JP2023164279A - Control device and system for electronic locks and the like - Google Patents

Abstract

To provide means capable of realizing highly reliable control of an electronic lock using a non-fungible token without unnecessarily increasing the labor of a user who attempts to unlock the electronic lock.SOLUTION: An electronic lock control device 1 according to the present invention includes a reading unit 14 capable of reading one or more two-dimensional codes C, an address acquisition unit 112 capable of acquiring the contract address of the non-fungible token recorded on the blockchain from the two-dimensional codes C, and a lock control unit 115 capable of unlocking an electronic lock 2 associated with the non-fungible token on the basis of the determination result based on an electronic signature for signed information including the contract address.SELECTED DRAWING: Figure 1

Description

The present invention relates to a control device and system for electronic locks and the like.

In controlling electronic locks, communication via a network is used to improve the security of the control. The security of the control includes resistance to attempts to control the electronic lock with false information. Electronic lock controls can increase their resistance to attempts to convey false information by using a system with high Byzantine fault tolerance.

Blockchain is known as an example of a technology that uses communication via a network to improve Byzantine fault tolerance. In a distributed system built using a blockchain, data is recorded on the blockchain in a manner that can be easily verified by each member participating in the system.

Therefore, in such a distributed system, attempts to forge data recorded on the blockchain can be easily detected and data forgery can be prevented. Therefore, by using blockchain, a distributed system with high Byzantine fault tolerance can be realized.

Therefore, by utilizing blockchain in the control of electronic locks, the Byzantine fault tolerance of the platform implementing the control can be increased. Therefore, by using blockchain in controlling an electronic lock, the security of the control can be improved.

Regarding an attempt to use blockchain in controlling electronic locks, Patent Document 1 discloses a system that enables wireless communication between a locking device that unlocks a key in response to an unlocking instruction, a network communication unit that allows access to a blockchain, and a smart device. and a control unit that records ledger information associated with the unlocking operation of the smart device on the blockchain via the network communication unit and instructs the locking device to unlock. A smart lock device is disclosed.

According to the invention of Patent Document 1, a high level of security can be ensured in recording information accompanying an unlocking operation of an electronic lock.

JP2020-30610A

By the way, data that can be recorded on a blockchain includes non-fungible tokens ("Non-fungible tokens", "NFTs") in addition to fungible tokens such as cryptocurrencies. Non-fungible tokens differ from fungible tokens in that they are non-fungible data. Controlling an electronic lock using a non-fungible token makes it possible to manage a real space that can be locked with an electronic lock using non-fungible data. Thereby, the security of the real space can be improved.

However, the technology of Patent Document 1 can only record ledger information associated with unlocking operations of smart devices on a blockchain, and ensure a high level of security in recording information associated with unlocking operations of electronic locks. Therefore, the technology of Patent Document 1 has room for further improvement in terms of managing a real space that can be locked with an electronic lock using a non-fungible token.

The present invention has been made in order to solve the problems of the prior art as described above, and allows the use of non-fungible tokens without unnecessarily increasing the effort of users who attempt to unlock electronic locks. The purpose of this study is to provide a means to realize highly reliable control of electronic locks.

As a result of intensive studies to solve the above problems, the present inventors acquired the contract address of the non-fungible token recorded on the blockchain from the two-dimensional code read by the reader, and the read contract address etc. The electronic lock associated with the non-fungible token is controlled based on the determination result based on the electronic signature of the non-fungible token, and the presenter who presented the two-dimensional code is the owner of the non-fungible token. The inventors have discovered that the above-mentioned problems can be solved by doing the following, and have completed the present invention. Specifically, the present invention provides the following.

The invention according to the first feature includes: a reading unit that can read one or more two-dimensional codes; and an address acquisition unit that can acquire a contract address of a non-fungible token recorded on a blockchain from the two-dimensional code. , a lock control execution unit capable of unlocking the electronic lock associated with the non-fungible token based on a determination result based on the electronic signature for the signed information including the contract address; Provide a control device.

A non-fungible token contract address allows access to the non-fungible token recorded on the blockchain. Therefore, the electronic lock control device can control the electronic lock using the non-fungible token by acquiring the contract address of the non-fungible token provided by the user who wishes to unlock the electronic lock. By controlling the electronic lock using the non-fungible token, the control device can realize highly reliable control of the electronic lock using the blockchain.

However, a non-fungible token is a token that is not fungible with other tokens, ie, has no fungibility. Therefore, the contract address of a non-fungible token is required to include at least information that can identify the issuer of the non-fungible token on the blockchain that records the non-fungible token. This allows the contract address of a non-fungible token to be a long and complex address. If the means for controlling the electronic lock is configured such that the user directly inputs such a contract address, the effort of the user attempting to unlock the electronic lock may significantly increase.

Furthermore, the contract address of a non-fungible token may not be confidential information. Therefore, if a control device controls an electronic lock based only on the provided contract address, a non-owner who is not the owner of a non-fungible token can provide the control device with a contract address that is not confidential information and open the electronic lock. There is a concern that unauthorized attempts may be made to lock the lock.

According to the invention according to the first feature, the address acquisition section acquires the contract address through reading the two-dimensional code in the reading section, and based on the determination result based on the electronic signature on the signed information including the contract address. A lock control execution unit controls the electronic lock. Thereby, the control device can control the electronic lock by determining whether the presenter who presented the two-dimensional code is the owner of the non-fungible token based on the determination result based on the electronic signature.

Therefore, according to the invention according to the first feature, the user attempts to unlock the electronic lock by having the user perform complicated procedures associated with providing various information that enables highly reliable unlocking. To prevent unnecessarily increasing the user's effort, and to perform highly reliable unlocking based on highly reliable non-fungible tokens recorded on the blockchain and identification of the owner based on electronic signatures. It is possible to achieve both.

Therefore, according to the invention according to the first feature, highly reliable electronic lock control using a non-fungible token can be performed without unnecessarily increasing the effort of the user who attempts to unlock the electronic lock. We can provide a means to achieve this.

The invention according to the second characteristic is the invention according to the first characteristic, wherein the non-fungible token can be used to control access to a predetermined virtual space associated with the non-fungible token. , provides a control device.

Non-fungible tokens recorded on blockchain are used to manage admission to events held in virtual space (the "metaverse"). Managing admission using non-fungible tokens can improve the security of the virtual space.

According to the invention according to the second feature, entry management to each of the virtual space and the real space can be realized using one non-fungible token. As a result, a user who attempts to unlock an electronic lock can obtain a non-fungible token used to control access to the virtual space and a non-fungible token used to unlock the electronic lock that can lock the real space. One non-fungible token allows access to both the virtual space and the real space associated with the non-fungible token without requiring separate management effort.

Therefore, according to the invention according to the second feature, highly reliable electronic lock control using a non-fungible token can be performed without unnecessarily increasing the effort of the user who attempts to unlock the electronic lock. We can provide a means to achieve this.

The invention according to a third characteristic is the invention according to the first or second characteristic, wherein the signed information is unique information for each generation of the two-dimensional code, and the control device a signature acquisition unit capable of acquiring the signed information and the electronic signature from the dimensional code; a signature determination unit capable of determining whether the acquired electronic signature is valid; and a signature determination unit capable of determining whether the acquired electronic signature is valid. In this case, the lock controller further comprises: a presenter determination unit capable of determining whether the two-dimensional code has been presented by the owner of the two-dimensional code based on the acquired signature information and the electronic signature; The execution unit provides a control device capable of controlling the electronic lock and/or permitting the transaction based on the determination result by the presenter determination unit.

In controlling an electronic lock using a two-dimensional code, there is a desire to limit the number of times and/or the period during which a user can control the electronic lock using a two-dimensional code. Furthermore, in controlling an electronic lock using a two-dimensional code, if the two-dimensional code is leaked, there is a desire to invalidate the leaked two-dimensional code.

According to the invention related to the third feature, the number of times and/or the period during which the electronic lock can be controlled can be managed for each generated two-dimensional code. This is because, in the invention according to the third characteristic, the signed information is unique information for each generation of a two-dimensional code, and the signature determination unit is valid for the electronic signature acquired from the two-dimensional code by the signature acquisition unit. If it is possible to determine whether the two-dimensional code is present and the electronic signature is valid, it is possible to determine whether the two-dimensional code has been presented by the owner of the two-dimensional code based on the signed information and the electronic signature acquired by the presenter determination unit. It is.

Further, according to the invention according to the third feature, when a two-dimensional code is leaked, only the leaked two-dimensional code can be invalidated without affecting the effectiveness of other two-dimensional codes.

Furthermore, according to the invention according to the third feature, since the signature etc. acquisition unit can acquire the electronic signature etc. from the two-dimensional code, the control device can perform the following operations without acquiring the electronic signature etc. via the network. You can obtain electronic signatures, etc. Therefore, the risk of electronic signatures and the like being intercepted via the network can be reduced.

In the invention according to the third feature, a series of processes including obtaining an electronic signature from a two-dimensional code, determining whether the electronic signature is valid, and determining whether the presenter is the owner is performed by the user. This can be achieved without any additional work, and the reliability of electronic lock control using non-fungible tokens can be further improved.

Therefore, according to the invention according to the third feature, highly reliable electronic lock control using a non-fungible token can be performed without unnecessarily increasing the effort of the user who attempts to unlock the electronic lock. We can provide a means to achieve this.

The invention according to the fourth characteristic is the invention according to the third characteristic, wherein the signed information determines whether the elapsed time from the generation of the two-dimensional code to the current time is included in a predetermined range. The present invention provides a control device that includes possible predetermined information and is capable of determining whether the acquired electronic signature is valid based on a determination as to whether the elapsed time is included in a predetermined range.

In controlling electronic locks using two-dimensional codes, there is a desire to limit the expiration date of the two-dimensional codes. Thereby, even if the two-dimensional code is leaked, it is possible to prevent unauthorized attempts to open the lock using the leaked two-dimensional code.

Furthermore, in controlling electronic locks using electronic signatures, there is a desire to limit the expiration date of electronic signatures. Thereby, even if the electronic signature is no longer confidential information, it is possible to prevent unauthorized attempts to open the lock using the electronic signature. A feature that can prevent unauthorized attempts to open the lock using an electronic signature that is no longer confidential information is that the electronic signature is recorded on the blockchain, and the member participating in the decentralized system built using the blockchain is This is particularly useful when the electronic signature represents easily verifiable information, ie, non-confidential information.

According to the invention according to the fourth feature, it is possible to determine whether an electronic signature is valid based on determining whether the elapsed time is included in a predetermined range using predetermined information included in the information to be signed. The expiration date of the dimensional code and/or electronic signature can be limited to a predetermined range. Therefore, according to the invention according to the fourth feature, unauthorized attempts to unlock the lock can be further prevented.

In the invention according to the fourth feature, the determination of whether the elapsed time is included in the predetermined range can be realized without requiring the user to perform additional work, and can be implemented using an electronic lock using a non-fungible token. The reliability of control can be further improved.

Therefore, according to the invention according to the fourth feature, highly reliable electronic lock control using a non-fungible token can be performed without unnecessarily increasing the effort of the user who attempts to unlock the electronic lock. We can provide a means to achieve this.

The invention according to a fifth feature is the invention according to any one of the first to fourth features, wherein the electronic signature is a predetermined signature recorded on the blockchain in response to generation of the two-dimensional code. A control device is provided, including an electronic signature.

According to the invention according to the fifth feature, since the electronic signature used to determine whether the presenter of the two-dimensional code is the owner of the non-fungible token includes a predetermined electronic signature recorded on the blockchain, it is even more effective. Ownership can be determined based on a highly reliable electronic signature.

In the invention according to the fifth feature, the configuration in which the electronic signature includes a predetermined electronic signature can be realized without requiring the user to perform additional work, and the electronic lock can be controlled using a non-fungible token. The reliability of the system can be further improved.

Therefore, according to the invention according to the fifth feature, highly reliable electronic lock control using a non-fungible token can be performed without unnecessarily increasing the effort of the user who attempts to unlock the electronic lock. We can provide a means to achieve this.

The invention according to a sixth characteristic is the invention according to the fifth characteristic, comprising: a determination command unit capable of instructing an external device to transmit the determination result based on the predetermined electronic signature; The present invention provides a control device further comprising: a determination receiving unit capable of receiving the determined determination result.

The process of making a determination based on a predetermined electronic signature recorded on a blockchain is a process that is complex and requires a large amount of processing compared to the process of reading a two-dimensional code, the process of obtaining a contract address from a two-dimensional code, etc. Furthermore, in the process of making a determination based on a predetermined electronic signature, there is a concern that the amount of processing will increase due to communication via a network. Therefore, when the processing is performed in a control device, problems such as increased power consumption of the control device, complexity of the control device, and/or enlargement of the control device may occur.

The invention according to the sixth feature is capable of receiving a discrimination result based on a predetermined electronic signature from an external device by including a discrimination command section and a discrimination reception section. Thereby, various problems associated with executing a process of making a determination based on a predetermined electronic signature recorded on a blockchain in a control device can be solved.

The series of processing for receiving the determination result from the external device in the invention according to the sixth feature can be realized without requiring the user to perform any additional work, and can be implemented in an electronic lock using a non-fungible token. Control reliability can be further improved.

Therefore, according to the invention according to the sixth feature, highly reliable electronic lock control using a non-fungible token can be performed without unnecessarily increasing the effort of the user who attempts to unlock the electronic lock. We can provide a means to achieve this.

The invention according to the seventh feature is the invention according to the fifth or sixth feature, wherein the presenter who presents the two-dimensional code is the owner of the non-fungible token. The present invention provides a control device, further comprising an owner discriminating section capable of determining based on the owner discriminating section, wherein the lock control execution section is capable of unlocking the electronic lock based on the determination result of the owner discriminating section.

When an external device performs processing to determine whether the presenter who presented the two-dimensional code is the owner of the non-fungible token based on predetermined signature information, the processing involves sending a predetermined electronic signature from the control device to the external device. Includes processing to send. As a result, in a communication environment where network security is not sufficiently guaranteed, there is a risk that the predetermined electronic signature sent may be leaked, and the leaked predetermined electronic signature may be used in an unauthorized attempt to open the lock. Ru.

According to the invention according to the seventh feature, since the lock control execution unit can control the electronic lock based on the determination result of the owner determination unit further comprising an owner determination unit, the predetermined electronic signature is transferred to the external device. It is possible to determine whether the presenter who presented the two-dimensional code is the owner of the non-fungible token based on predetermined signature information without transmitting it. Therefore, according to the invention according to the seventh feature, unauthorized attempts to unlock the lock can be further prevented in a communication environment where network safety is not sufficiently guaranteed.

In the invention according to the seventh feature, the process of determining whether the presenter is the owner based on the electronic signature can be realized without requiring the user to perform additional work, and is non-substitutable. The reliability of electronic lock control using tokens can be further improved.

Therefore, according to the invention according to the seventh feature, highly reliable electronic lock control using a non-fungible token can be performed without unnecessarily increasing the effort of the user who attempts to unlock the electronic lock. We can provide a means to achieve this.

The invention according to the eighth feature is configured to include a server and a terminal capable of communicating with the server, and the server is configured to associate the use of managed objects managed by electronic locks and/or the use of transactions. a signature information generation unit that can generate signed information that has been signed, a signature execution determination unit that can determine whether a signature related to a non-fungible token has been applied to the signed information, and a signature that is associated with the usage. a usage permission execution unit capable of permitting the use when it is determined that the signature has been applied to the signature information; the terminal includes a signed information acquisition unit capable of acquiring the signed information; A system is provided, comprising: a signature command unit capable of commanding a signature regarding the non-fungible token to information to be signed.

The server of the invention according to the eighth feature can generate signed information associated with the use of a managed object and/or the use of a transaction managed by an electronic lock that can be unlocked by the above-mentioned control device or the like. The terminal then obtains this signature information and can sign the non-fungible token. As a result, the contract address of the non-fungible token and the usage of the managed object come to correspond via the signature.

When the server of the invention according to the eighth feature determines that a signature regarding a non-fungible token associated with the use of a managed object and/or the use of a transaction has been performed on a terminal, the server manages the management using the electronic lock. You can authorize the use of the subject and/or the use of the transaction.

In other words, according to the invention according to the eighth feature, the user can obtain signature information using the non-fungible token and perform a simple procedure of signing using the non-fungible token. Can control electronic locks.

In addition, according to the invention according to the eighth feature, the user causes the terminal to acquire the signed information associated with the use of the transaction and uses the non-fungible token in the same way as when using the managed object. Transactions using non-fungible tokens can be made available by following a simple procedure of signing with non-fungible tokens.

Therefore, the invention according to the eighth feature realizes highly reliable control of electronic locks using non-fungible tokens without unnecessarily increasing the effort of users who attempt to unlock electronic locks. We can provide possible means.

The invention according to a ninth characteristic is the invention according to the eighth characteristic, wherein the system further includes a control device according to any one of the first to seventh characteristics, and the usage permission When it is determined that the signature has been applied to the signed information associated with the use of the managed object, the execution unit generates a contract address of the non-fungible token, the signed information, and a predetermined information based on the signature. A system is provided in which a two-dimensional code capable of acquiring an electronic signature can be provided to the terminal, and the terminal further includes a two-dimensional code display section capable of displaying the two-dimensional code provided from the server.

According to the invention according to the ninth feature, the terminal displays a two-dimensional code provided by the server, which is capable of acquiring a contract address of a non-fungible token, signed information, and an electronic signature. can. The control device can then unlock the electronic lock using the displayed two-dimensional code. That is, according to the invention according to the ninth feature, the user performs a simple procedure of causing the terminal to acquire the signed information, signing using the non-fungible token, and displaying the provided two-dimensional code. This allows electronic locks to be controlled using non-fungible tokens.

Therefore, the invention according to the ninth feature realizes highly reliable control of electronic locks using non-fungible tokens without unnecessarily increasing the effort of users who attempt to unlock electronic locks. We can provide possible means.

According to the present invention, it is possible to provide means for realizing highly reliable control of electronic locks using non-fungible tokens without unnecessarily increasing the effort of users who attempt to unlock electronic locks. can.

FIG. 1 is a block diagram showing the hardware configuration and software configuration of the smart lock system S of the first embodiment (this embodiment). FIG. 2 is a flowchart of non-fungible token issuing processing executed by the server 4. FIG. 3 is a main flowchart of the lock control process executed by the control device 1. FIG. 4 is a flowchart of the determination result acquisition process executed in step S13 of FIG. FIG. 5 is a diagram following FIG. 4. FIG. 6 is a flowchart of the two-dimensional code display process executed by the terminal 3. FIG. 7 is a flowchart of the determination result transmission process executed by the server 4. FIG. 8 is a schematic diagram showing an example of area management using the smart lock system S. FIG. 9 is a flowchart of usage processing executed by the terminal 3 of the second embodiment. FIG. 10 is a flowchart of the usage permission process executed by the server 4 of the second embodiment. FIG. 11 is a sequence diagram regarding the usage process executed by the terminal 3 and the usage permission process executed by the server 4 in the second embodiment.

Embodiments of the present invention will be described in detail below with reference to the drawings.

<Smart lock system S of the first embodiment>
FIG. 1 is a block diagram showing the hardware configuration and software configuration of the smart lock system S of the first embodiment (this embodiment). The smart lock system S of this embodiment acquires the contract address of the non-fungible token recorded on the blockchain from the read two-dimensional code C, and determines the determination result based on the electronic signature on the signed information including this contract address. The electronic lock 2 is configured to include at least a control device 1 that can control the electronic lock 2 based on the following, and one or more electronic locks 2 that are subject to control performed by the control device 1.

It is preferable that the smart lock system S further includes a terminal 3 that can access the blockchain and display the two-dimensional code C by executing a predetermined program. Thereby, the control device 1 can perform more reliable control of reading the two-dimensional code C generated by the terminal 3 based on the blockchain.

It is preferable that the smart lock system S further includes a server 4 configured to be able to access the blockchain and communicate with the control device 1 and/or the terminal 3 via the network N. As a result, the smart lock system S performs the processing of issuing a non-fungible token associated with the electronic lock 2, the processing of determining based on the electronic signature on the signed information including the contract address obtained from the two-dimensional code C, etc. can be configured to be performed by the server 4.

The process of issuing a non-fungible token and the process of making a determination based on an electronic signature are complex and require a large amount of processing compared to the process of reading the two-dimensional code C, the process of acquiring the contract address from the two-dimensional code C, etc. It is processing. Furthermore, in these processes, there is also a concern that the amount of processing will increase due to communication via the network. Therefore, when these processes are performed in the control device 1, problems such as an increase in the power consumption of the control device 1, a complication of the control device 1, and/or an increase in the size of the control device 1 may occur.

By further including the server 4, the smart lock system S can be configured so that the various processes described above are performed by the server 4, and the various problems described above in the control device 1 can be solved.

[Two-dimensional code C]
The two-dimensional code C is not particularly limited as long as it is a code that can obtain the contract address of the non-fungible token recorded on the blockchain. The two-dimensional code C may be, for example, a two-dimensional code using a QR code (registered trademark) or the like.

The two-dimensional code C is preferably a code that can acquire signed information including a contract address and an electronic signature for the signed information. Thereby, the control device 1 can acquire this information from the two-dimensional code C, and can determine whether the two-dimensional code C is a code that can control the electronic lock 2 based on this information.

When the two-dimensional code C acquires signed information and an electronic signature for the signed information through wireless communication or the like, there is a risk that this information will be intercepted. Since the two-dimensional code C is a code that can acquire this information, the risk of interception can be reduced.

[Contract address]
The contract address included in the two-dimensional code C is not particularly limited as long as it is a contract address of a non-fungible token recorded on the blockchain.

(Blockchain)
Here, blockchain is a platform that allows data to be recorded as a group of records that are linked to each other using cryptographic technology and that is continuously added to, thereby facilitating the verification of such recorded data on a decentralized system. shows.

Therefore, in a distributed system built using a blockchain, attempts to forge data recorded on the blockchain can be easily detected, and data forgery can be prevented. Therefore, by using the blockchain, the smart lock system S can have high resistance to attempts to transmit false information, that is, high Byzantine fault tolerance.

(non-fungible token)
Here, a non-fungible token (NFT) refers to non-fungible data recorded on a blockchain. Non-fungible tokens can be used to indicate ownership of digital and/or physical assets by being non-fungible data. Therefore, the non-fungible token is used to indicate various rights related to the electronic lock 2, such as the right to unlock and/or lock the electronic lock 2, the right to use the space and/or goods managed by the electronic lock 2, etc. It can be used for The non-fungible token is not particularly limited, and may be a non-fungible token issued using the server 4 or a non-fungible token issued using a device different from the server 4. The issuer of the non-fungible token is not particularly limited, and may be the administrator of the smart lock system S or a person different from the administrator of the smart lock system S.

(About contract address)
Here, the contract address of a non-fungible token is an address on the blockchain that can identify the smart contract that is the issuer of the non-fungible token.

The control device 1, the terminal 3, the server 4, etc. determine/change the owner of the non-fungible token and the metadata recorded in the non-fungible token via the smart contract that is the issuer of the non-fungible token. It is possible to read the non-fungible token, generate/verify an electronic signature regarding the non-fungible token, etc.

Therefore, by using the contract address of the non-fungible token, the process of determining the owner of the non-fungible token on the blockchain and the process of generating/verifying an electronic signature regarding the non-fungible token are exemplified. , it becomes possible to access the non-fungible token recorded on the blockchain.

[Signed information]
The signed information is not particularly limited as long as it includes the contract address of the non-fungible token.

Preferably, the signed information includes a token ID that can identify a specific non-fungible token from one or more tokens issued from the contract address. Thereby, the control device 1 can control the electronic lock 2 based on the determination result as to whether a right regarding control of the electronic lock 2 is associated with a specific non-fungible token identified by the token ID. Therefore, it is possible to realize more reliable control that is determined on a non-fungible token basis.

The signed information may be information that does not include a token ID that can identify a specific non-fungible token from one or more tokens issued from a contract address. Thereby, the amount of data of the two-dimensional code C including signed information can be reduced, and the cost required for reading the two-dimensional code C can be reduced.

Although it is not an essential aspect, it is preferable that the signed information is configured to be unique information each time the two-dimensional code C is generated. Thereby, the administrator of the smart lock system S can manage the number of times and/or the period during which the electronic lock 2 can be controlled for each generated two-dimensional code. Furthermore, if the two-dimensional code C is leaked, the administrator of the smart lock system S can invalidate only the leaked two-dimensional code C without affecting the effectiveness of other two-dimensional codes C.

Although not an essential aspect, it is preferable that the signed information includes predetermined information that can determine whether the elapsed time from the generation of the two-dimensional code C to the current time is included in a predetermined range. Thereby, the administrator of the smart lock system S can limit the expiration date of the two-dimensional code C and/or the electronic signature to a predetermined range. Therefore, by including the predetermined information in the signed information, unauthorized attempts to unlock the lock can be further prevented.

The predetermined information is not particularly limited as long as it can be determined whether the elapsed time from the generation of the two-dimensional code C to the current time is included in the predetermined range. The predetermined information may be, for example, the generation time of the two-dimensional code C, a value obtained when the generation time of the two-dimensional code C is given as an argument to a predetermined function, or the like.

The predetermined function is not particularly limited as long as it is a function that can obtain a value when the generation time of the two-dimensional code C is given as an argument. The predetermined function may be, for example, a one-time password generation function that takes time as an argument.

It is preferable that the predetermined information includes, among other things, the generation time of the two-dimensional code C. Thereby, the control device 1 can determine whether the elapsed time from the generation of the two-dimensional code C to the current time is included in the predetermined range by a simple procedure of calculating the difference between the generation time and the current time.

[Electronic signature]
The electronic signature is not particularly limited as long as it is possible to identify whether the owner of the non-fungible token has signed the information to be signed. The electronic signature includes, for example, a digital signature based on various public key cryptosystems.

Although not an essential aspect, as one aspect of this embodiment, it is preferable that the electronic signature includes a predetermined electronic signature recorded on the blockchain in response to the generation of the two-dimensional code C. The predetermined electronic signature includes, for example, an electronic signature of data recorded on the blockchain when a transaction related to the generation of the two-dimensional code C is executed on the blockchain.

Attempts to falsify data recorded on the blockchain are easily detectable. Therefore, by including the predetermined electronic signature recorded in the blockchain in the electronic signature, it is possible to determine the owner based on the electronic signature with even higher reliability.

When there is a desire to reduce the amount of communication via the network N of the control device 1, and/or when there is a desire to reduce various costs spent on blockchain in the generation of the two-dimensional code C, the electronic signature is It is preferable that the data recorded on the blockchain in response to the generation of the two-dimensional code C is not included.

The process of determining based on a predetermined electronic signature recorded on the blockchain involves communication via network N. Therefore, when executing this process, the amount of communication via the network N of the control device 1 increases. Furthermore, when recording a predetermined electronic signature on the blockchain in response to the generation of the two-dimensional code C, economic costs ("gas costs") and time costs are incurred for performing the recording.

Therefore, since the electronic signature does not include the data recorded on the blockchain in response to the generation of the two-dimensional code C, the amount of communication via the network N of the control device 1 is suppressed, and the blockchain This can reduce various costs incurred.

If the electronic signature does not include data recorded on the blockchain in response to the generation of the two-dimensional code C, the electronic signature is an electronic signature made using a cryptographic key associated with the owner of the non-fungible token. It is preferable to include. Examples of such an encryption key include an encryption key stored in the terminal 3 owned by the owner, an encryption key that can be used in response to authentication of the owner through various authentication processes, and the like.

[Control device 1]
The control device 1 includes at least a device control section 11, a device storage section 12, a device communication section 13, a reading section 14, and a lock control section 15.

[Device control unit 11]
The device control unit 11 includes a CPU (Central Processing Unit), a RAM (Random Access Memory), a ROM (Read Only Memory), and the like.

The device control section 11 reads a predetermined program, and controls the software configuration of the control device 1 by cooperating with each component included in the control device 1 such as the device storage section 12 and/or the device communication section 13 as necessary. The elements are reading execution section 111, address acquisition section 112, signature etc. acquisition section 113, signature discrimination section 114, presenter discrimination section 115, discrimination command section 116, discrimination reception section 117, owner discrimination section 118, lock control execution 119, etc.

The flow of the lock control process executed in the control device 1 will be explained in detail later using FIG. 3.

[Device storage unit 12]
The device storage unit 12 is a device in which data and/or files are stored, and includes a data storage unit such as a hard disk, a semiconductor memory, a recording medium, and a memory card.

The device storage unit 12 enables connection via a network N to a storage device or storage system such as a NAS (Network Attached Storage), a SAN (Storage Area Network), a cloud storage, a file server, and/or a distributed file system. It may have a mechanism.

The device storage unit 12 stores control programs and the like executed by the microcomputer.

[Device communication section 13]
The device communication unit 13 is not particularly limited as long as it enables communication between the control device 1 and the terminal 3 and/or the server 4, etc. via the network N. The device communication unit 13 is configured to include, for example, a wireless device compatible with a mobile phone network, a Wi-Fi (Wireless Fidelity) compatible device compliant with IEEE 802.11, a network card compatible with the Ethernet standard, and the like.

[Reading unit 14]
The reading unit 14 is not particularly limited as long as it can read the two-dimensional code C, and is configured to include various two-dimensional code reading members of the prior art.

(Detection means)
Although not an essential aspect, it is preferable that the reading unit 14 includes a detection means capable of detecting whether a detection target such as the terminal 3 and/or a user using the terminal 3 exists in the vicinity of the reading unit 14. . By providing the reading unit 14 with the detection means, the reading unit 14 can be controlled so as not to perform reading when the detection target is not detected. Thereby, the reading unit 14 can reduce power consumption.

The detection means is not particularly limited as long as it can detect whether the terminal 3 and/or a user using the terminal 3 is present around the reading unit 14. The detection means may be a detection section including, for example, a moving object identification sensor capable of detecting a moving object around the reading section 14, a human sensor capable of detecting a person around the reading section 14, or the like.

Among others, it is preferable that the detection means includes a moving object identification sensor. Thereby, the detection means can detect the movement of the user presenting the two-dimensional code C to the reading unit 14. Therefore, it is possible to reduce power consumption by not performing reading when the user is simply near the reader 14 and does not present the two-dimensional code C, and when the user presents the two-dimensional code C to the reader 14. This can be done at the same time as reading from time to time.

The detection means is capable of controlling the reading unit 14 or the control device 1 to a standby state when the detection target is not detected for a certain period of time, and can end this standby state when the detection target is detected. It is preferable that there be. Thereby, the detection means can reduce power consumption when the detection target is not detected for a certain period of time.

[Lock control unit 15]
The lock control unit 15 is not particularly limited as long as it can control the electronic lock 2. The lock control unit 15 is configured to be able to control the electronic lock 2 by, for example, control via serial communication or control via an unlock signal from an electric contact. Thereby, the control device 1 can control the electronic lock 2 more reliably than when the control device 1 and the electronic lock 2 are connected wirelessly. The lock control unit 15 is configured to be able to control the electronic lock 2 through communication via short-range wireless communication, for example, wireless communication based on Bluetooth (registered trademark), ZigBee (registered trademark), or the like. Thereby, the control device 1 can control the electronic lock 2 without being connected to the electronic lock 2 by wire. Thereby, the administrator of the smart lock system S can install the control device 1 and/or the electronic lock 2 more easily than when the control device 1 and the electronic lock 2 are connected by wire.

Among others, it is preferable that the short-range wireless communication includes short-range wireless communication based on Bluetooth Low Energy (Bluetooth LE, BLE) of Bluetooth (registered trademark). Since the short-range wireless communication includes short-range wireless communication based on Bluetooth LE, the control device 1 can further reduce power consumption related to communication with the electronic lock 2.

[Electronic lock 2]
The electronic lock 2 is not particularly limited as long as it can be switched between a locked state and an unlocked state. The electronic lock 2 can supply less power than the power that can be supplied by a commercial power supply, such as an electric electronic lock, a smart lock, or an electric electronic lock that operates on commercial power, such as an electric lock, a magnetic lock, an automatic door, etc. An electronic lock, etc. that operates on a suitable power source may be used.

Among these, it is preferable that the electronic lock 2 includes an electronic electronic lock. Thereby, the electronic lock 2 can be switched between a locked state and an unlocked state even in a place where power supply is restricted.

The electronic lock 2 is preferably an electronic lock 2 that can be controlled via the various short-range wireless communications described above. Thereby, the smart lock system S can be installed without connecting the control device 1 and the electronic lock 2 by wire. Thereby, the administrator of the smart lock system S can install the control device 1 and/or the electronic lock 2 more easily than when the control device 1 and the electronic lock 2 are connected by wire.

[Power supply part]
Although not an essential aspect, it is preferable that the electronic lock 2 includes a power supply section that can supply power smaller than the power that can be supplied by a commercial power source. Thereby, the electronic lock 2 can be switched between a locked state and an unlocked state even in a place where power supply is restricted.

The power supply unit is not particularly limited as long as it can supply less power than the commercial power supply can supply. The power supply unit may be, for example, a power supply unit that can supply power using one or more of a battery, an AC adapter, a USB power supply, a non-contact power supply, and the like.

The power supply unit preferably includes a power supply unit capable of supplying power using a battery. Thereby, the administrator who manages the electronic lock 2 can maintain the power supply unit by relatively simple management of replacing the battery. This can reduce the effort required to maintain the power supply unit.

[Management target]
The objects to be managed by the electronic lock 2 are not particularly limited. Examples of objects to be managed include indoor areas such as buildings and rooms, outdoor areas such as outdoor event venues, and the like. By including the indoor area and/or outdoor area as the management target, the control device 1 can manage participation in events and the like held in these areas.

The objects of management are not limited to these areas, but include, for example, vehicles such as cars and bicycles, storage areas such as delivery boxes, home appliances such as washing machines and coffee machines, office supplies such as printers, etc. Can be mentioned. By including these items and the like as objects of management, the control device 1 can also manage services provided through various items and the like provided to participants in events and the like.

[Terminal 3]
The terminal 3 can display the above-mentioned two-dimensional code C by executing a predetermined program. The flow of the two-dimensional code display process in which the terminal 3 displays the two-dimensional code C will be explained in detail later using FIG.

Similar to the control device 1, the terminal 3 includes a terminal control section, a terminal storage section, and a terminal communication section, and further includes a terminal display section capable of displaying a two-dimensional code C, and an instruction to display the two-dimensional code C can be input. It is equipped with a terminal input section, etc. (not shown).

The terminal 3 can store the contract address of the non-fungible token, the encryption key for accessing the blockchain, etc.

Since the terminal 3 can store the contract address of the non-fungible token, the terminal 3 can display the two-dimensional code C from which the contract address can be obtained.

Since the terminal 3 is capable of storing an encryption key for accessing the blockchain, the user of the terminal 3 can perform various processes using the non-fungible token that he/she owns. Furthermore, the terminal 3 can generate an electronic signature using the encryption key.

Preferably, the terminal 3 is capable of generating an electronic signature for signed information including a contract address. Thereby, the terminal 3 can display the two-dimensional code C from which signed information and an electronic signature can be obtained. Therefore, the control device 1 can acquire an electronic signature or the like from the two-dimensional code C without acquiring the electronic signature or the like via the network N. Therefore, the risk of electronic signatures etc. being intercepted via the network N can be reduced.

Preferably, the terminal 3 is capable of storing a token ID that can identify non-fungible tokens. Thereby, the terminal 3 can display the two-dimensional code C from which the token ID corresponding to the specific non-fungible token associated with the electronic lock 2 to be controlled can be obtained. Thereby, the control device 1 can control the electronic lock 2 based on the determination result as to whether a right regarding control of the electronic lock 2 is associated with a specific non-fungible token identified by the token ID. Therefore, it is possible to realize more reliable control that is determined on a non-fungible token basis.

The hardware configuration of the terminal 3 is not particularly limited. The terminal 3 may be, for example, a mobile terminal such as a smartphone and a tablet terminal, a computer such as a personal computer, a notebook computer, or the like.

Among others, it is preferable that the terminal 3 includes a mobile terminal. Thereby, the user can easily perform the procedure of posting the terminal 3 at a position where the reading unit 14 of the control device 1 can read the two-dimensional code C.

When the electronic signature includes the above-mentioned predetermined electronic signature, it is preferable that the terminal 3 be able to communicate via the network N. Thereby, the terminal 3 can execute processing such as acquiring a predetermined electronic signature from the blockchain via the network N.

[Server 4]
The server 4 can communicate with the control device 1 and/or the terminal 3 via the network N. The server 4 is capable of executing non-fungible token issuing processing for issuing non-fungible tokens associated with various rights regarding the electronic lock 2.

The hardware configuration of the server 4 is not particularly limited, and may be, for example, various server devices, a cloud server configured using a plurality of computers that can communicate with each other, or the like. Like the control device 1, the server 4 includes a server control section, a server storage section, and a server communication section (not shown).

The flow of the non-fungible token issuing process executed by the server 4 to issue a non-fungible token will be explained in detail later using FIG.

If the control device 1 can instruct the server 4 to transmit the determination result based on the electronic signature, it is preferable that the server 4 be able to execute a determination result transmission process of transmitting the determination result to the control device 1.

The process of making a determination based on the electronic signature is complex and requires a large amount of processing compared to the process of reading the two-dimensional code C, the process of acquiring the contract address from the two-dimensional code C, and the like. The server 4 is capable of executing a determination result transmission process in which the server 4 performs determination and transmits the determination instead of the control device 1, thereby reducing power consumption and control of the control device 1 by causing the control device 1 to perform determination processing. Problems such as the complication of the device 1 and/or the increase in the size of the control device 1 can be solved.

The flow of the determination result transmission process that is executed by the server 4 and transmits the determination result based on the electronic signature will be explained in detail later using FIG.

By the way, when there are many electronic locks 2 that are managed by the control device 1 and/or when there are many non-fungible tokens related to the smart lock system S, various rights regarding the non-fungible tokens and the electronic locks 2 are The number of correspondences can be enormous. When configuring the control device 1 to be able to store such associations, problems such as increased power consumption of the control device 1, increased complexity of the control device 1, and/or increased size of the control device 1 may occur.

When the server 4 is capable of executing the determination result transmission process, it is preferable that the server 4 is capable of storing correspondences between non-fungible tokens and various rights regarding the electronic lock 2. Thereby, in the determination result transmission process, various rights related to the electronic lock 2 associated with the non-fungible token related to determination can be transmitted to the control device 1.

Therefore, the control device 1 can control the electronic lock 2 based on the association between the non-fungible token and various rights regarding the electronic lock 2 without storing such an association. Therefore, various problems that may occur when the control device 1 is configured to store the correspondence can be solved.

[Network N]
The type of network N is not particularly limited as long as it is a network that enables communication between the control device 1 and the terminal 3 and/or server 4, and examples include a personal area network, a local area network, an intranet, an extranet, the Internet, and Wi-Fi. -Fi network, mobile phone network, or a network that combines multiple of these networks.

The network N preferably includes, among others, a wireless network exemplified by a mobile phone network, Wi-Fi (Wireless Fidelity) compliant with IEEE 802.11, and the like. Thereby, even if wired communication is restricted at the location of the control device 1, the control device 1 can communicate with the terminal 3 and/or the server 4.

[Flowchart of non-fungible token issuing process executed by server 4]
FIG. 2 is a flowchart of non-fungible token issuing processing executed by the server 4. An example of a preferred flow of non-fungible token issuing processing will be described below with reference to FIG. 2.

[Step S1: Determine whether a command has been given to issue a non-fungible token]
The server 4 performs a process of determining whether a command has been given to issue a non-fungible token (step S1, issue command determination step). If issued, the server 4 moves the process to step S2. If the issuance is not instructed, the server 4 ends the non-fungible token issuance process and moves the process to step S1.

The process of determining whether a command has been given to issue a non-fungible token is not particularly limited. This process may be, for example, a process of determining that the issuance of a non-fungible token has been instructed when the administrator of the smart lock system S has instructed the issuance of a non-fungible token.

[Step S2: Record non-fungible token on blockchain]
The server 4 performs a process of recording the non-fungible token issued in step S1 on the blockchain (step S2, non-fungible token recording step). The server 4 moves the process to step S3.

The non-fungible token recording step records the signed information including the contract address of the non-fungible token on the blockchain, and includes a predetermined electronic signature generation means capable of generating a predetermined electronic signature for the recorded signed information. A procedure for making the non-fungible token available for use by the owner, and a procedure for making available for the control device 1 and/or the server 4 a predetermined electronic signature determination means that can determine whether the predetermined electronic signature is a valid signature. It is preferable to include the following.

Thereby, the owner of the non-fungible token can prove that he/she is the owner of the non-fungible token using the predetermined electronic signature generated by the predetermined electronic signature generation means. Further, the control device 1 and/or the server 4 can determine whether the person who presented the two-dimensional code C including the predetermined electronic signature is the owner of the non-fungible token via the predetermined electronic signature determining means.

In the non-fungible token recording step, the process of recording the non-fungible token on the blockchain is not particularly limited; for example, the process of recording the non-fungible token on the blockchain using a template for issuing a non-fungible token is It may be a process that includes a procedure for recording on a chain.

In the non-fungible token recording step, the procedure for making the predetermined electronic signature generation means available to the owner and the predetermined electronic signature determination means available is not particularly limited, and for example, the above-mentioned non-fungible token is issued. It may be a process that includes a procedure of generating a business contract corresponding to a predetermined electronic signature generation means and a predetermined electronic signature determination means using a template.

In the non-fungible token recording step, the non-fungible token may be recorded on the blockchain so as to include information regarding various rights regarding the electronic lock 2 associated with the token to be recorded.

As a result, the control device 1 accesses the blockchain using the contract address and acquires information regarding various rights regarding the electronic lock 2 associated with the non-fungible token recorded on the blockchain. can. Therefore, the control device 1 can control the electronic lock 2 based on more reliable information recorded on the blockchain.

If the non-fungible token is not recorded to include information regarding various rights related to the electronic lock 2 associated with the token to be recorded, the non-fungible token issuance process It is preferable to include an association recording step (step S3) of recording the association of , on the server 4 .

[Step S3: Record the association between the non-fungible token and the electronic lock]
The server 4 performs a process of recording in the server 4 the association between the non-fungible token recorded in step S2 and various rights regarding the electronic lock 2 (step S3, association recording step). The server 4 ends the non-fungible token issuing process and moves the process to step S1.

Since the non-fungible token issuance process includes the association recording step, there is a case where the non-fungible token is not recorded to include information regarding various rights regarding the electronic lock 2 that is associated with the token itself to be recorded. However, the control device 1 can obtain the association via the server 4 and control the electronic lock 2 associated with the non-fungible token.

[Effects of non-fungible token issuance processing]
Since the server 4 can execute the non-fungible token issuing process, the user of the smart lock system S can obtain the non-fungible token issued by the server 4, present it to the control device 1, and issue the electronic lock 2. can be controlled.

The means by which the user of the smart lock system S obtains the non-fungible token issued by the server 4 is not particularly limited. The means for acquiring non-fungible tokens may be, for example, conventional means such as purchasing the tokens via a blockchain.

[Main flowchart of lock control processing executed by control device 1]
FIG. 3 is a main flowchart of the lock control process executed by the control device 1. An example of a preferred flow of the lock control process will be described below with reference to FIG.

[Step S11: Determine whether the two-dimensional code has been read]
The device control section 11 executes the reading execution section 111 in cooperation with the device storage section 12 and the reading section 14, and performs a process of determining whether the two-dimensional code C has been read in the reading section 14 (step S11, reading execution step). If it is determined that the two-dimensional code C has been read, the device control unit 11 moves the process to step S12. If it is not determined that the two-dimensional code C has been read, the device control unit 11 moves the process to step S11.

When the reading unit 14 has a detection means, the reading execution step attempts to read the two-dimensional code C in response to the detection of the detection target, and determines that the two-dimensional code C has been read if this attempt is successful. Preferably, the method includes treatment. Thereby, the control device 1 can control the reading unit 14 so as not to perform reading when the detection target is not detected. Thereby, the reading unit 14 can reduce power consumption.

When the reading unit 14 has a detection means including a moving body identification sensor, the reading execution step reads the two-dimensional code C in response to the detection of the movement of the user presenting the two-dimensional code C to the reading unit 14. It is preferable to include processing for determining that the two-dimensional code C has been read if the attempt is successful. As a result, the control device 1 can reduce power consumption by not performing reading when the user is simply in the vicinity of the reading section 14 and is not presenting the two-dimensional code C, and when the user It is possible to read the dimensional code C when it is presented.

[Step S12: Determine whether contract address etc. can be obtained from the two-dimensional code]
The device control unit 11 executes the address acquisition unit 112 in cooperation with the device storage unit 12, and performs a process of determining whether signed information including a contract address etc. can be acquired from the two-dimensional code C read in step S11. (Step S12, address acquisition step). If it is determined that the signed information can be obtained, the device control unit 11 moves the process to step S13. If it is not determined that the signed information can be obtained, the device control unit 11 moves the process to step S11.

The signed information acquired in step S12 includes at least the contract address of the non-fungible token. Preferably, the signed information acquired in step S12 further includes a token ID that can identify the non-fungible token. Thereby, the control device 1 can control the electronic lock 2 based on the determination result as to whether a right regarding control of the electronic lock 2 is associated with a specific non-fungible token identified by the token ID. Therefore, it is possible to realize more reliable control that is determined on a non-fungible token basis.

The signed information may be information that does not include a token ID that can identify a specific non-fungible token from one or more tokens issued from a contract address. Thereby, the amount of data of the two-dimensional code C including signed information can be reduced, and the cost required for reading the two-dimensional code C can be reduced.

[Step S13: Discrimination result acquisition process]
The device control unit 11 cooperates with the device storage unit 12 and the like to perform a determination result acquisition process to acquire a determination result based on the electronic signature for the signed information including the contract address acquired in step S12 (step S13, determination result acquisition step). The device control unit 11 moves the process to step S14. A preferred flow of the determination result acquisition process executed in step S13 will be explained in detail later using FIGS. 4 and 5.

When the determination result acquisition processing is completed, the device control unit 11 executes the lock control execution unit 119 in cooperation with the device storage unit 12 and the lock control unit 15, and performs lock control execution steps from step S14 to step S15.

[Step S14: Determine whether electronic lock can be controlled]
The device control section 11 executes the lock control execution section 119 in cooperation with the device storage section 12 and the lock control section 15, and performs a process of determining whether the electronic lock 2 can be controlled based on the determination result obtained in step S13. (Step S14). If it is determined that the electronic lock 2 is controllable, the device control unit 11 moves the process to step S15. If it is not determined that the electronic lock 2 is controllable, the device control unit 11 ends the lock control process and moves the process to step S11.

The process of determining whether or not the electronic lock 2 can be controlled in step S14 is based on the determination result acquired in step S13 controlling a predetermined electronic lock, which is any one of the one or more electronic locks 2 managed by the control device 1. It is preferable to include a process of determining that the predetermined electronic lock is controllable when the determination result is that the predetermined electronic lock is controllable.

Thereby, the electronic lock 2 can be controlled based on the right associated with the non-fungible token for each of the one or more electronic locks 2 to be managed. Therefore, more reliable control can be performed than when controlling one or more electronic locks 2 to be managed without distinguishing them.

[Step S15: Control electronic lock]
The device control unit 11 executes the lock control execution unit 119 in cooperation with the device storage unit 12 and the lock control unit 15, and performs processing to control the electronic lock 2 based on the determination result obtained in step S13 (step S15). The device control unit 11 ends the lock control process and moves the process to step S11.

The process of controlling the electronic lock 2 in step S15 can control a predetermined electronic lock whose determination result obtained in step S13 is any one of the one or more electronic locks 2 managed by the control device 1. It is preferable to include a process of controlling a predetermined electronic lock when the determination result is .

Thereby, the electronic lock 2 can be controlled based on the right associated with the non-fungible token for each of the one or more electronic locks 2 to be managed. Therefore, more reliable control can be performed than when controlling one or more electronic locks 2 to be managed without distinguishing them.

[Flowchart of determination result acquisition processing executed in step S13]
FIG. 4 is a flowchart of the determination result acquisition process executed in step S13 of FIG. FIG. 5 is a diagram following FIG. 4. An example of a preferable flow of the determination result acquisition process will be described below with reference to FIGS. 4 and 5.

If the terminal 3 is capable of displaying a two-dimensional code C capable of acquiring an electronic signature for signed information including a contract address, it is preferable that the determination result acquisition process includes a signature acquisition step executed in step S21. .

Since the determination result acquisition process includes the signature etc. acquisition step, the control device 1 can acquire the electronic signature etc. from the two-dimensional code C without acquiring the electronic signature etc. via the network N. Therefore, the risk of electronic signatures etc. being intercepted via the network N can be reduced.

[Step S21: Determine whether an electronic signature etc. can be obtained from the two-dimensional code]
The device control unit 11 executes the signature etc. acquisition unit 113 in cooperation with the device storage unit 12, and determines whether it is possible to acquire signed information and an electronic signature (electronic signature, etc.) from the two-dimensional code C read in step S11. A determination process is performed (step S21, signature etc. acquisition step). If it is determined that an electronic signature or the like can be obtained from the two-dimensional code C, the device control unit 11 moves the process to step S22. If it is not determined that an electronic signature or the like can be obtained from the two-dimensional code C, the device control unit 11 moves the process to step S27.

When the signed information includes predetermined information that can determine whether the elapsed time from the generation of the two-dimensional code C to the current time is included in the predetermined range, the signature etc. acquisition step extracts the predetermined information from the two-dimensional code C. It is preferable that it is possible to obtain Thereby, the control device 1 can use the predetermined information to determine whether the elapsed time from the generation of the two-dimensional code C to the current time is included in the predetermined range.

When the determination result acquisition process includes a signature etc. acquisition step, it is preferable that the determination result acquisition process further includes a signature determination step executed in step S22.

[Step S22: Determine whether the electronic signature is valid]
The device control unit 11 executes the signature determination unit 114 in cooperation with the device storage unit 12, and performs processing to determine whether the electronic signature acquired in step S21 is valid (step S22, signature determination step). If it is determined that the electronic signature is valid, the device control unit 11 moves the process to step S23. If the electronic signature is not determined to be valid, the device control unit 11 moves the process to step S14.

By further including the signature determination step in the determination result acquisition process, the administrator of the smart lock system S can manage the validity of the two-dimensional code C based on determining whether the electronic signature is valid.

The process of determining whether the electronic signature is valid is not particularly limited. This processing includes, for example, a procedure for determining whether an electronic signature is valid based on the elapsed time from the generation of the two-dimensional code C to the current time, and a procedure for invalidating an electronic signature that has been invalidated by the administrator of the smart lock system S. The procedure includes one or more of the following.

When the signature etc. acquisition step can acquire predetermined information from the two-dimensional code C, the signature determination step determines whether the elapsed time from the generation of the two-dimensional code C to the current time is included in the predetermined range. It is preferable to include a step of determining whether the electronic signature is valid or invalid based on the determination.

Regarding the above procedure, there is a desire to limit the expiration date of the two-dimensional code C in controlling the electronic lock 2 using the two-dimensional code C. Thereby, even if the two-dimensional code C is leaked, it is possible to prevent an unauthorized attempt to open the lock using the leaked two-dimensional code C.

Furthermore, in controlling the electronic lock 2 using an electronic signature, there is a desire to limit the expiration date of the electronic signature. Thereby, even if the electronic signature is no longer confidential information, it is possible to prevent unauthorized attempts to open the lock using the electronic signature. A feature that can prevent unauthorized attempts to open the lock using an electronic signature that is no longer confidential information is that the electronic signature is recorded on the blockchain, and the member participating in the decentralized system built using the blockchain is This is particularly useful when the electronic signature represents easily verifiable information, ie, non-confidential information.

The signature determination step includes a step of determining whether the elapsed time is within a predetermined range based on predetermined information, and determining whether the electronic signature is valid or invalid based on the determination. The administrator of the system S can limit the expiration date of the two-dimensional code C and/or electronic signature to a predetermined range. Thereby, the smart lock system S can control the electronic lock 2 with even higher reliability.

The control device 1 includes a presenter determination unit 115 capable of determining whether the two-dimensional code C has been presented by the owner of the two-dimensional code C based on the signed information and the electronic signature acquired in step S21, and the server 4 is capable of executing a determination result transmission process to be described later, it is preferable that the determination result acquisition process includes a process of determining whether the server 4 can perform the determination, which is executed in step S23.

As a result, the control device 1 can suppress an increase in the processing load on the control device 1 by instructing the server 4 to transmit the determination results when the server 4 can perform the determination, and can It is possible to obtain the determination result when the method is not executable.

[Step S23: Determine whether determination using an external device can be performed]
The device control unit 11 cooperates with the device storage unit 12 and the device communication unit 13 to perform a process of determining whether an external device such as the server 4 can perform a determination based on the electronic signature (step S23, first external determination). step). If it is determined that it is executable, the device control unit 11 moves the process to step S25. If it is not determined that it is executable, the device control unit 11 moves the process to step S24.

The first external discrimination determination step is not particularly limited. The processing can be performed by the external device, for example, based on one or more of the following: availability of communication with the external device, communication speed with the external device, safety of communication with the external device, etc. It is sufficient to process to determine whether

Thereby, the control device 1 can determine whether the external device can perform the determination based on the electronic signature, based on the specifications related to communication with the external device. Then, based on the determination, the control device 1 can proceed with the process so that the determination based on the electronic signature is executed by an appropriate one of the control device 1 or an external device.

It is preferable that the determination result acquisition process includes a presenter determination step executed in step S24. This makes it possible to determine whether the two-dimensional code C read in step S11 has been presented by the owner of the two-dimensional code C, without transmitting the electronic signature to the external device via the network N. Thereby, the control device 1 can reduce the risk of the electronic signature being intercepted compared to the case where the electronic signature is transmitted to an external device via the network N.

[Step S24: Make a determination based on the electronic signature and store the result]
The device control unit 11 executes the presenter determination unit 115 in cooperation with the device storage unit 12, and determines whether the two-dimensional code C read in step S11 is the same as the two-dimensional code C based on the electronic signature acquired in step S21. It is determined whether it has been presented by the owner, and the result is stored in the device storage unit 12 (step S24, presenter determination step). The device control unit 11 moves the process to step S14.

Since the determination result acquisition process includes the presenter determination step, the control device 1 determines whether the presenter who presented the two-dimensional code C is the presenter of the two-dimensional code C based on the determination result based on the electronic signature acquired from the two-dimensional code C. The electronic lock 2 can be controlled by determining whether the user is the owner of the non-fungible token. Further, thereby, the control device 1 can reduce the risk of the electronic signature being intercepted compared to the case where the determination is made based on the electronic signature acquired via the network N.

If the electronic signature acquired in step S21 includes a predetermined electronic signature recorded on the blockchain, the device control unit 11 cooperates with the device storage unit 12 to execute the owner determination unit 118 instead of the presenter determination step. an owner determination step in which it is determined whether the two-dimensional code C read in step S11 has been presented by the owner of the two-dimensional code C based on a predetermined electronic signature, and the result is stored in the device storage unit 12; It is preferable to do this.

As a result, the control device 1 determines that the two-dimensional code C has been presented by its owner based on a reliable predetermined electronic signature recorded on a blockchain with high Byzantine fault tolerance, and the control device 1 determines that the two-dimensional code C has been presented by its owner. It is possible to reduce the risk of electronic signatures being intercepted compared to the case where the determination is made based on electronic signatures acquired via a computer. Thereby, the control device 1 can realize even more reliable control of the electronic lock 2.

(Effect in the first case)
Further, if the electronic signature acquired in step S21 includes a predetermined electronic signature recorded on the blockchain, the determination result acquisition process includes a signature determination step, and the device control unit 11 performs the owner determination step in step S24 ( In the first case), the control device 1 can realize even more reliable control of the electronic lock 2.

In the first case, the predetermined electronic signature is recorded on the blockchain in a state that can be verified by other participants who have access to the blockchain. That is, the predetermined electronic signature is no longer confidential information.

Since the determination result acquisition process includes the signature determination step, the administrator of the smart lock system S can invalidate a predetermined electronic signature once used to control the electronic lock 2. Therefore, even if a person attempting to illegally open a lock is able to obtain a predetermined electronic signature that is not confidential information from the blockchain and generate a fraudulent two-dimensional code for use in illegally unlocking, the timing of using the fraudulent two-dimensional code Since the predetermined electronic signature once used to control the electronic lock 2 has been invalidated, the control device 1 can prevent unauthorized unlocking.

Therefore, in the first case, the control device 1 can realize even more reliable control of the electronic lock 2.

(Effect in the second case)
In addition to the first case, the present invention also includes a step of determining whether the elapsed time is within a predetermined range based on predetermined information, and determining whether the electronic signature is valid or invalid based on the determination. In the case of the signature determination step (second case), the control device 1 can realize even more reliable control of the electronic lock 2.

In the second case as well, the predetermined electronic signature is recorded on the blockchain in a state that can be verified by other participants who have access to the blockchain. That is, the predetermined electronic signature is no longer confidential information.

The signature determination step includes a step of determining whether the elapsed time is included in a predetermined range based on predetermined information, and determining whether the electronic signature is valid or invalid based on the determination. 1 can determine that the two-dimensional code C associated with a predetermined electronic signature whose expiration date has passed is not a two-dimensional code C that can control the electronic lock 2.

Therefore, even if a person attempting to illegally open a lock is able to obtain a predetermined electronic signature that is not confidential information from the blockchain and generate a fraudulent two-dimensional code for use in illegally unlocking, the timing of using the fraudulent two-dimensional code , the expiration date of the predetermined electronic signature has passed, and it is determined that the two-dimensional code C cannot control the electronic lock 2. Therefore, the control device 1 does not execute the procedure of invalidating the predetermined electronic signature one by one. , can prevent unauthorized unlocking.

Therefore, in the second case, the control device 1 can realize even more reliable control of the electronic lock 2.

It is preferable that the determination result acquisition process includes the process executed in step S25. Thereby, an increase in the processing load on the control device 1 can be suppressed by instructing the server 4 to transmit the determination result.

[Step S25: Instruct external device to make determination based on electronic signature]
The device control unit 11 executes the determination command unit 116 in cooperation with the device storage unit 12 and the device communication unit 13, and determines whether the two-dimensional code C read in step S11 is two-dimensional based on the electronic signature acquired in step S21. A process is performed to instruct an external device such as the server 4 to determine whether the code C has been presented by the owner (step S25, external determination command step). The device control unit 11 moves the process to step S29.

The control device 1 can determine whether the presenter who presented the two-dimensional code C is the owner of the non-fungible token related to the contract address acquired in step S12 based on a predetermined electronic signature recorded on the blockchain. When the server 4 is equipped with the owner determination unit 118 and is capable of executing the determination result transmission process described later, the determination result acquisition process is a process of determining whether the server 4 can perform the determination performed in step S26. It is preferable to include.

As a result, the control device 1 can suppress an increase in the processing load on the control device 1 by instructing the server 4 to transmit the determination results when the server 4 can perform the determination, and can It is possible to obtain the determination result when the method is not executable.

[Step S26: Determine whether determination can be performed using an external device]
The device control unit 11 cooperates with the device storage unit 12 and the device communication unit 13 to perform a process of determining whether an external device such as the server 4 can perform a determination based on a predetermined electronic signature (step S26, a second external determination step). If it is determined that it is executable, the device control unit 11 moves the process to step S28. If it is not determined that it is executable, the device control unit 11 moves the process to step S27.

The second external determination possibility determining step is not particularly limited, and may be similar to the process of determining whether the external device can perform the determination based on the electronic signature in step S23.

Preferably, the determination result acquisition process includes an owner determination step executed in step S27.

When an external device performs processing to determine whether the presenter who presented the two-dimensional code C is the owner of the non-fungible token based on predetermined signature information, the processing is performed from the control device 1 to the external device using a predetermined electronic Includes the process of sending the signature. As a result, in a communication environment where network security is not sufficiently guaranteed, there is a risk that the predetermined electronic signature sent may be leaked, and the leaked predetermined electronic signature may be used in an unauthorized attempt to open the lock. Ru.

Since the determination result acquisition process includes the owner determination step, the control device 1 can determine that the presenter who presented the two-dimensional code C is the owner of the non-fungible token without transmitting a predetermined electronic signature to the external device. It can be determined based on predetermined signature information. Therefore, by including the owner determination step in the determination result acquisition process, unauthorized attempts to unlock the lock can be further prevented.

[Step S27: Perform determination based on predetermined electronic signature and store result]
The device control unit 11 executes the owner determination unit 118 in cooperation with the device storage unit 12, and based on the predetermined electronic signature, the two-dimensional code C read in step S11 is presented by the owner of the two-dimensional code C. A process is performed to determine whether or not the owner has been used, and to store the result in the device storage unit 12 (step S27, owner determination step). The device control unit 11 moves the process to step S14.

Although not an essential aspect, as an aspect of the present embodiment, the owner determination step is performed when a predetermined electronic signature on the signed information including the contract address acquired in step S12 is placed on the blockchain by the owner of the two-dimensional code C. It is preferable to include a procedure of determining that the two-dimensional code C has been presented by its owner when it is determined that the two-dimensional code C has been recorded. Thereby, the control device 1 can determine that the two-dimensional code C has been presented by its owner based on the reliable predetermined electronic signature recorded on the blockchain having high Byzantine fault tolerance.

Preferably, the determination result acquisition process includes a determination command step executed in step S28.

Since the determination result acquisition process includes the determination command step, the power consumption of the control device 1 increases due to the control device 1 executing the process of determining based on the predetermined electronic signature recorded in the blockchain, and the control device 1 Various problems such as complication and/or enlargement of the control device 1 can be solved.

[Step S28: Instruct external device to make determination based on predetermined electronic signature]
The device control unit 11 executes the determination command unit 116 in cooperation with the device storage unit 12 and the device communication unit 13, and executes the two-dimensional code read in step S11 based on the predetermined electronic signature recorded on the blockchain. Processing is performed to instruct the server 4 to determine whether code C has been presented by the owner of the two-dimensional code C (step S28, determination command step). The device control unit 11 moves the process to step S29.

When the determination result acquisition process includes the process of step S25 and/or step S28, the determination result acquisition process includes a determination reception step executed in step S29. Thereby, the control device 1 can receive the determination result that the server 4 has been instructed to transmit.

[Step S29: Determine whether the determination result has been received from the external device]
The device control unit 11 executes the determination receiving unit 117 in cooperation with the device storage unit 12 and the device communication unit 13, and performs processing to determine whether a determination result has been received from an external device such as the server 4 (step S29, determination reception step). If it is determined that the determination result has been received, the device control unit 11 moves the process to step S14. If it is not determined that the determination result has been received, the device control unit 11 moves the process to step S29.

[Effects of lock control processing]
The control device 1 reads the two-dimensional code C by executing the lock control process from step S11 to step S15, including the determination result acquisition process from step S21 to step S29, and extracts the contract address from the read two-dimensional code C. The electronic lock 2 can be controlled based on the determination result based on the electronic signature for the signed information including the acquired contract address. Thereby, the control device 1 can control the electronic lock 2 by determining whether the presenter who presented the two-dimensional code C is the owner of the non-fungible token based on the determination result based on the electronic signature.

Therefore, according to the control device 1 of this embodiment, an attempt is made to open the electronic lock 2 by having the user perform complicated procedures associated with providing various information that enables highly reliable unlocking. This method prevents unnecessarily increasing the user's effort to unlock the lock, and enables highly reliable unlocking based on highly reliable non-fungible tokens recorded on the blockchain and identification of the owner based on the electronic signature. I can do both.

Therefore, according to the control device 1 of this embodiment, the electronic lock 2 can be controlled with high reliability using a non-fungible token without unnecessarily increasing the effort of the user who attempts to unlock the electronic lock 2. We can provide a viable means.

[Other processing]
(invalidation process)
The control device 1 is configured to disable control of the electronic lock 2 using a specified two-dimensional code C, non-fungible token, and/or electronic signature in response to a command from an administrator of the smart lock system S. Preferably, the processing can be executed. As a result, the administrator etc. can invalidate the leaked two-dimensional code C, the leaked non-fungible token, the electronic signature once used to control the electronic lock 2, etc., and prevent unauthorized lock opening using these. can prevent attempts.

(Matching reception processing)
It is preferable that the control device 1 is capable of executing an association reception process in which the association between a contract address and/or a non-fungible token and a right regarding control of the electronic lock 2 can be received from the server 4 . As a result, the control device 1 is able to control the control device 1 when a non-fungible token, etc. is issued by the server 4, and/or when the association between a non-fungible token, etc. and the right regarding control of the electronic lock 2 is changed, etc. , the electronic lock 2 can be controlled based on the correspondence after the issue and/or the change.

[Flowchart of two-dimensional code display processing executed on terminal 3]
FIG. 6 is a flowchart of the two-dimensional code display process executed by the terminal 3. An example of a preferred flow of two-dimensional code display processing will be described below with reference to FIG.

[Step S31: Determine whether two-dimensional code display has been commanded]
The terminal 3 performs a process of determining whether a command has been given to display the two-dimensional code C (step S31, display command determination step). If it is determined that display of the two-dimensional code C has been instructed, the terminal 3 moves the process to step S32. If the terminal 3 does not determine that the display of the two-dimensional code C has been instructed, the terminal 3 ends the two-dimensional code display process and moves the process to step S31.

Although not an essential aspect, as an aspect of the present embodiment, when the control device 1 is capable of executing the step of acquiring a signature, etc., the terminal 3 executes the signature acquisition step from the blockchain, which is executed from step S32 to step S33. It is preferable that a series of processes for acquiring a predetermined electronic signature for information (a predetermined electronic signature acquisition step) can be executed.

[Step S32: Record the signed information on the blockchain and obtain it]
The terminal 3 performs a process of recording signed information on the blockchain (step S32, signed information recording step). The terminal 3 moves the process to step S33.

The process of recording signed information on the blockchain is not particularly limited. Preferably, the process includes a procedure of recording the signed information on the blockchain using the predetermined electronic signature generation means described in the section of the non-fungible token issuance process. Thereby, the control device 1 and/or the server 4 can determine whether the user of the terminal 3 is the owner of the non-fungible token via the predetermined electronic signature determination means.

[Step S33: Obtain predetermined electronic signature]
The terminal 3 performs a process of acquiring the predetermined electronic signature generated in conjunction with the recording in step S32 (step S33, predetermined electronic signature generation step). The terminal 3 moves the process to step S33.

[Step S34: Display two-dimensional code including contract address, etc.]
The terminal 3 performs a process of displaying the two-dimensional code C including the contract address etc. (step S33, signed information recording step). The terminal 3 moves the process to step S31.

If the terminal 3 is capable of executing the predetermined electronic signature acquisition step, the terminal 3 can acquire the signed information recorded in step S32 and the predetermined electronic signature acquired in step S33 in the signed information recording step. It is preferable that the configured two-dimensional code C can be displayed. Thereby, the control device 1 can acquire signed information and a predetermined electronic signature from the two-dimensional code C.

If the control device 1 is capable of executing the signature determination step, the terminal 3 acquires the signed information and the electronic signature for the signed information, which are unique information for each generation of the two-dimensional code C, in the signed information recording step. It is preferable that the two-dimensional code C configured to be able to be displayed can be displayed.

Thereby, the control device 1 can acquire the signed information and the electronic signature from the two-dimensional code C, and can acquire the determination result based on the electronic signature. Further, the administrator of the smart lock system S can manage whether each generated two-dimensional code C is valid or invalid.

It is preferable that the terminal 3 is capable of displaying a two-dimensional code C that is configured to be able to acquire signed information including the predetermined information described in the section of the two-dimensional code C. Thereby, the administrator of the smart lock system S can limit the expiration date of the two-dimensional code C and/or the electronic signature to a predetermined range. Therefore, unauthorized attempts to unlock the lock can be further prevented.

[Effects of two-dimensional code display processing]
Since the terminal 3 is capable of executing the two-dimensional code display process, the user of the terminal 3 can generate and display the two-dimensional code C when attempting to control the electronic lock 2. Thereby, the terminal 3 can reduce the risk that the generated two-dimensional code C will be used illegally.

[Flowchart of determination result transmission processing executed by server 4]
FIG. 7 is a flowchart of the determination result transmission process executed by the server 4. An example of a preferable flow of the determination result transmission process will be described below with reference to FIG.

[Step S41: Determine whether transmission of determination results based on electronic signature has been instructed]
The server 4 performs a process of determining whether a command has been given to transmit the determination result based on the electronic signature (step S41, transmission command determining step). If it is determined that the transmission of the determination result based on the electronic signature has been instructed, the server 4 moves the process to step S42. If the server 4 does not determine that a command has been given to transmit the determination result based on the electronic signature, the server 4 moves the process to step S41.

The case where the command in step S41 includes signed information and an electronic signature will be explained below, but even if the command in step S41 does not include an electronic signature, the electronic signature can be obtained from the blockchain. Those skilled in the art will understand that the determination results can be transmitted in the same manner.

[Step S42: Determine whether the electronic signature is valid]
The server 4 performs a process of determining whether the electronic signature that is the subject of the determination result instructed to be transmitted in step S41 is valid (step S42, validity determining step). If it is determined that the electronic signature is valid, the server 4 moves the process to step S43. If the electronic signature is not determined to be valid, the server 4 moves the process to step S46.

By including the validity determination step in the determination result transmission process, the server 4 can transmit the determination result that the electronic lock 2 is uncontrollable regarding an invalid electronic signature.

[Step S43: Determine whether the electronic signature is a valid signature]
The server 4 performs a process of determining whether the electronic signature that is the subject of the determination result instructed to be transmitted in step S41 is a valid signature (step S43, validity determination step). If the electronic signature is determined to be a valid signature, the server 4 moves the process to step S44. If the electronic signature is not determined to be a valid signature, the server 4 moves the process to step S46.

By including the validity determination step in the determination result transmission process, the server 4 can transmit the determination result that the electronic lock 2 is uncontrollable with respect to an invalid electronic signature such as a forgery.

[Step S44: Determine whether there is an associated electronic lock]
The server 4 performs processing to determine whether the electronic lock 2 associated with the electronic signature that is the target of the determination result instructed to be transmitted in step S41 is a target to be managed by the destination control device 1 (step S44). , correspondence determination step). If it is determined that the server 4 is to be managed, the server 4 moves the process to step S45. If the server 4 does not determine that it is a management target, the server 4 moves the process to step S46.

By including the validity determination step in the determination result transmission process, the server 4 transmits the determination result that the electronic lock 2 is uncontrollable for the electronic signature that is not associated with the electronic lock 2 that is managed by the control device 1. Can be sent.

[Step S45: Send the determination result that the electronic lock is controllable]
The server 4 transmits the determination result indicating that the electronic lock 2 associated with the electronic signature that is the target of the determination result instructed to be transmitted in step S41 can be controlled to the control device 1 that was instructed to transmit in step S41. (Step S45, first determination result sending step). The server 4 moves the process to step S41.

[Step S46: Send the determination result that the electronic lock is uncontrollable]
The server 4 performs a process of transmitting the determination result that the electronic lock 2 is uncontrollable to the control device 1 which has issued the transmission command in step S41 (step S46, second determination result transmitting step). The server 4 moves the process to step S41.

[Effects of determination result transmission processing]
Since the server 4 is capable of executing the determination result transmission process, the control device 1 can avoid increasing the processing load due to executing the process of determining based on the electronic signature.

<Example of use of smart lock system S>
Next, a usage example of the smart lock system S in this embodiment will be explained.

[Installation of smart lock system S]
FIG. 8 is a schematic diagram showing an example of area management using the smart lock system S.

By installing the control device 1 of this embodiment near the electronic lock 2, the electronic lock 2 can be controlled by the BLE that the lock control unit 15 has. Thereby, the control device 1 can control the door D between the locked state and the unlocked state via the electronic lock 2, and manage access to the management target area A.

The control device 1 can access the network N via a Wi-Fi compatible device included in the device communication section 13. Thereby, the control device 1 can communicate with the server 4 via the network N and receive information such as the association between the non-fungible token and the electronic lock 2.

Also, thereby, the control device 1 can communicate with the server 4 via the network N and transmit various information regarding attempts to control the electronic lock 2 to the server 4. Such information includes, for example, the time when the attempt was made, the non-fungible token used in the attempt, information regarding the terminal 3 used in the attempt, and the like.

[Issuance of non-fungible tokens]
When issuing a non-fungible token in the smart lock system S, the administrator of the smart lock system S instructs the server 4 to issue a non-fungible token associated with the right to control the electronic lock 2. The server 4 executes a non-fungible token issuing process and issues a non-fungible token associated with the right to control the electronic lock 2.

The administrator associates the non-fungible token with the right to participate in an event held in the virtual space as necessary, and sells and/or transfers the non-fungible token to the user via the blockchain. Issuance of non-fungible tokens is not particularly limited, and non-fungible tokens may be issued in a system different from the smart lock system S, and sold and/or transferred.

The user of the terminal 3 purchases the non-fungible token associated with the right to control the electronic lock 2 via the blockchain. As a result, the purchased non-fungible token is associated with the user's wallet provided on the blockchain.

[Control of electronic lock 2]
Hereinafter, regarding the various configurations of the smart lock system S, first, the control device 1 sends the electronic lock 2 An example of how the control device 1 is used in controlling the electronic lock 2 will be explained regarding the configuration (first configuration) for controlling the electronic lock 2. Further, as another aspect of the present embodiment, the control device 1 controls the electronic lock 2 through reading a two-dimensional code C that can obtain signed information including a contract address and an electronic signature using a blockchain. (second configuration), and a configuration in which the control device 1 controls the electronic lock 2 through reading a two-dimensional code C from which a contract address can be obtained and an electronic signature on the blockchain (third configuration). , an example of how the control device 1 is used in controlling the electronic lock 2 will be explained.

[First configuration] Configuration through reading of a two-dimensional code C that can acquire signed information including a contract address and an electronic signature made on the terminal 3 In the first configuration, the control device 1 is configured to acquire signed information including a contract address and an electronic signature made on the terminal 3. A two-dimensional code C capable of acquiring the signature information and an electronic signature for the signed information made on the terminal 3 is read, the signed information and the electronic signature are acquired from the two-dimensional code C, and the signed information is read. And the electronic lock 2 is controlled based on the determination result based on the electronic signature.

(Generation of two-dimensional code C)
A user of the terminal 3 goes to the location of the control device 1 and instructs the terminal 3 to display the two-dimensional code C. The terminal 3 executes a two-dimensional code display process and displays a two-dimensional code C that can obtain signed information including the contract address of the non-fungible token and an electronic signature for the signed information performed on the terminal 3. do. Here, the signed information includes information that allows it to be determined whether the elapsed time since the two-dimensional code C was generated is within a predetermined range.

(Reading two-dimensional code C)
The user presents the two-dimensional code C displayed on the terminal 3 in an area that can be read by the reading unit 14 of the control device 1 . The reading unit 14 of the control device 1 reads the presented two-dimensional code C. The control device 1 executes a reading execution step, an address acquisition step, and a signature etc. acquisition step in the lock control process, and acquires the above-mentioned signed information and signature information from the read two-dimensional code C.

(Obtaining determination results based on electronic signatures)
The control device 1 instructs the server 4 to transmit the electronic signature determination result as necessary, and the terminal 3 determines whether the presenter who presented the two-dimensional code C is the owner of the non-fungible token. The determination result determined based on the electronic signature obtained is obtained.

When the control device 1 instructs the server 4 to transmit the determination result of the electronic signature, the server 4 executes a determination result transmission process and transmits the determination result to the control device 1 . The control device 1 receives the transmitted determination result.

Here, if the elapsed time after the generation of the two-dimensional code C is not included in the predetermined range, the determination result is that the electronic lock 2 is not controllable.

(Control electronic lock 2 based on the determination result)
The control device 1 controls the electronic lock 2 based on the determination result. That is, the control device 1 performs control such as unlocking the electronic lock 2 based on the determination result that the electronic lock 2 can be controlled. In addition, the control device 1 does not unlock the electronic lock 2 based on the determination result that the electronic lock 2 cannot be controlled, and sends a notification to the effect that the electronic lock 2 cannot be controlled with the two-dimensional code C. I do.

The smart lock system S of the first configuration prevents various costs from increasing due to recording electronic signatures on the blockchain, reduces the risk of radio waves containing the electronic signatures being intercepted, and prevents electronic signatures, etc. It is possible to prevent an increase in the user's effort due to manual input, and to prevent attempts at control using an unauthorized two-dimensional code C based on leaked information.

Therefore, the smart lock system S of the first configuration realizes highly reliable control of the electronic lock 2 using a non-fungible token without unnecessarily increasing the effort of the user who attempts to unlock the electronic lock 2. We can provide possible means.

[Second configuration] Configuration through reading a two-dimensional code C that can obtain a contract address, etc. and an electronic signature using a blockchain In the second configuration, the control device 1 acquires signed information including a contract address, and a blockchain-based electronic signature. reads a two-dimensional code C that can obtain an electronic signature using the two-dimensional code C, acquires the signed information and the electronic signature from the two-dimensional code C, and based on the determination result based on the signed information and the electronic signature. Controls electronic lock 2.

(Generation of two-dimensional code C)
A user of the terminal 3 goes to the location of the control device 1 and instructs the terminal 3 to display the two-dimensional code C. The terminal 3 executes a two-dimensional code display process, generates an electronic signature for the signed information including the contract address on the blockchain via the user's wallet, and can acquire the signed information and the signature information. Display two-dimensional code C. Here, the signed information includes information that allows it to be determined whether the elapsed time since the two-dimensional code C was generated is within a predetermined range.

(Reading two-dimensional code C)
The user presents the two-dimensional code C displayed on the terminal 3 in an area that can be read by the reading unit 14 of the control device 1 . The reading unit 14 of the control device 1 reads the presented two-dimensional code C. The control device 1 executes a reading execution step, an address acquisition step, and a signature etc. acquisition step in the lock control process, and acquires the above-mentioned signed information and signature information from the read two-dimensional code C.

(Obtaining determination results based on electronic signatures)
The control device 1 instructs the server 4 to transmit the determination result of the electronic signature as necessary, and determines whether the presenter who presented the two-dimensional code C is the owner of the non-fungible token based on the electronic signature. Obtain the determined results.

When the control device 1 instructs the server 4 to transmit the determination result of the electronic signature, the server 4 executes a determination result transmission process and transmits the determination result to the control device 1 . The control device 1 receives the transmitted determination result.

If the control device 1 does not instruct the server 4 to transmit the electronic signature determination result, the control device 1 executes the owner determination step and determines that the presenter who presented the two-dimensional code C is the owner of the non-fungible token. Based on the electronic signature recorded on the blockchain.

Here, if the elapsed time after the generation of the two-dimensional code C is not included in the predetermined range, the determination result is that the electronic lock 2 is not controllable.

(Control electronic lock 2 based on the determination result)
The control device 1 controls the electronic lock 2 based on the determination result. That is, the control device 1 performs control such as unlocking the electronic lock 2 based on the determination result that the electronic lock 2 can be controlled. In addition, the control device 1 does not unlock the electronic lock 2 based on the determination result that the electronic lock 2 cannot be controlled, and sends a notification to the effect that the electronic lock 2 cannot be controlled with the two-dimensional code C. I do.

The second configuration of the smart lock system S is to perform identification based on highly reliable electronic signatures recorded on the blockchain, reduce the risk that radio waves containing the electronic signatures will be intercepted, and manually handle electronic signatures, etc. It is possible to prevent an increase in the user's effort due to inputting information, and to prevent an attempt at control using an unauthorized two-dimensional code C based on leaked information.

Therefore, the smart lock system S with the second configuration realizes highly reliable control of the electronic lock 2 using a non-fungible token without unnecessarily increasing the effort of the user who attempts to unlock the electronic lock 2. We can provide possible means.

[Third configuration] Configuration via reading of a two-dimensional code C that can acquire a contract address and an electronic signature on a blockchain In the third configuration, the control device 1 can acquire signed information including a contract address. Read the dimensional code C, acquire the signed information from the two-dimensional code C, acquire the electronic signature for the signed information from the blockchain, and based on the determination result based on the signed information and the electronic signature. Controls electronic lock 2.

(Generation of two-dimensional code C)
A user of the terminal 3 goes to the location of the control device 1 and instructs the terminal 3 to display the two-dimensional code C. The terminal 3 executes a two-dimensional code display process and displays a two-dimensional code C from which signed information including the contract address of the non-fungible token can be obtained. Here, the signed information includes information that allows it to be determined whether the elapsed time since the two-dimensional code C was generated is within a predetermined range. Further, the terminal 3 generates an electronic signature for the signed information on the blockchain via the user's wallet.

(Reading two-dimensional code C)
The user presents the two-dimensional code C displayed on the terminal 3 in an area that can be read by the reading unit 14 of the control device 1 . The reading unit 14 of the control device 1 reads the presented two-dimensional code C. The control device 1 executes a reading execution step and an address acquisition step in the lock control process, and acquires the above-mentioned signed information from the read two-dimensional code C.

(Obtaining determination results based on electronic signatures)
The control device 1 instructs the server 4 to transmit the electronic signature determination result as necessary, and records on the blockchain whether the presenter who presented the two-dimensional code C is the owner of the non-fungible token. The determination result determined based on the electronic signature obtained is obtained.

When the control device 1 instructs the server 4 to transmit the determination result of the electronic signature, the server 4 executes the determination result transmission process, accesses the blockchain from the wallet of the server 4, and sends the above-mentioned electronic signature from the blockchain. The signature is acquired and the determination result is transmitted to the control device 1. The control device 1 receives the transmitted determination result.

Here, if the elapsed time after the generation of the two-dimensional code C is not included in the predetermined range, the determination result is that the electronic lock 2 is not controllable.

(Control electronic lock 2 based on the determination result)
The control device 1 controls the electronic lock 2 based on the determination result. That is, the control device 1 performs control such as unlocking the electronic lock 2 based on the determination result that the electronic lock 2 can be controlled. In addition, the control device 1 does not unlock the electronic lock 2 based on the determination result that the electronic lock 2 cannot be controlled, and sends a notification to the effect that the electronic lock 2 cannot be controlled with the two-dimensional code C. I do.

The smart lock system S with the third configuration performs discrimination based on a highly reliable electronic signature recorded on a blockchain, prevents an increase in reading time in reading a two-dimensional code C including the electronic signature, and It is possible to prevent an increase in the user's effort due to manually inputting information, etc., and to prevent attempts at control using an unauthorized two-dimensional code C based on leaked information.

Therefore, the smart lock system S with the third configuration realizes highly reliable control of the electronic lock 2 using a non-fungible token without unnecessarily increasing the effort of the user who attempts to unlock the electronic lock 2. We can provide possible means.

<Smart lock system S of second embodiment>
The smart lock system S of the second embodiment differs from the smart lock system S of the first embodiment in the configuration of the non-fungible token, the software configuration of the terminal 3, and the software configuration of the server 4. Hereinafter, the smart lock system S of the second embodiment is also simply referred to as "system S." The smart lock system S of the second embodiment is the same as the smart lock system S of the first embodiment in other configurations.

[Non-fungible token]
The non-fungible token of the second embodiment can be used to indicate various rights regarding the use of transactions and/or various rights regarding the electronic lock 2. Transactions regarding non-fungible tokens are not particularly limited. The transaction may include one or more of, for example, a transaction related to access control of virtual space, a transaction related to the purchase of goods, a transaction related to the use of services, a transaction related to the use of benefits given to the target user managed by the electronic lock 2, etc. include. The non-fungible token of the second embodiment may be configured such that the right to make further transactions changes each time a transaction is performed. This allows the non-fungible token to represent, for example, rights limited to a certain number of transactions and/or a certain amount of transactions.

[Terminal 3]
The terminal 3 of the second embodiment implements the signed information acquisition section, signature command section, two-dimensional code display section, etc., which are elements of the software configuration of the terminal 3, by executing a predetermined program. The flow of the usage process executed in the terminal 3 will be explained in detail later using FIG. 9.

[Server 4]
The server 4 of the second embodiment realizes the signed information generation section, the signature execution determination section, the usage permission execution section, etc., which are elements of the software configuration of the server 4, by executing a predetermined program. The flow of the usage permission process executed by the server 4 will be explained in detail later using FIG. 10.

[Flowchart of usage processing executed on terminal 3]
FIG. 9 is a flowchart of usage processing executed by the terminal 3 of the second embodiment. The following is an explanation of an example of a preferable flow of the usage process using FIG. 9.

[Step S51: Determine whether signature is commanded]
The terminal 3 executes the signed information acquisition unit and performs processing to determine whether a signature related to the use of a managed object or transaction has been commanded (step S51, signature command determination step). If it is determined that a signature has been instructed, the terminal 3 moves the process to step S52. If the terminal 3 does not determine that a command to display the two-dimensional code C has been given, the terminal 3 moves the process to step S55.

[Step S52: Obtain signature information]
The terminal 3 executes the signature information acquisition unit and performs processing to acquire signature information associated with the managed object or transaction usage related to the command in step S51 (step S52, signature information acquisition step). The terminal 3 moves the process to step S53.

The signed information acquisition step is not particularly limited. The signed information acquisition step includes, for example, a procedure for acquiring a predetermined two-dimensional code including signed information using a camera or the like provided in the terminal 3, a procedure for acquiring signed information via the network N, and the like.

[Step S53: Command signature]
The terminal 3 executes the signature command unit and performs a process of instructing the user of the terminal 3 to perform a signature on the non-fungible token held by the user of the terminal 3 on the signed information acquired in step S52 (step S53, signature command step). ). The terminal 3 moves the process to step S53.

The signature command step is not particularly limited. The signature instruction step includes, for example, a step of instructing a signature with the private key of the wallet of the owner of the non-fungible token, a step of instructing a program capable of managing the wallet to sign with the private key of the wallet, etc. The step may include one or more steps. Hereinafter, "signing with the private key of the wallet of the owner of the non-fungible token" is also simply referred to as "signing with the wallet holding the non-fungible token."

Through a series of processes from step S51 to step S53, the user of the terminal 3 can acquire the right to use the managed object or transaction using the non-fungible token held by the user. Thereby, the system S can give value to the non-fungible token by being able to acquire the right to use it for management purposes or transactions.

[Step S54: Obtain predetermined electronic signature]
The terminal 3 executes the signature command unit and performs a process of acquiring a predetermined electronic signature generated by the signature commanded in step S53 (step S54, signature acquisition step). The terminal 3 moves the process to step S55.

Preferably, the signature acquisition step includes a procedure of providing the acquired predetermined electronic signature to the server 4. Thereby, the server 4 can easily determine whether a predetermined electronic signature has been applied.

[Step S55: Determine whether two-dimensional code can be obtained]
The terminal 3 executes the two-dimensional code display section and performs a process of determining whether the two-dimensional code related to the signature instructed in step S53 can be acquired (step S55, two-dimensional code acquisition determination step). If it is determined that the information can be obtained, the terminal 3 moves the process to step S56. If it is not determined that the information can be obtained, the terminal 3 moves the process to step S57.

[Step S56: Obtain two-dimensional code]
The terminal 3 executes the two-dimensional code display section and performs processing to acquire the two-dimensional code determined to be obtainable in step S55 (step S56, two-dimensional code acquisition execution step). The terminal 3 moves the process to step S57.

The two-dimensional code acquisition execution step is a two-dimensional code C related to the signature commanded in step S53, and is capable of acquiring a two-dimensional code C that can acquire the contract address of the non-fungible token held by the user of the terminal 3. It is preferable that Thereby, the control device 1 can acquire the contract address from the two-dimensional code C.

Further, it is preferable that the two-dimensional code acquisition execution step is capable of acquiring the two-dimensional code C that can acquire the predetermined electronic signature acquired in step S54. Thereby, the control device 1 can acquire a predetermined electronic signature from the two-dimensional code C.

In addition, it is preferable that the two-dimensional code acquisition execution step is capable of acquiring the two-dimensional code C from which the signed information acquired in step S52 can be acquired. Thereby, the control device 1 can acquire signed information from the two-dimensional code C.

It is preferable that the two-dimensional code acquisition execution step is capable of acquiring a two-dimensional code C including unique information each time the two-dimensional code C is acquired. Thereby, the system S can manage whether each two-dimensional code C is valid or invalid.

It is preferable that the two-dimensional code acquisition execution step is capable of acquiring a two-dimensional code C that is configured to be able to acquire signed information including the predetermined information described in the section of the two-dimensional code C. Thereby, the system S can limit the expiration date of the two-dimensional code C and/or the electronic signature to a predetermined range. Therefore, unauthorized attempts to unlock the lock can be further prevented.

[Step S57: Determine whether display of two-dimensional code has been instructed]
The terminal 3 executes the two-dimensional code display section and performs a process of determining whether a command has been given to display the two-dimensional code acquired in step S56 (step S57, two-dimensional code display command determination step). If it is determined that the command has been issued, the terminal 3 moves the process to step S58. If it is not determined that a command has been issued, the terminal 3 ends the usage process and moves the process to step S51.
[Step S58: Display two-dimensional code]
The terminal 3 executes the two-dimensional code display section and performs a process of displaying the two-dimensional code determined to have been instructed to display in step S57 (step S58, two-dimensional code display step). The terminal 3 ends the usage process and moves the process to step S51.

[Flowchart of usage permission processing executed by server 4]
FIG. 10 is a flowchart of the usage permission process executed by the server 4 of the second embodiment. The following is an explanation of an example of a preferable flow of the usage permission process using FIG. 10.

[Step S61: Determine whether generation of signed information has been instructed]
The server 4 executes the signed information generation unit and performs a process of determining whether a command has been given to generate signed information associated with the management object or transaction usage (step S61, signed information generation command determination step). . If it is determined that the command has been issued, the server 4 moves the process to step S62. If it is not determined that a command has been issued, the server 4 moves the process to step S63.

[Step S62: Generate signed information]
The server 4 executes the signed information generation unit and performs processing to generate the signed information determined to have been instructed to generate in step S61 (step S62, signed information generation execution step). The server 4 moves the process to step S63.

The signed information generation execution step is not particularly limited. The signed information generation execution step includes, for example, a procedure for generating unique information that is associated with the usage of a managed object or transaction, and generating signed information that includes the information, and a procedure that corresponds to the usage of the managed object or transaction. The step may include one or more procedures, such as a procedure for generating signed information including a URL. The "transaction" in the signed information generation execution step is the same as the transaction described in the non-fungible token of the second embodiment.

Further, it is preferable that the signed information generation execution step includes a procedure of generating a predetermined two-dimensional code from which the signed information can be obtained. Thereby, the terminal 3 can acquire the signed information by reading the generated predetermined two-dimensional code. Preferably, the procedure for generating the predetermined two-dimensional code is a procedure for generating information that allows the predetermined two-dimensional code to be displayed and/or information that allows the predetermined two-dimensional code to be printed.

[Step S63: Determine whether a signature has been made]
The server 4 executes the signature execution determination unit, and performs a process of determining whether the signature related to the signed information generated in step S62 was executed by any of the terminals 3 (step S63, signature presence/absence determination step). If it is determined that the process has been performed, the server 4 moves the process to step S64. If it is not determined that the permission process has been performed, the server 4 ends the usage permission process and moves the process to step S61.

Preferably, the signature presence/absence determination step includes a procedure of determining, when a predetermined electronic signature is provided from the terminal 3, that the signature related to the signed information has been performed at the terminal 3. Thereby, the server 4 can shorten the time required from when a signature is issued until it is determined that a signature has been issued.

[Step S64: Determine whether the subject of permission is a signature related to a usable non-fungible token]
The server 4 executes the signature execution determination unit, and performs processing to determine whether the signature determined to have been performed in step S63 is a signature related to a non-fungible token that can be granted permission (step S64, determination step). If the server 4 determines that the signature is related to the non-fungible token, the server 4 moves the process to step S65. If it is not determined that the signature is related to the non-fungible token, the server 4 ends the usage permission process and moves the process to step S61.

The signature source determination step is not particularly limited. The signature source determination step includes, for example, a procedure for determining whether the signature is a signature by a wallet that holds the non-fungible token via Web3 API, and management corresponding to signature information regarding the signature determined to have been performed in step S63. The step may include one or more of various procedures, such as a step of determining whether the object or transaction is included in the objects whose use can be permitted by the non-fungible token.

[Step S65: Permit use]
The server 4 executes the usage permission execution unit and performs a process of permitting the usage of the managed object or transaction associated with the signed information corresponding to the signature determined to have been made in step S63 (step S65, usage permission execution unit). permission execution step). The server 4 ends the usage permission process and moves the process to step S61.

The usage permission execution step is not particularly limited. When permitting the use of a transaction associated with the signed information, the use permission execution step transmits a command regarding permission to use the transaction to a device that provides a service related to the use of the transaction and/or a counterparty to the transaction. It is preferable that it is possible. Furthermore, when permitting the use of the managed object associated with the signed information, the usage permission execution step can provide a two-dimensional code C that includes the signed information that includes the contract address of the non-fungible token. It is preferable. That is, it is preferable that the use permission execution step can provide a two-dimensional code C that can be read by the control device 1 to unlock the electronic lock 2.

If the two-dimensional code C can be provided, it is preferable that the usage permission execution step is capable of providing the two-dimensional code C including signed information including the predetermined electronic signature acquired in step S54. Thereby, the control device 1 can acquire a predetermined electronic signature from the two-dimensional code C.

When the two-dimensional code C can be provided, it is preferable that the usage permission execution step is capable of providing the two-dimensional code C including unique information each time the two-dimensional code C is acquired. Thereby, the system S can manage whether each two-dimensional code C is valid or invalid.

When the two-dimensional code C can be provided, the use permission execution step is performed using a two-dimensional code C that is configured to be able to obtain the signed information including the predetermined information described in the section of the two-dimensional code C of the first embodiment. Preferably, a dimension code C can be provided. Thereby, the system S can limit the expiration date of the two-dimensional code C and/or the electronic signature to a predetermined range. Therefore, unauthorized attempts to unlock the lock can be further prevented.

The usage permission execution step may include a procedure for changing the right to conduct a transaction associated with the non-fungible token. Such changes include, for example, changing the procedure to remove the right to repeat the transactions permitted in the usage permission execution step, and reducing the number of transactions that can be permitted by the non-fungible token according to the transactions permitted in the usage permission execution step. This may be a procedure for changing the information.

[Summary of the system S of the second embodiment]
The server 4 of the second embodiment can generate signed information associated with the use of a managed object managed by the electronic lock 2 that can be unlocked by the control device 1. Then, the terminal 3 acquires this signed information and can sign the non-fungible token. As a result, the contract address of the non-fungible token and the usage of the managed object come to correspond via the signature.

The server 4 of the second embodiment can provide the two-dimensional code C corresponding to the usage of the managed object when it is determined that a signature related to the non-fungible token has been signed at the terminal 3. The user of the terminal 3 can then cause the control device 1 to read the terminal 3 on which the two-dimensional code C provided by the server 4 is displayed. As a result, the electronic lock 2 is unlocked, and the user can use the managed object managed by the electronic lock 2.

That is, according to the system S of the second embodiment, the user causes the terminal 3 to acquire the signed information, signs using the non-fungible token, and controls the two-dimensional code C provided in response to the signature. By performing a simple procedure for reading into the device 1, the electronic lock 2 can be controlled using a non-fungible token.

In addition, according to the system S of the second embodiment, the user sends the signed information associated with the use of the transaction to the terminal 3, in the same way as when using the managed object managed by the electronic lock 2. You can use non-fungible tokens for transactions by completing a simple procedure of acquiring and signing with non-fungible tokens.

<Example of use of smart lock system S of the second embodiment>
FIG. 11 is a sequence diagram regarding the usage process executed by the terminal 3 and the usage permission process executed by the server 4 in the second embodiment. An example of how the system S of the second embodiment is used will be described below with reference to FIG.

[Use of managed objects managed by electronic lock 2]
First, a usage example for managing the use of a managed object managed by the electronic lock 2 will be explained.

[Printing of specified two-dimensional code]
The server 4 generates print data that can print a predetermined two-dimensional code that includes signed information that allows the managed object managed by the electronic lock 2 to be used. The administrator of the managed object prepares printed matter on which a predetermined two-dimensional code is printed using the printing data.

[check-in]
The user of the terminal 3 causes the terminal 3 to execute usage processing. The terminal 3 reads a predetermined two-dimensional code printed on the printed material. The terminal 3 acquires the signed information from the predetermined two-dimensional code. Terminal 3 instructs a wallet holding a non-fungible token (NFT) to sign. Then, the terminal 3 provides the server 4 with the predetermined electronic signature obtained by executing the signature.

The server 4 uses the Web3 API to determine whether the predetermined electronic signature is a signature made by a wallet that holds an NFT that can use the management object corresponding to the signed information. If the server 4 determines that the signature was made by the wallet, the server 4 provides the terminal 3 with a two-dimensional code C that the control device 1 reads. If the signature is not determined to be made by the wallet, the server 4 notifies the terminal 3 that the check-in has failed.

[Use of managed objects]
The user causes the control device 1 to read the two-dimensional code C provided by the server 4. The control device 1 determines whether the two-dimensional code C can unlock the electronic lock 2 by determining the electronic signature or the like. When determining that the electronic lock 2 can be unlocked, the control device 1 unlocks the electronic lock 2. If it is not determined that the electronic lock 2 can be unlocked, the control device 1 notifies that the electronic lock 2 cannot be unlocked.

[Use of transactions]
A use case for managing transaction usage is then described. The following is an example of managing a transaction in which a bonus product is provided using the above-mentioned non-fungible token.

[Printing of specified two-dimensional code]
The server 4 generates print data capable of printing a predetermined two-dimensional code including signed information that enables transactions. The other party to the transaction uses the printing data to distribute printed matter on which a predetermined two-dimensional code is printed.

[check-in]
The user of the terminal 3 causes the terminal 3 to execute usage processing. The terminal 3 reads a predetermined two-dimensional code printed on the printed material. The terminal 3 acquires the signed information from the predetermined two-dimensional code. Terminal 3 instructs a wallet holding a non-fungible token (NFT) to sign. Then, the terminal 3 provides the server 4 with the predetermined electronic signature obtained by executing the signature.

The server 4 uses the Web3 API to determine whether the predetermined electronic signature is a signature made by a wallet that holds an NFT that can use the transaction corresponding to the signed information. If it is determined that the signature was issued by the wallet, the server 4 instructs permission to use the transaction. If the signature is not determined to be made by the wallet, the server 4 notifies the terminal 3 that the check-in has failed.

The counterparty to the transaction, etc., permits the user to use the transaction in response to instructions from the server 4. The other party to the transaction ships the bonus product to the user. The user receives and uses the bonus product.

By executing the above-mentioned usage processing and usage permission processing, the system S of the second embodiment allows the associated transaction to be carried out without unnecessarily increasing the effort of the user who attempts to unlock the electronic lock 2. With available non-fungible tokens, it is possible to provide a means for realizing highly reliable control of the electronic lock 2 using non-fungible tokens.

<Smart lock system S of third embodiment>
The smart lock system S of the third embodiment supports DID by using a decentralized identifier (DID) and verifiable credentials (VC) associated with the DID instead of a non-fungible token. This differs from the smart lock system S of the first embodiment in that it is possible to unlock an attached electronic lock. The DID can be determined through the two-dimensional code C displayed on the terminal 3 or through the two-dimensional code posted around the electronic lock 2 (for example, on the wall in the space where the electronic lock 2 is installed). This is similar to the first and second embodiments in that the process is performed via C.

Hereinafter, the smart lock system S of the third embodiment is also simply referred to as "system S." The smart lock system S of the third embodiment is similar to the smart lock system S of the first embodiment in other configurations. The following are the differences between the smart lock system S of the third embodiment and the smart lock system S of the first embodiment.

[Control device 1]
The control device 1 of the third embodiment differs from the control device 1 of the first embodiment in part of the lock control process. The control device 1 of the third embodiment is similar to the control device 1 of the first embodiment in other configurations.

[Electronic lock 2]
The electronic lock 2 of the third embodiment is similar to the electronic lock 2 of the first embodiment.

[Terminal 3]
The terminal 3 of the third embodiment is capable of storing the address of a decentralized identifier (DID), and the two-dimensional code display process is performed on two-dimensional code display processing based on signed information that includes the address of the DID instead of the contract address of the non-fungible token. This terminal differs from the terminal 3 of the first embodiment in that the dimension code C is displayed. The terminal 3 of the third embodiment is similar to the terminal 3 of the first embodiment in other configurations.

[Server 4]
The server 4 of the third embodiment is capable of issuing verifiable credentials (VC) that can be associated with a DID in place of the non-fungible token in the non-fungible token issuing process, and the determination result sending process is related to the VC. This server differs from the server 4 of the first embodiment in that it can transmit the determination results. The server 4 of the third embodiment is similar to the server 4 of the first embodiment in other configurations.

[Network N]
The network N of the third embodiment is similar to the network N of the first embodiment.

[Distributed identifier]
The decentralized identifier (DID) of the third embodiment is an identifier recorded on the blockchain, and is associated with verifiable credentials (VC). The type of DID is not particularly limited. The type and number of VCs associated with a DID are not particularly limited. By recording the DID on the blockchain, the DID and the VC associated with the DID are difficult to tamper with and easy to verify.

[Lock control processing executed by the control device 1 of the third embodiment]
The lock control process executed by the control device 1 of the third embodiment differs from the lock control process of the first embodiment in the following steps. The lock control process executed by the control device 1 of the third embodiment is similar to the lock control process of the first embodiment in other steps.

[Step S12 (address acquisition step)]
The device control unit 11 executes the address acquisition unit 112 in cooperation with the device storage unit 12, and performs a process of determining whether signed information including the DID address etc. can be acquired from the two-dimensional code C read in step S11. (Step S12, address acquisition step). If it is determined that the signed information can be obtained, the device control unit 11 moves the process to step S13. If it is not determined that the signed information can be obtained, the device control unit 11 moves the process to step S11.

The signed information acquired in step S12 includes at least the address of the DID. Preferably, the signed information acquired in step S12 further includes information that allows identification of the DID. Thereby, the control device 1 can control the electronic lock 2 based on the determination result as to whether the right regarding control of the electronic lock 2 is associated with the specific DID identified by the information. Therefore, the control device 1 can realize more reliable control that discriminates on a DID basis.

[Step S13 (discrimination result acquisition step)]
The device control unit 11 cooperates with the device storage unit 12 and the like to perform a determination result acquisition process of acquiring the determination result of the VC related to the signed information including the DID address acquired in step S12 (step S13, determination result acquisition step). The device control unit 11 moves the process to step S14.

[Discrimination result acquisition process executed by the control device 1 of the third embodiment]
The determination result acquisition process executed by the control device 1 of the third embodiment differs from the determination result acquisition process of the first embodiment in the following steps. The determination result acquisition process executed by the control device 1 of the third embodiment is similar to the determination result acquisition process of the first embodiment in other steps.

[Step S24 (presenter determination step)]
In the presenter determination step of the third embodiment, "The control device 1 determines that the presenter who presented the two-dimensional code C is the owner of the two-dimensional code C based on the determination result based on the electronic signature acquired from the two-dimensional code C. In other words, this step differs from the presenter determining step of the first embodiment in that it has the effect of "determining whether the person is the owner of the DID and controlling the electronic lock 2."

[Step S27 (owner determination step)]
In the owner determination step of the third embodiment, "If it is determined that the VC related to the signed information including the DID address acquired in step S12 is the qualification information of the owner of the two-dimensional code C, the two-dimensional This differs from the owner determination step of the first embodiment in that it preferably includes a step of determining that code C has been presented by its owner.

[Effects of lock control processing of third embodiment]
According to the lock control process executed by the control device 1 of the third embodiment, the control device 1 reads the two-dimensional code C, acquires the address of the DID from the read two-dimensional code C, and sets the address of this DID. The electronic lock 2 can be controlled based on the determination result based on the VC including the signed information. Thereby, the control device 1 can control the electronic lock 2 by determining whether the presenter who presented the two-dimensional code C is the owner of the DID based on the determination result based on the VC.

[Non-fungible token issuing process executed by server 4 of third embodiment]
The non-fungible token issuing process executed by the server 4 of the third embodiment is similar to the first embodiment in that it is possible to issue verifiable credentials (VC) that can be associated with a DID instead of a non-fungible token. This is different from the non-fungible token issuance process.

VCs that can be issued in the non-fungible token issuing process of the third embodiment are not particularly limited. The VC may be, for example, a graduation certificate from an educational institution, a driver's license from a public safety commission in each prefecture, a certificate of completion of employee training from a company that employs the owner, or the like. The process of issuing a VC includes a process of storing verification information that can verify the VC in the DID.

[Discrimination result transmission process executed by the server 4 of the third embodiment]
The determination result transmission process executed by the server 4 of the third embodiment differs from the determination result transmission process of the third embodiment in that the determination result related to DID can be transmitted. The determination related to the DID is made by determining whether the DID can control the electronic lock 2 using VC verification information stored in the DID and used to determine whether the electronic lock 2 is controllable. Including processing.

[Effects of the smart lock system S of the third embodiment]
There is a desire to control electronic locks based on qualification information and the like managed by the owner of the identification information (ID) without relying on a centralized issuer of the identification information (ID). Regarding this request, the credential information is managed by the owner of the identification information himself without relying on a centralized ID issuer and without unnecessarily increasing the effort of the user who is trying to open the electronic lock etc. There is a challenge to realize highly reliable control of electronic locks based on etc.

The smart lock system S of the third embodiment does not rely on a centralized ID issuer and can realize a distributed ID that is a mechanism for certifying information about the owner of a DID. Thereby, the owner of the DID can certify information related to the owner of the DID without entrusting the ID verification to an external company or the like that manages the ID. Thereby, the user of the smart lock system S who is the owner of the DID can control the electronic lock 2 without relying on a centralized ID issuer such as an external company that manages the ID.

In addition, this allows the user of the smart lock system S who is the owner of the ID to control the electronic lock 2 without worrying that personal information related to the control of the electronic lock 2 will be leaked to a centralized ID issuer, etc. . Therefore, according to the smart lock system S of the third embodiment, the user can use the electronic lock 2 without relying on a centralized ID issuer or the like, and without worrying about privacy being leaked to the ID issuer or the like. can be controlled.

By the way, when the user himself/herself manages the information, there is a concern that the user may try to control the electronic lock 2 based on false information. The smart lock system S of the third embodiment determines whether or not the electronic lock 2 can be controlled using verifiable credential information (VC) associated with the DID. Therefore, the smart lock system S of the third embodiment can prevent the electronic lock 2 from being controlled based on false information through VC verification. Therefore, the smart lock system S of the third embodiment can realize highly reliable electronic lock control based on the qualification information managed by the owner of the identification information.

It should be noted that within the scope of the idea of the present invention, those skilled in the art will be able to come up with various changes and modifications, and it is understood that these changes and modifications also fall within the scope of the present invention. For example, a person skilled in the art may appropriately add, delete, or change the design of the above-mentioned embodiments, or may add, omit, or change the conditions of a process. It is within the scope of the present invention as long as it has the following.

S Smart lock system 1 Control device 11 Device control section 111 Reading execution section 112 Address acquisition section 113 Signature etc. acquisition section 114 Signature discrimination section 115 Presenter discrimination section 116 Discrimination command section 117 Discrimination reception section 118 Owner discrimination section 119 Lock control execution Section 12 Device storage section 13 Device communication section 14 Reading section 15 Lock control section 2 Electronic lock 3 Terminal 4 Server N Network C Two-dimensional code D Door A Management target area

Claims (10)

a reading unit capable of reading one or more two-dimensional codes;
an address acquisition unit capable of acquiring a contract address of a non-fungible token recorded on a blockchain from the two-dimensional code;
a lock control execution unit capable of unlocking an electronic lock associated with the non-fungible token based on a determination result based on an electronic signature for signed information including the contract address;
An electronic lock control device equipped with: The control device according to claim 1, wherein the non-fungible token can be used to control access to a predetermined virtual space associated with the non-fungible token. The signed information is unique information for each generation of the two-dimensional code,
The control device includes:
a signature etc. acquisition unit capable of acquiring the signed information and the electronic signature from the two-dimensional code;
a signature determination unit capable of determining whether the acquired electronic signature is valid;
If the acquired electronic signature is valid, presenter determination that can determine whether the two-dimensional code has been presented by the owner of the two-dimensional code based on the acquired signature information and the electronic signature. Department and
Furthermore,
The lock control execution unit is capable of unlocking the electronic lock based on the determination result by the presenter determination unit.
The control device according to claim 1. The signed information includes predetermined information that can determine whether the elapsed time from the generation of the two-dimensional code to the current time is included in a predetermined range;
The signature determining unit is capable of determining whether the acquired electronic signature is valid based on determining whether the elapsed time is within a predetermined range.
The control device according to claim 3. The control device according to claim 1, wherein the electronic signature includes a predetermined electronic signature recorded on the blockchain in response to generation of the two-dimensional code. a determination command unit capable of instructing an external device to transmit the determination result based on the predetermined electronic signature;
a determination receiving unit capable of receiving the determination result transmitted from the external device;
The control device according to claim 5, further comprising: further comprising an owner determination unit capable of determining whether the presenter who presented the two-dimensional code is the owner of the non-fungible token based on the predetermined electronic signature;
The lock control execution unit is capable of unlocking the electronic lock based on the determination result of the owner determination unit.
The control device according to claim 5. a server; a terminal capable of communicating with the server;
It consists of
The server is
a signed information generation unit capable of generating signed information associated with the use of a managed object and/or the use of transactions managed by the electronic lock;
a signature execution determination unit capable of determining whether a signature related to a non-fungible token has been applied to the signed information; a use permission execution unit that can permit use;
Equipped with
The terminal is
a signed information acquisition unit capable of acquiring the signed information;
a signature command unit capable of commanding a signature regarding the non-fungible token to the signed information;
Equipped with
system. The system further includes the control device according to claim 1,
When it is determined that the signature has been applied to the signed information associated with the usage of the managed object, the usage permission execution unit may process the contract address of the non-fungible token, the signed information, and the signature. It is possible to provide the terminal with a two-dimensional code that can acquire a predetermined electronic signature based on
The terminal further includes a two-dimensional code display unit capable of displaying the two-dimensional code provided by the server.
The system according to claim 8. a reading unit capable of reading one or more two-dimensional codes;
an address acquisition unit capable of acquiring the address of a decentralized identifier (DID), which is an identifier recorded on a blockchain and associated with verifiable credential information (VC), from the two-dimensional code;
a lock control execution unit capable of unlocking an electronic lock associated with the distributed identifier based on a determination result based on the qualification information for the signed information including the address;
An electronic lock control device equipped with:

Images