CN118211965A - Transaction verification method, device and storage medium - Google Patents
Transaction verification method, device and storage medium Download PDFInfo
- Publication number
- CN118211965A CN118211965A CN202410379695.2A CN202410379695A CN118211965A CN 118211965 A CN118211965 A CN 118211965A CN 202410379695 A CN202410379695 A CN 202410379695A CN 118211965 A CN118211965 A CN 118211965A
- Authority
- CN
- China
- Prior art keywords
- signature
- transaction
- verification
- public key
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012795 verification Methods 0.000 title claims abstract description 200
- 238000000034 method Methods 0.000 title claims abstract description 48
- 238000003860 storage Methods 0.000 title claims abstract description 31
- 238000004590 computer program Methods 0.000 claims description 18
- 238000004422 calculation algorithm Methods 0.000 claims description 14
- 238000012790 confirmation Methods 0.000 claims description 10
- 230000004044 response Effects 0.000 claims description 6
- 230000005540 biological transmission Effects 0.000 abstract description 17
- 238000010586 diagram Methods 0.000 description 15
- 230000008569 process Effects 0.000 description 11
- 230000006870 function Effects 0.000 description 8
- 238000012545 processing Methods 0.000 description 6
- 238000011084 recovery Methods 0.000 description 6
- 238000004364 calculation method Methods 0.000 description 4
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 230000004075 alteration Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- BTCSSZJGUNDROE-UHFFFAOYSA-N gamma-aminobutyric acid Chemical compound NCCCC(O)=O BTCSSZJGUNDROE-UHFFFAOYSA-N 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 238000010200 validation analysis Methods 0.000 description 2
- NAWXUBYGYWOOIX-SFHVURJKSA-N (2s)-2-[[4-[2-(2,4-diaminoquinazolin-6-yl)ethyl]benzoyl]amino]-4-methylidenepentanedioic acid Chemical compound C1=CC2=NC(N)=NC(N)=C2C=C1CCC1=CC=C(C(=O)N[C@@H](CC(=C)C(O)=O)C(O)=O)C=C1 NAWXUBYGYWOOIX-SFHVURJKSA-N 0.000 description 1
- 238000009795 derivation Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Abstract
The embodiment of the application provides a transaction verification method, equipment and a storage medium, and relates to the technical field of blockchain. Transaction content, target signature, and signature random number. Generating verification parameters based on the signature random number and coordinates of the known base points; and recovering the encrypted public key based on the verification parameter and the target signature. And carrying out signature verification on the target signature based on the encrypted public key and the transaction content. And when the signature verification is passed, the encryption public key is encoded to obtain a reference address. If the reference address is consistent with the transaction address, determining that the transaction to be verified is verified. Because the original public key is a two-dimensional coordinate and the signature random number is a one-dimensional parameter, compared with the transmission and storage of the public key, the method and the device for transmitting and storing the signature random number can reduce occupied transmission resources and storage resources and improve the efficiency and performance of a block chain system.
Description
Technical Field
The embodiment of the application relates to the technical field of blockchains, in particular to a transaction verification method, transaction verification equipment and a storage medium.
Background
In a blockchain verification transaction scene, after a client signs transaction information by adopting a national secret SM2 digital signature algorithm, the obtained signature value is sent to a blockchain, and the blockchain needs to verify the signature value generated by the client on the transaction, so that the ownership of the transaction is determined.
Because the SM2 digital signature algorithm relies on the public key to verify the legitimacy of the transaction and the digital signature, the client sends the public key to the blockchain at the same time when sending the signature value to the blockchain. In this way, additional resource overhead is brought to the transmission and storage of the public key, and in the scenario of huge transaction amount, more transmission resources and storage resources are occupied by the transmission and storage of the signature public key.
Disclosure of Invention
The embodiment of the application provides a transaction verification method, transaction verification equipment and a storage medium, which are used for reducing transmission resources and storage resources occupied by transmitting and storing a signature public key.
In one aspect, an embodiment of the present application provides a transaction verification method, applied to a blockchain system, including the steps of:
Receiving a transaction to be verified, which is sent by a client and carries a transaction address, wherein the transaction to be verified comprises: transaction content, target signature and signature random number;
generating verification parameters based on the signature random number and coordinates of the known base points; and recovering an encrypted public key based on the verification parameter and the target signature;
Performing signature verification on the target signature based on the encrypted public key and the transaction content; when the signature verification is passed, the encryption public key is encoded to obtain a reference address;
and if the reference address is consistent with the transaction address, determining that the transaction to be verified is verified.
Optionally, the recovering the encrypted public key based on the verification parameter and the target signature includes:
generating a public key verification factor based on the signature abscissa of the target signature and the signature abscissa of the target signature;
And recovering the encrypted public key based on the signature abscissa of the target signature, the public key verification factor and the verification parameter.
Optionally, the signature verification of the target signature based on the encrypted public key and the transaction content includes:
generating a message digest based on the encrypted public key and the transaction content;
Generating a first verification abscissa based on the message digest and a signature abscissa of the target signature; and taking the abscissa of the verification parameter as a second verification abscissa;
if the first verification abscissa is consistent with the second verification abscissa, signature verification is passed;
if the first verification abscissa and the second verification abscissa are inconsistent, signature verification is not passed.
Optionally, the generating a message digest based on the encrypted public key and the transaction content includes:
Generating verification binding information based on the public parameters, the coordinates of the known base point and the encrypted public key;
cascading operation is carried out on the transaction content and the verification binding information, and a transaction confirmation factor is obtained;
and converting the transaction confirmation factor into the message digest by adopting a message digest algorithm.
In one aspect, an embodiment of the present application provides a transaction verification method, applied to a client, including the following steps:
generating a transaction to be verified in response to a transaction request of a target account, the transaction to be verified comprising: transaction content, target signature and signature random number;
Transmitting the transaction to be verified carrying the transaction address to a blockchain system, so that the blockchain system generates verification parameters based on the signature random number and the coordinates of the known base point; and recovering an encrypted public key based on the verification parameter and the target signature; performing signature verification on the target signature based on the encrypted public key and the transaction content; when the signature verification is passed, the encryption public key is encoded to obtain a reference address; and if the reference address is consistent with the transaction address, determining that the transaction to be verified is verified.
Optionally, the generating a transaction to be verified in response to the transaction request of the target account includes:
Responding to a transaction request of a target account, and signing the transaction content based on an original private key of the target account, an original public key of the target account and the signature random number to obtain a target signature;
And obtaining the transaction to be verified based on the transaction content, the target signature and the signature random number.
Optionally, the transaction address is a contract address, and the transaction address is obtained by encoding the original public key.
Optionally, the signing the transaction content based on the original private key of the target account, the original public key of the target account and the signature random number to obtain a target signature includes:
generating verification parameters based on the signature random number and the coordinates of the known base points;
generating an encryption factor based on the public parameters, the coordinates of the known base point and the original public key;
Performing cascade operation on the transaction content and the encryption factor, and performing hash operation on a cascade operation result to obtain a target hash value;
Determining a signature abscissa based on the abscissa of the verification parameter and the target hash value; and determining a signature ordinate based on the original private key, the signature random number, and the signature abscissa;
The target signature is determined based on the signature abscissa and the signature ordinate.
In one aspect, an embodiment of the present application provides a transaction verification device applied to a blockchain system, the transaction verification device including:
the receiving module is used for receiving a transaction to be verified, which is sent by the client and carries a transaction address, wherein the transaction to be verified comprises: transaction content, target signature and signature random number;
The public key recovery module is used for generating verification parameters based on the signature random number and the coordinates of the known base point; and recovering an encrypted public key based on the verification parameter and the target signature;
the signature verification module is used for carrying out signature verification on the target signature based on the encryption public key and the transaction content; when the signature verification is passed, the encryption public key is encoded to obtain a reference address;
And the address verification module is used for determining that the transaction to be verified is verified if the reference address is consistent with the transaction address.
Optionally, the public key recovery module is specifically configured to:
generating a public key verification factor based on the signature abscissa of the target signature and the signature abscissa of the target signature;
And recovering the encrypted public key based on the signature abscissa of the target signature, the public key verification factor and the verification parameter.
Optionally, the signature verification module is specifically configured to:
generating a message digest based on the encrypted public key and the transaction content;
Generating a first verification abscissa based on the message digest and a signature abscissa of the target signature; and taking the abscissa of the verification parameter as a second verification abscissa;
if the first verification abscissa is consistent with the second verification abscissa, signature verification is passed;
if the first verification abscissa and the second verification abscissa are inconsistent, signature verification is not passed.
Optionally, the signature verification module is specifically configured to:
Generating verification binding information based on the public parameters, the coordinates of the known base point and the encrypted public key;
cascading operation is carried out on the transaction content and the verification binding information, and a transaction confirmation factor is obtained;
and converting the transaction confirmation factor into the message digest by adopting a message digest algorithm.
In one aspect, an embodiment of the present application provides a transaction verification device, applied to a client, including:
the generation module is used for responding to the transaction request of the target account and generating a transaction to be verified, wherein the transaction to be verified comprises the following steps: transaction content, target signature and signature random number;
The sending module is used for sending the transaction to be verified carrying the transaction address to a blockchain system so that the blockchain system generates verification parameters based on the signature random number and the coordinates of the known base point; and recovering an encrypted public key based on the verification parameter and the target signature; performing signature verification on the target signature based on the encrypted public key and the transaction content; when the signature verification is passed, the encryption public key is encoded to obtain a reference address; and if the reference address is consistent with the transaction address, determining that the transaction to be verified is verified.
Optionally, the generating module is specifically configured to:
Responding to a transaction request of a target account, and signing the transaction content based on an original private key of the target account, an original public key of the target account and the signature random number to obtain a target signature;
And obtaining the transaction to be verified based on the transaction content, the target signature and the signature random number.
Optionally, the transaction address is a contract address, and the transaction address is obtained by encoding the original public key.
Optionally, the generating module is specifically configured to:
generating verification parameters based on the signature random number and the coordinates of the known base points;
generating an encryption factor based on the public parameters, the coordinates of the known base point and the original public key;
Performing cascade operation on the transaction content and the encryption factor, and performing hash operation on a cascade operation result to obtain a target hash value;
Determining a signature abscissa based on the abscissa of the verification parameter and the target hash value; and determining a signature ordinate based on the original private key, the signature random number, and the signature abscissa;
The target signature is determined based on the signature abscissa and the signature ordinate.
In one aspect, embodiments of the present application provide a computer device comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the transaction verification method described above when the program is executed.
