CN117313162A

CN117313162A - Block chain-based vulnerability restoration method and device, electronic equipment and storage medium

Info

Publication number: CN117313162A
Application number: CN202210723080.8A
Authority: CN
Inventors: 顾费勇; 杜茂兵
Original assignee: Netease Hangzhou Network Co Ltd
Current assignee: Netease Hangzhou Network Co Ltd
Priority date: 2022-06-21
Filing date: 2022-06-21
Publication date: 2023-12-29

Abstract

The application provides a vulnerability restoration method and device based on a blockchain, electronic equipment and a storage medium. The method comprises the following steps: in response to detecting vulnerability information in the original blockchain, synchronously invoking a chain contract to submit an upgrade requirement; collecting an upgrade request for repairing vulnerability information according to the upgrade requirement; selecting a target node according to the upgrading requirement to establish a target node set; determining whether the upgrading request can solve the vulnerability information according to the feedback data of the target node set; responding to the determination that the upgrade request can solve the vulnerability information, and determining an upgrade program according to the upgrade request; and repairing the vulnerability information according to the upgrading program to upgrade the original blockchain. Therefore, the system bug repairing and upgrading are more convenient and rapid, no operation is needed by the node owner, and the automatic upgrading of the block chain when the bug occurs is realized.

Description

Block chain-based vulnerability restoration method and device, electronic equipment and storage medium

Technical Field

The present disclosure relates to the field of computer technologies, and in particular, to a vulnerability restoration method, device, electronic apparatus, and storage medium based on blockchain.

Background

In the related art, based on the existing blockchain system, the system is very complicated to repair and upgrade, all nodes cannot be upgraded, and when the blockchain system has system holes, the related art has the problem that the part which is upgraded and the part which is not upgraded are crossed, and the operation of the blockchain is split.

Disclosure of Invention

In view of the foregoing, an object of the present application is to provide a method, an apparatus, an electronic device and a storage medium for repairing vulnerabilities based on blockchain.

Based on the object, in a first aspect, the present application provides a vulnerability restoration method based on a blockchain, including:

in response to detecting vulnerability information in the original blockchain, synchronously invoking a chain contract to submit an upgrade requirement;

collecting an upgrading request for repairing the vulnerability information according to the upgrading requirement;

selecting a target node according to the upgrading requirement to establish a target node set;

determining whether the upgrade request can solve the vulnerability information according to the feedback data of the target node set;

determining an upgrade program according to the upgrade request in response to determining that the upgrade request can solve the vulnerability information;

and repairing the vulnerability information according to the upgrading program so as to upgrade the original blockchain.

In one possible implementation, the upgrading requirement includes: vulnerability content to be repaired; the upgrade request includes: vulnerability solutions;

the step of collecting the upgrade request for repairing the vulnerability information according to the upgrade requirement further comprises:

matching a vulnerability solution for repairing the vulnerability information according to the vulnerability content to be repaired;

and collecting the upgrading request.

In a possible implementation manner, the selecting a target node according to the upgrade requirement to establish a target node set further includes:

determining the vulnerability field according to the vulnerability content to be repaired;

selecting a target node in the vulnerability domain according to the vulnerability domain;

and establishing the target node set according to all the selected target nodes.

In a possible implementation manner, the determining, according to the feedback data of the target node set, whether the upgrade request can solve the vulnerability information further includes:

obtaining the feedback data through voting according to the target node set;

determining whether the vulnerability solution is correct according to the feedback data;

in response to determining that the vulnerability solution is correct, it is determined that the upgrade request is capable of resolving the vulnerability information.

In one possible implementation, the upgrade request includes: repairing source codes and source code addresses;

the determining whether the upgrade request can solve the vulnerability information according to the feedback data of the target node set further includes:

acquiring the repair source codes according to the source code address and the addressing mode according to the target node set;

determining whether the repair source code can solve the vulnerability information;

and responding to the repair source code to solve the vulnerability information, and determining that the upgrading request can solve the vulnerability information.

responsive to determining that the upgrade request cannot address the vulnerability information, sending a repairment instruction to a chain developer; wherein the repairment instruction is configured to instruct the chain developer to re-upload an upgrade request.

In one possible implementation manner, the determining an upgrade program according to the upgrade request further includes:

acquiring the repair source code according to the source code address;

compiling the repair source code to determine the upgrade program.

