CN115222396A - 2/3 multi-sign method for managing block chain intelligent contract authority - Google Patents

2/3 multi-sign method for managing block chain intelligent contract authority Download PDF

Info

Publication number
CN115222396A
CN115222396A CN202210839300.3A CN202210839300A CN115222396A CN 115222396 A CN115222396 A CN 115222396A CN 202210839300 A CN202210839300 A CN 202210839300A CN 115222396 A CN115222396 A CN 115222396A
Authority
CN
China
Prior art keywords
contract
signer
parameters
service
signature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210839300.3A
Other languages
Chinese (zh)
Inventor
吴小川
阚海斌
孙亮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fudan University
Original Assignee
Fudan University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fudan University filed Critical Fudan University
Priority to CN202210839300.3A priority Critical patent/CN115222396A/en
Publication of CN115222396A publication Critical patent/CN115222396A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3827Use of message hashing

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides a multi-signature method for managing block chain intelligent contract authority, which is characterized in that a signature mode of 2/3 (namely one transaction at least needs the agreement of any 2 of 3 signers) is adopted for carrying out authorized transmission of the transaction, a pre-contract for managing the service intelligent contract authority is issued, and a real service contract is managed through the pre-contract; the operation of the pre-contract on the service contract must meet the requirement of multiple signatures, namely the method for calling the service contract in the pre-contract must meet the requirement of multiple signatures for checking, the signature is in a 2/3 form, and the pre-contract is universal and is suitable for most service contracts; any 2 of the three signers may perform the operation of the business contract by signing the business contract operation to be performed. The invention uses a block chain intelligent contract technology to manage the actual business layer contract by creating and deploying a pre-contract, thereby improving the safety of the business layer contract.

Description

2/3 multi-sign method for managing block chain intelligent contract authority
Technical Field
The invention belongs to the technical field of block chains, adopts an asymmetric encryption technology, and particularly relates to a 2/3 method for managing block chain intelligent contract authority.
Background
Asymmetric encryption algorithms require two keys: a public key (public key) and a private key (private key). The public key and the private key are a pair, and if the public key is used for encrypting data, the corresponding private key can be used for decrypting the data; if the data is encrypted with the private key, it can only be decrypted with the corresponding public key. This algorithm is called asymmetric encryption algorithm because two different keys are used for encryption and decryption. The basic process of realizing confidential information exchange by the asymmetric encryption algorithm is as follows: the first party generates a pair of keys and discloses one of the keys as a public key to the other party; the party B who obtains the public key uses the key to encrypt the confidential information and then sends the information to the party A; the first party then decrypts the encrypted information using another private key stored by the first party.
Peer-to-peer (P2P), also known as peer-to-peer technology, is an internet system that does not have a central server and relies on user groups (peers) to exchange information, and it has the function of reducing nodes in the past network transmission to reduce the risk of data loss. Different from a central network system with a central server, each user side of the peer-to-peer network is a node and has the function of the server, and any node cannot directly find other nodes and must rely on the user group to exchange information. Participants of the network share a portion of the hardware resources they own, and these shared resources provide services and content over the network and are directly accessible to other Peer nodes (peers) without passing through intermediate entities. Participants in this network are both providers and acquirers of resources, services and content.
The blockchain format is used primarily for bitcoin as a solution to the problem of database security and administrators that do not require trust. The first blockchain was conceptualized by the china agent in 2008 and implemented the next year as a core component of the digital currency bitcoin, the blockchain database being managed autonomously using a peer-to-peer network and a distributed timestamp server. The invention of the bitcoin blockchain makes it the first digital currency to solve the problem of double expenditure, and the bitcoin design is always the inspiration of other blockchain applications. Block chains are divided into three categories: public chain (public block chain), consortium chain (consortium block chain), private chain (private block chain). The encryption currencies such as the bitcoin and the like belong to the category of public chains, and the alliance chain is often used among enterprises, so that on one hand, the sharing of data is guaranteed, and on the other hand, the admission qualification of the data on the chain is guaranteed, so that the cooperation is facilitated, and the risk reduction is facilitated.
The block chain is a distributed, non-falsifiable, traceable and other new technology, has a good effect on storing individual resume information, combines asymmetric encryption and block chain technologies, and provides a resume information sharing scheme design based on the block chain, so that the resume information query sharing efficiency is improved, and the privacy and the safety of information can be technically guaranteed.
Smart contracts may be defined as applications or programs that run in a blockchain. Generally, they function as a kind of digitizing protocol that is enforced by following specific rules. These rules are predefined by the computer code, replicated and executed via all network nodes. Blockchain intelligent contracts support the creation of de-trusted protocols. This means that both parties to a contract make a commitment through the blockchain without having to know or trust each other. Both parties determine that the contract will not execute if the condition is not met. Furthermore, the use of smart contracts eliminates the need for intermediate agencies, thereby significantly reducing operating costs.
Disclosure of Invention
The invention aims to provide a 2/3 multi-sign method for managing block chain intelligent contract authority.
The invention provides a multi-sign method for managing block chain intelligent contract authority, which adopts a signature mode of 2/3 (namely one transaction at least requires the agreement of any 2 of 3 signers) to carry out authorized sending of the transaction, issues a pre-contract for managing the service intelligent contract authority, and manages the real service contract through the pre-contract; the operation of the pre-contract on the service contract must meet the requirement of multiple contracts, namely, the method for calling the service contract in the pre-contract must meet the requirement of multiple contracts, the signature is in a 2/3 form, and the pre-contract is universal and is suitable for most service contracts; any 2 signers in the three signers can execute the operation of the service contract by signing the operation of the service contract to be performed;
the pre-contract provides a method (sendMultiSigTx) for sending multiple transactions, which requires five parameters, businesscontraceAddress, value, data, expireTime, signature, respectively. Each parameter specifically refers to:
businessContractAddress represents a business layer contract address managed by a pre-contract;
value represents the number of native tokens attached when the business layer contract method is called;
the data represents a legal method for calling a service layer and parameters required by the method;
expireTime represents an expiration timestamp for a multiple-sign transaction;
signature represents the signature of any one signer on the above four parameters and the two parameters, sequence id and network id, maintained in the pre-contract.
The three signers are respectively a signer 1, a signer 2 and a signer 3, wherein any two signers carry out the following operations and execute service contract operation after the operations pass; the concrete steps are as follows;
(1) Signer 1-down signature
When a business contract operation needs to be carried out, firstly preparing data needing to be signed:
(1.1) network id of block chain to which the contract belongs, which is to prevent replay attacks on different networks;
(1.2) a service layer contract address;
(1.3) optionally the number of native tokens that need to be sent to the business layer contract;
(1.4) calling a service layer contract method and required parameters;
(1.5) the expiration timestamp of the operation, and the operation fails when the expiration timestamp exceeds the time;
(1.6) the sequence id maintained in the pre-contract, starting from 0, plus 1 every time, in order to prevent the signer from repeatedly operating the service layer contract with the same signature multiple times;
(2) Signer 2 send chain transaction
Signer 1 transfers parameters (1.2), (1.3), (1.4) and (1.5) in step (1) and the final signature to signer 2, signer 2 calls the sendmultisigntx method of the pre-contract with these five data as parameters, where: the (1.1) and (1.6) are not used as parameters, and the two parameters are maintained by a pre-contract, so that replay attack can be prevented;
(3) Pre-contract verification and execution of an industry-level contract
The pre-contract checking flow is as follows:
(3.1) assembling all parameters and the network Id and the sequence Id maintained by the pre-contract for hashing;
(3.2) restoring the account of the signer by using the hash value obtained in the step (3.1) and the incoming signature, if the account of the signer is one of the signers of the pre-contract, continuing to check, and if not, returning an error;
(3.3) checking the expiration timestamp, returning an error if it has expired;
(3.4) verifying that the caller called this time is also one of the signers of the pre-contract;
(3.5) verifying that the caller called this time cannot be the account of the signer;
(3.6) if all the above are passed, taking value and data parameters to the service layer contract, and starting to execute the operation of the service layer contract.
The invention has the beneficial effects that: the invention uses a block chain intelligent contract technology to manage the actual business layer contract by creating and deploying a pre-contract, thereby improving the safety of the business layer contract.
Drawings
FIG. 1 is a signer 1-down-chain signature diagram of the present invention;
FIG. 2 is a diagrammatic representation of an transaction on the signer 2 send chain of the present invention;
FIG. 3 is a flow chart of the present invention.
Detailed Description
The invention is further illustrated by the following examples in conjunction with the accompanying drawings.
Example 1:
the signer 1 shown in fig. 1 signs under the chain, and the specific operations are as follows:
(1) The signer 1 obtains the parameters of network Id, business contact address, vault, data, expected expire time and sequence Id, wherein the sequence Id is the latest value read from the pre-contract;
(2) Carrying out ABI (Application Binary Interface) encoding on the parameters in the step (1), wherein the ABI encoding is a general encoding mode of a block chain, and carrying out keycak-256 (network Id | | | business connection address | | | value | | | data | | | expiretime | | | sequence ID) operation on the encoded parameters;
(3) Executing ECDSA (elliptic curve signature algorithm) on the hash result in the step (2), selecting a secp256k1 for the curve, and generating a signature;
(4) The signer 1 transmits the parameter information of the step (1) and the signature name in the step (3) to the signer 2.
Fig. 2 illustrates the transaction on the signer 2 transmission chain, and the specific operations are as follows:
the signer 2 obtains the parameters of the signer 1 and the signature
(1) The signer 2 calls the method sendmultisigntx of the pre-contract, and the parameters required by the sendmultisigntx method (2) are business contract address, value, data, expireTime, signature, which are all obtained from step 1. The sequence id is no longer required for the parameters at this step.
(3) The pre-contract sendMultiSigTx method verifies the parameters in step 2
(3.1) firstly, encoding the parameters (business contact address, value, data, expireTime) in the step (2) and the sequence Id of the record in the contract;
(3.2) reusing the signature in the step (2) to verify the result coded in the step a;
(3.3) after the step (3.2) is passed, sending an operation to be executed to a business logic contract (business contract address), wherein the operation content is obtained from the data in the step (2);
(3.4) step (3.2) verify not passed, then the transaction will fail to terminate.
As shown in fig. 3, the specific steps are as follows:
1. deploying and issuing a pre-contract, simultaneously appointing three signer accounts, and writing the accounts into the pre-contract;
2. setting an administrator account of the business layer contract as the multi-signed address issued in the step 1;
3. the signer 1 organizes the parameters of the service contract to be operated and signs, and then transmits the parameters and the signature to the signer 2;
4. the signer 2 initiates a contract invocation to the forward contract using the parameters and signatures given by the signer 1;
5. the preassigned contract verifies the parameters provided by the signer 2, verifies whether the signers 1 and 2 belong to the three signers set in the step 1, if not, the verification fails, and the transaction is terminated;
6. and verifying that the operation of the business layer contract is initiated through the pre-contract, and the business layer contract executes specific operation.

Claims (1)

1. A2/3 method for managing block chain intelligent contract authority is characterized in that a signature mode of 2/3 (i.e. one transaction requires the agreement of any 2 of 3 signers at least) is adopted to carry out authorized transmission of the transaction, a pre-contract for managing service intelligent contract authority is issued, and a real service contract is managed through the pre-contract; the operation of the pre-contract on the service contract must meet the requirement of multiple signatures, namely the method for calling the service contract in the pre-contract must meet the requirement of multiple signatures for checking, the signature is in a 2/3 form, and the pre-contract is universal and is suitable for most service contracts; any 2 signers in the three signers can execute the operation of the service contract by signing the operation of the service contract to be performed;
the pre-contract provides a method for sending multiple transactions, and the method needs to provide five parameters, namely businesscontraceddress, value, data, expireTime and signature;
each parameter specifically refers to:
businessContractAddress represents a business layer contract address of pre-contract management;
value represents the number of native tokens attached when the business layer contract method is called;
the data represents a legal method for calling a service layer and parameters required by the method;
expireTime represents an expiration timestamp for a multiple-sign transaction;
signature represents the signature of any one signer on the four parameters and two parameters, namely, sequence Id and network Id, maintained in a pre-contract;
the three signers are respectively a signer 1, a signer 2 and a signer 3, wherein any two signers carry out the following operations and execute the operation of a service contract after the operations pass; the concrete steps are as follows;
(1) Signer 1-catena signature
When a business contract operation needs to be carried out, firstly preparing data needing to be signed:
the network id of the block chain to which the pre-contract belongs, which is to prevent replay attacks on different networks;
a service layer contract address;
optionally, the number of native tokens to be sent to the business layer contract;
calling a service layer contract method and required parameters;
if the expiration timestamp of the operation exceeds the time, the operation fails;
the sequence Id maintained in the pre-contract is added with 1 once from 0, which is to prevent the signer from repeatedly operating the business layer contract with the same signature for multiple times;
(2) Signer 2 on-the-send-chain transaction
Signer 1 transfers parameters (1.2), (1.3), (1.4) and (1.5) in step (1) and the final signature to signer 2, signer 2 calls the sendmultisigntx method of the pre-contract with these five data as parameters, where: the (1.1) and (1.6) are not used as parameters, and the two parameters are maintained by a pre-contract, so that replay attack can be prevented;
(3) Pre-contract verification and execution of an industry-level contract
The pre-contract checking flow is as follows:
all the parameters and the network Id and the sequence Id maintained by the pre-contract are spliced to carry out Hash;
restoring the account of the signer by using the hash value obtained in the step (3.1) and the incoming signature, if the account of the signer is one of the signers of the pre-contract, continuing to check, and if not, returning an error;
checking the expiration timestamp, and returning an error if the expiration timestamp has expired;
checking that the caller called this time must be one of the signers of the pre-contract;
verifying that the caller called this time cannot be the signer account;
if all the parameters pass the verification, the value and the data parameters are brought to the business layer contract, and the operation of the business layer contract is executed.
CN202210839300.3A 2022-07-18 2022-07-18 2/3 multi-sign method for managing block chain intelligent contract authority Pending CN115222396A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210839300.3A CN115222396A (en) 2022-07-18 2022-07-18 2/3 multi-sign method for managing block chain intelligent contract authority

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210839300.3A CN115222396A (en) 2022-07-18 2022-07-18 2/3 multi-sign method for managing block chain intelligent contract authority

Publications (1)

Publication Number Publication Date
CN115222396A true CN115222396A (en) 2022-10-21

Family

ID=83611068

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210839300.3A Pending CN115222396A (en) 2022-07-18 2022-07-18 2/3 multi-sign method for managing block chain intelligent contract authority

Country Status (1)

Country Link
CN (1) CN115222396A (en)

Similar Documents

Publication Publication Date Title
CN109918878B (en) Industrial Internet of things equipment identity authentication and safe interaction method based on block chain
CN112039872B (en) Cross-domain anonymous authentication method and system based on block chain
CN113783836B (en) Internet of things data access control method and system based on block chain and IBE algorithm
US20200084027A1 (en) Systems and methods for encryption of data on a blockchain
CN113194469B (en) 5G unmanned aerial vehicle cross-domain identity authentication method, system and terminal based on block chain
CN111262692B (en) Key distribution system and method based on block chain
CN111884815A (en) Block chain-based distributed digital certificate authentication system
CN111797159A (en) Information management and access control in a database
CN110581854A (en) intelligent terminal safety communication method based on block chain
CN110599163B (en) Transaction record outsourcing method facing block chain transaction supervision
CN112784306B (en) Cross-chain escrow method and system based on key fragmentation and multi-signature
CN108462696B (en) Decentralized block chain intelligent identity authentication system
CN109687965A (en) The real name identification method of subscriber identity information in a kind of protection network
Isirova et al. Decentralized public key infrastructure development principles
CN114036539A (en) Safety auditable Internet of things data sharing system and method based on block chain
WO2020252611A1 (en) Data interaction method and related equipments
WO2021154157A1 (en) Blockchain-based data exchange
CN113612610A (en) Session key negotiation method
CN115495768A (en) Secret-related information processing method and system based on block chain and multi-party security calculation
CN111882410A (en) Tax information query method and system based on block chain
CN114024698A (en) Power distribution Internet of things service safety interaction method and system based on state cryptographic algorithm
CN113328854B (en) Service processing method and system based on block chain
CN112654972A (en) Blockchain setup with restricted transactions
CN112529573A (en) Combined block chain threshold signature method and system
CN116797227A (en) Method and system for secure exchange protection of client privacy information based on homomorphic encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination