CN116664298A - Implementation method and device of block chain-based decentralization data transaction system - Google Patents
Implementation method and device of block chain-based decentralization data transaction system Download PDFInfo
- Publication number
- CN116664298A CN116664298A CN202310561537.4A CN202310561537A CN116664298A CN 116664298 A CN116664298 A CN 116664298A CN 202310561537 A CN202310561537 A CN 202310561537A CN 116664298 A CN116664298 A CN 116664298A
- Authority
- CN
- China
- Prior art keywords
- transaction
- bill
- sender
- receiver
- proof
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 72
- 230000008569 process Effects 0.000 claims abstract description 24
- 238000004364 calculation method Methods 0.000 claims abstract description 12
- 238000012795 verification Methods 0.000 claims description 39
- 230000008859 change Effects 0.000 claims description 23
- 238000012546 transfer Methods 0.000 claims description 14
- 238000012545 processing Methods 0.000 abstract description 5
- 230000001419 dependent effect Effects 0.000 abstract description 3
- 238000005516 engineering process Methods 0.000 description 28
- 230000007246 mechanism Effects 0.000 description 11
- 230000008901 benefit Effects 0.000 description 6
- OKTJSMMVPCPJKN-UHFFFAOYSA-N Carbon Chemical compound [C] OKTJSMMVPCPJKN-UHFFFAOYSA-N 0.000 description 5
- 229910052799 carbon Inorganic materials 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 230000036541 health Effects 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 3
- 238000004590 computer program Methods 0.000 description 3
- 238000010276 construction Methods 0.000 description 3
- 238000013461 design Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000012550 audit Methods 0.000 description 2
- 230000006399 behavior Effects 0.000 description 2
- 238000012790 confirmation Methods 0.000 description 2
- 238000013523 data management Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 239000000463 material Substances 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 238000010200 validation analysis Methods 0.000 description 2
- NAWXUBYGYWOOIX-SFHVURJKSA-N (2s)-2-[[4-[2-(2,4-diaminoquinazolin-6-yl)ethyl]benzoyl]amino]-4-methylidenepentanedioic acid Chemical compound C1=CC2=NC(N)=NC(N)=C2C=C1CCC1=CC=C(C(=O)N[C@@H](CC(=C)C(O)=O)C(O)=O)C=C1 NAWXUBYGYWOOIX-SFHVURJKSA-N 0.000 description 1
- RWSOTUBLDIXVET-UHFFFAOYSA-N Dihydrogen sulfide Chemical compound S RWSOTUBLDIXVET-UHFFFAOYSA-N 0.000 description 1
- 206010033799 Paralysis Diseases 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 239000003814 drug Substances 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- HPEUEJRPDGMIMY-IFQPEPLCSA-N molybdopterin Chemical compound O([C@H]1N2)[C@H](COP(O)(O)=O)C(S)=C(S)[C@@H]1NC1=C2N=C(N)NC1=O HPEUEJRPDGMIMY-IFQPEPLCSA-N 0.000 description 1
- 238000013068 supply chain management Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6254—Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/389—Keeping log of transactions for guaranteeing non-repudiation of a transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Accounting & Taxation (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Finance (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Marketing (AREA)
- Databases & Information Systems (AREA)
- Economics (AREA)
- Development Economics (AREA)
- Medical Informatics (AREA)
- Technology Law (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a realization method and a device of a block chain-based decentralization data transaction system, which can be widely applied to the technical field of block chains. The invention is applied to a preset model comprising a transaction sender, a transaction receiver, an intelligent contract and a blockchain, and embeds a hidden address into an output bill as a temporary address of the transaction receiver in the application process, and generates a temporary private key of the transaction according to the shared knowledge of the transaction sender and the easy receiver in the calculation process of the hidden address; and then after the transaction sender and the transaction receiver generate the Pedersen promise and range proof of the transaction amount, the transaction validity is verified through the intelligent contract according to the output bill and the Pedersen promise and range proof, so that the processing of the data transaction is not dependent on a central server any more, the decentralised transaction is realized, the security of the privacy of a user is ensured, and the transparency and the credibility of the transaction are improved.
Description
Technical Field
The invention relates to the technical field of blockchains, in particular to a method and a device for realizing a block-chain-based decentralization data transaction system.
Background
In the related art, in the field of blockchain transaction privacy protection, the following problems mainly exist:
first point, data security risk: because of the large amount of sensitive information involved in the data transaction process, the centralized data transaction platform is used as a centralized storage and manager of data, and is easy to be a target of hacking. Once the platform is attacked, a large amount of user data can be revealed, which threatens the privacy security of the user.
Second point, trust problem: the centralized data transaction platform requires that the user trust level be high, and the user needs to trust the platform to fulfill the responsibility of the user in the data transaction according to the contract. However, in some cases, the centralized platform may have abuse rights, illicit operations, etc. that compromise the user's benefits.
Third, the transparency is insufficient: the operation process of the centralized data transaction platform is often not transparent enough, and a user cannot clearly know the circulation path and transaction details of the data. This may lead to unpleasantness and non-compliance of data transactions. In the data mode based on the blockchain, the blockchain is disclosed to be transparent, so that the risk of disclosure exists in the privacy of the data transaction, and the problems of additional cost, stealing by a third party, lower performance efficiency and the like of the existing blockchain privacy protection schemes such as a coining technology, a ring signature technology, a hidden address and the like cannot meet the requirements of the data transaction service performance and the security based on the blockchain.
Fourth, data monopolization: the centralized platform is used for controlling the authority and access of data transaction in a centralized way, which easily causes the phenomenon of monopoly of data and influences the fair circulation and value realization of the data.
Audit difficulty: because the operation process of the centralized data transaction platform is not transparent, an external auditor can hardly audit the platform effectively, so that the platform can have space for illegal behaviors and market manipulation.
System availability: the centralized data transaction platform is easy to generate single-point faults due to the centralized architecture. Once the platform fails, the whole system may be paralyzed, and the data transaction experience of the user is affected.
Extensibility and flexibility: because of the fixed architecture and independence of the centralized platform, extensibility and flexibility are limited. Technical and resource challenges may be faced when new traffic patterns need to be introduced or interfacing with other systems.
Disclosure of Invention
The present invention aims to solve at least one of the technical problems existing in the prior art. Therefore, the invention provides a realization method and a device of a block chain-based decentralization data transaction system, which can realize decentralization transaction, ensure the security of user privacy and improve the transparency and the credibility of the transaction.
In one aspect, an embodiment of the present invention provides a method for implementing a blockchain-based decentralized data transaction system, where the method is applied to a preset model, and the preset model includes a transaction sender, a transaction receiver, an intelligent contract, and a blockchain, and the method includes the following steps:
the transaction sender constructs an output bill for the current transaction; wherein the hidden address is embedded into the output bill and used as a temporary address of a transaction receiver; generating a temporary private key of the transaction according to the shared knowledge of the transaction sender and the transaction receiver in the calculation process of the hidden address; the output bill comprises a payment bill and a change bill;
generating a Pedersen commitment and a scope proof of the transaction amount by the transaction sender and the transaction receiver;
carrying out transaction validity verification through the intelligent contract according to the output bill, the Pedersen promise and the range proof; the blockchain is to provide a secure execution environment for the smart contract.
In some embodiments, the transaction sender constructs an output ticket for a current transaction, comprising:
the transaction sender determines an input bill which accords with the transfer condition;
The transaction receiver and the transaction sender calculate a common random seed and a transaction temporary key pair corresponding to the output bill;
and the transaction sender constructs an output bill according to the input bill, the random seed and the transaction temporary key pair.
In some embodiments, the transaction sender determining an incoming ticket eligible for transfer includes:
the transaction sender determining one or more unconsumed notes;
the transaction sender decrypts the unconsumed bill according to the private key to obtain value information;
and the transaction sender determines the unconsumed bill which accords with the transfer amount as an input bill of the transaction according to the value information.
In some embodiments, the transaction receiver and the transaction sender compute a transaction ephemeral key pair corresponding to a common randomness seed and output ticket, comprising:
the transaction receiver determines a first random integer and calculates first shared data corresponding to the first random integer;
the transaction sender determines a second random integer and calculates second shared data corresponding to the second random integer;
after receiving the second shared data sent by the transaction sender, the transaction receiver calculates a shared secret key through the first random integer; after receiving the first shared data sent by the transaction receiver, the transaction sender calculates a shared secret key through the second random integer;
Calculating a random seed according to the shared secret key;
and calculating a transaction temporary key pair according to the random seed.
In some embodiments, the transaction sender constructs an outgoing ticket from the incoming ticket, the random seed, and the transaction ephemeral key pair, comprising:
the transaction sender acquires a scanning public key and a payment public key of the transaction receiver;
the transaction sender randomly selects a random number of the change bill transaction to generate a public-private key pair;
the transaction sender calculates a shared secret key of the payment bill and the change bill according to the scanning public key and the public-private key pair;
and the transaction sender calculates the temporary addresses of the payment bill and the change bill according to the payment public key and the public-private key pair.
In some embodiments, the transaction sender and transaction receiver generate a petersen commitment and scope proof of the transaction amount, comprising:
the transaction sender generates a first petersen commitment and a first scope proof for the transaction amount;
and the transaction receiver generates a second Pedersen commitment and a second scope proof for the transaction amount according to the first Pedersen commitment and the first scope proof.
In some embodiments, the transaction sender generating a first petersen commitment and a first scope proof of the transaction amount, comprising:
The transaction sender selects a plurality of random numbers as blind factors and generates a promise of an input amount and a change amount as a first Pedersen promise;
the transaction sender generates a range proof for the change amount as a first range proof based on the zero knowledge proof.
In some embodiments, the transaction recipient generating a second petersen commitment and a second scope proof of the transaction amount from the first petersen commitment and the first scope proof comprises:
after receiving a first Pedersen promise sent by a transaction sender, a transaction receiver verifies the correctness of the first Pedersen promise;
the transaction receiver selects a random number, and generates a Pedersen commitment for the payment amount as a second Pedersen commitment;
the transaction recipient generates a scope proof for the payment amount as a second scope proof based on the zero knowledge proof.
In some embodiments, the performing transaction validity verification includes:
verifying ownership of the input bill by the transaction sender;
verifying the legitimacy of the input bill;
verifying the legitimacy of the transaction amount;
the recipient verifies the correctness of the payment ticket.
In another aspect, an embodiment of the present invention provides an implementation apparatus for a blockchain-based decentralized data transaction system, including:
At least one memory for storing a program;
at least one processor configured to load the program to perform a method of implementing the blockchain-based de-centralized data transaction system.
The implementation method of the block chain-based decentralization data transaction system provided by the embodiment of the invention has the following beneficial effects:
the embodiment is applied to a preset model comprising a transaction sender, a transaction receiver, an intelligent contract and a blockchain, wherein in the application process, a hidden address is embedded into an output bill to serve as a temporary address of the transaction receiver, and in the calculation process of the hidden address, a temporary private key of the transaction is generated according to common knowledge of the transaction sender and an easy receiver; and then after the transaction sender and the transaction receiver generate the Pedersen promise and range proof of the transaction amount, the transaction validity is verified through the intelligent contract according to the output bill and the Pedersen promise and range proof, so that the processing of the data transaction is not dependent on a central server any more, the decentralised transaction is realized, the security of the privacy of a user is ensured, and the transparency and the credibility of the transaction are improved.
Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
The invention is further described with reference to the accompanying drawings and examples, in which:
FIG. 1 is a flow chart of a method for implementing a blockchain-based de-centralized data transaction system in accordance with an embodiment of the present invention;
FIG. 2 is a schematic diagram of a preset model according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of an application framework of a method for implementing a blockchain-based de-centralized data transaction system in accordance with an embodiment of the present invention;
FIG. 4 is a diagram of a state world state prior to a transaction according to an embodiment of the present invention;
fig. 5 is a schematic diagram of a state world after a transaction according to an embodiment of the present invention.
Detailed Description
Embodiments of the present invention are described in detail below, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to like or similar elements or elements having like or similar functions throughout. The embodiments described below by referring to the drawings are illustrative only and are not to be construed as limiting the invention.
In the description of the present invention, it should be understood that references to orientation descriptions such as upper, lower, front, rear, left, right, etc. are based on the orientation or positional relationship shown in the drawings, are merely for convenience of description of the present invention and to simplify the description, and do not indicate or imply that the apparatus or elements referred to must have a particular orientation, be constructed and operated in a particular orientation, and thus should not be construed as limiting the present invention.
In the description of the present invention, the meaning of a number is one or more, the meaning of a number is two or more, and greater than, less than, exceeding, etc. are understood to exclude the present number, and the meaning of a number is understood to include the present number. The description of the first and second is for the purpose of distinguishing between technical features only and should not be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated or implicitly indicating the precedence of the technical features indicated.
In the description of the present invention, unless explicitly defined otherwise, terms such as arrangement, installation, connection, etc. should be construed broadly and the specific meaning of the terms in the present invention can be reasonably determined by a person skilled in the art in combination with the specific contents of the technical scheme.
In the description of the present invention, the descriptions of the terms "one embodiment," "some embodiments," "illustrative embodiments," "examples," "specific examples," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present invention. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Before proceeding with the description of the specific embodiments, the terms involved in the embodiments of the present application are explained as follows:
blockchain: a blockchain is a decentralized system with the features of non-tamperability, traceability, and decentralization, which links data together in blocks, each block containing the hash value of the previous block, forming a "blockchain". Blockchains are widely used in the fields of finance, medicine, supply chain management, etc.
And a data transaction platform: the data transaction platform is a transaction platform of data assets, and aims to facilitate the buying and selling transaction of data. Such data may be various types of digitized information including, but not limited to, market data, carbon emissions data, social media data, and the like. The data transaction platform provides a channel for data purchasers and data providers to transact and contact. Buyers can purchase data they need through the platform, and data providers can sell their data through the platform to obtain revenue. The data transaction platform aims to promote free circulation of data in the global scope and create a safe, transparent and efficient data transaction market.
Blockchain transaction privacy: blockchain transaction privacy refers to the fact that transactions conducted in a blockchain network do not expose transaction feel information, such as transaction relationships of the two parties, transaction amounts, and the like, so that the privacy of transaction participants is protected. The transaction participants use anonymous addresses instead of identities in the blockchain, protecting the privacy of the transaction participants. It should be noted, however, that although blockchain transactions are anonymous themselves, the source and destination of the transaction may be tracked by other means, and thus additional measures need to be taken to enhance privacy protection of the transaction.
Intelligent contract: intelligent contracts are automatically executed computer programs that implement a variety of complex transaction and financial protocols, and execute automatically when contract conditions are met, and perform corresponding operations according to pre-encoded rules and conditions. Intelligent contracts can reduce transaction costs, improve transaction efficiency and security, and facilitate automation and decentralization of business and financial activities by eliminating intermediation and reducing human intervention.
A hidden address: the hidden address technology mainly realizes the hiding of the transaction address and provides privacy protection for a transaction receiver. The sender generates a temporary address for the receiver every time the transaction, the sender only needs to send the payment token to the address, and both parties can confirm the validity of the transaction through the related key, thereby obscuring the relevance of both parties of the transaction.
Bill mechanism: to prevent user transaction data from being utilized by an attacker while guaranteeing the authenticity and credibility of the transaction, UTXO-based ticket mechanisms have emerged that use notes as the transaction structure, also having the concept of transaction input and transaction output. Unlike UTXOs, the ticket mechanism does not destroy the obsolete notes after the transaction directly, but creates a revocation list to record the obsolete notes, the ticket table (Note Committment) is responsible for recording valid tickets, and the revocation table (nullifer Set) is responsible for recording expired tickets. Each transaction is completed by recording output notes in a note table and recording consumption notes in a revocation list.
Zero knowledge proof circuit: the zero knowledge proof circuit is a computer circuit and is a method for realizing the zero knowledge proof technology. In particular, the zero knowledge proof circuit realizes encryption, verification or decryption of certain information through algorithms and circuit designs. During the verification process, the prover can prove that he/she is in possession of certain information, but does not need to reveal such information to the verifier. The technology can be used for realizing anonymous identity authentication, safe transaction, privacy protection and other application scenes. Inputs are divided into private inputs (Witness), which are input data that a prover knows but does not want to disclose, and public inputs (Statements), which are input data that all participants have access to during the whole proving process. In zero knowledge proof circuits, the public input is typically used for verification of the proof results to ensure the trustworthiness of the overall proof process.
In the related technology, the data transaction has important meaning and value in the digital age, and the data transaction can mine the potential value of the data and is also helpful to promote data management and data standardization. However, the existing data transaction method is mainly based on a centralized mode, and the data medium grasps all data transaction information and faces serious safety problems. Data transaction privacy generally relates to the relationship between two parties of a transaction, transaction amount and the like, particularly commercial data transaction, and is a demonstration of certain business actions of the transaction party to a certain extent, once the transaction privacy is revealed, huge losses are brought to the transaction party, so that the data transaction privacy is necessary to be protected when the data transaction is conducted.
Blockchains are a decentralized distributed ledger technique that enables validation and logging of transactions through the common maintenance and verification of different nodes. The blockchain technology has the characteristics of disclosure, transparency, tamper resistance and the like, so that the blockchain technology is widely applied to the fields of digital currency, intelligent contracts, identity verification and the like. However, blockchains also have some privacy protection issues. First, the transparent environment of blockchain disclosure may lead to privacy disclosure of transactions, and the user interacts with the blockchain to use a blockchain anonymous address, but once the anonymous address is associated with the real identity of the user, the transaction behavior of the user may be tracked and analyzed, personal information of the user is exposed, and the risk of privacy disclosure exists. Second, due to the nature of the blockchain technique itself, once a transaction is written into the blockchain, it cannot be deleted, and thus leakage of transaction data may have a long-term impact on the privacy of the user. Finally, the irreversibility and inoperability of blockchain transactions means that the user cannot cancel the transaction when a transaction error occurs, possibly resulting in loss of the user.
To solve these problems, blockchain technology researchers are actively exploring various privacy protection technologies, such as a mixed coin technology, a ring signature technology, a hidden address, zero knowledge proof, and the like, to realize privacy protection for blockchain transactions. These techniques aim to ensure the non-tamper and transparency of the blockchain. Meanwhile, privacy information of user transactions is effectively protected. However, at present, these blockchain transaction privacy protection technologies still have problems in terms of security, feasibility, performance and the like, and further development and improvement are required.
Based on the above, the embodiment of the application provides a realization method of a block chain-based de-centralized data transaction system, which combines the advantages of a hidden address DKAP protocol and a bill mechanism, realizes the improvement of defects of the two, combines the advantages of the two, and is applied to a block chain transaction privacy protection technology to achieve the following advantages:
first, de-centralized transaction processing: the blockchain technology adopts a distributed account book mode, and the processing of data transaction is not dependent on a central server any more, but is verified and confirmed through a decentralised node network. This reduces the risk of single point failure, enhancing the stability and resistance to attack of the platform.
Second, user privacy protection is enhanced: by fusing the hidden address DKAP protocol and the bill mechanism, the anonymity of the transaction participants is realized, and the privacy of the users is protected. Meanwhile, privacy protection is carried out on the transaction amount by using Pedersen promise and Bulletproffs range proof, so that transaction information is ensured not to be easily snooped by a third party. Transparent and non-tamperable transaction records: the blockchain technology has the characteristics of openness, transparency and non-tampering, and all transaction records are encrypted and stored on the blockchain in an overt manner, so that the authenticity and traceability of the transaction are ensured. Meanwhile, as the data on the blockchain is not tamperable, the transaction records have legal effectiveness, and disputes are avoided.
Thirdly, ticket verification and revocation identification by decentralization: through bill table and the useless table content on the chain, realized bill ownership transfer and verification and bill useless mark's decentralization processing, need not to rely on the decentralization mechanism to verify, promoted efficiency, reduced the risk.
It can be appreciated that the implementation method of the block chain-based decentralization data transaction system provided by the embodiment of the application can be applied to the following scenes:
data exchange: the data exchange serves as a core place of a data exchange market, and a decentralised and safe data exchange environment can be constructed by utilizing the technology. By introducing the blockchain technology, the transparency, traceability and safety of data transaction are realized, the risk of data leakage is reduced, and the public trust of the data transaction market is improved.
Carbon emission transaction: the technology has wide application prospect in the field of carbon emission trading, and realizes safe, transparent and traceable trading of carbon emission rights among enterprises by building a carbon emission trading platform based on a blockchain technology. The platform utilizes technologies such as zero knowledge proof and the like to ensure the validity and compliance of the transaction while protecting the privacy of both transaction parties.
Digital specification: the technology can be applied to the field of digital standardization, and by constructing a data transaction platform which is decentralised, safe and transparent, the power-assisted related departments realize high-efficiency cooperation in the aspects of data sharing, data management, government data transaction and the like. Meanwhile, relevant departments are ensured to obey relevant regulations in the data transaction process, and the privacy of citizens is protected.
Medical health: in the field of medical health, the technology can be applied to safe transaction of sensitive information such as patient health data, medical research data and the like. By setting up a data transaction platform based on a blockchain technology, privacy protection, traceability and safe transaction of medical data are realized, circulation and sharing of the medical data under a compliance condition are promoted, and innovation development of medical scientific research and clinical application is promoted.
Data privacy protection: in data transaction scenarios involving personal privacy and sensitive information, such as medical health, financial services, etc., the technology can provide a complete set of data privacy protection solutions for data providers and consumers, ensuring that user privacy is fully protected while meeting transaction requirements.
Supply chain finance: in the field of supply chain finance, the data transaction platform based on the blockchain is built by utilizing the technology, so that data sharing and transaction of all participants on the supply chain are realized, the transparency and efficiency of the supply chain finance service are improved, and the trust cost is reduced.
In summary, the technology is applied to the blockchain-based data transaction platform system and related products thereof, and provides a safe, reliable and efficient transaction environment for the data transaction market, and simultaneously protects the privacy of users and ensures the compliance of transactions.
Embodiments of the present application will be described in detail below with reference to the attached drawings:
referring to fig. 1, an implementation method of a block chain-based decentralised data transaction system is provided in an embodiment of the present application, where the method of the embodiment may be applied to a preset model. As shown in fig. 2, the preset model includes a transaction sender, a transaction receiver, a smart contract, and a blockchain. In the model shown in fig. 2, the implementation function corresponding to each module is as follows:
transaction sender (Bob): the method is responsible for constructing the output bill, generating the Pedersen promise and range proof of the related amount, proving the ownership of the input bill, and transferring the ownership of the output bill to the receiver.
Transaction recipient (Alice): responsible for generating the petersen commitment and scope proof of the associated amount, verifying the correctness of the payment instrument, and ownership and usage rights thereto.
Smart Contract: the intelligent contract is an executor of the transaction and is responsible for completing related verification and transaction logic, so that fair transaction of the two parties is ensured.
BlockChain (BlockChain): the related nodes are responsible for maintaining the world state of the bill, verifying the legitimacy of the transaction and achieving consensus to complete the transaction, and simultaneously providing a safe execution environment for the intelligent contract.
Based on the model shown in fig. 2, the present embodiment aims to realize double protection of transaction privacy, and the implementation is based on a hidden address and ticket mechanism scheme. The hidden address is first embedded into the ticket as a temporary address of the receiver, which can uniquely identify the ticket, and the specific receiver information cannot be inferred even if the ticket content is leaked. In the calculation of the hidden address, the temporary private key of the transaction is generated by utilizing the common knowledge of both parties, both parties can calculate the corresponding temporary address by themselves, and the transaction receiver judges whether the transaction receiver is a corresponding real receiver according to the temporary address.
In the world state maintenance of the bill, the bill table maintains the mapping relation between the bill and the hidden address of the bill, and the revocation list takes the temporary address as the revocation identification of the bill. Because of the binding relation between the bill and the hidden address, the ownership certificate of the bill is also converted into a confirmation key of whether the user owns the corresponding hidden address, and only the corresponding receiver owns the key, thereby realizing efficient bill ownership transfer and verification. Meanwhile, when the correctness of the revocation identification of a certain bill is verified, only the binding relation between the temporary address and the bill is verified.