In one possible implementation manner, the repairing the vulnerability information according to the upgrade program to upgrade the original blockchain further includes:

stopping the original block chain and executing backup to the original block chain;

and repairing the vulnerability information according to the upgrading program to start a new blockchain.

In a second aspect, the present application provides a blockchain-based vulnerability restoration device, comprising:

a commit module configured to synchronously invoke a chain contract to commit the upgrade requirements in response to detecting vulnerability information in the original blockchain;

the collection module is configured to collect an upgrade request for repairing the vulnerability information according to the upgrade requirement;

the establishing module is configured to select a target node according to the upgrading requirement so as to establish a target node set;

a first determining module configured to determine, according to feedback data of the target node set, whether the upgrade request can solve the vulnerability information;

a second determining module configured to determine an upgrade program according to the upgrade request in response to determining that the upgrade request can solve the vulnerability information;

and the upgrading module is configured to repair the vulnerability information according to the upgrading program so as to upgrade the original blockchain.

In a third aspect, the present application provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the blockchain-based vulnerability restoration method of the first aspect when executing the program.

In a fourth aspect, the present application provides a non-transitory computer readable storage medium storing computer instructions for causing a computer to perform the blockchain-based vulnerability restoration method of the first aspect.

From the above, it can be seen that the vulnerability repairing method, device, electronic device and storage medium based on blockchain provided by the present application detect that a vulnerability exists in an original blockchain, and synchronously invoke a chain contract to submit an upgrade requirement; further, according to the upgrading requirement, collecting an upgrading request for repairing the vulnerability information, which is provided by a developer, and selecting a target node according to the upgrading requirement, so as to establish a target node set, and further, according to feedback data of the target node set, determining whether the upgrading request can solve the vulnerability information; when the update request is determined to solve the problem of the vulnerability information in the original blockchain, an update program can be determined according to the update request, and the vulnerability information in the original blockchain is repaired according to the update program, so that the original blockchain is updated to a new blockchain. Therefore, the system bug repairing and upgrading are more convenient and rapid, no operation is needed by the node owner, and the automatic upgrading of the block chain when the bug occurs is realized.

Drawings

In order to more clearly illustrate the technical solutions of the present application or related art, the drawings that are required to be used in the description of the embodiments or related art will be briefly described below, and it is apparent that the drawings in the following description are only embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort to those of ordinary skill in the art.

Fig. 1 is an exemplary flowchart of a bug fix method based on blockchain according to an embodiment of the present application.

Fig. 2 shows a schematic diagram of a vulnerability restoration process according to an embodiment of the present application.

Fig. 3 is a schematic structural diagram of an exemplary architecture of a bug fixing apparatus based on blockchain according to an embodiment of the present application.

Fig. 4 shows an exemplary structural schematic diagram of an electronic device according to an embodiment of the present application.

Detailed Description

For the purposes of making the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail below with reference to the accompanying drawings.

It should be noted that unless otherwise defined, technical or scientific terms used in the embodiments of the present application should be given the ordinary meaning as understood by one of ordinary skill in the art to which the present application belongs. The terms "first," "second," and the like, as used in embodiments of the present application, do not denote any order, quantity, or importance, but rather are used to distinguish one element from another. The word "comprising" or "comprises", and the like, means that elements or items preceding the word are included in the element or item listed after the word and equivalents thereof, but does not exclude other elements or items. The terms "connected" or "connected," and the like, are not limited to physical or mechanical connections, but may include electrical connections, whether direct or indirect. "upper", "lower", "left", "right", etc. are used merely to indicate relative positional relationships, which may also be changed when the absolute position of the object to be described is changed.

As described in the background section, blockchain refers to a completely new distributed infrastructure and computing paradigm that utilizes a blockchain data structure to validate and store data, a distributed node consensus algorithm to generate and update data, cryptography to secure data transfer and access, and intelligent contracts composed of automated script code to program and manipulate data. For vulnerabilities in blockchain, software developers are inattentive in developing software, or are limited in programming language, such as c-language families are more efficient than java, but vulnerabilities are more numerous, computer systems are almost exclusively c-language coded, and are therefore often patched. Software vulnerabilities are sometimes discovered by authors at a later time of examination and then corrected; others find their own vulnerabilities specifically to do something illegal from them, and when the person knows that his own vulnerability is exploited by others, he wants to remedy it.

The applicant finds that in the existing blockchain system, the system is very complicated to upgrade, an upgrade block needs to be determined to a community, and most of nodes are upgraded to represent the whole network to complete the upgrade, but when the system comprises thousands of nodes, the upgrade becomes extremely difficult; when a blockchain system has a system bug (i.e. software bug), the current upgrading mode is usually hard forking or soft forking, but the upgrading cannot be realized by the whole network rapidly and automatically, which may cause fatal problems to the service on the chain.

In summary, the blockchain upgrade is usually selected by the node voluntarily, but for the ordinary user and will have the related technology, it is practically impossible to select voluntarily, and there is a problem that the node may be split because the latest upgrade message is not received, the whole network is split up by the upgrade completion part and the upgrade not being completed.

Therefore, the vulnerability repairing method, the vulnerability repairing device, the electronic equipment and the storage medium based on the blockchain detect that the vulnerability exists in the original blockchain, synchronously call the chain contract and submit the upgrading requirement; further, according to the upgrading requirement, collecting an upgrading request for repairing the vulnerability information, which is provided by a developer, and selecting a target node according to the upgrading requirement, so as to establish a target node set, and further, according to feedback data of the target node set, determining whether the upgrading request can solve the vulnerability information; when the update request is determined to solve the problem of the vulnerability information in the original blockchain, an update program can be determined according to the update request, and the vulnerability information in the original blockchain is repaired according to the update program, so that the original blockchain is updated to a new blockchain. Therefore, the system bug repairing and upgrading are more convenient and rapid, no operation is needed by the node owner, and the automatic upgrading of the block chain when the bug occurs is realized.

The method for repairing the bug based on the blockchain provided by the embodiment of the application is specifically described below through specific embodiments.

Referring to fig. 1, the vulnerability restoration method based on blockchain provided in the embodiment of the present application specifically includes the following steps:

s102: in response to detecting vulnerability information in the original blockchain, a chain contract is synchronously invoked to submit an upgrade requirement.

S104: and collecting an upgrading request for repairing the vulnerability information according to the upgrading requirement.

S106: and selecting a target node according to the upgrading requirement to establish a target node set.

S108: and determining whether the upgrading request can solve the vulnerability information according to the feedback data of the target node set.

S110: and in response to determining that the upgrade request can solve the vulnerability information, determining an upgrade program according to the upgrade request.

S112: and repairing the vulnerability information according to the upgrading program so as to upgrade the original blockchain.

In some embodiments, when a bug occurs in the original blockchain, the bug information may be detected in the original blockchain, for example, when a bug exists in an EVM virtual machine executing process of a component in an early application program of the ethernet blockchain, the uint256 number is defined to overflow or underflow, i.e., 1-13= -12, but an incorrect value Max-12= 133748438338447 is obtained when the bug information is detected in the original blockchain.

Referring to fig. 2, the detected vulnerability is recorded by the chain development team as a vulnerability requirement and published on the official network, and hopefully repaired, and further the chain contract is synchronously called to submit an upgrading requirement, which can be placed in the transaction pool. The chain development team or community developer will propose a solution to this vulnerability and pull branches from the backbone of the original blockchain to develop a solution to this vulnerability.

In some embodiments, the upgrade requirements for repairing vulnerability information may be collected according to the upgrade requirements, where the upgrade requirements may include vulnerability content to be repaired and the upgrade request may include a vulnerability solution. According to matching of vulnerability content to be repaired, the vulnerability content to be repaired can be published in an original blockchain, a link development team or community developers can submit vulnerability solutions to the original blockchain, and vulnerability ending schemes for repairing the vulnerability can be matched according to the vulnerability content to be repaired. If the vulnerability solution is provided by the community developer, the community developer can submit the vulnerability solution to the chain developer for preliminary checking and verification, the chain developer uses the vulnerability solution to repair the vulnerability content with repair, and if the preliminary checking and verification are passed, an upgrade request can be submitted by the chain developer, and the upgrade request can be collected in the original blockchain.

It should be noted that if the chain developer solves the vulnerability and proposes a vulnerability solution, the chain developer may directly submit the upgrade request, and the upgrade request may be collected in the original blockchain. The upgrade request may include, among other things, descriptions of the vulnerability solution, download addresses of repair source codes in the vulnerability solution, source code branches, etc., defined in the upgrade requirements.

In some embodiments, the upgrade requirements may define information needed to complete the system upgrade and repair the system vulnerability, such as vulnerability content to be repaired (string bugContent), description of vulnerability solution (string fixContent), download address of repair source code (string codeUrl), source code branch (string codeBranch), comparison address of source code and backbone code (string compareUrl), repair verification method address (string chemoUrl), execution package address (string exeUrl), source code digest (string codeHash), and upgrade deployment description (string deployDesc).

Wherein, there may be multiple vulnerabilities to be repaired at the same time, so multiple upgrade requirements may be simultaneously proposed, and an upgrade requirement list (upgrade content [ ] upgrade list) may be set.

In some embodiments, the domain to which the vulnerability to be repaired belongs may be determined according to the vulnerability content to be repaired, and then, according to the vulnerability domain of the vulnerability to be repaired, expert nodes in the vulnerability domain are selected in the original blockchain, the expert nodes are used as target nodes, and further, according to all the selected expert nodes, an expert committee is built, the expert committee is used as a target node set, and the feedback data of the target node set is utilized to verify the upgrading requirement and the upgrading request.

It should be noted that, after the chain developer submits the request for bug repair, the expert committee will be triggered to audit, and first, the system upgrade transaction initiated by the community developer, that is, the upgrade requirement needs to be transmitted to the automatic upgrade audit committee-system contract, each expert in the expert committee (such as the technical committee member-1, the technical committee member-2, and the technical committee member-3 in fig. 2) checks the bug to be repaired indicated in the upgrade requirement in turn, and confirms the bug to be repaired. For example, confirming the bug to be repaired in a voting mode, and confirming that the expert with the bug to be repaired can throw a confirmation ticket, and confirming that the expert without the bug to be repaired can throw a rejection ticket, when the confirmation ticket reaches a threshold value, for example, when the total number of the confirmation tickets is larger than the total number of the rejection tickets, determining that the bug to be repaired does exist, and carrying out a subsequent verification process. If the total number of the confirmed tickets is smaller than or equal to the total number of the overrule tickets, the vulnerability to be repaired is determined to be absent, the verification process is terminated, and the upgrading requirement of the vulnerability can be cancelled.

Further, the expert committee examines the bug solution in the upgrade request, and obtains corresponding feedback data through voting to determine whether the bug solution is correct, for example, each expert repairs the bug to be repaired by using the bug solution, if the repair is successful, a confirmation ticket is thrown, if the repair is failed, a rejection ticket is thrown, and when the confirmation ticket reaches a threshold value, for example, the total number of confirmation tickets is larger than the total number of rejection tickets, the bug solution is determined to be correct, and the upgrade request is determined to be capable of solving bug information. If the total number of confirmed tickets is smaller than or equal to the total number of overrule tickets, determining that the vulnerability solution is wrong, and if the upgrading request can not solve the vulnerability information, issuing a reconfirming instruction to a chain developer in the original blockchain for indicating the chain developer to resubmit the vulnerability solution, and re-verifying the modified vulnerability solution by using an expert committee.

It will be appreciated that the upgrade request needs to include all the information described in the upgrade requirement for repairing the vulnerability and performing the system upgrade, and thus the upgrade request may include the repair source code and the source code address. Furthermore, the expert committee can be utilized to obtain the repair source codes for repairing the system vulnerabilities according to the source code addresses in an addressing mode, and then the expert committee is utilized to inspect the repair source codes to determine whether the repair source codes can solve the vulnerabilities to be repaired. For example, whether the bug to be repaired can be solved by the repair source codes is determined in a voting mode, for example, each expert repairs the bug to be repaired by using the acquired repair source codes respectively, a confirmation ticket is thrown if the repair is successful, a rejection ticket is thrown if the repair is failed, when the confirmation ticket reaches a threshold value, for example, the total number of the confirmation tickets is larger than the total number of the rejection tickets, the repair source codes are determined to be capable of solving the bug to be repaired, and the upgrading request is determined to be capable of solving the bug information. If the total number of the confirmed tickets is smaller than or equal to the total number of the overrule tickets, the fact that the repair source codes cannot solve the loopholes to be repaired is determined, and the upgrading request cannot solve the loopholes information is achieved, a reconfirming instruction can be issued to a chain developer in the original blockchain and used for indicating the chain developer to reprint the repair source codes and upload source code addresses, and the reuse expert committee obtains the rewritten repair source codes through the newly uploaded source code addresses in an addressing mode and reconfirms whether the new repair source codes can solve the loopholes to be repaired.

In some embodiments, after determining that the upgrade request can solve the vulnerability information, ethcall may be invoked to trigger a local execution program, and the upgrade program is determined according to the upgrade request. Specifically, the ethcall triggering component is an operation end for specifically executing automatic upgrade, and can be used for reading configuration in upgrade requirements in a system contract, source codes in an upgrade request, compiling a deployment script or a software execution program and a hash of the program, and then executing the compiling deployment script.

It should be noted that, the repair source code may be obtained according to the source code address, and after the source code is downloaded, the repair source code may be compiled, so as to determine an upgrade program, stop the operation of the original blockchain and perform backup, so that the original blockchain may be re-started after the upgrade fails, and avoid the problem of breakage in the blockchain system. Further, after the original blockchain is stopped, the loopholes in the upgrading requirement can be repaired according to the upgrading program, the upgrading of the blockchain system is completed, and then a new blockchain is started to replace the original blockchain.

It can be understood that the upgrade program can also be directly obtained, the operation of the original blockchain is stopped and the backup is executed, so that the original blockchain can be re-started after the upgrade fails, and the problem of breakage in the blockchain system is avoided. Further, after the original blockchain is stopped, the loopholes in the upgrading requirement can be repaired according to the upgrading program, the upgrading of the blockchain system is completed, and then a new blockchain is started to replace the original blockchain.

It should be noted that, the method of the embodiments of the present application may be performed by a single device, for example, a computer or a server. The method of the embodiment can also be applied to a distributed scene, and is completed by mutually matching a plurality of devices. In the case of such a distributed scenario, one of the devices may perform only one or more steps of the methods of embodiments of the present application, and the devices may interact with each other to complete the methods.

It should be noted that some embodiments of the present application are described. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.

Based on the same inventive concept, the application also provides a vulnerability restoration device based on a blockchain, which corresponds to the method of any embodiment.

Referring to fig. 3, the vulnerability restoration device based on block chain includes: the system comprises a submitting module, a collecting module, an establishing module, a first determining module, a second determining module and an upgrading module; wherein,

the collection module is further configured to:

and collecting the upgrading request.

In one possible implementation, the establishing module is further configured to:

and establishing the target node set according to all the selected experts.

In one possible implementation, the first determining module is further configured to:

determining whether the vulnerability solution is correct by voting according to the expert committee;

the first determination module is further configured to:

In one possible implementation manner, the apparatus further includes: a transmitting module;

the transmission module is further configured to:

In one possible implementation, the second determining module is further configured to:

acquiring the repair source code according to the source code address;

compiling the repair source code to determine the upgrade program.

In one possible implementation, the upgrade module is further configured to:

For convenience of description, the above devices are described as being functionally divided into various modules, respectively. Of course, the functions of each module may be implemented in the same piece or pieces of software and/or hardware when implementing the present application.

The device of the embodiment is used for implementing the corresponding vulnerability restoration method based on the blockchain in any of the foregoing embodiments, and has the beneficial effects of the corresponding method embodiment, which is not described herein.

Based on the same inventive concept, the application also provides an electronic device corresponding to the method of any embodiment, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor realizes the bug repair method based on the blockchain according to any embodiment when executing the program. Fig. 4 shows a more specific hardware architecture of an electronic device according to this embodiment, where the device may include: processor 410, memory 420, input/output interface 430, communication interface 440, and bus 450. Wherein processor 410, memory 420, input/output interface 430, and communication interface 440 enable communication connections within the device between each other via bus 450.

The processor 410 may be implemented by a general-purpose CPU (Central Processing Unit ), a microprocessor, an application-specific integrated circuit (Application Specific Integrated Circuit, ASIC), or one or more integrated circuits, etc. for executing relevant programs to implement the technical solutions provided in the embodiments of the present disclosure.

The Memory 420 may be implemented in the form of ROM (Read Only Memory), RAM (Random Access Memory ), static storage device, dynamic storage device, or the like. Memory 420 may store an operating system and other application programs, and when the technical solutions provided by the embodiments of the present specification are implemented in software or firmware, the relevant program codes are stored in memory 420 and invoked for execution by processor 410.

The input/output interface 430 is used to connect with an input/output module to realize information input and output. The input/output module may be configured as a component in a device (not shown in the figure) or may be external to the device to provide corresponding functionality. Wherein the input devices may include a keyboard, mouse, touch screen, microphone, various types of sensors, etc., and the output devices may include a display, speaker, vibrator, indicator lights, etc.

The communication interface 440 is used to connect communication modules (not shown) to enable communication interactions of the device with other devices. The communication module may implement communication through a wired manner (such as USB, network cable, etc.), or may implement communication through a wireless manner (such as mobile network, WIFI, bluetooth, etc.).

Bus 450 includes a path to transfer information between components of the device (e.g., processor 410, memory 420, input/output interface 430, and communication interface 440).

It should be noted that although the device is shown with only processor 410, memory 420, input/output interface 430, communication interface 440, and bus 450, the device may include other components necessary to achieve proper operation in a particular implementation. Furthermore, it will be understood by those skilled in the art that the apparatus may include only the components necessary to implement the embodiments of the present description, and not all the components shown in the drawings.

The electronic device of the embodiment is configured to implement the corresponding blockchain-based vulnerability restoration method in any of the foregoing embodiments, and has the beneficial effects of the corresponding method embodiment, which is not described herein.

Based on the same inventive concept, corresponding to the method of any embodiment, the application further provides a non-transitory computer readable storage medium storing computer instructions for causing the computer to perform the blockchain-based vulnerability restoration method as described in any embodiment above.

The computer readable media of the present embodiments, including both permanent and non-permanent, removable and non-removable media, may be used to implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device.

The storage medium of the embodiment stores computer instructions for causing the computer to execute the blockchain-based vulnerability restoration method according to any of the embodiments, and has the beneficial effects of the corresponding method embodiments, which are not described herein.

Those of ordinary skill in the art will appreciate that: the discussion of any of the embodiments above is merely exemplary and is not intended to suggest that the scope of the application (including the claims) is limited to these examples; the technical features of the above embodiments or in the different embodiments may also be combined within the idea of the present application, the steps may be implemented in any order, and there are many other variations of the different aspects of the embodiments of the present application as described above, which are not provided in detail for the sake of brevity.

Additionally, well-known power/ground connections to Integrated Circuit (IC) chips and other components may or may not be shown within the provided figures, in order to simplify the illustration and discussion, and so as not to obscure the embodiments of the present application. Furthermore, the devices may be shown in block diagram form in order to avoid obscuring the embodiments of the present application, and this also takes into account the fact that specifics with respect to implementation of such block diagram devices are highly dependent upon the platform on which the embodiments of the present application are to be implemented (i.e., such specifics should be well within purview of one skilled in the art). Where specific details (e.g., circuits) are set forth in order to describe example embodiments of the application, it should be apparent to one skilled in the art that embodiments of the application can be practiced without, or with variation of, these specific details. Accordingly, the description is to be regarded as illustrative in nature and not as restrictive.

While the present application has been described in conjunction with specific embodiments thereof, many alternatives, modifications, and variations of those embodiments will be apparent to those skilled in the art in light of the foregoing description. For example, other memory architectures (e.g., dynamic RAM (DRAM)) may use the embodiments discussed.

The present embodiments are intended to embrace all such alternatives, modifications and variances which fall within the broad scope of the appended claims. Accordingly, any omissions, modifications, equivalents, improvements and/or the like which are within the spirit and principles of the embodiments are intended to be included within the scope of the present application.

Claims

1. The vulnerability restoration method based on the blockchain is characterized by comprising the following steps of:

2. The method of claim 1, wherein the upgrade requirement comprises: vulnerability content to be repaired; the upgrade request includes: vulnerability solutions;

and collecting the upgrading request.

3. The method of claim 2, wherein selecting a target node to establish a target node set according to the upgrade requirement further comprises:

4. The method of claim 2, wherein the determining whether the upgrade request can solve the vulnerability information based on feedback data of the target node set further comprises:

obtaining the feedback data through voting according to the target node set;

5. The method of claim 1, wherein the upgrade request comprises: repairing source codes and source code addresses;

6. The method of claim 1, wherein the determining whether the upgrade request can solve the vulnerability information according to the feedback data of the target node set further comprises:

7. The method of claim 5, wherein said determining an upgrade program from said upgrade request further comprises:

acquiring the repair source code according to the source code address;

compiling the repair source code to determine the upgrade program.

8. The method of claim 1, wherein the repairing the vulnerability information to upgrade the original blockchain according to the upgrade program further comprises:

9. A blockchain-based vulnerability restoration device, comprising:

10. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any one of claims 1 to 8 when the program is executed by the processor.

11. A non-transitory computer readable storage medium storing computer instructions for causing the computer to implement the method of any one of claims 1 to 8.