WO2020199135A1 - Method and system for token design and token operation authorization management - Google Patents

Method and system for token design and token operation authorization management Download PDF

Info

Publication number
WO2020199135A1
WO2020199135A1 PCT/CN2019/081072 CN2019081072W WO2020199135A1 WO 2020199135 A1 WO2020199135 A1 WO 2020199135A1 CN 2019081072 W CN2019081072 W CN 2019081072W WO 2020199135 A1 WO2020199135 A1 WO 2020199135A1
Authority
WO
WIPO (PCT)
Prior art keywords
group
token
threshold
domain
transfer
Prior art date
Application number
PCT/CN2019/081072
Other languages
French (fr)
Chinese (zh)
Inventor
程希冀
蔡恒进
王昊
蔡天琪
Original Assignee
武汉龙津科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 武汉龙津科技有限公司 filed Critical 武汉龙津科技有限公司
Priority to PCT/CN2019/081072 priority Critical patent/WO2020199135A1/en
Publication of WO2020199135A1 publication Critical patent/WO2020199135A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof

Definitions

  • the invention relates to the technical field of block chains, and in particular to a method and system for token design and operation authority management.
  • the present invention aims to design a specialized Token system, which specifically solves the problem of Token-related operations in the blockchain system, and proposes a brand-new method for the most important part of Token operation authority management.
  • the present invention provides a method for token design and operation authority management, which includes four main steps: domain creation, operation request, authority verification, and operation execution.
  • the requested operation includes but is not limited to issuing tokens, transfer (or transaction) communication
  • the information that needs to define the domain includes, but is not limited to, a non-repeatable domain name (Domain Name), issue threshold (Issue) threshold, transfer right (Transfer) threshold, and management right (Manage) threshold, A list of groups that can be issued for issuance rights, a list of groups that can be issued for transfer rights, and a list of groups that can be issued for management rights.
  • Domain Name non-repeatable domain name
  • issue threshold Issue
  • Transfer right Transfer right
  • Manage Management right
  • the issuance right refers to the right to reissue or additional tokens based on the current domain
  • the transfer right refers to the right to change the owner of the current token
  • the management right refers to the right to adjust the current domain information or structure.
  • the group list is composed of one or more groups, and the information of each group includes group ID (group ID, automatically generated by the system), weight, required threshold in the group, and group members , The weight and group public key corresponding to each group member.
  • the token is a unique number in the blockchain system, and it is an indivisible and smallest individual that can be issued and transferred.
  • the ID of the Token includes the domain name and is not available under each domain name. Repeated personalized token name (Token Name).
  • each authority has a corresponding group list, and each group in the group list may not have the same weight in the authority.
  • the weight of the group is determined by the user (individual) who owns the group private key. Or organization) and is publicly visible; at the same time, each operation has a threshold.
  • the authorization verification process is to verify the sum of the weights of all successful issuing groups for the operation, Whether it is greater than or equal to the threshold of the operation, if it is, the operation request will be received by the system and wait for execution.
  • the issuance means that each group that has the right to sign the operation request contains one or more members, and only the sum of the weights corresponding to all members in the group that has issued the operation request is added. If the threshold is greater than or equal to the required threshold in the group, the group is considered as a successful issuance group, otherwise it is a failed issuance group.
  • the person or organization holding the public key of the group can issue an operation to modify the members and weights in the group , That is, Group Autonomy.
  • Token holders have a special group whose name is fixed as Owner, which is a collection of Token holders.
  • the special feature of this group is that each Token may be different, and the group is issued
  • the condition is that each person in the group is issued to be valid, that is, the weight of each person in the group is equal, and the group threshold is the number of members in the group.
  • the present invention also provides a system for token design and operation authority management, including:
  • Each domain has a unique domain name.
  • the information that needs to define the domain includes but is not limited to non-repeatable domain name (Domain Name), issue threshold (Issue) threshold, and transfer threshold (Transfer) threshold , Management threshold, group list for issuing rights, group list for issuing transfer rights, and group list for issuing management rights;
  • the operation request module is used to send the operation request to the corresponding group according to the group list corresponding to the change operation request in the domain, to be issued within and between groups;
  • the authorization verification module is used to verify whether the sum of the weights of the successful issuance group of the operation reaches the required threshold. Only when the threshold is reached, the verification is deemed to be passed, and the operation can be executed;
  • the operation execution module is used to implement the operation after the verification is passed.
  • each operation can charge all users or some of the users involved in the operation a fee based on consumption or established standards, which is determined by the specific implementation of the consensus mechanism.
  • the present invention does not require the user to write code or write smart contracts, but directly writes the interface into the system, and the user only needs to fill in the form, and the operation is simple and efficient.
  • the management authority of erc721 for Token is very simple.
  • the present invention establishes a complete set of authority management methods and systems for tokens, which greatly improves operation under the premise of ensuring safety. Efficiency, can truly realize the multi-threaded operation process.
  • Figure 1 depicts the specific structure of the transfer authority of a certain domain name (Domain Name) provided by the present invention.
  • Figure 2 describes the Token authority management structure provided by the present invention in scenario 1.
  • Figure 3 describes the Token authority management structure provided by the present invention in scenario 2.
  • Figure 4 depicts the Token authority management structure provided by the present invention in scenario 3.
  • Figure 5 describes the intra-group issuance process of the method described in the present invention.
  • Figure 6 describes the inter-group issuance process of the method described in the present invention.
  • This figure describes the transfer permission in a certain type of Token. Its threshold is 3, and there are three groups participating, namely Owner, Group A and Group B. Based on the current weight settings for each group (respectively 1, 2 and 3), Owner and Group A need to be issued jointly, or Group B can be issued separately to meet the Transfer threshold.
  • Group A requires at least Bob, Tony, or Tom and Tony to sign together to meet its threshold (4), and Group B needs to be signed Henry and Emma are all issued to meet the threshold (2).
  • Scenario 1 In real life, the holder of a Token may not be a person, but the holders. For example, the husband and wife (Alice and Bob) raise a pet dog together, and now it is necessary to obtain the consent of the husband and wife to trade this pet dog. A token is issued for this pet dog, and its structure is shown in Figure 2.
  • the issuer (may be Alice or Bob) sets the Token holder to be held by Alice and Bob.
  • the issuer sets the authority of both Issue and Manage to be empty, so that this type of Token will no longer be able to issue or modify the authority management structure (no group has authority ).
  • the transfer permission (the number in parentheses after the permission represents the threshold, the number in parentheses after the group represents the weight), only the Owner group. Then only when Alice and Bob sign the transfer operation at the same time, the operation will be accepted by the system. If only Alice or Bob’s private key signs, the system will deny the service and return an error message.
  • Scenario 2 Alice purchases a certain financial management token issued by company B.
  • company B requires that any transaction of this token needs to be confirmed by her own company and additional transaction fees will be charged.
  • This kind of Token structure is shown in Figure 3.
  • Group B is the Token used by company B to manage its financial management. Circulation group.
  • Alice transfers the token she needs to pay company B an additional fee, and then company B can check the transfer of the token at the same time, and after confirmation, it will be issued through Group B (through a third-party service), and then the transfer will be finally received by the system .
  • third parties can provide many services.
  • company C specializes in password protection services. Alice is afraid that she will forget or lose the secret key and thus lose her Token.
  • the transfer authority of this type of Token can be managed as: Owner(1), Group C(1), and at the same time The threshold is set to 1. In this case, if Alice forgets her secret key and cannot obtain the permissions of the Transfer group, she can still obtain Group C's issuance by proving to company C that she is Alice herself (through ID fingerprints, etc.). In this way, Alice can transfer this type of Token to her new account to retrieve her secret key.
  • Group C can do evil and transfer Alice's Token maliciously, but all operations will be recorded on the chain, which is not worth the gain for a credible company C.
  • Scenario 3 Here we will introduce the most complicated scenario to demonstrate the complex problems that can be solved in the authority management mechanism provided by the present invention.
  • a company built a new office building and hoped to issue 1,000 tokens for the property rights of the building.
  • the company set up an SPV to be responsible for issuing and maintaining these tokens.
  • the issuance and transfer of Token related to real estate needs to be reviewed and approved by the local real estate bureau. Only if it meets local regulations can it be approved.
  • the detailed information of the relevant Token of the office building will be displayed on its official platform (total, Issuer, authority management structure, etc.).
  • the national real estate department has the highest authority to restrict and manage local real estate bureaus and holders.
  • the permission structure of this type of Token may be shown in Figure 4.
  • the initial issuer and holder of this type of token is SPV, where Group S stands for SPV, Group L stands for local real estate bureaus, and Group C stands for central real estate department.
  • the transfer of a Token only needs to be jointly issued by the original holder and the local real estate bureau. During this process, the local real estate bureau will review the transfer process. Under unexpected circumstances, such as the accidental death of a certain token holder or the loss of the secret key, after a judgment or review by the court or relevant department, the central real estate department can issue the token and transfer the ownership of the token to the legal successor. .
  • the Central Real Estate Department can pass the issued Issue Permission to issue new tokens to meet actual needs.
  • the Central Real Estate Department needs to temporarily freeze the circulation of this type of token, it can change the transfer authority threshold through the Manage authority it holds, thereby freezing the circulation of this type of token.
  • the Token structure design and Token operation authority management method in the blockchain proposed by the present invention can be specialized for Token operation, reduce the burden on the blockchain system, reduce unnecessary resource consumption, and satisfy various requirements. The ability to manage the actual situation with complex rights.
  • Token, permission type, group, account, etc. in the blockchain does not necessarily refer to the same instance or example. Specific descriptions or features can be combined in one or more examples in a suitable manner. In addition, if there is no conflict with each other, those skilled in the art can combine different embodiments or examples and different embodiments described in this specification. Or the features of the examples are combined and combined.

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

A method and system for token design and token operation authorization management, comprising: first, defining the structure of a token, so as to determine authorization before a user performs various operations with respect to the token in a blockchain system; that is, determining, according to the sum of weights of respective authorized groups with corresponding authorizations and the magnitude of a configuration threshold, whether or not the user is authorized to perform operations with respect to the token. The method for authorization management is used to perform authorization classification and to form respective groups having specific authorizations, so as to flexibly control authorizations with respect to a token. The method is intrinsically flexible and extensible, and thus can address the majority of complex and diverse real-life authorization management situations.

Description

一种通证设计及其操作权限管理的方法与系统A method and system for token design and operation authority management 技术领域Technical field
本发明涉及区块链技术领域,尤其涉及一种通证设计及其操作权限管理的方法与系统。The invention relates to the technical field of block chains, and in particular to a method and system for token design and operation authority management.
背景技术Background technique
随着近些年比特币的兴起,区块链技术开始引起人们的关注,数字货币水涨船高,越来越多的人认识到区块链技术的价值,同时开始持有数字货币。随着大家对区块链技术的了解,有的人开始意识到区块链不仅仅可以用于构筑数字货币,还可以构筑上层应用,目前以太坊在这方面做得最为出色。With the rise of Bitcoin in recent years, blockchain technology has begun to attract people's attention, and digital currencies have risen. More and more people recognize the value of blockchain technology and begin to hold digital currencies. With everyone's understanding of blockchain technology, some people have begun to realize that blockchain can not only be used to build digital currencies, but also can build upper-level applications. Ethereum is currently doing the best in this regard.
随之而来的问题就是传统区块链网络为了达成共识,采用了POW的方式,这对资源是一种极大地浪费。区块链技术能够大规模普及,需要将算力集中在维持网络运行而不是无意义的求解。很多项目为了解决这些问题应运而生,其中EOS等采用DPOS机制和节点内平行的方式较好地解决了这一问题。The ensuing problem is that in order to reach a consensus, the traditional blockchain network adopts the POW method, which is a great waste of resources. Blockchain technology can be popularized on a large scale, and computing power needs to be concentrated on maintaining network operations rather than meaningless solutions. Many projects have emerged in order to solve these problems. Among them, EOS and others have solved this problem by adopting DPOS mechanism and intra-node parallelism.
然而至今为止所有主流区块链系统都是以Account为中心的利用智能合约来构建的一套图灵完备的系统。我们认为当下将实体事物与虚拟事物Token化才是广大群众切实的需求,在未来Token经济将会大放异彩。尽管现有主流系统也在推出新的协议以尝试构建更适合Token运作的方案,然而整体而言仍然存在以下缺点:需要用户自己编写代码、系统速度较慢;二是缺乏灵活的权限管理机制。However, all mainstream blockchain systems so far are a Turing-complete system built using smart contracts with Account as the center. We believe that the Tokenization of physical and virtual things is the real demand of the general public, and the Token economy will shine in the future. Although the existing mainstream systems are also launching new protocols to try to build a more suitable solution for Token operation, overall there are still the following shortcomings: users need to write their own code, the system is slow; second, it lacks a flexible rights management mechanism.
本发明旨在设计出一种Token特化的系统,专门解决区块链系统中Token相关操作的问题,并就其中最为重要的Token操作权限管理部分提出全新的方法。The present invention aims to design a specialized Token system, which specifically solves the problem of Token-related operations in the blockchain system, and proposes a brand-new method for the most important part of Token operation authority management.
发明内容Summary of the invention
本发明提供了一种通证设计及其操作权限管理的方法,包括创建域,请求操作,权限验证,操作执行四个主要步骤,请求操作包括但不限于发行通证、转移(或交易)通证、管理已创建的域,所有的操作必须通过权限验证后才能被执行。The present invention provides a method for token design and operation authority management, which includes four main steps: domain creation, operation request, authority verification, and operation execution. The requested operation includes but is not limited to issuing tokens, transfer (or transaction) communication To authenticate and manage the created domains, all operations must pass authorization verification before they can be executed.
优选地,所述创建域(Domain),需要定义域的信息包括但不限于不可重复的域名(Domain Name),发行权(Issue)阈值,转移权(Transfer)阈值,管理权(Manage)阈值,可进行发行权签发的组列表(group list),可进行转移权签发的组列表,可进行管理权签发的组列表。Preferably, for the creation of a domain (Domain), the information that needs to define the domain includes, but is not limited to, a non-repeatable domain name (Domain Name), issue threshold (Issue) threshold, transfer right (Transfer) threshold, and management right (Manage) threshold, A list of groups that can be issued for issuance rights, a list of groups that can be issued for transfer rights, and a list of groups that can be issued for management rights.
优选地,所述发行权指基于当前Domain,重发或增发Token的权限,转移权指更改当前Token所有者的权限,管理权指调整当前Domain信息或结构的权限。Preferably, the issuance right refers to the right to reissue or additional tokens based on the current domain, the transfer right refers to the right to change the owner of the current token, and the management right refers to the right to adjust the current domain information or structure.
优选地,所述组列表是由一个或多个组(group)构成的,每个组的信息包括组ID(group ID,系统自动生成)、权重(weight)、组内所需阈值、组成员、各组成员对应的权重、组公钥。Preferably, the group list is composed of one or more groups, and the information of each group includes group ID (group ID, automatically generated by the system), weight, required threshold in the group, and group members , The weight and group public key corresponding to each group member.
优选地,所述通证(Token),是区块链系统中具有独一无二的编号,是可以发行、可以转移的不可分割的一类最小个体,Token的ID包括域名,以及在每个域名下不可重复的个性化通证名(Token Name)。Preferably, the token is a unique number in the blockchain system, and it is an indivisible and smallest individual that can be issued and transferred. The ID of the Token includes the domain name and is not available under each domain name. Repeated personalized token name (Token Name).
优选地,在域的定义中,每一个权限都有对应的组列表,组列表中的每个组在该权限中拥有的权重不一定相同,组的权重是由拥有组私钥的用户(个人或组织)所决定的,且公开可见;同时每个操作都有一个阈值,在执行某项操作时,所述权限验证的过程,即为验证对该操作所有的成功签发组的权重之和,是否大于或等于该操作的阈值,如果是,该操作请求才会被系统接收并等待执行。Preferably, in the definition of the domain, each authority has a corresponding group list, and each group in the group list may not have the same weight in the authority. The weight of the group is determined by the user (individual) who owns the group private key. Or organization) and is publicly visible; at the same time, each operation has a threshold. When an operation is performed, the authorization verification process is to verify the sum of the weights of all successful issuing groups for the operation, Whether it is greater than or equal to the threshold of the operation, if it is, the operation request will be received by the system and wait for execution.
优选地,所述签发是指,对该操作请求有权进行签发的每一个组内,包含一个或多个成员,只有该组内所有签发了该操作请求的成员对应的权重之和,相加大于或等于该组的组内所需阈值,才认为该组为成功签发组,否则为失败签发组,同时,持有该组公钥的人或者组织可以签发一个修改组内成员和权重的操作,即组内自治(Group Autonomy)。Preferably, the issuance means that each group that has the right to sign the operation request contains one or more members, and only the sum of the weights corresponding to all members in the group that has issued the operation request is added. If the threshold is greater than or equal to the required threshold in the group, the group is considered as a successful issuance group, otherwise it is a failed issuance group. At the same time, the person or organization holding the public key of the group can issue an operation to modify the members and weights in the group , That is, Group Autonomy.
根据权利要求1所述的方法,其特征在于,在发行者设计Token类型权限的时候,可以通过直接引用已存在的组ID来援引该组到其权限体系中,因为组内自治的机制,这样每个组可以被方便地复用。The method according to claim 1, characterized in that when the issuer designs the Token type authority, it can directly quote the existing group ID to invoke the group into its authority system, because of the autonomy mechanism within the group, so Each group can be reused easily.
优选地,Token的持有者有一个特殊的组,该组的名称固定为Owner,为Token的持有者集合,该组的特殊之处在于每个Token均有可能不同,同时该组的签发条件为组内每个人均签发才有效,即该组每个人的权重相等,该组阈值为组内成员的数量。Preferably, Token holders have a special group whose name is fixed as Owner, which is a collection of Token holders. The special feature of this group is that each Token may be different, and the group is issued The condition is that each person in the group is issued to be valid, that is, the weight of each person in the group is equal, and the group threshold is the number of members in the group.
本发明还提供了一种通证设计及其操作权限管理的系统,包括:The present invention also provides a system for token design and operation authority management, including:
创建域模块,用以生成新的域,每个域都有唯一域名,需要定义域的信息包括但不限于不可重复的域名(Domain Name),发行权(Issue)阈值,转移权(Transfer)阈值,管理权(Manage)阈值,可进行发行权签发的组列表(group list),可进行转移权签发的组列表,可进行管理权签发的组列表;Create a domain module to generate new domains. Each domain has a unique domain name. The information that needs to define the domain includes but is not limited to non-repeatable domain name (Domain Name), issue threshold (Issue) threshold, and transfer threshold (Transfer) threshold , Management threshold, group list for issuing rights, group list for issuing transfer rights, and group list for issuing management rights;
操作请求模块,用以根据域中改操作请求对应的组列表,发送操作请求给相应的组,以待组内和组间的签发;The operation request module is used to send the operation request to the corresponding group according to the group list corresponding to the change operation request in the domain, to be issued within and between groups;
权限验证模块,用以验证该操作的成功签发组权重之和是否达到所需阈值,只有达到阈值才视作通过验证,该操作可被执行;The authorization verification module is used to verify whether the sum of the weights of the successful issuance group of the operation reaches the required threshold. Only when the threshold is reached, the verification is deemed to be passed, and the operation can be executed;
操作执行模块,用以实施确认验证通过后的操作。The operation execution module is used to implement the operation after the verification is passed.
优选地,各项操作可以根据消耗或既定标准,向涉及操作的所有用户或其中部分用户收取手续费,由具体实施的共识机制决定。Preferably, each operation can charge all users or some of the users involved in the operation a fee based on consumption or established standards, which is determined by the specific implementation of the consensus mechanism.
有益效果Beneficial effect
与现有的erc721等项目相比,本发明不需要用户自己写代码或写智能合约,而是直接将接口写进系统里,用户只需要填表单,操作简单高效。目前并没有专门针对Token的区块链系统,诸如erc721针对Token的管理权限非常简单,本发明则针对通证建立了一整套权限管理方法与系统,在保证安全的前提下,极大地提升了运行效率,能够真正实现多线程的操作流程。Compared with the existing erc721 and other projects, the present invention does not require the user to write code or write smart contracts, but directly writes the interface into the system, and the user only needs to fill in the form, and the operation is simple and efficient. Currently, there is no blockchain system specifically for Token. For example, the management authority of erc721 for Token is very simple. The present invention establishes a complete set of authority management methods and systems for tokens, which greatly improves operation under the premise of ensuring safety. Efficiency, can truly realize the multi-threaded operation process.
附图说明Description of the drawings
图1描述了本发明提供的某一域名(Domain Name)下通证转移权限的具体结构。Figure 1 depicts the specific structure of the transfer authority of a certain domain name (Domain Name) provided by the present invention.
图2描述了情景一中本发明提供的Token权限管理结构。Figure 2 describes the Token authority management structure provided by the present invention in scenario 1.
图3描述了情景二中本发明提供的Token权限管理结构。Figure 3 describes the Token authority management structure provided by the present invention in scenario 2.
图4描述了情景三中本发明提供的Token权限管理结构。Figure 4 depicts the Token authority management structure provided by the present invention in scenario 3.
图5描述了本发明中所述方法的组内签发流程。Figure 5 describes the intra-group issuance process of the method described in the present invention.
图6描述了本发明中所述方法的组间签发流程。Figure 6 describes the inter-group issuance process of the method described in the present invention.
具体实施方式detailed description
为了便于理解,我们首先介绍最常用的Transfer权限中的一种情况。见图1。To facilitate understanding, we first introduce one of the most commonly used Transfer permissions. see picture 1.
该图描述了某一类型Token中的Transfer权限,其阈值为3,共有三组参与,分别为Owner,Group A和Group B。基于当前的每组权重设置(分别为1、2和3),Owner和Group A需要共同通过签发,或者Group B单独通过签发才能够满足Transfer阈值。This figure describes the transfer permission in a certain type of Token. Its threshold is 3, and there are three groups participating, namely Owner, Group A and Group B. Based on the current weight settings for each group (respectively 1, 2 and 3), Owner and Group A need to be issued jointly, or Group B can be issued separately to meet the Transfer threshold.
就每个组内部而言,Owner通过签发只需要Alice的公钥签发;Group A通过签发至少需要Bob、Tony或者Tom、Tony共同签发才能够满足其阈值(为4),Group B通过签发则需 要Henry和Emma全部签发才能够满足阈值(为2)。As far as each group is concerned, Owner only needs Alice’s public key for issuance; Group A requires at least Bob, Tony, or Tom and Tony to sign together to meet its threshold (4), and Group B needs to be signed Henry and Emma are all issued to meet the threshold (2).
下面将通过三个情景描述本发明的实施例,所述实施例的示例在附图中示出。下面通过参考附图描述的实施例是示例性的,旨在用于解释本发明,而不能理解为对本发明的限制。The embodiments of the present invention will be described below through three scenarios, and examples of the embodiments are shown in the accompanying drawings. The embodiments described below with reference to the accompanying drawings are exemplary, and are intended to explain the present invention, but should not be construed as limiting the present invention.
情景一:现实生活中一个Token的持有者很可能不是一个人,而是持有者们。例如夫妻双方(Alice和Bob)共同养了一只宠物狗,现在交易这只宠物狗需要得到夫妻双方同意才行,就这只宠物狗发行一个Token,它的结构如图2所示。Scenario 1: In real life, the holder of a Token may not be a person, but the holders. For example, the husband and wife (Alice and Bob) raise a pet dog together, and now it is necessary to obtain the consent of the husband and wife to trade this pet dog. A token is issued for this pet dog, and its structure is shown in Figure 2.
发行者(可能是Alice也可能是Bob)将Token的持有者设成Alice和Bob两个账户共同持有。在权限管理的部分,因为不涉及额外的变更与需求,发行者将Issue和Manage的权限都设为空,这样,该类Token将不再能够增发或是修改权限管理结构(没有任何组有权限)。在Transfer权限中(权限后面括号内的数字代表阈值,组后面括号内的数字代表权重),只有Owner该组。则只有当Alice和Bob同时签发转移的操作时,其操作才会被系统接收。如果只有Alice或者Bob一个人的私钥签名,系统将会拒绝服务并返回错误信息。The issuer (may be Alice or Bob) sets the Token holder to be held by Alice and Bob. In the authority management part, because no additional changes and requirements are involved, the issuer sets the authority of both Issue and Manage to be empty, so that this type of Token will no longer be able to issue or modify the authority management structure (no group has authority ). In the transfer permission (the number in parentheses after the permission represents the threshold, the number in parentheses after the group represents the weight), only the Owner group. Then only when Alice and Bob sign the transfer operation at the same time, the operation will be accepted by the system. If only Alice or Bob’s private key signs, the system will deny the service and return an error message.
情景二:Alice购买了公司B发行的某种理财Token,为了保障安全性以及风控合规要求,公司B要求任何该Token的交易都需要得到自己公司的确认并且额外收取一部分交易费用。这类Token结构如图3所示。Scenario 2: Alice purchases a certain financial management token issued by company B. In order to ensure safety and risk control compliance requirements, company B requires that any transaction of this token needs to be confirmed by her own company and additional transaction fees will be charged. This kind of Token structure is shown in Figure 3.
Alice是该Token的持有者,但是如果想要转移该Token的所有权,除了Owner组(即Alice自己)签发外,还需要得到Group B的授权,Group B即是公司B用于管理其理财Token流转的组。Alice在流转该Token的时候,需要先支付公司B一笔额外的费用,然后公司B可以同时检查该Token的转移,确认后通过Group B签发(通过第三方服务),然后该转移最后被系统接收。Alice is the holder of the Token, but if you want to transfer the ownership of the Token, in addition to the Owner group (that is, Alice herself) issuance, you also need to be authorized by Group B. Group B is the Token used by company B to manage its financial management. Circulation group. When Alice transfers the token, she needs to pay company B an additional fee, and then company B can check the transfer of the token at the same time, and after confirmation, it will be issued through Group B (through a third-party service), and then the transfer will be finally received by the system .
基于此机制,第三方可以提供很多服务。比如公司C专门从事密码保护服务,Alice害怕自己遗忘或丢失了秘钥从而失去了自己的Token,就可以将该类型Token的Transfer权限管理为:Owner(1),Group C(1),同时将阈值设置为1。在这种情况下,如果Alice忘记了自己的秘钥无法获得Transfer组的权限,但是她依然可以通过向公司C证明自己是Alice本人(通过身份证指纹等方式)从而获得Group C的签发。这样,Alice就可以将该类型的Token转移到自己的新账户上从而找回自己的秘钥。Based on this mechanism, third parties can provide many services. For example, company C specializes in password protection services. Alice is afraid that she will forget or lose the secret key and thus lose her Token. The transfer authority of this type of Token can be managed as: Owner(1), Group C(1), and at the same time The threshold is set to 1. In this case, if Alice forgets her secret key and cannot obtain the permissions of the Transfer group, she can still obtain Group C's issuance by proving to company C that she is Alice herself (through ID fingerprints, etc.). In this way, Alice can transfer this type of Token to her new account to retrieve her secret key.
当然,Group C可以作恶从而恶意转移Alice的Token,不过所有的操作均会记录在链上,对一个具有公信力的公司C来说是得不偿失的。Of course, Group C can do evil and transfer Alice's Token maliciously, but all operations will be recorded on the chain, which is not worth the gain for a credible company C.
情景三:这里我们将介绍最为复杂的一种情形以展示本发明提供的权限管理机制中所能解决的复杂问题。某公司新建了一栋写字楼,并且希望就该楼的产权发行1000个Token,该公司设立SPV来负责发行和维护这些Token。具体生活中,涉及到房产的Token发行与转移需要得到当地房产局的审核和批准,只有符合当地规范才能够获准发行,然后会在其官方平台上展示该写字楼的相关Token的详细信息(总数,发行方,权限管理结构等等)。在此之上还存在国家房产部总体掌握最高的权限以限制和管理地方房产局和持有者。该类Token的权限结构可能如图4所示。Scenario 3: Here we will introduce the most complicated scenario to demonstrate the complex problems that can be solved in the authority management mechanism provided by the present invention. A company built a new office building and hoped to issue 1,000 tokens for the property rights of the building. The company set up an SPV to be responsible for issuing and maintaining these tokens. In specific life, the issuance and transfer of Token related to real estate needs to be reviewed and approved by the local real estate bureau. Only if it meets local regulations can it be approved. Then the detailed information of the relevant Token of the office building will be displayed on its official platform (total, Issuer, authority management structure, etc.). On top of this, the national real estate department has the highest authority to restrict and manage local real estate bureaus and holders. The permission structure of this type of Token may be shown in Figure 4.
该类Token的初始发行者和持有者为SPV,其中Group S代表SPV,Group L代表地方房产局,Group C代表中央房产部。The initial issuer and holder of this type of token is SPV, where Group S stands for SPV, Group L stands for local real estate bureaus, and Group C stands for central real estate department.
一般而言,一个Token的转移只需要得到原持有者和地方房产局共同签发即可。在此过程中,由地方房产局对其转移过程进行审核。在意外状况下,比如某个Token的持有者意外去世或者遗失了秘钥,经过法院或者相关部门判决或者审核后,可以由中央房产部进行签发,将该Token的所有权转移给合法的继承者。Generally speaking, the transfer of a Token only needs to be jointly issued by the original holder and the local real estate bureau. During this process, the local real estate bureau will review the transfer process. Under unexpected circumstances, such as the accidental death of a certain token holder or the loss of the secret key, after a judgment or review by the court or relevant department, the central real estate department can issue the token and transfer the ownership of the token to the legal successor. .
甚至而言,如果不慎遗失了部分Token的ID(这是有可能发生的),或是SPV与其他Token的持有者均协商同意增发新的Token时,中央房产部可以通过持有的Issue权限增发新的Token以满足实际需求。另外,在一些极为特殊的情况下,例如中央房产部需要暂时冻结该 类Token的流传,则可以通过其持有的Manage权限变更Transfer权限的阈值,从而冻结了该类Token的流通。Even speaking, if part of the Token ID is accidentally lost (this is possible), or SPV and other token holders have negotiated and agreed to issue new tokens, the Central Real Estate Department can pass the issued Issue Permission to issue new tokens to meet actual needs. In addition, in some very special circumstances, for example, the Central Real Estate Department needs to temporarily freeze the circulation of this type of token, it can change the transfer authority threshold through the Manage authority it holds, thereby freezing the circulation of this type of token.
综上所述,本发明提出的区块链中Token结构设计和Token操作权限管理方法可以做到针对Token操作特化,减轻区块链系统负担,减少不必要的资源消耗,并具有满足各种复杂权限管理实际情况的能力。In summary, the Token structure design and Token operation authority management method in the blockchain proposed by the present invention can be specialized for Token operation, reduce the burden on the blockchain system, reduce unnecessary resource consumption, and satisfy various requirements. The ability to manage the actual situation with complex rights.
在本说明书的描述中,对区块链中Token、权限类型、组、账户等描述不必须针对相同的实例或示例。具体的描述或特点可以在人一个或多个实例中以合适的方式结合,另外在不相互矛盾的情况下,本领域的技术人员可以将本说明书中描述的不同实施例或示例以及不同实施例或示例的特征进行结合和组合。In the description of this specification, the description of Token, permission type, group, account, etc. in the blockchain does not necessarily refer to the same instance or example. Specific descriptions or features can be combined in one or more examples in a suitable manner. In addition, if there is no conflict with each other, those skilled in the art can combine different embodiments or examples and different embodiments described in this specification. Or the features of the examples are combined and combined.
尽管上面已经示出和描述了本发明的实施例,可以理解的是,上述实施例是示例性的,不能理解为对本发明的限制。Although the embodiments of the present invention have been shown and described above, it can be understood that the above-mentioned embodiments are exemplary and should not be construed as limiting the present invention.

Claims (11)

  1. 一种通证设计及其操作权限管理的方法,其特征在于,包括创建域,请求操作,权限验证,操作执行四个主要步骤,请求操作包括但不限于发行通证、转移(或交易)通证、管理已创建的域,所有的操作必须通过权限验证后才能被执行。A method for token design and operation authority management, which is characterized in that it includes four main steps: domain creation, operation request, authority verification, and operation execution. Request operations include but are not limited to issuing tokens, transferring (or trading) tokens To authenticate and manage the created domains, all operations must pass authorization verification before they can be executed.
  2. 根据权利要求1所述的方法,其特征在于,所述创建域(Domain),需要定义域的信息包括但不限于不可重复的域名(Domain Name),发行权(Issue)阈值,转移权(Transfer)阈值,管理权(Manage)阈值,可进行发行权签发的组列表(group list),可进行转移权签发的组列表,可进行管理权签发的组列表。The method according to claim 1, characterized in that, for creating a domain (Domain), information that needs to define the domain includes, but is not limited to, a non-repeatable domain name (Domain Name), issue threshold (Issue) threshold, and transfer right (Transfer). ) Threshold, Management threshold, group list for issuing rights, group list for issuing transfer rights, and group list for issuing management rights.
  3. 根据权利要求1所述的方法,其特征在于,所述发行权指基于当前Domain,重发或增发Token的权限,转移权指更改当前Token所有者的权限,管理权指调整当前Domain信息或结构的权限。The method according to claim 1, wherein the issuance right refers to the right to reissue or additional tokens based on the current Domain, the transfer right refers to the right to change the current Token owner, and the management right refers to adjusting the current Domain information or structure permission.
  4. 根据权利要求1-3所述的方法,其特征在于,所述组列表是由一个或多个组(group)构成的,每个组的信息包括组ID(group ID,系统自动生成)、权重(weight)、组内所需阈值、组成员、各组成员对应的权重、组公钥。The method according to claim 1-3, wherein the group list is composed of one or more groups, and the information of each group includes group ID (group ID, automatically generated by the system), weight (weight), the required threshold in the group, the group members, the weight corresponding to each group member, and the group public key.
  5. 根据权利要求1所述的方法,其特征在于,所述通证(Token),是区块链系统中具有独一无二的编号,是可以发行、可以转移的不可分割的一类最小个体,Token的ID包括域名,以及在每个域名下不可重复的个性化通证名(Token Name)。The method according to claim 1, characterized in that the token is a unique number in the blockchain system, and is an indivisible and smallest individual that can be issued and transferred. The ID of the Token Including the domain name and the personalized token name (Token Name) that cannot be repeated under each domain name.
  6. 根据权利要求1-5所述的方法,其特征在于,在域的定义中,每一个权限都有对应的组列表,组列表中的每个组在该权限中拥有的权重不一定相同,组的权重是由拥有组私钥的用户(个人或组织)所决定的,且公开可见;同时每个操作都有一个阈值,在执行某项操作时,所述权限验证的过程,即为验证对该操作所有的成功签发组的权重之和,是否大于或等于该操作的阈值,如果是,该操作请求才会被系统接收并等待执行。The method according to claim 1-5, characterized in that, in the definition of a domain, each permission has a corresponding group list, and each group in the group list may not have the same weight in the permission, and the group The weight of is determined by the user (individual or organization) who owns the group’s private key, and is publicly visible; at the same time, each operation has a threshold. When an operation is performed, the authorization verification process is the verification pair Whether the sum of the weights of all successful issuance groups of this operation is greater than or equal to the threshold of this operation, if it is, the operation request will be received by the system and wait for execution.
  7. 根据权利要求6所述的方法,其特征在于,所述签发是指,对该操作请求有权进行签发的每一个组内,包含一个或多个成员,只有该组内所有签发了该操作请求的成员对应的权重之和,相加大于或等于该组的组内所需阈值,才认为该组为成功签发组,否则为失败签发组,同时,持有该组公钥的人或者组织可以签发一个修改组内成员和权重的操作,即组内自治(Group Autonomy)。The method according to claim 6, wherein the issuance refers to that each group that has the right to issue the operation request includes one or more members, and only all members in the group have issued the operation request If the sum of the weights corresponding to the members of the group is greater than or equal to the required threshold in the group, the group is considered as a successful issuance group, otherwise it is a failed issuance group. At the same time, the person or organization holding the public key of the group can Issue an operation to modify the members and weights in the group, that is, Group Autonomy.
  8. 根据权利要求1所述的方法,其特征在于,在发行者设计Token类型权限的时候,可以通过直接引用已存在的组ID来援引该组到其权限体系中,因为组内自治的机制,这样每个组可以被方便地复用。The method according to claim 1, characterized in that when the issuer designs the Token type authority, it can directly quote the existing group ID to invoke the group into its authority system, because of the autonomy mechanism within the group, so Each group can be reused easily.
  9. 根据权利要求1所述的方法,其特征在于,Token的持有者有一个特殊的组,该组的名称固定为Owner,为Token的持有者集合,该组的特殊之处在于每个Token均有可能不同,同时该组的签发条件为组内每个人均签发才有效,即该组每个人的权重相等,该组阈值为组内成员的数量。The method according to claim 1, wherein the holders of the Token have a special group, the name of the group is fixed as Owner, which is a collection of holders of the Token, and the special feature of the group is that each Token They may be different. At the same time, the issuance condition of the group is valid only if everyone in the group issues it, that is, the weight of each person in the group is equal, and the group threshold is the number of members in the group.
  10. 一种通证设计及其操作权限管理的系统,包括:A system for token design and operation authority management, including:
    创建域模块,用以生成新的域,每个域都有唯一域名,需要定义域的信息包括但不限于不可重复的域名(Domain Name),发行权(Issue)阈值,转移权(Transfer)阈值,管理权(Manage)阈值,可进行发行权签发的组列表(group list),可进行转移权签发的组列表,可进行管理权签发的组列表;Create a domain module to generate new domains. Each domain has a unique domain name. The information that needs to define the domain includes but is not limited to non-repeatable domain name (Domain Name), issue threshold (Issue) threshold, and transfer threshold (Transfer) threshold , Management threshold, group list for issuing rights, group list for issuing transfer rights, and group list for issuing management rights;
    操作请求模块,用以根据域中改操作请求对应的组列表,发送操作请求给相应的组,以待组内和组间的签发;The operation request module is used to send the operation request to the corresponding group according to the group list corresponding to the change operation request in the domain, to be issued within and between groups;
    权限验证模块,用以验证该操作的成功签发组权重之和是否达到所需阈值,只有达到阈值才视作通过验证,该操作可被执行;The authorization verification module is used to verify whether the sum of the weights of the successful issuance group of the operation reaches the required threshold. Only when the threshold is reached, the verification is deemed to be passed, and the operation can be executed;
    操作执行模块,用以实施确认验证通过后的操作。The operation execution module is used to implement the operation after the verification is passed.
  11. 根据权利要求1-10所述的方法与系统,其特征在于,所述各项操作可以根据消耗或既定 标准,向涉及操作的所有用户或其中部分用户收取手续费,由具体实施的共识机制决定。The method and system according to claims 1-10, wherein the various operations can charge all users or some of the users involved in the operation based on consumption or established standards, and it is determined by the specific implementation of the consensus mechanism .
PCT/CN2019/081072 2019-04-02 2019-04-02 Method and system for token design and token operation authorization management WO2020199135A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2019/081072 WO2020199135A1 (en) 2019-04-02 2019-04-02 Method and system for token design and token operation authorization management

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2019/081072 WO2020199135A1 (en) 2019-04-02 2019-04-02 Method and system for token design and token operation authorization management

Publications (1)

Publication Number Publication Date
WO2020199135A1 true WO2020199135A1 (en) 2020-10-08

Family

ID=72664406

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/081072 WO2020199135A1 (en) 2019-04-02 2019-04-02 Method and system for token design and token operation authorization management

Country Status (1)

Country Link
WO (1) WO2020199135A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106850622A (en) * 2017-02-07 2017-06-13 杭州秘猿科技有限公司 A kind of user identity management method based on license chain
CN107122958A (en) * 2017-04-27 2017-09-01 电子科技大学 A kind of electronics contract frame system based on block chain
US20180205555A1 (en) * 2015-07-13 2018-07-19 Nippon Telegraph And Telephone Corporation Contract Agreement Method, Agreement Verification Method, Contract Agreement System, Agreement Verification Device, Contract Agreement Device, Contract Agreement Program and Agreement Verification Program
CN108764898A (en) * 2018-04-03 2018-11-06 武汉龙津科技有限公司 A kind of logical method and system for demonstrate,proving design and its operating right management

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180205555A1 (en) * 2015-07-13 2018-07-19 Nippon Telegraph And Telephone Corporation Contract Agreement Method, Agreement Verification Method, Contract Agreement System, Agreement Verification Device, Contract Agreement Device, Contract Agreement Program and Agreement Verification Program
CN106850622A (en) * 2017-02-07 2017-06-13 杭州秘猿科技有限公司 A kind of user identity management method based on license chain
CN107122958A (en) * 2017-04-27 2017-09-01 电子科技大学 A kind of electronics contract frame system based on block chain
CN108764898A (en) * 2018-04-03 2018-11-06 武汉龙津科技有限公司 A kind of logical method and system for demonstrate,proving design and its operating right management

Similar Documents

Publication Publication Date Title
US11250518B2 (en) Method for secure ledger distribution and computer system using secure distributed ledger technology
US20220230147A1 (en) Methods and systems for recording multiple transactions on a blockchain
Tobin et al. The inevitable rise of self-sovereign identity
EP3660721B1 (en) Resource transfer and capital transfer method and apparatus
Wolfond A blockchain ecosystem for digital identity: improving service delivery in Canada’s public and private sectors
US20200211099A1 (en) Decentralized Customer-Controlled Credit Verification
US10762504B2 (en) System for external secure access to process data network
CN115699000A (en) Method, apparatus and computer readable medium for secure multilateral data exchange over a computer network
US11334882B1 (en) Data access management on a distributed ledger system
TWI791456B (en) Blockchain-implemented method
US20170244757A1 (en) System for external validation of secure process transactions
CN109829767A (en) A kind of point reward exchanging system and method based on block chain technology
EP3860083A1 (en) System and method for identity management
EP4032052B1 (en) Performing transactions using private and public blockchains
US20130173447A1 (en) Consumer-driven credit information control method, system and storage medium for storing a set of computer instructions which effectuate the method
US20150180853A1 (en) Extensible mechanism for securing objects using claims
Landau et al. Economic tussles in federated identity management
CN109493047A (en) A kind of commission settlement method, device and terminal device based on block chain
CN108764898A (en) A kind of logical method and system for demonstrate,proving design and its operating right management
CN111028064A (en) Internet of things platform transaction system, method and equipment based on block chain
CN110222799A (en) A kind of application system of two-stage evidence method and voucher mechanism based on two dimensional code
WO2020199135A1 (en) Method and system for token design and token operation authorization management
Filonova et al. Legal regulation of transactions in the digital environment as a condition for effective business cooperation
Henglein Blockchain deconstructed
Xie et al. Design of parking integral management system based on blockchain technology

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19922463

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19922463

Country of ref document: EP

Kind code of ref document: A1