CN116488816A

CN116488816A - Data processing method, device and storage medium based on blockchain network

Info

Publication number: CN116488816A
Application number: CN202210036407.4A
Authority: CN
Inventors: 刘汉卿; 王宗友; 蓝虎; 朱耿良; 时一防; 廖志勇; 张劲松; 刘区城; 郭英杰
Original assignee: Tencent Technology Shenzhen Co Ltd
Current assignee: Tencent Technology Shenzhen Co Ltd
Priority date: 2022-01-13
Filing date: 2022-01-13
Publication date: 2023-07-25

Abstract

The embodiment of the application provides a data processing method, a device and a storage medium based on a blockchain network, wherein the method comprises the following steps: the method comprises the steps that a first service node obtains a target data set, wherein the target data set comprises a zero-knowledge proving circuit, verifying party public data and proving party public data, and the zero-knowledge proving circuit is generated by a second service node based on target processing logic; the first service node generates a verification certificate according to the target data set, wherein the verification certificate comprises updated public data of a verifier, first proof data corresponding to K input data and second proof data; the first service node sends a data verification instruction to the second service node, wherein the data verification instruction is used for instructing the second service node to verify the K input data and the target processing logic according to the verification certificate, so that the complexity of the zero knowledge proof circuit can be effectively reduced, and the verification of the data and the corresponding processing logic can be efficiently and accurately realized.

Description

Data processing method, device and storage medium based on blockchain network

Technical Field

The present disclosure relates to the field of computer technologies, and in particular, to a data processing method and apparatus based on a blockchain network, and a storage medium.

Background

Zero knowledge proof (zero knowledge proof, zkp) refers to the fact that a prover can prove the existence and correctness of a certain assertion to the verifier without providing the verifier with any valid information. Currently, zero knowledge proof can be generally achieved using zk-snark techniques, where zflash is one specific application that uses zk-snark techniques. However, the current zero-knowledge proof circuit constructed based on zk-snark technology is generally complex, the circuit comprises calculation logic for obtaining an input hash value and the like, the initialization time of the circuit and the generation proof time of the circuit are long, the constraint quantity of the zero-knowledge proof converted by the calculation logic occupies more than 99% of the constraint quantity of the whole circuit, the zero-knowledge proof circuit is complex in structure and huge in scale, the data verification efficiency is low when the zero-knowledge proof is carried out, and the application prospect is limited.

Disclosure of Invention

The embodiment of the application provides a data processing method, a device and a storage medium based on a blockchain network, which can effectively reduce the complexity of a zero knowledge proof circuit and can efficiently and accurately realize the verification of data and corresponding processing logic.

In a first aspect, an embodiment of the present application provides a data processing method based on a blockchain network, where the method includes:

a first service node of a blockchain network acquires a target data set, wherein the target data set comprises a zero knowledge proof circuit, verifying party public data and proving party public data, and the zero knowledge proof circuit is generated by a second service node of the blockchain network based on target processing logic;

the first service node generates a verification certificate according to the target data set, wherein the verification certificate comprises updated public data of a verifier, first proving data corresponding to K input data and second proving data, and K is an integer greater than or equal to 1;

the first service node sends a data verification instruction to the second service node, wherein the data verification instruction is used for instructing the second service node to verify the K input data and the target processing logic according to the verification certificate.

In a second aspect, embodiments of the present application provide another data processing method based on a blockchain network, where the method includes:

a second service node of the blockchain network sends a target data set to a first service node, wherein the target data set comprises a zero-knowledge proving circuit, verifying party public data and proving party public data, and the zero-knowledge proving circuit is generated by the second service node based on target processing logic;

The second service node receives a data verification instruction sent by the first service node after generating a verification credential according to the target data set, wherein the verification credential comprises updated public data of a verifier, first proof data corresponding to K pieces of input data and second proof data, and K is an integer greater than or equal to 1;

and the second service node responds to the data verification instruction to verify the K input data and the target processing logic according to the verification certificate.

In a third aspect, an embodiment of the present application provides a data processing apparatus, including:

the system comprises an acquisition module, a verification module and a processing module, wherein the acquisition module is used for acquiring a target data set, the target data set comprises a zero-knowledge proving circuit, verifying party public data and proving party public data, and the zero-knowledge proving circuit is generated by a second service node of a blockchain network based on target processing logic;

the processing module is used for generating a verification certificate according to the target data set, wherein the verification certificate comprises updated public data of a verifier, first proving data corresponding to K pieces of input data and second proving data, and K is an integer greater than or equal to 1;

And the sending module is used for sending a data verification instruction to the second service node, wherein the data verification instruction is used for instructing the second service node to verify the K input data and the target processing logic according to the verification certificate.

In a fourth aspect, embodiments of the present application provide another data processing apparatus, the apparatus including:

a transmitting module configured to transmit a target data set to a first service node of a blockchain network, where the target data set includes a zero-knowledge proof circuit, verifier public data, and prover public data, where the zero-knowledge proof circuit is generated by a second service node of the blockchain network based on target processing logic;

the receiving module is used for receiving a data verification instruction sent by the first service node after generating a verification certificate according to the target data set, wherein the verification certificate comprises updated public data of a verifier, first proof data corresponding to K pieces of input data and second proof data, and K is an integer greater than or equal to 1;

and the verification module is used for responding to the data verification instruction and verifying the K input data and the target processing logic according to the verification certificate.

In a fifth aspect, an embodiment of the present application provides a computer apparatus, where the computer apparatus includes a processor, a network interface, and a storage device, where the processor, the network interface, and the storage device are connected to each other, and the network interface is controlled by the processor to send and receive data, and the storage device is used to store a computer program, where the computer program includes program instructions, and the processor is configured to invoke the program instructions to perform the data processing method based on a blockchain network according to the first aspect or the second aspect.

In a sixth aspect, embodiments of the present application provide a computer readable storage medium storing a computer program comprising program instructions for execution by a processor to perform the blockchain network-based data processing method of the first or second aspect.

In a seventh aspect, embodiments of the present application provide a computer program product comprising a computer program, wherein the computer program when executed by a computer processor implements the blockchain network-based data processing method according to the first or second aspect.

In the embodiment of the application, a first service node of a blockchain network acquires a target data set, wherein the target data set comprises a zero knowledge proving circuit, verifying party public data and proving party public data, and the zero knowledge proving circuit is generated by a second service node based on target processing logic; the first service node generates a verification certificate according to the target data set, wherein the verification certificate comprises updated public data of a verifier, first proof data corresponding to K input data and second proof data; the first service node sends the data verification instruction to the second service node to instruct the second service node to verify the K input data and the target processing logic according to the verification certificate, the zero-knowledge proof circuit generated by the embodiment of the application does not need to include calculation logic for solving a hash value of the input data, the complexity of the zero-knowledge proof circuit can be effectively reduced, and the verification of the data and the corresponding processing logic can be efficiently and accurately realized through the two pieces of the first proof data and the second proof data.

Drawings

In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained from these drawings without inventive effort.

FIG. 1a is a schematic diagram of a data processing system according to an embodiment of the present application;

FIG. 1b is a block chain architecture diagram according to one embodiment of the present application;

FIG. 1c is a schematic diagram of a process for generating a new block according to an embodiment of the present application;

FIG. 2 is a flowchart of a data processing method based on a blockchain network according to an embodiment of the present disclosure;

FIG. 3 is a flowchart of another data processing method based on a blockchain network according to an embodiment of the present application;

FIG. 4 is a schematic diagram of an overall implementation of a zero knowledge proof provided by an embodiment of the present application;

FIG. 5 is a flow chart of yet another data processing method based on a blockchain network according to an embodiment of the present application;

fig. 6a is a schematic diagram of an application scenario with zero knowledge proof provided in an embodiment of the present application;

fig. 6b is a schematic diagram of another application scenario with zero knowledge proof provided in an embodiment of the present application;

fig. 7 is a schematic flow chart of a data verification method according to an embodiment of the present application;

FIG. 8 is a schematic diagram of a data processing apparatus according to an embodiment of the present application;

FIG. 9 is a schematic diagram of another data processing apparatus according to an embodiment of the present application;

Fig. 10 is a schematic structural diagram of a computer device according to an embodiment of the present application.

Detailed Description

The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all, of the embodiments of the present application. All other embodiments obtained without inventive effort based on the embodiments herein fall within the scope of the protection of the present application.

Zero knowledge proof (zero knowledge proof, zkp): by zero knowledge proof, the prover can prove the existence and correctness of a certain assertion to the verifier without providing any valid information to the verifier. During a zero knowledge proof, the prover needs to interact with the verifier multiple times (without valid information).

Zero-knowledge compact non-interactive knowledge demonstration (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge, zk-snark): zk-snark achieves the goal of non-interaction at the expense of bearing a degree of disputes. This is the distinction between the image in zk-snark and the proof in zkp. Zk-snark is controversial when the prover has the computational power to break public key encryption. Currently, this probability is extremely low. The zk-snark has the advantage that the generated certification volume is small, and the verification cost is constant irrespective of the calculated amount of the content to be certified.

Sigma protocol: the Sigma protocol is also essentially a zero knowledge proof technique, i.e. the proving party claims to know the value of a key x and prove to the verifying party the knowledge of x without revealing x. The Sigma protocol is an interactive solution that requires multiple interactions between the proving party and the verifying party. Because the protocol has multiple interactions, a verifier who does not execute the interactions cannot judge whether the whole process has the condition of fraud of both sides of the interactions, and the sigma protocol cannot disclose the verification.

Schnorr protocol: the Schnorr protocol is one of the Sigma protocols. But the schnorr protocol requires only one-way interaction. The Schnorr protocol may be used to generate Schnorr signatures and may also be used for commitment schemes.

Merck (Merkle) tree, merkle root: merkle trees are a typical binary tree structure consisting of a root node (Merkle root), a set of intermediate nodes, and a set of leaf nodes. The lowest leaf node stores data or hash values of the data, and other nodes store hash values of the contents of the corresponding two child nodes.

Referring to fig. 1a, a schematic architecture diagram of a data processing system according to an embodiment of the present application is provided, where the data processing system includes a service network 11, a core network 12, and a terminal device 13, and the method includes:

The traffic network 11 and the core network 12 together form a blockchain network. A blockchain network refers to a network for data sharing between node devices, and a plurality of node devices may be included in the blockchain network. Each node device may receive input information while operating normally and maintain shared data (i.e., blockchains) within the blockchain network based on the received input information. In order To ensure information intercommunication in the blockchain network, information connection can exist between every two node devices, point-To-point (P2P) communication can be realized between any two node devices, and particularly P2P communication can be performed through a wired communication link or a wireless communication link. For example, when any node device in the blockchain network receives input information, other node devices acquire the input information according to a consensus algorithm, and store the input information as data in shared data, so that the data stored on all node devices in the blockchain network are consistent.

The core network 12 is composed of a plurality of consensus nodes 102, the service network 11 is composed of a plurality of service nodes 101, and the nodes in the service network 11 mainly perform service execution, do not perform billing consensus, but obtain block header data and block data with visible partial authorization from the core network 12 by means of identity authentication. The nodes in the core network 12 are primarily responsible for consensus of transaction data, which is packaged into blocks for consensus accounting.

In some possible embodiments, a routing agent layer may be provided between the service network 11 and the core network 12, wherein the routing agent layer acts as a barrier to the service network 11 and the core network 12.

The terminal device 13 may access the blockchain network and may communicate with node devices in the blockchain network (such as the node 101 of the service network 11), for example, submit transaction requests, such as transfer requests, payment requests, data query requests, etc., to the node devices. The terminal device 13 may be a smart phone, a tablet computer, a notebook computer, a desktop computer, an on-vehicle intelligent terminal, etc., which is not limited in this embodiment.

It should be noted that the number of nodes 101, 102 shown in fig. 1a is merely illustrative, and any number of nodes may be deployed according to actual needs.

Each node device in the blockchain network has a node identifier corresponding to the node device, and each node device in the blockchain network can store the node identifiers of other node devices in the blockchain network, so that the generated blocks can be broadcasted to other node devices in the blockchain network according to the node identifiers of the other node devices. Each node device may maintain a node identifier list as shown in the following table, and store the node name and the node identifier in the node identifier list correspondingly. The node identifier may be an internet protocol (Internet Protocol, IP) address, or any other information that can be used to identify the node, and the table is described only by way of example as an IP address.

Node name	Node identification
		Node 1	117.114.151.174
Node 2	117.116.189.145
		…	…
Node N	119.123.789.258

Wherein each node device in the blockchain network stores one and the same blockchain. The blockchain is composed of a plurality of blocks, see fig. 1b, the blockchain is composed of a plurality of blocks, the starting block comprises a block head and a block body, the block head stores an input information characteristic value, a version number, a time stamp and a difficulty value, and the block body stores input information; the next block of the starting block takes the starting block as a father block, the next block also comprises a block head and a block body, the block head stores the input information characteristic value of the current block, the block head characteristic value of the father block, the version number, the timestamp and the difficulty value, and the like, so that the block data stored in each block in the block chain are associated with the block data stored in the father block, and the safety of the input information in the block is ensured.

When each block in the blockchain is generated, referring to fig. 1c, when the node device where the blockchain is located receives input information, checking the input information, after the checking is completed, storing the input information into a memory pool, and updating a hash tree used for recording the input information; then, updating the update time stamp to the time of receiving the input information, trying different random numbers, and calculating the characteristic value for a plurality of times, so that the calculated characteristic value can meet the following formula:

SHA256(SHA256(version+prev_hash+merkle_root+ntime+nbits+x))<TARGET

Wherein SHA256 is a eigenvalue algorithm used to calculate eigenvalues; version (version number) is version information of the related block protocol in the block chain; the prev_hash is the block header characteristic value of the parent block of the current block; the merkle_root is a characteristic value of input information; ntime is the update time of the update timestamp; the nbits is the current difficulty, is a fixed value in a period of time, and is determined again after exceeding a fixed period of time; x is a random number; TARGET is a eigenvalue threshold that can be determined from nbits.

Thus, when the random number meeting the formula is calculated, the information can be correspondingly stored to generate the block head and the block body, and the current block is obtained. And then, the node equipment of the block chain respectively sends the newly generated blocks to other node equipment in the block chain network according to the node identification of other node equipment in the block chain network, the other node equipment checks the newly generated blocks, and the newly generated blocks are added into the stored block chain after the checking is completed.

The node device of the blockchain network can run intelligent contracts, the intelligent contracts are code implementation for executing when certain conditions are met, contract logic can be defined through programming language, the intelligent contracts are issued to the blockchain (intelligent contract registration), keys are called or other events are triggered to execute according to the logic of contract clauses, the contract logic is completed, and meanwhile functions of upgrading and logging off the intelligent contracts are provided.

In some possible embodiments, taking an example that a certain service node 101 (such as a first service node) in the blockchain network needs to prove that K pieces of input data pass through processing logic specified by a second service node to other service nodes 101 (such as the second service node), where the K pieces of input data specifically refer to data that belongs to the first service node and is not disclosed externally, the K pieces of input data may be stored in a local storage space by the first service node, or may be stored by a service node specified in the blockchain network, and the embodiment of the application is not limited; processing logic may be specifically an arithmetic rule for data. Specifically, the first service node may obtain a target data set, where the target data set includes a zero-knowledge proof circuit, verifier public data, and prover public data, and the zero-knowledge proof circuit is generated by the second service node based on the target processing logic; the first service node generates a verification certificate according to the target data set, wherein the verification certificate comprises updated public data of a verifier, first proving data corresponding to K input data and second proving data, and K is an integer greater than or equal to 1; the first service node sends the data verification instruction to the second service node, where the data verification instruction is used to instruct the second service node to verify the K input data and the target processing logic according to the verification credentials, and it can be seen that the embodiment of the application directly generates the zero-knowledge proof circuit based on the target processing logic, so that the zero-knowledge proof circuit does not need to perform hash operation on the input data, and only needs to pay attention to specific operation logic on the input data, and by generating two pieces of proof data, namely, the first proof data and the second proof data, a verifier can verify whether the input data is processed by the target processing logic or not, and can verify the authenticity of the input data, thereby greatly reducing design complexity of the zero-knowledge proof circuit, and efficiently and accurately implementing verification of the data and the corresponding processing logic.

It can be seen that, according to the embodiment of the application, the service node can prove the existence of the calculation logic, the reliability of the calculation data source and the correctness of the calculation result to other nodes through the zero knowledge proof on the premise that the input is not disclosed, the complexity of the zero knowledge proof circuit can be greatly reduced, and the zero knowledge proof can be efficiently generated on the premise that the input is invisible and the input correctness is ensured.

The implementation details of the technical solutions of the embodiments of the present application are described in detail below:

referring to fig. 2, a flowchart of a data processing method based on a blockchain network provided by the data processing system shown in fig. 1a according to an embodiment of the present application may be applied to the service node 101 in fig. 1a, for example, the first service node, and specifically may include the following steps:

201. the first service node obtains a target data set comprising a zero-knowledge proof circuit, verifier public data, and prover public data, the zero-knowledge proof circuit being generated by the second service node based on target processing logic.

Specifically, the first service node may receive the target data set sent by the second service node; or after determining the target data set, the second service node writes the target data set into the blockchain, and the first service node can acquire the target data set from the blockchain; alternatively, the second service node may write a portion of the data in the target data set into the blockchain, e.g., write verifier common data into the blockchain, and send the zero knowledge proof circuit in the target data set and the prover common data to the first service node, which obtains the verifier common data in the target data set from the blockchain.

The zero knowledge proof circuit is generated by the second service node based on target processing logic, the target processing logic can be provided by the second service node and can be disclosed, the target processing logic specifically refers to logic for processing data according to a certain calculation rule, for example, the target processing logic can be logic for carrying out summation calculation on each input data, so that the generated zero knowledge proof circuit does not need to carry out operations such as hash calculation or promise calculation on the input data, only needs to pay attention to specific operation logic on the input data, and the complexity of the zero knowledge proof circuit is effectively reduced.

202. The first service node generates a verification certificate according to the target data set, wherein the verification certificate comprises updated public data of a verifier, first proof data corresponding to K input data and second proof data.

Wherein K is an integer greater than or equal to 1. The K input data specifically refers to data which belongs to the first service node and is not disclosed externally, for example, data such as an asset amount of the first service node, and the K input data needs to be processed through the target processing logic.

Specifically, the first service node may generate two pieces of certification data according to the target data set, where the two pieces of certification data include first certification data corresponding to K pieces of input data, and second certification data corresponding to each piece of input data, where the first certification data may be zk-srna K certification generated based on zk-srna, and the second certification data may be schnorr certification generated based on the schnorr protocol, and in addition, the first service node further includes updated public data of the verifier, for example, may update the public data of the verifier based on the K pieces of input data.

203. The first service node sends a data verification instruction to the second service node, wherein the data verification instruction is used for instructing the second service node to verify the K input data and the target processing logic according to the verification certificate.

Specifically, after the first service node generates the verification credentials, the first service node sends a data verification instruction to the second service node, and the second service node verifies the K input data and the target processing logic according to the verification credentials, so that the second service node serving as a verification party can verify whether the input data is processed by the target processing logic or not and can verify the authenticity of the input data through the first verification data and the second verification data, and verification of the data and the corresponding processing logic can be efficiently and accurately realized.

In the embodiment of the application, a first service node acquires a target data set, wherein the target data set comprises a zero-knowledge proving circuit, verifying party public data and proving party public data, and the zero-knowledge proving circuit is generated by a second service node based on target processing logic; the first service node generates a verification certificate according to the target data set, wherein the verification certificate comprises updated public data of a verifier, first proof data corresponding to K input data and second proof data; the first service node sends a data verification instruction to the second service node, wherein the data verification instruction is used for instructing the second service node to verify the K input data and the target processing logic according to the verification certificate, the generated zero-knowledge proof circuit does not need to include calculation logic for solving hash values of the input data, the complexity of the zero-knowledge proof circuit can be effectively reduced, and the verification of the data and the corresponding processing logic can be efficiently and accurately realized through the two data of the first proof data and the second proof data.

Referring to fig. 3, a flowchart of another data processing method based on a blockchain network provided by the data processing system shown in fig. 1a according to an embodiment of the present application may be applied to the service node 101 in fig. 1a, for example, the first service node, and specifically may include the following steps:

301. the first service node obtains a target data set comprising a zero-knowledge proof circuit, verifier public data, and prover public data, the zero-knowledge proof circuit being generated by the second service node based on target processing logic.

The public data of the verification party comprises a first base point corresponding to each input data in K input data and a second base point corresponding to each output data in N output data, wherein N is an integer greater than or equal to 1. The N output data refer to data output after the K input data are processed by the target processing logic.

302. And the first service node generates first proving data corresponding to K pieces of input data according to the zero knowledge proving circuit and the proving party public data, wherein the first proving data comprises N pieces of output data and K pieces of input data after hiding processing.

Specifically, the first service node may generate third proving data corresponding to the K input data according to the zero knowledge proving circuit and proving party public data, where the third proving data includes plaintext data of the N output data and plaintext data of the K input data; because the K input data belong to the first service node and are unpublishable data, the first service node needs to perform hiding processing on the K input data included in the third proof data to obtain first proof data corresponding to the K input data, where a hiding processing manner may be to set all of the K input data to 1.

In some possible embodiments, the first service node may input the K input data into the zero-knowledge proof circuit, obtain N corresponding output data by running the zero-knowledge proof circuit, and process the K input data, the N output data, and the public data of the proving party by using zk-snark algorithm to generate third proving data corresponding to the K input data, where the third proving data is zk-snark proof, and the first proving data may be regarded as updated zk-snark proof.

In some possible embodiments, before generating the first proof data, the first service node needs to obtain the K input data, and specifically may query whether the local storage space stores the K input data; if not, the first service node sends an input data acquisition request to a third service node of the blockchain network, and the first service node receives the K input data sent by the third service node in response to the input data acquisition request, where the K input data may be stored in a service node specified in the blockchain network (e.g., the third service node). It should be noted that the number of the third service nodes may be one or more, and if the number of the third service nodes is more than one, each third service node may store a part of the input data of the first service node.

303. And the first service node updates the first base point included in the public data of the verifier according to the K input data to obtain updated public data of the verifier.

In this embodiment, when the verifier (i.e., the second service node) generates the zero-knowledge proof circuit, all of the K input data and the N output data are considered as being able to be disclosed, and the generated public data of the verifier may include (k+n) base points, for example, the public data of the verifier may specifically include a first base point corresponding to each input data in the K input data and a second base point corresponding to each output data in the N output data.

Specifically, since K input data in the generated first proof data are hidden, the base points corresponding to K input data in the public data of the verifier also need to be updated, for example, the first base point corresponding to each input data in the public data of the verifier may be updated according to each input data in the K input data, so as to obtain an updated first base point corresponding to each input data, the updated first base point may be, for example, the second base point corresponding to each output data and the updated first base point corresponding to each input data, and the first service node determines the updated public data of the verifier according to the second base point corresponding to each output data and the updated first base point corresponding to each input data.

304. And the first service node generates second proving data corresponding to each piece of input data according to each piece of input data in the K pieces of input data.

Specifically, the first service node may generate second proving data corresponding to each input data by adopting a schnorr algorithm, where the second proving data includes a first base point corresponding to each input data, an updated first base point, promised data, a third base point, a fourth base point, a verification parameter, and a fifth base point corresponding to K input data, and the fifth base point may be a base point determined by negotiation of the third service node storing the K input data.

In some possible embodiments, the first service node may generate a third base point corresponding to each input data according to the first base point and a random number, where the random number is data that is randomly generated and not publicable; the first service node generates a fourth base point corresponding to each input data according to the fifth base point and the random number; the first service node generates a target abstract according to the first base point, the updated first base point, the promised data, the third base point, the fourth base point and the fifth base point, and then generates verification parameters corresponding to each input data according to each input data, the random number and the target abstract. The first service node may splice the first base point, the updated first base point, the promised data, the third base point, the fourth base point and the fifth base point to obtain a spliced character string, and process the spliced character string by using a Sha256 algorithm to generate a target abstract.

In some possible embodiments, when obtaining the promise data corresponding to each input data, the first service node may send a promise data obtaining request to a consensus node of the blockchain, where the promise data obtaining request is used to instruct the consensus node to obtain, from the blockchain, promise data corresponding to each input data in the K input data, where the first service node receives the promise data corresponding to each input data sent by the consensus node, where the promise data is generated by a third service node of the blockchain network according to a fifth base point and each input data and is written into the blockchain, and it can be seen that in the embodiment of the present application, it is not necessary to implement calculation logic for hashing or promise for the input data in the zero knowledge proof circuit, but to move a promise calculation process to an external destination of the zero knowledge proof circuit, so that complexity of the zero knowledge proof circuit is greatly reduced.

305. The first service node sends a data verification instruction to the second service node, wherein the data verification instruction is used for instructing the second service node to verify the K input data and the target processing logic according to a verification certificate, and the verification certificate comprises updated public data of a verification party, first proof data corresponding to the K input data and second proof data corresponding to each input data.

In some possible implementations, the first service node receives a first intelligent contract sent by a consensus node of the blockchain network, the first intelligent contract being generated by the second service node according to the target processing logic and submitted to the consensus node; the first service node processes K input data by using a first intelligent contract to obtain a contract execution result, wherein the contract execution result comprises N output data corresponding to the K input data, the first service node writes the contract execution result and the verification certificate into the blockchain, and can store the verification by using the K input data execution target processing logic for the first service node.

In some possible implementations, as shown in fig. 4, a schematic diagram of an overall implementation of zero-knowledge proof is provided in the examples of the present application.

The implementation principle is specifically that a scheme of combining a zero knowledge proof Groth16 and a schnorr protocol is adopted, x represents the K input data, y represents the N output data, f () represents the target processing logic, com () represents the calculation promise, g2 represents the fifth base point, promise corresponding to each input data forms a merck tree, each leaf node represents promise corresponding to each input data, g1 represents the first base point, zk-snark proof and schnorr proof (namely the first proof data and the second proof data) are respectively generated based on the base points of g1, g2 and the like, and x and f () can be accurately and efficiently verified based on the zk-snark proof and the schnorr proof, so that a verification result is obtained. By combining the Groth16 scheme of the zk-snark technology with the schnorr protocol, the purpose of moving the process of calculating commitments to the outside of the zero-knowledge proof circuit is achieved, the constructed zero-knowledge proof circuit is simpler, calculation logic such as hash or commitment is not needed in the zero-knowledge proof circuit, and the complexity of the zero-knowledge proof circuit is greatly reduced.

In particular, a commitment value for each input is stored in the blockchain, along with a base G ₂ . Input a for each _i The promise value isFrom the promise value and the base point G ₂ Calculating a _i Is a discrete logarithm problem, thus promise is not to make a _i Exposing. Based on the Groth16 scheme, for each input a _i The method comprises the following steps: />Where G is the base point (one generator over a finite field), βu _i (x)+αv _i (x)+ω _i (x) Is the QAP polynomial corresponding to the ith input, x is a random challenge, and γ is a random number.

When the verifier (e.g., the second service node described above) initializes the zero-knowledge proof circuit, a verifier public string and a prover public string will be generated, both public strings being publicable. For each input a _i The public strings of the verification party all comprise a base point

It is assumed that in one computational logic there are K inputs, N outputs, where all inputs need to be hidden and all outputs can be disclosed. In the embodiment of the application, when the verifier constructs the zero-knowledge proof circuit, K inputs and N outputs are firstly set to be publicable, so that the public string of the verifier contains (K+N) base points, and each base point is formed by G _i And (5) calculating to obtain the product. The verifier proving the public string of the verifier and zero knowledge The public string of the road and proving party is sent to the proving party (e.g. the first service node described above). The prover may generate zk-snark certificates through a circuit and prover common string. The proof contains K inputs and N outputs of plaintext.

For i ε [0, K],a _i Needs to be hidden. The proving party needs to update a in zk-snark proving _i ，i∈[0,K]In the verifier public stringi∈[0,K]. In such a way that each ofi∈[0,K]Updated to->Each a is provided with _i ，i∈[0,K]Updated to 1. From->And G _i Resume a _i Is a discrete logarithm problem, thus a _i Will not be exposed. The proving party updates and generates a new public string of the verifier and zk-snark proving through the flow.

The proving party then needs to make a schnorr proof to prove that he has used the correct input. For each input a _i ，i∈[0,K]The Schnorr demonstration includes 1) a base point2) Base point G ₂ ；3)/>4)5)/>Wherein γ is a random number that is randomly generated and not disclosed; 6)/>7)Z＝γ+c*a _i Wherein c=sha256 (G _i |G2|C _i ′|C2|A _i I A2); wherein, for i.e. [0, K]，G _i Corresponding to the first base point corresponding to each input data in the K input data; g ₂ Corresponds to the fifth base point described above; c (C) _i ' corresponds to the updated first base point described above; c2 corresponds to the commitment value (or commitment data) described above; a is that _i Corresponds to the third base point described above; a2 corresponds to the fourth base point described above; z corresponds to the verification parameters described above; c corresponds to the target abstract described above.

The verification party needs to verify: 1) Whether the initial verifier-public string is matched with the updated verifier-public string; 2) The updated zk-snark proves whether the verification is passed; 3) schnorr demonstrates whether or not it is validated. The verification mode of the third step Schnorr proving is as follows: for each input a _i Verification of If both equations are true, schnorr proving that the verification is passed, i.e., that the proving party used the correct input.

According to the embodiment of the application, through the sigma protocol and the schnorr protocol, although the zero-knowledge proof circuit does not contain calculation logic promised for the input value, a prover can still prove the correctness of calculation input to a verifier and whether the input data are processed by using specified calculation logic, so that the complexity of the zero-knowledge proof circuit is greatly reduced, and the time for initializing the zero-knowledge proof circuit and the time for generating the proof by the prover are greatly shortened.

Referring to fig. 5, a flowchart of another data processing method based on a blockchain network provided by the data processing system shown in fig. 1a according to an embodiment of the present application, where the data processing method may be applied to the service node 101 in fig. 1a, for example, the second service node, and specifically may include the following steps:

501. The second service node sends a target data set to the first service node, the target data set comprising a zero-knowledge proof circuit, verifier public data, and prover public data, the zero-knowledge proof circuit being generated by the second service node based on target processing logic.

In some possible embodiments, before the second service node sends the target data set to the first service node, determining the target data set is needed, which may specifically include: the second service node generates a zero knowledge proof circuit corresponding to the target processing logic; initializing a zero knowledge proving circuit according to public parameters to obtain public data of a verifier and public data of the prover, wherein the public data of the verifier comprises a first base point corresponding to each input data in K pieces of input data and a second base point corresponding to each output data in N pieces of output data, K is an integer greater than or equal to 1, and N is an integer greater than or equal to 1; the second service node determines the target data set based on the zero knowledge proof circuit, the verifier public data, and the prover public data.

502. The second service node receives a data verification instruction sent by the first service node after generating a verification credential according to the target data set, wherein the verification credential comprises updated public data of a verifier, first proof data corresponding to K input data and second proof data.

503. And the second service node responds to the data verification instruction to verify the K input data and the target processing logic according to the verification certificate.

The data verification in the embodiment of the application includes two parts, one part is verification of the target processing logic, the other part is verification of the input data, and only when the target processing logic and the verification of the input data are all passed, the final verification result can be confirmed to be verification passing, otherwise, the final verification result is not verification passing.

In some possible implementations, the data verification indication includes a verification credential, and the second service node verifies the target processing logic of the K input data according to the updated verifier public data and the first attestation data in response to the data verification indication; and the second service node verifies the K input data according to the second proving data.

In some possible embodiments, the verification manner of the target processing logic may specifically include: the second service node responds to the data verification instruction to determine whether the public data of the verification party is matched with the updated public data of the verification party, for example, whether the public data of the verification party is identical except that the first base point corresponding to each input data is different, if so, the second service node verifies the first proving data according to the updated public data of the verification party to obtain a verification result of the target processing logic, for example, the updated public data of the verification party is input into a zk-snark proving algorithm, the verification result of the target processing logic is determined according to the output result, and if the output result is true, the verification is passed; if the output result is false, the verification is not passed.

In some possible embodiments, the second proof data includes a first base point corresponding to each input data, an updated first base point, promised data, a third base point, a fourth base point, verification parameters, and a fifth base point corresponding to K input data; the verification method for the input data specifically comprises the following steps: for second proving data corresponding to each input data, the second service node determines whether a first preset relation is met among the first base point, the verification parameter, the updated first base point, the updated third base point and the target abstract, a first verification result is obtained, and the target abstract is generated by the first service node according to the first base point, the updated first base point, the promised data, the third base point, the fourth base point and the fifth base point; the second service node determines whether the fifth base point and the verification parameter meet a second preset relation with the promised data, the fourth base point and the target abstract, and a second verification result is obtained; and determining the verification result of each input data according to the first verification result and the second verification result. For example, for each input a _i Verification ofIf both equations are true, schnorr proving that the verification is passed, i.e., that the proving party used the correct input. Wherein, for i.e. [0, K ]，G _i Corresponding to the first base point corresponding to each input data in the K input data; g ₂ Corresponds to the fifth base point described above; c (C) _i ' corresponds to the updated first base point described above; c2 corresponds to the commitment value (or commitment data) described above; a is that _i Corresponds to the third base point described above; a2 corresponds to the fourth base point described above; z corresponds to the verification parameters described above; c corresponds to the target abstract described above.

In the embodiment of the application, a second service node serving as a verification party sends a target data set to a first service node, wherein the target data set comprises a zero-knowledge proof circuit, verification party public data and proof party public data, and the zero-knowledge proof circuit is generated by the second service node based on target processing logic; the second service node receives the data verification instruction sent by the first service node after generating the verification credential according to the target data set, wherein the verification credential comprises updated public data of a verifier, first verification data corresponding to K pieces of input data and second verification data, the second service node responds to the data verification instruction to verify the K pieces of input data and the target processing logic according to the verification credential, and directly generates a zero knowledge proof circuit based on the target processing logic, so that the zero knowledge proof circuit does not need to perform hash operation and the like on the input data, only needs to pay attention to specific operation logic on the input data, and the verifier can verify whether the input data is processed by the target processing logic or not through the two pieces of the first verification data and the second verification data and can verify the authenticity of the input data, thereby greatly reducing the design complexity of the zero knowledge proof circuit and efficiently and accurately realizing the verification of the data and the corresponding processing logic.

In some possible implementations, the blockchain network is divided into two layers, a witness network (i.e., the traffic network described above) and a consensus network (i.e., the core network described above). The consensus node executes a consensus block in a consensus network; the service node executes service logic in the witness network, submits service operation to the consensus network, synchronizes block data from the consensus node, and the block chain network supports running local contracts on the service node, wherein the local contracts are special contracts of which the contract execution result does not execute consensus. In some computing scenarios involving data, scenarios such as that shown in fig. 6a may occur, specifically including: 601. the object submits a transaction request to the service node; 602. the service node calculates the input data through a local contract and obtains a calculation result; 603. the service node adds the calculation result in the transaction and submits the transaction to the core chain; 604. the core chain links the transaction and the calculation result and distributes the result to other service nodes. In this process, the service node performing step 602 needs to prove to the other nodes: 1) The calculation result is indeed calculated by the calculation logic of the local contract; 2) The correct input data is used for calculation, not the kneaded input data.

As shown in fig. 6b, another application scenario is provided in the embodiment of the present application. In this scenario, the core chain is in the consensus network, and the objects of the first class object 0, the second class object, the first class object 1, the first class object 2, the first class object 3, the first class object 4 and the like belong to the service node and are in the witness network. In this scenario, the first type objects 1, 2, 3, 4 correspond to the above-mentioned third service nodes, the second type object corresponds to the above-mentioned first service nodes, the first type object 0 corresponds to the above-mentioned second service nodes, the first type objects 1, 2, 3, 4 respectively have partial data of the second type object, specifically may be that the first type object 1 has data 1 of the second type object, the first type object 2 has data 2 of the second type object, the first type object 3 has data 3 of the second type object, and the first type object 4 has data 4 of the second type object. The first class of object 0 has publicly available computing logic (i.e., the target processing logic described above). The first class 0 of objects requires the second class of objects to use data 1, 2, 3, 4 as input to the computation logic, which is executed to obtain the computation result. While executing the computational logic, the second class object needs to prove to the first class object 0 by a zero knowledge proof, schnorr protocol: 1) The computational logic is executed; 2) The calculated inputs are inputs corresponding to commitment values submitted by the first class objects 1, 2, 3, 4.

Specifically, the step of calculating the data may include:

611. in order not to reveal the data of the second class object, the first class objects 1, 2, 3, 4 only link the promise values (Com 1, com2, com3, com 4) of each data to the merkle root of these promise values;

612. the first class object 0 deploys compute logic write-local contracts to the core chain. The local contracts are separated to service nodes where the second class objects are located through the core chain;

613. the first class of object 0 is responsible for converting the computational logic into a zero knowledge proof circuit and initializing the zero knowledge proof circuit. The zero knowledge proof circuit and the circuit public string are obtained under the chain by the second class object;

the circuit public string comprises the verification party public data and the proving party public data.

614. The second class object executes calculation logic through a local contract at the service node, and uses data 1, 2, 3 and 4 as the input of the local contract to link calculation results, circuit certification and the certification of the schnorr protocol;

615. object 0 of the first class verifies the certification of the circuit with the certification of the schnorr protocol.

The specific implementation manner of each step may refer to the related descriptions in the foregoing embodiments, which are not repeated herein.

Referring to fig. 7, a flowchart of a data verification method according to an embodiment of the present application based on the data processing system shown in fig. 1a may specifically include the following steps:

701. each first class object i negotiates a base point G2, commits the data of the second class object, and links the base point and the commits.

The base point G2 corresponds to the fifth base point described above. The service nodes of the first class object i correspond to the third service node, the service nodes of the second class object P correspond to the first service node, and the service nodes of the first class object 0 correspond to the second service node.

702. Each first class object i sends the plaintext of the data to the second class object P of the query. If the data is already present on the service node of the second class object P, step 702 is skipped.

703. The service nodes of the first class object 0 deploy local contracts for implementing computational logic, and the local contracts are separated to the service nodes of the second class object P through the consensus node.

The computing logic corresponds to the target processing logic, and the local contract corresponds to the first intelligent contract.

704. The first class object 0 is manufactured into a zk-snark circuit C, and the chain sending circuit and the prover disclose strings to service nodes of the second class object P.

Wherein zk-snark circuit C corresponds to the zero knowledge proof circuit described above, the verifier disclosure string corresponds to the verifier public data described above, and the prover disclosure string corresponds to the prover public data described above.

705. The first class object 0 links the verifier disclosure string up and the consensus node sorts the verifier disclosure string to the service node of the second class object P.

706. And the service node of the second class object P runs a local contract corresponding to the calculation logic to obtain a calculation result.

707. The service node of the second class object P generates zk-snark proof.

708. The service node of the second class object P updates the zk-snark proof, updates the verifier common string, and generates the schnorr proof.

Wherein the zk-snark certification corresponds to the third certification data, the updated zk-snark certification corresponds to the first certification data, and the schnorr certification corresponds to the second certification data.

709. The service node of the second class object P will uplink the updated zk-snark proof, the updated verifier public string and the generated schnorr proof.

710. The service node of the first class object 0 is verified by the intelligent contract: 1) The updated zk-snark proof can pass verification of the updated verifier public string; 2) schnorr proving to pass verification; 3) The public string of the verifier before the update is matched with the public string of the verifier after the update.

711. The service node of the first class object 0 links the verification result up.

The data verification method can ensure that: 1) The data input by the computing executive (namely the second class object P) is not exposed; 2) The computing executive correctly performs the computing logic; 3) The computing executive uses the correct data (rather than fake input data) as the input for the computation; 4) The time for the computational logic provider (i.e., object 0 of the first class) to initialize, calculate the attestation that the executive generates is significantly reduced.

Referring to fig. 8, a schematic structural diagram of a data processing apparatus according to an embodiment of the present application, where the data processing apparatus according to an embodiment of the present application may be applied to the service node described above, the apparatus includes:

an obtaining module 801, configured to obtain a target data set, where the target data set includes a zero-knowledge proof circuit, a verifier public data, and a prover public data, where the zero-knowledge proof circuit is generated by a second service node of the blockchain network based on target processing logic;

a processing module 802, configured to generate a verification credential according to the target data set, where the verification credential includes updated public data of a verifier, first proof data corresponding to K input data, and second proof data, where K is an integer greater than or equal to 1;

And a sending module 803, configured to send a data verification instruction to the second service node, where the data verification instruction is used to instruct the second service node to verify the K input data and the target processing logic according to the verification credential.

Optionally, the public data of the verifier includes a first base point corresponding to each input data in the K input data and a second base point corresponding to each output data in the N output data, where N is an integer greater than or equal to 1; the processing module 802 is specifically configured to:

generating first proving data corresponding to the K input data according to the zero knowledge proving circuit and the proving party public data, wherein the first proving data comprises the N output data and the K input data after hiding processing;

updating the first base points included in the public data of the verifier according to the K input data to obtain updated public data of the verifier;

and generating second proving data corresponding to each piece of input data according to each piece of input data in the K pieces of input data.

Optionally, the processing module 802 is specifically configured to:

generating third proving data corresponding to the K input data according to the zero knowledge proving circuit and the proving party public data, wherein the third proving data comprises the N output data and the K input data;

And hiding the K pieces of input data included in the third proving data to obtain first proving data corresponding to the K pieces of input data.

Optionally, the processing module 802 is specifically configured to:

inputting the K input data into the zero knowledge proof circuit, and obtaining N corresponding output data by operating the zero knowledge proof circuit;

and generating third proving data corresponding to the K input data according to the K input data, the N output data and the proving party public data.

Optionally, the processing module 802 is specifically configured to:

according to each input data in the K input data, updating a first base point corresponding to each input data in the public data of the verifier to obtain an updated first base point corresponding to each input data;

and determining updated public data of the verifier according to the second base point corresponding to each piece of output data and the updated first base point corresponding to each piece of input data.

Optionally, the second proof data includes a first base point corresponding to each input data, an updated first base point, promised data, a third base point, a fourth base point, a verification parameter, and a fifth base point corresponding to the K input data; the processing module 802 is specifically configured to:

Generating a third base point corresponding to each input data according to the first base point and the random number;

generating a fourth base point corresponding to each input data according to the fifth base point and the random number;

generating a target abstract according to the first base point, the updated first base point, the promised data, the third base point, the fourth base point and the fifth base point;

and generating verification parameters corresponding to each input data according to each input data, the random number and the target abstract.

Optionally, the apparatus further comprises a receiving module 804, wherein:

the sending module 803 is further configured to send a promise data acquisition request to a consensus node of the blockchain, where the promise data acquisition request is used to instruct the consensus node to acquire promise data corresponding to each input data of the K input data from the blockchain;

the receiving module 804 is configured to receive promise data corresponding to each input data sent by the consensus node, where the promise data is generated by a third service node of the blockchain network according to the fifth base point and each input data, and is written into the blockchain.

Optionally, the receiving module 804 is further configured to receive a first intelligent contract sent by a consensus node of the blockchain network, where the first intelligent contract is generated by the second service node according to the target processing logic and submitted to the consensus node;

the processing module 802 is further configured to process the K input data by using the first intelligent contract, to obtain a contract execution result, where the contract execution result includes N output data corresponding to the K input data;

the processing module 802 is further configured to write the contract execution result and the verification credential into a blockchain.

Optionally, the processing module 802 is further configured to query whether the local storage space stores the K input data;

the sending module 803 is further configured to send an input data acquisition request to a third service node of the blockchain network if not;

the receiving module 804 is further configured to receive the K pieces of input data sent by the third service node in response to the input data acquisition request.

It should be noted that, the functions of each functional module of the data processing apparatus in the embodiments of the present application may be specifically implemented according to the method in the embodiments of the method, and the specific implementation process may refer to the related description of the embodiments of the method, which is not repeated herein.

Referring to fig. 9, a schematic structural diagram of another data processing apparatus according to an embodiment of the present application, where the data processing apparatus according to an embodiment of the present application may be applied to the above-mentioned common node, the apparatus includes:

a sending module 901, configured to send a target data set to a first service node of a blockchain network, where the target data set includes a zero-knowledge proof circuit, verifier public data, and prover public data, where the zero-knowledge proof circuit is generated by a second service node of the blockchain network based on target processing logic;

a receiving module 902, configured to receive a data verification indication sent by the first service node after generating a verification credential according to the target data set, where the verification credential includes updated public data of a verifier, first proof data corresponding to K pieces of input data, and second proof data, and K is an integer greater than or equal to 1;

and a verification module 903, configured to verify the K input data and the target processing logic according to the verification credential in response to the data verification instruction.

Optionally, the apparatus further comprises a processing module 904, wherein:

the processing module 904 is configured to:

Generating a zero knowledge proof circuit corresponding to the target processing logic;

initializing the zero knowledge proving circuit according to public parameters to obtain public data of a verifier and public data of the prover, wherein the public data of the verifier comprises a first base point corresponding to each input data in the K input data and a second base point corresponding to each output data in N output data, and N is an integer greater than or equal to 1;

and determining a target data set according to the zero knowledge proving circuit, the verifier public data and the proving party public data.

Optionally, the data verification indication includes the verification credential, and the verification module 903 is specifically configured to:

validating the target processing logic of the K input data according to the updated verifier public data and the first attestation data in response to the data validation indication;

and verifying the K input data according to the second proving data.

Optionally, the verification module 903 is specifically configured to:

determining whether the verifier public data matches the updated verifier public data in response to the data verification indication;

And if so, verifying the first proving data according to the updated public data of the verifier to obtain a verification result of the target processing logic.

Optionally, the second proof data includes a first base point corresponding to each input data, an updated first base point, promised data, a third base point, a fourth base point, a verification parameter, and a fifth base point corresponding to the K input data; the verification module 903 is specifically configured to:

determining whether a first preset relation is met among the first base point, the verification parameter, the updated first base point, the third base point and a target abstract according to second proving data corresponding to each input data to obtain a first verification result, wherein the target abstract is generated by the first service node according to the first base point, the updated first base point, the promised data, the third base point, the fourth base point and the fifth base point;

determining whether the fifth base point and the verification parameters meet a second preset relation with the promised data, the fourth base point and the target abstract or not, and obtaining a second verification result;

And determining the verification result of each input data according to the first verification result and the second verification result.

Referring to fig. 10, a schematic structural diagram of a computer device according to an embodiment of the present application includes a power supply module and other structures, and includes a processor 1001, a storage device 1002, and a network interface 1003. Data may be exchanged between the processor 1001, the storage device 1002, and the network interface 1003.

The storage device 1002 may include volatile memory (RAM), such as random-access memory (RAM); the storage device 1002 may also include a non-volatile memory (non-volatile memory), such as a flash memory (flash memory), a Solid State Drive (SSD), etc.; the storage device 1002 may also include a combination of the types of memory described above.

The processor 1001 may be a central processing unit (central processing unit, CPU). In one embodiment, the processor 1001 may also be a graphics processor (Graphics Processing Unit, GPU). The processor 1001 may be a combination of a CPU and a GPU.

In one embodiment, the storage device 1002 is configured to store program instructions, and the processor 1001 may call the program instructions to perform the following operations:

obtaining a target data set, wherein the target data set comprises a zero knowledge proof circuit, verifying party public data and proving party public data, and the zero knowledge proof circuit is generated by a second service node of the blockchain network based on target processing logic;

generating a verification certificate according to the target data set, wherein the verification certificate comprises updated public data of a verifier, first proving data corresponding to K input data and second proving data, and K is an integer greater than or equal to 1;

and sending a data verification instruction to the second service node, wherein the data verification instruction is used for instructing the second service node to verify the K input data and the target processing logic according to the verification certificate.

Optionally, the public data of the verifier includes a first base point corresponding to each input data in the K input data and a second base point corresponding to each output data in the N output data, where N is an integer greater than or equal to 1; the processor 1001 is specifically configured to:

Optionally, the processor 1001 is specifically configured to:

Optionally, the second proof data includes a first base point corresponding to each input data, an updated first base point, promised data, a third base point, a fourth base point, a verification parameter, and a fifth base point corresponding to the K input data; the processor 1001 is specifically configured to:

Optionally, the processor 1001 is further configured to:

transmitting a promised data acquisition request to a consensus node of the blockchain, wherein the promised data acquisition request is used for indicating the consensus node to acquire promised data corresponding to each input data in the K input data from the blockchain;

and receiving promise data corresponding to each input data sent by the consensus node, wherein the promise data is generated by a third service node of the blockchain network according to the fifth base point and each input data and is written into the blockchain.

Optionally, the processor 1001 is further configured to:

receiving a first intelligent contract sent by a consensus node of the blockchain network, wherein the first intelligent contract is generated by the second service node according to the target processing logic and submitted to the consensus node;

Processing the K input data by using the first intelligent contract to obtain a contract execution result, wherein the contract execution result comprises N output data corresponding to the K input data;

writing the contract execution result and the verification credential into a blockchain.

Optionally, the processor 1001 is further configured to:

inquiring whether the local storage space stores the K input data or not;

if not, sending an input data acquisition request to a third service node of the blockchain network;

and receiving the K input data sent by the third service node in response to the input data acquisition request.

In specific implementation, the processor 1001, the storage device 1002 and the network interface 1003 described in the embodiments of the present application may perform the implementation described in the related embodiments of the method provided in fig. 2 to 3 of the embodiments of the present application, and may also perform the implementation described in the related embodiments of the apparatus provided in fig. 8 of the embodiments of the present application, which are not described herein again.

Transmitting a target data set to a first service node of a blockchain network, the target data set including a zero-knowledge proof circuit, verifier public data, and prover public data, the zero-knowledge proof circuit generated by a second service node of the blockchain network based on target processing logic;

receiving a data verification instruction sent by the first service node after generating a verification credential according to the target data set, wherein the verification credential comprises updated public data of a verifier, first proving data corresponding to K pieces of input data and second proving data, and K is an integer greater than or equal to 1;

and verifying the K input data and the target processing logic according to the verification certificate in response to the data verification indication.

Optionally, the processor 1001 is further configured to:

Optionally, the data verification indication includes the verification credential, and the processor 1001 is specifically configured to:

and verifying the K input data according to the second proving data.

Optionally, the processor 1001 is specifically configured to:

In specific implementation, the processor 1001, the storage device 1002 and the network interface 1003 described in the embodiments of the present application may perform the implementation described in the related embodiments of the method provided in fig. 5 of the embodiments of the present application, and may also perform the implementation described in the related embodiments of the apparatus provided in fig. 9 of the embodiments of the present application, which are not described herein again.

It will be appreciated that in the specific embodiments of the present application, data such as information concerning an object, when the above embodiments of the present application are applied to specific products or technologies, permission or consent of the object is required, and collection, use and processing of relevant data is required to comply with relevant laws and regulations and standards of relevant countries and regions.

In the foregoing embodiments, the descriptions of the embodiments are emphasized, and for parts of one embodiment that are not described in detail, reference may be made to related descriptions of other embodiments. The technical solution of the present application may be embodied in essence or a part contributing to the prior art or all or part of the technical solution, in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a computer, a server, or a network device, or may be a processor in a computer device in particular) to perform all or part of the steps of the methods described in the embodiments of the present application. Wherein the aforementioned storage medium may comprise: a U-disk, a removable hard disk, a magnetic disk, an optical disk, a Read-Only Memory (abbreviated as ROM), a random access Memory (abbreviated as Random Access Memory, RAM), or the like.

The above embodiments are merely for illustrating the technical solution of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the corresponding technical solutions.

Claims

1. A method of data processing based on a blockchain network, the method comprising:

a first service node of the blockchain network acquires a target data set, wherein the target data set comprises a zero-knowledge proving circuit, verifying party public data and proving party public data, and the zero-knowledge proving circuit is generated by a second service node of the blockchain network based on target processing logic;

2. The method of claim 1, wherein the verifier-side common data includes a first base point corresponding to each of the K input data and a second base point corresponding to each of N output data, the N being an integer greater than or equal to 1; the first service node generating authentication credentials from the target data set, comprising:

the first service node generates first proving data corresponding to the K input data according to the zero knowledge proving circuit and the proving party public data, wherein the first proving data comprises the N output data and K input data after hiding processing;

the first service node updates a first base point included in the public data of the verifier according to the K input data to obtain updated public data of the verifier;

and the first service node generates second proving data corresponding to each piece of input data according to each piece of input data in the K pieces of input data.

3. The method of claim 2, wherein the first service node generates first attestation data corresponding to the K input data from the zero-knowledge attestation circuit and the attestation party common data, comprising:

the first service node generates third proving data corresponding to the K input data according to the zero knowledge proving circuit and the proving party public data, wherein the third proving data comprises the N output data and the K input data;

and the first service node performs hiding processing on the K pieces of input data included in the third proof data to obtain first proof data corresponding to the K pieces of input data.

4. A method according to claim 3, wherein the first service node generates third attestation data corresponding to the K input data from the zero-knowledge attestation circuit and the attestation party common data, comprising:

the first service node inputs the K input data into the zero knowledge proof circuit, and obtains N corresponding output data by operating the zero knowledge proof circuit;

and the first service node generates third proving data corresponding to the K input data according to the K input data, the N output data and the proving party public data.

5. The method according to any one of claims 2 to 4, wherein the first service node performs update processing on a first base point included in the public data of the verifier according to the K input data, to obtain updated public data of the verifier, and the method includes:

the first service node updates a first base point corresponding to each input data in the public data of the verifier according to each input data in the K input data to obtain an updated first base point corresponding to each input data;

and the first service node determines updated public data of the verifier according to the second base point corresponding to each output data and the updated first base point corresponding to each input data.

6. The method according to any one of claims 2 to 4, wherein the second certification data includes a first base point corresponding to each of the input data, updated first base point, promised data, a third base point, a fourth base point, verification parameters, and a fifth base point corresponding to the K input data; the first service node generates second proving data corresponding to each input data according to each input data in the K input data, and the second proving data comprises:

The first service node generates a third base point corresponding to each input data according to the first base point and the random number;

the first service node generates a fourth base point corresponding to each piece of input data according to the fifth base point and the random number;

the first service node generates a target abstract according to the first base point, the updated first base point, the promised data, the third base point, the fourth base point and the fifth base point;

and the first service node generates verification parameters corresponding to each input data according to each input data, the random number and the target abstract.

7. The method of claim 6, wherein the method further comprises:

the first service node sends a promised data acquisition request to a consensus node of the blockchain, wherein the promised data acquisition request is used for indicating the consensus node to acquire promised data corresponding to each input data in the K input data from the blockchain;

the first service node receives promise data corresponding to each input data sent by the consensus node, wherein the promise data is generated by a third service node of the blockchain network according to the fifth base point and each input data and is written into the blockchain.

8. The method according to claim 1, wherein the method further comprises:

the first service node receives a first intelligent contract sent by a consensus node of the blockchain network, wherein the first intelligent contract is generated by the second service node according to the target processing logic and submitted to the consensus node;

the first service node processes the K input data by using the first intelligent contract to obtain a contract execution result, wherein the contract execution result comprises N output data corresponding to the K input data;

the first service node writes the contract execution result and the validation credential into a blockchain.

9. The method of claim 1, wherein prior to the first service node generating authentication credentials from the target data set, the method further comprises:

the first service node inquires whether the local storage space stores the K input data;

if not, the first service node sends an input data acquisition request to a third service node of the blockchain network;

and the first service node receives the K input data sent by the third service node in response to the input data acquisition request.

10. A method of data processing based on a blockchain network, the method comprising:

11. The method according to claim 10, wherein the method further comprises:

the second service node generates a zero knowledge proof circuit corresponding to the target processing logic;

the second service node initializes the zero knowledge proving circuit according to public parameters to obtain public data of a verifier and public data of a proving party, wherein the public data of the verifier comprises a first base point corresponding to each input data in the K input data and a second base point corresponding to each output data in N output data, and N is an integer greater than or equal to 1;

The second service node determines a target data set according to the zero knowledge proof circuit, the verifier public data and the proving party public data.

12. The method of claim 10 or 11, wherein the data verification indication comprises the verification credential, wherein the second service node verifying the K input data and the target processing logic in accordance with the verification credential in response to the data verification indication, comprising:

the second service node responds to the data verification instruction and verifies the target processing logic of the K input data according to the updated public data of the verifier and the first proving data;

and the second service node verifies the K input data according to the second proving data.

13. The method of claim 12, wherein the second service node validating the target processing logic of the K input data in response to the data validation indication based on the updated validator public data and the first attestation data, comprising:

the second service node responds to the data verification indication to determine whether the public data of the verifier is matched with the updated public data of the verifier;

And if so, the second service node verifies the first proving data according to the updated public data of the verifier to obtain a verification result of the target processing logic.

14. The method of claim 12, wherein the second attestation data includes a first base point for each of the input data, an updated first base point, commitment data, a third base point, a fourth base point, verification parameters, and a fifth base point for the K input data; the second service node verifies the K input data according to the second proof data, and the method comprises the following steps:

for second proving data corresponding to each input data, the second service node determines whether a first preset relation is met among the first base point, the verification parameter, the updated first base point, the third base point and a target abstract, and a first verification result is obtained, wherein the target abstract is generated by the first service node according to the first base point, the updated first base point, the promised data, the third base point, the fourth base point and the fifth base point;

the second service node determines whether a second preset relation is met among the fifth base point, the verification parameter, the promised data, the fourth base point and the target abstract, and a second verification result is obtained;

And the second service node determines the verification result of each input data according to the first verification result and the second verification result.

15. A data processing apparatus, the apparatus comprising:

16. A data processing apparatus, the apparatus comprising:

17. A computer readable storage medium storing a computer program comprising program instructions for execution by a processor to perform the blockchain network-based data processing method of any of claims 1-9 or the blockchain network-based data processing method of any of claims 10-14.