CN115222396A - 2/3 multi-sign method for managing block chain intelligent contract authority - Google Patents
2/3 multi-sign method for managing block chain intelligent contract authority Download PDFInfo
- Publication number
- CN115222396A CN115222396A CN202210839300.3A CN202210839300A CN115222396A CN 115222396 A CN115222396 A CN 115222396A CN 202210839300 A CN202210839300 A CN 202210839300A CN 115222396 A CN115222396 A CN 115222396A
- Authority
- CN
- China
- Prior art keywords
- contract
- signer
- parameters
- service
- signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3827—Use of message hashing
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention provides a multi-signature method for managing block chain intelligent contract authority, which is characterized in that a signature mode of 2/3 (namely one transaction at least needs the agreement of any 2 of 3 signers) is adopted for carrying out authorized transmission of the transaction, a pre-contract for managing the service intelligent contract authority is issued, and a real service contract is managed through the pre-contract; the operation of the pre-contract on the service contract must meet the requirement of multiple signatures, namely the method for calling the service contract in the pre-contract must meet the requirement of multiple signatures for checking, the signature is in a 2/3 form, and the pre-contract is universal and is suitable for most service contracts; any 2 of the three signers may perform the operation of the business contract by signing the business contract operation to be performed. The invention uses a block chain intelligent contract technology to manage the actual business layer contract by creating and deploying a pre-contract, thereby improving the safety of the business layer contract.
Description
Technical Field
The invention belongs to the technical field of block chains, adopts an asymmetric encryption technology, and particularly relates to a 2/3 method for managing block chain intelligent contract authority.
Background
Asymmetric encryption algorithms require two keys: a public key (public key) and a private key (private key). The public key and the private key are a pair, and if the public key is used for encrypting data, the corresponding private key can be used for decrypting the data; if the data is encrypted with the private key, it can only be decrypted with the corresponding public key. This algorithm is called asymmetric encryption algorithm because two different keys are used for encryption and decryption. The basic process of realizing confidential information exchange by the asymmetric encryption algorithm is as follows: the first party generates a pair of keys and discloses one of the keys as a public key to the other party; the party B who obtains the public key uses the key to encrypt the confidential information and then sends the information to the party A; the first party then decrypts the encrypted information using another private key stored by the first party.
Peer-to-peer (P2P), also known as peer-to-peer technology, is an internet system that does not have a central server and relies on user groups (peers) to exchange information, and it has the function of reducing nodes in the past network transmission to reduce the risk of data loss. Different from a central network system with a central server, each user side of the peer-to-peer network is a node and has the function of the server, and any node cannot directly find other nodes and must rely on the user group to exchange information. Participants of the network share a portion of the hardware resources they own, and these shared resources provide services and content over the network and are directly accessible to other Peer nodes (peers) without passing through intermediate entities. Participants in this network are both providers and acquirers of resources, services and content.
The blockchain format is used primarily for bitcoin as a solution to the problem of database security and administrators that do not require trust. The first blockchain was conceptualized by the china agent in 2008 and implemented the next year as a core component of the digital currency bitcoin, the blockchain database being managed autonomously using a peer-to-peer network and a distributed timestamp server. The invention of the bitcoin blockchain makes it the first digital currency to solve the problem of double expenditure, and the bitcoin design is always the inspiration of other blockchain applications. Block chains are divided into three categories: public chain (public block chain), consortium chain (consortium block chain), private chain (private block chain). The encryption currencies such as the bitcoin and the like belong to the category of public chains, and the alliance chain is often used among enterprises, so that on one hand, the sharing of data is guaranteed, and on the other hand, the admission qualification of the data on the chain is guaranteed, so that the cooperation is facilitated, and the risk reduction is facilitated.
The block chain is a distributed, non-falsifiable, traceable and other new technology, has a good effect on storing individual resume information, combines asymmetric encryption and block chain technologies, and provides a resume information sharing scheme design based on the block chain, so that the resume information query sharing efficiency is improved, and the privacy and the safety of information can be technically guaranteed.
Smart contracts may be defined as applications or programs that run in a blockchain. Generally, they function as a kind of digitizing protocol that is enforced by following specific rules. These rules are predefined by the computer code, replicated and executed via all network nodes. Blockchain intelligent contracts support the creation of de-trusted protocols. This means that both parties to a contract make a commitment through the blockchain without having to know or trust each other. Both parties determine that the contract will not execute if the condition is not met. Furthermore, the use of smart contracts eliminates the need for intermediate agencies, thereby significantly reducing operating costs.
Disclosure of Invention
The invention aims to provide a 2/3 multi-sign method for managing block chain intelligent contract authority.
The invention provides a multi-sign method for managing block chain intelligent contract authority, which adopts a signature mode of 2/3 (namely one transaction at least requires the agreement of any 2 of 3 signers) to carry out authorized sending of the transaction, issues a pre-contract for managing the service intelligent contract authority, and manages the real service contract through the pre-contract; the operation of the pre-contract on the service contract must meet the requirement of multiple contracts, namely, the method for calling the service contract in the pre-contract must meet the requirement of multiple contracts, the signature is in a 2/3 form, and the pre-contract is universal and is suitable for most service contracts; any 2 signers in the three signers can execute the operation of the service contract by signing the operation of the service contract to be performed;
the pre-contract provides a method (sendMultiSigTx) for sending multiple transactions, which requires five parameters, businesscontraceAddress, value, data, expireTime, signature, respectively. Each parameter specifically refers to:
businessContractAddress represents a business layer contract address managed by a pre-contract;
value represents the number of native tokens attached when the business layer contract method is called;
the data represents a legal method for calling a service layer and parameters required by the method;
expireTime represents an expiration timestamp for a multiple-sign transaction;
signature represents the signature of any one signer on the above four parameters and the two parameters, sequence id and network id, maintained in the pre-contract.
The three signers are respectively a signer 1, a signer 2 and a signer 3, wherein any two signers carry out the following operations and execute service contract operation after the operations pass; the concrete steps are as follows;
(1) Signer 1-down signature
When a business contract operation needs to be carried out, firstly preparing data needing to be signed:
(1.1) network id of block chain to which the contract belongs, which is to prevent replay attacks on different networks;
(1.2) a service layer contract address;
(1.3) optionally the number of native tokens that need to be sent to the business layer contract;
(1.4) calling a service layer contract method and required parameters;
(1.5) the expiration timestamp of the operation, and the operation fails when the expiration timestamp exceeds the time;
(1.6) the sequence id maintained in the pre-contract, starting from 0, plus 1 every time, in order to prevent the signer from repeatedly operating the service layer contract with the same signature multiple times;
(2) Signer 2 send chain transaction
Signer 1 transfers parameters (1.2), (1.3), (1.4) and (1.5) in step (1) and the final signature to signer 2, signer 2 calls the sendmultisigntx method of the pre-contract with these five data as parameters, where: the (1.1) and (1.6) are not used as parameters, and the two parameters are maintained by a pre-contract, so that replay attack can be prevented;
(3) Pre-contract verification and execution of an industry-level contract
The pre-contract checking flow is as follows:
(3.1) assembling all parameters and the network Id and the sequence Id maintained by the pre-contract for hashing;
(3.2) restoring the account of the signer by using the hash value obtained in the step (3.1) and the incoming signature, if the account of the signer is one of the signers of the pre-contract, continuing to check, and if not, returning an error;
(3.3) checking the expiration timestamp, returning an error if it has expired;
(3.4) verifying that the caller called this time is also one of the signers of the pre-contract;
(3.5) verifying that the caller called this time cannot be the account of the signer;
(3.6) if all the above are passed, taking value and data parameters to the service layer contract, and starting to execute the operation of the service layer contract.
The invention has the beneficial effects that: the invention uses a block chain intelligent contract technology to manage the actual business layer contract by creating and deploying a pre-contract, thereby improving the safety of the business layer contract.
Drawings
FIG. 1 is a signer 1-down-chain signature diagram of the present invention;
FIG. 2 is a diagrammatic representation of an transaction on the signer 2 send chain of the present invention;
FIG. 3 is a flow chart of the present invention.
Detailed Description
The invention is further illustrated by the following examples in conjunction with the accompanying drawings.
Example 1:
the signer 1 shown in fig. 1 signs under the chain, and the specific operations are as follows:
(1) The signer 1 obtains the parameters of network Id, business contact address, vault, data, expected expire time and sequence Id, wherein the sequence Id is the latest value read from the pre-contract;
(2) Carrying out ABI (Application Binary Interface) encoding on the parameters in the step (1), wherein the ABI encoding is a general encoding mode of a block chain, and carrying out keycak-256 (network Id | | | business connection address | | | value | | | data | | | expiretime | | | sequence ID) operation on the encoded parameters;
(3) Executing ECDSA (elliptic curve signature algorithm) on the hash result in the step (2), selecting a secp256k1 for the curve, and generating a signature;
(4) The signer 1 transmits the parameter information of the step (1) and the signature name in the step (3) to the signer 2.
Fig. 2 illustrates the transaction on the signer 2 transmission chain, and the specific operations are as follows:
the signer 2 obtains the parameters of the signer 1 and the signature
(1) The signer 2 calls the method sendmultisigntx of the pre-contract, and the parameters required by the sendmultisigntx method (2) are business contract address, value, data, expireTime, signature, which are all obtained from step 1. The sequence id is no longer required for the parameters at this step.
(3) The pre-contract sendMultiSigTx method verifies the parameters in step 2
(3.1) firstly, encoding the parameters (business contact address, value, data, expireTime) in the step (2) and the sequence Id of the record in the contract;
(3.2) reusing the signature in the step (2) to verify the result coded in the step a;
(3.3) after the step (3.2) is passed, sending an operation to be executed to a business logic contract (business contract address), wherein the operation content is obtained from the data in the step (2);
(3.4) step (3.2) verify not passed, then the transaction will fail to terminate.
As shown in fig. 3, the specific steps are as follows:
1. deploying and issuing a pre-contract, simultaneously appointing three signer accounts, and writing the accounts into the pre-contract;
2. setting an administrator account of the business layer contract as the multi-signed address issued in the step 1;
3. the signer 1 organizes the parameters of the service contract to be operated and signs, and then transmits the parameters and the signature to the signer 2;
4. the signer 2 initiates a contract invocation to the forward contract using the parameters and signatures given by the signer 1;
5. the preassigned contract verifies the parameters provided by the signer 2, verifies whether the signers 1 and 2 belong to the three signers set in the step 1, if not, the verification fails, and the transaction is terminated;
6. and verifying that the operation of the business layer contract is initiated through the pre-contract, and the business layer contract executes specific operation.
Claims (1)
1. A2/3 method for managing block chain intelligent contract authority is characterized in that a signature mode of 2/3 (i.e. one transaction requires the agreement of any 2 of 3 signers at least) is adopted to carry out authorized transmission of the transaction, a pre-contract for managing service intelligent contract authority is issued, and a real service contract is managed through the pre-contract; the operation of the pre-contract on the service contract must meet the requirement of multiple signatures, namely the method for calling the service contract in the pre-contract must meet the requirement of multiple signatures for checking, the signature is in a 2/3 form, and the pre-contract is universal and is suitable for most service contracts; any 2 signers in the three signers can execute the operation of the service contract by signing the operation of the service contract to be performed;
the pre-contract provides a method for sending multiple transactions, and the method needs to provide five parameters, namely businesscontraceddress, value, data, expireTime and signature;
each parameter specifically refers to:
businessContractAddress represents a business layer contract address of pre-contract management;
value represents the number of native tokens attached when the business layer contract method is called;
the data represents a legal method for calling a service layer and parameters required by the method;
expireTime represents an expiration timestamp for a multiple-sign transaction;
signature represents the signature of any one signer on the four parameters and two parameters, namely, sequence Id and network Id, maintained in a pre-contract;
the three signers are respectively a signer 1, a signer 2 and a signer 3, wherein any two signers carry out the following operations and execute the operation of a service contract after the operations pass; the concrete steps are as follows;
(1) Signer 1-catena signature
When a business contract operation needs to be carried out, firstly preparing data needing to be signed:
the network id of the block chain to which the pre-contract belongs, which is to prevent replay attacks on different networks;
a service layer contract address;
optionally, the number of native tokens to be sent to the business layer contract;
calling a service layer contract method and required parameters;
if the expiration timestamp of the operation exceeds the time, the operation fails;
the sequence Id maintained in the pre-contract is added with 1 once from 0, which is to prevent the signer from repeatedly operating the business layer contract with the same signature for multiple times;
(2) Signer 2 on-the-send-chain transaction
Signer 1 transfers parameters (1.2), (1.3), (1.4) and (1.5) in step (1) and the final signature to signer 2, signer 2 calls the sendmultisigntx method of the pre-contract with these five data as parameters, where: the (1.1) and (1.6) are not used as parameters, and the two parameters are maintained by a pre-contract, so that replay attack can be prevented;
(3) Pre-contract verification and execution of an industry-level contract
The pre-contract checking flow is as follows:
all the parameters and the network Id and the sequence Id maintained by the pre-contract are spliced to carry out Hash;
restoring the account of the signer by using the hash value obtained in the step (3.1) and the incoming signature, if the account of the signer is one of the signers of the pre-contract, continuing to check, and if not, returning an error;
checking the expiration timestamp, and returning an error if the expiration timestamp has expired;
checking that the caller called this time must be one of the signers of the pre-contract;
verifying that the caller called this time cannot be the signer account;
if all the parameters pass the verification, the value and the data parameters are brought to the business layer contract, and the operation of the business layer contract is executed.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210839300.3A CN115222396A (en) | 2022-07-18 | 2022-07-18 | 2/3 multi-sign method for managing block chain intelligent contract authority |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210839300.3A CN115222396A (en) | 2022-07-18 | 2022-07-18 | 2/3 multi-sign method for managing block chain intelligent contract authority |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115222396A true CN115222396A (en) | 2022-10-21 |
Family
ID=83611068
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210839300.3A Pending CN115222396A (en) | 2022-07-18 | 2022-07-18 | 2/3 multi-sign method for managing block chain intelligent contract authority |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115222396A (en) |
-
2022
- 2022-07-18 CN CN202210839300.3A patent/CN115222396A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109918878B (en) | Industrial Internet of things equipment identity authentication and safe interaction method based on block chain | |
CN112039872B (en) | Cross-domain anonymous authentication method and system based on block chain | |
CN113783836B (en) | Internet of things data access control method and system based on block chain and IBE algorithm | |
US20200084027A1 (en) | Systems and methods for encryption of data on a blockchain | |
CN113194469B (en) | 5G unmanned aerial vehicle cross-domain identity authentication method, system and terminal based on block chain | |
CN111262692B (en) | Key distribution system and method based on block chain | |
CN111884815A (en) | Block chain-based distributed digital certificate authentication system | |
CN111797159A (en) | Information management and access control in a database | |
CN108462696B (en) | Decentralized block chain intelligent identity authentication system | |
CN110599163B (en) | Transaction record outsourcing method facing block chain transaction supervision | |
CN109687965A (en) | The real name identification method of subscriber identity information in a kind of protection network | |
WO2020252611A1 (en) | Data interaction method and related equipments | |
CN112784306B (en) | Cross-chain escrow method and system based on key fragmentation and multi-signature | |
Isirova et al. | Decentralized public key infrastructure development principles | |
CN114036539A (en) | Safety auditable Internet of things data sharing system and method based on block chain | |
WO2021154157A1 (en) | Blockchain-based data exchange | |
CN113612610A (en) | Session key negotiation method | |
CN115495768A (en) | Secret-related information processing method and system based on block chain and multi-party security calculation | |
CN111882410A (en) | Tax information query method and system based on block chain | |
CN112508576A (en) | Key management method, system and storage medium based on block chain | |
CN114024698A (en) | Power distribution Internet of things service safety interaction method and system based on state cryptographic algorithm | |
CN113328854B (en) | Service processing method and system based on block chain | |
CN112654972A (en) | Blockchain setup with restricted transactions | |
CN112529573A (en) | Combined block chain threshold signature method and system | |
CN116797227A (en) | Method and system for secure exchange protection of client privacy information based on homomorphic encryption |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |