CN116977073A - Transaction processing method, device, equipment and medium - Google Patents

Transaction processing method, device, equipment and medium Download PDF

Info

Publication number
CN116977073A
CN116977073A CN202310595376.0A CN202310595376A CN116977073A CN 116977073 A CN116977073 A CN 116977073A CN 202310595376 A CN202310595376 A CN 202310595376A CN 116977073 A CN116977073 A CN 116977073A
Authority
CN
China
Prior art keywords
signature
transaction
business
signed
service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310595376.0A
Other languages
Chinese (zh)
Inventor
刘区城
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN202310595376.0A priority Critical patent/CN116977073A/en
Publication of CN116977073A publication Critical patent/CN116977073A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Technology Law (AREA)
  • Strategic Management (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • Development Economics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The embodiment of the application discloses a transaction processing method, a transaction processing device, transaction processing equipment and a transaction processing medium, which can be applied to the technical field of blockchain. The method comprises the following steps: if the network connection state between the service terminal and the resource management server is a connection state, determining a resource client for participating in transaction signature as a first resource client based on a first service transaction signature strategy in the target transaction signature strategy; determining a first business transaction to be signed associated with a target contract address through a first resource client, and carrying out transaction signature on the first business transaction to be signed through a first key fragment to obtain a first signature fragment; notifying the N signature management devices to generate N remote signature management information associated with the first business transaction to be signed based on the multiple signature policies; the first signature fragment and the first business transaction to be signed are sent to the resource management server based on the threshold signature policy. By adopting the embodiment of the application, the security of the digital resource on the target business contract is ensured.

Description

Transaction processing method, device, equipment and medium
Technical Field
The present application relates to the field of blockchain technologies, and in particular, to a transaction processing method, apparatus, device, and medium.
Background
In a blockchain-based transaction scenario, a business object needs to sign a transaction when initiating the transaction, then send the transaction and the transaction signature to a blockchain network, and the blockchain network can execute the transaction after the transaction signature is verified. Currently, an account of a service object can correspond to a single key, the single key is stored by a resource management client, and the service object can transfer digital resources in the account only by signing a service transaction to be signed by the single key stored by the resource management client.
In the practical process, once the unique secret key corresponding to the account is revealed, the digital resource in the account is out of control, so that the security of the digital resource in the account is low.
Disclosure of Invention
The embodiment of the application provides a transaction processing method, device, equipment and medium, which can sign a transaction of a business to be signed by combining a threshold signing strategy and a multiple signing strategy, thereby guaranteeing the security of digital resources on a target business contract.
In one aspect, the embodiment of the application provides a transaction processing method, which is executed by a service terminal; the method comprises the following steps:
If the network connection state between the service terminal and the resource management server is a connection state, determining a resource client for participating in transaction signature as a first resource client based on a first service transaction signature strategy in the target transaction signature strategy; the first business transaction signature strategy comprises a threshold signature strategy and a multiple signature strategy; the threshold signature strategy and the multiple signature strategy are deployed in a target business contract on the blockchain; the target business contract is obtained after the business object is subjected to contract registration on a blockchain through a blockchain node; the contract address of the target business contract is the target contract address of the block link point returned to the business object;
determining a first business transaction to be signed associated with a target contract address through a first resource client, and carrying out transaction signature on the first business transaction to be signed through the first key fragment when the first key fragment of a business object is acquired, so as to obtain a first signature fragment;
determining N signature management devices associated with the business object based on the multiple signature policies, and notifying the N signature management devices to generate N remote signature management information associated with the first business transaction to be signed; n is a positive integer; one signature management device corresponds to one remote signature management information;
Transmitting the first signature fragment and the first business transaction to be signed to a resource management server based on a threshold signature strategy, so that the resource management server carries out transaction signature on the first business transaction to be signed through a second key fragment of a business object, when a second signature fragment is obtained, first aggregate signature information is obtained through aggregation of the second signature fragment and the first signature fragment, and when the first business transaction to be signed is used as a first signed business transaction, the first aggregate signature information and the first signed business transaction are transmitted to a blockchain node; the blockchain node is used for calling a target business contract on the blockchain based on a target contract address when the first aggregate signature information and the K remote signature management information are acquired, and conducting transaction signature verification on the first signed business transaction through a first business transaction signature strategy indicated by the target business contract to obtain a transaction signature verification result of the first signed business transaction; k is a positive integer less than or equal to N.
In one aspect, the embodiments of the present application provide a transaction processing method, which is executed by a block link point; the method comprises the following steps:
acquiring first signed business transaction and first aggregate signature information associated with a business terminal; the first signed business transaction is determined based on a first business transaction to be signed, the first business transaction to be signed is determined through a first resource client running on the business terminal, and the first resource client is a resource client which is determined based on a first business transaction signature strategy in the target transaction signature strategy and is used for participating in the transaction signature when the network connection state between the business terminal and the resource management server is a connection state; the first business transaction signature strategy comprises a threshold signature strategy and a multiple signature strategy; the first aggregation signature information is obtained by aggregating a second signature fragment and a first signature fragment, the first signature fragment is obtained by carrying out transaction signature on a first to-be-signed service transaction through a first key fragment of a service object by a service terminal, and the second signature fragment is obtained by carrying out transaction signature on the first to-be-signed service transaction through a second key fragment of the service object when a resource management server receives the first signature fragment and the first to-be-signed service transaction sent by the service terminal based on a threshold signature strategy;
Invoking a target business contract on the blockchain based on a target contract address associated with the first signed business transaction upon acquiring K remote signature management information associated with the first signed business transaction; k remote signature management information associated with the first signed business transaction is generated by K signature management devices based on the first business transaction to be signed; one signature management device corresponds to one remote signature management information; the K signature management devices are signature management devices in N signature management devices which are determined by the service terminal based on the multiple signature strategies and are associated with the service object; K. n is a positive integer, and K is less than or equal to N;
and carrying out transaction verification on the first signed business transaction through a first business transaction signature strategy indicated by the target business contract to obtain a transaction verification result of the first signed business transaction.
The embodiment of the application provides a transaction processing device which is operated by a service terminal; the device comprises:
the resource client determining module is used for determining the resource client for participating in transaction signature as a first resource client based on a first service transaction signature strategy in the target transaction signature strategy if the network connection state between the service terminal and the resource management server is a connection state; the first business transaction signature strategy comprises a threshold signature strategy and a multiple signature strategy; the threshold signature strategy and the multiple signature strategy are deployed in a target business contract on the blockchain; the target business contract is obtained after the business object is subjected to contract registration on a blockchain through a blockchain node; the contract address of the target business contract is the target contract address of the block link point returned to the business object;
The threshold signature module is used for determining a first business transaction to be signed associated with a target contract address through the first resource client, and carrying out transaction signature on the first business transaction to be signed through the first key fragment when the first key fragment of the business object is acquired, so as to obtain a first signature fragment;
a multiple signature module for determining N signature management devices associated with the business object based on the multiple signature policy and notifying the N signature management devices to generate N remote signature management information associated with the first business transaction to be signed; n is a positive integer; one signature management device corresponds to one remote signature management information;
the resource management server is used for carrying out transaction signature on the first business transaction to be signed through the second key fragment of the business object to obtain a second signature fragment, aggregating the second signature fragment and the first signature fragment to obtain first aggregate signature information, and sending the first aggregate signature information and the first signed business transaction to the blockchain node when the first business transaction to be signed is used as the first signed business transaction; the blockchain node is used for calling a target business contract on the blockchain based on a target contract address when the first aggregate signature information and the K remote signature management information are acquired, and conducting transaction signature verification on the first signed business transaction through a first business transaction signature strategy indicated by the target business contract to obtain a transaction signature verification result of the first signed business transaction; k is a positive integer less than or equal to N.
In one aspect, an embodiment of the present application provides a transaction processing device, where the transaction processing device is executed by a block link point; the device comprises:
the acquisition module is used for acquiring first signed business transaction and first aggregate signature information associated with the business terminal; the first signed business transaction is determined based on a first business transaction to be signed, the first business transaction to be signed is determined through a first resource client running on the business terminal, and the first resource client is a resource client which is determined based on a first business transaction signature strategy in the target transaction signature strategy and is used for participating in the transaction signature when the network connection state between the business terminal and the resource management server is a connection state; the first business transaction signature strategy comprises a threshold signature strategy and a multiple signature strategy; the first aggregation signature information is obtained by aggregating a second signature fragment and a first signature fragment, the first signature fragment is obtained by carrying out transaction signature on a first to-be-signed service transaction through a first key fragment of a service object by a service terminal, and the second signature fragment is obtained by carrying out transaction signature on the first to-be-signed service transaction through a second key fragment of the service object when a resource management server receives the first signature fragment and the first to-be-signed service transaction sent by the service terminal based on a threshold signature strategy;
A contract invoking module for invoking a target business contract on the blockchain based on a target contract address associated with the first signed business transaction when K remote signature management information associated with the first signed business transaction is obtained; k remote signature management information associated with the first signed business transaction is generated by K signature management devices based on the first business transaction to be signed; one signature management device corresponds to one remote signature management information; the K signature management devices are signature management devices in N signature management devices which are determined by the service terminal based on the multiple signature strategies and are associated with the service object; K. n is a positive integer, and K is less than or equal to N;
the transaction signature verification module is used for carrying out transaction signature verification on the first signed business transaction through a first business transaction signature strategy indicated by the target business contract to obtain a transaction signature verification result of the first signed business transaction.
In one aspect, the present application provides a computer readable storage medium storing a computer program adapted to be loaded and executed by a processor, so that a computer device having the processor performs the method provided by the embodiment of the present application.
In one aspect, embodiments of the present application provide a computer program product or computer program comprising computer instructions stored in a computer-readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions, so that the computer device performs the method provided by the embodiment of the present application.
In the embodiment of the application, a resource client (such as a first resource client) for carrying out transaction signature on a to-be-signed service transaction associated with a target service contract can be determined based on a network connection state between a service terminal and a resource management server, the to-be-signed service transaction (such as a first to-be-signed service transaction) can be subjected to transaction signature by utilizing a key (such as a first key fragment) stored by the resource client based on a threshold signature strategy, a first signature fragment is obtained, then the to-be-signed service transaction is subjected to transaction signature by the resource management client based on another key fragment (such as a second key fragment), and the obtained second signature fragment is polymerized based on a plurality of signature fragments, so that polymerized signature information is obtained. In addition, N signature management devices can be informed of carrying out transaction signature on the business transaction to be signed based on the multiple signature strategies, and remote signature management information is obtained, so that a subsequent blockchain node can carry out transaction signature verification on the signed business transaction based on the aggregated signature information and the remote signature management information. The method can sign the business transaction to be signed by combining the threshold signing policy and the multiple signing policy, and ensures the security of digital resources on the target business contract.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings required for the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic diagram of a system architecture according to an embodiment of the present application;
FIG. 2 is a schematic diagram of a scenario for data interaction according to an embodiment of the present application;
FIG. 3 is a schematic view of another scenario for data interaction according to an embodiment of the present application;
FIG. 4 is a schematic diagram of a resource management client of a business object according to an embodiment of the present application;
FIG. 5 is a flow chart of a transaction processing method according to an embodiment of the present application;
FIG. 6 is a flowchart of a business contract registering method according to an embodiment of the present application;
FIG. 7 is a schematic diagram of data interaction according to an embodiment of the present application;
FIG. 8 is a schematic diagram of data interaction of a third business transaction signature strategy according to an embodiment of the present application;
FIG. 9 is a flow chart of a transaction processing method according to an embodiment of the present application;
FIG. 10 is a schematic diagram of data interaction according to an embodiment of the present application;
FIG. 11 is a schematic diagram of data interaction of a fourth business transaction signature strategy according to an embodiment of the present application;
FIG. 12 is a flow chart of a transaction processing method according to an embodiment of the present application;
FIG. 13 is a schematic diagram of a business management contract deployment process according to an embodiment of the present application;
FIG. 14 is a functional schematic diagram corresponding to a service contract according to an embodiment of the present application;
FIG. 15 is a flow chart of a transaction processing method according to an embodiment of the present application;
FIG. 16 is a schematic diagram of a transaction processing device according to an embodiment of the present application;
FIG. 17 is a schematic diagram of a transaction processing device according to an embodiment of the present application;
fig. 18 is a schematic structural diagram of a computer device according to an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
Referring to fig. 1, fig. 1 is a schematic diagram of a system architecture according to an embodiment of the application. As shown in fig. 1, the system architecture may include a cluster of terminal devices 100a, a cluster of resource management services 200a, and a blockchain network 300a.
It should be understood that, for ease of understanding, embodiments of the present application may include one or more terminal devices in the terminal device cluster 100a shown in fig. 1. The number of terminal devices in the cluster of terminal devices 100a will not be limited here. As shown in fig. 1, the terminal devices in the terminal device cluster 100a may include terminal device 110a, terminal devices 110b, …, terminal device 110n, and so on. The application client running in any one of the terminal devices may specifically be a resource client, also referred to as a resource management client. The resource management client may be a tool for managing digital resources, and may be used to store a private key of a service object in an encrypted file, and further sign a transaction to be signed (such as a transaction for transferring digital resources to other accounts) based on the private key stored in the resource management client, and send the signed transaction and the transaction signature to the blockchain to realize transfer of digital resources on the blockchain. The resource client may be a hardware device or a software program. It will be appreciated that there may be one or more resource management clients running in one terminal device, and there will be no limitation on the number of resource management clients running in one terminal device. It may be understood that the same service object may correspond to one or more resource management clients, and that multiple resource management clients corresponding to the same service object may operate on the same terminal device, or may operate on different terminal devices, where no limitation is placed.
The resource client can be used for realizing the resource management service function and can realize the communication connection with the decentralization application client based on the resource management service function. For example, in one or implementation, the application for decentralizing may be an application for initiating a business transaction, further determine a business transaction to be signed based on the resource client, and sign the business transaction to be signed by using a key (e.g., a private key) stored by the resource management client, to obtain a signed business transaction. It should be appreciated that the de-centralized application associated with the business object referred to herein may be run integrally with the resource client (i.e., resource client) on the same terminal device (e.g., terminal device 110a described above) or may be run on a different terminal device, which will not be limited herein. For convenience of description, the terminal device for determining the business transaction to be signed may be referred to as a business terminal in the embodiments of the present application.
It will be appreciated that the embodiments of the present application may be applied to financial scenarios, and that the digital resources corresponding to the resource management client may be legal digital assets. The embodiment of the application can also be applied to game scenes, and the digital resources corresponding to the resource management client can be game props and the like which can be used for transaction or exchange in the game, and the application is not limited herein.
Wherein the resource management server cluster 200a (also referred to as a resource management server cluster) may include one or more resource management service devices (also referred to as resource management servers, resource management background servers) for storing key fragments of the service object, the number of resource management servers in the resource management server cluster 200a will not be limited herein. As shown in fig. 1, the plurality of resource management servers in the resource management service cluster 200a may include a resource management server 120a, resource management servers 120b, …, and resource management server 120n. As shown in fig. 1, the resource management server in the resource management server cluster 200a may be in network connection with some or all of the terminal devices in the terminal device cluster 100a shown in fig. 1, so as to perform data interaction with some or all of the terminal devices in the terminal device cluster 100a through the network connection.
Where the blockchain network 300a as shown in fig. 1 may include a plurality of blockchain nodes (i.e., accounting-participating consensus nodes on the blockchain), the number of blockchain nodes in the blockchain network 100d (i.e., accounting-participating consensus nodes on the blockchain) will not be limited. As shown in FIG. 1, the plurality of blockchain link points in the blockchain network 300a may specifically include blockchain node 11a, blockchain node 11b, blockchain node 11c, and blockchain node 11d. The blockchain nodes in the blockchain network may be used to maintain a blockchain, such as blockchain 11e shown in fig. 1. As shown in fig. 1, the terminal devices (e.g., terminal device 110 a) in the terminal device cluster 100a may be in network connection with the blockchain node 11a, the blockchain node 11b, the blockchain node 11c, and the blockchain node 11d to perform data interaction with a blockchain node in the blockchain network 300a if the terminal device in the terminal device cluster 100a accesses the blockchain network 300 a. For example, terminal device 110a may act as a business terminal, in turn, by writing signed business transactions associated with business objects to blockchains maintained by the blockchain nodes via certain business transaction signing policies.
It is appreciated that blockchains are a novel mode of application for computer technology such as distributed data storage, point-to-point transmission, consensus mechanisms, encryption algorithms, and the like. The Blockchain (Blockchain), which is essentially a decentralised database, is a string of data blocks that are generated by cryptographic means in association, each data block containing a batch of information of network transactions for verifying the validity of the information (anti-counterfeiting) and generating the next block. The blockchain may include a blockchain underlying platform, a platform product services layer, and an application services layer. The blockchain comprises a series of blocks (blocks) which are mutually connected according to the sequence of the generation time, the new blocks are not removed once being added into the blockchain, and record data packed and submitted by the blockchain nodes in the blockchain system are recorded in the blocks. It should be noted that, in the embodiment of the present application, the blockchain network 300a may be a layered structure or a single-layer structure, and the specific structure of the blockchain network 300a will not be limited herein.
In other words, the embodiment of the application can send the signature information obtained after signing a transaction (for example, tx 1) and the signed transaction (for example, tx 1) to the blockchain node together by utilizing the decentralization, traceability and non-tamper characteristics of the blockchain, so that the blockchain node performs signature verification on the transaction, and after the signature verification is passed, the transaction (for example, tx 1) is added to the transaction pool as a legal transaction, so that a plurality of transactions including the transaction (for example, tx 1) can be packaged to a target block in the transaction pool, and the packaged target block is uplink to the blockchain maintained by the blockchain node.
It should be understood that, in an embodiment of the present application, the private key stored by one resource client may be a complete key or key fragment corresponding to contract management address information (also referred to as management address information) of a resource management contract (also referred to as a service contract) registered on a blockchain. The resource management contract may be an intelligent contract in which the business object registers a contract on the blockchain, which corresponds to registering a resource management contract account on the blockchain. A contract account is a special account on the blockchain that is created by smart contract code that can perform predetermined operations such as transferring assets, storing data, etc. The contract account can only be controlled by a contract code and is therefore also called a Non-externally owned account (Non-Externally Owned Account, NEOA for short). In the blockchain, both the contract account and the regular account (EOA) may interact with each other, e.g., the regular account may send transactions to the contract account, and the contract account may also send transactions to the regular account. Except that the operation of the contract account is controlled by the smart contract code, while the conventional operation is controlled by the private key. EOA refers to a conventional blockchain account controlled by a private key. EOAs may send transactions, transfer assets, etc. created by users, possess private keys, and may interact directly with the blockchain network. The resource management contract may be managed by a contract management client that may be used to store and manage intelligent contracts on a blockchain. It may have the functionality to interact with, execute, and manage smart contracts on the blockchain. The contract management client typically contains a user-friendly interface that allows users to view and manage the status and transaction history of their smart contracts. Some common contract management clients may include MetaMask, myEtherWallet, trust Wallet, and hedgegr Nano S, among others. The concept of intelligent contracts has three major elements of commitment, agreement and digital form, so that the application range of the blockchain can be expanded to all links of transaction, payment, settlement and clearing in the financial industry. A smart contract refers to the fact that when a pre-compiled condition is triggered, the smart contract immediately executes the corresponding contract terms, the working principle of which is similar to an if-then statement of a computer program. It is appreciated that in a blockchain node, a smart contract may be executed based on a smart contract virtual machine. An intelligent contract virtual machine is a virtual machine capable of executing intelligent contracts. An intelligent contract is an automatically executed contract defined in the form of programming code. The smart contract virtual machine may understand and execute these codes to implement the functions of the smart contract. Smart contract virtual machines are typically used on blockchain platforms because they can ensure security and reliability of smart contracts on a distributed network, e.g., the smart contract virtual machine can be an EVM (a smart contract virtual machine) that can enable smart contracts written by a solution (a contract programming language) to be executed on a blockchain network.
It can be understood that the transaction signature can be performed on the transaction to be signed (such as a transaction of transferring the digital resources in the resource management contract, a transaction of querying the number of the digital resources in the resource management contract, etc.) associated with the resource management contract through the complete key or the key fragment, and the blockchain node can invoke the resource management contract only when a certain amount of transaction signature information corresponding to the contract management address information is acquired, so as to realize the functions of transferring the digital resources in the resource management contract, querying the number of the digital resources in the resource management contract, etc., thereby realizing that the business objects corresponding to the contract management address information commonly manage the digital resources on the resource management contract. It may be understood that the contract management address information of one resource management contract may include a complete key held by a service object initiating registration of the resource management contract and key address information corresponding to a key fragment, and may also include a complete key held by another service object or key address information corresponding to a key fragment, which is not limited herein. For example, the resource management address information associated with the resource management contract includes: dr1, dr2, dr3, dr4, and the preset signature number threshold is 2, then any two or more keys corresponding to resource management address information (e.g., dr1, dr 2) are needed to sign the transaction to be signed to obtain corresponding transaction signature information, the two or more transaction signature information and the signed transaction are sent to the blockchain node, and the blockchain node verifies that the signed transaction is signed by the keys corresponding to the two or more resource management address information based on the received transaction signature information, and then invokes the resource management contract to execute the signed service transaction.
It will be appreciated that when a transaction signature is performed on a transaction to be signed (also referred to as a transaction to be signed) associated with a resource management contract by a resource client storing a complete key, if corresponding signature information is generated based on the transaction to be signed based on the complete key, a transaction signature of the transaction to be signed may be generated, and such a method of performing the transaction signature on the transaction to be signed may be referred to as a complete signature method. It can be understood that the resource client storing the complete key is usually in an unregistered state, or, in other words, the terminal device where the resource client storing the complete key is located is usually in an unclogged state, so as to reduce the possibility that the complete key is revealed, so as to ensure the security of the complete key, and further ensure the security of the digital resource on the service contract.
It will be appreciated that a key fragment stored by a resource client may be split from a complete private key, which may be split into multiple key fragments, but the private key is not completely grasped by any object, but multiple objects hold one key fragment, respectively, and the same public key. Secure multiparty computing (MPC) based techniques ensure that individual key fragments do not need to be combined into one complete key to generate one legitimate signature message. It can be understood that when signing a transaction to be signed by using a key fragment, a key fragment holding device corresponding to a plurality of key fragments of the same public key needs to sign the transaction to be signed to obtain a plurality of signature fragments, one key fragment holding device can generate one signature fragment based on the held key fragments, and then can aggregate the signature fragments generated by the plurality of key fragment holding devices to generate one transaction signature of the transaction to be signed, namely aggregate signature information. It may be appreciated that when generating the aggregate signature information, the aggregate signature information may be obtained by aggregating based on the number of signature fragments greater than or equal to a key fragment threshold, where the key fragment threshold may be less than or equal to the total number of key fragments, and may specifically be configured based on actual service requirements, and is not limited herein. For example, if a complete private key is split into m key fragments (i.e., the total number of key fragments is m), and the key fragment threshold is n, when the signature aggregation device selected for performing aggregation of the signature fragments obtains n signature fragments generated based on the n key fragments, aggregation processing may be performed based on the n signature fragments, so as to obtain an aggregated signature information, where the value of n may be less than or equal to m. When the method is used, each key fragment holding device only holds part of the key fragments, and even if part of the key fragments stored by the key fragment holding device are leaked, the transaction signature of the transaction to be signed cannot be completed when the agreement of the business object holding the corresponding other key fragments is not obtained, so that the resource management contract cannot be called to realize the corresponding function, and the security of the digital resources in the resource management contract is ensured.
It may be understood that, in the application embodiment, the key fragment holding device may be a terminal device of a service object, or may be a resource management server (such as a resource management server 120a, a resource management server 120b, …, and a resource management server 120 n) in the resource management service cluster 200 a. The signature aggregation device selected for performing aggregation of signature fragments may be a terminal device of a service object (e.g., terminal device 110 a), or may be a resource management server in a resource management service cluster (e.g., resource management is performed on the resource management server 120 a), which is not limited herein.
It may be appreciated that, in some embodiments, a terminal device (such as the terminal device 110 a) of a service object may be used as a service terminal, and further, when a service transaction to be signed is obtained through the resource management client a storing the key fragment F1 in the service terminal, the service terminal may sign the service transaction to be signed through the key fragment F1 to obtain a signature fragment Q1, and may notify a resource management server (such as the resource management server 120 a) holding other key fragments (such as the key fragment F2) corresponding to the same public key as the key fragment F1 to sign the service transaction to be signed, to obtain a signature fragment Q2, and then the signature fragment Q1 and the signature fragment Q2 may be aggregated by a signature aggregation device (such as the terminal device 110a or the resource management server 120 a) to obtain aggregated signature information.
It may be appreciated that, in some embodiments, the terminal device (e.g., the terminal device 110 a) of the service object may be used as a service terminal, and further, when the service transaction to be signed associated with the resource management contract a is obtained through the resource management client in the service terminal, the service transaction to be signed may be signed by the key stored by the resource management client to obtain corresponding signature information (e.g., the signature information 1), where the signature information 1 may be a complete key signature generated based on the complete key, or may be aggregate signature information generated based on multiple key slices, which is not limited herein. Moreover, the terminal device 110a may notify the terminal device associated with the contract management address information of the resource management contract a in the terminal device cluster to perform transaction signature on the to-be-signed service transaction, so as to obtain remote signature management information (such as remote signature management information X1 and remote signature management information X2) associated with the to-be-signed service transaction, and when the to-be-signed service transaction is used as a signed service transaction, the signature information 1, the remote signature management information X1 and the remote signature management information X2 are sent to the blockchain node, and the blockchain node needs to determine that the verification of the signed service transaction is successful when the verification of the remote signature management information greater than or equal to the multiple signature threshold is successful. For ease of description, the terminal device associated with the business object that is notified of the transaction signature for the business transaction to be signed may be referred to as a signature management device. It can be understood that the signature management device may determine, based on contract management address information corresponding to a resource management contract corresponding to a business transaction to be signed initiated by a business object, where each contract management address information may have a corresponding key, in other words, digital resources corresponding to the resource management contract may be managed together by using the key corresponding to the contract management address information, and only when signature information obtained by conducting a transaction signature based on a key corresponding to a certain number of contract management address information in the contract management address information is acquired, the resource management contract may be invoked, so as to implement functions of transferring digital resources associated with the resource management contract, querying balance of assets, and so on, thereby guaranteeing security of digital resources in the resource management contract.
Alternatively, in some cases, the resource management server may lose connection with the resource management server for various reasons, such as the server vendor no longer providing service, hardware failure of the server, server software problems, network connection problems, and so on. Based on the above, if the service object initiates a transaction request for the resource management contract through the service terminal, when the resource management server is unavailable, the transaction signature cannot be performed on the to-be-signed service transaction initiated by the service object based on the key fragment stored in the resource management server, and the aggregate signature information cannot be obtained based on the threshold signature policy, so that the to-be-signed transaction needs to be signed by adopting the complete key of the service object.
Based on the above description, the embodiments of the present application provide a transaction processing scheme, which can determine, based on a network connection state between a service terminal and a resource management server, a resource client (e.g., a first resource client) for performing transaction signing on a to-be-signed service transaction associated with a target service contract, and may perform transaction signing on the to-be-signed service transaction (e.g., a first to-be-signed service transaction) by using a key (e.g., a first key fragment) stored in the resource client based on a threshold signature policy, and obtain a first signature fragment, and then perform transaction signing on the to-be-signed service transaction by using another key fragment (e.g., a second key fragment) by using the resource management client, so as to obtain an aggregate signature information based on aggregation of a plurality of signature fragments. In addition, N signature management devices can be informed of carrying out transaction signature on the business transaction to be signed based on the multiple signature strategies, and remote signature management information is obtained, so that a subsequent blockchain node can carry out transaction signature verification on the signed business transaction based on the aggregated signature information and the remote signature management information. The method can sign the business transaction to be signed by combining the threshold signing policy and the multiple signing policy, and ensures the security of digital resources on the target business contract.
For easy understanding, further, please refer to fig. 2, fig. 2 is a schematic diagram of a scenario for data interaction according to an embodiment of the present application. The service terminal 20a shown in fig. 2 may be a terminal device in the terminal device cluster in the embodiment corresponding to fig. 1, where the service terminal 20a has a resource management client 1 integrally running therein, and the resource management client 1 is configured to store a key slice (for example, the key slice F1) of the service object a shown in fig. 2. Similarly, the resource management server 20b shown in fig. 2 may be a resource management service device storing a key fragment (e.g., key fragment F2) of a service object in the embodiment corresponding to fig. 1. The key fragment F1 and the key fragment F2 collectively correspond to the same key address information (i.e., the same threshold signature key address information). It can be seen that the network connection state between the service terminal 20a and the resource management server 20b is a connection state.
As shown in fig. 2, when the service object a initiates a transaction request (step S21), the service terminal 20a with the resource management client 1 is integrated, the service to be signed TX1 associated with the target contract address may be acquired through the resource management client, and the TX1 is signed by using the key fragment F1 to obtain a signature fragment M1 (step S22), then the service terminal 20a sends the service to be signed TX1 and the signature fragment M1 to the resource management server (step S23), the resource management server 20b signs the TX1 by using the hosted key fragment F2 to obtain a signature fragment M2, and based on the signature fragment M1 and the signature fragment M2, the aggregate signature information is obtained by aggregation (step S24), and the resource management server 20b sends the aggregate signature information and the signed service transaction TX1 to the blockchain network (step S25). And, the service terminal may inform the signature management apparatus to sign the transaction to be signed service transaction TX1 (step S26). The signature management device 20c is integrated with the resource client 2, so that the signature management device 20c can sign the transaction of the transaction TX1 to be signed by using the key stored in the resource client 2 to obtain remote signature management information (step S27), and the signature management device 20c can send the remote management signature information to the blockchain network (step S28). Alternatively, the signature management apparatus 20c may return the remote signature management information to the service terminal 20a, and the service terminal 20a may send the remote signature management information to the blockchain network, which is not limited herein. Further, the blockchain network performs signature verification on the service transaction TX1, and when the signature verification is successful, the service transaction TX1 is executed (step S29). It will be appreciated that, taking a blockchain node in a blockchain network as an example, the blockchain node may perform signature verification on aggregate signature information and perform signature verification on remote management signature information when signing the transaction TX1, so that when the aggregate signature information is verified, and the number of the verified remote management signature information is greater than or equal to the multiple signature threshold, it is required to determine that the transaction TX1 is successfully verified. And the blockchain node can collect the signature verification results of other blockchain link points in the blockchain network for the business transaction TX1, and if the signature verification results exceeding a certain threshold value in the collected verification results indicate that the business transaction TX1 is successfully verified, the business transaction TX1 is executed.
It should be appreciated that the transaction signing of the transaction to be signed by the transaction terminal 20a based on the key fragment F1, resulting in the signature fragment M1, and the sending of the transaction to be signed TX1 and the signature fragment M1 to the resource management server may be performed based on a threshold signature policy. The notification of the transaction terminal 20a to the signature management device 20c to sign the transaction TX1 to be signed may be performed based on a multiple signature policy.
Further, referring to fig. 3, fig. 3 is a schematic view of another scenario for data interaction according to an embodiment of the present application. The service terminal 30a shown in fig. 3 may be a terminal device in the terminal device cluster in the embodiment corresponding to fig. 1, where the service terminal 30a has a resource management client 3 integrally running therein, and the resource management client 3 is configured to store a complete key (for example, the complete key P) of the service object a shown in fig. 3. It can be seen that, if the network connection state between the service terminal 30a and the resource management server is an unconnected state, the resource management server is not involved in the schematic view of the scenario of the data transaction.
As shown in fig. 3, when the service object a initiates a transaction request (step S31), the service terminal 30a may enable the resource client 3, obtain, through the resource management client 3, the service transaction TX2 to be signed associated with the target contract address, and sign the TX2 with the complete key P to obtain the complete key signature G (step S32), and then the service terminal 20a sends the complete key signature G and the signed service transaction TX2 to the blockchain network (step S33). And, the service terminal 30a may notify the signature management apparatus 30b to sign the transaction to be signed service transaction TX2 (step S34). The signature management device 30b is integrated with the resource client 4, so that the signature management device 30b can sign the transaction of the transaction TX2 to be signed by using the key stored in the resource client 4 to obtain remote signature management information (step S35), and the signature management device 30b can send the remote management signature information to the blockchain network (step S36). Alternatively, the signature management apparatus 30b may return the remote signature management information to the service terminal 30a, and the service terminal 30b may send the remote signature management information to the blockchain network, which is not limited herein. Further, the blockchain network may sign and verify the transaction TX2, and when the verification is successful, perform the transaction TX2 (step S37). Taking a blockchain node in a blockchain network as an example, signing and verifying the service transaction TX2 by the blockchain node may include signing and verifying a complete key signature and verifying remote management signature information, so that when the complete key signature is verified, and the number of the verified remote management signature information is greater than or equal to a multiple signature threshold, it is determined that the service transaction TX2 is verified successfully. And the blockchain node can collect the signature verification results of other blockchain link points in the blockchain network aiming at the business transaction TX2, and if the signature verification results exceeding a certain threshold value exist in the collected signature verification results to indicate that the business transaction TX2 is successfully verified, the business transaction TX2 is executed. It should be appreciated that the transaction signing of the transaction to be signed by the transaction terminal 30a based on the full key P, resulting in the full key signature G, and the sending of the transaction to be signed TX2 and the full key signature G to the blockchain network may be performed based on a full signature policy. The notification of the transaction terminal 30a to the signature management device 30b to sign the transaction TX2 may be performed based on a multiple signature policy.
It may be understood that, for a service object a, the contract management address information of the resource management contract registered by the service object a may include key address information corresponding to a complete key held by the service object a, and may also include key address information corresponding to a key fragment held by the service object. Referring to fig. 4, fig. 4 is a schematic diagram of a resource management client of a service object according to an embodiment of the present application. As shown in fig. 4, a service terminal corresponding to the service object may execute a first resource client 401 for storing a first key fragment of the threshold signature, a managed resource client 402 for storing a second key fragment of the threshold signature may execute in the resource management server, and the managed resource client 402 may be used for storing the second key fragment of the service object. The first key fragment and the second key fragment (i.e., 401 a) collectively correspond to the same management address information. The business object may also be associated with a second resource client 403 for storing a complete key, which complete key (i.e. 403 a) corresponds to one of the management address information, which second resource client is usually offline, thereby ensuring the security of the complete key.
It can be understood that under daily conditions, the business object can sign the transaction through a threshold signing method, that is, the transaction can be signed through the thermal resource client storing the first key fragment, and the resource management client can sign the transaction through the second key fragment stored by the thermal resource client, so that the final aggregation signature information is obtained, the signature data volume is small, the transaction cost is not increased while the security is ensured, and the usability is good. And the transaction can be completed only by the participation signature of the key fragments reaching a certain threshold, and the signature party is clear, thereby being beneficial to supervision. In addition, under the condition that the resource management server is unavailable or the key fragment is lost and the like, the threshold signature cannot be carried out, the service object enables the resource client for storing the complete key so as to carry out transaction signature on the transaction of the service to be signed through the complete key, so that the participation of the resource management server is not needed, and the availability is higher.
It can be understood that the transaction signature policy corresponding to the embodiment of the present application may also be applied to other scenarios where digital signatures are required, for example, in an approval process in an enterprise management process, where important data in an enterprise may be provided with corresponding management objects, for example: object a, object B, object C; in daily business, each management object can sign a downloading request for important data by using a key fragment based on a threshold signature strategy to indicate that the important data is agreed to be downloaded, if the key fragment is lost or a server is not available, the object A, the object B and the object C can sign by using the complete key through the complete signature strategy, and the agreement of a certain number of objects is required to be obtained to carry out the downloading of the important data. And the database for storing the important data can verify the signature information associated with the download request after the acquired signed download request, and can send the important data to the object initiating the download request when the verification is successful.
It should be understood that, in the embodiment of the present application, the related data (e.g., face information) is collected, used and processed according to national legal and legal requirements when the above embodiment of the present application is applied to a specific product or technology, where it is understood that, before collecting face information, the embodiment of the present application informs about information processing rules and solicits individual consent of a business object (e.g., the business object a shown in fig. 2) and processes face information in strict compliance with legal requirements and personal information processing rules, and adopts technical measures to ensure security of the related data.
It may be understood that, in the embodiment of the present application, the terminal device integrated with the resource management client may include: smart phones, tablet computers, notebook computers, desktop computers, wearable devices (e.g., smart watches, smart bracelets), smart homes, headsets, smart car-mounted and other intelligent terminals.
In the embodiment of the application, the service device integrated with the key escrow client can be an independent physical server, can be a server cluster or a distributed system formed by a plurality of physical servers, and can also be a cloud server for providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDNs, basic cloud computing services such as big data and artificial intelligent platforms, and the like.
It can be understood that the above scenario is merely an example, and does not constitute a limitation on the application scenario of the technical solution provided by the embodiment of the present application, and the technical solution of the present application may also be applied to other scenarios. For example, as one of ordinary skill in the art can know, with the evolution of the system architecture and the appearance of new service scenarios, the technical solution provided by the embodiment of the present application is also applicable to similar technical problems.
Further, referring to fig. 5, fig. 5 is a flow chart of a transaction processing method according to an embodiment of the application. The method may be performed by a service terminal, such as the terminal device 110a described above. The method may comprise at least the following steps S501-S504.
S501, if the network connection state between the service terminal and the resource management server is a connection state, determining a resource client for participating in transaction signature as a first resource client based on a first service transaction signature strategy in the target transaction signature strategy; the first business transaction signature strategy comprises a threshold signature strategy and a multiple signature strategy; the threshold signature strategy and the multiple signature strategy are deployed in a target business contract on the blockchain; the target business contract is obtained after the business object is subjected to contract registration on a blockchain through a blockchain node; the contract address of the target business contract is the target contract address returned to the business object by the block link point.
The network connection state between the service terminal and the resource management server is a connection state, which indicates that data interaction can be performed between the service terminal and the resource management server.
The first service transaction signature policy may be a policy for performing a transaction signature when a network connection state between the service terminal and the resource management server is a connection state. It is understood that the first business transaction signature policy comprises a threshold signature policy and a multiple signature policy.
The first resource client may be a resource client for acquiring the business transaction to be signed and signing the business transaction to be signed by using the stored key when the network connection state between the business terminal and the resource management server is a connection state. It is understood that the first resource client may be a resource client for frequent transaction signing, and may also be referred to as a daily resource client or a hot resource client. The key stored by the first resource client can be a key fragment, then the signature fragment obtained by carrying out transaction signature on other key fragments corresponding to the same public key or the same key address information with the key fragment is required to be obtained, then the signature fragment obtained by carrying out transaction signature on the key fragment stored by the first resource client is combined to generate an aggregate signature information, and then a transaction signature of the first resource client to the transaction of the service to be signed can be completed.
The threshold signing policy may be used to instruct the service object to sign the service transaction to be signed based on the above threshold signing method, that is, a signing partition obtained by signing the service transaction to be signed by using a key partition stored in the first resource client, and then aggregating the signing partition generated by the first resource client and the first or multiple signing partitions generated by the resource management server by using other devices (such as a resource management server in the resource management service cluster 200 a) to obtain aggregated signing information.
It may be appreciated that the multiple signing policy may be used to instruct the service object to sign the service transaction to be signed based on the multiple signing method described above, that is, notify the signing management device to sign the service transaction to be signed associated with the resource management contract, where the signing management device operates a resource client associated with a key corresponding to the contract management address information in the resource management contract, and further the signing management device may sign the service transaction to be signed by using the key corresponding to the contract management address information stored in the operated resource client, so as to obtain remote signing management information, where the remote signing management information may include the service transaction to be signed and the remote signing information, or may be remote signing information. The remote signature information is signature information obtained by the signature management device performing transaction signature on the business transaction to be signed by using a key corresponding to the contract management address information stored in the operated resource client. It can be appreciated that the block link point needs to determine that the signed service transaction verification is successful when the remote signature information greater than or equal to the multiple signature threshold indicated by the multiple signature policy is successfully verified, and the signature information (such as aggregate signature information or complete key signature) obtained by signing the service object with its own secret key (such as a key fragment or a service complete key) is verified.
It will be appreciated that the first business transaction signature policy may be deployed in a target business contract on the blockchain, that is, a resource management contract associated with the first resource client, that is, the contract management address information of the target business contract includes key address information corresponding to the key shards stored by the first resource client. It will be appreciated that the threshold signature policy and the multiple signature policy are deployed in the target business contract, and that the blockchain node may then conduct a transaction verification (also referred to as signature verification) on the received signed business transaction based on the threshold signature policy and the multiple signature policy in the target business contract.
It will be appreciated that the target business contract may be the result of contract registration on the blockchain, and that the business object may obtain the contract address returned by the blocknode to the registered target business contract, i.e., the target contract address. The target contract address refers to a contract address of the target business contract.
Specifically, the service object is associated with a second resource client, and a service complete key (also called a complete key) of the service object is stored in the second resource client, wherein key address information of the service complete key is service complete key address information (also called complete key address information); then, the embodiment of the application can further comprise the following steps: a threshold signature key acquisition request is sent to a resource management server, so that the resource management server and a service terminal negotiate to generate a first key fragment stored by a first resource management client and a second key fragment stored by the resource management server based on a key fragment generation mechanism, and key address information which corresponds to the first key fragment and the second key fragment together is determined to be threshold signature key address information; further, when the threshold signing key address information is acquired, acquiring a plurality of pieces of management address information to be registered, wherein the plurality of pieces of management address information to be registered include: threshold signing key address information and service integrity key address information; further, a registration transaction for performing contract registration is determined based on the plurality of pieces of management address information to be registered, the registration transaction is sent to the blockchain node, so that the blockchain node performs contract registration on the blockchain based on the registration transaction to obtain a target business contract, the management address information to be registered is used as contract management address information of the target business contract, and the contract management address information is used for determining N signature management devices.
It can be understood that the second resource client may be a resource client for acquiring the service transaction to be signed and signing the service transaction to be signed by using the stored key when the network connection state between the service terminal and the resource management server is an unconnected state. The key stored by the second resource client can be a service complete key of the service object, and the second resource client can complete a transaction signature of the service transaction to be signed by only carrying out transaction signature on the service transaction to be signed by using the complete key to obtain the complete key signature. It will be appreciated that the second resource client may be a resource client that is not used for frequent transaction signatures, and may also be referred to as an offline resource client, a cold resource client. The terminal device where the second resource client is located may be in an unconnected state, or the second resource client is in an unregistered state, so as to reduce the possibility of disclosure of the service complete key, and when the first resource client of the service object is unavailable (such as the resource management server is unavailable), the second resource management client obtains the service transaction to be signed, and performs transaction signing on the service transaction to be signed by using the complete key stored by the second resource client. Because the second resource client stores the complete secret key, once the complete secret key is revealed, the second resource client is easy to cause larger influence on the assets on the target service contract, so that the second resource client is not used for frequently carrying out transaction signature, when the network connection state between the service terminal and the resource management server is a connection state, the first resource client can be used for carrying out transaction signature to ensure the security of the target service contract, and when the network connection state between the service terminal and the resource management server is an unconnected state, the second resource client is started to carry out transaction signature to ensure the availability of the target service contract.
The service complete key address information may be key address information corresponding to the service complete key. The service complete key address information and the threshold signature key address information corresponding to the key fragments stored by the first resource client are both contract management address information of the target service contract. The service complete key address information refers to key address information corresponding to the service complete key, and the threshold signature key address information refers to key address information commonly corresponding to a plurality of key fragments determined based on a threshold signature method.
It will be appreciated that the threshold signing key acquisition request may be used to request acquisition of a key fragment in a threshold signing method. The threshold signature acquisition request may carry registration information of the service object, where the registration information may include face information or other biological characteristics (such as fingerprint information) of the service object, and so on. The key fragment generation mechanism may be used for negotiating between the resource management server and the service terminal to obtain a key fragment corresponding to each device, for example, the key fragment generation mechanism may be the MPC mechanism described above, which is not limited herein.
It is understood that the first key fragment may be a key fragment of a service object stored by the first resource client, and the second key fragment is a key fragment of a service object stored by the resource management server. The number of fragments of the second key fragment may be one or more. If the number of the second key fragments is one, the second key fragments can be stored by one resource management server in the resource management service cluster; if the number of the second key fragments is multiple, the second key fragments may be stored by multiple resource management servers in the resource management service cluster respectively. It may be understood that the threshold signature key address information refers to key address information that the first key fragment and the second key fragment commonly correspond to, because the first key fragment and the second key fragment commonly correspond to the same public key, and further the threshold signature key address information that the first key fragment and the second key fragment commonly correspond to may be determined, which may also be referred to as threshold signature key address information.
It may be understood that the to-be-registered management address information may be contract management address information corresponding to a resource management contract to be registered (also referred to as a service contract), where the to-be-registered management address information of a to-be-registered service contract may include the above-mentioned threshold signature key address information and the above-mentioned service complete key address information of the service object, and then the service object may manage the registered service contract (that is, sign a transaction to be signed associated with the service contract) through a key fragment corresponding to the threshold signature key address information and a service complete key corresponding to the service complete key address information.
It is understood that the registration transaction may refer to a transaction for performing contract registration. Optionally, the registration transaction is sent to the blockchain node, or the service terminal directly sends the registration transaction to the blockchain node, or the service terminal sends the registration transaction to the resource management server, and then the resource management server forwards the registration transaction to the blockchain node, which is not limited herein.
It can be appreciated that, after registering to obtain the target service contract, the blockchain node may use the address information to be registered in the registration transaction as the contract management address information of the registered target service industry.
It will be appreciated that the registration transaction may further include threshold information corresponding to the transaction signature policy to be deployed in the target service contract, such as the above-mentioned key-sharding threshold indicated by the threshold signature policy, and the multiple signature threshold indicated by the multiple signature policy.
Specifically, determining a registration transaction for performing contract registration based on a plurality of pieces of management address information to be registered may include the steps of: acquiring a key fragmentation threshold indicated by a threshold signature strategy and a multiple signature threshold indicated by a multiple signature strategy; a registration transaction for performing contract registration is determined based on the plurality of management address information to be registered, the key fragmentation threshold, and the multiple signature threshold.
It can be understood that, the key fragment threshold indicated by the threshold signature policy may be the number of signature fragments that need to be acquired for aggregating to obtain one piece of aggregate signature information, that is, when a signature fragment corresponding to a key fragment greater than or equal to the key fragment threshold needs to be acquired, the aggregate signature information may be obtained based on the signature fragment corresponding to the key fragment greater than or equal to the key fragment threshold.
It can be understood that the multiple signature threshold indicated by the multiple signature policy means that the block link point needs to acquire the remote signature management information greater than or equal to the multiple signature threshold, and verify the remote signature management information greater than or equal to the multiple signature threshold successfully, so as to execute the corresponding service transaction.
It will be appreciated that, in addition to the threshold signing key address information and the service integrity key address information of the service object initiating the registration transaction, the to-be-registered management address information may also include threshold signing key address information and service integrity key address information of other service objects other than the service object initiating the registration transaction, which is not limited herein. It may be appreciated that the service terminal that initiates the service transaction to be signed and the service terminal corresponding to the service object that initiates the registration transaction may be the same terminal device or may be different terminal devices, which is not limited herein. For example, the service object a initiates a registration transaction for a service contract to be registered, and the management address information to be registered in the registration transaction may include: threshold signing key address information and service complete key address information of the service object A and threshold signing key address information and service complete key address information of the service object B; after the target business contract is successfully registered based on the registration transaction, the contract management address information of the target business contract may include: the threshold signing key address information and the service integrity key address information of the service object a, and the threshold signing key address information and the service integrity key address information of the service object B. Furthermore, the service object a can initiate the to-be-signed service transaction associated with the target service contract by using the terminal equipment held by the service object a, and the service object B can also initiate the to-be-signed service transaction associated with the target service contract by using the terminal equipment held by the service object B, so that the service object a and the service object B can jointly manage the target service contract through the held service complete key and the key fragment, and both the service object a and the service object B can be referred to as service management objects of the target service contract. It will be appreciated that the resource client of any traffic management object for storing a key fragment may be referred to as a first resource client and the resource client for storing a traffic integrity key may be referred to as a second resource client. For the same service contract, each service management object of the service contract can be used as a service object, a transaction request is initiated through a service terminal, a to-be-signed service transaction associated with a contract address of the service contract is obtained through a resource client storing a key corresponding to contract management address information, the to-be-signed service transaction is subjected to transaction signature by utilizing the key corresponding to the resource client, and when the to-be-signed service transaction is used as a signed service transaction, the signed service transaction and associated signature information can be sent to a blockchain network.
Referring to fig. 6, fig. 6 is a flowchart of a business contract registration method according to an embodiment of the present application. As shown in fig. 6, first, the service object a may initiate a service contract registration request (step S61), and further, the service terminal may negotiate to determine a key shard based on a key shard generation mechanism in response to the service contract registration request (step S62), thereby obtaining a first key shard stored by a first resource client in the service terminal and a second key shard stored by the resource management server. Further, the service terminal may acquire the management address information to be registered, generate a registration transaction TX3 based on the management address information to be registered (step S63), and then transmit the registration transaction TX3 to the resource management server (step S64.1), so that the resource management server transmits the registration transaction TX3 to the blockchain network (step S64.2). Alternatively, the service terminal may send the registration transaction TX3 directly to the blockchain node, without limitation. Further, the blockchain network may perform contract registration on the blockchain based on the registration transaction to obtain a target business contract, and determine a contract address of the target business contract (step S65). The blockchain network may return the contract address of the registered target business contract to business object a, and may also send to other business management objects besides business object a.
S502, determining a first business transaction to be signed associated with a target contract address through a first resource client, and carrying out transaction signature on the first business transaction to be signed through the first key fragment when the first key fragment of the business object is acquired, so as to obtain a first signature fragment.
It is to be appreciated that the first to-be-signed business transaction can be a to-be-signed business contract associated with the target contract address as determined by the first resource client. It will be appreciated that the first to-be-signed business transaction may be used to instruct invoking the target business contract to perform a corresponding function, such as transferring digital resources in the target business contract, querying the number of resources of digital resources in the target business contract, and the like, without limitation.
It is appreciated that the first key fragment of the business object may be determined by the first resource client. The first signature fragment may be a signature fragment obtained by performing transaction signature on the transaction of the business to be signed based on the first key fragment.
S503, determining N signature management devices associated with the business object based on the multiple signature strategy, and notifying the N signature management devices to generate N remote signature management information associated with the first business transaction to be signed; n is a positive integer; one signature management device corresponds to one remote signature management information.
It may be understood that the signature management device may be a terminal device operated by a resource client corresponding to a key other than the first key fragment stored by the first resource client, from among keys corresponding to contract management address information of the resource management contract. The N signing devices associated with the first to-be-signed service transaction may be terminal devices operated by resource clients corresponding to the full key address information in the contract management address information, or may be terminal devices operated by resource clients of the key fragment corresponding to the threshold signing key address information. For example, the contract management address information includes: if the service object a determines a first service transaction to be signed through a resource client corresponding to the key fragment F1, N signature management devices determined based on a multiple signature policy may be a terminal device operated by a resource client corresponding to the service complete key R of the service object B or a terminal device operated by a resource client corresponding to the key fragment P1 of the service object B.
It is understood that the same signature management device may be used to run only the same resource client at the same time, and the key address information corresponding to the key stored by the running resource client belongs to the contract management address information of the target service contract. It can be appreciated that one signature management device corresponds to one remote signature management information, which can be used for indicating that one signature management device can sign a transaction for a business transaction to be signed based on a resource client running on the signature management device, so as to obtain one corresponding remote signature management information. It will be appreciated that when a terminal device logs in to different resource clients, the terminal device may be used as different signature management devices, and then N signature management devices associated with the service object are determined, that is, the N resource clients for performing multiple signatures on the service transaction to be signed are determined.
It may be understood that, the notification of the N signature management devices to generate N remote signature management information associated with the first service transaction to be signed may be that signature prompt information for indicating that the service transaction to be signed is signed by using the corresponding resource client is sent to the signature management device by the resource management server, and then the signature management device may sign the service transaction to be signed by using the service complete key or the key fragment stored by the running resource client, so as to finally generate the remote signature management information. Optionally, the N signature management devices are notified to generate N remote signature management information associated with the first business transaction to be signed, or the signature management devices are notified offline, so that the remote signature management information is generated in an offline code scanning form. For example, the service terminal generates a service transaction graphic code associated with a service transaction to be signed, the signature management device scans the service transaction graphic code to obtain the service transaction to be signed, and then the signature management device signs the service transaction to be signed to obtain remote signature management information and generates a signature information graphic code based on the remote signature management information; and then the service terminal scans the signature information graphic code, so that the remote signature management information can be acquired, and the service terminal can conveniently send the remote signature management information to the blockchain node. Or, the signature management device may directly send the remote signature management information to the blockchain node after signing the transaction of the service to be signed to obtain the remote signature management information, which is not limited herein.
It can be understood that if the signature management device signs the transaction to be signed through the service complete key, the obtained remote signature management information includes the complete key signature, and if the signature management device signs the transaction to be signed through the key fragments, the obtained remote signature management information includes the aggregated signature information obtained by aggregating the signature fragments obtained by signing the plurality of key fragments.
S504, sending the first signature fragment and the first business transaction to be signed to a resource management server based on a threshold signature strategy, so that when the resource management server carries out transaction signature on the first business transaction to be signed through a second key fragment of a business object to obtain a second signature fragment, aggregating the second signature fragment and the first signature fragment to obtain first aggregate signature information, and when the first business transaction to be signed is used as a first signed business transaction, sending the first aggregate signature information and the first signed business transaction to a blockchain node; the blockchain node is used for calling a target business contract on the blockchain based on a target contract address when the first aggregate signature information and the K remote signature management information are acquired, and conducting transaction signature verification on the first signed business transaction through a first business transaction signature strategy indicated by the target business contract to obtain a transaction signature verification result of the first signed business transaction; k is a positive integer less than or equal to N.
It is understood that, when the threshold signature policy is a signature policy for instructing the resource management server to perform aggregate signature, step S504 may be performed. The aggregation signature is performed, that is, the process of obtaining the aggregation signature information based on the aggregation of the plurality of signature fragments. The transaction signature verification result is a result obtained by verifying signature information associated with the signed business transaction by the blockchain node.
The first aggregate signature information may be aggregate signature information obtained by aggregating a plurality of signature fragments (such as a first signature fragment and a second signature fragment) associated with the first business transaction to be signed, which is determined based on a threshold signature policy in the first business transaction signature policy. The second signature fragment may be obtained when the resource management server performs transaction signature on the first to-be-signed service transaction by using the second key fragment of the service object. It will be appreciated that when the number of second key fragments is one, the one second key fragment may be deployed in one resource management server in the resource management service cluster. When the number of the second key fragments is multiple, the multiple second key fragments can be deployed in multiple resource management servers in the resource management service cluster respectively, and then one resource management server selected in the resource management service cluster can inform other resource management servers of carrying out transaction signature on the first business transaction to be signed to obtain a second signature fragment, and the second signature fragments returned by the other resource management servers are obtained, so that when the total number of the obtained first signature fragments and the obtained second signature fragments is greater than or equal to the key fragment threshold indicated by the threshold signature strategy, the obtained first signature fragments and the obtained second signature fragments are aggregated to obtain aggregated signature information.
For example, the number of the second key fragments is one, and the resource management server 120a in the resource management service cluster 200a is configured to store the second key fragments, and then the resource management server 120a may use the second key fragments to sign the transaction of the first to-be-signed service transaction to obtain a second signature fragment. And if the key fragment threshold indicated by the threshold signature strategy is 2, the resource management server can aggregate based on the second signature fragment and the first signature fragment to obtain aggregate signature information.
As another example, the number of second key fragments is plural (e.g., two), and the resource management server 120a and the resource management server 120b in the resource management service cluster are respectively configured to store one second key fragment. After receiving the first to-be-signed service transaction and the first signature fragment sent by the service terminal, one of the resource management servers (e.g., the resource management server 120 a) may sign the first to-be-signed service transaction by using the stored second key fragment to obtain a second signature fragment, and may notify the other resource management server (e.g., the resource management server 120 b) to sign the first to-be-signed service transaction to obtain another second signature fragment. If the key fragment threshold indicated by the threshold signature policy is 3, the resource management server 120a needs to aggregate the two second signature fragments and the first signature fragment to obtain aggregate signature information when acquiring the two second signature fragments. Optionally, if the key-segmentation threshold indicated by the threshold signature policy is 2, the resource management server 120a needs to aggregate based on any one of the two second signature segments and the first signature segment when obtaining any one of the two second signature segments, so as to obtain aggregate signature information.
It may be appreciated that after the resource management server obtains the aggregate signature information, the first aggregate signature information and the first signed business transaction may be sent to the blockchain node when the first business transaction to be signed is taken as the first signed business transaction; alternatively, the first aggregate signature information and the first signed business transaction may be sent to the blockchain node after the aggregate signature information is obtained by the resource management server.
It may be appreciated that, when the second key fragment of the service object is determined in the resource management server and may be determined based on the object access information of the service object, the service terminal may also send the object access information of the service object to the resource management server.
Specifically, the first business transaction to be signed is determined when the business object successfully accesses the first resource client through the object access information; in the resource management server, the object access information of the service object is stored in association with the second key fragment; then, sending the first signature shard and the first to-be-signed business transaction to the resource management server based on the threshold signature policy may include the steps of: acquiring object access information of a business object; further, the object access information, the first signature fragment and the first business transaction to be signed are sent to the resource management server based on the threshold signature strategy; the object access information is used to instruct the resource management server to determine a second key fragment of the business object based on the object access information.
It is understood that the object access information may be face information (also referred to as face information) or other biological characteristics (such as fingerprint information) of the business object. It may be appreciated that if the object access information matches the object registration information corresponding to the first resource client, it is determined that the service object successfully accesses the first resource client. It can be understood that the first key fragment stored in the first resource client is determined based on the object registration information of the service object, and in the resource management server, the object registration information of the service object is stored in association with the second key fragment, so that after receiving the object access information, the resource management server can search for the matched object registration information based on the object access information, and take the second key fragment associated with the searched object registration information matched with the object access information as the second key fragment of the service object, so that the resource management server can sign the transaction of the first service transaction to be signed by using the searched second key fragment to obtain the second signature fragment.
Optionally, when the threshold signature policy is a signature policy for instructing the service terminal to perform aggregate signature, the first service transaction to be signed is sent to the resource management server, so that the resource management server performs transaction signature on the first service transaction to be signed through the second key fragment of the service object to obtain a second signature fragment; further, when a second signature fragment returned by the resource management server is acquired, the first aggregate signature information is obtained through aggregation through the second signature fragment and the first signature fragment, and when the first business transaction to be signed is used as the first signed business transaction, the first aggregate signature information and the first signed business transaction are sent to the blockchain node.
It will be appreciated that if the aggregate signature is performed by the service terminal, the resource management server may return the second signature fragment to the service terminal that initiated the transaction after generating the second signature fragment. And the service terminal aggregates the acquired second signature fragments and the first signature fragments to obtain first aggregated signature information. It can be understood that, the method for acquiring the aggregated signature information by the service terminal to aggregate the second signature fragment and the first signature fragment may refer to the resource management server to aggregate the second signature fragment and the first signature fragment, so as to acquire a related description of the aggregated signature information, which is not described herein in detail. It may be appreciated that if the number of the second key fragments is one, the first service transaction to be signed is sent to the resource management server, that is, the first service transaction to be signed is sent to the resource management server storing the second key fragment, and then the single resource management server returns the second signature fragment to the service terminal after obtaining the second signature fragment. If the number of the second key fragments is multiple, the first to-be-signed service transaction is sent to a selected one of the plurality of resource management servers for storing the second key fragments, then the selected resource management server forwards the first to-be-signed service transaction to other resource management servers, and each resource management server for storing the second key fragments can respectively return one second signature fragment to the service terminal, or can be the selected one resource management server gathers each second signature fragment and uniformly returns to the service terminal, so that the method is not limited.
It can be understood that the service terminal performs signature aggregation and transmits the aggregated signature information and the signed service transaction to the blockchain, so that the problem that the resource management server does not transmit the signed service transaction to the blockchain node due to the configuration problem can be avoided, and the service terminal cannot well master whether the resource management server transmits the signed service transaction to the blockchain node, thereby improving the security and controllability of the service transaction.
It can be understood that the service terminal may further acquire remote signature management information generated by each signature management device, and further send the acquired remote signature management information, aggregate signature information obtained by signing the service object itself, and signed service transactions to the blockchain node.
Specifically, when the first business transaction to be signed is regarded as a first signed business transaction, the first aggregate signature information and the first signed business transaction are sent to the blockchain node, which may include the following steps: receiving remote signature management information returned by signature management equipment in the N signature management equipment, and counting the quantity of the received remote signature management information to obtain the quantity of received remote signatures; further, when the remote signature time stamp associated with the first to-be-signed business transaction reaches a remote signature time threshold and the number of received remote signatures is greater than or equal to a multiple signature threshold indicated by a multiple signature policy, taking the first to-be-signed business transaction as a first signed business transaction; further, the received K remote signature management information, the first aggregate signature information, and the first signed business transaction are transmitted to the blockchain node.
It will be appreciated that the number of received remote signatures may be the number of remote signature management information currently received associated with the first pending business transaction. It will be appreciated that for a service terminal, the number of received remote signatures may be incremented by one for each received remote signature management information.
It will be appreciated that the remote signature timestamp may be associated with timing information for the signature management device to sign the transaction associated with the first to-be-signed business transaction. The remote signature time threshold may be a preset maximum time threshold for waiting to acquire remote signature management information. For example, the remote signature time threshold may be 20 minutes, and then the remote signature management information returned by the signature management device may be received within 20 minutes after the first to-be-signed service transaction is obtained, and if the remote signature time stamp associated with the first to-be-signed service transaction reaches 20 minutes, counting the number of received remote signature management information is stopped.
It may be appreciated that if the remote signature timestamp associated with the first to-be-signed business transaction reaches the remote signature time threshold, the received remote signature number is less than the multiple signature threshold indicated by the multiple signature policy, the first to-be-signed business transaction is not taken as the first signed business transaction, and the business transaction may no longer be sent to the blockchain node. Therefore, the service terminal can perform preliminary judgment on the number of the acquired multiple signatures, so that the situation that the service transaction which cannot be verified is transmitted to the blockchain node is avoided, and the burden of the blockchain node is reduced.
For example, referring to fig. 7, fig. 7 is a schematic diagram of data interaction according to an embodiment of the present application. As shown in fig. 7, when the business object a initiates a transaction request (step S71), the business terminal 70a, which is operated with the resource management client 1, may acquire the business transaction TX1 to be signed associated with the target contract address through the resource management client 1 (step S72); service terminal 70a then transmits the to-be-signed service transaction TX1 to the resource management server (step S73); the resource management server 70b signs TX1 with the key fragment F2 to obtain a signature fragment M2 (step S74), and returns the signature fragment M2 to the service terminal (step S75), and further the service terminal 70a signs TX1 with the key fragment F1 to obtain a signature fragment M1, and aggregates the obtained aggregated signature information based on the signature fragment M1 and the signature fragment M2 (step S76). And, the service terminal 70a may inform the signature management apparatus to sign the transaction to be signed service transaction TX1 (step S77). The signature management device 70c is integrated with the resource client 2, so that the signature management device 70c can sign the transaction of the service transaction TX1 to be signed by using the key stored in the resource client 2 to obtain remote signature management information (step S78), and the signature management device 70c can return the remote management signature information to the service terminal 70a (step S79). Further, the service terminal 70a may send the aggregate signature information, the remote management signature information, and the signed service transaction TX1 to the blockchain network when the remote signature time stamp associated with the service transaction TX1 reaches the remote signature time threshold and the total number of received remote signature management information is greater than or equal to the multiple signature threshold indicated by the multiple signature policy (step S710). Further, the blockchain network may sign and verify the transaction TX1, and when the verification is successful, perform the transaction TX1 (step S711). It will be appreciated that the signing and signing of the business transaction by the blockchain network and the process of executing the business transaction may refer to the related description shown in fig. 2, which is not described herein.
In one embodiment, when the network connection state result indicates that the network connection state between the service terminal and the resource management server is the connection state, the service transaction to be signed may be signed only by the threshold signing policy, that is, the multiple signing threshold indicated by the multiple signing policy is equal to 0, so that other signing management devices do not need to be notified to sign the service transaction to be signed.
Specifically, when the network connection state result indicates that the network connection state between the service terminal and the resource management server is a connection state, determining that a resource client for participating in transaction signature is a first resource client based on a third service transaction signature policy in the target transaction signature policies; the second business transaction signature policy is independent of the first business transaction signature policy, and the second business transaction signature policy is a threshold signature policy; further, determining a third to-be-signed business transaction associated with the target contract address through the first resource client, and carrying out transaction signature on the third to-be-signed business transaction through the first key fragment when the first key fragment of the business object is acquired, so as to obtain a third signature fragment; further, the third signature fragment and the third business transaction to be signed are sent to the resource management server based on a threshold signature strategy, so that when the resource management server carries out transaction signature on the third business transaction to be signed through the second key fragment of the business object to obtain a fourth signature fragment, second aggregation signature information is obtained through aggregation of the third signature fragment and the fourth signature fragment, and when the third business transaction to be signed is used as a third business transaction to be signed, the second aggregation signature information and the third business transaction to be signed are sent to a blockchain node; and the blockchain node is used for calling a target business contract on the blockchain based on the target contract address when the second aggregate signature information is acquired, and carrying out transaction signature verification on the third signed business transaction through a third business transaction signature strategy indicated by the target business contract to obtain a transaction signature verification result of the third signed business transaction.
It will be appreciated that the first business transaction signature policy is a threshold signature policy, that is, the business transaction to be signed is signed only by the threshold signature policy. The transaction content of the third to-be-signed transaction may be the same as the transaction content of the first to-be-signed transaction, or may be different, which is not limited herein. It may be appreciated that when the network connection status result indicates that the network connection status between the service terminal and the resource management server is a connection status, only one service transaction policy is determined from the third service transaction policy and the first service transaction policy, so as to sign the transaction of the service to be signed, specifically, what service transaction signature policy is adopted may be determined by the actual service requirement, which is not limited herein.
The third signature fragment may be obtained by performing transaction signature on the third to-be-signed service transaction by using the first key fragment, and the fourth signature fragment may be obtained by performing transaction signature on the third to-be-signed service transaction by using the second key fragment. The second aggregated signature information may be aggregated by the third signature fragment and the fourth signature fragment. It can be appreciated that, the method for generating the second aggregate signature information may refer to the method for generating the first aggregate signature information described above, which is not described herein. It may be understood that the device for generating the second aggregate signature information may be the resource management client or the service terminal, and detailed description is omitted herein, with reference to the foregoing description related to the generation of the first aggregate signature information.
For example, please refer to fig. 8, fig. 8 is a schematic diagram of data interaction of a third business transaction signature strategy according to an embodiment of the present application. The service terminal 80a shown in fig. 8 may be a terminal device in the terminal device cluster in the embodiment corresponding to fig. 1, where the service terminal 80a has a resource management client 1 integrally running therein, and the resource management client 1 is configured to store a key slice (for example, the key slice F1) of the service object a shown in fig. 8. Similarly, the resource management server 80b shown in fig. 8 may be a resource management service device storing a key fragment (e.g., the key fragment F12) of the service object in the embodiment corresponding to fig. 1. The key fragment F1 and the key fragment F2 collectively correspond to the same key address information. It can be seen that the network connection state between the service terminal 80a and the resource management server 80b is a connection state.
As shown in fig. 8, when the service object a initiates a transaction request (step S81), the service terminal 80a running with the resource management client 1 may acquire the to-be-signed service transaction TX1 associated with the target contract address through the resource management client, sign the TX1 with the key fragment F1 to obtain a signature fragment M1 (step S82), then the service terminal 80a sends the to-be-signed service transaction TX1 and the signature fragment M1 to the resource management server (step S83), the resource management server 80b signs the TX1 with the key fragment F2 to obtain a signature fragment M2, and based on the signature fragment M1 and the signature fragment M2, aggregate signature information is obtained by aggregation (step S84), and the resource management server 80b sends the aggregate signature information and the signed service transaction TX1 to the block chain network (step S85). Further, the blockchain network may sign and verify the transaction TX1, and when the verification is successful, execute the transaction TX1 (step S86). Taking a blockchain node in a blockchain network as an example, the blockchain node signing and verifying the service transaction TX1 may include verifying the aggregate signature information, so that when the aggregate signature information is verified, it is required to determine that the service transaction TX1 verification is successful. And the blockchain node can collect the signature verification results of other blockchain link points in the blockchain network aiming at the business transaction TX1, and if the signature verification results exceeding a certain threshold value exist in the collected signature verification results to indicate that the business transaction TX1 is successfully verified, the business transaction TX1 is executed.
Referring to fig. 9, fig. 9 is a flow chart of a transaction processing method according to an embodiment of the application. The method may be performed by a service terminal, such as the terminal device 110a described above. The method may include at least the following steps S901 to S909.
And S901, detecting the network connection state between the service terminal and the resource management server to obtain a network connection state result.
It may be understood that the network connection status result may be a result of a network connection status between the service terminal and the resource management server. The network connection state result may be used to indicate that the network connection state between the service terminal and the resource management server is a connection state, or may be used to indicate that the network connection state between the service terminal and the resource management server is an unconnected state.
Specifically, the embodiment of the application can include: detecting a network connection state between a service terminal and a resource management server to obtain a network connection state result; and when the network connection state result indicates that the network connection state between the service terminal and the resource management server is the connection state, executing the step of determining the resource client for participating in the transaction signature as the first resource client based on the first service transaction signature strategy in the target transaction signature strategy.
It will be appreciated that the step of determining, based on the first business transaction signature policy of the target transaction signature policies, that the resource client for participating in the transaction signature is the first resource client may be performed as described above with reference to step S501, which is not limited herein. Steps S502-S504 may then be performed to implement signing of the business transaction when the network connection state between the business terminal and the resource management server is a connection state.
When the network connection state result can be used to indicate that the network connection state between the service terminal and the resource management server is the unconnected state, the description of the subsequent steps S906 to S909 can be referred to.
It can be understood that detecting the network connection state between the service terminal and the resource management server can be performed by a heartbeat mechanism. For example, the service terminal sends the heartbeat packet to the resource management server at regular time, and the resource management server can return a heartbeat packet to the service terminal after receiving the heartbeat packet sent by the service terminal. If the service terminal receives the heartbeat packet returned by the management server within a certain time range, the network connection state result can be determined to indicate that the network connection state between the service terminal and the resource management server is a connection state; if the service terminal does not receive the heartbeat packet returned by the resource management server within a certain time range, it can be determined that the network connection state result indicates that the network connection state between the service terminal and the resource management server is an unconnected state.
S902, if the network connection state between the service terminal and the resource management server is a connection state, determining a resource client for participating in transaction signature as a first resource client based on a first service transaction signature strategy in the target transaction signature strategy; the first business transaction signature strategy comprises a threshold signature strategy and a multiple signature strategy; the threshold signature strategy and the multiple signature strategy are deployed in a target business contract on the blockchain; the target business contract is obtained after the business object is subjected to contract registration on a blockchain through a blockchain node; the contract address of the target business contract is the target contract address returned to the business object by the block link point.
S903, determining a first business transaction to be signed associated with a target contract address through a first resource client, and carrying out transaction signature on the first business transaction to be signed through the first key fragment when the first key fragment of the business object is acquired, so as to obtain a first signature fragment.
S904, determining N signature management devices associated with the business object based on the multiple signature strategy, and notifying the N signature management devices to generate N remote signature management information associated with the first business transaction to be signed; n is a positive integer; one signature management device corresponds to one remote signature management information.
S905, transmitting the first signature fragment and the first business transaction to be signed to a resource management server based on a threshold signature strategy, so that when the resource management server carries out transaction signature on the first business transaction to be signed through a second key fragment of a business object to obtain a second signature fragment, acquiring first aggregate signature information through aggregation of the second signature fragment and the first signature fragment, and transmitting the first aggregate signature information and the first signed business transaction to a blockchain node when the first business transaction to be signed is used as the first signed business transaction; the blockchain node is used for calling a target business contract on the blockchain based on a target contract address when the first aggregate signature information and the K remote signature management information are acquired, and conducting transaction signature verification on the first signed business transaction through a first business transaction signature strategy indicated by the target business contract to obtain a transaction signature verification result of the first signed business transaction; k is a positive integer less than or equal to N.
The description of steps S902-S905 may refer to the description of steps S501-S504, and will not be repeated here.
S906, when the network connection state result indicates that the network connection state between the service terminal and the resource management server is an unconnected state, determining that the resource client used for participating in transaction signature is a second resource client based on a second service transaction signature strategy in the target transaction signature strategy; the second business transaction signature strategy comprises a complete signature strategy and a multiple signature strategy; the full signature policy and the multiple signature policy are deployed in the target business contract.
It can be understood that the second resource client may be a resource client for acquiring the service transaction to be signed and signing the service transaction to be signed by using the stored key when the network connection state between the service terminal and the resource management server is an unconnected state. The key stored by the second resource client can be a service complete key of the service object, and the second resource client can complete a transaction signature of the service transaction to be signed by only carrying out transaction signature on the service transaction to be signed by using the complete key to obtain the complete key signature.
The complete signature policy may be a policy that performs transaction signature on a transaction to be signed by using a service complete key. The multiple signature strategy may refer to the above description, and will not be described herein. It will be appreciated that the full signature policy and the multiple signature policy are deployed in the target business contract, and that the blockchain node may then conduct a transaction verification (also referred to as signature verification) on the received signed business transaction based on the full signature policy and the multiple signature policy in the target business contract.
S907, determining a second business transaction to be signed associated with the target contract address through the second resource client, and carrying out transaction signature on the second business transaction to be signed through the business complete key when the business complete key of the business object is acquired, so as to obtain a complete key signature.
Wherein the second to-be-signed business transaction may be a to-be-signed business contract associated with the target contract address determined by the second resource client. It will be appreciated that the second to-be-signed business transaction may be used to instruct the invoking of the target business contract to perform a corresponding function, such as transferring digital resources in the target business contract, querying the number of resources of digital resources in the target business contract, and the like, without limitation.
The complete key signature is the signature information obtained by carrying out transaction signature by utilizing the service complete key of the service object stored by the second resource client.
It will be appreciated that the second resource client may be running on the same terminal device as the first resource client described above, or may be running on a different terminal device than the first resource client described above, without limitation. It may be understood that if the second resource client and the first resource client operate in the same terminal device, the second resource client may be started when the network connection status result indicates that the network connection status between the service terminal (i.e. the terminal device for initiating the transaction request by the service object) and the resource management server is in an unconnected status, and the transaction request initiated by the service object is obtained, and the contract address of the target service contract is set in the second resource client, so that the second to-be-signed service transaction associated with the target contract address is determined by the second resource client. If the second resource client and the first resource client are operated at different terminal devices, the terminal device operating the second resource client may be in an offline state, and then the terminal device operating the second resource client scans the transaction request graphic code to obtain a second transaction to be signed associated with the target contract address, and then the terminal device operating the second resource client performs a transaction signature on the second transaction to be signed by using the stored complete key to obtain the complete key signature and returns the complete key signature to the service terminal.
S908, determining N signature management devices associated with the business object based on the multiple signature policies, and notifying the N signature management devices to generate remote signature management information associated with the second business transaction to be signed; n is a positive integer; one signature management device corresponds to one remote signature management information.
The determining process of the N signature management devices for determining the remote signature management information of the second to-be-signed service transaction may refer to the above description of the N signature management devices for determining the remote signature management information of the first to-be-signed service transaction, which is not described herein. That is, the N signature management devices may be terminal devices operated by resource clients corresponding to other complete keys except for the service complete key stored by the second resource client, in other words, the N signature devices associated with the second service transaction to be signed are terminal devices operated by resource clients corresponding to the complete key address information in the contract management address information. For example, the contract management address information includes: if the service object A determines the second service transaction to be signed through the resource client corresponding to the service complete key Q, the service complete key Q and the key fragment F1 of the service object A, and the service complete key R and the key fragment P1 of the service object B, N signature management devices determined based on the multiple signature strategies can be terminal devices operated by the resource client corresponding to the service complete key R of the service object B.
It may be understood that, the N signature management devices may be notified to generate N remote signature management information associated with the first service transaction to be signed, which may be that the service terminal directly sends, to the signature management device, signature prompt information for indicating that the service transaction to be signed is signed by using the corresponding resource client, so that the signature management device may sign the service transaction to be signed by using the service integrity key stored by the running resource client, to finally generate the remote signature management information. Optionally, the method for notifying the N signature management devices to generate N remote signature management information associated with the first to-be-signed service transaction may also be that the signature management devices are notified offline, and further the remote signature management information is generated in an offline code scanning manner, where the method for generating the remote signature management information by offline code scanning may refer to the above description related to the remote signature management information generated by offline code scanning when determining the signature management device associated with the first to-be-signed service transaction, which is not described herein.
S909, when the second business transaction to be signed is used as a second signed business transaction, the complete key signature and the second signed business transaction are sent to the blockchain node based on the complete key signature strategy, so that when the blockchain node acquires the complete key signature and K pieces of remote signature management information, a target business contract on the blockchain is called based on a target contract address, and a transaction signature verification result of the second signed business transaction is obtained by carrying out transaction signature verification on the second signed business transaction through the second business transaction signature strategy indicated by the target business contract.
It can be understood that the K remote signature management information may be directly sent to the blockchain node by the signature management device, or may be uniformly sent to the blockchain node by the service terminal after the signature management device returns the remote signature management information to the service terminal that initiates the second service transaction to be signed, which is not limited herein.
Specifically, if the K remote signature management information is that after the signature management device returns the remote signature management information to the service terminal that initiates the second service transaction to be signed, the service terminal sends the remote signature management information to the blockchain node in a unified manner, and when the second service transaction to be signed is taken as the second signed service transaction, the complete key signature and the second signed service transaction are sent to the blockchain node based on the complete key signature policy, which may include the following steps: further, receiving remote signature management information returned by signature management equipment in the N signature management equipment, and counting the quantity of the received remote signature management information to obtain the quantity of received remote signatures; further, when the remote signature time stamp associated with the second to-be-signed business transaction reaches a remote signature time threshold and the number of received remote signatures is greater than or equal to a multiple signature threshold indicated by a multiple signature policy, taking the second to-be-signed business transaction as a second signed business transaction; further, the received K remote signature management information, the full key signature, and the second signed business transaction are transmitted to the blockchain node based on the full signature policy.
It may be understood that, in the step of determining the second to-be-signed service transaction as the second signed service transaction based on the remote signature and the number of received remote signatures associated with the second to-be-signed service transaction, the description of determining the first to-be-signed service transaction as the first signed service transaction may be referred to above based on the remote signature and the number of received remote signatures associated with the first to-be-signed service transaction, which is not described herein.
For example, referring to fig. 10, fig. 10 is a schematic diagram of data interaction according to an embodiment of the present application. As shown in fig. 10, when the service object a initiates a transaction request (step S101), the service terminal 101a may enable the resource client 3, obtain, through the resource management client 3, a service transaction TX2 to be signed associated with the target contract address, and sign the TX2 with the complete key P, to obtain a complete key signature G (step S102). And, the service terminal 101a may notify the signature management apparatus 101b to sign the transaction to be signed service transaction TX2 (step S103). The signature management device 101b is integrated with the resource client 4, so that the signature management device 101b can sign the transaction of the service transaction TX2 to be signed by using the key stored in the resource client 4 to obtain remote signature management information (step S104), and the signature management device 101b can return the remote management signature information to the service terminal (step S105). Further, the service terminal 70a may send the remote management information, the complete key signature G and the signed service transaction TX2 to the blockchain network when the remote signature time stamp associated with the service transaction TX2 reaches the remote signature time threshold and the total number of received remote signature management information is greater than or equal to the multiple signature threshold indicated by the multiple signature policy (step S106). Further, the blockchain network may sign and verify the transaction TX2, and when the verification is successful, perform the transaction TX2 (step S107). It will be appreciated that the blockchain network may sign the service transaction TX2 and the steps of executing the service transaction TX2 may refer to the related description in fig. 3, which is not described herein.
In one embodiment, when the network connection state result indicates that the network connection state between the service terminal and the resource management server is an unconnected state, the service transaction to be signed may be signed only through the complete signature policy, that is, the multiple signature threshold indicated by the multiple signature policy is equal to 0, so that other signature management devices do not need to be notified to sign the service transaction to be signed.
Specifically, when the network connection state result indicates that the network connection state between the service terminal and the resource management server is a connection state, determining that the resource client for participating in transaction signature is a second resource client based on a fourth service transaction signature strategy in the target transaction signature strategy; the third business transaction signature strategy is independent of the second business transaction signature strategy, and the fourth business transaction signature strategy is a complete signature strategy; further, determining a fourth to-be-signed business transaction associated with the target contract address through the second resource client, and carrying out transaction signature on the fourth to-be-signed business transaction through the business complete key when the business complete key of the business object is obtained, so as to obtain a complete key signature; further, when the second business transaction to be signed is used as a second signed business transaction, the complete key signature and the second signed business transaction are sent to the blockchain node based on the complete key signature strategy, so that when the blockchain node acquires the complete key signature, a target business contract on the blockchain is called based on a target contract address, and a transaction signature verification result of the fourth signed business transaction is obtained through a fourth business transaction signature strategy indicated by the target business contract.
It will be appreciated that the fourth business transaction signing policy is a complete signing policy, that is, the business transaction to be signed is signed only by the complete signing policy. The transaction content of the fourth to-be-signed transaction may be the same as the transaction content of the second to-be-signed transaction, or may be different, which is not limited herein. It may be appreciated that when the network connection status result indicates that the network connection status between the service terminal and the resource management server is in an unconnected status, only one service transaction policy is determined from the fourth service transaction policy and the second service transaction policy, so as to sign the transaction of the service to be signed, specifically, what service transaction signature policy is adopted may be determined by the actual service requirement, which is not limited herein. The method for generating the complete key signature of the fourth to-be-signed service transaction may refer to the description related to the generation of the complete key signature of the second to-be-signed service transaction, which is not described herein. It will be appreciated that the fourth to-be-signed business transaction may be considered as a fourth signed business transaction upon generation of a full key signature for the fourth to-be-signed business transaction.
For example, referring to fig. 11, fig. 11 is a schematic diagram of data interaction of a fourth service transaction signature policy according to an embodiment of the present application. The service terminal 30a shown in fig. 11 may be a terminal device in the terminal device cluster in the embodiment corresponding to fig. 1, where the service terminal 30a has a resource management client 3 integrally running therein, and the resource management client 3 is configured to store a complete key (for example, the complete key P) of the service object a shown in fig. 3. It can be seen that, if the network connection state between the service terminal 30a and the resource management server is an unconnected state, the resource management server is not involved in the schematic view of the scenario of the data transaction.
As shown in fig. 11, when the transaction object a initiates a transaction request (step S111), the service terminal 30a may enable the resource client 3, obtain the to-be-signed service transaction TX2 associated with the target contract address through the resource management client 3, sign the TX2 with the complete key P to obtain the complete key signature G (step S112), and then the service terminal 20a sends the complete key signature G and the signed service transaction TX2 to the blockchain network (step S113). Further, the blockchain network may sign and verify the transaction TX2, and when the verification is successful, perform the transaction TX2 (step S114). It will be appreciated that, taking herein as an example a blockchain node in a blockchain network, signing the transaction TX2 by the blockchain node may include signing the complete key signature, thereby determining that the transaction TX2 signing is successful when the complete key signature verification is passed. And the blockchain node can collect the signature verification results of other blockchain link points in the blockchain network aiming at the business transaction TX2, and if the signature verification results exceeding a certain threshold value exist in the collected signature verification results to indicate that the business transaction TX2 is successfully verified, the business transaction TX2 is executed.
Referring to fig. 12, fig. 12 is a flow chart of a transaction processing method according to an embodiment of the application. The method may be performed by a blockchain node, such as blockchain node 11a described above. The method may comprise at least the following step S1201-step S1203.
S1201, acquiring a first signed business transaction and first aggregate signature information associated with a business terminal; the first signed business transaction is determined based on a first business transaction to be signed, the first business transaction to be signed is determined through a first resource client running on the business terminal, and the first resource client is a resource client which is determined based on a first business transaction signature strategy in the target transaction signature strategy and is used for participating in the transaction signature when the network connection state between the business terminal and the resource management server is a connection state; the first business transaction signature strategy comprises a threshold signature strategy and a multiple signature strategy; the first aggregation signature information is obtained by aggregating a second signature fragment and a first signature fragment, the first signature fragment is obtained by carrying out transaction signature on a first to-be-signed service transaction through a first key fragment of a service object by a service terminal, and the second signature fragment is obtained by carrying out transaction signature on the first to-be-signed service transaction through a second key fragment of the service object when a resource management server receives the first signature fragment and the first to-be-signed service transaction sent by the service terminal based on a threshold signature strategy.
It may be appreciated that, the related description of the first signed business transaction and the first aggregate signature information may refer to the related description in the embodiment shown in fig. 5, which is not described herein.
S1202, when K remote signature management information associated with a first signed business transaction is acquired, invoking a target business contract on a blockchain based on a target contract address associated with the first signed business transaction; k remote signature management information associated with the first signed business transaction is generated by K signature management devices based on the first business transaction to be signed; one signature management device corresponds to one remote signature management information; the K signature management devices are signature management devices in N signature management devices which are determined by the service terminal based on the multiple signature strategies and are associated with the service object; K. n is a positive integer, and K is less than or equal to N.
Wherein, it can be appreciated that the K remote signature management information associated with the first signed business transaction can be the K received remote signature management information sent by the business terminal to the blockchain node along with the first signed business transaction and the first aggregate signature information; alternatively, the K remote signature management information associated with the first signed business transaction may be the K remote signature management information received by the resource management server sent to the blockchain node with the first signed business transaction and the first aggregate signature information; alternatively, the K remote signature management information associated with the first signed business transaction may be sent by the K signature management devices themselves to the blockchain node, without limitation.
It can be appreciated that the embodiment of the present application further includes: receiving a first signed business transaction, first aggregate signature information and K remote signature management information sent by a business terminal; k pieces of remote signature management information sent by the service terminal are returned to the service terminal by K pieces of signature management equipment. It may be understood that if the remote signature management information may be signature information generated based on the threshold signature method, the signature management device may sign the service transaction to be signed based on the first key fragment in the running resource client to obtain a first signature fragment, then send the service transaction to be signed to the resource management server, further, the resource management server determines a second key fragment corresponding to the object access information of the service object corresponding to the signature management device, and generates a second signature fragment, and then the resource management server returns the second signature fragment to the corresponding signature management device, so that the signature management device may aggregate to obtain an aggregate signature information based on the first signature fragment and the second signature fragment, determine one remote signature management information based on the aggregate signature information, and further send the remote signature management information to the service terminal. It may be appreciated that if the remote signature management information may be signature information generated based on a complete signature method, the signature management device may sign a service transaction to be signed based on a service complete key in the running resource client to obtain a complete key signature, and then the signature management device may determine one remote signature management information based on the service complete signature information, and then return the remote signature management information to the service terminal.
It can be appreciated that the embodiment of the present application further includes: receiving a first signed business transaction, first aggregate signature information and K remote signature management information sent by a resource management server corresponding to a business terminal; the K remote signature management information sent by the resource management server is sent by the K signature management devices to the resource management server. It may be understood that if the remote signature management information may be signature information generated based on the threshold signature method, the signature management device may sign the service transaction to be signed based on the first key fragment in the running resource client to obtain a first signature fragment, then send the first signature fragment and the service transaction to be signed to the resource management server, further, the resource management server determines a second key fragment corresponding to the object access information of the service object corresponding to the signature management device, and generates a second signature fragment, and then the resource management server aggregates the second signature fragment and the first signature fragment to obtain an aggregated signature information, so as to determine a remote signature management information based on the aggregated signature information, and then the resource management device may send the remote signature management information to the blockchain node subsequently. It may be appreciated that if the remote signature management information may be signature information generated based on a complete signature method, the signature management device may sign a transaction for a service to be signed based on a service complete key in the running resource client to obtain a complete key signature, and then the signature management device may determine one remote signature management information based on the service complete signature information, and then send the remote signature management information to the resource management server, so that the resource management server may send the remote signature management information to the blockchain node.
It can be appreciated that the embodiment of the present application further includes: k remote signature management information respectively transmitted by the K signature management devices is received. It may be understood that if the remote signature management information may be signature information generated based on the threshold signature method, the signature management device may sign the service transaction to be signed based on the first key fragment in the running resource client to obtain a first signature fragment, then send the service transaction to be signed to the resource management server, further, the resource management server determines a second key fragment corresponding to the object access information of the service object corresponding to the signature management device, and generates a second signature fragment, and then the resource management server returns the second signature fragment to the corresponding signature management device, so that the signature management device may aggregate to obtain an aggregate signature information based on the first signature fragment and the second signature fragment, determine one remote signature management information based on the aggregate signature information, and further send the remote signature management information directly to the blockchain node. It may be appreciated that if the remote signature management information may be signature information generated based on a complete signature method, the signature management device may sign a service transaction to be signed based on a service complete key in the running resource client to obtain a complete key signature, and then the signature management device may determine one remote signature management information based on the service complete signature information, and then directly send the remote signature management information to the blockchain node.
S1203, carrying out transaction verification on the first signed business transaction through a first business transaction signature strategy indicated by the target business contract to obtain a transaction verification result of the first signed business transaction.
It will be appreciated that the first business transaction signature policy may include a threshold signature policy and a multiple signature policy, and reference may be made specifically to the relevant description in the embodiment shown in fig. 5 above. The transaction verification result may be used to indicate that the signed transaction verification (also known as verification) was successful or to indicate that the signed transaction verification failed. It will be appreciated that the transaction (e.g., transferring digital resources in a target transaction contract, querying the number of resources in the target transaction contract, etc.) may only be performed if the signed transaction verification (also referred to as verification) is successful, and that the corresponding transaction may not be performed if the signed transaction verification is failed.
It may be understood that, by using the first service transaction signature policy indicated by the target service contract, a transaction signature is performed on the first signed service transaction to obtain a transaction signature verification result of the first signed service transaction, and that, by using the threshold signature policy and the multiple signature policy indicated by the target service contract, a transaction signature verification is performed on the first signed service transaction to obtain a transaction signature verification result of the first signed service transaction.
Specifically, the transaction verification of the first signed transaction is performed on the first signed transaction through the first transaction signing policy indicated by the target service contract, so as to obtain a transaction verification result of the first signed transaction, which may include the following steps: invoking a target business contract to determine a threshold signature strategy for signing and verifying the first aggregate signature information, and signing and verifying the first aggregate signature information based on the threshold signature strategy to obtain a first signature verification result corresponding to the first aggregate signature information; further, a target business contract is called to determine a multiple signature strategy for signing and checking K pieces of remote signature management information, and the K pieces of remote signature management information are signed and checked based on the multiple signature strategy to obtain second signature verification results associated with the K pieces of remote signature management information; the second signature verification result comprises K signature verification results corresponding to the K remote signature management information; m signature verification success results in the K signature verification results are obtained by M signature management devices in the K signature management devices; in the M signature management devices, one signature management device corresponds to one signature verification success result; m is a positive integer greater than the multiple signature threshold indicated by the multiple signature threshold policy; further, if the first signature verification result is a signature verification success result and there are M signature verification success results in the second signature verification result, determining a transaction verification result of the first signed transaction to be used for indicating that the first signed transaction verification is successful.
Wherein it is understood that the first signature verification result may be used to indicate whether verification of the first aggregate signature information is successful. The second signature verification result may include K signature verification results, one signature verification result corresponding to one remote signature management information, and the signature verification result corresponding to each remote signature management information is used to indicate whether the remote signature management information is verified successfully.
It can be understood that signature verification is performed on the first aggregate signature information based on the threshold signature policy to obtain a first signature verification result corresponding to the first aggregate signature information, and a public key corresponding to the first aggregate signature information can be determined based on the threshold signature policy, so that signature verification is performed on the first aggregate signature information based on the public key corresponding to the first aggregate signature information to obtain the first signature verification result. And carrying out signature verification on the K pieces of remote signature management information based on the multiple signature strategy to obtain second signature verification results related to the K pieces of remote signature management information, wherein a public key corresponding to each piece of remote signature management information can be determined based on the multiple signature strategy, and further carrying out transaction verification on the corresponding remote signature management information based on the public key corresponding to each piece of remote signature management information, so that the second signature verification results are obtained based on the signature verification results of the K pieces of remote signature management information.
It can be understood that the successful signature verification result refers to the result of successful signature verification of the corresponding signature information.
It can be understood that M signature verification success results exist in the second signature verification result, that is, there is a remote signature management information verification success greater than the multiple signature threshold indicated by the multiple signature threshold policy in the second signature verification result. It can be understood that the first signature verification result is a signature verification success result, and M signature verification success results exist in the second signature verification result, that is, signature information verification success generated by a key corresponding to m+1 contract management address information exists, so that the first signed service transaction verification success is determined.
It will be appreciated that contract registration on the blockchain is required before the service terminal obtains a first to-be-signed service transaction associated with the target service contract.
Specifically, a business management contract for managing business contracts and a business template contract for defining business contract templates are deployed on the blockchain; then, the embodiment of the application can further comprise the following steps: when a registration transaction for contract registration is acquired, determining management address information to be registered corresponding to a contract to be registered from the registration transaction; further, when the business management contract is called to deploy the contract to be registered on the blockchain based on the business template contract, the contract to be registered deployed on the blockchain is used as a target business contract, and the management address information to be registered is used as contract management address information of the target business contract; further, when the contract address of the target service contract is acquired, the contract address of the target service contract is sent to the service terminal.
It will be appreciated that the registration transaction and the address information to be registered in the registration transaction may refer to the related description in the embodiment shown in fig. 5, which is not described herein.
Wherein the business management contract may be an intelligent contract for managing resource management contracts (also referred to as business contracts) deployed on a blockchain. The business template contract may be used to define intelligent contracts for templates of resource management contracts deployed on blockchains. It is to be appreciated that upon receiving a registration transaction, the blockchain node can invoke a business management contract to deploy a to-be-registered contract on the blockchain based on the business template contract to target the to-be-registered contract that has been deployed on the blockchain.
It will be appreciated that the blockchain node may generate a contract address (i.e., a target contract address) of the registered target business contract, and then return the target contract address to the business terminal that initiated the registration transaction, i.e., to the business object that initiated the registration transaction, and then the subsequent business object may initiate the to-be-signed business transaction associated with the target contract address of the target business contract. It may be understood that the blockchain node may also send the target contract address to a resource client of a key corresponding to the contract management address information, where the resource client is operated in a terminal device, and other terminal devices except for a service terminal that initiates the registration transaction, that is, the blockchain node may send the target contract address to a service object that initiates the registration transaction, and may also send the target contract address to other service management objects of the target service contract, so that the other service management objects may initiate, as service objects, a service transaction to be signed associated with the target contract address of the target service contract.
It will be appreciated that the registration transaction may also include a key-fragmentation threshold indicated by the threshold signature policy and a multi-signature threshold indicated by the multi-signature policy, whereby the key-fragmentation threshold of the threshold signature policy and the multi-signature threshold of the multi-signature policy in the business transaction signature policy deployed in the target business contract may be determined.
For example, referring to fig. 13, fig. 13 is a schematic diagram of a service management contract deployment procedure according to an embodiment of the present application. As shown in fig. 13, a development object (e.g., development object B) may send deployment transactions for a business management contract and a business template contract to a blockchain network (step S1301), so that the business management contract 1301a and the business template contract 1301B may be deployed on blockchain nodes. Further, upon acquiring a registration transaction for registering a business contract, the blockchain node may invoke the business management contract 1301a and the business template contract 1301b to deploy a business contract exclusive to a business object corresponding to the set contract management address information.
It will be appreciated that the business template contracts may be used to define the functionality of the business contracts for which deployment is desired. The functions that a business template contract may define include: transferring digital resources, adding or reducing contract management address information, inquiring the number of the digital resources in the business contract, and setting a threshold value corresponding to a signature transaction strategy (such as a key slicing threshold value corresponding to a threshold value signature strategy and a multiple signature threshold value corresponding to a multiple signature strategy). For example, if the multiple signature threshold corresponding to the multiple signature policy of the device is 0, the service object only needs to use the secret key (such as the complete secret key or the secret key fragment) held by itself to perform transaction signature, so as to obtain signature information (such as the aggregate signature information corresponding to the complete secret key signature or the secret key fragment), and then the service contract can be invoked.
For example, referring to fig. 14, fig. 14 is a functional schematic diagram corresponding to a service contract according to an embodiment of the present application. As shown in fig. 14, a function corresponding to a business contract may be defined by a business template contract, and the business contract may include functions of transferring digital resources 1401a, querying the number of resources 1402a of the digital resources in the business contract, adding or subtracting contract management address information 1403a, setting a threshold 1404a corresponding to a signature transaction policy, and the like. It can be understood that various functions corresponding to the service contract can be initiated by the service management object to perform service transaction, and the signed service transaction is sent to the blockchain network, and the blockchain network can call the service contract to perform the corresponding functions when the signed service transaction is checked successfully. For example, the business management object of the target business contract may determine, by the business terminal, a signed business transaction associated with the target business contract for transferring the numeric resource by sending a transaction request for indicating transfer of the numeric resource to send the signed business transaction to the blockchain network so that the blockchain network may invoke the target business contract to perform the business transaction.
It can be appreciated that the embodiment of the present application further includes: invoking a target business contract on the blockchain based on a target contract address associated with the third signed business transaction upon acquiring the third signed business transaction and the second aggregate signature information; the third signed business transaction is determined based on a third business transaction to be signed, the third business transaction to be signed is determined through a first resource client running on the business terminal, and the first resource client is a resource client which is determined based on a third business transaction signature strategy in the target transaction signature strategy and is used for participating in the transaction signature when the network connection state between the business terminal and the resource management server is a connection state; the third business transaction signature policy is a threshold signature policy; the second aggregated signature information is obtained by aggregating a third signature fragment and a fourth signature fragment by the resource management server, the third signature fragment is obtained by carrying out transaction signature on a third to-be-signed service transaction by the service terminal through a first key fragment of the service object, and the fourth signature fragment is obtained by carrying out transaction signature on the third to-be-signed service transaction by the second key fragment of the service object when the resource management server receives the third signature fragment and the third to-be-signed service transaction sent by the service terminal based on a threshold signature strategy; further, a third signed business transaction is subjected to transaction verification through a third business transaction signature strategy indicated by the target business contract, and a transaction verification result of the third signed business transaction is obtained.
It may be appreciated that the generation process of the third signed business transaction and the second aggregate signature information may refer to the related description in the embodiment shown in fig. 5, which is not described herein.
It may be appreciated that, by using the third service transaction signature policy indicated by the target service contract, the third signed service transaction is subjected to a transaction signature verification, so as to obtain a transaction signature verification result of the third signed service transaction, that is: and acquiring a public key corresponding to the second aggregate signature information through a threshold signature strategy indicated by the target service contract, and carrying out transaction signature verification on the third signed service transaction based on the public key corresponding to the second aggregate signature information to obtain a transaction signature verification result of the third signed service transaction.
Referring to fig. 15, fig. 15 is a flow chart of a transaction processing method according to an embodiment of the application. The method may be performed by a blockchain node, such as blockchain node 11a described above. The method may include at least the following steps S1501 to S1503.
S1501, obtaining a second signed business transaction and a complete key signature sent by a business terminal; the second signed business transaction is determined based on a second business transaction to be signed, the second business transaction to be signed is determined through a second resource client running on the business terminal, and the second resource client is a resource client which is determined based on a second business transaction signature strategy in the target transaction signature strategy and is used for participating in the transaction signature when the network connection state between the business terminal and the resource management server is in an unconnected state; the second business transaction signature strategy comprises a complete signature strategy and a multiple signature strategy; the second signed business transaction and the complete key signature are sent by the business terminal based on the complete signature strategy, and the complete key signature is obtained by the business terminal carrying out transaction signature on the second business transaction to be signed through the complete key of the business object.
It will be appreciated that, the related description of the second signed service transaction and the complete key signature may refer to the related description in the embodiment shown in fig. 9, which is not described herein.
S1502, when K remote signature management information associated with a second signed business transaction is acquired, invoking a target business contract on a blockchain based on a target contract address associated with the second signed business transaction; k remote signature management information associated with the second signed business transaction is generated by K signature management devices based on the second business transaction to be signed, one signature management device corresponding to each remote signature management information; the K signature management devices are signature management devices in N signature management devices which are determined by the service terminal based on the multiple signature strategies and are associated with the service object; k is a positive integer, and K is a positive integer less than or equal to N.
Wherein, it can be appreciated that the K remote signature management information associated with the second signed business transaction can be the K received remote signature management information sent by the business terminal to the blockchain node along with the second signed business transaction and the full key signature; alternatively, the K remote signature management information associated with the second signed business transaction may be sent by the K signature management devices themselves to the blockchain node, without limitation.
It can be appreciated that the embodiment of the present application further includes: receiving a second signed business transaction, a complete key signature and K pieces of remote signature management information sent by a business terminal; k pieces of remote signature management information sent by the service terminal are returned to the service terminal by K pieces of signature management equipment. It may be appreciated that when the resource management server is unavailable, the remote signature management information may be signature information generated based on a complete signature method, then the signature management device may sign a service transaction to be signed based on a service complete key in the running resource client to obtain a complete key signature, then the signature management device may determine one remote signature management information based on the service complete signature information, and then return the remote signature management information to the service terminal, and then the service terminal sends the remote signature management information to the blockchain node together with the second signed service transaction and the complete key signature.
It can be appreciated that the embodiment of the present application further includes: k remote signature management information respectively transmitted by the K signature management devices is received. It may be appreciated that when the resource management server is unavailable, the remote signature management information may be signature information generated based on a complete signature method, and then the signature management device may sign a service transaction to be signed based on a service complete key in the running resource client to obtain a complete key signature, and then the signature management device may determine one remote signature management information based on the service complete signature information, and then directly send the remote signature management information to the blockchain node.
It can be understood that if the K remote signature management information is directly sent to the blockchain node, in the K signature management devices, any one signature management device may sign a transaction of the second to-be-signed transaction by using the service integrity key in the signature management device to obtain a corresponding integrity key signature, take the second to-be-signed transaction as the second signed transaction, and then take the second to-be-signed transaction and the corresponding integrity key signature as the remote signature management information, so as to send the remote signature management information to the blockchain node.
It will be appreciated that the blockchain node, upon acquiring a first second signed business transaction and an associated business integrity key, determines signature waiting timing information associated with the second signed business transaction; receiving remote signature management information associated with the second signed business transaction and counting the number of received remote signature management information associated with the second signed business transaction; when the signature waiting timing information reaches a signature waiting timing threshold and the number of received remote signature management information is greater than or equal to a multiple signature threshold indicated by a multiple signature policy, invoking a target business contract on the blockchain based on a target contract address associated with the second signed business transaction.
S1503, carrying out transaction verification on the second signed business transaction through a second business transaction signature strategy indicated by the target business contract to obtain a transaction verification result of the second signed business transaction.
It will be appreciated that the second business transaction signature policy may include a full signature policy and a multiple signature policy, and reference may be made specifically to the relevant description in the embodiment shown in fig. 9.
It may be understood that, by using the second service transaction signature policy indicated by the target service contract, a transaction signature verification is performed on the second signed service transaction to obtain a transaction signature verification result of the second signed service transaction, and may be that, by using the complete signature policy and the multiple signature policy indicated by the target service contract, a transaction signature verification is performed on the second signed service transaction to obtain a transaction signature verification result of the second signed service transaction.
Specifically, the transaction verification of the second signed transaction is performed on the second signed transaction through the second transaction signature policy indicated by the target service contract, so as to obtain a transaction verification result of the second signed transaction, which may include the following steps: invoking a target business contract to determine a complete signature strategy for signing and verifying the complete key signature, and signing and verifying the complete key signature based on the complete signature strategy to obtain a third signature verification result corresponding to the complete key signature; further, a target business contract is called to determine a multiple signature strategy for signing and checking K pieces of remote signature management information, and the K pieces of remote signature management information are signed and checked based on the multiple signature strategy to obtain a fourth signature verification result associated with the K pieces of remote signature management information; the fourth signature verification result comprises K signature verification results corresponding to the K remote signature management information; m signature verification success results in the K signature verification results are obtained by M signature management devices in the K signature management devices; in the M signature management devices, one signature management device corresponds to one signature verification success result; m is a positive integer greater than the multiple signature threshold indicated by the multiple signature threshold policy; further, if the third signature verification result is a signature verification success result and there are M signature verification success results in the fourth signature verification result, determining that the transaction verification result of the second signed transaction is used to indicate that the second signed transaction verification is successful.
Wherein it is understood that the third signature verification result may be used to indicate whether verification of the full key signature was successful. The fourth signature verification result may include K signature verification results, one signature verification result corresponding to one remote signature management information, and the signature verification result corresponding to each remote signature management information is used to indicate whether the remote signature management information is verified successfully.
It can be understood that signature verification is performed on the complete key signature based on the complete signature policy to obtain a third signature verification result corresponding to the first complete key signature, and a public key corresponding to the complete key signature can be determined based on the complete signature policy, so that signature verification is performed on the complete key signature based on the public key corresponding to the complete key signature to obtain the third signature verification result. And carrying out signature verification on the K pieces of remote signature management information based on the multiple signature strategy to obtain fourth signature verification results related to the K pieces of remote signature management information, wherein the related description for obtaining the second signature verification results can be referred to, and details are omitted herein.
It can be appreciated that the embodiment of the present application further includes: invoking a target business contract on the blockchain based on a target contract address associated with the fourth signed business transaction upon acquiring the fourth signed business transaction and the full key signature; the fourth signed business transaction is determined based on a fourth business transaction to be signed, the fourth business transaction to be signed is determined through a second resource client running on the business terminal, and the second resource client is a resource client which is determined based on a fourth business transaction signature strategy in the target transaction signature strategy and is used for participating in the transaction signature when the network connection state between the business terminal and the resource management server is in an unconnected state; the fourth business transaction signature strategy is a complete signature strategy; the fourth signed business transaction and the complete key signature are sent by the business terminal based on a complete signature strategy, and the complete key signature is obtained by the business terminal carrying out transaction signature on the second business transaction to be signed through the complete key of the business object; further, a transaction verification result of the fourth signed business transaction is obtained by carrying out transaction verification on the fourth signed business transaction through a fourth business transaction signature strategy indicated by the target business contract.
It will be appreciated that the fourth signed business transaction and the complete key signature may refer to the related descriptions in the embodiment shown in fig. 9, which are not described herein.
It may be appreciated that, by using the fourth service transaction signature policy indicated by the target service contract, the transaction verification is performed on the fourth signed service transaction, so as to obtain a transaction verification result of the fourth signed service transaction, that is: and acquiring a public key corresponding to the complete key signature through a complete signature strategy indicated by the target service contract, and carrying out transaction verification on the fourth signed service transaction based on the public key corresponding to the complete key signature to obtain a transaction verification result of the fourth signed service transaction.
Referring to fig. 16, fig. 16 is a schematic structural diagram of a transaction processing device according to an embodiment of the application. As shown in fig. 16, the transaction processing device 1 may be a computer program (including program code) running on a service terminal (e.g., the above-mentioned terminal equipment 110 a), for example, the transaction processing device 1 is an application software; it will be appreciated that the transaction processing device 1 may be adapted to perform the corresponding steps in the transaction processing method provided by embodiments of the present application. As shown in fig. 16, the transaction processing apparatus 1 may include: a resource client determining module 11, a threshold signing module 12, a multiple signing module 13 and a transmitting module 14;
The resource client determining module 11 is configured to determine, based on a first service transaction signature policy in the target transaction signature policies, that a resource client for participating in a transaction signature is a first resource client if a network connection state between the service terminal and the resource management server is a connection state; the first business transaction signature strategy comprises a threshold signature strategy and a multiple signature strategy; the threshold signature strategy and the multiple signature strategy are deployed in a target business contract on the blockchain; the target business contract is obtained after the business object is subjected to contract registration on a blockchain through a blockchain node; the contract address of the target business contract is the target contract address of the block link point returned to the business object;
the threshold signature module 12 is configured to determine, by using the first resource client, a first to-be-signed service transaction associated with the target contract address, and when a first key fragment of the service object is acquired, perform a transaction signature on the first to-be-signed service transaction through the first key fragment, so as to obtain a first signature fragment;
a multiple signature module 13 for determining N signature management devices associated with the business object based on the multiple signature policy, and notifying the N signature management devices to generate N remote signature management information associated with the first business transaction to be signed; n is a positive integer; one signature management device corresponds to one remote signature management information;
The sending module 14 is configured to send the first signature fragment and the first business transaction to be signed to the resource management server based on the threshold signature policy, so that when the resource management server signs the first business transaction to be signed through the second key fragment of the business object to obtain the second signature fragment, aggregate the first signature fragment and the second signature fragment to obtain first aggregate signature information, and when the first business transaction to be signed is used as the first signed business transaction, send the first aggregate signature information and the first signed business transaction to the blockchain node; the blockchain node is used for calling a target business contract on the blockchain based on a target contract address when the first aggregate signature information and the K remote signature management information are acquired, and conducting transaction signature verification on the first signed business transaction through a first business transaction signature strategy indicated by the target business contract to obtain a transaction signature verification result of the first signed business transaction; k is a positive integer less than or equal to N.
The first business transaction to be signed is determined when the business object successfully accesses the first resource client through the object access information;
The transmitting module 14 may include: an information acquisition unit 141, an information transmission unit 142;
an information acquisition unit 141 for acquiring object access information of a service object;
an information transmitting unit 142, configured to transmit the object access information, the first signature fragment, and the first to-be-signed business transaction to the resource management server based on the threshold signature policy; the object access information is used to instruct the resource management server to determine a second key fragment of the business object based on the object access information.
The service object is associated with a second resource client, a service complete key of the service object is stored in the second resource client, and key address information of the service complete key is service complete key address information;
the transaction processing device 1 includes: a contract registration module 15; the contract registration module 15 includes: a key negotiation unit 151, a management address acquisition unit 152, and a registration transaction transmission unit 153;
a key negotiation unit 151, configured to send a threshold signing key obtaining request to the resource management server, so that the resource management server and the service terminal negotiate to generate a first key fragment stored by the first resource management client and a second key fragment stored by the resource management server based on a key fragment generation mechanism, and determine that key address information that corresponds to the first key fragment and the second key fragment together is threshold signing key address information;
The management address obtaining unit 152 is configured to obtain, when obtaining the threshold signing key address information, a plurality of pieces of management address information to be registered, where the plurality of pieces of management address information to be registered includes: threshold signing key address information and service integrity key address information;
the registration transaction transmitting unit 153 is configured to determine a registration transaction for performing contract registration based on the plurality of pieces of management address information to be registered, transmit the registration transaction to the blockchain node, so that the blockchain node performs contract registration on the blockchain based on the registration transaction to obtain a target service contract, and use the management address information to be registered as contract management address information of the target service contract, where the contract management address information is used to determine N signature management devices.
Wherein the contract registration module 15 further includes: a threshold value acquisition unit 154;
the threshold value obtaining unit 154 is further configured to obtain a key fragmentation threshold value indicated by the threshold value signature policy, and a multiple signature threshold value indicated by the multiple signature policy;
the registration transaction transmitting unit 153 is further configured to determine a registration transaction for performing contract registration based on the plurality of pieces of management address information to be registered, the key fragmentation threshold, and the multiple signature threshold.
The information sending unit 142 is configured to send the first business transaction to be signed to the resource management server when the threshold signature policy is a signature policy for instructing the business terminal to perform aggregate signature, so that the resource management server performs transaction signature on the first business transaction to be signed through the second key fragment of the business object to obtain a second signature fragment;
the threshold signing module 12 is configured to, when a second signature fragment returned by the resource management server is acquired, aggregate to obtain first aggregate signature information through the second signature fragment and the first signature fragment, and send the first aggregate signature information and the first signed service transaction to the blockchain node when the first service transaction to be signed is used as the first signed service transaction.
Wherein the multiple signature module 13 includes: a remote signature receiving unit 131, a signature transaction unit 132, and a transaction transmitting unit 133;
a remote signature receiving unit 131, configured to receive remote signature management information returned by a signature management device in the N signature management devices, and count the number of received remote signature management information to obtain a received remote signature number;
a signature transaction unit 132, configured to take the first to-be-signed transaction as a first signed transaction when the remote signature timestamp associated with the first to-be-signed transaction reaches a remote signature time threshold and the number of received remote signatures is greater than or equal to a multiple signature threshold indicated by a multiple signature policy;
The transaction transmitting unit 133 is configured to transmit the received K remote signature management information, the first aggregate signature information, and the first signed service transaction to the blockchain node.
Wherein, transaction processing device 1 still includes: a network state detection module 16;
the network state detection module 16 is configured to detect a network connection state between the service terminal and the resource management server, and obtain a network connection state result;
the resource client determining module 11 is configured to perform a step of determining, based on a first service transaction signature policy among the target transaction signature policies, that a resource client for participating in a transaction signature is a first resource client, when the network connection status result indicates that the network connection status between the service terminal and the resource management server is a connection status.
Wherein, transaction processing device 1 still includes: a complete signature module 17;
the network state detection module 16 is configured to determine, based on a second service transaction signature policy of the target transaction signature policies, that the resource client for participating in the transaction signature is a second resource client when the network connection state result indicates that the network connection state between the service terminal and the resource management server is an unconnected state; the second business transaction signature strategy comprises a complete signature strategy and a multiple signature strategy; the complete signature strategy and the multiple signature strategy are deployed in the target business contract;
The complete signature module 17 is configured to determine, by using a second resource client, a second to-be-signed service transaction associated with the target contract address, and when a service complete key of the service object is obtained, perform transaction signature on the second to-be-signed service transaction by using the service complete key, so as to obtain a complete key signature;
a multiple signature module 13 for determining N signature management devices associated with the business object based on the multiple signature policy, and notifying the N signature management devices to generate remote signature management information associated with the second business transaction to be signed; n is a positive integer; one signature management device corresponds to one remote signature management information;
and the sending module 14 is configured to send, when the second business transaction to be signed is taken as a second signed business transaction, the complete key signature and the second signed business transaction to the blockchain node based on the complete key signature policy, so that when the blockchain node obtains the complete key signature and the K remote signature management information, the blockchain node invokes the target business contract on the blockchain based on the target contract address, and performs a transaction signature verification on the second signed business transaction through the second business transaction signature policy indicated by the target business contract, to obtain a transaction signature verification result of the second signed business transaction.
The remote signature receiving unit 131 is configured to receive remote signature management information returned by a signature management device in the N signature management devices, and count the number of received remote signature management information to obtain a received remote signature number;
a signature transaction unit 132, configured to take the second to-be-signed transaction as a second signed transaction when the remote signature timestamp associated with the second to-be-signed transaction reaches a remote signature time threshold and the number of received remote signatures is greater than or equal to a multiple signature threshold indicated by the multiple signature policy;
the transaction transmitting unit 133 is configured to transmit the received K remote signature management information, the complete key signature, and the second signed business transaction to the blockchain node based on the complete signature policy.
The resource client determining module 11 is configured to determine, when the network connection status result indicates that the network connection status between the service terminal and the resource management server is a connection status, that the resource client for participating in the transaction signature is the first resource client based on a third service transaction signature policy in the target transaction signature policies; the third business transaction signature policy is independent of the third business transaction signature policy, the third business transaction signature policy being a threshold signature policy;
The threshold signing module 12 is configured to determine, by using the first resource client, a third to-be-signed service transaction associated with the target contract address, and when a first key fragment of the service object is obtained, perform a transaction signature on the third to-be-signed service transaction through the first key fragment, so as to obtain a third signature fragment;
the sending module 14 is configured to send the third signature fragment and the third to-be-signed service transaction to the resource management server based on the threshold signature policy, so that when the resource management server signs the third to-be-signed service transaction by the second key fragment of the service object to obtain a fourth signature fragment, the third signature fragment and the fourth signature fragment are aggregated to obtain second aggregated signature information, and when the third to-be-signed service transaction is used as a third signed service transaction, the second aggregated signature information and the third signed service transaction are sent to the blockchain node; and the blockchain node is used for calling a target business contract on the blockchain based on the target contract address when the second aggregate signature information is acquired, and carrying out transaction signature verification on the third signed business transaction through a third business transaction signature strategy indicated by the target business contract to obtain a transaction signature verification result of the third signed business transaction.
Referring to fig. 17, fig. 17 is a schematic structural diagram of a transaction processing device according to an embodiment of the application. As shown in fig. 17, the transaction processing device 2 may be a computer program (including program code) running on a blockchain node (e.g., the blockchain node 11 a), for example, the transaction processing device 1 is an application software; it will be appreciated that the transaction processing device 2 may be adapted to perform the corresponding steps in the transaction processing method provided by embodiments of the present application. As shown in fig. 17, the transaction processing device 2 may include: an acquisition module 21, a contract calling module 22 and a transaction verification module 23;
an acquisition module 21, configured to acquire first signed service transaction and first aggregate signature information associated with a service terminal; the first signed business transaction is determined based on a first business transaction to be signed, the first business transaction to be signed is determined through a first resource client running on the business terminal, and the first resource client is a resource client which is determined based on a first business transaction signature strategy in the target transaction signature strategy and is used for participating in the transaction signature when the network connection state between the business terminal and the resource management server is a connection state; the first business transaction signature strategy comprises a threshold signature strategy and a multiple signature strategy; the first aggregation signature information is obtained by aggregating a second signature fragment and a first signature fragment, the first signature fragment is obtained by carrying out transaction signature on a first to-be-signed service transaction through a first key fragment of a service object by a service terminal, and the second signature fragment is obtained by carrying out transaction signature on the first to-be-signed service transaction through a second key fragment of the service object when a resource management server receives the first signature fragment and the first to-be-signed service transaction sent by the service terminal based on a threshold signature strategy;
A contract invoking module 22 for invoking a target business contract on the blockchain based on a target contract address associated with the first signed business transaction upon acquiring K remote signature management information associated with the first signed business transaction; k remote signature management information associated with the first signed business transaction is generated by K signature management devices based on the first business transaction to be signed; one signature management device corresponds to one remote signature management information; the K signature management devices are signature management devices in N signature management devices which are determined by the service terminal based on the multiple signature strategies and are associated with the service object; K. n is a positive integer, and K is less than or equal to N;
the transaction verification module 23 is configured to perform transaction verification on the first signed transaction according to the first transaction signature policy indicated by the target service contract, so as to obtain a transaction verification result of the first signed transaction.
Wherein, the trade check module 23 includes: a threshold signature verification unit 231, a multiple signature verification unit 232, and a verification result unit 233;
a threshold signature verification unit 231, configured to invoke a target service contract to determine a threshold signature policy for signing and verifying the first aggregate signature information, and sign and verify the first aggregate signature information based on the threshold signature policy, so as to obtain a first signature verification result corresponding to the first aggregate signature information;
The multiple signature verification unit 232 is configured to invoke a target service contract to determine a multiple signature policy for signing and verifying the K remote signature management information, and sign and verify the K remote signature management information based on the multiple signature policy, so as to obtain a second signature verification result associated with the K remote signature management information; the second signature verification result comprises K signature verification results corresponding to the K remote signature management information; m signature verification success results in the K signature verification results are obtained by M signature management devices in the K signature management devices; in the M signature management devices, one signature management device corresponds to one signature verification success result; m is a positive integer greater than the multiple signature threshold indicated by the multiple signature threshold policy;
the verification result unit 233 is configured to determine that the transaction verification result of the first signed transaction is used to indicate that the verification of the first signed transaction is successful if the first signature verification result is a signature verification success result and if M signature verification success results exist in the second signature verification result.
The block chain is provided with a business management contract for managing the business contracts and a business template contract for defining business contract templates;
The transaction processing device 2 further includes: a business contract deployment module 24; the business contract deployment module 24 includes: a registration transaction acquisition unit 241, a management contract calling unit 242, and an address generation unit 243;
a registration transaction acquiring unit 241, configured to determine, when acquiring a registration transaction for performing contract registration, to-be-registered management address information corresponding to a to-be-registered contract from the registration transaction;
a management contract calling unit 242 for taking the contract to be registered, which has been deployed on the blockchain, as a target business contract and taking the management address information to be registered as contract management address information of the target business contract when calling the business management contract to deploy the contract to be registered on the blockchain based on the business template contract;
the address generating unit 243 is configured to send the contract address of the target service contract to the service terminal when the contract address of the target service contract is acquired.
Wherein, the obtaining module 21 is further configured to obtain a second signed service transaction and a complete key signature sent by the service terminal; the second signed business transaction is determined based on a second business transaction to be signed, the second business transaction to be signed is determined through a second resource client running on the business terminal, and the second resource client is a resource client which is determined based on a second business transaction signature strategy in the target transaction signature strategy and is used for participating in the transaction signature when the network connection state between the business terminal and the resource management server is in an unconnected state; the second business transaction signature strategy comprises a complete signature strategy and a multiple signature strategy; the second signed business transaction and the complete key signature are sent by the business terminal based on a complete signature strategy, and the complete key signature is obtained by the business terminal carrying out transaction signature on the second business transaction to be signed through the complete key of the business object;
The contract invoking module 22 is further configured to invoke a target business contract on the blockchain based on a target contract address associated with the second signed business transaction when the K remote signature management information associated with the second signed business transaction is obtained; k remote signature management information associated with the second signed business transaction is generated by K signature management devices based on the second business transaction to be signed, one signature management device corresponding to each remote signature management information; the K signature management devices are signature management devices in N signature management devices which are determined by the service terminal based on the multiple signature strategies and are associated with the service object; k is a positive integer, K is a positive integer less than or equal to N;
the transaction verification module 23 is further configured to perform transaction verification on the second signed transaction according to the second transaction signature policy indicated by the target service contract, so as to obtain a transaction verification result of the second signed transaction.
Wherein the obtaining module 21 is further configured to, when obtaining the third signed business transaction and the second aggregate signature information, invoke a target business contract on the blockchain based on a target contract address associated with the third signed business transaction; the third signed business transaction is determined based on a third business transaction to be signed, the third business transaction to be signed is determined through a first resource client running on the business terminal, and the first resource client is a resource client which is determined based on a third business transaction signature strategy in the target transaction signature strategy and is used for participating in the transaction signature when the network connection state between the business terminal and the resource management server is a connection state; the third business transaction signature policy is a threshold signature policy; the second aggregated signature information is obtained by aggregating a third signature fragment and a fourth signature fragment by the resource management server, the third signature fragment is obtained by carrying out transaction signature on a third to-be-signed service transaction by the service terminal through a first key fragment of the service object, and the fourth signature fragment is obtained by carrying out transaction signature on the third to-be-signed service transaction by the second key fragment of the service object when the resource management server receives the third signature fragment and the third to-be-signed service transaction sent by the service terminal based on a threshold signature strategy;
The transaction verification module 23 is further configured to perform transaction verification on the third signed transaction according to the third transaction signing policy indicated by the target service contract, so as to obtain a transaction verification result of the third signed transaction.
Referring to fig. 18, fig. 18 is a schematic structural diagram of a computer device according to an embodiment of the present application. As shown in fig. 18, the computer device 1000 may include: processor 1001, network interface 1004, and memory 1005, and in addition, the above-described computer device 1000 may further include: a user interface 1003, and at least one communication bus 1002. Wherein the communication bus 1002 is used to enable connected communication between these components. The user interface 1003 may include a display (display) and a Keyboard (Keyboard), and the optional user interface 1003 may further include a standard wired interface and a wireless interface. The network interface 1004 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface). The memory 1005 may be a high-speed RAN memory or may be a non-volatile neory memory, such as at least one disk memory. The memory 1005 may also optionally be at least one storage device located remotely from the processor 1001. As shown in fig. 18, an operating system, a network communication module, a user interface module, and a device control application program may be included in a memory 1005, which is one type of computer-readable storage medium.
In the computer device 1000 shown in fig. 18, the network interface 1004 may provide network communication functions; while user interface 1003 is primarily used as an interface for providing input to a user; the processor 1001 may be configured to invoke the device control application stored in the memory 1005 to execute the transaction processing method in any of the foregoing embodiments, which is not described herein. In addition, the description of the beneficial effects of the same method is omitted.
Furthermore, it should be noted here that: the embodiment of the present application further provides a computer readable storage medium, in which the aforementioned computer programs executed by the transaction processing device 1 and the transaction processing device 2 are stored, and the computer programs include program instructions, when executed by the processor, can execute the description of the transaction processing method in the foregoing embodiment, and therefore, a detailed description will not be given here. In addition, the description of the beneficial effects of the same method is omitted. For technical details not disclosed in the embodiments of the computer-readable storage medium according to the present application, please refer to the description of the method embodiments of the present application.
The computer readable storage medium may be the transaction processing apparatus provided in any of the foregoing embodiments or an internal storage unit of the computer device, for example, a hard disk or a memory of the computer device. The computer readable storage medium may also be an external storage device of the computer device, such as a plug-in hard disk, a smart card (SNC), a Secure Digital (SD) card, a flash card (flash card) or the like, which are provided on the computer device. Further, the computer-readable storage medium may also include both internal storage units and external storage devices of the computer device. The computer-readable storage medium is used to store the computer program and other programs and data required by the computer device. The computer-readable storage medium may also be used to temporarily store data that has been output or is to be output.
Furthermore, it should be noted here that: embodiments of the present application also provide a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium and executes the computer instructions to cause the computer device to perform the method provided by any of the corresponding embodiments described above. In addition, the description of the beneficial effects of the same method is omitted. For technical details not disclosed in the computer program product or the computer program embodiments according to the present application, reference is made to the description of the method embodiments according to the present application.
The terms first, second and the like in the description and in the claims and drawings of embodiments of the application are used for distinguishing between different objects and not for describing a particular sequential order. Furthermore, the term "include" and any variations thereof is intended to cover a non-exclusive inclusion. For example, a process, method, apparatus, article, or device that comprises a list of steps or elements is not limited to the list of steps or modules but may, in the alternative, include other steps or modules not listed or inherent to such process, method, apparatus, article, or device.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps described in connection with the embodiments disclosed herein may be embodied in electronic hardware, in computer software, or in a combination of the two, and that the elements and steps of the examples have been generally described in terms of function in the foregoing description to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The foregoing disclosure is illustrative of the present application and is not to be construed as limiting the scope of the application, which is defined by the appended claims.

Claims (20)

1. A transaction processing method, characterized in that the method is performed by a service terminal; the method comprises the following steps:
if the network connection state between the service terminal and the resource management server is a connection state, determining a resource client for participating in transaction signature as a first resource client based on a first service transaction signature strategy in a target transaction signature strategy; the first business transaction signature strategy comprises a threshold signature strategy and a multiple signature strategy; the threshold signature strategy and the multiple signature strategy are deployed in a target business contract on a blockchain; the target business contract is obtained after a business object is subjected to contract registration on a blockchain through a blockchain node; the contract address of the target business contract is a target contract address returned to the business object by the blockchain node;
determining a first business transaction to be signed associated with the target contract address through the first resource client, and carrying out transaction signature on the first business transaction to be signed through the first key fragment when the first key fragment of the business object is acquired, so as to obtain a first signature fragment;
Determining N signature management devices associated with the business object based on the multiple signature policy, and notifying the N signature management devices to generate N remote signature management information associated with the first business transaction to be signed; n is a positive integer; one signature management device corresponds to one remote signature management information;
transmitting the first signature fragment and the first business transaction to be signed to the resource management server based on the threshold signature strategy, so that the resource management server carries out transaction signature on the first business transaction to be signed through a second key fragment of the business object to obtain a second signature fragment, and when the first business transaction to be signed is used as a first signed business transaction, the first signature fragment and the first signature fragment are aggregated to obtain first aggregate signature information, and the first aggregate signature information and the first signed business transaction are transmitted to the blockchain node; the blockchain node is used for calling a target business contract on the blockchain based on the target contract address when the first aggregate signature information and K pieces of remote signature management information are acquired, and conducting transaction signature verification on the first signed business transaction through the first business transaction signature strategy indicated by the target business contract to obtain a transaction signature verification result of the first signed business transaction; k is a positive integer less than or equal to N.
2. The method of claim 1, wherein the first to-be-signed business transaction is determined when the business object successfully accesses the first resource client via object access information;
the sending the first signature fragment and the first service transaction to be signed to the resource management server based on the threshold signature policy includes:
acquiring object access information of the business object;
transmitting the object access information, the first signature fragment and the first business transaction to be signed to the resource management server based on the threshold signature policy; the object access information is used to instruct the resource management server to determine a second key fragment of the business object based on the object access information.
3. The method according to claim 1, wherein the service object is associated with a second resource client, and a service complete key of the service object is stored in the second resource client, and key address information of the service complete key is service complete key address information;
the method further comprises the steps of:
sending a threshold signature key acquisition request to the resource management server, so that the resource management server and the service terminal negotiate to generate the first key fragment stored by the first resource management client and the second key fragment stored by the resource management server based on a key fragment generation mechanism, and determining that key address information which is commonly corresponding to the first key fragment and the second key fragment is threshold signature key address information;
When the threshold signing key address information is acquired, acquiring a plurality of pieces of management address information to be registered, wherein the plurality of pieces of management address information to be registered comprise: the threshold signing key address information and the service complete key address information;
determining a registration transaction for performing contract registration based on the plurality of pieces of management address information to be registered, sending the registration transaction to the blockchain node, so that the blockchain node performs contract registration on the blockchain based on the registration transaction to obtain the target business contract, and taking the management address information to be registered as contract management address information of the target business contract, wherein the contract management address information is used for determining the N signature management devices.
4. The method of claim 3, wherein the determining a registration transaction for performing contract registration based on the plurality of management address information to be registered comprises:
acquiring a key fragmentation threshold indicated by the threshold signature strategy and a multiple signature threshold indicated by the multiple signature strategy;
a registration transaction for performing contract registration is determined based on the plurality of management address information to be registered, the key fragmentation threshold, and the multiple signature threshold.
5. The method according to claim 1, wherein the method further comprises:
when the threshold signature strategy is a signature strategy for indicating the service terminal to perform aggregate signature, the first service transaction to be signed is sent to the resource management server, so that the resource management server performs transaction signature on the first service transaction to be signed through the second key fragment of the service object to obtain a second signature fragment;
when the second signature fragment returned by the resource management server is acquired, first aggregate signature information is obtained through aggregation of the second signature fragment and the first signature fragment, and when the first business transaction to be signed is used as a first signed business transaction, the first aggregate signature information and the first signed business transaction are sent to the blockchain node.
6. The method of claim 5, wherein said sending the first aggregate signature information and the first signed business transaction to the blockchain node when the first to-be-signed business transaction is taken as a first signed business transaction comprises:
receiving remote signature management information returned by the signature management equipment in the N signature management equipment, and counting the quantity of the received remote signature management information to obtain the quantity of received remote signatures;
When the remote signature time stamp associated with the first business transaction to be signed reaches a remote signature time threshold value and the number of received remote signatures is greater than or equal to a multiple signature threshold value indicated by the multiple signature strategy, the first business transaction to be signed is used as a first signed business transaction;
the received K remote signature management information, the first aggregate signature information, and the first signed business transaction are sent to the blockchain node.
7. The method according to claim 1, wherein the method further comprises:
detecting the network connection state between the service terminal and the resource management server to obtain a network connection state result;
and executing the step of determining the resource client used for participating in transaction signature as the first resource client based on the first service transaction signature strategy in the target transaction signature strategy when the network connection state result indicates that the network connection state between the service terminal and the resource management server is the connection state.
8. The method of claim 7, wherein the method further comprises:
when the network connection state result indicates that the network connection state between the service terminal and the resource management server is an unconnected state, determining that the resource client used for participating in transaction signature is a second resource client based on a second service transaction signature strategy in the target transaction signature strategy; the second business transaction signature strategy comprises a complete signature strategy and the multiple signature strategy; the full signature policy and the multiple signature policy are deployed in the target business contract;
Determining a second business transaction to be signed associated with the target contract address through the second resource client, and carrying out transaction signature on the second business transaction to be signed through the business complete key when the business complete key of the business object is acquired, so as to obtain a complete key signature;
determining N signature management devices associated with the business object based on the multiple signature policy, and notifying the N signature management devices to generate remote signature management information associated with the second business transaction to be signed; n is a positive integer; one signature management device corresponds to one remote signature management information;
when the second business transaction to be signed is used as a second signed business transaction, the complete key signature and the second signed business transaction are sent to a blockchain node based on the complete key signature strategy, so that the blockchain node calls a target business contract on the blockchain based on the target contract address when acquiring the complete key signature and K pieces of remote signature management information, and performs transaction signature verification on the second signed business transaction through the second business transaction signature strategy indicated by the target business contract to obtain a transaction signature verification result of the second signed business transaction.
9. The method of claim 8, wherein the sending the full key signature and the second signed business transaction to a blockchain node based on the full key signature policy when the second to-be-signed business transaction is taken as a second signed business transaction comprises:
receiving remote signature management information returned by the signature management equipment in the N signature management equipment, and counting the quantity of the received remote signature management information to obtain the quantity of received remote signatures;
when the remote signature time stamp associated with the second to-be-signed business transaction reaches a remote signature time threshold value and the number of received remote signatures is greater than or equal to a multiple signature threshold value indicated by the multiple signature strategy, taking the second to-be-signed business transaction as a second signed business transaction;
and transmitting the received K remote signature management information, the complete key signature and the second signed service transaction to the blockchain node based on the complete signature policy.
10. The method of claim 7, wherein the method further comprises:
when the network connection state result indicates that the network connection state between the service terminal and the resource management server is a connection state, determining a resource client for participating in transaction signature as the first resource client based on a third service transaction signature strategy in the target transaction signature strategies; the third business transaction signature policy is independent of the third business transaction signature policy, the third business transaction signature policy being the threshold signature policy;
Determining a third to-be-signed business transaction associated with the target contract address through the first resource client, and carrying out transaction signature on the third to-be-signed business transaction through the first key fragment when the first key fragment of the business object is acquired, so as to obtain a third signature fragment;
transmitting the third signature fragment and the third business transaction to be signed to the resource management server based on the threshold signature strategy, so that the resource management server carries out transaction signature on the third business transaction to be signed through the second key fragment of the business object to obtain a fourth signature fragment, and when the third signature fragment and the fourth signature fragment are used as third signed business transaction, second aggregation signature information is obtained through aggregation, and when the third business transaction to be signed is used as third signed business transaction, the second aggregation signature information and the third signed business transaction are transmitted to a blockchain node; and the blockchain node is used for calling a target business contract on the blockchain based on the target contract address when the second aggregate signature information is acquired, and carrying out transaction signature verification on the third signed business transaction through the third business transaction signature strategy indicated by the target business contract to obtain a transaction signature verification result of the third signed business transaction.
11. A transaction processing method, wherein the method is performed by a block link point; the method comprises the following steps:
acquiring first signed business transaction and first aggregate signature information associated with a business terminal; the first signed business transaction is determined based on a first business transaction to be signed, the first business transaction to be signed is determined through a first resource client running on a business terminal, and the first resource client is a resource client which is determined based on a first business transaction signature strategy in a target transaction signature strategy and is used for participating in transaction signature when a network connection state between the business terminal and a resource management server is a connection state; the first business transaction signature strategy comprises a threshold signature strategy and a multiple signature strategy; the first aggregate signature information is obtained by aggregating a second signature fragment and a first signature fragment, the first signature fragment is obtained by carrying out transaction signature on the first to-be-signed service transaction through a first key fragment of a service object by the service terminal, and the second signature fragment is obtained by carrying out transaction signature on the first to-be-signed service transaction through a second key fragment of the service object when the resource management server receives the first signature fragment and the first to-be-signed service transaction sent by the service terminal based on the threshold signature strategy;
Invoking a target business contract on a blockchain based on a target contract address associated with the first signed business transaction upon acquiring K remote signature management information associated with the first signed business transaction; k remote signature management information associated with the first signed business transaction is generated by K signature management devices based on the first business transaction to be signed; one signature management device corresponds to one remote signature management information; the K signature management devices are signature management devices in N signature management devices which are determined by the service terminal based on the multiple signature policies and are associated with the service object; K. n is a positive integer, and K is less than or equal to N;
and carrying out transaction verification on the first signed business transaction through the first business transaction signature strategy indicated by the target business contract to obtain a transaction verification result of the first signed business transaction.
12. The method of claim 11, wherein said signing the first signed business transaction by the first business transaction signing policy indicated by the target business contract to obtain a transaction signing result of the first signed business transaction, comprising:
Invoking the target business contract to determine a threshold signature strategy for signing and verifying the first aggregate signature information, and signing and verifying the first aggregate signature information based on the threshold signature strategy to obtain a first signature verification result corresponding to the first aggregate signature information;
invoking the target business contract to determine a multiple signature strategy for signing and checking the K pieces of remote signature management information, and signing and checking the K pieces of remote signature management information based on the multiple signature strategy to obtain a second signature verification result associated with the K pieces of remote signature management information; the second signature verification result comprises K signature verification results corresponding to K remote signature management information; m signature verification success results in the K signature verification results are obtained by M signature management devices in the K signature management devices; in the M signature management devices, one signature management device corresponds to one signature verification success result; m is a positive integer greater than a multiple signature threshold indicated by the multiple signature threshold policy;
if the first signature verification result is a signature verification success result and the M signature verification success results exist in the second signature verification result, determining a transaction verification result of the first signed service transaction to indicate that the first signed service transaction verification is successful.
13. The method of claim 11, wherein the blockchain has disposed thereon a business management contract for managing business contracts, and a business template contract for defining business contract templates;
the method further comprises the steps of:
when a registration transaction for contract registration is acquired, determining management address information to be registered corresponding to a contract to be registered from the registration transaction;
when the business management contract is called to deploy the contract to be registered on the blockchain based on the business template contract, the contract to be registered which is deployed on the blockchain is taken as the target business contract, and the management address information to be registered is taken as contract management address information of the target business contract;
and when the contract address of the target service contract is acquired, transmitting the contract address of the target service contract to the service terminal.
14. The method of claim 11, wherein the method further comprises:
acquiring a second signed business transaction sent by the business terminal and a complete key signature; the second signed business transaction is determined based on a second business transaction to be signed, the second business transaction to be signed is determined through a second resource client running on a business terminal, and the second resource client is a resource client for participating in business signature determined based on a second business transaction signature strategy in the target transaction signature strategy when the network connection state between the business terminal and a resource management server is an unconnected state; the second business transaction signature strategy comprises a complete signature strategy and the multiple signature strategy; the second signed business transaction and the complete key signature are sent by the business terminal based on the complete signature strategy, and the complete key signature is obtained by the business terminal carrying out transaction signature on the second business transaction to be signed through the complete key of the business object;
Invoking the target business contract on a blockchain based on a target contract address associated with the second signed business transaction upon obtaining K remote signature management information associated with the second signed business transaction; k remote signature management information associated with the second signed business transaction is generated by K signature management devices based on the second business transaction to be signed, one signature management device corresponding to each remote signature management information; the K signature management devices are signature management devices in N signature management devices which are determined by the service terminal based on the multiple signature policies and are associated with the service object; k is a positive integer, K is a positive integer less than or equal to N;
and carrying out transaction verification on the second signed business transaction through the second business transaction signature strategy indicated by the target business contract to obtain a transaction verification result of the second signed business transaction.
15. The method of claim 11, wherein the method further comprises:
invoking a target business contract on the blockchain based on the target contract address associated with the third signed business transaction upon acquiring a third signed business transaction and second aggregate signature information; the third signed business transaction is determined based on a third business transaction to be signed, the third business transaction to be signed is determined through the first resource client running on the business terminal, and the first resource client is a resource client for participating in the business signature determined based on a third business transaction signature strategy in a target transaction signature strategy when the network connection state between the business terminal and a resource management server is a connection state; the third business transaction signature policy is a threshold signature policy; the second aggregated signature information is obtained by aggregating the resource management server through a third signature fragment and a fourth signature fragment, the third signature fragment is obtained by carrying out transaction signature on the third to-be-signed service transaction through a first key fragment of the service object by the service terminal, and the fourth signature fragment is obtained by carrying out transaction signature on the third to-be-signed service transaction through a second key fragment of the service object when the resource management server receives the third signature fragment and the third to-be-signed service transaction sent by the service terminal based on the threshold signature strategy;
And carrying out transaction verification on the third signed business transaction through the third business transaction signature strategy indicated by the target business contract to obtain a transaction verification result of the third signed business transaction.
16. A transaction processing device, wherein the device is operated by a service terminal; the device comprises:
the resource client determining module is used for determining the resource client for participating in transaction signature as a first resource client based on a first service transaction signature strategy in the target transaction signature strategy if the network connection state between the service terminal and the resource management server is a connection state; the first business transaction signature strategy comprises a threshold signature strategy and a multiple signature strategy; the threshold signature strategy and the multiple signature strategy are deployed in a target business contract on a blockchain; the target business contract is obtained after a business object is subjected to contract registration on a blockchain through a blockchain node; the contract address of the target business contract is a target contract address returned to the business object by the blockchain node;
the threshold signature module is used for determining a first business transaction to be signed associated with the target contract address through the first resource client, and carrying out transaction signature on the first business transaction to be signed through the first key fragment when the first key fragment of the business object is acquired, so as to obtain a first signature fragment;
A multiple signature module for determining N signature management devices associated with the business object based on the multiple signature policy, and notifying the N signature management devices to generate N remote signature management information associated with the first business transaction to be signed; n is a positive integer; one signature management device corresponds to one remote signature management information;
the sending module is configured to send the first signature fragment and the first business transaction to be signed to the resource management server based on the threshold signature policy, so that when the resource management server signs the first business transaction to be signed through the second key fragment of the business object to obtain a second signature fragment, aggregate the first signature fragment and the second signature fragment to obtain first aggregate signature information, and when the first business transaction to be signed is used as a first signed business transaction, send the first aggregate signature information and the first signed business transaction to the blockchain node; the blockchain node is used for calling a target business contract on the blockchain based on the target contract address when the first aggregate signature information and K pieces of remote signature management information are acquired, and conducting transaction signature verification on the first signed business transaction through the first business transaction signature strategy indicated by the target business contract to obtain a transaction signature verification result of the first signed business transaction; k is a positive integer less than or equal to N.
17. A transaction processing device, wherein the device is executed by a block link point; the device comprises:
the acquisition module is used for acquiring first signed business transaction and first aggregate signature information associated with the business terminal; the first signed business transaction is determined based on a first business transaction to be signed, the first business transaction to be signed is determined through a first resource client running on a business terminal, and the first resource client is a resource client which is determined based on a first business transaction signature strategy in a target transaction signature strategy and is used for participating in transaction signature when a network connection state between the business terminal and a resource management server is a connection state; the first business transaction signature strategy comprises a threshold signature strategy and a multiple signature strategy; the first aggregate signature information is obtained by aggregating a second signature fragment and a first signature fragment, the first signature fragment is obtained by carrying out transaction signature on the first to-be-signed service transaction through a first key fragment of a service object by the service terminal, and the second signature fragment is obtained by carrying out transaction signature on the first to-be-signed service transaction through a second key fragment of the service object when the resource management server receives the first signature fragment and the first to-be-signed service transaction sent by the service terminal based on the threshold signature strategy;
A contract invoking module for invoking a target business contract on a blockchain based on a target contract address associated with the first signed business transaction when K remote signature management information associated with the first signed business transaction is obtained; k remote signature management information associated with the first signed business transaction is generated by K signature management devices based on the first business transaction to be signed; one signature management device corresponds to one remote signature management information; the K signature management devices are signature management devices in N signature management devices which are determined by the service terminal based on the multiple signature policies and are associated with the service object; K. n is a positive integer, and K is less than or equal to N;
and the transaction signature verification module is used for carrying out transaction signature verification on the first signed business transaction through the first business transaction signature strategy indicated by the target business contract to obtain a transaction signature verification result of the first signed business transaction.
18. A computer device comprising a memory and a processor;
the memory is connected to the processor, the memory is used for storing a computer program, and the processor is used for calling the computer program to enable the computer device to execute the method of any one of claims 1-15.
19. A computer readable storage medium, characterized in that the computer readable storage medium has stored therein a computer program adapted to be loaded and executed by a processor to cause a computer device having the processor to perform the method of any of claims 1-15.
20. A computer program product comprising computer programs/instructions which, when executed by a processor, implement the method of any of claims 1-15.
CN202310595376.0A 2023-05-23 2023-05-23 Transaction processing method, device, equipment and medium Pending CN116977073A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310595376.0A CN116977073A (en) 2023-05-23 2023-05-23 Transaction processing method, device, equipment and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310595376.0A CN116977073A (en) 2023-05-23 2023-05-23 Transaction processing method, device, equipment and medium

Publications (1)

Publication Number Publication Date
CN116977073A true CN116977073A (en) 2023-10-31

Family

ID=88470225

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310595376.0A Pending CN116977073A (en) 2023-05-23 2023-05-23 Transaction processing method, device, equipment and medium

Country Status (1)

Country Link
CN (1) CN116977073A (en)

Similar Documents

Publication Publication Date Title
CN110163004B (en) Block chain generation method, related equipment and system
CN112396423B (en) Transaction data processing method, device, equipment and storage medium
TWI770022B (en) Computer implemented control method, system and control system
CN110601849B (en) Trusted timestamp adding method and device and storage medium
KR102432731B1 (en) Methods and apparatus for a distributed database within a network
US20210160056A1 (en) Method and apparatus for decentralized trust evaluation in a distributed network
CN110417558A (en) Verification method and device, the storage medium and electronic device of signature
US20230037932A1 (en) Data processing method and apparatus based on blockchain network, and computer device
CN111445333A (en) Block generation method and device, computer equipment and storage medium
JP7479393B2 (en) SYSTEM AND METHOD FOR A VIRTUAL DISTRIBUTED LEDGER NETWORK
CN110601896B (en) Data processing method and equipment based on block chain nodes
EP3598333B1 (en) Electronic device update management
CN113645278A (en) Cross-chain message transmission method, device and storage medium of block chain
Wang Sok: Applying blockchain technology in industrial internet of things
CN113409047B (en) Data processing method, device and equipment based on block chain and readable storage medium
CN112417052B (en) Data synchronization method, device, equipment and storage medium in block chain network
KR102111544B1 (en) DAG-based blockchain with scalability
CN115859371A (en) Privacy calculation method based on block chain, electronic device and storage medium
CN116977073A (en) Transaction processing method, device, equipment and medium
CN112988852A (en) Block chain-based data management method, device and medium
CN115701078A (en) Cross-chain transaction processing method and device, electronic equipment and storage medium
CN110910091A (en) Data processing method, device and medium
CN109587241A (en) A kind of data sharing method and its equipment
Zhang et al. Cross-Chain Interoperability and Collaboration for Keyword-Based Embedded Smart Contracts in the Internet of Things
CN117040929B (en) Access processing method, device, equipment, medium and program product

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication