WO2020233615A1

WO2020233615A1 - Receipt storage method combining user type and event function type and node

Info

Publication number: WO2020233615A1
Application number: PCT/CN2020/091381
Authority: WO
Inventors: 刘琦; 闫莺; 魏长征
Original assignee: 创新先进技术有限公司
Priority date: 2019-05-20
Filing date: 2020-05-20
Publication date: 2020-11-26
Also published as: CN110263086B; CN110263086A

Abstract

Provided are a receipt storage method combining user type and event function type and a node, the method may comprise: a first block chain node receives an encrypted transaction calling a smart contract (302); the first block chain node decrypts the transaction in a trusted execution environment to obtain the smart contract, the smart contract comprises a special event function (304); the first block chain node executes the smart contract in the trusted execution environment to obtain receipt data, the receipt data comprises a log corresponding to the special event function (306); the first block chain node stores the receipt data, when the transaction initiator belongs to a preset user type, storing at least one log field in a log corresponding to the special event function in a plaintext form, storing the rest contents of the receipt data in a cipher text form, and when the transaction initiator does not belong to the preset user type, storing the receipt data in the cipher text form (308).

Description

Receipt storage method and node combining user type and event function type

Technical field

One or more embodiments of the present specification relate to the field of blockchain technology, and more particularly to a receipt storage method and node that combines user type and event function type.

Background technique

Blockchain technology is built on a transmission network (such as a peer-to-peer network). The network nodes in the transmission network use chained data structures to verify and store data, and use distributed node consensus algorithms to generate and update data.

At present, the two biggest challenges of enterprise-level blockchain platform technology are privacy and performance. It is often difficult to solve these two challenges at the same time. Most of the solutions are to lose performance in exchange for privacy, or do not consider privacy to pursue performance. Common encryption technologies that solve privacy problems, such as Homomorphic encryption and Zero-knowledge proof, are highly complex, poor in versatility, and may also cause serious performance losses.

Trusted Execution Environment (TEE) is another way to solve privacy issues. TEE can play the role of a black box in the hardware. Neither the code executed in the TEE nor the data operating system layer can be peeped. Only the pre-defined interface in the code can operate on it. In terms of efficiency, due to the black-box nature of TEE, plaintext data is calculated in TEE instead of complex cryptographic operations in homomorphic encryption. There is no loss of efficiency in the calculation process. Therefore, the combination with TEE can achieve less performance loss. Under the premise, the security and privacy of the blockchain are greatly improved. At present, the industry is very concerned about TEE solutions. Almost all mainstream chip and software alliances have their own TEE solutions, including TPM (Trusted Platform Module) for software and Intel SGX (Software Guard Extensions) for hardware. , Software Protection Extension), ARM Trustzone (trust zone) and AMD PSP (Platform Security Processor, platform security processor).

Summary of the invention

In view of this, one or more embodiments of this specification provide a receipt storage method and node that combines user type and event function type.

To achieve the foregoing objectives, one or more embodiments of this specification provide technical solutions as follows:

According to the first aspect of one or more embodiments of this specification, a receipt storage method combining user type and event function type is proposed, including:

The first blockchain node receives the encrypted transaction calling the smart contract;

The first blockchain node decrypts the transaction in a trusted execution environment to obtain the smart contract, and the smart contract includes a special event function;

The first blockchain node executes the smart contract in the trusted execution environment to obtain receipt data, where the receipt data includes a log corresponding to the special event function;

The first blockchain node stores the receipt data. When the transaction initiator belongs to the preset user type, at least one log field in the log corresponding to the special event function is stored in plaintext, and the rest of the receipt data It is stored in cipher text. When the transaction initiator does not belong to the preset user type, the receipt data is stored in cipher text.

According to the second aspect of one or more embodiments of this specification, a receipt storage node combining user type and event function type is proposed, including:

The receiving unit receives the encrypted transaction that calls the smart contract;

A decryption unit, decrypting the transaction in a trusted execution environment to obtain the smart contract, the smart contract including a special event function;

An execution unit to execute the smart contract in the trusted execution environment to obtain receipt data, where the receipt data includes a log corresponding to the special event function;

The storage unit stores the receipt data. When the transaction initiator belongs to a preset user type, at least one log field in the log corresponding to the special event function is stored in plain text, and the rest of the receipt data is in cipher text Form storage, when the transaction initiator does not belong to the preset user type, the receipt data is stored in a cipher text form.

According to a third aspect of one or more embodiments of this specification, an electronic device is proposed, including:

processor;

A memory for storing processor executable instructions;

Wherein, the processor implements the method according to the first aspect by running the executable instruction.

According to the fourth aspect of one or more embodiments of the present specification, a computer-readable storage medium is provided, and computer instructions are stored thereon, which, when executed by a processor, implement the steps of the method described in the first aspect.

Description of the drawings

Fig. 1 is a schematic diagram of creating a smart contract according to an exemplary embodiment.

Fig. 2 is a schematic diagram of invoking a smart contract provided by an exemplary embodiment.

Fig. 3 is a schematic diagram of implementing privacy protection on blockchain nodes according to an exemplary embodiment.

Fig. 4 is a flowchart of a method for storing receipts combining user type and event function type according to an exemplary embodiment.

Fig. 5 is a schematic diagram of the functional logic of implementing a blockchain network through a system contract and a chain code provided by an exemplary embodiment.

Fig. 6 is a block diagram of a receipt storage device combining user type and event function type according to an exemplary embodiment.

Detailed ways

Here, exemplary embodiments will be described in detail, and examples thereof are shown in the accompanying drawings. When the following description refers to the drawings, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements. The implementation manners described in the following exemplary embodiments do not represent all implementation manners consistent with one or more embodiments of this specification. On the contrary, they are merely examples of devices and methods consistent with some aspects of one or more embodiments of this specification as detailed in the appended claims.

It should be noted that in other embodiments, the steps of the corresponding method may not be executed in the order shown and described in this specification. In some other embodiments, the method includes more or fewer steps than described in this specification. In addition, a single step described in this specification may be decomposed into multiple steps for description in other embodiments; and multiple steps described in this specification may also be combined into a single step in other embodiments. description.

Blockchain is generally divided into three types: Public Blockchain, Private Blockchain and Consortium Blockchain. In addition, there are many types of combinations, such as private chain + alliance chain, alliance chain + public chain and other different combinations. The most decentralized one is the public chain. The public chain is represented by Bitcoin and Ethereum. Participants who join the public chain can read the data records on the chain, participate in transactions, and compete for the accounting rights of new blocks. Moreover, each participant (ie, node) can freely join and exit the network, and perform related operations. The private chain is the opposite. The write permission of the network is controlled by an organization or institution, and the data read permission is regulated by the organization. In simple terms, the private chain can be a weakly centralized system with strict restrictions and few participating nodes. This type of blockchain is more suitable for internal use by specific institutions. The alliance chain is a block chain between the public chain and the private chain, which can achieve "partial decentralization". Each node in the alliance chain usually has a corresponding entity or organization; participants are authorized to join the network and form a stakeholder alliance to jointly maintain the operation of the blockchain.

Whether it is a public chain, a private chain or a consortium chain, it is possible to provide the function of a smart contract. A smart contract on the blockchain is a contract that can be triggered and executed by a transaction on the blockchain system. Smart contracts can be defined in the form of codes.

Taking Ethereum as an example, it supports users to create and call some complex logic in the Ethereum network. This is the biggest challenge that distinguishes Ethereum from Bitcoin blockchain technology. The core of Ethereum as a programmable blockchain is the Ethereum Virtual Machine (EVM), and each Ethereum node can run EVM. EVM is a Turing complete virtual machine, which means that various complex logic can be implemented through it. Users publish and call smart contracts in Ethereum run on the EVM. In fact, the virtual machine directly runs virtual machine code (virtual machine bytecode, hereinafter referred to as "bytecode"). The smart contract deployed on the blockchain can be in the form of bytecode.

For example, as shown in Figure 1, after Bob sends a transaction containing the creation of a smart contract to the Ethereum network, the EVM of node 1 can execute the transaction and generate a corresponding contract instance. "0x6f8ae93..." in the figure 1 represents the address of this contract, the data field of the transaction can be stored in bytecode, and the to field of the transaction is empty. After the nodes reach an agreement through the consensus mechanism, the contract is successfully created and can be called in the subsequent process. After the contract is created, a contract account corresponding to the smart contract appears on the blockchain and has a specific address, and the contract code will be stored in the contract account. The behavior of the smart contract is controlled by the contract code. In other words, smart contracts enable virtual accounts containing contract codes and account storage (Storage) to be generated on the blockchain.

As shown in Figure 2, still taking Ethereum as an example, after Bob sends a transaction for invoking a smart contract to the Ethereum network, the EVM of a certain node can execute the transaction and generate a corresponding contract instance. The from field of the transaction in Figure 2 is the address of the account of the transaction initiator (ie Bob), the "0x6f8ae93..." in the to field represents the address of the called smart contract, and the value field in Ethereum is the value of Ether , The method and parameters of calling the smart contract are stored in the data field of the transaction. Smart contracts are executed independently on each node in the blockchain network in a prescribed manner. All execution records and data are stored on the blockchain, so when the transaction is completed, the blockchain will be stored on the blockchain that cannot be tampered with. Lost transaction certificate.

After the nodes in the blockchain network execute the transaction initiated by Bob, they will generate corresponding receipt data to record the receipt information related to the transaction. Taking Ethereum as an example, the receipt data obtained by a node executing a transaction can include the following:

The Result field indicates the execution result of the transaction;

The Gas used field indicates the gas value consumed by the transaction;

The Logs field indicates the log generated by the transaction. The log can further include the From field, To field, Topic field, and Log data field, among which the From field indicates the account address of the initiator of the call, and the To field indicates the called object (such as a smart contract) The account address and Topic field indicate the subject of the log, and the Log data field indicates the log data;

The Output field indicates the output of the transaction.

Among them, log is a function provided in Ethereum. During the operation of the code of the smart contract, the logs generated by each event contained in the code can be recorded. The log allows to record the details of the event. For example, the From and To fields mentioned above can indicate the accounts of both parties involved in the transaction, and the Topic field can contain the value of the state variables referenced by the event after the code is executed, etc. Therefore, not only can the log be used as relevant evidence after the transaction is executed on the blockchain, it can also be used to drive related operations. For example, the callback function of JavaScript can be used to monitor events, and the corresponding log can be generated when the event is triggered. Therefore, by retrieving the log content, the DAPP (Decentralized Application) client can be driven to perform related execution when the preset log content is retrieved Processing operations, etc.

In related technologies, all the contents of the receipt data generated in the TEE are treated as data requiring privacy protection and stored on the blockchain. The block chain is a data set stored in a database of a node and organized by a specific logic. The database, as described later, may be a storage medium, such as a persistent storage medium, on a physical carrier. In fact, different users have different privacy protection requirements for receipt data. For example, some users may pay more attention to privacy protection, so you can try to store the receipt data generated by the transaction initiated by the user in cipher text; another part of users may pay more attention to the availability of data, such as wishing to support receipt data Retrieval operations, such as DAPP (Decentralized Application, distributed application) client to perform related processing operations.

The following describes the implementation process of an embodiment of a receipt storage method combining user type and event function type according to the present application with reference to FIG. 3.

Step 302: The first blockchain node receives the encrypted transaction for invoking the smart contract.

In an embodiment, the user can directly generate a transaction on the first blockchain node; or, the user can generate a transaction on the client, and send the transaction to the first blockchain node through the client; or, the client The terminal can send the above transaction to the second blockchain node, and the second blockchain node sends the transaction to the first blockchain node.

In an embodiment, when a transaction is used to call a smart contract, the transaction content may include the account address of the smart contract being called, the methods and parameters that need to be passed in, and so on.

In one embodiment, by encrypting the transaction content, the encrypted transaction can be kept in a state of privacy protection, and the transaction content can be prevented from being exposed. For example, the transaction content may contain information such as the account address of the transaction initiator and the account address of the transaction target. Encryption processing can ensure that these transaction contents cannot be directly read.

In an embodiment, the foregoing transaction may be encrypted by a symmetric encryption algorithm, or may be encrypted by an asymmetric algorithm. The encryption algorithm used by symmetric encryption, such as DES algorithm, 3DES algorithm, TDEA algorithm, Blowfish algorithm, RC5 algorithm, IDEA algorithm, etc. Asymmetric encryption algorithms, such as RSA, Elgamal, knapsack algorithm, Rabin, D-H, ECC (elliptic curve encryption algorithm), etc.

In one embodiment, the foregoing transaction may be encrypted by a combination of a symmetric encryption algorithm and an asymmetric encryption algorithm. Taking the client submitting the above transaction to the first blockchain node as an example, the client can use a symmetric encryption algorithm to encrypt the transaction content, that is, use the symmetric encryption algorithm key to encrypt the transaction content, and use an asymmetric encryption algorithm to encrypt the symmetric encryption algorithm The key used, for example, the key used in the public key encryption symmetric encryption algorithm using an asymmetric encryption algorithm. In this way, after the first blockchain node receives the encrypted transaction, it can first decrypt it with the private key of the asymmetric encryption algorithm to obtain the key of the symmetric encryption algorithm, and then decrypt it with the key of the symmetric encryption algorithm to obtain the transaction content.

When a transaction is used to call a smart contract, it can be a call of multiple nested structures. For example, the transaction directly calls smart contract 1, and the code of smart contract 1 calls smart contract 2, and the code in smart contract 2 points to the contract address of smart contract 3, so that the transaction actually calls the code of smart contract 3 indirectly . The specific implementation process is similar to the above process, and will not be repeated here.

Step 304: The first blockchain node decrypts the transaction in a trusted execution environment to obtain the smart contract, and the smart contract includes a special event function.

In an embodiment, the smart contract may include one or more events, and each event is used to implement predefined related processing logic. After each event contained in the smart contract is called and executed, the corresponding Logs field will be generated. For example, when the smart contract contains event 1 and event 2, event 1 can generate the corresponding Logs field, and event 2 can generate the corresponding Logs field. , So that the receipt data corresponding to the smart contract contains multiple Logs fields at the same time.

In one embodiment, the events contained in the smart contract can be divided into special event functions and ordinary event functions. The logs generated by ordinary event functions will inevitably be stored in ciphertext form to achieve privacy protection; The log generated by the special event function can be further combined with the privacy protection requirements of the transaction initiator to determine whether it is stored in plaintext or in ciphertext, that is, the log generated by the special event function may be stored in plaintext.

The first blockchain node can identify the event function contained in the smart contract in a variety of ways to determine whether it is a special event function.

For example, the special event function may be a predefined global event function in the blockchain network. For example, in the chain code or system contract of the blockchain network, the event function belonging to the "special event function" can be recorded, for example, it can be recorded in the special event function list; accordingly, by combining the event function contained in the smart contract with the above The special event function list of the smart contract can be compared to determine whether the event function included in the smart contract is the above special event function: if the event function included in the smart contract is in the special event function list, the event function included in the smart contract is determined to be a special event Function, if the event function included in the smart contract is not in the special event function list, the event function included in the smart contract is judged to be a normal event function.

For another example, the special event function can be any function defined in the smart contract, and by adding a type identifier for the event function in the code of the smart contract, the event function can be marked as a special event function. Taking Solidity language as an example, the code example of the event function included in the smart contract is as follows:

Event buy_candy1expose(who,candy_num);

Event buy_candy2(who,candy_num);

In the above code example, the smart contract defines 2 events: event buy_candy1 and event buy_candy2. By adding the type identifier "expose" to the event buy_candy1, the event buy_candy1 can be marked as the above special event function; correspondingly, since the event buy_candy2 does not contain the type identifier "expose", the event buy_candy2 is a normal event function Instead of the special event function mentioned above.

Many high-level languages supported by Ethereum, such as Solidity, Serpent, and LLL languages, can contain the above type identifiers. A smart contract written in a high-level language can be compiled into a corresponding bytecode through a compiler, and the first blockchain node will finally execute the smart contract in the form of bytecode in the EVM virtual machine. Then, the above-mentioned type identifier can be the same in high-level language and bytecode smart contract code, or the first type identifier in high-level language smart contract code, and the second type in bytecode smart contract code Type identifier, the first type identifier and the second type identifier can correspond to each other.

Step 306: The first blockchain node executes the smart contract in the trusted execution environment to obtain receipt data, where the receipt data includes a log corresponding to the special event function.

As mentioned above, when the first blockchain node executes the code of the smart contract, for each event function contained in the code, a corresponding Logs field will be generated, that is, a log corresponding to each event function will be generated. By determining the special event function, the log corresponding to the special event function can be further determined.

In one embodiment, such as in Ethereum, after receiving the transaction invoking the smart contract from the client, the first blockchain node can check whether the transaction is valid, the format is correct, and the signature of the transaction is legal.

Generally speaking, the nodes in Ethereum are generally nodes that compete for the right to bookkeeping. Therefore, the first blockchain node as the node that competes for the right to bookkeeping can execute the transaction locally. If one of the nodes competing for the accounting right wins in the current round of the accounting right, it becomes the accounting node. If the first blockchain node wins this round of competition for accounting rights, it becomes the accounting node; of course, if the first blockchain node does not win in this round of competition for accounting rights, it is not Accounting nodes, and other nodes may become accounting nodes.

A smart contract is similar to a class in object-oriented programming. The result of execution generates a contract instance corresponding to the smart contract, similar to the object corresponding to the generated class. The process of executing the code used to create a smart contract in a transaction will create a contract account and deploy the contract in the account space. In Ethereum, the address of the smart contract account is generated from the sender's address ("0xf5e..." in Figure 1-2) and the transaction nonce (nonce) as input, and is generated by an encryption algorithm, such as in Figure 1-2 The contract address "0x6f8ae93..." is generated from the sender's address "0xf5e..." and the nonce in the transaction through an encryption algorithm.

Generally, consensus algorithms such as Proof of Work (POW), Proof of Stake (POS), and Delegated Proof of Stake (DPOS) are adopted in blockchain networks that support smart contracts. All nodes competing for the right to account can execute the transaction after receiving the transaction including the creation of a smart contract. One of the nodes competing for the right to bookkeeping may win this round and become the bookkeeping node. The accounting node can package the transaction containing the smart contract with other transactions and generate a new block, and send the generated new block to other nodes for consensus.

For a blockchain network supporting smart contracts that adopts mechanisms such as Practical Byzantine Fault Tolerance (PBFT), the nodes with the right to book accounts have been agreed before this round of bookkeeping. Therefore, after the first blockchain node receives the above transaction, if it is not the accounting node of this round, it can send the transaction to the accounting node. For this round of accounting nodes (which can be the first blockchain node), during or before packaging the transaction and generating a new block, or during the process of packaging the transaction together with other transactions and generating a new block Or before, the transaction can be executed. After the accounting node packages the transaction (or other transactions together) and generates a new block, the generated new block or block header is sent to other nodes for consensus.

As mentioned above, in the blockchain network that supports smart contracts using the POW mechanism, or in the blockchain network that supports smart contracts using the POS, DPOS, and PBFT mechanisms, the accounting nodes in this round can package and package the transaction. Generate a new block, and send the header of the generated new block to other nodes for consensus. If other nodes receive the block and verify that there is no problem, they can append the new block to the end of the original block chain to complete the accounting process and reach a consensus; if the transaction is used to create a smart contract, then The deployment of the smart contract on the blockchain network is completed. If the transaction is used to call the smart contract, the call and execution of the smart contract are completed. In the process of verifying the new block or block header sent by the accounting node, other nodes may also execute the transaction in the block.

The execution process can generally be executed by a virtual machine. Taking Ethereum as an example, it supports users to create and/or call some complex logic in the Ethereum network. This is the biggest challenge that distinguishes Ethereum from Bitcoin blockchain technology. The core of Ethereum as a programmable blockchain is the Ethereum Virtual Machine (EVM), and every Ethereum node can run EVM. EVM is a Turing complete virtual machine, which means that various complex logic can be implemented through it. Users publish and call smart contracts in Ethereum run on the EVM.

In this embodiment, the first blockchain node can execute the decrypted smart contract code in a Trusted Execution Environment (TEE). For example, as shown in Figure 4, the first blockchain node can be divided into a regular execution environment (on the left in the figure) and TEE, and transactions submitted by the client (as described above, transactions can have other sources; here, the client submits Take the transaction as an example to illustrate) First, enter the "transaction/query interface" in the regular execution environment for identification. Transactions that do not require privacy processing can be left in the regular execution environment for processing (here can be based on the user type of the transaction initiator , Transaction type, identifier contained in the exchange, etc. to identify whether there is a privacy processing requirement), and the transaction that has a privacy processing requirement is passed to the TEE for processing. TEE is isolated from the conventional execution environment. The transaction is encrypted before entering the TEE, and it is decrypted into the transaction content in the clear in the trusted execution environment, so that the transaction content in the clear text can be efficiently processed in the TEE and in the TEE under the premise of ensuring data security. The receipt data in plaintext is generated in.

TEE is a secure extension based on CPU hardware and a trusted execution environment completely isolated from the outside. TEE was first proposed by Global Platform to solve the security isolation of resources on mobile devices, and parallel to the operating system to provide a trusted and secure execution environment for applications. ARM's Trust Zone technology is the first to realize the real commercial TEE technology. With the rapid development of the Internet, security requirements are getting higher and higher. Not only mobile devices, cloud devices, and data centers have put forward more needs for TEE. The concept of TEE has also been rapidly developed and expanded. Compared with the originally proposed concept, TEE is a broader TEE. For example, server chip manufacturers Intel, AMD, etc. have successively introduced hardware-assisted TEE and enriched the concept and characteristics of TEE, which has been widely recognized in the industry. The TEE mentioned now usually refers to this kind of hardware-assisted TEE technology. Unlike the mobile terminal, cloud access requires remote access, and the end user is invisible to the hardware platform. Therefore, the first step in using TEE is to confirm the authenticity of TEE. Therefore, the current TEE technology has introduced a remote certification mechanism, which is endorsed by hardware vendors (mainly CPU vendors) and digital signature technology ensures that users can verify the state of the TEE. At the same time, security requirements that cannot be met by only secure resource isolation, further data privacy protection are also proposed. Commercial TEEs, including Intel SGX and AMD SEV, also provide memory encryption technology to limit trusted hardware to the inside of the CPU. The data on the bus and memory are ciphertext to prevent malicious users from snooping. For example, Intel’s Software Protection Extensions (SGX) and other TEE technologies isolate code execution, remote attestation, secure configuration, secure storage of data, and trusted paths for code execution. The applications running in the TEE are protected by security and are almost impossible to be accessed by third parties.

Taking Intel SGX technology as an example, SGX provides an enclave (also called an enclave), which is an encrypted trusted execution area in the memory, and the CPU protects data from being stolen. Taking the first blockchain node using a CPU that supports SGX as an example, using the newly added processor instructions, a part of the area EPC (Enclave Page Cache, enclave page cache or enclave page cache) can be allocated in the memory through the CPU. The encryption engine MEE (Memory Encryption Engine) encrypts the data in it. The encrypted content in EPC will be decrypted into plaintext only after entering the CPU. Therefore, in SGX, users can distrust the operating system, VMM (Virtual Machine Monitor), and even BIOS (Basic Input Output System). They only need to trust the CPU to ensure that private data will not leakage. In practical applications, the private data can be encrypted and transmitted to the circle in cipher text, and the corresponding secret key can also be transmitted to the circle through remote certification. Then, the data is used for calculation under the encryption protection of the CPU, and the result will be returned in ciphertext. In this mode, you can use powerful computing power without worrying about data leakage.

As mentioned above, by executing the decrypted transaction content in the TEE, it can be ensured that the execution process is completed in a trusted environment to ensure that private information will not be leaked. When the above transaction with privacy processing requirements is used to create a smart contract, the transaction contains the code of the smart contract, and the first blockchain node can decrypt the transaction in the TEE to obtain the code of the smart contract contained therein, and then Execute this code in TEE. When the above transaction with privacy processing requirements is used to call a smart contract, the first blockchain node can execute the code in the TEE (if the called smart contract handles the encryption state, the smart contract needs to be executed in the TEE first. Decrypt to get the corresponding code). Specifically, the first blockchain node may use the newly added processor instructions in the CPU to allocate a part of the area EPC in the memory, and encrypt the above-mentioned plaintext code and store it in the EPC through the encryption engine MEE in the CPU. The encrypted content in EPC is decrypted into plain text after entering the CPU. In the CPU, perform operations on the plaintext code to complete the execution process. For example, in SGX technology, the plaintext code for executing smart contracts can load the EVM into the enclosure. During the remote certification process, the key management server can calculate the hash value of the local EVM code and compare it with the hash value of the EVM code loaded in the first blockchain node. The correct comparison result is a necessary condition for passing remote certification. , So as to complete the measurement of the code loaded in the SGX circle of the first blockchain node. After measurement, the correct EVM can execute the above smart contract code in SGX.

In step 308, the first blockchain node stores the receipt data. When the transaction initiator belongs to a preset user type, at least one log field in the log corresponding to the special event function is stored in plain text, and the receipt data The rest of the content is stored in cipher text, and when the transaction initiator does not belong to the preset user type, the receipt data is stored in cipher text.

In an embodiment, the user has a corresponding external account on the blockchain, and initiates transactions or performs other operations on the blockchain based on the external account. For example, when a user initiates a transaction on the blockchain, the transaction is actually initiated through the user’s corresponding external account, so the transaction initiator corresponding to the transaction can be considered the user or the user The corresponding external account.

In one embodiment, there are multiple types of users. Each user type has corresponding privacy protection requirements. Users can be divided into corresponding multiple types according to the differences in privacy protection requirements; or, first, multiple user types are formed according to a certain factor, and then the corresponding privacy protection requirements are configured for each user type. In short, a corresponding relationship can be established between user types and privacy protection requirements, so that the first blockchain node can determine whether it is necessary to implement plaintext storage for logs corresponding to special event functions based on the user type of the transaction initiator.

In an embodiment, the user type to which the transaction initiator belongs, that is, the user type to which the corresponding external account belongs. Therefore, the first blockchain node can determine the external account corresponding to the transaction initiator, and query the user type corresponding to the external account recorded on the blockchain as the user type to which the transaction initiator belongs. The user types corresponding to external accounts can be recorded on the blockchain in various forms:

For example, the external account may include a user type field (such as a Type field) recorded on the blockchain, and the value of the user type field corresponds to the user type. For example, when the value of the user type field is 00, the user type is ordinary user, when the value of the user type field is 01, the user type is advanced user, and when the value of the user type field is 11, the user type is Manage users, etc. Therefore, the first blockchain node can determine the corresponding user type based on the value by reading the user type field of the external account mentioned above.

For another example, when creating the aforementioned external account, the user type may be configured to be associated with the external account, and the association relationship between the user type and the external account may be recorded in the blockchain, for example, the association relationship may include the user Type and account address of external account. In this embodiment, the data structure of the external account does not need to be changed, that is, the external account does not need to include the aforementioned user type field. Therefore, the first blockchain node can determine the user type corresponding to the external account by reading the association relationship recorded on the blockchain and based on the external account corresponding to the transaction initiator. Among them, the relationship between the user type and the external account can be recorded in the system contract or chain code, especially when the external account is a preset account of the blockchain network, in the process of creating the system contract or writing the chain code , You can learn about the external account and add the corresponding relationship to the system contract or chain code; or, when the external account is not a preset account, you can update the system contract or chain code when the external account is subsequently created , Add the association relationship corresponding to the external account to the system contract or chain code.

In an embodiment, the user type of the external account can be modified under certain conditions. For example, the management user may have a modification right item, so that the first blockchain node can change the user type corresponding to the above-mentioned external account according to the change request initiated by the management user. The management user can correspond to the external account preset in the genesis block with management authority, so that the management user can make type changes to other ordinary users, advanced users, etc., such as changing ordinary users to advanced users, and changing advanced users For ordinary users, etc.

In one embodiment, under the premise of protecting user privacy, by identifying the user type, it is possible to implement differentiated storage operations for logs corresponding to special event functions according to the differentiated needs of different users for the degree of privacy protection. High flexibility. For example, ordinary users have relatively lower requirements for privacy protection and higher requirements for triggering operations based on receipt data. For receipt data generated by transactions initiated by ordinary users, the logs corresponding to special event functions can be relatively more. Use plaintext storage to retrieve the contents of the receipt stored in plaintext and trigger relatively more types of associated operations. For another example, the privacy protection requirements of advanced users are relatively higher, and the requirements for triggering operations based on receipt data are relatively lower. Then, for the receipt data generated by transactions initiated by advanced users, there are relatively fewer logs corresponding to special event functions. Locally, it is stored in plain text, and relatively more receipt content is stored in cipher text, or even completely in cipher text, to meet its privacy requirements.

In one embodiment, when the transaction initiator user belongs to the preset user type, the first blockchain node can store the log generated by the special event function in plain text, that is, all log fields contained in the log are in plain text Form storage. Correspondingly, the first blockchain node can store the remaining receipt content of the receipt data in ciphertext form.

In one embodiment, when the user of the transaction initiator belongs to the preset user type, the first blockchain node may determine the exposure log field corresponding to the special event function, and store the exposure log field in plain text, and the rest of the non-exposed The log fields are still stored in cipher text, so that privacy protection can be achieved as much as possible while ensuring that retrieval operations can be performed on the exposed log fields.

In one embodiment, the special event function includes an exposure log field indicated by an exposure identifier. The first blockchain node can read the exposure identifier contained in the special event function, and determine one or more log fields marked by the exposure identifier as the aforementioned exposed log field. Taking the Solidity language as an example, the code examples of the special event functions included in the smart contract are as follows:

Event buy_candy3expose_from(who,candy_num);

Event buy_candy4show_to(who,candy_num);

In the above code example, the smart contract defines 2 events: event buy_candy3 and event buy_candy4.

The event buy_candy3 contains the type identifier "expose". According to the above, the event buy_candy3 can be determined as a special event function. Further, after the type identifier "expose", the exposure identifier "_from" is included, and the exposure identifier "_from" is used to indicate the log field From, so that in the log Logs generated corresponding to the event buy_candy3, the From field will be in plain text Store, and the remaining To field, Topic field, Log data field, etc. are stored in cipher text.

The event buy_candy4 does not contain the type identifier "expose"; however, it is possible to identify whether the event buy_candy4 is the aforementioned special event function by other means. For example, if the event buy_candy4 is in the aforementioned special event function list, then it can be determined that the event buy_candy4 is Special event function. Further, the event buy_candy4 contains the exposed identifier "show_to", which is used to indicate the log field to, so that in the log Logs generated corresponding to the event buy_candy4, the To field will be stored in plain text, and the rest The From field, Topic field, Log data field, etc. are stored in cipher text.

Similar to the exposed log field indicated by the exposed identifier, the special event function can include the encrypted log field indicated by the encrypted identifier, and the exposed log field is the remaining log fields. Taking the Solidity language as an example, the code examples of the special event functions included in the smart contract are as follows:

Event buy_candy5expose_hide_from(who,candy_num);

Event buy_candy6hide_to(who,candy_num);

In the above code example, the smart contract defines 2 events: event buy_candy5 and event buy_candy6.

The event buy_candy5 contains the type identifier "expose". According to the above, the event buy_candy5 can be determined as a special event function. Further, after the type identifier "expose", the encrypted identifier "hide_from" is included. The encrypted identifier "hide_from" is used to indicate the log field From, so that in the log Logs generated corresponding to the event buy_candy5, the From field will be in cipher text Stored in the form, and the remaining To field, Topic field, Log data field, etc. are exposed log fields, which are all stored in plain text.

The event buy_candy6 does not contain the type identifier "expose"; however, it is possible to identify whether the event buy_candy6 is the aforementioned special event function by other means. For example, when the event buy_candy6 is in the aforementioned special event function list, it can be determined that the event buy_candy6 is special Event function. Further, the event buy_candy6 contains the encrypted identifier "hide_to", which is used to indicate the log field to, so that in the log Logs generated corresponding to the event buy_candy6, the To field will be stored in cipher text, and the rest The From field, Topic field, Log data field, etc. are exposed log fields, which are all stored in plain text.

Many high-level languages supported by Ethereum, such as Solidity, Serpent, and LLL languages, can contain the above-mentioned exposed/encrypted identifiers. The above-mentioned exposure/encryption identifier can be the same in high-level language and bytecode smart contract code, or the first exposure/encryption identifier in high-level language smart contract code, and the smart contract code in bytecode form is The second exposure/encryption identifier, the first exposure/encryption identifier and the second exposure/encryption identifier may correspond to each other.

In addition to adding the above-mentioned exposed identifier or encrypted identifier to the special event function through a programming language, other methods can also be used. For example, the mapping relationship between the special event function and the exposed log field, or the mapping relationship between the special event function and the encrypted log field can be defined in advance, so that the first blockchain node can obtain the above-defined mapping relationship according to The special event function included in the smart contract and the above mapping relationship determine the exposure log field corresponding to the special event function.

For example, when the mapping relationship includes "Event buy_candy7-from_to", "Event buy_candy8-topic" and other content, if the event "Event buy_candy7" is included in the smart contract, the above mapping relationship "Event buy_candy7-from_to" can be queried. Then it can be determined that the exposure log fields corresponding to the event "Event buy_candy7" are the From field and the To field. If the event "Event buy_candy8" is included in the smart contract, the above mapping relationship "Event buy_candy8-topic" can be found by querying The exposure log field corresponding to the event "Event buy_candy8" is the Topic field.

It can be seen that under the premise of protecting user privacy, by identifying special event functions, different special event functions can have differentiated requirements for privacy protection, so that the logs corresponding to different special event functions have differentiated exposure logs Fields, so as to achieve differentiated encrypted storage operations for logs generated by different special event functions. Compared with all receipt data stored in cipher text, it has relatively higher flexibility, and the content of receipts stored in plain text can be directly used for subsequent follow-up Retrieval and other operations to meet more abundant application scenarios, such as driving DAPP clients to perform related processing operations.

In an embodiment, the above-mentioned mapping relationship may be recorded in the system contract. If the above mapping relationship does not have an upgrade requirement or the requirement is weak (for example, it can withstand a relatively longer update cycle), the mapping relationship can also be recorded in the chain code of the blockchain network.

In an embodiment, the first blockchain node reads the code of the system contract, and the code of the system contract defines the receipt data storage logic related to the event function and the user type; correspondingly, the first blockchain node The code of the system contract is executed to store at least one receipt field in the log corresponding to the special event function in plain text and the rest of the receipt data in cipher text when the transaction initiator belongs to the preset user type , When the transaction initiator does not belong to the preset user type, the receipt data is stored in cipher text.

Among them, the receipt data storage logic related to event functions and user types may include: recognition logic for special event functions, recognition logic for user types, confirmation logic for exposed log fields, and processing logic for exposed log fields.

The identification logic of the special event function is used to instruct the first blockchain node to identify the special event function contained in the smart contract. For example, the system contract can record a list of predefined special event functions, or the system contract can record the processing logic for identifying special event functions based on type identifiers. For details, please refer to the relevant description of identifying special event functions above, which will not be repeated here.

The user type identification logic is used to instruct the first blockchain node to identify the user type of the transaction initiator. For example, the system contract can record the association relationship between the predefined external account and the user type, or the system contract can record the correspondence between the value of the user type field and the user type. For details, please refer to the relevant description of identifying user types above, which will not be repeated here.

The confirmation logic for the exposure log field is used to instruct the first blockchain node to identify the exposure log field corresponding to the special event function. For example, the system contract can record the mapping relationship between the above special event function and the exposure log field, or The system contract can record the processing logic for identifying the exposed log field based on the exposed identifier or the encrypted identifier.

The processing logic for the exposed log field is used to instruct the first blockchain node to store the receipt content corresponding to the exposed log field in plain text when the transaction initiator belongs to the preset user type, and store the remaining receipt content in cipher text .

By running the program code of the blockchain (hereinafter referred to as the chain code) on the computing device (physical machine or virtual machine), the computing device can be configured as a blockchain node in the blockchain network, such as the first Blockchain nodes, etc. In other words, the first blockchain node runs the above chain code to realize the corresponding functional logic. Therefore, when the blockchain network is created, the receipt data storage logic related to the special event function described above can be written into the chain code, so that each blockchain node can implement the receipt data storage logic; Take a blockchain node as an example. The receipt data storage logic is the above: The receipt data storage logic can specifically define the exposed fields corresponding to each transaction type, so that the first blockchain node can, according to the transaction type, Determine which receipt content in the receipt data generated by the transaction needs to be stored in plain text and which receipt content needs to be stored in cipher text.

However, it is relatively difficult to upgrade the chain code, which makes the storage of receipt data using the chain code have the problems of low flexibility and insufficient scalability. In order to realize the function expansion of the chain code, as shown in Figure 5, a combination of chain code and system contract can be used: chain code is used to realize the basic functions of the blockchain network, and the function expansion during operation can be achieved through the system Realized by way of contract. Similar to the above-mentioned smart contract, the system contract includes code in the form of bytecode, for example, the first blockchain node can run the system contract code (for example, according to the unique corresponding address "0x53a98..." to read the system The code in the contract) to realize the functional supplement of the chain code.

Different from the above-mentioned smart contracts issued by users to the blockchain, system contracts cannot be freely issued by users. The system contract read by the first blockchain node may include a preset system contract configured in the genesis block of the blockchain network; and, the administrator in the blockchain network (ie, the above-mentioned management user) may have The update authority of the system contract, so as to update the preset system contract such as the above, the system contract read by the first blockchain node may also include the corresponding updated system contract. Of course, the updated system contract can be obtained by the administrator after one update of the preset system contract; or, the updated system contract can be obtained by the administrator after multiple iterations of the preset system contract, such as the preset system contract Update the system contract 1, update the system contract 1 to obtain the system contract 2, update the system contract 2 to obtain the system contract 3. The system contract 1, the system contract 2, and the system contract 3 can all be regarded as the updated system contract, but the first Blockchain nodes usually follow the latest version of the system contract. For example, the first blockchain node will follow the code in system contract 3 instead of the code in system contract 1 or system contract 2.

In addition to the preset system contracts included in the genesis block, the administrator can also publish system contracts in subsequent blocks and update the published system contracts. In short, a certain degree of restrictions should be imposed on the issuance and update of system contracts through methods such as authority management to ensure that the functional logic of the blockchain network can operate normally and avoid unnecessary losses to any users.

Therefore, the first blockchain node can read the code of the system contract. The code of the system contract defines the receipt data storage logic related to the special event function; then, the first blockchain node can execute the code of the system contract At least part of the receipt content corresponding to the special event function contained in the smart contract (such as the receipt content corresponding to the exposed log field) is stored in plain text, and the rest of the receipt content is stored in cipher text.

In an embodiment, the first blockchain node encrypts the non-exposed log field in the special event function and the receipt content corresponding to the non-special event function by using a key. The encryption may be symmetric encryption or asymmetric encryption. If the first blockchain node uses symmetric encryption, that is, the symmetric key of the symmetric encryption algorithm is used to encrypt the content of the receipt, the client (or other object holding the key) can use the symmetric key pair of the symmetric encryption algorithm The encrypted receipt content is decrypted.

In an embodiment, when the first blockchain node encrypts the receipt content with a symmetric key of a symmetric encryption algorithm, the symmetric key may be provided to the first blockchain node in advance by the client. Then, since only the client (actually the user corresponding to the logged-in account on the client) and the first blockchain node have the symmetric key, only the client can decrypt the corresponding encrypted receipt content, avoiding Irrelevant users and even criminals decrypt the encrypted receipt content.

For example, when the client initiates a transaction to the first blockchain node, the client can use the initial key of the symmetric encryption algorithm to encrypt the transaction content to obtain the transaction; accordingly, the first blockchain node can obtain The initial key is used to directly or indirectly encrypt the content of the receipt. For example, the initial key can be negotiated in advance by the client and the first blockchain node, or sent by the key management server to the client and the first blockchain node, or sent by the client to the first blockchain node. When the initial key is sent by the client to the first blockchain node, the client can encrypt the initial key with the public key of the asymmetric encryption algorithm, and then send the encrypted initial key to the first block The chain node, and the first blockchain node decrypts the encrypted initial key through the private key of the asymmetric encryption algorithm to obtain the initial key, which is the digital envelope encryption described above, which will not be repeated here.

In an embodiment, the first blockchain node may use the aforementioned initial key to encrypt the content of the receipt. Different transactions can use the same initial key, so that all transactions submitted by the same user are encrypted with this initial key, or different transactions can use different initial keys. For example, the client can randomly generate an initial key for each transaction. Key to improve security.

In an embodiment, the first blockchain node may generate a derived key according to the initial key and the impact factor, and encrypt the content of the receipt through the derived key. Compared with directly using the initial key for encryption, the derived key can increase the degree of randomness, thereby increasing the difficulty of being compromised and helping to optimize the security protection of data. The impact factor can be related to the transaction; for example, the impact factor can include the specified bits of the transaction hash value. For example, the first blockchain node can associate the initial key with the first 16 bits (or the first 32 bits and the last 16 bits) of the transaction hash value. Bits, last 32 bits, or other bits) are spliced, and the spliced string is hashed to generate a derived key.

In an embodiment, the first blockchain node may also use an asymmetric encryption method, that is, use the public key of the asymmetric encryption algorithm to encrypt the content of the receipt, and accordingly, the client may use the private key of the asymmetric encryption algorithm. The key decrypts the encrypted receipt content. The key of an asymmetric encryption algorithm, for example, can be that the client generates a pair of public and private keys, and sends the public key to the first blockchain node in advance, so that the first blockchain node can use the receipt content Public key encryption.

The first blockchain node realizes the function by running the code used to realize the function. Therefore, for the functions that need to be implemented in the TEE, the relevant code also needs to be executed. For the code executed in the TEE, it needs to comply with the relevant specifications and requirements of the TEE; accordingly, for the code used to implement a certain function in the related technology, the code needs to be rewritten in combination with the specifications and requirements of the TEE. Large amount of development, and easy to produce loopholes (bugs) in the process of rewriting, affecting the reliability and stability of function implementation.

Therefore, the first blockchain node can execute the storage function code outside the TEE to store the receipt data generated in the TEE (including the receipt content in plain text that needs to be stored in plain text, and the receipt content in cipher text that needs to be stored in cipher text. ) Is stored in an external storage space outside the TEE, so that the storage function code can be the code used to implement the storage function in the related technology, and does not need to be rewritten in conjunction with the specifications and requirements of the TEE to achieve safe and reliable receipt data The storage of TEE can not only reduce the amount of related code development without affecting security and reliability, but also reduce TCB (Trusted Computing Base) by reducing the related code of TEE, making TEE technology and regional In the process of combining block chain technology, the additional security risks caused are in a controllable range.

In an embodiment, the first blockchain node may execute the write cache function code in the TEE to store the above-mentioned receipt data in the write cache in the TEE. For example, the write cache may correspond to the one shown in FIG. 1 "Cache". Further, the first blockchain node outputs the data in the write cache from the trusted execution environment to be stored in the external storage space. Among them, the write cache function code can be stored in the TEE in plain text, and the cache function code in the plain text can be directly executed in the TEE; or, the write cache function code can be stored outside the TEE in cipher text, such as the above External storage space (such as the "package + storage" shown in Figure 4, where "package" means that the first blockchain node packages the transaction into blocks outside of the trusted execution environment), the cipher text form The write cache function code is read into the TEE, decrypted into the plaintext code in the TEE, and the plaintext code is executed.

Write cache refers to a "buffer" mechanism provided to avoid "impact" to the external storage space when data is written to the external storage space. For example, the above-mentioned write cache can be implemented by using buffer; of course, the write cache can also be implemented by using cache, which is not limited in this specification. In fact, because the TEE is an isolated security environment and the external storage space is outside the TEE, the write cache mechanism can be used to write the data in the cache to the external storage space in batches, thereby reducing the gap between the TEE and the external storage space. The number of interactions increases the efficiency of data storage. At the same time, in the process of continuously executing each transaction, TEE may need to retrieve the generated data. If the data to be called happens to be in the write cache, the data can be read directly from the write cache. The interaction between the external storage space, on the other hand, eliminates the decryption process of the data read from the external storage space, thereby improving the data processing efficiency in the TEE.

Of course, the write cache can also be established outside the TEE. For example, the first blockchain node can execute the write cache function code outside the TEE, so as to store the above receipt data in the write cache outside the TEE, and further write The data in the cache is stored in an external storage space.

The following describes an embodiment of a receipt storage node combining user type and event function type in this specification with reference to FIG. 6, including:

The receiving unit 61 receives the encrypted transaction of calling the smart contract;

A decryption unit 62, decrypting the transaction in a trusted execution environment to obtain the smart contract, the smart contract including a special event function;

The execution unit 63 executes the smart contract in the trusted execution environment to obtain receipt data, where the receipt data includes a log corresponding to the special event function;

The storage unit 64 stores the receipt data. When the transaction initiator belongs to a preset user type, at least one log field in the log corresponding to the special event function is stored in plain text, and the rest of the receipt data is stored in a secret Stored in text form, when the transaction initiator does not belong to the preset user type, the receipt data is stored in cipher text form.

Optionally, the transaction initiator has a corresponding external account, and the user type to which the transaction initiator belongs includes: the user type corresponding to the external account recorded on the blockchain.

Optionally, the external account includes a user type field recorded on the blockchain, and the value of the user type field corresponds to the user type.

Optionally, when the external account is created, the user type is configured to be associated with the external account, so that the association relationship between the user type and the external account is recorded in the blockchain.

Optional, also includes:

The changing unit 65 changes the user type corresponding to the external account according to the change request initiated by the management user.

Optionally, the event function in the smart contract includes a type identifier, and the type identifier is used to mark the event function as a special event function.

Optionally, when the event function included in the smart contract is in the special function list recorded on the blockchain, the event function included in the smart contract is determined to be a special event function.

Optionally, at least one log field in the log corresponding to the special event function includes: an exposure log field corresponding to the special event function.

Optionally, the special event function includes the exposed log field indicated by an exposure identifier; or, the special event function includes an encrypted log field indicated by an encrypted identifier, and the exposed log field is another log Field.

Optionally, a mapping relationship between a predefined special event function and an exposed log field is recorded in the blockchain, or a mapping relationship between a predefined special event function and an encrypted log field is acquired; wherein, when the smart When the contract contains special event functions, the mapping relationship is used to determine the corresponding exposure log field.

Optionally, the storage unit 64 is specifically used for:

Read the code of the system contract, which defines the receipt data storage logic related to event functions and user types;

The code of the system contract is executed to store at least one receipt field in the log corresponding to the special event function in plaintext when the transaction initiator belongs to the preset user type, and the rest of the receipt data is stored in clear text. Stored in cipher text, and when the transaction initiator does not belong to the preset user type, the receipt data is stored in cipher text.

Optionally, the system contract includes: a preset system contract recorded in the genesis block, or an updated system contract corresponding to the preset system contract.

Optionally, the storage unit 64 is specifically used for:

The storage function code is executed outside the trusted execution environment to store the receipt data in an external storage space outside the trusted execution environment.

Optionally, the key used by the first blockchain node to encrypt the receipt data includes: a key of a symmetric encryption algorithm or a key of an asymmetric encryption algorithm.

Optionally, the key of the symmetric encryption algorithm includes an initial key provided by the client; or, the key of the symmetric encryption algorithm includes a derived key generated by the initial key and an influence factor.

Optionally, the transaction is encrypted by the initial key, and the initial key is encrypted by a public key of an asymmetric encryption algorithm; the decryption unit 62 is specifically configured to:

Decryption with the private key of the asymmetric encryption algorithm to obtain the initial key, and decrypt the transaction with the initial key to obtain the transaction content.

Optionally, the initial key is generated by the client; or, the initial key is sent to the client by the key management server.

Optionally, the impact factor is related to the transaction.

Optionally, the impact factor includes: a designated bit of the hash value of the transaction.

In the 1990s, the improvement of a technology can be clearly distinguished between hardware improvements (for example, improvements in circuit structures such as diodes, transistors, switches, etc.) or software improvements (improvements in method flow). However, with the development of technology, the improvement of many methods and procedures of today can be regarded as a direct improvement of the hardware circuit structure. Designers almost always get the corresponding hardware circuit structure by programming the improved method flow into the hardware circuit. Therefore, it cannot be said that the improvement of a method flow cannot be realized by hardware entity modules. For example, a programmable logic device (Programmable Logic Device, PLD) (such as a Field Programmable Gate Array (FPGA)) is such an integrated circuit whose logic function is determined by the user's programming of the device. It is programmed by the designer to "integrate" a digital system on a PLD without requiring the chip manufacturer to design and manufacture a dedicated integrated circuit chip. Moreover, nowadays, instead of manually making integrated circuit chips, this kind of programming is mostly realized by "logic compiler" software, which is similar to the software compiler used in program development and writing. The original code must also be written in a specific programming language, which is called Hardware Description Language (HDL), and there is not only one type of HDL, but many types, such as ABEL (Advanced Boolean Expression Language) , AHDL (Altera Hardware Description Language), Confluence, CUPL (Cornell University Programming Language), HDCal, JHDL (Java Hardware Description Language), Lava, Lola, MyHDL, PALASM, RHDL (Ruby Hardware Description), etc., currently most commonly used The ones are VHDL (Very-High-Speed Integrated Circuit Hardware Description Language) and Verilog. It should also be clear to those skilled in the art that only a little logic programming of the method flow in the above hardware description languages and programming into an integrated circuit can easily obtain the hardware circuit that implements the logic method flow.

The controller can be implemented in any suitable manner. For example, the controller can take the form of, for example, a microprocessor or a processor and a computer-readable medium storing computer-readable program codes (such as software or firmware) executable by the (micro)processor. , Logic gates, switches, application specific integrated circuits (ASICs), programmable logic controllers and embedded microcontrollers. Examples of controllers include but are not limited to the following microcontrollers: ARC625D, Atmel AT91SAM, Microchip PIC18F26K20 and Silicon Labs C8051F320, the memory controller can also be implemented as part of the memory control logic. Those skilled in the art also know that in addition to implementing the controller in a purely computer-readable program code manner, it is entirely possible to program the method steps to make the controller use logic gates, switches, application specific integrated circuits, programmable logic controllers and embedded The same function can be realized in the form of a microcontroller, etc. Therefore, such a controller can be regarded as a hardware component, and the devices included in it for implementing various functions can also be regarded as a structure within the hardware component. Or even, the device for realizing various functions can be regarded as both a software module for realizing the method and a structure within a hardware component.

The systems, devices, modules, or units illustrated in the above embodiments may be specifically implemented by computer chips or entities, or implemented by products with certain functions. A typical implementation device is a computer. Specifically, the computer may be, for example, a personal computer, a laptop computer, a cell phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or Any combination of these devices.

For the convenience of description, when describing the above device, the functions are divided into various units and described separately. Of course, when implementing this specification, the functions of each unit can be implemented in the same or multiple software and/or hardware.

Those skilled in the art should understand that the embodiments of the present invention may be provided as methods, systems, or computer program products. Therefore, the present invention may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, the present invention may adopt the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program codes.

The present invention is described with reference to flowcharts and/or block diagrams of methods, devices (systems), and computer program products according to embodiments of the present invention. It should be understood that each process and/or block in the flowchart and/or block diagram, and the combination of processes and/or blocks in the flowchart and/or block diagram can be implemented by computer program instructions. These computer program instructions can be provided to the processor of a general-purpose computer, a special-purpose computer, an embedded processor, or other programmable data processing equipment to generate a machine, so that the instructions executed by the processor of the computer or other programmable data processing equipment are generated It is a device that realizes the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.

This specification may be described in the general context of computer-executable instructions executed by a computer, such as program modules. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform specific tasks or implement specific abstract data types. This specification can also be practiced in distributed computing environments, in which tasks are performed by remote processing devices connected through a communication network. In a distributed computing environment, program modules can be located in local and remote computer storage media including storage devices.

These computer program instructions can also be stored in a computer-readable memory that can guide a computer or other programmable data processing equipment to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction device. The device implements the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.

These computer program instructions can also be loaded on a computer or other programmable data processing equipment, so that a series of operation steps are executed on the computer or other programmable equipment to produce computer-implemented processing, so as to execute on the computer or other programmable equipment. The instructions provide steps for implementing functions specified in a flow or multiple flows in the flowchart and/or a block or multiple blocks in the block diagram. In a typical configuration, the computer includes one or more processors (CPU), input/output interfaces, network interfaces, and memory.

The memory may include non-permanent memory in computer readable media, random access memory (RAM) and/or non-volatile memory, such as read-only memory (ROM) or flash memory (flash RAM). Memory is an example of computer readable media.

Computer-readable media include permanent and non-permanent, removable and non-removable media, and information storage can be realized by any method or technology. The information can be computer-readable instructions, data structures, program modules, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technology, CD-ROM, digital versatile disc (DVD) or other optical storage, Magnetic cassettes, magnetic disk storage, quantum memory, graphene-based storage media or other magnetic storage devices or any other non-transmission media can be used to store information that can be accessed by computing devices. According to the definition in this article, computer-readable media does not include transitory media, such as modulated data signals and carrier waves.

It should also be noted that the terms "include", "include" or any other variants thereof are intended to cover non-exclusive inclusion, so that a process, method, product or equipment including a series of elements not only includes those elements, but also includes Other elements that are not explicitly listed, or include elements inherent to this process, method, commodity, or equipment. If there are no more restrictions, the element defined by the sentence "including a..." does not exclude the existence of other identical elements in the process, method, commodity, or equipment that includes the element.

The foregoing describes specific embodiments of this specification. Other embodiments are within the scope of the appended claims. In some cases, the actions or steps described in the claims may be performed in a different order than in the embodiments and still achieve desired results. In addition, the processes depicted in the drawings do not necessarily require the specific order or sequential order shown to achieve the desired result. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.

The terms used in one or more embodiments of this specification are only for the purpose of describing specific embodiments, and are not intended to limit one or more embodiments of this specification. The singular forms of "a", "said" and "the" used in one or more embodiments of this specification and the appended claims are also intended to include plural forms, unless the context clearly indicates other meanings. It should also be understood that the term "and/or" as used herein refers to and includes any or all possible combinations of one or more associated listed items.

It should be understood that, although the terms first, second, third, etc. may be used in one or more embodiments of this specification to describe various information, the information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other. For example, without departing from the scope of one or more embodiments of this specification, the first information may also be referred to as second information, and similarly, the second information may also be referred to as first information. Depending on the context, the word "if" as used herein can be interpreted as "when" or "when" or "in response to determination".

The above descriptions are only preferred embodiments of one or more embodiments of this specification, and are not used to limit one or more embodiments of this specification. All within the spirit and principle of one or more embodiments of this specification, Any modification, equivalent replacement, improvement, etc. made should be included in the protection scope of one or more embodiments of this specification.

Claims

A receipt storage method combining user type and event function type, including:

The first blockchain node receives the encrypted transaction calling the smart contract;

The first blockchain node decrypts the transaction in a trusted execution environment to obtain the smart contract, and the smart contract includes a special event function;

The first blockchain node executes the smart contract in the trusted execution environment to obtain receipt data, where the receipt data includes a log corresponding to the special event function;

The first blockchain node stores the receipt data. When the transaction initiator belongs to the preset user type, at least one log field in the log corresponding to the special event function is stored in plaintext, and the rest of the receipt data It is stored in cipher text. When the transaction initiator does not belong to the preset user type, the receipt data is stored in cipher text.
The method according to claim 1, wherein the transaction initiator has a corresponding external account, and the user type to which the transaction initiator belongs includes: the user type corresponding to the external account recorded on the blockchain.
The method according to claim 2, wherein the external account includes a user type field recorded on the blockchain, and the value of the user type field corresponds to the user type.
The method according to claim 2, when the external account is created, the user type is configured to be associated with the external account, so that the association relationship between the user type and the external account is recorded in the area Block chain.
The method according to claim 4, further comprising:

The first blockchain node changes the user type corresponding to the external account according to the change request initiated by the management user.
The method according to claim 1, wherein the event function in the smart contract includes a type identifier, and the type identifier is used to mark the event function as a special event function.
According to the method of claim 1, when the event function included in the smart contract is in a special function list recorded on the blockchain, the event function included in the smart contract is determined to be a special event function.
The method according to claim 1, wherein at least one log field in the log corresponding to the special event function comprises: an exposure log field corresponding to the special event function.
The method according to claim 8, wherein the special event function includes the exposed log field indicated by an exposure identifier; or, the special event function includes an encrypted log field indicated by an encrypted identifier, and the exposure Log fields are other log fields.
According to the method of claim 8, a mapping relationship between a predefined special event function and an exposed log field is recorded in the blockchain, or a mapping relationship between a predefined special event function and an encrypted log field is obtained; wherein When the smart contract includes a special event function, the mapping relationship is used to determine the corresponding exposure log field.
The method according to claim 1, wherein the first blockchain node storing the receipt data includes:

The first blockchain node reads the code of the system contract, and the code of the system contract defines the receipt data storage logic related to event functions and user types;

The first blockchain node executes the code of the system contract to store at least one receipt field in the log corresponding to the special event function in plain text when the transaction initiator belongs to the preset user type. The remaining content of the receipt data is stored in cipher text, and when the transaction initiator does not belong to the preset user type, the receipt data is stored in cipher text.
The method according to claim 11, wherein the system contract comprises: a preset system contract recorded in the genesis block, or an updated system contract corresponding to the preset system contract.
The method according to claim 1, wherein the first blockchain node storing the receipt data includes:

The first blockchain node executes the storage function code outside the trusted execution environment to store the receipt data in an external storage space outside the trusted execution environment.
According to the method of claim 1, the key used by the first blockchain node to encrypt the receipt data comprises: a key of a symmetric encryption algorithm or a key of an asymmetric encryption algorithm.
The method according to claim 14, wherein the key of the symmetric encryption algorithm includes an initial key provided by the client; or, the key of the symmetric encryption algorithm includes a derivative generated by the initial key and an impact factor Key.
The method according to claim 15, wherein the transaction is encrypted by the initial key, and the initial key is encrypted by the public key of an asymmetric encryption algorithm; the first blockchain node is in a trusted execution environment Decrypt the transaction, including:

The first blockchain node decrypts the private key of the asymmetric encryption algorithm to obtain the initial key, and uses the initial key to decrypt the transaction to obtain the transaction content.
The method according to claim 15, wherein the initial key is generated by a client; or, the initial key is sent to the client by a key management server.
The method of claim 15, wherein the impact factor is related to the transaction.
The method according to claim 18, wherein the impact factor comprises: a designated bit of a hash value of the transaction.
A receipt storage node that combines user type and event function type, including:

The receiving unit receives the encrypted transaction that calls the smart contract;

A decryption unit, decrypting the transaction in a trusted execution environment to obtain the smart contract, the smart contract including a special event function;

An execution unit to execute the smart contract in the trusted execution environment to obtain receipt data, where the receipt data includes a log corresponding to the special event function;

The storage unit stores the receipt data. When the transaction initiator belongs to a preset user type, at least one log field in the log corresponding to the special event function is stored in plain text, and the rest of the receipt data is in cipher text Form storage, when the transaction initiator does not belong to the preset user type, the receipt data is stored in a cipher text form.
An electronic device including:

processor;

A memory for storing processor executable instructions;

Wherein, the processor executes the executable instruction to implement the method according to any one of claims 1-19.
A computer-readable storage medium having computer instructions stored thereon, which, when executed by a processor, implement the steps of the method according to any one of claims 1-19.