In one aspect, embodiments of the present application provide a computer-readable storage medium storing a computer program executable by a computer device, which when run on the computer device, causes the computer device to perform the steps of the transaction verification method described above.
In one aspect, embodiments of the present application provide a computer program product comprising a computer program stored on a computer readable storage medium, the computer program comprising program instructions which, when executed by a computer device, cause the computer device to perform the steps of the transaction verification method described above.
In the embodiment of the application, the blockchain system receives a transaction to be verified, which is sent by a client and carries a transaction address, and the transaction to be verified comprises: transaction content, target signature, and signature random number. Because the original public key is a two-dimensional coordinate and the signature random number is a one-dimensional parameter, compared with the prior art for transmitting and storing the public key, the method and the device can reduce half of public key transmission and storage cost, thereby reducing occupied transmission resources and storage resources and improving the efficiency and performance of a block chain system.
Secondly, generating verification parameters based on the signature random number and the coordinates of the known base points; and recovering the encrypted public key based on the verification parameter and the target signature. The target signature is then signature verified based on the encrypted public key and the transaction content. And when the signature verification is passed, the encryption public key is encoded to obtain a reference address. If the reference address is consistent with the transaction address, determining that the transaction to be verified is verified. The blockchain system determines whether the transaction to be verified is legal or not through multiple verification (signature verification and address verification), so that the security of the transaction is improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the description of the embodiments will be briefly described below, it will be apparent that the drawings in the following description are only some embodiments of the present invention, and that other drawings can be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic structural diagram of a system architecture according to an embodiment of the present application;
FIG. 2 is a schematic flow chart of a transaction verification method according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of a transaction verification device according to an embodiment of the present application;
Fig. 4 is a schematic structural diagram of a transaction verification device according to an embodiment of the present application;
Fig. 5 is a schematic structural diagram of a computer device according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantageous effects of the present invention more apparent, the present invention will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
For ease of understanding, the terms involved in the embodiments of the present invention are explained below.
Blockchains are a completely new distributed infrastructure and computing paradigm. The system is a brand new distributed infrastructure which uses a block chain type data structure to verify and store data, uses a distributed node consensus algorithm to generate and update the data, uses the cryptography technology to ensure the safety of data transmission and access control, and uses an intelligent contract consisting of automatic script codes to program and operate the data.
Block (Block): the blocks are the basic units of data stored in the blockchain, and each block contains the latest transaction information on the current blockchain network.
Chain (Chain): the chain is formed by concatenating blocks in time order.
Distributed): distributed refers to all nodes in the blockchain having the right to validate a transaction, unlike traditional financial systems where only a centralized institution has the right to validate a transaction.
Consensus (Consensus): consensus refers to the fact that in a blockchain network, all nodes need to agree to complete transaction verification and add new blocks.
Cryptography (Cryptography): cryptography refers to the use of cryptography techniques in blockchain networks to secure data transmission and access control.
Smart contract (Smart Contract): smart contracts refer to the use of smart contracts composed of automated script code in a blockchain network to program and manipulate data.
Digital signature (also known as public key digital signature): only the sender of the information can generate a digital string which cannot be forged by others, and the digital string is also a valid proof 1 for the authenticity of the information sent by the sender of the information. Digital signature is a technology based on public key cryptography, which uses an asymmetric key cryptosystem, i.e. a pair of keys, a public key and a private key, respectively. The private key is known only to the sender of the information, while the public key is available to anyone. The sender encrypts the information using its own private key and then sends the encrypted information to the receiver together with its own public key. The receiver decrypts the information using the sender's public key and then verifies the decrypted information using the sender's public key.
Elliptic curve cryptography: (Elliptic Curve Cryptography, ECC for short) is a public key cryptosystem based on elliptic curve math.
SM2 digital signature algorithm: a signature algorithm based on elliptic curve cryptography. In the SM2 signing process, there are common public parameters IDA and ENTLA. Public key pa= (x a,ya), public key is a point on the SM2 elliptic curve.
Base point (G): the generator on the SM2 elliptic curve has coordinates (x G,yG).
SM3 algorithm: a cryptographic hash function, SM3, similar to other hash functions (e.g., SHA-256), is used primarily to generate message digests to verify data integrity and consistency.
Referring to fig. 1, a system architecture diagram applicable to an embodiment of the present application, where the system architecture at least includes a client 101 and a blockchain system 102, the number of clients 101 may be one or more, and the number of clients 101 is not specifically limited in the present application.
The client 101 is configured to receive a transaction request of a target account, and generate a corresponding transaction to be verified. The transaction to be validated is then sent to the blockchain system 102 for validation. And executing the transaction content in the transaction to be verified when the verification passes.
The client 101 may be, but is not limited to, a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart home appliance, a smart voice interaction device, a smart car device, etc.
The blockchain system 102 includes a plurality of distributed nodes, the blockchain system 102 utilizing a blockchain data structure to validate and store data, utilizing a distributed node consensus algorithm to generate and update data, utilizing cryptographic techniques to secure data transmission and access control, utilizing intelligent contracts composed of automated script code to program and manipulate data.
The distributed node may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, a content distribution network (Content Delivery Network, CDN), basic cloud computing services such as big data and an artificial intelligent platform. The client 101 and the blockchain system 102 may be directly or indirectly connected by wired or wireless communication, as the application is not limited in this regard.
Based on the system architecture diagram shown in fig. 1, an embodiment of the present application provides a transaction verification method, as shown in fig. 2, where the method is performed interactively by the client 101 and the blockchain system 102, and includes the following steps:
in step 201, the client side responds to the transaction request of the target account to generate a transaction to be verified, wherein the transaction to be verified comprises: transaction content, target signature, and signature random number.
Specifically, the client responds to the transaction request of the target account, and the identity of the target account is verified to be legal or not. Specific verification means include, but are not limited to: password verification, face recognition and fingerprint recognition. When the identity of the target account is legal, calling an original private key d A and an original public key P A=(xa,ya corresponding to the target account, wherein the relation between the original private key and the original public key is as follows: p A=dA x G, wherein G is the base point.
Transaction content M is obtained from the transaction request, the transaction content M being associated with the transaction that actually occurred. For example, when the transaction request is: contract address AddressA of account a, contract address AddressB of account B transfers a transaction of amount 100, transaction content m= (AddressA (account minus 100), addressB (account plus 100)).
The specific process of generating the signature random number by the client comprises the following steps: 256bit random numbers k and r are randomly generated, and then a signature random number q=k+rp is generated based on the random number k and the random number r, where p is a curve disclosure parameter (which may also be considered as a random number).
In some embodiments, in response to a transaction request for a target account, the transaction content is signed based on an original private key of the target account, an original public key of the target account, and a signature random number to obtain a target signature. And then obtaining the transaction to be verified based on the transaction content, the target signature and the signature random number.
Specifically, the verification parameters are generated based on the signature random number and the coordinates of the known base point. In practical application, the signature random number q and the coordinates (x G,yG) of the known base point G may be multiplied to generate the verification parameter Y, which is specifically shown in the following formula (1):
Y=qG=(x1,y1)....................(1)
where (x 1, Y1) represents the coordinates of the verification parameter Y.
Next, an encryption factor is generated based on the public parameters, the coordinates of the known base point, and the original public key. Specifically, the public parameters (IDA and ENTLA), the coordinates (x G,yG) of the known base point G and the coordinates (x a,ya) of the original public key P A may be spliced, and then the splicing result is input into the SM3 algorithm to calculate, so as to obtain the encryption factor ZA, which is specifically shown in the following formula (2):
ZA=SM3(IDA|ENTLA|xG|yG|xa|ya)....................(2)
performing cascade operation on the transaction content M and the encryption factor ZA, and performing hash operation on a cascade operation result to obtain a target hash value e, wherein the target hash value e is specifically shown in the following formula (3):
e=Hv(ZA|M)....................(3)
wherein Hv is used to convert a segment of a string into a value on the elliptic curve number field.
Based on the abscissa x1 of the verification parameter Y and the target hash value e, the signature abscissa delta_r is determined, specifically as shown in the following formula (4):
delta_r=(e+x1)mod n....................(4)
wherein n is a positive integer. If delta_r=0 or delta_r+q=n, the signed random number q is regenerated.
Based on the original private key d A, the signature random number q, and the signature abscissa delta_r, the signature ordinate delta_s is determined, specifically as shown in the following formula (5):
delta_s=((1+dA)-1.(q-delta_r.dA))mod n....................(5)
wherein if delta_s=0, the signed random number q is regenerated.
The target signature (delta_r, delta_s) is determined based on the abscissa delta_and the ordinate delta_s, the target signature being two 256-bit random numbers.
In step 202, the client sends a transaction to be verified, which carries a transaction address, to the blockchain system.
Specifically, the transaction address is a contract address, and the transaction address is obtained by encoding the original public key, that is AddressA = encoding (P A).
In step 203, the blockchain system generates verification parameters based on the signed random number and the coordinates of the known base point.
Specifically, the blockchain system receives a transaction to be verified from the transaction address AddressA, the transaction to be verified including: the transaction content M ', the target signature (delta_r', delta_s ') and the signature random number q'.
It should be noted that, in the process that the client sends the transaction to be verified to the blockchain system, if the transaction content is tampered, the transaction content M generated by the client is different from the transaction content M' received by the blockchain system. If the transaction content is not tampered, the transaction content M generated by the client is the same as the transaction content M' received by the blockchain system.
Similarly, if the target signature is not tampered, the target signature (delta_r ', delta_s') received by the blockchain system is the same as the target signature (delta_r, delta_s) generated by the client; if the target signature is tampered with, then the target signature (delta_r ', delta_s') received by the blockchain system is not the same as the client-generated target signature (delta_r, delta_s).
If the signature random number is tampered, the signature random number q generated by the client is different from the signature random number q' received by the blockchain system. If the signature random number is not tampered, the signature random number q generated by the client is the same as the signature random number q' received by the blockchain system
Multiplying the signature random number q 'by the coordinates of the known base point G to obtain a verification parameter Y', as shown in the following formula (6):
Y'=q'G=(x'1,y'1)....................(6)
where (x '1,y'1) represents the coordinates of the verification parameter Y'.
In step 204, the blockchain system recovers the encrypted public key based on the verification parameters and the target signature.
Specifically, the public key verification factor I is generated based on the signature abscissa delta_r 'of the target signature and the signature ordinate delta_s' of the target signature, specifically as shown in the following formula (7):
I=(delta_r'+delta_s')-1....................(7)
Based on the signature ordinate delta_s 'of the target signature, the public key verification factor I and the verification parameter Y', the encrypted public key is recovered, specifically as shown in the following formula (8):
P'A=I(Y'-deltas'.G)=....................(8)
To facilitate an understanding of the principle of public key recovery, the derivation process will now be described as follows:
multiplying the coordinates of the base point G on both sides of the formula (5) to obtain the following formula (9):
delta_s.G=((1+dA)-1.(q-delta_r.dA)).G.........(9)
Multiplying the parameter (1+d A) on both sides of equation (9) yields the following equation (10):
delta_s.G+delta_s.dA.G=q.G-delta_r.dA.G.........(10)
Because the relationship between the original public key and the original private key is: p A=dA ×g, based on which the above formula (10) can be converted into the following formula (11):
delta_s.G+delta_s.PA=q.G-delta_r.PA.........(11)
further, the formula (11) can be adjusted to the following formula (12) for restoring the public key
PA=(deltas+deltar)-1.(q.G-deltas.G).........(12)
That is, the present application combines the association relationship between the private key d A and the public key P A to back-calculate the calculation formula of generating the signature ordinate delta_s by using the original private key d A, so as to obtain the calculation formula of restoring the public key P A, that is, the original public key P A can be restored by the target signature (delta_r, delta_s), the signature random number q and the base point G. Therefore, after receiving the target signature (delta_r ', delta_s ') and the signature random number q ' sent by the client, the blockchain system substitutes the target signature (delta_r ', delta_s '), the signature random number q ' and the base point G into the above formula (12), thereby realizing the recovery encryption public key P ' A.
In step 205, the blockchain system performs signature verification on the target signature based on the encrypted public key and the transaction content.
Specifically, a message digest Lambda is first generated based on the encrypted public key P 'A and the transaction content M'.
In some embodiments, the verification binding information is generated based on the public parameters, the coordinates of the known base point, and the encrypted public key. Specifically, the public parameters (IDA and ENTLA), the coordinates (x G,yG) of the known base point G and the coordinates (x 'a,y'a) of the encryption public key P' A may be spliced, and then the splicing result is input into the SM3 algorithm to calculate, so as to obtain verification binding information T, which is specifically shown in the following formula (13):
T=SM3(IDA|ENTLA|xG|yG|x'a|y'a).........(13)
And carrying out cascading operation on the transaction content M' and the verification binding information T to obtain a transaction confirmation factor M. The transaction confirmation factor M is converted into a message digest Lambda by adopting a message digest algorithm Hv, which is specifically shown in the following formula (14):
Lambda=Hv(M*).........(14)
where, transaction validation factor m=t|m'.
Then, generating a first verification abscissa based on the message digest and the signature abscissa of the target signature; and taking the abscissa of the verification parameter as a second verification abscissa.
Specifically, the foregoing equation (4) describes the process of generating the signature abscissa delta_r. If the parameter e in the formula (4) is set as the message digest Lambda, and the parameter delta_r is set as the signature abscissa delta_r ' in the received target signature, the first verification abscissa x ' 1 ' can be determined.
And (3) taking the abscissa x '1 of the verification parameter Y' obtained by calculation in the formula (6) as a second verification abscissa.
If the first verification abscissa x ' 1 ' is consistent with the second verification abscissa x ' 1, then signature verification is passed, i.e., the received target signature (delta_r ', delta_s ') is valid; it is also described that the target signature is not tampered with during the process of the client sending the transaction to be verified to the blockchain system, and the target signature (delta_r ', delta_s') received by the blockchain system is the same as the target signature (delta_r, delta_s) generated by the client.
If the first verification abscissa x ' 1 ' is inconsistent with the second verification abscissa x ' 1, signature verification is not passed, i.e., the received target signature (delta_r ', delta_s ') is illegal; it is also described that the target signature is tampered with during the process of the client sending the transaction to be verified to the blockchain system, and the target signature (delta_r ', delta_s') received by the blockchain system is not the same as the target signature (delta_r, delta_s) generated by the client.
When the signature verification fails, the transaction to be verified can be directly determined to fail to verify, and the transaction is rolled back.
In the embodiment of the application, the first verification abscissa x '1' and the second verification abscissa x '1 are obtained through calculation, and whether the target signature is tampered in the process of transmitting the transaction to be verified to the blockchain system by the client is determined by comparing whether the first verification abscissa x' 1 'is consistent with the second verification abscissa x' 1, so that the security of the transaction is further improved.
In step 206, when the signature verification is passed, the blockchain system encodes the encrypted public key to obtain the reference address.
Specifically, the restored encrypted public key P 'A is encoded to obtain a reference address AddressA', i.e., addressA '=encode (P' A).
In step 207, if the reference address is consistent with the transaction address, the blockchain system determines that the transaction to be verified is verified.
Specifically, if the reference address AddressA ' is consistent with the transaction address AddressA, it is stated that the recovered encrypted public key P ' A is correct, i.e., the encrypted public key P ' A is identical to the original public key P A.
If the reference address AddressA' is consistent with the transaction address AddressA, it is also stated that the transaction to be authenticated is legitimate, and therefore, the transaction contents of the transaction to be authenticated are executed.
If the reference address AddressA' does not coincide with the transaction address AddressA, this indicates that the transaction to be validated is not legal, and thus the transaction is rolled back.
In the embodiment of the application, the blockchain system receives a transaction to be verified, which is sent by a client and carries a transaction address, and the transaction to be verified comprises: transaction content, target signature, and signature random number. Because the original public key P A is a two-dimensional coordinate and the signature random number q=k+rp is a one-dimensional parameter, compared with the prior art of transmitting and storing the public key P A, the method and the device can reduce half of public key transmission and storage cost, thereby reducing occupied transmission resources and storage resources and improving the efficiency and performance of a blockchain system.
Generating verification parameters based on the signature random number and coordinates of the known base points; and recovering the encrypted public key based on the verification parameter and the target signature; and carrying out signature verification on the target signature based on the encrypted public key and the transaction content. When the signature verification is passed, the encryption public key is encoded to obtain a reference address; if the reference address is consistent with the transaction address, determining that the transaction to be verified is verified. That is, the blockchain system determines whether the transaction to be authenticated is legal through multiple authentications (signature authentication and address authentication), thereby improving the security of the transaction.
Based on the same technical concept, an embodiment of the present application provides a schematic structural diagram of a transaction verification device, which is applied to a blockchain system, as shown in fig. 3, the transaction verification device 300 includes:
the receiving module 301 is configured to receive a transaction to be verified, which is sent by a client and carries a transaction address, where the transaction to be verified includes: transaction content, target signature and signature random number;
A public key recovery module 302, configured to generate a verification parameter based on the signed random number and coordinates of a known base point; and recovering an encrypted public key based on the verification parameter and the target signature;
A signature verification module 303, configured to perform signature verification on the target signature based on the encrypted public key and the transaction content; when the signature verification is passed, the encryption public key is encoded to obtain a reference address;
And the address verification module 304 is configured to determine that the transaction to be verified is verified if the reference address is consistent with the transaction address.
Optionally, the public key recovery module 302 is specifically configured to:
generating a public key verification factor based on the signature abscissa of the target signature and the signature abscissa of the target signature;
And recovering the encrypted public key based on the signature abscissa of the target signature, the public key verification factor and the verification parameter.
Optionally, the signature verification module 303 is specifically configured to:
generating a message digest based on the encrypted public key and the transaction content;
Generating a first verification abscissa based on the message digest and a signature abscissa of the target signature; and taking the abscissa of the verification parameter as a second verification abscissa;
if the first verification abscissa is consistent with the second verification abscissa, signature verification is passed;
if the first verification abscissa and the second verification abscissa are inconsistent, signature verification is not passed.
Optionally, the signature verification module 303 is specifically configured to:
Generating verification binding information based on the public parameters, the coordinates of the known base point and the encrypted public key;
cascading operation is carried out on the transaction content and the verification binding information, and a transaction confirmation factor is obtained;
and converting the transaction confirmation factor into the message digest by adopting a message digest algorithm.
In the embodiment of the application, the blockchain system receives a transaction to be verified, which is sent by a client and carries a transaction address, and the transaction to be verified comprises: transaction content, target signature, and signature random number. Because the original public key is a two-dimensional coordinate and the signature random number is a one-dimensional parameter, compared with the prior art for transmitting and storing the public key, the method and the device can reduce half of public key transmission and storage cost, thereby reducing occupied transmission resources and storage resources and improving the efficiency and performance of a block chain system.
Secondly, generating verification parameters based on the signature random number and the coordinates of the known base points; and recovering the encrypted public key based on the verification parameter and the target signature. The target signature is then signature verified based on the encrypted public key and the transaction content. And when the signature verification is passed, the encryption public key is encoded to obtain a reference address. If the reference address is consistent with the transaction address, determining that the transaction to be verified is verified. The blockchain system determines whether the transaction to be verified is legal or not through multiple verification (signature verification and address verification), so that the security of the transaction is improved.
Based on the same technical concept, an embodiment of the present application provides a schematic structural diagram of a transaction verification device, which is applied to a client, as shown in fig. 4, the transaction verification device 400 includes:
A generating module 401, configured to generate a transaction to be verified in response to a transaction request of a target account, where the transaction to be verified includes: transaction content, target signature and signature random number;
A sending module 402, configured to send the transaction to be verified, which carries a transaction address, to a blockchain system, so that the blockchain system generates a verification parameter based on the signed random number and coordinates of a known base point; and recovering an encrypted public key based on the verification parameter and the target signature; performing signature verification on the target signature based on the encrypted public key and the transaction content; when the signature verification is passed, the encryption public key is encoded to obtain a reference address; and if the reference address is consistent with the transaction address, determining that the transaction to be verified is verified.
Optionally, the generating module 401 is specifically configured to:
Responding to a transaction request of a target account, and signing the transaction content based on an original private key of the target account, an original public key of the target account and the signature random number to obtain a target signature;
And obtaining the transaction to be verified based on the transaction content, the target signature and the signature random number.
Optionally, the transaction address is a contract address, and the transaction address is obtained by encoding the original public key.
Optionally, the generating module 401 is specifically configured to:
generating verification parameters based on the signature random number and the coordinates of the known base points;
generating an encryption factor based on the public parameters, the coordinates of the known base point and the original public key;
Performing cascade operation on the transaction content and the encryption factor, and performing hash operation on a cascade operation result to obtain a target hash value;
Determining a signature abscissa based on the abscissa of the verification parameter and the target hash value; and determining a signature ordinate based on the original private key, the signature random number, and the signature abscissa;
The target signature is determined based on the signature abscissa and the signature ordinate.
