JP6921266B2 - Verifying the integrity of the data stored on the consortium blockchain using the public sidechain - Google Patents

Description

The present invention relates to verifying the integrity of data stored on a consortium blockchain using a public sidechain.

A distributed ledger system (DLS), also known as a consensus network and / or a blockchain network, allows participating entities to store data securely and immutably. DLS is commonly referred to as a blockchain network without reference to a particular user case. Examples of blockchain network types can include public blockchain networks, private blockchain networks, and consortium blockchain networks. The public blockchain network is open to all entities to use DLS and participate in the consensus process. A private blockchain network is provided for specific entities to centrally control read and write permissions. The consortium blockchain network is provided to a selection group of entities that control the consensus process and includes an access control layer.

Blockchain is a decentralized, tamper-proof, decentralized data storage technology. User data and contracts operate logically and are stored in the chain in a public way. In many scenarios, users need to meet privacy requirements and do not want their data and logic to be leaked to unauthorized third parties.

Encryption can be used to enhance the privacy protection of some specific scenario designs, but a more versatile and efficient solution is desired to solve the existing privacy issues of blockchain operation. ..

Implementations herein include computer implementations for storing and retrieving data to be validated associated with nodes in a blockchain network. More specifically, an implementation of this specification uses several validation nodes to store a data digest of the data to be validated associated with one or more consortium blockchain network nodes. The target is to obtain the data to be verified and the stored data digest.

In some implementations, the action stores a Data Item in the consortium blockchain maintained by the consortium blockchain network and generates a first data digest based on the stored data item. The first data so that each validation node cryptographically signs the first data digest and stores the signed first data digest in the public blockchain maintained by the public blockchain network. The step of sending the digest to the verification node, the step of receiving the request to acquire the stored data item, the step of acquiring the requested data item from the consortium blockchain in response to the request, and the acquired data. A second data digest, with steps to generate a second data digest based on the item, and a second data digest so that each validation node cryptographically signs the second data digest and returns the signed second data digest. To the validation node, to receive the signed second data digest from the validation node, to get the signed first data digest from the public blockchain, and to get the signed first A step of determining that the data digest matches a second signed data digest and, in response to the decision, sending a response to a request to retrieve a stored data item, the response being stored. Includes a step to indicate that the data item has not been modified since it was stored. Other implementations include corresponding systems, devices, and computer programs configured to perform actions of the method and encoded in computer storage devices.

In some embodiments, a non-temporary computer-readable recording medium is a consortium blockchain network that is coupled to one or more computers and is an instruction that can be executed by one or more computers. Store data items in the consortium blockchain, generate a first data digest based on the stored data items, and each validation node cryptographically signs the first data digest and signs it. Send the first data digest to the validation node and receive a request to retrieve the stored data items so that the first data digest of is stored in the public blockchain maintained by the public blockchain network. In response to the request, it retrieves the requested data item from the consortium blockchain, generates a second data digest based on the retrieved data item, and each validation node has a second. Send a second data digest to the validation node and receive a signed second data digest from the validation node to cryptographically sign the data digest in and return the signed second data digest. And to get the signed first data digest from the public blockchain, and to decide that the signed first data digest matches the signed second data digest, depending on the decision It is configured to send a response to a request to retrieve a stored data item, indicating that the response has not changed since the stored data item was stored. Will be done.

In some embodiments, the system includes one or more computers, and one or more computer-readable memory is combined into one or more computers and is an instruction that can be executed by one or more computers. Store data items in the consortium blockchain maintained by the consortium blockchain network, generate a first data digest based on the stored data items, and make each validation node the first data digest. Sending the first data digest to the validation node and the stored data so that it is cryptographically signed and the signed first data digest is stored in the public blockchain maintained by the public blockchain network. Receiving a request to retrieve an item, retrieving a requested data item from the consortium blockchain in response to a request, and generating a second data digest based on the retrieved data item. And send the second data digest to the validation node so that each validation node cryptographically signs the second data digest and returns the signed second data digest, and the validation node signs it. To receive the second data digest of, to get the first signed data digest from the public blockchain, and to receive the first signed data digest of the received, signed second Determining to match the data digest and, in response to the decision, sending a response to a request to retrieve the stored data item, the response being modified after the stored data item is stored. It is configured to do things that indicate that it is not. These and other implementations may optionally include one or more of the following features:

The first feature can be combined with any of the following features, and the verification node is a computing device participating in a public blockchain network.

The second feature, which can be combined with any of the following features, further includes the step of storing the smart contract in the public blockchain, where the smart contract retrieves the requested signed second data digest from the validation node. It is configured to provide a monetary reward to the verification node upon receipt.

The third feature can be combined with any of the following features, the step of generating the first data digest includes the step of calculating the hash of the stored data items.

The fourth feature can be combined with any of the following features, and each validation node is configured to cryptographically sign the first data digest using the private key associated with that validation node. ..

The fifth feature can be combined with any of the following features, the step of sending the first data digest to the validation node includes the step of broadcasting the first data digest to the public blockchain network.

The sixth feature can be combined with any of the following features so that the step of getting the signed first data digest from the public blockchain is associated with the stored data item and stored in the public blockchain. Includes a step of identifying a signed first data digest based on the identifier given.

The specification is also coupled to one or more processors, and when executed by the one or more processors, the one or more processors behave according to the implementation of the methods provided herein. It also provides one or more non-temporary computer-readable recording media that store the instructions to be executed.

The present specification further provides a system for implementing the methods provided herein. The system, when executed by one or more processors and one or more processors, issues instructions that cause the one or more processors to perform operations in accordance with the implementation of the methods provided herein. It provides a computer-readable recording medium that is coupled to one or more processors to store.

The blockchain network described can be used to verify the integrity of the data stored in the blockchain network. Data integrity is guaranteed by the involvement of a large number of nodes that can participate in the consensus process. In addition, the techniques described provide incentive mechanisms based on smart contracts to increase node participation in the public sidechain.

It is understood that the methods according herein may include any combination of aspects and features described herein. That is, the method according to the present specification is not limited to the combination of aspects and features specifically described herein, and includes any combination of aspects and features provided.

Details of one or more implementations herein are described in the accompanying drawings and in the following description. Other features and advantages of this specification will become apparent from the description and drawings, as well as the claims.

It is a figure which shows the example of the environment which can be used to execute the implementation form of this specification. It is a figure which shows the example of the conceptual architecture by the implementation form of this specification. It is a figure which shows the example of the system which can be used to execute the implementation form of this specification by the implementation form of this specification. It is a figure which shows the example of the process which stores the data in the consortium blockchain network and the associated public sidechain network according to the aspect of this specification. It is a figure which shows the example of the process of acquiring data from a consortium blockchain network and verifying the acquired data based on a public sidechain network according to the aspect of this specification. It is a figure which shows the example of the process which can be executed by the implementation form of this specification. It is a figure which shows the example of the figure which shows the module of the apparatus by the embodiment of this specification.

Similar reference symbols in various drawings indicate similar elements.

Implementations herein include computer implementations for storing and retrieving data to be validated associated with nodes in a blockchain network. More specifically, an implementation of this specification uses several validation nodes to store a data digest of the data to be validated associated with one or more consortium blockchain network nodes. The target is to obtain the data to be verified and the stored data digest.

A distributed ledger system (DLS), sometimes referred to as a consensus network (eg, consisting of peer-to-peer nodes) and a blockchain network, to provide additional context for the implementations herein, and as introduced above. Allows participating entities to execute transactions safely and immutably and store data. The term blockchain is used herein to refer to DLS in general without reference to any particular use case.

A blockchain is a data structure that stores transactions so that they are immutable and can be verified later. A blockchain contains one or more blocks. Each block in the chain is linked to the previous block in the chain by including the encryption hash of the previous block. Each block also contains a time stamp, its own cryptographic hash, and one or more transactions. Transactions that have already been validated by a node in the blockchain network are hashed and encoded in a Merkle tree. A Merkle tree is a data structure in which the data of the leaf nodes of the tree is hashed and all the hashes in each branch of the tree are concatenated at the root of the branch. This process continues the tree to the root of the entire tree and stores a hash that represents all the data in the tree. A hash that is considered a transaction stored in the tree can be quickly verified by determining if it matches the structure of the tree.

A blockchain is a data structure for storing transactions, while a blockchain network is a network of computing nodes that manages, updates, and maintains one or more blockchains. As introduced above, the blockchain network can be provided as a public blockchain network, a private blockchain network, or a consortium blockchain network.

In a public blockchain network, the consensus process is controlled by the nodes of the consensus network. For example, hundreds, thousands, or even millions of entities can cooperate with a public blockchain network, each running at least one node in the public blockchain network. Therefore, the public blockchain network can be regarded as a public network with respect to participating entities. In some examples, the majority of entities (nodes) need to sign every block in order for the block to be validated and added to the blockchain (distributed ledger) of the blockchain network. An exemplary public blockchain network includes a particular peer-to-peer payment network that leverages a distributed ledger called a blockchain. However, as mentioned above, the term blockchain is commonly used to refer to a distributed ledger without any particular reference to any particular blockchain network.

In general, public blockchain networks support public transactions. Public transactions are shared with all nodes in the public blockchain network and stored on the global blockchain. A global blockchain is a blockchain that is replicated across all nodes. That is, all nodes are in perfect state consensus with respect to the global blockchain. To achieve consensus (eg, agreement on adding blocks to the blockchain), the consensus protocol is implemented within the public blockchain network. Examples of consensus protocols include, but are not limited to, Proof of Work (POW), Proof of Stake (POS), and Proof of Authority (POA). POW is further referenced herein as a non-limiting example.

In general, a private blockchain network is provided for a particular entity to centrally control read and write permissions. The entity controls the nodes that can join the blockchain network. As a result, private blockchain networks are commonly referred to as authorized networks that limit the users who are allowed to join the network and their level of participation (eg, only certain transactions). Various types of access control mechanisms can be used (for example, existing participants can vote for the addition of new entities, or regulators can control admission).

In general, a consortium blockchain network is private between participating entities. In a consortium blockchain network, the consensus process is controlled by a set of approved nodes, with one or more nodes operated by their respective entities (eg, financial institutions, insurance companies, etc.). For example, a consortium of 10 entities (eg, financial institutions, insurance companies, etc.) can operate a consortium blockchain network, each operating at least one node within the consortium blockchain network. Therefore, the consortium blockchain network can be regarded as a private network with respect to participating entities. In some examples, each entity (node) needs to sign every block in order for the block to be validated and added to the blockchain. In some examples, at least a subset of entities (nodes) (for example, at least 7 entities) need to sign every block in order for the block to be validated and added to the blockchain.

Blockchain is a tamper-proof shared digital ledger that records transactions in public or private peer-to-peer networks. The ledger is distributed to all member nodes in the network, and the history of asset transactions occurring in the network is permanently recorded in blocks. Before joining a transaction, nodes on the blockchain may need to perform calculations using various techniques. In the current solution, each blockchain is independent, so nodes in one blockchain cannot communicate with other chains. For example, a node cannot read data from or exchange data with other blockchains. Furthermore, even if a node does not need data from other blockchains to perform calculations, if complex calculation logic and protocols are required, performing such calculations completely on the blockchain will result in It can consume a lot of time and computing resources on the blockchain.

Implementation embodiments of this specification will be described in more detail herein with reference to consortium blockchain networks published among participating entities. However, it is believed that the implementations herein can be implemented in any suitable type of blockchain network.

The embodiments of the present specification will be described in more detail herein in view of the above context. More specifically, as introduced above, the implementation of this specification is intended to provide an off-chain smart contract service capable of operating cross-chain data in a reliable execution environment.

Specifically, the technique described introduces a public auxiliary blockchain (also known as a "sidechain") used to verify the integrity of the data stored on the consortium blockchain. Since the sidechain is public, many nodes can participate in the consensus process, which guarantees the integrity of the data in the sidechain. The representation of each transaction on the consortium blockchain is stored on the sidechain. Therefore, in order to change the data on the consortium blockchain, the attacker must also make the corresponding changes on the public sidechain. Due to the number of nodes involved in the public sidechain consensus process, making such changes in the public sidechain is much more difficult than in the consortium blockchain. In this way, the integrity of the data within the consortium blockchain can be guaranteed. In addition, the techniques described provide incentive mechanisms based on smart contracts to increase node participation in the public sidechain. A smart contract can be a computer contract designed to distribute, validate, or implement a contract in an informational way. Smart contracts allow reliable transactions to be performed without the involvement of a third party. These transactions are traceable and irreversible.

The techniques described can have a variety of uses. For example, in a copyright infringement proceeding, plaintiffs need to provide the court with some type of digital evidence to show the exact time when the original work was created. If the digital evidence submitted by the plaintiff is originally stored in the consortium blockchain, the court cannot determine that the digital evidence has not been tampered with and may not be able to fulfill the necessary burden of proof. To establish evidence records accepted by the court, plaintiffs can memorize data evidence using techniques described through a verification system. At the time of document submission, plaintiffs may submit the digital evidence stored in the Consortium Blockchain, along with a copy of the digital evidence submitted by the Verification Node. In this way, the large number of verification nodes prove the authenticity of the digital evidence, increasing the likelihood that the court will recognize the authenticity of the digital evidence.

Apart from the examples above, the techniques described can be useful for many other applications that utilize blockchain technology.

FIG. 1 is a diagram illustrating an example of an environment 100 that can be used to implement the implementations herein. In some examples, environment 100 allows entities to join blockchain network 102. Environment 100 includes computing devices 106, 108, and network 110. In some examples, network 110 includes local area networks (LANs), wide area networks (WANs), the Internet, or a combination thereof, including websites, user devices (eg, computing devices), and back-end systems. To connect. In some examples, network 110 can be accessed via wired and / or wireless communication links. In some examples, network 110 allows communication with and within blockchain network 102. In general, network 110 represents one or more communication networks. In some cases, computing devices 106, 108 can be nodes of a cloud computing system (not shown), or each computing device 106, 108 is interconnected by a network and acts as a distributed processing system. It can be an individual cloud computing system that includes multiple computers.

In the illustrated example, the computing systems 106, 108, respectively, can include any suitable computing system that allows participation as a node within the blockchain network 102. Examples of computing devices include, but are not limited to, servers, desktop computers, laptop computers, tablet computing devices, and smartphones. In some examples, computing systems 106, 108 host one or more computer implementation services to interact with the blockchain network 102. For example, the computing system 106 is a first entity (for example, a transaction management system) that the first entity uses to manage transactions with one or more other entities (eg, other participants). For example, Participant A)'s computer implementation service can be hosted. The computing system 108 is a second entity (eg, a transaction management system) that the second entity uses to manage transactions with one or more other entities (eg, other participants). Participant B) can host the computer implementation service. In the example of FIG. 1, the blockchain network 102 is represented as a peer-to-peer network of nodes, and computing systems 106, 108 provide nodes for the first entity and the second entity that participate in the blockchain network 102, respectively.

FIG. 2 is a diagram showing an example of the conceptual architecture 200 according to the implementation form of the present specification. Examples of the conceptual architecture 200 include participant systems 202, 204, 206 corresponding to Participant A, Participant B, and Participant C, respectively. Each participant (eg, user, enterprise) participates in a blockchain network 212, which is provided as a peer-to-peer network containing several nodes 214, at least some of which continuously record information on the blockchain 216. Although a single blockchain 216 is schematically shown within the blockchain network 212, multiple copies of the blockchain 216 are provided and as described in more detail herein, the blockchain network 212. Maintained over.

In the illustrated example, each participant system 202, 204, 206 is provided by or on behalf of participant A, participant B, and participant C, respectively, as their respective nodes 214 in the blockchain network. Function. As used herein, a node generally refers to an individual system (eg, a computer, a server) that is connected to the blockchain network 212 and allows each participant to join the blockchain network. In the example of FIG. 2, participants correspond to each node 214. However, it is believed that participants can operate multiple nodes 214 within the blockchain network 212 and / or multiple participants can share node 214. In some examples, participant systems 202, 204, 206 blockchain using a protocol (eg, Hypertext Transfer Protocol Secure (HTTPS)) and / or using remote procedure call (RPC). Communicate with network 212 or through blockchain network 212.

Node 214 can have varying degrees of participation within the blockchain network 212. For example, some nodes 214 can participate in the consensus process (for example, as minder nodes that add blocks to blockchain 216), while other nodes 214 do not participate in the consensus process. As another example, some nodes 214 store a complete copy of blockchain 216, while other nodes 214 store only a partial copy of blockchain 216. For example, data access privileges can limit the blockchain data that each participant stores in their own system. In the example of FIG. 2, participant systems 202, 204, 206 store complete copies 216', 216'', 216''', respectively, of blockchain 216.

A blockchain (for example, blockchain 216 in FIG. 2) is composed of a chain of blocks, and each block stores data. Examples of data include transaction data representing transactions between two or more participants. Although transactions are used herein as a non-limiting example, it is believed that any suitable data (eg, documents, images, video, audio) can be stored on the blockchain. Examples of transactions can include, but are not limited to, the exchange of valuable things (eg, assets, products, services, and currencies). Transaction data is immutably stored in the blockchain. That is, the transaction data cannot be changed.

Transaction data is hashed before being stored in the block. Hashing is the process of converting transaction data (provided as string data) into fixed-length hash values (also provided as string data). Hash values cannot be dehashed to obtain transaction data. Hashing ensures that even the slightest changes in transactional data will result in completely different hash values. Further, as described above, the hash value has a fixed length. That is, the length of the hash value is fixed regardless of the size of the transaction data. Hash involves processing transaction data through a hash function to generate a hash value. Examples of hash functions include, but are not limited to, Secure Hash Algorithm (SHA) -256, which outputs a 256-bit hash value.

Transaction data for multiple transactions is hashed and stored in blocks. For example, the hash values for two transactions are provided, which themselves are hashed to provide another hash. This process is repeated until a single hash value is provided for every transaction that should be stored in the block. This hash value is called the Merkle root hash and is stored in the block header. When any of the transactions change, its hash value changes, and finally the Merkle root hash changes.

Blocks are added to the blockchain through the consensus protocol. Multiple nodes in the blockchain network participate in the consensus protocol and compete to add blocks to the blockchain. Such nodes are called miners (or minor nodes). The POW introduced above is used as a non-limiting example.

The minor node runs a consensus process to add the transaction to the blockchain. Multiple minor nodes participate in the consensus process, but only one minor node can write a block to the blockchain. That is, minor nodes compete in the consensus process to add those blocks to the blockchain. More specifically, the minor node periodically collects pending transactions from the transaction pool (for example, up to a predefined limit on the number of transactions that can be included in a block, if any). The transaction pool contains transaction messages from participants in the blockchain network. Minor nodes build blocks and add transactions to the blocks. Before adding a transaction to a block, the minor node checks to see if any of the transactions are already contained in a block on the blockchain. If the transaction is already contained in another block, the transaction is discarded.

The minor node generates a block header and hashes all transactions in the block to generate more hash values (Merkle root hash) until a single hash value is provided for all transactions in the block. And combine the hash values into a pair. This hash is added to the block header. The miner also determines the hash value of the latest block in the blockchain (ie, the last block added to the blockchain). Minor nodes also add nonce values and timestamps to the block header. In the mining process, the minor node tries to find a hash value that meets the required parameters. The minor node keeps changing the nonce value until it finds a hash value that meets the required parameters.

All miners in the blockchain network try to find a hash value that meets the required parameters and thus compete with each other. Eventually, one of the minor nodes will find a hash value that meets the required parameters and advertise it to all other minor nodes in the blockchain network. Other minor nodes validate the hash value and, if determined to be correct, validate each transaction within the block, accept the block and add the block to their copy of the blockchain. In this way, the global state of the blockchain is consistent across all minor nodes in the blockchain network. The process described above is the POW consensus protocol.

A non-limiting example is provided with reference to FIG. In this example, Participant A wants to send Participant B a certain amount of money. Participant A generates a transaction message (including, for example, From, To, and Value fields) and sends the transaction message to the blockchain network, which adds the transaction message to the transaction pool. Each minor node in the blockchain network creates a block, retrieves all transactions from the transaction pool (for example, up to a predefined limit on the number of transactions that can be added to the block, if any), and transactions. To the block. In this way, the transaction published by Participant A is added to the block of minor nodes.

Some blockchain networks implement encryption to maintain transaction privacy. For example, if two nodes want to keep a transaction private so that no other node in the blockchain network can identify the transaction details, the node can encrypt the transaction data. Examples of encryption methods include, but are not limited to, symmetric encryption, and asymmetric encryption. Symmetrical encryption refers to an encryption process that uses a single key for both encryption (generating plaintext from plaintext) and decryption (generating plaintext from ciphertext). In symmetric encryption, the same key can be used for multiple nodes, so each node can encrypt / decrypt transaction data.

Asymmetric cryptography uses a key pair, each containing a private key and a public key, the private key is known only to each node, and the public key is known to any node or all other nodes in the blockchain network. Has been done. A node can use the public key of another node to encrypt the data, and the encrypted data can be decrypted using the private key of the other node. For example, referring again to FIG. 2, Participant A can use Participant B's public key to encrypt the data and can send the encrypted data to Participant B. Participant B can use his private key to decrypt the encrypted data (ciphertext) and extract the original data (plaintext). Messages encrypted with the node's public key can only be decrypted using the node's private key.

Asymmetric encryption is used to provide a digital signature, which allows a participant in a transaction to verify the other participants in the transaction, as well as the validity of the transaction. For example, a node can digitally sign a message, and another node can verify that the message was sent by the node based on Participant A's digital signature. Digital signatures can also be used to prevent messages from being tampered with during transmission. For example, referring to Figure 2 again, Participant A sends a message to Participant B. Participant A generates a hash of the message and then uses his private key to encrypt the hash to provide the digital signature as an encrypted hash. Participant A adds a digital signature to the message and sends the message to Participant B with a digital signature. Participant B uses Participant A's public key to decrypt the digital signature and extract the hash. Participant B hashes the message and compares the hashes. If the hashes are the same, Participant B can confirm that the message was actually from Participant A and has not been tampered with.

FIG. 3 is a diagram illustrating an example of a system 300 that can be used to implement an implementation of the present specification according to the implementation of the present specification.

As shown in FIG. 3, system 300 includes a consortium blockchain network 302 that includes nodes 304a-304e that maintain the consortium blockchain 306. System 300 includes a verification system 316, an incentive system 320, and a public sidechain network 352. The public sidechain network 352 includes a plurality of verification nodes 330, a public blockchain 356, and a public blockchain node (eg, 354) that maintains the public blockchain 356.

During operation, the consortium blockchain network 302 (ie, nodes 304a-e) receives a request to store data (360). Nodes 304a-e store data in the consortium blockchain 306 according to the mechanism described above. Verification system 316 receives stored data (in 362) when added to blockchain 306. For example, the verification system can monitor the consortium blockchain network 302 and determine that the data was stored when the consensus was reached by nodes 304a-e on the chain containing the data.

In some implementations, verification system 316 is responsible for the dialogue between the consortium blockchain network 302 and the public sidechain network 352. During operation, verification system 316 sends a data digest of the stored data (at 366) to verification node 330. In some implementations, validation node 330 is a computing device that participates in public sidechain network 352. There can be a large number (eg, thousands) of validation nodes 330. In some cases, verification system 316 may broadcast the data digest to public sidechain network 352. Upon receiving the data digest, the validation node 330 uses those private keys to cryptographically sign the data digest. Each validation node then attempts to store its signed data digest on the public blockchain 356. In some implementations, all signed data digests generated by validation node 330 are stored on public blockchain 356. In some cases, a certain number of signed data digests will be stored on the public blockchain 356 and the other digests will be discarded. This number can be a function of the consensus mechanism used in the public sidechain network 352.

System 300 may also include incentive system 320. In some implementations, the incentive system 320 may generate smart contracts that should be stored on the public blockchain 356. When executed by a public sidechain network, smart contracts can be configured to provide monetary rewards to validation nodes 330 that participate in validation of stored data. For example, a validation node 330 that successfully contains its signed data digest on the public blockchain 356 may automatically receive monetary rewards through the execution of smart contracts. In some cases, the validation node 330 (see Figure 5 below) that participates in the validation of the data requested by the consortium blockchain may automatically receive monetary rewards through the execution of smart contracts.

FIG. 4 is a diagram illustrating an exemplary process 400 of storing data in a consortium blockchain network and associated public sidechain network, according to aspects herein.

At 405, the Data Item is stored in the consortium blockchain network 302. In 410, the verification system 316 receives the newly stored data from the consortium blockchain network 302, such as by communicating with the nodes participating in the network. At 415, the validation system 316 creates a data digest of the newly stored data items. For example, validation system 316 stores using hash algorithms such as Secure Hash Algorithm 1 (SHA-1), SHA-256, Riverst-Shamir-Adleman (RSA), or other known algorithms. A data digest can be created by generating a hash of the resulting data item.

At 420, verification system 316 requests verification of the data digest by verification node 330. In response, at 425, verification node 330 uses their private key to cryptographically sign the data digest. At 430, validation node 330 stores individual signed data digests on public blockchain 356 managed by public sidechain network 352. As mentioned above, in some implementations, only a certain number of data digests are stored in the public blockchain 356, depending on the consensus mechanism adopted by the public sidechain network 352.

FIG. 5 illustrates an exemplary process of acquiring data from the consortium blockchain network 302 and validating the acquired data based on the public sidechain network 352. At 505, a request to retrieve data is received by the consortium blockchain network 302 (ie, by the nodes participating in the consortium blockchain network). In some implementations, this request may be received by verification system 316.

In 510, the verification system 316 acquires the requested data from the consortium blockchain network 302, such as by obtaining the requested data from the consortium blockchain 306. At 515, verification system 316 obtains a signed data digest associated with the requested data from public sidechain network 352. In some cases, the signed digest can be obtained based on the identifier associated with the stored data, such as a time stamp or other identifier stored in the public blockchain 356 along with the signed data digest by validation node 330. ..

At 520, verification system 316 requests a signed data digest of the acquired data from verification node 330. The verification system 316 can create a data digest of the acquired data using the hash algorithm described above. At 525, the verification system 316 sends a data digest to the verification node 330, each of the verification nodes 330 cryptographically signs the data digest of the acquired data, and at 530, the verification system 316 verifies the signed version of the data digest. To be able to return to.

At 535, validation system 316 compares the signed data digest of the retrieved data received from validation node 330 with the signed data digest obtained from the public blockchain 356 (data first in the consortium blockchain network). Created when stored in, see Figure 4). If the signed data digest of the retrieved data received from validation node 330 matches the signed data digest retrieved from the public blockchain 356, the data stored in the consortium blockchain network 302 must be stored first. Not changed (540).

If the requested data has not changed, the value of the signed data digest of the retrieved data generated by validation node 330 is the previously stored data digest created when the data was first stored. This process verifies that the requested data has not changed. If the data is modified after being stored in the consortium blockchain, the signed data digest of the retrieved data will not match what was stored in the public blockchain 356 when the data was first stored.

In some cases, verification system 316 may only request a signed data digest at 520 for a validation node that has successfully inserted the signed data digest into the public blockchain 356. For example, each validation node 330 can attempt to store a unique identifier (eg, a public key) that identifies a particular node along with a data digest. Therefore, only entries contained in the consensus version of public blockchain 356 are queried.

In some cases, the validation system 316 may only require validation from a particular set of validation nodes 330 when storing data in the consortium blockchain 306. In such a case, the validation system 316 may query only a particular set of nodes for the signed data digest when verifying that the data retrieved from the consortium blockchain 306 has not changed.

FIG. 6 is a diagram showing an example of a process 600 that can be executed according to the implementation embodiment of the present specification. In some implementations, the example process 600 may be run using one or more computer executable programs that are run using one or more computing devices. To clarify the presentation, the following description generally describes Process 600 in the context of the other drawings herein. However, it will be appreciated that process 600 can be performed, for example, by any suitable system, environment, software, and hardware, or, if desired, a combination of system, environment, software, and hardware. In some implementations, the various steps of process 600 can be performed in parallel, in combination, in a loop, or in any order.

At 602, the data items are stored in the consortium blockchain maintained by the consortium blockchain network.

In 604, the first data digest is generated based on the stored data items.

In 606, the first data digest so that each validation node cryptographically signs the first data digest and stores the signed first data digest in the public blockchain maintained by the public blockchain network. Is sent to the verification node. In some implementations, the validation node is a computing device that participates in a public blockchain network. In some implementations, each verification node is configured to cryptographically sign a first data digest using the private key associated with that verification node. In some implementations, the step of sending the first data digest to the validation node includes the step of broadcasting the first data digest to the public blockchain network.

At 608, a request to retrieve a stored data item is received.

At 610, upon receipt of the request, the requested data item is retrieved from the consortium blockchain.

At 612, a second data digest is generated based on the acquired data items. In some implementations, the step of generating the first data digest includes the step of calculating the hash of the stored data items.

At 614, the second data digest is sent to the validation node so that each validation node can cryptographically sign the second data digest and return the signed second data digest.

At 616, a second signed data digest is received from the validation node.

At 618, the first signed data digest is taken from the public blockchain. In some implementations, the step of getting a signed first data digest from the public blockchain is associated with a stored data item and is signed based on the identifier stored in the public blockchain. Includes a step to identify the first data digest.

At 620, it is determined that the signed first data digest matches the signed second data digest.

At 622, depending on the decision, a response is sent to retrieve the stored data item, indicating that the stored data item has not been modified since it was stored.

In some implementations, process 600 further includes the step of storing the smart contract in the public blockchain, depending on the smart contract receiving the requested signed second data digest from the validation node. It is configured to provide a monetary reward to the validation node.

With reference to FIG. 7, FIG. 7 shows an example of a diagram showing a module of the apparatus 700 according to the implementation of the present specification. The device 700 may be an exemplary implementation for storing and retrieving data to be validated associated with a node in a blockchain network. Device 700 can accommodate the implementations shown in FIGS. 3-5, where device 700 is a storage or storage configured to store data items in a consortium blockchain maintained by a consortium blockchain network. Unit 705, a first generator or generation unit 710 configured to generate a first data digest based on stored data items, and a first data digest configured to send to the validation node. First transmitter or transmission unit 715, where each validation node cryptographically signs its first data digest and the signed first data digest is maintained by the public blockchain network. A first transmitter or transmitter unit 715 configured to store in the blockchain, a receiver or receiver unit 720 configured to receive a request to retrieve a stored data item, and receiving the request. A first acquisition unit 725 configured to acquire the data items requested from the consortium blockchain, and a second data digest configured to generate a second data digest based on the acquired data items. It is configured to request a second generator or generation unit 730 and an assigned second data digest from the validation node in response to receiving the requested signed second data digest from the validation node. A requester or request unit 735, a second acquisition unit 740 configured to acquire a signed first data digest from the public blockchain, and a signed first data digest from the public blockchain. A decision unit 745 configured to determine that matches a second signed data digest received from the validation node, and a request to retrieve stored data, including stored data items, in response to the decision. Includes a second transmitter or transmission unit 750 that is configured to send a response to, indicating that the stored data item has not changed since it was stored.

In any implementation, the verification node is a computing device that participates in a public blockchain network.

In any embodiment, the device 700 further includes a storage or storage subunit configured to store the smart contract on the public blockchain, which validates the requested signed second data digest. It is configured to provide a monetary reward to the verification node in response to receiving from the node.

In any implementation, device 700 further includes a computer or computational subunit configured to compute the hash of stored data items.

In any implementation, each verification node is configured to cryptographically sign the first data digest using the private key associated with that verification node.

In any implementation, device 700 further includes a broadcast subunit configured to broadcast the first data digest to the public blockchain network.

In any implementation, the device 700 is associated with a stored data item and is configured to identify a signed first data digest based on an identifier stored in the public blockchain. Includes more units.

The systems, devices, modules, or units shown in the previous implementation can be implemented by using computer chips or entities, or by using products with specific functionality. A typical implementation device is a computer, which is a personal computer, laptop computer, cellular phone, camera-equipped phone, smartphone, personal digital assistant, media player, navigation device, e-mail sending / receiving device, game console, tablet computer, etc. It can be a wearable device, or any combination of these devices.

For the implementation process of the function and role of each unit in the device, the implementation process of the corresponding step of the previous method can be referred to. For the sake of simplicity, details are omitted here.

Since the mounting form of the device basically corresponds to the mounting form of the method, the related description of the mounting form of the method can be referred to for the related part. The above-mentioned mounting form of the device is merely an example. Units described as separate parts may or may not be physically separated, and the parts displayed as units may or may not be physical units in one position. It may be deployed or distributed across multiple network units. To achieve the objectives of the solutions herein, some or all of the modules may be selected based on actual demand. One of ordinary skill in the art can understand and implement the implementation form of this application without creative effort.

FIG. 7 is a schematic diagram showing the structure of the internal function module and the consortium blockchain network device. In essence, the executing entity may be an electronic device, which includes one or more processors and a memory configured to store the executable instructions of the one or more processors.

One or more processors store data items in a consortium blockchain maintained by the consortium blockchain network, generate a first data digest based on the stored data items, and first. Is to send a data digest of It is configured to do things to store in the public blockchain, to receive requests to retrieve stored data items, and to receive requests for data items requested by the consortium blockchain. And to generate a second data digest based on the retrieved data item, and to receive the requested signed second data digest from the validation node. Requesting a second data digest from the validation node, getting a signed first data digest from the public blockchain, and receiving a signed first data digest from the public blockchain from the validation node Responding to determining that it matches a signed second data digest and, in response to the determination, sending a response to a request to retrieve stored data, including stored data items. Is configured to do so, indicating that the stored data item has not changed since it was stored.

Optionally, the verification node is a computing device that participates in a public blockchain network.

Optionally, one or more processors are configured to store the smart contract in the public blockchain, depending on the smart contract receiving the requested signed second data digest from the validation node. , Configured to provide a monetary reward to the verification node.

Optionally, one or more processors are configured to compute the hash of the stored data item.

Optionally, each validation node is configured to cryptographically sign the first data digest using the private key associated with that validation node.

Optionally, one or more processors are configured to broadcast the first data digest to the public blockchain network.

Optionally, one or more processors are configured to be associated with a stored data item and identify a signed first data digest based on an identifier stored in the public blockchain.

The subjects and actions and implementations of operations described herein are in digital electronic circuits, in computer software or firmware that is specifically embodied, in the structures disclosed herein and on their structures. It can be implemented in computer hardware, including equivalents, or in one or more combinations thereof. The subject implementations described herein are performed by one or more computer programs, such as a data processing device, for execution by a data processing device or to control the operation of the data processing device. It can be implemented as one or more modules of computer program instructions encoded in a computer program carrier for this purpose or to control the operation of a data processing device. The carrier may be a tangible non-temporary computer storage medium. Alternatively or additionally, the carrier is a machine generated to encode an artificially generated propagating signal, eg, information for transmission to a receiver suitable for execution by a data processor. It can be a generated electrical signal, an optical signal, or an electromagnetic signal. The computer storage medium can be, or be part of, a machine-readable storage device, a machine-readable storage board, a random or serial access memory device, or a combination thereof. The computer storage medium is not a propagate signal.

The term "data processor" includes, by way of example, any type of device, device, and machine for processing data, including programmable processors, computers, or multiple processors or computers. The data processing device can include, for example, a dedicated logic circuit such as an FPGA (Field Programmable Gate Array), an ASIC (Application Specific Integrated Circuit), or a GPU (Graphic Processing Unit). In addition to hardware, the device also contains code that creates the execution environment for computer programs, such as processor firmware, protocol stacks, database management systems, operating systems, or any combination thereof. be able to.

A computer program, also called or described as a program, software, software application, app, module, software module, engine, script, or code, can be any compiler or interpreter language, or any declarative or procedural language. It can be written in a formal programming language and can be deployed in any format as a stand-alone program or as a module, component, engine, subroutine, or other unit suitable for execution in a computing environment. Can include one or more computers interconnected by a data communication network in one or more locations.

Computer programs may, but need not, correspond to files in the file system. A computer program may be part of a file that holds other programs or data, such as one or more scripts stored in a markup language document, a single file dedicated to the program in question, or multiple adjustments. It can be stored in a file, for example one or more modules, subprograms, or a file that stores part of the code.

The processes and logic flows described herein are performed by one or more computers that execute one or more computer programs in order to perform the operations by operating the input data and producing the output. can do. Processes and logic flows can also be performed by dedicated logic circuits, such as FPGAs, ASICs, or GPUs, or a combination of dedicated logic circuits and one or more programmed computers.

A computer suitable for running a computer program can be based on a general purpose and / or dedicated microprocessor, or both, or any other type of central processing unit. In general, the central processing unit receives instructions and data from read-only memory and / or random access memory. Computer elements can include a central processing unit for executing instructions and one or more memory devices for storing instructions and data. The central processing unit and memory can be complemented by dedicated logic circuits or incorporated into them.

Generally, a computer is coupled to at least one non-temporary computer-readable recording medium (also called computer-readable memory). The storage medium attached to the computer is either an internal component of the computer (for example, an integrated hard drive) or an external component (for example, a universal serial bus (USB) hard drive, or a storage system accessed over a network). could be. Examples of storage media can include, for example, magnetic disks, magneto-optical disks, or network storage resources such as optical disks, solid state drives, cloud storage systems, or other types of storage media. However, the computer does not need to have such a device. In addition, computers can be other devices, such as mobile phones, personal digital assistants (PDAs), mobile audio or video players, game consoles, Global Positioning System (GPS) receivers, or universal serial buses (to name a few). Can be embedded in portable storage devices such as USB) flash drives.

To provide user interaction, the embodiments of the subject matter described herein include a display device for displaying information to the user, such as an LCD (Liquid Crystal Display) monitor, and the user inputting to a computer. It can also be implemented on and configured to communicate with an input device that can be provided, such as a keyboard and pointing device, such as a mouse, trackball, or touchpad. Other types of devices can also be used to provide user interaction. For example, the feedback provided to the user can be any form of sensory feedback, for example visual feedback, auditory feedback, or tactile feedback, and the input from the user can be any, including acoustic, audio, or tactile input. Can be received in the format of. In addition, the computer sends and receives documents to and from the device used by the user, for example, by sending a web page to the web browser on the user's device in response to a request received from the web browser, or. You can interact with the user, for example, by interacting with an app running on a user device such as a smartphone or electronic tablet. The computer also interacts with the user by sending a text message or other form of message to a personal device, such as a smartphone running a messaging application, and by receiving a response message from the user instead. be able to.

As used herein, the term "configured as" is used in connection with systems, equipment, and computer program components. A system of one or more computers that is configured to perform a particular action or action installs software, firmware, hardware, or a combination thereof that causes the system to perform the action or action while it is running. It means that you are doing it. A computer program that is configured to perform a particular action or action contains instructions that cause the device to perform the action or action when the program is executed by the data processing device. Means that. A dedicated logic circuit configured to perform a particular action or action means that the circuit has electronic logic to perform the action or action.

Although this specification contains details of many specific implementations, these should not be construed as restrictions on the alleged scope defined by the claims themselves and are specific to a particular implementation. It should be interpreted as an explanation of the features to be obtained. The particular features described herein in the context of individual implementations can also be realized in combination in a single implementation. Conversely, the various features described in the context of a single implementation can also be realized individually in multiple implementations or in any suitable subcombination. In addition, features are described above as acting in a particular combination and can be claimed as such at first, but one or more features from the claimed combination may be removed from the combination and claimed. Can target sub-combinations or variations of sub-combinations.

Similarly, the actions are shown in the drawings and are described in the claims in a particular order, but this is in the particular order or sequence in which such actions are shown in order to achieve the desired result. It should not be understood as requiring that it be performed in the order in which it is performed, or that all the illustrated actions be performed. In certain situations, multitasking and parallelism may be advantageous. Moreover, the separation of the various system modules and components in the implementations described above should not be understood as requiring such separation in all implementations, and the components and systems of the programs described are: It should be understood that they can usually be integrated into a single software product or packaged into multiple software products.

The specific implementation of the subject has been described. Other implementations are within the scope of the following claims. For example, the actions described in the claims can be performed in a different order and still achieve the desired result. As an example, the process shown in the accompanying drawings does not necessarily require the particular order or sequential order shown to achieve the desired result. In some cases, multitasking and parallel processing may be advantageous.

100 environment
102 blockchain network
106 Computing device
108 Computing device
110 network
200 conceptual architecture
202 Participant System
204 Participant system
206 Participant system
212 blockchain network
214 nodes
216 blockchain
300 system
302 Consortium Blockchain Network
304a-304e node
306 Consortium Blockchain
316 verification system
320 incentive system
330 verification node
352 Public Side Chain Network
354 Public blockchain node
356 Public blockchain
400 processes
600 processes
700 equipment
705 Storage or storage unit
710 First generator or generation unit
715 First transmitter or transmitter unit
720 receiver or receiver unit
725 First acquisition unit
730 Second generator or generation unit
735 Requester or request unit
740 Second acquisition unit
745 Decision unit
750 Second transmitter or transmitter unit

Claims (20)

It ’s a computer implementation method.
A step of transmitting a first data digest generated based on a data item originally recorded in the consortium blockchain network to each of a plurality of verification nodes, wherein the first data digest is cryptographically signed. Steps and steps that are recorded on the public blockchain as the first cryptographically signed data digest,
The step of receiving the request to acquire the data item, and
Based on the request to acquire the data item, a step of generating a second data digest based on the data item, and
A step of transmitting the second data digest to the plurality of verification nodes, wherein the plurality of verification nodes cryptographically sign the second data digest and return a cryptographically signed second data digest. , Steps and
The data is a response to a request to obtain the data item based on the fact that the recorded cryptographically signed first data digest matches the returned cryptographically signed second data digest. A computer implementation method comprising sending a response indicating that the data item has not changed since the item was first recorded in the consortium blockchain network. The computer implementation method according to claim 1, wherein the plurality of verification nodes are computing devices participating in the public blockchain. It further includes the step of recording the smart contract on the public blockchain and rewards the verification node in response to the smart contract receiving the cryptographically signed second data digest from the verification node. The computer implementation method of claim 1, configured to provide. The computer implementation method of claim 1, wherein the first data digest is generated using a hash of the initially recorded data item. The computer implementation method of claim 1, wherein each verification node is configured to cryptographically sign the first data digest using the private key associated with that verification node. The first aspect of claim 1, wherein the step of transmitting the first data digest to the plurality of verification nodes includes a step of broadcasting the first data digest to the public blockchain network that manages the public blockchain. Computer implementation method. A step of identifying the cryptographically signed first data digest recorded on the public blockchain based on the identifier associated with the data item.
The computer implementation method of claim 1, further comprising the step of obtaining the cryptographically signed first data digest from the public blockchain. A computer-readable recording medium that records one or more instructions that can be performed by a computer system to perform multiple actions.
An operation of transmitting a first data digest generated based on a data item initially recorded in the consortium blockchain network to each of a plurality of verification nodes, wherein the first data digest is encrypted and signed. The behavior, which is recorded in the public blockchain as the first cryptographically signed data digest,
The operation of receiving the request to acquire the data item and
An operation of generating a second data digest based on the data item based on the request for acquiring the data item, and
It is an operation of transmitting the second data digest to the plurality of verification nodes, and the plurality of verification nodes cryptographically sign the second data digest and return a second data digest that has been cryptographically signed. , Behavior and
The data is a response to a request to obtain the data item based on the fact that the recorded cryptographically signed first data digest matches the returned cryptographically signed second data digest. A computer-readable recording medium comprising the operation of transmitting a response indicating that the data item has not changed since the item was first recorded in the consortium blockchain network. The computer-readable recording medium according to claim 8, wherein the plurality of verification nodes are computing devices participating in the public blockchain. The plurality of operations further include the operation of recording a smart contract on the public blockchain, and the verification is performed in response to the smart contract receiving the cryptographically signed second data digest from the verification node. The computer-readable recording medium according to claim 8, which is configured to provide a monetary reward to a node. The computer-readable recording medium of claim 8, wherein the first data digest is generated using a hash of the initially recorded data item. The computer-readable recording medium of claim 8, wherein each verification node is configured to cryptographically sign the first data digest using the private key associated with that verification node. 8. The operation according to claim 8, wherein the operation of transmitting the first data digest to the plurality of verification nodes includes an operation of broadcasting the first data digest to the public blockchain network that manages the public blockchain. Computer-readable recording medium. The plurality of operations
The action of identifying the cryptographically signed first data digest recorded on the public blockchain based on the identifier associated with the data item.
The computer-readable recording medium of claim 8, comprising the operation of obtaining the cryptographically signed first data digest from the public blockchain. It ’s a system,
With one or more computers,
One or more computer memory devices coupled to the one or more computers so that they can interact with each other, tangible, non-transitory, and machine-readable, recording one or more instructions. With one or more computer memory devices with different media,
The one or more instructions perform a plurality of actions when executed by the one or more computers, the plurality of actions.
An operation of transmitting a first data digest generated based on a data item initially recorded in the consortium blockchain network to each of a plurality of verification nodes, wherein the first data digest is encrypted and signed. The behavior, which is recorded in the public blockchain as the first cryptographically signed data digest,
The operation of receiving the request to acquire the data item and
An operation of generating a second data digest based on the data item based on the request for acquiring the data item, and
It is an operation of transmitting the second data digest to the plurality of verification nodes, and the plurality of verification nodes cryptographically sign the second data digest and return a second data digest that has been cryptographically signed. , Behavior and
The data is a response to a request to obtain the data item based on the fact that the recorded cryptographically signed first data digest matches the returned cryptographically signed second data digest. A system that includes the operation of sending a response indicating that the data item has not changed since the item was first recorded in the consortium blockchain network. The system according to claim 15, wherein the plurality of verification nodes are computing devices participating in the public blockchain. The plurality of operations further include the operation of recording a smart contract on the public blockchain, and the verification is performed in response to the smart contract receiving the cryptographically signed second data digest from the verification node. The system of claim 15, configured to provide a monetary reward to a node. 15. The system of claim 15, wherein each verification node is configured to cryptographically sign the first data digest using the private key associated with that verification node. 15. The operation according to claim 15, wherein the operation of transmitting the first data digest to the plurality of verification nodes includes an operation of broadcasting the first data digest to the public blockchain network that manages the public blockchain. system. The plurality of operations
The action of identifying the cryptographically signed first data digest recorded on the public blockchain based on the identifier associated with the data item.
The system of claim 15, further comprising the operation of obtaining the cryptographically signed first data digest from the public blockchain.

Images