processor, the first memory stores computer-readable instructions, the first When the processor executes the computer-readable instructions, the steps of implementing the contract management method based on blockchain and combined keys according to any one of claims 1 to 2; the contract verification terminal includes a second memory and A second processor, where computer-readable instructions are stored in the second memory, and when the second processor executes the computer-readable instructions, the blockchain-based blockchain according to any one of claims 3 to 4 is implemented and the steps of a contract management method for combining keys; the client includes a third memory and a third processor, the third memory stores computer-readable instructions, and the third processor executes the computer-readable instructions The steps of implementing the contract management method based on blockchain and combined key as claimed in claim 5 when instructed. 10. A computer-readable storage medium, characterized in that, computer-readable instructions are stored on the computer-readable storage medium, and when the computer-readable instructions are executed by a processor, any one of claims 1 to 5 is implemented. The steps of the blockchain and combined key-based contract management method described in Item.

Images