In the embodiment of the application, the blockchain system receives a transaction to be verified, which is sent by a client and carries a transaction address, and the transaction to be verified comprises: transaction content, target signature, and signature random number. Because the original public key is a two-dimensional coordinate and the signature random number is a one-dimensional parameter, compared with the prior art for transmitting and storing the public key, the method and the device can reduce half of public key transmission and storage cost, thereby reducing occupied transmission resources and storage resources and improving the efficiency and performance of a block chain system.
Secondly, generating verification parameters based on the signature random number and the coordinates of the known base points; and recovering the encrypted public key based on the verification parameter and the target signature. The target signature is then signature verified based on the encrypted public key and the transaction content. And when the signature verification is passed, the encryption public key is encoded to obtain a reference address. If the reference address is consistent with the transaction address, determining that the transaction to be verified is verified. The blockchain system determines whether the transaction to be verified is legal or not through multiple verification (signature verification and address verification), so that the security of the transaction is improved.
Based on the same technical concept, the embodiment of the present application provides a computer device, which may be a client and/or a blockchain system shown in fig. 1, as shown in fig. 5, including at least one processor 501, and a memory 502 connected to the at least one processor, where the embodiment of the present application is not limited to a specific connection medium between the processor 501 and the memory 502, and in fig. 5, the connection between the processor 501 and the memory 502 is exemplified by a bus. The buses may be divided into address buses, data buses, control buses, etc.
In an embodiment of the present application, the memory 502 stores instructions executable by the at least one processor 501, and the at least one processor 501 may perform the steps of the transaction verification method described above by executing the instructions stored in the memory 502.
Where the processor 501 is the control center of the computer device, various interfaces and lines may be utilized to connect various portions of the computer device to effect transaction verification by executing or executing instructions stored in the memory 502 and invoking data stored in the memory 502. Alternatively, the processor 501 may include one or more processing units, and the processor 501 may integrate an application processor and a modem processor, wherein the application processor primarily processes operating systems, user interfaces, application programs, etc., and the modem processor primarily processes wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 501. In some embodiments, processor 501 and memory 502 may be implemented on the same chip, or they may be implemented separately on separate chips in some embodiments.
The processor 501 may be a general purpose processor such as a Central Processing Unit (CPU), digital signal processor, application SPECIFIC INTEGRATED Circuit (ASIC), field programmable gate array or other programmable logic device, discrete gate or transistor logic, discrete hardware components, etc., that may implement or perform the methods, steps, and logic diagrams disclosed in embodiments of the present application. The general purpose processor may be a microprocessor or any conventional processor or the like. The steps of a method disclosed in connection with the embodiments of the present application may be embodied directly in a hardware processor for execution, or in a combination of hardware and software modules in the processor for execution.
The memory 502, as a non-volatile computer readable storage medium, may be used to store non-volatile software programs, non-volatile computer executable programs, and modules. The Memory 502 may include at least one type of storage medium, and may include, for example, flash Memory, hard disk, multimedia card, card Memory, random access Memory (Random Access Memory, RAM), static random access Memory (Static Random Access Memory, SRAM), programmable Read-Only Memory (Programmable Read Only Memory, PROM), read-Only Memory (ROM), charged erasable programmable Read-Only Memory (ELECTRICALLY ERASABLE PROGRAMMABLE READ-Only Memory, EEPROM), magnetic Memory, magnetic disk, optical disk, and the like. Memory 502 is any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer device, but is not limited to such. The memory 502 in embodiments of the present application may also be circuitry or any other device capable of performing storage functions for storing program instructions and/or data.
Based on the same inventive concept, an embodiment of the present application provides a computer-readable storage medium storing a computer program executable by a computer device, which when run on the computer device causes the computer device to perform the steps of the transaction verification method described above.
Based on the same inventive concept, embodiments of the present application provide a computer program product comprising a computer program stored on a computer readable storage medium, the computer program comprising program instructions which, when executed by a computer device, cause the computer device to perform the steps of the transaction verification method described above.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, or as a computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer device or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer device or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer device or other programmable apparatus to produce a computer device implemented process such that the instructions which execute on the computer device or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.
Claims (10)
1. A transaction verification method applied to a blockchain system, comprising:
Receiving a transaction to be verified, which is sent by a client and carries a transaction address, wherein the transaction to be verified comprises: transaction content, target signature and signature random number;
generating verification parameters based on the signature random number and coordinates of the known base points; and recovering an encrypted public key based on the verification parameter and the target signature;
Performing signature verification on the target signature based on the encrypted public key and the transaction content; when the signature verification is passed, the encryption public key is encoded to obtain a reference address;
and if the reference address is consistent with the transaction address, determining that the transaction to be verified is verified.
2. The method of claim 1, wherein the recovering an encrypted public key based on the verification parameter and the target signature comprises:
generating a public key verification factor based on the signature abscissa of the target signature and the signature abscissa of the target signature;
And recovering the encrypted public key based on the signature abscissa of the target signature, the public key verification factor and the verification parameter.
3. The method of claim 1, wherein said signing the target signature based on the encrypted public key and the transaction content comprises:
generating a message digest based on the encrypted public key and the transaction content;
Generating a first verification abscissa based on the message digest and a signature abscissa of the target signature; and taking the abscissa of the verification parameter as a second verification abscissa;
if the first verification abscissa is consistent with the second verification abscissa, signature verification is passed;
if the first verification abscissa and the second verification abscissa are inconsistent, signature verification is not passed.
4. The method of claim 3, wherein the generating a message digest based on the encrypted public key and the transaction content comprises:
Generating verification binding information based on the public parameters, the coordinates of the known base point and the encrypted public key;
cascading operation is carried out on the transaction content and the verification binding information, and a transaction confirmation factor is obtained;
and converting the transaction confirmation factor into the message digest by adopting a message digest algorithm.
5. A transaction verification method applied to a client, comprising:
generating a transaction to be verified in response to a transaction request of a target account, the transaction to be verified comprising: transaction content, target signature and signature random number;
Transmitting the transaction to be verified carrying the transaction address to a blockchain system, so that the blockchain system generates verification parameters based on the signature random number and the coordinates of the known base point; and recovering an encrypted public key based on the verification parameter and the target signature; performing signature verification on the target signature based on the encrypted public key and the transaction content; when the signature verification is passed, the encryption public key is encoded to obtain a reference address; and if the reference address is consistent with the transaction address, determining that the transaction to be verified is verified.
6. The method of claim 5, wherein generating a transaction to be validated in response to the transaction request for the target account comprises:
Responding to a transaction request of a target account, and signing the transaction content based on an original private key of the target account, an original public key of the target account and the signature random number to obtain a target signature;
And obtaining the transaction to be verified based on the transaction content, the target signature and the signature random number.
7. The method of claim 6, wherein the transaction address is a contract address and the transaction address is obtained by encoding the original public key.
8. The method of claim 6, wherein signing the transaction content based on the original private key of the target account, the original public key of the target account, and the signature random number to obtain a target signature comprises:
generating verification parameters based on the signature random number and the coordinates of the known base points;
generating an encryption factor based on the public parameters, the coordinates of the known base point and the original public key;
Performing cascade operation on the transaction content and the encryption factor, and performing hash operation on a cascade operation result to obtain a target hash value;
Determining a signature abscissa based on the abscissa of the verification parameter and the target hash value; and determining a signature ordinate based on the original private key, the signature random number, and the signature abscissa;
The target signature is determined based on the signature abscissa and the signature ordinate.
9. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the steps of the method of any of claims 1-8 when the program is executed.
10. A computer readable storage medium, characterized in that it stores a computer program executable by a computer device, which program, when run on the computer device, causes the computer device to perform the steps of the method according to any one of claims 1-8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410379695.2A CN118211965A (en) | 2024-03-29 | 2024-03-29 | Transaction verification method, device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410379695.2A CN118211965A (en) | 2024-03-29 | 2024-03-29 | Transaction verification method, device and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN118211965A true CN118211965A (en) | 2024-06-18 |
Family
ID=91450219
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410379695.2A Pending CN118211965A (en) | 2024-03-29 | 2024-03-29 | Transaction verification method, device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN118211965A (en) |
-
2024
- 2024-03-29 CN CN202410379695.2A patent/CN118211965A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11842317B2 (en) | Blockchain-based authentication and authorization | |
| CN110612700B (en) | Authentication based on recovered public key | |
| US11196556B2 (en) | Method for restoring public key based on SM2 signature | |
| US20200213125A1 (en) | Computer-implemented system and method enabling secure storage of a large blockchain over a plurality of storage nodes | |
| WO2020038137A1 (en) | Two-dimensional code generation method, data processing method, apparatus, and server | |
| WO2018224941A1 (en) | Methods and systems to establish trusted peer-to-peer communications between nodes in a blockchain network | |
| CN111464315B (en) | Digital signature processing method, device, computer equipment and storage medium | |
| US10887110B2 (en) | Method for digital signing with multiple devices operating multiparty computation with a split key | |
| CN111815321A (en) | Transaction proposal processing method, device, system, storage medium and electronic device | |
| CN111147245A (en) | Algorithm for encrypting by using national password in block chain | |
| CN113743939A (en) | Identity authentication method, device and system based on block chain | |
| CN111683090A (en) | Block chain digital signature method and device based on distributed storage | |
| CN110737915A (en) | Anti-quantum-computation anonymous identity recognition method and system based on alliance chain and implicit certificate | |
| TWI773161B (en) | Digital signature private key verification method | |
| CN112184245B (en) | Transaction identity confirmation method and device for cross-region block chain | |
| CN112926983A (en) | Block chain-based deposit certificate transaction encryption system and method | |
| CN111245594B (en) | Homomorphic operation-based collaborative signature method and system | |
| CN111353780A (en) | Authorization verification method, device and storage medium | |
| CN114362958B (en) | Intelligent home data security storage auditing method and system based on blockchain | |
| CN113051623B (en) | Data processing method and device and electronic equipment | |
| CN118211965A (en) | Transaction verification method, device and storage medium | |
| CN113362065A (en) | Online signature transaction implementation method based on distributed private key | |
| CN112837064A (en) | Signature method, signature verification method and device of alliance chain | |
| CN114826720B (en) | Data storage method, data storage device, computer readable storage medium and electronic equipment | |
| CN116318738B (en) | Signature method, signature system, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination |