WO2020233643A1 - Procédé et nœud de stockage de reçu utilisant des informations multidimensionnelles et ayant une restriction - Google Patents

Procédé et nœud de stockage de reçu utilisant des informations multidimensionnelles et ayant une restriction Download PDF

Info

Publication number
WO2020233643A1
WO2020233643A1 PCT/CN2020/091427 CN2020091427W WO2020233643A1 WO 2020233643 A1 WO2020233643 A1 WO 2020233643A1 CN 2020091427 W CN2020091427 W CN 2020091427W WO 2020233643 A1 WO2020233643 A1 WO 2020233643A1
Authority
WO
WIPO (PCT)
Prior art keywords
transaction
smart contract
receipt
blockchain node
contract
Prior art date
Application number
PCT/CN2020/091427
Other languages
English (en)
Chinese (zh)
Inventor
刘琦
闫莺
魏长征
Original Assignee
创新先进技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 创新先进技术有限公司 filed Critical 创新先进技术有限公司
Publication of WO2020233643A1 publication Critical patent/WO2020233643A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/22Indexing; Data structures therefor; Storage structures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Definitions

  • One or more embodiments of this specification relate to the field of blockchain technology, and in particular to a receipt storage method and node based on multi-dimensional information and with conditional restrictions.
  • Blockchain technology is built on a transmission network (such as a peer-to-peer network).
  • the network nodes in the transmission network use chained data structures to verify and store data, and use distributed node consensus algorithms to generate and update data.
  • TEE Trusted Execution Environment
  • TEE can play the role of a black box in the hardware. Neither the code executed in the TEE nor the data operating system layer can be peeped. Only the pre-defined interface in the code can operate on it.
  • plaintext data is calculated in TEE instead of complex cryptographic operations in homomorphic encryption. There is no loss of efficiency in the calculation process. Therefore, the combination with TEE can achieve less performance loss. Under the premise, the security and privacy of the blockchain are greatly improved. At present, the industry is very concerned about TEE solutions.
  • TEE solutions including TPM (Trusted Platform Module) for software and Intel SGX (Software Guard Extensions) for hardware. , Software Protection Extension), ARM Trustzone (trust zone) and AMD PSP (Platform Security Processor, platform security processor).
  • one or more embodiments of this specification provide a receipt storage method and node based on multi-dimensional information and with conditional restrictions.
  • a method for storing receipts based on multi-dimensional information and with conditions including:
  • the first blockchain node receives an encrypted transaction corresponding to a smart contract, and the code of the smart contract includes a field marked by an exposed identifier;
  • the first blockchain node decrypts the transaction in a trusted execution environment to obtain the smart contract, and the smart contract includes a special event function;
  • the first blockchain node executes the smart contract in the trusted execution environment to obtain receipt data, where the receipt data includes a log corresponding to the special event function;
  • the first blockchain node determines the corresponding exposed field according to the transaction type of the transaction
  • the first blockchain node stores the receipt data, so that when the transaction initiator belongs to the preset user type, at least part of the receipt content in the log corresponding to the special event function is stored in plain text.
  • the remaining content is stored in a ciphertext form, and the at least part of the receipt content matches the exposure field indicated by the exposure identifier and meets a preset condition.
  • a receipt storage node based on multi-dimensional information and with conditions including:
  • the receiving unit receives an encrypted transaction corresponding to a smart contract, the code of the smart contract includes a field marked by an exposed identifier;
  • a decryption unit decrypting the transaction in a trusted execution environment to obtain the smart contract, the smart contract including a special event function
  • the determining unit determines the corresponding exposed field according to the transaction type of the transaction
  • the storage unit stores the receipt data, so that when the transaction initiator belongs to the preset user type, at least part of the receipt content in the log corresponding to the special event function is stored in plain text, and the rest of the receipt data is Stored in a cipher text form, and the at least a part of the receipt content matches the exposure field indicated by the exposure identifier and meets a preset condition.
  • an electronic device including:
  • a memory for storing processor executable instructions
  • the processor implements the method according to the first aspect by running the executable instruction.
  • a computer-readable storage medium is provided, and computer instructions are stored thereon, which, when executed by a processor, implement the steps of the method described in the first aspect.
  • Fig. 1 is a schematic diagram of creating a smart contract according to an exemplary embodiment.
  • Fig. 2 is a schematic diagram of invoking a smart contract provided by an exemplary embodiment.
  • Fig. 3 is a flowchart of a method for storing receipts based on multi-dimensional information and with conditional restrictions according to an exemplary embodiment.
  • Fig. 4 is a schematic diagram of implementing privacy protection on blockchain nodes according to an exemplary embodiment.
  • Fig. 5 is a schematic diagram of the functional logic of implementing a blockchain network through a system contract and a chain code provided by an exemplary embodiment.
  • Fig. 6 is a block diagram of a receipt storage node based on multi-dimensional information and with conditional restrictions provided by an exemplary embodiment.
  • the steps of the corresponding method may not be executed in the order shown and described in this specification.
  • the method includes more or fewer steps than described in this specification.
  • a single step described in this specification may be decomposed into multiple steps for description in other embodiments; and multiple steps described in this specification may also be combined into a single step in other embodiments. description.
  • Blockchain is generally divided into three types: Public Blockchain, Private Blockchain and Consortium Blockchain.
  • the most decentralized one is the public chain.
  • the public chain is represented by Bitcoin and Ethereum. Participants who join the public chain can read the data records on the chain, participate in transactions, and compete for the accounting rights of new blocks. Moreover, each participant (ie, node) can freely join and exit the network, and perform related operations.
  • the private chain is the opposite.
  • the write permission of the network is controlled by an organization or institution, and the data read permission is regulated by the organization.
  • the private chain can be a weakly centralized system with strict restrictions and few participating nodes. This type of blockchain is more suitable for internal use by specific institutions.
  • the alliance chain is a block chain between the public chain and the private chain, which can achieve "partial decentralization".
  • Each node in the alliance chain usually has a corresponding entity or organization; participants are authorized to join the network and form a stakeholder alliance to jointly maintain the operation of the blockchain.
  • a smart contract on the blockchain is a contract that can be triggered and executed by a transaction on the blockchain system.
  • Smart contracts can be defined in the form of codes.
  • EVM Ethereum Virtual Machine
  • bytecode virtual machine code
  • the EVM of node 1 can execute the transaction and generate a corresponding contract instance.
  • "0x6f8ae93" in the figure 1 represents the address of this contract, the data field of the transaction can be stored in bytecode, and the to field of the transaction is empty.
  • the contract is successfully created and can be called in the subsequent process.
  • a contract account corresponding to the smart contract appears on the blockchain and has a specific address, and the contract code will be stored in the contract account.
  • the behavior of the smart contract is controlled by the contract code.
  • smart contracts enable virtual accounts containing contract codes and account storage (Storage) to be generated on the blockchain.
  • the EVM of a certain node can execute the transaction and generate a corresponding contract instance.
  • the from field of the transaction in Figure 2 is the address of the account of the transaction initiator (ie Bob), the "0x6f8ae93" in the to field represents the address of the called smart contract, and the value field in Ethereum is the value of Ether ,
  • the method and parameters of calling the smart contract are stored in the data field of the transaction. Smart contracts are executed independently on each node in the blockchain network in a prescribed manner. All execution records and data are stored on the blockchain, so when the transaction is completed, the blockchain will be stored on the blockchain that cannot be tampered with. Lost transaction certificate.
  • the receipt data obtained by a node executing a transaction can include the following:
  • the Result field indicates the execution result of the transaction
  • the Gas used field indicates the gas value consumed by the transaction
  • the Logs field indicates the log generated by the transaction.
  • the log can further include the From field, To field, Topic field, and Log data field, among which the From field indicates the account address of the initiator of the call, and the To field indicates the called object (such as a smart contract)
  • the account address and Topic field indicate the subject of the log, and the Log data field indicates the log data;
  • the Output field indicates the output of the transaction.
  • the receipt data generated after the transaction is executed is stored in plain text, and anyone can see the contents of the above-mentioned receipt fields contained in the receipt data, without privacy protection settings and capabilities.
  • the block chain is a data set stored in a database of a node and organized by a specific logic.
  • the database as described later, may be a storage medium, such as a persistent storage medium, on a physical carrier.
  • only part of the content of the receipt data may be sensitive, while other content is not sensitive. Only sensitive content needs to be protected for privacy, other content can be disclosed, and in some cases it may even be necessary to retrieve some content to drive Implementation of related operations, the implementation of privacy protection for this part of the content will affect the implementation of retrieval operations.
  • the first blockchain node receives an encrypted transaction corresponding to a smart contract, and the code of the smart contract includes a field marked by an exposed identifier.
  • the exposed identifier is a global identifier defined in the programming language of the smart contract and is applicable to all smart contracts written in this programming language. Therefore, by defining the exposure identifier in a programming language, so that the code of any smart contract uses the exposure identifier, the storage control of the receipt data can be realized. For example, when a user writes the code of a smart contract, he can add an exposed identifier to the code to indicate one or more fields to indicate that the user wants the receipt content corresponding to this part of the field in the receipt data to be stored in plain text, and the remaining The content of the receipt corresponding to the field marked with the exposed identifier is not allowed to be stored in plain text, but must be stored in cipher text to achieve corresponding privacy protection.
  • the corresponding receipt content is allowed to be stored in plain text; however, this manual can further consider the user type of the transaction initiator and the transaction type of the transaction.
  • the event function contained in the smart contract and the content of the receipt meet the preset conditions, and comprehensively consider the dimensions of the programming language, user type, transaction type, event function and preset conditions to determine whether to mark the exposure identifier
  • the content of the receipt corresponding to the field is stored in plain text. Information related to user types, transaction types, event functions and preset conditions will be described below, so I won’t repeat them here.
  • the data field can store the bytecode of the smart contract.
  • the bytecode consists of a series of bytes, and each byte can identify an operation. Based on many considerations such as development efficiency and readability, developers can choose a high-level language to write smart contract code instead of directly writing bytecode.
  • the code of a smart contract written in a high-level language is compiled by a compiler to generate bytecode, and then the bytecode can be deployed on the blockchain.
  • Solidity language As an example, the contract written in it is very similar to the class in the object-oriented programming language. A variety of members can be declared in a contract, including state variables, functions, function modifiers, and events. The following is a simple smart contract code example 1 written in Solidity language:
  • one or more fields can be marked by exposing the identifier, so that the receipt content corresponding to this part of the field in the receipt data is allowed to be stored in plain text (need to further combine the user type, The dimensions of transaction types, event functions, and preset conditions determine whether to actually use plaintext storage), and the rest of the receipt content should be stored in ciphertext.
  • one or more fields can also be marked by exposing identifiers to realize the plain text storage of the relevant receipt content.
  • the exposure identifier may be a receipt field dedicated to indicating that plain text storage is allowed.
  • the keyword plain may be used to characterize the exposure identifier. Then, for the receipt content that you want to store in plain text, you can add plain before the corresponding field (or, you can also associate with the corresponding field in other ways).
  • the fields indicated by the exposure identifier may include receipt fields, such as the Result field, Gas used field, Logs field, Output field, etc., as described above, or the From field, To field, Topic field, and Log data field further contained in the Logs field Wait.
  • receipt fields such as the Result field, Gas used field, Logs field, Output field, etc., as described above, or the From field, To field, Topic field, and Log data field further contained in the Logs field Wait.
  • the code sample 1 above can be adjusted to the following code sample 2:
  • the exposed identifier plain is added to the front of the smart contract code, so that after the smart contract code is executed, when the transaction initiator belongs to the preset user type, the receipt data is generated by the special event function
  • the log allows the exposed field corresponding to the transaction type of the transaction to which the smart contract belongs and the content of the receipt meeting preset conditions is stored in clear text.
  • the From field of all logs in the receipt data can be stored in plain text when the preset conditions are met, and the To field is stored in cipher text. Then, subsequent retrieval operations can be performed on the receipt content in the From field, for example, a certain account can be counted The volume of transactions initiated, etc.
  • the smart contract corresponding to the transaction received by the first blockchain node may be a smart contract written in a high-level language, or may be a smart contract in the form of bytecode.
  • the first blockchain node when the smart contract is a smart contract written in a high-level language, the first blockchain node also compiles the smart contract written in the high-level language through a compiler to generate a smart contract in the form of bytecode to be used in a trusted execution environment In execution.
  • the smart contract in bytecode form can be obtained by compiling the smart contract written in high-level language by the client through the compiler , And the smart contract written in this high-level language is written by the user on the client.
  • the smart contract corresponding to the transaction received by the first blockchain node may be a smart contract generated by the user on the first blockchain node.
  • the first blockchain node also uses a compiler to compile the smart contract written in the high-level language into a smart contract in the form of bytecode; or, the user may also be in the first area Smart contracts in bytecode form are directly written on the blockchain nodes.
  • the smart contract corresponding to the transaction received by the first blockchain node may be a smart contract generated by the user on the client.
  • the client submits the transaction to the first blockchain node.
  • the first blockchain node includes a transaction/query interface, which can be connected with the client, so that the client can submit the above-mentioned transaction to the first blockchain node.
  • the user can use a high-level language to write a smart contract on the client, and then the client uses a compiler to compile the smart contract in the high-level language to obtain the corresponding smart contract in bytecode form.
  • the client can directly send a smart contract written in a high-level language to the first blockchain node, so that the first blockchain node is compiled into a bytecode smart contract by a compiler.
  • the smart contract corresponding to the transaction received by the first blockchain node can be the smart contract in the transaction sent by the client through the second blockchain node.
  • the smart contract is usually in the form of bytecode; of course, the smart contract It can also be a smart contract written in a high-level language, and the first blockchain node can be compiled into a bytecode smart contract by a compiler.
  • the smart contract written in a high-level language and the smart contract in the form of bytecode may have the same exposure identifier.
  • the bytecode can use an exposed identifier different from a high-level language.
  • the code of a smart contract written in a high-level language contains the first identifier and the code of the smart contract in the form of bytecode. If the second identifier is included, there is a corresponding relationship between the first identifier and the second identifier to ensure that after being compiled into bytecode by a high-level language, the function of exposing the identifier will not be affected.
  • step 304A the first blockchain node decrypts the transaction in a trusted execution environment to obtain the smart contract, and the smart contract includes a special event function.
  • the smart contract may include one or more events, and each event is used to implement predefined related processing logic. After each event contained in the smart contract is called and executed, the corresponding Logs field will be generated. For example, when the smart contract contains event 1 and event 2, event 1 can generate the corresponding Logs field, and event 2 can generate the corresponding Logs field. , So that the receipt data corresponding to the smart contract contains multiple Logs fields at the same time.
  • the events contained in the smart contract can be divided into special event functions and ordinary event functions.
  • the logs generated by the ordinary event functions are stored in cipher text to achieve privacy protection; the special event functions generated The log allows at least part of the log fields to be stored in plaintext on the premise of meeting the privacy protection requirements, so that the content of this part of the log fields can be retrieved to drive the implementation of related operations.
  • the event function belonging to the "special event function” can be recorded in the chain code of the blockchain network or the system contract, for example, can be recorded in the special event function list; accordingly, by adding the Comparing the event function with the above special event function list can determine whether the event function included in the smart contract is the above special event function.
  • the special event function can be any function defined in the smart contract, and by adding a type identifier for the event function in the smart contract, the event function can be marked as a special event function.
  • the code example of the event function in the above code example 1 is as follows:
  • the smart contract defines an event: the event currentPrice.
  • the event does not contain any type identifier, so the corresponding event function is a normal event function.
  • the code example of the event function can be obtained as follows:
  • the smart contract defines an event: event currentPrice.
  • event currentPrice By adding the type identifier "expose" to the event currentPrice, the event currentPrice can be marked as the above-mentioned special event function.
  • High-level languages supported by Ethereum such as Solidity, Serpent, and LLL languages
  • a smart contract written in a high-level language can be compiled into a corresponding bytecode through a compiler, and the first blockchain node will finally execute the smart contract in the form of bytecode in the EVM virtual machine.
  • the above-mentioned type identifier can be the same in high-level language and bytecode smart contract code, or the first type identifier in high-level language smart contract code, and the second type in bytecode smart contract code Type identifier, the first type identifier and the second type identifier can correspond to each other.
  • the encrypted transaction can be kept in a state of privacy protection, and the transaction content can be prevented from being exposed.
  • the transaction content may contain information such as the account address of the transaction initiator and the account address of the transaction target. Encryption processing can ensure that these transaction contents cannot be directly read.
  • the above-mentioned transaction may be encrypted by a symmetric encryption algorithm, or it may be encrypted by an asymmetric algorithm.
  • the encryption algorithm used by symmetric encryption such as DES algorithm, 3DES algorithm, TDEA algorithm, Blowfish algorithm, RC5 algorithm, IDEA algorithm, etc.
  • Asymmetric encryption algorithms such as RSA, Elgamal, knapsack algorithm, Rabin, D-H, ECC (elliptic curve encryption algorithm), etc.
  • the foregoing transaction may be encrypted by a combination of a symmetric encryption algorithm and an asymmetric encryption algorithm.
  • the client can use a symmetric encryption algorithm to encrypt the transaction content, that is, use the symmetric encryption algorithm key to encrypt the transaction content, and use an asymmetric encryption algorithm to encrypt the symmetric encryption algorithm
  • the key used for example, the key used in the public key encryption symmetric encryption algorithm using an asymmetric encryption algorithm.
  • the first blockchain node After the first blockchain node receives the encrypted transaction, it can first decrypt it with the private key of the asymmetric encryption algorithm to obtain the key of the symmetric encryption algorithm, and then decrypt it with the key of the symmetric encryption algorithm to obtain the transaction content.
  • a transaction When a transaction is used to call a smart contract, it can be a call of multiple nested structures. For example, the transaction directly calls smart contract 1, and the code of smart contract 1 calls smart contract 2, and the code in smart contract 2 points to the contract address of smart contract 3, so that the transaction actually calls the code of smart contract 3 indirectly , And smart contract 3 includes a certain event function. In this way, it is equivalent to the event function included in smart contract 1.
  • the specific implementation process is similar to the above process, and will not be repeated here.
  • step 306A the first blockchain node executes the smart contract in the trusted execution environment to obtain receipt data, where the receipt data includes a log corresponding to the special event function.
  • a corresponding Logs field will be generated, that is, a log corresponding to each event function will be generated. Therefore, when the transaction initiator belongs to the preset user type, by determining the special event function, the log corresponding to the special event function can be further determined, so that at least a part of the log field corresponding to the special event function is stored in plain text.
  • the first blockchain node after receiving a transaction invoking a smart contract from a client, the first blockchain node can check whether the transaction is valid, the format is correct, and the signature of the transaction is legal.
  • the nodes in Ethereum are generally nodes that compete for the right to bookkeeping. Therefore, the first blockchain node as the node that competes for the right to bookkeeping can execute the transaction locally. If one of the nodes competing for the accounting right wins in the current round of the accounting right, it becomes the accounting node. If the first blockchain node wins this round of competition for accounting rights, it becomes the accounting node; of course, if the first blockchain node does not win in this round of competition for accounting rights, it is not Accounting nodes, and other nodes may become accounting nodes.
  • a smart contract is similar to a class in object-oriented programming.
  • the result of execution generates a contract instance corresponding to the smart contract, similar to the object corresponding to the generated class.
  • the process of executing the code used to create a smart contract in a transaction will create a contract account and deploy the contract in the account space.
  • the address of the smart contract account is generated from the sender's address ("0xf5e -- in Figure 1-2) and the transaction nonce (nonce) as input, and is generated by an encryption algorithm, such as in Figure 1-2
  • the contract address "0x6f8ae93" is generated from the sender's address "0xf5e" and the nonce in the transaction through an encryption algorithm.
  • consensus algorithms such as Proof of Work (POW), Proof of Stake (POS), and Delegated Proof of Stake (DPOS) are adopted in blockchain networks that support smart contracts. All nodes competing for the right to account can execute the transaction after receiving the transaction including the creation of a smart contract. One of the nodes competing for the right to bookkeeping may win this round and become the bookkeeping node.
  • the accounting node can package the transaction containing the smart contract with other transactions and generate a new block, and send the generated new block to other nodes for consensus.
  • the nodes with the right to book accounts have been agreed before this round of bookkeeping. Therefore, after the first blockchain node receives the above transaction, if it is not the accounting node of this round, it can send the transaction to the accounting node.
  • accounting nodes which can be the first blockchain node
  • the accounting node packages the transaction (or other transactions together) and generates a new block
  • the generated new block or block header is sent to other nodes for consensus.
  • the accounting nodes in this round can package and package the transaction. Generate a new block, and send the header of the generated new block to other nodes for consensus. If other nodes receive the block and verify that there is no problem, they can append the new block to the end of the original block chain to complete the accounting process and reach a consensus; if the transaction is used to create a smart contract, then The deployment of the smart contract on the blockchain network is completed. If the transaction is used to call the smart contract, the call and execution of the smart contract are completed. In the process of verifying the new block or block header sent by the accounting node, other nodes may also execute the transaction in the block.
  • the execution process can generally be executed by a virtual machine. Taking Ethereum as an example, it supports users to create and/or call some complex logic in the Ethereum network. This is the biggest challenge that distinguishes Ethereum from Bitcoin blockchain technology.
  • the core of Ethereum as a programmable blockchain is the Ethereum Virtual Machine (EVM), and every Ethereum node can run EVM.
  • EVM is a Turing complete virtual machine, which means that various complex logic can be implemented through it. Users publish and call smart contracts in Ethereum run on the EVM.
  • the first blockchain node can execute the decrypted smart contract code in a Trusted Execution Environment (TEE).
  • TEE Trusted Execution Environment
  • the first blockchain node can be divided into a regular execution environment (on the left in the figure) and TEE, and transactions submitted by the client (as described above, transactions can have other sources; here, the client submits Take the transaction as an example to illustrate)
  • First enter the "transaction/query interface" in the regular execution environment for identification.
  • Transactions that do not require privacy processing can be left in the regular execution environment for processing (here can be based on the user type of the transaction initiator , Transaction type, identifier contained in the exchange, etc.
  • TEE is isolated from the conventional execution environment.
  • the transaction is encrypted before entering the TEE, and it is decrypted into the transaction content in the clear in the trusted execution environment, so that the transaction content in the clear text can be efficiently processed in the TEE and in the TEE under the premise of ensuring data security.
  • the receipt data in plaintext is generated in.
  • TEE is a secure extension based on CPU hardware and a trusted execution environment completely isolated from the outside.
  • TEE was first proposed by Global Platform to solve the security isolation of resources on mobile devices, and parallel to the operating system to provide a trusted and secure execution environment for applications.
  • ARM's Trust Zone technology is the first to realize the real commercial TEE technology.
  • security requirements are getting higher and higher.
  • Not only mobile devices, cloud devices, and data centers have put forward more needs for TEE.
  • the concept of TEE has also been rapidly developed and expanded. Compared with the originally proposed concept, TEE is a broader TEE. For example, server chip manufacturers Intel, AMD, etc. have successively introduced hardware-assisted TEE and enriched the concept and characteristics of TEE, which has been widely recognized in the industry.
  • Intel Software Protection Extensions (SGX) and other TEE technologies isolate code execution, remote attestation, secure configuration, secure storage of data, and trusted paths for code execution.
  • the applications running in the TEE are protected by security and are almost impossible to be accessed by third parties.
  • SGX provides an enclave (also called an enclave), which is an encrypted trusted execution area in the memory, and the CPU protects data from being stolen.
  • enclave also called an enclave
  • the CPU protects data from being stolen.
  • a part of the area EPC Enclave Page Cache, enclave page cache or enclave page cache
  • the encryption engine MEE Memory Encryption Engine
  • SGX users can distrust the operating system, VMM (Virtual Machine Monitor), and even BIOS (Basic Input Output System). They only need to trust the CPU to ensure that private data will not leakage.
  • the private data can be encrypted and transmitted to the circle in cipher text, and the corresponding secret key can also be transmitted to the circle through remote certification. Then, the data is used for calculation under the encryption protection of the CPU, and the result will be returned in ciphertext. In this mode, you can use powerful computing power without worrying about data leakage.
  • the transaction contains the code of the smart contract
  • the first blockchain node can decrypt the transaction in the TEE to obtain the code of the smart contract contained therein, and then Execute this code in TEE.
  • the first blockchain node can execute the code in the TEE (if the called smart contract handles the encryption state, the smart contract needs to be executed in the TEE first. Decrypt to get the corresponding code).
  • the first blockchain node may use the newly added processor instructions in the CPU to allocate a part of the area EPC in the memory, and encrypt the above-mentioned plaintext code and store it in the EPC through the encryption engine MEE in the CPU.
  • the encrypted content in EPC is decrypted into plain text after entering the CPU.
  • the plaintext code for executing smart contracts can load the EVM into the enclosure.
  • the key management server can calculate the hash value of the local EVM code and compare it with the hash value of the EVM code loaded in the first blockchain node. The correct comparison result is a necessary condition for passing remote certification. , So as to complete the measurement of the code loaded in the SGX circle of the first blockchain node. After measurement, the correct EVM can execute the above smart contract code in SGX.
  • Step 304B The first blockchain node determines the corresponding exposed field according to the transaction type of the transaction.
  • the transaction may include a transaction type field (such as a TransType field), and the value of the transaction type field is used to indicate the corresponding transaction type. Therefore, by reading the value of the transaction type field in the exchange, the transaction type can be determined, such as the type of deposit certificate, the type of asset transfer (such as transfer), the type of contract creation, and the type of contract invocation. This manual does not limit this .
  • different types of transactions may respectively have corresponding exposed fields.
  • the exposed field is one or more fields specified in the receipt data.
  • the matching situation between the fields indicated by the aforementioned exposed identifier and the exposed fields can be combined to make the transaction
  • the initiator belongs to the preset user type, for the log generated by the special event function in the receipt data, the content of the receipt corresponding to the exposed field marked by the exposed identifier in the log and meeting the preset conditions is selectively stored in clear text , While meeting the privacy protection requirements, subsequent retrieval and other operations can be performed on the content of the receipt stored in plaintext.
  • the mapping relationship between each transaction type and the exposed field may be predefined, and the mapping relationship may be recorded in the blockchain, so that the first blockchain node can obtain the predefined mapping relationship, And further determine the exposed fields in the receipt data according to the transaction type of the above-mentioned transaction and the mapping relationship.
  • the exposed field corresponding to the attestation type may include all fields except the above-mentioned From field
  • the exposed field corresponding to the asset transfer type may include the above-mentioned To field
  • the exposed field corresponding to the contract creation type and contract invocation type may include the above-mentioned From field. All the fields except for the other transaction types will not be repeated here.
  • mapping relationship can be specifically recorded in the system contract.
  • the mapping relationship can also be recorded in the chain code of the blockchain network.
  • Step 308 The first blockchain node stores the receipt data, so that when the transaction initiator belongs to a preset user type, at least part of the receipt content in the log corresponding to the special event function is stored in plain text.
  • the remaining content of the receipt data is stored in a ciphertext form, and the at least a part of the receipt content matches the exposure field indicated by the exposure identifier and meets a preset condition.
  • the user has a corresponding external account on the blockchain, and initiates transactions or performs other operations based on the external account. Then, the user type to which the transaction initiator belongs, that is, the user type to which the external account belongs. Therefore, the first blockchain node can determine the external account corresponding to the transaction initiator, and query the user type corresponding to the external account recorded on the blockchain as the user type to which the transaction initiator belongs.
  • the external account may include a user type field (such as a UserType field) recorded on the blockchain, and the value of the user type field corresponds to the user type.
  • a user type field such as a UserType field
  • the first blockchain node can determine the corresponding user type based on the value by reading the user type field of the external account mentioned above.
  • the user type when creating the above-mentioned external account, can be configured to be associated with the external account, so that the association relationship between the user type and the external account is recorded in the blockchain, such as through the user type and The account address of the external account is used to establish the above-mentioned association relationship, so that the data structure of the external account does not need to be changed, that is, the external account does not need to include the above type field. Therefore, the first blockchain node can determine the above-mentioned preset user type corresponding to the external account by reading the association relationship recorded on the blockchain and based on the external account corresponding to the transaction initiator.
  • the user type of the external account can be modified under certain conditions.
  • the management user may have a modification right item, so that the first blockchain node can change the user type corresponding to the above-mentioned external account according to the change request initiated by the management user.
  • the management user can correspond to the external account preset in the genesis block with management authority, so that the management user can make type changes to other ordinary users, advanced users, etc., such as changing ordinary users to advanced users, and changing advanced users For ordinary users, etc.
  • the first blockchain node can determine the strength of the transaction initiator’s privacy protection needs by identifying the user type to which the transaction initiator belongs: when it belongs to the preset user type, it can be determined that the transaction initiator’s privacy protection needs are relatively weak , Can accept the exposure of receipt data to a certain extent to achieve corresponding function expansion; when it does not belong to the preset user type, it can be determined that the transaction initiator has relatively strong privacy protection requirements and cannot accept the exposure of receipt data. Therefore, based on the identification of the user type to which the transaction initiator belongs, the storage method for the receipt data can meet the actual needs of the transaction initiator, and it can take into account privacy protection and function expansion. For example, ordinary users have relatively lower requirements for privacy protection and higher requirements for function expansion based on receipt data.
  • part of the receipt content may be allowed to be stored in plain text in order to target
  • the content of the receipt stored in plaintext implements function expansion.
  • the privacy protection requirements of advanced users and management users are relatively higher, and the need for function expansion based on receipt data is relatively low.
  • all receipt content can be changed. All are stored in cipher text.
  • the exposed identifier can indicate one or more fields, and these fields have corresponding receipt content in the receipt data.
  • the exposed fields corresponding to the transaction type may be one or more fields in the receipt data, and these fields have corresponding receipt content in the receipt data.
  • the receipt data contains a log corresponding to the special event function, which is actually part of the receipt content in the receipt data.
  • the receipt content that meets the preset condition in the receipt data can be filtered out.
  • the cross content of the above four parts of receipt content can be filtered out. And implement clear text storage for the cross content, and the rest of the receipt data is stored in cipher text.
  • the content of the preset condition may include at least one of the following: the content of the corresponding receipt includes the preset content, the value of the content of the corresponding receipt belongs to the preset numerical interval, and so on.
  • the preset content may include: one or more specified keywords.
  • the keywords may include predefined state variables, predefined event functions, information indicating the results of transaction execution, etc., so that when the receipt content contains keywords as keywords When information such as state variables, event functions, or transaction execution results, it can be determined that the content of the receipt meets the preset conditions.
  • the preset content may include: preset values.
  • the preset value can be a numeric value, which can be compared with the value of a state variable, etc., to determine whether the value of the state variable meets expectations; for another example, the preset value can be composed of numeric values, letters, special symbols, etc.
  • a character string which can be compared with the account address of the transaction initiator, the account address of the transaction target, the log subject, etc. to identify a specific transaction initiator, a specific transaction target, or a specific log subject, etc.
  • the user who is the transaction initiator belongs to the preset user type and the To field is an exposed field
  • the user can When the address initiates the transaction and the To field is marked by the exposed identifier, the To field in the log can be stored in plain text when the preset conditions are met, and stored in cipher text when the preset conditions are not met, and other The From field must be stored in cipher text to avoid privacy leakage.
  • the preset value range can indicate the privacy protection requirements of the relevant receipt fields.
  • the preset value range can be a value range with a smaller value and a lower privacy protection requirement, so that even if the relevant receipt field is disclosed, it will not cause Serious user privacy leakage, but it can be used to automatically trigger related operations such as DAPP client, so as to achieve a certain balance between privacy protection and convenience.
  • the preset conditions may include general conditions corresponding to all receipt fields in the receipt data, that is, when the content of the receipt corresponding to the field marked by the exposure identifier is in any receipt field in the receipt data, it is used to The preset conditions are compared. For example, when the preset condition is "Contains preset keywords", the content of the receipt corresponding to the field indicated by the exposure identifier can be compared with the keywords contained in the preset condition to determine the keywords that contain the keyword.
  • the content of the receipt is regarded as the content of the receipt meeting the above-mentioned preset conditions; among them, when the content of the receipt corresponding to the field indicated by the exposure identifier belongs to a certain receipt field, the receipt field may also contain other receipt content, and the content of these receipts is secret Document format for storage.
  • the preset condition may include a dedicated condition corresponding to each receipt field in the receipt data, that is, each receipt field in the receipt data has a corresponding preset condition, which needs to be based on the field indicated by the exposure identifier.
  • the preset conditions corresponding to different receipt fields are independent of each other, but may be the same or different.
  • the preset condition corresponding to the From field may be "whether the preset content is included", and the preset content may be a preset account address, indicating a transaction initiated by the account address, and the preset condition corresponding to the Topic field may be "Whether it belongs to the preset value range", and the value of the state variable referenced by the related event can be recorded in the Topic field.
  • the state variable representing "transfer amount” can be included, indicating that the transfer amount is within the preset value range ; Then: when the content of the receipt corresponding to the object indicated by the exposure identifier is in both the From field and the Topic field, the content of the receipt in the From field is suitable for comparison with the preset condition "Does it contain preset content" and is in the Topic field The content of the receipt in is suitable for comparison with the preset condition "whether it belongs to the preset value interval".
  • the exposed identifier is a global identifier defined in the programming language of the smart contract, it is difficult to modify the fields marked by the exposed identifier as long as the exposed identifier is written in the smart contract.
  • the user type depends on the transaction initiator and has nothing to do with the programming language, so that even when different transaction initiators call the same smart contract, the storage method (ciphertext or plaintext) of the receipt data may be different.
  • the transaction type can also be selected by the transaction initiator according to demand to indicate the actual needs of the transaction initiator.
  • the preset conditions can be selected by the transaction initiator according to actual needs, regardless of the programming language. At the same time, the definition of special event functions is not necessarily based on programming languages.
  • the From field When the From field is further an exposed field corresponding to the transaction type, it can be preset at the transaction initiator In the case of the user type, when the first blockchain node stores receipt data, all receipt content in the receipt data that corresponds to the From field and meets the preset conditions is allowed to be stored in plain text.
  • a smart contract can include the following code example 3:
  • the exposed identifier "plain" is located at the forefront of the code of the smart contract, so that all fields in the receipt data are marked as contract-level fields; at the same time, in the smart contract Contains the event currentPrice1 and the event currentPrice2: assuming that the event currentPrice1 corresponds to the special event function defined in the special event function list, and the event currentPrice2 corresponds to the normal event function, then the transaction initiator belongs to the preset user type and the From field is an exposed field.
  • the From field contained in the log Log1 is stored in plaintext when the preset conditions are met, and stored in ciphertext when the preset conditions are not met.
  • the From field contained in log Log2 must be stored in cipher text; similarly, other fields in log Log1 that are exposed fields are also stored in plain text when the preset conditions are met, and non-exposed fields are stored in cipher text. All fields of Log2 are stored in cipher text.
  • the event currentPrice2 is updated to correspond to the special event function after updating the list of special event functions, all the fields belonging to the exposed fields contained in the log Log2 can be stored in plain text under the condition that the preset conditions are met. If the preset conditions are not met, it is stored in ciphertext form, without any changes to the code of the smart contract.
  • the aforementioned type identifier can be used to indicate whether the event function contained in the smart contract is a special event function.
  • the above code sample 3 can be adjusted to the following code sample 4:
  • the contract-level fields include all fields in the receipt data; at the same time, the smart contract contains the event currentPrice1 and the event currentPrice2: because the event currentPrice1 contains the above mentioned
  • the type identifier expose, so that the event currentPrice1 is marked as corresponding to the special event function, and the event currentPrice2 does not contain the type identifier expose, so that the event currentPrice2 is marked as corresponding to the normal event function, then the transaction initiator belongs to the default user
  • all the exposed fields in the log Log1 corresponding to the transaction type are stored in plaintext when the preset conditions are met, and the preset conditions are not met. In the case of, it is stored in cipher text, and all fields contained in log Log2 must be stored in cipher text.
  • the fields indicated by the exposure identifier may include: event-level fields corresponding to at least one event defined in the smart contract, so that the transaction initiator belongs to the preset user type and the event-level field belongs to the exposed field
  • the first blockchain node stores the part of the receipt content generated by the special event function that corresponds to the event-level field and meets the preset condition in plain text.
  • the above event-level fields can be set for at least some of the events, so that the contents of the receipts that correspond to the above-mentioned event-level fields and meet the preset conditions in the logs generated by this part of the events are in plain text
  • the content of the remaining receipts in the log generated by this part of the event and the content of the receipt corresponding to the remaining events are stored in the form of ciphertext.
  • the event currentPrice1 does not add the exposed identifier "plain", it contains the content "from".
  • the content "from” corresponds to the From field and is used to indicate the From field in the log generated by the event currentPrice1 It needs to be stored in plain text, so the content "from” not only belongs to the above exposed identifier, but also indicates the From field that needs to be stored in plain text.
  • the From field is an event-level field, so that when the transaction initiator belongs to the preset user type and the From field is an exposed field, when the event currentPrice1 corresponds to a special event function In the log Logs corresponding to the event currentPrice1, the From field is stored in plain text when the preset conditions are met, and stored in cipher text when the preset conditions are not met, and other fields must be stored in cipher text Form storage.
  • the generated log Logs are in the form of ciphertext storage.
  • this code example 5 that is, for event-level fields, it is possible to identify whether the event functions contained in the smart contract are special event functions by means of a special event function list or type identifier. Repeat.
  • This manual exposes the content of the receipt to a certain extent to realize the driver of the DAPP client or other function extensions.
  • this manual considers the user type of the transaction initiator, the exposed field corresponding to the transaction type, the field indicated by the exposure identifier, the log generated by the special event function, and the content of the receipt to meet the preset conditions, and can accurately select the application.
  • the content of the receipt stored in plaintext meets the requirements of "transaction initiator belongs to the preset user type", “belongs to the exposed field corresponding to the transaction type", “matches the field indicated by the exposure identifier”, and “belongs to the log generated by the special event function” "” and “meeting the preset conditions”, so as to meet the above-mentioned function expansion requirements, while ensuring that most of the user privacy can be protected.
  • the first blockchain node recognizes the special event function based on the information recorded on the blockchain network (such as the list of special event functions), it can perform the "special event function" after the smart contract has been created. Update to adjust the storage method of receipt data, such as changing the original receipt content stored in plain text to cipher text storage, or changing the original receipt content stored in cipher text to plain text storage.
  • the computing device By running the program code of the blockchain (hereinafter referred to as the chain code) on the computing device (physical machine or virtual machine), the computing device can be configured as a blockchain node in the blockchain network, such as the first Blockchain nodes, etc.
  • the first blockchain node runs the above chain code to realize the corresponding functional logic.
  • the above-mentioned receipt data storage logic related to exposure identifiers, user types, transaction types, event functions, and preset conditions can be written into the chain code, so that each block All chain nodes can implement the receipt data storage logic; taking the first blockchain node as an example, the receipt data storage logic related to exposure identifiers, user types, transaction types, event functions, and preset conditions can include: Type recognition logic, transaction type recognition logic, event function recognition logic, preset condition determination logic, and receipt content storage logic based on exposed identifiers.
  • the user type identification logic is used to instruct the first blockchain node to identify the user type of the transaction initiator.
  • the system contract can record the association relationship between the predefined external account and the user type, or the system contract can record the correspondence between the value of the user type field and the user type.
  • the relevant description of identifying user types above please refer to the relevant description of identifying user types above, which will not be repeated here.
  • the identification logic of the transaction type is used to instruct the first blockchain node: to identify the type of transaction initiated by the transaction initiator. For example, according to the value of the type field contained in the exchange, determine the transaction type corresponding to the transaction. For details, please refer to the relevant description of identifying transaction types above, which will not be repeated here.
  • the identification logic of the event function is used to instruct the first blockchain node to identify the type of event function contained in the smart contract corresponding to the transaction. For example: according to the type identifier contained in the event function, or according to the list of special event functions recorded in the blockchain network. For details, please refer to the relevant description of identifying special event functions above, which will not be repeated here.
  • the determination logic of the preset condition is used to instruct the first blockchain node to obtain the preset condition applicable to the content of the receipt corresponding to the object indicated by the exposure identifier. For example, obtain general conditions applicable to all receipt fields, or obtain special conditions applicable to the field of the receipt content corresponding to the object indicated by the exposure identifier. For details, please refer to the relevant description of the preset conditions above, which will not be repeated here.
  • the logic of storing the content of the receipt based on the exposed identifier is used to instruct the first blockchain node: for the fields marked by the exposed identifier, the fields not marked by the exposed identifier, etc., how to store the corresponding receipt content. For example: in the case that the transaction initiator belongs to the preset user type, for the identified special event function, the content of the receipt corresponding to the exposed field that is marked by the exposure identifier in the log corresponding to the special event function and meets the preset conditions is adopted It is stored in plain text, while other receipt content in the receipt data is stored in cipher text.
  • chain code is used to realize the basic functions of the blockchain network, and the function expansion during operation can be achieved through the system Realized by way of contract.
  • the system contract includes code in the form of bytecode, for example, the first blockchain node can run the system contract code (for example, according to the unique corresponding address "0x53a98" to read the system The code in the contract) to realize the functional supplement of the chain code.
  • the first blockchain node can read the code of the system contract, which defines the receipt data storage logic related to the exposure identifier, user type, transaction type, event function, and preset conditions; then , The first blockchain node can execute the code of the system contract, based on the receipt data storage logic related to the exposure identifier, user type, transaction type, event function, and preset conditions, when the transaction initiator belongs to the preset user type , Storing at least part of the receipt content in the log generated by the special event function in plain text, and storing the remaining content of the receipt data in cipher text, and the at least part of the receipt content matches the exposure indicated by the exposure identifier Field and meet the preset conditions.
  • the system contract read by the first blockchain node may include a preset system contract configured in the genesis block of the blockchain network; and, the administrator in the blockchain network (ie, the above-mentioned management user) may have The update authority of the system contract, so as to update the preset system contract such as the above, the system contract read by the first blockchain node may also include the corresponding updated system contract.
  • the updated system contract can be obtained by the administrator after one update of the preset system contract; or, the updated system contract can be obtained by the administrator after multiple iterations of the preset system contract, such as the preset system contract Update the system contract 1, update the system contract 1 to obtain the system contract 2, update the system contract 2 to obtain the system contract 3.
  • the system contract 1, the system contract 2, and the system contract 3 can all be regarded as the updated system contract, but the first Blockchain nodes usually follow the latest version of the system contract. For example, the first blockchain node will follow the code in system contract 3 instead of the code in system contract 1 or system contract 2.
  • the administrator can also publish system contracts in subsequent blocks and update the published system contracts.
  • system contracts in subsequent blocks and update the published system contracts.
  • a certain degree of restrictions should be imposed on the issuance and update of system contracts through methods such as authority management to ensure that the functional logic of the blockchain network can operate normally and avoid unnecessary losses to any users.
  • the first blockchain node encrypts at least a part of the receipt content through the key.
  • the encryption may be symmetric encryption or asymmetric encryption. If the first blockchain node uses symmetric encryption, that is, the symmetric key of the symmetric encryption algorithm is used to encrypt the content of the receipt, the client (or other object holding the key) can use the symmetric key pair of the symmetric encryption algorithm The encrypted receipt content is decrypted.
  • the symmetric key may be provided by the client to the first blockchain node in advance. Then, since only the client (actually the user corresponding to the logged-in account on the client) and the first blockchain node have the symmetric key, only the client can decrypt the corresponding encrypted receipt content, avoiding Irrelevant users and even criminals decrypt the encrypted receipt content.
  • the client when the client initiates a transaction to the first blockchain node, the client can use the initial key of the symmetric encryption algorithm to encrypt the transaction content to obtain the transaction; accordingly, the first blockchain node can obtain
  • the initial key is used to directly or indirectly encrypt the content of the receipt.
  • the initial key can be negotiated in advance by the client and the first blockchain node, or sent by the key management server to the client and the first blockchain node, or sent by the client to the first blockchain node.
  • the client can encrypt the initial key with the public key of the asymmetric encryption algorithm, and then send the encrypted initial key to the first block
  • the chain node, and the first blockchain node decrypts the encrypted initial key through the private key of the asymmetric encryption algorithm to obtain the initial key, which is the digital envelope encryption described above, which will not be repeated here.
  • the first blockchain node can use the aforementioned initial key to encrypt the content of the receipt. Different transactions can use the same initial key, so that all transactions submitted by the same user are encrypted with this initial key, or different transactions can use different initial keys. For example, the client can randomly generate an initial key for each transaction. Key to improve security.
  • the first blockchain node can generate a derived key according to the initial key and the impact factor, and encrypt the content of the receipt through the derived key.
  • the derived key can increase the degree of randomness, thereby increasing the difficulty of being compromised and helping to optimize the security protection of data.
  • the impact factor can be related to the transaction; for example, the impact factor can include the specified bits of the transaction hash value.
  • the first blockchain node can associate the initial key with the first 16 bits (or the first 32 bits and the last 16 bits) of the transaction hash value. Bits, last 32 bits, or other bits) are spliced, and the spliced string is hashed to generate a derived key.
  • the first blockchain node can also use an asymmetric encryption method, that is, use the public key of the asymmetric encryption algorithm to encrypt the content of the receipt, and accordingly, the client can use the private key of the asymmetric encryption algorithm to decrypt the encrypted The contents of the receipt.
  • the key of an asymmetric encryption algorithm for example, can be that the client generates a pair of public and private keys, and sends the public key to the first blockchain node in advance, so that the first blockchain node can use the receipt content Public key encryption.
  • the first blockchain node realizes the function by running the code used to realize the function. Therefore, for the functions that need to be implemented in the TEE, the relevant code also needs to be executed. For the code executed in the TEE, it needs to comply with the relevant specifications and requirements of the TEE; accordingly, for the code used to implement a certain function in the related technology, the code needs to be rewritten in combination with the specifications and requirements of the TEE. Large amount of development, and easy to produce loopholes (bugs) in the process of rewriting, affecting the reliability and stability of function implementation.
  • the first blockchain node can execute the storage function code outside the TEE to store the receipt data generated in the TEE (including the receipt content in plain text that needs to be stored in plain text, and the receipt content in cipher text that needs to be stored in cipher text.
  • TEE Is stored in an external storage space outside the TEE, so that the storage function code can be the code used to implement the storage function in the related technology, and does not need to be rewritten in conjunction with the specifications and requirements of the TEE to achieve safe and reliable receipt data
  • the storage of TEE can not only reduce the amount of related code development without affecting security and reliability, but also reduce TCB (Trusted Computing Base) by reducing the related code of TEE, making TEE technology and regional In the process of combining block chain technology, the additional security risks caused are in a controllable range.
  • TCB Trusted Computing Base
  • the first blockchain node may execute the write cache function code in the TEE to store the above-mentioned receipt data in the write cache in the TEE.
  • the write cache may correspond to the one shown in FIG. 2 "Cache".
  • the first blockchain node outputs the data in the write cache from the trusted execution environment to be stored in the external storage space.
  • the write cache function code can be stored in the TEE in plain text, and the cache function code in the plain text can be directly executed in the TEE; or, the write cache function code can be stored outside the TEE in cipher text, such as the above External storage space (such as the "package + storage” shown in Figure 2, where "package” means that the first blockchain node packs the transaction into blocks outside the trusted execution environment), the ciphertext form
  • the write cache function code is read into the TEE, decrypted into the plaintext code in the TEE, and the plaintext code is executed.
  • Write cache refers to a "buffer" mechanism provided to avoid “impact” to the external storage space when data is written to the external storage space.
  • the above-mentioned write cache can be implemented by using buffer; of course, the write cache can also be implemented by using cache, which is not limited in this specification.
  • the write cache mechanism can be used to write the data in the cache to the external storage space in batches, thereby reducing the gap between the TEE and the external storage space. The number of interactions increases the efficiency of data storage.
  • TEE may need to retrieve the generated data.
  • the data to be called happens to be in the write cache, the data can be read directly from the write cache.
  • the interaction between the external storage space eliminates the decryption process of the data read from the external storage space, thereby improving the data processing efficiency in the TEE.
  • the write cache can also be established outside the TEE.
  • the first blockchain node can execute the write cache function code outside the TEE, so as to store the above receipt data in the write cache outside the TEE, and further write The data in the cache is stored in an external storage space.
  • the receiving unit 61 receives an encrypted transaction corresponding to a smart contract, the code of the smart contract includes a field marked by an exposed identifier;
  • a decryption unit 62 decrypting the transaction in a trusted execution environment to obtain the smart contract, the smart contract including a special event function;
  • the execution unit 63 executes the smart contract in the trusted execution environment to obtain receipt data, where the receipt data includes a log corresponding to the special event function;
  • the determining unit 64 determines the corresponding exposed field according to the transaction type of the transaction
  • the storage unit 65 stores the receipt data, so that when the transaction initiator belongs to a preset user type, at least part of the receipt content in the log corresponding to the special event function is stored in plain text, and the remaining content of the receipt data Stored in a ciphertext form, the at least a part of the receipt content matches the exposure field indicated by the exposure identifier and meets a preset condition.
  • the smart contract corresponding to the transaction received by the first blockchain node includes:
  • the node when the smart contract corresponding to the transaction received by the first blockchain node is a smart contract written in a high-level language, the node further includes:
  • the compiling unit 66 compiles the smart contract written in the high-level language through a compiler, and generates the smart contract in the form of bytecode for execution in the trusted execution environment.
  • the smart contract in the form of bytecode is a smart contract written in a high-level language by the client through a compiler It is obtained by compiling, and the smart contract written in the high-level language is written by the user on the client.
  • the smart contract written in the high-level language and the smart contract in bytecode form have the same or corresponding exposure identifier.
  • the smart contract corresponding to the transaction received by the first blockchain node includes:
  • the smart contract generated by the user on the first blockchain node or,
  • the smart contract generated by the user on the client or,
  • the fields marked by the exposure identifier include: contract-level fields; the storage unit 65 is specifically used for:
  • the transaction initiator belongs to the preset user type and the contract-level field is an exposed field
  • the part of the log generated by all special event functions that corresponds to the contract-level field and meets the preset conditions is stored in plain text.
  • the field marked by the exposure identifier includes: an event-level field corresponding to at least one event defined in the smart contract; the storage unit 65 is specifically configured to:
  • the log generated by the special event function corresponding to the at least one event is determined, and the determined log corresponds to the event-level field And the part that meets the preset conditions is stored in plain text.
  • the event function in the smart contract includes a type identifier, and the type identifier is used to mark the event function as a special event function.
  • the event function included in the smart contract is in the special function list recorded on the blockchain, the event function included in the smart contract is determined to be a special event function.
  • the first blockchain node determines the user type to which the transaction initiator belongs in the following manner:
  • the first blockchain node determines the external account corresponding to the transaction initiator
  • the first blockchain node queries the user type corresponding to the external account recorded on the blockchain as the user type to which the transaction initiator belongs.
  • the external account includes a user type field recorded on the blockchain, and the value of the user type field corresponds to the user type.
  • the user type is configured to be associated with the external account, so that the association relationship between the user type and the external account is recorded in the blockchain.
  • Optional also includes:
  • the changing unit 67 changes the user type corresponding to the external account according to the change request initiated by the management user.
  • the transaction includes a transaction type field, and the value of the transaction type field is used to indicate the corresponding transaction type.
  • the transaction type of the transaction includes: deposit certificate type, asset transfer type, contract creation type, contract call type.
  • a predefined mapping relationship between the transaction type and the exposed field is stored in the blockchain, and the mapping relationship is used to determine the exposed field corresponding to the transaction type of the transaction.
  • the preset condition includes at least one of the following: the corresponding receipt content includes the preset content, and the value of the corresponding receipt content belongs to the preset numerical interval.
  • the preset conditions include general conditions corresponding to all receipt fields in the receipt data; or,
  • the preset condition includes a dedicated condition corresponding to each receipt field in the receipt data.
  • the preset condition is in the transaction; or,
  • the preset condition is located in the smart contract corresponding to the transaction, or in another smart contract called by the smart contract corresponding to the transaction; or,
  • the preset conditions are located in the system contract or chain code.
  • the storage unit 65 is specifically used for:
  • Read the code of the system contract which defines the receipt data storage logic related to the exposure identifier, user type, transaction type, special event function, and preset conditions;
  • the code of the system contract is executed to store at least part of the receipt content in the log corresponding to the special event function in plaintext when the transaction initiator belongs to the preset user type, and the rest of the receipt data is stored in a secret form.
  • the document format is stored, and the content of the at least part of the receipt matches the exposure field indicated by the exposure identifier and meets a preset condition.
  • the system contract includes: a preset system contract recorded in the genesis block, or an updated system contract corresponding to the preset system contract.
  • the storage unit 65 is specifically used for:
  • the storage function code is executed outside the trusted execution environment to store the receipt data in an external storage space outside the trusted execution environment.
  • the key used by the first blockchain node to encrypt the receipt data includes: a key of a symmetric encryption algorithm or a key of an asymmetric encryption algorithm.
  • the key of the symmetric encryption algorithm includes an initial key provided by the client; or, the key of the symmetric encryption algorithm includes a derived key generated by the initial key and an influence factor.
  • the transaction is encrypted by the initial key, and the initial key is encrypted by the public key of an asymmetric encryption algorithm; the decryption unit 62 is specifically configured to:
  • the initial key is generated by the client; or, the initial key is sent to the client by the key management server.
  • the impact factor is related to the transaction.
  • the impact factor includes: a designated bit of the hash value of the transaction.
  • a programmable logic device Programmable Logic Device, PLD
  • FPGA Field Programmable Gate Array
  • HDL Hardware Description Language
  • ABEL Advanced Boolean Expression Language
  • AHDL Altera Hardware Description Language
  • HDCal JHDL
  • Lava Lava
  • Lola MyHDL
  • PALASM RHDL
  • Verilog Verilog
  • the controller can be implemented in any suitable manner.
  • the controller can take the form of, for example, a microprocessor or a processor and a computer-readable medium storing computer-readable program codes (such as software or firmware) executable by the (micro)processor. , Logic gates, switches, application specific integrated circuits (ASICs), programmable logic controllers and embedded microcontrollers. Examples of controllers include but are not limited to the following microcontrollers: ARC625D, Atmel AT91SAM, Microchip PIC18F26K20 and Silicon Labs C8051F320, the memory controller can also be implemented as part of the memory control logic.
  • controller in addition to implementing the controller in a purely computer-readable program code manner, it is entirely possible to program the method steps to make the controller use logic gates, switches, application specific integrated circuits, programmable logic controllers and embedded The same function can be realized in the form of a microcontroller, etc. Therefore, such a controller can be regarded as a hardware component, and the devices included in it for implementing various functions can also be regarded as a structure within the hardware component. Or even, the device for realizing various functions can be regarded as both a software module for realizing the method and a structure within a hardware component.
  • a typical implementation device is a computer.
  • the computer may be, for example, a personal computer, a laptop computer, a cell phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or Any combination of these devices.
  • the embodiments of the present invention may be provided as methods, systems, or computer program products. Therefore, the present invention may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, the present invention may adopt the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program codes.
  • a computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
  • program modules include routines, programs, objects, components, data structures, etc. that perform specific tasks or implement specific abstract data types.
  • This specification can also be practiced in distributed computing environments, in which tasks are performed by remote processing devices connected through a communication network.
  • program modules can be located in local and remote computer storage media including storage devices.
  • These computer program instructions can also be stored in a computer-readable memory that can guide a computer or other programmable data processing equipment to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction device.
  • the device implements the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
  • These computer program instructions can also be loaded on a computer or other programmable data processing equipment, so that a series of operation steps are executed on the computer or other programmable equipment to produce computer-implemented processing, so as to execute on the computer or other programmable equipment.
  • the instructions provide steps for implementing functions specified in a flow or multiple flows in the flowchart and/or a block or multiple blocks in the block diagram.
  • the computer includes one or more processors (CPU), input/output interfaces, network interfaces, and memory.
  • the memory may include non-permanent memory in computer readable media, random access memory (RAM) and/or non-volatile memory, such as read-only memory (ROM) or flash memory (flash RAM). Memory is an example of computer readable media.
  • RAM random access memory
  • ROM read-only memory
  • flash RAM flash memory
  • Computer-readable media include permanent and non-permanent, removable and non-removable media, and information storage can be realized by any method or technology.
  • the information can be computer-readable instructions, data structures, program modules, or other data.
  • Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technology, CD-ROM, digital versatile disc (DVD) or other optical storage, Magnetic cassettes, magnetic disk storage, quantum memory, graphene-based storage media or other magnetic storage devices or any other non-transmission media can be used to store information that can be accessed by computing devices. According to the definition in this article, computer-readable media does not include transitory media, such as modulated data signals and carrier waves.
  • first, second, third, etc. may be used in one or more embodiments of this specification to describe various information, the information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other.
  • first information may also be referred to as second information, and similarly, the second information may also be referred to as first information.
  • word “if” as used herein can be interpreted as "when” or “when” or "in response to determination”.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Business, Economics & Management (AREA)
  • General Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Data Mining & Analysis (AREA)
  • Software Systems (AREA)
  • Accounting & Taxation (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • Development Economics (AREA)
  • General Business, Economics & Management (AREA)
  • Medical Informatics (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Strategic Management (AREA)
  • Marketing (AREA)
  • Computing Systems (AREA)
  • Economics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

La présente invention concerne un procédé et un nœud de stockage de reçu utilisant des informations multidimensionnelles et ayant une restriction, le procédé comprenant les étapes consistant à : recevoir par un premier nœud de chaîne de blocs une transaction chiffrée correspondant à un contrat intelligent, le code du contrat intelligent comprenant un champ marqué avec un identifiant d'exposition (302) ; déchiffrer, par le premier nœud de chaîne de blocs, la transaction dans un environnement d'exécution de confiance de façon à obtenir le contrat intelligent, le contrat intelligent comprenant une fonction d'événement spécial (304A) ; exécuter le contrat intelligent par le premier nœud de chaîne de blocs dans l'environnement d'exécution de confiance de façon à obtenir des données de reçu, les données de reçu comprenant un journal correspondant à la fonction d'événement spécial (306A) ; déterminer par le premier nœud de chaîne de blocs, en fonction d'un type de transaction de la transaction, un champ d'exposition correspondant (304B) ; et stocker les données de reçu par le premier nœud de chaîne de blocs, de telle sorte que lorsqu'un initiateur de transaction est un type d'utilisateur prédéfini, au moins une partie d'un reçu dans le journal correspondant à la fonction d'événement spécial est stockée sous forme de texte brut, et le reste du reçu est stocké sous forme de texte chiffré, ladite partie du reçu correspondant à un champ d'exposition marqué avec l'identifiant d'exposition et remplissant une condition prédéfinie (308).
PCT/CN2020/091427 2019-05-20 2020-05-20 Procédé et nœud de stockage de reçu utilisant des informations multidimensionnelles et ayant une restriction WO2020233643A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910419898.9A CN110263087B (zh) 2019-05-20 2019-05-20 基于多维度信息且具有条件限制的收据存储方法和节点
CN201910419898.9 2019-05-20

Publications (1)

Publication Number Publication Date
WO2020233643A1 true WO2020233643A1 (fr) 2020-11-26

Family

ID=67914796

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/091427 WO2020233643A1 (fr) 2019-05-20 2020-05-20 Procédé et nœud de stockage de reçu utilisant des informations multidimensionnelles et ayant une restriction

Country Status (2)

Country Link
CN (1) CN110263087B (fr)
WO (1) WO2020233643A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113221170A (zh) * 2021-05-19 2021-08-06 西安交通大学 基于区块链的隐私信息匹配与数据交易方法及系统
CN113221170B (zh) * 2021-05-19 2024-05-24 西安交通大学 基于区块链的隐私信息匹配与数据交易方法及系统

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020233424A1 (fr) * 2019-05-20 2020-11-26 创新先进技术有限公司 Procédé de stockage de reçu sur la base d'un type de fonction d'événement et nœud associé
CN110263087B (zh) * 2019-05-20 2021-04-27 创新先进技术有限公司 基于多维度信息且具有条件限制的收据存储方法和节点
CN110245503B (zh) * 2019-05-20 2021-04-27 创新先进技术有限公司 结合代码标注与判断条件的收据存储方法和节点
WO2020233422A1 (fr) * 2019-05-20 2020-11-26 创新先进技术有限公司 Procédé et nœud de stockage de reçu basé sur un type d'utilisateur
CN110266644B (zh) * 2019-05-20 2021-04-06 创新先进技术有限公司 结合代码标注与交易类型的收据存储方法和节点
WO2020233421A1 (fr) * 2019-05-20 2020-11-26 创新先进技术有限公司 Procédé de stockage de reçu au niveau d'un objet et nœud basé sur un marquage de code
CN110263089B (zh) * 2019-05-20 2021-05-04 创新先进技术有限公司 结合交易与事件类型的条件限制的收据存储方法和节点
WO2020233425A1 (fr) * 2019-05-20 2020-11-26 创新先进技术有限公司 Procédé et nœud de stockage de reçu basés sur une condition de détermination
CN113408259B (zh) * 2021-06-09 2024-05-07 微易签(杭州)科技有限公司 一种基于区块链填写文件的方法、系统、装置和存储介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107294709A (zh) * 2017-06-27 2017-10-24 阿里巴巴集团控股有限公司 一种区块链数据处理方法、装置及系统
CN107342858A (zh) * 2017-07-05 2017-11-10 武汉凤链科技有限公司 一种基于可信环境的智能合约保护方法和系统
CN109493020A (zh) * 2018-11-08 2019-03-19 众安信息技术服务有限公司 基于区块链的安全交易方法和装置
US20190149325A1 (en) * 2017-11-16 2019-05-16 International Business Machines Corporation Blockchain transaction privacy enhancement through broadcast encryption
CN110263087A (zh) * 2019-05-20 2019-09-20 阿里巴巴集团控股有限公司 基于多维度信息且具有条件限制的收据存储方法和节点

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP6754495B2 (ja) * 2016-10-06 2020-09-09 マスターカード インターナシヨナル インコーポレーテツド ブロックチェーンを介したアイデンティティと証明書の保護及び検証とのための方法及びシステム
CN106559211B (zh) * 2016-11-22 2019-12-13 中国电子科技集团公司第三十研究所 一种区块链中隐私保护智能合约方法
DE102017006572A1 (de) * 2017-04-12 2018-10-18 Diehl Defence Gmbh & Co. Kg Verfahren zum Schutz eines vernetzten militärischen Systems
CA3071268A1 (fr) * 2017-07-27 2019-01-31 Ingenico Inc. Systeme et procede d'entree de donnees de carte securisee
WO2019089044A1 (fr) * 2017-11-03 2019-05-09 Visa International Service Corporation Système sécurisé d'identification et de profilage
CN108880863B (zh) * 2018-05-26 2021-02-19 江西理工大学 一种基于区块链技术的智能电网设备安全诊断服务系统
CN109360103A (zh) * 2018-12-21 2019-02-19 众安信息技术服务有限公司 基于区块链的资产通证化的证券产品处理方法及装置

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107294709A (zh) * 2017-06-27 2017-10-24 阿里巴巴集团控股有限公司 一种区块链数据处理方法、装置及系统
CN107342858A (zh) * 2017-07-05 2017-11-10 武汉凤链科技有限公司 一种基于可信环境的智能合约保护方法和系统
US20190149325A1 (en) * 2017-11-16 2019-05-16 International Business Machines Corporation Blockchain transaction privacy enhancement through broadcast encryption
CN109493020A (zh) * 2018-11-08 2019-03-19 众安信息技术服务有限公司 基于区块链的安全交易方法和装置
CN110263087A (zh) * 2019-05-20 2019-09-20 阿里巴巴集团控股有限公司 基于多维度信息且具有条件限制的收据存储方法和节点

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113221170A (zh) * 2021-05-19 2021-08-06 西安交通大学 基于区块链的隐私信息匹配与数据交易方法及系统
CN113221170B (zh) * 2021-05-19 2024-05-24 西安交通大学 基于区块链的隐私信息匹配与数据交易方法及系统

Also Published As

Publication number Publication date
CN110263087B (zh) 2021-04-27
CN110263087A (zh) 2019-09-20

Similar Documents

Publication Publication Date Title
WO2020233616A1 (fr) Procédé de stockage de reçu et nœud utilisant un marquage de code en combinaison avec un type de transaction et un type d'utilisateur
WO2020233644A1 (fr) Procédé de stockage de reçu conditionnel et nœud combinant des dimensions de type de code et d'annotation
WO2020233642A1 (fr) Procédé de stockage de reçu conditionnel et nœud qui combinent un marquage de code et une dimension de type
WO2020233643A1 (fr) Procédé et nœud de stockage de reçu utilisant des informations multidimensionnelles et ayant une restriction
WO2020233612A1 (fr) Procédé et nœud de stockage de reçu combinant une annotation de code avec des types de transaction et d'événement
WO2020233638A1 (fr) Procédé et nœud de mémorisation de reçus basés sur un marquage de codes et sur un type de transaction
WO2020233613A1 (fr) Procédé et noeud de stockage de reçu conditionnel qui combinent le marquage de code avec un type de transaction
WO2020233609A1 (fr) Procédé de stockage de réception conditionnel et nœud combinant le marquage de code avec le type d'utilisateur
WO2020233622A1 (fr) Procédé de stockage de reçus et nœud sur la base d'un étiquetage de code et de multiples types de dimensions
WO2020233637A1 (fr) Procédé de stockage de reçu combinant un marquage de code avec un type d'utilisateur, et nœud
WO2020233623A1 (fr) Procédé de stockage de reçu et nœud combinant un type de transaction et un état d'évaluation
WO2020233610A1 (fr) Procédé de stockage de reçu combinant un marquage de code avec un type d'utilisateur et d'événement, et nœud
WO2020233640A1 (fr) Procédé de mémorisation de reçus et nœud basés sur un marquage de code et condition de détermination
WO2020233614A1 (fr) Procédé et nœud de stockage de reçu conditionnel combinant un étiquetage de code avec un type d'événement
WO2020233626A1 (fr) Procédé et nœud de stockage de reçu combinés à une limitation conditionnelle de types de transactions et d'utilisateurs
WO2020233635A1 (fr) Procédé de stockage de reçu combinant des restrictions conditionnelles de multiples types de dimensions et nœud
WO2020233630A1 (fr) Procédé et nœud de mémorisation de reçus en fonction du type d'utilisateur
WO2020233625A1 (fr) Procédé de stockage de reçus combinant un type d'utilisateur, des conditions de détermination et un nœud
WO2020233615A1 (fr) Procédé de stockage de reçu combinant un type d'utilisateur et un type de fonction d'événement et nœud
WO2020233628A1 (fr) Procédé et nœud de stockage de reçu basés sur une combinaison d'un type de fonction d'événement et d'une condition d'évaluation
WO2020233639A1 (fr) Procédé de stockage de reçus et nœud basés sur l'étiquetage de code et le type de fonction d'événement
WO2020233619A1 (fr) Procédé et nœud de stockage de reçu en combinaison avec un type d'utilisateur et un type de transaction
WO2020233624A1 (fr) Procédé de mémorisation de reçus et nœud utilisant un type de transaction en combinaison avec un type de fonction d'événement
WO2020233629A1 (fr) Procédé et nœud de stockage de reçu au niveau d'un objet sur la base d'un marquage de code
WO2020233627A1 (fr) Procédé et nœud de stockage de reçu basés sur de multiples types de dimensions

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20809945

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20809945

Country of ref document: EP

Kind code of ref document: A1