WO2020143431A1 - Bookkeeping method, mining pool server, terminal apparatus, mining node, and mining pool - Google Patents

Bookkeeping method, mining pool server, terminal apparatus, mining node, and mining pool Download PDF

Info

Publication number
WO2020143431A1
WO2020143431A1 PCT/CN2019/127183 CN2019127183W WO2020143431A1 WO 2020143431 A1 WO2020143431 A1 WO 2020143431A1 CN 2019127183 W CN2019127183 W CN 2019127183W WO 2020143431 A1 WO2020143431 A1 WO 2020143431A1
Authority
WO
WIPO (PCT)
Prior art keywords
mining
tee
accounting
slave
terminal device
Prior art date
Application number
PCT/CN2019/127183
Other languages
French (fr)
Chinese (zh)
Inventor
程强
Original Assignee
深圳市红砖坊技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市红砖坊技术有限公司 filed Critical 深圳市红砖坊技术有限公司
Publication of WO2020143431A1 publication Critical patent/WO2020143431A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • G06Q20/06Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange

Definitions

  • the present disclosure relates to the field of blockchain technology, and in particular, to an accounting method, mining pool server, terminal equipment, mining node, and mining pool.
  • the existing blockchain generally uses a consensus algorithm to determine which miner node obtains the accounting right, and the miner node that obtains the accounting right can receive a pre-agreed reward (for example, digital currency). This process is called mining. Because mining can bring certain economic benefits, in some implementation schemes, the consensus calculation is stripped from the miner node, and many application specific integrated circuits (Application Specific Integrated Circuit, ASIC) miners connected by the remote provide consensus The calculated computing power forms a mining pool structure.
  • ASIC Application Specific Integrated Circuit
  • PoW Proof of Work
  • embodiments of the present disclosure provide a billing method, mining pool server, terminal equipment, mining node, and mining pool, and adopt consensus based on accumulated unused time in the trusted execution environment of terminal equipment participating in mining Algorithms to save computing resources and reduce power consumption.
  • the bookkeeping method provided by an embodiment of the present disclosure can be applied to a blockchain system.
  • the blockchain system includes at least one parallel chain, at least one parallel chain is built with at least one mining pool, and each mining pool includes a mining pool server and a A mining node on a parallel chain.
  • the mining node uses a distributed data blockchain to store data.
  • the method includes:
  • the mining pool server receives and stores the hash value of the main body of the block header of the pending accounting block sent by the mining node and the target difficulty of mining on the parallel chain where the mining node is located;
  • the mining pool server receives the accounting request sent by the terminal device
  • the mining pool server sends the hash value and difficulty target value of the main part of the block header to the terminal device, so that the Slave Trusted Execution Environment (Slave TEE) configured by the terminal device determines whether its accumulated unused duration is greater than The cumulative unused lower limit duration calculated according to the difficulty target value, and signing the accounting right determination information when the cumulative unused duration is greater than the cumulative unused lower limit duration, wherein the accounting right determination information includes a hash of the main part of the block header Value and the address subject of the wallet account bound by Slave TEE;
  • Slave TEE Slave Trusted Execution Environment
  • the mining pool server receives the accounting right determination information and the signature of the accounting right determination information sent by the terminal device;
  • the mining pool server sends the accounting right determination information and the signature of the accounting right determination information to the mining node, so that the mining node generates an accounting block containing the address body of the wallet account and the signature of the accounting right determination information, and Add the accounting block to the local blockchain.
  • the terminal equipment is connected to the mining pool to participate in mining.
  • the Slave TEE configured in the terminal equipment acts as a miner.
  • Slave TEE uses a consensus algorithm different from PoW when competing for billing rights: Slave TEE maintains a cumulative With the duration, the accumulated unused duration will accumulate with the passage of time.
  • Slave TEE also obtains the difficulty target value from the mining pool server, and calculates the cumulative unused minimum duration according to the difficulty target value. If the cumulative unused duration is greater than the cumulative unused duration With the lower limit time, the Slave TEE competition accounting right succeeds, otherwise the competition accounting right fails, and it can continue to participate in the next accounting right competition.
  • the calculation amount involved in this consensus algorithm is much smaller than the PoW algorithm, which effectively avoids the waste of computing resources in the Slave TEE, reduces the power consumption of the Slave TEE, or enables the Slave TEE to adopt a low-cost, low-power hardware implementation, which is effective Save the consumption of electrical energy.
  • Slave TEE will also sign the information of the accounting right after the competition for the accounting right is successful, and send the accounting right determination information together with its signature to the mining pool server, and the mining pool server will further forward it to the mining Node, the mining node will finally save the signature in the newly generated accounting block, and broadcast the accounting right determination information and the newly generated accounting block on the parallel chain where it is located. Therefore, the mining pool server, mining nodes, and other nodes on the parallel chain can verify the authenticity of the bookkeeper based on the signature, and can also verify the bookkeeping rights to determine whether the content of the information has been tampered, which is conducive to improving the area. The security of the blockchain system.
  • the accounting right determination information includes key information related to the competitive accounting right.
  • the hash value of the main body of the block header can uniquely identify the pending accounting block, and the address body of the wallet account bound by Slave TEE indicates the identity of the bookkeeper , So they can be included in the accounting right determination information.
  • the blockchain system in the above method uses parallel chains to support the decentralization of each slave TEE on different parallel chains for mining, effectively avoiding the concentration of computing power and improving the security of the blockchain system.
  • mining by building a mining pool on a parallel chain has the following advantages over deploying miner nodes directly on the parallel chain:
  • the blockchain system usually requires a certain number of distributed full ledger nodes to ensure security. If the miner nodes deployed on the parallel chain all participate in the accounting, due to the large number of miner nodes, the entire network broadcast of the ledger data will be Occupying a lot of bandwidth leads to an increase in network burden, and too many full ledger nodes do not bring additional value; moreover, because many miner nodes are personal devices, their data transmission capabilities and network environment are more limited.
  • One problem is more prominent; however, in the accounting method provided by the embodiments of the present disclosure, Slave TEE only competes for accounting rights, and does not directly account for it. Only mining nodes perform accounting (generating blocks), and mining nodes The number is much smaller than the number of Slave TEE. Even if the entire network broadcast data volume is not too large, at the same time, the mining pool can be deployed in the cloud, and its data transmission bandwidth can be guaranteed.
  • the parallel chain may include a routing node, at least one mining node of a mining pool, and at least one Simplified Payment Verification (SPV) node, a network connection between at least one parallel chain routing node, and SPV node binding
  • SPV Simplified Payment Verification
  • the SPV node In response to receiving the transaction request, the SPV node sends the received transaction request to the routing node of the parallel chain where the SPV node is located;
  • the routing node In response to the verification of the received transaction request, the routing node adds the received transaction request to the routing node's transaction request set, and broadcasts the received transaction request to the routing node's same-chain mining after signing Mining node; and synchronize the blockchain of the routing node with the mining node of the same chain to the local blockchain in real time;
  • the mining node In response to the verification of the signed transaction request received from the same link by the node, the mining node adds the in-chain transaction request of the mining node in the signed transaction request to the mining node's pending transaction request set; Process the transaction request set to generate the hash value of the main part of the block header;
  • the routing node also determines the unrecorded transaction requests that are confirmed and unrecorded in the transaction request set of the routing node; the determined unrecorded transaction requests are sent to the routing node of the target parallel chain, where the target parallel chain is determined The parallel chain corresponding to the address of the account number in the unrecorded transaction request; and in response to receiving the transaction request sent by the node on the different link, the received transaction request is signed and broadcast to the same-chain mining node of the routing node.
  • the interconnection between the parallel chains is achieved by routing nodes, and the transactions between SPV nodes need to be completed by routing nodes, so that routing nodes can be used to effectively supervise digital currency transactions.
  • the transaction processing process is improved from the traditional single-chain serial method to the multi-chain concurrent method.
  • TPS Transactions Per Second
  • the accounting right determination information may also include accumulated unused lower limit duration.
  • the accumulated unused minimum time limit can directly determine whether Slave TEE can obtain the accounting right, and also belongs to the key information related to the competitive accounting right, so it can also be included in the accounting right determination information.
  • the signature of the accounting right determination information may be generated by the Slave TEE based on the saved first private key, and before the mining pool server sends the accounting right determination information and the signature of the accounting right determination information to the mining node,
  • the method may also include:
  • the mining pool server determines that the signature of the accounting right determination information is a true signature according to the stored first public key matching the first private key.
  • Slave TEE uses the saved first private key to determine the information signature of the accounting right.
  • the mining pool server uses the saved first public key that matches the first private key to verify the signature. If the verification is successful, It is confirmed that the signature is indeed sent by the Slave TEE, which can prevent the attacker from forging the message.
  • the mining pool may include multiple mining nodes, and different mining nodes are located on different parallel chains;
  • the mining pool server sends the hash value of the main body of the block header to the terminal device and the difficulty target value may include: the master trusted execution environment (Master Trusted Execution Environment, Master for short TEE) configured by the mining pool server determines the parallel associated with the terminal device Chain; the mining pool server sends the hash value and difficulty target value of the main part of the block header provided by the mining node on the parallel chain associated with the terminal device to the terminal device;
  • Master Trusted Execution Environment Master for short TEE
  • the mining pool server sending the accounting right determination information and the signature of the accounting right determination information to the mining node may include: the mining pool server sending the accounting right determination information and the signature of the accounting right determination information to the parallel chain associated with the terminal device On the mining node.
  • the terminal device can only obtain the hash value and difficulty target value of the main part of the block header provided by the mining node on the parallel chain associated with it, so that the Slave TEE configured by the terminal device can only be used in the associated Mining on the parallel chain means that the computing power of the terminal equipment is distributed to different parallel chains to avoid 51% computing power attacks in the blockchain.
  • the master TEE determines that the parallel chain associated with the terminal device may include:
  • the Master TEE calculates the chain ID of the parallel chain associated with the terminal device based on the virtual parallel chain ID of the wallet account address bound by the Slave TEE, the parallel chain ID mask of the terminal device, and the number of parallel chains included in the blockchain system, where, The virtual parallel chain identification is calculated based on the hardware identification of the slave TEE configured in the terminal device.
  • the virtual parallel chain identification can be calculated based on the Slave TEE hardware identification, and the parallel chain identification mask and the number of parallel chains are stored in the Master TEE, so that any terminal equipment involved in mining is associated
  • the parallel chain can be uniquely determined, which can ensure that the terminal equipment is distributed to different parallel chains for mining.
  • the mining pool server sends the hash value of the main body of the block header and the target difficulty value to the terminal device, which may include:
  • Master TEE generates a first key based on the mining pool configuration information according to the first key generation algorithm, and encrypts the hash value of the main body of the block header according to the first key;
  • the mining pool configuration information includes the chain identifier of the parallel chain associated with the terminal device ;
  • Slave TEE can use the first key generation algorithm to generate the first key, and use the first key to decrypt the encrypted hash value of the main body of the block header;
  • the mining pool server sends the target difficulty value and the encrypted hash value of the main body of the block header to the terminal device.
  • the hash value of the main body of the block header is symmetrically encrypted.
  • the same first key generation algorithm is used in Master TEE and Slave TEE to calculate the first key. If the calculated first key In the same way, Slave TEE can be decrypted correctly, and Slave TEE can only sign the accounting right determination information if the hash value of the main part of the block header is decrypted correctly.
  • the above mechanism ensures that Master TEE and Slave TEE must be used together. Once the two do not match, such as Slave TEE being forged, the encryption and decryption mechanism will not work properly.
  • the first key is related to the chain ID of the parallel chain associated with the terminal device, which means that the chain ID calculated in Slave TEE must be consistent with the chain ID calculated in Master TEE before the Slave TEE can be obtained.
  • the same first key as in Master TEE, or Slave TEE can only obtain and decrypt the block header sent by the mining node on the parallel chain (parallel chain associated with the terminal device where Slave TEE is located) corresponding to the chain ID
  • the hash value of the main part even if the hash value of the main part of the block header sent by the mining node on the other parallel chain is obtained, it cannot be decrypted correctly, thus limiting the Slave TEE to only be on a specific parallel chain Mining.
  • the first key generation algorithm is proprietary to Master TEE and Slave TEE.
  • the algorithm implementation is not disclosed outside Master TEE and Slave TEE.
  • the first key generated by the first key generation algorithm is used in Master TEE And it is only used to encrypt the hash value of the body part of the block header, which is used in Slave TEE and only to decrypt the hash value of the encrypted body part of the block header.
  • the encryption and decryption process of the hash value of the main part of the block header is one-way, that is, the master TEE is only responsible for encryption, and the first key is not used for decryption purposes, and the Slave TEE is only responsible for For decryption, the first key will not be used for encryption purposes, and the first key generation algorithm is not disclosed to the outside, ensuring that the first key will not be cracked.
  • the mining pool server sends the hash value of the main body of the block header and the target difficulty value to the terminal device, including:
  • the mining pool server judges whether the time interval t1 between the terminal device and the last accounting time is greater than the cooling time t2.
  • the cooling time t2 is k times the cumulative unused lower limit time, and k is a constant greater than 0 and less than 1;
  • the mining pool server sends the hash value of the main body of the block header and the target difficulty value to the terminal device.
  • the mining pool server restricts the terminal device to obtain at least the cooling time interval after each successful accounting to obtain the accounting right again, to avoid the intentional accumulation of unused time in the slave TEE configuration of some terminal devices, and then Continuously obtain the right to keep accounts, in disguised form 51% hashing power attack.
  • Slave TEE which can configure more terminal equipment, has the opportunity to obtain accounting rights, which also reflects the fairness of mining to a certain extent.
  • the method may further include:
  • the mining pool server If the time interval t1 from the last accounting time is not greater than the cooling time t2, the mining pool server notifies the terminal device of the time interval t3 from which the next accounting request is initiated, and the time interval t3 from the time of the next accounting request is the cooling time The difference between t2 and the time interval t1 from the last accounting time.
  • the mining pool server finds that the current accounting request sent by the terminal device does not meet the cooling time requirement, it can actively inform it to be idle for a period of time, and then send a new accounting request until the cooling time requirement is met, to avoid the terminal device continuously sending meaningless Accounting request (that is, it is impossible to obtain the accounting right), resulting in a waste of resources.
  • time interval t1 from the last accounting time can be calculated by the following formula:
  • Height2 is the height of the pending accounting block in the blockchain
  • Height1 is the height of the block generated by the last accounting in the blockchain
  • It is the preset constant of the blockchain system and is used to characterize the average block time of the blockchain system.
  • the time stamp in the block header can only roughly represent the accounting time. If the difference between the time stamps of the two blocks is used to estimate the accounting time interval, the accuracy and credibility may be Not high, because the timestamp of the pending accounting block does not necessarily equal the actual accounting time, but allows a deviation of several hours from the current network time, and is determined by the relevant mining node. It is not excluded that someone deliberately advances the accounting time Or postponed, and the difference in height between the two blocks in the blockchain is used to estimate the accounting time interval, which has higher accuracy and credibility, which makes the judgment of whether the accounting request meets the cooling time more reasonable.
  • the method may further include:
  • the mining pool server receives the registration request sent by the terminal device.
  • the registration request carries the registration information, the user's real-name authentication result and the real-name authentication agency's signature of the real-name authentication result with the private key.
  • the registration information includes the address of the wallet account bound by the Slave TEE;
  • the Master TEE configured by the mining pool server verifies the authenticity of the signature of the real-name authentication result based on the stored public key that matches the private key of the real-name certification authority;
  • the mining pool server saves the registration information and sends a registration response to the terminal device.
  • the terminal device Before using the terminal device to participate in mining, users need to go to a real-name certification agency for real-name certification, and obtain the certification result and signature returned by the real-name certification agency. Before participating in mining, the terminal device needs to register with the mining pool server and submit the authentication result and its signature to the mining pool server. The mining pool server can determine whether the authentication result is valid by verifying the authenticity of the signature of the authentication result.
  • the mining pool server also receives the authentication code sent by the terminal device and sends the authentication code to the mining node, so that the mining node adds the authentication code to the accounting block;
  • the accounting right determination information also includes an authentication code.
  • the authentication code corresponds to the address of the wallet account bound to the Slave TEE, or it corresponds to the user.
  • the authentication code can be used to check whether the user has been authenticated by the real-name authentication agency. Therefore, the authentication code is introduced into the accounting process. Help to improve the security of the accounting process.
  • the method may further include:
  • the mining pool server receives the pool application sent by the terminal equipment
  • the Master TEE configured by the mining pool server determines whether the capacity of the mining pool server is less than the capacity threshold
  • the mining pool server authorizes the terminal device to enter the pool according to the authorization information generated by the Master TEE to inform the terminal device that the accounting request sent to the mining pool server within the authorized use time after the authorization start time can be accepted by the mining pool server , Where the authorized use duration is the pre-configured data stored in the Master TEE configured by the mining pool server;
  • the mining pool server sends a message to notify the terminal device that it has not been authorized to enter the pool.
  • each mining pool has a limit on the number of Slave TEEs allowed to be mined in the pool, thereby avoiding the situation where a small number of mining pools accumulate a large amount of computing power.
  • each mining pool in the blockchain system can be operated by different operators, and the computing power that each operator can control is limited by the capacity of the mining pool, which can effectively suppress the centralization of mining pool computing power. trend.
  • the capacity of the mining pool server less than the capacity threshold may include:
  • the authorization amount for pooling in the current authorization period is less than the first threshold; wherein, the authorization period and the first threshold are pre-configured data saved in the Master TEE configured by the mining pool server.
  • the mining pool server allows the slave TEE configured in the terminal device to enter the mining pool according to the authorization cycle.
  • the number of pooled authorizations in each authorization cycle is limited to a certain amount, to avoid the concentration of terminal devices in a certain period of time to apply for pooling.
  • the computing power is scattered as much as possible at the time level.
  • the authorization information may include an authorization serial number and an authorization code, where the authorization serial number is assigned by the Master TEE, and the authorization code is used to verify that the Slave TEE configured in the terminal device is valid for the pooling authorization.
  • the mining pool server authorizes the terminal device to enter the pool according to the authorization information generated by the Master TEE, which may include:
  • the mining pool server sends the authorization serial number and authorization code to the terminal device, and stores the authorization serial number corresponding to the authorization related information, where the authorization related information refers to the information related to the authorized content;
  • the method may further include:
  • the mining pool server queries the corresponding authorization association information according to the authorization serial number carried in the accounting request, and determines that the terminal pooling authorization is valid according to the authorization association information.
  • the terminal device After the mining pool server authorizes the terminal device to enter the pool, the terminal device will obtain the pool access authorization code. Or, when the pool application is not approved by the mining pool server, the terminal device may wait for a period of time and apply to the pool server again. Slave TEE configured in the terminal device can further verify whether the authorization to enter the pool is valid according to the authorization code when competing for the accounting right to confirm whether it can obtain the accounting right. At the same time, after receiving the accounting request sent by the terminal device, the mining pool server , You can further confirm whether the Slave TEE should be allowed to compete for accounting rights based on the authorization association information. Through the above-mentioned double verification mechanism, the terminal device can participate in mining only within the authorized use time, and realize the control of the computing power of the pool aggregation.
  • the mining pool server sends the authorization serial number and authorization code to the terminal device, which may include:
  • the Master TEE generates a second key according to the second key generation algorithm, and uses the second key to encrypt the authorization code;
  • the mining pool server sends the authorization serial number and the encrypted authorization code to the terminal device; the Slave TEE configured on the terminal device can use the second key generation algorithm to generate the second key, and use the second key to decrypt the encrypted authorization code .
  • the authorization code is symmetrically encrypted.
  • Master TEE and Slave TEE use the same second key generation algorithm to calculate the second key. If the calculated second keys are the same, the Slave TEE can Decrypt correctly, and Slave TEE can verify the authorization information contained in the authorization code only if the authorization code is correctly decrypted.
  • the above mechanism ensures that Master TEE and Slave TEE must be used together. Once the two do not match, such as Slave TEE being forged, the encryption and decryption mechanism will not work properly.
  • the second key generation algorithm is private to Master TEE and Slave TEE, the implementation of the second key generation algorithm is not disclosed outside Master TEE and Slave TEE, and the second key generated by the second key generation algorithm is at Master It is used in TEE and only for encrypting the authorization code, and in Slave TEE is used and only for decrypting the encrypted authorization code.
  • the encryption and decryption process of the authorization code is one-way, that is, the Master TEE is only responsible for encryption, and the second key will not be used for decryption purposes, and the Slave TEE is only responsible for decryption, not the The second key is used for encryption purposes, and the second key generation algorithm is not disclosed to the outside, ensuring that the second key will not be cracked.
  • the method may further include:
  • the mining pool server transfers the preset amount of mining pool rewards from the address of the pre-configured mining pool wallet account to the address of the wallet account bound to the slave TEE configured for the terminal device competing for the accounting right.
  • the mining pool reward is an additional digital currency issued by the mining pool operator to the user, which is not part of the mining reward. Its purpose is to attract more users to participate in mining and improve the operation of the mining pool.
  • An embodiment of the present disclosure also provides an accounting method, which is applied to a terminal device connected to a blockchain system.
  • the blockchain system includes at least one parallel chain, and at least one mining pool is built on at least one parallel chain, each The mining pool includes a mining pool server and a mining node located on a parallel chain.
  • the mining node uses a distributed data blockchain to store data.
  • the method includes:
  • the terminal device sends an accounting request to the mining pool server
  • the terminal device receives the hash value of the main body of the block header of the pending accounting block sent by the mining pool server and the difficulty target value of mining on the parallel chain;
  • the Slave TEE configured in the terminal device determines whether its accumulated unused duration is greater than the cumulative unused minimum duration calculated according to the difficulty target value, and signs the accounting right determination information when the cumulative unused duration is greater than the cumulative unused minimum duration.
  • the accounting right determination information includes the hash value of the body part of the block header and the address body of the wallet account bound by the Slave TEE;
  • the terminal device sends the accounting right determination information and the signature of the accounting right determination information to the mining pool server.
  • the Slave TEE signs the accounting right determination information, which may include:
  • Slave TEE signs the accounting right determination information according to the saved first private key, and the mining pool server and the mining node store the first public key matching the first private key.
  • the mining pool includes multiple mining nodes, and different mining nodes are located on different parallel chains;
  • the terminal device receives the hash value of the main body of the block header of the pending accounting block sent by the mining pool server and the difficulty target value of mining on the parallel chain, including:
  • the terminal device receives the encrypted hash value and difficulty target value of the main body of the block header sent by the mining pool server, where the first key used for encryption is generated by the Master TEE configured by the mining pool server according to the first key generation algorithm;
  • the method further includes:
  • Slave TEE generates a first key based on the mining pool configuration information based on the first key generation algorithm, and uses the first key to decrypt the hash value of the encrypted block header body, where the mining pool configuration information includes the The chain identifier of the parallel chain and the accounting right determination information include the hash value of the decrypted block header body.
  • the configuration information of the mining pool further includes the number of times the parallel chain has been expanded and/or the pre-configured mining pool identifier of the mining pool.
  • the first key generation algorithm considers the number of times the parallel chain has been expanded when generating the first key. If the parallel chain has been expanded, the number of times the parallel chain saved in the Master TEE has been expanded has been updated, but the parallel chain saved in the Slave TEE has The number of expansions has not been updated, and Slave TEE will not be able to continue mining (because the hash value of the main part of the block header cannot be decrypted correctly), that is, after the parallel chain expansion and upgrade, if the Slave TEE configuration is not upgraded, the Slave TEE will not be allowed Continue to participate in mining, so that even if there is a concentration of computing power on a parallel chain before the upgrade, once the configuration of the Slave TEE is updated after the upgrade, the aggregated Slave TEE may be dispersed to the new parallel chain to mine, which is effective Eliminate the accumulation of computing power.
  • the first key generation algorithm considers the pool ID when generating the first key, which can restrict the Slave TEE to only mine in the specified pool, and cannot replace the pool at will (otherwise, the hash value of the main part of the block header cannot be decrypted correctly ), to avoid the accumulation of computing power.
  • the chain identifier of the parallel chain associated with the terminal device is composed of the virtual parallel chain identifier of Slave TEE according to the address of the wallet account bound by the Slave TEE, the parallel chain identifier mask of the terminal device, and the parallel chain included in the blockchain system.
  • the number is calculated, and the virtual parallel chain logo is calculated based on the slave TEE hardware logo.
  • the method may further include:
  • the terminal device sends a registration request to the mining pool server.
  • the registration request carries registration information, the user’s real-name authentication result, and the real-name authentication agency’s signature of the real-name authentication result with the private key.
  • the registration information includes the address of the wallet account bound by the Slave TEE;
  • the Master TEE configured by the pool server stores the public key matching the private key of the real-name certification authority;
  • the real-name authentication result includes the authentication code assigned by the real-name authentication organization.
  • the authentication code corresponds to the address of the wallet account bound to the Slave TEE, and is used to characterize that the user has passed the real-name authentication of the real-name authentication organization;
  • the accounting right determination information also includes an authentication code.
  • the method may further include:
  • the terminal device sends a pooling application to the mining pool server and obtains the pooling authorization of the mining pool server.
  • the terminal device obtaining the pool access authorization of the mining pool server may include:
  • the terminal device receives the authorization serial number and encrypted authorization code sent by the mining pool server, where the authorization serial number is allocated by the Master TEE configured by the mining pool server, and the second key used for encryption is generated by the Master TEE according to the second key generation algorithm;
  • the method further includes:
  • Slave TEE generates a second key according to the second key generation algorithm, and uses the second key to decrypt the encrypted authorization code
  • Slave TEE determines that the authorization to enter the pool is valid according to the decrypted authorization code.
  • An embodiment of the present disclosure also provides an accounting method, which is applied to a blockchain system.
  • the blockchain system includes at least one parallel chain, at least one parallel chain is built with at least one mining pool, and each mining pool includes a mining pool server. And the mining nodes located on the parallel chain.
  • the mining nodes use distributed data blockchain to store data. Methods can include:
  • the mining node sends the hash value of the main body of the block header of the pending accounting block to the mining pool server and the difficulty target value of mining on the parallel chain;
  • the mining node receives the signature of the address body of the wallet account bound by the Slave TEE and the accounting right determination information generated by the Slave TEE sent by the mining pool server to the terminal device configured to access the mining pool server, where the accounting right determination information includes The hash value of the body part of the block header and the address body of the wallet account bound by Slave TEE;
  • the mining node generates a signed accounting block that contains the address body of the wallet account and the accounting right determination information, and adds the accounting block to the local blockchain.
  • the accounting right determination information further includes a cumulative unused minimum duration and/or an authentication code assigned by a real-name certification body, where the cumulative unused minimum duration is calculated by Slave TEE according to the difficulty target value, and the authentication code is related to the Slave TEE
  • the address of the bound wallet account corresponds to the real-name authentication of the user through the real-name authentication agency.
  • the accounting block generated by the mining node also contains the cumulative unused minimum duration and/or authentication calculated according to the difficulty target value code.
  • the signature of the accounting right determination information is generated by the Slave TEE based on the stored first private key.
  • the Methods can also include:
  • the mining node determines that the signature of the accounting right determination information is a real signature according to the stored first public key matching the first private key.
  • Slave TEE uses the saved first private key to determine the information signature of the accounting right.
  • the mining node uses the saved first public key that matches the first private key to verify the signature. If the verification is successful, It is confirmed that the signature is indeed sent by the Slave TEE, which can prevent the attacker from forging the message.
  • the method may further include:
  • the mining node queries the address subject of the wallet account to obtain the height of the block generated by the terminal device in the last bookkeeping in the blockchain;
  • the mining node determines the generation time of the pending accounting block and the block generated by the last accounting based on the height of the block generated by the last accounting in the blockchain and the height of the pending accounting block in the blockchain The time interval of the generation time;
  • the mining node determines that the judgment interval is greater than the cooling duration, where the cooling duration is k times the cumulative unused lower limit duration calculated based on the difficulty target value stored in the accounting block to be confirmed, and k is greater than 0 and less than 1. constant.
  • the mining node Before generating the accounting block, the mining node can also verify whether its accounting interval meets the cooling time requirement. If the requirement is met, the block will be generated and added to the local blockchain, otherwise It will not recognize the generated block, avoiding the same Slave TEE to continuously obtain the accounting right.
  • the method may further include:
  • the mining node sends the height of the accounting block in the blockchain and the address body of the wallet account bound by the Slave TEE configuration of the terminal device competing for the accounting right to the mining pool server.
  • the mining node sends the above information to the mining pool server for storage.
  • the mining pool server can use the address body of the wallet account bound by Slave TEE to query each The height of the sub-accounted block in the blockchain, and then estimate the accounting interval to complete the verification.
  • the method may further include:
  • the mining node queries the address body of the wallet account of the terminal device stored in the accounting block to be confirmed on the blockchain to obtain the height of the block generated by the terminal device in the last accounting in the blockchain, where
  • the confirmed accounting block refers to the accounting block received by the mining node and broadcast by other mining nodes on the same chain;
  • the mining node determines the generation time of the accounting block to be confirmed and the last accounting based on the height of the block generated by the last accounting in the blockchain and the height of the accounting block to be confirmed in the blockchain The time interval of the generation time of the generated block;
  • the mining node judges whether the time interval is greater than the cooling time, and if it is greater than the cooling time, it will approve the accounting block to be confirmed, where the cooling time is the cumulative uncalculated value calculated based on the difficulty target value stored in the accounting block to be confirmed Using k times the lower limit time, k is a constant greater than 0 and less than 1.
  • Mining nodes will receive the accounting blocks to be confirmed broadcast by other mining nodes.
  • the accounting blocks to be confirmed have been added to their local blockchain by other mining nodes, but have not been mined on the parallel chain. Approved by the mining node.
  • the mining node can verify whether the accounting interval meets the cooling time requirement. If the requirement is met, the block will be recognized and added to the local blockchain Medium, otherwise the block will not be recognized.
  • An embodiment of the present disclosure also provides a mining pool server.
  • the mining pool server includes:
  • Memory used to store computer instructions
  • Communication interface used to communicate with terminal equipment and mining nodes
  • the mining pool server also includes Master TEE or Master TEE connected;
  • the mining pool server also includes a processor, which is connected to the memory, the communication interface, and the Master TEE.
  • the processor When the computer instructions in the memory are executed by the processor, the processor combines with the Master TEE to execute the above-mentioned mining pool applicable to the blockchain system The accounting method of the server.
  • An embodiment of the present disclosure also provides a terminal device.
  • the terminal device includes:
  • Memory used to store computer instructions
  • Terminal equipment also includes Slave TEE or Slave TEE connected;
  • the terminal device also includes a processor, which is connected to the memory, the communication interface, and the Slave TEE.
  • the processor When the computer instructions in the memory are executed by the processor, the processor combined with the Slave TEE execution can be applied to the terminal device connected to the blockchain system. Accounting method.
  • An embodiment of the present disclosure also provides a mining node.
  • the mining node includes:
  • Memory used to store computer instructions
  • the processor is connected to the memory and the communication interface.
  • the processor executes the above-mentioned accounting method applied to the mining node of the blockchain system.
  • An embodiment of the present disclosure also provides a mining pool, including: a mining pool server and a mining node located on a parallel chain of the blockchain system.
  • the mining node uses a distributed data blockchain to store data.
  • the blockchain system includes At least one parallel chain
  • the mining node is used to: send the hash value of the main body of the block header of the pending accounting block to the mining pool server and the difficulty target value of mining on the parallel chain;
  • the mining pool server is used to: receive and store the hash value and difficulty target value of the main part of the block header, and after receiving the accounting request sent by the terminal device, send the hash value and difficulty target of the main part of the block header to the terminal device Value, so that the Slave TEE configured by the terminal device determines whether its accumulated unused duration is greater than the cumulative unused minimum duration calculated according to the difficulty target value, and determines the accounting right when the accumulated unused duration is greater than the cumulative unused minimum duration Sign the information, where the accounting right determination information includes the hash value of the body part of the block header and the address body of the wallet account bound by Slave TEE; the signature of the accounting right determination information and the accounting right determination information sent by the receiving terminal device , And send the accounting right determination information and the signature of the accounting right determination information to the mining node;
  • Mining nodes are also used to: generate a billing block that contains the address body of the wallet account and the signature of the billing right determination information, and add the billing block to the local blockchain.
  • the mining pool server can also be used to: before receiving the accounting request sent by the terminal device, receive the pooling application sent by the terminal device, and determine whether the capacity of the mining pool server is less than the Master TEE configured in the mining pool server Capacity threshold, if the capacity of the mining pool server is less than the capacity threshold, the terminal device is authorized to enter the pool according to the authorization information generated by the Master TEE to inform the terminal device of the accounting request sent to the mining pool server within the authorized use time after the authorization start time It can be accepted by the mining pool server. If the capacity of the mining pool server is greater than the capacity threshold, a message is sent to notify the terminal device that it has not been authorized to enter the pool.
  • the authorized duration is the pre-configured data stored in the Master TEE configured by the mining pool server.
  • the capacity of the mining pool server is less than the capacity threshold, which may include:
  • the authorization amount for pooling in the current authorization period is less than the first threshold; wherein, the authorization period and the first threshold are pre-configured data saved in the Master TEE configured by the mining pool server.
  • FIG. 1(A) to FIG. 1(B) show a schematic structural diagram of a blockchain system that can be used in embodiments of the present application;
  • FIG. 2 shows a schematic diagram of a workflow of a blockchain system provided by an embodiment of the present disclosure
  • FIG. 3 shows a flowchart of a billing method provided by an embodiment of the present disclosure
  • 4(A) to 4(B) show a flowchart of another accounting method provided by an embodiment of the present disclosure
  • FIG. 5 shows a functional module diagram of a mining pool server provided by an embodiment of the present disclosure
  • FIG. 6 shows a functional block diagram of a terminal device provided by an embodiment of the present disclosure
  • FIG. 7 shows a functional block diagram of a mining node provided by an embodiment of the present disclosure.
  • the terms “include”, “include” or any other variant thereof are intended to cover non-exclusive inclusion, so that a process, method, article or device that includes a series of elements includes not only those elements, but also those not explicitly listed Or other elements that are inherent to this process, method, article, or equipment. Without more restrictions, the element defined by the sentence “include one" does not exclude that there are other identical elements in the process, method, article or equipment that includes the element.
  • the accounting method provided by the embodiments of the present disclosure can be applied to a blockchain system.
  • the blockchain system may include at least one parallel chain, and each parallel chain may include at least one mining node.
  • other nodes can be included on the parallel chain, and the functions of the mining nodes can include mining and accounting.
  • the so-called mining refers to the mining node competing with other nodes on the parallel chain where it is based on the blockchain's consensus algorithm for accounting rights.
  • bookkeeping refers to: after the mining node competes for the bookkeeping rights, a new block is generated according to the transaction to be booked in the transaction buffer, and the new block is added to the block chain corresponding to the parallel chain where it is located Data (ledger).
  • the mining node will also synchronize the block data with other nodes on the parallel chain where it is located, that is, the mining node is also a full ledger node on the parallel chain where it is located. Except for mining nodes, other nodes on the parallel chain do not participate in mining, but can participate in bookkeeping.
  • the mining node is a full ledger node on the parallel chain, but the transaction data it stores is only the transaction data related to the parallel chain where it is located.
  • Select a mining node from each parallel chain in the blockchain system For example, if there are N (N ⁇ 1) parallel chains, select a total of N mining nodes.
  • the set of mining nodes formed is Called the ledger cluster.
  • the ledger cluster stores all transaction data in the blockchain system, that is, it is used to maintain the entire network ledger, so as to provide functions such as query of the entire network transaction data.
  • each mining node is a full ledger node on the parallel chain, when forming a ledger cluster, it is enough to select one mining node on each parallel chain; of course, if it is due to reliability and other aspects For consideration, it is also feasible to select multiple mining nodes on the same parallel chain.
  • At least one mining pool can be built on at least one parallel chain of the blockchain system.
  • each mining pool may include a mining pool server and a mining node on a parallel chain.
  • the above-mentioned construction of a mining pool on at least one parallel chain means that the mining pool contains mining nodes on these parallel chains, so the mining pool can mine on these parallel chains and keep accounts for these parallel chains.
  • the mining pool may include a mining pool server and a ledger cluster, that is, the mining pool may mine and keep accounts on all parallel chains in the entire blockchain system.
  • the mining function of the mining node can actually be performed by the miners connected to the mining pool.
  • Miners are devices that can run consensus algorithms. After the miner accesses the mining pool server, the mining node can distribute the consensus calculation task to the miners through the mining pool server for actual execution. The miners compete for the accounting power. Of course, from the perspective of the mining node, it is still mining Mine nodes are competing for accounting rights.
  • the mining pool server can also be used for pooling management of miners, that is, whether or not miners are allowed to access the mining pool, as well as functions for issuing mining pool rewards. Will be introduced in detail.
  • the mining pool may also include a database for storing data involved in the mining process, such as registration information of miners, information related to billing sent by mining nodes, and so on.
  • a database can be deployed on a mining pool server, or it can also be deployed on a separate database server, where the mining pool server can access the database server.
  • the database of the mining pool server it will be referred to as the database of the mining pool server.
  • the miner may refer to the SlaveTEE configured for the terminal device, and the so-called configuration may refer to that the terminal device is a carrier of the SlaveTEE.
  • the communication between Slave TEE and external devices can be completed by means of the application program on the terminal device.
  • the above mentioned miner access to the mining pool server may refer to that the terminal device is connected to the mining pool server, and then Slave TEE is responsible for mining.
  • TEE Trusted Execution Environment
  • TEE is an operating environment that coexists with a rich operating system (Rich OS, such as Android, etc.) on the terminal device, and provides security services to RichOS.
  • TEE can have its own execution space.
  • the software and hardware resources that TEE can access can be separated from RichOS.
  • TEE provides a secure execution environment for trusted applications (TA), and also protects the resources of trusted applications and provides data confidentiality, integrity, and access rights.
  • TA trusted applications
  • TEE is verified and isolated from Rich OS during the secure boot process.
  • each trusted application is independent of each other, and cannot access each other without authorization.
  • TEE can be used, but not limited to the following two methods:
  • TCM Trusted Cryptography Module
  • Adopt encryption lock (commonly known as dongle) to achieve a trusted execution environment.
  • dongles are often packaged as a Universal Serial Bus (USB) device.
  • USB Universal Serial Bus
  • the dongles provide both file storage and support for running customized programs. With the dongle, it is not necessary to limit the device type of the device, as long as the device has a USB interface, which reduces the requirements on the device.
  • TEE there may be two types of TEE that may be involved.
  • One type is the TEE of the terminal equipment configuration, called Slave TEE, which is mainly used to participate in the competition for billing rights. As a miner, Slave TEE is bound to the address of the wallet account used for mining and is used to receive mining revenue.
  • the other type is the Master TEE configured by the mining pool server, which is mainly used to support the capacity control of the mining pool and to disperse the computing power of the Slave TEE and other functions.
  • the functions of the two types of TEE are different, but they can be implemented with the same hardware structure. The specific functions of the two types of TEE will be further elaborated later.
  • FIG. 1(A) to FIG. 1(B) show a schematic structural diagram of a blockchain system 100 that can be used in an embodiment of the present application.
  • the blockchain system 100 may include parallel chains 101, 102, 103 and networks 104, 105.
  • the parallel chain 101 may include: a routing node 1011; a mining node 1012, 1014, 1015, 1016, 1018; an SPV node 1013, 1017; and a network 1019.
  • the network 1019 may be used as a medium for providing communication links between the routing node 1011, the mining nodes 1012, 1014, 1015, 1016, 1018, and the SPV nodes 1013, 1017.
  • the network 1019 may include various connection types, such as wired, wireless communication links, or fiber optic cables, and so on.
  • the mining nodes 1012, 1014, 1015, 1016, and 1018 of the parallel chain 101 may use a distributed data blockchain to store data.
  • the SPV nodes 1013 and 1017 of the parallel chain 101 may be bound to the address of the wallet account.
  • the parallel chain corresponding to the address of the wallet account bound to the SPV nodes 1013 and 1017 is the parallel chain 101, that is, the parallel chain where the SPV nodes 1013 and 1017 are located.
  • the parallel chain 102 may include: a routing node 1021; a mining node 1022, 1023, 1025, 1026; an SPV node 1024; and a network 1027.
  • the network 1027 may be used as a medium for providing communication links between the routing node 1021, the mining nodes 1022, 1023, 1025, 1026, and the SPV node 1024.
  • the network 1027 may include various connection types, such as wired, wireless communication links, or fiber optic cables, and so on.
  • the mining nodes 1022, 1023, 1025, and 1026 of the parallel chain 102 can use a distributed data blockchain to store data.
  • the SPV node 1024 of the parallel chain 102 may be bound with the address of the wallet account.
  • the parallel chain corresponding to the address of the wallet account bound by the SPV node 1024 is the parallel chain 102, that is, the parallel chain where the SPV node 1024 is located.
  • the parallel chain 103 may include: a routing node 1031; mining nodes 1032, 1033, 1035, 1036; SPV nodes 1034, 1037; and a network 1038.
  • the network 1038 may be used as a medium for providing communication links between the routing node 1031, the mining nodes 1032, 1033, 1035, 1036, and the SPV nodes 1034, 1037.
  • the network 1038 may include various connection types, such as wired, wireless communication links, or fiber optic cables, and so on.
  • the mining nodes 1032, 1033, 1035, and 1036 of the parallel chain 103 can use a distributed data blockchain to store data.
  • the SPV nodes 1034 and 1037 of the parallel chain 103 may be bound to the address of the wallet account, and the parallel chain corresponding to the address of the wallet account bound to the SPV nodes 1034 and 1037 is the parallel chain 103.
  • the user can use the SPV nodes 1013 and 1017 to interact with the routing node 1011 through the network 1019 to receive or send messages and so on.
  • the user can also use the SPV node 1024 to interact with the routing node 1021 through the network 1027 to receive or send messages, etc.
  • the user can also use the SPV nodes 1034, 1037 to interact with the routing node 1031 through the network 1038 to receive or send messages, etc.
  • Various communication client applications can be installed on the SPV node, such as simplified payment verification applications, web browser applications, shopping applications, search applications, instant messaging tools, email clients, social platform software, etc. Users can use the simplified payment verification application installed on the SPV node to implement operations such as digital currency management, transfer, collection, check balance, and transaction records.
  • the SPV node can be hardware or software.
  • the SPV node can be a smart phone, a tablet computer, a notebook computer, a desktop computer, and other electronic devices.
  • the SPV node can be installed in the electronic devices listed above.
  • the SPV node can be implemented in multiple software or software modules (for example to provide simplified payment verification services), or it can be implemented in a single software or software module. There is no specific limit here.
  • the routing node can be hardware or software. When the routing node is hardware, it can be implemented as a distributed server cluster composed of multiple servers, or as a single server. When the routing node is software, the routing node may be implemented as multiple software or software modules (for example, to provide routing services), or may be implemented as a single software or software module. There is no specific limit here.
  • the mining node can be hardware or software.
  • the mining node can be implemented as a distributed server cluster composed of multiple servers, or as a single server.
  • the mining node is software, it can be implemented as multiple software or software modules (for example, to provide mining and billing services), or as a single software or software module. There is no specific limit here.
  • the blockchain system 100 may further include a mining pool 110 and a mining pool 120.
  • the mining pool 110 may include a mining pool server 1101 and a ledger cluster 1102.
  • the ledger cluster 1102 may include a mining node 1012 on the parallel chain 101, a mining node 1022 on the parallel chain 102, and a mining node 1032 on the parallel chain 103.
  • the network 1106 is used as a medium for providing a communication link between the mining pool server 1101 and the ledger cluster 1102.
  • the network 1106 may include various connection types, such as wired, wireless communication links, or fiber optic cables, and so on.
  • the terminal devices 1103, 1104, and 1105 can access the mining pool server to participate in mining (Slave TEE not shown).
  • the network 1107 is used as a medium for providing communication links between the mining pool server 1101 and the terminal devices 1103, 1104, and 1105.
  • the network 1107 may include various connection types, such as wired, wireless communication links, or fiber optic cables.
  • the mining pool 120 may include a mining pool server 1201 and a ledger cluster 1202.
  • the ledger cluster 1202 may include a mining node 1014 on the parallel chain 101, a mining node 1023 on the parallel chain 102, and a mining node 1033 on the parallel chain 103.
  • the network 1206 is used to provide a communication link medium between the mining pool server 1201 and the ledger cluster 1202.
  • the network 1206 may include various connection types, such as wired, wireless communication links, or fiber optic cables.
  • the terminal devices 1203, 1204, 1205 can be connected to the mining pool server to participate in mining (Slave TEE not shown).
  • the network 1207 may be used as a medium for providing communication links between the mine pool server 1201 and the terminal devices 1203, 1204, 1205.
  • the network 1207 may include various connection types, such as wired, wireless communication links, or fiber optic cables.
  • the mining pool server can be hardware or software.
  • the mining pool server When the mining pool server is hardware, it can be implemented as a distributed server cluster composed of multiple servers, or as a single server.
  • the mining pool server When the mining pool server is software, it can be implemented as multiple software or software modules (for example, to control the access of terminal devices), or as a single software or software module. There is no specific limit here.
  • the terminal device may be a mobile phone, a desktop computer, a tablet computer, a personal digital assistant, a smart wearable device, a smart vehicle-mounted device, a router, a set-top box, an embedded device, and other electronic devices.
  • Various communication client applications can be installed on the terminal device, such as mining applications, wallet applications, web browser applications, shopping applications, search applications, instant messaging tools, email clients, social platform software, etc. Users can use the mining application installed on the terminal device to participate in mining and obtain mining income.
  • the number of parallel chains in FIG. 1(A) and FIG. 1(B) is only schematic. According to the implementation requirements, there can be any number of parallel chains. In particular, when the number of parallel chains is 1, the parallel chain degenerates into a single chain, and cross-chain transactions will not be involved at this time.
  • the number of routing nodes, mining nodes, networks, and SPV nodes in each parallel chain is also only schematic. According to the implementation needs, there can be any number of routing nodes, mining nodes, networks and SPV nodes.
  • the number of mining pools built on the parallel chain is also only schematic. According to the implementation needs, any number of mining pools can be built (requiring support from mining nodes).
  • the number of terminal devices connected to the mining pool is also only schematic, and the number of terminal devices depends on the number of actual users of the mining pool.
  • Step S201 In response to receiving the transaction request, the SPV node sends the received transaction request to the routing node of the parallel chain where the SPV node is located.
  • simplified payment verification applications can be installed in SPV nodes. Users can use the simplified payment verification application in the SPV node to submit transaction requests.
  • the transaction request is a transfer request, that is, the digital currency in the address of the wallet account bound to the SPV node is transferred to the address of another wallet account.
  • the SPV node can send the above transaction request to the routing node of the parallel chain where the SPV node is responsive to receiving the above transaction request.
  • Each SPV node can be bound with an account address.
  • a wallet application can be used to generate and bind a wallet account address for the SPV node.
  • the parallel chain corresponding to the address of the wallet account bound to each SPV node is the parallel chain where the SPV node is located.
  • various implementations may be used to correspond the address of the wallet account bound to the SPV node to one of the parallel chains included in the blockchain system.
  • a parallel chain can be randomly selected from the parallel chains included in the blockchain system as the parallel chain corresponding to the address of the wallet account bound to the SPV node.
  • Step S202 In response to the verification of the received transaction request, the routing node adds the received transaction request to the routing node's transaction request set, and broadcasts the received transaction request to the route after signing Nodes of the same chain mining node.
  • the routing node may verify the received transaction request in response to receiving the transaction request sent by the SPV node in step S201. If the verification is passed, the received transaction request can be added to the routing node's transaction request set, and the received transaction request can be signed and broadcast to the same-chain mining nodes of the routing node.
  • the routing node checking the received transaction request may include, but is not limited to, verifying the validity of the transaction request.
  • the legality verification may include, but not limited to, verify whether the address of the transfer-out wallet account in the transaction request has an unspent transaction output (Unspent Transaction Output, UTXO) record, and the balance of the address of the transfer-out wallet account in the transaction request Whether this transaction request is supported, whether the address of the transfer-out wallet account in the transaction request is the address of the wallet account in the blacklist of addresses of the transfer-out wallet account stored in the routing node, and whether the address of the transfer-in wallet account in the transaction request is It is the address of the wallet account in the blacklist of addresses transferred to the wallet account stored in the routing node and so on.
  • the verification of the transaction request may also include other verifications.
  • Each transaction request verified by the routing node is stored in the transaction request set of the routing node.
  • the routing node may sign the received transaction request by using the routing node's private key to sign the received transaction request.
  • the same-chain mining node of a routing node is a mining node that belongs to the same parallel chain as the routing node. For example, in FIG. 1(A), the mining nodes 1012, 1014, 1015, 1016, and 1018 are the same-chain mining nodes of the routing node 1011.
  • each parallel chain can be implemented based on a peer-to-peer (Peer-to-Peer, P2P)
  • the routing node broadcasts the received transaction request to the same-chain mining node of the routing node after signing , May be to sign the received transaction request and broadcast it to the neighboring same-chain mining node of the routing node, and then the neighboring same-chain mining node of the routing node will broadcast the signed transaction request to the respective Adjacent mining nodes.
  • the routing node can add the received transaction request to the routing node's transaction request set before verifying the transaction request received from the SPV node, and then add the received The transaction request is signed and broadcasted to the same-chain mining nodes of the routing node, or the routing node can first verify the transaction request received from the SPV node, and then the received transaction request After being signed, it is broadcasted to the same-chain mining nodes of the routing node, and then the received transaction request is added to the routing node's transaction request set, which is not specifically limited in this application.
  • Step S203 the routing node synchronizes the blockchain of the same mining node of the routing node to the local blockchain in real time.
  • the routing node will not perform mining and accounting operations, but the routing node synchronously saves the blockchain data (ledger) of the parallel chain where the routing node is located. It should be noted that the routing node may perform step S203 at any time, and is not limited to performing step S203 after performing step S202.
  • Step S204 In response to the verification of the signed transaction request received from the same link by the node, the mining node adds the in-chain transaction request of the mining node in the signed transaction request to the pending transaction of the mining node Request collection.
  • the mining node can respond to receiving the post-signed transaction request from the same link by the node: first, verify the received post-signed transaction request; second, if the verification is passed, the mining node can send the signed transaction request
  • the in-chain transaction request of the mining node is added to the set of pending transaction requests of the mining node.
  • the verification of the received signed transaction request by the mining node may include: using the same link of the mining node and the node's public key to verify the received signed transaction request by the node's public key.
  • the received signed transaction request is checked for legality. If the legality check is passed, it can be determined that the mined node verifies the received signed transaction request.
  • the transaction request may include a billing request and a billing request.
  • the transaction request D is to transfer X digital currencies in the address A of the wallet account to the address B of the wallet account.
  • the transaction request D may include an accounting request D1 and an accounting request D2, where the accounting request D1 is to reduce the digital currency in the address A of the wallet account by X, and the accounting request D2 is to convert the digital currency in the address B of the wallet account Increase X.
  • the in-chain transaction request of the mining node in the post-signed transaction request can include the following two situations: In the first case, the parallel chain corresponding to the address of the transferred-out wallet account and the address of the transferred-in wallet account in the signed transaction request are both Is the parallel chain where the mining node is located, then the sign-out transaction request and the account entry request in the transaction request after signing are both in-chain transaction requests of the mining node; in the second case, the transfer-out wallet account in the transaction request after signing
  • the parallel chain corresponding to the address of is the parallel chain where the mining node is located, and the parallel chain corresponding to the address transferred to the wallet account in the transaction request after signing is not the parallel chain where the mining node is located.
  • the accounting request is the in-chain transaction request of the mining node, and the account entry request in the signed transaction request is not the in-chain transaction request of the mining node.
  • Each mining node can save the set of pending transaction requests of the mining node in the buffer.
  • Each mining node belonging to the same parallel chain can compete for the accounting rights of the parallel chain where the mining node is located according to a preset consensus mechanism. If a mining node competes for the accounting rights of the parallel chain where the mining node is located, the pending transaction request in the set of pending transaction requests stored locally by the mining node can be used to form a new block, and the formed The new block is added to the local blockchain (ledger) of the mining node.
  • ledger local blockchain
  • the task of competing for accounting rights on the mining nodes is actually distributed to the miners connected to the mining pool through the mining pool server to complete the mining.
  • the main work of the node is to be responsible for accounting after the success of the miner's competition for accounting rights.
  • the mining node it is still the mining node that is mining and accounting.
  • Step S205 The routing node determines an unaccounted transaction request that is confirmed to have been accounted and unaccounted in the transaction request set of the routing node.
  • the routing node can also update and record the current processing status corresponding to each transaction request in the local transaction request set in real time.
  • the routing node can first query the local transaction request set for the corresponding unprocessed transaction whose current processing status is not yet accounted for Request, and then based on the locally synchronized blockchain data to determine whether each unbilled transaction request has been confirmed to be billed. For example, the routing node can determine whether there are six or more blocks after the block corresponding to the account request in the transaction request in the blockchain data stored locally, and if so, it can confirm the transaction Request confirmation that it has been posted. If it is determined that the unrecorded transaction request confirms that it has been accounted for, it can be determined that the transaction request is an unrecorded transaction request that confirms that it has been posted and is not accounted for.
  • Step S206 The routing node sends the determined unaccounted transaction request to the routing node of the target parallel chain.
  • the routing node may send the unrecorded transaction request determined in step S205 to the routing node of the target parallel chain.
  • the above target parallel chain is the parallel chain corresponding to the address of the account of the account of the credited wallet in the determined unaccounted transaction request.
  • the routing node of the parallel chain 101 may send the unaccounted transaction request D to the routing node of the parallel chain 102.
  • Step S207 In response to receiving the transaction request sent by the node on the different link, the routing node signs the received transaction request and broadcasts it to the same-chain mining node of the routing node.
  • a different link of a routing node refers to a routing node in a parallel chain that is different from the parallel chain where the routing node is located. If the routing node receives a transaction request sent by a node with a different link, it indicates that the above-mentioned different link has sent a different link to the routing node. The non-accounted transaction confirmed by the node in the transaction request set of the node is confirmed and unaccounted request. Then, the routing node can sign the received transaction request and broadcast it to the same-chain mining node of the routing node. Here, the routing node may sign the transaction request by the routing node using the routing node's private key to sign.
  • an unaccounted transaction request D transfer X digital currencies from the address A of the wallet account to the address B of the wallet account, where the address A of the wallet account corresponds to the parallel chain 101 and the address B of the wallet account corresponds to the parallel chain 102
  • the routing node of the parallel chain 101 may send the unaccounted transaction request D to the routing node of the parallel chain 102.
  • step S207 it may be that the routing node of the parallel chain 102 broadcasts the unrecorded transaction request D and broadcasts it to the mining node in the parallel chain 102. Therefore, the mining node of the parallel chain 102 can perform step S204.
  • the mining node of the parallel chain 102 first receives the The signed transaction request D is verified. If the verification is passed, the in-chain transaction request of the mining node in the signed transaction request is added to the set of pending transaction requests of the mining node. Among them, the intra-chain transaction request of the mining node of the parallel chain 102 in the transaction request D is to increase the address B of the wallet account by X digital currencies.
  • steps S201 to S207 can be rearranged and combined in various ways, and this application does not Be specific.
  • 1(A) to 1(B) show only a specific exemplary architectural manner of the blockchain system, but it is not the only architectural manner, for example, in some implementations
  • the SPV node may not be included in the parallel chain, so the illustrated blockchain system should not be regarded as a limitation on the protection scope of the present disclosure.
  • the blockchain system performs mining by forming a mining pool on the mining node of the parallel chain. Compared with the way in which the miner node directly mines on the parallel chain, it has at least the following advantages.
  • Blockchain systems usually require a certain number of distributed full ledger nodes to ensure security. If the miner nodes on the parallel chain are responsible for accounting, due to the large number of miner nodes, the entire network broadcast of ledger data will occupy a large amount of bandwidth. In terms of high-throughput parallel chains, the amount of data that needs to be synchronized is large, and the network burden is further increased. Too many full-ledger nodes do not bring additional value; moreover, support for the transmission of large amounts of synchronized data to the miner node equipment Both performance and network bandwidth have high requirements. However, in practice, especially on the public chain, miner nodes are mostly personal devices, and their performance is limited and distributed in different network environments. This requirement is difficult to meet. In addition, most individuals who participate in mining do not have or have very little accounting needs, but only hope to obtain economic benefits through mining. If they are forced to participate in accounting, it may lead to the loss of users.
  • the slave TEE as a miner only competes for the accounting right, and does not directly account for it. Only the mining node performs accounting, and the mining node The number of is much smaller than the number of Slave TEE, so the amount of data that needs to be synchronized between mining nodes will not be too large.
  • the mining pool can be deployed in the cloud, the performance of the mining pool server and mining nodes, and the bandwidth of the network transmission can be guaranteed, and data synchronization will not cause a serious burden on the network.
  • Slave TEE does not participate in accounting, there is no need to synchronize the data of the blockchain. Therefore, the performance of the terminal equipment and the network environment will not become the performance bottleneck of the blockchain system.
  • Mining pools can be operated by users who have a large amount of accounting requirements. For example, enterprise users may have a large amount of accounting requirements after the funds are chained. Enterprise users are usually not interested in mining revenue, but to achieve accounting requirements, you can Attract individual users to access the mining pool to help them mine. Individual users can obtain mining revenue without accounting, and naturally are willing to join the mining pool. Both types of users take their own needs, which is conducive to improving the block The operating status of the chain system. Multiple mining pools can be built on the blockchain system. Different companies can build their own mining pools and share the entire blockchain system. At the same time, it is also convenient to disperse the mining power into different mining pools and avoid computing power. Concentration affects the security of the blockchain system.
  • all mining nodes on the parallel chain are included in a mining pool. There are no mining nodes on the parallel chain that are free of the mining pool. Users can only participate in mining through the mining pool. In the mine, the terminal equipment is controlled by the mining pool server to prevent the attacker from gathering computing power.
  • the blockchain system in the embodiment of the present disclosure uses a parallel chain instead of an ordinary single chain, supports the decentralization of each slave TEE on different parallel chains for mining, and effectively avoids the concentration of computing power. Decentralized, I will introduce the possible implementation methods in detail later.
  • FIG. 3 shows a flowchart of a billing method provided by an embodiment of the present disclosure.
  • Figure 3 describes a process of accounting rights competition.
  • the accounting method may include:
  • Step S301 The mining node sends the hash value of the main body of the block header of the pending accounting block to the mining pool server and the difficulty target value of mining on the parallel chain.
  • the transaction buffer of the mining node holds the transaction to be booked.
  • the pending bookkeeping block refers to the new block determined according to the transaction to be booked before the mining starts.
  • the block body of the block has been determined, which contains pending transactions.
  • the block header of the pending accounting block can be divided into two parts, including the main part and additional parts. Before starting mining, the main part has also been determined.
  • the main part of the block header may include the version number of the block, the block header of the previous block in the block chain.
  • the main part of the block header may also include more or fewer fields, for example, in some implementations, in order to superimpose the PoW consensus mechanism and the consensus mechanism adopted in the embodiments of the present disclosure
  • the main part of the block header may also contain the random number (Nonce) to be used in the PoW algorithm.
  • the additional part of the pending accounting block can only be determined after the mining is completed. Specifically, the Slave TEE competing for the accounting right is returned to the mining node through the mining pool server. After the mining node obtains the additional part, it can be completed.
  • Block header includes at least the signature of the accounting right determination information and the address body of the wallet account bound by the Slave TEE competing for the accounting right of the block, the specific meaning of which will be described later. Understandably, the additional part of the block header may also include other information, such as an authentication code, which will be described later.
  • the hash value of the body part of the block header can be calculated, and the hash value can uniquely identify the pending accounting block.
  • the difficulty target value represents the difficulty of mining on the parallel chain (the greater the difficulty of mining, the longer the average mining time per mining).
  • the difficulty target value is maintained and updated by the mining node. When the difficulty target value is not updated, the same parallel chain
  • the difficulty target values of the mining nodes on the same moment are the same.
  • the difficulty target value is updated by the following formula:
  • New difficulty target value current difficulty target value * (actual time of current cycle/expected time of one cycle)
  • the period here refers to the update period of the difficulty target value. For example, it can be set that each mining node generates 1008 blocks as a period. Assuming that a block is expected to be generated every 5 minutes, the expected time of one cycle is 5040 (1008*5) minutes, and the actual time of the current cycle can be obtained statistically during the process of generating blocks. At the beginning, you can set a difficulty target value in a certain mining environment as the initial difficulty target value, and then update the difficulty target value according to the above formula.
  • the hash value of the main body of the block header can also be replaced with some other information that can uniquely identify the block, such as the area of the previous block in the blockchain
  • the advantages of using the hash value of the main part of the block header are: first, the hash value is shorter, which can reduce the amount of data that needs to be transmitted; second, the hash value of the main part of the block header is only at the beginning of the assembly of the pending accounting area It can only be determined at the time of the block, and it cannot be determined before this, so each Slave TEE cannot start the competition of computing power in advance when the main part of the block header has not been determined Will be used to generate signatures), so that the hash value of the main part of the block header is used to identify the pending accounting block is conducive to improving the fairness in the process of competing accounting rights.
  • step S301 the mining node sends the hash value of the main body of the block header and the difficulty target value to the mining pool server, that is, step S301 is executed.
  • the difficulty target value remains unchanged, but there may be new pending bookkeeping transactions included in the pending bookkeeping block In the body, this will cause the value of some fields in the body of the block header to change, such as the timestamp and the root of the Merkel tree, which in turn will cause the hash value of the body of the block header to change.
  • the server needs to send the hash value of the new block header body to the mining pool server.
  • the mining node checks whether the hash value and difficulty target value of the hash value of the main body of the block header need to be sent to the mining pool server every preset time period (such as half a minute, one minute, etc.) . According to the above, when it is detected that a new block has been mined or a new transaction is included in the pending accounting block, the corresponding data is sent.
  • step S301 can be performed after step S204 in FIG. 2 and the set of pending transaction requests mentioned in step S204 Is the transaction to be recorded.
  • Step S302 The mining pool server stores the hash value of the main body of the block header and the difficulty target value sent by the mining node.
  • the hash value and difficulty target value of the main part of the block header can be stored in the database of the mining pool server, of course, it can also be stored in memory or other locations, which is not limited.
  • the hash value and difficulty target value of the main body of the block header sent by the mining nodes on different parallel chains can be stored separately, so that they can be distinguished during subsequent use.
  • Step S303 The terminal device sends an accounting request to the mining pool server.
  • the terminal device Before step S303 starts to be executed, the terminal device has been connected to the mining pool server and can participate in mining.
  • the accounting request is used to indicate to the mining pool server that the slave TEE of the terminal device configuration wishes to participate in the competition for accounting rights.
  • the terminal device sends an accounting request every other time, which can be fixed or configured by the user in the mining application installed on the terminal device, for example, the time interval for initiating the request is configured as Sometime within 1 to 60 minutes.
  • the time interval at which the terminal device sends the accounting request may also be affected by the success of the Slave TEE competition accounting. For example, after the accounting competition is successful, it may be idle for a period of time to temporarily not participate in the competition accounting, or, in After the accounting competition fails, it then participates in the accounting competition.
  • Step S304 the mining pool server sends the hash value of the main body of the block header and the difficulty target value to the terminal device.
  • the mining pool server After receiving the accounting request, the mining pool server returns the hash value and difficulty target value of the main body of the block header required for competitive accounting to the terminal device, where the hash value and difficulty target value of the main body of the block header are the steps Obtained in S302.
  • Slave TEE can only compete for the accounting rights on one of the parallel chains at a time, and the hash value of the main body of the block header sent by the mining node on the parallel chain and the The difficulty target value is sent to the terminal device.
  • different implementation methods can be adopted. For example, it is not limited on which parallel chain Slave TEE mines, and a parallel chain is randomly selected as its mining parallel chain, for example, Limit Slave TEE to only mine on a particular parallel chain, etc.
  • Step S305 The Slave TEE configured in the terminal device determines whether its accumulated unused duration is greater than the accumulated unused lower limit duration calculated according to the difficulty target value.
  • a clock can be set in Slave TEE, which is independent of the clock on the terminal device, and the clock can only be accessed by the program (TA) inside Slave TEE, and cannot be accessed by programs other than Slave TEE (such as the program on the terminal device) Visited.
  • TA program inside Slave TEE
  • the initial value of the accumulated unused time can be configured.
  • the elapsed/elapsed time from the start of the competition accounting right to the current time of the clock set in the Slave TEE Will add up to the accumulated unused time.
  • the specific accumulation method is not limited.
  • the process of continuously running in the Slave TEE can control the change of the accumulated unused time.
  • the accumulated unused time needs to be obtained first, and the time elapsed/elapsed from the start of the competition accounting right to the current time of the clock set in the Slave TEE is determined before acquiring, and then The determined duration is added to the accumulated unused duration.
  • the Slave TEE is simply powered up without competing for billing rights, and the current accumulated unused time will not be accumulated.
  • the cumulative unused lower limit duration is calculated according to the difficulty target value, for example, in some implementations, it can be calculated by the following formula:
  • M is a preset constant, which can be saved in Slave TEE.
  • the cumulative unused lower limit duration can characterize the approximate time interval between each Salve TEE obtaining the accounting right twice under the specified difficulty target value. Therefore, if Slave TEE judges that the current accumulated unused time exceeds the accumulated unused lower limit time, then Slave TEE can determine that it has obtained the accounting right. If the accounting right is obtained, step S306 is executed. If the accounting right is not obtained, it can continue to participate in the next round of accounting right competition.
  • Slave TEE can obtain the accounting right, which does not mean that Slave TEE can successfully account, and there may be other verification steps in the subsequent steps, which leads to Slave TEE accounting failure, so the acquisition of accounting right here should be understood as pure From the perspective of the consensus algorithm, the accounting power can be obtained.
  • Slave TEE After obtaining the accounting right, Slave TEE updates the accumulated unused minimum duration to the difference between the current accumulated unused duration and the accumulated unused minimum duration. That is, the competition for the accounting right will cause the accumulated unused time to consume the accumulated unused lower limit time, thereby ensuring the fair competition of the Slave TEE in the mining pool.
  • the terminal device first receives the difficulty target value and the hash value of the body part of the block header, and then passes the two pieces of information to the Slave TEE (respectively for step S305 and step S306), and passes The way of information can be to call the external interface provided by Slave TEE, using the difficulty target value and the hash value of the main part of the block header as the calling parameters.
  • the function of this interface externally is the function of competing for accounting rights (step S305 and step S306) .
  • Slave TEE can be implemented with low-cost, low-power hardware, which further reduces the threshold of equipment required for mining and helps the mining pool attract more users to participate in mining. Further, most of the time, such as the interval between competing billing rights, Slave TEE's computing resources are idle, so they can even be used to perform other tasks.
  • the computing power of the Slave TEE is often mentioned, but its meaning is different from the computing power of the miner when the PoW consensus algorithm is adopted, and does not represent the computing power.
  • the computing power of Slave TEE also characterizes the ability to compete for accounting power. From this point of view, it also has similarities with the definition of computing power in the prior art, so this statement is used.
  • Step S306 Slave TEE signs the accounting right determination information.
  • the accounting right determination information includes key information related to the competitive accounting right.
  • the accounting right determination information includes at least the hash value of the body part of the block header of the pending accounting block and the address body of the wallet account bound by the Slave TEE.
  • the accounting right determination information may further include the cumulative unused lower limit duration mentioned in step S305, the random number mentioned in step S301, an authentication code to be mentioned later, and so on.
  • Slave TEE is bound to the address of the wallet account for receiving mining revenue.
  • the address of the wallet account is unique in the blockchain system where Slave TEE is located.
  • the address of the wallet account includes at least the address body of the wallet account, and in some implementations may optionally include additional parts.
  • Slave TEE can generate a wallet account address in response to an account address generation request sent by a terminal device, and the address of each wallet account corresponds uniquely to each Slave TEE, that is, it has a binding relationship.
  • the terminal device After the terminal device is configured with Salve TEE, the user can make an account address generation operation in the wallet application installed on the terminal device, the terminal device responds to the operation and generates the above account address generation request, and then generates a wallet account in Slave TEE address.
  • the method of generating the address body of the wallet account may use the method of generating the address of the wallet account in the existing blockchain, that is, the meaning of the address body of the wallet account in the embodiment of the present disclosure and the address of the wallet account in the prior art The meaning is the same.
  • the additional part of the address of the wallet account may include, but is not limited to, Slave TEE's virtual parallel chain identifier, the type of the wallet account, and other information. The virtual parallel chain identifier will be described in detail later.
  • the address body of the wallet account can uniquely identify the Slave TEE, so the address body of the wallet account indicates the identity of the bookkeeper, and is also one of the key information in the process of competing bookkeeping rights .
  • the signature of the accounting right determination information may be asymmetrically encrypted.
  • the first private key may be saved in the Slave TEE in advance, and the first private key may be used to encrypt the accounting right determination information to generate a signature of the accounting right determination information.
  • Any node in the blockchain system that holds the first public key that matches the first private key can use the first public key to verify the authenticity of the signature.
  • Step S307 The terminal device sends the accounting right determination information and the signature of the accounting right determination information to the mining pool server.
  • Step S308 The mining pool server sends the accounting right determination information and the signature of the accounting right determination information to the mining node.
  • the mining pool server may directly perform step S308 without processing the accounting right determination information and the signature of the accounting right determination information.
  • the mining pool server may verify the result of competing for the accounting right according to the accounting right determination information and the signature of the accounting right determination information. For example, when the accounting right determination information is signed with the first private key, the mining pool server can save the first public key and use the first public key to verify the authenticity of the signature. If the signature verification succeeds, it indicates that the signature is indeed generated by the Slave TEE , Which can prove that the accounting right determination information received by the mining pool server is indeed sent by Slave TEE, and then step S308 can be executed. If the signature verification fails, it indicates that the accounting right determination information received by the mining pool server is not sent by Slave TEE , May be forged by the attacker, so step S308 and subsequent steps are not performed to prevent the attacker from obtaining accounting rights.
  • the mining pool server can also verify the accounting rights to determine whether the content of the information has been tampered with to improve the security of the blockchain system and avoid information forgery. For example, the mining pool server can verify whether the hash value of the locally stored block header body part is consistent with the hash value of the block header body part in the accounting right determination information, so as to determine whether Slave TEE used forged Pending accounting block. For another example, the mining pool server can convert a cumulative unused lower limit duration according to the locally saved difficulty target value, and verify whether the converted cumulative unused lower limit duration is consistent with the cumulative unused lower limit duration in the accounting right determination information, In order to determine whether Slave TEE used the forged difficulty target value when accounting. According to the verification result, if the accounting right determination information has not been tampered with, step S308 is continued, otherwise step S308 and subsequent steps are not executed.
  • step S304 when the blockchain system has multiple parallel chains, Slave TEE can only compete for the accounting rights on one of the parallel chains at a time, so the mining pool server sends to the mining node in step S308
  • the signature of the accounting right determination information and the accounting right determination information should also be the signature of the accounting right determination information and the accounting right determination information sent to the mining node on the parallel chain where Slave TEE competes for the accounting right, or That is to say, if the hash value and difficulty target value of the main body of the block header used in the Slave TEE competition for the accounting right are originally from which mining node, then after the competition to the accounting right, the accounting right determination information and the accounting right are determined
  • the signature of the information should also be sent back to the mining node.
  • Step S309 The mining node generates an accounting block and adds the accounting block to the local blockchain.
  • the additional part of the block header of the pending accounting block includes at least the signature of the accounting right determination information and the address body of the wallet account bound by the Slave TEE competing for the accounting right of the block, and The content of the competition cannot be determined before the success of the accounting right.
  • the accounting right determination information contains these two contents, so at this time, the mining node can already form a complete block header, and the block body is also determined, so it can generate a complete block, which may be called the accounting area Piece. After the mining node has assembled the accounting block, it is added to the tail of its local blockchain.
  • the mining node may directly perform step S309 without processing the accounting right determination information and the signature of the accounting right determination information.
  • the mining node may verify the result of competing for the accounting right based on the accounting right determination information and the signature of the accounting right determination information. For example, in the case where the accounting right determination information is signed using the first private key, the mining node may save the first public key and use the first public key to verify the authenticity of the signature. If the signature verification is successful, step S309 is executed. If the signature verification fails, step S309 and subsequent steps are not executed.
  • the mining node can also verify the accounting rights to determine whether the content of the information has been tampered with to improve the security of the blockchain system and avoid information forgery. For example, the mining node can verify whether the hash value of the locally stored block header body part is consistent with the hash value of the block header body part in the accounting right determination information, so as to determine whether Slave TEE used forged Pending accounting block. For another example, the mining node may convert a cumulative unused lower limit duration according to the locally saved difficulty target value, and verify whether the converted cumulative unused lower limit duration is consistent with the cumulative unused lower limit duration in the accounting right determination information, thereby Determine whether Slave TEE uses the forged difficulty target value when accounting. According to the verification result, if the accounting right determination information has not been tampered with, step S309 is continued, otherwise step S309 and subsequent steps are not executed.
  • the mining node After the mining node adds the accounting block to the local blockchain, it will also broadcast the newly generated block on the parallel chain where the mining node is located, so that the block is synchronized to other on the parallel chain In the node's ledger, the specific broadcast method can be similar to the existing blockchain, and will not be elaborated in detail.
  • the mining node also broadcasts the accounting right determination information and the signature of the accounting right determination information to other nodes on the parallel chain that need to be accounted for, and these nodes can verify after receiving the information Whether the content of the information is consistent with the accounting block to be confirmed in the local blockchain. If they are consistent, the accounting block is recognized as a legal block, otherwise the accounting block is not approved to avoid the generation of The block was forged.
  • the accounting block B1 is generated by the mining node M1, and the mining node M1 broadcasts it to the mining node M2 of the same chain, and the mining node M2 adds the block B1 to the tail of its local blockchain, waiting It is further confirmed that for mining node M2, block B1 is the accounting block to be confirmed.
  • the mining node M2 Take the mining node M2 as an example to illustrate how the accounting node on the parallel chain can verify the legitimacy of the block based on the accounting right determination information and the signature of the accounting right determination information.
  • the first public key may be stored on M2 to verify the authenticity of the signature of the accounting right determination information.
  • M2 can combine the hash value of the main body of the block header in the accounting right determination information, the address body of the wallet account, the accumulated unused minimum duration (corresponding to the difficulty target value) and other content with its local blockchain. The corresponding information items in the block header of the confirmed accounting block are compared to verify whether they are consistent.
  • the block header of the accounting block contains the signature of the accounting right determination information
  • the holder of the public key can verify the authenticity of the signature to confirm the area Whether the block is generated by legal SlaveTEE equipment through mining.
  • one of the core problems to be solved is to prevent the attacker from intentionally concentrating the computing power and creating a 51% computing power attack.
  • the embodiments of the present disclosure provide several measures to avoid the accumulation of computing power in the blockchain system. 4(A) to 4(B) show a flowchart of another accounting method provided by an embodiment of the present disclosure. 4(A) and 4(B), the method includes:
  • Step S401 The terminal device sends a registration request to the mining pool server.
  • Slave TEE is configured on a certain terminal device, and Slave TEE has been bound to the address of the wallet account used in mining. Now the user wants to access a mining pool through the terminal device to participate in mining.
  • the terminal device can directly start mining, such as step S303.
  • the user needs to register on the mining pool server first, and only after the registration is successful can mining be performed, so that the mining pool server can control the miners.
  • the user sends a registration request to the mining pool server through the terminal device, and the registration request can be actively initiated by the user in the mining application installed on the terminal device.
  • the registration request carries registration information.
  • the registration information includes at least the address of the wallet account bound to the Slave TEE, and may also include user attribute information, such as a user name, password, and user personal information.
  • the real-name certification authority may be a third-party authority that has no direct interest in users and mining pools, for example, some national regulatory authorities.
  • the real-name authentication can be handled by the user to the real-name authentication agency, for example, the user visits the website of the real-name authentication agency through a web browser application installed on the mobile phone (a type of terminal device), and fills in his mobile phone number (the user’s real identity information) One), the address of the wallet account and the mobile phone verification code bound to the Slave TEE.
  • the mobile phone verification code can be obtained from the real-name certification body after the user fills out the mobile phone number.
  • the verification code will be sent to the mobile phone as a message, and the user will Fill it in, the user submits all the information after filling in all the information, and the real-name certification body verifies and stores the information submitted by the user on the server side. If the authentication is passed, the authentication result is returned to the mobile phone, and the mobile phone saves the authentication result locally. It can be understood that the specific method of real-name authentication is not limited in the embodiments of the present disclosure, and the above is only one of them.
  • the real-name authentication result may be a message with a specific format.
  • the real-name authentication result includes at least an authentication code, and may also include, but is not limited to, one or more information items in the authentication ID, user real-name ID, and device ID.
  • the certification mark is used to characterize the identity of the real-name certification body.
  • the user real name identification is used to characterize the user's real identity information, such as the user's mobile phone, ID card number, bank card number, driving license number, etc.
  • the content of the user real name identification may be submitted by the user when performing real name authentication.
  • the device identifier is used to characterize the slave TEE participating in the authentication, for example, it can be the address (or address body) of the wallet account bound to the slave TEE, the hardware identifier of the slave TEE, etc., where the hardware identifier of the slave TEE is used to uniquely mark a certain
  • the identity of the Slave TEE can be determined and solidified in the Slave TEE when Salve TEE is manufactured.
  • the content of the device identification may be submitted by the user during real-name authentication.
  • the authentication code is used to indicate that the user has passed the authentication of the real-name authentication agency, and the authentication code has a corresponding relationship with the user.
  • the user's real identity information is bound to the Slave TEE, and the user can be marked either by the user's real-name ID or by the device ID, so the authentication code and the user's real-name ID and device ID There is also a corresponding relationship.
  • the authentication code may be implemented as a random integer generated by the real-name certification authority, and stored on the server of the real-name certification authority in association with the user real-name identification and/or device identification.
  • the person or device that obtains the above-mentioned authentication result can go to the real-name authentication agency to verify whether the user has passed the real-name authentication. For example, first parse out which real-name certification body made the certification result according to the certification mark, and then visit a query URL provided by the real-name certification body, submit the user real-name identification and authentication code, or submit the device identification and authentication code, namely You can get the results of the real-name certification body feedback, and indicate whether the user has passed the real-name authentication.
  • the real-name certification authority can use its private key to sign the certification result, return the certification result and the signature of the certification result to the terminal device, and the device with the public key of the real-name certification authority can verify the The authenticity of the signature.
  • the registration request sent by the terminal device to the mining pool server may also include the authentication result and the signature of the authentication result.
  • Step S402 The mining pool server verifies whether the registration request is valid.
  • the mining pool server judges whether the received registration information is legal, for example, whether the format is correct, etc. If it is legal, step S403 is executed, and if it is illegal, step S404 is executed to notify the terminal device that the registration has failed, so that the user can take corresponding measures, for example Re-register.
  • step S403 is executed; if the verification fails, step S404 is executed to notify the terminal device that the registration has failed.
  • the mining pool server can also go to the real-name certification authority to verify whether the user has actually passed the real-name authentication according to the authentication result, to avoid tampering with the authentication result.
  • the possible verification method has been illustrated in step S401. Repeat again. If the verification is successful, step S403 is executed; if the verification fails, step S404 is executed to notify the terminal device that the registration has failed.
  • Step S403 The mining pool server saves the registration information.
  • the registration information can be saved in the database of the mining pool server.
  • the main part of the address of the wallet account bound by Slave TEE and the virtual parallel chain identifier (additional part of the address of the wallet account) can be divided into two fields to save and add these two fields in the database Index for quick query.
  • Step S404 the mining pool server sends a registration response to the terminal device.
  • the registration response may include the status of successful registration, failed registration, etc., to inform the user of the registration result.
  • Step S405 The terminal device sends the pool application to the mining pool server.
  • the terminal device can directly start mining, such as step S303.
  • the user needs to be authorized by the mining pool server to start mining.
  • the so-called centralization refers to the large number of ASIC miners from the remote Access to miner nodes to participate in mining leads to the accumulation of computing power in the mining pool. Once the computing power on the large mining pool is used by the attacker, it may lead to a 51% computing power attack.
  • the PoW consensus algorithm is replaced by a new consensus algorithm, the essence of the algorithm is still the competitive accounting right. If the number of Slave TEE participating in mining in each mining pool is not limited, it is still possible There is a problem that a large number of mining pools gather a lot of computing power.
  • the purpose of the mining pool server authorization is precisely to control the number of slave TEEs participating in mining in the mining pool and avoid the trend of centralized mining pools. Once the centralization of the mining pool can be avoided, the advantages brought by the mining pool structure are significant. It has been explained in the previous introduction to the structure of the parallel chain system, including reducing the network burden of the blockchain system, making enterprise users with accounting needs Complementary advantages with individual users who have mining needs, etc.
  • the terminal device In order to obtain the authorization of the mining pool server, the terminal device first sends the pool application to the mining pool server to inform the mining pool server that it wants to participate in mining.
  • the pooling application can carry information related to mining, including but not limited to the mine pool identification, application time, the public key of the address of the slave TEE-bound wallet account configured on the terminal device, and the wallet account of the Slave TEE-bound wallet account Information such as the virtual parallel chain ID in the address.
  • the mining pool logo is used to uniquely identify a mining pool in the blockchain system. This logo is open to the public and can be obtained by anyone.
  • the terminal device For example, if a user wants to mine in a mining pool, he can obtain the mining pool ID of the mining pool in advance, and then enter it into the mining application installed on the terminal device.
  • the public key of the address of the wallet account has a unique correspondence with the main part of the address of the wallet account. The former can be used to derive the latter according to the determined rules. Therefore, obtaining the public key is equivalent to obtaining the address body of the wallet account.
  • the public key of the address of the wallet account can be used to verify the signature made by the corresponding private key, so its scope of application is wider than the address of the pure wallet account.
  • the terminal device generates an application for pooling by calling the interface provided by Slave TEE.
  • the mining pool ID is passed to Slave TEE as the calling parameter.
  • the remaining three items of information can be given by the application in Slave TEE.
  • the Slave TEE can store the second private key, and use the second private key to sign the above four items of information, and the signature is also carried in the pooling application.
  • Step S406 The mining pool server verifies whether the pool entry application is valid.
  • the mining pool server judges whether the received pooling application is legal. If it is legal, step S407 is executed. If it is not legal, step S411 can be executed to inform the terminal device that the pooling application failed, so that the user can take corresponding measures, such as re-applying .
  • step S406 may be implemented in the following manner:
  • the mining pool logo can be saved in its configured Master TEE and cannot be modified at will. If it is verified that the mine pool ID is the same as the mine pool ID of the mine pool where it is located, continue to perform the next steps, otherwise it is determined that the application for pool entry is invalid. After verifying that the mine pool ID is the same as the mine pool ID of the mine pool where you are, use the second public key saved by the mine pool server to match the second private key to verify the authenticity of the signature in the pool application. If the verification passes, continue Perform the following steps, otherwise it is determined that the pool application is invalid.
  • the wallet account’s address body is derived from the wallet account’s public key. Since the registration information is saved in step S403, the registration information can be queried from the previously saved registration information If the address body of the wallet account is not queried, it indicates that the user who applied for pooling has not registered at all, and it is determined that the application for pooling is invalid; or although the address body of the wallet account is queried, the virtual parallel chain of the address of the corresponding wallet account If the ID is inconsistent with the ID of the virtual parallel chain carried in the pooling application, the pooling application is also determined to be invalid; if the user applying for pooling is registered and the sequence number of the virtual parallel chain saved is correct according to the query result, the pooling application is valid. It can be understood that, in specific implementation, the sequence of the above several verification steps may also adopt a different sequence from the above listed.
  • Step S407 the master TEE configured by the mining pool server determines whether the capacity of the mining pool server is less than the capacity threshold.
  • the capacity threshold of the mining pool server refers to the maximum number of Slave TEE allowed by the mining pool server at a certain moment or a certain period of time, and the capacity refers to the mining pool server at a certain moment or a certain period of time The number of Slave TEEs that have been allowed to be mined in the pool. If the capacity is less than the capacity threshold, you can continue to perform step S408 to authorize the Slave TEE of the terminal device configuration that submitted the pool application to participate in mining, otherwise you can perform step S411 to notify the terminal device that the current mining pool is full and suspend the authorization so that the terminal device Take appropriate measures, such as waiting a while and trying again.
  • Through mining pool capacity control it can effectively avoid the trend of centralized mining pools, improve the security of the blockchain system, and increase the practical value of the mining pool structure.
  • the authorized use time T1 of each Slave TEE can be limited, that is, after each Slave TEE is authorized, it can only participate in mining within T1 time (from the authorization start time) After the expiration, you must re-apply for pooling (also does not exclude some implementations of automatic renewal for a period of time), otherwise, after a long period of time, there may be more and more terminal devices connected to the mining pool, resulting in Force gathering, specifically how to limit Slave TEE can only participate in mining during T1 time will be explained in detail later.
  • the capacity threshold is defined as the maximum number N2 of slave TEE allowed to be mined by the mining server during the T1 time.
  • the mining pool server can take the following measures to control its capacity not to exceed the capacity threshold:
  • the mining pool server performs pooling authorization according to a fixed authorization period T2 (T2 ⁇ T1), and controls the number of pooling authorizations in each authorization period to be less than the first threshold N1, that is, N1 is the maximum number of slaves that can be authorized in an authorization period quantity.
  • T2 a fixed authorization period
  • N1 the first threshold
  • the mining pool server receives a new pooling application, it can judge whether the new pooling application can be authorized by comparing the pooling authorization amount and N1 in the current authorization period. If it can, continue to step S408, and Add 1 to the pool authorization amount in the current authorization period. If it is not possible, step S411 can be executed to inform the terminal device that the mining pool is full in the current authorization period and the authorization is suspended so that the terminal device can take corresponding measures, for example, in the next authorization Try again during the cycle.
  • T1, T2 and N1 can be pre-configured in the Master TEE.
  • the application in Master TEE can set N1 to meet the rental requirements of Master TEE equipment. For example, resetting N1 to 0 every other year (lease period) will cause the mining pool server to be unable to continue to be authorized. The manager of the mining pool server must renew the lease with the Master TEE publisher.
  • Step S408 The Master TEE generates authorization information.
  • the Master TEE can organize the message content of the authorization response (used in step S411).
  • the content is authorization information
  • the authorization information includes at least an authorization code and an authorization serial number.
  • the authorization information may further include the authorized use duration (ie, T1 in step S407).
  • the authorization information can be used to inform the terminal device that its configured slave has been authorized and can start mining.
  • the authorization code may include, but is not limited to, the mining pool ID of the mining pool server, the authorization serial number, the application time, the authorized use duration, the address body of the wallet account bound by the authorized Slave TEE, and other information.
  • the authorization serial number can be assigned by the Master TEE to mark each authorization differently, for example, it can be implemented as an integer that increases with the number of authorizations.
  • the application time and the address subject of the authorized Slave TEE-bound wallet account can be included in the pooling application sent by the terminal device (the address subject of the wallet account is deduced from the public key of the address of the wallet account).
  • Step S409 The Master TEE generates a second key according to the second key generation algorithm, and uses the second key to encrypt the authorization code.
  • step S410 may be directly executed. In other implementations, after performing step S408, step S409 may be further executed to encrypt the authorization code before performing step S410.
  • the encryption process of the authorization code can be implemented in the Master TEE.
  • the Master TEE provides the calling interface, and the clear text authorization code is passed in as a parameter to return the encrypted authorization code after the call.
  • the authorization code uses the second key generated by the second key generation algorithm for symmetric encryption.
  • the second key generation algorithm is not limited here.
  • a preset word string can be stored in the Master TEE
  • the second key generation algorithm can be a certain hash algorithm
  • the hash value can be calculated as the second key according to the preset word string.
  • the above word string is only in TEE Used in the environment, will not leak to the outside.
  • Symmetric encryption algorithm is not limited, for example, AES algorithm, DES algorithm, 3DES algorithm, SM4 algorithm, etc.
  • the second key generation algorithm can be implemented to be owned by Master TEE, that is, the algorithm implementation is not disclosed outside the TEE environment, and the second key generated by the algorithm is used in Master TEE and only used for encryption
  • the authorization code is not used for other purposes including decryption authorization code, that is, the second key is used unidirectionally in the Master TEE.
  • the Master TEE can only provide an interface for encrypting the authorization code, and does not provide an interface for decrypting the authorization code (or the interface is not implemented at all).
  • steps S407, S408, and S409 can be continuously executed in Master TEE.
  • the execution of these three steps cannot be interrupted or interfered with by programs other than Master TEE, so that external programs cannot change the dependent parameters of intermediate steps. This can ensure that the capacity control is completely determined by the Master TEE, and the program in the mining pool server cannot simulate or fake the capacity control process as a whole.
  • Master TEE can provide an interface for authorization.
  • the mining server is responsible for calling after the verification in step S406, and steps S407, S408, and S409 are implemented in the interface.
  • Step S410 the mining pool server saves the authorization serial number and authorization related information
  • the authorization serial number is generated by the Master TEE in step S408. Since the authorization serial number is ultimately sent by the mining pool server to the terminal device (in step S411), the mining pool server can obtain the authorization serial number.
  • the mining pool server stores the authorization sequence number and authorization related information in correspondence.
  • the authorization-related information refers to information related to the authorization content, which may include, but is not limited to, the start time of authorization, the duration of authorized use, the address body of the wallet account bound by the authorized Slave TEE, and other information. Among them, the authorization start time can be taken into the application time of the pool application. Considering that there may be many users participating in mining, the authorization associated information will occupy a lot of storage space.
  • the authorization serial number and authorization associated information may be stored in the database of the mining pool server.
  • the mining pool server can also read the authorization related information from the database after the restart, restore the authorization record, and continue to provide mining services, which is conducive to improving system stability.
  • Step S411 The mining pool server sends an authorization response to the terminal device.
  • the authorization response includes both the response to authorization success and the response to authorization failure.
  • the response to the authorization failure may be that the pool entry application fails verification or the mining pool is full, etc., which has been mentioned in the previous step description.
  • the successful authorization response includes information such as the authorization code, authorization serial number, and authorization duration generated in step S408.
  • step S411 should include the encrypted authorization code.
  • Step S412 The mining node sends the hash value of the main body of the block header of the pending accounting block to the mining pool server and the difficulty target value of mining on the parallel chain.
  • Step S412 is similar to step S301 and will not be repeated.
  • Step S413 The Master TEE generates a first key according to the first key generation algorithm, and uses the first key to encrypt the hash value of the body part of the block header.
  • step S414 can be directly executed after step S412.
  • step S413 may be first performed to encrypt the hash value of the body part of the block header of the accounting block to be determined, and then step S414 may be executed.
  • step S414 may also be performed first, and in step S419, before the hash value of the body part of the block header is sent to the terminal device, step S413 may be performed to encrypt it.
  • the encryption process of the hash value of the main part of the block header is implemented in the Master TEE.
  • the Master TEE provides a calling interface, and the hash value of the main body of the block header in clear text is passed as a parameter to return the encrypted hash value of the main body of the block header after the call is completed.
  • the hash value of the body part of the block header is symmetrically encrypted using the first key generated by the first key generation algorithm.
  • the first key generation algorithm is not limited here. For example, it may be a hash algorithm that calculates a hash value as the first key according to the configuration information of the mining pool.
  • the first key generation algorithm can be implemented as follows: the content of the mining pool configuration information is spliced into a string, and a preset string that is not disclosed to the public is added at the end of it, and the hash value of the generated string is calculated, Then use the hash value as the first key.
  • the configuration information of the mining pool may include the chain identifier of the parallel chain.
  • the parallel chain identifier is used to uniquely mark each parallel chain in the blockchain system.
  • the chain identifier of the parallel chain may be implemented using an integer serial number.
  • the parallel chain here refers to the parallel chain where the mining node that sends the hash value of the main part of the block header is located.
  • the mining pool server can pre-store the chain ID of the parallel chain corresponding to each mining node in the mining pool. Therefore, when encrypting the hash value of the main part of the block header, Master TEE obtains the chain ID of the corresponding parallel chain as described above. A key for encryption.
  • the mining pool configuration information further includes at least one of the number of times the parallel chain has been expanded and the mining pool identifier of the mining pool.
  • the mining pool logo where the mining pool server is located is pre-configured in Master TEE, which has been introduced before.
  • the parallel chains in the blockchain system provided by the embodiments of the present disclosure support capacity expansion, that is, the number of parallel chains in the system can be expanded when the traffic volume is large (new nodes are added to the newly generated parallel chains). For simplicity, only the expansion method of doubling the number of parallel chains is introduced, but it should not be understood that the blockchain system can only adopt this expansion method.
  • the so-called multiplication and expansion refers to the number of parallel chains doubled each time the capacity is expanded.
  • the number of expansions is incremented by 1.
  • the blockchain system initially has 1 parallel chain, and the number of times it has been expanded is 0; then after one expansion, 1 parallel chain is expanded into 2 parallel chains, and the number of times that it has been expanded is 1, and then passes
  • the capacity is expanded, the two parallel chains are expanded into four parallel chains, and the number of times the capacity has been expanded is 2, and so on.
  • an upper limit can also be set for the number of times the capacity is expanded according to the size of the system that can be supported, such as 16, that is, the blockchain system supports up to 65536 parallel chains.
  • the number of times the parallel chain has been expanded can also be saved in the Master TEE and updated when the blockchain system is expanded.
  • the real-name authentication mechanism when calculating the first key using the first key generation algorithm, in addition to considering the pool configuration information, the authentication obtained during real-name authentication can also be used.
  • the code also serves as one of the sources of the first key, and the authentication code is included in the registration request sent by the terminal device to the mining pool server in step S401.
  • the symmetric encryption algorithm that encrypts the hash value of the main part of the block header is not limited, and may be, for example, the AES algorithm, DES algorithm, 3DES algorithm, SM4 algorithm, and so on.
  • the first key generation algorithm can be implemented to be privately owned by Master TEE, that is, the algorithm implementation is not disclosed outside the TEE environment, and the first key generated by the algorithm is used in Master TEE and only used for encryption
  • the hash value of the body part of the block header is not used for other purposes including decrypting the hash value of the body part of the block header, that is, the first key is used unidirectionally in the Master TEE.
  • Master TEE can only provide an interface for encrypting the hash value of the main body of the block header, and does not provide an interface for decrypting the hash value of the main body of the block header (or the interface is not implemented at all).
  • Step S414 The mining pool server stores the hash value of the main body of the block header and the target difficulty value.
  • Step S415 The terminal device sends an accounting request to the mining pool server.
  • the terminal device may send an accounting request to the mining pool server, indicating that the slave TEE configured by the terminal device wishes to participate in the competition for accounting rights.
  • the billing request may include, but is not limited to, information such as mine pool identification, authorization serial number, and current time. Among them, the mining pool identifier and the mining pool identifier carried in the pooling application previously sent by the terminal device are the same, and the authorization serial number is obtained by the terminal device in step S411.
  • the terminal device generates a billing request by calling the Slave TEE interface, where the mining pool ID and authorization serial number are passed into the Slave TEE as calling parameters, and the current time can be given by the clock in the Slave TEE.
  • the Slave TEE can store the third private key, and use the third private key to sign the above three items of information.
  • the signature can also be carried in the accounting request.
  • the third private key and the aforementioned second private key may be the same or different.
  • Step S416 The mining pool server verifies whether the accounting request is valid.
  • the mining pool server can determine whether the received accounting request is legal. If it is legal, step S417 is executed. If it is not legal, the terminal device can be notified that the accounting request failed, and the terminal device can initiate the request next time.
  • step S416 may be implemented in the following manner:
  • the mining pool server verifies that the mining pool ID is the same as the mining pool ID of the mining pool where it is located.
  • the mining pool logo can be saved in its configured Master TEE and cannot be modified at will. If the mine pool identifier is the same as the mine pool identifier of the mine pool where it is located, continue to perform the next steps, otherwise it is determined that the accounting request is invalid. After verifying that the mine pool ID is the same as the mine pool ID of the mine pool where it is located, use the third public key saved by the mine pool server to match the third private key to verify the authenticity of the signature in the accounting request. If the verification is passed, continue Perform the next steps, otherwise it is determined that the accounting request is invalid.
  • the authorization associated information is queried according to the authorization serial number.
  • the authorization serial number and the authorization associated information have been stored on the mining pool server correspondingly in step S410. If the authorization information does not exist in the stored information , Indicating that the terminal device has not been authorized at all, and it is determined that the billing request is invalid, otherwise the subsequent steps are continued.
  • the authorization association information may include, but is not limited to, the start time of authorization, the duration of authorization use, the address body of the wallet account bound by the authorized Slave TEE, and other information.
  • the mining pool server can also verify whether the authorization of the Slave TEE has expired, that is, whether the interval between the authorization start time and the current time carried in the billing request exceeds the authorized use time, if the authorized use time is exceeded, it indicates that the authorization has expired, Slave TEE has no right to continue accounting, and the accounting request is determined to be invalid, otherwise it will continue to perform the next steps. It can be understood that, in specific implementation, the sequence of the above several verification steps may also adopt a different sequence from the above listed.
  • Step S417 The Master TEE determines the parallel chain associated with the terminal device.
  • Slave TEE can mine on any parallel chain, and each mining can also be on a different parallel chain. This article is not limited to this.
  • SlaveTEE's computing power being concentrated on certain parallel chains, a 51% computing power attack is created, and terminal devices are restricted to only obtain block headers provided by mining nodes on their associated parallel chains.
  • the hash value and difficulty target value of the main part so that the Slave TEE configured by the terminal device can only be mined on the associated parallel chain, that is, the computing power of the Slave TEE is dispersed.
  • parallel chain associated with terminal equipment refers to the parallel chain associated with the slave TEE configuration of the terminal equipment.
  • these slave TEEs can be associated with different parallel chains.
  • this article generally takes the case where the terminal device is configured with only one slave TEE as an example, but this should not be considered as a limitation on the protection scope of the present disclosure.
  • the Master TEE can calculate the parallel associated with the terminal device based on the virtual parallel chain identifier of the wallet account address bound by the Slave TEE, the parallel chain identifier mask of the terminal device, and the number of parallel chains included in the blockchain system
  • the chain ID of the chain is to determine the parallel chain associated with the terminal device.
  • the virtual parallel chain identifier is calculated according to the hardware identifier of the slave TEE configured in the terminal device, and the hardware identifier of the slave TEE has been introduced in step S401.
  • the virtual parallel chain identifier VCN can be calculated as follows:
  • VCN UID&UidMask
  • UID is the hardware identifier of Slave TEE, which can be realized as a multi-byte value
  • UidMask is a virtual parallel chain identification mask, which is a constant stored in Slave TEE.
  • VCN is implemented as 2 bytes
  • UidMask is also 2 bytes
  • the value of UidMask is not limited, for example, it can be 0xFFFF, 0xFFEE (hexadecimal number), and so on.
  • the chain identifier MCN of the parallel chain associated with the terminal device can be calculated as follows:
  • means XOR operation
  • & means bitwise AND operation
  • VCN means virtual parallel chain identifier
  • MiningMask means parallel chain identifier mask
  • N means the number of parallel chains.
  • MiningMask can be stored in the Master TEE.
  • the value of MingMask may be adjusted. Its purpose is mainly to prevent attackers from deliberately acquiring Slave TEE with a specific VCN. The MCN calculated by these Slave TEE devices is the same, so that mining power can be aggregated on a specific parallel chain. If MiningMask is regularly updated, the attacker's acquisition behavior will become meaningless.
  • N can also be stored in the Master TEE, and its value is updated in the blockchain system capacity updater.
  • the Master TEE can also adopt other methods to determine the parallel chain associated with the terminal device, which is not limited to the above method.
  • Step S418 The mining pool server verifies whether the billing request meets the cooling time requirement.
  • Slave TEE can immediately participate in the next round of accounting rights competition after obtaining the accounting rights, without restrictions; in other implementations, Slave TEE will take the initiative to rest for a period of time after acquiring accounting rights If you do not participate in the accounting right, you will participate in the accounting right again after this time.
  • the period during which the Slave TEE rests is called the cooling time.
  • the cooling time can be taken as k times the accumulated unused lower limit time (k is greater than 0 and Constant less than 1), where the cumulative unused lower limit duration is calculated according to the current difficulty target value, which has been explained previously.
  • the Slave TEE has built-in applications to determine whether it should rest. During the Slave TEE break, even if the terminal device calls the interface for the competitive accounting right provided by the external device, the Slave TEE does not respond to the call or return The prompt message informs the terminal device that it is still in the cooling period.
  • the mining application installed in the terminal device records the time of the last successful accounting, and determines whether the time interval between the current time and the last successful accounting exceeds the cooling time, if not, then It will not mobilize the interface provided by Slave TEE for the external accounting right, otherwise it can be called.
  • the mine The pool server can still block the billing request by executing step S418 to force the Slave TEE to fail to obtain the billing right again within the cooling time period after obtaining the billing right.
  • the mining pool server can determine whether the time interval t1 between the Slave TEE and the last billing time configured by the terminal device is greater than the cooling time t2, and t2 is k times the cumulative unused lower limit time (k is greater than 0 and less than 1) Constant), where the cumulative unused lower limit duration is calculated according to the difficulty target value. Since the blockchain system may include multiple parallel chains, the difficulty target value on each parallel chain may not be the same, so for the slave TEE to be verified, the cumulative unused value should be calculated according to the difficulty target value on the parallel chain that it mines Lower limit duration.
  • the mining pool server may also notify the terminal device of the time interval t3 from which the next billing request is initiated, where t3 may be t2-t1, that is, the terminal device is not allowed to initiate New accounting request, until the time interval between Slave TEE and the last accounting exceeds the cooling time, to avoid the terminal device continuously sending meaningless (that is, impossible to obtain accounting rights) accounting request, resulting in waste of resources.
  • the mining pool server can prevent the attacker from intentionally hoarding the accumulated unused time in the Slave TEE configured by the terminal device through some means, and then release the computing power in the short term, so as to continuously obtain the accounting power, and make 51% calculation in disguise Attack, because all slaves participating in mining TEE can not avoid the cooling time limit.
  • Slave TEE which can configure more terminal equipment, has the opportunity to obtain accounting rights, which also reflects the fairness of mining to a certain extent.
  • Slave TEE time interval from the last accounting time is the current accounting time minus the last accounting time, where the current accounting time is the time indicated by the time stamp in the block header of the pending accounting block, the last time The accounting time is the time indicated by the timestamp in the block header of the block generated during the last accounting.
  • the mining pool server can obtain these two times from the mining node, according to the existing blockchain protocol, the area The timestamp in the block header can only roughly represent the accounting time (if it does not exceed 2 hours of the current network time is acceptable), the accounting time interval calculated directly by this method has a large error.
  • the timestamp is The mining node decides that it is not ruled out that someone deliberately advances or delays the billing time. These factors may cause the verification accuracy and credibility in step S418 to be low.
  • Height2 is the height of the pending accounting block in the blockchain
  • Height1 is the height of the block generated by the last accounting in the blockchain
  • It is the preset constant of the blockchain system, which is used to characterize the average block generation time of the blockchain system (the average time to generate a block), where the height of a block in the blockchain refers to its
  • the difference in block height is used to estimate the accounting time interval between the two blocks, with higher accuracy and credibility.
  • the height of the block can be actively requested by the mining pool server to the mining node on the parallel chain where the Slave TEE mining is located, and the mining node can query and obtain it from the blockchain data stored in it.
  • the mining node on the parallel chain where Slave TEE mining is located can also add the accounting block to the local blockchain, and after the accounting block is finally confirmed, place the accounting block in its
  • the main body of the local blockchain that competes with the accounting right Slave TEE wallet account address is actively sent to the mining pool server.
  • the mining pool server can save these data in the database and need to estimate the accounting time interval.
  • the pending accounting block has not been recorded when step S418 is executed In the blockchain, but if it is added to the blockchain, it must be at the end of the blockchain, so its height in the blockchain is known, and it can get the most recent block sent by the mining node. Height (the latest confirmed block in the current blockchain), this height is used as the height of the pending accounting block in the blockchain.
  • the mining node may also send the confirmed block generation time (that is, the timestamp in the block header) to the mining pool server, and the block generation time may serve as an auxiliary judgment.
  • the mining pool operator provides several Slave TEEs that act as stabilizers on each parallel chain. These Slave TEEs only compete with other Slave TEEs for a long time (for example, several times the average block time). Participate in the accounting right only when accounting rights, and is not limited by the cooling time, to avoid too long accounting interval of individual blocks.
  • the mining pool server sends the generation time of the block in the blockchain to the terminal device equipped with Slave TEE as the stabilizer.
  • the mining application installed on the terminal device is confirmed according to the current time and the latest one in the blockchain The difference in the generation time of the block can determine whether to allow Slave TEE as the stabilizer to compete for the accounting right.
  • the mining pool server can add a verification rule.
  • the difficulty target value saved by the mining pool server is greater than a certain preset value (such as half of the maximum difficulty target value), it is also regarded as To meet the requirements of cooling time, continue to perform the next steps.
  • the difficulty target value greater than the preset value indicates that the current mining difficulty on the parallel chain is too small (according to the calculation formula of the cumulative unused minimum duration, the greater the difficulty target value, the smaller the mining difficulty, and the smaller the mining difficulty means the parallel chain
  • the number of Slave on the TEE is very small. If the condition is met, it means that the block of the blockchain has stopped growing on the parallel chain corresponding to the difficulty target value.
  • the Slave TEE should be allowed to keep the account so that the block can be added normally.
  • a judgment can be added to the Slave TEE if the cumulative unused duration in the Slave TEE has exceeded the preset multiple of the cumulative unused minimum duration (eg 2 times), and the difficulty target value used to calculate the cumulative unused minimum duration is greater than A certain preset value (such as half of the maximum difficulty target value) is also considered to meet the cooling time requirement, and Slave TEE will not continue to rest.
  • a certain preset value such as half of the maximum difficulty target value
  • Step S419 The mining pool server sends the hash value and difficulty target value of the block header body part of the parallel chain associated with it to the terminal device.
  • step S417 the parallel chain associated with the terminal device has been determined, so in step S419, the hash value and the difficulty target value of the body part of the block header of its associated parallel chain can be sent to the terminal device.
  • Step S420 Slave TEE determines whether its accumulated unused duration is greater than the accumulated unused lower limit duration calculated according to the difficulty target value.
  • Step S420 is similar to step S305 and will not be described repeatedly.
  • Slave TEE determines whether it can obtain accounting rights. In addition to determining whether the cumulative unused duration exceeds the cumulative unused minimum duration, it also determines whether the cumulative unused duration falls within an integer multiple of the cooling duration. Only if both judgments are the same, can you confirm that you have obtained the accounting right, otherwise the competition for accounting right will fail. For example, if the cumulative unused lower limit duration is 2 days, and k is 0.5, the cooling duration is 1 day, and the integer multiple of the cooling duration is 1 day, 2 days, 3 days, and so on. An integer multiple of the cooling duration is defined as an integer multiple of the cooling duration plus a fault tolerance deviation time (for example, 20 minutes).
  • the integer multiple of the cooling duration is 1 day to 1 day and 20 minutes, and 2 days to 2 Days and 20 minutes, 3 days to 3 days and 20 minutes, etc.
  • the attacker controls a certain number of Slave TEEs, let these Slave TEEs concentrate on certain specific time points to compete for accounting power, so that the computing power is concentrated in time, and 51% computing power is disguised.
  • the significance of the attack to increase the above judgment is to force the time points at which Slave TEE competes for accounting power to be dispersed in time, to avoid concentration of computing power, and to ensure the security of the blockchain system.
  • Step S421 Slave TEE generates a second key according to the second key generation algorithm, and uses the second key to decrypt the authorization code.
  • step S422 the authorization code obtained from the mining pool server is used, and the authorization code is carried in the authorization response in step S411. If step S410 is performed to encrypt the authorization code before, step S421 needs to be performed to decrypt the authorization code before step S422 is performed, otherwise step S421 does not need to be performed.
  • the decryption process of the authorization code is implemented in Slave TEE.
  • Slave TEE provides a calling interface.
  • the encrypted authorization code is passed in as a parameter, and the plain text authorization code is returned after the call.
  • the authorization code uses the second key generated by the second key generation algorithm for symmetric decryption.
  • the second key generation algorithm should be the same as that used in the Master TEE in step S410 to ensure that the generated second key is also in the Master TEE.
  • the same preset character string as in Master TEE can also be saved in Slave TEE, and the same second key generation algorithm in Slave TEE and Master TEE is also based on this string Generate the second key. This string is only used in the TEE environment and will not be leaked to the outside.
  • the symmetric decryption algorithm in Slave TEE should also be consistent with the symmetric encryption algorithm used in Master TEE in step S410.
  • the second key generation algorithm can also be implemented as private by Slave TEE (master private by TEE in step S410), that is, the algorithm implementation is not disclosed outside the TEE environment, and the second secret generated by the algorithm
  • the key is used in the Slave TEE and is only used to decrypt the authorization code, not for other purposes including the encrypted authorization code, that is, the second key is used unidirectionally in the Slave TEE.
  • the Slave TEE It is possible to provide only an interface for decrypting the authorization code, and an interface for not encrypting the authorization code (or not to implement the interface at all).
  • the encryption and decryption mechanisms in steps S410 and S421 ensure that Master TEE and Slave TEE must be used together. Once there is a mismatch between the two, such as Slave TEE is forged, the encryption and decryption mechanism will not work properly, so that Slave TEE cannot decrypt. And use the authorization code. Moreover, since the second key is used unidirectionally in Master TEE and Slave TEE, it is ensured that the second key will not be cracked by an attacker.
  • Step S422 Slave TEE uses the authorization code to verify whether the authorization is valid.
  • the authorization code may include, but is not limited to, mine pool identification, authorization serial number, application time, authorized use duration, authorized Slave TEE wallet account address body and other information. Therefore, in step S422, the information can be used to verify whether the authorization is still valid at this time. For example, Slave TEE can verify whether the address body of the wallet account carried in the authorization code is consistent with the one saved by itself. (The condition for accumulating unused duration in S420 has been met), otherwise continue to the subsequent steps.
  • Slave TEE verifies whether the obtained authorization has expired, that is, whether the interval between the application time when sending the pooling application and the current time exceeds the authorized use time, if the authorized use time is exceeded, it indicates that the authorization has expired, Slave TEE It has no right to continue accounting, and it is determined that the competition for accounting rights has failed (although the condition of accumulating unused duration in S420 has been met), otherwise the subsequent steps are continued.
  • the Slave TEE competition billing right can be invoked by the terminal device through the interface provided by the terminal device. Therefore, it can be determined that the failure of the competition billing right can be prematurely terminated by calling the interface. It can be understood that, in specific implementation, the sequence of the above verification steps may also be different from the sequence listed above.
  • the authorization response sent by the mining pool server in step S411 contains the authorization serial number and the authorization duration in addition to the authorization code.
  • the reason is that the authorization code is in a ciphertext state, and it is encrypted in step S410 until it is decrypted in step S421. Before that, the information in the authorization code cannot be obtained. In addition, the information passed in the authorization code is The decryption process can ensure that it is not forged. Therefore, the other two messages can be sent separately in clear text.
  • the authorization serial number is used in step S415, and the authorized use time can be fed back to the mining application, for example, displayed on the application interface, so that the user knows how long he has been authorized, and for example, the mining application You can also determine whether the authorization of the current device is about to end according to the duration of the authorization.
  • the mining application can automatically initiate the pooling application described in step S405 (for example, call the interface provided by SlaveTEE to generate the pooling application ).
  • the terminal device may also be implemented without using the authorized use duration. In these implementations, the mining pool server does not need to send the clear authorization use duration during authorization.
  • Step S423 Slave TEE generates a first key according to the first key generation algorithm, and uses the first key to decrypt the hash value of the encrypted block header body part.
  • step S424 the Slave TEE uses the hash value of the main body of the block header obtained from the mining pool server, and the hash value is obtained in step S419. If step S413 is performed to encrypt the hash value of the body part of the block header before, step S423 needs to be performed to decrypt the hash value of the body part of the block header before step S424 is performed, otherwise step S423 is not necessary.
  • the decryption process of the hash value of the main body of the block header is implemented in Slave TEE.
  • the Slave TEE provides a calling interface.
  • the hash value of the encrypted main body of the block header is passed as a parameter.
  • the plain text of the main body of the block header is returned.
  • Hash value The hash value of the body part of the block header is symmetrically decrypted using the first key generated by the first key generation algorithm.
  • the first key generation algorithm should be the same as that used in the Master TEE in step S413 to ensure the generated first secret
  • the key is also the same as in Master TEE.
  • the algorithm calculates the first key based on the mining pool configuration information.
  • the mining pool configuration information includes the chain identifier of the parallel chain.
  • the parallel chain here refers to the parallel chain associated with the terminal device.
  • the parallel chain identifier can be obtained through the virtual parallel chain identifier of the wallet account address bound by Slave TEE and the terminal device’s
  • the parallel chain identification mask and the number of parallel chains included in the blockchain system should be calculated in the same way as in step S417.
  • the virtual parallel chain ID, the parallel chain ID mask, and the number of parallel chains can be saved in the Slave TEE. If the Master Chain TEE updates the parallel chain ID mask and the number of parallel chains, the Slave TEE should also be updated synchronously.
  • step S413 the chain identifier of the parallel chain is not calculated by the above three items of information, but since the sent in step S419 is the main part of the block header on the parallel chain corresponding to the parallel chain number calculated in step S417
  • the hash value of which can be equivalent to the parallel chain used in the calculation of the first key, is also calculated using the method in step S417, that is, the same algorithm used in decryption.
  • the mining pool configuration information at the time of encryption also includes information items such as the number of times the parallel chain has been expanded, the mining pool identifier, and the authentication code
  • the same information item should also be included in the mining pool configuration information used at the time of decryption.
  • the mine pool logo is pre-configured in the Slave TEE, which has been introduced before.
  • the number of times the parallel chain has been expanded has been introduced in step S413, and is not described in detail.
  • the number of times the parallel chain has been expanded can be saved in the Slave TEE. If the number of times the parallel chain has been expanded is updated in the Master TEE, the Slave TEE should also be updated synchronously. .
  • the authentication code is already obtained and stored in the Slave TEE when the terminal device performs real-name authentication.
  • the symmetric decryption algorithm in Slave TEE should also be consistent with the symmetric encryption algorithm used in Master TEE in step S413.
  • the first key generation algorithm can also be implemented as private by Slave TEE (master private by TEE in step S413), that is, the algorithm implementation is not disclosed outside the TEE environment, and the first secret generated by the algorithm
  • the key is used in Slave TEE and is only used to decrypt the hash value of the body part of the block header. It is not used for other purposes including the hash value of the body part of the encrypted block header. That is, the first key is in the Slave TEE It is used unidirectionally.
  • Slave TEE can only provide an interface for decrypting the hash value of the main body of the block header, and does not provide an interface for encrypting the hash value of the main body of the block header (or the interface is not implemented at all).
  • the encryption and decryption mechanisms in steps S413 and S423 ensure that Master TEE and Slave TEE must be used together. Once the two do not match, for example, Slave TEE is forged, the encryption and decryption mechanism will not work properly, so that Slave TEE cannot decrypt. And use the hash value of the main part of the block header, or even if it can be decrypted, the correct hash value of the main part of the block header cannot be obtained (it can be checked in the subsequent steps, causing the accounting to fail). Moreover, since the use of the first key in Master TEE and Slave TEE is unidirectional, it ensures that the first key will not be cracked by an attacker.
  • the calculation of the first key is related to the chain ID of the parallel chain associated with the terminal device, which means that the chain ID calculated in the Slave TEE must be consistent with the chain ID calculated in the Master TEE before the Slave TEE can Obtain the same first key as in Master TEE, or Slave TEE can only obtain and decrypt the hash value of the main body of the block header sent by the mining node on the parallel chain corresponding to the chain ID, even if other The hash value of the main body of the block header sent by the mining node on the parallel chain cannot be decrypted correctly, which limits the slave TEE to only mine on the parallel chain associated with the terminal device.
  • the parallel chain ID mask and the number of parallel chains in each Slave TEE are the same. Only the virtual parallel chain ID is different.
  • the virtual parallel chain ID is calculated according to the slave TEE hardware ID, as long as The hardware identification does not have a specific tendency, which can ensure that the Slave TEE in the mining pool is approximately evenly distributed to different parallel chains in the blockchain system.
  • the parallel chain is expanded, the number of times the parallel chain has been expanded and the number of parallel chains stored in the Master TEE (Used when calculating the chain ID of the parallel chain) has been updated, but the number of times the parallel chain saved in the Slave TEE has been expanded or the number of parallel chains has not been updated, Slave TEE will not be able to continue mining on the original parallel chain (because Correctly decrypt the hash value of the main part of the block header), that is, after the expansion and upgrade of the parallel chain, if the configuration of the Slave TEE is not upgraded, the Slave TEE will not be allowed to continue to participate in mining, so that even on a parallel chain before the upgrade There has been a gathering of computing power. Once the configuration of the Slave TEE is updated after the upgrade, the aggregated Slave TEE may be distributed to the new parallel chain to mine, thereby effectively eliminating the gathering of computing power.
  • the first key generation algorithm can restrict the Slave TEE to only mine under the specified mining pool, and cannot replace the mining pool at will (otherwise the decryption area cannot be decrypted correctly
  • the hash value of the main part of the block header to avoid the accumulation of computing power.
  • the accounting nodes on the parallel chain can use the authentication code to go to the real-name certification authority to query whether the user who obtained the accounting right has passed Real-name authentication (see the description below for the specific method), so it can avoid that the pool operator allows some users without real-name authentication (there is no authentication code in their Slave TEE) to use their terminal equipment to participate in mining, ensuring the fairness of the mining process Sex.
  • step S423 and step S424 can be executed continuously in Slave TEE, and cannot be interrupted or interfered with by programs other than Slave TEE, because the hash value of the main body of the block header obtained by decryption will be used as the accounting right determination information.
  • One part is signed, and the two steps are closely tied to ensure that the hash value of the main body of the block header in clear text is only used to generate the signature of the accounting right determination information, and is not used for other purposes, to avoid being forged.
  • step S423 since the signature of the accounting right determination information needs to use the first private key saved by Slave TEE, step S423 also ensures that no one can use the first without decrypting the hash value of the body part of the block header.
  • the private key, or the first private key can only be used in this scenario without being abused, ensuring that the signature will not be forged.
  • the Master TEE can save several information such as the number of parallel chains, the number of times the parallel chain has been expanded, the mining pool ID, and the parallel chain ID mask.
  • the first three pieces of information are configured when the Master TEE is issued, and the first two pieces of information can be changed by trusted authorized operations when the parallel chain is expanded.
  • Master TEE also provides external interfaces to expand the capacity of the blockchain system or the parallel chain
  • the mining pool server calls this interface to update the number of parallel chains, the number of times the parallel chain has been expanded, and one or more items of information in the parallel chain identification mask.
  • Slave TEE can save several information such as the number of parallel chains, the number of times the parallel chain has been expanded, mining pool identification, parallel chain identification mask, and virtual parallel chain identification.
  • the first two pieces of information are configured when Slave TEE is issued, and can be changed by trusted authorization operation when the parallel chain is expanded, the mining pool ID is entered by the user, and the virtual parallel chain ID is generated when the address of the wallet account is generated Calculated according to Slave TEE's hardware identification.
  • Slave TEE also provides an external interface. When the blockchain system is expanded or the parallel chain identification mask is updated, the terminal device invokes this interface to update one of the number of parallel chains, the number of times the parallel chain has been expanded, and the parallel chain identification mask. Item or items.
  • a signature needs to be passed in as a parameter when calling the configuration update interface.
  • This signature uses the blockchain
  • the private key saved by the system administrator is generated, and the matching public key is saved in the TEE environment to verify the authenticity of the signature. If the verification is passed, the configuration information is updated.
  • the administrator broadcasts a configuration update instruction in the system (for example, a broadcast message is sent through a routing node on the parallel chain). This instruction will be used by the mining pool server and terminal equipment. Receive and finally call the interface provided by TEE to complete the configuration update.
  • the configuration update instructions have a strict execution sequence (for example, the number of times the parallel chain has been expanded must be accumulated by 1 each time), so the mining nodes and mining pool servers can save each received instruction in their own databases.
  • the Master TEE or Slave TEE missed one or more configuration update instructions due to being offline for some reason. After it is re-launched, it will execute the missed instructions in sequence according to the records in the database without generating errors in the order of instruction execution.
  • the number of times of expansion can be used as the value of the version number field in the main part of the block header, that is, the version number field not only reflects the change of the software version in the blockchain system, but also reflects the expansion in the blockchain system. Configuration changes to simplify version management.
  • Step S424 Slave TEE signs the accounting right determination information.
  • step S424 and step S306 will not be repeated.
  • an authentication code field may be added to the block header of the pending accounting block to fill in the authentication code in the authentication result obtained by the user. Therefore, each block in the blockchain contains the address body of the wallet account bound by the Slave TEE that obtained the accounting right of the block and the corresponding authentication code.
  • the nodes on the parallel chain You can use the real-name certification authority to verify whether the user has actually passed the real-name certification based on the two pieces of information recorded in the block header.
  • the terminal device may save the authentication code in the authentication result to the Slave TEE.
  • the terminal device may save the authentication code in the authentication result to the Slave TEE.
  • call the external interface provided by Slave TEE and use the authentication result and the signature of the authentication result as the calling parameters.
  • the public key of the real-name certification authority is stored in Slave TEE, and the signature is verified first. If it passes, the authentication code is stored in Slave TEE.
  • Slave TEE includes the authentication code when signing the accounting right determination information, that is, the authentication code is also used as part of the accounting right determination information.
  • the mining node saves the authentication code in the block header of the accounting block.
  • the mining node when verifying whether a user has undergone real-name authentication, the mining node needs to know which real-name organization the user authenticates. Since the authentication code does not contain this information, it is implemented in some implementations.
  • the information is pre-configured in the mining node, and the mining node can verify it at the query URL provided by the real-name certification authority according to the pre-configured information.
  • the authentication code can be extended to include the authentication identifier in the authentication result into the authentication code.
  • This extension may be implemented at the end of the real-name certification authority. For example, the authentication code returned by the real-name certification authority already contains the authentication identifier, and no separate authentication identifier will be returned. Or, the real-name certification body still returns the certification mark and the original certification code, but Slave TEE merges the original certification code and certification mark into the extended certification code when saving the certification code, for example, the original certification code is 4 characters Section, the authentication mark is 1 byte, the extended authentication code is 5 bytes, and the extended authentication code is used in the subsequent steps.
  • the mining node can determine the information of the real-name certification body based on the authentication code only when verifying whether the user has undergone real-name authentication, and visit the corresponding real-name certification body to complete the verification, thereby realizing In the blockchain system, it supports terminal equipment certified by multiple real-name certification agencies to participate in mining.
  • the extended authentication code mentioned above includes the authentication mark, which means the part of the authentication mark that describes the identity of the real-name certification body, and does not necessarily include all the contents of the authentication mark.
  • mining node or other nodes in the blockchain system After the introduction of the real-name authentication mechanism, once the mining pool server, mining node or other nodes in the blockchain system discover that a user participating in mining has misconduct, such as the tampering of data in the terminal equipment used by it, it is very It is easy to query the user's true identity information based on the authentication code, and hold him accountable to meet the regulatory needs of the blockchain system's regulatory department.
  • the real-name authentication mechanism can also make the publishers of Slave TEE self-certified, because the real-name authentication is controlled by a third-party real-name authentication institution, and the publisher cannot forge many Slave TEEs (for example, through software simulation).
  • Abnormal computing power is obtained during the mining process, because the actual identity of the user is limited (for example, it is difficult for the user to have a large number of real mobile phone numbers), and it is difficult for a large number of fake Slave TEE to pass the real-name authentication.
  • steps S420, S421, S421, S423, and S424 can also be executed continuously in Slave TEE, and cannot be interrupted or interfered with by programs other than Slave TEE, which ensures that the results of the previous steps in these steps cannot be forged in order to use Make input for subsequent operations.
  • Step S425 The terminal device sends the accounting right determination information and the signature of the accounting right determination information to the mining pool server.
  • Step S426 The mining pool server verifies whether the accounting right determination information is valid.
  • the content that the mining pool server can verify includes whether the signature of the accounting right determination information is authentic and whether the accounting right determination information has been tampered with. The content that has been explained in step S308 will not be repeated. If the authentication code is included in the accounting right determination information, the mining pool server can also verify whether the authentication code is consistent with the locally saved one. If they are consistent, the verification code is passed, and if they are inconsistent, the authentication code in the accounting right determination information has been tampered with .
  • Step S427 the mining pool server sends the accounting right determination information and the signature of the accounting right determination information to the mining node.
  • the mining pool server sends the accounting right determination information to the mining node on the parallel chain where the Slave TEE competing for the accounting right is located.
  • Step S428 The mining node verifies whether the accounting right determines that the information is valid.
  • the content that the mining node can verify includes whether the signature of the accounting right determination information is authentic and whether the accounting right determination information has been tampered with. The content that has been explained in step S309 will not be repeated. If the accounting right determination information contains an authentication code, the mining node can also verify whether the user has been authenticated by real name.
  • Step S429 verify whether the pending accounting block meets the cooling time requirement.
  • step S430 is executed to generate an accounting block; otherwise, an accounting block is not generated, and the accounting fails this time.
  • step S418 The judgment method is similar to that in step S418, which is simply repeated here. For details, refer to step S418:
  • the mining node queries the address subject of the wallet account in the information for determining the accounting rights to obtain the height of the block generated by the terminal device in the last accounting in the blockchain.
  • the mining node can separately save the height of each block in the blockchain and the address body of the wallet account in the block header to the mining node's database.
  • the mining node determines the generation time of the pending accounting block and the last accounting generation based on the height of the block generated by the last accounting in the blockchain and the height of the pending accounting block in the blockchain The time interval of the generation time of the block.
  • the specific estimation formula can refer to step S418.
  • the mining node determines that the judgment time interval is greater than the cooling time. If it is greater, it determines that the pending accounting block meets the cooling time requirement, otherwise it does not meet the cooling time requirement.
  • the cooling duration is k times the cumulative unused minimum duration calculated according to the difficulty target value saved by the mining node, and k is a constant greater than 0 and less than 1.
  • the mining node may add a verification rule. If the difficulty target value in the block header of the pending accounting block is greater than a certain preset value (such as half of the maximum difficulty target value), then It is also considered to meet the requirement of cooling time, and the cooling time is not estimated according to the height of the block.
  • a certain preset value such as half of the maximum difficulty target value
  • step S4108 if a Slave TEE participates in mining for the first time, or has just changed to a parallel chain mining (because of the expansion of the blockchain system or the adjustment of the parallel chain identification mask), because the mining nodes on the new parallel chain are only new
  • the ledger on the parallel chain of the account cannot find the record of the mining before the Slave TEE in the ledger, so it cannot obtain the height of the block generated in the last successful bookkeeping in the blockchain, so it is also considered To meet the cooling time requirements.
  • Step S430 The mining node generates an accounting block and adds the accounting block to the local blockchain.
  • step S309 The content that has been explained in step S309 will not be repeated. If the accounting block contains an authentication code, the accounting nodes (such as other mining nodes, etc.) on the parallel chain can also verify whether the user has been authenticated by real name, as described in step S424.
  • the mining node can also verify whether the accounting behavior of the block for the accounting block broadcast from other mining nodes to be confirmed meets the cooling time, and then determine whether to approve the area Piece. It should be pointed out that the judgment process on the mining node and Slave TEE's own active rest and the judgment process on the mining pool server are independent of each other, even if the slave TEE and the mining pool server do not implement the functions related to the cooling time, the mining node This judgment can still be made independently.
  • step S418 The judgment method is similar to that in step S418, which is simply repeated here. For details, refer to step S418:
  • the mining node queries the address body of the wallet account of the terminal device saved in the accounting block to be confirmed in the local blockchain to obtain the block of the terminal device's last accounting in the blockchain. height.
  • the mining node can separately save the height of each block in the blockchain and the address body of the wallet account in the block header to the mining node's database.
  • the mining node determines the generation time of the accounting block to be confirmed and the last time according to the height of the block generated by the last accounting in the blockchain and the height of the accounting block to be confirmed in the blockchain The time interval of the generation time of the block generated by accounting.
  • the specific estimation formula can refer to step S418.
  • the mining node judges whether the time interval is greater than the preset cooling duration. If it is greater than the cooling duration, it will approve the accounting block to be confirmed and add it to the local blockchain for further confirmation, otherwise it will not be approved This block can be discarded directly.
  • the cooling duration is k times the cumulative unused lower limit duration calculated according to the difficulty target value stored in the accounting block to be confirmed, and k is a constant greater than 0 and less than 1.
  • the mining node may add a verification rule, if the difficulty target value in the block header of the accounting block to be confirmed is greater than a certain preset value (such as half of the maximum difficulty target value) ), it is also considered to meet the cooling time requirement, and the cooling time is not estimated according to the height of the block.
  • a certain preset value such as half of the maximum difficulty target value
  • step S4108 if a Slave TEE participates in mining for the first time when the accounting block to be confirmed is generated, or has just changed to a parallel chain mining (because of the expansion of the blockchain system or the adjustment of the parallel chain identification mask), Since the mining nodes on the new parallel chain only have the ledger on the new parallel chain, the mining records before the Slave TEE cannot be found in the ledger, so it is impossible to obtain the area generated when the last bookkeeping was successful. The height of the block in the blockchain, so it is also considered to have met the cooling time requirement.
  • Step S431 The mining pool server transfers the mining pool reward from the address of the mining pool wallet account to the address of the wallet account bound to the Slave TEE competing for the accounting right.
  • the mining pool reward is an additional digital currency issued by the mining pool operator to the user, which is not part of the mining reward. Its purpose is to attract more users to participate in mining and improve the operation of the mining pool.
  • the distribution of mining pool rewards can also be implemented as a script of a smart contract, which triggers the smart contract after the Slave TEE competition billing rights are successful, to realize the distribution of mining pool rewards. It should be pointed out that although the users competing for the billing rights are not necessarily the users who successfully book the bills in the end, the mining pool operators are still considering the operation and can still issue mining pool rewards to them.
  • the mining pool reward and the mining reward may be the same digital currency, or may not be the same digital currency.
  • the former can be issued and maintained by the mining pool operator himself.
  • the address of the wallet account bound to the Slave TEE is known to the mining pool server, and the address of the mining pool wallet account can be managed by the Master TEE.
  • Each transfer transaction rewarded by the mining pool can be signed using the private key in the Master TEE To ensure the security of transactions.
  • steps S401 to S431 may also be executed in an order different from the above, and the order of the steps above is only an implementation manner provided by the embodiments of the present disclosure, and should not be considered as limiting the protection scope of the present disclosure.
  • the mining task is distributed to the slave TEE configured in the terminal device through the mining pool server, and the computing power competition is realized in the slave TEE through the accumulation of duration.
  • a scheme is not excluded: allowing a single TEE to be directly linked to a mining node under a parallel chain for mining without relying on the mining pool server. If the TEE wins the competition based on the accumulated unused time, the accounting right determination information is also signed, and the terminal equipment sends the accounting right determination information and its signature to the mining node, which is generated by the mining node The accounting block and the accounting are completed. Its function is similar to the Slave TEE described above. The single TEE can also determine that it can only perform mining on a certain parallel chain mining node according to the rules introduced previously.
  • the TEE directly linked to the mining node for mining and the Slave TEE mentioned in the above are different in implementation, and are not the same product.
  • the Slave TEE in the foregoing may use the first key to decrypt the hash value of the body part of the block header (encrypted by the Master TEE), while in this scenario, the TEE can directly pass the zone The plain text of the hash value of the body of the block header.
  • the implementation of TEE in this scenario has many similarities with the Slave TEE in the previous article. You can refer to the previous article for explanation, which will not be repeated here.
  • An embodiment of the present disclosure also provides a mining pool server, as shown in FIG. 5.
  • the mining pool server 500 includes:
  • Memory 504 used to store computer instructions
  • the processor 502 is connected to the memory 504, the communication interface 506, and the Master TEE 508 through one or more buses 510, wherein when the computer instructions in the memory 504 are executed by the processor, the processor 502 combines with the Master TEE 508 to execute the embodiments of the present disclosure
  • the provided accounting method corresponds to the steps of the mining pool server and Master TEE.
  • the memory 504 includes one or more, which may be, but not limited to, random access memory (Random Access Memory, RAM for short), read only memory (Read Memory Only, ROM for short), programmable read only memory (Programmable Read-Only Memory (PROM), Erasable Programmable Read-Only Memory (EPROM), Electrically Erasable Programmable Read-Only Memory (EEPROM), etc.
  • the processor 502 and other possible components may access the memory 504, read and/or write data therein.
  • the processor 502 includes one or more, which may be an integrated circuit chip with signal processing capabilities.
  • the foregoing processor 502 may be a general-purpose processor, including a central processing unit (CPU), a micro controller unit (MCU), a network processor (NP), or other conventional processing It can also be a dedicated processor, including digital signal processor (Digital Signal Processor, referred to as DSP), application-specific integrated circuit (Application Specific Integrated Circuits, referred to as ASIC), field programmable gate array (Field Programmable Gate Array, referred to as FPGA) Or other programmable logic devices, discrete gates or transistor logic devices, discrete hardware components.
  • DSP digital signal processor
  • ASIC Application Specific Integrated Circuits
  • FPGA Field Programmable Gate Array
  • FPGA Field Programmable Gate Array
  • the communication interface 506 includes one or more.
  • the communication interface 506 may be a computer network interface, such as an Ethernet interface, or a mobile communication network interface, such as an interface of a 3G, 4G, or 5G network, or may be other data receiving and sending functions. interface.
  • An embodiment of the present disclosure also provides a terminal device, as shown in FIG. 6. 6, the terminal device 600 includes:
  • Memory 604 used to store computer instructions
  • the processor 602 is connected to the memory 604, the communication interface 606, and the slave TEE 608 through one or more buses 610, wherein when the computer instructions in the memory 604 are executed by the processor 602, the processor 602 performs the present disclosure in conjunction with the slave TEE 608
  • the accounting method provided in the embodiment corresponds to the steps of the terminal device and the slave TEE.
  • the implementation method of the memory 604, the communication interface 606, and the processor 602 may adopt a similar implementation method as that of the memory 504, the communication interface 506, and the processor 502, and will not be described repeatedly. Slave TEE 608 has been introduced in the previous article and will not be repeated again.
  • An embodiment of the present disclosure also provides a mining node, as shown in FIG. 7.
  • the mining node 700 includes:
  • Memory 704 used to store computer instructions
  • the processor 702 is connected to the memory 704 and the communication interface 706 through the bus 710. When the computer instructions in the memory 704 are executed by the processor 702, the processor 702 performs the accounting method provided in the embodiment of the present disclosure corresponding to mining. Node steps.
  • the implementation methods of the memory 704, the communication interface 706, and the processor 702 may adopt similar implementation methods as those of the memory 504, the communication interface 506, and the processor 502, and will not be described repeatedly.
  • each block in the flowchart or block diagram may represent a module, program segment, or part of code that contains one or more of the Executable instructions.
  • the functions noted in the block may occur out of the order noted in the figures. For example, two consecutive blocks can actually be executed substantially in parallel, and sometimes they can also be executed in reverse order, depending on the functions involved.
  • each block in the block diagrams and/or flowcharts, and combinations of blocks in the block diagrams and/or flowcharts can be implemented with dedicated hardware-based systems that perform specified functions or actions Or, it can be realized by a combination of dedicated hardware and computer instructions.
  • the functional modules in the embodiments of the present disclosure may be integrated together to form an independent part, or each module may exist alone, or two or more modules may be integrated to form an independent part.
  • the function is implemented in the form of a software function module and sold or used as an independent product, it may be stored in a computer-readable storage medium.
  • the technical solution of the present disclosure essentially or part of the contribution to the existing technology or part of the technical solution can be embodied in the form of a software product, the computer software product is stored in a storage medium, including several The instructions are used to cause the computer device to perform all or part of the steps of the methods described in various embodiments of the present disclosure.
  • the foregoing computer devices include: personal computers, servers, mobile devices, smart wearable devices, network devices, virtual devices, and other devices that have the ability to execute program code.
  • the foregoing storage media include: U disk, mobile hard disk, read-only memory, Random access memory, magnetic disks, magnetic tapes, or optical disks can store program codes.
  • the accounting method, mining pool server, terminal equipment, mining node and mining pool provided by the embodiments of the present disclosure adopt a consensus algorithm based on accumulated unused time in the trusted execution environment of the terminal equipment participating in mining to save calculation Resources and reduce power consumption.
  • the terminal equipment is connected to the mining pool to participate in mining.
  • the Slave TEE configured in the terminal equipment acts as a miner.
  • Slave TEE uses a consensus algorithm different from PoW when competing for billing rights: Slave TEE maintains a cumulative unused time internally , The accumulated unused time will accumulate with the passage of time, meanwhile, Slave TEE also obtains the difficulty target value from the mining pool server, and calculates the accumulated unused minimum duration according to the difficulty target value, if the accumulated unused duration is greater than the accumulated unused lower limit Duration, then the Slave TEE competition accounting right is successful, otherwise the competition accounting right fails, you can continue to participate in the next accounting right competition.
  • the calculation amount involved in the consensus algorithm is not as mechanically consuming as the PoW algorithm based on hash collision, so it is more energy-saving and environmentally friendly, which helps to improve the overall social benefits.
  • Slave TEE will also sign the information of the accounting right after the competition for the accounting right is successful, and send the accounting right determination information together with its signature to the mining pool server, which will further forward it to the mining node.
  • the mining node finally saves the signature in the newly generated accounting block, and broadcasts the accounting right determination information and the newly generated accounting block on the parallel chain where it is located. Therefore, the mining pool server, mining nodes, and other nodes on the parallel chain can verify the authenticity of the bookkeeper based on the signature, and can also verify the bookkeeping rights to determine whether the content of the information has been tampered, which is conducive to improving the area.
  • the accounting right determination information includes key information related to the competitive accounting right.
  • the hash value of the main body of the block header can uniquely identify the pending accounting block, and the address body of the wallet account bound by Slave TEE indicates the identity of the bookkeeper , So they can be included in the accounting right determination information.
  • the blockchain system uses a parallel chain, thereby supporting the dispersion of each slave TEE on different parallel chains for mining, effectively avoiding the concentration of computing power, and improving the security of the blockchain system.

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Finance (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Technology Law (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A bookkeeping method, a mining pool server, a terminal apparatus, a mining node, and a mining pool, pertaining to the technical field of blockchains. The bookkeeping method comprises: a mining pool server receiving and storing a hash value of a main body of a block header and a target difficulty value sent by a mining node; the mining pool server receiving a bookkeeping request sent by a terminal apparatus; the mining pool server sending the hash value of the main body of the block header and the target difficulty value to the terminal apparatus, such that a slave TEE determines whether an accumulated unused duration is greater than a lower accumulated unused duration threshold, and if so, signs bookkeeping right confirmation information; and the mining pool server receiving the bookkeeping right confirmation information sent by the terminal apparatus and a signature of the bookkeeping right confirmation information, and sending the two pieces of information to the mining node, such that the mining node generates a bookkeeping block and adds the bookkeeping block to a local blockchain. The method prevents waste of computational resources in slave TEEs, and reduces electrical energy consumption thereof.

Description

记账方法、矿池服务器、终端设备、挖矿节点及矿池Accounting method, mining pool server, terminal equipment, mining node and mining pool
相关申请的交叉引用Cross-reference of related applications
本公开要求于2019年01月07日提交中国专利局的申请号为2019100117501、名称为“记账方法、矿池服务器、终端设备、挖矿节点及矿池”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This disclosure requires the priority of the Chinese patent application with the application number 2019100117501 and titled "Accounting Method, Mining Pool Server, Terminal Equipment, Mining Nodes and Mining Pool" submitted to the China Patent Office on January 07, 2019. The entire contents are incorporated by reference in this application.
技术领域Technical field
本公开涉及区块链技术领域,具体而言,涉及一种记账方法、矿池服务器、终端设备、挖矿节点及矿池。The present disclosure relates to the field of blockchain technology, and in particular, to an accounting method, mining pool server, terminal equipment, mining node, and mining pool.
背景技术Background technique
现有的区块链中普遍采用共识算法来确定哪个矿工节点获得记账权,获得记账权的矿工节点能够得到预先约定好的奖励(例如,数字货币),这一过程称为挖矿。由于挖矿能够带来一定的经济收益,在一些实现方案中,共识计算从矿工节点中被剥离出来,由远端接入的众多专用集成电路(Application Specific Integrated Circuit,简称ASIC)矿机提供共识计算的算力,形成矿池结构。The existing blockchain generally uses a consensus algorithm to determine which miner node obtains the accounting right, and the miner node that obtains the accounting right can receive a pre-agreed reward (for example, digital currency). This process is called mining. Because mining can bring certain economic benefits, in some implementation schemes, the consensus calculation is stripped from the miner node, and many application specific integrated circuits (Application Specific Integrated Circuit, ASIC) miners connected by the remote provide consensus The calculated computing power forms a mining pool structure.
目前,矿池中的各矿机使用的共识算法主要是工作量证明(Proof of Work,简称PoW)算法,该算法在矿机竞争记账权的过程中需要进行大量无意义的哈希碰撞计算,导致严重的计算资源浪费以及电能消耗。At present, the consensus algorithm used by each mining machine in the mining pool is mainly the Proof of Work (PoW) algorithm, which requires a large number of meaningless hash collision calculations during the competition of the accounting power of the mining machine , Leading to serious waste of computing resources and power consumption.
发明内容Summary of the invention
有鉴于此,本公开实施例提供一种记账方法、矿池服务器、终端设备、挖矿节点及矿池,在参与挖矿的终端设备的可信执行环境中采用基于累积未用时长的共识算法,以节约计算资源以及减小电能消耗。In view of this, embodiments of the present disclosure provide a billing method, mining pool server, terminal equipment, mining node, and mining pool, and adopt consensus based on accumulated unused time in the trusted execution environment of terminal equipment participating in mining Algorithms to save computing resources and reduce power consumption.
为实现上述目的,本公开的实施例可以以如下方式来实现:To achieve the above purpose, the embodiments of the present disclosure may be implemented in the following manner:
本公开实施例提供的记账方法,可以应用于区块链系统,区块链系统包括至少一个并行链,至少一个并行链上搭建有至少一个矿池,每个矿池包括矿池服务器以及位于并行链上的挖矿节点,挖矿节点采用分布式数据区块链存储数据,该方法包括:The bookkeeping method provided by an embodiment of the present disclosure can be applied to a blockchain system. The blockchain system includes at least one parallel chain, at least one parallel chain is built with at least one mining pool, and each mining pool includes a mining pool server and a A mining node on a parallel chain. The mining node uses a distributed data blockchain to store data. The method includes:
矿池服务器接收并存储挖矿节点发送的待定记账区块的区块头主体部分的哈希值以及挖矿节点所在的并行链上挖矿的难度目标值;The mining pool server receives and stores the hash value of the main body of the block header of the pending accounting block sent by the mining node and the target difficulty of mining on the parallel chain where the mining node is located;
矿池服务器接收终端设备发送的记账请求;The mining pool server receives the accounting request sent by the terminal device;
矿池服务器向终端设备发送区块头主体部分的哈希值以及难度目标值,以使终端设备配置的从可信执行环境(Slave Trusted Execution Environment,简称Slave TEE)判断自身的累积未用时长是否大于根据难度目标值计算出的累积未用下限时长,并在累积未用时长大于累积未用下限时长时对记账权确定信息进行签名,其中,记账权确定信息包括区块头主体部分的哈希值以及Slave TEE绑定的钱包账号的地址主体;The mining pool server sends the hash value and difficulty target value of the main part of the block header to the terminal device, so that the Slave Trusted Execution Environment (Slave TEE) configured by the terminal device determines whether its accumulated unused duration is greater than The cumulative unused lower limit duration calculated according to the difficulty target value, and signing the accounting right determination information when the cumulative unused duration is greater than the cumulative unused lower limit duration, wherein the accounting right determination information includes a hash of the main part of the block header Value and the address subject of the wallet account bound by Slave TEE;
矿池服务器接收终端设备发送的记账权确定信息以及记账权确定信息的签名;The mining pool server receives the accounting right determination information and the signature of the accounting right determination information sent by the terminal device;
矿池服务器将记账权确定信息以及记账权确定信息的签名发送至挖矿节点,以使挖矿节点生成包含钱包账号的地址主体以及记账权确定信息的签名的记账区块,并将记账区块添加至本地的区块链中。The mining pool server sends the accounting right determination information and the signature of the accounting right determination information to the mining node, so that the mining node generates an accounting block containing the address body of the wallet account and the signature of the accounting right determination information, and Add the accounting block to the local blockchain.
在上述方法中,终端设备接入到矿池参与挖矿,终端设备配置的Slave TEE充当矿工的 角色,Slave TEE在竞争记账权时采用了不同于PoW的共识算法:Slave TEE内部维护一个累积未用时长,该累积未用时长会随时间流逝而累加,同时,Slave TEE还从矿池服务器获得难度目标值,并根据难度目标值换算出累积未用下限时长,若累积未用时长大于累积未用下限时长,则Slave TEE竞争记账权成功,否则竞争记账权失败,可以继续参与下次记账权的竞争。该共识算法所涉及的计算量远小于PoW算法,有效避免了Slave TEE中计算资源的浪费,降低了Slave TEE的功耗,或者使得Slave TEE可以采用低成本、低功耗的硬件实现方式,有效节省了电能的消耗。In the above method, the terminal equipment is connected to the mining pool to participate in mining. The Slave TEE configured in the terminal equipment acts as a miner. Slave TEE uses a consensus algorithm different from PoW when competing for billing rights: Slave TEE maintains a cumulative With the duration, the accumulated unused duration will accumulate with the passage of time. At the same time, Slave TEE also obtains the difficulty target value from the mining pool server, and calculates the cumulative unused minimum duration according to the difficulty target value. If the cumulative unused duration is greater than the cumulative unused duration With the lower limit time, the Slave TEE competition accounting right succeeds, otherwise the competition accounting right fails, and it can continue to participate in the next accounting right competition. The calculation amount involved in this consensus algorithm is much smaller than the PoW algorithm, which effectively avoids the waste of computing resources in the Slave TEE, reduces the power consumption of the Slave TEE, or enables the Slave TEE to adopt a low-cost, low-power hardware implementation, which is effective Save the consumption of electrical energy.
另一方面,Slave TEE在竞争记账权成功后,还会对记账权确定信息签名,并将记账权确定信息连同其签名发送给矿池服务器,矿池服务器进一步将其转发给挖矿节点,挖矿节点最终将签名保存到新生成的记账区块中,并在其所在的并行链上广播记账权确定信息以及新生成的记账区块。从而,矿池服务器、挖矿节点以及并行链上的其他节点都可以根据该签名验证记账者的身份是否可信,还可以验证记账权确定信息的内容是否被篡改,从而有利于改善区块链系统的安全性。记账权确定信息包括和竞争记账权相关的关键信息,区块头主体部分的哈希值能够唯一标识待定记账区块,Slave TEE绑定的钱包账号的地址主体则表明记账者的身份,因此都可以包含在记账权确定信息中。On the other hand, Slave TEE will also sign the information of the accounting right after the competition for the accounting right is successful, and send the accounting right determination information together with its signature to the mining pool server, and the mining pool server will further forward it to the mining Node, the mining node will finally save the signature in the newly generated accounting block, and broadcast the accounting right determination information and the newly generated accounting block on the parallel chain where it is located. Therefore, the mining pool server, mining nodes, and other nodes on the parallel chain can verify the authenticity of the bookkeeper based on the signature, and can also verify the bookkeeping rights to determine whether the content of the information has been tampered, which is conducive to improving the area. The security of the blockchain system. The accounting right determination information includes key information related to the competitive accounting right. The hash value of the main body of the block header can uniquely identify the pending accounting block, and the address body of the wallet account bound by Slave TEE indicates the identity of the bookkeeper , So they can be included in the accounting right determination information.
另一方面,上述方法中的区块链系统采用并行链,从而支持将各Slave TEE分散到不同的并行链上进行挖矿,有效避免算力集中,改善区块链系统的安全性。On the other hand, the blockchain system in the above method uses parallel chains to support the decentralization of each slave TEE on different parallel chains for mining, effectively avoiding the concentration of computing power and improving the security of the blockchain system.
另一方面,通过在并行链上搭建矿池进行挖矿,相对于直接在并行链上部署矿工节点,还有如下好处:On the other hand, mining by building a mining pool on a parallel chain has the following advantages over deploying miner nodes directly on the parallel chain:
第一,区块链系统通常需要一定数量的分布式全账本节点来保障安全,若部署在并行链上的矿工节点都参与记账,由于矿工节点数量较多,因此账本数据的全网广播将占用大量带宽,导致网络负担增加,而过多的全账本节点并不能带来额外的价值;而且,由于矿工节点很多是个人设备,其数据传输能力和所处的网络环境局限性较大,这一问题更加突出;然而,在本公开实施例提供的记账方法中,Slave TEE只竞争记账权,并不直接记账,只有挖矿节点才进行记账(生成区块),挖矿节点的数量远小于Slave TEE的数量,即使进行全网广播数据量也不会太大,同时,矿池可以部署在云端,其数据传输的带宽可以得到保障。First, the blockchain system usually requires a certain number of distributed full ledger nodes to ensure security. If the miner nodes deployed on the parallel chain all participate in the accounting, due to the large number of miner nodes, the entire network broadcast of the ledger data will be Occupying a lot of bandwidth leads to an increase in network burden, and too many full ledger nodes do not bring additional value; moreover, because many miner nodes are personal devices, their data transmission capabilities and network environment are more limited. One problem is more prominent; however, in the accounting method provided by the embodiments of the present disclosure, Slave TEE only competes for accounting rights, and does not directly account for it. Only mining nodes perform accounting (generating blocks), and mining nodes The number is much smaller than the number of Slave TEE. Even if the entire network broadcast data volume is not too large, at the same time, the mining pool can be deployed in the cloud, and its data transmission bandwidth can be guaranteed.
第二,上面已经提到,矿工节点很多是个人设备,而大多数参与挖矿的个人并没有或者只有很少的记账需求,只是希望通过挖矿获得经济利益,若强迫其参与记账,不仅造成用户体验变差,而且一些个人设备存储空间有限(例如,移动设备),根本不适于记账,最终导致用户流失;同时,一些有大量记账需求的用户,如企业用户,对于参与挖矿并无兴趣。然而。在本公开实施例提供的记账方法中,企业用户可以在并行链上搭建矿池负责记账,同时吸引个人用户接入到矿池帮助其挖矿,各取所需,有利于改善区块链系统的运营状况。Second, as mentioned above, many of the miner nodes are personal devices, and most of the individuals involved in mining do not have or have little accounting requirements, but only hope to obtain economic benefits through mining. If they are forced to participate in accounting, Not only does it result in a poor user experience, but some personal devices have limited storage space (for example, mobile devices), which is not suitable for billing at all, which ultimately leads to the loss of users. At the same time, some users with large billing needs, such as enterprise users, are The mine is not interested. however. In the accounting method provided by the embodiments of the present disclosure, enterprise users can build a mining pool on the parallel chain to be responsible for accounting, and at the same time attract individual users to access the mining pool to help them mine. The operating status of the chain system.
可选地,并行链可以包括路由节点、至少一个矿池的挖矿节点和至少一个简化支付验证(Simplified Payment Verification,简称SPV)节点,至少一个并行链的路由节点之间网络连接,SPV节点绑定的钱包账号的地址对应的并行链为SPV节点所在的并行链,其中:Optionally, the parallel chain may include a routing node, at least one mining node of a mining pool, and at least one Simplified Payment Verification (SPV) node, a network connection between at least one parallel chain routing node, and SPV node binding The parallel chain corresponding to the address of the specified wallet account is the parallel chain where the SPV node is located, where:
SPV节点响应于接收到交易请求,将所收到的交易请求发送给SPV节点所在的并行链的路由节点;In response to receiving the transaction request, the SPV node sends the received transaction request to the routing node of the parallel chain where the SPV node is located;
路由节点响应于对所收到的交易请求校验通过,将所收到的交易请求添加到路由节点 的交易请求集合中,以及将所收到的交易请求签名后广播给路由节点的同链挖矿节点;以及实时将路由节点的同链挖矿节点的区块链同步到本地的区块链;In response to the verification of the received transaction request, the routing node adds the received transaction request to the routing node's transaction request set, and broadcasts the received transaction request to the routing node's same-chain mining after signing Mining node; and synchronize the blockchain of the routing node with the mining node of the same chain to the local blockchain in real time;
挖矿节点响应于对从同链路由节点接收到的签名后交易请求验证通过,将签名后交易请求中挖矿节点的链内交易请求添加到挖矿节点的待处理交易请求集合;根据待处理交易请求集合生成区块头主体部分的哈希值;In response to the verification of the signed transaction request received from the same link by the node, the mining node adds the in-chain transaction request of the mining node in the signed transaction request to the mining node's pending transaction request set; Process the transaction request set to generate the hash value of the main part of the block header;
路由节点还确定路由节点的交易请求集合中确认已出账且未入账的未入账交易请求;将所确定的未入账交易请求发送给目标并行链的路由节点,其中,目标并行链是所确定的未入账交易请求中的入账账号地址对应的并行链;以及响应于接收到异链路由节点发送的交易请求,将所收到的交易请求签名后广播给路由节点的同链挖矿节点。The routing node also determines the unrecorded transaction requests that are confirmed and unrecorded in the transaction request set of the routing node; the determined unrecorded transaction requests are sent to the routing node of the target parallel chain, where the target parallel chain is determined The parallel chain corresponding to the address of the account number in the unrecorded transaction request; and in response to receiving the transaction request sent by the node on the different link, the received transaction request is signed and broadcast to the same-chain mining node of the routing node.
在这些实施例中,各并行链之间通过路由节点实现网络互联,SPV节点之间的交易都需要通过路由节点才能完成,从而利用路由节点能够实现对数字货币交易的有效监管。In these embodiments, the interconnection between the parallel chains is achieved by routing nodes, and the transactions between SPV nodes need to be completed by routing nodes, so that routing nodes can be used to effectively supervise digital currency transactions.
另一方面,在该区块链系统中,交易处理过程从传统的单链串行方式改进为多链并发方式,随着并行链数的增加,区块链系统的每秒交易次数(Transactions Per Second,简称TPS)随之提高。On the other hand, in the blockchain system, the transaction processing process is improved from the traditional single-chain serial method to the multi-chain concurrent method. With the increase of the number of parallel chains, the number of transactions per second of the blockchain system (Transactions Per Second, referred to as TPS) with it.
可选地,记账权确定信息还可以包括累积未用下限时长。Optionally, the accounting right determination information may also include accumulated unused lower limit duration.
累积未用下限时长可以直接决定Slave TEE能否获得记账权,也属于和竞争记账权相关的关键信息,因此也可以包含在记账权确定信息中。The accumulated unused minimum time limit can directly determine whether Slave TEE can obtain the accounting right, and also belongs to the key information related to the competitive accounting right, so it can also be included in the accounting right determination information.
可选地,记账权确定信息的签名可以由Slave TEE根据保存的第一私钥生成,并且在矿池服务器将记账权确定信息以及记账权确定信息的签名发送至挖矿节点之前,该方法还可以包括:Optionally, the signature of the accounting right determination information may be generated by the Slave TEE based on the saved first private key, and before the mining pool server sends the accounting right determination information and the signature of the accounting right determination information to the mining node, The method may also include:
矿池服务器根据保存的与第一私钥匹配的第一公钥确定记账权确定信息的签名为真实签名。The mining pool server determines that the signature of the accounting right determination information is a true signature according to the stored first public key matching the first private key.
根据非对称加密原理,Slave TEE利用保存的第一私钥对记账权确定信息签名,矿池服务器利用保存的与第一私钥匹配的第一公钥对该签名进行验证,若验证成功,则证实该签名确实是Slave TEE发出的,可以避免攻击者伪造消息。According to the principle of asymmetric encryption, Slave TEE uses the saved first private key to determine the information signature of the accounting right. The mining pool server uses the saved first public key that matches the first private key to verify the signature. If the verification is successful, It is confirmed that the signature is indeed sent by the Slave TEE, which can prevent the attacker from forging the message.
可选地,矿池可以包括多个挖矿节点,不同的挖矿节点位于不同的并行链上;Optionally, the mining pool may include multiple mining nodes, and different mining nodes are located on different parallel chains;
矿池服务器向终端设备发送区块头主体部分的哈希值以及难度目标值可以包括:矿池服务器配置的主可信执行环境(Master Trusted Execution Environment,简称Master TEE)确定与终端设备相关联的并行链;矿池服务器向终端设备发送与终端设备相关联的并行链上的挖矿节点提供的区块头主体部分的哈希值以及难度目标值;The mining pool server sends the hash value of the main body of the block header to the terminal device and the difficulty target value may include: the master trusted execution environment (Master Trusted Execution Environment, Master for short TEE) configured by the mining pool server determines the parallel associated with the terminal device Chain; the mining pool server sends the hash value and difficulty target value of the main part of the block header provided by the mining node on the parallel chain associated with the terminal device to the terminal device;
矿池服务器将记账权确定信息以及记账权确定信息的签名发送至挖矿节点可以包括:矿池服务器将记账权确定信息以及记账权确定信息的签名发送至终端设备关联的并行链上的挖矿节点。The mining pool server sending the accounting right determination information and the signature of the accounting right determination information to the mining node may include: the mining pool server sending the accounting right determination information and the signature of the accounting right determination information to the parallel chain associated with the terminal device On the mining node.
在这些实施例中,终端设备只能获取与其相关联的并行链上的挖矿节点提供的区块头主体部分的哈希值以及难度目标值,从而终端设备配置的Slave TEE只能在相关联的并行链上挖矿,即实现了将终端设备的算力分散到不同的并行链上,避免区块链中的51%算力攻击。In these embodiments, the terminal device can only obtain the hash value and difficulty target value of the main part of the block header provided by the mining node on the parallel chain associated with it, so that the Slave TEE configured by the terminal device can only be used in the associated Mining on the parallel chain means that the computing power of the terminal equipment is distributed to different parallel chains to avoid 51% computing power attacks in the blockchain.
可选地,Master TEE确定与终端设备相关联的并行链可以包括:Optionally, the master TEE determines that the parallel chain associated with the terminal device may include:
Master TEE根据Slave TEE绑定的钱包账号的地址的虚拟并行链标识、终端设备的并行链标识掩码以及区块链系统包含的并行链的数量计算终端设备关联的并行链的链标识, 其中,虚拟并行链标识根据终端设备配置的Slave TEE的硬件标识计算获得。The Master TEE calculates the chain ID of the parallel chain associated with the terminal device based on the virtual parallel chain ID of the wallet account address bound by the Slave TEE, the parallel chain ID mask of the terminal device, and the number of parallel chains included in the blockchain system, where, The virtual parallel chain identification is calculated based on the hardware identification of the slave TEE configured in the terminal device.
在这些实施例中,虚拟并行链标识可以根据Slave TEE的硬件标识计算获得,而并行链标识掩码和并行链的数量保存在Master TEE中,从而对任一参与挖矿的终端设备,其关联的并行链是可以唯一确定的,可以确保终端设备被分散到不同的并行链上进行挖矿。In these embodiments, the virtual parallel chain identification can be calculated based on the Slave TEE hardware identification, and the parallel chain identification mask and the number of parallel chains are stored in the Master TEE, so that any terminal equipment involved in mining is associated The parallel chain can be uniquely determined, which can ensure that the terminal equipment is distributed to different parallel chains for mining.
可选地,矿池服务器向终端设备发送区块头主体部分的哈希值以及难度目标值,可以包括:Optionally, the mining pool server sends the hash value of the main body of the block header and the target difficulty value to the terminal device, which may include:
Master TEE根据第一密钥生成算法基于矿池配置信息生成第一密钥,并根据第一密钥加密区块头主体部分的哈希值;矿池配置信息包括终端设备关联的并行链的链标识;其中,Slave TEE能够利用第一密钥生成算法生成第一密钥,并利用第一密钥解密加密后的区块头主体部分的哈希值;Master TEE generates a first key based on the mining pool configuration information according to the first key generation algorithm, and encrypts the hash value of the main body of the block header according to the first key; the mining pool configuration information includes the chain identifier of the parallel chain associated with the terminal device ; Among them, Slave TEE can use the first key generation algorithm to generate the first key, and use the first key to decrypt the encrypted hash value of the main body of the block header;
矿池服务器向终端设备发送难度目标值以及加密后的区块头主体部分的哈希值。The mining pool server sends the target difficulty value and the encrypted hash value of the main body of the block header to the terminal device.
在这些实施例中,对区块头主体部分的哈希值采用对称加密的方式,Master TEE和Slave TEE中采用相同的第一密钥生成算法计算第一密钥,若计算出的第一密钥相同,Slave TEE才能够正确解密,而Slave TEE只有正确解密出了区块头主体部分的哈希值,才有可能对记账权确定信息进行签名。上述机制确保了Master TEE和Slave TEE必须配套使用,一旦出现二者不匹配的情况,例如Slave TEE被伪造,加解密机制将无法正常工作。In these embodiments, the hash value of the main body of the block header is symmetrically encrypted. The same first key generation algorithm is used in Master TEE and Slave TEE to calculate the first key. If the calculated first key In the same way, Slave TEE can be decrypted correctly, and Slave TEE can only sign the accounting right determination information if the hash value of the main part of the block header is decrypted correctly. The above mechanism ensures that Master TEE and Slave TEE must be used together. Once the two do not match, such as Slave TEE being forged, the encryption and decryption mechanism will not work properly.
可选地,第一密钥与终端设备关联的并行链的链标识相关,意味着在Slave TEE中推算出的该链标识必须与Master TEE中推算出的该链标识一致,Slave TEE才能够获得和Master TEE中相同的第一密钥,或者说,Slave TEE只能获得并解密该链标识对应的并行链(与Slave TEE所在的终端设备关联的并行链)上的挖矿节点发送的区块头主体部分的哈希值,即使获得了其他的并行链上的挖矿节点发送的区块头主体部分的哈希值,也无法正确解密,从而限制了Slave TEE只能在某个特定的并行链上挖矿。Optionally, the first key is related to the chain ID of the parallel chain associated with the terminal device, which means that the chain ID calculated in Slave TEE must be consistent with the chain ID calculated in Master TEE before the Slave TEE can be obtained. The same first key as in Master TEE, or Slave TEE can only obtain and decrypt the block header sent by the mining node on the parallel chain (parallel chain associated with the terminal device where Slave TEE is located) corresponding to the chain ID The hash value of the main part, even if the hash value of the main part of the block header sent by the mining node on the other parallel chain is obtained, it cannot be decrypted correctly, thus limiting the Slave TEE to only be on a specific parallel chain Mining.
可选地,第一密钥生成算法为Master TEE以及Slave TEE所私有,算法实现不在Master TEE以及Slave TEE之外公开,第一密钥生成算法生成的第一密钥在Master TEE中被用于且仅被用于加密区块头主体部分的哈希值,在Slave TEE中被用于且仅被用于解密加密后的区块头主体部分的哈希值。Optionally, the first key generation algorithm is proprietary to Master TEE and Slave TEE. The algorithm implementation is not disclosed outside Master TEE and Slave TEE. The first key generated by the first key generation algorithm is used in Master TEE And it is only used to encrypt the hash value of the body part of the block header, which is used in Slave TEE and only to decrypt the hash value of the encrypted body part of the block header.
在这些实施例中,区块头主体部分的哈希值的加解密过程是单向的,即在Master TEE中只负责加密,不会将第一密钥用作解密用途,在Slave TEE中只负责解密,不会将第一密钥用作加密用途,同时第一密钥生成算法不对外公开,确保了第一密钥不会被破解。In these embodiments, the encryption and decryption process of the hash value of the main part of the block header is one-way, that is, the master TEE is only responsible for encryption, and the first key is not used for decryption purposes, and the Slave TEE is only responsible for For decryption, the first key will not be used for encryption purposes, and the first key generation algorithm is not disclosed to the outside, ensuring that the first key will not be cracked.
可选地,矿池服务器向终端设备发送区块头主体部分的哈希值以及难度目标值,包括:Optionally, the mining pool server sends the hash value of the main body of the block header and the target difficulty value to the terminal device, including:
矿池服务器判断终端设备距离上次记账时间的时间间隔t1是否大于冷却时长t2,冷却时长t2为累积未用下限时长的k倍,k为大于0且小于1的常数;The mining pool server judges whether the time interval t1 between the terminal device and the last accounting time is greater than the cooling time t2. The cooling time t2 is k times the cumulative unused lower limit time, and k is a constant greater than 0 and less than 1;
若大于,矿池服务器向终端设备发送区块头主体部分的哈希值以及难度目标值。If it is greater, the mining pool server sends the hash value of the main body of the block header and the target difficulty value to the terminal device.
在这些实施例中,通过矿池服务器限制终端设备在每次记账成功后至少要间隔冷却时长才能再次获得记账权,避免某些终端设备配置的Slave TEE中故意囤积累积未用时长,然后连续获得记账权,变相制造51%算力攻击。同时,通过设置冷却时长的限制,能够让更多的终端设备配置的Slave TEE都有机会获得记账权,也在一定程度上体现了挖矿的公平性。In these embodiments, the mining pool server restricts the terminal device to obtain at least the cooling time interval after each successful accounting to obtain the accounting right again, to avoid the intentional accumulation of unused time in the slave TEE configuration of some terminal devices, and then Continuously obtain the right to keep accounts, in disguised form 51% hashing power attack. At the same time, by setting the cooling time limit, Slave TEE, which can configure more terminal equipment, has the opportunity to obtain accounting rights, which also reflects the fairness of mining to a certain extent.
可选地,在矿池服务器判断距离上次记账时间的时间间隔t1是否大于冷却时长t2之后,该方法还可以包括:Optionally, after the mining pool server determines whether the time interval t1 from the last accounting time is greater than the cooling time t2, the method may further include:
若距离上次记账时间的时间间隔t1不大于冷却时长t2,则矿池服务器通知终端设备距离发起下次记账请求的时间间隔t3,距离发起下次记账请求的时间间隔t3为冷却时长t2与距离上次记账时间的时间间隔t1的差值。If the time interval t1 from the last accounting time is not greater than the cooling time t2, the mining pool server notifies the terminal device of the time interval t3 from which the next accounting request is initiated, and the time interval t3 from the time of the next accounting request is the cooling time The difference between t2 and the time interval t1 from the last accounting time.
若矿池服务器发现终端设备当前发送的记账请求不满足冷却时长的要求,可以主动告知其闲置一段时间,直到满足冷却时长的要求后再发送新的记账请求,避免终端设备持续发送无意义的(即不可能获得记账权的)记账请求,造成资源浪费。If the mining pool server finds that the current accounting request sent by the terminal device does not meet the cooling time requirement, it can actively inform it to be idle for a period of time, and then send a new accounting request until the cooling time requirement is met, to avoid the terminal device continuously sending meaningless Accounting request (that is, it is impossible to obtain the accounting right), resulting in a waste of resources.
可选地,距离上次记账时间的时间间隔t1可以通过如下公式计算:Optionally, the time interval t1 from the last accounting time can be calculated by the following formula:
Figure PCTCN2019127183-appb-000001
Figure PCTCN2019127183-appb-000001
其中,Height2为待定记账区块在区块链中的高度,Height1为上次记账生成的区块在区块链中的高度,
Figure PCTCN2019127183-appb-000002
为区块链系统的预设常数,用于表征区块链系统的平均出块时间。 Among them, Height2 is the height of the pending accounting block in the blockchain, and Height1 is the height of the block generated by the last accounting in the blockchain,
Figure PCTCN2019127183-appb-000002
It is the preset constant of the blockchain system and is used to characterize the average block time of the blockchain system.
在一些现有的区块链协议中,区块头中的时间戳只能大致地表征记账时间,若采用两个区块的时间戳之差估算记账时间间隔,其精度与可信度可能不高,因为待定记账区块的时间戳并不一定等于实际的记账时间,而是允许与当前网络时间有数小时偏差,且由相关挖矿节点决定,不排除有人故意将记账时间提前或延后,而采用两个区块在区块链中的高度差估算记账时间间隔,其精度与可信度较高,进而使得对记账请求是否满足冷却时长的判断更为合理。In some existing blockchain protocols, the time stamp in the block header can only roughly represent the accounting time. If the difference between the time stamps of the two blocks is used to estimate the accounting time interval, the accuracy and credibility may be Not high, because the timestamp of the pending accounting block does not necessarily equal the actual accounting time, but allows a deviation of several hours from the current network time, and is determined by the relevant mining node. It is not excluded that someone deliberately advances the accounting time Or postponed, and the difference in height between the two blocks in the blockchain is used to estimate the accounting time interval, which has higher accuracy and credibility, which makes the judgment of whether the accounting request meets the cooling time more reasonable.
可选地,在矿池服务器接收终端设备发送的记账请求之前,该方法还可以包括:Optionally, before the mining pool server receives the accounting request sent by the terminal device, the method may further include:
矿池服务器接收终端设备发送的注册请求,注册请求携带有注册信息、用户的实名认证结果以及实名认证机构用私钥对实名认证结果的签名,注册信息包括Slave TEE绑定的钱包账号的地址;The mining pool server receives the registration request sent by the terminal device. The registration request carries the registration information, the user's real-name authentication result and the real-name authentication agency's signature of the real-name authentication result with the private key. The registration information includes the address of the wallet account bound by the Slave TEE;
矿池服务器配置的Master TEE根据保存的与实名认证机构的私钥匹配的公钥验证实名认证结果的签名的真实性;The Master TEE configured by the mining pool server verifies the authenticity of the signature of the real-name authentication result based on the stored public key that matches the private key of the real-name certification authority;
若实名认证结果的签名为真实签名,则矿池服务器保存注册信息,并向终端设备发送注册响应。If the signature of the real-name authentication result is a real signature, the mining pool server saves the registration information and sends a registration response to the terminal device.
用户在使用终端设备参与挖矿前需要先到实名认证机构进行实名认证,获得实名认证机构返回的认证结果及其签名。终端设备在参与挖矿前需要先向矿池服务器注册,并向矿池服务器提交认证结果及其签名,矿池服务器可以通过验证认证结果的签名的真实性确定认证结果是否有效。Before using the terminal device to participate in mining, users need to go to a real-name certification agency for real-name certification, and obtain the certification result and signature returned by the real-name certification agency. Before participating in mining, the terminal device needs to register with the mining pool server and submit the authentication result and its signature to the mining pool server. The mining pool server can determine whether the authentication result is valid by verifying the authenticity of the signature of the authentication result.
引入实名认证机制使得在挖矿过程中有不端行为的用户容易被追责,满足监管需求。同时也能够让Slave TEE的发行商自证清白,因为实名认证由第三方的实名认证机构掌控,发行商无法通过伪造众多的Slave TEE(例如,通过软件模拟的方式)在挖矿过程中作弊,因为用户的实际身份是有限,难以让大量伪造的Slave TEE都通过实名认证。The introduction of a real-name authentication mechanism makes it easy for users who misbehave in the mining process to be held accountable and meet regulatory requirements. At the same time, the publishers of Slave TEE can also prove themselves innocent, because the real-name authentication is controlled by a third-party real-name certification body, and the publisher cannot cheat in the mining process by forging many Slave TEE (for example, through software simulation). Because the actual identity of the user is limited, it is difficult for a large number of forged Slave TEE to pass the real-name authentication.
可选地,实名认证结果包括实名认证机构分配的认证码,认证码与Slave TEE绑定的钱包账号的地址相对应,用于表征用户通过实名认证机构的实名认证;该方法还可以包括:Optionally, the real-name authentication result includes an authentication code assigned by the real-name authentication organization, and the authentication code corresponds to the address of the wallet account bound to the Slave TEE, and is used to characterize that the user has passed the real-name authentication of the real-name authentication organization; the method may further include:
矿池服务器还接收终端设备发送的认证码,并将认证码发送至挖矿节点,以使挖矿节点将认证码添加至记账区块;The mining pool server also receives the authentication code sent by the terminal device and sends the authentication code to the mining node, so that the mining node adds the authentication code to the accounting block;
记账权确定信息还包括认证码。The accounting right determination information also includes an authentication code.
认证码对应于Slave TEE绑定的钱包账号的地址,或者说就是与用户相对应的,通过认证码可以在实名认证机构查询到用户是否做过实名认证,因此将认证码引入到记账过程有 利于改善记账过程的安全性。The authentication code corresponds to the address of the wallet account bound to the Slave TEE, or it corresponds to the user. The authentication code can be used to check whether the user has been authenticated by the real-name authentication agency. Therefore, the authentication code is introduced into the accounting process. Help to improve the security of the accounting process.
可选地,在矿池服务器接收终端设备发送的记账请求之前,该方法还可以包括:Optionally, before the mining pool server receives the accounting request sent by the terminal device, the method may further include:
矿池服务器接收终端设备发送的入池申请;The mining pool server receives the pool application sent by the terminal equipment;
矿池服务器配置的Master TEE判断矿池服务器的容量是否小于容量阈值;The Master TEE configured by the mining pool server determines whether the capacity of the mining pool server is less than the capacity threshold;
若小于,则矿池服务器根据Master TEE生成的授权信息对终端设备进行入池授权,以告知终端设备在授权开始时间之后的授权使用时长内向矿池服务器发送的记账请求可被矿池服务器接受,其中,授权使用时长为保存在矿池服务器配置的Master TEE中的预配置数据;If it is less, the mining pool server authorizes the terminal device to enter the pool according to the authorization information generated by the Master TEE to inform the terminal device that the accounting request sent to the mining pool server within the authorized use time after the authorization start time can be accepted by the mining pool server , Where the authorized use duration is the pre-configured data stored in the Master TEE configured by the mining pool server;
若大于,则矿池服务器发送消息通知终端设备未获入池授权。If it is greater, the mining pool server sends a message to notify the terminal device that it has not been authorized to enter the pool.
在这些实施例中,每个矿池对允许入池挖矿的Slave TEE的数量都是有限制的,从而可以避免少数矿池聚集大量算力的情况。进一步的,区块链系统中的各个矿池可以交由不同的运营者去运营,每个运营者能够控制的算力都受到矿池容量的限制,从而可以有效抑制矿池算力中心化的趋势。In these embodiments, each mining pool has a limit on the number of Slave TEEs allowed to be mined in the pool, thereby avoiding the situation where a small number of mining pools accumulate a large amount of computing power. Furthermore, each mining pool in the blockchain system can be operated by different operators, and the computing power that each operator can control is limited by the capacity of the mining pool, which can effectively suppress the centralization of mining pool computing power. trend.
可选地,矿池服务器的容量小于容量阈值可以包括:Optionally, the capacity of the mining pool server less than the capacity threshold may include:
当前的授权周期内的入池授权量小于第一阈值;其中,授权周期以及第一阈值为保存在矿池服务器配置的Master TEE中的预配置数据。The authorization amount for pooling in the current authorization period is less than the first threshold; wherein, the authorization period and the first threshold are pre-configured data saved in the Master TEE configured by the mining pool server.
矿池服务器按照授权周期允许终端设备配置的Slave TEE入池挖矿,每个授权周期内的入池授权量限制为一定的数量,避免终端设备集中在某一时段申请入池的情况,将设备的算力在时间层面尽可能分散。The mining pool server allows the slave TEE configured in the terminal device to enter the mining pool according to the authorization cycle. The number of pooled authorizations in each authorization cycle is limited to a certain amount, to avoid the concentration of terminal devices in a certain period of time to apply for pooling. The computing power is scattered as much as possible at the time level.
可选地,授权信息可以包括授权序号以及授权码,其中,授权序号由Master TEE分配,授权码用于使终端设备配置的Slave TEE验证入池授权是否有效。Optionally, the authorization information may include an authorization serial number and an authorization code, where the authorization serial number is assigned by the Master TEE, and the authorization code is used to verify that the Slave TEE configured in the terminal device is valid for the pooling authorization.
矿池服务器根据Master TEE生成的授权信息对终端设备进行入池授权,可以包括:The mining pool server authorizes the terminal device to enter the pool according to the authorization information generated by the Master TEE, which may include:
矿池服务器向终端设备发送授权序号以及授权码,并将授权序号与授权关联信息对应保存,其中,授权关联信息是指和授权内容相关的信息;The mining pool server sends the authorization serial number and authorization code to the terminal device, and stores the authorization serial number corresponding to the authorization related information, where the authorization related information refers to the information related to the authorized content;
在矿池服务器向终端设备发送区块头主体部分的哈希值以及难度目标值之前,该方法还可以包括:Before the mining pool server sends the hash value of the main body of the block header and the target difficulty value to the terminal device, the method may further include:
矿池服务器根据记账请求中携带的授权序号查询对应的授权关联信息,并根据授权关联信息确定终端设备的入池授权有效。The mining pool server queries the corresponding authorization association information according to the authorization serial number carried in the accounting request, and determines that the terminal pooling authorization is valid according to the authorization association information.
在矿池服务器对终端设备进行入池授权后,终端设备将获得入池授权码。或者入池申请未获矿池服务器批准时,终端设备还可以等待一段时间后再次向矿池服务器申请入池。终端设备配置的Slave TEE在竞争记账权时还可以进一步根据授权码验证入池授权是否有效,以确认自己是否能够获得记账权,同时,矿池服务器在接收到终端设备发送的记账请求后,也可以进一步根据授权关联信息确认是否应当允许Slave TEE竞争记账权。通过上述双重验证机制,使得终端设备只有在授权使用时长内能够参与挖矿,实现对矿池聚集的算力的控制。After the mining pool server authorizes the terminal device to enter the pool, the terminal device will obtain the pool access authorization code. Or, when the pool application is not approved by the mining pool server, the terminal device may wait for a period of time and apply to the pool server again. Slave TEE configured in the terminal device can further verify whether the authorization to enter the pool is valid according to the authorization code when competing for the accounting right to confirm whether it can obtain the accounting right. At the same time, after receiving the accounting request sent by the terminal device, the mining pool server , You can further confirm whether the Slave TEE should be allowed to compete for accounting rights based on the authorization association information. Through the above-mentioned double verification mechanism, the terminal device can participate in mining only within the authorized use time, and realize the control of the computing power of the pool aggregation.
可选地,矿池服务器向终端设备发送授权序号以及授权码,可以包括:Optionally, the mining pool server sends the authorization serial number and authorization code to the terminal device, which may include:
Master TEE根据第二密钥生成算法生成第二密钥,利用第二密钥加密授权码;The Master TEE generates a second key according to the second key generation algorithm, and uses the second key to encrypt the authorization code;
矿池服务器向终端设备发送授权序号以及加密后的授权码;其中,终端设备配置的Slave TEE能够利用第二密钥生成算法生成第二密钥,并利用第二密钥解密加密后的授权码。The mining pool server sends the authorization serial number and the encrypted authorization code to the terminal device; the Slave TEE configured on the terminal device can use the second key generation algorithm to generate the second key, and use the second key to decrypt the encrypted authorization code .
在这些实施例中,对授权码采用对称加密的方式,Master TEE和Slave TEE中采用相同的第二密钥生成算法计算第二密钥,若计算出的第二密钥相同,Slave TEE才能够正确解密,而Slave TEE只有正确解密出了授权码,才有可能对授权码包含的授权信息进行验证。上述机制确保了Master TEE和Slave TEE必须配套使用,一旦出现二者不匹配的情况,例如Slave TEE被伪造,加解密机制将无法正常工作。In these embodiments, the authorization code is symmetrically encrypted. Master TEE and Slave TEE use the same second key generation algorithm to calculate the second key. If the calculated second keys are the same, the Slave TEE can Decrypt correctly, and Slave TEE can verify the authorization information contained in the authorization code only if the authorization code is correctly decrypted. The above mechanism ensures that Master TEE and Slave TEE must be used together. Once the two do not match, such as Slave TEE being forged, the encryption and decryption mechanism will not work properly.
可选地,第二密钥生成算法为Master TEE以及Slave TEE所私有,第二密钥生成算法实现不在Master TEE以及Slave TEE之外公开,第二密钥生成算法生成的第二密钥在Master TEE中被用于且仅被用于加密授权码,在Slave TEE中被用于且仅被用于解密加密后的授权码。Optionally, the second key generation algorithm is private to Master TEE and Slave TEE, the implementation of the second key generation algorithm is not disclosed outside Master TEE and Slave TEE, and the second key generated by the second key generation algorithm is at Master It is used in TEE and only for encrypting the authorization code, and in Slave TEE is used and only for decrypting the encrypted authorization code.
在这些实施例中,授权码的加解密过程是单向的,即在Master TEE中只负责加密,不会将第二密钥用作解密用途,在Slave TEE中只负责解密,不会将第二密钥用作加密用途,同时第二密钥生成算法不对外公开,确保了第二密钥不会被破解。In these embodiments, the encryption and decryption process of the authorization code is one-way, that is, the Master TEE is only responsible for encryption, and the second key will not be used for decryption purposes, and the Slave TEE is only responsible for decryption, not the The second key is used for encryption purposes, and the second key generation algorithm is not disclosed to the outside, ensuring that the second key will not be cracked.
可选地,在矿池服务器将记账权确定信息以及记账权确定信息的签名发送至挖矿节点之后,该方法还可以包括:Optionally, after the mining pool server sends the accounting right determination information and the signature of the accounting right determination information to the mining node, the method may further include:
矿池服务器将预设数额的矿池奖励从预配置的矿池钱包账号的地址转账至竞争到记账权的终端设备配置的Slave TEE绑定的钱包账号的地址。The mining pool server transfers the preset amount of mining pool rewards from the address of the pre-configured mining pool wallet account to the address of the wallet account bound to the slave TEE configured for the terminal device competing for the accounting right.
按照区块链的协议,挖矿成功后用户能够获得一定数额的数字货币作为挖矿奖励,而矿池奖励是矿池运营者发给用户的额外的数字货币,不属于挖矿奖励的一部分,其目的在于吸引更多用户参与挖矿,改善矿池的运营状况。According to the blockchain agreement, after successful mining, users can get a certain amount of digital currency as a mining reward, and the mining pool reward is an additional digital currency issued by the mining pool operator to the user, which is not part of the mining reward. Its purpose is to attract more users to participate in mining and improve the operation of the mining pool.
本公开实施例还提供了一种记账方法,应用于接入到区块链系统的终端设备,区块链系统包括至少一个并行链,至少一个并行链上搭建有至少一个矿池,每个矿池包括矿池服务器以及位于并行链上的挖矿节点,挖矿节点采用分布式数据区块链存储数据,该方法包括:An embodiment of the present disclosure also provides an accounting method, which is applied to a terminal device connected to a blockchain system. The blockchain system includes at least one parallel chain, and at least one mining pool is built on at least one parallel chain, each The mining pool includes a mining pool server and a mining node located on a parallel chain. The mining node uses a distributed data blockchain to store data. The method includes:
终端设备向矿池服务器发送记账请求;The terminal device sends an accounting request to the mining pool server;
终端设备接收矿池服务器发送的待定记账区块的区块头主体部分的哈希值以及在并行链上挖矿的难度目标值;The terminal device receives the hash value of the main body of the block header of the pending accounting block sent by the mining pool server and the difficulty target value of mining on the parallel chain;
终端设备配置的Slave TEE判断自身的累积未用时长是否大于根据难度目标值计算出的累积未用下限时长,并在累积未用时长大于累积未用下限时长时对记账权确定信息进行签名,其中,记账权确定信息包括区块头主体部分的哈希值以及Slave TEE绑定的钱包账号的地址主体;The Slave TEE configured in the terminal device determines whether its accumulated unused duration is greater than the cumulative unused minimum duration calculated according to the difficulty target value, and signs the accounting right determination information when the cumulative unused duration is greater than the cumulative unused minimum duration. Among them, the accounting right determination information includes the hash value of the body part of the block header and the address body of the wallet account bound by the Slave TEE;
终端设备向矿池服务器发送记账权确定信息以及记账权确定信息的签名。The terminal device sends the accounting right determination information and the signature of the accounting right determination information to the mining pool server.
可选地,Slave TEE对记账权确定信息进行签名,可以包括:Optionally, the Slave TEE signs the accounting right determination information, which may include:
Slave TEE根据保存的第一私钥对记账权确定信息进行签名,矿池服务器以及挖矿节点保存有与第一私钥匹配的第一公钥。Slave TEE signs the accounting right determination information according to the saved first private key, and the mining pool server and the mining node store the first public key matching the first private key.
可选地,矿池包括多个挖矿节点,不同的挖矿节点位于不同的并行链上;Optionally, the mining pool includes multiple mining nodes, and different mining nodes are located on different parallel chains;
终端设备接收矿池服务器发送的待定记账区块的区块头主体部分的哈希值以及在并行链上挖矿的难度目标值,包括:The terminal device receives the hash value of the main body of the block header of the pending accounting block sent by the mining pool server and the difficulty target value of mining on the parallel chain, including:
终端设备接收矿池服务器发送的加密后的区块头主体部分的哈希值以及难度目标值,其中,加密所用的第一密钥由矿池服务器配置的Master TEE根据第一密钥生成算法生成;The terminal device receives the encrypted hash value and difficulty target value of the main body of the block header sent by the mining pool server, where the first key used for encryption is generated by the Master TEE configured by the mining pool server according to the first key generation algorithm;
在Slave TEE对记账权确定信息进行签名之前,该方法还包括:Before Slave TEE signs the accounting right determination information, the method further includes:
Slave TEE根据第一密钥生成算法基于矿池配置信息生成第一密钥,并利用第一密钥解密加密后的区块头主体部分的哈希值,其中,矿池配置信息包括终端设备关联的并行链的链标识,记账权确定信息包括解密后的区块头主体部分的哈希值。Slave TEE generates a first key based on the mining pool configuration information based on the first key generation algorithm, and uses the first key to decrypt the hash value of the encrypted block header body, where the mining pool configuration information includes the The chain identifier of the parallel chain and the accounting right determination information include the hash value of the decrypted block header body.
可选地,矿池配置信息还包括并行链已扩容的次数和/或预配置的矿池的矿池标识。Optionally, the configuration information of the mining pool further includes the number of times the parallel chain has been expanded and/or the pre-configured mining pool identifier of the mining pool.
第一密钥生成算法在生成第一密钥时考虑并行链已扩容的次数,若并行链扩容后,Master TEE中保存的并行链已扩容的次数已经更新,但Slave TEE中保存的并行链已扩容的次数尚未更新,Slave TEE将无法继续挖矿(因为无法正确解密区块头主体部分的哈希值),即在并行链扩容升级后,若Slave TEE的配置未升级,将不允许该Slave TEE继续参与挖矿,这样,即使在升级前某个并行链上出现了算力聚集,升级后一旦Slave TEE的配置更新,聚集的Slave TEE将可能被分散到新的并行链上去挖矿,从而有效消除了算力聚集。The first key generation algorithm considers the number of times the parallel chain has been expanded when generating the first key. If the parallel chain has been expanded, the number of times the parallel chain saved in the Master TEE has been expanded has been updated, but the parallel chain saved in the Slave TEE has The number of expansions has not been updated, and Slave TEE will not be able to continue mining (because the hash value of the main part of the block header cannot be decrypted correctly), that is, after the parallel chain expansion and upgrade, if the Slave TEE configuration is not upgraded, the Slave TEE will not be allowed Continue to participate in mining, so that even if there is a concentration of computing power on a parallel chain before the upgrade, once the configuration of the Slave TEE is updated after the upgrade, the aggregated Slave TEE may be dispersed to the new parallel chain to mine, which is effective Eliminate the accumulation of computing power.
第一密钥生成算法在生成第一密钥时考虑矿池标识,能够限制Slave TEE只能在指定的矿池下挖矿,不能随意更换矿池(否则无法正确解密区块头主体部分的哈希值),避免算力聚集。The first key generation algorithm considers the pool ID when generating the first key, which can restrict the Slave TEE to only mine in the specified pool, and cannot replace the pool at will (otherwise, the hash value of the main part of the block header cannot be decrypted correctly ), to avoid the accumulation of computing power.
以上两项信息,在第一密钥生成算法中可以只考虑其中一项,也可以都考虑进去。In the first key generation algorithm, only one of the above two pieces of information may be considered, or both may be considered.
可选地,终端设备关联的并行链的链标识由Slave TEE根据Slave TEE绑定的钱包账号的地址的虚拟并行链标识、终端设备的并行链标识掩码以及区块链系统包含的并行链的数量计算获得,其中,虚拟并行链标识根据Slave TEE的硬件标识计算获得。Optionally, the chain identifier of the parallel chain associated with the terminal device is composed of the virtual parallel chain identifier of Slave TEE according to the address of the wallet account bound by the Slave TEE, the parallel chain identifier mask of the terminal device, and the parallel chain included in the blockchain system. The number is calculated, and the virtual parallel chain logo is calculated based on the slave TEE hardware logo.
可选地,在终端设备向矿池服务器发送记账请求之前,该方法还可以包括:Optionally, before the terminal device sends an accounting request to the mining pool server, the method may further include:
终端设备向矿池服务器发送注册请求,注册请求携带有注册信息、用户的实名认证结果以及实名认证机构用私钥对实名认证结果的签名,注册信息包括Slave TEE绑定的钱包账号的地址;矿池服务器配置的Master TEE中保存有与实名认证机构的私钥匹配的公钥;The terminal device sends a registration request to the mining pool server. The registration request carries registration information, the user’s real-name authentication result, and the real-name authentication agency’s signature of the real-name authentication result with the private key. The registration information includes the address of the wallet account bound by the Slave TEE; The Master TEE configured by the pool server stores the public key matching the private key of the real-name certification authority;
实名认证结果包括实名认证机构分配的认证码,认证码与Slave TEE绑定的钱包账号的地址相对应,用于表征用户通过实名认证机构的实名认证;The real-name authentication result includes the authentication code assigned by the real-name authentication organization. The authentication code corresponds to the address of the wallet account bound to the Slave TEE, and is used to characterize that the user has passed the real-name authentication of the real-name authentication organization;
记账权确定信息还包括认证码。The accounting right determination information also includes an authentication code.
可选地,在终端设备向矿池服务器发送记账请求之前,该方法还可以包括:Optionally, before the terminal device sends an accounting request to the mining pool server, the method may further include:
终端设备向矿池服务器发送入池申请,并获得矿池服务器的入池授权。The terminal device sends a pooling application to the mining pool server and obtains the pooling authorization of the mining pool server.
可选地,终端设备获得矿池服务器的入池授权,可以包括:Optionally, the terminal device obtaining the pool access authorization of the mining pool server may include:
终端设备接收矿池服务器发送的授权序号以及加密后的授权码,其中,授权序号由矿池服务器配置的Master TEE分配,加密所用的第二密钥由Master TEE根据第二密钥生成算法生成;The terminal device receives the authorization serial number and encrypted authorization code sent by the mining pool server, where the authorization serial number is allocated by the Master TEE configured by the mining pool server, and the second key used for encryption is generated by the Master TEE according to the second key generation algorithm;
在Slave TEE对记账权确定信息进行签名之前,该方法还包括:Before Slave TEE signs the accounting right determination information, the method further includes:
Slave TEE根据第二密钥生成算法生成第二密钥,利用第二密钥解密加密后的授权码;Slave TEE generates a second key according to the second key generation algorithm, and uses the second key to decrypt the encrypted authorization code;
Slave TEE根据解密后的授权码确定入池授权有效。Slave TEE determines that the authorization to enter the pool is valid according to the decrypted authorization code.
本公开实施例还提供了一种记账方法,应用于区块链系统,区块链系统包括至少一个并行链,至少一个并行链上搭建有至少一个矿池,每个矿池包括矿池服务器以及位于并行链上的挖矿节点,挖矿节点采用分布式数据区块链存储数据,方法可以包括:An embodiment of the present disclosure also provides an accounting method, which is applied to a blockchain system. The blockchain system includes at least one parallel chain, at least one parallel chain is built with at least one mining pool, and each mining pool includes a mining pool server. And the mining nodes located on the parallel chain. The mining nodes use distributed data blockchain to store data. Methods can include:
挖矿节点向矿池服务器发送待定记账区块的区块头主体部分的哈希值以及在并行链上挖矿的难度目标值;The mining node sends the hash value of the main body of the block header of the pending accounting block to the mining pool server and the difficulty target value of mining on the parallel chain;
挖矿节点接收矿池服务器发送的接入矿池服务器的终端设备配置的Slave TEE绑定的钱包账号的地址主体以及Slave TEE生成的记账权确定信息的签名,其中,记账权确定信息包括区块头主体部分的哈希值以及Slave TEE绑定的钱包账号的地址主体;The mining node receives the signature of the address body of the wallet account bound by the Slave TEE and the accounting right determination information generated by the Slave TEE sent by the mining pool server to the terminal device configured to access the mining pool server, where the accounting right determination information includes The hash value of the body part of the block header and the address body of the wallet account bound by Slave TEE;
挖矿节点生成包含钱包账号的地址主体以及记账权确定信息的签名的记账区块,并将记账区块添加至本地的区块链中。The mining node generates a signed accounting block that contains the address body of the wallet account and the accounting right determination information, and adds the accounting block to the local blockchain.
可选地,记账权确定信息还包括累积未用下限时长和/或实名认证机构分配的认证码,其中,累积未用下限时长是Slave TEE根据难度目标值计算出的,认证码与Slave TEE绑定的钱包账号的地址相对应,用于表征用户通过实名认证机构的实名认证,挖矿节点生成的记账区块中还包含根据难度目标值计算出的累积未用下限时长和/或认证码。Optionally, the accounting right determination information further includes a cumulative unused minimum duration and/or an authentication code assigned by a real-name certification body, where the cumulative unused minimum duration is calculated by Slave TEE according to the difficulty target value, and the authentication code is related to the Slave TEE The address of the bound wallet account corresponds to the real-name authentication of the user through the real-name authentication agency. The accounting block generated by the mining node also contains the cumulative unused minimum duration and/or authentication calculated according to the difficulty target value code.
可选地,记账权确定信息的签名由Slave TEE根据保存的第一私钥生成,在挖矿节点生成包含钱包账号的地址主体以及记账权确定信息的签名的记账区块之前,该方法还可以包括:Optionally, the signature of the accounting right determination information is generated by the Slave TEE based on the stored first private key. Before the mining node generates the accounting accounting block containing the address body of the wallet account and the signature of the accounting right determination information, the Methods can also include:
挖矿节点根据保存的与第一私钥匹配的第一公钥确定记账权确定信息的签名为真实签名。The mining node determines that the signature of the accounting right determination information is a real signature according to the stored first public key matching the first private key.
根据非对称加密原理,Slave TEE利用保存的第一私钥对记账权确定信息签名,挖矿节点利用保存的与第一私钥匹配的第一公钥对该签名进行验证,若验证成功,则证实该签名确实是Slave TEE发出的,可以避免攻击者伪造消息。According to the principle of asymmetric encryption, Slave TEE uses the saved first private key to determine the information signature of the accounting right. The mining node uses the saved first public key that matches the first private key to verify the signature. If the verification is successful, It is confirmed that the signature is indeed sent by the Slave TEE, which can prevent the attacker from forging the message.
可选地,在挖矿节点生成包含钱包账号的地址主体以及记账权确定信息的签名的记账区块之前,方法还可以包括:Optionally, before the mining node generates a signed accounting block containing the address body of the wallet account and the accounting right determination information, the method may further include:
挖矿节点根据钱包账号的地址主体查询获得终端设备上次记账生成的区块在区块链中的高度;The mining node queries the address subject of the wallet account to obtain the height of the block generated by the terminal device in the last bookkeeping in the blockchain;
挖矿节点根据上次记账生成的区块在区块链中的高度以及待定记账区块在区块链中的高度确定待定记账区块的生成时间与上次记账生成的区块的生成时间的时间间隔;The mining node determines the generation time of the pending accounting block and the block generated by the last accounting based on the height of the block generated by the last accounting in the blockchain and the height of the pending accounting block in the blockchain The time interval of the generation time;
挖矿节点确定判断时间间隔大于冷却时长,其中,冷却时长为根据待确认的记账区块中保存的难度目标值计算出的累积未用下限时长的k倍,k为大于0且小于1的常数。The mining node determines that the judgment interval is greater than the cooling duration, where the cooling duration is k times the cumulative unused lower limit duration calculated based on the difficulty target value stored in the accounting block to be confirmed, and k is greater than 0 and less than 1. constant.
挖矿节点在生成记账区块前,还可以验证其记账时间间隔是否满足冷却时长的要求,若满足要求,才会生成该区块,并将其添加至本地的区块链中,否则不会认生成区块,避免同一Slave TEE连续获得记账权。Before generating the accounting block, the mining node can also verify whether its accounting interval meets the cooling time requirement. If the requirement is met, the block will be generated and added to the local blockchain, otherwise It will not recognize the generated block, avoiding the same Slave TEE to continuously obtain the accounting right.
可选地,在挖矿节点将记账区块添加至本地的区块链中之后,该方法还可以包括:Optionally, after the mining node adds the accounting block to the local blockchain, the method may further include:
挖矿节点将记账区块在区块链中的高度、竞争到记账权的终端设备配置的Slave TEE绑定的钱包账号的地址主体发送至矿池服务器。The mining node sends the height of the accounting block in the blockchain and the address body of the wallet account bound by the Slave TEE configuration of the terminal device competing for the accounting right to the mining pool server.
在这些实施例中,挖矿节点将上述信息发送到矿池服务器保存,矿池服务器在验证记账请求是否满足冷却时长的要求时,可以利用Slave TEE绑定的钱包账号的地址主体查询出每次记账的区块在区块链中的高度,进而估算记账时间间隔完成验证。In these embodiments, the mining node sends the above information to the mining pool server for storage. When verifying whether the accounting request meets the cooling time requirement, the mining pool server can use the address body of the wallet account bound by Slave TEE to query each The height of the sub-accounted block in the blockchain, and then estimate the accounting interval to complete the verification.
可选地,该方法还可以包括:Optionally, the method may further include:
挖矿节点根据区块链的待确认的记账区块中保存的终端设备的钱包账号的地址主体查询获得该终端设备上次记账生成的区块在区块链中的高度,其中,待确认的记账区块是指挖矿节点接收到的由同链的其他挖矿节点广播的记账区块;The mining node queries the address body of the wallet account of the terminal device stored in the accounting block to be confirmed on the blockchain to obtain the height of the block generated by the terminal device in the last accounting in the blockchain, where The confirmed accounting block refers to the accounting block received by the mining node and broadcast by other mining nodes on the same chain;
挖矿节点根据上次记账生成的区块在区块链中的高度以及待确认的记账区块在区块链中的高度确定待确认的记账区块的生成时间与上次记账生成的区块的生成时间的时间间 隔;The mining node determines the generation time of the accounting block to be confirmed and the last accounting based on the height of the block generated by the last accounting in the blockchain and the height of the accounting block to be confirmed in the blockchain The time interval of the generation time of the generated block;
挖矿节点判断时间间隔是否大于冷却时长,若大于冷却时长,则认可待确认的记账区块,其中,冷却时长为根据待确认的记账区块中保存的难度目标值计算出的累积未用下限时长的k倍,k为大于0且小于1的常数。The mining node judges whether the time interval is greater than the cooling time, and if it is greater than the cooling time, it will approve the accounting block to be confirmed, where the cooling time is the cumulative uncalculated value calculated based on the difficulty target value stored in the accounting block to be confirmed Using k times the lower limit time, k is a constant greater than 0 and less than 1.
挖矿节点会接收其他挖矿节点广播的待确认的记账区块,待确认的记账区块已经被其他挖矿节点添加至其本地的区块链中,但尚未被并行链上的挖矿节点所认可。Mining nodes will receive the accounting blocks to be confirmed broadcast by other mining nodes. The accounting blocks to be confirmed have been added to their local blockchain by other mining nodes, but have not been mined on the parallel chain. Approved by the mining node.
对于接收到的待确认的记账区块,挖矿节点可以验证其记账时间间隔是否满足冷却时长的要求,若满足要求,才会认可该区块,并将其添加至本地的区块链中,否则不会认可该区块。For the received accounting block to be confirmed, the mining node can verify whether the accounting interval meets the cooling time requirement. If the requirement is met, the block will be recognized and added to the local blockchain Medium, otherwise the block will not be recognized.
本公开实施例还提供了一种矿池服务器,矿池服务器包括:An embodiment of the present disclosure also provides a mining pool server. The mining pool server includes:
存储器,用于存储计算机指令;Memory, used to store computer instructions;
通信接口,用于与终端设备以及挖矿节点通信;Communication interface, used to communicate with terminal equipment and mining nodes;
矿池服务器还包括Master TEE或连接有Master TEE;The mining pool server also includes Master TEE or Master TEE connected;
矿池服务器还包括处理器,与存储器、通信接口以及Master TEE相连,其中,在存储器中的计算机指令被处理器执行时,处理器结合Master TEE执行上述的可应用于区块链系统的矿池服务器的记账方法。The mining pool server also includes a processor, which is connected to the memory, the communication interface, and the Master TEE. When the computer instructions in the memory are executed by the processor, the processor combines with the Master TEE to execute the above-mentioned mining pool applicable to the blockchain system The accounting method of the server.
本公开实施例还提供一种终端设备,终端设备包括:An embodiment of the present disclosure also provides a terminal device. The terminal device includes:
存储器,用于存储计算机指令;Memory, used to store computer instructions;
通信接口,用于与矿池服务器通信;Communication interface, used to communicate with the mining pool server;
终端设备还包括Slave TEE或连接有Slave TEE;Terminal equipment also includes Slave TEE or Slave TEE connected;
终端设备还包括处理器,与存储器、通信接口以及Slave TEE相连,其中,在存储器中的计算机指令被处理器执行时,处理器结合Slave TEE执行可应用于接入到区块链系统的终端设备的记账方法。The terminal device also includes a processor, which is connected to the memory, the communication interface, and the Slave TEE. When the computer instructions in the memory are executed by the processor, the processor combined with the Slave TEE execution can be applied to the terminal device connected to the blockchain system. Accounting method.
本公开实施例还提供了一种挖矿节点,挖矿节点包括:An embodiment of the present disclosure also provides a mining node. The mining node includes:
存储器,用于存储计算机指令;Memory, used to store computer instructions;
通信接口,用于与矿池服务器通信;Communication interface, used to communicate with the mining pool server;
处理器,与存储器、通信接口相连,其中,在存储器中的计算机指令被处理器执行时,处理器执行上述应用于区块链系统的挖矿节点的记账方法。The processor is connected to the memory and the communication interface. When the computer instructions in the memory are executed by the processor, the processor executes the above-mentioned accounting method applied to the mining node of the blockchain system.
本公开实施例还提供了一种矿池,包括:矿池服务器以及位于区块链系统的并行链上的挖矿节点,挖矿节点采用分布式数据区块链存储数据,区块链系统包括至少一个并行链An embodiment of the present disclosure also provides a mining pool, including: a mining pool server and a mining node located on a parallel chain of the blockchain system. The mining node uses a distributed data blockchain to store data. The blockchain system includes At least one parallel chain
其中,挖矿节点用于:向矿池服务器发送待定记账区块的区块头主体部分的哈希值以及在并行链上挖矿的难度目标值;Among them, the mining node is used to: send the hash value of the main body of the block header of the pending accounting block to the mining pool server and the difficulty target value of mining on the parallel chain;
矿池服务器用于:接收并存储区块头主体部分的哈希值以及难度目标值,并在接收到终端设备发送的记账请求后,向终端设备发送区块头主体部分的哈希值以及难度目标值,以使终端设备配置的Slave TEE判断自身的累积未用时长是否大于根据难度目标值计算出的累积未用下限时长,并在累积未用时长大于累积未用下限时长时对记账权确定信息进行签名,其中,记账权确定信息包括区块头主体部分的哈希值以及Slave TEE绑定的钱包账号的地址主体;接收终端设备发送的记账权确定信息以及记账权确定信息的签名,并将记账权确定信息以及记账权确定信息的签名发送至挖矿节点;The mining pool server is used to: receive and store the hash value and difficulty target value of the main part of the block header, and after receiving the accounting request sent by the terminal device, send the hash value and difficulty target of the main part of the block header to the terminal device Value, so that the Slave TEE configured by the terminal device determines whether its accumulated unused duration is greater than the cumulative unused minimum duration calculated according to the difficulty target value, and determines the accounting right when the accumulated unused duration is greater than the cumulative unused minimum duration Sign the information, where the accounting right determination information includes the hash value of the body part of the block header and the address body of the wallet account bound by Slave TEE; the signature of the accounting right determination information and the accounting right determination information sent by the receiving terminal device , And send the accounting right determination information and the signature of the accounting right determination information to the mining node;
挖矿节点还用于:生成包含钱包账号的地址主体以及记账权确定信息的签名的记账区 块,并将记账区块添加至本地的区块链中。Mining nodes are also used to: generate a billing block that contains the address body of the wallet account and the signature of the billing right determination information, and add the billing block to the local blockchain.
可选地,矿池服务器还可以用于:在接收终端设备发送的记账请求之前,接收终端设备发送的入池申请,并在矿池服务器配置的Master TEE中判断矿池服务器的容量是否小于容量阈值,若矿池服务器的容量小于容量阈值,则根据Master TEE生成授权信息对终端设备进行入池授权,以告知终端设备在授权开始时间之后的授权使用时长内向矿池服务器发送的记账请求可被矿池服务器接受,若矿池服务器的容量大于容量阈值,则发送消息通知终端设备未获入池授权,其中,授权使用时长为保存在矿池服务器配置的Master TEE中的预配置数据。Optionally, the mining pool server can also be used to: before receiving the accounting request sent by the terminal device, receive the pooling application sent by the terminal device, and determine whether the capacity of the mining pool server is less than the Master TEE configured in the mining pool server Capacity threshold, if the capacity of the mining pool server is less than the capacity threshold, the terminal device is authorized to enter the pool according to the authorization information generated by the Master TEE to inform the terminal device of the accounting request sent to the mining pool server within the authorized use time after the authorization start time It can be accepted by the mining pool server. If the capacity of the mining pool server is greater than the capacity threshold, a message is sent to notify the terminal device that it has not been authorized to enter the pool. The authorized duration is the pre-configured data stored in the Master TEE configured by the mining pool server.
可选地,矿池服务器的容量小于容量阈值,可以包括:Optionally, the capacity of the mining pool server is less than the capacity threshold, which may include:
当前的授权周期内的入池授权量小于第一阈值;其中,授权周期以及第一阈值为保存在矿池服务器配置的Master TEE中的预配置数据。The authorization amount for pooling in the current authorization period is less than the first threshold; wherein, the authorization period and the first threshold are pre-configured data saved in the Master TEE configured by the mining pool server.
为使本公开的上述目的、技术方案和有益效果能更明显易懂,下文特举实施例,并配合所附附图,作详细说明如下。In order to make the above-mentioned objects, technical solutions and beneficial effects of the present disclosure more obvious and understandable, the embodiments are specifically described below, together with the accompanying drawings, for detailed description as follows.
附图说明BRIEF DESCRIPTION
为了更清楚地说明本公开实施例的技术方案,下面将对实施例中所需要使用的附图作简单地介绍,应当理解,以下附图仅示出了本公开的某些实施例,因此不应被看作是对范围的限定,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他相关的附图。In order to more clearly explain the technical solutions of the embodiments of the present disclosure, the drawings needed to be used in the embodiments will be briefly introduced below. It should be understood that the following drawings only show some embodiments of the present disclosure, and therefore do not It should be regarded as a limitation on the scope. For those of ordinary skill in the art, without paying any creative labor, other related drawings can also be obtained based on these drawings.
图1(A)至图1(B)示出了一种可用于本申请实施例中的区块链系统的架构示意图;FIG. 1(A) to FIG. 1(B) show a schematic structural diagram of a blockchain system that can be used in embodiments of the present application;
图2示出了本公开实施例提供的区块链系统的一种工作流程的示意图;2 shows a schematic diagram of a workflow of a blockchain system provided by an embodiment of the present disclosure;
图3示出了本公开实施例提供的一种记账方法的流程图;FIG. 3 shows a flowchart of a billing method provided by an embodiment of the present disclosure;
图4(A)至图4(B)示出了本公开实施例提供的另一种记账方法的流程图;4(A) to 4(B) show a flowchart of another accounting method provided by an embodiment of the present disclosure;
图5示出了本公开实施例提供的一种矿池服务器的功能模块图;5 shows a functional module diagram of a mining pool server provided by an embodiment of the present disclosure;
图6示出了本公开实施例提供的一种终端设备的功能模块图;6 shows a functional block diagram of a terminal device provided by an embodiment of the present disclosure;
图7示出了本公开实施例提供的一种挖矿节点的功能模块图。FIG. 7 shows a functional block diagram of a mining node provided by an embodiment of the present disclosure.
具体实施方式detailed description
下面将结合本公开实施例中附图,对本公开实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本公开一部分实施例,而不是全部的实施例。通常在此处附图中描述和示出的本公开实施例的组件可以以各种不同的配置来布置和设计。因此,以下对在附图中提供的本公开的实施例的详细描述并非旨在限制要求保护的本公开的范围,而是仅仅表示本公开的选定实施例。基于本公开的实施例,本领域技术人员在没有做出创造性劳动的前提下所获得的所有其他实施例,都属于本公开保护的范围。The technical solutions in the embodiments of the present disclosure will be described clearly and completely in conjunction with the drawings in the embodiments of the present disclosure. Obviously, the described embodiments are only a part of the embodiments of the present disclosure, but not all the embodiments. The components of the embodiments of the present disclosure generally described and illustrated in the drawings herein can be arranged and designed in various configurations. Therefore, the following detailed description of the embodiments of the present disclosure provided in the drawings is not intended to limit the scope of the claimed disclosure, but merely represents selected embodiments of the disclosure. Based on the embodiments of the present disclosure, all other embodiments obtained by those skilled in the art without creative efforts shall fall within the protection scope of the present disclosure.
应注意到:相似的标号和字母在下面的附图中表示类似项,因此,一旦某一项在一个附图中被定义,则在随后的附图中不需要对其进行进一步定义和解释。同时,在本公开的描述中,术语“第一”、“第二”等仅用于将一个实体或者操作与另一个实体或操作区分开来,而不能理解为指示或暗示相对重要性,也不能理解为要求或者暗示这些实体或操作之间存在任何这种实际的关系或者顺序。而且,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者设备不仅包 括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素的过程、方法、物品或者设备中还存在另外的相同要素。It should be noted that similar reference numerals and letters indicate similar items in the following drawings, therefore, once an item is defined in one drawing, there is no need to further define and explain it in subsequent drawings. Meanwhile, in the description of the present disclosure, the terms "first", "second", etc. are only used to distinguish one entity or operation from another entity or operation, and cannot be understood as indicating or implying relative importance, or It cannot be understood as requiring or implying that there is any such actual relationship or order between these entities or operations. Moreover, the terms "include", "include" or any other variant thereof are intended to cover non-exclusive inclusion, so that a process, method, article or device that includes a series of elements includes not only those elements, but also those not explicitly listed Or other elements that are inherent to this process, method, article, or equipment. Without more restrictions, the element defined by the sentence "include one..." does not exclude that there are other identical elements in the process, method, article or equipment that includes the element.
本公开实施例提供的记账方法可以应用于区块链系统中。该区块链系统可以包括至少一个并行链,每个并行链上都可以包括至少一个挖矿节点。当然,并行链上还可以包括其他节点,挖矿节点的功能可以包括挖矿以及记账。所谓挖矿是指挖矿节点与其所在的并行链上的其他节点根据区块链的共识算法竞争记账权。所谓记账是指:挖矿节点竞争记账权成功后,根据交易缓冲区中的待记账交易生成新的区块,并将新的区块添加至其所在的并行链对应的区块链数据(账本)中。而且,挖矿节点还会与其所在的并行链上的其他节点同步区块数据,即挖矿节点还是其所在的并行链上的全账本节点。除挖矿节点以外,并行链上的其他节点不参与挖矿,但可参与记账。The accounting method provided by the embodiments of the present disclosure can be applied to a blockchain system. The blockchain system may include at least one parallel chain, and each parallel chain may include at least one mining node. Of course, other nodes can be included on the parallel chain, and the functions of the mining nodes can include mining and accounting. The so-called mining refers to the mining node competing with other nodes on the parallel chain where it is based on the blockchain's consensus algorithm for accounting rights. The so-called bookkeeping refers to: after the mining node competes for the bookkeeping rights, a new block is generated according to the transaction to be booked in the transaction buffer, and the new block is added to the block chain corresponding to the parallel chain where it is located Data (ledger). Moreover, the mining node will also synchronize the block data with other nodes on the parallel chain where it is located, that is, the mining node is also a full ledger node on the parallel chain where it is located. Except for mining nodes, other nodes on the parallel chain do not participate in mining, but can participate in bookkeeping.
之前已经阐述过,挖矿节点是并行链上的全账本节点,但其存储的交易数据仅仅是和其所在的并行链相关的交易数据。从区块链系统中的每个并行链中选取一个挖矿节点,例如在有N(N≥1)个并行链的情况下共选取N个挖矿节点,所构成的挖矿节点的集合被称为账本集群。账本集群中存储了区块链系统中所有的交易数据,即用于维护全网账本,以便提供全网交易数据的查询等功能。需要指出,由于每个挖矿节点都是并行链上的全账本节点,所以在构成账本集群时,每个并行链上选取一个挖矿节点就够用了;当然,若出于可靠性等方面的考虑,在同一个并行链上选取多个挖矿节点也是可行的。As previously stated, the mining node is a full ledger node on the parallel chain, but the transaction data it stores is only the transaction data related to the parallel chain where it is located. Select a mining node from each parallel chain in the blockchain system. For example, if there are N (N ≥ 1) parallel chains, select a total of N mining nodes. The set of mining nodes formed is Called the ledger cluster. The ledger cluster stores all transaction data in the blockchain system, that is, it is used to maintain the entire network ledger, so as to provide functions such as query of the entire network transaction data. It should be pointed out that since each mining node is a full ledger node on the parallel chain, when forming a ledger cluster, it is enough to select one mining node on each parallel chain; of course, if it is due to reliability and other aspects For consideration, it is also feasible to select multiple mining nodes on the same parallel chain.
在区块链系统的至少一个并行链上可以搭建有至少一个矿池。其中,每个矿池均可以包括矿池服务器以及并行链上的挖矿节点。上面所称的在至少一个并行链上搭建矿池,是指该矿池包含这些并行链上的挖矿节点,所以通过该矿池能够在这些并行链上挖矿以及为这些并行链记账。可选地,在一些实现方式中,矿池可以包括矿池服务器以及一个账本集群,即矿池可以在整个区块链系统中所有的并行链上挖矿以及记账。At least one mining pool can be built on at least one parallel chain of the blockchain system. Among them, each mining pool may include a mining pool server and a mining node on a parallel chain. The above-mentioned construction of a mining pool on at least one parallel chain means that the mining pool contains mining nodes on these parallel chains, so the mining pool can mine on these parallel chains and keep accounts for these parallel chains. Optionally, in some implementations, the mining pool may include a mining pool server and a ledger cluster, that is, the mining pool may mine and keep accounts on all parallel chains in the entire blockchain system.
在矿池中,挖矿节点的挖矿功能实际上可以是由接入到矿池中的矿工完成的。矿工是指能够运行共识算法的设备。矿工接入到矿池服务器后,挖矿节点可以将共识计算的任务通过矿池服务器分发给各矿工以实际执行,由各矿工竞争记账权,当然在挖矿节点外部看来,仍然是挖矿节点在竞争记账权。矿池服务器除了作为挖矿节点与矿工之间的通信中介,还可以用于矿工的入池管理,即是否允许矿工接入到矿池,以及用于发放矿池奖励等功能,在后文还会具体介绍。In the mining pool, the mining function of the mining node can actually be performed by the miners connected to the mining pool. Miners are devices that can run consensus algorithms. After the miner accesses the mining pool server, the mining node can distribute the consensus calculation task to the miners through the mining pool server for actual execution. The miners compete for the accounting power. Of course, from the perspective of the mining node, it is still mining Mine nodes are competing for accounting rights. In addition to serving as a communication intermediary between mining nodes and miners, the mining pool server can also be used for pooling management of miners, that is, whether or not miners are allowed to access the mining pool, as well as functions for issuing mining pool rewards. Will be introduced in detail.
可选地,在一些实现方式中,矿池中还可以包括数据库,用于存储挖矿过程中的涉及的数据,例如矿工的注册信息、挖矿节点发送的和记账相关的信息等。这样的数据库可以部署在矿池服务器上,或者也可以部署在单独的数据库服务器上,其中矿池服务器可以访问该数据库服务器。后文阐述时为简单起见,统一称之为矿池服务器的数据库。Optionally, in some implementations, the mining pool may also include a database for storing data involved in the mining process, such as registration information of miners, information related to billing sent by mining nodes, and so on. Such a database can be deployed on a mining pool server, or it can also be deployed on a separate database server, where the mining pool server can access the database server. For the sake of simplicity, it will be referred to as the database of the mining pool server.
在本公开实施例中,矿工可以是指为终端设备配置的SlaveTEE,所谓配置可以是指终端设备是Slave TEE的载体。Slave TEE与外部设备(例如矿池服务器)的通信可以借助于终端设备上的应用程序完成。上面所称的矿工接入到矿池服务器可以是指终端设备接入到矿池服务器,然后由Slave TEE负责挖矿。下面简单介绍可信执行环境(Trusted Execution Environment,简称TEE)的概念:In the embodiment of the present disclosure, the miner may refer to the SlaveTEE configured for the terminal device, and the so-called configuration may refer to that the terminal device is a carrier of the SlaveTEE. The communication between Slave TEE and external devices (such as mining pool server) can be completed by means of the application program on the terminal device. The above mentioned miner access to the mining pool server may refer to that the terminal device is connected to the mining pool server, and then Slave TEE is responsible for mining. The following briefly introduces the concept of Trusted Execution Environment (TEE):
TEE是与终端设备上的富操作系统(Rich Operating System,简称Rich OS,例如Android等)并存的运行环境,并且给RichOS提供安全服务。TEE可以具有其自身的执行空间。 TEE所能访问的软硬件资源可以是与RichOS分离的。TEE提供了可信应用(Trusted Application,简称TA)的安全执行环境,同时也可以保护可信应用的资源和提供数据的保密性、完整性和访问权限。为了保证TEE本身的可信根,TEE在安全启动过程中是要通过验证并且与Rich OS隔离的。在TEE中,各个可信应用是相互独立的,而且不能在未授权的情况下互相访问。TEE is an operating environment that coexists with a rich operating system (Rich OS, such as Android, etc.) on the terminal device, and provides security services to RichOS. TEE can have its own execution space. The software and hardware resources that TEE can access can be separated from RichOS. TEE provides a secure execution environment for trusted applications (TA), and also protects the resources of trusted applications and provides data confidentiality, integrity, and access rights. In order to ensure the root of trust of TEE itself, TEE is verified and isolated from Rich OS during the secure boot process. In TEE, each trusted application is independent of each other, and cannot access each other without authorization.
TEE可以采用,但不限于如下两种方式:TEE can be used, but not limited to the following two methods:
(1)借助特定CPU芯片,比如Intel SGX、ARM Trust Zone等,提供的安全防护能力,构造一个可信执行环境。为了保障安全强度,还可以在可信执行环境底层增加可信硬件支持,比如采用符合可信平台模块(Trusted Platform Module,简称TPM)标准的安全芯片,或采用符合可信密码模块(Trusted Cryptography Module,简称TCM)标准的安全芯片。(1) With the help of specific CPU chips, such as Intel SGX, ARM Trust Zone, etc., provide a security protection capability to construct a trusted execution environment. In order to ensure the security strength, you can also add trusted hardware support at the bottom of the trusted execution environment, such as using a secure chip that conforms to the Trusted Platform Module (TPM) standard, or using a trusted cryptographic module (Trusted Cryptography Module) , Referred to as TCM) standard security chip.
(2)采用加密锁(俗称软件狗)实现可信执行环境。常见的软件狗常包装成一个通用串行总线(Universal Serial Bus,简称USB)设备,软件狗内既提供文件存贮,也支持运行经过定制的程序。采用软件狗,可以不必限定设备的设备类型,只要设备有USB接口即可,降低了对设备的要求。(2) Adopt encryption lock (commonly known as dongle) to achieve a trusted execution environment. Common dongles are often packaged as a Universal Serial Bus (USB) device. The dongles provide both file storage and support for running customized programs. With the dongle, it is not necessary to limit the device type of the device, as long as the device has a USB interface, which reduces the requirements on the device.
如果TEE外部要使用TEE的功能,或者获取TEE中存储的数据,则必须通过调用TEE提供的对外接口来实现,例如应用编程接口(Application Programming Interface,简称API)。If you want to use the functions of TEE outside TEE, or obtain the data stored in TEE, you must implement it by calling the external interface provided by TEE, such as Application Programming Interface (API).
在本公开实施例中,可能涉及的TEE主要有两类。一类是终端设备配置的TEE,称为Slave TEE,主要用于参与记账权竞争,Slave TEE作为矿工,绑定有挖矿使用的钱包账号的地址,用于接收挖矿收益。另一类是矿池服务器配置的Master TEE,主要用于支持矿池容量控制,以及分散Slave TEE的算力等功能。两类TEE的功能不同,但可以采用相同的硬件结构实现。关于两类TEE的具体功能,在后文再进一步阐述。需要指出,后文在阐述时,若提到终端设备或矿池服务器完成的功能,如无特别说明,是指在其Rich OS中完成的功能;若是在终端设备或矿池服务器配置的TEE中完成的功能,一般会具体指出是在Slave TEE或Master TEE中完成的功能。In the embodiments of the present disclosure, there may be two types of TEE that may be involved. One type is the TEE of the terminal equipment configuration, called Slave TEE, which is mainly used to participate in the competition for billing rights. As a miner, Slave TEE is bound to the address of the wallet account used for mining and is used to receive mining revenue. The other type is the Master TEE configured by the mining pool server, which is mainly used to support the capacity control of the mining pool and to disperse the computing power of the Slave TEE and other functions. The functions of the two types of TEE are different, but they can be implemented with the same hardware structure. The specific functions of the two types of TEE will be further elaborated later. It should be pointed out that in the following description, if it refers to the functions completed by the terminal equipment or the mining pool server, unless otherwise specified, it refers to the functions completed in its Rich OS; if it is in the TEE of the terminal equipment or the mining pool server configuration The completed functions will generally specify the functions completed in Slave TEE or Master TEE.
图1(A)至图1(B)示出了一种可用于本申请实施例中的区块链系统100的架构示意图。参照图1(A),区块链系统100可以包括并行链101、102、103和网络104、105。FIG. 1(A) to FIG. 1(B) show a schematic structural diagram of a blockchain system 100 that can be used in an embodiment of the present application. Referring to FIG. 1(A), the blockchain system 100 may include parallel chains 101, 102, 103 and networks 104, 105.
并行链101可以包括:路由节点1011;挖矿节点1012、1014、1015、1016、1018;SPV节点1013、1017;和网络1019。网络1019可以用于在路由节点1011,挖矿节点1012、1014、1015、1016、1018和SPV节点1013、1017之间提供通信链路的介质。网络1019可以包括各种连接类型,例如有线、无线通信链路或者光纤电缆等等。并行链101的挖矿节点1012、1014、1015、1016、1018可以采用分布式数据区块链存储数据。并行链101的SPV节点1013、1017可以绑定有钱包账号的地址,SPV节点1013、1017绑定的钱包账号的地址对应的并行链为并行链101,即SPV节点1013、1017所在的并行链。The parallel chain 101 may include: a routing node 1011; a mining node 1012, 1014, 1015, 1016, 1018; an SPV node 1013, 1017; and a network 1019. The network 1019 may be used as a medium for providing communication links between the routing node 1011, the mining nodes 1012, 1014, 1015, 1016, 1018, and the SPV nodes 1013, 1017. The network 1019 may include various connection types, such as wired, wireless communication links, or fiber optic cables, and so on. The mining nodes 1012, 1014, 1015, 1016, and 1018 of the parallel chain 101 may use a distributed data blockchain to store data. The SPV nodes 1013 and 1017 of the parallel chain 101 may be bound to the address of the wallet account. The parallel chain corresponding to the address of the wallet account bound to the SPV nodes 1013 and 1017 is the parallel chain 101, that is, the parallel chain where the SPV nodes 1013 and 1017 are located.
并行链102可以包括:路由节点1021;挖矿节点1022、1023、1025、1026;SPV节点1024;和网络1027。网络1027可以用于在路由节点1021,挖矿节点1022、1023、1025、1026和SPV节点1024之间提供通信链路的介质。网络1027可以包括各种连接类型,例如有线、无线通信链路或者光纤电缆等等。并行链102的挖矿节点1022、1023、1025、1026可以采用分布式数据区块链存储数据。并行链102的SPV节点1024可以绑定有钱包账号的地址,SPV节点1024绑定的钱包账号的地址对应的并行链为并行链102,即SPV节点1024所在的并行链。The parallel chain 102 may include: a routing node 1021; a mining node 1022, 1023, 1025, 1026; an SPV node 1024; and a network 1027. The network 1027 may be used as a medium for providing communication links between the routing node 1021, the mining nodes 1022, 1023, 1025, 1026, and the SPV node 1024. The network 1027 may include various connection types, such as wired, wireless communication links, or fiber optic cables, and so on. The mining nodes 1022, 1023, 1025, and 1026 of the parallel chain 102 can use a distributed data blockchain to store data. The SPV node 1024 of the parallel chain 102 may be bound with the address of the wallet account. The parallel chain corresponding to the address of the wallet account bound by the SPV node 1024 is the parallel chain 102, that is, the parallel chain where the SPV node 1024 is located.
并行链103可以包括:路由节点1031;挖矿节点1032、1033、1035、1036;SPV节点1034、1037;和网络1038。网络1038可以用于在路由节点1031,挖矿节点1032、1033、1035、1036和SPV节点1034、1037之间提供通信链路的介质。网络1038可以包括各种连接类型,例如有线、无线通信链路或者光纤电缆等等。并行链103的挖矿节点1032、1033、1035、1036可以采用分布式数据区块链存储数据。并行链103的SPV节点1034、1037可以绑定有钱包账号的地址,SPV节点1034、1037绑定的钱包账号的地址对应的并行链为并行链103。The parallel chain 103 may include: a routing node 1031; mining nodes 1032, 1033, 1035, 1036; SPV nodes 1034, 1037; and a network 1038. The network 1038 may be used as a medium for providing communication links between the routing node 1031, the mining nodes 1032, 1033, 1035, 1036, and the SPV nodes 1034, 1037. The network 1038 may include various connection types, such as wired, wireless communication links, or fiber optic cables, and so on. The mining nodes 1032, 1033, 1035, and 1036 of the parallel chain 103 can use a distributed data blockchain to store data. The SPV nodes 1034 and 1037 of the parallel chain 103 may be bound to the address of the wallet account, and the parallel chain corresponding to the address of the wallet account bound to the SPV nodes 1034 and 1037 is the parallel chain 103.
用户可以使用SPV节点1013、1017通过网络1019与路由节点1011交互,以接收或发送消息等。用户也可以使用SPV节点1024通过网络1027与路由节点1021交互,以接收或发送消息等。用户还可以使用SPV节点1034、1037通过网络1038与路由节点1031交互,以接收或发送消息等。The user can use the SPV nodes 1013 and 1017 to interact with the routing node 1011 through the network 1019 to receive or send messages and so on. The user can also use the SPV node 1024 to interact with the routing node 1021 through the network 1027 to receive or send messages, etc. The user can also use the SPV nodes 1034, 1037 to interact with the routing node 1031 through the network 1038 to receive or send messages, etc.
SPV节点上可以安装有各种通讯客户端应用,例如简化支付验证应用、网页浏览器应用、购物类应用、搜索类应用、即时通信工具、邮箱客户端、社交平台软件等。用户可以使用SPV节点上安装的简化支付验证应用,实现数字货币管理、转账、收款、查看余额、查看交易记录等操作。Various communication client applications can be installed on the SPV node, such as simplified payment verification applications, web browser applications, shopping applications, search applications, instant messaging tools, email clients, social platform software, etc. Users can use the simplified payment verification application installed on the SPV node to implement operations such as digital currency management, transfer, collection, check balance, and transaction records.
SPV节点可以是硬件,也可以是软件。当SPV节点为硬件时,其可以是智能手机、平板电脑、笔记本电脑、台式机等电子设备。当SPV节点为软件时,其可以安装在上述所列举的电子设备中。SPV节点可以以多个软件或软件模块实施(例如用来提供简化支付验证服务),也可以以单个软件或软件模块实施。在此不做具体限定。The SPV node can be hardware or software. When the SPV node is hardware, it can be a smart phone, a tablet computer, a notebook computer, a desktop computer, and other electronic devices. When the SPV node is software, it can be installed in the electronic devices listed above. The SPV node can be implemented in multiple software or software modules (for example to provide simplified payment verification services), or it can be implemented in a single software or software module. There is no specific limit here.
路由节点可以是硬件,也可以是软件。当路由节点为硬件时,其可以被实施为多个服务器组成的分布式服务器集群,也可以被实施为单个服务器。当路由节点为软件时,路由节点可以被实施为多个软件或软件模块(例如用来提供路由服务),也可以被实施为单个软件或软件模块。在此不做具体限定。The routing node can be hardware or software. When the routing node is hardware, it can be implemented as a distributed server cluster composed of multiple servers, or as a single server. When the routing node is software, the routing node may be implemented as multiple software or software modules (for example, to provide routing services), or may be implemented as a single software or software module. There is no specific limit here.
挖矿节点可以是硬件,也可以是软件。当挖矿节点为硬件时,其可以被实施为多个服务器组成的分布式服务器集群,也可以被实施为单个服务器。当挖矿节点为软件时,其可以被实施为多个软件或软件模块(例如用来提供挖矿和记账服务),也可以被实施为单个软件或软件模块。在此不做具体限定。The mining node can be hardware or software. When the mining node is hardware, it can be implemented as a distributed server cluster composed of multiple servers, or as a single server. When the mining node is software, it can be implemented as multiple software or software modules (for example, to provide mining and billing services), or as a single software or software module. There is no specific limit here.
参照图1(B),区块链系统100还可以包括矿池110和矿池120。Referring to FIG. 1(B), the blockchain system 100 may further include a mining pool 110 and a mining pool 120.
矿池110可以包括矿池服务器1101和账本集群1102,账本集群1102可以包括并行链101上的挖矿节点1012、并行链102上的挖矿节点1022和并行链103上的挖矿节点1032。网络1106用于在矿池服务器1101和账本集群1102之间提供通信链路的介质。网络1106可以包括各种连接类型,例如有线、无线通信链路或者光纤电缆等等。终端设备1103、1104、1105可以接入到矿池服务器参与挖矿(Slave TEE未示出)。网络1107用于在矿池服务器1101和终端设备1103、1104、1105之间提供通信链路的介质,网络1107可以包括各种连接类型,例如有线、无线通信链路或者光纤电缆等等。The mining pool 110 may include a mining pool server 1101 and a ledger cluster 1102. The ledger cluster 1102 may include a mining node 1012 on the parallel chain 101, a mining node 1022 on the parallel chain 102, and a mining node 1032 on the parallel chain 103. The network 1106 is used as a medium for providing a communication link between the mining pool server 1101 and the ledger cluster 1102. The network 1106 may include various connection types, such as wired, wireless communication links, or fiber optic cables, and so on. The terminal devices 1103, 1104, and 1105 can access the mining pool server to participate in mining (Slave TEE not shown). The network 1107 is used as a medium for providing communication links between the mining pool server 1101 and the terminal devices 1103, 1104, and 1105. The network 1107 may include various connection types, such as wired, wireless communication links, or fiber optic cables.
矿池120可以包括矿池服务器1201和账本集群1202,账本集群1202可以包括并行链101上的挖矿节点1014、并行链102上的挖矿节点1023、并行链103上的挖矿节点1033。网络1206用于在矿池服务器1201和账本集群1202之间提供通信链路的介质,网络1206可以包括各种连接类型,例如有线、无线通信链路或者光纤电缆等等。终端设备1203、1204、1205可以接入到矿池服务器参与挖矿(Slave TEE未示出)。网络1207可以用于在矿池服 务器1201和终端设备1203、1204、1205之间提供通信链路的介质,网络1207可以包括各种连接类型,例如有线、无线通信链路或者光纤电缆等等。The mining pool 120 may include a mining pool server 1201 and a ledger cluster 1202. The ledger cluster 1202 may include a mining node 1014 on the parallel chain 101, a mining node 1023 on the parallel chain 102, and a mining node 1033 on the parallel chain 103. The network 1206 is used to provide a communication link medium between the mining pool server 1201 and the ledger cluster 1202. The network 1206 may include various connection types, such as wired, wireless communication links, or fiber optic cables. The terminal devices 1203, 1204, 1205 can be connected to the mining pool server to participate in mining (Slave TEE not shown). The network 1207 may be used as a medium for providing communication links between the mine pool server 1201 and the terminal devices 1203, 1204, 1205. The network 1207 may include various connection types, such as wired, wireless communication links, or fiber optic cables.
矿池服务器可以是硬件,也可以是软件。当矿池服务器为硬件时,其可以被实施为多个服务器组成的分布式服务器集群,也可以被实施为单个服务器。当矿池服务器为软件时,其可以被实施为多个软件或软件模块(例如用来控制终端设备的接入),也可以被实施为单个软件或软件模块。在此不做具体限定。The mining pool server can be hardware or software. When the mining pool server is hardware, it can be implemented as a distributed server cluster composed of multiple servers, or as a single server. When the mining pool server is software, it can be implemented as multiple software or software modules (for example, to control the access of terminal devices), or as a single software or software module. There is no specific limit here.
终端设备可以是手机、台式机、平板电脑、个人数字助理、智能穿戴设备、智能车载设备、路由器、机顶盒、嵌入式设备等电子设备。终端设备上可以安装有各种通讯客户端应用,例如挖矿应用、钱包应用、网页浏览器应用、购物类应用、搜索类应用、即时通信工具、邮箱客户端、社交平台软件等。用户可以使用终端设备上安装的挖矿应用参与挖矿并获得挖矿收益。The terminal device may be a mobile phone, a desktop computer, a tablet computer, a personal digital assistant, a smart wearable device, a smart vehicle-mounted device, a router, a set-top box, an embedded device, and other electronic devices. Various communication client applications can be installed on the terminal device, such as mining applications, wallet applications, web browser applications, shopping applications, search applications, instant messaging tools, email clients, social platform software, etc. Users can use the mining application installed on the terminal device to participate in mining and obtain mining income.
可以理解,图1(A)以及图1(B)中的并行链的数量仅仅是示意性的。根据实现需要,可以具有任意数量的并行链,特别地,当并行链的数量为1时,并行链退化为单链,此时将不涉及跨链的交易。每个并行链中的路由节点、挖矿节点、网络和SPV节点的数量也仅仅是示意性的。根据实现需要,可以具有任意数量的路由节点、挖矿节点、网络和SPV节点。并行链上搭建的矿池的数量也仅仅是示意性的,根据实现需要,可以搭建任意数量的矿池(需要挖矿节点提供支持)。接入到矿池的终端设备的数量也仅仅是示意性的,终端设备的数量取决于矿池的实际用户的数量。It can be understood that the number of parallel chains in FIG. 1(A) and FIG. 1(B) is only schematic. According to the implementation requirements, there can be any number of parallel chains. In particular, when the number of parallel chains is 1, the parallel chain degenerates into a single chain, and cross-chain transactions will not be involved at this time. The number of routing nodes, mining nodes, networks, and SPV nodes in each parallel chain is also only schematic. According to the implementation needs, there can be any number of routing nodes, mining nodes, networks and SPV nodes. The number of mining pools built on the parallel chain is also only schematic. According to the implementation needs, any number of mining pools can be built (requiring support from mining nodes). The number of terminal devices connected to the mining pool is also only schematic, and the number of terminal devices depends on the number of actual users of the mining pool.
关于图1(A)以及图1(B)示出的区块链系统的工作过程,以图2中的步骤为例,简述如下:Regarding the working process of the blockchain system shown in FIG. 1(A) and FIG. 1(B), taking the steps in FIG. 2 as an example, a brief description is as follows:
步骤S201:响应于接收到交易请求,SPV节点将所收到的交易请求发送给该SPV节点所在的并行链的路由节点。Step S201: In response to receiving the transaction request, the SPV node sends the received transaction request to the routing node of the parallel chain where the SPV node is located.
之前已经提到,SPV节点中可以安装有简化支付验证应用。用户可以使用SPV节点中的简化支付验证应用提交交易请求。这里,交易请求为转账请求,即将SPV节点绑定的钱包账号的地址中的数字货币转给另一钱包账号的地址。这样,SPV节点可以响应于接收到上述交易请求,将上述交易请求发送给该SPV节点所在的并行链的路由节点。每个SPV节点可以绑定有账号地址,在一些实现方式中,可以采用钱包应用为SPV节点生成并绑定钱包账号的地址。As mentioned earlier, simplified payment verification applications can be installed in SPV nodes. Users can use the simplified payment verification application in the SPV node to submit transaction requests. Here, the transaction request is a transfer request, that is, the digital currency in the address of the wallet account bound to the SPV node is transferred to the address of another wallet account. In this way, the SPV node can send the above transaction request to the routing node of the parallel chain where the SPV node is responsive to receiving the above transaction request. Each SPV node can be bound with an account address. In some implementations, a wallet application can be used to generate and bind a wallet account address for the SPV node.
每个SPV节点绑定的钱包账号的地址对应的并行链就是该SPV节点所在的并行链。具体实施时,可以采用各种实现方式将SPV节点绑定的钱包账号的地址对应到区块链系统所包括的并行链中的一个并行链。例如,可以在区块链系统所包括的并行链中随机选取一个并行链作为SPV节点绑定的钱包账号的地址对应的并行链。The parallel chain corresponding to the address of the wallet account bound to each SPV node is the parallel chain where the SPV node is located. During specific implementation, various implementations may be used to correspond the address of the wallet account bound to the SPV node to one of the parallel chains included in the blockchain system. For example, a parallel chain can be randomly selected from the parallel chains included in the blockchain system as the parallel chain corresponding to the address of the wallet account bound to the SPV node.
步骤S202:响应于对所收到的交易请求校验通过,路由节点将所收到的交易请求添加到该路由节点的交易请求集合中,以及将所收到的交易请求签名后广播给该路由节点的各个同链挖矿节点。Step S202: In response to the verification of the received transaction request, the routing node adds the received transaction request to the routing node's transaction request set, and broadcasts the received transaction request to the route after signing Nodes of the same chain mining node.
路由节点可以响应于接收到步骤S201中SPV节点发送的交易请求,对所收到的交易请求进行校验。如果校验通过,则可以将所收到的交易请求添加到该路由节点的交易请求集合中,以及将所收到的交易请求签名后广播给该路由节点的各个同链挖矿节点。The routing node may verify the received transaction request in response to receiving the transaction request sent by the SPV node in step S201. If the verification is passed, the received transaction request can be added to the routing node's transaction request set, and the received transaction request can be signed and broadcast to the same-chain mining nodes of the routing node.
路由节点对所收到的交易请求进行校验可以包括但不限于对交易请求进行合法性校验。其中,合法性校验可以包括但不限于验证交易请求中的转出钱包账号的地址是否存在 未花费交易输出(Unspent Transaction Output,简称UTXO)记录、交易请求中的转出钱包账号的地址的余额是否支持本次交易请求、交易请求中的转出钱包账号的地址是否是路由节点中存储的转出钱包账号的地址黑名单中的钱包账号的地址、交易请求中的转入钱包账号的地址是否是路由节点中存储的转入钱包账号的地址黑名单中的钱包账号的地址等等。具体实施时,对交易请求进行校验还可以包括其他校验。The routing node checking the received transaction request may include, but is not limited to, verifying the validity of the transaction request. Among them, the legality verification may include, but not limited to, verify whether the address of the transfer-out wallet account in the transaction request has an unspent transaction output (Unspent Transaction Output, UTXO) record, and the balance of the address of the transfer-out wallet account in the transaction request Whether this transaction request is supported, whether the address of the transfer-out wallet account in the transaction request is the address of the wallet account in the blacklist of addresses of the transfer-out wallet account stored in the routing node, and whether the address of the transfer-in wallet account in the transaction request is It is the address of the wallet account in the blacklist of addresses transferred to the wallet account stored in the routing node and so on. During specific implementation, the verification of the transaction request may also include other verifications.
路由节点的交易请求集合中存储了该路由节点校验通过的各个交易请求。路由节点对所收到的交易请求进行签名可以是利用该路由节点的私钥对所收到的交易请求进行签名。路由节点的同链挖矿节点是与该路由节点属于同一并行链的挖矿节点。例如,在图1(A)中,挖矿节点1012、1014、1015、1016、1018是路由节点1011的同链挖矿节点。Each transaction request verified by the routing node is stored in the transaction request set of the routing node. The routing node may sign the received transaction request by using the routing node's private key to sign the received transaction request. The same-chain mining node of a routing node is a mining node that belongs to the same parallel chain as the routing node. For example, in FIG. 1(A), the mining nodes 1012, 1014, 1015, 1016, and 1018 are the same-chain mining nodes of the routing node 1011.
具体实施时,由于每个并行链可以基于对等网络(Peer to Peer,简称P2P)实现,因此,路由节点在将所收到的交易请求签名后广播给该路由节点的同链挖矿节点时,可以是将所收到的交易请求签名后广播给该路由节点的相邻同链挖矿节点,再由上述该路由节点的相邻同链挖矿节点将上述签名后的交易请求广播给各自的相邻挖矿节点。In specific implementation, since each parallel chain can be implemented based on a peer-to-peer (Peer-to-Peer, P2P), the routing node broadcasts the received transaction request to the same-chain mining node of the routing node after signing , May be to sign the received transaction request and broadcast it to the neighboring same-chain mining node of the routing node, and then the neighboring same-chain mining node of the routing node will broadcast the signed transaction request to the respective Adjacent mining nodes.
需要说明的是,路由节点可以在对从SPV节点接收到的交易请求进行校验通过的情况下,先将所收到的交易请求添加到该路由节点的交易请求集合中,再将所收到的交易请求签名后广播给该路由节点的各个同链挖矿节点,或者,路由节点也可以在对从SPV节点接收到的交易请求进行校验通过的情况下,先将所收到的交易请求签名后广播给该路由节点的各个同链挖矿节点,再将所收到的交易请求添加到该路由节点的交易请求集合中,本申请对此不做具体限定。It should be noted that the routing node can add the received transaction request to the routing node's transaction request set before verifying the transaction request received from the SPV node, and then add the received The transaction request is signed and broadcasted to the same-chain mining nodes of the routing node, or the routing node can first verify the transaction request received from the SPV node, and then the received transaction request After being signed, it is broadcasted to the same-chain mining nodes of the routing node, and then the received transaction request is added to the routing node's transaction request set, which is not specifically limited in this application.
步骤S203:路由节点实时将该路由节点的同链挖矿节点的区块链同步到本地的区块链。Step S203: the routing node synchronizes the blockchain of the same mining node of the routing node to the local blockchain in real time.
路由节点不会执行挖矿和记账的操作,但是,路由节点中同步保存了该路由节点所在并行链的区块链数据(账本)。需要说明的是,路由节点可以随时执行步骤S203,并不限定于在执行完步骤S202之后执行步骤S203。The routing node will not perform mining and accounting operations, but the routing node synchronously saves the blockchain data (ledger) of the parallel chain where the routing node is located. It should be noted that the routing node may perform step S203 at any time, and is not limited to performing step S203 after performing step S202.
步骤S204:响应于对从同链路由节点接收到的签名后交易请求验证通过,挖矿节点将签名后交易请求中该挖矿节点的链内交易请求添加到该挖矿节点的待处理交易请求集合。Step S204: In response to the verification of the signed transaction request received from the same link by the node, the mining node adds the in-chain transaction request of the mining node in the signed transaction request to the pending transaction of the mining node Request collection.
挖矿节点可以响应于从同链路由节点接收到签名后交易请求:首先,对所收到的签名后交易请求进行验证;其次,如果验证通过,则挖矿节点可以将签名后交易请求中该挖矿节点的链内交易请求添加到该挖矿节点的待处理交易请求集合。The mining node can respond to receiving the post-signed transaction request from the same link by the node: first, verify the received post-signed transaction request; second, if the verification is passed, the mining node can send the signed transaction request The in-chain transaction request of the mining node is added to the set of pending transaction requests of the mining node.
挖矿节点对所收到的签名后交易请求进行验证可以包括:利用该挖矿节点的同链路由节点的公钥对所收到的签名后交易请求进行签名验证,如果签名验证通过再对所收到的签名后交易请求进行合法性校验,如果合法性校验通过,则可以确定对挖矿节点对所收到的签名后交易请求进行验证通过。The verification of the received signed transaction request by the mining node may include: using the same link of the mining node and the node's public key to verify the received signed transaction request by the node's public key. The received signed transaction request is checked for legality. If the legality check is passed, it can be determined that the mined node verifies the received signed transaction request.
在本公开实施例中,交易请求可以包括出账请求和入账请求。例如,交易请求D为将钱包账号的地址A中的X个数字货币转给钱包账号的地址B。那么交易请求D可以包括出账请求D1和入账请求D2,其中,出账请求D1为将钱包账号的地址A中的数字货币减少X个,入账请求D2为将钱包账号的地址B中的数字货币增加X个。In the embodiment of the present disclosure, the transaction request may include a billing request and a billing request. For example, the transaction request D is to transfer X digital currencies in the address A of the wallet account to the address B of the wallet account. Then, the transaction request D may include an accounting request D1 and an accounting request D2, where the accounting request D1 is to reduce the digital currency in the address A of the wallet account by X, and the accounting request D2 is to convert the digital currency in the address B of the wallet account Increase X.
签名后交易请求中该挖矿节点的链内交易请求可以包括以下两种情况:第一种情况,签名后交易请求中的转出钱包账号的地址和转入钱包账号的地址对应的并行链都是该挖矿节点所在的并行链,那么签名后交易请求中的出账请求和入账请求均为该挖矿节点的链内交易请求;第二种情况,签名后交易请求中的转出钱包账号的地址对应的并行链是该挖矿 节点所在的并行链,而签名后交易请求中的转入钱包账号的地址对应的并行链不是该挖矿节点所在的并行链,那么签名后交易请求中的出账请求是该挖矿节点的链内交易请求,而签名后交易请求中的入账请求不是该挖矿节点的链内交易请求。The in-chain transaction request of the mining node in the post-signed transaction request can include the following two situations: In the first case, the parallel chain corresponding to the address of the transferred-out wallet account and the address of the transferred-in wallet account in the signed transaction request are both Is the parallel chain where the mining node is located, then the sign-out transaction request and the account entry request in the transaction request after signing are both in-chain transaction requests of the mining node; in the second case, the transfer-out wallet account in the transaction request after signing The parallel chain corresponding to the address of is the parallel chain where the mining node is located, and the parallel chain corresponding to the address transferred to the wallet account in the transaction request after signing is not the parallel chain where the mining node is located. The accounting request is the in-chain transaction request of the mining node, and the account entry request in the signed transaction request is not the in-chain transaction request of the mining node.
每个挖矿节点都可以在缓冲区中保存该挖矿节点的待处理交易请求集合。属于同一并行链的各个挖矿节点可以按照预设的共识机制竞争该挖矿节点所在并行链的记账权。如果某个挖矿节点竞争到该挖矿节点所在并行链的记账权,则可以用该挖矿节点本地存储的待处理交易请求集合中的待处理交易请求形成新区块,并将所形成的新区块添加至该挖矿节点本地的区块链(账本)中。Each mining node can save the set of pending transaction requests of the mining node in the buffer. Each mining node belonging to the same parallel chain can compete for the accounting rights of the parallel chain where the mining node is located according to a preset consensus mechanism. If a mining node competes for the accounting rights of the parallel chain where the mining node is located, the pending transaction request in the set of pending transaction requests stored locally by the mining node can be used to form a new block, and the formed The new block is added to the local blockchain (ledger) of the mining node.
之前已经提到,在本公开实施例中,由于采用了矿池结构,挖矿节点上竞争记账权的任务实际上通过矿池服务器被分发给接入到矿池的各矿工完成,挖矿节点的主要工作是在矿工竞争记账权成功后负责记账,当然在挖矿节点外部看来,仍然是挖矿节点在挖矿以及记账。关于矿池如何工作,在后文再进一步介绍,此处暂时只关注挖矿节点对外提供的功能。As mentioned before, in the embodiment of the present disclosure, due to the adoption of the mining pool structure, the task of competing for accounting rights on the mining nodes is actually distributed to the miners connected to the mining pool through the mining pool server to complete the mining. The main work of the node is to be responsible for accounting after the success of the miner's competition for accounting rights. Of course, from the perspective of the mining node, it is still the mining node that is mining and accounting. Regarding how the mining pool works, we will introduce it further in the following article. For now, we only focus on the functions provided by the mining nodes.
步骤S205:路由节点确定该路由节点的交易请求集合中确认已出账且未入账的未入账交易请求。Step S205: The routing node determines an unaccounted transaction request that is confirmed to have been accounted and unaccounted in the transaction request set of the routing node.
路由节点除了可以在本地交易请求集合中记录交易请求之外,还可以实时更新并记录本地交易请求集合中每个交易请求对应的当前处理状态。In addition to recording transaction requests in the local transaction request set, the routing node can also update and record the current processing status corresponding to each transaction request in the local transaction request set in real time.
根据步骤S203,由于路由节点中同步存储了该路由节点所在并行链的区块链数据,因此,路由节点可以首先在本地交易请求集合中查询对应的当前处理状态为尚未出账的未出账交易请求,然后再根据本地同步存储的区块链数据,确定各个未出帐交易请求是否已确认出账。例如,路由节点可以在本地同步存储的区块链数据中确定是否在该交易请求中的出账请求对应的区块之后存在六个及六个以上的区块,如果是,则可以确认该交易请求确认已出账。如果确定未出帐交易请求确认已出账,则可以确定该交易请求为确认已出账且未入账的未入账交易请求。According to step S203, since the routing node synchronously stores the blockchain data of the parallel chain where the routing node is located, the routing node can first query the local transaction request set for the corresponding unprocessed transaction whose current processing status is not yet accounted for Request, and then based on the locally synchronized blockchain data to determine whether each unbilled transaction request has been confirmed to be billed. For example, the routing node can determine whether there are six or more blocks after the block corresponding to the account request in the transaction request in the blockchain data stored locally, and if so, it can confirm the transaction Request confirmation that it has been posted. If it is determined that the unrecorded transaction request confirms that it has been accounted for, it can be determined that the transaction request is an unrecorded transaction request that confirms that it has been posted and is not accounted for.
步骤S206:路由节点将所确定的未入账交易请求发送给目标并行链的路由节点。Step S206: The routing node sends the determined unaccounted transaction request to the routing node of the target parallel chain.
路由节点可以将步骤S205中所确定的未入账交易请求发送给目标并行链的路由节点。其中,上述目标并行链是所确定的未入账交易请求中的入账钱包账号的地址对应的并行链。例如,对于未入账交易请求D:将钱包账号的地址A中的X个数字货币转给钱包账号的地址B,其中,钱包账号的地址A对应并行链101,钱包账号的地址B对应并行链102,则对应步骤S206,可以是并行链101的路由节点将未入账交易请求D发送给并行链102的路由节点。The routing node may send the unrecorded transaction request determined in step S205 to the routing node of the target parallel chain. Wherein, the above target parallel chain is the parallel chain corresponding to the address of the account of the account of the credited wallet in the determined unaccounted transaction request. For example, for the unaccounted transaction request D: transfer X digital currencies from the address A of the wallet account to the address B of the wallet account, where the address A of the wallet account corresponds to the parallel chain 101 and the address B of the wallet account corresponds to the parallel chain 102 Then, corresponding to step S206, the routing node of the parallel chain 101 may send the unaccounted transaction request D to the routing node of the parallel chain 102.
步骤S207:响应于接收到异链路由节点发送的交易请求,路由节点将所收到的交易请求签名后广播给该路由节点的同链挖矿节点。Step S207: In response to receiving the transaction request sent by the node on the different link, the routing node signs the received transaction request and broadcasts it to the same-chain mining node of the routing node.
路由节点的异链路由节点指的是与该路由节点所在的并行链不同的并行链中的路由节点。如果路由节点接收到异链路由节点发送的交易请求,则表明上述异链路由节点向该路由节点发送了异链路由节点的交易请求集合中确认已出账且未入账的未入账交易请求。那么,上述路由节点可以将所收到的交易请求签名后广播给该路由节点的同链挖矿节点。这里,路由节点对交易请求进行签名可以是路由节点使用该路由节点的私钥进行签名。A different link of a routing node refers to a routing node in a parallel chain that is different from the parallel chain where the routing node is located. If the routing node receives a transaction request sent by a node with a different link, it indicates that the above-mentioned different link has sent a different link to the routing node. The non-accounted transaction confirmed by the node in the transaction request set of the node is confirmed and unaccounted request. Then, the routing node can sign the received transaction request and broadcast it to the same-chain mining node of the routing node. Here, the routing node may sign the transaction request by the routing node using the routing node's private key to sign.
例如,对于未入账交易请求D:将钱包账号的地址A中的X个数字货币转给钱包账号的地址B,其中,钱包账号的地址A对应并行链101,钱包账号的地址B对应并行链102, 则对应步骤S206,可以是并行链101的路由节点将未入账交易请求D发送给并行链102的路由节点。对应步骤S207,可以是并行链102的路由节点将未入账交易请求D签名后广播给并行链102中的挖矿节点。从而,并行链102的挖矿节点可以执行步骤S204,如果接收到同链路由节点,即并行链102的路由节点,发送的签名后交易请求D,并行链102的挖矿节点首先对接收到的签名后交易请求D进行验证,如果验证通过,将签名后交易请求中该挖矿节点的链内交易请求添加到该挖矿节点的待处理交易请求集合。其中,交易请求D中并行链102的挖矿节点的链内交易请求是将钱包账号的地址B增加X个数字货币。For example, for an unaccounted transaction request D: transfer X digital currencies from the address A of the wallet account to the address B of the wallet account, where the address A of the wallet account corresponds to the parallel chain 101 and the address B of the wallet account corresponds to the parallel chain 102 Then, corresponding to step S206, the routing node of the parallel chain 101 may send the unaccounted transaction request D to the routing node of the parallel chain 102. Corresponding to step S207, it may be that the routing node of the parallel chain 102 broadcasts the unrecorded transaction request D and broadcasts it to the mining node in the parallel chain 102. Therefore, the mining node of the parallel chain 102 can perform step S204. If a node with the same link, that is, a routing node of the parallel chain 102, receives the signed transaction request D, the mining node of the parallel chain 102 first receives the The signed transaction request D is verified. If the verification is passed, the in-chain transaction request of the mining node in the signed transaction request is added to the set of pending transaction requests of the mining node. Among them, the intra-chain transaction request of the mining node of the parallel chain 102 in the transaction request D is to increase the address B of the wallet account by X digital currencies.
需要说明的是,上述步骤仅仅是为说明区块链系统的工作原理所举的示例,在具体实施时,步骤S201到步骤S207的执行顺序可以按照各种方式重新排列组合,本申请对此不做具体限定。It should be noted that the above steps are only examples to illustrate the working principle of the blockchain system. In specific implementation, the execution order of steps S201 to S207 can be rearranged and combined in various ways, and this application does not Be specific.
在图1(A)至图1(B)示出的区块链系统中,交易处理过程从传统的单链串行方式改进为多链并发方式,随着并行链数的增加,区块链系统的每秒交易次数(Transactions Per Second,简称TPS)随之提高,改善了传统的区块链吞吐率低,难以大规模投入商业应用的问题。同时,SPV节点之间的交易都需要通过路由节点才能完成,从而能够利用路由节点来实现对数字货币交易的有效监管,改善了传统的区块链因其去中心化的特征而监管困难的问题。可以理解的是,图1(A)至图1(B)示出的仅仅是区块链系统的一种具体的示例性架构方式,但并不是唯一的架构方式,例如,在一些实现方式中,并行链上也可以不包含SPV节点,因此图示的区块链系统并不应当视为对本公开保护范围的限制。In the blockchain systems shown in Figures 1(A) to 1(B), the transaction processing process is improved from the traditional single-chain serial mode to the multi-chain concurrent mode. As the number of parallel chains increases, the blockchain The number of transactions per second (Transactions Per Second, TPS for short) of the system has also increased, improving the problem of low throughput of traditional blockchains and the difficulty of large-scale commercial applications. At the same time, transactions between SPV nodes need to be completed through routing nodes, so that routing nodes can be used to effectively supervise digital currency transactions, which improves the difficulty of traditional blockchain supervision due to its decentralized characteristics . It can be understood that FIGS. 1(A) to 1(B) show only a specific exemplary architectural manner of the blockchain system, but it is not the only architectural manner, for example, in some implementations The SPV node may not be included in the parallel chain, so the illustrated blockchain system should not be regarded as a limitation on the protection scope of the present disclosure.
此外,在本公开中,该区块链系统通过在并行链的挖矿节点上形成矿池进行挖矿,相较于矿工节点直接在并行链上挖矿的方式,至少具有如下优点。In addition, in the present disclosure, the blockchain system performs mining by forming a mining pool on the mining node of the parallel chain. Compared with the way in which the miner node directly mines on the parallel chain, it has at least the following advantages.
区块链系统通常需要一定数量的分布式全账本节点来保障安全,若由并行链上的矿工节点负责记账,由于矿工节点数量较多,因此账本数据的全网广播将占用大量带宽,对于高吞吐率的并行链而言,需要同步的数据量较大,网络负担进一步增加,而过多的全账本节点并不能带来额外的价值;而且,支持大量同步数据的传输对矿工节点的设备性能以及网络带宽都有较高的要求,然而在实际中,特别是公有链上,矿工节点多为个人设备,其性能有限且分布于不同的网络环境中,这一要求难以满足。此外,大多数参与挖矿的个人并没有或者只有很少的记账需求,只是希望通过挖矿获得经济利益,若强迫其参与记账,很可能导致用户流失。Blockchain systems usually require a certain number of distributed full ledger nodes to ensure security. If the miner nodes on the parallel chain are responsible for accounting, due to the large number of miner nodes, the entire network broadcast of ledger data will occupy a large amount of bandwidth. In terms of high-throughput parallel chains, the amount of data that needs to be synchronized is large, and the network burden is further increased. Too many full-ledger nodes do not bring additional value; moreover, support for the transmission of large amounts of synchronized data to the miner node equipment Both performance and network bandwidth have high requirements. However, in practice, especially on the public chain, miner nodes are mostly personal devices, and their performance is limited and distributed in different network environments. This requirement is difficult to meet. In addition, most individuals who participate in mining do not have or have very little accounting needs, but only hope to obtain economic benefits through mining. If they are forced to participate in accounting, it may lead to the loss of users.
在本公开实施例提供的区块链系统中,由于采用了矿池的方式,作为矿工的Slave TEE只竞争记账权,并不直接记账,只有挖矿节点才进行记账,挖矿节点的数量远小于Slave TEE的数量,因此挖矿节点间需要同步的数据量不会太大。在一些实现方式中,矿池可以部署在云端,矿池服务器以及挖矿节点的性能、网络传输的带宽都可以得到保障,数据同步不会给网络带来严重的负担。同时,由于Slave TEE不参与记账,也就无需同步区块链的数据,因此终端设备的性能以及所处的网络环境不会成为区块链系统的性能瓶颈。In the blockchain system provided by the embodiments of the present disclosure, due to the use of the mining pool, the slave TEE as a miner only competes for the accounting right, and does not directly account for it. Only the mining node performs accounting, and the mining node The number of is much smaller than the number of Slave TEE, so the amount of data that needs to be synchronized between mining nodes will not be too large. In some implementations, the mining pool can be deployed in the cloud, the performance of the mining pool server and mining nodes, and the bandwidth of the network transmission can be guaranteed, and data synchronization will not cause a serious burden on the network. At the same time, because Slave TEE does not participate in accounting, there is no need to synchronize the data of the blockchain. Therefore, the performance of the terminal equipment and the network environment will not become the performance bottleneck of the blockchain system.
矿池可以由有大量记账需求的用户来运营,例如,企业用户在资金上链后可能存在大量的记账需求,企业用户通常对挖矿收益兴趣不大,但为实现记账需求,可以吸引个人用户接入到矿池帮助其挖矿,个人用户能够获得挖矿收益,又无需记账,自然也愿意加入到矿池中,两种类型的用户各取所需,有利于改善区块链系统的运营状况。区块链系统上可以搭建多个矿池,不同的企业可以搭建属于自己的矿池,共享整个区块链系统,同时也便于将挖矿的算力分散到不同的矿池中,避免算力集中,影响区块链系统的安全性。进一步 的,在一些实现方式中,并行链上的所有挖矿节点都被纳入到某个矿池中,并行链上不存在游离于矿池之外的挖矿节点,用户只能通过矿池参与挖矿,由矿池服务器对终端设备进行管控,避免攻击者进行算力聚集。Mining pools can be operated by users who have a large amount of accounting requirements. For example, enterprise users may have a large amount of accounting requirements after the funds are chained. Enterprise users are usually not interested in mining revenue, but to achieve accounting requirements, you can Attract individual users to access the mining pool to help them mine. Individual users can obtain mining revenue without accounting, and naturally are willing to join the mining pool. Both types of users take their own needs, which is conducive to improving the block The operating status of the chain system. Multiple mining pools can be built on the blockchain system. Different companies can build their own mining pools and share the entire blockchain system. At the same time, it is also convenient to disperse the mining power into different mining pools and avoid computing power. Concentration affects the security of the blockchain system. Further, in some implementations, all mining nodes on the parallel chain are included in a mining pool. There are no mining nodes on the parallel chain that are free of the mining pool. Users can only participate in mining through the mining pool. In the mine, the terminal equipment is controlled by the mining pool server to prevent the attacker from gathering computing power.
此外,本公开实施例中的区块链系统采用并行链而不是普通的单链,支持将各Slave TEE分散到不同的并行链上进行挖矿,有效避免算力集中,具体如何实现算力的分散,在后文再具体介绍可能的实现方式。In addition, the blockchain system in the embodiment of the present disclosure uses a parallel chain instead of an ordinary single chain, supports the decentralization of each slave TEE on different parallel chains for mining, and effectively avoids the concentration of computing power. Decentralized, I will introduce the possible implementation methods in detail later.
图3示出了本公开实施例提供的一种记账方法的流程图。图3描述了一次记账权竞争的过程。参照图3,该记账方法可以包括:FIG. 3 shows a flowchart of a billing method provided by an embodiment of the present disclosure. Figure 3 describes a process of accounting rights competition. Referring to FIG. 3, the accounting method may include:
步骤S301:挖矿节点向矿池服务器发送待定记账区块的区块头主体部分的哈希值以及在并行链上挖矿的难度目标值。Step S301: The mining node sends the hash value of the main body of the block header of the pending accounting block to the mining pool server and the difficulty target value of mining on the parallel chain.
在区块链系统的运行过程中,挖矿节点的交易缓冲区里保存有待记账的交易,待定记账区块是指根据待记账交易所确定的新的区块,在开始挖矿前,该区块的区块体已经确定,其中包含待记账交易。During the operation of the blockchain system, the transaction buffer of the mining node holds the transaction to be booked. The pending bookkeeping block refers to the new block determined according to the transaction to be booked before the mining starts. , The block body of the block has been determined, which contains pending transactions.
待定记账区块的区块头可划分为两部分,包括主体部分以及附加部分。在开始挖矿前,主体部分也已经确定,例如,在一些实现方式中,区块头主体部分可以包括区块的版本号、该区块在区块链中的上一区块的区块头的哈希值、并行链的链标识(如并行链编号)、根据区块体中的交易构建的默克尔树(Merkle Tree)的根、表示区块生成时间的时间戳、在并行链上挖矿的难度目标值等,其中,并行链是指生成该区块的挖矿节点所在的并行链。可以理解的是,根据实际需求,区块头主体部分还可以包括更多或更少的字段,例如,在某些实现方式中,为了将PoW共识机制与本公开实施例中采用的共识机制叠加使用以改善区块链系统的安全性,则区块头主体部分中还可以包含PoW算法中所要使用的随机数(Nonce)。The block header of the pending accounting block can be divided into two parts, including the main part and additional parts. Before starting mining, the main part has also been determined. For example, in some implementations, the main part of the block header may include the version number of the block, the block header of the previous block in the block chain. The hope value, the chain identifier of the parallel chain (such as the parallel chain number), the root of the Merkle tree constructed from the transactions in the block body, the timestamp indicating the generation time of the block, mining on the parallel chain The target value of difficulty, etc., where the parallel chain refers to the parallel chain where the mining node that generated the block is located. It can be understood that, according to actual needs, the main part of the block header may also include more or fewer fields, for example, in some implementations, in order to superimpose the PoW consensus mechanism and the consensus mechanism adopted in the embodiments of the present disclosure In order to improve the security of the blockchain system, the main part of the block header may also contain the random number (Nonce) to be used in the PoW algorithm.
待定记账区块的附加部分要在挖矿完成后才能确定,具体由竞争到记账权的Slave TEE通过矿池服务器返回给挖矿节点,挖矿节点获得附加部分后,才能由此形成完整的区块头。区块头的附加部分至少包括记账权确定信息的签名以及竞争到该区块记账权的Slave TEE绑定的钱包账号的地址主体,其具体含义在后文再介绍。可以理解的,区块头的附加部分还可以包括其他信息,例如认证码,具体在后文再介绍。The additional part of the pending accounting block can only be determined after the mining is completed. Specifically, the Slave TEE competing for the accounting right is returned to the mining node through the mining pool server. After the mining node obtains the additional part, it can be completed. Block header. The additional part of the block header includes at least the signature of the accounting right determination information and the address body of the wallet account bound by the Slave TEE competing for the accounting right of the block, the specific meaning of which will be described later. Understandably, the additional part of the block header may also include other information, such as an authentication code, which will be described later.
根据区块头主体部分可以计算区块头主体部分的哈希值,该哈希值能够唯一标识待定记账区块。难度目标值表征在并行链上挖矿的难度(挖矿难度越大平均每次挖矿时间越长),难度目标值由挖矿节点负责维护和更新,难度目标值未更新时,同一并行链上的各挖矿节点在同一时刻的难度目标值是相同。在一些实现方式中,难度目标值通过如下公式更新:According to the body part of the block header, the hash value of the body part of the block header can be calculated, and the hash value can uniquely identify the pending accounting block. The difficulty target value represents the difficulty of mining on the parallel chain (the greater the difficulty of mining, the longer the average mining time per mining). The difficulty target value is maintained and updated by the mining node. When the difficulty target value is not updated, the same parallel chain The difficulty target values of the mining nodes on the same moment are the same. In some implementations, the difficulty target value is updated by the following formula:
新的难度目标值=当前难度目标值*(当前周期实际时间/一个周期的预期时间)New difficulty target value = current difficulty target value * (actual time of current cycle/expected time of one cycle)
这里的周期是指难度目标值的更新周期,例如,可以设置挖矿节点每生成1008个区块为一个周期。假定预期每5分钟生成一个区块,则一个周期的预期时间为5040(1008*5)分钟,而当前周期的实际时间可以在生成区块的过程中统计获得。最开始时,可以设置一个在某种挖矿环境下的难度目标值作为初始的难度目标值,然后按照上面的公式更新难度目标值即可。The period here refers to the update period of the difficulty target value. For example, it can be set that each mining node generates 1008 blocks as a period. Assuming that a block is expected to be generated every 5 minutes, the expected time of one cycle is 5040 (1008*5) minutes, and the actual time of the current cycle can be obtained statistically during the process of generating blocks. At the beginning, you can set a difficulty target value in a certain mining environment as the initial difficulty target value, and then update the difficulty target value according to the above formula.
可以理解的,在一些实现方式中,区块头主体部分的哈希值也可以用一些其他的能够唯一标识该区块的信息代替,例如该区块在区块链中的上一区块的区块头的哈希值,或者区块头主体部分的各字段拼接后形成的字符串等等。采用区块头主体部分的哈希值的优点在于:第一,哈希值较为简短,可以减小需要传输的数据量;第二,区块头主体部分的哈 希值只有在开始组装待定记账区块时才能确定,在此之前是不能确定的,因此各Slave TEE在区块头主体部分尚未确定时是无法提前开始算力竞争的(根据步骤S306,竞争记账权时区块头主体部分的哈希值会被用于生成签名),从而采用区块头主体部分的哈希值标识待定记账区块有利于改善竞争记账权过程中的公平性。Understandably, in some implementations, the hash value of the main body of the block header can also be replaced with some other information that can uniquely identify the block, such as the area of the previous block in the blockchain The hash value of the block header, or a string formed by splicing the fields of the main body of the block header, etc. The advantages of using the hash value of the main part of the block header are: first, the hash value is shorter, which can reduce the amount of data that needs to be transmitted; second, the hash value of the main part of the block header is only at the beginning of the assembly of the pending accounting area It can only be determined at the time of the block, and it cannot be determined before this, so each Slave TEE cannot start the competition of computing power in advance when the main part of the block header has not been determined Will be used to generate signatures), so that the hash value of the main part of the block header is used to identify the pending accounting block is conducive to improving the fairness in the process of competing accounting rights.
在一轮算力竞争已经结束,要开采新的待定记账区块时,挖矿节点向矿池服务器发送区块头主体部分的哈希值以及难度目标值,即执行步骤S301。在待定记账区块的开采过程中(尚未有Slave TEE竞争到记账权),难度目标值维持不变,但可能会有新的待记账交易被纳入到待定记账区块的区块体中,这会造成区块头主体部分中的某些字段的值发生变化,例如时间戳、默克尔树的根,进而导致区块头主体部分的哈希值也会发生变化,此时矿池服务器需要向矿池服务器发送新的区块头主体部分的哈希值。在一些实现方式中,挖矿节点每隔预设的时间段(如半分钟、一分钟等)检测一次是否需要向矿池服务器发送区块头主体部分的哈希值的哈希值及难度目标值。根据上面阐述的,当检测到当前已开始开采新的区块或者有新的交易被纳入到待定记账区块时,发送相应的数据。After a round of computing power competition has ended, when a new pending accounting block is to be mined, the mining node sends the hash value of the main body of the block header and the difficulty target value to the mining pool server, that is, step S301 is executed. In the mining process of pending bookkeeping blocks (no Slave TEE has yet competed for bookkeeping rights), the difficulty target value remains unchanged, but there may be new pending bookkeeping transactions included in the pending bookkeeping block In the body, this will cause the value of some fields in the body of the block header to change, such as the timestamp and the root of the Merkel tree, which in turn will cause the hash value of the body of the block header to change. The server needs to send the hash value of the new block header body to the mining pool server. In some implementations, the mining node checks whether the hash value and difficulty target value of the hash value of the main body of the block header need to be sent to the mining pool server every preset time period (such as half a minute, one minute, etc.) . According to the above, when it is detected that a new block has been mined or a new transaction is included in the pending accounting block, the corresponding data is sent.
若区块链系统是采用图1(A)至图1(B)中的架构方式实现的,则步骤S301可以在图2中的步骤S204之后执行,步骤S204中提到的待处理交易请求集合就是待记账的交易。If the blockchain system is implemented using the architecture shown in FIG. 1(A) to FIG. 1(B), step S301 can be performed after step S204 in FIG. 2 and the set of pending transaction requests mentioned in step S204 Is the transaction to be recorded.
步骤S302:矿池服务器存储挖矿节点发送的区块头主体部分的哈希值以及难度目标值。Step S302: The mining pool server stores the hash value of the main body of the block header and the difficulty target value sent by the mining node.
区块头主体部分的哈希值以及难度目标值可以保存在矿池服务器的数据库中,当然也可以保存在内存中或者其他位置,对此不作限定。不同的并行链上的挖矿节点发送的区块头主体部分的哈希值和难度目标值可以分开保存,便于在后续使用时进行区分。The hash value and difficulty target value of the main part of the block header can be stored in the database of the mining pool server, of course, it can also be stored in memory or other locations, which is not limited. The hash value and difficulty target value of the main body of the block header sent by the mining nodes on different parallel chains can be stored separately, so that they can be distinguished during subsequent use.
步骤S303:终端设备向矿池服务器发送记账请求。Step S303: The terminal device sends an accounting request to the mining pool server.
在步骤S303开始执行之前,终端设备已经接入到矿池服务器,并可参与挖矿,记账请求用于向矿池服务器表明终端设备配置的Slave TEE希望参与竞争记账权。在一些实现方式中,终端设备每隔一端时间发送一次记账请求,该时间可以为固定的,也可以由用户在终端设备上安装的挖矿应用中配置,例如将发起请求的时间间隔配置为1至60分钟内的某个时间。在一些实现方式中,终端设备发送记账请求的时间间隔还可能受Slave TEE竞争记账是否成功的影响,例如,在记账竞争成功后可以闲置一段时间暂时不参与竞争记账,或者,在记账竞争失败后接着参与竞争记账。Before step S303 starts to be executed, the terminal device has been connected to the mining pool server and can participate in mining. The accounting request is used to indicate to the mining pool server that the slave TEE of the terminal device configuration wishes to participate in the competition for accounting rights. In some implementations, the terminal device sends an accounting request every other time, which can be fixed or configured by the user in the mining application installed on the terminal device, for example, the time interval for initiating the request is configured as Sometime within 1 to 60 minutes. In some implementations, the time interval at which the terminal device sends the accounting request may also be affected by the success of the Slave TEE competition accounting. For example, after the accounting competition is successful, it may be idle for a period of time to temporarily not participate in the competition accounting, or, in After the accounting competition fails, it then participates in the accounting competition.
步骤S304:矿池服务器向终端设备发送区块头主体部分的哈希值以及难度目标值。Step S304: the mining pool server sends the hash value of the main body of the block header and the difficulty target value to the terminal device.
矿池服务器收到记账请求后,将竞争记账所需的区块头主体部分的哈希值以及难度目标值返回给终端设备,其中,区块头主体部分的哈希值以及难度目标值是步骤S302中获得的。After receiving the accounting request, the mining pool server returns the hash value and difficulty target value of the main body of the block header required for competitive accounting to the terminal device, where the hash value and difficulty target value of the main body of the block header are the steps Obtained in S302.
在区块链系统有多个并行链时,Slave TEE每次只能竞争其中一个并行链上的记账权,应当将该并行链上的挖矿节点发送的区块头主体部分的哈希值以及难度目标值发送给终端设备。至于如何确定Slave TEE应当在哪个并行链上挖矿,可以采取不同的实现方式,例如不限定Slave TEE在哪个并行链上挖矿,随机选择一个并行链作为其挖矿的并行链,又例如,限制Slave TEE只能在某个特定的并行链上挖矿,等等。When there are multiple parallel chains in the blockchain system, Slave TEE can only compete for the accounting rights on one of the parallel chains at a time, and the hash value of the main body of the block header sent by the mining node on the parallel chain and the The difficulty target value is sent to the terminal device. As for how to determine on which parallel chain Slave TEE should mine, different implementation methods can be adopted. For example, it is not limited on which parallel chain Slave TEE mines, and a parallel chain is randomly selected as its mining parallel chain, for example, Limit Slave TEE to only mine on a particular parallel chain, etc.
步骤S305:终端设备配置的Slave TEE判断自身的累积未用时长是否大于根据难度目标值计算出的累积未用下限时长。Step S305: The Slave TEE configured in the terminal device determines whether its accumulated unused duration is greater than the accumulated unused lower limit duration calculated according to the difficulty target value.
Slave TEE中可以设置有时钟,该时钟独立于终端设备上的时钟,并时钟只能被Slave TEE内部的程序(TA)所访问,不能被Slave TEE之外的程序(如终端设备上的程序)所 访问。A clock can be set in Slave TEE, which is independent of the clock on the terminal device, and the clock can only be accessed by the program (TA) inside Slave TEE, and cannot be accessed by programs other than Slave TEE (such as the program on the terminal device) Visited.
在Slave TEE被制造时可以配置好累积未用时长的初始值,在Slave TEE竞争记账权的过程中,从开始竞争记账权到Slave TEE中设置的时钟的当前时间之间所经过/消逝的时长会累加到累积未用时长。When the Slave TEE is manufactured, the initial value of the accumulated unused time can be configured. During the Slave TEE competition accounting right, the elapsed/elapsed time from the start of the competition accounting right to the current time of the clock set in the Slave TEE Will add up to the accumulated unused time.
其具体的累加方式不做限定,例如,可以由Slave TEE中持续运行的处理过程(或称背景线程)控制累积未用时长的变化。又例如,在每次竞争记账权时,需要先获取累积未用时长,在获取时先确定从开始竞争记账权到Slave TEE中设置的时钟的当前时间之间所经过/消逝的时长,然后将所确定的时长累加到累积未用时长中。在后一种方式中,仅仅让Slave TEE加电,而不去竞争记账权,当前累积未用时长不会累加。The specific accumulation method is not limited. For example, the process of continuously running in the Slave TEE (or background thread) can control the change of the accumulated unused time. For another example, each time the accounting right is competed, the accumulated unused time needs to be obtained first, and the time elapsed/elapsed from the start of the competition accounting right to the current time of the clock set in the Slave TEE is determined before acquiring, and then The determined duration is added to the accumulated unused duration. In the latter method, the Slave TEE is simply powered up without competing for billing rights, and the current accumulated unused time will not be accumulated.
累积未用下限时长根据难度目标值计算获得,例如,在一些实现方式中,可以通过如下公式进行计算:The cumulative unused lower limit duration is calculated according to the difficulty target value, for example, in some implementations, it can be calculated by the following formula:
累积未用下限时长=M/难度目标值Cumulative unused lower limit duration = M/difficulty target value
其中,M为预设的常数,可以保存在Slave TEE中。累积未用下限时长可以表征在指定的难度目标值下,每个Salve TEE两次获得记账权之间的大致时间间隔。因此,若Slave TEE判断当前的累积未用时长超过累积未用下限时长,则Slave TEE可确定自己获得记账权。若获得记账权,执行步骤S306,若未获得记账权,则可以继续参与下一轮记账权的竞争。需要指出,Slave TEE可获得记账权,并不意味这Slave TEE能够记账成功,后续步骤中还可能存在其他验证步骤,导致Slave TEE记账失败,所以此处获得记账权应理解为纯粹从共识算法的角度来看能够获得记账权。Among them, M is a preset constant, which can be saved in Slave TEE. The cumulative unused lower limit duration can characterize the approximate time interval between each Salve TEE obtaining the accounting right twice under the specified difficulty target value. Therefore, if Slave TEE judges that the current accumulated unused time exceeds the accumulated unused lower limit time, then Slave TEE can determine that it has obtained the accounting right. If the accounting right is obtained, step S306 is executed. If the accounting right is not obtained, it can continue to participate in the next round of accounting right competition. It should be pointed out that Slave TEE can obtain the accounting right, which does not mean that Slave TEE can successfully account, and there may be other verification steps in the subsequent steps, which leads to Slave TEE accounting failure, so the acquisition of accounting right here should be understood as pure From the perspective of the consensus algorithm, the accounting power can be obtained.
Slave TEE在获得记账权后,将累积未用下限时长更新为当前的累积未用时长与累积未用下限时长的差。即竞争到记账权会使得累积未用时长消耗掉累积未用下限时长,从而保证矿池中各Slave TEE公平竞争记账权。After obtaining the accounting right, Slave TEE updates the accumulated unused minimum duration to the difference between the current accumulated unused duration and the accumulated unused minimum duration. That is, the competition for the accounting right will cause the accumulated unused time to consume the accumulated unused lower limit time, thereby ensuring the fair competition of the Slave TEE in the mining pool.
需要指出,在步骤S304之后,首先是终端设备接收到难度目标值和区块头主体部分的哈希值,然后再将这两项信息传递给Slave TEE(分别用于步骤S305和步骤S306),传递信息的方式可以是调用Slave TEE提供的对外接口,将难度目标值和区块头主体部分的哈希值作为调用参数,该接口对外实现的功能即竞争记账权的功能(步骤S305和步骤S306)。It should be noted that after step S304, the terminal device first receives the difficulty target value and the hash value of the body part of the block header, and then passes the two pieces of information to the Slave TEE (respectively for step S305 and step S306), and passes The way of information can be to call the external interface provided by Slave TEE, using the difficulty target value and the hash value of the main part of the block header as the calling parameters. The function of this interface externally is the function of competing for accounting rights (step S305 and step S306) .
根据上面的阐述不难看出,上述共识算法与PoW算法存在很大区别,无需进行无意义的哈希碰撞计算,在Slave TEE中只需要对累积未用时长进行维护以及将累积未用时长与累积未用下限时长进行简单的比较,其所涉及的计算量比PoW算法小得多,有效避免了Slave TEE中计算资源的浪费,降低了Slave TEE的功耗,有效节省了电能的消耗。或者说,Slave TEE可以采用低成本、低功耗的硬件来实现,这进一步降低了挖矿所需的设备门槛,有利于矿池吸引更多的用户参与挖矿。进一步的,在大部分时间,例如竞争记账权的间隔,Slave TEE的计算资源都处于闲置状态,因而甚至可以将其用于执行其他任务。According to the above explanation, it is not difficult to see that the above consensus algorithm is very different from the PoW algorithm. There is no need to perform meaningless hash collision calculations. In Slave TEE, only the cumulative unused duration needs to be maintained and the cumulative unused duration and the cumulative A simple comparison of the lower limit time is not used, and the calculation amount involved is much smaller than the PoW algorithm, which effectively avoids the waste of computing resources in the Slave TEE, reduces the power consumption of the Slave TEE, and effectively saves the power consumption. In other words, Slave TEE can be implemented with low-cost, low-power hardware, which further reduces the threshold of equipment required for mining and helps the mining pool attract more users to participate in mining. Further, most of the time, such as the interval between competing billing rights, Slave TEE's computing resources are idle, so they can even be used to perform other tasks.
需要指出,在本公开实施例的阐述中经常提到Slave TEE的算力,但其含义和采用PoW共识算法时矿工的算力是不同的,并不代表运算能力。当然Slave TEE的算力也表征一种竞争获得记账权的能力,从这一点上讲其与现有技术中算力的定义也有类似之处,故沿用了此说法。It should be pointed out that, in the explanation of the embodiments of the present disclosure, the computing power of the Slave TEE is often mentioned, but its meaning is different from the computing power of the miner when the PoW consensus algorithm is adopted, and does not represent the computing power. Of course, the computing power of Slave TEE also characterizes the ability to compete for accounting power. From this point of view, it also has similarities with the definition of computing power in the prior art, so this statement is used.
步骤S306:Slave TEE对记账权确定信息进行签名。Step S306: Slave TEE signs the accounting right determination information.
记账权确定信息包括和竞争记账权相关的关键信息。在本公开实施例中,记账权确定信息至少包括待定记账区块的区块头主体部分的哈希值以及Slave TEE绑定的钱包账号的 地址主体。在不同的实现方式中,记账权确定信息还可以包括步骤S305中提到的累积未用下限时长、步骤S301中提到的随机数以及后文将会提到的认证码,等等。The accounting right determination information includes key information related to the competitive accounting right. In the embodiment of the present disclosure, the accounting right determination information includes at least the hash value of the body part of the block header of the pending accounting block and the address body of the wallet account bound by the Slave TEE. In different implementation manners, the accounting right determination information may further include the cumulative unused lower limit duration mentioned in step S305, the random number mentioned in step S301, an authentication code to be mentioned later, and so on.
其中,Slave TEE绑定有钱包账号的地址,用于接收挖矿收益,钱包账号的地址在Slave TEE所在的区块链系统中具有唯一性。钱包账号的地址至少包括钱包账号的地址主体,在一些实现方式中可选地还可以包括附加部分。Slave TEE可以响应于终端设备发出的账号地址生成请求生成钱包账号的地址,每个钱包账号的地址与每个Slave TEE唯一对应,即具有绑定关系。例如,终端设备配置好Salve TEE后,用户可以在终端设备上安装的钱包应用中作出账号地址生成操作,终端设备响应于该操作并生成上述账号地址生成请求,进而在Slave TEE中生成钱包账号的地址。Among them, Slave TEE is bound to the address of the wallet account for receiving mining revenue. The address of the wallet account is unique in the blockchain system where Slave TEE is located. The address of the wallet account includes at least the address body of the wallet account, and in some implementations may optionally include additional parts. Slave TEE can generate a wallet account address in response to an account address generation request sent by a terminal device, and the address of each wallet account corresponds uniquely to each Slave TEE, that is, it has a binding relationship. For example, after the terminal device is configured with Salve TEE, the user can make an account address generation operation in the wallet application installed on the terminal device, the terminal device responds to the operation and generates the above account address generation request, and then generates a wallet account in Slave TEE address.
钱包账号的地址主体的生成方法可以采用现有的区块链中生成钱包账号的地址的方法,即本公开实施例中的钱包账号的地址主体的含义与现有技术中的钱包账号的地址的含义一致。钱包账号的地址的附加部分可以包括,但不限于Slave TEE的虚拟并行链标识、钱包账号的类型等信息,其中关于虚拟并行链标识,在后文再具体阐述。即使不考虑钱包账号的地址的附加部分,钱包账号的地址主体也能够唯一标识Slave TEE,因此钱包账号的地址主体表明了记账者的身份,也属于竞争记账权过程中的关键信息之一。The method of generating the address body of the wallet account may use the method of generating the address of the wallet account in the existing blockchain, that is, the meaning of the address body of the wallet account in the embodiment of the present disclosure and the address of the wallet account in the prior art The meaning is the same. The additional part of the address of the wallet account may include, but is not limited to, Slave TEE's virtual parallel chain identifier, the type of the wallet account, and other information. The virtual parallel chain identifier will be described in detail later. Even if the additional part of the address of the wallet account is not considered, the address body of the wallet account can uniquely identify the Slave TEE, so the address body of the wallet account indicates the identity of the bookkeeper, and is also one of the key information in the process of competing bookkeeping rights .
在一些实现方式中,对记账权确定信息的签名可以采用非对称加密的方式。例如,可以在Slave TEE中事先保存第一私钥,并可以利用第一私钥加密记账权确定信息,生成记账权确定信息的签名。区块链系统中任何持有与第一私钥匹配的第一公钥的节点(如矿池服务器、挖矿节点等)都可以利用第一公钥验证该签名的真实性。In some implementations, the signature of the accounting right determination information may be asymmetrically encrypted. For example, the first private key may be saved in the Slave TEE in advance, and the first private key may be used to encrypt the accounting right determination information to generate a signature of the accounting right determination information. Any node in the blockchain system that holds the first public key that matches the first private key (such as a mining pool server, mining node, etc.) can use the first public key to verify the authenticity of the signature.
步骤S307:终端设备向矿池服务器发送记账权确定信息以及记账权确定信息的签名。Step S307: The terminal device sends the accounting right determination information and the signature of the accounting right determination information to the mining pool server.
步骤S308:矿池服务器向挖矿节点发送记账权确定信息以及记账权确定信息的签名。Step S308: The mining pool server sends the accounting right determination information and the signature of the accounting right determination information to the mining node.
在一些实现方式中,矿池服务器可以不对记账权确定信息以及记账权确定信息的签名进行处理,直接执行步骤S308。在另一些实现方式中,矿池服务器可以根据记账权确定信息以及记账权确定信息的签名对竞争记账权的结果进行验证。例如,当记账权确定信息使用第一私钥签名时,矿池服务器可以保存第一公钥并利用第一公钥验证签名的真实性,若签名验证成功,表明签名确实是Slave TEE生成的,从而可以证明矿池服务器接收到的记账权确定信息确实是Slave TEE发送的,进而可以执行步骤S308,若签名验证失败,说明矿池服务器接收到的记账权确定信息不是Slave TEE发送的,可能是攻击者伪造的,因此不执行步骤S308及后续步骤,避免攻击者获得记账权。In some implementations, the mining pool server may directly perform step S308 without processing the accounting right determination information and the signature of the accounting right determination information. In other implementation manners, the mining pool server may verify the result of competing for the accounting right according to the accounting right determination information and the signature of the accounting right determination information. For example, when the accounting right determination information is signed with the first private key, the mining pool server can save the first public key and use the first public key to verify the authenticity of the signature. If the signature verification succeeds, it indicates that the signature is indeed generated by the Slave TEE , Which can prove that the accounting right determination information received by the mining pool server is indeed sent by Slave TEE, and then step S308 can be executed. If the signature verification fails, it indicates that the accounting right determination information received by the mining pool server is not sent by Slave TEE , May be forged by the attacker, so step S308 and subsequent steps are not performed to prevent the attacker from obtaining accounting rights.
进一步的,矿池服务器还可以验证记账权确定信息的内容是否被篡改,以改善区块链系统的安全性,避免信息伪造。例如,矿池服务器可以验证本地保存的区块头主体部分的哈希值与记账权确定信息中的区块头主体部分的哈希值是否一致,从而确定Slave TEE在记账时是否使用了伪造的待定记账区块。又例如,矿池服务器可以根据本地保存的难度目标值换算出一个累积未用下限时长,并验证该换算出的累积未用下限时长与记账权确定信息中的累积未用下限时长是否一致,从而确定Slave TEE在记账时是否使用了伪造的难度目标值。根据验证结果,若记账权确定信息未被篡改,继续执行步骤S308,否则不执行步骤S308及后续步骤。Furthermore, the mining pool server can also verify the accounting rights to determine whether the content of the information has been tampered with to improve the security of the blockchain system and avoid information forgery. For example, the mining pool server can verify whether the hash value of the locally stored block header body part is consistent with the hash value of the block header body part in the accounting right determination information, so as to determine whether Slave TEE used forged Pending accounting block. For another example, the mining pool server can convert a cumulative unused lower limit duration according to the locally saved difficulty target value, and verify whether the converted cumulative unused lower limit duration is consistent with the cumulative unused lower limit duration in the accounting right determination information, In order to determine whether Slave TEE used the forged difficulty target value when accounting. According to the verification result, if the accounting right determination information has not been tampered with, step S308 is continued, otherwise step S308 and subsequent steps are not executed.
之前在步骤S304中已经提到,在区块链系统有多个并行链时,Slave TEE每次只能竞争其中一个并行链上的记账权,因此步骤S308中矿池服务器向挖矿节点发送记账权确定信息以及记账权确定信息的签名,也应当是向Slave TEE竞争到记账权的那个并行链上的挖 矿节点发送记账权确定信息以及记账权确定信息的签名,或者说,如果Slave TEE竞争记账权过程中使用的区块头主体部分的哈希值和难度目标值最初来自哪个挖矿节点,那么竞争到记账权后,记账权确定信息以及记账权确定信息的签名也应该发送回该挖矿节点。As mentioned earlier in step S304, when the blockchain system has multiple parallel chains, Slave TEE can only compete for the accounting rights on one of the parallel chains at a time, so the mining pool server sends to the mining node in step S308 The signature of the accounting right determination information and the accounting right determination information should also be the signature of the accounting right determination information and the accounting right determination information sent to the mining node on the parallel chain where Slave TEE competes for the accounting right, or That is to say, if the hash value and difficulty target value of the main body of the block header used in the Slave TEE competition for the accounting right are originally from which mining node, then after the competition to the accounting right, the accounting right determination information and the accounting right are determined The signature of the information should also be sent back to the mining node.
步骤S309:挖矿节点生成记账区块并将记账区块添加至本地的区块链中。Step S309: The mining node generates an accounting block and adds the accounting block to the local blockchain.
在步骤S301中已经提到,待定记账区块的区块头的附加部分至少包括记账权确定信息的签名以及竞争到该区块记账权的Slave TEE绑定的钱包账号的地址主体,并且在竞争记账权成功前尚不能确定其内容。记账权确定信息中包含这两项内容,因此此时挖矿节点已经可以形成完整的区块头,而区块体也是已经确定的,因此可以生成完整的区块,不妨称之为记账区块。挖矿节点组建好记账区块后,将其添加至其本地的区块链的尾部。As mentioned in step S301, the additional part of the block header of the pending accounting block includes at least the signature of the accounting right determination information and the address body of the wallet account bound by the Slave TEE competing for the accounting right of the block, and The content of the competition cannot be determined before the success of the accounting right. The accounting right determination information contains these two contents, so at this time, the mining node can already form a complete block header, and the block body is also determined, so it can generate a complete block, which may be called the accounting area Piece. After the mining node has assembled the accounting block, it is added to the tail of its local blockchain.
在一些实现方式中,挖矿节点可以不对记账权确定信息以及记账权确定信息的签名进行处理,直接执行步骤S309。在另一些实现方式中,挖矿节点可以根据记账权确定信息以及记账权确定信息的签名对竞争记账权的结果进行验证。例如,在记账权确定信息使用第一私钥被签名的情况下,挖矿节点可以保存第一公钥并利用第一公钥验证签名的真实性,若签名验证成功,才执行步骤S309,若签名验证失败,则不执行步骤S309及后续步骤。In some implementations, the mining node may directly perform step S309 without processing the accounting right determination information and the signature of the accounting right determination information. In other implementations, the mining node may verify the result of competing for the accounting right based on the accounting right determination information and the signature of the accounting right determination information. For example, in the case where the accounting right determination information is signed using the first private key, the mining node may save the first public key and use the first public key to verify the authenticity of the signature. If the signature verification is successful, step S309 is executed. If the signature verification fails, step S309 and subsequent steps are not executed.
进一步的,挖矿节点还可以验证记账权确定信息的内容是否被篡改,以改善区块链系统的安全性,避免信息伪造。例如,挖矿节点可以验证本地保存的区块头主体部分的哈希值与记账权确定信息中的区块头主体部分的哈希值是否一致,从而确定Slave TEE在记账时是否使用了伪造的待定记账区块。又例如,挖矿节点可以根据本地保存的难度目标值换算出一个累积未用下限时长,验证该换算出的累积未用下限时长与记账权确定信息中的累积未用下限时长是否一致,从而确定Slave TEE在记账时是否使用了伪造的难度目标值。根据验证结果,若记账权确定信息未被篡改,继续执行步骤S309,否则不执行步骤S309及后续步骤。Further, the mining node can also verify the accounting rights to determine whether the content of the information has been tampered with to improve the security of the blockchain system and avoid information forgery. For example, the mining node can verify whether the hash value of the locally stored block header body part is consistent with the hash value of the block header body part in the accounting right determination information, so as to determine whether Slave TEE used forged Pending accounting block. For another example, the mining node may convert a cumulative unused lower limit duration according to the locally saved difficulty target value, and verify whether the converted cumulative unused lower limit duration is consistent with the cumulative unused lower limit duration in the accounting right determination information, thereby Determine whether Slave TEE uses the forged difficulty target value when accounting. According to the verification result, if the accounting right determination information has not been tampered with, step S309 is continued, otherwise step S309 and subsequent steps are not executed.
挖矿节点在将记账区块添加至本地的区块链后,还会将新生成的区块在挖矿节点所在的并行链上广播,以使区块被同步至该并行链上的其他节点的账本中,其具体广播方式可以采用和现有的区块链类似的方式,不进行详细阐述。在一些实现方式中,挖矿节点还向其所在的并行链上的其他需要记账的节点广播记账权确定信息及记账权确定信息的签名,这些节点在接收到该信息后,可以验证信息的内容与其本地的区块链中的待确认的记账区块是否一致,若一致才认可该记账区块为一个合法的区块,否则不认可该记账区块,以避免生成的区块被伪造。After the mining node adds the accounting block to the local blockchain, it will also broadcast the newly generated block on the parallel chain where the mining node is located, so that the block is synchronized to other on the parallel chain In the node's ledger, the specific broadcast method can be similar to the existing blockchain, and will not be elaborated in detail. In some implementations, the mining node also broadcasts the accounting right determination information and the signature of the accounting right determination information to other nodes on the parallel chain that need to be accounted for, and these nodes can verify after receiving the information Whether the content of the information is consistent with the accounting block to be confirmed in the local blockchain. If they are consistent, the accounting block is recognized as a legal block, otherwise the accounting block is not approved to avoid the generation of The block was forged.
例如,记账区块B1由挖矿节点M1生成,挖矿节点M1将其广播给同链的挖矿节点M2,挖矿节点M2将区块B1添加至其本地的区块链的尾部,等待进一步确认,此时对于挖矿节点M2来说,区块B1就是待确认的记账区块,当然,挖矿节点M2的区块链尾部可能同时存在多个待确认的记账区块,例如B2、B3等。For example, the accounting block B1 is generated by the mining node M1, and the mining node M1 broadcasts it to the mining node M2 of the same chain, and the mining node M2 adds the block B1 to the tail of its local blockchain, waiting It is further confirmed that for mining node M2, block B1 is the accounting block to be confirmed. Of course, there may be multiple accounting blocks to be confirmed at the end of the blockchain of mining node M2, for example B2, B3, etc.
以挖矿节点M2为例来说明并行链上的记账节点如何根据记账权确定信息及记账权确定信息的签名验证区块的合法性。首先,M2上可以保存有第一公钥,用于验证记账权确定信息的签名的真实性。其次,M2可以将记账权确定信息中的区块头主体部分的哈希值、钱包账号的地址主体、累积未用下限时长(对应难度目标值)等内容,与其本地的区块链中的待确认的记账区块的区块头中的对应信息项向进行对比,验证二者是否一致。例如,分别计算区块B1、B2、B3的区块头主体部分的哈希值,验证记账权确定信息中的区块头主体部分的哈希值与计算出的三个哈希值是否一致,假设与区块B2的计算出的哈希值一致, 再进一步验证区块B2的区块头中的其他几项信息与记账权确定信息中的对应信息项是否一致。若区块B2通过了全部的验证步骤,则挖矿节点M2可以确定区块B2为一个合法的区块。Take the mining node M2 as an example to illustrate how the accounting node on the parallel chain can verify the legitimacy of the block based on the accounting right determination information and the signature of the accounting right determination information. First, the first public key may be stored on M2 to verify the authenticity of the signature of the accounting right determination information. Secondly, M2 can combine the hash value of the main body of the block header in the accounting right determination information, the address body of the wallet account, the accumulated unused minimum duration (corresponding to the difficulty target value) and other content with its local blockchain. The corresponding information items in the block header of the confirmed accounting block are compared to verify whether they are consistent. For example, calculate the hash value of the main body of the block header of blocks B1, B2, and B3, and verify whether the hash value of the main body of the block header in the accounting right determination information is consistent with the calculated three hash values. It is consistent with the calculated hash value of block B2, and it is further verified whether the other pieces of information in the block header of block B2 are consistent with the corresponding information items in the accounting right determination information. If the block B2 passes all the verification steps, the mining node M2 can determine that the block B2 is a legal block.
此外,由于记账区块的区块头中都包含了记账权确定信息的签名,在区块生成后的任何时刻,公钥的持有者都可以验证该签名的真实性,从而确认该区块是否由合法的SlaveTEE设备通过挖矿产生。In addition, since the block header of the accounting block contains the signature of the accounting right determination information, at any time after the block is generated, the holder of the public key can verify the authenticity of the signature to confirm the area Whether the block is generated by legal SlaveTEE equipment through mining.
根据区块链的基本原理,对于区块链系统而言,要解决的核心问题之一是避免攻击者故意集中算力,制造51%算力攻击。本公开实施例提供了若干种措施,避免区块链系统中的算力聚集。图4(A)至图4(B)示出了本公开实施例提供的另一种记账方法的流程图。参照图4(A)以及图4(B),该方法包括:According to the basic principles of the blockchain, for the blockchain system, one of the core problems to be solved is to prevent the attacker from intentionally concentrating the computing power and creating a 51% computing power attack. The embodiments of the present disclosure provide several measures to avoid the accumulation of computing power in the blockchain system. 4(A) to 4(B) show a flowchart of another accounting method provided by an embodiment of the present disclosure. 4(A) and 4(B), the method includes:
步骤S401:终端设备向矿池服务器发送注册请求。Step S401: The terminal device sends a registration request to the mining pool server.
某一终端设备配置了Slave TEE,Slave TEE已经与挖矿使用的钱包账号的地址绑定。现在用户想通过该终端设备接入到一个矿池参与挖矿。在一些实现方式中,终端设备可以直接开始挖矿,如执行步骤S303。在另一些实现方式中,用户需要首先在矿池服务器上注册,注册成功后才能挖矿,便于矿池服务器对挖矿者进行管控。注册时,用户通过终端设备向矿池服务器发送注册请求,注册请求可以由用户在终端设备上安装的挖矿应用中主动发起。Slave TEE is configured on a certain terminal device, and Slave TEE has been bound to the address of the wallet account used in mining. Now the user wants to access a mining pool through the terminal device to participate in mining. In some implementations, the terminal device can directly start mining, such as step S303. In some other implementations, the user needs to register on the mining pool server first, and only after the registration is successful can mining be performed, so that the mining pool server can control the miners. During registration, the user sends a registration request to the mining pool server through the terminal device, and the registration request can be actively initiated by the user in the mining application installed on the terminal device.
注册请求中携带有注册信息,注册信息至少包括Slave TEE绑定的钱包账号的地址,还可以包括用户属性信息,例如用户名、密码、用户个人信息等。The registration request carries registration information. The registration information includes at least the address of the wallet account bound to the Slave TEE, and may also include user attribute information, such as a user name, password, and user personal information.
在一些矿池的实现中,还可以要求在该矿池参与挖矿的所有用户必须经过实名认证机构,即用户的真实身份信息必须和Slave TEE绑定。In the implementation of some mining pools, you can also require that all users participating in mining in the mining pool must go through a real-name certification authority, that is, the user's real identity information must be bound to the Slave TEE.
实名认证机构可以是和用户、矿池没有直接利益关系的第三方权威机构,例如,某些国家监管机构。实名认证可以由用户自行到实名认证机构处办理,例如,用户通过手机(终端设备的一种)上安装的网页浏览器应用访问实名认证机构的网站,填写自己的手机号(用户真实身份信息的一种)、Slave TEE绑定的钱包账号的地址以及手机验证码,手机验证码可以在用户填写完手机号后向实名认证机构索取,验证码将以短信的信息发到手机上,用户再将其填好,用户填写完全部信息后提交这些信息,实名认证机构在服务器端验证并存储用户提交的信息,若认证通过,向手机返回认证结果,手机将认证结果在本地保存。可以理解的,实名认证的具体方式在本公开实施例中不作限定,以上仅仅是其中一种。The real-name certification authority may be a third-party authority that has no direct interest in users and mining pools, for example, some national regulatory authorities. The real-name authentication can be handled by the user to the real-name authentication agency, for example, the user visits the website of the real-name authentication agency through a web browser application installed on the mobile phone (a type of terminal device), and fills in his mobile phone number (the user’s real identity information) One), the address of the wallet account and the mobile phone verification code bound to the Slave TEE. The mobile phone verification code can be obtained from the real-name certification body after the user fills out the mobile phone number. The verification code will be sent to the mobile phone as a message, and the user will Fill it in, the user submits all the information after filling in all the information, and the real-name certification body verifies and stores the information submitted by the user on the server side. If the authentication is passed, the authentication result is returned to the mobile phone, and the mobile phone saves the authentication result locally. It can be understood that the specific method of real-name authentication is not limited in the embodiments of the present disclosure, and the above is only one of them.
实名认证结果可以是具有特定格式的消息,实名认证结果中至少包括认证码,还可以包括,但不限于认证标识、用户实名标识、设备标识中的一个或多个信息项。下面简单予以介绍:The real-name authentication result may be a message with a specific format. The real-name authentication result includes at least an authentication code, and may also include, but is not limited to, one or more information items in the authentication ID, user real-name ID, and device ID. The following is a brief introduction:
认证标识用于表征实名认证机构的身份。The certification mark is used to characterize the identity of the real-name certification body.
用户实名标识用于表征用户的真实身份信息,例如可以是用户的手机、身份证号、银行卡号、驾驶证号等等,用户实名标识的内容可以是用户在进行实名认证时提交的。The user real name identification is used to characterize the user's real identity information, such as the user's mobile phone, ID card number, bank card number, driving license number, etc. The content of the user real name identification may be submitted by the user when performing real name authentication.
设备标识用于表征参与认证的Slave TEE,例如可以是Slave TEE绑定的钱包账号的地址(或地址主体)、Slave TEE的硬件标识等等,其中,Slave TEE的硬件标识用于唯一标记某个Slave TEE的身份,可以在Salve TEE制造时就确定好并固化在Slave TEE中。设备标识的内容可以是用户在进行实名认证时提交的。The device identifier is used to characterize the slave TEE participating in the authentication, for example, it can be the address (or address body) of the wallet account bound to the slave TEE, the hardware identifier of the slave TEE, etc., where the hardware identifier of the slave TEE is used to uniquely mark a certain The identity of the Slave TEE can be determined and solidified in the Slave TEE when Salve TEE is manufactured. The content of the device identification may be submitted by the user during real-name authentication.
认证码用于表示用户已通过实名认证机构的认证,认证码与用户具有对应关系。由于 在实名认证的过程中,用户的真实身份信息与Slave TEE是绑定的,而用户既可以通过用户实名标识来标记,也可以通过设备标识来标记,所以认证码与用户实名标识以及设备标识也具有对应关系。在一些实现方式中,认证码可以被实施为一个由实名认证机构生成的随机整数,并在实名认证机构的服务器上与用户实名标识和/或设备标识关联存储。The authentication code is used to indicate that the user has passed the authentication of the real-name authentication agency, and the authentication code has a corresponding relationship with the user. In the process of real-name authentication, the user's real identity information is bound to the Slave TEE, and the user can be marked either by the user's real-name ID or by the device ID, so the authentication code and the user's real-name ID and device ID There is also a corresponding relationship. In some implementations, the authentication code may be implemented as a random integer generated by the real-name certification authority, and stored on the server of the real-name certification authority in association with the user real-name identification and/or device identification.
获得上述认证结果的人或设备可以到实名认证机构处验证用户是否经过实名认证。例如,首先根据认证标识解析出该认证结果是哪家实名认证机构作出的,然后访问该实名认证机构提供的某个查询网址,提交用户实名标识以及认证码,或者提交设备标识以及认证码,即可获得实名认证机构反馈的结果,将结果指示用户是否经过实名认证。The person or device that obtains the above-mentioned authentication result can go to the real-name authentication agency to verify whether the user has passed the real-name authentication. For example, first parse out which real-name certification body made the certification result according to the certification mark, and then visit a query URL provided by the real-name certification body, submit the user real-name identification and authentication code, or submit the device identification and authentication code, namely You can get the results of the real-name certification body feedback, and indicate whether the user has passed the real-name authentication.
进一步的,为确保认证结果真实可信,实名认证机构可以用其私钥对认证结果进行签名,将认证结果以及认证结果的签名返回给终端设备,拥有实名认证机构的公钥的设备可以验证该签名的真实性。Further, in order to ensure the authenticity of the certification result, the real-name certification authority can use its private key to sign the certification result, return the certification result and the signature of the certification result to the terminal device, and the device with the public key of the real-name certification authority can verify the The authenticity of the signature.
对于采用了实名认证机制的情况,终端设备发送给矿池服务器的注册请求中还可以包括认证结果以及认证结果的签名。For the real-name authentication mechanism, the registration request sent by the terminal device to the mining pool server may also include the authentication result and the signature of the authentication result.
步骤S402:矿池服务器验证注册请求是否有效。Step S402: The mining pool server verifies whether the registration request is valid.
矿池服务器对于接收到的注册信息判断是否合法,例如格式是否正确等等,若合法则执行步骤S403,若不合法则执行步骤S404,告知终端设备注册失败,以使用户可以采取相应的措施,例如重新进行注册。The mining pool server judges whether the received registration information is legal, for example, whether the format is correct, etc. If it is legal, step S403 is executed, and if it is illegal, step S404 is executed to notify the terminal device that the registration has failed, so that the user can take corresponding measures, for example Re-register.
若矿池的实现要求验证挖矿用户是否通过了实名认证,矿池服务器还会接收到终端设备发送的认证结果以及认证结果的签名。矿池服务器上可以保存与实名认证机构的私钥相匹配的公钥,从而可以验证签名的真实性。若验证成功,则执行步骤S403,若验证失败则执行步骤S404,告知终端设备注册失败。If the implementation of the mining pool requires verification of whether the mining user has passed the real-name authentication, the mining pool server will also receive the authentication result sent by the terminal device and the signature of the authentication result. The public key that matches the private key of the real-name certification authority can be stored on the mining pool server, so that the authenticity of the signature can be verified. If the verification is successful, step S403 is executed; if the verification fails, step S404 is executed to notify the terminal device that the registration has failed.
此外,在一些实现方式中,矿池服务器还可以根据认证结果去实名认证机构处验证用户是否确实通过了实名认证,避免认证结果遭到篡改,可能的验证方法在步骤S401中已经举例阐述,不再重复阐述。若验证成功,则执行步骤S403,若验证失败则执行步骤S404,告知终端设备注册失败。In addition, in some implementations, the mining pool server can also go to the real-name certification authority to verify whether the user has actually passed the real-name authentication according to the authentication result, to avoid tampering with the authentication result. The possible verification method has been illustrated in step S401. Repeat again. If the verification is successful, step S403 is executed; if the verification fails, step S404 is executed to notify the terminal device that the registration has failed.
步骤S403:矿池服务器保存注册信息。Step S403: The mining pool server saves the registration information.
注册信息可以保存在矿池服务器的数据库中。在一些实现方式中,Slave TEE绑定的钱包账号的地址的主体部分和虚拟并行链标识(属于钱包账号的地址的附加部分)可以分成两个字段保存,并在数据库中为这两个字段添加索引,便于快速查询。The registration information can be saved in the database of the mining pool server. In some implementations, the main part of the address of the wallet account bound by Slave TEE and the virtual parallel chain identifier (additional part of the address of the wallet account) can be divided into two fields to save and add these two fields in the database Index for quick query.
步骤S404:矿池服务器向终端设备发送注册响应。Step S404: the mining pool server sends a registration response to the terminal device.
注册响应可以包括注册成功、注册失败等状态,用于告知用户注册结果。The registration response may include the status of successful registration, failed registration, etc., to inform the user of the registration result.
步骤S405:终端设备向矿池服务器发送入池申请。Step S405: The terminal device sends the pool application to the mining pool server.
注册成功之后,用户已经被登记为矿池的用户。在一些实现方式中,终端设备可以直接开始挖矿,如执行步骤S303,在另一些实现方式中,用户需要经矿池服务器授权后才能开始挖矿。After successful registration, the user has been registered as a user of the mining pool. In some implementations, the terminal device can directly start mining, such as step S303. In other implementations, the user needs to be authorized by the mining pool server to start mining.
发明人长期研究实践发现,在现有的采用PoW共识的区块链中,出于对经济利益的追求,矿池中心化的趋势难以避免,所谓中心化是指大量的ASIC矿机从远端接入到矿工节点参与挖矿,导致矿池中的算力聚集,一旦大型矿池上的算力被攻击者利用,将可能导致51%算力攻击。在本公开实施例中,虽然用新的共识算法取代了PoW共识算法,但算法的本质仍是竞争记账权,若不限制每个矿池中参与挖矿的Slave TEE的数量,仍然有可能出 现某个或某几个矿池聚集大量算力的问题。The inventor's long-term research and practice found that in the existing blockchain using PoW consensus, out of the pursuit of economic benefits, the trend of centralization of mining pools is inevitable. The so-called centralization refers to the large number of ASIC miners from the remote Access to miner nodes to participate in mining leads to the accumulation of computing power in the mining pool. Once the computing power on the large mining pool is used by the attacker, it may lead to a 51% computing power attack. In the embodiment of the present disclosure, although the PoW consensus algorithm is replaced by a new consensus algorithm, the essence of the algorithm is still the competitive accounting right. If the number of Slave TEE participating in mining in each mining pool is not limited, it is still possible There is a problem that a large number of mining pools gather a lot of computing power.
矿池服务器授权的目的正是为了控制该矿池中参与挖矿的Slave TEE的数量,避免出现矿池中心化的趋势。一旦能够避免矿池的中心化,矿池结构带来的优点是显著的,在前面介绍并行链系统的结构时已经阐述,包括减轻区块链系统的网络负担,使得有记账需求的企业用户和有挖矿需求的个人用户实现优势互补,等等。The purpose of the mining pool server authorization is precisely to control the number of slave TEEs participating in mining in the mining pool and avoid the trend of centralized mining pools. Once the centralization of the mining pool can be avoided, the advantages brought by the mining pool structure are significant. It has been explained in the previous introduction to the structure of the parallel chain system, including reducing the network burden of the blockchain system, making enterprise users with accounting needs Complementary advantages with individual users who have mining needs, etc.
为获得矿池服务器的授权,终端设备首先向矿池服务器发送入池申请,告知矿池服务器自己希望参与挖矿。入池申请中可以携带和挖矿有关的信息,包括但不限于矿池标识、申请时间、该终端设备配置的Slave TEE绑定的钱包账号的地址的公钥、Slave TEE绑定的钱包账号的地址中的虚拟并行链标识等信息。其中,矿池标识用于在区块链系统中唯一标识一个矿池,这个标识是对外公开的,任何人均可获得。例如,一个用户希望在某个矿池中挖矿,他可以事先获得该矿池的矿池标识,然后将其录入终端设备上安装的挖矿应用中。钱包账号的地址的公钥和钱包账号的地址的主体部分具有唯一对应关系,利用前者根据确定的规则可以推导出后者,因此获得该公钥等同于获得了钱包账号的地址主体。同时,钱包账号的地址的公钥可用于验证它所对应的私钥作出的签名,因此其适用范围比单纯的钱包账号的地址更广泛。在一些实现方式中,终端设备通过调用Slave TEE提供的接口生成入池申请,矿池标识作为调用参数传入Slave TEE,其余三项信息均可由Slave TEE中的应用程序给出。为保障入池申请的真实可信,Slave TEE中可以保存第二私钥,并利用第二私钥对上述四项信息进行签名,签名也携带在入池申请中。In order to obtain the authorization of the mining pool server, the terminal device first sends the pool application to the mining pool server to inform the mining pool server that it wants to participate in mining. The pooling application can carry information related to mining, including but not limited to the mine pool identification, application time, the public key of the address of the slave TEE-bound wallet account configured on the terminal device, and the wallet account of the Slave TEE-bound wallet account Information such as the virtual parallel chain ID in the address. Among them, the mining pool logo is used to uniquely identify a mining pool in the blockchain system. This logo is open to the public and can be obtained by anyone. For example, if a user wants to mine in a mining pool, he can obtain the mining pool ID of the mining pool in advance, and then enter it into the mining application installed on the terminal device. The public key of the address of the wallet account has a unique correspondence with the main part of the address of the wallet account. The former can be used to derive the latter according to the determined rules. Therefore, obtaining the public key is equivalent to obtaining the address body of the wallet account. At the same time, the public key of the address of the wallet account can be used to verify the signature made by the corresponding private key, so its scope of application is wider than the address of the pure wallet account. In some implementations, the terminal device generates an application for pooling by calling the interface provided by Slave TEE. The mining pool ID is passed to Slave TEE as the calling parameter. The remaining three items of information can be given by the application in Slave TEE. To ensure the authenticity of the pooling application, the Slave TEE can store the second private key, and use the second private key to sign the above four items of information, and the signature is also carried in the pooling application.
步骤S406:矿池服务器验证入池申请是否有效。Step S406: The mining pool server verifies whether the pool entry application is valid.
矿池服务器对于接收到的入池申请判断是否合法,若合法则执行步骤S407,若不合法则可以执行步骤S411,告知终端设备申请入池失败,以使用户可以采取相应的措施,例如重新进行申请。The mining pool server judges whether the received pooling application is legal. If it is legal, step S407 is executed. If it is not legal, step S411 can be executed to inform the terminal device that the pooling application failed, so that the user can take corresponding measures, such as re-applying .
若入池申请包括步骤S405中提到的四项信息以及签名,则步骤S406可以采用如下方式实现:If the pool entry application includes the four items of information and signature mentioned in step S405, step S406 may be implemented in the following manner:
首先,验证矿池标识和自己所在矿池的矿池标识是否一致。在矿池服务器中,矿池标识可以保存在其配置的Master TEE中,不能随意被修改。若验证矿池标识和自己所在矿池的矿池标识一致,继续执行后续步骤,否则确定入池申请无效。在验证矿池标识和自己所在矿池的矿池标识一致之后,利用矿池服务器保存的与第二私钥匹配的第二公钥验证入池申请中签名的真实性,若验证通过,则继续执行后续步骤,否则确定入池申请无效。在入池申请中签名的真实性被验证通过之后,根据钱包账号的地址的公钥推导出钱包账号的地址主体,由于步骤S403中保存了注册信息,因此可以从之前保存的注册信息中查询该钱包账号的地址主体,若未查询到,表明申请入池的用户根本没有注册,确定入池申请无效;或者虽然查询到了该钱包账号的地址主体,但其对应的钱包账号的地址的虚拟并行链标识与入池申请中携带的虚拟并行链标识不一致,同样确定入池申请无效;若根据查询结果,申请入池的用户已经注册并且保存的虚拟并行链序号也正确,则确定入池申请有效。可以理解的,在具体实施时,上面的几个验证步骤的先后顺序也可以采用和上面列举的不一样的顺序。First, verify that the mine pool ID is the same as the mine pool ID of the mine pool where it is located. In the mining pool server, the mining pool logo can be saved in its configured Master TEE and cannot be modified at will. If it is verified that the mine pool ID is the same as the mine pool ID of the mine pool where it is located, continue to perform the next steps, otherwise it is determined that the application for pool entry is invalid. After verifying that the mine pool ID is the same as the mine pool ID of the mine pool where you are, use the second public key saved by the mine pool server to match the second private key to verify the authenticity of the signature in the pool application. If the verification passes, continue Perform the following steps, otherwise it is determined that the pool application is invalid. After the authenticity of the signature in the pool application is verified, the wallet account’s address body is derived from the wallet account’s public key. Since the registration information is saved in step S403, the registration information can be queried from the previously saved registration information If the address body of the wallet account is not queried, it indicates that the user who applied for pooling has not registered at all, and it is determined that the application for pooling is invalid; or although the address body of the wallet account is queried, the virtual parallel chain of the address of the corresponding wallet account If the ID is inconsistent with the ID of the virtual parallel chain carried in the pooling application, the pooling application is also determined to be invalid; if the user applying for pooling is registered and the sequence number of the virtual parallel chain saved is correct according to the query result, the pooling application is valid. It can be understood that, in specific implementation, the sequence of the above several verification steps may also adopt a different sequence from the above listed.
步骤S407:矿池服务器配置的Master TEE判断矿池服务器的容量是否小于容量阈值。Step S407: the master TEE configured by the mining pool server determines whether the capacity of the mining pool server is less than the capacity threshold.
矿池服务器的容量阈值是指某一时刻或某一时间段内矿池服务器所允许的入池挖矿的Slave TEE的最大数量,而容量是指某一时刻或某一时间段内矿池服务器已经允许的入池挖 矿的Slave TEE的数量。若容量小于容量阈值,则可以继续执行步骤S408,授权提出入池申请的终端设备配置的Slave TEE参与挖矿,否则可以执行步骤S411,告知终端设备当前矿池已满,暂停授权,以便终端设备采取相应的措施,例如等待一段时间后重试。通过矿池容量控制,能够有效避免矿池中心化的趋势,改善区块链系统的安全性,提高矿池结构的实用价值。The capacity threshold of the mining pool server refers to the maximum number of Slave TEE allowed by the mining pool server at a certain moment or a certain period of time, and the capacity refers to the mining pool server at a certain moment or a certain period of time The number of Slave TEEs that have been allowed to be mined in the pool. If the capacity is less than the capacity threshold, you can continue to perform step S408 to authorize the Slave TEE of the terminal device configuration that submitted the pool application to participate in mining, otherwise you can perform step S411 to notify the terminal device that the current mining pool is full and suspend the authorization so that the terminal device Take appropriate measures, such as waiting a while and trying again. Through mining pool capacity control, it can effectively avoid the trend of centralized mining pools, improve the security of the blockchain system, and increase the practical value of the mining pool structure.
关于该容量阈值,在不同的实现方式中可以采取不同的定义。例如,在一种实现方式中,可以对每个Slave TEE的授权使用时长T1进行限制,即每个Slave TEE在获得授权后,也只能在T1时间内参与挖矿(从授权开始时间起算),过期后则必须重新申请入池(也不排除某些自动续期一段时间的实现方式),否则在经过一段较长时间后,矿池中接入的终端设备可能越来越多,导致算力聚集,具体如何限制Slave TEE只能在T1时间内参与挖矿在后文再具体阐述。容量阈值定义为在T1时间内矿池服务器所允许的入池挖矿的Slave TEE的最大数量N2。Regarding the capacity threshold, different definitions can be adopted in different implementations. For example, in one implementation, the authorized use time T1 of each Slave TEE can be limited, that is, after each Slave TEE is authorized, it can only participate in mining within T1 time (from the authorization start time) After the expiration, you must re-apply for pooling (also does not exclude some implementations of automatic renewal for a period of time), otherwise, after a long period of time, there may be more and more terminal devices connected to the mining pool, resulting in Force gathering, specifically how to limit Slave TEE can only participate in mining during T1 time will be explained in detail later. The capacity threshold is defined as the maximum number N2 of slave TEE allowed to be mined by the mining server during the T1 time.
在上述实现方式中,矿池服务器为控制其容量不超过容量阈值,可以采取如下的做法:In the above implementation, the mining pool server can take the following measures to control its capacity not to exceed the capacity threshold:
矿池服务器按照固定的授权周期T2(T2<T1)进行入池授权,并控制每个授权周期内的入池授权量小于第一阈值N1,即N1为一个授权周期内最多能够授权的Slave TEE的数量。当矿池服务器接收到新的入池申请后,通过对比当前授权周期内的入池授权量和N1,判断还能否对新的入池申请进行授权,若可以,则继续执行步骤S408,并将当前授权周期内的入池授权量累加1,若不可以,则可以执行步骤S411,告知终端设备当前授权周期内矿池已满,暂停授权,以便终端设备采取相应的措施,例如在下一授权周期内重试。The mining pool server performs pooling authorization according to a fixed authorization period T2 (T2<T1), and controls the number of pooling authorizations in each authorization period to be less than the first threshold N1, that is, N1 is the maximum number of slaves that can be authorized in an authorization period quantity. When the mining pool server receives a new pooling application, it can judge whether the new pooling application can be authorized by comparing the pooling authorization amount and N1 in the current authorization period. If it can, continue to step S408, and Add 1 to the pool authorization amount in the current authorization period. If it is not possible, step S411 can be executed to inform the terminal device that the mining pool is full in the current authorization period and the authorization is suspended so that the terminal device can take corresponding measures, for example, in the next authorization Try again during the cycle.
其中,N1、N2、T1、T2满足关系:N2=(T1/T2)*N1,即通过控制每个T2时间内的入池授权量,实现了对T1时间内的总入池授权量的控制,同时,按照授权周期进行入池授权的方式,有利于避免终端设备集中在某一时段申请入池的情况,将设备的算力在时间层面尽可能分散。Among them, N1, N2, T1, T2 satisfy the relationship: N2 = (T1/T2) * N1, that is, by controlling the amount of pooling authorization in each T2 time, the total amount of pooling authorization in T1 time is controlled At the same time, the way of pooling authorization according to the authorization cycle is helpful to avoid the situation that terminal equipment is concentrated in a certain period of time to apply for pooling, and the computing power of the device is dispersed as much as possible at the time level.
上述T1、T2以及N1可以预配置在Master TEE中。在一些实现方式中,Master TEE中的应用程序可以对N1进行设置,以便满足Master TEE设备的租用需求。例如,每隔一年时间(租期)将N1重置为0,这样将导致矿池服务器无法继续授权,矿池服务器的管理者必须向Master TEE的发行商续租。The above T1, T2 and N1 can be pre-configured in the Master TEE. In some implementations, the application in Master TEE can set N1 to meet the rental requirements of Master TEE equipment. For example, resetting N1 to 0 every other year (lease period) will cause the mining pool server to be unable to continue to be authorized. The manager of the mining pool server must renew the lease with the Master TEE publisher.
步骤S408:Master TEE生成授权信息。Step S408: The Master TEE generates authorization information.
在步骤S407的验证通过后,Master TEE可以组织授权响应(步骤S411中使用)的消息内容,其内容为授权信息,授权信息至少包括授权码以及授权序号。在一些实现方式中,授权信息还可以包括授权使用时长(即步骤S407中的T1)。授权信息可以用于告知终端设备其配置的Slave已经获得授权,可以开始挖矿。After the verification in step S407 is passed, the Master TEE can organize the message content of the authorization response (used in step S411). The content is authorization information, and the authorization information includes at least an authorization code and an authorization serial number. In some implementations, the authorization information may further include the authorized use duration (ie, T1 in step S407). The authorization information can be used to inform the terminal device that its configured slave has been authorized and can start mining.
其中,授权码中可以包括,但不限于矿池服务器的矿池标识、授权序号、申请时间、授权使用时长、被授权的Slave TEE绑定的钱包账号的地址主体等信息。授权序号可由Master TEE分配,用于对每次授权进行区别标记,例如可以被实施为一个随授权次数而递增的整数。根据步骤S405,申请时间和被授权的Slave TEE绑定的钱包账号的地址主体可以包含在终端设备发送入池申请中(钱包账号的地址主体由钱包账号的地址的公钥推算)。Among them, the authorization code may include, but is not limited to, the mining pool ID of the mining pool server, the authorization serial number, the application time, the authorized use duration, the address body of the wallet account bound by the authorized Slave TEE, and other information. The authorization serial number can be assigned by the Master TEE to mark each authorization differently, for example, it can be implemented as an integer that increases with the number of authorizations. According to step S405, the application time and the address subject of the authorized Slave TEE-bound wallet account can be included in the pooling application sent by the terminal device (the address subject of the wallet account is deduced from the public key of the address of the wallet account).
步骤S409:Master TEE根据第二密钥生成算法生成第二密钥,并利用第二密钥加密授权码。Step S409: The Master TEE generates a second key according to the second key generation algorithm, and uses the second key to encrypt the authorization code.
在一些实现方式中,执行步骤S408之后可以直接执行步骤S410,在另一些实现方式 中,执行步骤S408之后还可以先执行步骤S409对授权码加密,然后再执行步骤S410。In some implementations, after performing step S408, step S410 may be directly executed. In other implementations, after performing step S408, step S409 may be further executed to encrypt the authorization code before performing step S410.
授权码的加密过程可以在Master TEE中实现。Master TEE提供调用接口,并且明文的授权码作为参数传入,以在调用完后返回加密后的授权码。授权码采用第二密钥生成算法生成的第二密钥进行对称加密。第二密钥生成算法在此不作限定。例如,Master TEE中可以保存一个预设字串,第二密钥生成算法可以是某种哈希算法,可以根据预设字串计算出哈希值作为第二密钥,上述字串仅在TEE环境中使用,不会泄露到外部。对称加密算法不作限定,例如可以是AES算法、DES算法、3DES算法、SM4算法等等。The encryption process of the authorization code can be implemented in the Master TEE. The Master TEE provides the calling interface, and the clear text authorization code is passed in as a parameter to return the encrypted authorization code after the call. The authorization code uses the second key generated by the second key generation algorithm for symmetric encryption. The second key generation algorithm is not limited here. For example, a preset word string can be stored in the Master TEE, the second key generation algorithm can be a certain hash algorithm, and the hash value can be calculated as the second key according to the preset word string. The above word string is only in TEE Used in the environment, will not leak to the outside. Symmetric encryption algorithm is not limited, for example, AES algorithm, DES algorithm, 3DES algorithm, SM4 algorithm, etc.
进一步的,第二密钥生成算法可以被实施为由Master TEE所私有,即算法实现不在TEE环境之外公开,同时算法生成的第二密钥在Master TEE中被用于且仅被用于加密授权码,不用于包括解密授权码在内的其他用途,即第二密钥在Master TEE中被单向地使用。在具体实施时,Master TEE可以对外只提供加密授权码的接口,不提供解密授权码的接口(或者根本不实现该接口)。Further, the second key generation algorithm can be implemented to be owned by Master TEE, that is, the algorithm implementation is not disclosed outside the TEE environment, and the second key generated by the algorithm is used in Master TEE and only used for encryption The authorization code is not used for other purposes including decryption authorization code, that is, the second key is used unidirectionally in the Master TEE. In the specific implementation, the Master TEE can only provide an interface for encrypting the authorization code, and does not provide an interface for decrypting the authorization code (or the interface is not implemented at all).
关于加密授权码的意义,在后文中解密授权码时再阐述。The significance of encrypting the authorization code will be explained later when decrypting the authorization code.
在一些实现方式中,步骤S407、S408以及S409可以在Master TEE中连续执行,这三个步骤的执行过程无法被Master TEE之外的程序中断或干扰,从而外部程序无法改换中间步骤的依赖参数,这样可以保证容量控制完全由Master TEE决定,矿池服务器中的程序无法整体模拟或伪造容量控制过程。例如,Master TEE可以提供一个用于授权的接口,由矿池服务器在步骤S406的验证通过后负责调用,在该接口中实现步骤S407、S408以及S409。In some implementations, steps S407, S408, and S409 can be continuously executed in Master TEE. The execution of these three steps cannot be interrupted or interfered with by programs other than Master TEE, so that external programs cannot change the dependent parameters of intermediate steps. This can ensure that the capacity control is completely determined by the Master TEE, and the program in the mining pool server cannot simulate or fake the capacity control process as a whole. For example, Master TEE can provide an interface for authorization. The mining server is responsible for calling after the verification in step S406, and steps S407, S408, and S409 are implemented in the interface.
步骤S410:矿池服务器保存授权序号以及授权关联信息;Step S410: the mining pool server saves the authorization serial number and authorization related information;
授权序号在步骤S408中由Master TEE生成。由于授权序号最终要由矿池服务器发送给终端设备(在步骤S411中),所以矿池服务器可以获得该授权序号。矿池服务器将授权序号与授权关联信息对应保存。其中,授权关联信息是指和授权内容相关的信息,其可以包括,但不限于授权开始时间、授权使用时长、被授权的Slave TEE绑定的钱包账号的地址主体等信息。其中,授权开始时间可以取入池申请的申请时间。考虑到参与挖矿的用户可能很多,授权关联信息将占据不少存储空间,因此在具体实施时,授权序号以及授权关联信息可以保存在矿池服务器的数据库中。此外,若矿池服务器因故宕机,重启后也可以从数据库中读取授权关联信息,恢复授权记录,继续提供挖矿服务,有利于改善系统稳定性。The authorization serial number is generated by the Master TEE in step S408. Since the authorization serial number is ultimately sent by the mining pool server to the terminal device (in step S411), the mining pool server can obtain the authorization serial number. The mining pool server stores the authorization sequence number and authorization related information in correspondence. The authorization-related information refers to information related to the authorization content, which may include, but is not limited to, the start time of authorization, the duration of authorized use, the address body of the wallet account bound by the authorized Slave TEE, and other information. Among them, the authorization start time can be taken into the application time of the pool application. Considering that there may be many users participating in mining, the authorization associated information will occupy a lot of storage space. Therefore, in the specific implementation, the authorization serial number and authorization associated information may be stored in the database of the mining pool server. In addition, if the mining pool server is down for some reason, it can also read the authorization related information from the database after the restart, restore the authorization record, and continue to provide mining services, which is conducive to improving system stability.
步骤S411:矿池服务器向终端设备发送授权响应。Step S411: The mining pool server sends an authorization response to the terminal device.
授权响应既包括授权成功的响应,也包括授权失败的响应。其中,授权失败的响应可以是入池申请验证未通过或者矿池已满等等,在之前的步骤阐述中已经提及。授权成功的响应中包含步骤S408中生成的授权码、授权序号、授权使用时长等信息。在一些实现方式中,若执行了步骤S409对授权码加密,则步骤S411中应包含加密后的授权码。The authorization response includes both the response to authorization success and the response to authorization failure. Among them, the response to the authorization failure may be that the pool entry application fails verification or the mining pool is full, etc., which has been mentioned in the previous step description. The successful authorization response includes information such as the authorization code, authorization serial number, and authorization duration generated in step S408. In some implementations, if step S409 is performed to encrypt the authorization code, step S411 should include the encrypted authorization code.
步骤S412:挖矿节点向矿池服务器发送待定记账区块的区块头主体部分的哈希值以及在并行链上挖矿的难度目标值。Step S412: The mining node sends the hash value of the main body of the block header of the pending accounting block to the mining pool server and the difficulty target value of mining on the parallel chain.
步骤S412和步骤S301类似,不再重复阐述。Step S412 is similar to step S301 and will not be repeated.
步骤S413:Master TEE根据第一密钥生成算法生成第一密钥,并利用第一密钥加密区块头主体部分的哈希值。Step S413: The Master TEE generates a first key according to the first key generation algorithm, and uses the first key to encrypt the hash value of the body part of the block header.
在一些实现方式中,执行步骤S412之后可以直接执行步骤S414。在另一些实现方式中,执行步骤S412之后还可以先执行步骤S413对待定记账区块的区块头主体部分的哈希 值加密,然后再执行步骤S414。在另一些实现方式中,执行步骤S412之后也可以先执行步骤S414,在步骤S419中向终端设备发送区块头主体部分的哈希值之前的某个时刻再执行步骤S413对其进行加密。In some implementations, step S414 can be directly executed after step S412. In other implementation manners, after step S412 is performed, step S413 may be first performed to encrypt the hash value of the body part of the block header of the accounting block to be determined, and then step S414 may be executed. In some other implementations, after step S412 is performed, step S414 may also be performed first, and in step S419, before the hash value of the body part of the block header is sent to the terminal device, step S413 may be performed to encrypt it.
区块头主体部分的哈希值的加密过程在Master TEE中实现。Master TEE提供调用接口,并且明文的区块头主体部分的哈希值作为参数传入,以在调用完后返回加密后的区块头主体部分的哈希值。区块头主体部分的哈希值被采用由第一密钥生成算法生成的第一密钥进行对称加密。第一密钥生成算法在此不作限定,例如可以是某种哈希算法,该算法根据矿池配置信息计算出一个哈希值作为第一密钥。The encryption process of the hash value of the main part of the block header is implemented in the Master TEE. The Master TEE provides a calling interface, and the hash value of the main body of the block header in clear text is passed as a parameter to return the encrypted hash value of the main body of the block header after the call is completed. The hash value of the body part of the block header is symmetrically encrypted using the first key generated by the first key generation algorithm. The first key generation algorithm is not limited here. For example, it may be a hash algorithm that calculates a hash value as the first key according to the configuration information of the mining pool.
例如,第一密钥生成算法可以这样实现:将矿池配置信息的内容拼接成一个字串,在其尾部再添加一个不对外公开的预设字串,对生成的字串计算哈希值,然后将哈希值作为第一密钥。For example, the first key generation algorithm can be implemented as follows: the content of the mining pool configuration information is spliced into a string, and a preset string that is not disclosed to the public is added at the end of it, and the hash value of the generated string is calculated, Then use the hash value as the first key.
其中,矿池配置信息可以包括并行链的链标识,并行链标识用于唯一标记区块链系统中的每个并行链,例如,并行链的链标识可以采用整数序号实现。这里的并行链是指发送该区块头主体部分的哈希值的挖矿节点所在的并行链。矿池服务器上可以预先保存矿池中的每个挖矿节点对应的并行链的链标识,因而在加密区块头主体部分的哈希值时,Master TEE获取对应的并行链的链标识如上计算第一密钥以进行加密。The configuration information of the mining pool may include the chain identifier of the parallel chain. The parallel chain identifier is used to uniquely mark each parallel chain in the blockchain system. For example, the chain identifier of the parallel chain may be implemented using an integer serial number. The parallel chain here refers to the parallel chain where the mining node that sends the hash value of the main part of the block header is located. The mining pool server can pre-store the chain ID of the parallel chain corresponding to each mining node in the mining pool. Therefore, when encrypting the hash value of the main part of the block header, Master TEE obtains the chain ID of the corresponding parallel chain as described above. A key for encryption.
在一些实现方式中,矿池配置信息还包括并行链已扩容的次数和矿池的矿池标识中的至少一项。其中,矿池服务器所在的矿池标识在Master TEE中预先配置好,之前已经介绍过。本公开实施例提供的区块链系统中的并行链是支持扩容的,即在业务量较大时可以扩充系统中并行链的数量(新生成的并行链上加入新的节点)。为简单起见,仅介绍倍增并行链数量的扩容方式,但不应当理解为区块链系统仅能够采取此种扩容方式。所谓倍增扩容,是指每扩容一次,并行链的数量变为原来的两倍。每扩容一次,已扩容的次数累加1。例如,区块链系统最开始有1个并行链,此时已扩容的次数为0;然后经过一次扩容,1个并行链扩容成2个并行链,此时已扩容的次数为1,再经过一次扩容,将2个并行链扩容成4个并行链,此时已扩容的次数为2,以此类推。在一些实现方式中,还可以根据能够支持的系统规模为已扩容的次数设置一个上限,例如16,即区块链系统最多支持65536个并行链。并行链已扩容的次数也可以保存在Master TEE中,在区块链系统扩容时进行更新。In some implementations, the mining pool configuration information further includes at least one of the number of times the parallel chain has been expanded and the mining pool identifier of the mining pool. Among them, the mining pool logo where the mining pool server is located is pre-configured in Master TEE, which has been introduced before. The parallel chains in the blockchain system provided by the embodiments of the present disclosure support capacity expansion, that is, the number of parallel chains in the system can be expanded when the traffic volume is large (new nodes are added to the newly generated parallel chains). For simplicity, only the expansion method of doubling the number of parallel chains is introduced, but it should not be understood that the blockchain system can only adopt this expansion method. The so-called multiplication and expansion refers to the number of parallel chains doubled each time the capacity is expanded. Each time the capacity is expanded, the number of expansions is incremented by 1. For example, the blockchain system initially has 1 parallel chain, and the number of times it has been expanded is 0; then after one expansion, 1 parallel chain is expanded into 2 parallel chains, and the number of times that it has been expanded is 1, and then passes Once the capacity is expanded, the two parallel chains are expanded into four parallel chains, and the number of times the capacity has been expanded is 2, and so on. In some implementations, an upper limit can also be set for the number of times the capacity is expanded according to the size of the system that can be supported, such as 16, that is, the blockchain system supports up to 65536 parallel chains. The number of times the parallel chain has been expanded can also be saved in the Master TEE and updated when the blockchain system is expanded.
在一些实现方式中,若区块链系统中引入了实名认证机制,那么在使用第一密钥生成算法计算第一密钥时,除了考虑矿池配置信息,还可以将实名认证时获得的认证码也作为第一密钥的来源之一,认证码包含在步骤S401终端设备发送给矿池服务器的注册请求中。In some implementations, if the real-name authentication mechanism is introduced in the blockchain system, when calculating the first key using the first key generation algorithm, in addition to considering the pool configuration information, the authentication obtained during real-name authentication can also be used The code also serves as one of the sources of the first key, and the authentication code is included in the registration request sent by the terminal device to the mining pool server in step S401.
对区块头主体部分的哈希值进行加密的对称加密算法不作限定,例如可以是AES算法、DES算法、3DES算法、SM4算法等等。The symmetric encryption algorithm that encrypts the hash value of the main part of the block header is not limited, and may be, for example, the AES algorithm, DES algorithm, 3DES algorithm, SM4 algorithm, and so on.
进一步的,第一密钥生成算法可以被实施为由Master TEE所私有,即算法实现不在TEE环境之外公开,同时算法生成的第一密钥在Master TEE中被用于且仅被用于加密区块头主体部分的哈希值,不用于包括解密区块头主体部分的哈希值在内的其他用途,即第一密钥在Master TEE中被单向地使用。在具体实施时,Master TEE可以对外只提供加密区块头主体部分的哈希值的接口,不提供解密区块头主体部分的哈希值的接口(或者根本不实现该接口)。Further, the first key generation algorithm can be implemented to be privately owned by Master TEE, that is, the algorithm implementation is not disclosed outside the TEE environment, and the first key generated by the algorithm is used in Master TEE and only used for encryption The hash value of the body part of the block header is not used for other purposes including decrypting the hash value of the body part of the block header, that is, the first key is used unidirectionally in the Master TEE. In specific implementation, Master TEE can only provide an interface for encrypting the hash value of the main body of the block header, and does not provide an interface for decrypting the hash value of the main body of the block header (or the interface is not implemented at all).
关于加密区块头主体部分的哈希值的意义,在后文中解密区块头主体部分的哈希值时再阐述。The meaning of the hash value of the main body of the encrypted block header will be described later when decrypting the hash value of the main body of the block header.
步骤S414:矿池服务器存储区块头主体部分的哈希值以及难度目标值。Step S414: The mining pool server stores the hash value of the main body of the block header and the target difficulty value.
类似步骤S302,不再重复阐述。Similar to step S302, the explanation will not be repeated.
步骤S415:终端设备向矿池服务器发送记账请求。Step S415: The terminal device sends an accounting request to the mining pool server.
终端设备在获得矿池服务器的授权后,可以向矿池服务器发送记账请求,表明终端设备配置的Slave TEE希望参与竞争记账权。记账请求中可以包括,但不限于矿池标识、授权序号、当前时间等信息。其中,矿池标识和终端设备之前发送的入池申请中携带的矿池标识为同一个,授权序号是终端设备在步骤S411中获得的。After obtaining the authorization of the mining pool server, the terminal device may send an accounting request to the mining pool server, indicating that the slave TEE configured by the terminal device wishes to participate in the competition for accounting rights. The billing request may include, but is not limited to, information such as mine pool identification, authorization serial number, and current time. Among them, the mining pool identifier and the mining pool identifier carried in the pooling application previously sent by the terminal device are the same, and the authorization serial number is obtained by the terminal device in step S411.
在一些实现方式中,终端设备通过调用Slave TEE的接口生成记账请求,其中矿池标识和授权序号作为调用参数传入Slave TEE,当前时间可由Slave TEE中的时钟给出。为保障记账请求的真实可信,Slave TEE中可以保存第三私钥,并利用第三私钥对上述三项信息进行签名,签名也可以携带在记账请求中。第三私钥和之前提到的第二私钥可以相同也可以不同。In some implementations, the terminal device generates a billing request by calling the Slave TEE interface, where the mining pool ID and authorization serial number are passed into the Slave TEE as calling parameters, and the current time can be given by the clock in the Slave TEE. To ensure the authenticity of the accounting request, the Slave TEE can store the third private key, and use the third private key to sign the above three items of information. The signature can also be carried in the accounting request. The third private key and the aforementioned second private key may be the same or different.
步骤S416:矿池服务器验证记账请求是否有效。Step S416: The mining pool server verifies whether the accounting request is valid.
矿池服务器可以判断接收到的记账请求是否合法,若合法则执行步骤S417,若不合法则可以告知终端设备请求记账失败,终端设备可以下次再发起请求。The mining pool server can determine whether the received accounting request is legal. If it is legal, step S417 is executed. If it is not legal, the terminal device can be notified that the accounting request failed, and the terminal device can initiate the request next time.
若记账请求包括步骤S415中提到的三项信息以及签名,则步骤S416可以采用如下方式实现:If the accounting request includes the three items of information mentioned in step S415 and the signature, step S416 may be implemented in the following manner:
首先,矿池服务器验证矿池标识和自己所在矿池的矿池标识是否一致。在矿池服务器中,矿池标识可以保存在其配置的Master TEE中,不能随意被修改。若矿池标识和自己所在矿池的矿池标识一致,继续执行后续步骤,否则确定记账请求无效。在验证矿池标识和自己所在矿池的矿池标识一致之后,利用矿池服务器保存的与第三私钥匹配的第三公钥验证记账请求中签名的真实性,若验证通过,则继续执行后续步骤,否则确定记账请求无效。在记账请求中签名的真实性验证通过之后,根据授权序号查询授权关联信息,授权序号与授权关联信息在步骤S410中已经对应保存在矿池服务器上,若保存的信息中不存在该授权序号,表明该终端设备根本没有获得过授权,确定记账请求无效,否则继续执行后续步骤。步骤S410中提到,授权关联信息可以包括,但不限于授权开始时间、授权使用时长、被授权的Slave TEE绑定的钱包账号的地址主体等信息。矿池服务器还可以验证Slave TEE的授权是否已经过期,即授权开始时间至记账请求中携带的当前时间之间的时间间隔是否超过授权使用时长,若已超过授权使用时长,表明授权已过期,Slave TEE已经无权继续记账,确定记账请求无效,否则继续执行后续步骤。可以理解的,在具体实施时,上面的几个验证步骤的先后顺序也可以采用和上面列举的不一样的顺序。First, the mining pool server verifies that the mining pool ID is the same as the mining pool ID of the mining pool where it is located. In the mining pool server, the mining pool logo can be saved in its configured Master TEE and cannot be modified at will. If the mine pool identifier is the same as the mine pool identifier of the mine pool where it is located, continue to perform the next steps, otherwise it is determined that the accounting request is invalid. After verifying that the mine pool ID is the same as the mine pool ID of the mine pool where it is located, use the third public key saved by the mine pool server to match the third private key to verify the authenticity of the signature in the accounting request. If the verification is passed, continue Perform the next steps, otherwise it is determined that the accounting request is invalid. After the verification of the authenticity of the signature in the billing request is passed, the authorization associated information is queried according to the authorization serial number. The authorization serial number and the authorization associated information have been stored on the mining pool server correspondingly in step S410. If the authorization information does not exist in the stored information , Indicating that the terminal device has not been authorized at all, and it is determined that the billing request is invalid, otherwise the subsequent steps are continued. As mentioned in step S410, the authorization association information may include, but is not limited to, the start time of authorization, the duration of authorization use, the address body of the wallet account bound by the authorized Slave TEE, and other information. The mining pool server can also verify whether the authorization of the Slave TEE has expired, that is, whether the interval between the authorization start time and the current time carried in the billing request exceeds the authorized use time, if the authorized use time is exceeded, it indicates that the authorization has expired, Slave TEE has no right to continue accounting, and the accounting request is determined to be invalid, otherwise it will continue to perform the next steps. It can be understood that, in specific implementation, the sequence of the above several verification steps may also adopt a different sequence from the above listed.
步骤S417:Master TEE确定终端设备关联的并行链。Step S417: The Master TEE determines the parallel chain associated with the terminal device.
在一些实现方式中,Slave TEE可以在任意的并行链上挖矿,并且每次挖矿也可以在不同的并行链上,本文对此不受限制。在另一些实现方式中,为避免Slave TEE的算力集中在某些并行链上,制造51%算力攻击,限制终端设备只能获取与其相关联的并行链上的挖矿节点提供的区块头主体部分的哈希值以及难度目标值,从而终端设备配置的Slave TEE只能在相关联的并行链上挖矿,即分散了Slave TEE的算力。需要指出,此处所称的终端设备关联的并行链是指终端设备配置的Slave TEE关联的并行链,若某些终端设备配置有多个Slave TEE,则这些Slave TEE可以关联到不同的并行链。当然,为简单起见,本文在阐述时一般以终端设备只配置了一个Slave TEE的情况为例,但这不应当视为对本公开保 护范围的限制。In some implementations, Slave TEE can mine on any parallel chain, and each mining can also be on a different parallel chain. This article is not limited to this. In other implementations, in order to avoid SlaveTEE's computing power being concentrated on certain parallel chains, a 51% computing power attack is created, and terminal devices are restricted to only obtain block headers provided by mining nodes on their associated parallel chains. The hash value and difficulty target value of the main part, so that the Slave TEE configured by the terminal device can only be mined on the associated parallel chain, that is, the computing power of the Slave TEE is dispersed. It should be pointed out that the term “parallel chain associated with terminal equipment” refers to the parallel chain associated with the slave TEE configuration of the terminal equipment. If some terminal equipment is configured with multiple slave TEEs, these slave TEEs can be associated with different parallel chains. Of course, for simplicity, this article generally takes the case where the terminal device is configured with only one slave TEE as an example, but this should not be considered as a limitation on the protection scope of the present disclosure.
在一些实现方式中,Master TEE可以根据Slave TEE绑定的钱包账号的地址的虚拟并行链标识、终端设备的并行链标识掩码以及区块链系统包含的并行链的数量计算终端设备关联的并行链的链标识,即确定该终端设备关联的并行链。In some implementations, the Master TEE can calculate the parallel associated with the terminal device based on the virtual parallel chain identifier of the wallet account address bound by the Slave TEE, the parallel chain identifier mask of the terminal device, and the number of parallel chains included in the blockchain system The chain ID of the chain is to determine the parallel chain associated with the terminal device.
其中,虚拟并行链标识根据终端设备配置的Slave TEE的硬件标识计算获得,Slave TEE的硬件标识在步骤S401中已经介绍。在一些实现方式中,虚拟并行链标识VCN可以通过如下方式计算:Among them, the virtual parallel chain identifier is calculated according to the hardware identifier of the slave TEE configured in the terminal device, and the hardware identifier of the slave TEE has been introduced in step S401. In some implementations, the virtual parallel chain identifier VCN can be calculated as follows:
VCN=UID&UidMaskVCN=UID&UidMask
其中,&表示按位与运算,UID为Slave TEE的硬件标识,可以实现为多个字节的数值,UidMask为虚拟并行链标识掩码,其具体为保存在Slave TEE中的常量。例如,如果VCN被实施为2个字节,则UidMask也为2个字节,UidMask的取值不作限定,例如可以取0xFFFF、0xFFEE(十六进制数)等。Slave TEE在生成绑定的钱包账号的地址时,其中附加部分的虚拟并行链标识就可以基于上面的公式计算,而主体部分的生成方法可以采用现有的区块链中生成钱包账号的地址的方法。Among them, & means bitwise AND operation, UID is the hardware identifier of Slave TEE, which can be realized as a multi-byte value, UidMask is a virtual parallel chain identification mask, which is a constant stored in Slave TEE. For example, if VCN is implemented as 2 bytes, UidMask is also 2 bytes, and the value of UidMask is not limited, for example, it can be 0xFFFF, 0xFFEE (hexadecimal number), and so on. When Slave TEE generates the address of the bound wallet account, the virtual parallel chain identification of the additional part can be calculated based on the above formula, and the generation method of the main part can use the existing blockchain to generate the address of the wallet account method.
根据虚拟并行链标识、并行链标识掩码以及区块链系统包含的并行链的数量可以推算Slave TEE在哪个并行链上挖矿,也即终端设备关联的并行链。在一些实现方式中,终端设备关联的并行链的链标识MCN可以根据如下方式计算:Based on the virtual parallel chain ID, the parallel chain ID mask, and the number of parallel chains included in the blockchain system, it can be inferred on which parallel chain Slave TEE mines, that is, the parallel chain associated with the terminal device. In some implementations, the chain identifier MCN of the parallel chain associated with the terminal device can be calculated as follows:
MCN=(VCN^MiningMask)&(N-1)MCN=(VCN^MiningMask)&(N-1)
其中,^表示异或运算,&表示按位与运算,VCN表示虚拟并行链标识,MiningMask表示并行链标识掩码,N表示并行链的数量。MiningMask可以保存在Master TEE中,当区块链系统扩容或者终端设备上安装的挖矿应用升级时,MingMask的值可能会调整,其目的主要是为了防止攻击者故意收购具有特定VCN的Slave TEE,这些Slave TEE设备计算出的MCN相同,从而可以在特定的并行链上聚集算力挖矿,如果MiningMask定期保持更新,则攻击者的收购行为将变得无意义。N也可以保存在Master TEE中,在区块链系统扩容更新器其取值。Among them, ^ means XOR operation, & means bitwise AND operation, VCN means virtual parallel chain identifier, MiningMask means parallel chain identifier mask, and N means the number of parallel chains. MiningMask can be stored in the Master TEE. When the blockchain system is expanded or the mining application installed on the terminal device is upgraded, the value of MingMask may be adjusted. Its purpose is mainly to prevent attackers from deliberately acquiring Slave TEE with a specific VCN. The MCN calculated by these Slave TEE devices is the same, so that mining power can be aggregated on a specific parallel chain. If MiningMask is regularly updated, the attacker's acquisition behavior will become meaningless. N can also be stored in the Master TEE, and its value is updated in the blockchain system capacity updater.
在并行链扩容后,并行链的数量将发生变化,并行链标识也会相应地变化,然而虚拟并行链标识是不变的,从而在系统扩容后,Slave TEE根据虚拟并行链标识很快就可以重新确定出一个并行链标识,进而转换到该并行链标识对应的并行链上去挖矿,即实现了将算力分散到新的并行链上去,这也是设置虚拟并行链标识的重要意义之一。After the expansion of the parallel chain, the number of parallel chains will change, and the parallel chain logo will also change accordingly. However, the virtual parallel chain logo is unchanged, so after the system is expanded, Slave TEE can quickly use the virtual parallel chain logo Re-determining a parallel chain logo, and then switching to the parallel chain corresponding to the parallel chain logo to mine, that is to achieve the distribution of computing power to the new parallel chain, which is also one of the important meanings of setting the virtual parallel chain logo.
可以理解,Master TEE还可以采取其他方式确定终端设备关联的并行链,不限于上述方式。It can be understood that the Master TEE can also adopt other methods to determine the parallel chain associated with the terminal device, which is not limited to the above method.
步骤S418:矿池服务器验证记账请求是否满足冷却时长的要求。Step S418: The mining pool server verifies whether the billing request meets the cooling time requirement.
在一些实现方式中,Slave TEE获得记账权后,立即可以参与下一轮记账权的竞争,不受限制;在另一些实现方式中,Slave TEE获得记账权后,会主动休息一段时间不参与竞争记账权,在这之后才会再次参与记账权的竞争,称Slave TEE休息的这段时间为冷却时长,冷却时长可以取累积未用下限时长的k倍(k为大于0且小于1的常数),其中,累积未用下限时长根据当前的难度目标值计算,之前已经阐述过。In some implementations, Slave TEE can immediately participate in the next round of accounting rights competition after obtaining the accounting rights, without restrictions; in other implementations, Slave TEE will take the initiative to rest for a period of time after acquiring accounting rights If you do not participate in the accounting right, you will participate in the accounting right again after this time. The period during which the Slave TEE rests is called the cooling time. The cooling time can be taken as k times the accumulated unused lower limit time (k is greater than 0 and Constant less than 1), where the cumulative unused lower limit duration is calculated according to the current difficulty target value, which has been explained previously.
在一种实现方式中,Slave TEE中内置应用程序来判断自己是否应当休息,在Slave TEE休息期间,即使终端设备调用其对外提供的竞争记账权的接口,Slave TEE也不响应调用,或者返回提示信息,告知终端设备自己仍在冷却期内。在另一种实现方式中,终端设备安 装的挖矿应用中记录上次成功记账的时间,并判断当前时间距离上次成功记账的时间的时间间隔是否超过冷却时长,若不超过,则不会调动Slave TEE对外提供的竞争记账权的接口,否则可以调用该接口。In one implementation, the Slave TEE has built-in applications to determine whether it should rest. During the Slave TEE break, even if the terminal device calls the interface for the competitive accounting right provided by the external device, the Slave TEE does not respond to the call or return The prompt message informs the terminal device that it is still in the cooling period. In another implementation, the mining application installed in the terminal device records the time of the last successful accounting, and determines whether the time interval between the current time and the last successful accounting exceeds the cooling time, if not, then It will not mobilize the interface provided by Slave TEE for the external accounting right, otherwise it can be called.
此外,在矿池服务器一端,也可以验证记账请求是否满足冷却时长的要求。需要指出,矿池服务器上的判断过程与Slave TEE自己主动休息是相互独立的,即使Slave TEE在竞争获得记账权后不主动休息(包括故意作弊或者本来就不具有此功能的情况),矿池服务器仍然可以通过执行步骤S418阻断器记账请求,迫使Slave TEE在获得记账权之后的冷却时长内无法再次获得记账权。In addition, on the side of the mining pool server, you can also verify whether the accounting request meets the cooling time requirement. It should be pointed out that the judgment process on the mining pool server and Slave TEE's own active rest are independent of each other, even if Slave TEE does not take the initiative to rest after competing for the accounting rights (including cases of deliberate cheating or otherwise not having this function), the mine The pool server can still block the billing request by executing step S418 to force the Slave TEE to fail to obtain the billing right again within the cooling time period after obtaining the billing right.
具体而言,矿池服务器可以判断终端设备配置的Slave TEE距离上次记账时间的时间间隔t1是否大于冷却时长t2,t2为累积未用下限时长的k倍(k为大于0且小于1的常数),其中累积未用下限时长根据难度目标值计算。由于区块链系统可能包括多个并行链,每个并行链上的难度目标值不一定相同,因此针对要验证的Slave TEE,应该根据其挖矿的并行链上的难度目标值计算累积未用下限时长。若判断结果为大于,则表明Slave TEE已经度过冷却期,可以再次记账,继续执行后续步骤,否则拒绝其记账请求,不向终端设备返回区块头主体部分的哈希值以及难度目标值。或者,在一些实现方式中,若判断结果为否,矿池服务器也可以通知终端设备距离发起下次记账请求的时间间隔t3,其中,t3可以取t2-t1,即告知终端设备暂时不要发起新的记账请求,直至Slave TEE距离上次记账的时间间隔超过冷却时长,避免终端设备持续发送无意义的(即不可能获得记账权的)记账请求,造成资源浪费。Specifically, the mining pool server can determine whether the time interval t1 between the Slave TEE and the last billing time configured by the terminal device is greater than the cooling time t2, and t2 is k times the cumulative unused lower limit time (k is greater than 0 and less than 1) Constant), where the cumulative unused lower limit duration is calculated according to the difficulty target value. Since the blockchain system may include multiple parallel chains, the difficulty target value on each parallel chain may not be the same, so for the slave TEE to be verified, the cumulative unused value should be calculated according to the difficulty target value on the parallel chain that it mines Lower limit duration. If the judgment result is greater than, it indicates that the Slave TEE has passed the cooling period, and the billing can be performed again, and the subsequent steps are continued, otherwise the billing request is rejected, and the hash value of the main body of the block header and the target difficulty value are not returned to the terminal device . Or, in some implementations, if the judgment result is negative, the mining pool server may also notify the terminal device of the time interval t3 from which the next billing request is initiated, where t3 may be t2-t1, that is, the terminal device is not allowed to initiate New accounting request, until the time interval between Slave TEE and the last accounting exceeds the cooling time, to avoid the terminal device continuously sending meaningless (that is, impossible to obtain accounting rights) accounting request, resulting in waste of resources.
矿池服务器通过上述验证,可以避免攻击者通过某些手段在终端设备配置的Slave TEE中故意囤积累积未用时长,然后在短期内释放算力,以便连续获得记账权,变相制造51%算力攻击,因为凡是参与挖矿的Slave TEE都无法避开冷却时长的限制。同时,通过设置冷却时长的限制,能够让更多的终端设备配置的Slave TEE都有机会获得记账权,也在一定程度上体现了挖矿的公平性。Through the above verification, the mining pool server can prevent the attacker from intentionally hoarding the accumulated unused time in the Slave TEE configured by the terminal device through some means, and then release the computing power in the short term, so as to continuously obtain the accounting power, and make 51% calculation in disguise Attack, because all slaves participating in mining TEE can not avoid the cooling time limit. At the same time, by setting the cooling time limit, Slave TEE, which can configure more terminal equipment, has the opportunity to obtain accounting rights, which also reflects the fairness of mining to a certain extent.
Slave TEE距离上次记账时间的时间间隔为本次记账时间减去上次记账时间,其中本次记账时间为待定记账区块的区块头中的时间戳指示的时间,上次记账时间为上次记账时生成的区块的区块头中的时间戳指示的时间,虽然矿池服务器可以从挖矿节点获取这两个时间,但根据现有的区块链协议,区块头中的时间戳只能大致地表征记账时间(如不超过当前网络时间2个小时都可接受),直接用此方法计算出的记账时间间隔误差较大,另一方面,时间戳由挖矿节点决定,不排除有人故意将记账时间提前或延后,这些因素均可能导致步骤S418中的验证精度与可信度不高。Slave TEE time interval from the last accounting time is the current accounting time minus the last accounting time, where the current accounting time is the time indicated by the time stamp in the block header of the pending accounting block, the last time The accounting time is the time indicated by the timestamp in the block header of the block generated during the last accounting. Although the mining pool server can obtain these two times from the mining node, according to the existing blockchain protocol, the area The timestamp in the block header can only roughly represent the accounting time (if it does not exceed 2 hours of the current network time is acceptable), the accounting time interval calculated directly by this method has a large error. On the other hand, the timestamp is The mining node decides that it is not ruled out that someone deliberately advances or delays the billing time. These factors may cause the verification accuracy and credibility in step S418 to be low.
因此,在一些实现方式中,可以采用如下的公式估算上述记账时间间隔:Therefore, in some implementations, the following formula can be used to estimate the above accounting time interval:
Figure PCTCN2019127183-appb-000003
Figure PCTCN2019127183-appb-000003
其中,Height2为待定记账区块在区块链中的高度,Height1为上次记账生成的区块在区块链中的高度,
Figure PCTCN2019127183-appb-000004
为区块链系统的预设常数,用于表征区块链系统的平均出块时间(生成一个区块的平均耗时),其中,某个区块在区块链中的高度是指在它之前区块链上一共串接了多少了个区块,对于创世区块,在其之前没有区块,因此其高度为0。利用区块的高度差来估算两个区块的记账时间间隔,准确度与可信度较高。 Among them, Height2 is the height of the pending accounting block in the blockchain, and Height1 is the height of the block generated by the last accounting in the blockchain,
Figure PCTCN2019127183-appb-000004
It is the preset constant of the blockchain system, which is used to characterize the average block generation time of the blockchain system (the average time to generate a block), where the height of a block in the blockchain refers to its There are a total of blocks connected to the blockchain before. For the genesis block, there is no block before it, so its height is 0. The difference in block height is used to estimate the accounting time interval between the two blocks, with higher accuracy and credibility.
具体实施时,区块的高度可以由矿池服务器主动向Slave TEE挖矿所在的并行链上的挖 矿节点请求,挖矿节点在其存储的区块链数据中查询获得。或者,Slave TEE挖矿所在的并行链上的挖矿节点也可以在将记账区块添加至本地的区块链中,且该记账区块被最终确认之后,将记账区块在其本地的区块链中的高度、竞争到记账权Slave TEE绑定的钱包账号的地址主体主动发送至矿池服务器,矿池服务器可以将这些数据保存到数据库中,在需要估算记账时间间隔时,根据当前的Slave TEE绑定的钱包账号的地址主体去数据库中查询获得上次记账时生成的区块在区块链中的高度,而执行步骤S418时待定记账区块还没有记录在区块链中,但其如果被添加至区块链,必然在区块链尾部,因此其在区块链中的高度是已知的,可以获取挖矿节点最近一次发送过来的区块的高度(当前区块链中的最新一个被确认的区块),将该高度作为待定记账区块在区块链中的高度。In specific implementation, the height of the block can be actively requested by the mining pool server to the mining node on the parallel chain where the Slave TEE mining is located, and the mining node can query and obtain it from the blockchain data stored in it. Alternatively, the mining node on the parallel chain where Slave TEE mining is located can also add the accounting block to the local blockchain, and after the accounting block is finally confirmed, place the accounting block in its The main body of the local blockchain that competes with the accounting right Slave TEE wallet account address is actively sent to the mining pool server. The mining pool server can save these data in the database and need to estimate the accounting time interval. At the time, according to the address subject of the wallet account bound by the current Slave TEE, go to the database to obtain the height of the block generated in the last accounting in the blockchain, and the pending accounting block has not been recorded when step S418 is executed In the blockchain, but if it is added to the blockchain, it must be at the end of the blockchain, so its height in the blockchain is known, and it can get the most recent block sent by the mining node. Height (the latest confirmed block in the current blockchain), this height is used as the height of the pending accounting block in the blockchain.
作为一种可选的方案,挖矿节点还可以将已经确认的区块的生成时间(即区块头中的时间戳)也发送给矿池服务器,区块的生成时间可以起辅助判断的作用。例如,矿池运营者在每个并行链上都提供几个起稳定器作用的Slave TEE,这些Slave TEE只在长时间(例如,平均出块时间的数倍)都没有其他Slave TEE竞争到记账权时才参与竞争记账权,且不受冷却时长限制,避免个别区块记账间隔时间过长。其中,矿池服务器将区块链中区块的生成时间发送给配置有作为稳定器的Slave TEE的终端设备,终端设备上安装的挖矿应用中根据当前时间与区块链中最新一个被确认的区块的生成时间之差,可以确定是否要允许作为稳定器的Slave TEE竞争记账权。As an optional solution, the mining node may also send the confirmed block generation time (that is, the timestamp in the block header) to the mining pool server, and the block generation time may serve as an auxiliary judgment. For example, the mining pool operator provides several Slave TEEs that act as stabilizers on each parallel chain. These Slave TEEs only compete with other Slave TEEs for a long time (for example, several times the average block time). Participate in the accounting right only when accounting rights, and is not limited by the cooling time, to avoid too long accounting interval of individual blocks. Among them, the mining pool server sends the generation time of the block in the blockchain to the terminal device equipped with Slave TEE as the stabilizer. The mining application installed on the terminal device is confirmed according to the current time and the latest one in the blockchain The difference in the generation time of the block can determine whether to allow Slave TEE as the stabilizer to compete for the accounting right.
发明人在长期实践中发现,少数情况下,例如参与挖矿的终端设备本来就不多,且因网络故障等原因又使得多数终端设备下线,只有数台终端设备还在挖矿,这时可能导致区块链中的区块停止增长,因为可能所有的终端设备配置的Slave TEE都无法满足利用高度差估算出冷却时长的要求,即对于所有仍然在线的终端设备配置的Slave TEE而言,Height2Height1都不再变化,由此估算出的t1始终不大于t2。为解决这一问题,在部分实现方式中,矿池服务器可以增设一条验证规则,若矿池服务器保存的难度目标值大于某一预设值(如最大难度目标值的一半),则也视为满足冷却时长的要求,继续执行后续步骤。难度目标值大于预设值表明当前的并行链上挖矿难度过小(根据累积未用下限时长的计算公式,难度目标值越大,挖矿难度越小,挖矿难度小意味着该并行链上的Slave TEE的数量很少),若满足该条件表明在该难度目标值对应的并行链上,区块链的区块已经停止增长,应当允许Slave TEE记账以便能够正常添加区块。相应地,在Slave TEE中可以增设判断,若Slave TEE中累积未用时长已超过累积未用下限时长的预设倍数(如2倍),且计算累积未用下限时长所使用的难度目标值大于某一预设值(如最大难度目标值的一半),也视为满足冷却时长的要求,Slave TEE不会再继续休息。上述判断在Slave TEE中执行外界无法干扰或伪造其判断过程,所以是真实可信的。The inventor has discovered in long-term practice that in a few cases, for example, there are not many terminal devices involved in mining, and most terminal devices are offline due to network failures and other reasons. Only a few terminal devices are still mining. It may cause the block in the blockchain to stop growing, because all the terminal equipment configured Slave TEE can not meet the requirement of using the height difference to estimate the cooling time, that is, for all the terminal equipment configured Slave TEE that is still online, Height2Height1 no longer changes, and the estimated t1 is never greater than t2. To solve this problem, in some implementations, the mining pool server can add a verification rule. If the difficulty target value saved by the mining pool server is greater than a certain preset value (such as half of the maximum difficulty target value), it is also regarded as To meet the requirements of cooling time, continue to perform the next steps. The difficulty target value greater than the preset value indicates that the current mining difficulty on the parallel chain is too small (according to the calculation formula of the cumulative unused minimum duration, the greater the difficulty target value, the smaller the mining difficulty, and the smaller the mining difficulty means the parallel chain The number of Slave on the TEE is very small.) If the condition is met, it means that the block of the blockchain has stopped growing on the parallel chain corresponding to the difficulty target value. The Slave TEE should be allowed to keep the account so that the block can be added normally. Correspondingly, a judgment can be added to the Slave TEE if the cumulative unused duration in the Slave TEE has exceeded the preset multiple of the cumulative unused minimum duration (eg 2 times), and the difficulty target value used to calculate the cumulative unused minimum duration is greater than A certain preset value (such as half of the maximum difficulty target value) is also considered to meet the cooling time requirement, and Slave TEE will not continue to rest. The above judgment is performed in the Slave TEE and the outside world cannot interfere or forge its judgment process, so it is true and credible.
进一步的,若某个Slave TEE首次参与挖矿,或者刚刚换一个并行链挖矿(因为区块链系统扩容或者并行链标识掩码调整),由于矿池服务器只在Slave TEE当前挖矿的并行链关联的数据中查询其上次记账成功时生成的区块在区块链中的高度,所以查询不到相应的数据,所以也视为已经满足冷却时长的要求。Further, if a Slave TEE participates in mining for the first time, or has just changed to a parallel chain mining (because of the expansion of the blockchain system or the adjustment of the parallel chain logo mask), because the mining pool server is only in the current parallel mining of Slave TEE The data associated with the chain is queried for the height of the block generated in the last successful bookkeeping in the blockchain, so the corresponding data cannot be queried, so it is also considered to have met the cooling time requirement.
步骤S419:矿池服务器向终端设备发送与其关联的并行链的区块头主体部分的哈希值以及难度目标值。Step S419: The mining pool server sends the hash value and difficulty target value of the block header body part of the parallel chain associated with it to the terminal device.
在步骤S417中已经确定了终端设备关联的并行链,因此在步骤S419中可以向终端设备发送其关联的并行链的区块头主体部分的哈希值以及难度目标值。In step S417, the parallel chain associated with the terminal device has been determined, so in step S419, the hash value and the difficulty target value of the body part of the block header of its associated parallel chain can be sent to the terminal device.
步骤S420:Slave TEE判断自身的累积未用时长是否大于根据难度目标值计算出的累积未用下限时长。Step S420: Slave TEE determines whether its accumulated unused duration is greater than the accumulated unused lower limit duration calculated according to the difficulty target value.
步骤S420与步骤S305类似的部分不再重复阐述。在一些实现方式中,Slave TEE判断自己能否获得记账权,除了判断累积未用时长是否超过累积未用下限时长外,还会同时判断累积未用时长是否落在冷却时长的整数倍时段内,若两个判断结果都是时,才确认自己获得记账权,否则竞争记账权失败。例如,累积未用下限时长为2天,k取0.5,则冷却时长为1天,冷却时长的整数倍时间为1天、2天、3天等等。冷却时长的整数倍时段定义为冷却时长的整数倍时间加上容错偏差时间(例如20分钟),在此定义下,冷却时长的整数倍时段为1天至1天零20分钟、2天至2天零20分钟、3天至3天零20分钟等等。在一种可能的场景中,攻击者控制一定数量的Slave TEE之后,让这些Slave TEE集中于某些特定的时间点去竞争记账权,使算力在时间上集中,变相制造51%算力攻击,增加上述判断的意义在于强制将Slave TEE竞争记账权的时间点在时间上分散开,避免算力集中,确保区块链系统的安全性。Step S420 is similar to step S305 and will not be described repeatedly. In some implementations, Slave TEE determines whether it can obtain accounting rights. In addition to determining whether the cumulative unused duration exceeds the cumulative unused minimum duration, it also determines whether the cumulative unused duration falls within an integer multiple of the cooling duration. Only if both judgments are the same, can you confirm that you have obtained the accounting right, otherwise the competition for accounting right will fail. For example, if the cumulative unused lower limit duration is 2 days, and k is 0.5, the cooling duration is 1 day, and the integer multiple of the cooling duration is 1 day, 2 days, 3 days, and so on. An integer multiple of the cooling duration is defined as an integer multiple of the cooling duration plus a fault tolerance deviation time (for example, 20 minutes). Under this definition, the integer multiple of the cooling duration is 1 day to 1 day and 20 minutes, and 2 days to 2 Days and 20 minutes, 3 days to 3 days and 20 minutes, etc. In a possible scenario, after the attacker controls a certain number of Slave TEEs, let these Slave TEEs concentrate on certain specific time points to compete for accounting power, so that the computing power is concentrated in time, and 51% computing power is disguised. The significance of the attack to increase the above judgment is to force the time points at which Slave TEE competes for accounting power to be dispersed in time, to avoid concentration of computing power, and to ensure the security of the blockchain system.
步骤S421:Slave TEE根据第二密钥生成算法生成第二密钥,并利用第二密钥解密授权码。Step S421: Slave TEE generates a second key according to the second key generation algorithm, and uses the second key to decrypt the authorization code.
在步骤S422中会使用从矿池服务器获得的授权码,该授权码携带在步骤S411的授权响应中。若之前执行了步骤S410对授权码加密,则在执行步骤S422之前需要执行步骤S421解密授权码,否则不需要执行步骤S421。In step S422, the authorization code obtained from the mining pool server is used, and the authorization code is carried in the authorization response in step S411. If step S410 is performed to encrypt the authorization code before, step S421 needs to be performed to decrypt the authorization code before step S422 is performed, otherwise step S421 does not need to be performed.
授权码的解密过程在Slave TEE中实现,Slave TEE提供调用接口,加密后的授权码作为参数传入,调用完后返回明文的授权码。授权码采用第二密钥生成算法生成的第二密钥进行对称解密,第二密钥生成算法应和步骤S410中Master TEE中使用的相同,以确保生成的第二密钥也和Master TEE中的相同,例如,参照步骤S410的例子,Slave TEE中也可以保存和Master TEE中相同的预设字串,在Slave TEE中,和Master TEE中相同的第二密钥生成算法也基于该字串生成第二密钥,该字串仅在TEE环境中使用,不会泄露到外部。获得第二密钥后,Slave TEE中的对称解密算法也应当和步骤S410中Master TEE中采用的对称加密算法一致。The decryption process of the authorization code is implemented in Slave TEE. Slave TEE provides a calling interface. The encrypted authorization code is passed in as a parameter, and the plain text authorization code is returned after the call. The authorization code uses the second key generated by the second key generation algorithm for symmetric decryption. The second key generation algorithm should be the same as that used in the Master TEE in step S410 to ensure that the generated second key is also in the Master TEE The same, for example, referring to the example of step S410, the same preset character string as in Master TEE can also be saved in Slave TEE, and the same second key generation algorithm in Slave TEE and Master TEE is also based on this string Generate the second key. This string is only used in the TEE environment and will not be leaked to the outside. After obtaining the second key, the symmetric decryption algorithm in Slave TEE should also be consistent with the symmetric encryption algorithm used in Master TEE in step S410.
进一步的,类似步骤S410,第二密钥生成算法也可以被实施为由Slave TEE所私有(步骤S410中为Master TEE私有),即算法实现不在TEE环境之外公开,同时算法生成的第二密钥在Slave TEE中被用于且仅被用于解密授权码,不用于包括加密授权码在内的其他用途,即第二密钥在Slave TEE中被单向地使用,在具体实施时,Slave TEE可以对外只提供解密授权码的接口,不提供加密授权码的接口(或者根本不实现该接口)。Further, similar to step S410, the second key generation algorithm can also be implemented as private by Slave TEE (master private by TEE in step S410), that is, the algorithm implementation is not disclosed outside the TEE environment, and the second secret generated by the algorithm The key is used in the Slave TEE and is only used to decrypt the authorization code, not for other purposes including the encrypted authorization code, that is, the second key is used unidirectionally in the Slave TEE. In specific implementation, the Slave TEE It is possible to provide only an interface for decrypting the authorization code, and an interface for not encrypting the authorization code (or not to implement the interface at all).
步骤S410以及步骤S421中的加解密机制确保了Master TEE和Slave TEE必须配套使用,一旦出现二者不匹配的情况,例如Slave TEE被伪造,加解密机制将无法正常工作,从而Slave TEE也无法解密并使用授权码。并且,由于第二密钥在Master TEE和Slave TEE中的使用都是单向的,确保了第二密钥不会被攻击者破解。The encryption and decryption mechanisms in steps S410 and S421 ensure that Master TEE and Slave TEE must be used together. Once there is a mismatch between the two, such as Slave TEE is forged, the encryption and decryption mechanism will not work properly, so that Slave TEE cannot decrypt. And use the authorization code. Moreover, since the second key is used unidirectionally in Master TEE and Slave TEE, it is ensured that the second key will not be cracked by an attacker.
步骤S422:Slave TEE利用授权码验证授权是否有效。Step S422: Slave TEE uses the authorization code to verify whether the authorization is valid.
在步骤S408中已经提到,授权码中可以包括,但不限于矿池标识、授权序号、申请时间、授权使用时长、被授权的Slave TEE绑定的钱包账号的地址主体等信息。因此步骤S422中可以利用这些信息验证此时授权是否仍然有效,例如,Slave TEE可以验证授权码中携带的钱包账号的地址主体和自身保存的是否一致,若不一致,确定竞争记账权失败(尽管S420 中累积未用时长的条件已经满足),否则继续执行后续步骤。又例如,Slave TEE验证获得的授权是否已经过期,即发送入池申请时的申请时间至当前时间之间的时间间隔是否超过授权使用时长,若已超过授权使用时长,表明授权已过期,Slave TEE已经无权继续记账,确定竞争记账权失败(尽管S420中累积未用时长的条件已经满足),否则继续执行后续步骤。在步骤S305中已经提到,Slave TEE竞争记账权可以通过终端设备调用其提供的接口的方式,因此确定竞争记账权失败具体可以实现为该接口的调用提前终止。可以理解的,在具体实施时,上面的验证步骤的先后顺序也可以采用和上面列举的不一样的顺序。As mentioned in step S408, the authorization code may include, but is not limited to, mine pool identification, authorization serial number, application time, authorized use duration, authorized Slave TEE wallet account address body and other information. Therefore, in step S422, the information can be used to verify whether the authorization is still valid at this time. For example, Slave TEE can verify whether the address body of the wallet account carried in the authorization code is consistent with the one saved by itself. (The condition for accumulating unused duration in S420 has been met), otherwise continue to the subsequent steps. For another example, Slave TEE verifies whether the obtained authorization has expired, that is, whether the interval between the application time when sending the pooling application and the current time exceeds the authorized use time, if the authorized use time is exceeded, it indicates that the authorization has expired, Slave TEE It has no right to continue accounting, and it is determined that the competition for accounting rights has failed (although the condition of accumulating unused duration in S420 has been met), otherwise the subsequent steps are continued. As mentioned in step S305, the Slave TEE competition billing right can be invoked by the terminal device through the interface provided by the terminal device. Therefore, it can be determined that the failure of the competition billing right can be prematurely terminated by calling the interface. It can be understood that, in specific implementation, the sequence of the above verification steps may also be different from the sequence listed above.
需要指出,尽管授权码中已经包含授权序号和授权使用时长,但在步骤S411矿池服务器发送的授权响应中,除了包含授权码,还包含授权序号以及授权使用时长。其原因在于,授权码为密文态,在步骤S410中进行了加密,直到步骤S421中才解密,在此之前不能获取授权码中的信息,另外,在授权码中传递的信息因附加了加解密过程,能保证不被伪造。因此可以将另外两项信息以明文方式单独发送。其中,授权序号在步骤S415中被使用,而授权使用时长则可以反馈给挖矿应用,例如在应用的界面上显示出来,使用户获知自己获得了多长时间的授权,又例如,挖矿应用还可以根据授权使用时长判断当前设备的授权是否即将结束,在授权即将结束时,挖矿应用可以自动再次发起步骤S405所述的入池申请(如,调用Slave TEE提供的生成入池申请的接口)。可以理解的,在一些实现方式中,终端设备也可以实现为不使用授权使用时长,在这些实现方式中矿池服务器在授权时也不必发送明文态的授权使用时长。It should be pointed out that although the authorization code already contains the authorization serial number and the duration of authorization, the authorization response sent by the mining pool server in step S411 contains the authorization serial number and the authorization duration in addition to the authorization code. The reason is that the authorization code is in a ciphertext state, and it is encrypted in step S410 until it is decrypted in step S421. Before that, the information in the authorization code cannot be obtained. In addition, the information passed in the authorization code is The decryption process can ensure that it is not forged. Therefore, the other two messages can be sent separately in clear text. Among them, the authorization serial number is used in step S415, and the authorized use time can be fed back to the mining application, for example, displayed on the application interface, so that the user knows how long he has been authorized, and for example, the mining application You can also determine whether the authorization of the current device is about to end according to the duration of the authorization. When the authorization is about to end, the mining application can automatically initiate the pooling application described in step S405 (for example, call the interface provided by SlaveTEE to generate the pooling application ). It can be understood that, in some implementations, the terminal device may also be implemented without using the authorized use duration. In these implementations, the mining pool server does not need to send the clear authorization use duration during authorization.
步骤S423:Slave TEE根据第一密钥生成算法生成第一密钥,并利用第一密钥对加密后的区块头主体部分的哈希值进行解密。Step S423: Slave TEE generates a first key according to the first key generation algorithm, and uses the first key to decrypt the hash value of the encrypted block header body part.
在步骤S424中Slave TEE会使用从矿池服务器获得的区块头主体部分的哈希值,该哈希值在步骤S419中获得。若之前执行了步骤S413对区块头主体部分的哈希值加密,则在执行步骤S424之前需要执行步骤S423解密区块头主体部分的哈希值,否则不需要执行步骤S423。In step S424, the Slave TEE uses the hash value of the main body of the block header obtained from the mining pool server, and the hash value is obtained in step S419. If step S413 is performed to encrypt the hash value of the body part of the block header before, step S423 needs to be performed to decrypt the hash value of the body part of the block header before step S424 is performed, otherwise step S423 is not necessary.
区块头主体部分的哈希值的解密过程在Slave TEE中实现,Slave TEE提供调用接口,加密后的区块头主体部分的哈希值作为参数传入,调用完后返回明文的区块头主体部分的哈希值。区块头主体部分的哈希值采用第一密钥生成算法生成的第一密钥进行对称解密,第一密钥生成算法应和步骤S413中Master TEE中使用的相同,以确保生成的第一密钥也和Master TEE中的相同。The decryption process of the hash value of the main body of the block header is implemented in Slave TEE. The Slave TEE provides a calling interface. The hash value of the encrypted main body of the block header is passed as a parameter. After the call, the plain text of the main body of the block header is returned. Hash value. The hash value of the body part of the block header is symmetrically decrypted using the first key generated by the first key generation algorithm. The first key generation algorithm should be the same as that used in the Master TEE in step S413 to ensure the generated first secret The key is also the same as in Master TEE.
算法根据矿池配置信息计算出第一密钥。其中,矿池配置信息包括并行链的链标识,这里的并行链是指终端设备关联的并行链,其并行链标识可以通过Slave TEE绑定的钱包账号的地址的虚拟并行链标识、终端设备的并行链标识掩码以及区块链系统包含的并行链的数量计算,计算方法应当和步骤S417中的保持一致。其中,虚拟并行链标识、并行链标识掩码以及并行链的数量都可以保存在Slave TEE中,若Master TEE中更新了并行链标识掩码以及并行链的数量,Slave TEE中也应当同步更新。The algorithm calculates the first key based on the mining pool configuration information. Among them, the mining pool configuration information includes the chain identifier of the parallel chain. The parallel chain here refers to the parallel chain associated with the terminal device. The parallel chain identifier can be obtained through the virtual parallel chain identifier of the wallet account address bound by Slave TEE and the terminal device’s The parallel chain identification mask and the number of parallel chains included in the blockchain system should be calculated in the same way as in step S417. Among them, the virtual parallel chain ID, the parallel chain ID mask, and the number of parallel chains can be saved in the Slave TEE. If the Master Chain TEE updates the parallel chain ID mask and the number of parallel chains, the Slave TEE should also be updated synchronously.
需要指出,虽然在步骤S413中,并行链的链标识不是通过上述三项信息计算的,但由于在步骤S419中发送的是步骤S417计算出的并行链序号对应的并行链上的区块头主体部分的哈希值,所以可以等价于计算第一密钥时使用的并行链的链标识也是采用步骤S417中的方法计算的,即和解密时采用的算法相同。It should be pointed out that although in step S413, the chain identifier of the parallel chain is not calculated by the above three items of information, but since the sent in step S419 is the main part of the block header on the parallel chain corresponding to the parallel chain number calculated in step S417 The hash value of, which can be equivalent to the parallel chain used in the calculation of the first key, is also calculated using the method in step S417, that is, the same algorithm used in decryption.
若加密时的矿池配置信息中还包括并行链已扩容的次数、矿池标识、认证码等信息项, 在解密时使用的矿池配置信息中也应当包含同样的信息项。其中,矿池标识在Slave TEE中预先配置好,之前已经介绍过。并行链已扩容的次数在步骤S413中已经介绍,不在详细说明,并行链已扩容的次数可以保存在Slave TEE中,若Master TEE中更新了并行链已扩容的次数,Slave TEE中也应当同步更新。认证码在终端设备进行实名认证时就已经获得并保存在Slave TEE中。If the mining pool configuration information at the time of encryption also includes information items such as the number of times the parallel chain has been expanded, the mining pool identifier, and the authentication code, the same information item should also be included in the mining pool configuration information used at the time of decryption. Among them, the mine pool logo is pre-configured in the Slave TEE, which has been introduced before. The number of times the parallel chain has been expanded has been introduced in step S413, and is not described in detail. The number of times the parallel chain has been expanded can be saved in the Slave TEE. If the number of times the parallel chain has been expanded is updated in the Master TEE, the Slave TEE should also be updated synchronously. . The authentication code is already obtained and stored in the Slave TEE when the terminal device performs real-name authentication.
获得第一密钥后,Slave TEE中的对称解密算法也应当和步骤S413中Master TEE中采用的对称加密算法一致。After obtaining the first key, the symmetric decryption algorithm in Slave TEE should also be consistent with the symmetric encryption algorithm used in Master TEE in step S413.
进一步的,类似步骤S413,第一密钥生成算法也可以被实施为由Slave TEE所私有(步骤S413中为Master TEE私有),即算法实现不在TEE环境之外公开,同时算法生成的第一密钥在Slave TEE中被用于且仅被用于解密区块头主体部分的哈希值,不用于包括加密区块头主体部分的哈希值在内的其他用途,即第一密钥在Slave TEE中被单向地使用,在具体实施时,Slave TEE可以对外只提供解密区块头主体部分的哈希值的接口,不提供加密区块头主体部分的哈希值的接口(或者根本不实现该接口)。Further, similar to step S413, the first key generation algorithm can also be implemented as private by Slave TEE (master private by TEE in step S413), that is, the algorithm implementation is not disclosed outside the TEE environment, and the first secret generated by the algorithm The key is used in Slave TEE and is only used to decrypt the hash value of the body part of the block header. It is not used for other purposes including the hash value of the body part of the encrypted block header. That is, the first key is in the Slave TEE It is used unidirectionally. In specific implementation, Slave TEE can only provide an interface for decrypting the hash value of the main body of the block header, and does not provide an interface for encrypting the hash value of the main body of the block header (or the interface is not implemented at all).
步骤S413以及步骤S423中的加解密机制确保了Master TEE和Slave TEE必须配套使用,一旦出现二者不匹配的情况,例如Slave TEE被伪造,加解密机制将无法正常工作,从而Slave TEE也无法解密并使用区块头主体部分的哈希值,或者即使能够解密,也无法获得正确的区块头主体部分的哈希值(在后续步骤中能够检验出来,致使其记账失败)。并且,由于第一密钥在Master TEE和Slave TEE中的使用都是单向的,确保了第一密钥不会被攻击者破解。The encryption and decryption mechanisms in steps S413 and S423 ensure that Master TEE and Slave TEE must be used together. Once the two do not match, for example, Slave TEE is forged, the encryption and decryption mechanism will not work properly, so that Slave TEE cannot decrypt. And use the hash value of the main part of the block header, or even if it can be decrypted, the correct hash value of the main part of the block header cannot be obtained (it can be checked in the subsequent steps, causing the accounting to fail). Moreover, since the use of the first key in Master TEE and Slave TEE is unidirectional, it ensures that the first key will not be cracked by an attacker.
进一步的,第一密钥的计算与终端设备关联的并行链的链标识相关,意味着在Slave TEE中推算出的该链标识必须与Master TEE中推算出的该链标识一致,Slave TEE才能够获得和Master TEE中相同的第一密钥,或者说,Slave TEE只能获得并解密该链标识对应的并行链上的挖矿节点发送的区块头主体部分的哈希值,即使获得了其他的并行链上的挖矿节点发送的区块头主体部分的哈希值,也无法正确解密,从而限制了Slave TEE只能在终端设备关联的并行链上挖矿。根据并行链的链标识的计算方法,每个Slave TEE中并行链标识掩码以及并行链的数量都是相同的,只有虚拟并行链标识不同,虚拟并行链标识根据Slave TEE的硬件标识计算,只要硬件标识不具有特定的倾向性,可以确保矿池中的Slave TEE被近似平均地分散到区块链系统中不同的并行链上去。Further, the calculation of the first key is related to the chain ID of the parallel chain associated with the terminal device, which means that the chain ID calculated in the Slave TEE must be consistent with the chain ID calculated in the Master TEE before the Slave TEE can Obtain the same first key as in Master TEE, or Slave TEE can only obtain and decrypt the hash value of the main body of the block header sent by the mining node on the parallel chain corresponding to the chain ID, even if other The hash value of the main body of the block header sent by the mining node on the parallel chain cannot be decrypted correctly, which limits the slave TEE to only mine on the parallel chain associated with the terminal device. According to the calculation method of the chain ID of the parallel chain, the parallel chain ID mask and the number of parallel chains in each Slave TEE are the same. Only the virtual parallel chain ID is different. The virtual parallel chain ID is calculated according to the slave TEE hardware ID, as long as The hardware identification does not have a specific tendency, which can ensure that the Slave TEE in the mining pool is approximately evenly distributed to different parallel chains in the blockchain system.
进一步的,对于第一密钥生成算法在生成第一密钥时考虑并行链已扩容的次数的实现方式,若并行链扩容后,Master TEE中保存的并行链已扩容的次数和并行链的数量(在计算并行链的链标识时使用)已经更新,但Slave TEE中保存的并行链已扩容的次数或并行链的数量尚未更新,Slave TEE将无法继续在原来的并行链上挖矿(因为无法正确解密区块头主体部分的哈希值),即在并行链扩容升级后,若Slave TEE的配置未升级,将不允许该Slave TEE继续参与挖矿,这样,即使在升级前某个并行链上出现了算力聚集,升级后一旦Slave TEE的配置更新,聚集的Slave TEE将可能被分散到新的并行链上去挖矿,从而有效消除了算力聚集。Further, for the implementation of the first key generation algorithm considering the number of times the parallel chain has been expanded when generating the first key, if the parallel chain is expanded, the number of times the parallel chain has been expanded and the number of parallel chains stored in the Master TEE (Used when calculating the chain ID of the parallel chain) has been updated, but the number of times the parallel chain saved in the Slave TEE has been expanded or the number of parallel chains has not been updated, Slave TEE will not be able to continue mining on the original parallel chain (because Correctly decrypt the hash value of the main part of the block header), that is, after the expansion and upgrade of the parallel chain, if the configuration of the Slave TEE is not upgraded, the Slave TEE will not be allowed to continue to participate in mining, so that even on a parallel chain before the upgrade There has been a gathering of computing power. Once the configuration of the Slave TEE is updated after the upgrade, the aggregated Slave TEE may be distributed to the new parallel chain to mine, thereby effectively eliminating the gathering of computing power.
进一步的,对于第一密钥生成算法在生成第一密钥时考虑矿池标识的实现方式,能够限制Slave TEE只能在指定的矿池下挖矿,不能随意更换矿池(否则无法正确解密区块头主体部分的哈希值),避免算力聚集。Further, for the first key generation algorithm to consider the implementation of the mining pool identification when generating the first key, it can restrict the Slave TEE to only mine under the specified mining pool, and cannot replace the mining pool at will (otherwise the decryption area cannot be decrypted correctly The hash value of the main part of the block header) to avoid the accumulation of computing power.
进一步的,对于第一密钥生成算法在生成第一密钥时考虑认证码的实现方式,由于并 行链上的记账节点都可以根据认证码去实名认证机构查询获得记账权的用户是否通过实名认证(具体方法见后文描述),因此可以避免矿池运营者私自允许一些未经实名认证的用户(其Slave TEE中无认证码)使用其终端设备参与挖矿,保障挖矿过程的公正性。Further, for the first key generation algorithm to consider the implementation of the authentication code when generating the first key, since the accounting nodes on the parallel chain can use the authentication code to go to the real-name certification authority to query whether the user who obtained the accounting right has passed Real-name authentication (see the description below for the specific method), so it can avoid that the pool operator allows some users without real-name authentication (there is no authentication code in their Slave TEE) to use their terminal equipment to participate in mining, ensuring the fairness of the mining process Sex.
进一步的,步骤S423可以与步骤S424在Slave TEE中连续执行,无法被Slave TEE之外的程序中断或干扰,因为其解密获得的区块头主体部分的哈希值,将作为记账权确定信息的一部分进行签名,两个步骤紧密捆绑,确保明文态的区块头主体部分的哈希值仅被用于生成记账权确定信息的签名,不被用于其它用途,避免其遭到伪造。另一方面,由于对记账权确定信息的签名要使用Slave TEE保存的第一私钥,步骤S423还保证了任何人在不解密区块头主体部分的哈希值的情况下是无法使用第一私钥的,或者说第一私钥只能在该场景下被使用而不会被滥用,确保了签名不会被人伪造。Further, step S423 and step S424 can be executed continuously in Slave TEE, and cannot be interrupted or interfered with by programs other than Slave TEE, because the hash value of the main body of the block header obtained by decryption will be used as the accounting right determination information. One part is signed, and the two steps are closely tied to ensure that the hash value of the main body of the block header in clear text is only used to generate the signature of the accounting right determination information, and is not used for other purposes, to avoid being forged. On the other hand, since the signature of the accounting right determination information needs to use the first private key saved by Slave TEE, step S423 also ensures that no one can use the first without decrypting the hash value of the body part of the block header. The private key, or the first private key, can only be used in this scenario without being abused, ensuring that the signature will not be forged.
根据之前的阐述,为支持区块头主体部分的哈希值的加解密机制。Master TEE中可以保存并行链的数量、并行链已扩容的次数、矿池标识、并行链标识掩码几项信息。其中,前三项信息在Master TEE发行时就配置好,且前两项信息在并行链扩容时经可信授权操作还能更改,Master TEE还提供对外接口,在区块链系统扩容或者并行链标识掩码更新时,矿池服务器通过调用该接口,更新并行链的数量、并行链已扩容的次数、并行链标识掩码中的一项或几项信息。According to the previous explanation, in order to support the encryption and decryption mechanism of the hash value of the main part of the block header. The Master TEE can save several information such as the number of parallel chains, the number of times the parallel chain has been expanded, the mining pool ID, and the parallel chain ID mask. Among them, the first three pieces of information are configured when the Master TEE is issued, and the first two pieces of information can be changed by trusted authorized operations when the parallel chain is expanded. Master TEE also provides external interfaces to expand the capacity of the blockchain system or the parallel chain When the identification mask is updated, the mining pool server calls this interface to update the number of parallel chains, the number of times the parallel chain has been expanded, and one or more items of information in the parallel chain identification mask.
Slave TEE中可以保存并行链的数量、并行链已扩容的次数、矿池标识、并行链标识掩码、虚拟并行链标识几项信息。其中,前两项信息在Slave TEE发行时就配置好,且在并行链扩容时经可信授权操作还能更改,矿池标识由用户自行录入,虚拟并行链标识则在生成钱包账号的地址时根据Slave TEE的硬件标识计算。Slave TEE还提供对外接口,在区块链系统扩容或者并行链标识掩码更新时,终端设备通过调用该接口,更新并行链的数量、并行链已扩容的次数、并行链标识掩码中的一项或几项信息。Slave TEE can save several information such as the number of parallel chains, the number of times the parallel chain has been expanded, mining pool identification, parallel chain identification mask, and virtual parallel chain identification. Among them, the first two pieces of information are configured when Slave TEE is issued, and can be changed by trusted authorization operation when the parallel chain is expanded, the mining pool ID is entered by the user, and the virtual parallel chain ID is generated when the address of the wallet account is generated Calculated according to Slave TEE's hardware identification. Slave TEE also provides an external interface. When the blockchain system is expanded or the parallel chain identification mask is updated, the terminal device invokes this interface to update one of the number of parallel chains, the number of times the parallel chain has been expanded, and the parallel chain identification mask. Item or items.
为确保更改TEE(包括Master TEE和Slave TEE)中的配置信息的命令是可信的,在一些实现方式中,调用配置更新接口时还需要将一个签名作为参数传入,该签名利用区块链系统的管理员保存的私钥生成,在TEE环境中保存与之匹配的公钥,用于验证签名的真实性,若验证通过,才进行配置信息的更新。在区块链系统扩容或者并行链标识掩码更新时,管理员在系统中广播配置更新指令(例如,通过并行链上的路由节点发出广播消息),该指令将被矿池服务器以及终端设备所接收,并最终调用TEE提供的接口完成配置更新。配置更新指令有严格的执行顺序(例如,并行链已扩容的次数必须每次累加1),因此挖矿节点和矿池服务器可以在自身的数据库中保存每次收到的指令,一旦Master TEE或Slave TEE因故下线导致错过一个或多个配置更新指令,其重新上线后将根据数据库中的记录依次执行错过的指令,而不会产生指令执行顺序的错误。In order to ensure that the command to change the configuration information in TEE (including Master TEE and Slave TEE) is trusted, in some implementations, a signature needs to be passed in as a parameter when calling the configuration update interface. This signature uses the blockchain The private key saved by the system administrator is generated, and the matching public key is saved in the TEE environment to verify the authenticity of the signature. If the verification is passed, the configuration information is updated. When the capacity of the blockchain system is expanded or the identity mask of the parallel chain is updated, the administrator broadcasts a configuration update instruction in the system (for example, a broadcast message is sent through a routing node on the parallel chain). This instruction will be used by the mining pool server and terminal equipment. Receive and finally call the interface provided by TEE to complete the configuration update. The configuration update instructions have a strict execution sequence (for example, the number of times the parallel chain has been expanded must be accumulated by 1 each time), so the mining nodes and mining pool servers can save each received instruction in their own databases. Once the Master TEE or Slave TEE missed one or more configuration update instructions due to being offline for some reason. After it is re-launched, it will execute the missed instructions in sequence according to the records in the database without generating errors in the order of instruction execution.
在一些实现方式中,可以将已扩容的次数作为区块头主体部分中的版本号字段的值,即让版本号字段既反映区块链系统中软件版本的变化,也反映区块链系统中扩容配置的变化,以便简化版本管理。In some implementations, the number of times of expansion can be used as the value of the version number field in the main part of the block header, that is, the version number field not only reflects the change of the software version in the blockchain system, but also reflects the expansion in the blockchain system. Configuration changes to simplify version management.
步骤S424:Slave TEE对记账权确定信息进行签名。Step S424: Slave TEE signs the accounting right determination information.
步骤S424和步骤S306类似的部分不再重复阐述。若矿池采用了步骤S401中提到的实名认证机制,则在待定记账区块的区块头中可以相应地增加认证码字段,用于填充用户获得的认证结果中的认证码。从而,区块链中的每个区块都包含获得该区块记账权的Slave TEE绑定的钱包账号的地址主体以及与其对应的认证码,根据步骤S401中的阐述,并行链 上的节点可以根据区块头中记录的这两项信息取实名认证机构验证用户是否确实通过了实名认证。The similar parts of step S424 and step S306 will not be repeated. If the mining pool uses the real-name authentication mechanism mentioned in step S401, an authentication code field may be added to the block header of the pending accounting block to fill in the authentication code in the authentication result obtained by the user. Therefore, each block in the blockchain contains the address body of the wallet account bound by the Slave TEE that obtained the accounting right of the block and the corresponding authentication code. According to the explanation in step S401, the nodes on the parallel chain You can use the real-name certification authority to verify whether the user has actually passed the real-name certification based on the two pieces of information recorded in the block header.
具体而言,终端设备在获得认证结果后,可将认证结果中的认证码保存至Slave TEE中。例如,调用Slave TEE提供的对外接口,将认证结果以及认证结果的签名作为调用参数,Slave TEE中保存实名认证机构的公钥,先对签名进行验证,若通过后将其中的认证码保存在Slave TEE中。Slave TEE在对记账权确定信息进行签名时,将认证码也包含进去,即认证码也作为记账权确定信息的一部分。记账权确定信息最终被挖矿节点接收到之后,由挖矿节点将认证码保存至记账区块的区块头中。Specifically, after obtaining the authentication result, the terminal device may save the authentication code in the authentication result to the Slave TEE. For example, call the external interface provided by Slave TEE, and use the authentication result and the signature of the authentication result as the calling parameters. The public key of the real-name certification authority is stored in Slave TEE, and the signature is verified first. If it passes, the authentication code is stored in Slave TEE. Slave TEE includes the authentication code when signing the accounting right determination information, that is, the authentication code is also used as part of the accounting right determination information. After the accounting right determination information is finally received by the mining node, the mining node saves the authentication code in the block header of the accounting block.
以并行链上的挖矿节点为例,挖矿节点在验证用户是否经过实名认证时,需要知道用户是在哪家实名机构进行的认证,由于认证码中并不包含该信息,因此在一些实现方式中,该信息是预配置在挖矿节点中的,挖矿节点根据预配置的信息可以到实名认证机构提供的查询网址处进行验证。Taking a mining node on a parallel chain as an example, when verifying whether a user has undergone real-name authentication, the mining node needs to know which real-name organization the user authenticates. Since the authentication code does not contain this information, it is implemented in some implementations. In the method, the information is pre-configured in the mining node, and the mining node can verify it at the query URL provided by the real-name certification authority according to the pre-configured information.
在另一些实现方式中,可以对认证码进行扩展,将认证结果中认证标识也包含到认证码中。这种扩展可能在实名认证机构一端已经实现,例如在实名认证机构返回的认证码中已经包含认证标识,不再返回单独的认证标识。或者,实名认证机构仍返回认证标识和原始的认证码,但Slave TEE在保存认证码时,将原始的认证码和认证标识合并为扩展后的认证码保存,例如,原始的认证码为4字节,认证标识为1字节,扩展后的认证码为5字节,在后续步骤中均使用扩展后的认证码。由于扩展后的认证码中包含了认证标识,所以挖矿节点在验证用户是否经过实名认证时仅根据认证码就可以确定实名认证机构的信息,并访问相应的实名认证机构完成验证,从而实现了在区块链系统中支持经多家实名认证机构认证的终端设备参与挖矿。需要指出,以上所说的扩展后的认证码中包含认证标识,是指包含认证标识中描述实名认证机构身份的部分,不一定要包含认证标识的全部内容。In some other implementations, the authentication code can be extended to include the authentication identifier in the authentication result into the authentication code. This extension may be implemented at the end of the real-name certification authority. For example, the authentication code returned by the real-name certification authority already contains the authentication identifier, and no separate authentication identifier will be returned. Or, the real-name certification body still returns the certification mark and the original certification code, but Slave TEE merges the original certification code and certification mark into the extended certification code when saving the certification code, for example, the original certification code is 4 characters Section, the authentication mark is 1 byte, the extended authentication code is 5 bytes, and the extended authentication code is used in the subsequent steps. Since the extended authentication code contains the authentication mark, the mining node can determine the information of the real-name certification body based on the authentication code only when verifying whether the user has undergone real-name authentication, and visit the corresponding real-name certification body to complete the verification, thereby realizing In the blockchain system, it supports terminal equipment certified by multiple real-name certification agencies to participate in mining. It should be pointed out that the extended authentication code mentioned above includes the authentication mark, which means the part of the authentication mark that describes the identity of the real-name certification body, and does not necessarily include all the contents of the authentication mark.
引入实名认证机制后,矿池服务器、挖矿节点或者区块链系统中的其他节点一旦发现某个参与挖矿的用户有不端行为,例如其使用的终端设备中存在篡改数据等行为,很容易根据认证码查询到该用户的真实身份信息,对其进行追责,满足区块链系统的监管部门的监管需求。After the introduction of the real-name authentication mechanism, once the mining pool server, mining node or other nodes in the blockchain system discover that a user participating in mining has misconduct, such as the tampering of data in the terminal equipment used by it, it is very It is easy to query the user's true identity information based on the authentication code, and hold him accountable to meet the regulatory needs of the blockchain system's regulatory department.
另一方面,实名认证机制也能够让Slave TEE的发行商自证清白,因为实名认证由第三方的实名认证机构掌控,发行商无法通过伪造众多的Slave TEE(例如,通过软件模拟的方式)在挖矿过程中获得非正常的算力,因为用户的实际身份是有限(例如,用户很难拥有大量的真实手机号),难以让大量伪造的Slave TEE都通过实名认证。On the other hand, the real-name authentication mechanism can also make the publishers of Slave TEE self-certified, because the real-name authentication is controlled by a third-party real-name authentication institution, and the publisher cannot forge many Slave TEEs (for example, through software simulation). Abnormal computing power is obtained during the mining process, because the actual identity of the user is limited (for example, it is difficult for the user to have a large number of real mobile phone numbers), and it is difficult for a large number of fake Slave TEE to pass the real-name authentication.
进一步的,步骤S420、S421、S421、S423以及S424也可以在Slave TEE中连续执行,不能被Slave TEE之外的程序中断或干扰,这样保证了这些步骤中前步操作结果无法被伪造,以便用作后步操作的输入。Further, steps S420, S421, S421, S423, and S424 can also be executed continuously in Slave TEE, and cannot be interrupted or interfered with by programs other than Slave TEE, which ensures that the results of the previous steps in these steps cannot be forged in order to use Make input for subsequent operations.
步骤S425:终端设备向矿池服务器发送记账权确定信息以及记账权确定信息的签名。Step S425: The terminal device sends the accounting right determination information and the signature of the accounting right determination information to the mining pool server.
步骤S426:矿池服务器验证记账权确定信息是否有效。Step S426: The mining pool server verifies whether the accounting right determination information is valid.
矿池服务器可以验证的内容包括记账权确定信息的签名是否真实,以及记账权确定信息是否被篡改,在步骤S308中已经进行过阐述的内容,不再重复阐述。若记账权确定信息中包含认证码,则矿池服务器还可以验证认证码与本地保存的是否一致,若一致则通过验证,不一致则说明记账权确定信息中的认证码是被篡改过的。The content that the mining pool server can verify includes whether the signature of the accounting right determination information is authentic and whether the accounting right determination information has been tampered with. The content that has been explained in step S308 will not be repeated. If the authentication code is included in the accounting right determination information, the mining pool server can also verify whether the authentication code is consistent with the locally saved one. If they are consistent, the verification code is passed, and if they are inconsistent, the authentication code in the accounting right determination information has been tampered with .
步骤S427:矿池服务器向挖矿节点发送记账权确定信息以及记账权确定信息的签名。Step S427: the mining pool server sends the accounting right determination information and the signature of the accounting right determination information to the mining node.
在区块链系统有多个并行链时,矿池服务器向竞争到记账权的Slave TEE所在的那个并行链上的挖矿节点发送记账权确定信息。When there are multiple parallel chains in the blockchain system, the mining pool server sends the accounting right determination information to the mining node on the parallel chain where the Slave TEE competing for the accounting right is located.
步骤S428:挖矿节点验证记账权确定信息是否有效。Step S428: The mining node verifies whether the accounting right determines that the information is valid.
挖矿节点可以验证的内容包括记账权确定信息的签名是否真实,以及记账权确定信息是否被篡改,在步骤S309中已经进行过阐述的内容,不再重复阐述。若记账权确定信息中包含认证码,则挖矿节点还可以验证用户是否经过实名认证。The content that the mining node can verify includes whether the signature of the accounting right determination information is authentic and whether the accounting right determination information has been tampered with. The content that has been explained in step S309 will not be repeated. If the accounting right determination information contains an authentication code, the mining node can also verify whether the user has been authenticated by real name.
步骤S429:验证待定记账区块是否满足冷却时长的要求。Step S429: verify whether the pending accounting block meets the cooling time requirement.
若满足冷却时长的要求,则执行步骤S430生成记账区块,否则不生成记账区块,本次记账失败。If the cooling time requirement is met, step S430 is executed to generate an accounting block; otherwise, an accounting block is not generated, and the accounting fails this time.
其判断方法与步骤S418中类似,这里仅仅简单重复,具体可参考步骤S418:The judgment method is similar to that in step S418, which is simply repeated here. For details, refer to step S418:
首先,挖矿节点根据记账权确定信息中的钱包账号的地址主体查询获得终端设备上次记账生成的区块在区块链中的高度。为加快查询进度,在一些实现方式中,挖矿节点可以将区块链中每个区块高度以及区块头中的钱包账号的地址主体单独保存到挖矿节点的数据库中。First, the mining node queries the address subject of the wallet account in the information for determining the accounting rights to obtain the height of the block generated by the terminal device in the last accounting in the blockchain. In order to speed up the query progress, in some implementations, the mining node can separately save the height of each block in the blockchain and the address body of the wallet account in the block header to the mining node's database.
其次,挖矿节点根据上次记账生成的区块在区块链中的高度以及待定记账区块在区块链中的高度确定待定记账区块的生成时间与上次记账生成的区块的生成时间的时间间隔。其具体估算公式可以参考步骤S418。Secondly, the mining node determines the generation time of the pending accounting block and the last accounting generation based on the height of the block generated by the last accounting in the blockchain and the height of the pending accounting block in the blockchain The time interval of the generation time of the block. The specific estimation formula can refer to step S418.
最后,挖矿节点确定判断时间间隔大于冷却时长,若大于,则确定待定记账区块满足冷却时长的要求,否则不满足冷却时长的要求。其中,冷却时长为根据挖矿节点保存的难度目标值计算出的累积未用下限时长的k倍,k为大于0且小于1的常数。Finally, the mining node determines that the judgment time interval is greater than the cooling time. If it is greater, it determines that the pending accounting block meets the cooling time requirement, otherwise it does not meet the cooling time requirement. The cooling duration is k times the cumulative unused minimum duration calculated according to the difficulty target value saved by the mining node, and k is a constant greater than 0 and less than 1.
类似步骤S418,在一些实现方式中,挖矿节点可以增设一条验证规则,若待定记账区块的区块头中的难度目标值大于某一预设值(如最大难度目标值的一半),则也视为满足冷却时长的要求,不在按照区块的高度进行冷却时长的估算。Similar to step S418, in some implementations, the mining node may add a verification rule. If the difficulty target value in the block header of the pending accounting block is greater than a certain preset value (such as half of the maximum difficulty target value), then It is also considered to meet the requirement of cooling time, and the cooling time is not estimated according to the height of the block.
类似步骤S418,若某个Slave TEE首次参与挖矿,或者刚刚换一个并行链挖矿(因为区块链系统扩容或者并行链标识掩码调整),由于新的并行链上的挖矿节点只有新的并行链上的账本,在该账本中并不能查到该Slave TEE之前挖矿的记录,因此也无法获得其上次记账成功时生成的区块在区块链中的高度,所以也视为已经满足冷却时长的要求。Similar to step S418, if a Slave TEE participates in mining for the first time, or has just changed to a parallel chain mining (because of the expansion of the blockchain system or the adjustment of the parallel chain identification mask), because the mining nodes on the new parallel chain are only new The ledger on the parallel chain of the account cannot find the record of the mining before the Slave TEE in the ledger, so it cannot obtain the height of the block generated in the last successful bookkeeping in the blockchain, so it is also considered To meet the cooling time requirements.
步骤S430:挖矿节点生成记账区块并将记账区块添加至本地的区块链中。Step S430: The mining node generates an accounting block and adds the accounting block to the local blockchain.
在步骤S309中已经进行过阐述的内容,不再重复阐述。若记账区块中包含认证码,则并行链上的记账节点(如其他挖矿节点等)还可以验证用户是否经过实名认证,具体在步骤S424中已经阐述。The content that has been explained in step S309 will not be repeated. If the accounting block contains an authentication code, the accounting nodes (such as other mining nodes, etc.) on the parallel chain can also verify whether the user has been authenticated by real name, as described in step S424.
此外,在一些实现方式中,挖矿节点对于从其他挖矿节点广播过来的待确认的记账区块,也可以验证该区块的记账行为是否满足冷却时长,进而确定是否要认可该区块。需要指出,挖矿节点上的判断过程与Slave TEE自己主动休息以及矿池服务器上的判断过程是相互独立的,即使Slave TEE和矿池服务器上不实现和冷却时长有关的功能,挖矿节点上仍可独立进行此判断。In addition, in some implementations, the mining node can also verify whether the accounting behavior of the block for the accounting block broadcast from other mining nodes to be confirmed meets the cooling time, and then determine whether to approve the area Piece. It should be pointed out that the judgment process on the mining node and Slave TEE's own active rest and the judgment process on the mining pool server are independent of each other, even if the slave TEE and the mining pool server do not implement the functions related to the cooling time, the mining node This judgment can still be made independently.
其判断方法与步骤S418中类似,这里仅仅简单重复,具体可参考步骤S418:The judgment method is similar to that in step S418, which is simply repeated here. For details, refer to step S418:
首先,挖矿节点根据本地的区块链中的待确认的记账区块中保存的终端设备的钱包账号的地址主体查询获得该终端设备上次记账生成的区块在区块链中的高度。为加快查询进度,在一些实现方式中,挖矿节点可以将区块链中每个区块高度以及区块头中的钱包账号 的地址主体单独保存到挖矿节点的数据库中。First, the mining node queries the address body of the wallet account of the terminal device saved in the accounting block to be confirmed in the local blockchain to obtain the block of the terminal device's last accounting in the blockchain. height. In order to speed up the query progress, in some implementations, the mining node can separately save the height of each block in the blockchain and the address body of the wallet account in the block header to the mining node's database.
其次,挖矿节点根据上次记账生成的区块在区块链中的高度以及待确认的记账区块在区块链中的高度确定待确认的记账区块的生成时间与上次记账生成的区块的生成时间的时间间隔。其具体估算公式可以参考步骤S418。Secondly, the mining node determines the generation time of the accounting block to be confirmed and the last time according to the height of the block generated by the last accounting in the blockchain and the height of the accounting block to be confirmed in the blockchain The time interval of the generation time of the block generated by accounting. The specific estimation formula can refer to step S418.
最后,挖矿节点判断时间间隔是否大于预设的冷却时长,若大于冷却时长,则认可待确认的记账区块,并将其添加至本地的区块链中等待进一步确认,否则不会认可该区块,可以直接将其丢弃。其中,冷却时长为根据待确认的记账区块中保存的难度目标值计算出的累积未用下限时长的k倍,k为大于0且小于1的常数。Finally, the mining node judges whether the time interval is greater than the preset cooling duration. If it is greater than the cooling duration, it will approve the accounting block to be confirmed and add it to the local blockchain for further confirmation, otherwise it will not be approved This block can be discarded directly. The cooling duration is k times the cumulative unused lower limit duration calculated according to the difficulty target value stored in the accounting block to be confirmed, and k is a constant greater than 0 and less than 1.
类似步骤S418的,在一些实现方式中,挖矿节点可以增设一条验证规则,若待确认的记账区块的区块头中的难度目标值大于某一预设值(如最大难度目标值的一半),则也视为满足冷却时长的要求,不在按照区块的高度进行冷却时长的估算。Similar to step S418, in some implementations, the mining node may add a verification rule, if the difficulty target value in the block header of the accounting block to be confirmed is greater than a certain preset value (such as half of the maximum difficulty target value) ), it is also considered to meet the cooling time requirement, and the cooling time is not estimated according to the height of the block.
类似步骤S418的,若在待确认的记账区块生成时,某个Slave TEE首次参与挖矿,或者刚刚换一个并行链挖矿(因为区块链系统扩容或者并行链标识掩码调整),由于新的并行链上的挖矿节点只有新的并行链上的账本,在该账本中并不能查到该Slave TEE之前挖矿的记录,因此也无法获得其上次记账成功时生成的区块在区块链中的高度,所以也视为已经满足冷却时长的要求。Similar to step S418, if a Slave TEE participates in mining for the first time when the accounting block to be confirmed is generated, or has just changed to a parallel chain mining (because of the expansion of the blockchain system or the adjustment of the parallel chain identification mask), Since the mining nodes on the new parallel chain only have the ledger on the new parallel chain, the mining records before the Slave TEE cannot be found in the ledger, so it is impossible to obtain the area generated when the last bookkeeping was successful. The height of the block in the blockchain, so it is also considered to have met the cooling time requirement.
步骤S431:矿池服务器将矿池奖励从矿池钱包账号的地址转账至竞争到记账权的Slave TEE绑定的钱包账号的地址。Step S431: The mining pool server transfers the mining pool reward from the address of the mining pool wallet account to the address of the wallet account bound to the Slave TEE competing for the accounting right.
按照区块链的协议,挖矿成功后用户能够获得一定数额的数字货币作为挖矿奖励,而矿池奖励是矿池运营者发给用户的额外的数字货币,不属于挖矿奖励的一部分,其目的在于吸引更多用户参与挖矿,改善矿池的运营状况。According to the blockchain agreement, after successful mining, users can get a certain amount of digital currency as a mining reward, and the mining pool reward is an additional digital currency issued by the mining pool operator to the user, which is not part of the mining reward. Its purpose is to attract more users to participate in mining and improve the operation of the mining pool.
发放矿池奖励也可以实现为智能合约的脚本,在Slave TEE竞争记账权成功后触发该智能合约,实现矿池奖励的发放。需要指出,虽然竞争到记账权的用户并不一定是最终记账成功的用户,但矿池运营者处于运营方面的考虑,仍可向其发放矿池奖励。The distribution of mining pool rewards can also be implemented as a script of a smart contract, which triggers the smart contract after the Slave TEE competition billing rights are successful, to realize the distribution of mining pool rewards. It should be pointed out that although the users competing for the billing rights are not necessarily the users who successfully book the bills in the end, the mining pool operators are still considering the operation and can still issue mining pool rewards to them.
矿池奖励和挖矿奖励可以是同一种数字货币,也可以不是同一种数字货币,前者可以由矿池运营者自己发行并维护。Slave TEE绑定的钱包账号的地址对于矿池服务器是已知的,而矿池钱包账号的地址可以由Master TEE进行管理,每次矿池奖励的转账交易可以使用Master TEE中的私钥进行签名,确保交易的安全性。The mining pool reward and the mining reward may be the same digital currency, or may not be the same digital currency. The former can be issued and maintained by the mining pool operator himself. The address of the wallet account bound to the Slave TEE is known to the mining pool server, and the address of the mining pool wallet account can be managed by the Master TEE. Each transfer transaction rewarded by the mining pool can be signed using the private key in the Master TEE To ensure the security of transactions.
此外,还需要指出,给Slave TEE发放挖矿奖励的并行链并不一定是Slave TEE挖矿所在的并行链。In addition, it should also be pointed out that the parallel chain that issues mining rewards to Slave TEE is not necessarily the parallel chain where Slave TEE mines.
可以理解的,步骤S401至步骤S431也可以按照不同于上面的顺序执行,上面步骤顺序仅仅是本公开实施例提供的一种实现方式,不应当视为对本公开保护范围的限制。It can be understood that steps S401 to S431 may also be executed in an order different from the above, and the order of the steps above is only an implementation manner provided by the embodiments of the present disclosure, and should not be considered as limiting the protection scope of the present disclosure.
上面介绍的各个实施例,简单概括来说,是通过矿池服务器将挖矿任务派发给终端设备中配置的Slave TEE,在Slave TEE中通过时长累积实现算力竞争。但在实践中,也不排除这样的方案:允许单个TEE直接挂到某个并行链下的某个挖矿节点实施挖矿,而不依赖于矿池服务器。如果该TEE在基于累积未用时长的算力竞争中胜出,同样对记账权确定信息进行签名,并由终端设备将记账权确定信息及其签名发送至挖矿节点,由挖矿节点生成记账区块并完成记账,其功能和上面介绍的Slave TEE类似,该单个TEE亦可按照之前介绍的规则确定自身只能在某个确定的并行链中的挖矿节点上实施挖矿。The above-mentioned embodiments are briefly summarized as, the mining task is distributed to the slave TEE configured in the terminal device through the mining pool server, and the computing power competition is realized in the slave TEE through the accumulation of duration. However, in practice, such a scheme is not excluded: allowing a single TEE to be directly linked to a mining node under a parallel chain for mining without relying on the mining pool server. If the TEE wins the competition based on the accumulated unused time, the accounting right determination information is also signed, and the terminal equipment sends the accounting right determination information and its signature to the mining node, which is generated by the mining node The accounting block and the accounting are completed. Its function is similar to the Slave TEE described above. The single TEE can also determine that it can only perform mining on a certain parallel chain mining node according to the rules introduced previously.
可以理解,直接挂到挖矿节点上实施挖矿的TEE和前文中提到的Slave TEE在实现上 存在区别,并非同款产品。例如,在一些实现方式中,前文中的Slave TEE可能利用第一密钥对区块头主体部分的哈希值进行解密(由Master TEE加密),而在本场景中的则可直接向TEE传递区块头主体部分的哈希值的明文。当然本场景中的TEE在实现上与前文中的Slave TEE亦有很多相似之处,可以参考前文阐述,此处不再重复。It can be understood that the TEE directly linked to the mining node for mining and the Slave TEE mentioned in the above are different in implementation, and are not the same product. For example, in some implementations, the Slave TEE in the foregoing may use the first key to decrypt the hash value of the body part of the block header (encrypted by the Master TEE), while in this scenario, the TEE can directly pass the zone The plain text of the hash value of the body of the block header. Of course, the implementation of TEE in this scenario has many similarities with the Slave TEE in the previous article. You can refer to the previous article for explanation, which will not be repeated here.
本公开实施例还提供一种矿池服务器,如图5所示。参照图5,矿池服务器500包括:An embodiment of the present disclosure also provides a mining pool server, as shown in FIG. 5. 5, the mining pool server 500 includes:
存储器504,用于存储计算机指令;Memory 504, used to store computer instructions;
通信接口506,用于与终端设备以及挖矿节点通信;Communication interface 506, used to communicate with terminal equipment and mining nodes;
Master TEE 508或连接有Master TEE508;Master TEE508 or Master TEE508 connected;
处理器502,与存储器504、通信接口506以及Master TEE508通过一条或多条总线510相连,其中,在存储器504中的计算机指令被处理器执行时,处理器502结合Master TEE 508执行本公开实施例提供的记账方法中相应于矿池服务器以及Master TEE的步骤。The processor 502 is connected to the memory 504, the communication interface 506, and the Master TEE 508 through one or more buses 510, wherein when the computer instructions in the memory 504 are executed by the processor, the processor 502 combines with the Master TEE 508 to execute the embodiments of the present disclosure The provided accounting method corresponds to the steps of the mining pool server and Master TEE.
其中,存储器504包括一个或多个,其可以是,但不限于,随机存取存储器(Random Access Memory,简称RAM)、只读存储器(Read Only Memory,简称ROM)、可编程只读存储器(Programmable Read-Only Memory,简称PROM)、可擦除只读存储器(Erasable Programmable Read-Only Memory,简称EPROM)、电可擦除只读存储器(Electric Erasable Programmable Read-Only Memory,简称EEPROM)等。处理器502以及其他可能的组件可对存储器504进行访问、读和/或写其中的数据。Among them, the memory 504 includes one or more, which may be, but not limited to, random access memory (Random Access Memory, RAM for short), read only memory (Read Memory Only, ROM for short), programmable read only memory (Programmable Read-Only Memory (PROM), Erasable Programmable Read-Only Memory (EPROM), Electrically Erasable Programmable Read-Only Memory (EEPROM), etc. The processor 502 and other possible components may access the memory 504, read and/or write data therein.
处理器502包括一个或多个,其可以是一种集成电路芯片,具有信号的处理能力。上述的处理器502可以是通用处理器,包括中央处理器(Central Processing Unit,简称CPU)、微控制单元(Micro Controller Unit,简称MCU)、网络处理器(Network Processor,简称NP)或者其他常规处理器;还可以是专用处理器,包括数字信号处理器(Digital Signal Processor,简称DSP)、专用集成电路(Application Specific Integrated Circuits,简称ASIC)、现场可编程门阵列(Field Programmable Gate Array,简称FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件。The processor 502 includes one or more, which may be an integrated circuit chip with signal processing capabilities. The foregoing processor 502 may be a general-purpose processor, including a central processing unit (CPU), a micro controller unit (MCU), a network processor (NP), or other conventional processing It can also be a dedicated processor, including digital signal processor (Digital Signal Processor, referred to as DSP), application-specific integrated circuit (Application Specific Integrated Circuits, referred to as ASIC), field programmable gate array (Field Programmable Gate Array, referred to as FPGA) Or other programmable logic devices, discrete gates or transistor logic devices, discrete hardware components.
通信接口506包括一个或多个,通信接口506可以是计算机网络接口,例如以太网接口,也可以是移动通信网络接口,例如3G、4G、5G网络的接口,还可以是其他具有数据收发功能的接口。The communication interface 506 includes one or more. The communication interface 506 may be a computer network interface, such as an Ethernet interface, or a mobile communication network interface, such as an interface of a 3G, 4G, or 5G network, or may be other data receiving and sending functions. interface.
Master TEE 508在前文已经介绍,不再重复阐述。 Master TEE 508 has been introduced in the previous article and will not be repeated again.
本公开实施例提供的矿池服务器500,其实现原理及产生的技术效果在前述方法实施例中已经介绍,为简要描述,装置实施例部分未提及之处,可参考方法施例中相应内容。The implementation principle and technical effects of the mining pool server 500 provided by the embodiments of the present disclosure have been introduced in the foregoing method embodiments. For a brief description, for the parts not mentioned in the device embodiment, please refer to the corresponding content in the method embodiments .
本公开实施例还提供一种终端设备,如图6所示。参照图6,终端设备600包括:An embodiment of the present disclosure also provides a terminal device, as shown in FIG. 6. 6, the terminal device 600 includes:
存储器604,用于存储计算机指令;Memory 604, used to store computer instructions;
通信接口606,用于与矿池服务器通信;Communication interface 606, used to communicate with the mining pool server;
Slave TEE 608或连接有Slave TEE 608; Slave TEE 608 or Slave TEE 608 connected;
处理器602,与存储器604、通信接口606以及Slave TEE 608通过一条或多条总线610相连,其中,在存储器604中的计算机指令被处理器602执行时,处理器602结合Slave TEE 608执行本公开实施例提供的记账方法中相应于终端设备以及Slave TEE的步骤。The processor 602 is connected to the memory 604, the communication interface 606, and the slave TEE 608 through one or more buses 610, wherein when the computer instructions in the memory 604 are executed by the processor 602, the processor 602 performs the present disclosure in conjunction with the slave TEE 608 The accounting method provided in the embodiment corresponds to the steps of the terminal device and the slave TEE.
其中,存储器604、通信接口606以及处理器602的实现方法可以采用和存储器504、通信接口506以及处理器502类似的实现方法,不再重复阐述。Slave TEE 608在前文已经 介绍,不再重复阐述。The implementation method of the memory 604, the communication interface 606, and the processor 602 may adopt a similar implementation method as that of the memory 504, the communication interface 506, and the processor 502, and will not be described repeatedly. Slave TEE 608 has been introduced in the previous article and will not be repeated again.
本公开实施例提供的终端设备600,其实现原理及产生的技术效果在前述方法实施例中已经介绍,为简要描述,装置实施例部分未提及之处,可参考方法施例中相应内容。The implementation principles and technical effects of the terminal device 600 provided by the embodiments of the present disclosure have been introduced in the foregoing method embodiments. For a brief description, for the parts not mentioned in the device embodiments, refer to the corresponding contents in the method embodiments.
本公开实施例还提供一种挖矿节点,如图7所示。参照图7,挖矿节点700包括:An embodiment of the present disclosure also provides a mining node, as shown in FIG. 7. Referring to FIG. 7, the mining node 700 includes:
存储器704,用于存储计算机指令;Memory 704, used to store computer instructions;
通信接口706,用于与矿池服务器通信;Communication interface 706, used to communicate with the mining pool server;
处理器702,与存储器704、通信接口706通过总线710相连,其中,在存储器704中的计算机指令被处理器702执行时,处理器702执行本公开实施例提供的记账方法中相应于挖矿节点的步骤。The processor 702 is connected to the memory 704 and the communication interface 706 through the bus 710. When the computer instructions in the memory 704 are executed by the processor 702, the processor 702 performs the accounting method provided in the embodiment of the present disclosure corresponding to mining. Node steps.
其中,存储器704、通信接口706以及处理器702的实现方法可以采用和存储器504、通信接口506以及处理器502类似的实现方法,不再重复阐述。The implementation methods of the memory 704, the communication interface 706, and the processor 702 may adopt similar implementation methods as those of the memory 504, the communication interface 506, and the processor 502, and will not be described repeatedly.
本公开实施例提供的挖矿节点700,其实现原理及产生的技术效果在前述方法实施例中已经介绍,为简要描述,装置实施例部分未提及之处,可参考方法施例中相应内容。The implementation principles and technical effects of the mining node 700 provided by the embodiments of the present disclosure have been introduced in the foregoing method embodiments. For a brief description, for the parts not mentioned in the device embodiments, please refer to the corresponding content in the method embodiments .
需要说明的是,本说明书中的各个实施例均采用递进的方式描述,每个实施例重点说明的都是与其他实施例的不同之处,各个实施例之间相同相似的部分互相参见即可。对于装置类实施例而言,由于其与方法实施例基本相似,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。It should be noted that the embodiments in this specification are described in a progressive manner. Each embodiment focuses on the differences from other embodiments. The same and similar parts between the embodiments refer to each other. can. For the device embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and the relevant part can be referred to the description of the method embodiment.
本申请所提供的几个实施例中,应该理解到,所揭露的装置和方法,也可以通过其他的方式实现。以上所描述的装置实施例仅仅是示意性的,例如,附图中的流程图和框图显示了根据本公开的多个实施例的装置、方法和计算机程序产品的可能实现的体系架构、功能和操作。在这点上,流程图或框图中的每个方框可以代表一个模块、程序段或代码的一部分,所述模块、程序段或代码的一部分包含一个或多个用于实现规定的逻辑功能的可执行指令。也应当注意,在有些作为替换的实现方式中,方框中所标注的功能也可以以不同于附图中所标注的顺序发生。例如,两个连续的方框实际上可以基本并行地执行,它们有时也可以按相反的顺序执行,这依所涉及的功能而定。也要注意的是,框图和/或流程图中的每个方框、以及框图和/或流程图中的方框的组合,可以用执行规定的功能或动作的专用的基于硬件的系统来实现,或者可以用专用硬件与计算机指令的组合来实现。In the several embodiments provided in this application, it should be understood that the disclosed device and method may also be implemented in other ways. The device embodiments described above are only schematic. For example, the flowcharts and block diagrams in the drawings show possible implementation architectures, functions, and functions of devices, methods, and computer program products according to multiple embodiments of the present disclosure. operating. In this regard, each block in the flowchart or block diagram may represent a module, program segment, or part of code that contains one or more of the Executable instructions. It should also be noted that in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two consecutive blocks can actually be executed substantially in parallel, and sometimes they can also be executed in reverse order, depending on the functions involved. It should also be noted that each block in the block diagrams and/or flowcharts, and combinations of blocks in the block diagrams and/or flowcharts, can be implemented with dedicated hardware-based systems that perform specified functions or actions Or, it can be realized by a combination of dedicated hardware and computer instructions.
另外,在本公开各个实施例中的各功能模块可以集成在一起形成一个独立的部分,也可以是各个模块单独存在,也可以两个或两个以上模块集成形成一个独立的部分。In addition, the functional modules in the embodiments of the present disclosure may be integrated together to form an independent part, or each module may exist alone, or two or more modules may be integrated to form an independent part.
所述功能如果以软件功能模块的形式实现并作为独立的产品销售或使用时,可以存储在计算机可读取存储介质中。基于这样的理解,本公开的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来,该计算机软件产品存储在存储介质中,包括若干指令用以使得计算机设备执行本公开各个实施例所述方法的全部或部分步骤。前述的计算机设备包括:个人计算机、服务器、移动设备、智能穿戴设备、网络设备、虚拟设备等各种具有执行程序代码能力的设备,前述的存储介质包括:U盘、移动硬盘、只读存储器、随机存取存储器、磁碟、磁带或者光盘等各种可以存储程序代码的介质。If the function is implemented in the form of a software function module and sold or used as an independent product, it may be stored in a computer-readable storage medium. Based on such an understanding, the technical solution of the present disclosure essentially or part of the contribution to the existing technology or part of the technical solution can be embodied in the form of a software product, the computer software product is stored in a storage medium, including several The instructions are used to cause the computer device to perform all or part of the steps of the methods described in various embodiments of the present disclosure. The foregoing computer devices include: personal computers, servers, mobile devices, smart wearable devices, network devices, virtual devices, and other devices that have the ability to execute program code. The foregoing storage media include: U disk, mobile hard disk, read-only memory, Random access memory, magnetic disks, magnetic tapes, or optical disks can store program codes.
以上所述,仅为本公开的具体实施方式,但本公开的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本公开揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本公开的保护范围之内。因此,本公开的保护范围应所述以权利要求的保护范围为准。The above are only specific implementations of the present disclosure, but the scope of protection of the present disclosure is not limited to this, and any person skilled in the art can easily think of changes or replacements within the technical scope disclosed in the present disclosure. It should be covered by the protection scope of the present disclosure. Therefore, the protection scope of the present disclosure shall be subject to the protection scope of the claims.
工业实用性Industrial applicability
本公开实施例提供的记账方法、矿池服务器、终端设备、挖矿节点及矿池,在参与挖矿的终端设备的可信执行环境中采用基于累积未用时长的共识算法,以节约计算资源以及减小电能消耗。特别地,终端设备接入到矿池参与挖矿,终端设备配置的Slave TEE充当矿工的角色,Slave TEE在竞争记账权时采用了不同于PoW的共识算法:Slave TEE内部维护一个累积未用时长,该累积未用时长会随时间流逝而累加,同时,Slave TEE还从矿池服务器获得难度目标值,并根据难度目标值换算出累积未用下限时长,若累积未用时长大于累积未用下限时长,则Slave TEE竞争记账权成功,否则竞争记账权失败,可以继续参与下次记账权的竞争。该共识算法所涉及的计算量在机制上不像基于哈希碰撞的PoW算法那么消耗电力,因而更加节能、环保,有助于提高社会整体效益。The accounting method, mining pool server, terminal equipment, mining node and mining pool provided by the embodiments of the present disclosure adopt a consensus algorithm based on accumulated unused time in the trusted execution environment of the terminal equipment participating in mining to save calculation Resources and reduce power consumption. In particular, the terminal equipment is connected to the mining pool to participate in mining. The Slave TEE configured in the terminal equipment acts as a miner. Slave TEE uses a consensus algorithm different from PoW when competing for billing rights: Slave TEE maintains a cumulative unused time internally , The accumulated unused time will accumulate with the passage of time, meanwhile, Slave TEE also obtains the difficulty target value from the mining pool server, and calculates the accumulated unused minimum duration according to the difficulty target value, if the accumulated unused duration is greater than the accumulated unused lower limit Duration, then the Slave TEE competition accounting right is successful, otherwise the competition accounting right fails, you can continue to participate in the next accounting right competition. The calculation amount involved in the consensus algorithm is not as mechanically consuming as the PoW algorithm based on hash collision, so it is more energy-saving and environmentally friendly, which helps to improve the overall social benefits.
另外,Slave TEE在竞争记账权成功后,还会对记账权确定信息签名,并将记账权确定信息连同其签名发送给矿池服务器,矿池服务器进一步将其转发给挖矿节点,挖矿节点最终将签名保存到新生成的记账区块中,并在其所在的并行链上广播记账权确定信息以及新生成的记账区块。从而,矿池服务器、挖矿节点以及并行链上的其他节点都可以根据该签名验证记账者的身份是否可信,还可以验证记账权确定信息的内容是否被篡改,从而有利于改善区块链系统的安全性。记账权确定信息包括和竞争记账权相关的关键信息,区块头主体部分的哈希值能够唯一标识待定记账区块,Slave TEE绑定的钱包账号的地址主体则表明记账者的身份,因此都可以包含在记账权确定信息中。In addition, Slave TEE will also sign the information of the accounting right after the competition for the accounting right is successful, and send the accounting right determination information together with its signature to the mining pool server, which will further forward it to the mining node. The mining node finally saves the signature in the newly generated accounting block, and broadcasts the accounting right determination information and the newly generated accounting block on the parallel chain where it is located. Therefore, the mining pool server, mining nodes, and other nodes on the parallel chain can verify the authenticity of the bookkeeper based on the signature, and can also verify the bookkeeping rights to determine whether the content of the information has been tampered, which is conducive to improving the area. The security of the blockchain system. The accounting right determination information includes key information related to the competitive accounting right. The hash value of the main body of the block header can uniquely identify the pending accounting block, and the address body of the wallet account bound by Slave TEE indicates the identity of the bookkeeper , So they can be included in the accounting right determination information.
此外,在本公开中,区块链系统采用并行链,从而支持将各Slave TEE分散到不同的并行链上进行挖矿,有效避免算力集中,改善区块链系统的安全性。In addition, in the present disclosure, the blockchain system uses a parallel chain, thereby supporting the dispersion of each slave TEE on different parallel chains for mining, effectively avoiding the concentration of computing power, and improving the security of the blockchain system.

Claims (39)

  1. 一种记账方法,其特征在于,应用于区块链系统,所述区块链系统包括至少一个并行链,所述至少一个并行链上搭建有至少一个矿池,每个矿池包括矿池服务器以及位于所述并行链上的挖矿节点,所述挖矿节点采用分布式数据区块链存储数据,所述方法包括:An accounting method, which is applied to a blockchain system, the blockchain system includes at least one parallel chain, at least one mining pool is built on the at least one parallel chain, and each mining pool includes a mining pool A server and a mining node located on the parallel chain. The mining node uses a distributed data blockchain to store data. The method includes:
    所述矿池服务器接收并存储所述挖矿节点发送的待定记账区块的区块头主体部分的哈希值以及所述挖矿节点所在的并行链上挖矿的难度目标值;The mining pool server receives and stores the hash value of the body part of the block header of the pending accounting block sent by the mining node and the difficulty target value of mining on the parallel chain where the mining node is located;
    所述矿池服务器接收终端设备发送的记账请求;The mining pool server receives the accounting request sent by the terminal device;
    所述矿池服务器向所述终端设备发送所述区块头主体部分的哈希值以及所述难度目标值,以使所述终端设备配置的从可信执行环境Slave TEE判断自身的累积未用时长是否大于根据所述难度目标值计算出的累积未用下限时长,并在所述累积未用时长大于所述累积未用下限时长时对记账权确定信息进行签名,其中,所述记账权确定信息包括所述区块头主体部分的哈希值以及所述Slave TEE绑定的钱包账号的地址主体;The mining pool server sends the hash value of the main body of the block header and the difficulty target value to the terminal device, so that the terminal device configures itself to accumulate unused duration from the trusted execution environment Slave TEE Is greater than the cumulative unused lower limit duration calculated according to the difficulty target value, and signing the accounting right determination information when the cumulative unused duration is greater than the cumulative unused lower limit duration, wherein the accounting right The determination information includes the hash value of the body part of the block header and the address body of the wallet account bound by the Slave TEE;
    所述矿池服务器接收所述终端设备发送的所述记账权确定信息以及所述记账权确定信息的签名;The mining pool server receives the accounting right determination information and the signature of the accounting right determination information sent by the terminal device;
    所述矿池服务器将所述记账权确定信息以及所述记账权确定信息的签名发送至所述挖矿节点,以使所述挖矿节点生成包含所述钱包账号的地址主体以及所述记账权确定信息的签名的记账区块,并将所述记账区块添加至本地的区块链中。The mining pool server sends the accounting right determination information and the signature of the accounting right determination information to the mining node, so that the mining node generates an address body including the wallet account and the The accounting right determines the signed accounting block of the information and adds the accounting block to the local blockchain.
  2. 根据权利要求1所述的方法,其特征在于,所述并行链包括路由节点、至少一个矿池的挖矿节点和至少一个简化支付验证SPV节点,所述至少一个并行链的路由节点之间网络连接,所述SPV节点绑定的钱包账号的地址对应的并行链为所述SPV节点所在的并行链,其中:The method according to claim 1, wherein the parallel chain includes a routing node, at least one mining node of a mining pool and at least one simplified payment verification SPV node, and a network between the routing nodes of the at least one parallel chain Connection, the parallel chain corresponding to the address of the wallet account bound by the SPV node is the parallel chain where the SPV node is located, where:
    所述SPV节点响应于接收到交易请求,将所收到的交易请求发送给所述SPV节点所在的并行链的路由节点;In response to receiving the transaction request, the SPV node sends the received transaction request to the routing node of the parallel chain where the SPV node is located;
    所述路由节点响应于对所收到的交易请求校验通过,将所收到的交易请求添加到所述路由节点的交易请求集合中,以及将所收到的交易请求签名后广播给所述路由节点的同链挖矿节点;以及实时将所述路由节点的同链挖矿节点的区块链同步到本地的区块链;In response to the verification of the received transaction request, the routing node adds the received transaction request to the transaction request set of the routing node, and broadcasts the received transaction request to the transaction after signing The same-chain mining node of the routing node; and the real-time synchronization of the same-chain mining node's blockchain of the routing node to the local blockchain;
    所述挖矿节点响应于对从同链路由节点接收到的签名后交易请求验证通过,将签名后交易请求中所述挖矿节点的链内交易请求添加到所述挖矿节点的待处理交易请求集合;根据所述待处理交易请求集合生成所述区块头主体部分的哈希值;In response to the verification of the post-signed transaction request received by the node from the same link, the mining node adds the in-chain transaction request of the mining node in the post-signed transaction request to the pending processing of the mining node A transaction request set; generating a hash value of the body part of the block header according to the pending transaction request set;
    所述路由节点还:确定所述路由节点的交易请求集合中确认已出账且未入账的未入账交易请求;将所确定的未入账交易请求发送给目标并行链的路由节点,其中,所述目标并行链是所确定的未入账交易请求中的入账账号地址对应的并行链;以及响应于接收到异链路由节点发送的交易请求,将所收到的交易请求签名后广播给所述路由节点的同链挖矿节点。The routing node also: determines the unrecorded transaction request that is confirmed to be accounted and unrecorded in the transaction request set of the routing node; sends the determined unrecorded transaction request to the routing node of the target parallel chain, wherein, the The target parallel chain is the parallel chain corresponding to the account number of the account that is determined in the unrecorded transaction request; and in response to receiving the transaction request sent by the node on the different link, the received transaction request is signed and broadcast to the route The same chain mining node of the node.
  3. 根据权利要求1或2所述的方法,其特征在于,所述记账权确定信息还包括所述累积未用下限时长。The method according to claim 1 or 2, wherein the accounting right determination information further includes the cumulative unused lower limit duration.
  4. 根据权利要求1或2所述的方法,其特征在于,所述记账权确定信息的签名由 所述Slave TEE根据保存的第一私钥生成,在所述矿池服务器将所述记账权确定信息以及所述记账权确定信息的签名发送至所述挖矿节点之前,所述方法还包括:The method according to claim 1 or 2, wherein the signature of the accounting right determination information is generated by the Slave TEE based on the saved first private key, and the accounting right is stored in the mining pool server Before the determination information and the signature of the accounting right determination information are sent to the mining node, the method further includes:
    所述矿池服务器根据保存的与所述第一私钥匹配的第一公钥确定所述记账权确定信息的签名为真实签名。The mining pool server determines that the signature of the accounting right determination information is a true signature according to the stored first public key matching the first private key.
  5. 根据权利要求1或2所述的方法,其特征在于,所述矿池包括多个挖矿节点,不同的挖矿节点位于不同的并行链上;The method according to claim 1 or 2, wherein the mining pool includes multiple mining nodes, and different mining nodes are located on different parallel chains;
    所述矿池服务器向所述终端设备发送所述区块头主体部分的哈希值以及所述难度目标值,包括:所述矿池服务器配置的主可信执行环境Master TEE确定与所述终端设备相关联的并行链;所述矿池服务器向所述终端设备发送与所述终端设备相关联的并行链上的挖矿节点提供的所述区块头主体部分的哈希值以及所述难度目标值;The mining pool server sends the hash value of the body part of the block header and the difficulty target value to the terminal device, including: the master trusted execution environment Master TEE configured by the mining pool server determines with the terminal device An associated parallel chain; the mining pool server sends to the terminal device the hash value of the body of the block header provided by the mining node on the parallel chain associated with the terminal device and the difficulty target value ;
    所述矿池服务器将所述记账权确定信息以及所述记账权确定信息的签名发送至所述挖矿节点,包括:所述矿池服务器将所述记账权确定信息以及所述记账权确定信息的签名发送至所述终端设备关联的并行链上的挖矿节点。The mining pool server sends the accounting right determination information and the signature of the accounting right determination information to the mining node, including: the mining pool server sends the accounting right determination information and the accounting right The signature of the account right determination information is sent to the mining node on the parallel chain associated with the terminal device.
  6. 根据权利要求5所述的方法,其特征在于,所述Master TEE确定与所述终端设备相关联的并行链,包括:The method according to claim 5, wherein the Master TEE determining the parallel chain associated with the terminal device includes:
    所述Master TEE根据所述Slave TEE绑定的钱包账号的地址的虚拟并行链标识、所述终端设备的并行链标识掩码以及所述区块链系统包含的并行链的数量计算所述终端设备关联的并行链的链标识,其中,所述虚拟并行链标识根据所述终端设备配置的Slave TEE的硬件标识计算获得。The Master TEE calculates the terminal device based on the virtual parallel chain identifier of the address of the wallet account bound to the Slave TEE, the parallel chain identifier mask of the terminal device, and the number of parallel chains included in the blockchain system The chain identifier of the associated parallel chain, wherein the virtual parallel chain identifier is calculated and obtained according to the hardware identifier of the slave TEE configured by the terminal device.
  7. 根据权利要求5所述的方法,其特征在于,所述矿池服务器向所述终端设备发送所述区块头主体部分的哈希值以及所述难度目标值,包括:The method according to claim 5, wherein the mining pool server sending the hash value of the body part of the block header and the difficulty target value to the terminal device includes:
    所述Master TEE根据第一密钥生成算法基于矿池配置信息生成第一密钥,并根据所述第一密钥加密所述区块头主体部分的哈希值;所述矿池配置信息包括终端设备关联的并行链的链标识;其中,所述Slave TEE能够利用所述第一密钥生成算法生成所述第一密钥,并利用所述第一密钥解密加密后的所述区块头主体部分的哈希值;The Master TEE generates a first key based on the mining pool configuration information according to the first key generation algorithm, and encrypts the hash value of the body part of the block header according to the first key; the mining pool configuration information includes a terminal The chain identifier of the parallel chain associated with the device; wherein the Slave TEE can use the first key generation algorithm to generate the first key, and use the first key to decrypt the encrypted block header body Partial hash value;
    所述矿池服务器向所述终端设备发送所述难度目标值以及加密后的所述区块头主体部分的哈希值。The mining pool server sends the difficulty target value and the encrypted hash value of the main body of the block header to the terminal device.
  8. 根据权利要求7所述的方法,其特征在于,所述第一密钥生成算法为所述Master TEE以及所述Slave TEE所私有,所述第一密钥生成算法的实现不在所述Master TEE以及所述Slave TEE之外公开,所述第一密钥生成算法生成的所述第一密钥在所述Master TEE中被用于且仅被用于加密所述区块头主体部分的哈希值,在所述Slave TEE中被用于且仅被用于解密加密后的所述区块头主体部分的哈希值。The method according to claim 7, wherein the first key generation algorithm is private to the Master TEE and the Slave TEE, and the implementation of the first key generation algorithm is not at the Master TEE and Outside of the Slave TEE, the first key generated by the first key generation algorithm is used in the Master TEE and is only used to encrypt the hash value of the body part of the block header, Used in the Slave TEE and only used to decrypt the encrypted hash value of the body part of the block header.
  9. 根据权利要求1或2所述的方法,其特征在于,所述矿池服务器向所述终端设备发送所述区块头主体部分的哈希值以及所述难度目标值,包括:The method according to claim 1 or 2, wherein the mining pool server sending the hash value of the body part of the block header and the difficulty target value to the terminal device includes:
    所述矿池服务器判断所述终端设备距离上次记账时间的时间间隔(t1)是否大于冷却时长(t2),所述冷却时长(t2)为累积未用下限时长的k倍,k为大于0且小于1的常数;The mining pool server judges whether the time interval (t1) from the last accounting time of the terminal device is greater than the cooling time (t2), the cooling time (t2) is k times the accumulated unused lower limit time, and k is greater than A constant of 0 and less than 1;
    若大于,所述矿池服务器向所述终端设备发送所述区块头主体部分的哈希值以及所述难度目标值。If it is greater, the mining pool server sends the hash value of the body part of the block header and the difficulty target value to the terminal device.
  10. 根据权利要求9所述的方法,其特征在于,在所述矿池服务器判断所述距离上 次记账时间的时间间隔(t1)是否大于所述冷却时长(t2)之后,所述方法还包括:The method according to claim 9, wherein after the mining pool server determines whether the time interval (t1) from the last accounting time is greater than the cooling time (t2), the method further comprises :
    若所述距离上次记账时间的时间间隔(t1)不大于所述冷却时长(t2),则所述矿池服务器通知所述终端设备距离发起下次记账请求的时间间隔(t3),所述距离发起下次记账请求的时间间隔(t3)为所述冷却时长(t2)与所述距离上次记账时间的时间间隔(t1)的差值。If the time interval (t1) from the last accounting time is not greater than the cooling time (t2), the mining pool server notifies the terminal device of the time interval (t3) from which the next accounting request is initiated, The time interval (t3) from which the next billing request is initiated is the difference between the cooling duration (t2) and the time interval (t1) from the last billing time.
  11. 根据权利要求9所述的方法,其特征在于,所述距离上次记账时间的时间间隔(t1)通过如下公式计算:The method according to claim 9, wherein the time interval (t1) from the last accounting time is calculated by the following formula:
    Figure PCTCN2019127183-appb-100001
    Figure PCTCN2019127183-appb-100001
    其中,Height2为所述待定记账区块在所述区块链中的高度,Height1为上次记账生成的区块在所述区块链中的高度,t为所述区块链系统的预设常数,用于表征所述区块链系统的平均出块时间。Where Height2 is the height of the pending accounting block in the blockchain, Height1 is the height of the block generated by the last accounting in the blockchain, and t is the height of the blockchain system A preset constant is used to characterize the average block generation time of the blockchain system.
  12. 根据权利要求1或2所述的方法,其特征在于,在所述矿池服务器接收终端设备发送的记账请求之前,所述方法还包括:The method according to claim 1 or 2, wherein before the mining pool server receives the accounting request sent by the terminal device, the method further comprises:
    所述矿池服务器接收所述终端设备发送的注册请求,所述注册请求携带有注册信息、用户的实名认证结果以及实名认证机构用私钥对所述实名认证结果的签名,所述注册信息包括所述Slave TEE绑定的钱包账号的地址;The mining pool server receives a registration request sent by the terminal device, where the registration request carries registration information, a user’s real-name authentication result, and a real-name authentication agency’s signature of the real-name authentication result with a private key. The registration information includes The address of the wallet account bound to the Slave TEE;
    所述矿池服务器配置的Master TEE根据保存的与所述实名认证机构的私钥匹配的公钥验证所述实名认证结果的签名的真实性;The Master TEE configured by the mining pool server verifies the authenticity of the signature of the real-name authentication result according to the stored public key that matches the private key of the real-name certification authority;
    若所述实名认证结果的签名为真实签名,则所述矿池服务器保存所述注册信息,并向所述终端设备发送注册响应。If the signature of the real-name authentication result is a real signature, the mining pool server saves the registration information and sends a registration response to the terminal device.
  13. 根据权利要求12所述的方法,其特征在于,所述实名认证结果包括所述实名认证机构分配的认证码,所述认证码与所述Slave TEE绑定的钱包账号的地址相对应,用于表征所述用户通过所述实名认证机构的实名认证;The method according to claim 12, wherein the real-name authentication result includes an authentication code assigned by the real-name authentication institution, the authentication code corresponding to the address of the wallet account bound to the Slave TEE, used for Characterizing that the user has passed the real-name authentication of the real-name authentication institution;
    所述方法还包括:The method also includes:
    所述矿池服务器还接收所述终端设备发送的所述认证码,并将所述认证码发送至所述挖矿节点,以使所述挖矿节点将所述认证码添加至所述记账区块;The mining pool server also receives the authentication code sent by the terminal device, and sends the authentication code to the mining node, so that the mining node adds the authentication code to the accounting Block
    所述记账权确定信息还包括所述认证码。The accounting right determination information also includes the authentication code.
  14. 根据权利要求1或2所述的方法,其特征在于,在所述矿池服务器接收终端设备发送的记账请求之前,所述方法还包括:The method according to claim 1 or 2, wherein before the mining pool server receives the accounting request sent by the terminal device, the method further comprises:
    所述矿池服务器接收所述终端设备发送的入池申请;The mining pool server receives the pooling application sent by the terminal device;
    所述矿池服务器配置的Master TEE判断所述矿池服务器的容量是否小于容量阈值;The Master TEE configured by the mining pool server determines whether the capacity of the mining pool server is less than the capacity threshold;
    若小于,则所述矿池服务器根据所述Master TEE生成的授权信息对所述终端设备进行入池授权,以告知所述终端设备在授权开始时间之后的授权使用时长内向所述矿池服务器发送的所述记账请求可被所述矿池服务器接受,其中,所述授权使用时长为保存在所述矿池服务器配置的Master TEE中的预配置数据;If it is less, the mining pool server authorizes the terminal device to enter the pool according to the authorization information generated by the Master TEE to inform the terminal device to send to the mining pool server within the authorized use time after the authorization start time The accounting request of can be accepted by the mining pool server, wherein the authorized use duration is pre-configured data stored in the Master TEE configured by the mining pool server;
    若大于,则所述矿池服务器发送消息通知所述终端设备未获入池授权。If it is greater, the mining pool server sends a message to notify the terminal device that it has not been authorized for pooling.
  15. 根据权利要求14所述的方法,其特征在于,所述矿池服务器的容量小于容量阈值,包括:The method according to claim 14, wherein the capacity of the mining pool server is less than the capacity threshold, including:
    当前的授权周期内的入池授权量小于第一阈值;其中,所述授权周期以及所述第 一阈值为保存在所述矿池服务器配置的Master TEE中的预配置数据。The authorization amount for pooling in the current authorization period is less than the first threshold; wherein, the authorization period and the first threshold are the pre-configured data saved in the Master TEE configured by the mining pool server.
  16. 根据权利要求14所述的方法,其特征在于,所述授权信息包括授权序号以及授权码,其中,所述授权序号由所述Master TEE分配,所述授权码用于使所述终端设备配置的Slave TEE验证入池授权是否有效,The method according to claim 14, wherein the authorization information includes an authorization serial number and an authorization code, wherein the authorization serial number is allocated by the Master TEE, and the authorization code is used to configure the terminal device Slave TEE verifies that the pooling authorization is valid,
    所述矿池服务器根据所述Master TEE生成的授权信息对所述终端设备进行入池授权,包括:The mining pool server authorizes the terminal device to enter the pool according to the authorization information generated by the Master TEE, including:
    所述矿池服务器向所述终端设备发送所述授权序号以及所述授权码,并将所述授权序号与授权关联信息对应保存,其中,所述授权关联信息是指和授权内容相关的信息;The mining pool server sends the authorization serial number and the authorization code to the terminal device, and stores the authorization serial number in correspondence with authorization related information, where the authorization related information refers to information related to authorized content;
    在所述矿池服务器向所述终端设备发送所述区块头主体部分的哈希值以及所述难度目标值之前,所述方法还包括:Before the mining pool server sends the hash value of the body part of the block header and the target difficulty value to the terminal device, the method further includes:
    所述矿池服务器根据所述记账请求中携带的所述授权序号查询对应的所述授权关联信息,并根据所述授权关联信息确定所述终端设备的入池授权有效。The mining pool server queries the corresponding authorization association information according to the authorization serial number carried in the billing request, and determines that the pooling authorization of the terminal device is valid according to the authorization association information.
  17. 根据权利要求16所述的方法,其特征在于,所述矿池服务器向所述终端设备发送授权序号以及授权码,包括:The method according to claim 16, wherein the mining pool server sending the authorization serial number and authorization code to the terminal device includes:
    所述Master TEE根据第二密钥生成算法生成第二密钥,利用所述第二密钥加密所述授权码;The Master TEE generates a second key according to a second key generation algorithm, and uses the second key to encrypt the authorization code;
    所述矿池服务器向所述终端设备发送所述授权序号以及加密后的所述授权码;其中,所述终端设备配置的Slave TEE能够利用所述第二密钥生成算法生成所述第二密钥,并利用所述第二密钥解密所述加密后的所述授权码。The mining pool server sends the authorization serial number and the encrypted authorization code to the terminal device; wherein, the slave TEE configured in the terminal device can generate the second password using the second key generation algorithm Key and use the second key to decrypt the encrypted authorization code.
  18. 根据权利要求17所述的方法,其特征在于,所述第二密钥生成算法为所述Master TEE以及所述Slave TEE所私有,所述第二密钥生成算法实现不在所述Master TEE以及所述Slave TEE之外公开,所述第二密钥生成算法生成的所述第二密钥在所述Master TEE中被用于且仅被用于加密所述授权码,在所述Slave TEE中被用于且仅被用于解密加密后的所述授权码。The method according to claim 17, wherein the second key generation algorithm is private to the Master TEE and the Slave TEE, and the second key generation algorithm is not implemented at the Master TEE and the Outside the Slave TEE, the second key generated by the second key generation algorithm is used in the Master TEE and is only used to encrypt the authorization code, and is used in the Slave TEE Used and only used to decrypt the encrypted authorization code.
  19. 根据权利要求1或2所述的方法,其特征在于,在所述矿池服务器将所述记账权确定信息以及所述记账权确定信息的签名发送至所述挖矿节点之后,所述方法还包括:The method according to claim 1 or 2, wherein after the mining pool server sends the accounting right determination information and the signature of the accounting right determination information to the mining node, the The method also includes:
    所述矿池服务器将预设数额的矿池奖励从预配置的矿池钱包账号的地址转账至竞争到记账权的所述终端设备配置的Slave TEE绑定的所述钱包账号的地址。The mining pool server transfers a preset amount of mining pool rewards from the address of the pre-configured mining pool wallet account to the address of the wallet account bound by the Slave TEE configured for the terminal device competing for billing rights.
  20. 一种记账方法,其特征在于,应用于接入到区块链系统的终端设备,所述区块链系统包括至少一个并行链,所述至少一个并行链上搭建有至少一个矿池,每个矿池包括矿池服务器以及位于所述并行链上的挖矿节点,所述挖矿节点采用分布式数据区块链存储数据,所述方法包括:An accounting method, characterized in that it is applied to a terminal device connected to a blockchain system, the blockchain system includes at least one parallel chain, at least one mining pool is built on the at least one parallel chain, each Each mining pool includes a mining pool server and a mining node located on the parallel chain. The mining node uses a distributed data blockchain to store data. The method includes:
    所述终端设备向所述矿池服务器发送记账请求;The terminal device sends an accounting request to the mining pool server;
    所述终端设备接收所述矿池服务器发送的待定记账区块的区块头主体部分的哈希值以及在所述并行链上挖矿的难度目标值;The terminal device receives the hash value of the body part of the block header of the pending accounting block sent by the mining pool server and the target difficulty value of mining on the parallel chain;
    所述终端设备配置的Slave TEE判断自身的累积未用时长是否大于根据所述难度目标值计算出的累积未用下限时长,并在所述累积未用时长大于所述累积未用下限时长时对记账权确定信息进行签名,其中,所述记账权确定信息包括所述区块头主体部 分的哈希值以及所述Slave TEE绑定的钱包账号的地址主体;The Slave TEE configured in the terminal device determines whether its accumulated unused duration is greater than the cumulative unused minimum duration calculated according to the difficulty target value, and checks if the cumulative unused duration is greater than the cumulative unused minimum duration Signing of the accounting right determination information, wherein the accounting right determination information includes the hash value of the body part of the block header and the address body of the wallet account bound by the Slave TEE;
    所述终端设备向所述矿池服务器发送所述记账权确定信息以及所述记账权确定信息的签名。The terminal device sends the accounting right determination information and the signature of the accounting right determination information to the mining pool server.
  21. 根据权利要求20所述的方法,其特征在于,所述Slave TEE对记账权确定信息进行签名,包括:The method according to claim 20, wherein the Slave TEE signs the accounting right determination information, including:
    所述Slave TEE根据保存的第一私钥对记账权确定信息进行签名,所述矿池服务器以及所述挖矿节点保存有与所述第一私钥匹配的第一公钥。The Slave TEE signs the accounting right determination information according to the saved first private key, and the mining pool server and the mining node store a first public key that matches the first private key.
  22. 根据权利要求20所述的方法,其特征在于,所述矿池包括多个挖矿节点,不同的挖矿节点位于不同的并行链上;The method according to claim 20, wherein the mining pool includes multiple mining nodes, and different mining nodes are located on different parallel chains;
    所述终端设备接收所述矿池服务器发送的待定记账区块的区块头主体部分的哈希值以及在所述并行链上挖矿的难度目标值,包括:The terminal device receives the hash value of the main body of the block header of the pending accounting block sent by the mining pool server and the target difficulty value of mining on the parallel chain, including:
    所述终端设备接收所述矿池服务器发送的加密后的所述区块头主体部分的哈希值以及所述难度目标值,其中,加密所用的第一密钥由所述矿池服务器配置的Master TEE根据第一密钥生成算法生成;The terminal device receives the encrypted hash value of the main body of the block header and the difficulty target value sent by the mining pool server, where the first key used for encryption is a master configured by the mining pool server TEE is generated according to the first key generation algorithm;
    在所述Slave TEE对记账权确定信息进行签名之前,所述方法还包括:Before the Slave TEE signs the accounting right determination information, the method further includes:
    所述Slave TEE根据所述第一密钥生成算法基于矿池配置信息生成所述第一密钥,并利用所述第一密钥解密加密后的所述区块头主体部分的哈希值,其中,所述矿池配置信息包括所述终端设备关联的并行链的链标识,所述记账权确定信息包括解密后的所述区块头主体部分的哈希值。The Slave TEE generates the first key based on the mining pool configuration information according to the first key generation algorithm, and uses the first key to decrypt the encrypted hash value of the body part of the block header, where The mining pool configuration information includes the chain identifier of the parallel chain associated with the terminal device, and the accounting right determination information includes the decrypted hash value of the main body of the block header.
  23. 根据权利要求22所述的方法,其特征在于,所述矿池配置信息还包括所述并行链已扩容的次数和/或预配置的所述矿池的矿池标识。The method according to claim 22, wherein the mining pool configuration information further includes the number of times the parallel chain has been expanded and/or a pre-configured mining pool identifier of the mining pool.
  24. 根据权利要求22所述的方法,其特征在于,所述终端设备关联的并行链的链标识由所述Slave TEE根据所述Slave TEE绑定的钱包账号的地址的虚拟并行链标识、所述终端设备的并行链标识掩码以及所述区块链系统包含的并行链的数量计算获得,其中,所述虚拟并行链标识根据所述Slave TEE的硬件标识计算获得。The method according to claim 22, wherein the chain identifier of the parallel chain associated with the terminal device is the virtual parallel chain identifier of the slave TEE according to the address of the wallet account bound by the slave TEE, the terminal The parallel chain identification mask of the device and the number of parallel chains included in the blockchain system are calculated and obtained, wherein the virtual parallel chain identification is calculated and obtained according to the slave TEE hardware identification.
  25. 根据权利要求20所述的方法,其特征在于,在所述终端设备向所述矿池服务器发送记账请求之前,所述方法还包括:The method according to claim 20, wherein before the terminal device sends an accounting request to the mining pool server, the method further comprises:
    所述终端设备向所述矿池服务器发送注册请求,所述注册请求携带有注册信息、用户的实名认证结果以及实名认证机构用私钥对所述实名认证结果的签名,所述注册信息包括所述Slave TEE绑定的钱包账号的地址;所述矿池服务器配置的Master TEE中保存有与所述实名认证机构的私钥匹配的公钥;The terminal device sends a registration request to the mining pool server. The registration request carries registration information, the user’s real-name authentication result, and the real-name authentication agency’s signature of the real-name authentication result with a private key. The registration information includes all The address of the wallet account bound to the Slave TEE; the Master TEE configured by the mining pool server stores a public key that matches the private key of the real-name certification authority;
    所述实名认证结果包括所述实名认证机构分配的认证码,所述认证码与所述Slave TEE绑定的钱包账号的地址相对应,用于表征所述用户通过所述实名认证机构的实名认证;The real-name authentication result includes an authentication code assigned by the real-name authentication organization, and the authentication code corresponds to the address of the wallet account bound to the Slave TEE, and is used to characterize that the user has passed the real-name authentication of the real-name authentication organization ;
    所述记账权确定信息还包括所述认证码。The accounting right determination information also includes the authentication code.
  26. 根据权利要求20所述的方法,其特征在于,在所述终端设备向所述矿池服务器发送记账请求之前,所述方法还包括:The method according to claim 20, wherein before the terminal device sends an accounting request to the mining pool server, the method further comprises:
    所述终端设备向所述矿池服务器发送入池申请,并获得所述矿池服务器的入池授权。The terminal device sends a pooling application to the mining pool server, and obtains the pooling authorization of the mining pool server.
  27. 根据权利要求26所述的方法,其特征在于,所述终端设备获得所述矿池服务 器的入池授权,包括:The method according to claim 26, wherein the terminal device obtaining the pool access authorization of the mining pool server includes:
    所述终端设备接收所述矿池服务器发送的授权序号以及加密后的授权码,其中,所述授权序号由所述矿池服务器配置的Master TEE分配加密所用的第二密钥由所述Master TEE根据第二密钥生成算法生成;The terminal device receives the authorization serial number and the encrypted authorization code sent by the mining pool server, wherein the authorization serial number is allocated by the Master TEE configured by the mining pool server and the second key used for encryption is allocated by the Master TEE Generated according to the second key generation algorithm;
    在所述Slave TEE对记账权确定信息进行签名之前,所述方法还包括:Before the Slave TEE signs the accounting right determination information, the method further includes:
    所述Slave TEE根据所述第二密钥生成算法生成所述第二密钥,利用所述第二密钥解密加密后的所述授权码;The Slave TEE generates the second key according to the second key generation algorithm, and decrypts the encrypted authorization code using the second key;
    所述Slave TEE根据解密后的所述授权码确定入池授权有效。The Slave TEE determines that the authorization to enter the pool is valid according to the decrypted authorization code.
  28. 一种记账方法,其特征在于,应用于区块链系统,所述区块链系统包括至少一个并行链,所述至少一个并行链上搭建有至少一个矿池,每个矿池包括矿池服务器以及位于所述并行链上的挖矿节点,所述挖矿节点采用分布式数据区块链存储数据,所述方法包括:An accounting method, which is applied to a blockchain system, the blockchain system includes at least one parallel chain, at least one mining pool is built on the at least one parallel chain, and each mining pool includes a mining pool A server and a mining node located on the parallel chain. The mining node uses a distributed data blockchain to store data. The method includes:
    所述挖矿节点向所述矿池服务器发送待定记账区块的区块头主体部分的哈希值以及在所述并行链上挖矿的难度目标值;The mining node sends the hash value of the body part of the block header of the pending accounting block to the mining pool server and the difficulty target value of mining on the parallel chain;
    所述挖矿节点接收所述矿池服务器发送的接入所述矿池服务器的终端设备配置的Slave TEE绑定的钱包账号的地址主体以及所述Slave TEE生成的记账权确定信息的签名,其中,所述记账权确定信息包括所述区块头主体部分的哈希值以及所述Slave TEE绑定的钱包账号的地址主体;The mining node receives the address body of the wallet account bound by the Slave TEE configured by the terminal device connected to the mining pool server sent by the mining pool server and the signature of the accounting right determination information generated by the Slave TEE, Wherein, the accounting right determination information includes the hash value of the body part of the block header and the address body of the wallet account bound by the Slave TEE;
    所述挖矿节点生成包含所述钱包账号的地址主体以及所述记账权确定信息的签名的记账区块,并将所述记账区块添加至本地的区块链中。The mining node generates a signed accounting block that includes the address body of the wallet account and the accounting right determination information, and adds the accounting block to the local blockchain.
  29. 根据权利要求28所述的方法,其特征在于,所述记账权确定信息还包括累积未用下限时长和/或实名认证机构分配的认证码,其中,所述累积未用下限时长是所述Slave TEE根据所述难度目标值计算出的,所述认证码与所述Slave TEE绑定的钱包账号的地址相对应,用于表征用户通过所述实名认证机构的实名认证,所述挖矿节点生成的所述记账区块中还包含根据所述难度目标值计算出的所述累积未用下限时长和/或所述认证码。The method according to claim 28, wherein the accounting right determination information further includes a cumulative unused lower limit duration and/or an authentication code assigned by a real-name certification authority, wherein the cumulative unused lower limit duration is the The Slave TEE is calculated according to the difficulty target value, and the authentication code corresponds to the address of the wallet account bound to the Slave TEE, and is used to characterize that the user has passed the real-name authentication of the real-name authentication institution. The mining node The generated accounting block further includes the accumulated unused lower limit duration calculated according to the difficulty target value and/or the authentication code.
  30. 根据权利要求28所述的方法,其特征在于,所述记账权确定信息的签名由所述Slave TEE根据保存的第一私钥生成,在所述挖矿节点生成包含所述钱包账号的地址主体以及所述记账权确定信息的签名的记账区块之前,所述方法还包括:The method according to claim 28, wherein the signature of the accounting right determination information is generated by the Slave TEE based on the saved first private key, and an address including the wallet account is generated at the mining node Before the subject and the signed accounting block of the accounting right determination information, the method further includes:
    所述挖矿节点根据保存的与所述第一私钥匹配的第一公钥确定所述记账权确定信息的签名为真实签名。The mining node determines that the signature of the accounting right determination information is a true signature according to the stored first public key matching the first private key.
  31. 根据权利要求28所述的方法,其特征在于,在所述挖矿节点生成包含所述钱包账号的地址主体以及所述记账权确定信息的签名的记账区块之前,所述方法还包括:The method according to claim 28, wherein before the mining node generates a signed accounting block containing the address body of the wallet account and the accounting right determination information, the method further comprises :
    所述挖矿节点根据所述钱包账号的地址主体查询获得所述终端设备上次记账生成的区块在所述区块链中的高度;The mining node queries the address body of the wallet account to obtain the height of the block generated by the terminal device in the last bookkeeping in the blockchain;
    所述挖矿节点根据所述上次记账生成的区块在所述区块链中的高度以及所述待定记账区块在所述区块链中的高度确定所述待定记账区块的生成时间与所述上次记账生成的区块的生成时间的时间间隔;The mining node determines the pending accounting block according to the height of the block generated by the last accounting in the blockchain and the height of the pending accounting block in the blockchain The time interval between the generation time of the block and the generation time of the block generated by the previous accounting;
    所述挖矿节点确定判断所述时间间隔大于冷却时长,其中,所述冷却时长为根据所述难度目标值计算出的累积未用下限时长的k倍,k为大于0且小于1的常数。The mining node determines that the time interval is greater than the cooling duration, where the cooling duration is k times the cumulative unused lower duration calculated according to the difficulty target value, and k is a constant greater than 0 and less than 1.
  32. 根据权利要求28所述的方法,其特征在于,在所述挖矿节点将所述记账区块添加至本地的区块链中之后,所述方法还包括:The method according to claim 28, wherein after the mining node adds the accounting block to the local blockchain, the method further comprises:
    所述挖矿节点将所述记账区块在所述区块链中的高度、竞争到记账权的终端设备配置的Slave TEE绑定的钱包账号的地址主体发送至所述矿池服务器。The mining node sends the height of the accounting block in the blockchain, the address body of the wallet account bound by the Slave TEE configured for the terminal device competing for the accounting right to the mining pool server.
  33. 根据权利要求28所述的方法,其特征在于,所述方法还包括:The method of claim 28, further comprising:
    所述挖矿节点根据所述区块链的待确认的记账区块中保存的终端设备的钱包账号的地址主体查询获得该终端设备上次记账生成的区块在所述区块链中的高度,其中,所述待确认的记账区块是指所述挖矿节点接收到的由同链挖矿节点广播的记账区块;The mining node queries and obtains the block generated by the terminal device's last accounting in the blockchain according to the address body of the wallet account of the terminal device saved in the accounting block of the blockchain to be confirmed Height, where the accounting block to be confirmed refers to the accounting block received by the mining node and broadcast by the same-chain mining node;
    所述挖矿节点根据所述上次记账生成的区块在所述区块链中的高度以及所述待确认的记账区块在所述区块链中的高度确定所述待确认的记账区块的生成时间与所述上次记账生成的区块的生成时间的时间间隔;The mining node determines the to-be-confirmed according to the height of the block generated by the last accounting in the blockchain and the height of the to-be-confirmed accounting block in the blockchain The time interval between the generation time of the accounting block and the generation time of the block generated by the previous accounting;
    所述挖矿节点判断所述时间间隔是否大于冷却时长,若大于所述冷却时长,则认可所述待确认的记账区块,其中,所述冷却时长为根据所述待确认的记账区块中保存的难度目标值计算出的累积未用下限时长的k倍,k为大于0且小于1的常数。The mining node judges whether the time interval is greater than the cooling duration, and if it is greater than the cooling duration, the accounting block to be confirmed is approved, wherein the cooling duration is based on the accounting area to be confirmed The cumulative unused lower limit duration calculated by the difficulty target value stored in the block is k times, and k is a constant greater than 0 and less than 1.
  34. 一种矿池服务器,其特征在于,所述矿池服务器包括:A mining pool server, characterized in that the mining pool server includes:
    存储器,用于存储计算机指令;Memory, used to store computer instructions;
    通信接口,用于与终端设备以及所述挖矿节点通信;Communication interface, used to communicate with terminal equipment and the mining node;
    所述矿池服务器还包括Master TEE或连接有所述Master TEE;The mining pool server also includes a Master TEE or the Master TEE is connected;
    所述矿池服务器还包括处理器,与所述存储器、所述通信接口以及所述Master TEE相连,其中,所述计算机指令被所述处理器执行,所述处理器结合所述Master TEE执行如权利要求1-19中任一项所述的方法。The mining pool server further includes a processor connected to the memory, the communication interface, and the Master TEE, wherein the computer instructions are executed by the processor, and the processor executes as follows in conjunction with the Master TEE The method of any one of claims 1-19.
  35. 一种终端设备,其特征在于,所述终端设备包括:A terminal device, characterized in that the terminal device includes:
    存储器,用于存储计算机指令;Memory, used to store computer instructions;
    通信接口,用于与所述矿池服务器通信;Communication interface, used to communicate with the mining pool server;
    所述终端设备还包括Slave TEE或连接有Slave TEE;The terminal device further includes a Slave TEE or a Slave TEE is connected;
    所述终端设备还包括处理器,与所述存储器、所述通信接口以及所述Slave TEE相连,其中,所述计算机指令被所述处理器执行,所述处理器结合所述Slave TEE执行如权利要求21-29中任一项所述的方法。The terminal device further includes a processor, which is connected to the memory, the communication interface, and the Slave TEE, wherein the computer instructions are executed by the processor, and the processor executes the rights in combination with the Slave TEE. The method according to any one of claims 21 to 29.
  36. 一种挖矿节点,其特征在于,所述挖矿节点包括:A mining node, characterized in that the mining node includes:
    存储器,用于存储计算机指令;Memory, used to store computer instructions;
    通信接口,用于与所述矿池服务器通信;Communication interface, used to communicate with the mining pool server;
    处理器,与所述存储器、所述通信接口相连,其中,所述计算机指令被所述处理器执行,所述处理器执行如权利要求28-33任一项所述的方法。A processor is connected to the memory and the communication interface, wherein the computer instructions are executed by the processor, and the processor executes the method according to any one of claims 28-33.
  37. 一种矿池,其特征在于,包括:矿池服务器以及位于区块链系统的并行链上的挖矿节点,所述挖矿节点采用分布式数据区块链存储数据,所述区块链系统包括至少一个并行链;A mining pool is characterized by comprising: a mining pool server and a mining node located on a parallel chain of a blockchain system, the mining node adopts a distributed data blockchain to store data, and the blockchain system Including at least one parallel chain;
    其中,所述挖矿节点用于:向所述矿池服务器发送待定记账区块的区块头主体部分的哈希值以及在所述并行链上挖矿的难度目标值;Wherein, the mining node is used to: send the hash value of the main body of the block header of the pending accounting block to the mining pool server and the difficulty target value of mining on the parallel chain;
    所述矿池服务器用于:接收并存储所述区块头主体部分的哈希值以及所述难度目标值,并在接收到终端设备发送的记账请求后,向所述终端设备发送所述区块头主体 部分的哈希值以及所述难度目标值,以使所述终端设备配置的Slave TEE判断自身的累积未用时长是否大于根据所述难度目标值计算出的累积未用下限时长,并在所述累积未用时长大于所述累积未用下限时长时对记账权确定信息进行签名,其中,所述记账权确定信息包括所述区块头主体部分的哈希值以及所述Slave TEE绑定的钱包账号的地址主体;接收所述终端设备发送的所述记账权确定信息及所述记账权确定信息的签名,并将所述记账权确定信息以及所述记账权确定信息的签名发送至所述挖矿节点;The mining pool server is used to: receive and store the hash value of the main part of the block header and the difficulty target value, and after receiving the accounting request sent by the terminal device, send the area to the terminal device The hash value of the main body of the block header and the difficulty target value, so that the Slave TEE configured by the terminal device determines whether its accumulated unused duration is greater than the cumulative unused lower limit duration calculated according to the difficulty target value, and Sign the accounting right determination information when the accumulated unused duration is greater than the cumulative unused lower limit duration, where the accounting right determination information includes the hash value of the body part of the block header and the Slave TEE binding The main body of the address of the designated wallet account; receiving the signature of the accounting right determination information and the accounting right determination information sent by the terminal device, and sending the accounting right determination information and the accounting right determination information Is sent to the mining node;
    所述挖矿节点还用于:生成包含所述钱包账号的地址主体以及所述记账权确定信息的签名的记账区块,并将所述记账区块添加至本地的区块链中。The mining node is also used to: generate an accounting block that contains the address body of the wallet account and the signature of the accounting right determination information, and add the accounting block to the local blockchain .
  38. 根据权利要求37所述的矿池,其特征在于,所述矿池服务器还用于:在接收所述终端设备发送的记账请求之前,接收所述终端设备发送的入池申请,并在所述矿池服务器配置的Master TEE中判断所述矿池服务器的容量是否小于容量阈值,若所述矿池服务器的容量小于所述容量阈值,则根据所述Master TEE生成授权信息对所述终端设备进行入池授权,以告知所述终端设备在授权开始时间之后的授权使用时长内向所述矿池服务器发送的所述记账请求可被所述矿池服务器接受,若所述矿池服务器的容量大于所述容量阈值,则发送消息通知所述终端设备未获入池授权,其中,所述授权使用时长为保存在所述矿池服务器配置的Master TEE中的预配置数据。The mining pool according to claim 37, wherein the mining pool server is further configured to: before receiving the accounting request sent by the terminal device, receive the pooling application sent by the terminal device, and In the Master TEE configured by the mining pool server, determine whether the capacity of the mining pool server is less than the capacity threshold, and if the capacity of the mining pool server is less than the capacity threshold, generate authorization information to the terminal device according to the Master TEE Perform pooling authorization to inform the terminal device that the accounting request sent to the mining pool server within the authorized usage time period after the authorization start time can be accepted by the mining pool server if the mining pool server has a capacity If it is greater than the capacity threshold, a message is sent to notify the terminal device that it has not been authorized to enter the pool, where the authorized duration is pre-configured data stored in the Master TEE configured by the mining pool server.
  39. 根据权利要求38所述的矿池,其特征在于,所述矿池服务器的容量小于容量阈值,包括:The mining pool according to claim 38, wherein the capacity of the mining pool server is less than the capacity threshold, including:
    当前的授权周期内的入池授权量小于第一阈值;其中,所述授权周期以及所述第一阈值为保存在所述矿池服务器配置的Master TEE中的预配置数据。The authorization amount for pooling in the current authorization period is less than the first threshold; wherein, the authorization period and the first threshold are pre-configured data saved in the Master TEE configured by the mining pool server.
PCT/CN2019/127183 2019-01-07 2019-12-20 Bookkeeping method, mining pool server, terminal apparatus, mining node, and mining pool WO2020143431A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910011750.1 2019-01-07
CN201910011750.1A CN109741039B (en) 2019-01-07 2019-01-07 Accounting method, mine pool server, terminal equipment, mine excavation node and mine pool

Publications (1)

Publication Number Publication Date
WO2020143431A1 true WO2020143431A1 (en) 2020-07-16

Family

ID=66363544

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/127183 WO2020143431A1 (en) 2019-01-07 2019-12-20 Bookkeeping method, mining pool server, terminal apparatus, mining node, and mining pool

Country Status (2)

Country Link
CN (1) CN109741039B (en)
WO (1) WO2020143431A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115412464A (en) * 2022-11-01 2022-11-29 江苏荣泽信息科技股份有限公司 Dynamic expansion scheme of block chain based on flow
US20220413710A1 (en) * 2021-06-29 2022-12-29 Acronis GmbH Integration of hashgraph and erasure coding for data integrity

Families Citing this family (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109741039B (en) * 2019-01-07 2021-01-19 深圳市红砖坊技术有限公司 Accounting method, mine pool server, terminal equipment, mine excavation node and mine pool
US10778452B2 (en) 2019-06-03 2020-09-15 Alibaba Group Holding Limited Blockchain ledger authentication
CN112487084A (en) * 2019-06-03 2021-03-12 创新先进技术有限公司 Time service authentication method, device and equipment for block chain type account book
CN110471922B (en) * 2019-08-09 2023-02-03 全链通有限公司 Content extension method and device for accounting node and computer readable storage medium
CN110853214B (en) * 2019-11-06 2021-05-11 杭州复杂美科技有限公司 Block generation method, device and storage medium
CN111193596B (en) * 2019-12-30 2023-09-05 达闼机器人股份有限公司 Block generation system, method, server and workload verification device
CN111737363A (en) * 2020-07-22 2020-10-02 百度在线网络技术(北京)有限公司 Block chain operation method, device, equipment and storage medium
CN111737368B (en) 2020-07-24 2020-12-18 支付宝(杭州)信息技术有限公司 Data processing method, device, equipment and medium
CN111818094B (en) 2020-08-28 2021-01-05 支付宝(杭州)信息技术有限公司 Identity registration method, device and equipment
CN111815420B (en) 2020-08-28 2021-07-06 支付宝(杭州)信息技术有限公司 Matching method, device and equipment based on trusted asset data
CN111741036B (en) 2020-08-28 2020-12-18 支付宝(杭州)信息技术有限公司 Trusted data transmission method, device and equipment
CN111814172A (en) 2020-08-28 2020-10-23 支付宝(杭州)信息技术有限公司 Method, device and equipment for acquiring data authorization information
CN111814196B (en) 2020-09-04 2021-01-05 支付宝(杭州)信息技术有限公司 Data processing method, device and equipment
CN113434849A (en) 2020-09-04 2021-09-24 支付宝(杭州)信息技术有限公司 Data management method, device and equipment based on trusted hardware
CN115033919A (en) 2020-09-04 2022-09-09 支付宝(杭州)信息技术有限公司 Data acquisition method, device and equipment based on trusted equipment
CN113012008B (en) 2020-09-15 2022-06-03 支付宝(杭州)信息技术有限公司 Identity management method, device and equipment based on trusted hardware
CN111930846B (en) 2020-09-15 2021-02-23 支付宝(杭州)信息技术有限公司 Data processing method, device and equipment
CN113255005A (en) 2020-09-15 2021-08-13 支付宝(杭州)信息技术有限公司 Block chain-based data asset transfer method, device and equipment
CN112804322B (en) * 2021-01-11 2022-06-28 杭州复杂美科技有限公司 Block generation method, computer device and storage medium
CN115618417A (en) * 2021-07-15 2023-01-17 华为技术有限公司 Method for preventing driving data from being tampered and related device
CN113608777B (en) * 2021-07-30 2023-09-29 广东全塑智联科技有限公司 Project code version control method and system based on blockchain
CN115189972A (en) * 2022-09-13 2022-10-14 四块科技(深圳)有限公司 Method and device for guaranteeing safe excavation of nodes and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106850200A (en) * 2017-01-25 2017-06-13 中钞信用卡产业发展有限公司北京智能卡技术研究院 A kind of method for using the digital cash based on block chain, system and terminal
CN107733651A (en) * 2017-09-11 2018-02-23 联动优势科技有限公司 A kind of block chain generation method, node and system
US20180293556A1 (en) * 2017-04-05 2018-10-11 Samsung Sds Co., Ltd. Method and system for processing blockchain-based real-time transaction
CN108848055A (en) * 2018-05-03 2018-11-20 中国银联股份有限公司 A kind of block chain common recognition method, accounting nodes and node
CN109741039A (en) * 2019-01-07 2019-05-10 深圳市红砖坊技术有限公司 Bookkeeping methods, terminal device, digs mine node and mine pond at mine pool server

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107171810B (en) * 2017-06-27 2020-03-13 中国联合网络通信集团有限公司 Verification method and device of block chain
CN107864198B (en) * 2017-11-07 2019-09-24 山东浪潮人工智能研究院有限公司 A kind of block chain common recognition method based on deep learning training mission
CN108009918B (en) * 2017-11-23 2021-10-26 深圳捷汇科技有限公司 Accounting method of block chain consensus algorithm transaction system and electronic equipment
CN108650291B (en) * 2018-03-26 2020-12-22 南京思利华信息科技有限公司 Calculation power-based GPU task consensus method and device
CN109101836B (en) * 2018-08-09 2021-07-13 全链通有限公司 Accounting method and system of block chain network
CN109146484A (en) * 2018-08-31 2019-01-04 深圳付贝科技有限公司 Common recognition verification method, digging mine machine and block catenary system based on block chain

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106850200A (en) * 2017-01-25 2017-06-13 中钞信用卡产业发展有限公司北京智能卡技术研究院 A kind of method for using the digital cash based on block chain, system and terminal
US20180293556A1 (en) * 2017-04-05 2018-10-11 Samsung Sds Co., Ltd. Method and system for processing blockchain-based real-time transaction
CN107733651A (en) * 2017-09-11 2018-02-23 联动优势科技有限公司 A kind of block chain generation method, node and system
CN108848055A (en) * 2018-05-03 2018-11-20 中国银联股份有限公司 A kind of block chain common recognition method, accounting nodes and node
CN109741039A (en) * 2019-01-07 2019-05-10 深圳市红砖坊技术有限公司 Bookkeeping methods, terminal device, digs mine node and mine pond at mine pool server

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220413710A1 (en) * 2021-06-29 2022-12-29 Acronis GmbH Integration of hashgraph and erasure coding for data integrity
US11789617B2 (en) * 2021-06-29 2023-10-17 Acronis International Gmbh Integration of hashgraph and erasure coding for data integrity
CN115412464A (en) * 2022-11-01 2022-11-29 江苏荣泽信息科技股份有限公司 Dynamic expansion scheme of block chain based on flow

Also Published As

Publication number Publication date
CN109741039B (en) 2021-01-19
CN109741039A (en) 2019-05-10

Similar Documents

Publication Publication Date Title
WO2020143431A1 (en) Bookkeeping method, mining pool server, terminal apparatus, mining node, and mining pool
EP4120114A1 (en) Data processing method and apparatus, smart device and storage medium
US11651109B2 (en) Permission management method, permission verification method, and related apparatus
TWI691919B (en) Blockchain-based transaction processing method and device, and electronic equipment
CN108833081B (en) Block chain-based equipment networking authentication method
TWI740423B (en) System and method for providing privacy and security protection in blockchain-based private transactions
US11410145B2 (en) Blockchain-implemented method for control and distribution of digital content
JP6217728B2 (en) Vehicle system and authentication method
JP2022504420A (en) Digital certificate issuance methods, digital certificate issuance centers, storage media and computer programs
WO2018024061A1 (en) Method, device and system for licensing shared digital content
WO2018059334A1 (en) Blockchain network, branch node, blockchain network application method and storage medium
CN108985100B (en) Block chain-based element security certification method, device, equipment and medium
US20210176058A1 (en) Consensus method used for miner node in blockchain system and blockchain system
WO2019242508A1 (en) Blockchain system and routing method of routing node applied to blockchain system
US11928222B2 (en) Distributed ledger network implementing a synchronous trust consensus model
CN109995737B (en) Decentralized digital certificate management method and device, node and system
CN114362993B (en) Block chain assisted Internet of vehicles security authentication method
CN114503146A (en) Method and apparatus for registration and authentication of miner identity in a blockchain network
EP3872657B1 (en) Right-holder terminal, user terminal, right-holder program, user program, content usage system, and content usage method
CN111314066B (en) Block chain-based data transfer method, terminal and computer-readable storage medium
KR101120059B1 (en) Billing verifying apparatus, billing apparatus and method for cloud computing environment
CN112491845A (en) Node admission method, consensus method, device, electronic equipment and storage medium
CN114598463A (en) Data authentication system
CN112926983A (en) Block chain-based deposit certificate transaction encryption system and method
CN111144894A (en) UTXO processing method and device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19908393

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19908393

Country of ref document: EP

Kind code of ref document: A1