KR102077397B1 - Method and system for connecting chain based on dynamic time delay in proof of population based blockchain - Google Patents

Abstract

Embodiments of the present invention provide a dynamic time delay based chain connection method and system in a PoP based blockchain. In one embodiment, a method of chaining nodes participating in a blockchain network may include receiving a block generated by an amalgamator of the blockchain network, calculating a dynamic delay time for the received block, and And validating the received block by comparing the difference between the generation time of the previous block generated by the concatemer and the generation time of the received block and the dynamic delay time.

Description

METHOD AND SYSTEM FOR CONNECTING CHAIN BASED ON DYNAMIC TIME DELAY IN PROOF OF POPULATION BASED BLOCKCHAIN}

The following description provides a dynamic time delay based chain connection method and system in a PoP based blockchain.

Because of Satoshi Nakamoto's brilliant idea, the p2p public ledger seems to be feasible within an anonymous network. Any Internet user can contribute to a p2p network by participating in the network and providing their computing power or proof-of-work. The proof-of-work is a clever one vote per CPU by anonymous participants, which ensures that the Bitcoin book is not an illegal variant. To reward the nodes for their work, a cryptocurrency called Bitcoin is issued and given to each node. For example, Korean Patent Laid-Open No. 10-2016-0024185 discloses a system and method for managing cryptocurrency using Secure Element (SE).

However, the anonymity of books and cryptocurrencies prevents the technology from being used in the fiat currency economy. Cryptocurrencies are untraceable, even if used for money laundering or tax avoidance, and their value is not stable and fluctuates violently.

In the PoP (Proof of Population) -based blockchain network, the block chaining rules of the block are prevented from being merged by the merger to create the block within the dynamic delay time from the creation time of the previous block, thereby handling the contention chains in the PoP-based blockchain. Provides a method and system for chain connection.

A method of chaining nodes participating in a blockchain network, the method comprising: receiving a block generated by an amalgamator of the blockchain network; Calculating a dynamic delay time for the received block; And validating the received block by comparing the difference between the generation time of the previous block generated by the merger and the generation time of the received block and the dynamic delay time. to provide.

According to one side, calculating the dynamic delay time, the distance function between the IDs of the optimal signers for the next block calculated from the previous block and the IDs of the actual signers participating in the signature of the received block. And calculate the dynamic delay time to be proportional to the calculated distance exponentially, linearly, or stepwise.

According to another aspect, the calculating of the dynamic delay time may include calculating a distance between an ID of an optimal merger for a next block calculated from the previous block and an ID of an actual merger participating in a signature of the received block through a distance function. And calculating the dynamic delay time to be proportional to the calculated distance exponentially, linearly, or stepwise.

According to another aspect, the step of calculating the dynamic delay time, the dynamic to be exponentially, linearly or stepwise proportional to the product of the difficulty distance and the calculated distance determined based on the block generation frequency of the actual merger It may be characterized by calculating the delay time.

According to another aspect, the calculating of the dynamic delay time may include calculating the dynamic delay time such that the dynamic delay time increases as a difficulty variable determined based on a difference between a generation time of a final block and a current time increases. It may be characterized by.

According to another aspect, the validating step further includes validating a validity of a time sequence of the received block, a validity of a transaction included in the received block, and a signature included in the received block. It can be characterized.

According to another aspect, the chain connection method may further include connecting the validated block to each of a plurality of different chains separated by soft forks.

According to another aspect of the present invention, the chain linking method may include: when the validated blocks are connected and there are chains in which m or more blocks (m is a natural number of 2 or more) are connected from a soft fork, the plurality of different chains may be different. The method may further include deleting a chain having fewer than m blocks from the soft fork.

In combination with a computer, a computer program stored in a computer-readable recording medium for executing the chain linking method on a computer is provided.

Provided is a computer-readable recording medium having recorded thereon a program for executing the chain connection method on a computer.

A node participating in a blockchain network, comprising: at least one processor implemented to execute computer readable instructions, wherein the at least one processor receives a block generated by an amalgamator of the blockchain network Calculates a dynamic delay time for the received block, compares the difference between the generation time of the previous block generated by the merger and the generation time of the received block, and the dynamic delay time. Provide a node to validate the block.

In the PoP (Proof of Population) -based blockchain network, the block chaining rules of the block are prevented from being merged by the merger to create the block within the dynamic delay time from the creation time of the previous block, thereby handling the contention chains in the PoP-based blockchain. can do.

1 is a diagram illustrating an example of a P2P ledger protocol according to an embodiment of the present invention.
2 is a diagram for one example of information included in a new block added to a signed blockchain according to one embodiment of the present invention.
FIG. 3 is a diagram for one example of selecting signers for a new block based on a previous block according to one embodiment of the present invention.
4 is a diagram illustrating an example in which a p2p book is protected against forking a block according to an embodiment of the present invention.
5 is a diagram illustrating an example of an operating environment of a network system according to an embodiment of the present invention.
6 is a diagram illustrating an example of an internal configuration of a computer device according to one embodiment of the present invention.
7 is a flowchart illustrating an example of a signature method in an embodiment of the present invention.
8 is a flowchart illustrating an example of a method for adding a transaction block according to an embodiment of the present invention.
9 is a diagram illustrating a soft fork and an example of a block in a block chain.
10 is a flowchart illustrating an example of a block validation process according to an embodiment of the present invention.
11 is a flowchart illustrating an example of a process of processing a validated block according to an embodiment of the present invention.

Hereinafter, exemplary embodiments will be described in detail with reference to the accompanying drawings.

Embodiments of the present invention describe techniques for a p2p ledger that implements a universal financial platform for fiat currencies without issuing any cryptocurrencies. In contrast, embodiments of the present invention introduce a new concept of "Proof of Population" based on real name identity. It can be used as a p2p ledger for banks, as an influential tool for settlement, and can be used for any financial transactions. Furthermore, it distributes the costs held by third parties to peers that cannot be centralized. Since the energy requirements are very low, it is possible to run software according to embodiments of the present invention on a smartphone or personal computer.

In addition, a chain linking method and system for processing contention chains in a PoP-based blockchain by defining a block chaining rule of a block in a PoP-based blockchain will be described.

1. Introduction

A third trusted authority is assumed to be required to conduct records transactions in a trusted manner. In this model, participants need trust to believe that the records are not modified. Instead of providing trust, the third trust authority receives transaction costs from the participants. This is well done if the participants in the network generally agree on the cost of running a third party, such as a bank. However, if it is impossible to establish a third-party trust institution that technically, economically and politically protects the transaction, then a decentralized but not counterfeit online transaction record is needed. Furthermore, even if a third trust authority already exists, it is more preferable to use a distributed ledger if feasible, when the cost of maintaining the third trust authority is too large to create an unfair advantage, rather than technically or economically unavoidable. . Providing decentralized ledgers and eliminating third parties has a significant impact on markets run by trust institutions by providing another competitive technology that does not rely on third parties.

In 2009, Bitcoin provided the concept of removing the centralized currency foundry and decentralizing the books of the online currency system. In the Bitcoin network, coins are issued in a distributed way by peers managing a single global constant ledger. To keep the books unchanged, Nakamoto has developed a new voting mechanism that resolves discrepancies in the books by voting by anonymous peers. Since nodes in the Internet cannot be accurately distinguished, a mechanism for realizing one vote per node is required. Because identities such as IP addresses can be easily captured, Bitcoin uses so-called proof-of-work (PoW) to effectively implement the abstract concept of one vote per CPU.

Current PoW-based cryptocurrency systems have some technical limitations that prevent them from being used as real currency for trading.

Energy: According to the Bitcoin Energy Consumption Index by Digiconomist, the number of US homes powered by Bitcoin is 4,049,860.

Slow acknowledgment: In theory, blocks take at least 60 minutes to complete, but generally rely more substantially on limited block size and bulk transactions.

Scalability: Only 4-20 transactions can be processed per second. This cannot be a candidate for a large scale network.

Instead of using PoW, there are cryptocurrency systems that use proof-of-stake (PoS). PoS-based systems in which stakeholders stake their stake to vote so-called solve the above problems. There is still debate about the effectiveness of PoS attacks, but it is argued that it is possible to forge several chains simultaneously and even profitable.

Now let's look at the other aspects of cryptocurrency: Anonymity and Decentralization.

Non-Transparency: All transactions are processed under arbitrary addresses whose owner cannot be verified.

Non-decentralization: Hashing of power or equity is dominated by small groups of people.

1.1. Transparency

Cryptocurrencies efficiently realize online money systems so that they are not traceable as real currencies. Since the introduction of Bitcoin, much focus has been placed on cryptocurrencies, which has triggered a flood of cryptocurrency systems (about 1,300 cryptocurrencies). However, almost all cryptocurrencies using the block chain concept are untraceable. Just as cash in the real world is not easy to track even when used for crimes such as money laundering and tax avoidance, cryptocurrencies can't be tracked except when they are exchanged for real currency on an exchange. However, modern society is moving toward a more transparent economy due to credit cards, check cards and pay. The current cash model is gradually being eliminated by these alternatives. However, the cryptocurrencies represented by Bitcoin go in the opposite direction. An example of that opacity was in March 2017 that the US SEC decided not to list the Winklevoss Bitcoin Trust due to the opacity of the transaction.

1.2. Decentralization

Since the p2p platform according to embodiments of the present invention does not generate any cryptocurrency, decentralization means that the contributions and rewards for the network are distributed evenly to the participants. According to Bolckchain.info, the top seven mining groups occupy more than 70% of the world's hashing power. It is speculated that cryptocurrencies have not been as decentralized as expected when they were first proposed. Proof of ownership also allows high- stakeholders to control their books and reports that double spending is possible. To prevent centralization by small groups of people, one-on-one voting is the solution and other alternatives are just similar ones.

1.3. The idea according to embodiments of the present invention to satisfy the requirement of high-decentralized open books and high-transparent open books on a transaction that cannot be secured by a small number of groups is to use blindness-based voting. will be. Given that financial transactions must be conducted in real name, there is no need to adhere to an anonymous network in embodiments of the present invention. Embodiments of the present invention propose a p2p financial platform that can achieve both true decentralization and high levels of transparency while protecting book-level privacy. Instead of using inefficient PoW based voting, the system according to an embodiment of the present invention uses a much safer, faster, scalable and eco-friendly proof-of-population (PoP) based voting.

Now let's discuss cryptocurrencies. The goal of bitcoin designers is huge, but bitcoin cannot be a currency. People don't want to use it to buy a product, they want to speculate, and there are many reasons for this. One is that it separates from real money and functions in its own ecosystem, and the other is high mining costs.

Closed ecosystems: Bookkeeping technologies rely on closed ecosystems to maintain stable economic incentives for miners. In other words, cryptocurrency is a reward and transactions are made only of cryptocurrencies.

Mining costs: PoW-based books are not suitable for processing small transactions because of high mining costs.

1.4. Closed ecosystem of cryptocurrency

In current cryptocurrency networks, rewards are given in cryptocurrencies within the network, and book transactions only consist of the same cryptocurrency. This closed ecosystem has the effect of keeping the value of incentives of attackers very stable, but on the other hand, restricts the use of books only to transactions related to cryptocurrencies. Economic incentives cannot attract miners if the currency for books and transactions is different. Suppose that the bitcoin ledger processes USD transactions, and the rewards, including transaction costs and coinbase, are given in bitcoin. When the value of Bitcoin plummets and rewards become smaller than transactions in blocks, this monetary separation will obviously prevent attackers from mining honestly, encouraging them to do something wrong (forge trading blocks). do. When the value is very high, the transaction cost will be so high that it will be too high to handle small transactions. This is why most cryptocurrencies are defined recursively in their networks. Despite the inability to separate the currency for trade and the currency for reward, there must be a way to evaluate the value of money to give miners real economic incentives. Cryptocurrency exchanges exist for this purpose, but the value of cryptocurrencies is changing rapidly due to speculation.

1.5. Mining cost

On the other hand, the cost of mining blocks by unleashing PoW has been very high lately, making it difficult to use to finance small transactions. For example, a block mining by AntMiner S9, a very large mining pool, costs $ 19,598.50 without considering hardware costs. https://grisha.org/blog/2017/09/28/electricity-cost-of-1- bitcoin /. Therefore, it is quite clear that we cannot use Bitcoin to process small transactions.

As a result, closed ecosystems and high mining costs that separate from the real economy make PoW / PoS-based cryptocurrencies inapplicable to real trading. To overcome this, we propose to use fiat currency instead of cryptocurrency. This is also a recursive use of book money, but this design choice simplifies the problem of closed ecosystems. Book currency according to embodiments of the present invention is already the very currency (legal currency) of reality. No exchange is required to exchange cryptocurrencies for fiat. No cryptocurrency is generated in the system according to embodiments of the present invention. Although the p2p platform according to embodiments of the present invention (which in fact may be used to process transactions of any cryptocurrency) is not limited to a particular kind of currency, It will show you how to run a distributed ledger. Because it treats fiat money on books, it can be used freely for commercial, online and offline payments regardless of value changes. The cost of generating proof to make a block is to generate and collect signatures, which are very common when compared to PoW. Therefore, economic incentives for miners need not be large, which means that small transactions can be efficiently processed on the network.

By solving all the above-mentioned problems, the p2p financial platform according to embodiments of the present invention can enable banks to sell financial products, and allow consumers to open accounts that do not operate on a central server.

2. Background

The problem solved by Bitcoin is called the Byzantine Generals Problem (BGP), which creates a consensus among the public, under the assumption that it is an incomplete communication network and an incomplete public. Bitcoin is an attempt to resolve BGP among `` unlike '' anonymous users on the Internet. The Bitcoin network was created to create a permanent public ledger on the Internet that allows Internet-connected participants to remain free and join and leave the network anonymously. Even worse, they are trying to corrupt their open books in search of their own interests. At this time, there is a possibility that there are a plurality of books that exist simultaneously due to damage. The obvious way to agree on a single open book is to vote, but voting in a trusted and secure way among anonymous users cannot be easily performed. The method of voting for a single book is related to BGP on the Internet. Bitcoin solves the problem with Proof of Work (PoW), which efficiently implements 1 CPU for one vote. Blocks holding multiple transactions with PoW are linked to one public ledger organized by blockchain. PoW is calculated by network participants called "miners" and miners are rewarded with transaction costs and coinbase in the form of cryptocurrencies. To modify the book, attackers fork the chain by adding other transactions to the existing blockchain and adding PoWs that catch up and override the existing chain. To do this, the attacker must have more computing power to calculate the PoW for the blockchain. When the created blockchain reaches a point longer than the existing chain, the attacker opens the forged chain and asks to replace it with this new chain. The attacker or group of attackers must have 51% or more computing power to succeed in the attack (51% attack).

The difficulty of voting on anonymous networks is the value of Bitcoin's PoW-based blockchain. However, anonymity hinders the application of blockchain technology to real financial platforms in terms of money laundering and tax avoidance. Therefore, institutions in the financial services sector are interested in 'private block chain' and 'consortium block chain' technologies. In a private / consortium blockchain network, it is not possible for an entity to operate the network without any 'coin' or 'mining' rewards, since interested entities participate in the private / consortium blockchain and damaged ledgers lose some. It is possible. In the sense that the true meaning of the blockchain is in a public ledger that can create consensus among anonymous participants of no interest, private / consortium blockchains in which the identity of participating nodes are known to each other and the nodes are operated by organizations It can only be seen as a redundant distribution of databases for security purposes. In the embodiments of the present invention, it is noted that the entities in the private or consortium blockchain have real identity and can easily be identified with each other, and thus can easily agree without PoW / PoS when a mismatch occurs in the database. Current experimental projects based on private or consortium blockchains focus on the efficiency of coherence between security and distributed database systems obtained by redundant database management by interested entities. In order to deal with transactions between interested third parties, variants of practical Byzantine fault tolerance protocols (PBFTs) have been adopted for private chains. However, most PBFT protocols are not scalable enough to be used in public chain networks. Therefore, the meaning of private / consortium is limited.

Unlike existing blockchains, our blockchain has both the openness of the Public Block Chain and the high throughput of the Private Block Chain. On the other hand, it appears to be a private blockchain because it is operated by anonymous, authenticated nodes rather than anonymous nodes. On the other hand, it also appears to be a public chain, in that nodes can freely join and leave our network and blocks are signed by arbitrary nodes of no interest. This is not an anonymous network, but a network operated by real name authenticated peers, so all recorded transactions can be identified by government authorities if necessary. The new ledger can serve as the ultimate P2P financial platform for dealing with any type of asset, including physical and cryptocurrencies. By using this platform, there is a P2P bank where banks' books are managed in a distributed, constant ledger operated by peers using smartphones and computers rather than bank servers. The role of banks includes pseudonym and real identity management, mapping their consumers and selling financial products on the network.

3. Motivation

The innovation of the public blockchain is to resolve book mismatches by enabling anonymous voting by PoW. Even if the identity of a node is unknown, if there is a way to distinguish between two votes coming from one node (duplicate votes) or two votes coming from other nodes (two valid votes), Can be counted. In the case of duplicate votes, one of the two votes may be ignored. In this case, votes can be counted without expensive PoW calculations. The real name based identifier and its digital signature may serve for this purpose. Although real name identification is excessive for voting only, it aims to be a real name traceable platform for high-decentralized, high-transparent ledgers, thus perfectly meeting the purposes according to embodiments of the present invention.

A p2p ledger according to embodiments of the present invention using real name based pseudonyms and digital signatures may be seen as a variant of the private / consortium blockchain in which the block is identified by an explicit majority vote. However, in accordance with embodiments of the present invention, a book can be freely accessed and left by anyone once it is identified by its real name, and the book access is not controlled by anyone and the block can be signed by arbitrary peers. It is a kind of public blockchain. In addition, the operating environment of the public chain is different from the private chain. The number of signers is large, and excessive forking is frequently caused by large network delays. Therefore, we need a different strategy from the PBFT-based majority voting algorithm that is taken by private / consortium blockchains such as Hyperledger.

In a private / consortium blockchain, signers interested in the block must sign the block, whereas in the p2p platform according to embodiments of the present invention, the signature-based majority vote is not interested in who signed the block and how many voters We are only interested in signing the block. Therefore, signatures are used to prove that a certain number of peers have voted on the block. In short, PoP is a game where a miner ("merger" in embodiments of the present invention) is rewarded if he collects N signatures for the block fastest, regardless of the identity of the signer. This is similar to PoW, where the miner who solved the hash puzzle fastest wins the game. To add a block, N random peers between participants vote for the block by adding their signature to the block. Where N≥1. The longer the chain, the more voters support the chain. Therefore, when a book mismatch occurs, a chain fork with more voters will be selected, which is the correct implementation of the majority vote. The problem here is how to implement signature-based majority voting in an efficient, secure and decentralized way in a distributed p2p network. Our approach to the problem is to: 1) carefully balance the gains and losses of attackers by transaction volume, transaction cost, and completion time; and 2) to prevent attackers from counterfeiting their books through full traceability. Take advantage.

4. P2P Book Protocol

In order to make the new blockchain a reality, Population Proof (Pop) using digital signatures is used instead of PoW or Proof of Stake, which is an explicit voting realization by individuals. Unlike PoW and PoS, which rely on accumulated computing power and amount of stake, PoP makes decisions based on the cumulative number of people who support the block. Therefore, when forking occurs by an attack or asynchronous that generates several versions of the chain, a chain with a larger population or a chain supported by more voters is chosen as the chain that wins the game.

4.1. Nodes: Signer and Merger

There are two kinds of nodes in a PoP network. One kind of node contributes to maintaining the open ledger by digitally signing the block, while the other kind of node gathers multiple transactions into one block, requests nodes to sign the block, and signs ) And contribute by linking it to an existing blockchain. The former node is called the signer and the latter node is called the merger. When the signer receives a signature request for a transaction block, the signer displays a message to the user confirming that the PoP wallet should generate a signature. This can be done automatically by setting up informed consent for automatic signatures. In the embodiment of the present invention, a case where the signature module is executed on a terminal capable of installing an application such as a smartphone is considered. By installing an application according to embodiments of the present invention on its terminal, the signer can make some money as a reward for signing the block. The merger collects and verifies a certain number of transactions to construct a trading block. In addition, for each trading block, the merger must collect a certain number of valid signatures for the block from the signers and insert them into the block. The merger's software (module for collecting and inserting valid signatures) may also be run on the merger's terminal, such as a smartphone or desktop / server computer. The aggregator node has to advertise or promote itself in order to get more signers to join their network and quickly collect as many signatures as needed. When the signer joins the network, it will register itself with the mergers and the mergers will ask the signer to sign the block. When a signer participates in multiple mergers, the signer must set priorities among the mergers. Nodes participating in a PoP network must be compensated for their work in order to maintain the network. Merger nodes are rewarded for collecting / verifying transactions and collecting signatures for such transactions, and signer nodes are rewarded for their contributions that generated the signature. These rewards are given in real money in their accounts on the books.

1 is a diagram illustrating an example of a P2P ledger protocol according to an embodiment of the present invention. The first dashed line box 110 shows an example of a signed blockchain as a P2P ledger according to the present embodiment, and FIG. 1 shows that the merger 120 has one transaction between the user and / or one between the user and the merchant. An example of a case of adding a new block 111 of a signed block chain displayed in the first dotted line box 110 by merging into blocks is shown. Although FIG. 1 illustrates transaction 1 131 and transaction 2 132, a plurality of transactions generated after the previous block 112 of the block 111 to be newly added are approved and delivered to the merger 120. May include transactions of.

For example, when a transaction occurs from A to B, the transaction record including the amount of money, the date / time, the purpose of the transaction and their IDs (A and B) is signed using A's and B's private signature keys and A Sent to the mergers by either B or B; In other words, in FIG. 1, the transaction 1 131 between the user and the user may include information on the amount of money, date / time, transaction purpose, and IDs of two users. Transaction 1 131 may also be signed 133 by two users' private signature keys and sent to the mergers. Although one merger 120 is representatively illustrated in FIG. 1, a transaction record may be substantially transmitted to each of the plurality of mergers. Similarly, transaction 2 132 between the user and the merchant in FIG. 1 may include information about the amount of money, date / time, transaction purpose, and the user's ID and the merchant's ID. Transaction 2 132 may also be signed 134 by the user's personal signature key and the merchant's personal signature key and sent to the mergers.

At this time, the transactions 131, 132 may be signed by the signers 141, 142, 143. In FIG. 1, typically, three signers 141, 142, 143 provide signatures 151, 152, 153 for the new block 111 at the request of the merger 120. At this time, the signers to participate in the signature for the new block 111 may be selected according to the manner to be described later.

The merger 120 may sign 121 a new block 111 and broadcast it to all mergers, and the new block 111 approved by the mergers appears in the first dotted box 110. Can be added as the last block of the signed blockchain. The manner in which mergers approve a block is described in more detail later.

As such, in a PoP network in accordance with embodiments of the present invention, a transaction may be signed by an account holder and sent to a merger, and a block containing multiple transactions may be signed to signers and mergers.

2 is a diagram for one example of information included in a new block added to a signed blockchain according to one embodiment of the present invention. FIG. 2 includes transaction 1 131 with signature 141 and transaction 2 132 with signature 142 added to the end of the signed blockchain described with reference to FIG. Block 111 is signed 151, 152, 153 by signers 141, 142, 143. In addition, the merger 120 also indicates that a new block 111 has been signed 121.

4.2. Participation as a node and opening an account in the PoP network

Because PoP networks require how many people support the block, an individual must be authenticated in real name by a p2p bank before entering the network. When the user is authenticated, he creates his own public key / private key pair and pseudonym and gets the signature from the p2p bank. Therefore, the role of the p2p bank is to authenticate the user and issue public key certificates for aliases and public key pairs. The user stores all of this in the wallet, but the public key and alias pair signed by the p2p bank are registered on the blockchain, the p2p bank stores the real name, and the public key and alias are stored as tuples in the database. . This database, created by multiple p2p banks, must be shared to distinguish nodes or can be managed by a single trust authority. The role of the authorities here is limited to the management of blind and pseudonym pairs, but not related to transaction processing. The public key can be updated by adding new public key and alias pairs on the book if needed. Similarly, aliases can be updated by re-registering in the database, but change logs must also be maintained.

A user who has successfully registered an authentication on a book can serve as a signer, a consolidator and / or a consumer if desired.

4.3. Transaction processing at p2p banks

As explained through FIG. 1, when a transaction occurs from A to B, the transaction record, including the amount of money, date / time, transaction purpose and their IDs, is signed using A and B's private signature keys and A and B Sent to the mergers by either. Mergers are selected by the sender according to the rank of the mergers profiled in the wallet. Now, the merger who receives the transaction record validates the record and merges some records to create a transaction block. When a block is constructed, the merger collects a predetermined (but periodically adjusted) number of signatures as soon as possible to add the block to the chain. Signers and mergers can only create signatures for blocks created after they join the network. The signers for a block are not arbitrarily chosen by the merger, but are chosen by a hash value that is the output of a function whose output is random because it is random and unpredictable but deterministic, depending on the input. Can be. For example, the hash value may be generated through a hash function preset in each of the mergers. At this time, the signers may be selected according to the hash value as a result of the hash function having the information extracted from the transaction records of the previous block as a parameter. Therefore, to change the signature group for an attack, it is necessary to change the transactions of the previous block so that their hash value selects the attacker's signer group. At this time, as described above, in order to change the transactions of the previous block, the transactions of the previous block must be changed. As a result, changing the signature group of one block involves changing all signature groups of all preceding blocks and all subsequent blocks.

FIG. 3 is a diagram for one example of selecting signers for a new block based on a previous block according to one embodiment of the present invention. 3 illustrates a new block 111 and a previous block 112 of the new block described with reference to FIG. 1. In this case, the previous block 112 may include information about transaction a 310, transaction b 320 and transaction c 330, similar to those described with reference to FIG. It can include a signature. In addition, as described above, the previous block 112 may include a previous hash value 340 generated based on the previous block of the previous block 112.

The merger (eg, the merger 120 described with reference to FIG. 1) has information about the transaction a 310, the transaction b 320 and the transaction c 330 included in the previous block 112 as parameters. The hash function 350 may generate a hash value for the new block 111. The newly generated hash value may be included in the new block 111 as in the previous hash value 360 shown in FIG. 3. Meanwhile, the merger may select the signers 370 based on the hash value generated through the hash function 350. For example, the signers 141, 142, 143 of FIG. 1 may be selected by the signer IDs that the merger 120 calculated based on the hash value.

Thereafter, as described with reference to FIG. 1, the merger may send a new block 111 to the signers 370 to receive the signatures 151, 152, and 153 of the signers 370 and merge. As such, a block in a PoP network according to embodiments of the present invention may be signed to signers and mergers, and a group of signers may be forced by a hash value for a transaction of the previous block.

1) The transaction is broadcast to the merger's network and the merger waits for some transaction volume to be collected.

2) The merger collects the transactions in the block, calculates the signer ID, finds the signers with the closest ID among the signers registered in the signer management list of the merger, and sends the block to the signers.

3) The signer verifies the validity of the block and responds to the merger via the signature on the block.

4) The merger waits until it gets some signatures on the block, and if successful, signs the block and broadcasts the multi-signed block to all mergers.

5) Mergers approve a block only if the block is valid and is not paid in duplicate.

6) Mergers use the hash of the approved block as the previous hash to notify block approval by working to create the next block in the chain.

The signer must hold all block IDs signed. The signer checks the following and signs the block.

If the time stamp in the block does not match the current time considering the time synchronization error on the distributed network, report it to the authority and ignore the block (e.g. in a Bitcoin network, the block has a time stamp of the last 11 blocks. If greater than the median, it is accepted as valid).

Ignore if the signature request is for a block created before the signer joined the network.

If the request is for a block created before the last signed block is completed, the signing request from the merger will be automatically rejected.

If the request is for another block that contains information about transactions on a block that is already signed, the signer ignores the request and notifies the merger. This notice has the effect of prompting the merger with the message "You are late. The transaction has already been added."

If the request is for a block containing a transaction that does not match the signed one, the signer reports to the authorities and broadcasts the merger ID and sender ID to the network to drive the user who made the request out of the network. Now all requests from this attacker will be ignored.

Signers may be disqualified over time by the merger to ensure an even distribution of transaction costs.

4.4. Fork with multiple voters

When a block is added to the chain (O), it takes several seconds to spread the result over the entire network to form a new chain (N). Therefore, during that time, another merger may try to add another block to the chain O, which causes chain forking to make another chain N '. Chain forking means that there are two versions of books that must be resolved explicitly. In a PoP network, selecting the appropriate chain is done by voting. When two or more forks compete with each other to become the main chain, the mergers choose forks with a more accumulated number of signatures, which means that more people support the chain.

4.5. Approval level

가 체인에 추가되고 다음 블록

이 그 체인에 추가될 때

는 네트워크로부터 하나의 승인을 받는다. 미리 결정된 수의 승인들이 있은 후, 블록은 영구적으로 체인에 추가되며, 이 영구적인 승인 후에는 또 다른 포킹 요청이 승인되지 않을 것이다. 그러므로, 합병자는 경합하는 포크 블록 체인들 중에서 최신의 영구적인 승인에 대한 가장 빠른 타임 스탬프를 갖는 하나를 선택해야 한다. 이는 최신의 영구적인 승인 이후의 시간 프레임 내로 포킹 논의를 제한시킨다.block

Is added to the chain and the next block

Is added to the chain

Receives one approval from the network. After a predetermined number of grants, the block is permanently added to the chain and after this permanent grant another forking request will not be granted. Therefore, the consolidator must choose one of the competing fork blockchains with the earliest time stamp for the latest permanent approval. This limits the forking discussion into the time frame after the latest permanent approval.

In order to improve throughput, embodiments of the present invention may adopt GHOST (Greedy Heaviest-Observed Sub-Tree). The idea is not to eliminate contending branches, but to leave branches to support the blocks from which the branches are forked. Now instead of choosing the longest chain, we choose the heaviest chain that the largest population supports.

4.6. Select signer group

에 대한 서명자 그룹은 종전 블록들 상 거래 내용과, 서명 및 체인 해시가 제외된 서명자 그룹 내 서명자들의 리스트를 해시함으로써 선택된다. 즉, 리스트는

에 의해 계산될 수 있으며, 여기서

는 i번째 블록 상의 거래 및 서명자 리스트들이며, t(

1)는 최종 임계 값이다. 서명 그룹의 이러한 소급성 및 적용되지만 예측 불가능한 선택은 장부의 훼손을 더 어렵게 만든다.block

The signer group for is selected by hashing the transaction content on the previous blocks and the list of signers in the signer group, excluding signatures and chain hashes. In other words, the list is

Can be calculated by

Is the list of transactions and signers on the i th block, t (

1) is the final threshold. This traceability of the signature group and the applied but unpredictable choice makes it more difficult to damage the books.

4.7. Nearest signer ID in Hamming distance

The signer ID selected by the hash value may not be valid because the signer has not yet joined or the signer with the ID may not be activated. In this case, the closest ID in the hamming distance will be selected and the score for selecting the longest chain can be calculated as in Equation 1 below.

는 블록

내 서명자들의 수이고, 128은 ID의 비트 길이의 예일 수 있고,

는 j번째 서명자와 해시 출력 간의 해밍 거리이다.here

Block

The number of my signers, 128 could be an example of the bit length of the ID,

Is the hamming distance between the j th signer and the hash output.

4.8. Difficulty adjustment: number of signers

New signers join the network through mergers, and they participate in the signature processing from the next block. S is the number of signers to sign the block. Every 2 seconds is a reference point for collecting S signatures. This is calculated by measuring 1,800 block creation times, the number of which is recorded in blocks. If it is too slow to collect S signatures, only the minimum S (e.g. 5) is retained for security purposes.

5. Security

5.1. Block forging

To forge a block, the attacker has two choices. One is to forge signatures in the block, which is not feasible by the EUF-CMA security of the signature. Instead of breaking the cryptographic signature, one can buy the signature group of the block. This method replaces the signer group and puts the signatures of their own signer group.

5.1.1. Replace signer group

를 얻기 위하여 한 블록

내 거래를 변형할 때, 서명자 그룹에 의해 서명된

를 얻어야 한다. 서명을 위조하지 않으려면 (암호학적으로 불가능하므로), 서명자 그룹을 교체시켜야 한다. 이에 대해, 서명자 그룹은

의 기록들에 의해 결정되기 때문에, 종전 블록

의 거래 기록들은

로 변형되어야 한다. 이는 결국 변형된 블록

의 재서명과 관련된다. 블록

의 서명자 그룹은 그들이 이미 시간 프레임 내에 서명되었기 때문에

에 재서명하지 않을 것이고, 이에 따라

에 대한 서명자 그룹은 변화되어야 한다. 결과적으로, 블록

의 변형은

,

, …,

의 역행 회귀 변형과 관련된다. 또한,

내 거래를 변화시킴으로써,

내 저장된 체인 해시 및

의 서명자 그룹 모두가 변화된다. 결과적으로, 하나의 블록을 변화시키는 것은 순행 및 역행 체인 모두의 변형과 관련된다.Attacker

One block to get

When transforming my transaction, signed by a group of signers

You should get If you do not want to forge a signature (it is cryptographically impossible), you must replace the group of signers. In this regard, the group of signers

The previous block, as determined by the records of

Transaction records

It should be transformed into. Which in turn transforms the block

It is related to the resignation of. block

The signer group of is because they are already signed within the time frame

Will not be resigned to

The signer group for must change. As a result, the block

Variation of

,

,… ,

Is associated with the retrograde regression of. Also,

By changing my deal,

My saved chain hash and

All of the signer groups in are changed. As a result, changing one block involves the modification of both the forward and backward chains.

4 is a diagram illustrating an example in which a p2p book is protected against forking a block according to an embodiment of the present invention. 4 shows a block Bi-1 411, a target block Bi 412 and a block Bi + 1 413 as part of a signed blockchain, in which the target block Bi 412 is the signer group a 421. Is signed, and the block Bi + 1 413 is signed by the signer group b 422.

At this time, a case in which the counterfeiter wants to receive approval for the counterfeit block Bi '431 before the target block Bi 412 is approved may be considered. As already mentioned, the signer group a 421 is selected based on the hash value for the transaction of the block Bi-1 411, so that the forger uses a different signer group to obtain a signature for the counterfeit block Bi '431. In order to forge the transaction content of block Bi-1 (411). This requires the forger to sequentially forge all previous blocks of block Bi-1 411.

Forgers can also attempt to conspiracy against signers. However, the counterfeiter has a burden of public advertising in order to collect conspirators, and the signers for signing the following counterfeit block Bi + 1 '432 are selected by the transaction contents of the counterfeit block Bi' 431. Thus, the signer group selected for the forged block Bi + 1 '432 is different from the signer group b 422 of the normal block Bi + 1 413 as the signer group x 441 as shown in FIG. do. In other words, not only the next counterfeit block Bi + 1 '432, but all the counterfeit blocks of the counterfeiter to be added afterwards must continually compete with the normal blocks attempted by multiple consolidators by duplicate signatures. The race must be repeated for the last block of the signed blockchain.

5.1.2. A group of signers compromised by bribery or negotiated with theft keys

에 대한 서명자 그룹이 변화되지 않아서 정확하지만 매수된 서명자 그룹에 의한 유효한 서명들이 부가되기 때문에, 공격자는 종전 블록들을 변화시킬 필요가 없다. 공격자는 오직 순행 위조에 대해서만 관심이 있다. 거래들 및 대응하는 서명들의 변화에 의해, 다음 블록

에 대한 서명자 그룹 및 체인 해시 값은 실제 체인 상의 블록의 것들과는 본질적으로 매치되지 않는다. 그러므로, 공격자는 블록

에 서명하기 위하여 새로운 서명자 그룹을 다시 매수하거나 협상해야만 한다. 이제, 변형된 블록

는 다른 서명자 그룹, 다른 체인 해시를 갖지만 같은 거래들을 가지며, 이는 다른 서명을 유발한다.

에 대해, 블록에 서명한 서명자 그룹은 공격자들에게 매수되어야 하고, 이는 체인의 마지막 블록까지 반복된다. 확정 투표로 되돌아가기 위한 매수된 서명자들의 요구되는 수는 너무 커서 위조된 거래량에 의해 보상되지 않는다.You can attack by buying a group of signers or stealing keys to forge blocks. This way, the current block

The attacker does not need to change the previous blocks because the signer group for is not changed so that the valid but bought signatures of the signer group are added. The attacker only cares about forgery. The next block, due to changes in transactions and corresponding signatures

The signer group and chain hash values for do not essentially match those of the block on the actual chain. Therefore, the attacker blocks

The new signer group must be bought back or negotiated in order to sign. Now, the transformed block

Has different signer groups, different chain hashes, but the same transactions, resulting in different signatures.

For, the signer group that signed the block must be bought by attackers, which is repeated until the last block in the chain. The required number of bought signers to return to the confirmation ballot is too large to be compensated by the forged trade volume.

5.2. Security economy, rewards and fines

There are a number of devices that prevent attackers from participating in forgery.

The first and most important device is a fully traceable blindness-based ledger. The strongest motivation comes from the fact that all nodes have already been authenticated blind and that all transactions on the books are fully traceable. Therefore, nodes in the network know enough that the crime is perfectly traceable and likely to be discovered.

)의 공모를 해야만 하기 때문에, 블록을 위조하는 합병자는 비공개 포킹을 할 수 없다. 그러나, 위조 합병자에 의해 제안받은 서명자들 중 적어도 하나는 블록이 이미 높은 확률로 완성되었다는 것을 알아야 한다(블록은 네트워크 거리의 시간 이후에 완성된다). 그러므로, 임의의 서명자는 당국에 이중 지급 시도를 신고할 것이다.The second device is that private forks are impossible, so public advertising is inevitable for forking. In a PoW network, miners can secretly make forks for double payments by calculating PoW faster than other miners until they distribute a private fork to replace the actual chain. However, in the PoP network, creating a forking chain is the signer of R R × S group of about two (or more accurately approximately 200 signatories

The consolidator who forges the block will not be able to fork privately, since it must conspire. However, at least one of the signers proposed by the counterfeit merger should know that the block has already been completed with a high probability (the block is completed after the time of the network distance). Therefore, any signer will report a double payment attempt to the authority.

및 R을 각각 블록에 대한 서명자 그룹 사이즈 및 확정을 위한 블록의 수라고 하자. 서명자들의 수

는 네트워크 속도에 의해 결정되고, R은 네트워크 거리에 의해 결정된다. 명료성을 위하여, S를 한 블록에 대한 서명자들의 평균 수라고 가정하자. 이때, 공격자를 위한 최고의 시나리오는 막 확정된 블록을 위조하는 것이고 이는 블록들의 최소 개수만 재서명될 필요가 있기 때문이다. 공격자는 블록을 위조해서 화폐 소비에 대한 자신의 거래가 제거되도록 한다. 위조된 블록은 공격자의 이중 지급에 대해 M×TA 개의 거래를 잃고, 따라서 M×F×TA는 위조된 블록의 공모 서명자들에게 보상되어야 한다. 다음 블록에 대한 서명자 그룹은 이제 새로운 그룹으로 변화하고, 그들은 다음 블록을 위조된 것에 서명해야 한다. 거래들은 변화하지 않기 때문에 후속 블록들은 같은 서명자 그룹들에 의해 서명되고, 그들은 새로운 서명으로부터 추가 수입을 얻지 않는다. 이제, 후속 블록들에 대한 공모 서명자들은 중복 서명 행위라는 것을 알면서 같은 블록에 또 다시 서명하라는 요청을 받는다. 이때, 공모 서명자들은 공모에 참여할지 말지 선택해야 한다. 공모 서명자들은 두 가지를 고려한다. 하나는 네트워크 노드들에 의해 이중 서명 행위로 당국에 신고될 가능성이 높다는 점이다. 다른 하나는 공모 서명자들이 이중 서명 행위가 거래 비용을 얻을 기회를 잃게 만들 수 있다는 점을 공모 서명자들이 알고 있다는 것이다. 이는 공모 서명자들이 서명한 종전 체인이 공모 서명자들이 공모하려는 후속 체인보다 거래 비용을 벌어들일 더 많은 가능성을 갖기 때문이다. 요약하면, 공모 서명자가 얻을 수 있는 지분은,

와 같이 계산될 수 있으며, 거래 비용은

와 같이 얻어질 수 있다.The third device is that the incentives given to each competition signer are less than the transaction cost. Let F % be the transaction cost and TA is the maximum limit per block. In addition, a single transaction is limited to less than M % of TA . Also,

Let and R be the signer group size for the block and the number of blocks for confirmation, respectively. Number of signers

Is determined by the network speed, and R is determined by the network distance. For clarity, suppose S is the average number of signers for a block. At this point, the best scenario for an attacker is to forge a block that has just been established because only the minimum number of blocks needs to be re-signed. The attacker falsifies the block so that his trade in money consumption is eliminated. The forged block loses M x TA transactions for the attacker's double payment, so M x F x TA must be compensated to the collusion signers of the forged block. The signer group for the next block now changes to the new group, and they must sign the next block forged. Since the transactions do not change, subsequent blocks are signed by the same signer groups, and they do not get additional income from the new signature. Now, collusion signers for subsequent blocks are asked to sign the same block again, knowing that it is a duplicate signing action. At this time, contest signers must choose whether or not to participate in the contest. Competition signers consider two things. One is that network nodes are likely to be notified to the authorities for double signing. The other is that the competition signers know that the signing of the competition can lead to the loss of the opportunity to obtain a transaction cost. This is because previous chains signed by competition signers have a greater chance of earning transaction costs than subsequent chains. In summary, the stake that can be obtained by the signatory of the competition is

Can be calculated as

Can be obtained as

를

와 비교할 것이다. 간단한 대수에 의해,

가 얻어질 수 있다. 즉, F가

이상일 때, 서명자는 공모에 참여하지 않고, 정직하게 행동할 것이다. M = 10%이고, R = 10으로 설정한다면, F를 1% 미만으로 설정할 수 있다. 이는 블록 상 단일한 거래의 최대 부분이 10%로 제한되고, 그 블록을 포함하는 10개의 블록이 더해진 후에 하나의 블록이 확인된다면, 거래 비용 1%가 공모 공격을 방지하기에 충분하다는 것을 의미한다.Therefore, the signer

To

Will be compared with By simple algebra,

Can be obtained. That is, F

In this case, the signer will not participate in the contest and will act honestly. If M = 10% and R = 10, then F can be set to less than 1%. This means that if the maximum portion of a single transaction on a block is limited to 10% and one block is identified after the 10 blocks containing that block have been added, then 1% of the transaction cost is sufficient to prevent collusion attacks. .

보다 높게 설정되어야 한다.As a fourth device, rewards and fines can be considered. In order to protect the network, embodiments of the present invention may introduce a penalty to the notifier of the double payer and a penalty for the attacker. Considering that it must be publicly advertised and recruit signers to conspiracy, if the fines are greater than the benefits of counterfeiting, a potential attacker will rarely try to forge a book. Any signer is more likely to report a double payer because the reward is set higher than the equity that can be obtained when conspiring against illegal counterfeiting. To this end, rewards and fines

Should be set higher.

For the last device, the incentive given by the attack may be limited by system policy that sets the maximum transaction value (eg, 10% of the total in the block). If the price of a transaction is high, the transaction must be broken up into many smaller transactions to prevent attacks. In doing so, the maximum profits of the conspirators are limited. By setting the TA small for each block, the incentives for attackers are reduced. For example, if you set TA to USD 10,000 and S to 10, respectively, considering R = 10, M = 10% and F = 1%, the maximum profit for each conspirator is only USD 9.9. USD 9.9 will not be enough to engage in crime in a fully traceable network.

As such, block counterfeiting must be publicly advertised by counterfeiters to attract conspirators and less incentives because equity is less than costs, rewards and fines.

6. Other

6.1. Size scalability by local blockchains and interpolation

For the scalability of the PoP chain, every regional area has its own local blockchain. All transactions occurring within the area are processed as described above. On the other hand, we can consider the case where a transaction occurs between two local blockchains. For example, if A (hereinafter 'A @ Orlando') on a local chain in Orlando wants to send USD 5 to B (hereafter 'B @ Fairfax) on a local chain in Fairfax May be considered. The transaction "A @ Orlando sends USD 5 to B @ Fairfax" can be verified for the first time by checking the balance and processed on the local chain at Fairfax. Therefore, the cost between transactions will be higher than the cost of processing transactions internally as it involves more mergers and signers. When B @ Fairfax wants to send some money to C ('C @ Boston') on a local chain in Boston, the balance of B @ Fairfax will be first validated on the local chain in Fairfax. Can be.

Localization of chains and interoperability between chains makes the books manageable in terms of size and speed. One local chain does not delay transaction processing because of the size of the transaction, the size of the book does not increase rapidly, and only has local transaction records. Even keeping the books small, interoperability allows transactions between chains.

6.2. Time scalability to move all balances to new chain

By interoperability between chains, the system according to embodiments of the present invention can be extended in time. A new chain is created, which can be advertised not to use the old chain, and all balances on the old chain can be transferred to the new chain. At this time, the old chain may be kept in the repository of peers (full nodes). If all balances do not move to the new chain and later a transaction request on the old chain occurs, the archived chain can still be used to move to the new chain.

6.3. Privacy for amount

Multiple addresses can be used to separate transactions from privacy techniques for amounts to make tracking difficult.

6.4. Balance based ledger

The balance of each account as well as the transaction records can be stored in the book to make account balance confirmation faster.

6.5. Receipt on blockchain

Instead of storing only property movement information, we can store contextual information to make it possible to realize on the chain an unacceptable online receipt. To save the storage of the ledger and to better protect the privacy, only the hash value of the transaction is stored in the book but the unique transaction information is stored separately by the bank.

6.6. Transaction with conventional bank

When consumers transfer a certain amount of money from a conventional bank account (T) to our p2p bank account (P), the balance in T is reduced and a transaction is created indicating transfer from T to P. When the block containing the transaction is successfully connected to the blockchain, the transaction processing is completed. The transaction from P to T can be handled similarly by adjusting the balances in both accounts.

6.7. International money transfer

Clearly, it is possible to transfer money internationally from an account in one chain to a chain in another country. By applying exchange rates, recording preferred transactions in the source chain and recording them in the destination chain using local chain interaction procedures completes international remittances.

7. Differences from existing cryptocurrency technologies

7.1. Fully traceable real name online financial platform

The blockchain according to embodiments of the present invention is executed and used by users (nodes) identified with real names, so that all transactions are traceable when given a pseudonym and real name mapping table. This will ease the development of books by resolving government concerns about tax avoidance and money laundering.

7.2. True decentralization

It is more democratic compared to PoW and PoS in that one user can cast one vote. In anonymous networks using PoW or PoS, large computing power owners or high- stake owners can vote more than others. More democratic in this sense means a lot. For example, more democratic can mean better security, fairness and democratic control of the network. Currently PoW / PoS networks require decentralization but they are actually centralized by high hash capability groups, large cryptocurrency exchanges and developers. On the other hand, PoP according to embodiments of the present invention can provide decentralization rather than cryptocurrency, PoW, PoS.

7.3. In addition, PoP can provide higher security with the possibility of retrograde or counterfeiting.

7.4. High transaction processing speed

In terms of transaction throughput and energy consumption, PoP is better than PoW. This is because PoP does not cause any huge calculations for transaction processing. As a result, PoP networks are more scalable than PoW networks because of the order of magnitude of the faster processing speed. At present, the processing speed of Bitcoin network is only 7 Transactions Per Second (TPS).

7.5. Protocol for real money

In current cryptocurrency networks, rewards are given in cryptocurrencies within the network, and transactions are only cryptocurrencies. This recursive use inside the network causes a separation between cryptocurrency and real world values. It does not provide any criteria for the real world value of cryptocurrencies, but it destabilizes the value of cryptocurrencies' assets. The value entangled between the real currency (eg USD) and the cryptocurrency only arises in the cryptocurrency exchange market. Problems arise in the current trading market because those are the only places where the market value of the cryptocurrency is determined and there is no basis (or anchor) for that value. Instability on the exchange and recursive use of cryptocurrency trading prevents cryptocurrencies from serving as real world currencies. PoP-based p2p banks deal with real money transfers instead of cryptocurrencies, so transaction costs are given in real money. Overall, the protocol for p2p banks works for real financial systems, not virtually opened financial systems.

7.5. Digital signature

For PoP networks, any secure (EU-CMA secure) digital signature can be used simultaneously on platforms such as RSA-OAEP, ECDSA, DSA, pairing based signatures, and the like. If network bandwidth is not sufficient, an aggregate signature can be used to compress multiple signatures.

7.6. Other applications

It can be handled for any form of transactions as well as for money transfers. For example, cryptocurrencies can be handled on PoP networks. Book sales records, music / song sales records may be stored in the book to make business processing transparent.

5 is a diagram illustrating an example of an operating environment of a network system according to an embodiment of the present invention. 5 illustrates a financial platform 510, a plurality of signer nodes 510 and a plurality of merger nodes 530. At this time, the financial platform 510, each of the plurality of signer nodes 510, and each of the plurality of merger nodes 530 may be physical, for example, the computer device 600 described below with reference to FIG. 6. It may be implemented as a hardware device, or in some embodiments, two or more computer devices may be implemented in a combined form.

The financial platform 510 may correspond to the p2p bank described above, and may provide a user identifier on the network by authenticating the identity with a real name for each of the plurality of users who want to enter the network.

Each of the plurality of merger nodes 520 collects and merges information about transactions between users to generate a transaction block, and understands the signers for the generated transaction block, the transaction that the generated transaction block includes. Regardless of the relationship, you can select based on the transaction of the last completed block of the signed blockchain, receive signatures on the created transaction blocks of the selected signers, and attempt to add the generated transaction blocks to the signed blockchain. have. Each of the plurality of merger nodes 520 may correspond to the terminal of the merger described above.

Each of the plurality of signer nodes 530 verifies the validity of the transaction block generated in each of the plurality of merger nodes 520 according to a request from each of the plurality of merger nodes 520, The trading block can be signed. Each of the plurality of signer nodes 530 may correspond to the terminal of the signer described above.

In this case, the financial platform 510, each of the plurality of signer nodes 510, and each of the plurality of merger nodes 520 may communicate with each other through the network 540 shown in FIG. 5.

As already explained, when a transaction occurs from A to B, the transaction record, including the amount of money, date / time, transaction purpose and their IDs, is signed using A and B's private signature keys and is either A or B Sent by the sender to the mergers. Mergers are selected by the sender according to the rank of the mergers profiled in the wallet.

In this case, the plurality of merger nodes 520 may correspond to terminals of the selected mergers, and the plurality of merger nodes 520 may correspond to transaction blocks signed from the plurality of signer nodes 530. As each is broadcast by the merger nodes, the validity of the signed transaction blocks can be verified and the addition of the validated signed transaction blocks to the signed blockchain can be approved. As already explained, the PoP network selects and realizes a new blockchain according to the cumulative number of people who support the block (the number of signatures). At this time, since the number of accumulated people is the same for the blockchain determined before the new block, a new blockchain may be selected according to the number of transaction blocks newly added to the blockchain. Each of the plurality of signer nodes 530 can validate the new trading blocks that are broadcast and approve adding the validated signed trading blocks to the blockchain, where the Transactions with the highest cumulative number of people (signatures) that support the addition of the trading block with the highest cumulative number of signatures (signatures) or new blockchains that have added validated trading blocks. You can select the blockchain to which the block is added.

On the other hand, each of the plurality of merger nodes 520 has as input, but unpredictable (random) according to the input information about the transactions contained in the previous trading block of the trading block to add to the signed blockchain Generate a hash value that is output through a function whose output is deterministic, select the signers for the transaction block you want to add based on the generated hash value, add them to the signer nodes corresponding to the selected signers, You can request a signature for your transaction block.

In this case, each of the plurality of signer nodes 530 manages the block identifier of the transaction block signed by it and issues a signature request for the transaction block generated before the last signed transaction block in the signed blockchain is completed. You can refuse. In addition, each of the plurality of signer nodes 530 ignores the signing request for another transaction block that includes information about transactions on the transaction block that it has already signed, and sends information about the disregarding the signature request to another transaction block. The merger node corresponding to the message may be notified. In addition, each of the plurality of signer nodes 530 reports a signing request to the financial platform 510 for a block that contains a transaction that does not match the signed one, and identifies the merger's identifier and the mismatched transaction according to the signature request. The identifier of the sender of may be broadcast on the network.

6 is a diagram illustrating an example of an internal configuration of a computer device according to one embodiment of the present invention. As described above, the financial platform 510, each of the plurality of signer nodes 510, and each of the plurality of merger nodes 530 may be physical hardware devices, such as the computer device 600 of FIG. 6. In some implementations, two or more computer devices may be implemented in a combined form.

As illustrated in FIG. 6, the computer device 600 may include a memory 610, a processor 620, a communication interface 630, and an input / output interface 640. The memory 610 may be a computer-readable recording medium, and may include a permanent mass storage device such as random access memory (RAM), read only memory (ROM), and a disk drive. In this case, the non-volatile mass storage device such as a ROM and a disk drive may be included in the computer device 600 as a separate permanent storage device separate from the memory 610. In addition, the memory 610 may store an operating system and at least one program code. These software components may be loaded into the memory 610 from a computer-readable recording medium separate from the memory 610. Such a separate computer-readable recording medium may include a computer-readable recording medium such as a floppy drive, disk, tape, DVD / CD-ROM drive, memory card, and the like. In other embodiments, the software components may be loaded into the memory 610 via the communication interface 630 rather than a computer readable recording medium. For example, software components may be loaded into memory 610 of computer device 600 based on a computer program installed by files received via network 540.

The processor 620 may be configured to process instructions of a computer program by performing basic arithmetic, logic, and input / output operations. The instructions may be provided to the processor 620 by the memory 610 or the communication interface 630. For example, the processor 620 may be configured to execute a command received according to a program code stored in a recording device such as the memory 610.

The communication interface 630 may provide a function for the computer device 600 to communicate with other devices (eg, storage devices described above) via the network 540. For example, a request, a command, data, a file, etc. generated by the processor 620 of the computer device 600 according to a program code stored in a recording device such as the memory 610 may be controlled according to the control of the communication interface 630. 540 may be passed to other devices. Conversely, signals, commands, data, files, and the like from other devices may be received by the computer device 600 via the network 540 via the communication interface 630 of the computer device 600. Signals, commands, data, and the like, received through the communication interface 630 may be transmitted to the processor 620 or the memory 610, and the files and the like may be further included in the storage medium (described above). Persistent storage).

The input / output interface 640 may be a means for interfacing with the input / output device 650. For example, the input device may include a device such as a microphone, a keyboard or a mouse, and the output device may include a device such as a display or a speaker. As another example, the input / output interface 640 may be a means for interfacing with a device in which functions for input and output are integrated into one, such as a touch screen. The input / output device 650 may be configured as a computer device 600 and one device.

Further, in other embodiments, the computer device 600 may include fewer or more components than the components of FIG. 6. However, there is no need to clearly show most prior art components. For example, computer device 600 may be implemented to include at least some of the input and output devices 650 described above, or may further include other components, such as a transceiver, a database, and the like.

7 is a flowchart illustrating an example of a signature method in an embodiment of the present invention. The signature method according to the present embodiment may be performed by the computer device 600 implementing the terminal of the signer described above. For example, the processor 620 of the computer device 600 may be implemented to execute a control instruction according to a code of an operating system included in the memory 610 or a code of at least one program. Here, the processor 620 may perform the steps 710 to 730 included in the method of FIG. 7 according to a control command provided by a code stored in the computer device 600. Can be controlled.

In operation 710, the computer device 600 receives a signature request for a transaction block generated by the merger node through a network from a merger node on a network whose identity is authenticated with a real name for a plurality of users to enter. can do. Here, the computer device 600 may correspond to a terminal of a user selected as a signer among a plurality of users, and the merger node may also correspond to a terminal of a user selected as a merger among a plurality of users. At this time, the signature request may be sent by the merger node to the signer nodes on the network selected based on the hash value, where the hash value inputs information about transactions included in the last transaction block of the signed blockchain. Since it is arbitrary and unpredictable but deterministic, it can be output through a function whose output is determined according to the input.

In operation 720, the computer device 600 may verify the validity of the transaction block for which the signature is requested. Since the signer checks the validity of the transaction block several times, repeated descriptions are omitted.

In operation 730, the computer device 600 may sign a valid transaction block. At this time, the computer device 600 may transmit the signed transaction block to the merger node. Operation at the merger node will be described with reference to FIG. 8.

8 is a flowchart illustrating an example of a method for adding a transaction block according to an embodiment of the present invention. The transaction block adding method according to the present embodiment may be performed by the computer device 600 implementing the terminal of the merger described above. For example, the processor 620 of the computer device 600 may be implemented to execute a control instruction according to a code of an operating system or a code of at least one program included in the memory 610. Here, the processor 620 is a computer device 600 such that the computer device 600 performs the steps 810 to 850 included in the method of FIG. 8 according to a control command provided by a code stored in the computer device 600. Can be controlled.

In operation 810, the computer device 600 may collect information about a transaction between users through a network whose identity is authenticated using a real name for a plurality of users to enter. For example, when a transaction occurs from user A to user B, the transaction record, including the amount of money, the date / time, the purpose of the transaction, and their IDs (user A and user B), is the user's private signature key and user B It can be signed using the private signature key of and sent to the mergers by either the user A or the user B (the sender). In this embodiment, the computer device 600 may be a terminal of one of these mergers, and may collect information about transactions between users as in step 810.

In operation 820, the computer device 600 may generate a transaction block by merging the information about the collected transactions. The transaction block may include information about the transaction (transaction record in the previous example) received from at least one sender.

In step 830, the computer device 600 selects the signers for the generated transaction block based on the transaction of the last completed block of the signed blockchain, regardless of the interest in the transaction that the generated transaction block includes. Can be. For example, in FIG. 3, the new block 111 is obtained through a hash value calculated using a hash function having, as input parameters, transactions 310, 320, and 330 included in the previous block 112 of the new block 111. An example in which signers 370 are selected for the above has been described.

In operation 840, the computer device 600 may request a signature for the generated transaction block of the selected signers. At this time, each of the signers receives the signature request through the steps 710 to 730 described with reference to FIG. 7, confirms the validity of the transaction block, and signs the valid transaction block according to the embodiment of FIG. 8. 600 may be transmitted to the merger node.

In step 850, the computer device 600 may send the signed transaction block to a plurality of aggregator nodes on the network to add the signed transaction block from the signers to the signed blockchain. At this time, as described above, each of the plurality of merger nodes may confirm the validity of the signed transaction block and approve the addition of the validated signed transaction block to the signed block chain. In this case, as described above, the cumulative number of people who support the trading block (the number of signatures) approves the addition of the largest trading block or supports the trading block among the new blockchains with the added valid trading blocks. You can choose a blockchain with the largest number of trading blocks (signature) added.

5 to 8 may refer to the foregoing descriptions, and the effects of the network system, the signature method, and the transaction block generation method have been described in detail above.

8. Dynamic time delay based chain connection method and system in PoP based blockchain

As described above, in a PoP (Proof of Population) -based blockchain, it is possible to select a chain having the largest result of a score function (for example, the function of Equation 1 described above) while satisfying the minimum number of signers. The score function has many parameters, such as the number of signers, the Hamming distance of the nearest signer, and the block creation time. In a basic design, the number of signers who sign a block and how fast the chain connects is not important. Therefore, when a block with a very high score is added, even if it is slow, all the previously agreed blocks may be canceled, causing more soft forks, delaying the final agreement, and delaying the blockchain. There is a risk of impairing the stability.

To solve this problem, a block can be forced to be created within a certain time, or a chain can be selected based on a score at a specific time rather than the order of the block. In the former case, an empty transaction should be allowed when there is no actual transaction occurring in the real world. In the latter case, an attempt can be made to increase the score by simply connecting blocks without collecting transaction requests. If a newly generated coin is more expensive than a transaction processing fee every time a block is generated, there is a possibility of disturbing the blockchain, and a countermeasure for this is required.

Also, if any few mergers manage more signers, it is difficult to prevent the situation where a few mergers monopolize the network, since higher scores and faster block concatenation are possible. The low threshold effect on the merger somewhat mitigates this, but it is similar to the situation where a few miners monopolize the network in PoW (Proof of Work) or PoS (Proof of Stake).

In the following, embodiments are provided to mitigate these problems by providing a block generation delay time.

In a block chain, when a plurality of blocks that can be the next block of the previous block exist simultaneously and compete, that is, when a soft fork occurs, the chain in which the block is generated may be selected as soon as possible. In the previous several stages of the blockchain, the propagation time between nodes participating in the blockchain can lead to a plurality of different chains. 9 is a diagram illustrating a soft fork and an example of a block in a block chain. In this case, among the plurality of different chains, as the time passes, the block of the chain to which the block is connected faster may be determined. For this reason, in blockchains such as Bitcoin, the contents recorded in the block in which the first soft fork occurred when 6 to 7 or more blocks are connected are confirmed.

The present embodiment provides a method for resolving a contention chain in a block chain based on a PoP (Proof of Population) by defining a chain connection rule of a block. All nodes (signers, mergers, general users) participating in the blockchain network according to the present embodiment can all be synchronized with a low error rate. Today's computing environment can synchronize in minutes, even seconds or late.

1) basic operation

10 is a flowchart illustrating an example of a block validation process according to an embodiment of the present invention. 10 illustrates an example of a block validation process when a node participating in a blockchain network receives a block containing transactions and signatures from an external consolidator. Such a node may be implemented with the computer device 600 of FIG. 6 described above.

In step 1010, the node may receive a block. The node may receive the block generated by the merger of the blockchain network, and may verify the time order, validity, and signature for the received block as follows.

In step 1020, the node may verify the time order. Verification of the time sequence is described in more detail later.

In step 1030, the node may perform step 1040 if the time order is correct, and reject the received block if the time order is incorrect.

In step 1040, the node may validate the blocks received in all chains. In this case, the node may further verify the validity of the dynamic delay time as well as the validity of the transaction. The dynamic delay time is calculated to limit the merger to generate another block within the dynamic delay time from the creation time of the previous block. The node calculates the dynamic delay time for the received block so that the merger calculates the dynamic delay time. By determining whether or not the received block has been generated, the validity of the dynamic delay time of the received block can be verified.

In step 1050, the node may perform step 1060 if the chain is valid for the transaction, and may reject the received block if the chain is not valid.

In step 1060, the node may verify the signature of the received block.

In step 1070, the node may begin processing the received block if the signature is correct and may reject the received block if the signature is incorrect.

11 is a flowchart illustrating an example of a process of processing a validated block according to an embodiment of the present invention. 11 illustrates an example of a process in which a node participating in a blockchain network connects a block validated to a chain. Such a node may also be implemented with the computer device 600 of FIG. 6 described above.

In operation 1110, the node may perform operation 1120 when a new block exists and terminate the processing of the block when the new block does not exist.

In step 1120, the node may connect the block to the chain.

In operation 1130, the node may perform operation 1140 when m or more blocks are connected to the chain from the soft fork, and terminate the processing of the blocks when the m or more blocks are not connected.

In step 1140, the node may delete the chain to which fewer than m blocks are connected from the soft fork. For example, a node may store and manage information on a plurality of different chains that exist separately by soft forks in a repository, and validate the received block to each of the plurality of different chains. Can connect In this case, if there are chains connected by m or more blocks from the soft fork, the chains may be deleted by deleting information on the remaining chains (chains connected by less than m blocks from the soft fork) from the storage. .

As such, the node may connect a block validated in FIG. 10 to a chain known to the node in FIG. 11. In this case, a plurality of chains may exist at the same time by the soft fork, and if a node has a chain of more than a certain length (chain connected with m or more blocks from the soft fork), the remaining chains (less than m blocks from the soft fork are connected) And all blocks connected to the chains can be deleted.

2) Dynamic time delay of block generation

When a merger collects a transaction (and the corresponding user's signature), sends it to the signers, generates a merge signature after receiving a signature from the signers, in this embodiment, there is a delay to allow the merger to keep transactions and signatures. Can be. The block generation delay time can be evaluated fairly by the participants of other blockchains, and blocks that do not keep the delay time can be rejected. The merger may not generate the block within the dynamic delay time t _i generated by Equation 2 below from the generation time of the previous block. The determination of whether the merger has kept the dynamic delay time for the block may be processed at step 1040 described above with reference to FIG. 10.

The argument i can mean the order of the blocks, j can be the order of the signers, and k can be the order of the mergers. Where t is the delay time, δ is the fixed latency for network propagation and transaction collection, S is the number of signers involved in the signature, and Δ is the signature of the current block from the optimal signer IDs computed from the previous block. Θ may mean a distance from the best merger ID calculated from the previous block to the IDs of the mergers participating in the signature of the current block. D may represent a difficulty variable considering a network situation, B may represent a difficulty variable considering a block merging situation, and a function exp () may mean an exponential function having an arbitrary base.

Although the above-described PoP-based blockchain is designed such that the score increases as the number of signers participating in the generation of blocks increases, and only the minimum number of signers is defined, in this embodiment, the number of signers S for generating one block can be fixed. have. Δ and Θ are distance functions that measure the quality of the mergers and the signers participating in the generation of the block, and the smaller the smaller, the higher the quality of the mergers and the signers. In addition, in the above-described PoP-based blockchain, the quality of the signer is measured by using a hamming distance, but in the present embodiments, a distance function of two general vectors, such as Euclidean distance and Manhattan distance, may be used. For the distance Δ , the delay time t can increase exponentially. In other words, the closer the signers are, the closer they are (ie, the higher the quality), the lower the latency and the faster the block can be created. In addition, the delay time t increases exponentially with respect to the distance Θ . In other words, the closer the mergers are, the closer they are (i.e. the higher the quality), the lower the latency and the faster the block can be created. Of course, in addition to the exponential function, a linear increase or a step increase function may be used instead.

In one example, a node that receives a block and validates the received block is a distance function of the distance between the IDs of the best signers for the next block calculated from the previous block and the IDs of the actual signers participating in the signature of the received block. Calculate the dynamic delay time to be proportional to the calculated distance exponentially, linearly or stepwise. As another example, the node calculates the distance between the ID of the best merger for the next block calculated from the previous block and the ID of the actual merger participating in the signature of the received block through the distance function, and calculates the calculated distance and the exponential, linear The dynamic delay time can be calculated to be proportional to the product in steps or steps. In this case, according to an embodiment, the node may calculate the dynamic delay time to be exponentially, linearly or stepwise proportional to the product of the difficulty variable and the calculated distance determined based on the block generation frequency of the actual merger.

Equation 2 described above is as if there is a constant delay per signer. As the number of signers increases, the latency increases, which is disadvantageous for the merger who wants to generate blocks quickly. The merger selects the lowest latency signers (that is, the ones with the highest quality) from Equation 2 in its own signer cache pool, requests a signature, and merges them to create a block. can do. If signers with high enough quality are not in their signer cache pool, they can find a signer outside the cache pool and request a signature.

If a merger has to have too much mandatory delay when creating a block, the merger may give up creating the block.

Finally, the chain of faster generated blocks becomes a set signed by higher quality mergers and signers.

3) Variable Selection

The distance Δ between the signer's identity from the original signer's ID for the selected block from the next previous block can be measured by means of the quality of the signer uses a different distance functions. The quality of the actual signers depends on which distance function and ID to measure with which vector. For example, if the signer ID is interpreted as a binary vector (for example, {0, 1} ³² when the ID is 32 bits) and the Hamming distance is measured, the signer at the same distance as the reference signer ID It becomes innumerable. On the contrary, if the signer ID is interpreted as a hexadecimal vector (for example, {0, 1, 2, ..., 15} ⁸ when the ID is 32 bits), there are fewer signers at the same distance than the binary vector. If you interpret the Euclidean distance by interpreting it as a ³² hexadecimal vector (that is, seeing the entire ID as a single number), there will be two IDs for the signer at a certain distance. If it is measured with Hamming distance, it is calculated as 1 only for exact match and 0 for all others. If there are too many or fewer signers to choose from, you may need to change the criteria for interpreting the signer's identity or use the appropriate distance function accordingly.

Difficulty variables D and B may be determined based on the state of the final number of blocks from the earliest block to m previous blocks based on finalization (eg 1000) and the difference between the last block generation time and the current time. . If the block generation delay time is relatively long, D is reduced and the block generation delay time is shortened to enable fast block generation. However, if the block generation delay time is too short, D may increase to increase the block generation delay time. This can increase the blockchain's security by allowing lower quality signers to sign the merger in a time-consuming problem between signers and mergers and in environments where signers are difficult to collect. For example, the node receiving the block and validating the received block may calculate the dynamic delay time so that the dynamic delay time increases as the difficulty variable D determined based on the difference between the creation time and the current time of the final block increases. have.

In addition, if a merger generates blocks with too many frequencies, the corresponding B is increased to increase the block generation delay time, and conversely, B is decreased to reduce the block generation delay time. In addition, it is possible to force a merger to not create another block until a block generated by one merger is confirmed and a certain number of blocks (which can be zero) are further connected to the chain. In this case, if the block is discarded before it is confirmed, the merger can immediately create a new block. This prevents a small number of consolidators from managing the cache pool of many signers and monopolizing the benefits resulting from block generation. In this case, the quality of the merger is affected by the block generation frequency.

The number of signers S can also be linked to the difficulty variable D. If the number of signers is not enough and no block is generated despite the relatively short block generation delay time, it is necessary to reduce the number of signers required. If D is gradually lowered from the last block generation time, and D is gradually lowered, and eventually the block is not generated even when the minimum value is reached, S can be gradually reduced to reduce the burden of signer recruitment. On the contrary, if the block generation delay time is not reduced even though D reaches the maximum value, it means that the signer is sufficient for the network, so that S may be gradually increased for higher security.

4) Validation of the block

In order to check whether a block is valid, in this embodiment, as described with reference to FIG. 9, time order, delay time, and validity of a transaction (such as remaining balance) may be checked. Validation of transactions follows the method used in the existing blockchain.

The node receiving the block knows the current time. If a block of the signature generation time of the signer and the merge signature time of the merger arrives by ε earlier than the current time, the block may be rejected. ε can be defined as a few seconds as expected error of time synchronization. In addition, the signature generation time of the signer must be faster than the merge signature time of the merger. Otherwise, the block may be rejected.

If the order of creation time of the blocks is correct, the blocks must be validated. In addition to validating transactions as a method used in the existing blockchain, it is necessary to check whether the block has kept the block generation delay time (dynamic delay time described by Equation 2). If there is a problem with the validity of the transaction, or if the block creation delay time is faster than that obtained through the formula, the block may be rejected. The variables that determine the time delay can be set differently in the contention chain where the softfork occurs. Some variables are determined by time and some variables are determined by chain sequence. The block created by the merger must always explicitly specify the previous block, so that nodes can check each delay through the determined chain and the current time.

If there is no problem with all the above-described procedures, the node can verify the signatures contained in the block. If the block contains the signature of the signer contained in the revocation list (RL) or if the signature itself is incorrect, the block may be rejected.

5) Blockchain Connection

If there is no problem, the node can connect the block to its own chain and manage the soft fork of the chain. This process has been described above with reference to FIG. 2.

As described above, according to the embodiments of the present invention, in a Proof of Population (PoP) -based blockchain network, by defining a chain linking rule of a block that prevents a merger from generating a block within a dynamic delay time from a generation time of a previous block, Can handle contention chains in the underlying blockchain.

The system or apparatus described above may be implemented as a hardware component or a combination of hardware components and software components. For example, the devices and components described in the embodiments are, for example, processors, controllers, arithmetic logic units (ALUs), digital signal processors, microcomputers, field programmable gate arrays (FPGAs). May be implemented using one or more general purpose or special purpose computers, such as a programmable logic unit (PLU), a microprocessor, or any other device capable of executing and responding to instructions. The processing device may execute an operating system (OS) and one or more software applications running on the operating system. The processing device may also access, store, manipulate, process, and generate data in response to the execution of the software. For the convenience of understanding, the processing apparatus may be described as one used, but those skilled in the art will appreciate that the processing apparatus includes a plurality of processing elements and / or a plurality of types of processing elements. It can be seen that it may include. For example, the processing device may include a plurality of processors or one processor and one controller. In addition, other processing configurations are possible, such as parallel processors.

The software may include a computer program, code, instructions, or a combination of one or more of the above, and may configure the processing device to operate as desired, or process independently or collectively. You can command the device. Software and / or data may be any type of machine, component, physical device, virtual equipment, computer storage medium or device in order to be interpreted by or to provide instructions or data to the processing device. It can be embodied in. The software may be distributed over networked computer systems so that they may be stored or executed in a distributed manner. Software and data may be stored on one or more computer readable media.

The method according to the embodiment may be embodied in the form of program instructions that can be executed by various computer means and recorded in a computer readable medium. The computer readable medium may include program instructions, data files, data structures, and the like, alone or in combination. The medium may be to continue to store a computer executable program, or to temporarily store for execution or download. In addition, the medium may be a variety of recording means or storage means in the form of a single or several hardware combined, not limited to a medium directly connected to any computer system, it may be distributed on the network. Examples of media include magnetic media such as hard disks, floppy disks and magnetic tape, optical recording media such as CD-ROMs and DVDs, magneto-optical media such as floptical disks, And ROM, RAM, flash memory, and the like, configured to store program instructions. In addition, examples of another medium may include a recording medium or a storage medium managed by an app store that distributes an application, a site that supplies or distributes various software, a server, or the like. Examples of program instructions include not only machine code generated by a compiler, but also high-level language code that can be executed by a computer using an interpreter or the like.

Although the embodiments have been described by the limited embodiments and the drawings as described above, various modifications and variations are possible to those skilled in the art from the above description. For example, the described techniques may be performed in a different order than the described method, and / or components of the described systems, structures, devices, circuits, etc. may be combined or combined in a different manner than the described method, or other components. Or even if replaced or substituted by equivalents, an appropriate result can be achieved.

Therefore, other implementations, other embodiments, and equivalents to the claims are within the scope of the following claims.

Claims (10)

In the method of chaining nodes participating in a blockchain network,
Receiving a block generated by an amalgamator of the blockchain network;
Calculating a dynamic delay time for the received block; And
Validating the received block by comparing a difference between the generation time of the previous block generated by the merger and the generation time of the received block and the dynamic delay time;
Including,
Validating the step,
And verifying validity of a time sequence of the received block, validity of a transaction included in the received block, and validity of a signature included in the received block. delete The method of claim 1,
Computing the dynamic delay time,
The distance between the ID of the best merger for the next block calculated from the previous block and the ID of the actual merger participating in the signature of the received block is calculated through a distance function, and the calculated distance and exponential, linear or stepwise. And calculating the dynamic delay time to be proportional to n. The method of claim 3,
Computing the dynamic delay time,
And calculating the dynamic delay time so as to be exponentially, linearly or stepwise proportional to the product of the difficulty variable and the calculated distance determined based on the block generation frequency of the actual merger. The method of claim 1,
Computing the dynamic delay time,
And calculating the dynamic delay time such that the dynamic delay time increases as the difficulty variable determined based on a difference between a generation time of a final block and a current time increases. The method of claim 1,
Computing the dynamic delay time,
The distance between the IDs of the optimal signers for the next block calculated from the previous block and the IDs of the actual signers participating in the signature of the received block is calculated through a distance function, and the calculated distance and exponential and linear Or calculating the dynamic delay time to be proportional to each other. The method of claim 1,
Connecting the validated block to each of a plurality of different chains separated by soft forks
Chain connection method further comprising a. The method of claim 7, wherein
When the valid block is connected and there is a chain in which m or more blocks are connected from the soft fork (m is a natural number of 2 or more), a chain of less than m blocks are connected from the soft fork among the plurality of different chains. Steps to delete
Chain connection method further comprising a. A computer program stored in a computer readable recording medium in combination with a computer for executing the method of any one of claims 1 and 3 to the computer. A computer-readable recording medium having recorded thereon a computer program for causing a computer to execute the method of claim 1.

Images