In terms of transaction amount validity, the sender generates Pedersen commitments of input and change amounts and range certificates of the change amounts, the receiver verifies the Pedersen commitments and regenerates the Pedersen commitments and range certificates of the payment amounts, and finally verification nodes complete verification of transaction amount validity and the like.
Based on the above principle, as shown in fig. 1, the method according to the embodiment of the present application includes, but is not limited to, the following steps:
step S110, the transaction sender constructs an output bill for the current transaction; wherein the hidden address is embedded into the output bill and used as a temporary address of a transaction receiver; generating a temporary private key of the transaction according to the shared knowledge of the transaction sender and the transaction receiver in the calculation process of the hidden address; the output bill comprises a payment bill and a change bill;
step S120, the transaction sender and the transaction receiver generate Pedersen promise and range proof of the transaction amount;
step S130, carrying out transaction validity verification through the intelligent contract according to the output bill, the Pedersen promise and the range proof; the blockchain is to provide a secure execution environment for the smart contract.
In this embodiment, the embodiment further includes an initialization stage prior to constructing the output ticket. Wherein, the initialization stage generates public parameters { G, q, G, H }, wherein G is an elliptic curve group, q is a large prime order of an elliptic curve, G is a generator of group G, H is G, and the discrete logarithm of H is unknown. The transaction user generates own public-private key pair (pk, sk) through the formula (1), and publishes its public key pk:
UserKeyGen(pp,pk ca UID) → (pk, sk) formula (1)
The data transaction user generates a double key pair, i.e. a scanning key pair being (S, S) and a payment key pair (B, B), where s=s· G, B =b·g, and distributes the double public key (S, B).
After the initialization phase is completed, as shown in fig. 3, the output ticket is constructed by the output ticket construction module. Wherein the sender needs to construct an output bill for the transaction, i.e. a bill paid to the receiver, assuming that the transaction is sentThe note list of party Bob is note b =[note 1 ,note 2 ,note 3 ],note 1 =<T 1 ,v 1 =5,R 1 >,note 2 =<T 2 ,v 2 =6,R 2 >,note 3 =<T 3 ,v 3 =3,R 3 >The current data transaction amount is v=9. The specific steps are as follows:
step1: the transaction sender finds the incoming note that meets the transfer conditions. List of notes for Bob b Just have v=9 note, the quantity of input, export bill is 1 this moment, otherwise Bob need make the combination pay, the process is as follows:
1) Bob finds one or more notes of his own that have not yet been consumed, i.e. notes 1 、note 2 And note 3 ;
2) Bob uses his own private key sk b Decrypting the unconsumed bill note to obtain information such as value and the like;
3) Bob finds the non-consumed bill note which accords with the transfer amount v according to the value information to serve as an input bill of the transaction, namely note in =[note 1 ,note 2 ]Satisfy v in =v 1 +v 2 And (3) v or more, namely the formula (2) shows:
NoteSRCH(v,note b )→note in formula (2)
Step2: and the transaction parties calculate a common random seed and a transaction temporary key pair corresponding to the output bill. In this embodiment, since both parties need a transaction temporary key when calculating a transaction temporary output address, the calculation needs a source of randomness, and in order to prevent the problem that the exposure of the transaction temporary public key causes the loss of certain private information and the problem that the receiving party continuously scans block data and repeatedly calculates, both parties calculate a common randomness seed based on the Diffie-Hellman key exchange protocol. The system agrees with two large prime numbers p and g, where p is the prime number and g is one primitive root of modulo p. The specific steps are as follows:
1) Alice selects a first random integer a so that 0< a < p-1, and calculates first shared data a_public=ga mod p corresponding to the first random integer;
2) Bob selects a second random integer b such that 0< b < p-1, and calculates second shared data b_public=gb mod p corresponding to the second random integer;
3) After Alice receives the second shared data b_public sent by Bob, calculating a shared key k=b_public a mod p by using a first random integer (private key) a of Alice;
4) After Bob receives the first shared data a_public sent by Alice, calculating a shared key k=a_public b mod p by using a second random integer (private key) b of the Bob;
5) Alice and Bob possess the same shared key K and only know the value of K, as shown in equations (3), (4) and (5), and both sides use this value to calculate the random seed and calculate the transaction temporary key pair (r 4 ,R 4 ):
seed=h (K) formula (3)
r 4 =random (seed) formula (4)
R 4 =r 4 gG formula (5)
Step3: the transaction sender constructs an output ticket note. When inputting bill note in Total value v of (2) in Beyond the amount v, bob needs to generate a payment ticket note 4 And change bill note 5 The values are v respectively 4 =9,v 5 =v in -v 4 =2, the specific construction procedure is as follows:
1) Bob obtains the scanning public key S of the receiver Alice a And a payment public key B a ;
2) Bob randomly selects change ticket note 5 Random number r of transaction 5 Generating a public-private key pair (r 5 ,R 5 ) Wherein R is 5 =r 5 gG;
3) Bob separately calculates payment notes according to the scanned public key and public-private key pair 4 And change bill note 5 Is a shared key C of (2) 4 =H(r 4 ·S a ·G),C 5 =H(r 5 ·S b ·G);
4) Bob based on the payment public key andthe public and private key pairs respectively calculate payment notes 4 And change bill note 5 Temporary address T of (2) 4 =C 4 ·G+B a ,T 5 =C 5 ·G+B b 。
The whole process is shown in the formula (6) and the formula (7):
NoteCreate(v 4 ,r 4 ,S a ,B a ) Formula (6)
NoteCreate(v 5 ,r 5 ,S b ,B b ) Formula (7)
In this embodiment, after the output ticket is constructed, the petersen commitment and range proof of the transaction amount is generated by the amount validity proof module. In order to hide the transaction amount, the two transaction parties respectively calculate the petersen promise of the related amount, and generate a range proof of the corresponding amount based on Bulletproffs (zero knowledge proof). The specific process is as follows:
step1: the transaction sender generates a first petersen commitment and a first scope proof for the transaction amount.
1) The transaction sender Bob selects the random numbers rb1, rb2 and rb5 as blind factors and generates the input amount v by using the formula (8), the formula (9) and the formula (10), respectively 1 、v 2 Change amount v 5 As the first petersen commitment:
Commit(v 1 ,rb1)=rb1·G+v 1 H.fwdarw.C1 equation (8)
Commit(v 2 ,rb2)=rb2·G+v 2 H→C2 equation (9)
Commit(v 5 ,rb2)=rb5·G+v 5 H.fwdarw.C5 equation (10)
2) Bob generates a change amount v based on zero knowledge proof (bulletpro ofs) by equation (11) 5 Proof of range pi 5 As a first range demonstration:
RangeProve(v 5 ,rb5,C5)→π 5 Formula (11)
3) Bob sends the commitment value cb= { C1, C2, C5} and the blind factor rb=rb1+rb2-rb 2 to the transaction recipient Alice.
Step2: the transaction recipient generates a second Pedersen commitment and a second scope proof for the transaction amount based on the first Pedersen commitment and the first scope proof.
1) After receiving Alice of the receiver receives the first Pedersen commitment of Bob, verifying the correctness of the first Pedersen commitment through a formula (12):
C1+C2=C5+rb·G+v 4 h formula (12)
Wherein C1+C2 is the promise of Bob to trade input, C5 is the promise of Bob to give himself a change, rbgG+v 4 H is the promise of Bob to transfer Alice's amount, i.e., verify v 1 +v 2 =v 4 +v 5 ;
2) Alice selects a random number ra, and generates a payment amount v by equation (13) 4 As a second petersen commitment and calculating K by equation (14):
Commit(v 4 ,ra)=ra·G+v 4 H→C4 equation (13)
3) Alice generates a payment amount v based on Bulletproffs 4 Proof of range pi 4 As a second range demonstration, specifically, as shown in formula (14):
RangeProve(v 4 ra, C4) equation (14)
In this embodiment, after the output bill construction and the raw transaction amount petersen promise and range proof are completed, the transaction validity is verified by the transaction validity verification module. Specifically, the embodiment modifies the contents of a bill table and a revocation list maintained on a bill mechanism medium chain, the bill table stores the mapping relation between a bill hash and a hidden address thereof, and the revocation list uses the uniqueness of a temporary address as a revocation identification of a revocation bill. To describe the change in bill world state before and after a transaction, it is assumed that the current bill world state is as shown in fig. 4. Verification of transaction legitimacy includes ownership and legitimacy verification of the input ticket, legitimacy verification of the transaction amount, and correctness verification of the payment ticket.
The process of verifying ownership of an input ticket by a sender is as follows:
1) TransactionThe sender Bob sends an input ticket note to the authentication network in Hash h of (2) in =[h 1 ,h 2 ]Corresponding ownership key t in =[t 1 ,t 2 ]Outputting bill note 4 、note 5 Hash h of (2) out =[h 4 ,h 5 ];
Verifying node passing ownership key t 1 And t 2 Calculate the corresponding hidden address T 1 ′=t 1 ·G、T 2 ′=t 2 G, finding the hash value as h through the maintained bill table 1 And h 2 Is a hidden address T of (1) 1 And T 2 By T' and T 1 Judging whether Bob is equal to note 1 Through T 2 ' and T 2 Judging whether Bob is equal to note 2 Is to be assigned to the right of ownership. The whole verification process is shown in a formula (15) and a formula (16):
OVerify(t 1 ,T 1 ) 1/0 formula (15)
OVerify(t 2 ,T 2 ) 1/0 formula (16)
And verifying the legitimacy of the input bill. The validity verification of the input bill, namely, detecting whether the input bill has the double-flower problem, because the bill table maintains the binding relation between the bill and the hidden address of the bill, and the revocation table maintains the hidden address of the revocation bill, the method judges the note of the input bill 1 And note 2 Binding hidden address T 1 And T 2 Whether the bill exists in the revocation list nullifier or not can be verified, and the legitimacy of the input bill can be verified as shown in the formula (17) and the formula (18):
NfVerify(nullifier,T 1 ) 1/0 formula (17)
NfVerify(nullifier,T 2 ) 1/0 formula (18)
The process of verifying the validity of the transaction amount is as follows:
1) Sender Bob will commit cb= [ C1, C2, C5]Proof of range pi 5 Issuing to an authentication network;
2) Receiver Alice will promise ca= [ C4]K and Range demonstration pi 4 Issue to verificationA network;
3) The verification node verifies the balance of the transaction input-output amount as shown in equation (19):
c1+c2=c5+c4+k equation (19)
The verification node verifies that the transaction output amount is not negative, as shown in formula (20) and formula (21):
RangeVerify(π 4 c4) to 1/0 formula (20)
RangeVerify(π 5 C5) to 1/0 formula (21)
The process of verifying the correctness of the payment ticket by the receiver is as follows:
1) Bob uses Alice's public key pk a Encryption of note 4 Generating a note 4 enc And sends it to Alice;
2) Alice uses its private key sk a Decryption of note 4 enc Acquiring payment notes 4 And verify the pair of notes 4 Ownership of ticket and specific information of ticket, complete the note by equation (22) 4 Is verified by correctness:
OVerify(t 4 ,T 4 ) 1/0 formula (22)
3) Alice calculates received note 4 Hash value h of (2) 4 ′=H(note 4 ) Publishing h to authentication network 4 ′;
4) Verification network verifies payment bill note 4 Correctness of the commit value of (h), i.e 4 ' and h 4 Whether equal.
And updating the bill world state. After the verification of the validity of a series of transactions, each verification node updates the bill table and records and outputs bill note 4 And note 5 Hash value h of (2) out =[h 4 ,h 5 ]And corresponding hidden address T 4 And T 5 Simultaneously updating the revocation list and recording the input note 1 And note 2 Revocation flag T of (1) 1 And T 2 . The whole process of this data transaction is completed, and the world state of the note after the transaction is completed is shown in fig. 5.
As can be seen from the above, the present embodiment innovatively improves the shortcomings of DKSAP protocol and zcast ticket mechanism and smartly combines the advantages of the two against the problem of transaction privacy disclosure in the blockchain environment. The DTPP method aims at providing a comprehensive and efficient privacy protection mechanism so as to ensure that the privacy, the safety and the efficiency of data transaction based on the blockchain are effectively ensured.
In particular, the decentralised data transactions to which the present embodiments relate may be described as: based on the data demand information provided by the data demander, the data demander can select two schemes: a) Providing data to be transacted; b) And under the local safety environment, calculating the data to be transacted to obtain a calculation result. Next, the data provider uploads the data or the calculation result to the blockchain. The data demand party generates transaction payment bill according to bill list of the assets on the chain, and sends the input bill (i.e. bill to be consumed) related evidence of the transaction and payment bill related information to the blockchain verification network. On the premise of protecting the privacy of data transaction, each verification node completes the decentralization verification of the validity of the transaction. After verification is successful, each node updates the bill world state, records a new payment bill and a consumed input bill, and finishes transaction fee payment for the data provider. And finally, sending the data calculation result to the data demand party to realize fair transaction.
Calculation of a secure temporary address: to protect transaction privacy, both parties to the transaction generate a random seed based on Diffie-Hellman key exchange technology, a computer transaction temporary key pair, and self-calculate a transaction temporary output address. The design avoids the problem of privacy information leakage caused by the temporary public key attached to the transaction in the DKAP protocol, and reduces the complexity of elliptic curve operation of the scanning block data of the receiving party.
Efficient ticket ownership transfer and validation: according to the invention, the transaction temporary address calculated in the DKAP protocol is embedded into the bill, the binding relation between the bill hash and the temporary address is maintained in the on-chain bill table, and the decentralization transfer and verification of the bill ownership are realized by using the confirmation key corresponding to the temporary address, so that the transaction efficiency and the security are improved.
Efficient ticket revocation identification correctness verification: and the uniqueness of the temporary address is used as a bill revocation identification, and the binding relation between the bill maintained by the bill table and the temporary address is utilized. And the correctness verification of the bill revocation identification is realized by verifying the binding relation between the temporary address in the bill table on the chain and the bill.
Efficient transaction amount validity verification: and respectively generating Bulletproffs range certificates of the related amount of Pedersen promise and output amount by the transaction parties by using the Pedersen promise and Bulletproffs range certificates, and carrying out verification and consensus through a decentralization verification network. The design realizes the efficient verification of the validity of the transaction amount, and simultaneously protects the privacy of the transaction amount.
In summary, the method provided by the embodiment of the application has the following beneficial effects:
first, complete decentration: unlike the method of relying on a third party to perform trusted setting and using zk-SNARKs to perform proving in the Zflash scheme, the method skillfully merges the DKASAP protocol and the ZCAsh bill mechanism, realizes efficient bill ownership transfer and proving, and does not need to rely on any additional third party. The whole transaction process is completely decentralised, and the autonomy and the safety of the transaction are ensured.
Second, comprehensive privacy protection: the application not only realizes the privacy protection of the transaction relationship, but also effectively protects the privacy of the transaction amount. This overall protection is superior to some of the prior art, which often only enables protection of trade relationships.
Thirdly, avoiding the loss of private information: compared with the problem that the DKAP protocol needs to be accompanied with a transaction temporary public key to cause privacy information disclosure, the method and the device calculate the transaction temporary key through the shared knowledge of the two parties and automatically calculate the temporary output address, thereby avoiding the loss of the privacy information and reducing the complexity of the scanning block data and calculation of the receiving party.
Fourth, promote transaction efficiency: compared with the problems of slow speed and higher transaction cost caused by adopting circuit coding in Zflash scheme, the application optimizes the transaction process, improves the transaction efficiency and reduces the transaction cost.
The embodiment of the invention provides a device for realizing a block chain-based decentralization data transaction system, which comprises the following components:
at least one memory for storing a program;
at least one processor configured to load the program to perform the method of implementing the blockchain-based de-centralized data transaction system shown in fig. 1.
The content of the method embodiment of the invention is suitable for the device embodiment, the specific function of the device embodiment is the same as that of the method embodiment, and the achieved beneficial effects are the same as those of the method.
Furthermore, embodiments of the present invention provide a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The computer instructions may be read from a computer-readable storage medium by a processor of a computer device, and executed by the processor, to cause the computer device to perform the method of implementing the blockchain-based de-centralized data transaction system shown in fig. 1.
The embodiments of the present invention have been described in detail with reference to the accompanying drawings, but the present invention is not limited to the above embodiments, and various changes can be made within the knowledge of one of ordinary skill in the art without departing from the spirit of the present invention. Furthermore, embodiments of the invention and features of the embodiments may be combined with each other without conflict.
Claims (10)
1. A method for implementing a blockchain-based de-centralized data transaction system, wherein the method is applied to a preset model, the preset model comprises a transaction sender, a transaction receiver, an intelligent contract and a blockchain, and the method comprises the following steps:
the transaction sender constructs an output bill for the current transaction; wherein the hidden address is embedded into the output bill and used as a temporary address of a transaction receiver; generating a temporary private key of the transaction according to the shared knowledge of the transaction sender and the transaction receiver in the calculation process of the hidden address; the output bill comprises a payment bill and a change bill;
generating a Pedersen commitment and a scope proof of the transaction amount by the transaction sender and the transaction receiver;
carrying out transaction validity verification through the intelligent contract according to the output bill, the Pedersen promise and the range proof; the blockchain is to provide a secure execution environment for the smart contract.
2. The method of claim 1, wherein the transaction sender constructs an output ticket for a current transaction, comprising:
The transaction sender determines an input bill which accords with the transfer condition;
the transaction receiver and the transaction sender calculate a common random seed and a transaction temporary key pair corresponding to the output bill;
and the transaction sender constructs an output bill according to the input bill, the random seed and the transaction temporary key pair.
3. The method for implementing a blockchain-based de-centralized data transaction system of claim 2, wherein the transaction sender determining an incoming ticket that meets transfer conditions comprises:
the transaction sender determining one or more unconsumed notes;
the transaction sender decrypts the unconsumed bill according to the private key to obtain value information;
and the transaction sender determines the unconsumed bill which accords with the transfer amount as an input bill of the transaction according to the value information.
4. The method for implementing a blockchain-based de-centralized data transaction system according to claim 2, wherein the transaction receiver and the transaction sender calculate a transaction temporary key pair corresponding to a common randomness seed and output ticket, and the method comprises:
the transaction receiver determines a first random integer and calculates first shared data corresponding to the first random integer;
The transaction sender determines a second random integer and calculates second shared data corresponding to the second random integer;
after receiving the second shared data sent by the transaction sender, the transaction receiver calculates a shared secret key through the first random integer; after receiving the first shared data sent by the transaction receiver, the transaction sender calculates a shared secret key through the second random integer;
calculating a random seed according to the shared secret key;
and calculating a transaction temporary key pair according to the random seed.
5. The method of claim 2, wherein the transaction sender constructs an output ticket from the input ticket, the random seed, and the transaction ephemeral key pair, comprising:
the transaction sender acquires a scanning public key and a payment public key of the transaction receiver;
the transaction sender randomly selects a random number of the change bill transaction to generate a public-private key pair;
the transaction sender calculates a shared secret key of the payment bill and the change bill according to the scanning public key and the public-private key pair; and the transaction sender calculates the temporary addresses of the payment bill and the change bill according to the payment public key and the public-private key pair.
6. The method of claim 1, wherein the transaction sender and the transaction receiver generate a petersen commitment and scope proof of the transaction amount, comprising:
the transaction sender generates a first petersen commitment and a first scope proof for the transaction amount;
and the transaction receiver generates a second Pedersen commitment and a second scope proof for the transaction amount according to the first Pedersen commitment and the first scope proof.
7. The method of claim 6, wherein the transaction sender generates a first petersen commitment and a first scope proof of the transaction amount, comprising:
the transaction sender selects a plurality of random numbers as blind factors and generates a promise of an input amount and a change amount as a first Pedersen promise;
the transaction sender generates a range proof for the change amount as a first range proof based on the zero knowledge proof.
8. The method of claim 6, wherein the transaction receiver generates a second petersen commitment and a second scope proof for the transaction amount based on the first petersen commitment and the first scope proof, comprising:
After receiving a first Pedersen promise sent by a transaction sender, a transaction receiver verifies the correctness of the first Pedersen promise;
the transaction receiver selects a random number, and generates a Pedersen commitment for the payment amount as a second Pedersen commitment;
the transaction recipient generates a scope proof for the payment amount as a second scope proof based on the zero knowledge proof.
9. The method for implementing a blockchain-based de-centralized data transaction system of claim 1, wherein the performing transaction validity verification comprises:
verifying ownership of the input bill by the transaction sender;
verifying the legitimacy of the input bill;
verifying the legitimacy of the transaction amount;
the recipient verifies the correctness of the payment ticket.
10. An implementation apparatus of a block chain based de-centralized data transaction system, comprising:
at least one memory for storing a program;
at least one processor configured to load the program to perform the method of implementing a blockchain-based de-centralized data transaction system as in any of claims 1-9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310561537.4A CN116664298A (en) | 2023-05-17 | 2023-05-17 | Implementation method and device of block chain-based decentralization data transaction system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310561537.4A CN116664298A (en) | 2023-05-17 | 2023-05-17 | Implementation method and device of block chain-based decentralization data transaction system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116664298A true CN116664298A (en) | 2023-08-29 |
Family
ID=87716327
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310561537.4A Pending CN116664298A (en) | 2023-05-17 | 2023-05-17 | Implementation method and device of block chain-based decentralization data transaction system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116664298A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117349897A (en) * | 2023-12-05 | 2024-01-05 | 哈尔滨工业大学(深圳)(哈尔滨工业大学深圳科技创新研究院) | Block chain-based carbon quota transaction privacy protection method |
-
2023
- 2023-05-17 CN CN202310561537.4A patent/CN116664298A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117349897A (en) * | 2023-12-05 | 2024-01-05 | 哈尔滨工业大学(深圳)(哈尔滨工业大学深圳科技创新研究院) | Block chain-based carbon quota transaction privacy protection method |
| CN117349897B (en) * | 2023-12-05 | 2024-03-26 | 哈尔滨工业大学(深圳)(哈尔滨工业大学深圳科技创新研究院) | Block chain-based carbon quota transaction privacy protection method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11842317B2 (en) | Blockchain-based authentication and authorization | |
| CA3044907C (en) | Blockchain-based system and method for concealing sender and receiver identities | |
| Di Pietro et al. | A blockchain-based trust system for the internet of things | |
| US20200193432A1 (en) | Method and system for settling a blockchain transaction | |
| US20200127813A1 (en) | Method and system for creating a user identity | |
| US20190295069A1 (en) | Systems and methods for integrating cryptocurrency wallet identifiers with digital certificates | |
| EP3718069A1 (en) | Blockchain system for confidential and anonymous smart contracts | |
| WO2020051710A1 (en) | System and process for managing digitized security tokens | |
| US20230360042A1 (en) | Method, system, and computer-readable medium for secured multi-lateral data exchange over a computer network | |
| Li et al. | A decentralized and secure blockchain platform for open fair data trading | |
| CN111049806B (en) | Joint authority control method and device, electronic equipment and storage medium | |
| Li et al. | A Blockchain‐Based Sealed‐Bid e‐Auction Scheme with Smart Contract and Zero‐Knowledge Proof | |
| CN113283957B (en) | Entity product transaction method based on blockchain | |
| Xue et al. | Blockchain-based fair and fine-grained data trading with privacy preservation | |
| Gao et al. | Secure, fair and instant data trading scheme based on bitcoin | |
| Hatefi et al. | A conditional privacy-preserving fair electronic payment scheme based on blockchain without trusted third party | |
| Yi et al. | Blockchain Foundations and Applications | |
| CN116664298A (en) | Implementation method and device of block chain-based decentralization data transaction system | |
| JP7364238B2 (en) | Electronic trading systems, trading servers, verification servers, electronic trading methods and programs | |
| Deebak et al. | Healthcare applications using blockchain with a cloud-assisted decentralized privacy-preserving framework | |
| CN111539719B (en) | Audit coin-mixing service method and system model based on blind signature | |
| Park et al. | Blockchain-based secure and fair iot data trading system with bilateral authorization | |
| CN113094748B (en) | Realization method of authenticatable anonymous E-commerce evaluation mechanism based on blockchain | |
| CN115131018A (en) | Block chain based private transaction method and related product | |
| CN111369251B (en) | Block chain transaction supervision method based on user secondary identity structure |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |