CN115375304A - Data processing method, device, equipment and medium based on block chain - Google Patents

Data processing method, device, equipment and medium based on block chain Download PDF

Info

Publication number
CN115375304A
CN115375304A CN202110554624.8A CN202110554624A CN115375304A CN 115375304 A CN115375304 A CN 115375304A CN 202110554624 A CN202110554624 A CN 202110554624A CN 115375304 A CN115375304 A CN 115375304A
Authority
CN
China
Prior art keywords
client
identity
data
identity certificate
transaction
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110554624.8A
Other languages
Chinese (zh)
Inventor
刘攀
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN202110554624.8A priority Critical patent/CN115375304A/en
Publication of CN115375304A publication Critical patent/CN115375304A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3827Use of message hashing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The embodiment of the application discloses a data processing method, a device, equipment and a medium based on a block chain, wherein the method comprises the following steps: acquiring transaction data of a client, wherein the transaction data carries an identity of the client, and the identity is determined according to an identity certificate of the client; inquiring an identity certificate of the client from the intelligent contract according to the identity; and if the identity certificate of the client is inquired from the intelligent contract and the client is determined to have the authority for executing the transaction operation corresponding to the transaction data aiming at the block chain according to the identity certificate, executing the transaction operation corresponding to the transaction data aiming at the block chain. The transaction operation can be carried out according to the authority indicated by the identity certificate, so that the safety of data processing on a block chain is improved, only the identity identification is carried in the transaction data instead of the complete identity certificate, the data volume of the transaction data can be reduced, and the rapid transmission of the transaction data is facilitated.

Description

Data processing method, device, equipment and medium based on block chain
Technical Field
The present application relates to the field of computer technologies and the field of blockchain technologies, and in particular, to a method, an apparatus, a device, and a medium for processing data based on a blockchain.
Background
With the development of computer technology, blockchain technology is rapidly developed, and considering that information stored on a blockchain cannot be forged and tampered, more and more enterprises can store business data on the blockchain, and if a user needs to perform data processing on data on the blockchain in a transaction form, the legality of a transaction signature is usually only required to be verified, that is, any user can perform data processing on the blockchain, so that how to improve the security in the data processing process on the blockchain becomes a current research hotspot problem.
Disclosure of Invention
The embodiment of the application provides a data processing method, a data processing device, equipment and a data processing medium based on a block chain, which can determine an identity certificate corresponding to a client by using a mapping relation between an identity carried by transaction data and an identity certificate recorded in an intelligent contract, and perform transaction operation according to authority indicated in the identity certificate, so that the security of data processing on the block chain is improved. Meanwhile, only the identity is carried in the transaction data, so that the data volume of the transaction data can be reduced compared with the case that a complete identity certificate is carried in the transaction data under the condition that the corresponding identity certificate can be obtained, data compression to a certain degree is realized, and the rapid transmission of the transaction data is facilitated.
The first aspect of the embodiments of the present application discloses a data processing method based on a block chain, where the method includes:
acquiring transaction data of a client, wherein the transaction data carries an identity of the client, and the identity is determined according to an identity certificate of the client;
inquiring the identity certificate of the client from the intelligent contract according to the identity;
and if the identity certificate of the client is inquired from the intelligent contract and the client is determined to have the authority for executing the transaction operation corresponding to the transaction data aiming at the block chain according to the identity certificate, executing the transaction operation corresponding to the transaction data aiming at the block chain.
A second aspect of the embodiments of the present application discloses a data processing apparatus based on a block chain, where the apparatus includes:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring transaction data of a client, the transaction data carries an identity of the client, and the identity is determined according to an identity certificate of the client;
the query unit is used for querying the identity certificate of the client from the intelligent contract according to the identity;
and the execution unit is used for executing the transaction operation corresponding to the transaction data aiming at the blockchain if the identity certificate of the client is inquired from the intelligent contract and the client is determined to have the authority of executing the transaction operation corresponding to the transaction data aiming at the blockchain according to the identity certificate.
A third aspect of embodiments of the present application discloses a data processing device, which includes a processor, a memory, and a network interface, where the processor, the memory, and the network interface are connected to each other, where the memory is used to store a computer program, the computer program includes program instructions, and the processor is configured to call the program instructions to execute the method of the first aspect.
A fourth aspect of embodiments of the present application discloses a computer-readable storage medium, in which a computer program is stored, the computer program comprising program instructions, which, when executed by a processor, cause the processor to perform the method of the first aspect.
A fifth aspect of embodiments of the present application discloses a computer program product or a computer program, which comprises computer instructions, which are stored in a computer-readable storage medium. The processor of the data processing apparatus reads the computer instructions from the computer readable storage medium, and the processor executes the computer instructions to cause the data processing apparatus to perform the method of the first aspect described above.
In the embodiment of the application, the transaction data of the client may be obtained, the transaction data may carry an identity of the client, the identity may be determined according to an identity certificate of the client, then, the identity certificate of the client may be queried from the intelligent contract according to the identity, and if the identity certificate of the client is queried from the intelligent contract and it is determined that the client has an authority to execute the transaction operation corresponding to the transaction data for the blockchain according to the identity certificate, the transaction operation corresponding to the transaction data may be executed for the blockchain. By the implementation method, the identity certificate corresponding to the client can be determined by utilizing the mapping relation between the identity identifier carried by the transaction data and the identity certificate recorded in the intelligent contract, and the transaction operation is carried out according to the authority indicated in the identity certificate, so that the safety of data processing on the block chain is improved. Only the identity is carried in the transaction data, so that the data volume of the transaction data can be reduced compared with the case that the complete identity certificate is carried in the transaction data under the condition that the corresponding identity certificate can be obtained, and the rapid transmission of the transaction data is facilitated.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings required to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the description below are some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
FIG. 1a is a block chain-based data processing system according to an embodiment of the present disclosure;
fig. 1b is a schematic structural diagram of a block chain according to an embodiment of the present application;
FIG. 1c is a schematic diagram of a process for generating a new block according to an embodiment of the present application;
fig. 2 is a schematic flowchart of a data processing method based on a block chain according to an embodiment of the present application;
FIG. 3 is a schematic structural diagram of an identity on a federation chain according to an embodiment of the present application;
fig. 4 is a schematic flowchart of a data processing method based on a block chain according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a data processing apparatus based on a block chain according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of a data processing apparatus according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some, but not all, embodiments of the present application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Please refer to fig. 1a, which is a schematic diagram of an architecture of a blockchain-based data processing system according to an embodiment of the present application, where the blockchain-based data processing system includes a blockchain network 10 and a client 102, where:
the blockchain network 10 refers to a network for performing data sharing between nodes, and the blockchain network may include a plurality of nodes 101, where the plurality of nodes 101 may include a common node. Each node 101 may receive input information and maintain shared data (i.e., blockchains) within the blockchain network based on the received input information while operating normally. Each node in the blockchain network stores an identical blockchain, where the blockchain includes a series of blocks (blocks) that are consecutive to each other according to a generated chronological order, such as Block 1, block M-1, and so on shown in fig. 1a, and once a new Block is added to the blockchain, the new Block is not removed any more, and the recorded data submitted by the nodes in the blockchain network is recorded in the Block. In order To ensure information intercommunication in the blockchain network, information connection may exist between each node, peer-To-Peer (P2P) communication may be implemented between any two nodes, and specifically, P2P communication may be implemented through a wired communication link or a wireless communication link. For example, when any node in the blockchain network receives input information, other nodes acquire the input information according to a consensus algorithm, and store the input information as data in shared data, so that the data stored on all nodes in the blockchain network are consistent.
The client 102 may access the blockchain network and may communicate with nodes in the blockchain network, e.g., send transaction data to the nodes, etc. The terminal where the client 102 is located may specifically be a smart phone, a tablet computer, a notebook computer, a desktop computer, a vehicle-mounted intelligent terminal, and the like, which is not limited in this embodiment of the application.
It should be noted that the number of nodes shown in fig. 1a is only illustrative, and according to actual needs, any number of nodes may be deployed, and the nodes may refer to any form of computing device in the access network, for example, a server and a user terminal may all join to become a node.
Each node in the blockchain network has a corresponding node identifier, and each node in the blockchain network can store node identifiers of other nodes in the blockchain network, so that the generated block can be broadcast to other nodes in the blockchain network according to the node identifiers of other nodes. Each node may maintain a node identifier list as shown in the following table, and store the node name and the node identifier in the node identifier list correspondingly. The node identifier may be an Internet Protocol (IP) address or any other information that can be used to identify the node, and the table is described by taking the IP address as an example.
Node name Node identification
Node 1 117.114.151.174
Node 2 117.116.189.145
Node N 119.123.789.258
Each node in the blockchain network stores one identical blockchain. The block chain is composed of a plurality of blocks, referring to fig. 1b, the block chain is composed of a plurality of blocks, the starting block includes a block header and a block main body, the block header stores an input information characteristic value, a version number, a timestamp and a difficulty value, and the block main body stores input information; the next block of the starting block takes the starting block as a parent block, the next block also comprises a block head and a block main body, the block head stores the input information characteristic value of the current block, the block head characteristic value of the parent block, the version number, the timestamp and the difficulty value, and the like, so that the block data stored in each block in the block chain is associated with the block data stored in the parent block, and the safety of the input information in the block is ensured.
When each block in the block chain is generated, referring to fig. 1c, when a node where the block chain is located receives input information, the input information is verified, after the verification is completed, the input information is stored in a memory pool, and a hash tree used for recording the input information is updated; and then, updating the updating time stamp to the time when the input information is received, trying different random numbers, and calculating the characteristic value for multiple times, so that the calculated characteristic value can meet the following formula:
SHA256(SHA256(version+prev_hash+merkle_root+ntime+nbits+x))<TARGET
wherein, SHA256 is a characteristic value algorithm used for calculating a characteristic value; version is version information of the relevant block protocol in the block chain; prev _ hash is a block header characteristic value of a parent block of the current block; merkle _ root is a characteristic value of the input information; ntime is the update time of the update timestamp; nbits is the current difficulty, is a fixed value within a period of time, and is determined again after exceeding a fixed time period; x is a random number; TARGET is a feature threshold, which can be determined from nbits.
Therefore, when the random number meeting the formula is obtained through calculation, the information can be correspondingly stored, and the block head and the block main body are generated to obtain the current block. And then, the node where the block chain is located sends the newly generated blocks to other nodes in the block chain network respectively according to the node identifications of the other nodes in the block chain network, the newly generated blocks are verified by the other nodes, and the newly generated blocks are added to the block chain stored in the newly generated blocks after the verification is completed.
The intelligent contract can be operated on the nodes of the block chain network, and various transactions can be realized by calling the intelligent contract. The intelligent contract is a non-tamper-able and automatically-executed computer program running on a blockchain, the intelligent contract is realized by code executed when a certain condition is met, a developer can define contract logic through a programming language, the contract logic is issued to the blockchain (intelligent contract registration), a secret key or other events are called to trigger execution according to the logic of contract terms, the contract logic is completed, and meanwhile, the functions of upgrading and cancelling the intelligent contract are provided.
In some feasible embodiments, any node 101 of the blockchain network may obtain transaction data of the client, where the transaction data may carry an identity of the client, the identity may be determined according to an identity certificate of the client, the node 101 may query the identity certificate of the client from the intelligent contract according to the identity, if the identity certificate of the client is queried from the intelligent contract, and it is determined according to the identity certificate that the client has an authority to perform a transaction operation corresponding to the transaction data with respect to the blockchain, the node 101 may perform the transaction operation corresponding to the transaction data with respect to the blockchain, and may determine the identity certificate corresponding to the client by using a mapping relationship between the identity carried by the transaction data and the identity certificate recorded in the intelligent contract, and perform the transaction operation according to the authority indicated in the identity certificate, thereby improving security of data processing on the blockchain. Only the identity is carried in the transaction data, so that the data volume of the transaction data can be reduced compared with the case that the complete identity certificate is carried in the transaction data under the condition that the corresponding identity certificate can be obtained, and the rapid transmission of the transaction data is facilitated.
Usually, a transaction block needs to be generated for transaction data, and the block is linked (the block is stored in a block chain), and since only an identity is carried, under the condition that it is ensured that a corresponding identity certificate can be obtained, compared with the case that a complete identity certificate is carried in the transaction data, the data volume of the transaction data can be reduced, so that data compression to a certain extent is realized, and thus, the consumption of block chain storage resources can be reduced.
The implementation details of the technical solution of the embodiment of the present application are set forth in detail below:
referring to fig. 2, fig. 2 is a schematic flow chart of a data processing method based on a blockchain according to an embodiment of the present disclosure, where the data processing method according to the embodiment of the present disclosure is mainly described from a node side, and as shown in fig. 2, the data processing method based on a blockchain may include:
s201: and acquiring the transaction data of the client, wherein the transaction data carries the identity of the client.
In one implementation, when a client needs to perform some data operation on the blockchain, the blockchain may be accessed in a transactional form, for example, the data operation may be any one or more of adding data, deleting data, looking up data, and modifying data. Then, the client may send the transaction data to the blockchain network, so that after the blockchain network receives the transaction data, a transaction operation corresponding to the transaction data is executed on the blockchain (the transaction operation may be understood as a data operation). After the client sends the transaction data to the blockchain network, a node of the blockchain network may obtain the transaction data, where the node may be any one of a plurality of nodes included in the blockchain network, and the any one node may be a consensus node or another node (a non-consensus node).
In an implementation manner, the transaction data may further carry an identity of the client, and the identity may be used to verify an identity authority of a transaction initiated by the client, so as to determine whether the client has an authority to execute a transaction operation corresponding to the transaction data for the blockchain subsequently according to the identity. For example, taking the block chain as the federation chain as an example, the federation chain belongs to admission control, that is, a client needs to obtain the authority given by an identity certificate from the federation chain to access the federation chain, and the identity certificate can be used for indicating the corresponding authority possessed by the client. For the federation chain, the complete identity certificate may be carried in the transaction data to access the federation chain, so as to verify the identity authority according to the identity certificate, and considering that carrying the complete identity certificate in the transaction data may bring a large amount of storage overhead, then compressing the identity certificate may be considered to reduce a large amount of storage overhead brought by carrying the complete identity certificate in the transaction. For example, the identity certificate may be replaced with an identity corresponding to the identity certificate, so that the identity is carried in the transaction data, rather than the complete identity certificate. From the above, under the condition that only the identity is carried and the corresponding identity certificate can be obtained subsequently, compared with the condition that the complete identity certificate is carried in the transaction data, the data volume of the transaction data can be reduced, so that data compression to a certain extent is realized. Then, the authentication of the identity rights can be performed according to the identity carried in the transaction data. The authentication of the identity authority may specifically be to determine whether the client has an authority to execute the transaction operation corresponding to the transaction data for the block chain according to the identity. Under the condition of possessing the authority, the transaction operation corresponding to the transaction data can be executed aiming at the block chain, so that the safety of data processing can be enhanced. Wherein, the identity can be determined according to the identity certificate of the client. The identity identifier may be a hash value obtained by performing hash calculation on an identity certificate of the client, or may be a digital number, a bit value (bit), or other information corresponding to the identity certificate, which is not limited in this application.
In one implementation, before sending transaction data to the blockchain, the client may record the identity certificate of the client on the smart contract, so that a subsequent client may obtain the authority indicated in the identity certificate from the smart contract to process the data on the blockchain. If the identity identifier includes a hash value obtained by performing hash calculation on the identity certificate of the client, the identity certificate of one or more clients and the hash value corresponding to the identity certificate may be recorded in the intelligent contract. That is, each client may record the client's corresponding identity credential on the smart contract before accessing the blockchain. The identity certificate of the client may apply for the organization corresponding to the blockchain, where the client may refer to a client utilized by a member in the organization or a member outside the organization, and the member in the organization or the member outside the organization may be referred to as a user in the present application. When the block chain is accessed by an organization mechanism corresponding to the block chain through a client, the organization mechanism also needs to have a corresponding identity certificate. The identity Certificate corresponding to the organization may be an identity Certificate of an organization administrator corresponding to the organization, and the identity Certificate of the organization administrator may apply for a Certificate Authority (CA). The organization administrator may also record its corresponding identity credentials on the smart contracts to facilitate subsequent interaction of the organization administrator with the blockchain through the client. The identity certificate corresponding to the organization administrator may be understood as an identity certificate of a client utilized by the organization administrator. The identity certificate (or identity) of the user, the identity certificate (or identity) of the organization administrator, and so on, may be understood as a client utilized by the user and the organization administrator.
In a specific implementation scenario, the following description takes a blockchain as an example of a federation chain, and in a federation chain platform, all principals interacting with the blockchain, a database, a configuration, and the like are given an identity, for example, the principal may be a client. And only when the identity has a certain specific right, the corresponding interactive operation can be successfully executed on the block chain. The identity authority can be managed through an identity certificate, and the certificate type of the identity certificate can be divided into a registration certificate, a transaction certificate and a communication certificate. Wherein the registration certificate may be issued to an entity such as a user or node that provided the registration credential, representing an identity in the blockchain network; the transaction certificate can be issued to the user to control the authority of each transaction, and different transactions can have different authorities; the communication certificate can control the access of the network layer and can check the identity of the remote entity. As shown in fig. 3, the identities in the federation chain may include an organization administrator, a consensus node, other nodes, and users, and the respective identities in the federation chain may be bound to an identity certificate. The federation chain may be a federation chain formed by a certain organization or a plurality of organizations, the organization administrator may be an administrator in the organization, the identity certificate of the organization administrator may be provided by the organization, the identity certificates of other members in the organization may be issued by a private key of the identity certificate of the organization administrator, and corresponding identity information of other members is set in a field corresponding to the identity certificate of the organization administrator.
The specific implementation process of recording the identity certificate corresponding to the organization administrator in the intelligent contract may include the following steps:
s1: the organization can generate an asymmetric public key and a asymmetric private key, and perform signature processing on the identity information corresponding to the organization by using the private key to obtain signature information, and after obtaining the signature information, can send a certificate application request to the CA organization to apply for an identity certificate corresponding to the organization or understand the identity certificate corresponding to an organization administrator to the CA organization. The certificate application request may include a public key, identity information corresponding to an organization, and signature information.
s2: the CA authority, after receiving the certificate application request transmitted by the organization, can perform real-name authentication using information included in the certificate application request. And after the real-name authentication passes, a corresponding identity certificate can be issued to the organization. After the CA authority issues an identity certificate to the organization, the identity certificate also needs to be recorded in the smart contract. The CA authority may then generate transaction data from the identity certificate and send the transaction data to the blockchain network, which may include the identity certificate issued by the CA authority for the organization (the identity certificate corresponding to the organization administrator).
s3: the blockchain network may verify the validity of the transaction data after receiving the transaction data. Wherein it may be that any node in the blockchain network receives the transaction data. The transaction data may further include signature data corresponding to the identity certificate, where the signature data is obtained by performing signature processing on the identity certificate by using a private key of a CA organization. Then verifying the validity of the transaction data may be verifying the signature data. The specific implementation of the verification may be to perform a signature decoding process on the signature data by using a public key corresponding to a private key of the CA organization to obtain signature decoding data, and after obtaining the signature decoding data, may detect whether the signature decoding data and the identity certificate are consistent, and if so, may determine that the transaction data is legal. Then, after the verification is passed, the virtual machine may be invoked to execute a transaction operation corresponding to the transaction data, where the transaction operation is executed, that is, the identity certificate of the organization administrator is recorded on the intelligent contract. Wherein the smart contract may be run on the virtual machine.
s4: in execution, a node in the blockchain network may invoke an intelligent contract to record the identity certificate. For example, an identity identifier corresponding to the identity certificate may be determined according to the identity certificate, where the identity identifier may be a hash value obtained by performing a hash calculation on the identity certificate, and the hash calculation may be a digest hash calculation. After the hash value is obtained, whether the identity certificate corresponding to the hash value already exists can be inquired in the intelligent contract according to the hash value. If the identity certificate corresponding to the hash value is inquired in the intelligent contract, an execution failure result can be returned to the CA mechanism. If the identity certificate corresponding to the hash value is not queried in the intelligent contract, the hash value and the identity certificate corresponding to the hash value can be recorded in the intelligent contract, so that the corresponding identity certificate can be queried according to the hash value in the following process. For example, the hash Value and the identity certificate corresponding to the hash Value may be recorded in the intelligent contract in the form of a Key Value pair, that is, the hash Value may be used as a Key (Key), and the identity certificate corresponding to the hash Value may be recorded in the intelligent contract as a Value (Value).
s5: the node in the blockchain network can also send the identity certificate of the organization administrator to a consensus node in the blockchain network for consensus, so that the consensus node in the blockchain network can perform consensus on the hash value corresponding to the identity certificate, and after the consensus passes, the hash value and the identity certificate corresponding to the hash value can be recorded in an intelligent contract.
s6: after the identity certificate corresponding to the organization administrator is recorded in the smart contract, the node in the blockchain network may return the hash value corresponding to the identity certificate to the CA authority.
s7: the CA organization may receive the hash value corresponding to the identity certificate of the organization administrator returned by the blockchain network, and return the identity certificate and the hash value corresponding to the identity certificate to the organization. Then, the organization may store the identity certificate and the hash value corresponding to the identity certificate, so that the identity authority may be verified according to the hash value corresponding to the identity certificate when performing subsequent data interaction with the federation chain.
In one implementation, a user wants to join a federation chain formed by organizations, that is, when the user wants to perform data interaction on the federation chain through a client, the user also needs to verify the identity authority, and an identity certificate corresponding to the user also needs to be recorded on an intelligent contract. The identity certificate of the user may apply for an organization (or an organization administrator), and the specific implementation process of recording the identity certificate corresponding to the user in the intelligent contract may include the following steps:
s1: the user can generate an asymmetric public key and an asymmetric private key, and perform signature processing on the identity information corresponding to the user by using the private key to obtain signature information, and after obtaining the signature information, can send a certificate application request to an organization to apply for an identity certificate corresponding to the user from the organization. The certificate application request may include a public key, identity information corresponding to the user, and signature information.
S2: after receiving a certificate application request sent by a user, an organization may perform real-name authentication using information included in the certificate application request. And after the real-name authentication is passed, a corresponding identity certificate can be issued to the user. After the organization issues the user with the identity certificate, the identity certificate also needs to be recorded in the smart contract. The organization may then generate transaction data from the identity certificate and transmit the transaction data to the blockchain network, which may include the identity certificate issued by the organization for the user.
S3: the blockchain network may verify the validity of the transaction data after receiving the transaction data. For checking the validity of the transaction data, reference may be made to the above description, which is not described herein again. And after the verification is passed, the virtual machine can be called to execute the transaction operation corresponding to the transaction data. Wherein the transaction operation is performed by recording the identity certificate of the user on the smart contract.
S4: in execution, a node in the blockchain network may invoke an intelligent contract to record the identity certificate. For example, an identity identifier corresponding to the identity certificate may be determined according to the identity certificate, where the identity identifier may be a hash value obtained by performing a hash calculation on the identity certificate, and the hash calculation may be a digest hash calculation. After the hash value is obtained, whether the identity certificate corresponding to the hash value already exists can be inquired in the intelligent contract according to the hash value. If the identity certificate corresponding to the hash value is inquired in the intelligent contract, an execution failure result can be returned to the organization. If the identity certificate corresponding to the hash value is not queried in the intelligent contract, the hash value and the identity certificate corresponding to the hash value can be recorded in the intelligent contract, so that the corresponding identity certificate can be queried according to the hash value in the following process. For example, the hash Value and the identity certificate corresponding to the hash Value may be recorded in the intelligent contract in the form of a Key Value pair, that is, the hash Value may be used as a Key (Key), and the identity certificate corresponding to the hash Value may be recorded in the intelligent contract as a Value (Value).
S5: the node in the blockchain network can also send the identity certificate of the user to a consensus node in the blockchain network for consensus so that the consensus node in the blockchain network can perform consensus on the hash value corresponding to the identity certificate, and after the consensus is passed, the hash value and the identity certificate corresponding to the hash value can be recorded in the intelligent contract.
S6: after the identity certificate corresponding to the user is recorded in the smart contract, the node in the blockchain network may return the hash value corresponding to the identity certificate to the organization.
S7: the organization mechanism can receive the hash value corresponding to the identity certificate of the user returned by the blockchain network and return the identity certificate and the hash value corresponding to the identity certificate to the user. Then, the user may store the identity certificate and the hash value corresponding to the identity certificate, so that the identity authority may be verified according to the hash value corresponding to the identity certificate when performing subsequent data interaction with the federation chain. The organization may also choose to store the identity certificate of the user and the hash value corresponding to the identity certificate.
Then, after the identity certificate of the organization and the identity certificate of the user are both recorded in the smart contract, the user may interact with the blockchain through the client.
In one implementation, after transaction data of a client is received at any node on the blockchain network, it is usually necessary to generate a transaction block for the transaction data and uplink the block (store the block onto the blockchain). For example, after a certain node in the blockchain network acquires transaction data, the transaction data may be stored into a block, a mercker root of the transaction data is calculated, a hash value of a last block of the blockchain stored by the node is acquired, the node stores the mercker root of the transaction data, the hash value of a last block of a current blockchain and a current timestamp into a block header, the node combines the block header and the block in which the transaction data is stored into a first block, adds the first block to the blockchain stored by the node, and broadcasts the first block to the rest of the nodes in the blockchain network, so that the rest of the nodes add the first block to the respectively maintained blockchains, and the blockchains maintained by the respective nodes are synchronized. From the above, under the condition that only the identity is carried and the corresponding identity certificate is guaranteed to be obtained subsequently, compared with the condition that the complete identity certificate is carried in the transaction data, the data volume of the transaction data can be reduced, so that data compression to a certain extent is realized, and the consumption of block chain storage resources can be reduced.
S202: and inquiring the identity certificate of the client from the intelligent contract according to the identity.
S203: and if the identity certificate of the client is inquired from the intelligent contract and the client is determined to have the authority for executing the transaction operation corresponding to the transaction data aiming at the block chain according to the identity certificate, executing the transaction operation corresponding to the transaction data aiming at the block chain.
In step S202 and step S203, the identity certificate of the client may be queried from the smart contract according to the identity identifier, and it is determined whether the identity certificate of the client may be queried from the smart contract, so as to determine that the client has the right to perform the transaction operation corresponding to the transaction data for the blockchain according to the identity certificate. If the identity certificate of the client is not queried from the intelligent contract, that is, the client does not have the authority of executing the transaction operation corresponding to the transaction data for the block chain, a result of failure in transaction execution may be returned to the client. If the identity certificate of the client can be inquired from the intelligent contract, whether the client has the authority for executing the transaction operation corresponding to the transaction data aiming at the block chain can be determined according to the identity certificate. For example, it may be detected whether the authority for performing the transaction operation corresponding to the transaction data for the blockchain is recorded in the identity certificate. If it is detected that the authority for executing the transaction operation corresponding to the transaction data for the block chain is recorded in the identity certificate, it may be determined that the client has the authority for executing the transaction operation corresponding to the transaction data for the block chain. If it is detected that the authority for executing the transaction operation corresponding to the transaction data for the blockchain is not recorded in the identity certificate, it may be determined that the client does not have the authority for executing the transaction operation corresponding to the transaction data for the blockchain. Then, if it is determined that the client does not have the right to execute the transaction operation corresponding to the transaction data for the block chain according to the identity certificate, a result of failure in transaction execution may be returned to the client. And if the client side is determined to have the authority for executing the transaction operation corresponding to the transaction data aiming at the block chain according to the identity certificate, executing the transaction operation corresponding to the transaction data aiming at the block chain.
In an implementation manner, the node described above may determine whether the client has the authority to execute the transaction operation corresponding to the transaction data for the blockchain according to the identity certificate, and may further determine whether the client has the authority to execute the transaction operation corresponding to the transaction data for the blockchain again by the consensus node. For example, after the node (which may be a consensus node or a non-consensus node) determines that the client has the authority to perform the transaction operation corresponding to the transaction data on the blockchain according to the identity certificate, the consensus node performs consensus to determine whether the client has the authority to perform the transaction operation corresponding to the transaction data on the blockchain according to the consensus data.
Optionally, a specific implementation of determining, by the consensus node, whether the client has the right to perform the transaction operation corresponding to the transaction data on the blockchain may be as follows. After the node determines that the client has the authority for executing the transaction operation corresponding to the transaction data aiming at the block chain according to the identity certificate, the identity of the client and the transaction data can be sent to a consensus node in the block chain network, so that the consensus node in the block chain network can perform consensus on whether the client has the authority for executing the transaction operation corresponding to the transaction data aiming at the block chain. In a specific embodiment, the consensus node determines whether the client has the authority to execute the transaction operation corresponding to the transaction data for the blockchain, which is not described herein again, by referring to the description that the node determines whether the client has the authority to execute the transaction operation corresponding to the transaction data for the blockchain. After the consensus node determines whether the client has the authority to execute the transaction operation corresponding to the transaction data for the blockchain, the consensus data can be returned to the node, wherein the consensus data can include the consensus data that determines that the client has the authority to execute the transaction operation for the blockchain or the consensus data that determines that the client does not have the authority to execute the transaction operation for the blockchain.
Then, the node may receive consensus data returned by the consensus nodes in the blockchain network to determine whether the client has a right to perform a transaction operation on the blockchain according to the consensus data. For example, if it can be determined from the consensus data that the client has the authority to perform the transaction operation on the blockchain, the consensus result indicating that the client has the authority to perform the transaction operation on the blockchain, that is, the client has the authority to perform the transaction operation on the blockchain, can be obtained if the consensus node exceeding the target ratio in the blockchain network is detected. In other words, the number of the common identification nodes corresponding to the common identification data for determining that the client has the authority to perform the transaction operation on the blockchain in the common identification data may be detected, and then the ratio between the number and the number of all the common identification nodes in the blockchain network may be determined, and if it is detected that the ratio exceeds the target ratio, the common identification result indicating that the client has the authority to perform the transaction operation on the blockchain, that is, the client has the authority to perform the transaction operation on the blockchain may be obtained. For example, assuming that the number of the common nodes in the blockchain network is N (N may be greater than or equal to 2), the target ratio may be set to be equal to N/2 or N × 2/3.
In one implementation, the transaction data may further include a logoff key, and then, in the case that the identity certificate of the client is queried from the smart contract, the logoff key of the client may further be obtained from the identity certificate, so as to detect whether the obtained logoff key in the identity certificate matches with the logoff key included in the transaction data. If the obtained de-signing key from the identity certificate is matched with the de-signing key included in the transaction data, the client side can be determined to have the authority for executing the transaction operation corresponding to the transaction data aiming at the block chain according to the identity certificate, and the transaction operation corresponding to the transaction data is executed aiming at the block chain. If the obtained signing key from the identity certificate does not match the signing key included in the transaction data, a failure result of the transaction execution may be returned to the client.
In one implementation, after the node executes the transaction operation corresponding to the transaction data for the block chain, the execution result after the transaction operation may be packaged as a second block (or the transaction data and the execution result after the transaction operation are packaged together as the second block), and stored in the block on the block chain. When the node stores the second block in the block chain, the node may also broadcast the second block to the other nodes, so that the other nodes add the second block to the block chain maintained by each node, so that the block chains maintained by each node are synchronized.
Optionally, when the node broadcasts the second block to the rest of nodes in the blockchain network, the second block may be broadcast to the consensus node in the blockchain network, so that the consensus node performs consensus verification on the execution result after the transaction operation in the second block, so as to verify that the execution result after the transaction operation is a valid execution result. And after the consensus verification is passed, the second block can be added to the block chain maintained by the second block, and a result indicating that the consensus verification is passed can be sent to the operation node initiating the broadcast. For example, if the number of results indicating that the consensus verification passes is received by the operation node initiating the broadcast, which exceeds a specified ratio, the consensus verification may be determined to pass, and after the consensus verification passes, the execution result after the transaction operation may be written into the block chain. For example, assuming that the number of the common nodes in the blockchain network is N (N may be greater than or equal to 2), the target ratio may be set to be equal to N/2 or N × 2/3 or N × 3/4.
In the embodiment of the application, the transaction data of the client can be acquired, the transaction data can carry the identity of the client, then, the identity certificate of the client can be inquired from the intelligent contract according to the identity, if the identity certificate of the client can be inquired from the intelligent contract, and the client is determined to have the authority for executing the transaction operation corresponding to the transaction data aiming at the block chain according to the identity certificate, the transaction operation corresponding to the transaction data can be executed aiming at the block chain. By implementing the method, the identity certificate corresponding to the client can be determined by utilizing the mapping relation between the identity carried by the transaction data and the identity certificate recorded in the intelligent contract, and the transaction operation is carried out according to the authority indicated in the identity certificate, so that the safety of data processing on the block chain is improved. And only the identity is carried in the transaction data, so that the data volume of the transaction data can be reduced compared with the case that a complete identity certificate is carried in the transaction data under the condition that the corresponding identity certificate can be obtained, data compression to a certain extent is realized, the rapid transmission of the transaction data is facilitated, and the consumption of block chain storage resources caused by carrying the complete identity certificate can be reduced.
Referring to fig. 4, fig. 4 is a schematic flowchart of a data processing method based on a block chain according to an embodiment of the present application, where the data processing method according to the embodiment of the present application is mainly described from a node side, and as shown in fig. 4, the data processing method based on the block chain may include:
s401: and acquiring the transaction data of the client, wherein the transaction data carries the identity of the client.
In one implementation, the transaction bearer may further include signature data, where the signature data may be obtained by performing signature processing on the transaction data using a signature key of the client. Then, after the transaction data of the client is acquired, the signature data included in the transaction data needs to be verified, and in case that the signature data passes verification, the following step S402 may be executed.
Alternatively, the specific implementation of verifying the signature data may be as follows. The signature data can be de-signed by using the de-signing key corresponding to the signature key, so as to obtain de-signing data corresponding to the signature data. The signing key corresponding to the signing key may be obtained from pre-storage in the block chain, or may be obtained as a decryption key included in the transaction data, or may be obtained in other manners, which is not limited in this application. After the signature-canceling data is obtained, the signature verification result of the signature data can be determined according to the signature-canceling data and the transaction data. Wherein the signature verification result may include an indication that the signature data check passed or an indication that the signature data check failed. For example, it may be determined whether the de-signing data and the transaction data are consistent, if the de-signing data and the transaction data are consistent, the signature verification result may be determined to indicate that the signature data check passes, and if the de-signing data and the transaction data are inconsistent, the signature verification result may be determined to indicate that the signature data check fails. Whereas, in case that the signature verification result indicates that the signature data is verified, the subsequent step S402 may be performed. And in the case that the signature verification result indicates that the signature data verification fails, a result of transaction execution failure can be returned to the client.
For a specific implementation of step S401, reference may be made to the detailed description of step S201 in the foregoing embodiment, and details are not described here again.
S402: and inquiring the identity certificate of the client from the intelligent contract data stored in the cache according to the identity.
In one implementation, in order to reduce storage overhead, the present application may further record the identity certificate of the client on the smart contract by using a caching mechanism. Then, the identity certificate of the client may be recorded in the intelligent contract data stored in the cache, and it may be first queried whether the identity certificate of the client exists from the intelligent contract data stored in the cache according to the identity. Wherein the intelligent contract data stored in the cache may include an identity certificate of a portion of the client. If the identity certificate of the client can be inquired from the intelligent contract data stored in the cache, whether the client has the authority of executing the transaction operation corresponding to the transaction data aiming at the block chain can be determined according to the identity certificate. For example, it may be detected whether the authority for performing the transaction operation corresponding to the transaction data for the blockchain is recorded in the identity certificate. If it is detected that the authority for executing the transaction operation corresponding to the transaction data for the block chain is recorded in the identity certificate, it can be determined that the client has the authority for executing the transaction operation corresponding to the transaction data for the block chain, and then the transaction operation corresponding to the transaction data can be executed for the block chain. If it is detected that the authority for executing the transaction operation corresponding to the transaction data for the blockchain is not recorded in the identity certificate, it may be determined that the client does not have the authority for executing the transaction operation corresponding to the transaction data for the blockchain, and then a result of failure in executing the transaction may be returned to the client.
S403: and if the identity certificate of the client is not inquired from the intelligent contract data stored in the cache, inquiring the identity certificate of the client from the intelligent contract stored in the memory according to the identity.
In one implementation, if the identity certificate of the client is not queried from the intelligent contract data stored in the cache, the identity certificate of the client may be queried from the intelligent contract stored in the memory according to the identity.
As can be seen from the above, the identity certificate of the client may be queried in the cache, and the identity certificate may be queried from the memory again when the identity certificate is not queried in the cache. Therefore, through the cache mechanism, it is not necessary to read data from the memory every time it needs to be determined that the client has the right to execute the transaction operation corresponding to the transaction data for the block chain, so that the speed of transaction right verification can be increased, the speed of transaction execution can be increased, and the overall throughput of the block chain can be provided.
In an implementation manner, if the identity certificate of the client is queried from the intelligent contract stored in the memory, the identity certificate of the client can be stored in the cache, so that the speed of authority verification in subsequent transaction data initiated from the same client can be increased, and the transaction execution speed can be further increased.
S404: and if the identity certificate of the client is inquired from the intelligent contract stored in the memory, and the client is determined to have the authority for executing the transaction operation corresponding to the transaction data aiming at the block chain according to the identity certificate, executing the transaction operation corresponding to the transaction data aiming at the block chain.
For a specific implementation of step S404, reference may be made to the detailed description of step S203 in the foregoing embodiment, and details are not described here again.
In the embodiment of the application, the transaction data of the client can be acquired, the transaction data can carry the identity of the client, then, the identity of the client can be inquired from the intelligent contract data stored in the cache according to the identity, if the identity of the client is not inquired from the intelligent contract data stored in the cache, the identity of the client can be inquired from the intelligent contract stored in the memory according to the identity, if the identity of the client can be inquired from the intelligent contract stored in the memory, and the client is determined to have the right to execute the transaction operation corresponding to the transaction data for the block chain according to the identity, and then the transaction operation corresponding to the transaction data can be executed for the block chain. By implementing the method, the identity certificate corresponding to the client can be determined by utilizing the mapping relation between the identity carried by the transaction data and the identity certificate recorded in the intelligent contract, and the transaction operation is carried out according to the authority indicated in the identity certificate, so that the safety of data processing on the block chain is improved. And only the identity is carried in the transaction data, so that compared with the case that the transaction data carries a complete identity certificate, the data volume of the transaction data can be reduced, data compression to a certain degree is realized, the rapid transmission of the transaction data is facilitated, and the consumption of block chain storage resources caused by carrying the complete identity certificate can be reduced. Meanwhile, by utilizing a cache mechanism, namely storing the identity certificate in the memory, the data does not need to be read from the memory every time, and the transaction execution speed can be effectively improved.
Fig. 5 is a schematic structural diagram of a data processing apparatus based on a block chain according to an embodiment of the present application. The data processing apparatus described in this embodiment includes:
an obtaining unit 501, configured to obtain transaction data of a client, where the transaction data carries an identity of the client, and the identity is determined according to an identity certificate of the client;
a query unit 502, configured to query the identity certificate of the client from the smart contract according to the identity identifier;
an executing unit 503, configured to execute the transaction operation corresponding to the transaction data for the blockchain if the identity certificate of the client is queried from the smart contract and it is determined that the client has the right to execute the transaction operation corresponding to the transaction data for the blockchain according to the identity certificate.
In an implementation manner, the querying unit 502 is specifically configured to:
and inquiring the identity certificate of the client from the intelligent contract data stored in the cache according to the identity.
In one implementation, the querying unit 502 is further configured to:
and if the identity certificate of the client is not inquired from the intelligent contract data stored in the cache, inquiring the identity certificate of the client from the intelligent contract stored in the memory according to the identity.
In one implementation, the querying unit 502 is further configured to:
and if the identity certificate of the client is inquired from the intelligent contract stored in the memory, storing the identity certificate of the client into the cache.
In one implementation, the transaction data further includes signature data, and the signature data is obtained by performing signature processing on the transaction data by using a signature key of the client; the obtaining unit 501 is further configured to:
carrying out signature removal processing on the signature data by using a signature removal key corresponding to the signature key to obtain signature removal data;
determining a signature verification result of the signature data according to the de-signing data and the transaction data;
and if the signature verification result indicates that the signature data passes verification, executing the step of querying the identity certificate of the client from the intelligent contract according to the identity identifier.
In one implementation, the transaction data further includes the signing key; the execution unit 503 is specifically configured to:
if the identity certificate of the client is inquired from the intelligent contract, acquiring the client's logoff key from the identity certificate;
and if the obtained de-signing key from the identity certificate is matched with the de-signing key included in the transaction data and the client side is determined to have the authority of executing the transaction operation corresponding to the transaction data aiming at the block chain according to the identity certificate, executing the transaction operation corresponding to the transaction data aiming at the block chain.
In one implementation, the execution unit 503 is further configured to:
sending the transaction data to a consensus node in a block chain network so that the consensus node in the block chain network agrees whether the client has the authority to execute the transaction operation corresponding to the transaction data for the block chain;
receiving consensus data returned by the consensus nodes in the block chain network;
and if the consensus node exceeding the target proportion in the block chain network is detected according to the consensus data, determining that the client has the authority for executing the transaction operation aiming at the block chain, and obtaining a consensus result for indicating that the client has the authority for executing the transaction operation aiming at the block chain.
In one implementation, the identity identifier includes a hash value obtained by performing hash calculation on an identity certificate of the client; and recording the identity certificates of one or more clients and the hash values corresponding to the identity certificates in the intelligent contract.
It is understood that the division of the units in the embodiments of the present application is illustrative, and is only one logical function division, and there may be another division manner in actual implementation. Each functional unit in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
Fig. 6 is a schematic structural diagram of a data processing apparatus according to an embodiment of the present disclosure. The data processing apparatus described in this embodiment includes: a processor 601, a memory 602, and a network interface 603. The processor 601, the memory 602, and the network interface 603 may exchange data therebetween.
The Processor 601 may be a Central Processing Unit (CPU), and may also be other general purpose processors, digital Signal Processors (DSPs), application Specific Integrated Circuits (ASICs), field-Programmable Gate arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 602, which may include both read-only memory and random-access memory, provides program instructions and data to the processor 601. A portion of the memory 602 may also include non-volatile random access memory. Wherein, the processor 601 is configured to execute, when calling the program instruction:
acquiring transaction data of a client, wherein the transaction data carries an identity of the client, and the identity is determined according to an identity certificate of the client;
inquiring the identity certificate of the client from the intelligent contract according to the identity;
and if the identity certificate of the client is inquired from the intelligent contract and the client is determined to have the authority for executing the transaction operation corresponding to the transaction data aiming at the block chain according to the identity certificate, executing the transaction operation corresponding to the transaction data aiming at the block chain.
In one implementation, the processor 601 is specifically configured to:
and inquiring the identity certificate of the client from the intelligent contract data stored in the cache according to the identity.
In one implementation, the processor 601 is further configured to:
and if the identity certificate of the client is not inquired from the intelligent contract data stored in the cache, inquiring the identity certificate of the client from the intelligent contract stored in the memory according to the identity.
In one implementation, the processor 601 is further configured to:
and if the identity certificate of the client is inquired from the intelligent contract stored in the memory, storing the identity certificate of the client into the cache.
In one implementation manner, the transaction data further includes signature data, and the signature data is obtained by performing signature processing on the transaction data by using a signature key of the client; the processor 601 is further configured to:
carrying out signature removal processing on the signature data by using a signature removal key corresponding to the signature key to obtain signature removal data;
determining a signature verification result of the signature data according to the signature removal data and the transaction data;
and if the signature verification result indicates that the signature data passes verification, executing the step of querying the identity certificate of the client from the intelligent contract according to the identity identifier.
In one implementation, the transaction data further includes the signing key; the processor 601 is specifically configured to:
if the identity certificate of the client is inquired from the intelligent contract, acquiring an unlocking key of the client from the identity certificate;
and if the signing release key obtained from the identity certificate is matched with the signing release key included in the transaction data, and the client side is determined to have the authority for executing the transaction operation corresponding to the transaction data aiming at the block chain according to the identity certificate, executing the transaction operation corresponding to the transaction data aiming at the block chain.
In one implementation, the processor 601 is further configured to:
sending the transaction data to a consensus node in a block chain network so that the consensus node in the block chain network can perform consensus on whether the client has the authority to execute the transaction operation corresponding to the transaction data for the block chain;
receiving consensus data returned by the consensus nodes in the block chain network;
and if the consensus node exceeding the target proportion in the block chain network is detected according to the consensus data, determining that the client has the authority for executing the transaction operation aiming at the block chain, and obtaining a consensus result for indicating that the client has the authority for executing the transaction operation aiming at the block chain.
In one implementation, the identity identifier includes a hash value obtained by performing hash calculation on an identity certificate of the client; and recording the identity certificates of one or more clients and the hash values corresponding to the identity certificates in the intelligent contract.
The embodiment of the present application also provides a computer storage medium, in which program instructions are stored, and when the program is executed, some or all of the steps of the data processing method based on the block chain in the embodiment corresponding to fig. 2 or fig. 4 may be included.
It should be noted that, for simplicity of description, the above-mentioned embodiments of the method are described as a series of acts, but those skilled in the art should understand that the present application is not limited by the described order of acts, as some steps may be performed in other orders or simultaneously according to the present application. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and modules referred to are not necessarily required in this application.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by associated hardware instructed by a program, which may be stored in a computer-readable storage medium, and the storage medium may include: flash disks, read-Only memories (ROMs), random Access Memories (RAMs), magnetic or optical disks, and the like.
Embodiments of the present application also provide a computer program product or computer program comprising computer instructions stored in a computer-readable storage medium. The computer instructions are read by a processor of the server from the computer-readable storage medium, and the processor executes the computer instructions to cause the server to perform the steps performed in the embodiments of the methods described above.
The above detailed description is given to a data processing method, apparatus, device and medium based on a block chain according to an embodiment of the present application, and a specific example is applied in this document to explain the principle and implementation of the present application, and the description of the above embodiment is only used to help understanding the method and core idea of the present application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.

Claims (11)

1. A method for processing data based on a blockchain, the method comprising:
acquiring transaction data of a client, wherein the transaction data carries an identity of the client, and the identity is determined according to an identity certificate of the client;
inquiring the identity certificate of the client from the intelligent contract according to the identity;
and if the identity certificate of the client is inquired from the intelligent contract and the client is determined to have the authority for executing the transaction operation corresponding to the transaction data aiming at the block chain according to the identity certificate, executing the transaction operation corresponding to the transaction data aiming at the block chain.
2. The method of claim 1, wherein querying the identity certificate of the client from the smart contract in accordance with the identity comprises:
and inquiring the identity certificate of the client from the intelligent contract data stored in the cache according to the identity.
3. The method of claim 2, further comprising:
and if the identity certificate of the client is not inquired from the intelligent contract data stored in the cache, inquiring the identity certificate of the client from the intelligent contract stored in the memory according to the identity.
4. The method of claim 3, further comprising:
and if the identity certificate of the client is inquired from the intelligent contract stored in the memory, storing the identity certificate of the client into the cache.
5. The method according to any one of claims 1 to 4, wherein the transaction data further comprises signature data, the signature data being obtained by performing signature processing on the transaction data by using a signature key of the client; the method further comprises the following steps:
carrying out signature removal processing on the signature data by using a signature removal key corresponding to the signature key to obtain signature removal data;
determining a signature verification result of the signature data according to the de-signing data and the transaction data;
and if the signature verification result indicates that the signature data passes verification, executing the step of querying the identity certificate of the client from the intelligent contract according to the identity identifier.
6. The method of claim 5, wherein the transaction data further comprises the signing key; if the identity certificate of the client is inquired from the intelligent contract and the client is determined to have the authority of executing the transaction operation corresponding to the transaction data aiming at the blockchain according to the identity certificate, executing the transaction operation corresponding to the transaction data aiming at the blockchain, wherein the method comprises the following steps of:
if the identity certificate of the client is inquired from the intelligent contract, acquiring an unlocking key of the client from the identity certificate;
and if the signing release key obtained from the identity certificate is matched with the signing release key included in the transaction data, and the client side is determined to have the authority for executing the transaction operation corresponding to the transaction data aiming at the block chain according to the identity certificate, executing the transaction operation corresponding to the transaction data aiming at the block chain.
7. The method according to any one of claims 1-4, further comprising:
sending the transaction data to a consensus node in a block chain network so that the consensus node in the block chain network agrees whether the client has the authority to execute the transaction operation corresponding to the transaction data for the block chain;
receiving consensus data returned by the consensus nodes in the block chain network;
and if the consensus node exceeding the target proportion in the block chain network is detected according to the consensus data, determining that the client has the authority for executing the transaction operation aiming at the block chain, and obtaining a consensus result for indicating that the client has the authority for executing the transaction operation aiming at the block chain.
8. The method of claim 1, wherein the identity comprises a hash value obtained by hashing an identity certificate of the client; and recording the identity certificates of one or more clients and the hash values corresponding to the identity certificates in the intelligent contract.
9. A blockchain-based data processing apparatus, comprising:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring transaction data of a client, the transaction data carries an identity of the client, and the identity is determined according to an identity certificate of the client;
the query unit is used for querying the identity certificate of the client from the intelligent contract according to the identity;
and the execution unit is used for executing the transaction operation corresponding to the transaction data aiming at the blockchain if the identity certificate of the client is inquired from the intelligent contract and the client is determined to have the authority of executing the transaction operation corresponding to the transaction data aiming at the blockchain according to the identity certificate.
10. A data processing device comprising a processor, a memory and a network interface, the processor, memory and network interface being interconnected, wherein the memory is configured to store a computer program comprising program instructions, the processor being configured to invoke the program instructions to perform the method of any one of claims 1 to 8.
11. A computer storage medium, characterized in that the computer storage medium stores a computer program comprising program instructions that, when executed by a processor, cause a computer device having the processor to perform the method of any one of claims 1-8.
CN202110554624.8A 2021-05-20 2021-05-20 Data processing method, device, equipment and medium based on block chain Pending CN115375304A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110554624.8A CN115375304A (en) 2021-05-20 2021-05-20 Data processing method, device, equipment and medium based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110554624.8A CN115375304A (en) 2021-05-20 2021-05-20 Data processing method, device, equipment and medium based on block chain

Publications (1)

Publication Number Publication Date
CN115375304A true CN115375304A (en) 2022-11-22

Family

ID=84059775

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110554624.8A Pending CN115375304A (en) 2021-05-20 2021-05-20 Data processing method, device, equipment and medium based on block chain

Country Status (1)

Country Link
CN (1) CN115375304A (en)

Similar Documents

Publication Publication Date Title
CN110727712B (en) Data processing method and device based on block chain network, electronic equipment and storage medium
US20230316273A1 (en) Data processing method and apparatus, computer device, and storage medium
CN113972986B (en) Block chain-based industrial internet identification information analysis method and related device
CN111523890B (en) Block chain-based data processing method, device, storage medium and equipment
US20230037932A1 (en) Data processing method and apparatus based on blockchain network, and computer device
CN110177124B (en) Identity authentication method based on block chain and related equipment
CN113409047B (en) Data processing method, device and equipment based on block chain and readable storage medium
CN110597918A (en) Account management method and device and computer readable storage medium
CN111899019A (en) Method and system for cross validation and sharing of blacklist and multiple parties
CN113328997A (en) Alliance chain cross-chain system and method
CN113255014B (en) Data processing method based on block chain and related equipment
CN112448946A (en) Log auditing method and device based on block chain
US20230325833A1 (en) Blockchain-based data processing method and apparatus, device, storage medium, and program product
CN111447069A (en) Low-frequency access data processing method based on block chain
CN111597537B (en) Block chain network-based certificate issuing method, related equipment and medium
CN110598452B (en) Evidence information processing method, device, storage medium and equipment based on blockchain
CN111339551B (en) Data verification method and related device and equipment
US20240163118A1 (en) Blockchain-based data processing method, device, and readable storage medium
CN110597820A (en) Block chain based information processing method and device, storage medium and equipment
CN111241188A (en) Consensus method in block chain network, node and storage medium
CN117407437A (en) Block chain-based data processing method, equipment and readable storage medium
CN116827957A (en) Information processing method, device, equipment and medium based on multi-block chain
WO2023098327A1 (en) Blockchain-based block processing method and apparatus, device, storage medium, and program product
CN117010889A (en) Data processing method, device, equipment, medium and product
CN117376366A (en) Block chain transaction processing method, device, medium and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination