US20220129893A1 - Computer-implemented systems and methods for implementing transfers over a blockchain network - Google Patents
Computer-implemented systems and methods for implementing transfers over a blockchain network Download PDFInfo
- Publication number
- US20220129893A1 US20220129893A1 US17/431,109 US202017431109A US2022129893A1 US 20220129893 A1 US20220129893 A1 US 20220129893A1 US 202017431109 A US202017431109 A US 202017431109A US 2022129893 A1 US2022129893 A1 US 2022129893A1
- Authority
- US
- United States
- Prior art keywords
- transaction
- merkle
- bob
- computer
- blockchain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 47
- 238000012546 transfer Methods 0.000 title abstract description 21
- 238000012795 verification Methods 0.000 claims abstract description 28
- 230000008859 change Effects 0.000 claims abstract description 12
- 238000003860 storage Methods 0.000 claims description 23
- 238000004891 communication Methods 0.000 claims description 17
- 230000007246 mechanism Effects 0.000 description 18
- 230000003993 interaction Effects 0.000 description 14
- 238000012545 processing Methods 0.000 description 12
- 230000008569 process Effects 0.000 description 9
- 230000008901 benefit Effects 0.000 description 7
- 230000006870 function Effects 0.000 description 7
- 238000005065 mining Methods 0.000 description 7
- 238000012790 confirmation Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 5
- 238000013515 script Methods 0.000 description 5
- 230000002085 persistent effect Effects 0.000 description 3
- 241000700566 Swinepox virus (STRAIN KASZA) Species 0.000 description 2
- 230000009471 action Effects 0.000 description 2
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000001404 mediated effect Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000010200 validation analysis Methods 0.000 description 2
- 238000010207 Bayesian analysis Methods 0.000 description 1
- RWSOTUBLDIXVET-UHFFFAOYSA-N Dihydrogen sulfide Chemical compound S RWSOTUBLDIXVET-UHFFFAOYSA-N 0.000 description 1
- HEFNNWSXXWATRW-UHFFFAOYSA-N Ibuprofen Chemical compound CC(C)CC1=CC=C(C(C)C(O)=O)C=C1 HEFNNWSXXWATRW-UHFFFAOYSA-N 0.000 description 1
- 241001025261 Neoraja caerulea Species 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000003247 decreasing effect Effects 0.000 description 1
- 230000003111 delayed effect Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000011065 in-situ storage Methods 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/389—Keeping log of transactions for guaranteeing non-repudiation of a transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G06Q20/06—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
- G06Q20/065—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G06Q20/06—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
- G06Q20/065—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
- G06Q20/0658—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash e-cash managed locally
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/22—Payment schemes or models
- G06Q20/223—Payment schemes or models based on the use of peer-to-peer networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
- G06Q20/3678—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes e-cash details, e.g. blinded, divisible or detecting double spending
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3823—Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3827—Use of message hashing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/088—Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3218—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q2220/00—Business processing using cryptography
-
- H04L2209/38—
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Definitions
- This invention relates generally to the communication and transfer of resources via a network, and more particularly to transfers conducted over blockchain networks, and also digital wallets.
- the invention is suited, but not limited to, wallets for processing transfers of cryptocurrencies, tokens and other resources which are implemented on or communicated over a blockchain.
- FIG. 1 shows an illustration of an “offline SPV wallet” in accordance with an embodiment of the disclosure.
- FIG. 2 shows an illustration of an “on- and off-line SPV wallet” in accordance with an embodiment of the disclosure.
- FIG. 3 shows an illustration of a “PoS SPV wallet” in accordance with an embodiment of the disclosure.
- FIG. 4 shows a partial and completed template transaction and the associated Merkle proof in accordance with an embodiment of the disclosure.
- FIG. 5 shows the flow of data and interaction between Alice and Bob when conducting a transaction using a split SPV wallet in accordance with an embodiment of the disclosure.
- FIG. 6 shows a schematic illustration of an embodiment of the disclosure in use.
- FIG. 7 is a schematic diagram illustrates a computing environment in which various embodiments can be implemented.
- FIG. 8 is a schematic diagram showing three transactions and the Merkle paths which can be used to relate them to blocks (headers).
- FIG. 9 illustrates the traditional SPV payment method.
- FIG. 10 shows an illustration of a method in accordance with an embodiment of the disclosure.
- FIG. 11 shows an example of a binary Merkle tree as known in the prior art.
- FIG. 12 shows a Merkle proof-of-existence of a data block D 1 in a tree represented by a root R, using a Merkle path, in accordance with the prior art.
- This invention relates generally to the communication and transfer of resources via a network, and more particularly to transfers conducted over blockchain networks, and also digital wallets.
- the invention is particularly suited, but not limited to, wallets for processing transfers of cryptocurrencies, tokens and other resources which are implemented on or communicated over a blockchain.
- the invention provides apparatus and techniques which provide numerous technical advantages including but not limited to, improving the security, versatility, resilience and efficiency of digital wallets and blockchain-based communications.
- blockchain to include all forms of electronic, computer-based, distributed ledgers. These include consensus-based blockchain and transaction-chain technologies, permissioned and un-permissioned ledgers, shared ledgers and variations thereof.
- the most widely known application of blockchain technology is the Bitcoin ledger, although other blockchain implementations have been proposed and developed. While Bitcoin may be referred to herein for the purpose of convenience and illustration, it should be noted that the invention is not limited to use with the Bitcoin blockchain and alternative blockchain implementations and protocols fall within the scope of the present invention.
- the term “Bitcoin” is used herein to include all variations of protocols or implementations which derive from or implement any variant of the Bitcoin protocol.
- the term “user” may refer herein to a human or a processor-based resource.
- a blockchain is a peer-to-peer, electronic ledger which is implemented as a computer-based decentralised, distributed system made up of blocks which in turn are made up of transactions.
- Each transaction is a data structure that encodes the transfer of control of a digital asset between participants in the blockchain system, and includes at least one input and at least one output.
- Each block contains a hash of the previous block to that blocks become chained together to create a permanent, unalterable record of all transactions which have been written to the blockchain since its inception.
- the header of each block contains a field which provides the Merkle root for that block.
- the Merkle root is generated by repeatedly hashing together pairs of transaction IDs from the block until a single hash is arrived at. This Merkle root provides an efficient mechanism for verifying that a transaction is part of a block because it allows users to verify a particular transaction without downloading the whole blockchain.
- Transactions contain small programs known as scripts embedded into their inputs and outputs, which specify how and by whom the outputs of the transactions can be accessed.
- scripts embedded into their inputs and outputs, which specify how and by whom the outputs of the transactions can be accessed.
- these scripts are written using a stack-based scripting language.
- a transaction in order for a transaction to be written to the blockchain, it must be i) validated by the first node that receives the transaction—if the transaction is validated, the node relays it to the other nodes in the network; and ii) added to a new block built by a miner; and iii) mined, i.e. added to the public ledger of past transactions. (Note: validation as described above should not be confused with the term “verification” as used herein to mean confirming or checking whether a particular transaction has been included in a block on the blockchain).
- a user can transfer control of the associated cryptocurrency to another address associated with an input in another transaction. This is often done using a digital wallet which stores the public and private key pairs associated with the user's cryptocurrency.
- cryptocurrency wallet includes the SPV wallet (Simplified Payment Verification).
- the SPV wallet stores the user's private and public keys, unspent transactions and block headers. It also has the ability to connect to the blockchain network.
- block header is known in the art, and is used to refer to data provided at the top of a block of blockchain transactions.
- the block header uniquely identifies the block so it can be located on the blockchain. It comprises fields of data that provide a unique summary or fingerprint of the entire block's contents.
- the block header includes the Merkle Root, which is a hash of all of the transactions in that block. A user is then able to search the Merkle tree with that root to check (i.e. verify) whether a particular transaction was included in a particular block on the blockchain, without having to download the entire blockchain.
- An advantage of the SPV wallet is that it enables power and storage constrained devices such as phones and laptops to operate within the Bitcoin ecosystem because it only needs to check that a transaction has been verified (hence the name “simplified payment verification”) rather than performing a full check of the blockchain as per other forms of wallet. Since an SPV wallet only downloads block headers without including any of the transactions, this reduces the storage space required from 159 GB (as of November 2018) to 43 MB, and storage requirements will only increase at a constant 4.2 MB per year even as Bitcoins scales.
- Alice wishes to send some cryptocurrency or a tokenised asset/resource to Bob.
- the communication flow between Alice and Bob, when using conventional SPV wallets is as follows:
- the blockchain network acts as an intermediary between Alice's wallet and Bob's wallet.
- this a resource-intensive process, it also requires network connectivity. If the device that the Alice's wallet is running on is offline for some reason, the transfer cannot be completed. Therefore, there are technical challenges including, but not limited to, how to provide methods, systems and devices for implementing a more reliable and efficient mechanism for conducting an electronic transfer from one entity (e.g. computing resource/node/digital wallet) to another.
- the invention may provide or be arranged to facilitate or enable a transfer of an asset (between a transferor and a transferee) on or over a blockchain network.
- the transferor (sender of the asset) may be referred to herein as Alice and the transferee (recipient of the asset) may be referred to as Bob.
- the asset can be or comprise any type of transferrable electronic entity eg a portion of cryptocurrency or a token, or anything else that can be transferred digitally in some way via a blockchain transaction.
- the invention may be arranged to facilitate or enable verification of a blockchain transaction. Preferably, this is an SPV verification.
- the invention may provide a blockchain-implemented Simplified Payment Verification method and corresponding system.
- the resource may be substantially as described herein in relation to Bob, or the sections entitled “PoS SPV Wallet” or “split wallet” provided herein with reference to the relevant figures.
- the resource (and/or the computer implemented resource) may comprise a combination of hardware and software, or may be purely software based.
- the resource may be referred to hereafter as Bob, and the computer implemented resource may be referred to as Alice.
- “Successful verification” may mean that the Merkle proof establishes that the first blockchain transaction is present on the blockchain i.e. has been mined into a block.
- the second transaction may be referred to as a payment transaction for ease of reference. It may comprise at least one further input which spends at least one further unspent output (UTXO 2 ) of the first transaction or an unspent output (UTXO 3 ) of a third transaction.
- the payment transaction that is sent to the blockchain may comprise more than one input. These inputs may spend outputs (UTXOs) from one or more other transactions.
- the phrase “third transaction” as used in the claims should be interpreted as meaning “one or more further transactions” in that the sense that there may be more than one “third transaction”—there may be any number of inputs from any number of transactions into the second transaction.
- Embodiment(s) of the disclosure may comprise the step of verifying a Merkle proof for the third transaction.
- the invention may be arranged to verify a Merkle proof for each transaction that is being used to provide an output (UTXO) for input into the payment transaction.
- the method may further comprise the step of receiving, via an off-chain communication, a Merkle path and/or complete transaction data for the at least one transaction and/or the third transaction.
- off-chain communication may mean that the communication does not involve i.e. go via the blockchain network and/or the blockchain itself
- the method may further comprise the step of storing at least one public key, at least one private key and/or at least one block header.
- the method may further comprise the step of requesting, via an off-chain communication, the Merkle path and/or complete transaction data for the first transaction or third transaction from a computer-based/implemented resource (Alice).
- the request may be made using a transaction template.
- the template may comprise some, but not all, of the information required to form a valid blockchain transaction.
- the computer-based resource may provide the requested data by updating or completing the transaction template.
- the template may also be referred to as an “incomplete (blockchain) transaction”.
- the method may further comprise the step of receiving, via an off-chain communication and from the computer-based resource: the Merkle path and/or complete transaction data for the first transaction or third transaction; a signature for spending at least one unspent blockchain transaction output (UTXO) of the first transaction and/or third transaction.
- the Merkle path and/or complete transaction data for the first transaction or third transaction a signature for spending at least one unspent blockchain transaction output (UTXO) of the first transaction and/or third transaction.
- UXO unspent blockchain transaction output
- the second transaction may further comprise a change address for spending a portion of cryptocurrency to a destination.
- Embodiment(s) of the disclosure also provide a corresponding system. Any feature described in relation to a method of the invention may also apply to an embodiment of the system, and vice versa.
- the system may comprise at least one Simplified Payment Verification wallet.
- Embodiment(s) of the disclosure also provide a non-transitory computer-readable storage medium having stored thereon executable instructions that, as a result of being executed by a processor of a computer system, cause the computer system to at least perform an embodiment of the method as disclosed herein.
- FIG. 1 shows an illustration of an “offline SPV wallet” in accordance with an embodiment of the disclosure.
- FIG. 2 shows an illustration of an “on- and off-line SPV wallet” in accordance with an embodiment of the disclosure.
- FIG. 3 shows an illustration of a “PoS SPV wallet” in accordance with an embodiment of the disclosure.
- FIG. 4 shows a partial and completed template transaction and the associated Merkle proof in accordance with an embodiment of the disclosure.
- FIG. 5 shows the flow of data and interaction between Alice and Bob when conducting a transaction using a split SPV wallet in accordance with an embodiment of the disclosure.
- FIG. 6 shows a schematic illustration of an embodiment of the disclosure in use.
- FIG. 7 is a schematic diagram illustrates a computing environment in which various embodiments can be implemented.
- FIG. 8 is a schematic diagram showing three transactions and the Merkle paths which can be used to relate them to blocks (headers).
- FIG. 9 illustrates the traditional SPV payment method.
- FIG. 10 shows an illustration of a method in accordance with an embodiment of the disclosure.
- FIG. 11 shows an example of a binary Merkle tree as known in the prior art.
- FIG. 12 shows a Merkle proof-of-existence of a data block D 1 in a tree represented by a root R, using a Merkle path, in accordance with the prior art.
- Merkle Trees are hierarchical data structures that enable secure verification of collections of data.
- each node in the tree has been given an index pair (i, j) and is represented as N(i, j).
- the indices i, j are simply numerical labels that are related to a specific position in the tree.
- An important feature of the Merkle tree is that the construction of each of its nodes is governed by the following (simplified) equations:
- the i ⁇ j case corresponds to an internal or parent node, which is generated by recursively hashing and concatenating child nodes until one parent (the Merkle root) is found.
- the node N(1,4) is constructed from the four data packet D 1 , . . . D 4 as
- the primary function of a Merkle tree is to verify that some data packet D i is a member of a list or set of N data packets ⁇ D 1 , . . . , D N ⁇ .
- the mechanism for verification is known as a Merkle proof and consists of obtaining a set of hashes known as the Merkle path for a given data packet D i and Merkle root R.
- the Merkle path for a data packet is simply the minimum list of hashes required to reconstruct the root R by way of repeated hashing and concatenation, often referred to as the ‘authentication path’.
- a proof-of-existence could be performed trivially if all packets D 1 , . . . , D N are known to the prover.
- ⁇ ⁇ N (2,2), N (3,4), N (5,8) ⁇ .
- N (1,1) H ( D 1 ).
- N (1,2) H ( N (1,1) ⁇ N (2,2)).
- N (1,4) H ( N (1,2) ⁇ N (3,4))
- N (1,8) H ( N (1,4) ⁇ N (5,8)),
- R′ N (1,8).
- FIG. 12 shows a Merkle proof-of-existence of data block D 1 in the tree represented by a root R using a Merkle path. This demonstrates that performing the Merkle proof for a given block D 1 and root R is effectively traversing the Merkle tree ‘upwards’ by using only the minimum number of hash values necessary.
- the present invention uses these techniques to provide a more efficient and secure verification solution, which we now turn our attention to discussing.
- Tx 1 , Tx 2 will be referred to herein as input transactions as a concise way of saying that they are transactions comprising outputs that are being spent by the inputs of some subsequent transaction e.g. a Tx 3 .
- the third blockchain transaction is the payment transaction:
- SPV makes use of two properties of the Bitcoin blockchain:
- an SPV client need only maintain a copy of the block headers for the entire blockchain—rather than blocks in full—to verify that a transaction has been processed by the network.
- an SPV client requires only:
- This SPV mechanism as specified by Nakamoto informs the existing method of SPV client implementation, including at the point-of-sale.
- the state-of-the-art in SPV implementation is based on the paradigm whereby a user verifies that a payment has been received by confirming (to a suitable depth on the blockchain e.g. 6) that it has been included in a block. In effect, this is a post-broadcast check on a transaction to verify that it has been mined.
- the present invention requires that the necessary SPV check be performed on a transaction's inputs prior to its broadcast. This shift in emphasis greatly reduces the burden and traffic on the network in dealing with invalid transactions.
- a second important paradigm in the existing SPV system is that an SPV client must query full nodes on the network to obtain the Merkle path required for the SPV check. This can be seen in the Bitcoin developer guide (bitcoin.org/en/developer-guide) which states that “the SPV client knows the Merkle root and associated transaction information, and requests the respective Merkle branch from a full node”.
- Embodiments of the present invention provide mechanisms and methods involving SPV checks that remove this burden on the network, by stipulating that lightweight bitcoin client users keep, maintain or at least have access to their own copies of Merkle paths pertinent to the unspent transaction outputs owned by them.
- the traditional method for implementing SPV (at the point of transaction) is as follows, and with reference to FIG. 9 :
- the present invention provides improved security solutions for verification on a blockchain network (which we will hereafter refer to as the “Bitcoin” network for convenience) using a low bandwidth SPV system.
- the sender of the resource e.g. customer
- the receiver e.g. a merchant
- the term “customer” or “Alice” will be used instead of “sender”, and “merchant” or “Bob” will be used instead of “receiver”.
- the present invention employs a novel communication flow between the parties relative to conventional SPV transactions, as it only requires the merchant's wallet to be connected to the network. This is achieved by the merchant's wallet creating a template (which may be referred to as an “incomplete transaction”) with information that the customer needs to provide e.g. a change address, signature, etc. Once the merchant receives this requested information from the customer, he broadcasts the transaction to the network.
- a template which may be referred to as an “incomplete transaction”
- the merchant receives this requested information from the customer, he broadcasts the transaction to the network.
- the invention gives rise to a fundamental change of the communication and exchange process between the transacting parties and the network during a simple payment verification on the Bitcoin network from:
- Alice and Bob may securely exchange messages using a secret sharing protocol such as, for example, that described in WO 2017145016.
- embodiments of the invention provide at least the following:
- Step [ 5 ] is nothing more than a repetition of the existing SPV technique and is not a necessary feature of our proposed method; it is included here for completeness and for distinction between the existing paradigm and the present invention.
- FIG. 1 An embodiment of the offline SPV is shown schematically in FIG. 1 and comprises the following features:
- the above may be implemented as a wallet with both online and offline states or functionality. This can be advantageous when the wallet needs to update its set of UTXOs and Merkle paths.
- Alice's wallet can download data by temporarily connecting to the network in the same way that a traditional SPV wallet does. This is illustrated in FIG. 2 , and may be referred to for convenience as an on- and off-line SPV wallet.
- a standard P2PKH transaction as known in the art with 1 input and 2 outputs is 226 bytes
- block headers are 80 bytes
- a Merkle path for a transaction in a block containing 100,000 transactions is approximately 560 bytes.
- a wallet using this implementation is advantageous as it provides the benefits of being able facilitate offline payments and verification using a blockchain, while maintaining the ability to connect to the network as and when needed.
- the additional online state can be used for updating the list of block headers, obtaining new TXs and associated Merkle paths and even sending transactions as and when required.
- the PoS SPV wallet is designed to achieve the minimum functionality required for Bob to accept a transfer from Alice, who is using an offline SPV wallet as described above. These requirements are that Bob must be able to:
- the point of sale SPV wallet will maintain a copy of the entire list of block headers to ensure that Bob can always perform the SPV check on a Merkle path for any transaction in the history of the blockchain.
- Bob chooses not to keep the full list of block headers, for instance those corresponding to blocks containing no transactions with spendable outputs.
- Bob may need to query a third party occasionally to obtain block headers he does not already have.
- Bob's PoS SPV wallet requests the information for Alice's offline (or off/online) wallet in the following format:
- Alice needs to provide Bob with a valid payment transaction Tx 3 in exchange for the goods at the P-o-S.
- Bob provides the merchant template to facilitate this but it is also conceivable that a template is not used. For example, if Alice already knows the price and Bob's address beforehand, she can construct her payment and transmit it directly to Bob. Alice could also provide the required signatures and outpoint references without explicitly ‘filling-in’ the template itself.
- the full transaction (see ( 1 ) in FIG. 4 ) and Merkle proof (see ( 3 ) in FIG. 4 ) can be sent by Alice and processed by Bob. This can be done in parallel with, and independently to, Alice completing Bob's template (see ( 2 ) in FIG. 4 ).
- a solution to the problem would be for Bob to specify the artificial delay in processing a transaction within the template that he provides to Alice.
- Alice's offline wallet can interpret this as meaning that the change generated by the payment to Bob will be unavailable to spend during the merchant's pre-determined time before submitting their batched transactions to the network. It should be noted that there is no additional risk for Bob in this scenario, as the delivery of the purchased goods can be cancelled if the merchant finds evidence of a double-spend before he submits the batch of transactions.
- certain embodiments of the invention build on the basic concept of the point of sale (P-o-S) SPV by introducing a more advanced master SPV which can coordinate one or many point of sale wallets.
- the combination of a master SPV with one or more P-o-S SPVs will be considered a “split wallet” system herein.
- the split-wallet system in accordance with embodiments of the invention comprises at least one PoS SPV wallet, acting as a payment terminal, coordinated by a master SPV component.
- the functionality of a master SPV enables the wallet to:
- the master wallet should be able to perform all the basic functions of a good SPV, such as checking the Merkle proof of existence for a given transaction. This means that Bob can check that any transaction he broadcasts from the point of sale has been accepted by the network and included in a block.
- a master wallet in accordance with an embodiment of the present invention communicates with, and coordinates the payments processed by, at least one simpler PoS SPV wallet.
- the master SPV can be advantageous for the master SPV to store the private keys for Bob's payment addresses. This allows Bob to have much greater security over his payment processing when using a split-wallet system. However, storing the Bob's private keys is an optional capability of the master wallet and its primary function is to aggregate and coordinate payments from multiple point of sale wallets.
- a master wallet used as part of a split-wallet implementation would typically reside in a separate location to the point of sale SPVs, such as a company back office or head office, for both security concerns and pragmatism.
- the merchant-customer interaction can be visualised as shown in FIG. 5 .
- this implementation using a simple master SPV as part of a merchant split-wallet has utility for the Bob, but still relies on the network for responding to queries of the UTXO set if the split-wallet it to provide a suitable level of double-spend protection.
- the master SPV is replaced with a more powerful type of master wallet which also keeps its own copy of the mempool.
- the split-wallet architecture equipped with such a master wallet does not need to query the network to check if a customer's UTXOs are part of the current UTXO set.
- a master wallet with its own copy of the mempool functions similarly to a classical non-mining ‘full node’ client but, advantageously, it does not need to keep a full copy of the blockchain. Instead, this type of master wallet keeps only the block headers and its own local copy of the mempool.
- the copy of the mempool can either be constructed locally by synchronising with the network or sourced from a trusted third party or service.
- the implementation of the split-wallet using a master SPV wallet with its own copy of the mempool changes the merchant-customer interaction from the perspective of the merchant.
- embodiments of the invention lend themselves for use and implementation in a variety of forms. These can include payment cards, for example.
- a traditional SPV wallet verifies that a transaction is not a double spend by checking its depth within the blockchain, which it does by querying the network. Once a transaction has been validated by a miner and is included in a block the transaction has 1 confirmation. Every additional block added to the blockchain increases the confirmation by 1 and with each new confirmation the risk of a double spend is decreased. A traditional SPV wallet will display a transaction as “n/unconfirmed” until it has 6 confirmations.
- the default 6 confirmation rule is not fundamental to Bitcoin. Not all merchants want to wait for 6 blocks (or even 1 block) to be generated before being satisfied with payment. “0-conf” is the term used in the art to denote a transaction that has not yet been included in a block. Once Alice completes her transaction she broadcasts it to the network and Bob should (at the very least) be able to find it in the mempool.
- the present invention shifts the burden of broadcasting the transaction to the receiver, Bob, rather than the sender, Alice, thus minimising the CPU required and improving the experience for Alice.
- Bob has a greater degree of control over the transaction process as he does not need to rely on Alice's connection to the network, but not enough control to compromise Alice's security.
- Alice (only) has the authority to accept or reject the transaction by providing a digital signature.
- the Merkle path check does not prevent double spending as 0-conf is only reached once Bob can see that the transaction being relayed by the network and is in the mempool. Instead, it acts as a fail-fast mechanism allowing Bob to instantly reject attempts to spend non-existent UTXOs. This is useful as it prevents Bob being used as an intermediary for spam attacks, especially since the time taken to broadcast and then query a full node may take more than a few seconds if the connection is poor.
- POS point-of-sale
- Bob the merchant
- embodiments of the invention are able to provide performance and results which would be a significant improvement over existing SPV/cryptocurrency transaction rates, and at least rival existing chip-and-pin/contactless terminal payment interactions in terms of instantaneity.
- the invention also provides allows payments to be considered cleared and approved with a high degree of certainty within approximately one hour (i.e. 6-conf). This is far superior to the current payment clearing times of up to 60-days i.e. VISA and Mastercard clearing times.
- Bob can calibrate the latency for accepting a payment at the point of sale. By choosing the minimum polling time interval ⁇ he also sets the probabilistic upper bound on the risk of a double-spend acceptable to him. This can allow for greater efficiency and flexibility in payment processing for merchants.
- Bob can set the mining fee for the transaction when generating the template. It does not necessarily matter who pays this fee, but the value can be used as a parameter for setting the risk of double-spend to a level deemed acceptable by the merchant.
- the point of sale time delay and the mining fee for the transaction are two parameters that can be set by the merchant and consented to by the customer's digital signature that can effectively calibrate the efficiency and risk on a case-by-case basis. This may depend, for example, on the value of the goods to be exchanged,
- FIG. 7 there is provided an illustrative, simplified block diagram of a computing device 2600 that may be used to practice at least one embodiment of the present disclosure.
- the computing device 2600 may be used to implement any of the systems illustrated and described above.
- the computing device 2600 may be configured for use as a data server, a web server, a portable computing device, a personal computer, or any electronic computing device.
- the computing device 2600 may include one or more processors with one or more levels of cache memory and a memory controller (collectively labelled 2602 ) that can be configured to communicate with a storage subsystem 2606 that includes main memory 2608 and persistent storage 2610 .
- the main memory 2608 can include dynamic random-access memory (DRAM) 2618 and read-only memory (ROM) 2620 as shown.
- DRAM dynamic random-access memory
- ROM read-only memory
- the storage subsystem 2606 and the cache memory 2602 may be used for storage of information, such as details associated with transactions and blocks as described in the present disclosure.
- the processor(s) 2602 may be utilized to provide the steps or functionality of any embodiment as described in the present disclosure.
- the processor(s) 2602 can also communicate with one or more user interface input devices 2612 , one or more user interface output devices 2614 , and a network interface subsystem 2616 .
- a bus subsystem 2604 may provide a mechanism for enabling the various components and subsystems of computing device 2600 to communicate with each other as intended. Although the bus subsystem 2604 is shown schematically as a single bus, alternative embodiments of the bus subsystem may utilize multiple busses.
- the network interface subsystem 2616 may provide an interface to other computing devices and networks.
- the network interface subsystem 2616 may serve as an interface for receiving data from, and transmitting data to, other systems from the computing device 2600 .
- the network interface subsystem 2616 may enable a data technician to connect the device to a network such that the data technician may be able to transmit data to the device and receive data from the device while in a remote location, such as a data centre.
- the user interface input devices 2612 may include one or more user input devices such as a keyboard; pointing devices such as an integrated mouse, trackball, touchpad, or graphics tablet; a scanner; a barcode scanner; a touch screen incorporated into the display; audio input devices such as voice recognition systems, microphones; and other types of input devices.
- user input devices such as a keyboard; pointing devices such as an integrated mouse, trackball, touchpad, or graphics tablet; a scanner; a barcode scanner; a touch screen incorporated into the display; audio input devices such as voice recognition systems, microphones; and other types of input devices.
- input device is intended to include all possible types of devices and mechanisms for inputting information to the computing device 2600 .
- the one or more user interface output devices 2614 may include a display subsystem, a printer, or non-visual displays such as audio output devices, etc.
- the display subsystem may be a cathode ray tube (CRT), a flat-panel device such as a liquid crystal display (LCD), light emitting diode (LED) display, or a projection or other display device.
- CTR cathode ray tube
- LCD liquid crystal display
- LED light emitting diode
- output device is intended to include all possible types of devices and mechanisms for outputting information from the computing device 2600 .
- the one or more user interface output devices 2614 may be used, for example, to present user interfaces to facilitate user interaction with applications performing processes described and variations therein, when such interaction may be appropriate.
- the storage subsystem 2606 may provide a computer-readable storage medium for storing the basic programming and data constructs that may provide the functionality of at least one embodiment of the present disclosure.
- the applications programs, code modules, instructions
- the storage subsystem 2606 may additionally provide a repository for storing data used in accordance with the present disclosure.
- the main memory 2608 and cache memory 2602 can provide volatile storage for program and data.
- the persistent storage 2610 can provide persistent (non-volatile) storage for program and data and may include flash memory, one or more solid state drives, one or more magnetic hard disk drives, one or more floppy disk drives with associated removable media, one or more optical drives (e.g. CD-ROM or DVD or Blue-Ray) drive with associated removable media, and other like storage media.
- Such program and data can include programs for carrying out the steps of one or more embodiments as described in the present disclosure as well as data associated with transactions and blocks as described in the present disclosure.
- the computing device 2600 may be of various types, including a portable computer device, tablet computer, a workstation, or any other device described below. Additionally, the computing device 2600 may include another device that may be connected to the computing device 2600 through one or more ports (e.g., USB, a headphone jack, Lightning connector, etc.). The device that may be connected to the computing device 2600 may include a plurality of ports configured to accept fibre-optic connectors. Accordingly, this device may be configured to convert optical signals to electrical signals that may be transmitted through the port connecting the device to the computing device 2600 for processing. Due to the ever-changing nature of computers and networks, the description of the computing device 2600 depicted in FIG. 7 is intended only as a specific example for purposes of illustrating the preferred embodiment of the device. Many other configurations having more or fewer components than the system depicted in FIG. 7 are possible.
- blockchain transaction may be used to refer to a data structure which implements the use of a cryptographic key to achieve transfer of control of a digital resource or asset via a blockchain network.
- a transaction in order for a transaction to be written to the blockchain, it must be i) validated by the first node that receives the transaction—if the transaction is validated, the node relays it to the other nodes in the network; and ii) added to a new block built by a miner; and iii) mined, i.e. added to the public ledger of past transactions. It will be appreciated that the nature of the work performed by miners will depend on the type of consensus mechanism used to maintain the blockchain.
- PoW proof of work
- DDoS delegated proof of stake
- PoC proof of capacity
- PoET proof of elapsed time
- PoA proof of authority
- a miner's hashing power PoW
- PoS an amount of cryptocurrency held by a miner
- DoS delegate miner
- PoC a miner's ability to store pre-determined solutions to a cryptographic puzzle
- PoET wait time randomly assigned to a miner
- miners are provided with an incentive or reward for mining a block.
- the Bitcoin blockchain for example, rewards miners with newly issued cryptocurrency (Bitcoin) and fees associated with transactions in the block (transaction fees).
- Bincoin newly issued cryptocurrency
- transaction fees fees associated with transactions in the block
- the amount of cryptocurrency issued diminishes with time, with the incentive eventually consisting of transaction fees only. It will be appreciated, therefore, that the handling of transaction fees is a part of the underlying mechanism for committing data to public blockchains such as the Bitcoin blockchain.
- each transaction in a given block encodes the transfer of control of a digital asset between participants in the blockchain system.
- the digital asset need not necessarily correspond to a cryptocurrency.
- the digital asset may pertain to a digital representation of a document, image, physical object, etc.
- the payment of cryptocurrency and/or transaction fees to miners may simply act as an incentive to maintain the validity of blocks in the blockchain by performing the necessary work.
- the cryptocurrency associated with the blockchain acts as a security for miners, with the blockchain itself being a ledger for transactions that predominantly relate to digital assets other than cryptocurrency.
- the transfer of cryptocurrency between participants is handled by an entity that is different from the entity using the blockchain to maintain a ledger of transactions.
- the invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer.
- a device claim enumerating several means several of these means may be embodied by one and the same item of hardware.
- the mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
Description
- This application is the U.S. National Stage of International Application No. PCT/IB2020/050740 filed Jan. 30, 2020, which claims the benefit of United Kingdom Patent Application No. 1902086.6, filed Feb. 15, 2019, United Kingdom Patent Application No. 1902088.2, filed on Feb. 15, 2019, United Kingdom Patent Application No. 1902090.8, filed on Feb. 15, 2019, United Kingdom Patent Application No. 1902089.0, filed on Feb. 15, 2019, and United Kingdom Patent Application No. 1902092.4, filed on Feb. 15, 2019 the contents of which are incorporated herein by reference in their entireties.
- This invention relates generally to the communication and transfer of resources via a network, and more particularly to transfers conducted over blockchain networks, and also digital wallets. The invention is suited, but not limited to, wallets for processing transfers of cryptocurrencies, tokens and other resources which are implemented on or communicated over a blockchain.
-
FIG. 1 shows an illustration of an “offline SPV wallet” in accordance with an embodiment of the disclosure. -
FIG. 2 shows an illustration of an “on- and off-line SPV wallet” in accordance with an embodiment of the disclosure. -
FIG. 3 shows an illustration of a “PoS SPV wallet” in accordance with an embodiment of the disclosure. -
FIG. 4 shows a partial and completed template transaction and the associated Merkle proof in accordance with an embodiment of the disclosure. -
FIG. 5 shows the flow of data and interaction between Alice and Bob when conducting a transaction using a split SPV wallet in accordance with an embodiment of the disclosure. -
FIG. 6 shows a schematic illustration of an embodiment of the disclosure in use. -
FIG. 7 is a schematic diagram illustrates a computing environment in which various embodiments can be implemented. -
FIG. 8 is a schematic diagram showing three transactions and the Merkle paths which can be used to relate them to blocks (headers). -
FIG. 9 illustrates the traditional SPV payment method. -
FIG. 10 shows an illustration of a method in accordance with an embodiment of the disclosure. -
FIG. 11 shows an example of a binary Merkle tree as known in the prior art. -
FIG. 12 shows a Merkle proof-of-existence of a data block D1 in a tree represented by a root R, using a Merkle path, in accordance with the prior art. - This invention relates generally to the communication and transfer of resources via a network, and more particularly to transfers conducted over blockchain networks, and also digital wallets. The invention is particularly suited, but not limited to, wallets for processing transfers of cryptocurrencies, tokens and other resources which are implemented on or communicated over a blockchain. The invention provides apparatus and techniques which provide numerous technical advantages including but not limited to, improving the security, versatility, resilience and efficiency of digital wallets and blockchain-based communications.
- In this document we use the term ‘blockchain’ to include all forms of electronic, computer-based, distributed ledgers. These include consensus-based blockchain and transaction-chain technologies, permissioned and un-permissioned ledgers, shared ledgers and variations thereof. The most widely known application of blockchain technology is the Bitcoin ledger, although other blockchain implementations have been proposed and developed. While Bitcoin may be referred to herein for the purpose of convenience and illustration, it should be noted that the invention is not limited to use with the Bitcoin blockchain and alternative blockchain implementations and protocols fall within the scope of the present invention. The term “Bitcoin” is used herein to include all variations of protocols or implementations which derive from or implement any variant of the Bitcoin protocol. The term “user” may refer herein to a human or a processor-based resource.
- A blockchain is a peer-to-peer, electronic ledger which is implemented as a computer-based decentralised, distributed system made up of blocks which in turn are made up of transactions. Each transaction is a data structure that encodes the transfer of control of a digital asset between participants in the blockchain system, and includes at least one input and at least one output. Each block contains a hash of the previous block to that blocks become chained together to create a permanent, unalterable record of all transactions which have been written to the blockchain since its inception. The header of each block contains a field which provides the Merkle root for that block. The Merkle root is generated by repeatedly hashing together pairs of transaction IDs from the block until a single hash is arrived at. This Merkle root provides an efficient mechanism for verifying that a transaction is part of a block because it allows users to verify a particular transaction without downloading the whole blockchain.
- Transactions contain small programs known as scripts embedded into their inputs and outputs, which specify how and by whom the outputs of the transactions can be accessed. On the Bitcoin platform, these scripts are written using a stack-based scripting language.
- In order for a transaction to be written to the blockchain, it must be “validated”. Network nodes (miners) perform work to ensure that each transaction is valid, with invalid transactions rejected from the network. Software clients installed on the nodes perform this validation work on an unspent transaction (UTXO) by executing its locking and unlocking scripts. If execution of the locking and unlocking scripts evaluate to TRUE, the transaction is valid and the transaction is written to the blockchain. Thus, in order for a transaction to be written to the blockchain, it must be i) validated by the first node that receives the transaction—if the transaction is validated, the node relays it to the other nodes in the network; and ii) added to a new block built by a miner; and iii) mined, i.e. added to the public ledger of past transactions. (Note: validation as described above should not be confused with the term “verification” as used herein to mean confirming or checking whether a particular transaction has been included in a block on the blockchain).
- Once stored in the blockchain as a UTXO, a user can transfer control of the associated cryptocurrency to another address associated with an input in another transaction. This is often done using a digital wallet which stores the public and private key pairs associated with the user's cryptocurrency. There are various forms of known cryptocurrency wallet, including the SPV wallet (Simplified Payment Verification).
- In a SPV-based exchange of cryptocurrency between Alice and Bob, both parties use the same type of SPV wallet. The SPV wallet stores the user's private and public keys, unspent transactions and block headers. It also has the ability to connect to the blockchain network. The term “block header” is known in the art, and is used to refer to data provided at the top of a block of blockchain transactions. The block header uniquely identifies the block so it can be located on the blockchain. It comprises fields of data that provide a unique summary or fingerprint of the entire block's contents. The block header includes the Merkle Root, which is a hash of all of the transactions in that block. A user is then able to search the Merkle tree with that root to check (i.e. verify) whether a particular transaction was included in a particular block on the blockchain, without having to download the entire blockchain.
- An advantage of the SPV wallet is that it enables power and storage constrained devices such as phones and laptops to operate within the Bitcoin ecosystem because it only needs to check that a transaction has been verified (hence the name “simplified payment verification”) rather than performing a full check of the blockchain as per other forms of wallet. Since an SPV wallet only downloads block headers without including any of the transactions, this reduces the storage space required from 159 GB (as of November 2018) to 43 MB, and storage requirements will only increase at a constant 4.2 MB per year even as Bitcoins scales. Suppose that Alice wishes to send some cryptocurrency or a tokenised asset/resource to Bob. The communication flow between Alice and Bob, when using conventional SPV wallets, is as follows:
-
- 1. Alice creates a blockchain transaction (TX), specifying Bob's address in the output and providing signatures for inputs (from previous unspent transactions to Alice).
- 2. Alice broadcasts the transaction to the blockchain network.
- 3. Bob queries the network to verify that the transaction has been accepted.
- In essence, the blockchain network acts as an intermediary between Alice's wallet and Bob's wallet. However, not only is this a resource-intensive process, it also requires network connectivity. If the device that the Alice's wallet is running on is offline for some reason, the transfer cannot be completed. Therefore, there are technical challenges including, but not limited to, how to provide methods, systems and devices for implementing a more reliable and efficient mechanism for conducting an electronic transfer from one entity (e.g. computing resource/node/digital wallet) to another.
- Thus, it is desirable to provide a solution which solves at least these technical problems. Such an improved solution has now been devised. Thus, in accordance with the present disclosure there is provided a system and corresponding method as defined in the appended claims. In accordance with embodiments of the disclosure there may be provided a computer and/or blockchain implemented method and corresponding system and/or resource. The resource may be a computer-implemented resource or device(s).
- The invention may provide or be arranged to facilitate or enable a transfer of an asset (between a transferor and a transferee) on or over a blockchain network. The transferor (sender of the asset) may be referred to herein as Alice and the transferee (recipient of the asset) may be referred to as Bob. The asset can be or comprise any type of transferrable electronic entity eg a portion of cryptocurrency or a token, or anything else that can be transferred digitally in some way via a blockchain transaction. Additionally or alternatively, the invention may be arranged to facilitate or enable verification of a blockchain transaction. Preferably, this is an SPV verification. The invention may provide a blockchain-implemented Simplified Payment Verification method and corresponding system.
- A method in accordance with an embodiment of the disclosure may comprise the steps:
-
- verifying a Merkle proof for a first transaction comprising an unspent output (UTXO1); and
- sending a second transaction to a blockchain upon successful verification of the Merkle proof, wherein the second transaction comprises an input which spends the unspent output (UTXO1) of the first transaction.
- These steps may be performed by a computer-implemented resource. The resource may be substantially as described herein in relation to Bob, or the sections entitled “PoS SPV Wallet” or “split wallet” provided herein with reference to the relevant figures. The resource (and/or the computer implemented resource) may comprise a combination of hardware and software, or may be purely software based.
- The resource may be referred to hereafter as Bob, and the computer implemented resource may be referred to as Alice. “Successful verification” may mean that the Merkle proof establishes that the first blockchain transaction is present on the blockchain i.e. has been mined into a block.
- The second transaction may be referred to as a payment transaction for ease of reference. It may comprise at least one further input which spends at least one further unspent output (UTXO2) of the first transaction or an unspent output (UTXO3) of a third transaction. In other words, the payment transaction that is sent to the blockchain may comprise more than one input. These inputs may spend outputs (UTXOs) from one or more other transactions. It should be noted that the phrase “third transaction” as used in the claims should be interpreted as meaning “one or more further transactions” in that the sense that there may be more than one “third transaction”—there may be any number of inputs from any number of transactions into the second transaction.
- Embodiment(s) of the disclosure may comprise the step of verifying a Merkle proof for the third transaction. In other words, the invention may be arranged to verify a Merkle proof for each transaction that is being used to provide an output (UTXO) for input into the payment transaction.
- The method may further comprise the step of receiving, via an off-chain communication, a Merkle path and/or complete transaction data for the at least one transaction and/or the third transaction. The term “off-chain communication” may mean that the communication does not involve i.e. go via the blockchain network and/or the blockchain itself
- The method may further comprise the step of storing at least one public key, at least one private key and/or at least one block header.
- The method may further comprise the step of requesting, via an off-chain communication, the Merkle path and/or complete transaction data for the first transaction or third transaction from a computer-based/implemented resource (Alice). The request may be made using a transaction template. The template may comprise some, but not all, of the information required to form a valid blockchain transaction. The computer-based resource may provide the requested data by updating or completing the transaction template. The template may also be referred to as an “incomplete (blockchain) transaction”.
- The method may further comprise the step of receiving, via an off-chain communication and from the computer-based resource: the Merkle path and/or complete transaction data for the first transaction or third transaction; a signature for spending at least one unspent blockchain transaction output (UTXO) of the first transaction and/or third transaction.
- The second transaction may further comprise a change address for spending a portion of cryptocurrency to a destination.
- Embodiment(s) of the disclosure also provide a corresponding system. Any feature described in relation to a method of the invention may also apply to an embodiment of the system, and vice versa.
- There may be provided a computer-implemented system comprising:
-
- a processor; and
- memory including executable instructions that, as a result of execution by the processor, causes the system to perform any embodiment of the computer-implemented method as claimed or disclosed herein.
- The system may comprise at least one Simplified Payment Verification wallet.
- Embodiment(s) of the disclosure also provide a non-transitory computer-readable storage medium having stored thereon executable instructions that, as a result of being executed by a processor of a computer system, cause the computer system to at least perform an embodiment of the method as disclosed herein.
- These and other aspects of the present invention will be apparent from and elucidated with reference to, the embodiment described herein. Embodiments of the present disclosure will now be described, by way of example only, and with reference to the accompany drawings, in which:
-
FIG. 1 shows an illustration of an “offline SPV wallet” in accordance with an embodiment of the disclosure. -
FIG. 2 shows an illustration of an “on- and off-line SPV wallet” in accordance with an embodiment of the disclosure. -
FIG. 3 shows an illustration of a “PoS SPV wallet” in accordance with an embodiment of the disclosure. -
FIG. 4 shows a partial and completed template transaction and the associated Merkle proof in accordance with an embodiment of the disclosure. -
FIG. 5 shows the flow of data and interaction between Alice and Bob when conducting a transaction using a split SPV wallet in accordance with an embodiment of the disclosure. -
FIG. 6 shows a schematic illustration of an embodiment of the disclosure in use. -
FIG. 7 is a schematic diagram illustrates a computing environment in which various embodiments can be implemented. -
FIG. 8 is a schematic diagram showing three transactions and the Merkle paths which can be used to relate them to blocks (headers). -
FIG. 9 illustrates the traditional SPV payment method. -
FIG. 10 shows an illustration of a method in accordance with an embodiment of the disclosure. -
FIG. 11 shows an example of a binary Merkle tree as known in the prior art. -
FIG. 12 shows a Merkle proof-of-existence of a data block D1 in a tree represented by a root R, using a Merkle path, in accordance with the prior art. - As the present invention utilises the concept of a Merkle tree to advantage, we provide an explanation by way of background only.
- Merkle Trees are hierarchical data structures that enable secure verification of collections of data. In a Merkle tree, each node in the tree has been given an index pair (i, j) and is represented as N(i, j). The indices i, j are simply numerical labels that are related to a specific position in the tree. An important feature of the Merkle tree is that the construction of each of its nodes is governed by the following (simplified) equations:
-
-
- where k=(i+j)/2 and H is a cryptographic hash function.
- A labelled, binary Merkle tree constructed according to these equations is shown in
FIG. 11 , from which we can see that the i=j case corresponds to a leaf node, which is simply the hash of the corresponding ith packet of data D1. The i≠j case corresponds to an internal or parent node, which is generated by recursively hashing and concatenating child nodes until one parent (the Merkle root) is found. - For example, the node N(1,4) is constructed from the four data packet D1, . . . D4 as
-
- The tree depth M is defined as the lowest level of nodes in the tree, and the depth m of a node is the level at which the node exists. For example, mroot=0 and mleaf=M, where M=3 in
FIG. 11 . - Merkle Proofs
- The primary function of a Merkle tree is to verify that some data packet Di is a member of a list or set of N data packets ∈{D1, . . . , DN}. The mechanism for verification is known as a Merkle proof and consists of obtaining a set of hashes known as the Merkle path for a given data packet Di and Merkle root R. The Merkle path for a data packet is simply the minimum list of hashes required to reconstruct the root R by way of repeated hashing and concatenation, often referred to as the ‘authentication path’. A proof-of-existence could be performed trivially if all packets D1, . . . , DN are known to the prover. This does however require a much larger storage overhead than the Merkle path, as well as requiring that the entire data set is available to the prover. The comparison between using a Merkle path and using the entire list is shown in the table below, where we have used a binary Merkle tree and assumed that the number of data blocks N is exactly equal to an
integer power 2. If this were not the case, the number of hashes required for the Merkle proof would differ by ±1 in each instance. -
TABLE The relationship between the number of leaf nodes in a Merkle tree and the number of hashes required for a Merkle proof. Merkle tree No. data packets 8 32 64 256 N = 2M No. hashes required 3 5 7 9 M = log2N for proof-of-existence - In this simplified scenario—where the number of data packets is equal to the number of leaf nodes—we find that the number of hash values required to compute a Merkle proof scales logarithmically. It is clearly far more efficient and practical to compute a Merkle proof involving logK N hashes than to store N data hashes and compute the trivial proof
- Method
-
-
- i. Obtain the Merkle root from a trusted source.
- ii. Obtain the Merkle path Γ from a source. In this case, Γ is the set of hashes:
-
Γ={N(2,2),N(3,4),N(5,8)}. -
- iii. Compute a Merkle proof using D1 and Γ as follows:
- a. Hash the data block to obtain:
- iii. Compute a Merkle proof using D1 and Γ as follows:
-
N(1,1)=H(D 1). -
-
- b. Concatenate with N(2,2) and hash to obtain:
-
-
N(1,2)=H(N(1,1)∥N(2,2)). -
-
- c. Concatenate with N(3,4) and hash to obtain:
-
-
N(1,4)=H(N(1,2)∥N(3,4)) -
-
- d. Concatenate with N(5,8) and hash to obtain the root:
-
-
N(1,8)=H(N(1,4)∥N(5,8)), -
R′=N(1,8). -
-
- e. Compare the calculated root R with the root P obtained in (i):
- I. If R′=R, the existence of D1 in the tree and therefore the data set is confirmed.
- II. If R′≠R, the proof has failed and D1 is not confirmed to be a member of .
- e. Compare the calculated root R with the root P obtained in (i):
-
- This is an efficient mechanism for providing a proof-of-existence for some data as part of the data set represented by a Merkle tree and its root. For example, if the data D1 corresponded to a blockchain transaction and the root R is publicly available as part of a block header then we can quickly prove that the transaction was included in that block.
- The process of authenticating the existence of D1 as part of our example Merkle tree is shown in
FIG. 12 which shows a Merkle proof-of-existence of data block D1 in the tree represented by a root R using a Merkle path. This demonstrates that performing the Merkle proof for a given block D1 and root R is effectively traversing the Merkle tree ‘upwards’ by using only the minimum number of hash values necessary. - The present invention uses these techniques to provide a more efficient and secure verification solution, which we now turn our attention to discussing.
- Simplified Payment Verification (SPV)
- As the present invention provides improved SPV solutions, we now provide an overview of known SPV verification techniques for ease of reference.
- In what follows, we consider Alice (a customer) and Bob (a merchant) who wish to transact at the point-of-sale of some goods. We examine how this interaction takes place using simplified payment verification (SPV) using the traditional method, as outlined in the Nakamoto whitepaper (“Bitcoin: A Peer-to-Peer Electronic Cash System”, Satoshi Nakamoto, [2008] www.bicoin.org/bitcoin.pdf). The same interaction is described later in respect of an illustrative embodiment of the present invention, in the section entitled “Overview of the Invention”. In both cases, we consider the role of three blockchain transactions (Txs). Two transactions have spendable outputs (UTXOs) owned by Alice:
-
- Tx1—a transaction with a spendable output (vout−1)
- Tx2—a transaction with a spendable output (vout−0)
- These transactions Tx1, Tx2 will be referred to herein as input transactions as a concise way of saying that they are transactions comprising outputs that are being spent by the inputs of some subsequent transaction e.g. a Tx3.
- The third blockchain transaction is the payment transaction:
-
- Tx3—a transaction using vout−0 and vout−1 as its two inputs and one output paying to Bob. There are only two inputs and one output for simpler demonstration of the invention.
- These three transactions, and the Merkle paths which can be used to relate them to blocks (headers), are shown schematically in
FIG. 8 . - The basic concept of SPV has existed since the Nakamoto whitepaper and was implemented in the original Bitcoin client (v 0.1, 2009). In essence, SPV makes use of two properties of the Bitcoin blockchain:
-
- 1. Merkle proofs that can be used easily to verify that a given transaction is included in a Merkle tree and represented by a Merkle root; and
- 2. Block headers that represent blocks of transactions by including the Merkle root of a Merkle tree of transactions.
- By combining these two properties a lightweight Bitcoin client need only maintain a copy of the block headers for the entire blockchain—rather than blocks in full—to verify that a transaction has been processed by the network. To verify that a given transaction has been processed and included in a block, an SPV client requires only:
-
- a full list of up-to-date block headers;
- the Merkle path for the transaction in question.
- It follows from
property 1 that the SPV user can verify that the given transaction is part of a Merkle tree—represented by a Merkle root—simply by performing a Merkle path authentication proof as explained in the section above. It then follows fromproperty 2 that the transaction is also part of a block in the blockchain if the SPV client has a valid block header that includes this Merkle root. Performing this type of payment verification in bitcoin will be referred to herein as performing an ‘SPV check’. - This SPV mechanism as specified by Nakamoto informs the existing method of SPV client implementation, including at the point-of-sale. Importantly, the state-of-the-art in SPV implementation is based on the paradigm whereby a user verifies that a payment has been received by confirming (to a suitable depth on the blockchain e.g. 6) that it has been included in a block. In effect, this is a post-broadcast check on a transaction to verify that it has been mined.
- In contrast, the present invention requires that the necessary SPV check be performed on a transaction's inputs prior to its broadcast. This shift in emphasis greatly reduces the burden and traffic on the network in dealing with invalid transactions.
- A second important paradigm in the existing SPV system is that an SPV client must query full nodes on the network to obtain the Merkle path required for the SPV check. This can be seen in the Bitcoin developer guide (bitcoin.org/en/developer-guide) which states that “the SPV client knows the Merkle root and associated transaction information, and requests the respective Merkle branch from a full node”.
- Embodiments of the present invention provide mechanisms and methods involving SPV checks that remove this burden on the network, by stipulating that lightweight bitcoin client users keep, maintain or at least have access to their own copies of Merkle paths pertinent to the unspent transaction outputs owned by them.
- The traditional method for implementing SPV (at the point of transaction) is as follows, and with reference to
FIG. 9 : - [1] MESSAGE: Bob to Alice
-
- Bob (merchant) sends Alice (customer) his public key address. His message may also include the amount that is to be paid, in addition to any other spending conditions provided as the hash of Bob's chosen redeem script.
- Alice also communicates the transaction ID TxID3 of the payment transaction Tx3 to Bob (not shown).
- [2] The P2P network mediates the exchange between Alice and Bob:
-
- [2.i] MESSAGE: Alice to P2P network
- Alice broadcasts Tx3 to the network.
- [2.ii] MESSAGE: Bob to P2P network
- Bob queries the network to check whether Tx3 is accepted for mining into the blockchain.
- Bob sends continuous queries [2.ii] until he is satisfied the payment is deemed valid by the network. Note that he may begin querying before [2.i] has occurred.
- If Bob is satisfied, he may treat the transaction as complete without either party waiting for the next block to be mined.
- [2.i] MESSAGE: Alice to P2P network
- [3] SPV CHECK (MESSAGE): Bob to P2P network
-
- Bob waits for the next block to be mined and downloads new block headers as they are broadcast on the network.
- Bob sends an ‘SPV check’ request to the network. This is a request for the Merkle path corresponding to Tx3 that links it to the Merkle root in a recently-mined block.
- If the network can provide Bob with the Merkle path, he can compute the Merkle proof himself using his SPV wallet and check the payment Tx3 has been processed.
- This communication flow is illustrated in
FIG. 9 . It should be noted that [2.i], [2.ii] and [3] are mediated by the P2P network and thus contribute to traffic on the network. It should also be noted that in the existing SPV paradigm, the necessary SPV check [3] is performed: -
- After the payment (Tx3) is submitted;
- On the payment (Tx3) itself;
- With the help of other network peers who provide Merkle paths.
- We now contrast this known approach with that of the present invention.
- Overview of the Invention
- The present invention provides improved security solutions for verification on a blockchain network (which we will hereafter refer to as the “Bitcoin” network for convenience) using a low bandwidth SPV system. In accordance with an embodiment of the invention, the sender of the resource (e.g. customer) does not need to be online for the transaction to be created and/or accepted by the receiver (e.g. a merchant). Only the receiver needs to be online. For the sake of convenience and ease of reference, the term “customer” or “Alice” will be used instead of “sender”, and “merchant” or “Bob” will be used instead of “receiver”.
- The present invention employs a novel communication flow between the parties relative to conventional SPV transactions, as it only requires the merchant's wallet to be connected to the network. This is achieved by the merchant's wallet creating a template (which may be referred to as an “incomplete transaction”) with information that the customer needs to provide e.g. a change address, signature, etc. Once the merchant receives this requested information from the customer, he broadcasts the transaction to the network.
- Thus, the invention gives rise to a fundamental change of the communication and exchange process between the transacting parties and the network during a simple payment verification on the Bitcoin network from:
-
- Merchant→Customer→Network→Merchant
- to:
-
- Merchant→Customer→Merchant→Network
- Alice and Bob may securely exchange messages using a secret sharing protocol such as, for example, that described in WO 2017145016.
- This change in process gives rise to the technical problem of needing a novel design for both the customer wallet and also for the merchant wallet. Therefore, embodiments of the invention provide at least the following:
-
- 1. a novel customer wallet for Alice (which we will refer to as the “offline wallet”): this stores Alice's public keys, private keys, transactions containing spendable outputs, all block headers and, importantly, the Merkle paths of the stored transactions (which removes the requirement for Alice to be connected to the network)
- 2. a novel merchant wallet for Bob (which we will refer to as the “Point of Sale (PoS) wallet”:
- this stores Bob's public keys and all block headers.
- A more detailed description of these components is now provided.
- An illustrative method for implementing SPV (at the point of transaction) in accordance with an embodiment of the invention is provided as follows, with reference to
FIG. 10 : - [1] MESSAGE: Bob to Alice
-
- Bob sends Alice a payment transaction template (template Tx3) and requests the following information from Alice:
- The full transaction data for all input transactions (Tx1 and Tx2) comprising at least one output that Alice wants to spend as inputs to the payment (Tx3);
- The Merkle path for all input transactions (Tx1 and Tx2) linking them to their respective Merkle roots associated with their respective block headers;
- The completed (i.e. filled-in template) payment transaction (Tx3).
- Note that Bob is requesting information from Alice, rather than sending his address.
- Bob sends Alice a payment transaction template (template Tx3) and requests the following information from Alice:
- [2] MESSAGE: Alice to Bob
-
- Alice sends the requested information to Bob:
- The full transaction data for all input transactions (Tx1 and Tx2) comprising at least one output that Alice wants to spend as input(s) to the payment (Tx3);
- The Merkle path for all input transactions (Tx1 and Tx2) linking them to their respective block headers;
- The completed (i.e. filled-in template) payment transaction (Tx3). In addition to filling in the template, Alice also provides her signature.
- Alice sends the requested information to Bob:
- [3] SPV CHECK (LOCAL): Bob
-
- Bob performs SPV checks on the input transactions Tx1 and Tx2 using:
- The transactions Tx1 and Tx2;
- The corresponding
Merkle paths Path 1 andPath 2; - Bob's local list of block headers.
- These checks are performed locally by Bob and do not go through the P2P network;
- In a preferred embodiment, at this stage that Bob also performs appropriate checks on the payment Tx3 he has received from Alice to ensure that:
- The payment Tx3 is as Bob expected;
- Alice's signature(s) are valid for this transaction.
- Bob performs SPV checks on the input transactions Tx1 and Tx2 using:
- [4] MESSAGE: Bob to P2P network
-
- Bob broadcasts the payment transaction (Tx3) to the P2P network. In the existing paradigm, Alice would submit the transaction to the network.
- This is done only if the SPV check [3] on all inputs to Tx3 are affirmative.
- [5] SPV CHECK (MESSAGE): Bob to P2P network
-
- This step is identical to the step [3] in the existing paradigm of SPV methods (see earlier).
- This communication flow is illustrated in
FIG. 10 . It should be noted that only [4] and [5] are mediated by the P2P network. Step [5] is nothing more than a repetition of the existing SPV technique and is not a necessary feature of our proposed method; it is included here for completeness and for distinction between the existing paradigm and the present invention. - Note that, in accordance with embodiments of the present invention, the necessary SPV check [3] is performed:
-
- Before the payment transaction (Tx3) is submitted;
- On the input transactions (Tx1 and Tx2) to the payment transaction (Tx3);
- Without the help of network peers to provide Merkle paths (provided by Alice).
- Features of embodiments of the invention include, but are not limited to:
-
- Alice does not need to be online or submit any information to the network herself. This is more reliable for Alice. It also allows her to use a device, such as smart card, that does not have the capability of connecting to the network.
- The inclusion of the Merkle path allows Bob to quickly reject any invalid inputs from Alice. This alleviates excess network traffic by refusing to submit ‘spam’ transactions with invalid Merkle paths.
- Bob may have a particularly fast connection to the network and so it may be faster for him to validate a transaction.
- Bob creates the transaction for Alice to sign and therefore has more control over the content of the transaction, for example he may choose to pay more in transaction fees which will ensure that the transaction is accepted by the network.
- Bob's wallet does not need to contain any private keys. This increases security as the private keys cannot be accessed or compromised by an unauthorised third party.
- The responsibility for submitting the transaction to the network relies on Bob.
- Alice's SPV wallet must have a private key and the ability to sign the transaction. Therefore, it must have enough processing power to perform elliptic curve point multiplication.
- We now consider the various components of the invention in more detail.
- Offline SPV Wallet
- An embodiment of the offline SPV is shown schematically in
FIG. 1 and comprises the following features: -
- 1. TXs—Pre-loaded, full transaction data containing Alice's available unspent transaction outputs. This full transaction data in combination with a Merkle path constitutes a Merkle proof that the transaction Alice is spending is valid. Hashing the full transaction will give the transaction ID (TXID) which is required as part of the input data for the new transaction that Alice wishes to complete. Note that providing the TXID alone would be insufficient as Bob must be able to verify that the TXID is indeed the hash of the transaction. This is only possible if she provides Bob with the full transaction data, and hence she must store it or at least have access to it when required.
- 2. Private/Public Keys—The wallet must have access to a set of private keys in order to sign transaction outputs, and also to public keys to specify change addresses when conducting transactions.
- 3. Merkle Paths—The (complete) Merkle path of each of the transactions containing the transaction outputs (UTXOs). This will be used by the merchant's point of sale wallet to verify that the TXs are valid. It should be noted that while the Merkle proof provided by this wallet does not prevent a double spend, it does act as a fail-fast mechanism against spam attacks thus providing improved robustness and security of the wallet.
- 4. Minimal Processing—The offline SPV wallet is required to sign the unspent transactions in order to spend them. This requires the offline wallet (and device it is installed on) to be able to implement a cryptographic algorithm such as ECDSA, meaning that enough processing power is required to be able to perform elliptic curve point multiplication and compute hash functions.
- 5. Block Headers (optional)—the offline SPV wallet may wish to include block headers to verify that payments to point of sale SPV wallets have been processed. This would also require storing the TXIDs and Merkle paths after interaction with a point of sale wallet.
- In one or more embodiments, the above may be implemented as a wallet with both online and offline states or functionality. This can be advantageous when the wallet needs to update its set of UTXOs and Merkle paths.
- In such an embodiment, Alice's wallet can download data by temporarily connecting to the network in the same way that a traditional SPV wallet does. This is illustrated in
FIG. 2 , and may be referred to for convenience as an on- and off-line SPV wallet. - Once connected Alice's wallet can download the full transactions, Merkle paths and block headers. A standard P2PKH transaction as known in the art with 1 input and 2 outputs is 226 bytes, block headers are 80 bytes, and a Merkle path for a transaction in a block containing 100,000 transactions is approximately 560 bytes. Combining all three means that updating Alice's SPV wallet only needs to download less than 1 MB of data per new input. This can be achieved even with a low bandwidth connection, which is highly advantageous.
- A wallet using this implementation is advantageous as it provides the benefits of being able facilitate offline payments and verification using a blockchain, while maintaining the ability to connect to the network as and when needed. The additional online state can be used for updating the list of block headers, obtaining new TXs and associated Merkle paths and even sending transactions as and when required.
- There are multiple possible use cases for an on- and off-line SPV, including software applications and contactless payment cards.
- PoS SPV Wallet
- The PoS SPV wallet is designed to achieve the minimum functionality required for Bob to accept a transfer from Alice, who is using an offline SPV wallet as described above. These requirements are that Bob must be able to:
-
- Generate a point of sale transaction template.
- Compute Merkle proofs associated with block headers.
- Connect and broadcast to the network, including queries of the UTXO set.
- Manage public key addresses for receiving payment
- Update his list of full TX data containing Alice's UTXOs.
- All the above requirements are met by a PoS SPV wallet according to the schematic design shown in
FIG. 3 and comprises the following features: -
- 1. Block headers—the PoS SPV wallet maintains an up-to-date copy of a list of block header data corresponding to blocks in the blockchain. When presented with a transaction and its Merkle path, the PoS SPV wallet can perform a simple Merkle proof by repeated hashing to the Merkle root.
- By comparing this root to the one in the relevant block header, Bob has an efficient fail-fast mechanism for detecting erroneous or fraudulent payments.
- 2. Network connectivity—the PoS SPV wallet has the ability to connect to the network. This includes—but is not limited to—the ability to broadcast a new signed transaction to the blockchain network and to query for the existence of specific UTXOs in the current UTXO set.
- 3. Public key storage—the PoS SPV wallet only needs to store the public key addresses to which Bob wants to receive the asset(s) or payment. This can be done in several ways such as, for example, by using a deterministic secret (such as disclosed in WO 2017/145016) or using a hierarchical deterministic wallet structure.
- By only storing public key addresses—rather than the associated private keys—at the point of sale, security for ‘card present’ transaction is greatly improved as the Bob's private keys are not susceptible to compromise, and hence funds are protected.
- 4. Minimal processing—the PoS SPV wallet is required to perform only the minimum processing of a Merkle proof based on the template filled in by the Alice.
- This greatly reduces the burden of iterating through and processing full blocks to obtain Merkle paths independently, which expedites the point of sale/transaction process, expedites the transfer of the resource across the network, and improves efficiency for both Bob and Alice.
- 1. Block headers—the PoS SPV wallet maintains an up-to-date copy of a list of block header data corresponding to blocks in the blockchain. When presented with a transaction and its Merkle path, the PoS SPV wallet can perform a simple Merkle proof by repeated hashing to the Merkle root.
- It should be noted that, in at least one embodiment, the point of sale SPV wallet will maintain a copy of the entire list of block headers to ensure that Bob can always perform the SPV check on a Merkle path for any transaction in the history of the blockchain. However, it may be the case that Bob chooses not to keep the full list of block headers, for instance those corresponding to blocks containing no transactions with spendable outputs. In this case, it should be appreciated that Bob may need to query a third party occasionally to obtain block headers he does not already have. In the next section, we detail the Merchant point of sale template that Bob sends to Alice in accordance with one or more embodiments and it should be appreciated that, if Bob does not have a complete list of all block headers, he could incorporate a request for the block headers associated with her unspent transaction outputs into this template.
- PoS SPV Wallet Template
- Turning to
FIG. 4 , Bob's PoS SPV wallet requests the information for Alice's offline (or off/online) wallet in the following format: -
- 1. TX/UTX—Full transaction data from Alice's spendable transaction (as described above).
- 2. Transaction Template—A partially complete blockchain transaction comprising (at least) Bob's output address and the amount of cryptocurrency being requested from Alice. In order for the transaction to be completed, Alice's offline wallet must provide (at least) the TXID from her unspent transaction output, a valid signature for each of the spendable TX outputs to be used, and a change address.
- 3. Merkle Path—When combined with the full, completed transaction, a Merkle proof can be constructed to verify that Alice's TX is included in a block and is therefore valid
- Note that, in the simplest case, Alice needs to provide Bob with a valid payment transaction Tx3 in exchange for the goods at the P-o-S. In accordance with at least one embodiment of the invention, Bob provides the merchant template to facilitate this but it is also conceivable that a template is not used. For example, if Alice already knows the price and Bob's address beforehand, she can construct her payment and transmit it directly to Bob. Alice could also provide the required signatures and outpoint references without explicitly ‘filling-in’ the template itself.
- The full transaction (see (1) in
FIG. 4 ) and Merkle proof (see (3) inFIG. 4 ) can be sent by Alice and processed by Bob. This can be done in parallel with, and independently to, Alice completing Bob's template (see (2) inFIG. 4 ). - Delayed Transaction Submission:
- In some cases, such as for an online retailer, it may be advantageous to submit payment transactions in batches at regular intervals. This may be beneficial for technical reasons such as waiting for improved/optimal network connectivity to be available etc., for accounting purposes or for reducing the total value of transactions fees incurred.
- For the merchant, Bob, this presents no additional challenge but for the customer, Alice, this means that the cryptocurrency associated with Alice's change address is not available for her to use until Bob eventually submits the signed transaction to the network.
- A solution to the problem would be for Bob to specify the artificial delay in processing a transaction within the template that he provides to Alice. Alice's offline wallet can interpret this as meaning that the change generated by the payment to Bob will be unavailable to spend during the merchant's pre-determined time before submitting their batched transactions to the network. It should be noted that there is no additional risk for Bob in this scenario, as the delivery of the purchased goods can be cancelled if the merchant finds evidence of a double-spend before he submits the batch of transactions.
- Extension to the PoS SPV Wallet—Split Wallet
- As an extension to the PoS SPV wallet described above, it may be desirable for Bob to utilise several connected wallets, with different functions, which can be treated as single a split-wallet system.
- Therefore, certain embodiments of the invention build on the basic concept of the point of sale (P-o-S) SPV by introducing a more advanced master SPV which can coordinate one or many point of sale wallets. The combination of a master SPV with one or more P-o-S SPVs will be considered a “split wallet” system herein.
- The split-wallet system in accordance with embodiments of the invention comprises at least one PoS SPV wallet, acting as a payment terminal, coordinated by a master SPV component. The functionality of a master SPV enables the wallet to:
-
- Store the private keys associated with the public key addresses of a P-o-S SPV.
- Compute Merkle proofs associated with block headers.
- Connect and broadcast to the blockchain network, including queries of the UTXO set.
- Communicate with at least one PoS SPV wallet serving as a payment terminal.
- As with all simple payment verification systems, the master wallet should be able to perform all the basic functions of a good SPV, such as checking the Merkle proof of existence for a given transaction. This means that Bob can check that any transaction he broadcasts from the point of sale has been accepted by the network and included in a block. Importantly, however, a master wallet in accordance with an embodiment of the present invention communicates with, and coordinates the payments processed by, at least one simpler PoS SPV wallet.
- It can be advantageous for the master SPV to store the private keys for Bob's payment addresses. This allows Bob to have much greater security over his payment processing when using a split-wallet system. However, storing the Bob's private keys is an optional capability of the master wallet and its primary function is to aggregate and coordinate payments from multiple point of sale wallets.
- In this implementation of a merchant split-wallet—using only a basic master SPV—the merchant-customer interaction is not strictly modified. The PoS SPV wallet must still perform the same checks on Merkle paths and make the same queries to the network about the UTXO set. The differences in the process include:
-
- Choice of P-o-S SPV terminal to be used by Alice and Bob.
- Master SPV should continuously synchronise with the blockchain in the background.
- The private keys associated with Bob's payment addresses receive dedicated management from the master wallet. This adds structure to the security that was previously introduced by only storing public key addresses at the point of sale wallet.
- It should be noted that a master wallet used as part of a split-wallet implementation would typically reside in a separate location to the point of sale SPVs, such as a company back office or head office, for both security concerns and pragmatism. The merchant-customer interaction can be visualised as shown in
FIG. 5 . - As discussed, this implementation using a simple master SPV as part of a merchant split-wallet has utility for the Bob, but still relies on the network for responding to queries of the UTXO set if the split-wallet it to provide a suitable level of double-spend protection.
- This may be addressed in accordance with one or more embodiments, in which the master SPV is replaced with a more powerful type of master wallet which also keeps its own copy of the mempool. The split-wallet architecture equipped with such a master wallet does not need to query the network to check if a customer's UTXOs are part of the current UTXO set.
- A master wallet with its own copy of the mempool functions similarly to a classical non-mining ‘full node’ client but, advantageously, it does not need to keep a full copy of the blockchain. Instead, this type of master wallet keeps only the block headers and its own local copy of the mempool. The copy of the mempool can either be constructed locally by synchronising with the network or sourced from a trusted third party or service.
- The implementation of the split-wallet using a master SPV wallet with its own copy of the mempool changes the merchant-customer interaction from the perspective of the merchant.
- The primary change in the interaction from that described above in relation to
FIG. 5 is manifested insteps 4 and 5: -
- In
step 4, the merchant only broadcasts the transaction to the network, rather than adding the additional query of the UTXO set - In
step 5, the merchant now performs his own check on the validity of the customer's transaction by checking the mempool for a conflicting transaction. The merchant can then decide what action to take based on the state of his synchronised copy of the mempool.
- In
- Illustration of the Invention in Use
- Consider a typical merchant-customer interaction where Alice would like to buy something from Bob. In accordance with an embodiment of the invention, the process is performed as outlined below, and with reference to
FIG. 6 : -
- 1. Bob creates a partially complete blockchain transaction and requests the following information from Alice. This could be packaged together as a template for Alice to fill in:
- a. The TX outputs Alice will spend in order to complete the purchase
- b. A (Bitcoin) change address for Alice
- c. A signature from Alice
- d. the Merkle path for the TXs (this does not form part of the transaction)
- 2. Alice completes the template by providing the required information.
- 3. Bob performs the Merkle proofs to check the validity of the TXs Alice has provided. If the proofs are not valid Bob knows that Alice's TXs have never been valid in the blockchain and he rejects the transaction. Advantageously, this is a fail-fast mechanism.
- 4. Bob broadcasts the complete transaction to the network and queries the UTXO set.
- a. The broadcast allows miners to begin attempts to mine the transaction into a block.
- b. The query asks whether the ostensibly valid UTXOs provided by Alice are still in the UTXO set.
- This is a mechanism for the prevention of a double-spend by Alice.
- 5. The network responds to Bob's UTXO query. This allows Bob to take one of the following courses of action:
- a. If Alice's UTXOs are still part of the UTXO set, Bob can accept the payment with minimal risk of a double spend.
- i. The risk taken by Bob can be minimised by continuing to poll network nodes with this query for some time interval r.
- ii. Bayesian analysis can be leveraged to ensure Bob queries an honest majority of nodes, within some confidence interval.
- b. If Alice's UTXOs are not part of the UTXO set, Bob rejects Alice's payment.
- a. If Alice's UTXOs are still part of the UTXO set, Bob can accept the payment with minimal risk of a double spend.
- 1. Bob creates a partially complete blockchain transaction and requests the following information from Alice. This could be packaged together as a template for Alice to fill in:
- As mentioned above, embodiments of the invention lend themselves for use and implementation in a variety of forms. These can include payment cards, for example.
- As known in the art, a traditional SPV wallet verifies that a transaction is not a double spend by checking its depth within the blockchain, which it does by querying the network. Once a transaction has been validated by a miner and is included in a block the transaction has 1 confirmation. Every additional block added to the blockchain increases the confirmation by 1 and with each new confirmation the risk of a double spend is decreased. A traditional SPV wallet will display a transaction as “n/unconfirmed” until it has 6 confirmations.
- However, the default 6 confirmation rule is not fundamental to Bitcoin. Not all merchants want to wait for 6 blocks (or even 1 block) to be generated before being satisfied with payment. “0-conf” is the term used in the art to denote a transaction that has not yet been included in a block. Once Alice completes her transaction she broadcasts it to the network and Bob should (at the very least) be able to find it in the mempool.
- The present invention shifts the burden of broadcasting the transaction to the receiver, Bob, rather than the sender, Alice, thus minimising the CPU required and improving the experience for Alice. Bob has a greater degree of control over the transaction process as he does not need to rely on Alice's connection to the network, but not enough control to compromise Alice's security. Essentially, Alice (only) has the authority to accept or reject the transaction by providing a digital signature.
- The Merkle path check does not prevent double spending as 0-conf is only reached once Bob can see that the transaction being relayed by the network and is in the mempool. Instead, it acts as a fail-fast mechanism allowing Bob to instantly reject attempts to spend non-existent UTXOs. This is useful as it prevents Bob being used as an intermediary for spam attacks, especially since the time taken to broadcast and then query a full node may take more than a few seconds if the connection is poor.
- With offline payments enabled, hardware such as pre-paid smart cards can be integrated into the bitcoin ecosystem. The payment card would require data capacity to store private keys as well as the UTXOs, complete transactions and Merkle paths. It would also require some processing power in order to implement the ECDSA signing algorithm. Table 1 shows a list of some electronic card types available at the time of filing.
-
TABLE 1 Typical payment card specifications Maximum Cost of Cost of Data Processing Card Reader/ Capacity Power (USD) Connection Magnetic 140 bytes None $0.20-$0.75 $750 Stripe Cards Integrated 1 kB None $1-$2.50 $500 Circuit Memory Cards Integrated 8 kB 8-bit CPU $7-$15 $500 Circuit (Future Processor expansion up Cards to 23-bit) - Double Spend Protection
- Suppose that a customer, Alice, wishes to exchange cryptocurrency for physical goods in a shop. Traditionally, Alice sends a transaction to the blockchain network at the point-of-sale (POS) and Bob, the merchant, only allows Alice to leave with the goods when he sees this transaction either
-
- (a) gossiped back to him as accepted by the network; or
- (b) confirmed in a block (or n blocks deep for n-conf).
- In scenario (a) Bob knows that Alice's payment transaction to him is valid and miners will attempt to mine this payment into a block. Although this does not protect Bob from a simple double-spend initiated by Alice remotely submitting a conflicting transaction, this scenario is compatible with a conventional block-header based SPV.
- In scenario (b) Bob knows that the payment transaction is both valid and has not been double-spent. However, this requires Bob to run a full-node and download the next block(s) in-situ. Also, on the Bitcoin network this will take an average of 10 minutes before Alice may leave the premises with the goods.
- It should be noted that in this problem statement, we assume that 0-conf security is satisfactory for Bob as the attack we are trying to mitigate is a simple double-spend by Alice. To require one or more blocks is to mitigate a different attack vector—that of a third adversary, Carol, overpowering the entire network.
- The following table illustrates how neither scenario (a) nor (b) are independently acceptable for such a customer-merchant interaction. This table shows the transaction features of scenario a) and b):
-
Factor Scenario (a) Scenario (b) Double-spend protection for Bob Not Acceptable <10 s average transaction time Acceptable Not <10 m average transaction time Acceptable Not SPV compatible* (Bob) Acceptable Not SPY compatible* (Alice) Acceptable Acceptable *This means that there is no full-node requirement on this party. Only a solution which meets all of these criteria is acceptable for both Bob (merchant) and Alice (customer) for most transactions. - Embodiments of the merchant PoS wallet disclosed herein provides the following advantages:
-
- Double-spend protection for merchant
- Instant (<<10 s) average transaction time
- Customer and merchant can both use SPV wallets at the point of sale.
-
Scenario Scenario Merchant Factor (a) (b) SPV Double-spend protection for Bob No Yes Yes <10 s average transaction time Yes No Yes <10 m average transaction time Yes No Yes SPV compatible* (Bob) Yes No Yes SPV compatible* (Alice) Yes Yes Yes - It is envisaged that embodiments of the invention are able to provide performance and results which would be a significant improvement over existing SPV/cryptocurrency transaction rates, and at least rival existing chip-and-pin/contactless terminal payment interactions in terms of instantaneity.
- Moreover, the invention also provides allows payments to be considered cleared and approved with a high degree of certainty within approximately one hour (i.e. 6-conf). This is far superior to the current payment clearing times of up to 60-days i.e. VISA and Mastercard clearing times.
- Variable Risk
- As a merchant, Bob can calibrate the latency for accepting a payment at the point of sale. By choosing the minimum polling time interval τ he also sets the probabilistic upper bound on the risk of a double-spend acceptable to him. This can allow for greater efficiency and flexibility in payment processing for merchants.
- In addition, Bob can set the mining fee for the transaction when generating the template. It does not necessarily matter who pays this fee, but the value can be used as a parameter for setting the risk of double-spend to a level deemed acceptable by the merchant.
- In total the point of sale time delay and the mining fee for the transaction are two parameters that can be set by the merchant and consented to by the customer's digital signature that can effectively calibrate the efficiency and risk on a case-by-case basis. This may depend, for example, on the value of the goods to be exchanged,
- Turning now to
FIG. 7 , there is provided an illustrative, simplified block diagram of acomputing device 2600 that may be used to practice at least one embodiment of the present disclosure. In various embodiments, thecomputing device 2600 may be used to implement any of the systems illustrated and described above. For example, thecomputing device 2600 may be configured for use as a data server, a web server, a portable computing device, a personal computer, or any electronic computing device. As shown inFIG. 7 , thecomputing device 2600 may include one or more processors with one or more levels of cache memory and a memory controller (collectively labelled 2602) that can be configured to communicate with astorage subsystem 2606 that includesmain memory 2608 andpersistent storage 2610. - The
main memory 2608 can include dynamic random-access memory (DRAM) 2618 and read-only memory (ROM) 2620 as shown. Thestorage subsystem 2606 and the cache memory 2602 and may be used for storage of information, such as details associated with transactions and blocks as described in the present disclosure. The processor(s) 2602 may be utilized to provide the steps or functionality of any embodiment as described in the present disclosure. - The processor(s) 2602 can also communicate with one or more user interface input devices 2612, one or more user interface output devices 2614, and a
network interface subsystem 2616. - A
bus subsystem 2604 may provide a mechanism for enabling the various components and subsystems ofcomputing device 2600 to communicate with each other as intended. Although thebus subsystem 2604 is shown schematically as a single bus, alternative embodiments of the bus subsystem may utilize multiple busses. - The
network interface subsystem 2616 may provide an interface to other computing devices and networks. Thenetwork interface subsystem 2616 may serve as an interface for receiving data from, and transmitting data to, other systems from thecomputing device 2600. For example, thenetwork interface subsystem 2616 may enable a data technician to connect the device to a network such that the data technician may be able to transmit data to the device and receive data from the device while in a remote location, such as a data centre. - The user interface input devices 2612 may include one or more user input devices such as a keyboard; pointing devices such as an integrated mouse, trackball, touchpad, or graphics tablet; a scanner; a barcode scanner; a touch screen incorporated into the display; audio input devices such as voice recognition systems, microphones; and other types of input devices. In general, use of the term “input device” is intended to include all possible types of devices and mechanisms for inputting information to the
computing device 2600. - The one or more user interface output devices 2614 may include a display subsystem, a printer, or non-visual displays such as audio output devices, etc. The display subsystem may be a cathode ray tube (CRT), a flat-panel device such as a liquid crystal display (LCD), light emitting diode (LED) display, or a projection or other display device. In general, use of the term “output device” is intended to include all possible types of devices and mechanisms for outputting information from the
computing device 2600. The one or more user interface output devices 2614 may be used, for example, to present user interfaces to facilitate user interaction with applications performing processes described and variations therein, when such interaction may be appropriate. - The
storage subsystem 2606 may provide a computer-readable storage medium for storing the basic programming and data constructs that may provide the functionality of at least one embodiment of the present disclosure. The applications (programs, code modules, instructions), when executed by one or more processors, may provide the functionality of one or more embodiments of the present disclosure, and may be stored in thestorage subsystem 2606. These application modules or instructions may be executed by the one or more processors 2602. Thestorage subsystem 2606 may additionally provide a repository for storing data used in accordance with the present disclosure. For example, themain memory 2608 and cache memory 2602 can provide volatile storage for program and data. Thepersistent storage 2610 can provide persistent (non-volatile) storage for program and data and may include flash memory, one or more solid state drives, one or more magnetic hard disk drives, one or more floppy disk drives with associated removable media, one or more optical drives (e.g. CD-ROM or DVD or Blue-Ray) drive with associated removable media, and other like storage media. Such program and data can include programs for carrying out the steps of one or more embodiments as described in the present disclosure as well as data associated with transactions and blocks as described in the present disclosure. - The
computing device 2600 may be of various types, including a portable computer device, tablet computer, a workstation, or any other device described below. Additionally, thecomputing device 2600 may include another device that may be connected to thecomputing device 2600 through one or more ports (e.g., USB, a headphone jack, Lightning connector, etc.). The device that may be connected to thecomputing device 2600 may include a plurality of ports configured to accept fibre-optic connectors. Accordingly, this device may be configured to convert optical signals to electrical signals that may be transmitted through the port connecting the device to thecomputing device 2600 for processing. Due to the ever-changing nature of computers and networks, the description of thecomputing device 2600 depicted inFIG. 7 is intended only as a specific example for purposes of illustrating the preferred embodiment of the device. Many other configurations having more or fewer components than the system depicted inFIG. 7 are possible. - The term “blockchain transaction” may be used to refer to a data structure which implements the use of a cryptographic key to achieve transfer of control of a digital resource or asset via a blockchain network. As stated above, in order for a transaction to be written to the blockchain, it must be i) validated by the first node that receives the transaction—if the transaction is validated, the node relays it to the other nodes in the network; and ii) added to a new block built by a miner; and iii) mined, i.e. added to the public ledger of past transactions. It will be appreciated that the nature of the work performed by miners will depend on the type of consensus mechanism used to maintain the blockchain. While proof of work (PoW) is associated with the original Bitcoin protocol, it will be appreciated that other consensus mechanisms, such as, proof of stake (PoS), delegated proof of stake (DPoS), proof of capacity (PoC), proof of elapsed time (PoET), proof of authority (PoA) etc. may be used. Different consensus mechanisms vary in how mining is distributed between nodes, with the odds of successfully mining a block depending on e.g. a miner's hashing power (PoW), an amount of cryptocurrency held by a miner (PoS), an amount of cryptocurrency staked on a delegate miner (DPoS), a miner's ability to store pre-determined solutions to a cryptographic puzzle (PoC), a wait time randomly assigned to a miner (PoET), etc.
- Typically, miners are provided with an incentive or reward for mining a block. The Bitcoin blockchain, for example, rewards miners with newly issued cryptocurrency (Bitcoin) and fees associated with transactions in the block (transaction fees). For the Bitcoin blockchain, the amount of cryptocurrency issued diminishes with time, with the incentive eventually consisting of transaction fees only. It will be appreciated, therefore, that the handling of transaction fees is a part of the underlying mechanism for committing data to public blockchains such as the Bitcoin blockchain.
- As mentioned previously, each transaction in a given block encodes the transfer of control of a digital asset between participants in the blockchain system. The digital asset need not necessarily correspond to a cryptocurrency. For example, the digital asset may pertain to a digital representation of a document, image, physical object, etc. The payment of cryptocurrency and/or transaction fees to miners may simply act as an incentive to maintain the validity of blocks in the blockchain by performing the necessary work. It may be that the cryptocurrency associated with the blockchain acts as a security for miners, with the blockchain itself being a ledger for transactions that predominantly relate to digital assets other than cryptocurrency. In some cases, it may be that the transfer of cryptocurrency between participants is handled by an entity that is different from the entity using the blockchain to maintain a ledger of transactions.
- It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be capable of designing many alternative embodiments without departing from the scope of the invention as defined by the appended claims. In the claims, any reference signs placed in parentheses shall not be construed as limiting the claims. The word “comprising” and “comprises”, and the like, does not exclude the presence of elements or steps other than those listed in any claim or the specification as a whole. In the present specification, “comprises” means “includes or consists of” and “comprising” means “including or consisting of”. The singular reference of an element does not exclude the plural reference of such elements and vice-versa. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In a device claim enumerating several means, several of these means may be embodied by one and the same item of hardware. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.
Claims (20)
Applications Claiming Priority (11)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GBGB1902086.6A GB201902086D0 (en) | 2019-02-15 | 2019-02-15 | Computer-implemented system and method |
GB1902090.8 | 2019-02-15 | ||
GBGB1902089.0A GB201902089D0 (en) | 2019-02-15 | 2019-02-15 | Computer-implemented system and method |
GBGB1902088.2A GB201902088D0 (en) | 2019-02-15 | 2019-02-15 | Computer-implemented system and method |
GB1902092.4 | 2019-02-15 | ||
GB1902088.2 | 2019-02-15 | ||
GB1902086.6 | 2019-02-15 | ||
GBGB1902090.8A GB201902090D0 (en) | 2019-02-15 | 2019-02-15 | Computer-implemented system and method |
GBGB1902092.4A GB201902092D0 (en) | 2019-02-15 | 2019-02-15 | Computer-implemented system and method |
GB1902089.0 | 2019-02-15 | ||
PCT/IB2020/050740 WO2020165680A1 (en) | 2019-02-15 | 2020-01-30 | Computer-implemented systems and methods for implementing transfers over a blockchain network |
Publications (1)
Publication Number | Publication Date |
---|---|
US20220129893A1 true US20220129893A1 (en) | 2022-04-28 |
Family
ID=69500792
Family Applications (5)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US17/431,097 Pending US20220138737A1 (en) | 2019-02-15 | 2020-01-30 | Computer-implemented systems and methods for implementing transfers over a blockchain network |
US17/431,099 Pending US20220129887A1 (en) | 2019-02-15 | 2020-01-30 | Computer-implemented systems and methods for implementing transfers over a blockchain network |
US17/431,110 Pending US20220138738A1 (en) | 2019-02-15 | 2020-01-30 | Computer-implemented systems and methods for implementing transfers over a blockchain network |
US17/431,109 Pending US20220129893A1 (en) | 2019-02-15 | 2020-01-30 | Computer-implemented systems and methods for implementing transfers over a blockchain network |
US17/431,105 Pending US20220129888A1 (en) | 2019-02-15 | 2020-01-30 | Computer-implemented systems and methods for implementing transfers over a blockchain network |
Family Applications Before (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US17/431,097 Pending US20220138737A1 (en) | 2019-02-15 | 2020-01-30 | Computer-implemented systems and methods for implementing transfers over a blockchain network |
US17/431,099 Pending US20220129887A1 (en) | 2019-02-15 | 2020-01-30 | Computer-implemented systems and methods for implementing transfers over a blockchain network |
US17/431,110 Pending US20220138738A1 (en) | 2019-02-15 | 2020-01-30 | Computer-implemented systems and methods for implementing transfers over a blockchain network |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US17/431,105 Pending US20220129888A1 (en) | 2019-02-15 | 2020-01-30 | Computer-implemented systems and methods for implementing transfers over a blockchain network |
Country Status (8)
Country | Link |
---|---|
US (5) | US20220138737A1 (en) |
EP (5) | EP3924920A1 (en) |
JP (6) | JP2022520478A (en) |
KR (5) | KR20210128452A (en) |
CN (5) | CN113508410A (en) |
SG (5) | SG11202108153QA (en) |
TW (5) | TWI836003B (en) |
WO (5) | WO2020165678A1 (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20220094542A1 (en) * | 2019-05-10 | 2022-03-24 | nChain Holdings Limited | Methods and devices for public key management using a blockchain |
US20230121349A1 (en) * | 2021-10-15 | 2023-04-20 | Chia Network Inc. | Method for securing private structured databases within a public blockchain |
US11645632B2 (en) * | 2020-05-26 | 2023-05-09 | Derek Norman La Salle | System and method for a decentralized portable information container supporting privacy protected digital information credentialing, remote administration, local validation, access control and remote instruction signaling utilizing blockchain distributed ledger and container wallet technologies |
Families Citing this family (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11196543B2 (en) * | 2018-09-05 | 2021-12-07 | International Business Machines Corporation | Minimum evidence calculation in blockchain transactions |
GB2592211A (en) | 2020-02-19 | 2021-08-25 | Nchain Holdings Ltd | Adapting connections of a layered network |
GB2594684A (en) | 2020-02-19 | 2021-11-10 | Nchain Holdings Ltd | Layered network |
TWI762010B (en) * | 2020-10-30 | 2022-04-21 | 鴻海精密工業股份有限公司 | Method and system for trading of blockchain |
GB2600769A (en) * | 2020-11-10 | 2022-05-11 | Nchain Holdings Ltd | Merkle proof entity |
GB2600770A (en) * | 2020-11-10 | 2022-05-11 | Nchain Holdings Ltd | Merkle proof entity |
CN112749969B (en) * | 2020-11-16 | 2022-08-09 | 腾讯科技(深圳)有限公司 | Data processing method and device, computer equipment and storage medium |
US11843702B2 (en) * | 2020-11-20 | 2023-12-12 | The Toronto-Dominion Bank | System and method for secure distribution of resource transfer request data |
KR102478699B1 (en) * | 2021-03-18 | 2022-12-16 | 중앙대학교 산학협력단 | Blockchain-based IoT security method and apparatus |
US11902426B2 (en) * | 2021-06-26 | 2024-02-13 | Ceremorphic, Inc. | Efficient storage of blockchain in embedded device |
TWI764811B (en) * | 2021-08-17 | 2022-05-11 | 英屬開曼群島商現代財富控股有限公司 | Key generating system for hierarchical deterministic wallet and method thereof |
CN117941322A (en) * | 2021-09-22 | 2024-04-26 | 恩晨特许股份公司 | Blockchain-based transaction protocol |
EP4423954A1 (en) * | 2021-10-28 | 2024-09-04 | nChain Licensing AG | Methods and systems for distributed blockchain functionalities |
WO2023118843A1 (en) * | 2021-12-20 | 2023-06-29 | WRT Technologies Limited | Recording blockchain transactions |
CN114356937B (en) * | 2022-01-09 | 2022-08-26 | 上海即科智能技术集团有限公司 | Financial information management system based on block chain and big data |
CN114565377A (en) * | 2022-02-22 | 2022-05-31 | 福建博泉哈希科技有限公司 | Refund method and system based on block chain and computer readable storage medium |
GB2627251A (en) * | 2023-02-17 | 2024-08-21 | Nchain Licensing Ag | Computer-implemented system and method |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170132621A1 (en) * | 2015-11-06 | 2017-05-11 | SWFL, Inc., d/b/a "Filament" | Systems and methods for autonomous device transacting |
US20200104228A1 (en) * | 2018-09-27 | 2020-04-02 | Ripple Labs Inc. | Asynchronous self-proving transactions |
US20200252221A1 (en) * | 2019-02-05 | 2020-08-06 | Visa International Service Association | Optimizations for verification of interactions system and method |
US20210160053A1 (en) * | 2018-11-07 | 2021-05-27 | Advanced New Technologies Co., Ltd. | Merkle tree construction methods and apparatuses and simplified payment verification methods and apparatuses |
US20220046028A1 (en) * | 2018-12-05 | 2022-02-10 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and system for determining a state of an account in a network device running a light client protocol of a distributed ledger technology network |
Family Cites Families (25)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB512169A (en) | 1938-04-28 | 1939-08-30 | Norman Finlay Johnston | Improvements in and relating to ventilators, air diffusers and the like |
US11270298B2 (en) * | 2014-04-14 | 2022-03-08 | 21, Inc. | Digital currency mining circuitry |
US10230526B2 (en) * | 2014-12-31 | 2019-03-12 | William Manning | Out-of-band validation of domain name system records |
US10812274B2 (en) * | 2015-05-07 | 2020-10-20 | Blockstream Corporation | Transferring ledger assets between blockchains via pegged sidechains |
WO2017079652A1 (en) * | 2015-11-05 | 2017-05-11 | Pulsifer Allen | Cryptographic transactions system |
KR20180116278A (en) | 2016-02-23 | 2018-10-24 | 엔체인 홀딩스 리미티드 | Common information secrets for secure information exchange and hierarchical and deterministic cryptographic keys |
EP3472994B1 (en) * | 2016-06-20 | 2020-10-21 | Innogy Innovation Gmbh | Software defined networking system |
TWI651671B (en) * | 2016-08-25 | 2019-02-21 | 第一商業銀行股份有限公司 | Fast blockchain trading method |
RU2019111909A (en) * | 2016-10-03 | 2020-11-06 | Виза Интернэшнл Сервис Ассосиэйшн | NETWORK TOPOLOGY |
US11831748B1 (en) * | 2017-01-17 | 2023-11-28 | Justin Fisher | Method and system for utilizing the infrastructure of a blockchain to enhance the degree of security and veracity of another blockchain |
US20180247191A1 (en) * | 2017-02-03 | 2018-08-30 | Milestone Entertainment Llc | Architectures, systems and methods for program defined entertainment state system, decentralized cryptocurrency system and system with segregated secure functions and public functions |
WO2018201147A2 (en) * | 2017-04-28 | 2018-11-01 | Neuromesh Inc. | Methods, apparatus, and systems for controlling internet-connected devices having embedded systems with dedicated functions |
CN110741372A (en) | 2017-06-07 | 2020-01-31 | 区块链控股有限公司 | Computer-implemented system and method for managing transactions on a blockchain network |
TWI646480B (en) * | 2017-07-05 | 2019-01-01 | 台新金融控股股份有限公司 | System for issuing and verifying certificates based on blockchain and method thereof |
US10761877B2 (en) | 2017-07-21 | 2020-09-01 | Intel Corporation | Apparatuses, methods, and systems for blockchain transaction acceleration |
US10783272B2 (en) * | 2017-12-08 | 2020-09-22 | Nec Corporation | Method and system of preserving privacy for usage of lightweight blockchain clients |
FR3075534B1 (en) * | 2017-12-14 | 2020-01-10 | CopSonic | DIGITAL KEY STORAGE DEVICE FOR SIGNING TRANSACTIONS ON A BLOCK CHAIN |
US11461777B2 (en) * | 2017-12-19 | 2022-10-04 | Tbcasoft, Inc. | Cross-ledger transfers between distributed ledgers |
CN108683630B (en) * | 2018-04-03 | 2020-05-29 | 阿里巴巴集团控股有限公司 | Cross-block-chain authentication method and device and electronic equipment |
CN110458709B (en) * | 2018-04-28 | 2022-12-30 | 腾讯科技(深圳)有限公司 | Resource transfer information transmission method and device, storage medium and electronic device |
WO2020082031A1 (en) * | 2018-10-18 | 2020-04-23 | Eian Labs Inc. | Confidential transaction auditing using an authenticated data structure |
WO2021250045A1 (en) * | 2020-06-10 | 2021-12-16 | Elas Holdings PTY LTD | Computer implemented systems and methods |
US20220270093A1 (en) * | 2021-02-23 | 2022-08-25 | Bit Trap Pte. Ltd. | System and method for detecting intrusions by recognizing unauthorized cryptocurrency transactions at an optimized cost |
CN112967065B (en) * | 2021-05-18 | 2021-07-13 | 腾讯科技(深圳)有限公司 | Transaction verification method, device, equipment and storage medium |
US20230144486A1 (en) * | 2021-11-09 | 2023-05-11 | Vincent Bono | Cryptocurrency Transaction Process |
-
2020
- 2020-01-30 SG SG11202108153QA patent/SG11202108153QA/en unknown
- 2020-01-30 KR KR1020217029704A patent/KR20210128452A/en not_active Application Discontinuation
- 2020-01-30 US US17/431,097 patent/US20220138737A1/en active Pending
- 2020-01-30 US US17/431,099 patent/US20220129887A1/en active Pending
- 2020-01-30 EP EP20704084.1A patent/EP3924920A1/en active Pending
- 2020-01-30 JP JP2021547832A patent/JP2022520478A/en active Pending
- 2020-01-30 WO PCT/IB2020/050737 patent/WO2020165678A1/en unknown
- 2020-01-30 EP EP20704948.7A patent/EP3924923A1/en active Pending
- 2020-01-30 SG SG11202108154TA patent/SG11202108154TA/en unknown
- 2020-01-30 KR KR1020217029707A patent/KR20210128455A/en not_active Application Discontinuation
- 2020-01-30 KR KR1020217029708A patent/KR20210128456A/en active IP Right Grant
- 2020-01-30 CN CN202080014612.XA patent/CN113508410A/en active Pending
- 2020-01-30 KR KR1020217029705A patent/KR20210128453A/en not_active Application Discontinuation
- 2020-01-30 CN CN202080014605.XA patent/CN113874897A/en active Pending
- 2020-01-30 SG SG11202108151UA patent/SG11202108151UA/en unknown
- 2020-01-30 WO PCT/IB2020/050740 patent/WO2020165680A1/en unknown
- 2020-01-30 CN CN202080014608.3A patent/CN113874898A/en active Pending
- 2020-01-30 CN CN202080014564.4A patent/CN113508409A/en active Pending
- 2020-01-30 JP JP2021547833A patent/JP7512294B2/en active Active
- 2020-01-30 US US17/431,110 patent/US20220138738A1/en active Pending
- 2020-01-30 WO PCT/IB2020/050739 patent/WO2020165679A1/en unknown
- 2020-01-30 JP JP2021547831A patent/JP2022520656A/en active Pending
- 2020-01-30 WO PCT/IB2020/050735 patent/WO2020165677A1/en unknown
- 2020-01-30 JP JP2021547835A patent/JP2022520845A/en active Pending
- 2020-01-30 EP EP20704947.9A patent/EP3924922A1/en active Pending
- 2020-01-30 US US17/431,109 patent/US20220129893A1/en active Pending
- 2020-01-30 US US17/431,105 patent/US20220129888A1/en active Pending
- 2020-01-30 SG SG11202108152XA patent/SG11202108152XA/en unknown
- 2020-01-30 EP EP20705791.0A patent/EP3924924A1/en active Pending
- 2020-01-30 WO PCT/IB2020/050734 patent/WO2020165676A1/en unknown
- 2020-01-30 KR KR1020217029706A patent/KR20210128454A/en not_active Application Discontinuation
- 2020-01-30 EP EP20704946.1A patent/EP3924921A1/en active Pending
- 2020-01-30 SG SG11202108169UA patent/SG11202108169UA/en unknown
- 2020-01-30 CN CN202080014611.5A patent/CN113874899A/en active Pending
- 2020-01-30 JP JP2021547834A patent/JP7543288B2/en active Active
- 2020-02-10 TW TW109104082A patent/TWI836003B/en active
- 2020-02-10 TW TW109104073A patent/TW202040391A/en unknown
- 2020-02-10 TW TW109104074A patent/TW202036335A/en unknown
- 2020-02-10 TW TW109104081A patent/TWI828857B/en active
- 2020-02-10 TW TW109104080A patent/TW202044157A/en unknown
-
2024
- 2024-06-21 JP JP2024100311A patent/JP2024123161A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170132621A1 (en) * | 2015-11-06 | 2017-05-11 | SWFL, Inc., d/b/a "Filament" | Systems and methods for autonomous device transacting |
US20200104228A1 (en) * | 2018-09-27 | 2020-04-02 | Ripple Labs Inc. | Asynchronous self-proving transactions |
US20210160053A1 (en) * | 2018-11-07 | 2021-05-27 | Advanced New Technologies Co., Ltd. | Merkle tree construction methods and apparatuses and simplified payment verification methods and apparatuses |
US20220046028A1 (en) * | 2018-12-05 | 2022-02-10 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and system for determining a state of an account in a network device running a light client protocol of a distributed ledger technology network |
US20200252221A1 (en) * | 2019-02-05 | 2020-08-06 | Visa International Service Association | Optimizations for verification of interactions system and method |
Non-Patent Citations (1)
Title |
---|
Antonopoulos A. M., "Mastering Bitcoin - Unlocking Digital Cryptocurrencies," O'Reilly, December 20, 2014 (Year: 2014) * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20220094542A1 (en) * | 2019-05-10 | 2022-03-24 | nChain Holdings Limited | Methods and devices for public key management using a blockchain |
US11645632B2 (en) * | 2020-05-26 | 2023-05-09 | Derek Norman La Salle | System and method for a decentralized portable information container supporting privacy protected digital information credentialing, remote administration, local validation, access control and remote instruction signaling utilizing blockchain distributed ledger and container wallet technologies |
US20230121349A1 (en) * | 2021-10-15 | 2023-04-20 | Chia Network Inc. | Method for securing private structured databases within a public blockchain |
US12052369B2 (en) * | 2021-10-15 | 2024-07-30 | Chia Network, Inc. | Method for securing private structured databases within a public blockchain |
Also Published As
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20220129893A1 (en) | Computer-implemented systems and methods for implementing transfers over a blockchain network | |
KR20200096722A (en) | Cross-asset transaction within the blockchain network | |
US20210344500A1 (en) | Computer-implemented system and method for transferring access to digital resource | |
WO2020107033A1 (en) | Methods, systems, and devices for on-chain stable transaction in decentralized cryptocurrencies | |
KR20200114324A (en) | Block chain based money transfer processing system using cryptocurrency | |
CN117941322A (en) | Blockchain-based transaction protocol |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: NCHAIN HOLDINGS LTD., ANTIGUA AND BARBUDA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:WRIGHT, CRAIG STEVEN;DAVIES, JACK OWEN;MACKAY, ALEXANDER TENNYSON;SIGNING DATES FROM 20190313 TO 20190314;REEL/FRAME:057194/0596 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
AS | Assignment |
Owner name: NCHAIN LICENSING AG, SWITZERLAND Free format text: CHANGE OF NAME;ASSIGNOR:NCHAIN HOLDINGS LIMITED;REEL/FRAME:061118/0671 Effective date: 20201125 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |