CN115632774A - Threshold signature-based distributed type language prediction machine implementation method and system - Google Patents
Threshold signature-based distributed type language prediction machine implementation method and system Download PDFInfo
- Publication number
- CN115632774A CN115632774A CN202211296197.9A CN202211296197A CN115632774A CN 115632774 A CN115632774 A CN 115632774A CN 202211296197 A CN202211296197 A CN 202211296197A CN 115632774 A CN115632774 A CN 115632774A
- Authority
- CN
- China
- Prior art keywords
- node
- signature
- public key
- key
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 76
- 238000012795 verification Methods 0.000 claims abstract description 12
- 230000006870 function Effects 0.000 claims description 24
- 238000004590 computer program Methods 0.000 claims description 17
- 238000003860 storage Methods 0.000 claims description 9
- 238000012544 monitoring process Methods 0.000 claims description 6
- 230000008569 process Effects 0.000 abstract description 12
- 230000002776 aggregation Effects 0.000 description 10
- 238000004220 aggregation Methods 0.000 description 10
- 238000010586 diagram Methods 0.000 description 10
- 238000012545 processing Methods 0.000 description 7
- 230000005540 biological transmission Effects 0.000 description 3
- 238000009826 distribution Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 239000000126 substance Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/72—Signcrypting, i.e. digital signing and encrypting simultaneously
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention belongs to the technical field of block chains, and provides a distributed type predictive speech machine implementation method and system based on threshold signatures. The method is applied to a prediction machine network and comprises the following steps: receiving a request event sent by a block chain to establish TLS connection with a specified external data source; according to the request event, the nodes with the private key share use the respective private key share to sign to obtain the respective signature share, and broadcast the signature share; if the owned quantity of the signature shares received by any node in the predictive speaker network exceeds a threshold value t, constructing a complete signature, and sending the complete signature to a block chain; after the block chain passes the verification of the complete signature by adopting the public key, acquiring a callback function specified by the user contract according to the request identifier, and returning the result of executing the callback function to the user contract; wherein the private key share and the public key are: a distributed key generation protocol is employed to generate a respective private key share and public key for each node. The invention does not recover the complete key in the signing process.
Description
Technical Field
The invention belongs to the technical field of block chains, and particularly relates to a distributed type predictive speech machine implementation method and system based on threshold signatures.
Background
The statements in this section merely provide background information related to the present disclosure and may not necessarily constitute prior art.
The block chain system is a closed system, and in order to ensure the consistency of data of each node, the execution of the intelligent contract needs to generate a deterministic and consistent result. If the intelligent contracts are allowed to access external data, the intelligent contract execution results of the nodes may be inconsistent due to network fluctuation, node performance and the like, and consensus cannot be achieved. Therefore, the intelligent contract cannot actively acquire external data through operations such as network calling, file system accessing and the like. Some real-world requirements require intelligent contracts to have the ability to access data in the real world, and so a prediction engine is required to obtain and input data to the intelligent contracts. The prediction machine can be regarded as a trusted intermediary used by the block chain intelligent contract to access external data, and provides a safe data feed service for the intelligent contract, so that the intercommunication of uplink and downlink data on the chain is realized.
The prediction machine needs to protect the security of the process from acquiring data to returning to the chain, and ensure the availability and integrity of the acquired data, namely, the finally returned data comes from a target data source, the data is not tampered in the transmission process, and the requested external data is always accessible, so that a single point of failure is avoided.
The Provable, original Oraclize project, started in 2015, was one of the oracle services that was first used by the etherhouse. The Provariable is a centralized prediction machine, three-party TLS handshake is established among a data source, an auditor and an audited party based on a TLSNotary protocol, the auditor and the audited party respectively hold split TLS key shares, the auditor provides a data authenticity proof, and the data is proved to be from a specified data source. The Provable can prove that the image has not been modified since it was instantiated by running a customized open source system image on the AWS as an auditor. The Provable has a single point of failure problem, and TLSNotary only applies to the TLS versions 1.0 and 1.1.
Town client is the first proposed centralized TEE-based prolog scheme. The Town Crier uses TLS to ensure the safety of the data transmission process between the predictive node and the data source, uses a trusted execution environment provided by Intel SGX to protect the key negotiation and encryption and decryption data packet process in the TLS and the data processing and construction transaction after receiving the data, so that the data uplink process is not tampered, but the Town Crier also has the problems of single point failure and expandability.
Chinese patent application No. 2020114580559 discloses a block chain data uplink method and apparatus based on threshold signature and a prediction machine, which includes a aggregation layer for distributing key shares signed by each node, each node first sends the key shares to the aggregation layer during signature, recovers a complete key at the aggregation layer, and then uses the key for signature. But the complete key is recovered at the aggregation layer, there is a risk of key leakage during the signing process and single point failure of the aggregation layer.
In summary, most of the existing single-node prediction machine schemes protect data security, and even the multi-node prediction machine scheme also has the risk of key leakage in the signing process and single point failure of the aggregation layer.
Disclosure of Invention
In order to solve the technical problems in the background art, the present invention provides a method and a system for implementing a distributed prolog based on threshold signatures, wherein a distributed key generation protocol is used to generate key shares of each node, and each node negotiates to generate the key shares without a third party aggregation layer for distributing keys. During signing, each node firstly generates a respective signature share and then broadcasts the signature shares to other nodes, any node can construct a complete signature after receiving the signature shares exceeding the threshold number, a complete key cannot be recovered in the signing process, and an aggregation layer is not needed for constructing the complete signature, so that the possibility of key leakage and the risk of single point failure of the aggregation layer in the signing process are avoided.
In order to achieve the purpose, the invention adopts the following technical scheme:
the first aspect of the invention provides a distributed type language predictive machine implementation method based on threshold signature.
A distributed language predictive machine implementation method based on threshold signature is applied to a language predictive machine network and comprises the following steps:
receiving a request event sent by a block chain to establish TLS connection with a specified external data source;
according to the request event, the nodes with the private key share use the respective private key share to sign to obtain the respective signature share, and broadcast the signature share;
if the owned quantity of the signature shares received by any node in the predictive speaker network exceeds a threshold value t, constructing a complete signature, and sending the complete signature to a block chain;
after the block chain passes the verification of the complete signature by adopting the public key, acquiring a callback function specified by the user contract according to the request identifier, and returning the result of executing the callback function to the user contract;
wherein the private key share and public key are: a distributed key generation protocol is employed to generate a respective private key share and public key for each node.
Further, the request event includes: a request identification, an external data source address and request parameters, said request identification specifying a specific identification ReqID for the blockchain request.
A second aspect of the present invention provides a distributed prolog implementation method based on threshold signatures.
A threshold signature-based distributed preplan implementation method is applied to a block chain and comprises the following steps:
generating respective private key share and public key for each node by adopting a distributed key generation protocol;
according to a request of a user contract, sending a request event to a prediction machine network so that the prediction machine network establishes TLS connection with a specified external data source according to the request event, and according to the request event, using respective private key shares to sign to obtain respective signature shares and broadcasting;
receiving a complete signature sent by a prediction machine network, wherein the complete signature is constructed when the owned quantity of the signature shares received by any node in the prediction machine network exceeds a threshold value t;
and after the complete signature passes the verification by adopting the public key, acquiring a callback function specified by the user contract according to the request identifier, and returning the result of executing the callback function to the user contract.
Further, the request event includes: the method comprises the steps of requesting identification, an external data source address and request parameters, wherein the requesting identification designates a specific identification ReqID for a block chain request;
a third aspect of the present invention provides a distributed speaker phone implementation system based on threshold signatures.
A threshold signature based distributed speaker implementation system having a computer program stored thereon, which program, when executed by a processor, implements the threshold signature based distributed speaker implementation method of the first aspect or implements the steps in the threshold signature based distributed speaker implementation method of the second aspect.
A fourth aspect of the invention provides a computer-readable storage medium.
A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the threshold signature-based distributed speaker-phone implementation method according to the first aspect or the steps of the threshold signature-based distributed speaker-phone implementation method according to the second aspect.
A fifth aspect of the invention provides a computer apparatus.
A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the threshold signature-based distributed predictive engine implementation method according to the first aspect or implementing the steps in the threshold signature-based distributed predictive engine implementation method according to the second aspect when executing the program.
Compared with the prior art, the invention has the beneficial effects that:
TLS is used between the prophetic machine node and an external data source to ensure the safety of the data transmission process, SGX is used to ensure that the data is not tampered in the process of processing the data and constructing a trade uplink after the prophetic machine node acquires the data, and meanwhile, the remote certification function provided by the SGX can verify whether a new node is credible when the new node is added.
A plurality of nodes of the prediction machine are used for forming a prediction machine network, so that the problem of node single-point failure is avoided; a distributed key generation protocol is used for generating respective private key share for each node, so that a trusted third party is prevented from being introduced; the threshold signature is used for achieving the agreement of the request data among the nodes, and the performance problem caused by the fact that all the nodes directly link the request data and contract performs data processing, aggregation and verification is avoided.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, are included to provide a further understanding of the invention, and are included to illustrate an exemplary embodiment of the invention and not to limit the invention.
FIG. 1 is a flow chart illustrating a threshold signature based distributed prolog-prolog implementation method of the present invention.
Detailed Description
The invention is further described with reference to the following figures and examples.
It is to be understood that the following detailed description is exemplary and is intended to provide further explanation of the invention as claimed. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of exemplary embodiments according to the invention. As used herein, the singular forms "a", "an", and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise.
It should be noted that the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of methods and systems according to various embodiments of the present disclosure. It should be noted that each block in the flowchart or block diagrams may represent a module, a segment, or a portion of code, which may comprise one or more executable instructions for implementing the logical function specified in the respective embodiment. It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Example one
As shown in fig. 1, the present embodiment provides a threshold signature-based distributed prolog-speaker implementation method, which includes the following steps:
receiving a request event sent by a block chain to establish TLS connection with a specified external data source;
according to the request event, the nodes with the private key share use the respective private key share to sign to obtain respective signature share, and broadcast the signature share;
if the owned quantity of the signature shares received by any node in the prediction machine network exceeds a threshold value t, constructing a complete signature, and sending the complete signature to a block chain;
after the block chain verifies the complete signature by adopting the public key, acquiring a callback function specified by the user contract according to the request identifier, and returning the result of executing the callback function to the user contract;
wherein the private key share and public key are: a distributed key generation protocol is employed to generate a respective private key share and public key for each node.
Example two
The embodiment provides a distributed type language predictive machine implementation method based on threshold signatures.
A threshold signature-based distributed preplan implementation method is applied to a block chain and comprises the following steps:
generating respective private key share and public key for each node by adopting a distributed key generation protocol;
according to a request of a user contract, sending a request event to a prediction machine network so that the prediction machine network establishes TLS connection with a specified external data source according to the request event, and according to the request event, using respective private key shares to sign to obtain respective signature shares and broadcasting;
receiving a complete signature sent by a prediction machine network, wherein the complete signature is constructed when the owned quantity of the signature shares received by any node in the prediction machine network exceeds a threshold value t;
and after the complete signature passes the verification by adopting the public key, acquiring a callback function specified by the user contract according to the request identifier, and returning the result of executing the callback function to the user contract.
The first embodiment and the second embodiment adopt the same substance, and the specific implementation schemes of the first embodiment and the second embodiment are described herein, and the whole scheme comprises a blockchain, a prediction machine service and an external data source.
The trusted execution environment in the scheme is provided by using an Intel SGX technology, and the SGX provides a remote certification function, so that the code and data protected in the trusted environment can be verified to be not tampered.
The threshold signature in the scheme uses a BLS threshold signature scheme, and the threshold signature scheme can be roughly divided into four stages of key distribution, signature, complete signature recovery and signature verification. The scheme uses a distributed key generation protocol in a key distribution stage, and can calculate respective private key shares and a public key for verifying a complete signature for each node without a trusted third party. In the signature stage, multiple parties having private key shares can generate respective signature shares, and a complete signature can be constructed by having t signature shares of which the number exceeds a threshold value. The signature verification stage can verify the signature by using the public key generated in the key generation stage.
The realization of the prediction machine service comprises two parts of a chain uplink and a chain downlink, wherein the chain downlink is a prediction machine network consisting of a plurality of prediction machine nodes, each node runs in a trusted execution environment provided by Intel SGX and is responsible for monitoring various events issued by a prediction machine contract on the chain, executing distributed key generation, acquiring data, generating respective signature share for a data signature, constructing a complete signature, constructing a transaction uplink and the like. The on-chain portion is a plurality of predictive machine contracts including: the node management contract NodeManagerContract is used for recording information of each node in the current prediction machine network, such as an account address, a network address and the like of the node on a chain, and simultaneously providing a new node registration and node information query method; the key management contract KeyManagerContract is used for storing a public key which is generated by the whole prediction machine network executing the distributed key generation protocol and used for verifying a complete signature, and calculating a threshold value according to the number of nodes of the current prediction machine; the president contract OracleContract is used for providing a method for requesting external data for a user contract and providing a method for returning data for a president node.
Adding a new node: when a new prophetic machine node is added, firstly, a registration method Transaction (node manager contract. Register, account addr, netAddr) provided by the node management contract needs to be executed, a block chain account address and a network address of the node management contract is registered, the node management contract issues a registration event log register event (account addr, netAddr) containing a new node account address and a network address, after the existing prophetic machine node monitors a registration event, a remote certification request is initiated to the new node, the new node generates an SGX remote certification for other nodes to verify, after the verification is passed, the new node is added into the prophetic machine network, the node management contract stores the identity information of the new node, the key management contract calculates a threshold value and issues a key generation event KeyGenent (t), after the node monitors the event, a distributed key generation protocol is executed, a private key share KeyShareissued of each node and a public key bKey for verifying a complete signature are added, after any node cochains the public key, the public key is cochain, other nodes do not need to verify whether the public key share of cochain correctly, and only need to be cochain. If the node finds that the uplink public key is different from the locally generated public key, a public key dispute method Transaction (keymanager contract. Diapute, account addr) provided by the key management contract is executed, and when the node disputed to the correctness of the current public key exceeds a threshold value, the distributed key generation protocol is executed again.
User contracts request external data: the external data source can be any data source that can be accessed through TLS. When a user contract needs to obtain external data, calling a method for requesting the external data provided by the pre-language machine contract, transmitting an external data source address, request parameters and a callback function Transaction (Oracle Contract. Request, reqAddress, reqParams, callbackFunc), assigning a specific identifier ReqID for the request by the pre-language machine contract, storing the request, simultaneously issuing an event log RequestEvent (ReqID, reqAddress, reqParams) containing the identifier, the external data source address and the request parameters, executing the request after monitoring the event by the pre-language machine node, establishing TLS connection with the specified external data source, obtaining data according to the request parameters, signing by using respective signature share to obtain respective signature share Signi, and broadcasting the respective calculated signature by each node, according to the principle of threshold signature, when the number of the same signature shares received by any node in the predictive phone network exceeds a threshold value t, a complete signature Sign can be calculated, the first node which calculates the complete signature broadcasts the complete signature, other nodes are informed to stop calculating and construct a data returning method provided by a Transaction calling predictive phone contract, the Result and the complete signature uplink Transaction (OracleContract. Response, reqID, result, sign) are verified by using a public key stored in a key management contract after the Result and the signature are received by the predictive phone contract, a callback function specified by a user contract is obtained according to the ReqID after the verification is passed, and the callback function is executed to return the Result to the user contract Transaction (UserContract. CallbackFunc, result).
EXAMPLE III
The embodiment provides a distributed language predictive engine implementation system based on threshold signatures.
A threshold signature based distributed speaker implementation system, on which a computer program is stored, which when executed by a processor implements the threshold signature based distributed speaker implementation method according to embodiment one or implements the steps in the threshold signature based distributed speaker implementation method according to embodiment two.
Example four
The present embodiment provides a computer-readable storage medium, on which a computer program is stored, which when executed by a processor implements the threshold signature-based distributed language predictive engine implementation method according to the first embodiment or the steps in the threshold signature-based distributed language predictive engine implementation method according to the second embodiment.
EXAMPLE five
The present embodiment provides a computer device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and when the processor executes the program, the processor implements the threshold signature-based distributed language predictive engine implementation method according to embodiment one or implements the steps in the threshold signature-based distributed language predictive engine implementation method according to embodiment two.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of a hardware embodiment, a software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, optical storage, and the like) having computer-usable program code embodied therein.
The present invention has been described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above may be implemented by a computer program, which may be stored in a computer readable storage medium and executed by a computer to implement the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. A distributed language predictive machine implementation method based on threshold signature is applied to a language predictive machine network and comprises the following steps:
receiving a request event sent by a block chain to establish TLS connection with a specified external data source;
according to the request event, the nodes with the private key share use the respective private key share to sign to obtain respective signature share, and broadcast the signature share;
if the owned quantity of the signature shares received by any node in the prediction machine network exceeds a threshold value t, constructing a complete signature, and sending the complete signature to a block chain;
after the block chain verifies the complete signature by adopting the public key, acquiring a callback function specified by the user contract according to the request identifier, and returning the result of executing the callback function to the user contract;
wherein the private key share and public key are: a distributed key generation protocol is employed to generate a respective private key share and public key for each node.
2. The threshold signature-based distributed predictive engine implementing method of claim 1, wherein the request event comprises: a request identification, an external data source address and request parameters, said request identification specifying a specific identification ReqID for the blockchain request.
3. The threshold signature-based distributed predictive engine implementing method of claim 1, wherein the blockchain comprises:
the node management contract is used for recording the information of each node in the current prediction machine network and providing a new node registration and node information query method;
the key management contract is used for storing a public key which is generated by the whole prediction machine network executing the distributed key generation protocol and used for verifying the complete signature, and calculating a threshold value according to the number of the current prediction machine nodes;
the president contract is used for providing a method for requesting external data for the user contract and providing a method for returning data for the president node.
4. The method for implementing the distributed pre-talker based on the threshold signature as claimed in claim 3, wherein when a new pre-talker node is added, a registration method provided by a node management contract is executed to register a block chain account address and a network address of the node, the node management contract issues a registration event log including the account address and the network address of the new node, after monitoring a registration event, a remote attestation request is initiated to the new node by the current pre-talker node, the new node generates an SGX remote attestation to be verified by other nodes, after the verification passes, the new node is added to the pre-talker network, the node management contract stores identity information of the new node, the key management contract calculates a threshold value t and issues a key generation event, after monitoring the event, the node executes a distributed key generation protocol, and regenerates shares of each node and a public key for verifying a complete signature.
5. The method of claim 4, wherein after any node chains the public key, other nodes do not chain the public key any more, and only need to verify whether the chain public key is correct; if the node finds that the uplink public key is different from the locally generated public key, a public key dispute method provided by a key management contract is executed; when the node disputed to the correctness of the current public key exceeds the threshold value, the distributed key generation protocol is re-executed.
6. A distributed preplan realization method based on threshold signature is applied to a block chain and comprises the following steps:
generating respective private key share and public key for each node by adopting a distributed key generation protocol;
according to a request of a user contract, sending a request event to a prediction machine network so that the prediction machine network establishes TLS connection with a specified external data source according to the request event, and according to the request event, using respective private key shares to sign to obtain respective signature shares and broadcasting;
receiving a complete signature sent by a prediction machine network, wherein the complete signature is constructed when the owned quantity of the signature shares received by any node in the prediction machine network exceeds a threshold value t;
and after the complete signature passes the verification by adopting the public key, acquiring a callback function specified by the user contract according to the request identifier, and returning the result of executing the callback function to the user contract.
7. The threshold signature-based distributed predictive engine implementing method of claim 6, wherein the request event comprises: the method comprises the steps of requesting identification, an external data source address and request parameters, wherein the requesting identification designates a specific identification ReqID for a block chain request;
or, the blockchain comprises:
the node management contract is used for recording the information of each node in the current prediction machine network and providing a new node registration and node information query method;
the key management contract is used for storing a public key which is generated by the whole prediction machine network executing the distributed key generation protocol and used for verifying a complete signature, and calculating a threshold value according to the number of the current prediction machine nodes;
the president machine contract is used for providing a method for requesting external data for the user contract and providing a method for returning data for the president machine node;
or, when a new talker node is added, a registration method provided by a node management contract is executed, a block chain account address and a network address of the node are registered, the node management contract issues a registration event log containing the account address and the network address of the new node, after monitoring a registration event, the existing talker node initiates a remote certification request to the new node, the new node generates an SGX remote certification for other nodes to verify, after the verification, the new node is added to the talker network, the node management contract stores new node identity information, the key management contract calculates a threshold t and issues a key generation event, after monitoring the event, the node executes a distributed key generation protocol, and regenerates a private key share of each node and a public key for verifying a complete signature;
or after any node uplinks the public key, other nodes do not uplink the public key any more, and only need to verify whether the uplinked public key is correct or not; if the node finds that the uplink public key is different from the locally generated public key, executing a public key dispute method provided by a key management contract; when the node disputed to the correctness of the current public key exceeds a threshold value, the distributed key generation protocol is re-executed.
8. A threshold signature based distributed prolog-tor implementation system, on which a computer program is stored, which program, when being executed by a processor, is adapted to carry out the threshold signature based distributed prolog-tor implementation method of any one of the claims 1 to 5 or to carry out the steps of the threshold signature based distributed prolog-tor implementation method of any one of the claims 6 to 7.
9. A computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, implements the threshold signature-based distributed oracle-implementing method of any one of claims 1 to 5 or the steps of the threshold signature-based distributed oracle-implementing method of any one of claims 6 to 7.
10. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program implements the threshold signature based distributed prolog-tor implementation method of any one of claims 1 to 5 or implements the steps in the threshold signature based distributed prolog-tor implementation method of any one of claims 6 to 7.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211296197.9A CN115632774A (en) | 2022-10-21 | 2022-10-21 | Threshold signature-based distributed type language prediction machine implementation method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211296197.9A CN115632774A (en) | 2022-10-21 | 2022-10-21 | Threshold signature-based distributed type language prediction machine implementation method and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115632774A true CN115632774A (en) | 2023-01-20 |
Family
ID=84906611
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211296197.9A Pending CN115632774A (en) | 2022-10-21 | 2022-10-21 | Threshold signature-based distributed type language prediction machine implementation method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115632774A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116668024A (en) * | 2023-07-28 | 2023-08-29 | 杭州趣链科技有限公司 | Distributed key generation method and device, electronic equipment and storage medium |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112507360A (en) * | 2020-12-10 | 2021-03-16 | 浙商银行股份有限公司 | Block chain data uplink method and device based on threshold signature and prediction machine |
CN112994891A (en) * | 2019-12-18 | 2021-06-18 | 中国移动通信集团浙江有限公司 | Transaction request consensus method and system based on threshold signature |
CN113779642A (en) * | 2021-09-02 | 2021-12-10 | 国网北京市电力公司 | Data processing method and device, system and electronic equipment thereof |
-
2022
- 2022-10-21 CN CN202211296197.9A patent/CN115632774A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112994891A (en) * | 2019-12-18 | 2021-06-18 | 中国移动通信集团浙江有限公司 | Transaction request consensus method and system based on threshold signature |
CN112507360A (en) * | 2020-12-10 | 2021-03-16 | 浙商银行股份有限公司 | Block chain data uplink method and device based on threshold signature and prediction machine |
CN113779642A (en) * | 2021-09-02 | 2021-12-10 | 国网北京市电力公司 | Data processing method and device, system and electronic equipment thereof |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116668024A (en) * | 2023-07-28 | 2023-08-29 | 杭州趣链科技有限公司 | Distributed key generation method and device, electronic equipment and storage medium |
CN116668024B (en) * | 2023-07-28 | 2023-10-31 | 武汉趣链数字科技有限公司 | Distributed key generation method and device, electronic equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110933108B (en) | Data processing method and device based on block chain network, electronic equipment and storage medium | |
CN111092726B (en) | Method and device for generating shared contract key | |
CN113438289B (en) | Block chain data processing method and device based on cloud computing | |
CN111144881B (en) | Selective access to asset transfer data | |
CN112329041B (en) | Method and device for deploying contracts | |
CN107231351B (en) | Electronic certificate management method and related equipment | |
CN111461723B (en) | Data processing system, method and device based on block chain | |
KR102145701B1 (en) | Prevent false display of input data by participants in secure multi-party calculations | |
US20200076602A1 (en) | Trusted identity solution using blockchain | |
CN109067528B (en) | Password operation method, work key creation method, password service platform and equipment | |
CN111047450A (en) | Method and device for calculating down-link privacy of on-link data | |
EP3540628A1 (en) | Mechanism for efficient validation of finality proof in lightweight distributed ledger clients | |
CN111092727A (en) | Method and device for sharing cluster key | |
CN102170440B (en) | Method suitable for safely migrating data between storage clouds | |
CN111090876A (en) | Contract calling method and device | |
CN110599095B (en) | Block chain network-based hazardous waste treatment method and node of block chain network | |
CN111797159A (en) | Information management and access control in a database | |
CN113328997B (en) | Alliance chain crossing system and method | |
JP2021524962A (en) | Automatic data projection to smart contract groups on the blockchain | |
CN111159753B (en) | Block chain intelligent contract management method and system, storage medium and terminal | |
CN111698198B (en) | Secret generation and share distribution | |
CN114710370B (en) | Fine-grained access control method and system based on fog block chain and attribute encryption | |
CN115632774A (en) | Threshold signature-based distributed type language prediction machine implementation method and system | |
CN109960512B (en) | Software deployment method and system | |
CN113112269B (en) | Multiple signature method, computer device, and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |