WO2021057167A1 - Method and device for transaction processing for fpga-based secure smart contract processor - Google Patents

Method and device for transaction processing for fpga-based secure smart contract processor Download PDF

Info

Publication number
WO2021057167A1
WO2021057167A1 PCT/CN2020/100492 CN2020100492W WO2021057167A1 WO 2021057167 A1 WO2021057167 A1 WO 2021057167A1 CN 2020100492 W CN2020100492 W CN 2020100492W WO 2021057167 A1 WO2021057167 A1 WO 2021057167A1
Authority
WO
WIPO (PCT)
Prior art keywords
fpga
register
chip
transaction
code program
Prior art date
Application number
PCT/CN2020/100492
Other languages
French (fr)
Chinese (zh)
Inventor
潘国振
魏长征
闫莺
郭学鹏
Original Assignee
支付宝(杭州)信息技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 支付宝(杭州)信息技术有限公司 filed Critical 支付宝(杭州)信息技术有限公司
Publication of WO2021057167A1 publication Critical patent/WO2021057167A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/76Architectures of general purpose stored program computers
    • G06F15/78Architectures of general purpose stored program computers comprising a single central processing unit
    • G06F15/7807System on chip, i.e. computer system on a single chip; System in package, i.e. computer system on one or more chips in a single package
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45583Memory management, e.g. access or allocation

Definitions

  • One or more embodiments of this specification relate to the field of blockchain technology, and more particularly to a transaction processing method and device based on an FPGA-based secure smart contract processor.
  • Blockchain technology is built on a transmission network (such as a peer-to-peer network).
  • the network nodes in the transmission network use chained data structures to verify and store data, and use distributed node consensus algorithms to generate and update data.
  • TEE Trusted Execution Environment
  • TEE can play the role of a black box in the hardware. Neither the code executed in the TEE nor the data operating system layer can be peeped, and only the pre-defined interface in the code can operate on it.
  • plaintext data is calculated in TEE instead of complex cryptographic operations in homomorphic encryption. There is no loss of efficiency in the calculation process. Therefore, the combination with TEE can achieve less performance loss. Under the premise, the security and privacy of the blockchain are greatly improved. At present, the industry is very concerned about the TEE solution.
  • TEE solutions including TPM (Trusted Platform Module) in software and Intel SGX (Software Guard Extensions) in hardware. , Software Protection Extension), ARM Trustzone (trust zone) and AMD PSP (Platform Security Processor, platform security processor).
  • one or more embodiments of this specification provide a transaction processing method and device based on an FPGA-based secure smart contract processor.
  • an FPGA-based secure smart contract processor transaction processing method which includes: FPGA structure loads the deployed circuit logic configuration files in the memory onto the FPGA chip , To form a register type on-chip processor for realizing virtual machine logic on the FPGA chip; the FPGA structure obtains the register type code program of the smart contract involved in the transaction according to the transaction received by the blockchain node to which it belongs The FPGA structure transfers the register type code program to the register type on-chip processor, so that the register type on-chip processor executes the register type code program.
  • an FPGA-based secure smart contract processor transaction processing device which includes: a loading unit that enables the FPGA structure to load the deployed circuit logic configuration file in the memory To the FPGA chip to form a register-based on-chip processor for realizing virtual machine logic on the FPGA chip; the acquisition unit enables the FPGA structure to acquire the transaction involved in the transaction according to the transaction received by the blockchain node to which it belongs The register-style code program of the smart contract; an execution unit that causes the FPGA structure to transfer the register-style code program to the register-style on-chip processor, so that the register-style on-chip processor executes the register-style code program.
  • an electronic device including: a processor; a memory for storing executable instructions of the processor; wherein the processor runs the executable instructions In order to realize the method as described in the first aspect.
  • a computer-readable storage medium on which computer instructions are stored, and when the instructions are executed by a processor, the steps of the method described in the first aspect are implemented.
  • Fig. 1 is a flowchart of a transaction processing method of an FPGA-based secure smart contract processor provided by an exemplary embodiment.
  • Fig. 2 is a schematic structural diagram of a blockchain node provided by an exemplary embodiment.
  • Fig. 3 is a schematic diagram of forming a functional module on an FPGA chip provided by an exemplary embodiment.
  • Fig. 4 is a block diagram of an FPGA-based secure smart contract processor-based transaction processing device provided by an exemplary embodiment.
  • the steps of the corresponding method are not necessarily executed in the order shown and described in this specification.
  • the method may include more or fewer steps than described in this specification.
  • a single step described in this specification may be decomposed into multiple steps for description in other embodiments; and multiple steps described in this specification may also be combined into a single step in other embodiments. description.
  • Block chains are generally divided into three types: Public Blockchain, Private Blockchain and Consortium Blockchain.
  • the public chain is represented by Bitcoin and Ethereum. Participants who join the public chain can read the data records on the chain, participate in transactions, and compete for the accounting rights of new blocks. Moreover, each participant (ie, node) can freely join and exit the network, and perform related operations.
  • the private chain is the opposite.
  • the write permission of the network is controlled by an organization or institution, and the data read permission is regulated by the organization.
  • the private chain can be a weakly centralized system with strict restrictions and few participating nodes.
  • This type of blockchain is more suitable for internal use by specific institutions.
  • Consortium chain is a block chain between public chain and private chain, which can realize "partial decentralization".
  • Each node in the alliance chain usually has a corresponding entity or organization; participants are authorized to join the network and form a stakeholder alliance to jointly maintain the operation of the blockchain.
  • the nodes in the blockchain network may use a solution that combines the blockchain and the TEE (Trusted Execution Environment).
  • TEE Trusted Execution Environment
  • TEE is a secure extension based on CPU hardware and a trusted execution environment that is completely isolated from the outside.
  • TEE was first proposed by Global Platform to solve the security isolation of resources on mobile devices, and parallel to the operating system to provide a trusted and secure execution environment for applications.
  • ARM's Trust Zone technology is the first to realize the real commercial TEE technology. With the rapid development of the Internet, security requirements are getting higher and higher. Not only mobile devices, cloud devices, and data centers have put forward more demands on TEE.
  • TEE has also been rapidly developed and expanded. Compared with the originally proposed concept, the TEE referred to now is a more generalized TEE.
  • server chip manufacturers Intel and AMD have successively introduced hardware-assisted TEE and enriched the concepts and features of TEE, which has been widely recognized in the industry.
  • the TEE mentioned now usually refers more to this kind of hardware-assisted TEE technology.
  • SGX provides an enclave (also known as an enclave), which is an encrypted trusted execution area in the memory, and the CPU protects data from being stolen.
  • enclave also known as an enclave
  • the CPU protects data from being stolen.
  • a part of the area EPC Enclave Page Cache, enclave page cache or enclave page cache
  • the encryption engine MEE Memory Encryption Engine
  • the first step in using TEE is to confirm the authenticity of TEE.
  • the related technology provides a remote certification mechanism for the above-mentioned SGX technology to prove that the SGX platform on the target device and the challenger have deployed the same configuration file.
  • the TEE technology in the related technology is implemented by software or a combination of software and hardware, even if the remote attestation method can indicate to a certain extent that the configuration file deployed in the TEE has not been tampered with, the TEE itself depends on the operation The environment cannot be verified.
  • a virtual machine for executing smart contracts needs to be configured in the TEE.
  • the instructions executed by the virtual machine are not directly executed, but actually executed corresponding X86 instructions (Assuming that the target device adopts the X86 architecture), which poses a certain degree of security risk.
  • this specification proposes a hardware TEE technology based on FPGA implementation.
  • FPGA implements hardware TEE by loading circuit logic configuration files. Because the content of the circuit logic configuration file can be checked and verified in advance, and the FPGA is configured and operated completely based on the logic recorded in the circuit logic configuration file, it can be ensured that the hardware TEE implemented by the FPGA has relatively higher security.
  • all virtual machines in related technologies adopt a stack architecture, so that FPGAs configured accordingly also use an operand stack to execute code programs of smart contracts, and the operating efficiency is much lower than the register architecture.
  • Fig. 1 is a flowchart of a transaction processing method of an FPGA-based secure smart contract processor provided by an exemplary embodiment. As shown in Figure 1, the method is applied to the FPGA structure and can include the following steps:
  • Step 102 The FPGA structure loads the deployed circuit logic configuration file in the memory onto the FPGA chip to form a register-type on-chip processor for realizing virtual machine logic on the FPGA chip.
  • the FPGA chip contains a number of editable hardware logic units. After these hardware logic units are configured via a circuit logic configuration file, they can be implemented as corresponding functional modules to implement corresponding logic functions. Specifically, the circuit logic configuration file can be burned to the FPGA structure based on the form of a bit stream.
  • a register-based on-chip processor can be formed on the FPGA chip.
  • the register-based on-chip processor can be used to implement virtual machine logic in related technologies, which is equivalent to configuring on the FPGA chip.
  • the formed "hardware virtual machine", for example, the virtual machine logic may include the execution logic of the Ethereum virtual machine or the execution logic of the WASM virtual machine, etc. This specification does not limit this.
  • Step 104 The FPGA structure obtains the register-type code program of the smart contract involved in the transaction according to the transaction received by the blockchain node to which it belongs.
  • Byte-code is composed of a series of bytes, and each byte can identify an operation. Based on many considerations such as development efficiency and readability, developers may not directly write bytecode programs, but choose a high-level language to write code programs for smart contracts. A code program written in a high-level language is compiled by a compiler to generate a corresponding bytecode program, and then the bytecode program can be deployed to the blockchain. There are many high-level languages supported by Ethereum, such as Solidity, Serpent, and LLL languages.
  • the above-mentioned compiler can be deployed on the client, so that the client can compile a code program written in a high-level language into a bytecode program through the compiler, and then compile the bytecode program into a register code program, and then pass The transaction is submitted to the blockchain network; or; the client can directly compile the code program written in the high-level language into a register code program by the compiler; or, the above-mentioned compiler can be deployed at the blockchain node to make the blockchain node After receiving the transaction submitted by the client, if the transaction contains a code program written in a high-level language, the blockchain node can use a compiler to compile the code program written in a high-level language into a bytecode program, and then the byte code program The code program is compiled into a register-style code program, or a blockchain node can directly compile a code program written in a high-level language into a register-style code program through a compiler. If the transaction contains a bytecode program, the blockchain no
  • the contract written in it is very similar to the class in the object-oriented programming language.
  • a variety of members can be declared in a contract, including contract state (or state variable), function, and function modifier. , Events, etc.
  • the contract state is the value permanently stored in the account storage of the smart contract and is used to save the state of the contract.
  • the compilation result of the compiler is, for example, as shown below (/*...*/The part of... is a comment, and if there are Chinese characters after it, it is the corresponding Chinese comment):
  • dup2/* copy the second item from the top to the bottom in the stack, so at this time the stack has 1, 0, and 1 data from the top to the top*/
  • Solidity code in the above code example is compiled into a corresponding bytecode program, and each bytecode contained in the bytecode program includes a byte-length opcode (Opcode) and the following zero at most Operands (Operands), which are the parameters required by the corresponding operation code during execution.
  • Opcode byte-length opcode
  • Operaands the following zero at most Operands
  • the code program obtained by the blockchain node in the related technology is usually a bytecode program.
  • the high-level language program can be compiled into a bytecode program at the client.
  • the client can further compile the bytecode program into a register-style code program, and then submit the transaction containing the register-style code program to the blockchain node through the client.
  • the compiler can compile the high-level language program into a bytecode program, and further compile the bytecode program into a register code program.
  • the bytecode program is based on the stack type, and the characteristic of the stack type architecture is that there is no ambiguity. Therefore, by first compiling the high-level language program into a bytecode program, the code behavior represented by the code program can be solidified, so that further compilation can be obtained.
  • the register code program is completely based on the solidified code behavior and will not change the code behavior, thus ensuring that the logic executed by all blockchain nodes is completely consistent.
  • this specification does not limit this.
  • Step 106 The FPGA structure transfers the register-type code program to the register-type on-chip processor, so that the register-type on-chip processor executes the register-type code program.
  • the bytecode program obtained by compiling the high-level language program is a stack type.
  • the operand involved in the bytecode program is written into the operand stack.
  • the operands involved in the register-based code program are written into the registers on the FPGA chip, rather than written into the operand stack, so that the register-based on-chip processor can perform operations based on the corresponding opcodes.
  • Register information (such as name, etc.) and directly process the operands stored in the register. Compared with pushing the operands into the operand stack or popping them from the operand stack, it is equivalent to the operands in multiple registers. Implement parallel operations to achieve the above-mentioned effects of improving efficiency and speeding up.
  • the FPGA structure can obtain the above-mentioned transaction in an encrypted state from the blockchain node, and pass the transaction to the encryption and decryption module on the FPGA chip.
  • the encryption and decryption module is formed on the FPGA chip by the above-mentioned deployed circuit logic configuration file, and its formation process is similar to the above-mentioned register-type on-chip processor. Then, the FPGA structure obtains the bytecode program according to the decrypted transaction content output by the encryption and decryption module.
  • the data field of the transaction content after decryption will contain the register code program of the smart contract.
  • the to field of the decrypted transaction content will contain the contract address of the called smart contract, and the FPGA structure can call the corresponding deployed register-style code program based on the contract address; for example, when the smart When the contract is deployed at the blockchain node, the FPGA structure can send the above-mentioned contract address to the blockchain node, and the blockchain node returns the register code program corresponding to the contract address to the FPGA structure.
  • a node private key can be deployed on the FPGA structure, and the node public key corresponding to the node private key is in a public state.
  • the above transaction can be encrypted and generated by the transaction initiator based on the symmetric key and node public key maintained by itself (for example, randomly generated for each transaction) using a digital envelope method: the transaction initiator encrypts the plaintext transaction content through the symmetric key to obtain The ciphertext transaction content, and the above-mentioned symmetric key is encrypted by the node public key to obtain the ciphertext symmetric key, and the above-mentioned transaction includes the ciphertext transaction content and the ciphertext symmetric key.
  • the FPGA structure can form a decryption module on the FPGA chip through the deployed circuit logic configuration file, and decrypt the above-mentioned transaction through the decryption module.
  • the decryption module first decrypts the ciphertext symmetric key based on the node's private key to obtain the above-mentioned symmetric key, and then the decryption module decrypts the ciphertext transaction content based on the symmetric key to obtain the above-mentioned plaintext transaction content, namely The decrypted transaction.
  • the register-type on-chip processor executes the above-mentioned register-type code program, it can generate the corresponding contract status, transaction receipt, and so on.
  • the transaction receipt may include information such as the transaction execution result, which needs to be fed back to the transaction initiator.
  • the FPGA structure can pass the transaction receipt generated by the register-based on-chip processor into the encryption module, and encrypt it with the symmetric key adopted by the digital envelope, and then the encrypted transaction
  • the receipt is returned to the blockchain node and then provided to the transaction initiator; where the encryption module is formed by the FPGA chip by loading the deployed circuit logic configuration file. Since the symmetric key used in the digital envelope is only held by the transaction initiator, using the symmetric key to generate an encrypted transaction receipt can ensure that the encrypted transaction receipt can only be decrypted by the transaction initiator to ensure the security and safety of the transaction receipt. privacy protection.
  • the code program can be deployed at the blockchain node, and the FPGA structure can request the blockchain node to obtain the code program for execution in the register-type on-chip processor formed on the FPGA chip.
  • the blockchain node belongs to the external storage space outside the FPGA chip, and the external storage space can also exist in other forms.
  • the FPGA structure can include an external DDR memory connected to the FPGA chip, etc., which can also be used to deploy the aforementioned code programs. At this time, the number of interactions between the FPGA structure and the blockchain node can be reduced.
  • the code program can also be deployed in the on-chip storage space of the FPGA chip.
  • the FPGA structure only the FPGA chip is considered to be a safe environment (TEE based on the FPGA structure), and the environment outside the FPGA chip is considered insecure, so the register code program can be deployed on the above-mentioned chip in clear text Storage space, but must be deployed in the above-mentioned external storage space in the form of ciphertext. Therefore, when the FPGA structure obtains the encrypted register code program from, for example, an external storage space, the encrypted register code program can be transferred to the decryption module on the FPGA chip, and the decrypted register output by the decryption module can be obtained.
  • Type code program in order to be executed in the register type on-chip processor.
  • the encrypted register-type code program can be obtained by encrypting the register-type code program by the service root key maintained by the FPGA structure or a derived key of the service root key. For example, after the FPGA structure obtains a transaction for deploying a smart contract, a register-type code program in plain text can be obtained from the transaction. Then, the FPGA structure can encrypt the register type code program through the encryption module to obtain the encrypted register type code program.
  • the key used is the above-mentioned service root key or the derived key of the service root key.
  • the node private key and service root key described above can be deployed to the FPGA structure by the user. Users can complete the deployment locally or remotely through the client. In the remote deployment process, the client can negotiate with the FPGA structure in advance to obtain the business secret deployment key, and the node private key or business root key can be encrypted and sent to the FPGA structure through the business secret deployment key, and the FPGA structure can be passed through The business secret deployment key decrypts the received data to obtain the node private key or the business root key.
  • a key agreement module By loading the deployed circuit logic configuration file onto the FPGA chip, a key agreement module can be formed on the FPGA chip, and the FPGA structure can implement the above-mentioned key agreement operation based on the key agreement module and the client.
  • the key agreement process can be implemented using any algorithm or standard in related technologies, which is not limited in this specification.
  • the key agreement process can include: the user can generate a key Ka-1 at the local client, the key agreement module can generate a key Kb-1 locally, and the client can generate a key Kb-1 based on the key Ka- 1
  • the key agreement module can calculate the key agreement information Kb-2 based on the key Kb-1, and then the client sends the key agreement information Ka-2 to the key agreement module
  • the key agreement module sends the key agreement information Kb-2 to the client, so that the client can generate a secret value based on the key Ka-1 and the key agreement information Kb-2, and the key agreement module can be based on the key Kb -1 generates the same secret value as the key agreement information Ka-2, and finally the client and the key agreement module respectively derive the same business secret deployment key from the same secret value based on the key derivation function, and the business secret deployment
  • the key can be stored in the FPGA chip or the secret management chip.
  • the key agreement information Ka-2 and key agreement information Kb-2 are transmitted between the client and the key agreement module via the blockchain node, the key Ka-1 is controlled by the client , The key Kb-1 is controlled by the key agreement module, so it can ensure that the blockchain node cannot know the final secret value and the business secret deployment key, and avoid possible security risks.
  • An authentication root key can be deployed in the FPGA structure, and the authentication root key can be pre-placed in the FPGA structure, or the authentication root key can be deployed to the FPGA structure by the client or other objects in an offline security environment, or the The authentication root key can be remotely deployed into the FPGA structure by the client or other objects.
  • the authentication root key is an asymmetric key.
  • the key agreement module can sign the generated key agreement information Kb-2 with the authentication root key, and the client can verify the signature to determine whether the received information actually comes from the FPGA structure and has not been transmitted during transmission. Tampered, and the information that fails the signature verification will not be trusted and adopted by the client.
  • the public key of the authentication root key can be managed by the authentication server and not made public, then the client can send the received information to the authentication server, and the authentication server can perform signature verification with the maintained public key; then, the authentication The server can provide the client with the verification result, the verification result is signed by the verification server, and the verification result contains the certificate of the verification server or the public key of the verification server can be made public, so that the client can verify the signature to determine the validity of the verification result Sex.
  • the public key of the authentication root key can be made public, so that the client can perform signature verification on the information from the FPGA structure based on the public key without going through the authentication server, which can reduce the interactive links in the signature verification process. Thereby improving the efficiency of verification and reducing the security risks caused by more interactive links.
  • the aforementioned authentication root key can be deployed to the FPGA structure based on the aforementioned deployed circuit logic configuration file.
  • the FPGA structure can avoid taking the authentication root key from the circuit logic configuration file, so that the FPGA structure can obtain the corresponding authentication root key after loading the circuit logic configuration file to the FPGA chip.
  • the FPGA structure can include a key management chip independent of the FPGA chip, and the FPGA structure can take the authentication root key out of the circuit logic configuration file to which it belongs and maintain it in the key management chip, so that only the authentication root key exists In the key management chip, it will no longer appear in the circuit logic configuration file deployed on the FPGA structure to improve the security of the authentication root key.
  • the public key or preset certificate corresponding to the client can be deployed on the FPGA structure.
  • the client can sign the aforementioned key agreement information Ka-2 and then send it to the FPGA structure, so that the FPGA structure can perform signature verification on the received key agreement information Ka-2, and verify that the signature is based on the key.
  • Negotiation information Ka-2 is one of the conditions for generating a secret value.
  • the public key or certificate corresponding to the client can be deployed in the FPGA structure by the aforementioned circuit logic configuration file.
  • the FPGA structure can also negotiate other keys with the client for use in other scenarios.
  • the FPGA structure can negotiate with the client through the key agreement module to obtain the configuration file deployment key, and the process can refer to the above-mentioned negotiation process for the business secret deployment key.
  • the FPGA structure can also negotiate to obtain multiple keys at one time; for example, when the key agreement module negotiates with the client to obtain the above-mentioned secret value After that, a 32-bit character string can be derived at one time based on KDF, and the first 16-bit character string and the last 16-bit character string can be used as different keys, such as the configuration file deployment key and the business secret deployment key mentioned above.
  • the circuit logic configuration files that have been deployed on the FPGA structure are implemented and updated.
  • the FPGA structure receives the encrypted new version of the circuit logic configuration file from the client, it can read the encrypted new version of the circuit logic configuration file into the trusted update module on the FPGA chip for decryption.
  • the circuit logic configuration file is formed on the FPGA chip; accordingly, the FPGA structure can update the deployed circuit logic configuration file based on the new version of the circuit logic configuration file obtained by decryption.
  • the client can use the above configuration file deployment key to encrypt the new version of the circuit logic configuration file to obtain the encrypted new version of the circuit logic configuration file
  • the trusted update module can also encrypt the new version of the circuit logic configuration file based on the above configuration file deployment key.
  • the new version of the circuit logic configuration file is decrypted to obtain the new version of the circuit logic configuration file.
  • the client can also sign the new version of the circuit logic configuration file before encryption, and the trusted update module can decrypt the new version of the circuit logic configuration file based on the user public key or preset certificate pre-configured on the FPGA structure. Carry out verification. Then, in the case of a decryption failure or a signature verification failure, the trusted update module can terminate the update operation.
  • the "new version” is relative to the circuit logic configuration file that has been deployed on the FPGA structure, to indicate that the deployed circuit logic configuration file is configured in the FPGA structure relatively earlier, and It does not mean that the logic or function implemented by the corresponding circuit logic configuration file will necessarily achieve version iteration.
  • the circuit logic configuration file can be directly read and configured in the FPGA chip.
  • the FPGA chip is volatile, and the circuit logic configuration file deployed after the power is off will be lost, so that the client needs to re-deploy the circuit logic configuration file after power on.
  • the FPGA structure can further include a memory, which is connected to the FPGA chip, so that the circuit logic configuration file is deployed in the memory, and the FPGA chip reads the circuit logic configuration file from the memory to implement related functions ;
  • the memory is non-volatile, even if the power is off, the circuit logic configuration file can still be saved, and after the power is turned on, it is only necessary to read the FPGA chip from the memory again, without the client re-deployment.
  • the memory may have various forms, such as a non-volatile memory that can be re-erasable, such as flash memory, and a non-re-erasable memory, such as a fuse memory, which is not limited in this specification. Therefore, when the deployed circuit logic configuration file is located in the memory, the FPGA structure can update and deploy the memory based on the new version of the circuit logic configuration file, so that the deployed circuit logic configuration file in the memory is updated to the new version of the circuit logic configuration file.
  • the FPGA structure can generate an authentication result for the new version of the circuit logic configuration file that is updated and deployed, and the authentication result includes content related to the new version of the circuit logic configuration file.
  • the above-mentioned content related to the new version of the circuit logic configuration file may be the hash value of the new version of the circuit logic configuration file or a derived value of the hash value; and the client can generate the hash value or the hash value based on the new version of the circuit logic configuration file maintained by itself. If the client receives and generates the same hash value (or its derived value), the client can determine that the new version of the circuit logic file has been successfully deployed to the FPGA structure.
  • the FPGA structure can sign the authentication result with the authentication root key and send it to the client, so that the client can determine that the received authentication result comes from the FPGA structure and has not been tampered with.
  • the authentication root key used in the FPGA structure can be provided by the previously deployed circuit logic configuration file; or, when the new version of the circuit logic configuration file contains the new version of the authentication root key, the FPGA structure can be based on the new version of the authentication root key Sign the authentication result.
  • the authentication result may also be related to other information.
  • the new version of the circuit logic configuration file can be loaded on the FPGA chip to form a new version of the key agreement module, and based on the new version of the key agreement module, the key agreement module can be negotiated with the client. If the new version configuration file deployment key is obtained, the other information mentioned above can be the hash value (or its derivative value) of the new version configuration file deployment key.
  • the new version key agreement module negotiates the deployment key of the new version of the configuration file with the client, the authentication root key recently deployed on the FPGA structure is used.
  • the authentication root key can come from the previously deployed circuit logic configuration file or the new version of the circuit. Logical configuration file. Among them, when the foregoing deployed circuit logic configuration file and the new version of the circuit logic configuration file on the FPGA structure are not generated and deployed by the same user, the foregoing deployed circuit logic configuration file may be viewed by other users before being burned to the FPGA structure Or check, causing the authentication root key contained in the deployed circuit logic configuration file to be known by other users, which poses a certain security risk. Therefore, deploying a new version of the authentication root key through the new version of the circuit logic configuration file can effectively improve security.
  • the FPGA structure can respectively generate the hash value of the new version of the circuit logic configuration file and the hash value of the new version of the configuration file deployment key, and calculate the two hash values through such as sm3 algorithm or other algorithms.
  • the calculation result can be used as the above-mentioned content related to the new version of the circuit logic configuration file; accordingly, based on the authentication result, the client can determine that the new version of the circuit logic configuration file is successfully deployed on the FPGA structure, and the client and the FPGA structure are successfully negotiated Get the new version of the configuration file deployment key.
  • Fig. 2 is a schematic structural diagram of a blockchain node provided by an exemplary embodiment.
  • an FPGA structure can be added to the blockchain node to implement hardware TEE.
  • the FPGA structure can be an FPGA board as shown in FIG. 2.
  • the FPGA board can be connected to the blockchain node through the PCIE interface to realize the data interaction between the FPGA board and the blockchain node.
  • FPGA boards can include FPGA chips, Flash (flash memory) chips, and dense tube chips; of course, in addition to FPGA chips in some embodiments, they may only include parts of the remaining Flash chips and dense tube chips. , Or may contain more structures, here are just examples.
  • no user-defined logic is programmed on the FPGA chip, which is equivalent to the FPGA chip in a blank state.
  • Users can burn circuit logic configuration files on the FPGA chip to form corresponding functions or logic on the FPGA chip.
  • the FPGA board does not have the capability of security protection, so it usually needs to provide an external security environment.
  • users can implement the programming of the circuit logic configuration file in an offline environment to achieve physical security isolation. Instead of implementing remote programming online.
  • the corresponding logic code can be formed through FPGA hardware language, and then the logic code can be mirrored to obtain the above-mentioned circuit logic configuration file.
  • the user can check the above-mentioned logic code. Especially, when multiple users are involved at the same time, multiple users can check the above logic code separately to ensure that the FPGA board can finally meet the needs of all users and prevent security risks, logic errors, fraud and other abnormalities. problem.
  • the user can burn the circuit logic configuration file to the FPGA board in the above-mentioned offline environment.
  • the circuit logic configuration file is transferred from the blockchain node to the FPGA board, and then deployed to the Flash chip as shown in Figure 2, so that even if the FPGA board is powered off, the Flash chip can still save the above-mentioned circuit logic. Configuration file.
  • Fig. 3 is a schematic diagram of forming a functional module on an FPGA chip provided by an exemplary embodiment.
  • the hardware logic unit contained in the FPGA chip can be configured to form corresponding functional modules on the FPGA chip.
  • the formed functional modules can include such Figure 3 shows the plaintext calculation module, key agreement module, decryption signature verification module, encryption and decryption module, etc.
  • the circuit logic configuration file can also be used to transmit the information that needs to be stored to the FPGA board.
  • the preset certificate can be stored on the FPGA chip, and the authentication root key can be stored in the secret tube chip (the authentication root key can also be Stored on the FPGA chip) and so on.
  • the FPGA board can realize remote key agreement with the user.
  • the key agreement process can use related technologies. Any algorithm or standard can be implemented, and this specification does not limit it.
  • the key agreement process can include: the user can generate a key Ka-1 at the local client, the key agreement module can generate a key Kb-1 locally, and the client can generate a key Kb-1 based on the key Ka- 1 Calculate the key agreement information Ka-2, the key agreement module can calculate the key agreement information Kb-2 based on the key Kb-1, and then the client sends the key agreement information Ka-2 to the key agreement module, The key agreement module sends the key agreement information Kb-2 to the client, so that the client can generate a secret value based on the key Ka-1 and the key agreement information Kb-2, and the key agreement module can be based on the key Kb -1 generates the same secret value as the key agreement information Ka-2, and finally the client and the key agreement module respectively derive the same
  • the key agreement information Ka-2 and key agreement information Kb-2 are transmitted between the client and the key agreement module via the blockchain node
  • the key Ka-1 is controlled by the client
  • the key Kb-1 is controlled by the key agreement module, so it can ensure that the blockchain node cannot know the final secret value and the configuration file deployment key, so as to avoid possible security risks.
  • the secret value is also used to derive the business secret deployment key; for example, the secret value can be derived as a 32-bit value, the first 16 bits can be used as the configuration file deployment key, and the last 16 bits can be used as the business secret deployment Key.
  • the user can deploy the service key to the FPGA board through the service secret deployment key.
  • the service key may include the node private key and the service root key.
  • the user can use the business secret deployment key on the client to sign, encrypt the node private key or the business root key, and send it to the FPGA board, so that after the FPGA board is decrypted and verified through the decryption verification module, Deploy the obtained node private key or service root key.
  • the FPGA board can be implemented as a TEE on the blockchain node to meet privacy requirements. For example, when a blockchain node receives a transaction, if the transaction is a plaintext transaction, the blockchain node can directly process the plaintext transaction, if the transaction is a private transaction, the blockchain node transmits the private transaction to the FPGA The board is processed.
  • the transaction content of a plaintext transaction is in plaintext form, and the contract status generated after the transaction is executed is also stored in plaintext form.
  • the transaction content of a private transaction is in the form of cipher text, which is obtained by encrypting the content of the transaction in plain text by the transaction initiator, and the contract state generated after the transaction is executed needs to be stored in the form of cipher text to ensure the protection of transaction privacy.
  • the transaction initiator can generate a symmetric key randomly or based on other methods.
  • the business public key corresponding to the above-mentioned business private key is disclosed, then the transaction initiator can perform transaction content in plaintext based on the symmetric key and the business public key.
  • the transaction initiator encrypts the plaintext transaction content with a symmetric key, and encrypts the symmetric key with the business public key.
  • the two parts obtained are included in the above-mentioned private transaction; in other words, the private transaction includes Two parts of content: the content of the transaction in plaintext encrypted with a symmetric key, and the symmetric key encrypted with the business public key.
  • the encryption and decryption module can use the business private key to decrypt the symmetric key encrypted with the business public key to obtain the symmetric key, and then the encryption and decryption module
  • the symmetric key is used to decrypt the plaintext transaction content encrypted with the symmetric key to obtain the plaintext transaction content.
  • Private transactions can be used to deploy smart contracts, then the data field of the plaintext transaction content can contain the register contract code of the smart contract to be deployed; or, the privacy transaction can be used to call the smart contract, then the to field of the plaintext transaction content can contain the The contract address of the called smart contract, and the FPGA board can call the corresponding register-type contract code based on the contract address.
  • the plaintext calculation module formed on the FPGA chip is used to implement virtual machine logic in related technologies, that is, the plaintext calculation module is equivalent to the "hardware virtual machine" on the FPGA board. Therefore, after the register-type contract code is determined based on the above-mentioned plaintext transaction content, the register-type contract code can be passed into the plaintext calculation module, so that the plaintext calculation module executes the register-type contract code. After the execution is completed, the status of the contract involved in the register-type contract code may be updated.
  • the encryption and decryption module can encrypt the updated contract state through the aforementioned business root key or its derivative key, and store the encrypted contract state to ensure privacy
  • the transaction-related data is only in the clear text state in the FPGA chip and in the cipher text state outside the FPGA chip, so as to ensure the security of the data.
  • the plaintext calculation module can be the register type on-chip processor in this specification.
  • the register-type on-chip processor executes the register-type code program of the smart contract.
  • the register code program can be directly compiled by the high-level language program on the client by the transaction submitting party, or the high-level language program can be compiled into a byte code program and then compiled into a register code program.
  • the register-based on-chip processor stores the operands involved in the operation instructions contained in the register-based code program in the registers on the FPGA chip during the execution of the register-based code program, and the execution is related When operating instructions, directly obtain operands and perform operations based on the information in the registers, and then store the results of the operations in the registers.
  • the number of operands involved in the above machine code can be one or more.
  • each operand can be stored in or read from the register in parallel, instead of being pushed or popped into the stack in sequence, so it has a relatively higher execution efficiency.
  • the stack operation involves 4 steps, and the register operation involves 2 steps. If each step requires one clock cycle of the register-based on-chip processor, Then the stack operation needs to consume 4 clock cycles, and the register operation only needs 2 clock cycles.
  • the register-based on-chip processor can read the operands corresponding to these operation instructions in parallel to implement parallel operations on these operands. For example, when the contract code contains 1000 instructions, assuming that each instruction needs to occupy one clock cycle of the register-based on-chip processor, then the sequential execution of the contract code needs to consume 1000 clock cycles, and based on the above parallel operation, the clock cycle can be reduced. The amount of consumption and the specific reduction depends on the dependency between the instructions.
  • the user may want to update the version of the circuit logic configuration file deployed on the FPGA board.
  • the authentication root key contained in the circuit logic configuration file may be known by risky users, or the user wants to update the version on the FPGA board.
  • the deployed functional modules are upgraded, etc. This manual does not limit this.
  • the circuit logic configuration file that has been deployed in the above process can be referred to as the old version of the circuit logic configuration file, and the circuit logic configuration file that needs to be deployed is referred to as the new version of the circuit logic configuration file.
  • the user can generate a new version of the circuit logic configuration file through the process of writing code and mirroring. Further, the user can sign the new version of the circuit logic configuration file with his own private key, and then encrypt the signed new version of the circuit logic configuration file with the configuration file deployment key negotiated above to obtain the encrypted new version of the circuit Logical configuration file. In some cases, there may be multiple users at the same time, so the old version of the circuit logic configuration file needs to deploy the preset certificates corresponding to these users to the FPGA board, and these users need to use their own private keys to pair the new version of the circuit. Sign the logical configuration file.
  • the user can remotely send the encrypted new version of the circuit logic configuration file to the blockchain node through the client, and the blockchain node will further transfer it to the FPGA board.
  • the decryption verification module formed on the FPGA chip in the foregoing process is located on the transmission path between the PCIE interface and the Flash chip, so that the encrypted new version of the circuit logic configuration file must first be successfully processed by the decryption verification module before it can be
  • the Flash chip is passed in to achieve a credible update, and the Flash chip cannot be updated directly without bypassing the process of decryption and verification.
  • the decryption verification module After the decryption verification module receives the encrypted new version of the circuit logic configuration file, it first decrypts it with the configuration file deployment key deployed on the FPGA board. If the decryption is successful, the decryption verification module is further based on the preset certificate deployed on the FPGA chip , To perform signature verification on the decrypted new version of the circuit logic configuration file.
  • the decryption fails or the signature verification fails, it means that the received file is not from the above-mentioned user or has been tampered with, and the decryption verification module will trigger the termination of this update operation; and if the decryption is successful and the verification is passed, it can be It is determined that the obtained new version of the circuit logic configuration file is from the aforementioned user and has not been tampered with during the transmission process.
  • the new version of the circuit logic configuration file can be further transmitted to the Flash chip to update and deploy the old version of the circuit logic configuration file in the Flash chip.
  • the above-mentioned key agreement module, decryption and verification module can also be formed on the FPGA chip, and the pre-set certificate and authentication can be stored in the FPGA chip. Root key and other information.
  • the formed key agreement module, decryption verification module, etc., the implemented functional logic can be changed and upgraded, and the information stored in the deployed preset certificate, authentication root key and other information may also be different from the information before the update .
  • the FPGA board can remotely negotiate with the user to obtain a new configuration file deployment key based on the updated key agreement module, authentication root key, etc., and the configuration file deployment key can be used for the next renewal Update process. Similarly, a reliable update operation for FPGA boards can be continuously implemented accordingly.
  • the FPGA board can generate certification results for the new version of the circuit logic configuration file.
  • the above-mentioned key agreement module can calculate the hash value of the new version of the circuit logic configuration file and the hash value of the configuration file deployment key negotiated based on the new version of the circuit logic configuration file through an algorithm such as sm3 or other algorithms.
  • the calculation result can be used as the above-mentioned authentication result, and the key agreement module sends the authentication result to the user.
  • the user can verify the authentication result on the client based on the maintained new version of the circuit logic configuration file and the configuration file deployment key negotiated accordingly. If the verification is successful, it indicates that the new version of the circuit logic configuration file is successful on the FPGA board. Deployed, and the user and the FPGA board successfully negotiated accordingly to obtain a consistent configuration file deployment key, thereby confirming the successful completion of the circuit logic configuration file update deployment.
  • Fig. 4 is a schematic structural diagram of an FPGA-based secure smart contract processor-based transaction processing device provided by an exemplary embodiment. Please refer to Figure 4, in the software implementation, the device may include:
  • the loading unit 401 causes the FPGA structure to load the deployed circuit logic configuration file in the memory onto the FPGA chip, so as to form a register-type on-chip processor for realizing virtual machine logic on the FPGA chip;
  • the acquiring unit 402 enables the FPGA structure to acquire the register-type code program of the smart contract involved in the transaction according to the transaction received by the blockchain node to which it belongs;
  • the execution unit 403 causes the FPGA structure to transfer the register-type code program to the register-type on-chip processor, so that the register-type on-chip processor executes the register-type code program.
  • the operands involved in the register-type code program are written into the registers on the FPGA chip.
  • the register-style code program is directly compiled by a high-level language program; or, the register-style code program is directly compiled by a bytecode program, and the bytecode program is directly compiled by the high-level language program .
  • it further includes: a decryption unit 404 to enable the FPGA structure to obtain an encrypted transaction from the blockchain node to which it belongs, and pass the transaction to the decryption module on the FPGA chip to obtain the content of the transaction in plaintext ;
  • the decryption module is formed on the FPGA chip by the deployed circuit logic configuration file;
  • An extracting unit 405 when the transaction is used to deploy a smart contract, causes the FPGA structure to extract the register code program from the plaintext transaction content;
  • the search unit 406 when the transaction is used for invoking a smart contract, causes the FPGA structure to extract the contract address from the plaintext transaction content, and obtain the register code program based on the contract address.
  • the search unit 406 is specifically configured to: make the FPGA structure request and obtain the encrypted register code program corresponding to the contract address from the blockchain node; make the FPGA structure encrypt the The latter register code program is passed into the decryption module to decrypt the register code program.
  • a plaintext storage unit 407 which enables the FPGA structure to store the contract state updated after the register code program is run in the on-chip storage space of the FPGA chip; or,
  • the ciphertext storage unit 408 enables the FPGA structure to encrypt the updated contract state after the register code program runs through the encryption module on the FPGA chip, and stores the encrypted contract state outside the FPGA chip The external storage space; wherein the encryption module is formed on the FPGA chip by the deployed circuit logic configuration file.
  • the virtual machine logic includes: the execution logic of the Ethereum virtual machine or the execution logic of the WASM virtual machine.
  • a typical implementation device is a computer.
  • the specific form of the computer can be a personal computer, a laptop computer, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email receiving and sending device, and a game control A console, a tablet computer, a wearable device, or a combination of any of these devices.
  • the computer includes one or more processors (CPU), input/output interfaces, network interfaces, and memory.
  • processors CPU
  • input/output interfaces network interfaces
  • memory volatile and non-volatile memory
  • the memory may include non-permanent memory in a computer readable medium, random access memory (RAM) and/or non-volatile memory, such as read-only memory (ROM) or flash memory (flash RAM). Memory is an example of computer readable media.
  • RAM random access memory
  • ROM read-only memory
  • flash RAM flash memory
  • Computer-readable media include permanent and non-permanent, removable and non-removable media, and information storage can be realized by any method or technology.
  • the information can be computer-readable instructions, data structures, program modules, or other data.
  • Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technology, CD-ROM, digital versatile disc (DVD) or other optical storage, Magnetic cassettes, disk storage, quantum memory, graphene-based storage media or other magnetic storage devices or any other non-transmission media can be used to store information that can be accessed by computing devices. According to the definition in this article, computer-readable media does not include transitory media, such as modulated data signals and carrier waves.
  • first, second, third, etc. may be used to describe various information in one or more embodiments of this specification, the information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other.
  • first information may also be referred to as second information, and similarly, the second information may also be referred to as first information.
  • word “if” as used herein can be interpreted as "when” or “when” or “in response to certainty”.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computing Systems (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • Technology Law (AREA)
  • General Business, Economics & Management (AREA)
  • Storage Device Security (AREA)

Abstract

A method and device for transaction processing for an FPGA-based secure smart contract processor. The method may comprise: an FPGA structure loads a circuit logic configuration file deployed in a memory to an FPGA chip, thus forming a register-type on-chip processor used for implementing a virtual machine logic (102); the FPGA structure acquires, on the basis of a transaction received by a pertinent blockchain node, a register-type code program of a smart contract to which the transaction relates (104); and the FPGA structure transmits the register-type code program into the register-type on-chip processor, thus allowing the register-type on-chip processor to execute the register-type code program (106).

Description

基于FPGA的安全智能合约处理器的交易处理方法及装置FPGA-based safe smart contract processor transaction processing method and device 技术领域Technical field
本说明书一个或多个实施例涉及区块链技术领域,尤其涉及一种基于FPGA的安全智能合约处理器的交易处理方法及装置。One or more embodiments of this specification relate to the field of blockchain technology, and more particularly to a transaction processing method and device based on an FPGA-based secure smart contract processor.
背景技术Background technique
区块链技术构建在传输网络(例如点对点网络)之上。传输网络中的网络节点利用链式数据结构来验证与存储数据,并采用分布式节点共识算法来生成和更新数据。Blockchain technology is built on a transmission network (such as a peer-to-peer network). The network nodes in the transmission network use chained data structures to verify and store data, and use distributed node consensus algorithms to generate and update data.
目前企业级的区块链平台技术上最大的两个挑战就是隐私和性能,往往这两个挑战很难同时解决。大多解决方案都是通过损失性能换取隐私,或者不大考虑隐私去追求性能。常见的解决隐私问题的加密技术,如同态加密(Homomorphic encryption)和零知识证明(Zero-knowledge proof)等复杂度高,通用性差,而且还可能带来严重的性能损失。At present, the two biggest challenges in enterprise-level blockchain platform technology are privacy and performance. It is often difficult to solve these two challenges at the same time. Most of the solutions are to lose performance in exchange for privacy, or do not consider privacy to pursue performance. Common encryption technologies that solve privacy problems, such as Homomorphic encryption and Zero-knowledge proof, are highly complex, have poor versatility, and may also cause serious performance losses.
可信执行环境(Trusted Execution Environment,TEE)是另一种解决隐私问题的方式。TEE可以起到硬件中的黑箱作用,在TEE中执行的代码和数据操作系统层都无法偷窥,只有代码中预先定义的接口才能对其进行操作。在效率方面,由于TEE的黑箱性质,在TEE中进行运算的是明文数据,而不是同态加密中的复杂密码学运算,计算过程效率没有损失,因此与TEE相结合可以在性能损失较小的前提下很大程度上提升区块链的安全性和隐私性。目前工业界十分关注TEE的方案,几乎所有主流的芯片和软件联盟都有自己的TEE解决方案,包括软件方面的TPM(Trusted Platform Module,可信赖平台模块)以及硬件方面的Intel SGX(Software Guard Extensions,软件保护扩展)、ARM Trustzone(信任区)和AMD PSP(Platform Security Processor,平台安全处理器)。Trusted Execution Environment (TEE) is another way to solve privacy issues. TEE can play the role of a black box in the hardware. Neither the code executed in the TEE nor the data operating system layer can be peeped, and only the pre-defined interface in the code can operate on it. In terms of efficiency, due to the black box nature of TEE, plaintext data is calculated in TEE instead of complex cryptographic operations in homomorphic encryption. There is no loss of efficiency in the calculation process. Therefore, the combination with TEE can achieve less performance loss. Under the premise, the security and privacy of the blockchain are greatly improved. At present, the industry is very concerned about the TEE solution. Almost all mainstream chip and software alliances have their own TEE solutions, including TPM (Trusted Platform Module) in software and Intel SGX (Software Guard Extensions) in hardware. , Software Protection Extension), ARM Trustzone (trust zone) and AMD PSP (Platform Security Processor, platform security processor).
发明内容Summary of the invention
有鉴于此,本说明书一个或多个实施例提供一种基于FPGA的安全智能合约处理器的交易处理方法及装置。In view of this, one or more embodiments of this specification provide a transaction processing method and device based on an FPGA-based secure smart contract processor.
为实现上述目的,本说明书一个或多个实施例提供技术方案如下。To achieve the foregoing objectives, one or more embodiments of the present specification provide technical solutions as follows.
根据本说明书一个或多个实施例的第一方面,提出了一种基于FPGA的安全智能 合约处理器的交易处理方法,包括:FPGA结构将存储器中已部署的电路逻辑配置文件加载至FPGA芯片上,以在所述FPGA芯片上形成用于实现虚拟机逻辑的寄存器式片上处理器;所述FPGA结构根据所属区块链节点收到的交易,获取所述交易涉及的智能合约的寄存器式代码程序;所述FPGA结构将所述寄存器式代码程序传入所述寄存器式片上处理器,使所述寄存器式片上处理器执行所述寄存器式代码程序。According to the first aspect of one or more embodiments of this specification, an FPGA-based secure smart contract processor transaction processing method is proposed, which includes: FPGA structure loads the deployed circuit logic configuration files in the memory onto the FPGA chip , To form a register type on-chip processor for realizing virtual machine logic on the FPGA chip; the FPGA structure obtains the register type code program of the smart contract involved in the transaction according to the transaction received by the blockchain node to which it belongs The FPGA structure transfers the register type code program to the register type on-chip processor, so that the register type on-chip processor executes the register type code program.
根据本说明书一个或多个实施例的第二方面,提出了一种基于FPGA的安全智能合约处理器的交易处理装置,包括:加载单元,使FPGA结构将存储器中已部署的电路逻辑配置文件加载至FPGA芯片上,以在所述FPGA芯片上形成用于实现虚拟机逻辑的寄存器式片上处理器;获取单元,使所述FPGA结构根据所属区块链节点收到的交易,获取所述交易涉及的智能合约的寄存器式代码程序;执行单元,使所述FPGA结构将所述寄存器式代码程序传入所述寄存器式片上处理器,使所述寄存器式片上处理器执行所述寄存器式代码程序。According to the second aspect of one or more embodiments of this specification, an FPGA-based secure smart contract processor transaction processing device is proposed, which includes: a loading unit that enables the FPGA structure to load the deployed circuit logic configuration file in the memory To the FPGA chip to form a register-based on-chip processor for realizing virtual machine logic on the FPGA chip; the acquisition unit enables the FPGA structure to acquire the transaction involved in the transaction according to the transaction received by the blockchain node to which it belongs The register-style code program of the smart contract; an execution unit that causes the FPGA structure to transfer the register-style code program to the register-style on-chip processor, so that the register-style on-chip processor executes the register-style code program.
根据本说明书一个或多个实施例的第三方面,提出了一种电子设备,包括:处理器;用于存储处理器可执行指令的存储器;其中,所述处理器通过运行所述可执行指令以实现如第一方面所述的方法。According to a third aspect of one or more embodiments of this specification, an electronic device is proposed, including: a processor; a memory for storing executable instructions of the processor; wherein the processor runs the executable instructions In order to realize the method as described in the first aspect.
根据本说明书一个或多个实施例的第四方面,提出了一种计算机可读存储介质,其上存储有计算机指令,该指令被处理器执行时实现如第一方面所述方法的步骤。According to the fourth aspect of one or more embodiments of the present specification, a computer-readable storage medium is provided, on which computer instructions are stored, and when the instructions are executed by a processor, the steps of the method described in the first aspect are implemented.
附图说明Description of the drawings
图1是一示例性实施例提供的一种基于FPGA的安全智能合约处理器的交易处理方法的流程图。Fig. 1 is a flowchart of a transaction processing method of an FPGA-based secure smart contract processor provided by an exemplary embodiment.
图2是一示例性实施例提供的一种区块链节点的结构示意图。Fig. 2 is a schematic structural diagram of a blockchain node provided by an exemplary embodiment.
图3是一示例性实施例提供的一种在FPGA芯片上形成功能模块的示意图。Fig. 3 is a schematic diagram of forming a functional module on an FPGA chip provided by an exemplary embodiment.
图4是一示例性实施例提供的一种基于FPGA的安全智能合约处理器的交易处理装置的框图。Fig. 4 is a block diagram of an FPGA-based secure smart contract processor-based transaction processing device provided by an exemplary embodiment.
具体实施方式detailed description
这里将详细地对示例性实施例进行说明,其示例表示在附图中。下面的描述涉及附图时,除非另有表示,不同附图中的相同数字表示相同或相似的要素。以下示例性实 施例中所描述的实施方式并不代表与本说明书一个或多个实施例相一致的所有实施方式。相反,它们仅是与如所附权利要求书中所详述的、本说明书一个或多个实施例的一些方面相一致的装置和方法的例子。The exemplary embodiments will be described in detail here, and examples thereof are shown in the accompanying drawings. When the following description refers to the drawings, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements. The implementation manners described in the following exemplary embodiments do not represent all implementation manners consistent with one or more embodiments of this specification. Rather, they are merely examples of devices and methods consistent with some aspects of one or more embodiments of this specification as detailed in the appended claims.
需要说明的是:在其他实施例中并不一定按照本说明书示出和描述的顺序来执行相应方法的步骤。在一些其他实施例中,其方法所包括的步骤可以比本说明书所描述的更多或更少。此外,本说明书中所描述的单个步骤,在其他实施例中可能被分解为多个步骤进行描述;而本说明书中所描述的多个步骤,在其他实施例中也可能被合并为单个步骤进行描述。It should be noted that in other embodiments, the steps of the corresponding method are not necessarily executed in the order shown and described in this specification. In some other embodiments, the method may include more or fewer steps than described in this specification. In addition, a single step described in this specification may be decomposed into multiple steps for description in other embodiments; and multiple steps described in this specification may also be combined into a single step in other embodiments. description.
区块链一般被划分为三种类型:公有链(Public Blockchain),私有链(Private Blockchain)和联盟链(Consortium Blockchain)。此外,还有多种类型的结合,比如私有链+联盟链、联盟链+公有链等不同组合形式。其中去中心化程度最高的是公有链。公有链以比特币、以太坊为代表,加入公有链的参与者可以读取链上的数据记录、参与交易以及竞争新区块的记账权等。而且,各参与者(即节点)可自由加入以及退出网络,并进行相关操作。私有链则相反,该网络的写入权限由某个组织或者机构控制,数据读取权限受组织规定。简单来说,私有链可以为一个弱中心化系统,参与节点具有严格限制且少。这种类型的区块链更适合于特定机构内部使用。联盟链则是介于公有链以及私有链之间的区块链,可实现“部分去中心化”。联盟链中各个节点通常有与之相对应的实体机构或者组织;参与者通过授权加入网络并组成利益相关联盟,共同维护区块链运行。Block chains are generally divided into three types: Public Blockchain, Private Blockchain and Consortium Blockchain. In addition, there are many types of combinations, such as private chain + alliance chain, alliance chain + public chain and other different combinations. Among them, the most decentralized one is the public chain. The public chain is represented by Bitcoin and Ethereum. Participants who join the public chain can read the data records on the chain, participate in transactions, and compete for the accounting rights of new blocks. Moreover, each participant (ie, node) can freely join and exit the network, and perform related operations. The private chain is the opposite. The write permission of the network is controlled by an organization or institution, and the data read permission is regulated by the organization. In simple terms, the private chain can be a weakly centralized system with strict restrictions and few participating nodes. This type of blockchain is more suitable for internal use by specific institutions. Consortium chain is a block chain between public chain and private chain, which can realize "partial decentralization". Each node in the alliance chain usually has a corresponding entity or organization; participants are authorized to join the network and form a stakeholder alliance to jointly maintain the operation of the blockchain.
不论是公有链、私有链还是联盟链,区块链网络中的节点出于隐私保护的目的,均可能通过区块链与TEE(Trusted Execution Environment,可信执行环境)相结合的解决方案,在TEE内执行收到的交易。TEE是基于CPU硬件的安全扩展,且与外部完全隔离的可信执行环境。TEE最早是由Global Platform提出的概念,用于解决移动设备上资源的安全隔离,平行于操作系统为应用程序提供可信安全的执行环境。ARM的Trust Zone技术最早实现了真正商用的TEE技术。伴随着互联网的高速发展,安全的需求越来越高,不仅限于移动设备,云端设备,数据中心都对TEE提出了更多的需求。TEE的概念也得到了高速的发展和扩充。现在所说的TEE相比与最初提出的概念已经是更加广义的TEE。例如,服务器芯片厂商Intel,AMD等都先后推出了硬件辅助的TEE并丰富了TEE的概念和特性,在工业界得到了广泛的认可。现在提起的TEE通常更多指这类硬件辅助的TEE技术。Regardless of whether it is a public chain, a private chain or a consortium chain, for the purpose of privacy protection, the nodes in the blockchain network may use a solution that combines the blockchain and the TEE (Trusted Execution Environment). Execute received transactions within TEE. TEE is a secure extension based on CPU hardware and a trusted execution environment that is completely isolated from the outside. TEE was first proposed by Global Platform to solve the security isolation of resources on mobile devices, and parallel to the operating system to provide a trusted and secure execution environment for applications. ARM's Trust Zone technology is the first to realize the real commercial TEE technology. With the rapid development of the Internet, security requirements are getting higher and higher. Not only mobile devices, cloud devices, and data centers have put forward more demands on TEE. The concept of TEE has also been rapidly developed and expanded. Compared with the originally proposed concept, the TEE referred to now is a more generalized TEE. For example, server chip manufacturers Intel and AMD have successively introduced hardware-assisted TEE and enriched the concepts and features of TEE, which has been widely recognized in the industry. The TEE mentioned now usually refers more to this kind of hardware-assisted TEE technology.
以Intel SGX技术为例,SGX提供了围圈(enclave,也称为飞地),即内存中一个加密的可信执行区域,由CPU保护数据不被窃取。以第一区块链节点采用支持SGX的CPU为例,利用新增的处理器指令,在内存中可以分配一部分区域EPC(Enclave Page Cache,围圈页面缓存或飞地页面缓存),通过CPU内的加密引擎MEE(Memory Encryption Engine)对其中的数据进行加密。EPC中加密的内容只有进入CPU后才会被解密成明文。因此,在SGX中,用户可以不信任操作系统、VMM(Virtual Machine Monitor,虚拟机监控器)、甚至BIOS(Basic Input Output System,基本输入输出系统),只需要信任CPU便能确保隐私数据不会泄漏。因此,围圈就相当于SGX技术下产生的TEE。Taking Intel SGX technology as an example, SGX provides an enclave (also known as an enclave), which is an encrypted trusted execution area in the memory, and the CPU protects data from being stolen. Taking the first blockchain node using a CPU that supports SGX as an example, using the newly added processor instructions, a part of the area EPC (Enclave Page Cache, enclave page cache or enclave page cache) can be allocated in the memory, and through the CPU The encryption engine MEE (Memory Encryption Engine) encrypts the data in it. The encrypted content in EPC will be decrypted into plain text only after entering the CPU. Therefore, in SGX, users can distrust the operating system, VMM (Virtual Machine Monitor), and even BIOS (Basic Input Output System). They only need to trust the CPU to ensure that private data will not leakage. Therefore, the enclosure is equivalent to the TEE produced under SGX technology.
不同于移动端,云端访问需要远程访问,终端用户对硬件平台不可见,因此使用TEE的第一步就是要确认TEE的真实可信。例如,相关技术中提供了针对上述SGX技术的远程证明机制,以用于证明目标设备上的SGX平台与挑战方部署了相同的配置文件。但是,由于相关技术中的TEE技术是以软件或软硬件结合的方式实现,使得即便通过远程证明方式可以在一定程度上表明TEE内所部署的配置文件未经篡改,但是TEE本身所依托的运行环境却无法被验证。例如,在需要实现隐私功能的区块链节点上,TEE内需要配置用于执行智能合约的虚拟机,该虚拟机所执行的指令并非直接执行,而是实际上执行了对应的若干条X86指令(假定目标设备采用X86架构),从而造成了一定程度上的安全性风险。Different from the mobile terminal, cloud access requires remote access, and the end user is invisible to the hardware platform. Therefore, the first step in using TEE is to confirm the authenticity of TEE. For example, the related technology provides a remote certification mechanism for the above-mentioned SGX technology to prove that the SGX platform on the target device and the challenger have deployed the same configuration file. However, because the TEE technology in the related technology is implemented by software or a combination of software and hardware, even if the remote attestation method can indicate to a certain extent that the configuration file deployed in the TEE has not been tampered with, the TEE itself depends on the operation The environment cannot be verified. For example, on a blockchain node that needs to implement privacy functions, a virtual machine for executing smart contracts needs to be configured in the TEE. The instructions executed by the virtual machine are not directly executed, but actually executed corresponding X86 instructions (Assuming that the target device adopts the X86 architecture), which poses a certain degree of security risk.
为此,本说明书提出了一种基于FPGA实现的硬件TEE技术,FPGA通过加载电路逻辑配置文件而实现硬件TEE。由于电路逻辑配置文件的内容可以被预先查看与检验,并且FPGA完全基于电路逻辑配置文件中记载的逻辑而配置运行,因而可以确保FPGA所实现的硬件TEE具有相对更高的安全性。但是,相关技术中虚拟机均采用栈式架构,使得据此配置的FPGA同样采用操作数栈执行智能合约的代码程序,运行效率远低于寄存器式架构。To this end, this specification proposes a hardware TEE technology based on FPGA implementation. FPGA implements hardware TEE by loading circuit logic configuration files. Because the content of the circuit logic configuration file can be checked and verified in advance, and the FPGA is configured and operated completely based on the logic recorded in the circuit logic configuration file, it can be ensured that the hardware TEE implemented by the FPGA has relatively higher security. However, all virtual machines in related technologies adopt a stack architecture, so that FPGAs configured accordingly also use an operand stack to execute code programs of smart contracts, and the operating efficiency is much lower than the register architecture.
以下结合实施例说明本说明书提供的一种基于FPGA实现虚拟机运算的方法,以兼顾安全性与运算效率。The following describes a method for implementing virtual machine operation based on FPGA provided in this specification in conjunction with embodiments, so as to take into account both safety and operation efficiency.
图1是一示例性实施例提供的一种基于FPGA的安全智能合约处理器的交易处理方法的流程图。如图1所示,该方法应用于FPGA结构,可以包括以下步骤:Fig. 1 is a flowchart of a transaction processing method of an FPGA-based secure smart contract processor provided by an exemplary embodiment. As shown in Figure 1, the method is applied to the FPGA structure and can include the following steps:
步骤102,FPGA结构将存储器中已部署的电路逻辑配置文件加载至FPGA芯片上,以在所述FPGA芯片上形成用于实现虚拟机逻辑的寄存器式片上处理器。Step 102: The FPGA structure loads the deployed circuit logic configuration file in the memory onto the FPGA chip to form a register-type on-chip processor for realizing virtual machine logic on the FPGA chip.
FPGA芯片上包含若干可编辑的硬件逻辑单元,这些硬件逻辑单元经由电路逻辑配置文件进行配置后,可以实现为相应的功能模块,以用于实现相应的逻辑功能。具体的,该电路逻辑配置文件可以基于比特流的形式被烧录至FPGA结构。The FPGA chip contains a number of editable hardware logic units. After these hardware logic units are configured via a circuit logic configuration file, they can be implemented as corresponding functional modules to implement corresponding logic functions. Specifically, the circuit logic configuration file can be burned to the FPGA structure based on the form of a bit stream.
因此,通过向FPGA结构部署相应的电路逻辑配置文件,可使FPGA芯片上形成寄存器式片上处理器,该寄存器式片上处理器可用于实现相关技术中的虚拟机逻辑,相当于在FPGA芯片上配置形成的“硬件虚拟机”,譬如该虚拟机逻辑可以包括以太坊虚拟机的执行逻辑或者WASM虚拟机的执行逻辑等,本说明书并不对此进行限制。Therefore, by deploying the corresponding circuit logic configuration file to the FPGA structure, a register-based on-chip processor can be formed on the FPGA chip. The register-based on-chip processor can be used to implement virtual machine logic in related technologies, which is equivalent to configuring on the FPGA chip. The formed "hardware virtual machine", for example, the virtual machine logic may include the execution logic of the Ethereum virtual machine or the execution logic of the WASM virtual machine, etc. This specification does not limit this.
步骤104,所述FPGA结构根据所属区块链节点收到的交易,获取所述交易涉及的智能合约的寄存器式代码程序。Step 104: The FPGA structure obtains the register-type code program of the smart contract involved in the transaction according to the transaction received by the blockchain node to which it belongs.
字节码(Byte-code)由一连串的字节组成,每一字节可以标识一个操作。基于开发效率、可读性等多方面考虑,开发者可以不直接书写字节码程序,而是选择一门高级语言编写智能合约的代码程序。高级语言编写的代码程序经过编译器编译,可以生成相应的字节码程序,进而该字节码程序可以部署至区块链。以太坊支持的高级语言很多,如Solidity、Serpent、LLL语言等。上述的编译器可以部署在客户端上,使得该客户端可以通过该编译器将采用高级语言编写的代码程序编译为字节码程序,进而将字节码程序编译为寄存器式代码程序,然后通过交易提交至区块链网络;或者;客户端可以编译器直接将高级语言编写的代码程序编译为寄存器式代码程序;或者,上述的编译器可以部署在区块链节点处,使得区块链节点在收到客户端提交的交易后,若交易中包含采用高级语言编写的代码程序,则区块链节点可以通过编译器将采用高级语言编写的代码程序编译为字节码程序、进而将字节码程序编译为寄存器式代码程序,或者区块链节点可以通过编译器将采用高级语言编写的代码程序直接编译为寄存器式代码程序,若交易中包含字节码程序,则区块链节点通过编译器将字节码程序编译为寄存器式代码程序。Byte-code is composed of a series of bytes, and each byte can identify an operation. Based on many considerations such as development efficiency and readability, developers may not directly write bytecode programs, but choose a high-level language to write code programs for smart contracts. A code program written in a high-level language is compiled by a compiler to generate a corresponding bytecode program, and then the bytecode program can be deployed to the blockchain. There are many high-level languages supported by Ethereum, such as Solidity, Serpent, and LLL languages. The above-mentioned compiler can be deployed on the client, so that the client can compile a code program written in a high-level language into a bytecode program through the compiler, and then compile the bytecode program into a register code program, and then pass The transaction is submitted to the blockchain network; or; the client can directly compile the code program written in the high-level language into a register code program by the compiler; or, the above-mentioned compiler can be deployed at the blockchain node to make the blockchain node After receiving the transaction submitted by the client, if the transaction contains a code program written in a high-level language, the blockchain node can use a compiler to compile the code program written in a high-level language into a bytecode program, and then the byte code program The code program is compiled into a register-style code program, or a blockchain node can directly compile a code program written in a high-level language into a register-style code program through a compiler. If the transaction contains a bytecode program, the blockchain node will pass the compilation The processor compiles the bytecode program into a register code program.
以Solidity语言为例,用其编写的合约与面向对象编程语言中的类(Class)很相似,在一个合约中可以声明多种成员,包括合约状态(或称状态变量)、函数、函数修改器、事件等。合约状态是永久存储在智能合约的账户存储中的值,用于保存合约的状态。Take the Solidity language as an example. The contract written in it is very similar to the class in the object-oriented programming language. A variety of members can be declared in a contract, including contract state (or state variable), function, and function modifier. , Events, etc. The contract state is the value permanently stored in the account storage of the smart contract and is used to save the state of the contract.
如下是以Solidity语言编写的一个简单的智能合约的代码示例:The following is a code example of a simple smart contract written in Solidity language:
Figure PCTCN2020100492-appb-000001
Figure PCTCN2020100492-appb-000001
Figure PCTCN2020100492-appb-000002
Figure PCTCN2020100492-appb-000002
对于上述代码示例中的C()函数部分,编译器的编译结果例如为如下所示(/*…*/中…的部分为注释,后面如有汉字则为对应的中文注释):For the C() function part of the above code example, the compilation result of the compiler is, for example, as shown below (/*...*/The part of... is a comment, and if there are Chinese characters after it, it is the corresponding Chinese comment):
/*compile function C()balance+=1编译函数C()balance+=1*//*compile function C()balance+=1 Compile function C()balance+=1*/
tag_2tag_2
/*pushes 1 onto stack将1压入栈顶,这个1就是要赋值的1*//*pushes 1 onto stack pushes 1 onto the top of the stack, this 1 is the 1 to be assigned*/
0x10x1
/*pushes 0 onto stack将0压入栈顶,这个0是指balance这个数据将要存储到合约账户数据存储的0号位置。上面这两句执行完后,堆栈里从顶往下,就有了0和1两个数据*//*pushes 0 onto the stack pushes 0 onto the top of the stack. This 0 means that the data of balance will be stored in position 0 of the contract account data storage. After the above two sentences are executed, from the top to the bottom of the stack, there are two data of 0 and 1*/
0x00x0
/*balance+=1将balance赋值为balance+1后的值*//*balance+=1 Assign balance to the value after balance+1*/
dup2/*复制栈中从顶往下数的第二项,所以这时堆栈从顶往上就有了1、0、1三个数据*/dup2/*copy the second item from the top to the bottom in the stack, so at this time the stack has 1, 0, and 1 data from the top to the top*/
swap1/*交换栈顶的两项数据,这时堆栈从顶往下存储的是0、1、1*/swap1/*Swap the two data at the top of the stack. At this time, the stack stores 0, 1, 1 from the top to the bottom*/
/*store(0x0,0x1)存储(0x0,0x1),从栈顶往下数,将第二项数据存储到第一项标识的位置上,同时将这两项弹出堆栈。这里便是将数据1存储到0号位置,前面因为已经将balance与0号位置做了绑定,所以就完成了balance=1的赋值。这时堆栈里就只剩一层数据:1*//*store(0x0,0x1) stores (0x0,0x1), counts down from the top of the stack, stores the second item of data to the location identified by the first item, and simultaneously pops these two items from the stack. Here is to store data 1 to position 0. Because the balance has been bound to position 0, the assignment of balance=1 is completed. At this time, there is only one layer of data left in the stack: 1*/
sstoresstore
pop/*丢弃栈顶数据,这时堆栈变成空,等待下一条指令的执行*/。pop/*discard the top data of the stack, at this time the stack becomes empty, waiting for the execution of the next instruction*/.
可见,上述代码示例中的Solidity代码被编译为相应的字节码程序,该字节码程序 所含的每一字节码包括一个字节长度的操作码(Opcode)及跟随在后的零至多个操作数(Operands),该操作数为相应操作码在执行时所需的参数。It can be seen that the Solidity code in the above code example is compiled into a corresponding bytecode program, and each bytecode contained in the bytecode program includes a byte-length opcode (Opcode) and the following zero at most Operands (Operands), which are the parameters required by the corresponding operation code during execution.
因此,区块链节点在相关技术中获得的代码程序通常为字节码程序,譬如用户在采用高级语言编写得到高级语言程序后,可以在客户端处将该高级语言程序编译为字节码程序。而在本说明书中,客户端可以进一步将字节码程序编译为寄存器式代码程序后,通过客户端将包含该寄存器式代码程序的交易提交至区块链节点。当然,还可能存在如前所述的其他情况,此处不再赘述。Therefore, the code program obtained by the blockchain node in the related technology is usually a bytecode program. For example, after a user writes a high-level language program in a high-level language, the high-level language program can be compiled into a bytecode program at the client. . In this specification, the client can further compile the bytecode program into a register-style code program, and then submit the transaction containing the register-style code program to the blockchain node through the client. Of course, there may be other situations as described above, which will not be repeated here.
如前所述,编译器可以将高级语言程序编译为字节码程序,并进一步将该字节码程序编译为寄存器式代码程序。字节码程序是基于栈式的,而栈式架构的特点是没有二义性,因而通过首先将高级语言程序编译为字节码程序,可以固化代码程序所表征的代码行为,使得进一步编译得到的寄存器式代码程序完全基于已固化的代码行为、不会改变代码行为,从而确保所有区块链节点所执行的逻辑完全一致。当然,本说明书并不对此进行限制。As mentioned above, the compiler can compile the high-level language program into a bytecode program, and further compile the bytecode program into a register code program. The bytecode program is based on the stack type, and the characteristic of the stack type architecture is that there is no ambiguity. Therefore, by first compiling the high-level language program into a bytecode program, the code behavior represented by the code program can be solidified, so that further compilation can be obtained. The register code program is completely based on the solidified code behavior and will not change the code behavior, thus ensuring that the logic executed by all blockchain nodes is completely consistent. Of course, this specification does not limit this.
步骤106,所述FPGA结构将所述寄存器式代码程序传入所述寄存器式片上处理器,使所述寄存器式片上处理器执行所述寄存器式代码程序。Step 106: The FPGA structure transfers the register-type code program to the register-type on-chip processor, so that the register-type on-chip processor executes the register-type code program.
在相关技术中将高级语言程序编译得到的字节码程序为栈式,在执行过程中该字节码程序所涉及的操作数被写入操作数栈中,执行该字节码程序的过程相对而言十分繁琐。以加法运算为例,假定需要执行“c=a+b”;如果在FPGA结构上形成栈式片上处理器,则该栈式片上处理器执行“c=a+b”的过程可以包含下述步骤:In the related art, the bytecode program obtained by compiling the high-level language program is a stack type. During the execution process, the operand involved in the bytecode program is written into the operand stack. The process of executing the bytecode program is relatively It is very cumbersome. Taking the addition operation as an example, suppose that "c=a+b" needs to be executed; if a stack-type on-chip processor is formed on the FPGA structure, the process of executing "c=a+b" by the stack-type on-chip processor can include the following step:
POP a(表示将a从操作数栈内弹出);POP a (indicating pop a from the operand stack);
POP b(表示将b从操作数栈内弹出);POP b (indicating pop b from the operand stack);
ADD(表示执行a+b的运算,并将运算结果赋值给c);ADD (representing the operation of a+b and assigning the result of the operation to c);
PUSH c(表示将c压入操作数栈的栈顶)。PUSH c (indicating that c is pushed onto the top of the operand stack).
可见,在栈式架构下至少需要执行上述的4个步骤才能够完成“c=a+b”的运算操作。而本说明书中通过采用寄存器式片上处理器,在执行编译得到的寄存器式代码程序时,实现运算操作“c=a+b”仅需2个步骤:①执行a+b运算(需要指明存放a、b的寄存器),②将运算得到的值存入某一寄存器以作为c的取值。因此,基于本说明书的技术方案,可以简化片上处理器对合约代码的执行操作,提升对合约代码的执行效率,加快FPGA结构对交易的执行速度。It can be seen that under the stack architecture, at least the above 4 steps need to be executed to complete the "c=a+b" operation. However, in this manual, by using the register-based on-chip processor, when the compiled register-based code program is executed, the arithmetic operation "c=a+b" only needs 2 steps: ①Execute a+b operation (need to specify to store a , The register of b), ②store the value obtained by the operation in a certain register as the value of c. Therefore, the technical solution based on this specification can simplify the execution of the contract code by the on-chip processor, improve the execution efficiency of the contract code, and accelerate the execution speed of the FPGA structure on the transaction.
如前所述,寄存器式代码程序所涉及的操作数被写入FPGA芯片上的寄存器中,而非写入操作数栈中,使得寄存器式片上处理器根据相应的操作码执行操作时,可以根据寄存器的信息(如名称等)而直接对寄存器中所存的操作数进行处理,相比于将操作数依次压入操作数栈或依次从操作数栈弹出,相当于对多个寄存器中的操作数实施并行操作,从而实现上述的提升效率、加快速度的效果。As mentioned earlier, the operands involved in the register-based code program are written into the registers on the FPGA chip, rather than written into the operand stack, so that the register-based on-chip processor can perform operations based on the corresponding opcodes. Register information (such as name, etc.) and directly process the operands stored in the register. Compared with pushing the operands into the operand stack or popping them from the operand stack, it is equivalent to the operands in multiple registers. Implement parallel operations to achieve the above-mentioned effects of improving efficiency and speeding up.
FPGA结构可以从区块链节点处获得处于加密状态的上述交易,并将该交易传入FPGA芯片上的加解密模块。该加解密模块由上述已部署的电路逻辑配置文件在FPGA芯片上形成,其形成过程类似于上述寄存器式片上处理器。然后,FPGA结构根据加解密模块输出的解密后交易内容,获取字节码程序。The FPGA structure can obtain the above-mentioned transaction in an encrypted state from the blockchain node, and pass the transaction to the encryption and decryption module on the FPGA chip. The encryption and decryption module is formed on the FPGA chip by the above-mentioned deployed circuit logic configuration file, and its formation process is similar to the above-mentioned register-type on-chip processor. Then, the FPGA structure obtains the bytecode program according to the decrypted transaction content output by the encryption and decryption module.
如果上述交易用于部署智能合约,那么解密后交易内容的data字段会包含该智能合约的寄存器式代码程序。如果上述交易用于调用智能合约,那么解密后交易内容的to字段会包含被调用的智能合约的合约地址,而FPGA结构可以基于该合约地址调用相应已部署的寄存器式代码程序;譬如,当智能合约被部署于区块链节点处时,FPGA结构可以向区块链节点发送上述的合约地址,由区块链节点将对应于该合约地址的寄存器式代码程序返回至FPGA结构。If the above transaction is used to deploy a smart contract, the data field of the transaction content after decryption will contain the register code program of the smart contract. If the above transaction is used to call a smart contract, the to field of the decrypted transaction content will contain the contract address of the called smart contract, and the FPGA structure can call the corresponding deployed register-style code program based on the contract address; for example, when the smart When the contract is deployed at the blockchain node, the FPGA structure can send the above-mentioned contract address to the blockchain node, and the blockchain node returns the register code program corresponding to the contract address to the FPGA structure.
FPGA结构上可以部署有节点私钥,该节点私钥对应的节点公钥处于公开状态。上述交易可由交易发起方基于自身维护(譬如针对每笔交易随机生成)的对称密钥和节点公钥而采用数字信封方式进行加密生成:交易发起方通过对称密钥对明文交易内容进行加密、得到密文交易内容,以及通过节点公钥对上述的对称密钥进行加密、得到密文对称密钥,而上述交易包含该密文交易内容和该密文对称密钥。相应地,FPGA结构可以通过已部署的电路逻辑配置文件在FPGA芯片上形成解密模块,并通过该解密模块对上述交易进行解密。其中,解密模块首先基于节点私钥对密文对称密钥进行解密、得到上述的对称密钥,然后解密模块基于该对称密钥对密文交易内容进行解密、得到上述的明文交易内容,即前述的解密后交易。A node private key can be deployed on the FPGA structure, and the node public key corresponding to the node private key is in a public state. The above transaction can be encrypted and generated by the transaction initiator based on the symmetric key and node public key maintained by itself (for example, randomly generated for each transaction) using a digital envelope method: the transaction initiator encrypts the plaintext transaction content through the symmetric key to obtain The ciphertext transaction content, and the above-mentioned symmetric key is encrypted by the node public key to obtain the ciphertext symmetric key, and the above-mentioned transaction includes the ciphertext transaction content and the ciphertext symmetric key. Correspondingly, the FPGA structure can form a decryption module on the FPGA chip through the deployed circuit logic configuration file, and decrypt the above-mentioned transaction through the decryption module. Among them, the decryption module first decrypts the ciphertext symmetric key based on the node's private key to obtain the above-mentioned symmetric key, and then the decryption module decrypts the ciphertext transaction content based on the symmetric key to obtain the above-mentioned plaintext transaction content, namely The decrypted transaction.
寄存器式片上处理器执行上述的寄存器式代码程序后,可以生成相应的合约状态、交易收据等内容。交易收据中可以包括交易执行结果等信息,需要反馈至交易发起方。在上述的交易采用数字信封方式进行加密的情况下,FPGA结构可以将寄存器式片上处理器产生的交易收据传入加密模块中,以基于数字信封采用的对称密钥进行加密,然后将加密后交易收据返回区块链节点,进而提供至交易发起方;其中,加密模块由FPGA芯片通过加载已部署的电路逻辑配置文件而形成。由于数字信封采用的对称密钥仅由交 易发起方持有,因而使用该对称密钥生成加密后交易收据,可以确保该加密后交易收据仅该交易发起方能够解密,以确保交易收据的安全和隐私保护。After the register-type on-chip processor executes the above-mentioned register-type code program, it can generate the corresponding contract status, transaction receipt, and so on. The transaction receipt may include information such as the transaction execution result, which needs to be fed back to the transaction initiator. In the case that the above-mentioned transaction is encrypted by the digital envelope method, the FPGA structure can pass the transaction receipt generated by the register-based on-chip processor into the encryption module, and encrypt it with the symmetric key adopted by the digital envelope, and then the encrypted transaction The receipt is returned to the blockchain node and then provided to the transaction initiator; where the encryption module is formed by the FPGA chip by loading the deployed circuit logic configuration file. Since the symmetric key used in the digital envelope is only held by the transaction initiator, using the symmetric key to generate an encrypted transaction receipt can ensure that the encrypted transaction receipt can only be decrypted by the transaction initiator to ensure the security and safety of the transaction receipt. privacy protection.
如前所述,代码程序可以部署在区块链节点处,那么FPGA结构可以向区块链节点请求获得该代码程序,以在FPGA芯片上形成的寄存器式片上处理器中予以执行。区块链节点属于FPGA芯片之外的外部存储空间,而该外部存储空间还可以存在其他形式,比如FPGA结构可以包含与FPGA芯片相连的外接DDR存储器等,同样可以用于部署上述的代码程序,此时可以减少FPGA结构与区块链节点之间的交互次数。除了上述的外部存储空间之外,代码程序还可以部署于FPGA芯片的片上存储空间。As mentioned above, the code program can be deployed at the blockchain node, and the FPGA structure can request the blockchain node to obtain the code program for execution in the register-type on-chip processor formed on the FPGA chip. The blockchain node belongs to the external storage space outside the FPGA chip, and the external storage space can also exist in other forms. For example, the FPGA structure can include an external DDR memory connected to the FPGA chip, etc., which can also be used to deploy the aforementioned code programs. At this time, the number of interactions between the FPGA structure and the blockchain node can be reduced. In addition to the above-mentioned external storage space, the code program can also be deployed in the on-chip storage space of the FPGA chip.
对于FPGA结构而言,只有FPGA芯片上被认为属于安全环境(基于FPGA结构形成的TEE),而FPGA芯片之外的环境被认为不安全,所以寄存器式代码程序可以采用明文形式部署于上述的片上存储空间,但必须以密文形式部署于上述的外部存储空间。因此,当FPGA结构从诸如外部存储空间获得加密后的寄存器式代码程序后,可以将该加密后的寄存器式代码程序传入FPGA芯片上的解密模块,并获得该解密模块输出的解密后的寄存器式代码程序,以便在寄存器式片上处理器中予以执行。For the FPGA structure, only the FPGA chip is considered to be a safe environment (TEE based on the FPGA structure), and the environment outside the FPGA chip is considered insecure, so the register code program can be deployed on the above-mentioned chip in clear text Storage space, but must be deployed in the above-mentioned external storage space in the form of ciphertext. Therefore, when the FPGA structure obtains the encrypted register code program from, for example, an external storage space, the encrypted register code program can be transferred to the decryption module on the FPGA chip, and the decrypted register output by the decryption module can be obtained. Type code program in order to be executed in the register type on-chip processor.
其中,加密后的寄存器式代码程序可由FPGA结构所维护的业务根密钥或该业务根密钥的衍生密钥对寄存器式代码程序进行加密得到。例如,在FPGA结构获得用于部署智能合约的交易后,可以从该交易中获得明文的寄存器式代码程序。然后,FPGA结构可以通过加密模块对该寄存器式代码程序进行加密、得到上述加密后的寄存器式代码程序,所采用的密钥即上述的业务根密钥或该业务根密钥的衍生密钥。Wherein, the encrypted register-type code program can be obtained by encrypting the register-type code program by the service root key maintained by the FPGA structure or a derived key of the service root key. For example, after the FPGA structure obtains a transaction for deploying a smart contract, a register-type code program in plain text can be obtained from the transaction. Then, the FPGA structure can encrypt the register type code program through the encryption module to obtain the encrypted register type code program. The key used is the above-mentioned service root key or the derived key of the service root key.
前文所述的节点私钥和业务根密钥可由用户部署至FPGA结构。用户可以在本地完成部署,或者通过客户端实现远程部署。在远程部署过程中,客户端可以预先与FPGA结构协商得到业务秘密部署密钥,通过该业务秘密部署密钥对节点私钥或业务根密钥进行加密并发送至FPGA结构,而FPGA结构可以通过业务秘密部署密钥对收到的数据进行解密、以得到节点私钥或业务根密钥。The node private key and service root key described above can be deployed to the FPGA structure by the user. Users can complete the deployment locally or remotely through the client. In the remote deployment process, the client can negotiate with the FPGA structure in advance to obtain the business secret deployment key, and the node private key or business root key can be encrypted and sent to the FPGA structure through the business secret deployment key, and the FPGA structure can be passed through The business secret deployment key decrypts the received data to obtain the node private key or the business root key.
通过将已部署的电路逻辑配置文件加载至FPGA芯片上,可以在FPGA芯片上形成密钥协商模块,而FPGA结构可以基于该密钥协商模块与客户端之间实现上述的密钥协商操作。密钥协商过程可以采用相关技术中的任意算法或标准来实现,本说明书并不对此进行限制。举例而言,密钥协商过程可以包括:用户可以在本地的客户端生成一密钥Ka-1、密钥协商模块可以在本地生成一密钥Kb-1,且客户端可以基于密钥Ka-1计算得到密钥协商信息Ka-2、密钥协商模块可以基于密钥Kb-1计算得到密钥协商信息Kb-2, 然后客户端将密钥协商信息Ka-2发送至密钥协商模块、密钥协商模块将密钥协商信息Kb-2发送至客户端,使得客户端可以基于密钥Ka-1与密钥协商信息Kb-2生成一秘密值,而密钥协商模块可以基于密钥Kb-1与密钥协商信息Ka-2生成相同的秘密值,最后由客户端、密钥协商模块分别基于密钥导出函数从该相同的秘密值导出相同的业务秘密部署密钥,该业务秘密部署密钥可以被保存在FPGA芯片或密管芯片。在上述过程中,虽然密钥协商信息Ka-2、密钥协商信息Kb-2是经由区块链节点在客户端与密钥协商模块之间传输,但是由于密钥Ka-1由客户端掌握、密钥Kb-1由密钥协商模块掌握,因而可以确保区块链节点无法获知最终得到的秘密值和业务秘密部署密钥,避免可能造成的安全性风险。By loading the deployed circuit logic configuration file onto the FPGA chip, a key agreement module can be formed on the FPGA chip, and the FPGA structure can implement the above-mentioned key agreement operation based on the key agreement module and the client. The key agreement process can be implemented using any algorithm or standard in related technologies, which is not limited in this specification. For example, the key agreement process can include: the user can generate a key Ka-1 at the local client, the key agreement module can generate a key Kb-1 locally, and the client can generate a key Kb-1 based on the key Ka- 1 Calculate the key agreement information Ka-2, the key agreement module can calculate the key agreement information Kb-2 based on the key Kb-1, and then the client sends the key agreement information Ka-2 to the key agreement module, The key agreement module sends the key agreement information Kb-2 to the client, so that the client can generate a secret value based on the key Ka-1 and the key agreement information Kb-2, and the key agreement module can be based on the key Kb -1 generates the same secret value as the key agreement information Ka-2, and finally the client and the key agreement module respectively derive the same business secret deployment key from the same secret value based on the key derivation function, and the business secret deployment The key can be stored in the FPGA chip or the secret management chip. In the above process, although the key agreement information Ka-2 and key agreement information Kb-2 are transmitted between the client and the key agreement module via the blockchain node, the key Ka-1 is controlled by the client , The key Kb-1 is controlled by the key agreement module, so it can ensure that the blockchain node cannot know the final secret value and the business secret deployment key, and avoid possible security risks.
FPGA结构中可以部署有认证根密钥,该认证根密钥可以被预置于FPGA结构中,或者该认证根密钥可由客户端或其他对象在离线安全环境下部署至FPGA结构中,或者该认证根密钥可由客户端或其他对象远程部署至FPGA结构中。该认证根密钥属于非对称密钥。密钥协商模块可以通过该认证根密钥对所生成的密钥协商信息Kb-2进行签名,而客户端可以通过验证签名而确定收到的信息是否确实来自于FPGA结构且传输过程中未经篡改,而未通过签名验证的信息将不会被客户端信任和采纳。其中,认证根密钥的公钥可以由认证服务器管理且不公开,那么客户端可以通过将收到的信息发送至该认证服务器,由该认证服务器通过维护的公钥进行签名验证;然后,认证服务器可以向客户端提供验证结果,该验证结果由认证服务器进行签名,且该验证结果包含认证服务器的证书或者该认证服务器的公钥可以被公开,使得客户端可以验签以确定验证结果的有效性。或者,认证根密钥的公钥可以被公开,使得客户端可以自行基于该公钥对来自FPGA结构的信息进行签名验证,而无需经由认证服务器,这样可以减少签名验证过程所经历的交互环节,从而提升验证效率、降低更多交互环节所导致的安全性风险。An authentication root key can be deployed in the FPGA structure, and the authentication root key can be pre-placed in the FPGA structure, or the authentication root key can be deployed to the FPGA structure by the client or other objects in an offline security environment, or the The authentication root key can be remotely deployed into the FPGA structure by the client or other objects. The authentication root key is an asymmetric key. The key agreement module can sign the generated key agreement information Kb-2 with the authentication root key, and the client can verify the signature to determine whether the received information actually comes from the FPGA structure and has not been transmitted during transmission. Tampered, and the information that fails the signature verification will not be trusted and adopted by the client. Among them, the public key of the authentication root key can be managed by the authentication server and not made public, then the client can send the received information to the authentication server, and the authentication server can perform signature verification with the maintained public key; then, the authentication The server can provide the client with the verification result, the verification result is signed by the verification server, and the verification result contains the certificate of the verification server or the public key of the verification server can be made public, so that the client can verify the signature to determine the validity of the verification result Sex. Alternatively, the public key of the authentication root key can be made public, so that the client can perform signature verification on the information from the FPGA structure based on the public key without going through the authentication server, which can reduce the interactive links in the signature verification process. Thereby improving the efficiency of verification and reducing the security risks caused by more interactive links.
上述的认证根密钥可以被基于前述已部署的电路逻辑配置文件部署至FPGA结构。FPGA结构可以避免将认证根密钥从电路逻辑配置文件中取出,使得FPGA结构在将该电路逻辑配置文件加载至FPGA芯片后,可以获知相应的认证根密钥。或者,FPGA结构可以包含独立于FPGA芯片的密钥管理芯片,且FPGA结构可以将认证根密钥从所属的电路逻辑配置文件中取出后维护于密钥管理芯片中,使得认证根密钥仅存在于密钥管理芯片中,而不会再出现于FPGA结构上部署的电路逻辑配置文件中,以提升认证根密钥的安全性。The aforementioned authentication root key can be deployed to the FPGA structure based on the aforementioned deployed circuit logic configuration file. The FPGA structure can avoid taking the authentication root key from the circuit logic configuration file, so that the FPGA structure can obtain the corresponding authentication root key after loading the circuit logic configuration file to the FPGA chip. Alternatively, the FPGA structure can include a key management chip independent of the FPGA chip, and the FPGA structure can take the authentication root key out of the circuit logic configuration file to which it belongs and maintain it in the key management chip, so that only the authentication root key exists In the key management chip, it will no longer appear in the circuit logic configuration file deployed on the FPGA structure to improve the security of the authentication root key.
FPGA结构上可以部署有客户端对应的公钥或者预置证书。客户端可以针对前述的 密钥协商信息Ka-2进行签名后发送至FPGA结构,使得FPGA结构可以针对收到的密钥协商信息Ka-2进行签名验证,并将签名通过验证作为基于该密钥协商信息Ka-2生成秘密值的条件之一。其中,客户端对应的公钥或证书可由前述的电路逻辑配置文件部署于FPGA结构。The public key or preset certificate corresponding to the client can be deployed on the FPGA structure. The client can sign the aforementioned key agreement information Ka-2 and then send it to the FPGA structure, so that the FPGA structure can perform signature verification on the received key agreement information Ka-2, and verify that the signature is based on the key. Negotiation information Ka-2 is one of the conditions for generating a secret value. Wherein, the public key or certificate corresponding to the client can be deployed in the FPGA structure by the aforementioned circuit logic configuration file.
除了上述的业务秘密部署密钥之外,FPGA结构还可以与客户端协商其他密钥,以用于其他场景下。例如,FPGA结构可以通过密钥协商模块与客户端协商得到配置文件部署密钥,其过程可以参考上述对于业务秘密部署密钥的协商过程。当然,除了分别单独协商得到配置文件部署密钥和业务秘密部署密钥之外,FPGA结构还可以一次性协商得到多个密钥;比如,当密钥协商模块与客户端协商得到上述的秘密值之后,可以基于KDF一次性导出32位字符串,并将前16位、后16位字符串分别作为不同密钥,譬如分别作为上述的配置文件部署密钥和业务秘密部署密钥。In addition to the above-mentioned business secret deployment key, the FPGA structure can also negotiate other keys with the client for use in other scenarios. For example, the FPGA structure can negotiate with the client through the key agreement module to obtain the configuration file deployment key, and the process can refer to the above-mentioned negotiation process for the business secret deployment key. Of course, in addition to separately negotiated to obtain the configuration file deployment key and business secret deployment key, the FPGA structure can also negotiate to obtain multiple keys at one time; for example, when the key agreement module negotiates with the client to obtain the above-mentioned secret value After that, a 32-bit character string can be derived at one time based on KDF, and the first 16-bit character string and the last 16-bit character string can be used as different keys, such as the configuration file deployment key and the business secret deployment key mentioned above.
FPGA结构上已部署的电路逻辑配置文件进行实现更新。例如,FPGA结构在接收到来自客户端的加密后新版电路逻辑配置文件后,可以将该加密后新版电路逻辑配置文件读入FPGA芯片上的可信更新模块进行解密,该可信更新模块由已部署的电路逻辑配置文件在FPGA芯片上形成;相应地,FPGA结构可以基于解密得到的新版电路逻辑配置文件对已部署的电路逻辑配置文件进行更新。其中,客户端可以采用上述的配置文件部署密钥对新版电路逻辑配置文件进行加密、以得到加密后新版电路逻辑配置文件,而可信更新模块同样可以基于上述的配置文件部署密钥对加密后新版电路逻辑配置文件进行解密、以得到新版电路逻辑配置文件。进一步地,客户端在加密之前,还可以对新版电路逻辑配置文件进行签名,而可信更新模块可以基于FPGA结构上预配置的用户公钥或预置证书,对解密得到的新版电路逻辑配置文件进行验签。那么,在解密失败或验签失败的情况下,可信更新模块均可以终止更新操作。The circuit logic configuration files that have been deployed on the FPGA structure are implemented and updated. For example, after the FPGA structure receives the encrypted new version of the circuit logic configuration file from the client, it can read the encrypted new version of the circuit logic configuration file into the trusted update module on the FPGA chip for decryption. The circuit logic configuration file is formed on the FPGA chip; accordingly, the FPGA structure can update the deployed circuit logic configuration file based on the new version of the circuit logic configuration file obtained by decryption. Among them, the client can use the above configuration file deployment key to encrypt the new version of the circuit logic configuration file to obtain the encrypted new version of the circuit logic configuration file, and the trusted update module can also encrypt the new version of the circuit logic configuration file based on the above configuration file deployment key. The new version of the circuit logic configuration file is decrypted to obtain the new version of the circuit logic configuration file. Further, the client can also sign the new version of the circuit logic configuration file before encryption, and the trusted update module can decrypt the new version of the circuit logic configuration file based on the user public key or preset certificate pre-configured on the FPGA structure. Carry out verification. Then, in the case of a decryption failure or a signature verification failure, the trusted update module can terminate the update operation.
上述的新版电路逻辑配置文件中,“新版”是相对于FPGA结构上已部署的电路逻辑配置文件而言,以表明该已部署的电路逻辑配置文件被配置于FPGA结构的时刻相对靠前,而并非表明相应的电路逻辑配置文件所实现的逻辑或功能上必然实现版本迭代。In the above-mentioned new version of the circuit logic configuration file, the "new version" is relative to the circuit logic configuration file that has been deployed on the FPGA structure, to indicate that the deployed circuit logic configuration file is configured in the FPGA structure relatively earlier, and It does not mean that the logic or function implemented by the corresponding circuit logic configuration file will necessarily achieve version iteration.
FPGA结构在部署电路逻辑配置文件时,可以将电路逻辑配置文件直接读取并配置于FPGA芯片内。但是,FPGA芯片具有易失性,断电后部署的电路逻辑配置文件就会丢失,使得重新上电后需要客户端重新部署电路逻辑配置文件。因此,为了减少客户端的部署次数,FPGA结构可以进一步包含存储器,该存储器与FPGA芯片相连,使得电路逻辑配置文件被部署于存储器中,且FPGA芯片从存储器中读取电路逻辑配置文件以 实现相关功能;其中,存储器具有非易失性,即便断电仍然可以保存电路逻辑配置文件,而重新上电后只需重新从存储器读入FPGA芯片即可,无需客户端重新部署。存储器可以具有多种形式,比如闪存等可重复擦写的非易失性存储器,再比如熔丝存储器等不可重复擦写的存储器等,本说明书并不对此进行限制。因此,当已部署的电路逻辑配置文件位于存储器时,FPGA结构可以基于新版电路逻辑配置文件对该存储器进行更新部署,使得存储器中已部署的电路逻辑配置文件被更新为新版电路逻辑配置文件。When the FPGA structure deploys the circuit logic configuration file, the circuit logic configuration file can be directly read and configured in the FPGA chip. However, the FPGA chip is volatile, and the circuit logic configuration file deployed after the power is off will be lost, so that the client needs to re-deploy the circuit logic configuration file after power on. Therefore, in order to reduce the number of deployments of the client, the FPGA structure can further include a memory, which is connected to the FPGA chip, so that the circuit logic configuration file is deployed in the memory, and the FPGA chip reads the circuit logic configuration file from the memory to implement related functions ; Among them, the memory is non-volatile, even if the power is off, the circuit logic configuration file can still be saved, and after the power is turned on, it is only necessary to read the FPGA chip from the memory again, without the client re-deployment. The memory may have various forms, such as a non-volatile memory that can be re-erasable, such as flash memory, and a non-re-erasable memory, such as a fuse memory, which is not limited in this specification. Therefore, when the deployed circuit logic configuration file is located in the memory, the FPGA structure can update and deploy the memory based on the new version of the circuit logic configuration file, so that the deployed circuit logic configuration file in the memory is updated to the new version of the circuit logic configuration file.
FPGA结构可以针对更新部署的新版电路逻辑配置文件生成认证结果,该认证结果包含与新版电路逻辑配置文件相关的内容。例如,上述与新版电路逻辑配置文件相关的内容可以为新版电路逻辑配置文件的哈希值或该哈希值的衍生值;而客户端可以基于自身维护的新版电路逻辑配置文件生成哈希值或其衍生值,那么在客户端接收和生成的哈希值(或其衍生值)一致的情况下,客户端可以确定新版电路逻辑文件已成功部署至FPGA结构。当然,FPGA结构可以通过认证根密钥对认证结果进行签名后发送至客户端,以使客户端确定收到的认证结果来自FPGA结构且未经篡改。其中,FPGA结构采用的认证根密钥可以由前述已部署的电路逻辑配置文件提供;或者,当新版电路逻辑配置文件包含新版认证根密钥的情况下,FPGA结构可以基于该新版认证根密钥对认证结果进行签名。The FPGA structure can generate an authentication result for the new version of the circuit logic configuration file that is updated and deployed, and the authentication result includes content related to the new version of the circuit logic configuration file. For example, the above-mentioned content related to the new version of the circuit logic configuration file may be the hash value of the new version of the circuit logic configuration file or a derived value of the hash value; and the client can generate the hash value or the hash value based on the new version of the circuit logic configuration file maintained by itself. If the client receives and generates the same hash value (or its derived value), the client can determine that the new version of the circuit logic file has been successfully deployed to the FPGA structure. Of course, the FPGA structure can sign the authentication result with the authentication root key and send it to the client, so that the client can determine that the received authentication result comes from the FPGA structure and has not been tampered with. Among them, the authentication root key used in the FPGA structure can be provided by the previously deployed circuit logic configuration file; or, when the new version of the circuit logic configuration file contains the new version of the authentication root key, the FPGA structure can be based on the new version of the authentication root key Sign the authentication result.
除了上述新版电路逻辑文件的哈希值(或其衍生值)之外,认证结果还可与其他信息相关。例如,FPGA结构在部署了新版电路逻辑配置文件后,可以在FPGA芯片上加载该新版电路逻辑配置文件而形成新版密钥协商模块,并基于该新版密钥协商模块与客户端进行密钥协商、得到新版配置文件部署密钥,那么上述的其他信息可以为该新版配置文件部署密钥的哈希值(或其衍生值)。新版密钥协商模块与客户端协商新版配置文件部署密钥的过程中,采用FPGA结构上最近部署的认证根密钥,该认证根密钥可以来自于前述已部署的电路逻辑配置文件或新版电路逻辑配置文件。其中,当FPGA结构上前述已部署的电路逻辑配置文件与新版电路逻辑配置文件并非同一用户生成和部署的情况下,前述已部署的电路逻辑配置文件在烧录至FPGA结构之前可能被其他用户查看或检验,导致该已部署的电路逻辑配置文件所含的认证根密钥被其他用户获知,存在一定的安全性风险。因此,通过新版电路逻辑配置文件部署新版认证根密钥,可以有效提升安全性。举例而言,FPGA结构可以分别生成新版电路逻辑配置文件的哈希值、新版配置文件部署密钥的哈希值,并通过诸如sm3算法或其他算法对这两个哈希值进行计算,得到的计算结果可以被作为上述与新版电路逻辑配置文件相关的内容;相应地,基于认证结果可使客户端确定:新版电路逻辑配置文件在FPGA结构上成功部署,且客户 端与FPGA结构之间成功协商得到了新版配置文件部署密钥。In addition to the hash value (or its derivative value) of the above-mentioned new version of the circuit logic file, the authentication result may also be related to other information. For example, after the FPGA structure deploys the new version of the circuit logic configuration file, the new version of the circuit logic configuration file can be loaded on the FPGA chip to form a new version of the key agreement module, and based on the new version of the key agreement module, the key agreement module can be negotiated with the client. If the new version configuration file deployment key is obtained, the other information mentioned above can be the hash value (or its derivative value) of the new version configuration file deployment key. When the new version key agreement module negotiates the deployment key of the new version of the configuration file with the client, the authentication root key recently deployed on the FPGA structure is used. The authentication root key can come from the previously deployed circuit logic configuration file or the new version of the circuit. Logical configuration file. Among them, when the foregoing deployed circuit logic configuration file and the new version of the circuit logic configuration file on the FPGA structure are not generated and deployed by the same user, the foregoing deployed circuit logic configuration file may be viewed by other users before being burned to the FPGA structure Or check, causing the authentication root key contained in the deployed circuit logic configuration file to be known by other users, which poses a certain security risk. Therefore, deploying a new version of the authentication root key through the new version of the circuit logic configuration file can effectively improve security. For example, the FPGA structure can respectively generate the hash value of the new version of the circuit logic configuration file and the hash value of the new version of the configuration file deployment key, and calculate the two hash values through such as sm3 algorithm or other algorithms. The calculation result can be used as the above-mentioned content related to the new version of the circuit logic configuration file; accordingly, based on the authentication result, the client can determine that the new version of the circuit logic configuration file is successfully deployed on the FPGA structure, and the client and the FPGA structure are successfully negotiated Get the new version of the configuration file deployment key.
图2是一示例性实施例提供的一种区块链节点的结构示意图。基于本说明书的技术方案,可以在区块链节点上添加FPGA结构以实现硬件TEE,譬如该FPGA结构可以为如图2所示的FPGA板卡。FPGA板卡可以通过PCIE接口连接至区块链节点上,以实现FPGA板卡与区块链节点之间的数据交互。FPGA板卡可以包括FPGA芯片、Flash(闪存)芯片和密管芯片等结构;当然,在一些实施例中除了包含FPGA芯片之外,可能仅包含剩余的Flash芯片和密管芯片等中的部分结构,或者可能包含更多结构,此处仅用于举例。Fig. 2 is a schematic structural diagram of a blockchain node provided by an exemplary embodiment. Based on the technical solution in this specification, an FPGA structure can be added to the blockchain node to implement hardware TEE. For example, the FPGA structure can be an FPGA board as shown in FIG. 2. The FPGA board can be connected to the blockchain node through the PCIE interface to realize the data interaction between the FPGA board and the blockchain node. FPGA boards can include FPGA chips, Flash (flash memory) chips, and dense tube chips; of course, in addition to FPGA chips in some embodiments, they may only include parts of the remaining Flash chips and dense tube chips. , Or may contain more structures, here are just examples.
在初始阶段,FPGA芯片上并未烧录用户定义的任何逻辑,相当于FPGA芯片处于空白状态。用户可以通过向FPGA芯片上烧录电路逻辑配置文件,以在FPGA芯片上形成相应的功能或逻辑。在首次烧录电路逻辑配置文件时,FPGA板卡不具有安全防护的能力,因而通常需要外部提供安全环境,比如用户可以在离线环境下实施对电路逻辑配置文件的烧录以实现物理安全隔离,而非在线上实施远程烧录。In the initial stage, no user-defined logic is programmed on the FPGA chip, which is equivalent to the FPGA chip in a blank state. Users can burn circuit logic configuration files on the FPGA chip to form corresponding functions or logic on the FPGA chip. When programming the circuit logic configuration file for the first time, the FPGA board does not have the capability of security protection, so it usually needs to provide an external security environment. For example, users can implement the programming of the circuit logic configuration file in an offline environment to achieve physical security isolation. Instead of implementing remote programming online.
针对用户所需实现的功能或逻辑,可以通过FPGA硬件语言形成相应的逻辑代码,并进而对该逻辑代码进行镜像化处理,即可得到上述的电路逻辑配置文件。在烧录至FPGA板卡之前,用户可以针对上述的逻辑代码进行检查。尤其是,当同时涉及到多个用户时,多个用户可以分别对上述的逻辑代码进行检查,以确保FPGA板卡最终能够满足所有用户的需求,防止出现安全性风险、逻辑错误、欺诈等异常问题。For the function or logic that the user needs to implement, the corresponding logic code can be formed through FPGA hardware language, and then the logic code can be mirrored to obtain the above-mentioned circuit logic configuration file. Before programming to the FPGA board, the user can check the above-mentioned logic code. Especially, when multiple users are involved at the same time, multiple users can check the above logic code separately to ensure that the FPGA board can finally meet the needs of all users and prevent security risks, logic errors, fraud and other abnormalities. problem.
在确定代码无误后,用户可以在上述的离线环境下,将电路逻辑配置文件烧录至FPGA板卡上。具体的,电路逻辑配置文件被从区块链节点传入FPGA板卡,进而部署至如图2所示的Flash芯片中,使得即便FPGA板卡发生掉电,Flash芯片仍然能够保存上述的电路逻辑配置文件。After confirming that the code is correct, the user can burn the circuit logic configuration file to the FPGA board in the above-mentioned offline environment. Specifically, the circuit logic configuration file is transferred from the blockchain node to the FPGA board, and then deployed to the Flash chip as shown in Figure 2, so that even if the FPGA board is powered off, the Flash chip can still save the above-mentioned circuit logic. Configuration file.
图3是一示例性实施例提供的一种在FPGA芯片上形成功能模块的示意图。通过将Flash芯片中所部署的电路逻辑配置文件加载至FPGA芯片,可以对FPGA芯片所含的硬件逻辑单元进行配置,从而在FPGA芯片上形成相应的功能模块,譬如所形成的功能模块可以包括如图3所示的明文计算模块、密钥协商模块、解密验签模块、加解密模块等。同时,电路逻辑配置文件还可以用于向FPGA板卡传输需要存储的信息,比如可以将预置证书存储于FPGA芯片上、将认证根密钥存储于密管芯片中(认证根密钥也可以存储于FPGA芯片上)等。Fig. 3 is a schematic diagram of forming a functional module on an FPGA chip provided by an exemplary embodiment. By loading the circuit logic configuration file deployed in the Flash chip to the FPGA chip, the hardware logic unit contained in the FPGA chip can be configured to form corresponding functional modules on the FPGA chip. For example, the formed functional modules can include such Figure 3 shows the plaintext calculation module, key agreement module, decryption signature verification module, encryption and decryption module, etc. At the same time, the circuit logic configuration file can also be used to transmit the information that needs to be stored to the FPGA board. For example, the preset certificate can be stored on the FPGA chip, and the authentication root key can be stored in the secret tube chip (the authentication root key can also be Stored on the FPGA chip) and so on.
基于FPGA芯片上所形成的密钥协商模块,以及部署于FPGA板卡上的认证根密钥,使得FPGA板卡可以与用户实现远程的密钥协商,该密钥协商过程可以采用相关技术中的任意算法或标准来实现,本说明书并不对此进行限制。举例而言,密钥协商过程可以包括:用户可以在本地的客户端生成一密钥Ka-1、密钥协商模块可以在本地生成一密钥Kb-1,且客户端可以基于密钥Ka-1计算得到密钥协商信息Ka-2、密钥协商模块可以基于密钥Kb-1计算得到密钥协商信息Kb-2,然后客户端将密钥协商信息Ka-2发送至密钥协商模块、密钥协商模块将密钥协商信息Kb-2发送至客户端,使得客户端可以基于密钥Ka-1与密钥协商信息Kb-2生成一秘密值,而密钥协商模块可以基于密钥Kb-1与密钥协商信息Ka-2生成相同的秘密值,最后由客户端、密钥协商模块分别基于密钥导出函数从该相同的秘密值导出相同的配置文件部署密钥,该配置文件部署密钥可以存在FPGA芯片或密管芯片。在上述过程中,虽然密钥协商信息Ka-2、密钥协商信息Kb-2是经由区块链节点在客户端与密钥协商模块之间传输,但是由于密钥Ka-1由客户端掌握、密钥Kb-1由密钥协商模块掌握,因而可以确保区块链节点无法获知最终得到的秘密值和配置文件部署密钥,避免可能造成的安全性风险。Based on the key agreement module formed on the FPGA chip and the authentication root key deployed on the FPGA board, the FPGA board can realize remote key agreement with the user. The key agreement process can use related technologies. Any algorithm or standard can be implemented, and this specification does not limit it. For example, the key agreement process can include: the user can generate a key Ka-1 at the local client, the key agreement module can generate a key Kb-1 locally, and the client can generate a key Kb-1 based on the key Ka- 1 Calculate the key agreement information Ka-2, the key agreement module can calculate the key agreement information Kb-2 based on the key Kb-1, and then the client sends the key agreement information Ka-2 to the key agreement module, The key agreement module sends the key agreement information Kb-2 to the client, so that the client can generate a secret value based on the key Ka-1 and the key agreement information Kb-2, and the key agreement module can be based on the key Kb -1 generates the same secret value as the key agreement information Ka-2, and finally the client and the key agreement module respectively derive the same configuration file deployment key from the same secret value based on the key derivation function, and the configuration file deployment The key can be stored in the FPGA chip or the secret management chip. In the above process, although the key agreement information Ka-2 and key agreement information Kb-2 are transmitted between the client and the key agreement module via the blockchain node, the key Ka-1 is controlled by the client , The key Kb-1 is controlled by the key agreement module, so it can ensure that the blockchain node cannot know the final secret value and the configuration file deployment key, so as to avoid possible security risks.
除了配置文件部署密钥之外,秘密值还用于导出业务秘密部署密钥;例如,秘密值可以导出32位数值,可以将前16位作为配置文件部署密钥、后16位作为业务秘密部署密钥。用户可以通过业务秘密部署密钥向FPGA板卡部署业务密钥,譬如该业务密钥可以包括节点私钥和业务根密钥。例如,用户可以在客户端上采用业务秘密部署密钥对节点私钥或业务根密钥进行签名、加密并发送至FPGA板卡,使得FPGA板卡通过解密验签模块进行解密、验签后,对得到的节点私钥或业务根密钥进行部署。In addition to the configuration file deployment key, the secret value is also used to derive the business secret deployment key; for example, the secret value can be derived as a 32-bit value, the first 16 bits can be used as the configuration file deployment key, and the last 16 bits can be used as the business secret deployment Key. The user can deploy the service key to the FPGA board through the service secret deployment key. For example, the service key may include the node private key and the service root key. For example, the user can use the business secret deployment key on the client to sign, encrypt the node private key or the business root key, and send it to the FPGA board, so that after the FPGA board is decrypted and verified through the decryption verification module, Deploy the obtained node private key or service root key.
基于部署的节点密钥、业务根密钥和FPGA芯片上的加解密模块、明文计算模块,使得FPGA板卡可以实现为区块链节点上的TEE,以满足隐私需求。例如,当区块链节点收到一笔交易时,如果该交易为明文交易,区块链节点可以直接处理该明文交易,如果该交易为隐私交易,区块链节点将该隐私交易传入FPGA板卡进行处理。Based on the deployed node key, service root key, encryption and decryption module and plaintext calculation module on the FPGA chip, the FPGA board can be implemented as a TEE on the blockchain node to meet privacy requirements. For example, when a blockchain node receives a transaction, if the transaction is a plaintext transaction, the blockchain node can directly process the plaintext transaction, if the transaction is a private transaction, the blockchain node transmits the private transaction to the FPGA The board is processed.
明文交易的交易内容为明文形式,并且交易执行后所产生的合约状态等同样采用明文形式进行存储。隐私交易的交易内容为密文形式,由交易发起方对明文交易内容进行加密而得到,且交易执行后产生的合约状态等需要采用密文形式进行存储,从而确保交易隐私保护。例如,交易发起方可以随机或基于其他方式生成一对称密钥,同样上述的业务私钥对应的业务公钥被公开,那么交易发起方可以基于该对称密钥和业务公钥对明文交易内容进行数字信封加密:交易发起方通过对称密钥加密明文交易内容,并通过 业务公钥对该对称密钥进行加密,得到的两部分内容均被包含于上述的隐私交易中;换言之,隐私交易中包含两部分内容:采用对称密钥加密的明文交易内容、采用业务公钥加密的对称密钥。The transaction content of a plaintext transaction is in plaintext form, and the contract status generated after the transaction is executed is also stored in plaintext form. The transaction content of a private transaction is in the form of cipher text, which is obtained by encrypting the content of the transaction in plain text by the transaction initiator, and the contract state generated after the transaction is executed needs to be stored in the form of cipher text to ensure the protection of transaction privacy. For example, the transaction initiator can generate a symmetric key randomly or based on other methods. Similarly, the business public key corresponding to the above-mentioned business private key is disclosed, then the transaction initiator can perform transaction content in plaintext based on the symmetric key and the business public key. Digital Envelope Encryption: The transaction initiator encrypts the plaintext transaction content with a symmetric key, and encrypts the symmetric key with the business public key. The two parts obtained are included in the above-mentioned private transaction; in other words, the private transaction includes Two parts of content: the content of the transaction in plaintext encrypted with a symmetric key, and the symmetric key encrypted with the business public key.
因此,FPGA板卡在收到区块链节点传入的隐私交易后,可由加解密模块通过业务私钥对采用业务公钥加密的对称密钥进行解密、得到对称密钥,然后由加解密模块通过对称密钥对采用对称密钥加密的明文交易内容进行解密、得到明文交易内容。隐私交易可以用于部署智能合约,那么明文交易内容的data字段可以包含待部署的智能合约的寄存器式合约代码;或者,隐私交易可以用于调用智能合约,那么明文交易内容的to字段可以包含被调用的智能合约的合约地址,而FPGA板卡可以基于该合约地址调取相应的寄存器式合约代码。Therefore, after the FPGA board receives the private transaction from the blockchain node, the encryption and decryption module can use the business private key to decrypt the symmetric key encrypted with the business public key to obtain the symmetric key, and then the encryption and decryption module The symmetric key is used to decrypt the plaintext transaction content encrypted with the symmetric key to obtain the plaintext transaction content. Private transactions can be used to deploy smart contracts, then the data field of the plaintext transaction content can contain the register contract code of the smart contract to be deployed; or, the privacy transaction can be used to call the smart contract, then the to field of the plaintext transaction content can contain the The contract address of the called smart contract, and the FPGA board can call the corresponding register-type contract code based on the contract address.
FPGA芯片上形成的明文计算模块用于实现相关技术中的虚拟机逻辑,即明文计算模块相当于FPGA板卡上的“硬件虚拟机”。因此,基于上述明文交易内容确定出寄存器式合约代码后,可以将该寄存器式合约代码传入明文计算模块中,以由该明文计算模块执行该寄存器式合约代码。执行完毕后,寄存器式合约代码所涉及的合约状态可能发生更新。如果合约状态需要存储至FPGA芯片之外,那么可由加解密模块通过前述的业务根密钥或其衍生密钥对发生更新的合约状态进行加密,并对加密后合约状态进行存储,以确保与隐私交易相关的数据仅在FPGA芯片内处于明文状态、在FPGA芯片之外均处于密文状态,从而保证数据的安全性。The plaintext calculation module formed on the FPGA chip is used to implement virtual machine logic in related technologies, that is, the plaintext calculation module is equivalent to the "hardware virtual machine" on the FPGA board. Therefore, after the register-type contract code is determined based on the above-mentioned plaintext transaction content, the register-type contract code can be passed into the plaintext calculation module, so that the plaintext calculation module executes the register-type contract code. After the execution is completed, the status of the contract involved in the register-type contract code may be updated. If the contract state needs to be stored outside the FPGA chip, the encryption and decryption module can encrypt the updated contract state through the aforementioned business root key or its derivative key, and store the encrypted contract state to ensure privacy The transaction-related data is only in the clear text state in the FPGA chip and in the cipher text state outside the FPGA chip, so as to ensure the security of the data.
明文计算模块可以为本说明书中的寄存器式片上处理器。针对区块链节点所收到的交易需要部署或调用的智能合约,由寄存器式片上处理器执行该智能合约的寄存器式代码程序。其中,该寄存器式代码程序可由交易提交方在客户端上直接由高级语言程序编译得到,或者先将高级语言程序编译为字节码程序再编译为寄存器式代码程序。The plaintext calculation module can be the register type on-chip processor in this specification. For the smart contract that needs to be deployed or invoked for the transaction received by the blockchain node, the register-type on-chip processor executes the register-type code program of the smart contract. Wherein, the register code program can be directly compiled by the high-level language program on the client by the transaction submitting party, or the high-level language program can be compiled into a byte code program and then compiled into a register code program.
由于采用寄存器式架构,使得寄存器式片上处理器在执行寄存器式代码程序的过程中,将该寄存器式代码程序所含操作指令涉及到的操作数存入FPGA芯片上的寄存器中,且在执行相关操作指令时直接根据寄存器的信息获取操作数并执行运算,进而将运算结果存入寄存器中。上述机器码所涉及的操作数的数量可以为一个或多个。相比于采用栈式架构而言,各个操作数可以并行地存入寄存器或从寄存器读取,而非按照顺序依次入栈或出栈,因而具有相对更高的执行效率。譬如在前文所列举的运算操作“c=a+b”中,栈式运算涉及到4个步骤、寄存器式运算涉及2个步骤,如果每个步骤需要占用寄存器式片上处理器的一个时钟周期,那么栈式运算需要消耗4个时钟周期、寄存器式运 算仅需消耗2个时钟周期。Due to the register-based architecture, the register-based on-chip processor stores the operands involved in the operation instructions contained in the register-based code program in the registers on the FPGA chip during the execution of the register-based code program, and the execution is related When operating instructions, directly obtain operands and perform operations based on the information in the registers, and then store the results of the operations in the registers. The number of operands involved in the above machine code can be one or more. Compared with the use of a stack architecture, each operand can be stored in or read from the register in parallel, instead of being pushed or popped into the stack in sequence, so it has a relatively higher execution efficiency. For example, in the arithmetic operation "c=a+b" listed above, the stack operation involves 4 steps, and the register operation involves 2 steps. If each step requires one clock cycle of the register-based on-chip processor, Then the stack operation needs to consume 4 clock cycles, and the register operation only needs 2 clock cycles.
同时,在FPGA芯片上的寄存器数量充足的情况下,不同操作指令所涉及的操作数可以分别存入不同的寄存器中。那么,对于不存在依赖关系的不同操作指令而言,寄存器式片上处理器可以并行地读取这些操作指令对应的操作数,以针对这些操作数实施并行运算。例如,当合约代码包含1000条指令时,假定每条指令需要占用寄存器式片上处理器的一个时钟周期,那么顺序执行合约代码需要消耗1000个时钟周期,而基于上述并行运算则可以减少对时钟周期的消耗,具体减少的数量取决于各条指令之间的依赖关系。At the same time, when the number of registers on the FPGA chip is sufficient, the operands involved in different operation instructions can be stored in different registers. Then, for different operation instructions that do not have a dependency relationship, the register-based on-chip processor can read the operands corresponding to these operation instructions in parallel to implement parallel operations on these operands. For example, when the contract code contains 1000 instructions, assuming that each instruction needs to occupy one clock cycle of the register-based on-chip processor, then the sequential execution of the contract code needs to consume 1000 clock cycles, and based on the above parallel operation, the clock cycle can be reduced. The amount of consumption and the specific reduction depends on the dependency between the instructions.
基于一些原因,用户可能希望对FPGA板卡上部署的电路逻辑配置文件进行版本更新,比如该电路逻辑配置文件所含的认证根密钥可能被风险用户获知、再比如用户希望对FPGA板卡上部署的功能模块进行升级等,本说明书并不对此进行限制。为了便于区分,可以将上述过程中已部署的电路逻辑配置文件称之为旧版电路逻辑配置文件,而将需要部署的电路逻辑配置文件称之为新版电路逻辑配置文件。For some reasons, the user may want to update the version of the circuit logic configuration file deployed on the FPGA board. For example, the authentication root key contained in the circuit logic configuration file may be known by risky users, or the user wants to update the version on the FPGA board. The deployed functional modules are upgraded, etc. This manual does not limit this. In order to facilitate the distinction, the circuit logic configuration file that has been deployed in the above process can be referred to as the old version of the circuit logic configuration file, and the circuit logic configuration file that needs to be deployed is referred to as the new version of the circuit logic configuration file.
与旧版电路逻辑配置文件相类似的,用户可以通过编写代码、镜像化等过程生成新版电路逻辑配置文件。进一步的,用户可以通过自身持有的私钥对新版电路逻辑配置文件进行签名,然后通过上文协商出的配置文件部署密钥对签名后的新版电路逻辑配置文件进行加密,得到加密后新版电路逻辑配置文件。在一些情况下,可能同时存在多名用户,那么旧版电路逻辑配置文件需要将这些用户对应的预置证书均部署至FPGA板卡中,且这些用户需要分别采用自身持有的私钥对新版电路逻辑配置文件进行签名。Similar to the old version of the circuit logic configuration file, the user can generate a new version of the circuit logic configuration file through the process of writing code and mirroring. Further, the user can sign the new version of the circuit logic configuration file with his own private key, and then encrypt the signed new version of the circuit logic configuration file with the configuration file deployment key negotiated above to obtain the encrypted new version of the circuit Logical configuration file. In some cases, there may be multiple users at the same time, so the old version of the circuit logic configuration file needs to deploy the preset certificates corresponding to these users to the FPGA board, and these users need to use their own private keys to pair the new version of the circuit. Sign the logical configuration file.
用户可以通过客户端远程将加密后新版电路逻辑配置文件发送至区块链节点,并由区块链节点进一步将其传入FPGA板卡。前述过程中在FPGA芯片上形成的解密验签模块位于PCIE接口与Flash芯片之间的传输通路上,使得加密后新版电路逻辑配置文件必然需要优先经过解密验签模块的成功处理后,才能够被传入Flash芯片以实现可信更新,无法绕过解密验签的过程而直接对Flash芯片进行更新。The user can remotely send the encrypted new version of the circuit logic configuration file to the blockchain node through the client, and the blockchain node will further transfer it to the FPGA board. The decryption verification module formed on the FPGA chip in the foregoing process is located on the transmission path between the PCIE interface and the Flash chip, so that the encrypted new version of the circuit logic configuration file must first be successfully processed by the decryption verification module before it can be The Flash chip is passed in to achieve a credible update, and the Flash chip cannot be updated directly without bypassing the process of decryption and verification.
解密验签模块在收到加密后新版电路逻辑配置文件后,首先通过FPGA板卡上部署的配置文件部署密钥进行解密,如果解密成功则解密验签模块进一步基于FPGA芯片上部署的预置证书,对解密后的新版电路逻辑配置文件进行签名验证。如果解密失败或者签名验证未通过,则说明收到的文件并非来自上述用户或者遭到篡改,解密验签模块将触发终止本次的更新操作;而在解密成功且验签通过的情况下,可以确定得到的新版电路逻辑配置文件来自上述用户且传输过程中未遭到篡改,可以将该新版电路逻辑配置 文件进一步传输至Flash芯片,以针对Flash芯片中的旧版电路逻辑配置文件进行更新部署。After the decryption verification module receives the encrypted new version of the circuit logic configuration file, it first decrypts it with the configuration file deployment key deployed on the FPGA board. If the decryption is successful, the decryption verification module is further based on the preset certificate deployed on the FPGA chip , To perform signature verification on the decrypted new version of the circuit logic configuration file. If the decryption fails or the signature verification fails, it means that the received file is not from the above-mentioned user or has been tampered with, and the decryption verification module will trigger the termination of this update operation; and if the decryption is successful and the verification is passed, it can be It is determined that the obtained new version of the circuit logic configuration file is from the aforementioned user and has not been tampered with during the transmission process. The new version of the circuit logic configuration file can be further transmitted to the Flash chip to update and deploy the old version of the circuit logic configuration file in the Flash chip.
新版电路逻辑配置文件被加载至FPGA芯片后,同样可以在该FPGA芯片上形成诸如上述的密钥协商模块、解密验签模块,以及向FPGA芯片存入预置证书、向密管芯片存入认证根密钥等信息。其中,所形成的密钥协商模块、解密验签模块等,所实现的功能逻辑可以发生变化和升级,所存入部署的预置证书、认证根密钥等信息也可能区别于更新前的信息。那么,FPGA板卡可以基于更新后的密钥协商模块、认证根密钥等,与用户进行远程协商得到新的配置文件部署密钥,该配置文件部署密钥可以被用于下一次的可新更新过程。类似地,可以据此不断实现针对FPGA板卡的可信更新操作。After the new version of the circuit logic configuration file is loaded into the FPGA chip, the above-mentioned key agreement module, decryption and verification module can also be formed on the FPGA chip, and the pre-set certificate and authentication can be stored in the FPGA chip. Root key and other information. Among them, the formed key agreement module, decryption verification module, etc., the implemented functional logic can be changed and upgraded, and the information stored in the deployed preset certificate, authentication root key and other information may also be different from the information before the update . Then, the FPGA board can remotely negotiate with the user to obtain a new configuration file deployment key based on the updated key agreement module, authentication root key, etc., and the configuration file deployment key can be used for the next renewal Update process. Similarly, a reliable update operation for FPGA boards can be continuously implemented accordingly.
在完成更新部署后,FPGA板卡可以针对新版电路逻辑配置文件生成认证结果。例如,上述的密钥协商模块可以通过诸如sm3算法或其他算法对新版电路逻辑配置文件的哈希值、基于新版电路逻辑配置文件协商得到的配置文件部署密钥的哈希值进行计算,得到的计算结果可以被作为上述的认证结果,并由密钥协商模块将该认证结果发送至用户。相应地,用户可以在客户端上基于所维护的新版电路逻辑配置文件和据此协商的配置文件部署密钥对认证结果进行验证,如果验证成功则表明新版电路逻辑配置文件在FPGA板卡上成功部署,且用户与FPGA板卡之间据此成功协商得到了一致的配置文件部署密钥,从而确认成功完成了针对电路逻辑配置文件的更新部署。After completing the update deployment, the FPGA board can generate certification results for the new version of the circuit logic configuration file. For example, the above-mentioned key agreement module can calculate the hash value of the new version of the circuit logic configuration file and the hash value of the configuration file deployment key negotiated based on the new version of the circuit logic configuration file through an algorithm such as sm3 or other algorithms. The calculation result can be used as the above-mentioned authentication result, and the key agreement module sends the authentication result to the user. Correspondingly, the user can verify the authentication result on the client based on the maintained new version of the circuit logic configuration file and the configuration file deployment key negotiated accordingly. If the verification is successful, it indicates that the new version of the circuit logic configuration file is successful on the FPGA board. Deployed, and the user and the FPGA board successfully negotiated accordingly to obtain a consistent configuration file deployment key, thereby confirming the successful completion of the circuit logic configuration file update deployment.
图4是一示例性实施例提供的一种基于FPGA的安全智能合约处理器的交易处理装置的示意结构图。请参考图4,在软件实施方式中,该装置可以包括:Fig. 4 is a schematic structural diagram of an FPGA-based secure smart contract processor-based transaction processing device provided by an exemplary embodiment. Please refer to Figure 4, in the software implementation, the device may include:
加载单元401,使FPGA结构将存储器中已部署的电路逻辑配置文件加载至FPGA芯片上,以在所述FPGA芯片上形成用于实现虚拟机逻辑的寄存器式片上处理器;The loading unit 401 causes the FPGA structure to load the deployed circuit logic configuration file in the memory onto the FPGA chip, so as to form a register-type on-chip processor for realizing virtual machine logic on the FPGA chip;
获取单元402,使所述FPGA结构根据所属区块链节点收到的交易,获取所述交易涉及的智能合约的寄存器式代码程序;The acquiring unit 402 enables the FPGA structure to acquire the register-type code program of the smart contract involved in the transaction according to the transaction received by the blockchain node to which it belongs;
执行单元403,使所述FPGA结构将所述寄存器式代码程序传入所述寄存器式片上处理器,使所述寄存器式片上处理器执行所述寄存器式代码程序。The execution unit 403 causes the FPGA structure to transfer the register-type code program to the register-type on-chip processor, so that the register-type on-chip processor executes the register-type code program.
可选的,在由所述寄存器式片上处理器进行处理的过程中,所述寄存器式代码程序所涉及的操作数被写入所述FPGA芯片上的寄存器中。Optionally, during processing by the register-type on-chip processor, the operands involved in the register-type code program are written into the registers on the FPGA chip.
可选的,所述寄存器式代码程序由高级语言程序直接编译得到;或者,所述寄存器式代码程序由字节码程序直接编译得到,所述字节码程序由所述高级语言程序直接编 译得到。Optionally, the register-style code program is directly compiled by a high-level language program; or, the register-style code program is directly compiled by a bytecode program, and the bytecode program is directly compiled by the high-level language program .
可选的,还包括:解密单元404,使所述FPGA结构从所属的区块链节点处获得经过加密的交易,并将所述交易传入所述FPGA芯片上的解密模块以得到明文交易内容;其中,所述解密模块由所述已部署的电路逻辑配置文件在所述FPGA芯片上形成;Optionally, it further includes: a decryption unit 404 to enable the FPGA structure to obtain an encrypted transaction from the blockchain node to which it belongs, and pass the transaction to the decryption module on the FPGA chip to obtain the content of the transaction in plaintext ; Wherein, the decryption module is formed on the FPGA chip by the deployed circuit logic configuration file;
提取单元405,在所述交易用于部署智能合约的情况下,使所述FPGA结构从所述明文交易内容中提取所述寄存器式代码程序;An extracting unit 405, when the transaction is used to deploy a smart contract, causes the FPGA structure to extract the register code program from the plaintext transaction content;
查找单元406,在所述交易用于调用智能合约的情况下,使所述FPGA结构从所述明文交易内容中提取合约地址,并基于所述合约地址获取所述寄存器式代码程序。The search unit 406, when the transaction is used for invoking a smart contract, causes the FPGA structure to extract the contract address from the plaintext transaction content, and obtain the register code program based on the contract address.
可选的,所述查找单元406具体用于:使所述FPGA结构向所述区块链节点请求并获得所述合约地址对应的加密后寄存器式代码程序;使所述FPGA结构将所述加密后寄存器式代码程序传入所述解密模块,以解密得到所述寄存器式代码程序。Optionally, the search unit 406 is specifically configured to: make the FPGA structure request and obtain the encrypted register code program corresponding to the contract address from the blockchain node; make the FPGA structure encrypt the The latter register code program is passed into the decryption module to decrypt the register code program.
可选的,还包括:明文存储单元407,使所述FPGA结构将所述寄存器式代码程序运行后更新的合约状态存储于所述FPGA芯片的片上存储空间;或者,Optionally, it further includes: a plaintext storage unit 407, which enables the FPGA structure to store the contract state updated after the register code program is run in the on-chip storage space of the FPGA chip; or,
密文存储单元408,使所述FPGA结构通过所述FPGA芯片上的加密模块对所述寄存器式代码程序运行后更新的合约状态进行加密,并将加密后合约状态存储于所述FPGA芯片之外的外部存储空间;其中,所述加密模块由所述已部署的电路逻辑配置文件在所述FPGA芯片上形成。The ciphertext storage unit 408 enables the FPGA structure to encrypt the updated contract state after the register code program runs through the encryption module on the FPGA chip, and stores the encrypted contract state outside the FPGA chip The external storage space; wherein the encryption module is formed on the FPGA chip by the deployed circuit logic configuration file.
可选的,所述虚拟机逻辑包括:以太坊虚拟机的执行逻辑或者WASM虚拟机的执行逻辑。Optionally, the virtual machine logic includes: the execution logic of the Ethereum virtual machine or the execution logic of the WASM virtual machine.
上述实施例阐明的系统、装置、模块或单元,具体可以由计算机芯片或实体实现,或者由具有某种功能的产品来实现。一种典型的实现设备为计算机,计算机的具体形式可以是个人计算机、膝上型计算机、蜂窝电话、相机电话、智能电话、个人数字助理、媒体播放器、导航设备、电子邮件收发设备、游戏控制台、平板计算机、可穿戴设备或者这些设备中的任意几种设备的组合。The systems, devices, modules, or units explained in the above embodiments may be implemented by computer chips or entities, or implemented by products with certain functions. A typical implementation device is a computer. The specific form of the computer can be a personal computer, a laptop computer, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email receiving and sending device, and a game control A console, a tablet computer, a wearable device, or a combination of any of these devices.
在一个典型的配置中,计算机包括一个或多个处理器(CPU)、输入/输出接口、网络接口和内存。In a typical configuration, the computer includes one or more processors (CPU), input/output interfaces, network interfaces, and memory.
内存可能包括计算机可读介质中的非永久性存储器,随机存取存储器(RAM)和/或非易失性内存等形式,如只读存储器(ROM)或闪存(flash RAM)。内存是计算机 可读介质的示例。The memory may include non-permanent memory in a computer readable medium, random access memory (RAM) and/or non-volatile memory, such as read-only memory (ROM) or flash memory (flash RAM). Memory is an example of computer readable media.
计算机可读介质包括永久性和非永久性、可移动和非可移动媒体可以由任何方法或技术来实现信息存储。信息可以是计算机可读指令、数据结构、程序的模块或其他数据。计算机的存储介质的例子包括,但不限于相变内存(PRAM)、静态随机存取存储器(SRAM)、动态随机存取存储器(DRAM)、其他类型的随机存取存储器(RAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、快闪记忆体或其他内存技术、只读光盘只读存储器(CD-ROM)、数字多功能光盘(DVD)或其他光学存储、磁盒式磁带、磁盘存储、量子存储器、基于石墨烯的存储介质或其他磁性存储设备或任何其他非传输介质,可用于存储可以被计算设备访问的信息。按照本文中的界定,计算机可读介质不包括暂存电脑可读媒体(transitory media),如调制的数据信号和载波。Computer-readable media include permanent and non-permanent, removable and non-removable media, and information storage can be realized by any method or technology. The information can be computer-readable instructions, data structures, program modules, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technology, CD-ROM, digital versatile disc (DVD) or other optical storage, Magnetic cassettes, disk storage, quantum memory, graphene-based storage media or other magnetic storage devices or any other non-transmission media can be used to store information that can be accessed by computing devices. According to the definition in this article, computer-readable media does not include transitory media, such as modulated data signals and carrier waves.
还需要说明的是,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、商品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、商品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素的过程、方法、商品或者设备中还存在另外的相同要素。It should also be noted that the terms "include", "include" or any other variants thereof are intended to cover non-exclusive inclusion, so that a process, method, commodity or equipment including a series of elements not only includes those elements, but also includes Other elements that are not explicitly listed, or they also include elements inherent to such processes, methods, commodities, or equipment. If there are no more restrictions, the element defined by the sentence "including a..." does not exclude the existence of other identical elements in the process, method, commodity, or equipment that includes the element.
上述对本说明书特定实施例进行了描述。其它实施例在所附权利要求书的范围内。在一些情况下,在权利要求书中记载的动作或步骤可以按照不同于实施例中的顺序来执行并且仍然可以实现期望的结果。另外,在附图中描绘的过程不一定要求示出的特定顺序或者连续顺序才能实现期望的结果。在某些实施方式中,多任务处理和并行处理也是可以的或者可能是有利的。The foregoing describes specific embodiments of this specification. Other embodiments are within the scope of the appended claims. In some cases, the actions or steps described in the claims may be performed in a different order than in the embodiments and still achieve desired results. In addition, the processes depicted in the drawings do not necessarily require the specific order or sequential order shown in order to achieve the desired results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
在本说明书一个或多个实施例使用的术语是仅仅出于描述特定实施例的目的,而非旨在限制本说明书一个或多个实施例。在本说明书一个或多个实施例和所附权利要求书中所使用的单数形式的“一种”、“所述”和“该”也旨在包括多数形式,除非上下文清楚地表示其他含义。还应当理解,本文中使用的术语“和/或”是指并包含一个或多个相关联的列出项目的任何或所有可能组合。The terms used in one or more embodiments of this specification are only for the purpose of describing specific embodiments, and are not intended to limit one or more embodiments of this specification. The singular forms "a", "said" and "the" used in one or more embodiments of this specification and the appended claims are also intended to include plural forms, unless the context clearly indicates other meanings. It should also be understood that the term "and/or" as used herein refers to and includes any or all possible combinations of one or more associated listed items.
应当理解,尽管在本说明书一个或多个实施例可能采用术语第一、第二、第三等来描述各种信息,但这些信息不应限于这些术语。这些术语仅用来将同一类型的信息彼此区分开。例如,在不脱离本说明书一个或多个实施例范围的情况下,第一信息也可以被称为第二信息,类似地,第二信息也可以被称为第一信息。取决于语境,如在此所使 用的词语“如果”可以被解释成为“在……时”或“当……时”或“响应于确定”。It should be understood that, although the terms first, second, third, etc. may be used to describe various information in one or more embodiments of this specification, the information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other. For example, without departing from the scope of one or more embodiments of this specification, the first information may also be referred to as second information, and similarly, the second information may also be referred to as first information. Depending on the context, the word "if" as used herein can be interpreted as "when" or "when" or "in response to certainty".
以上所述仅为本说明书一个或多个实施例的较佳实施例而已,并不用以限制本说明书一个或多个实施例,凡在本说明书一个或多个实施例的精神和原则之内,所做的任何修改、等同替换、改进等,均应包含在本说明书一个或多个实施例保护的范围之内。The foregoing descriptions are only preferred embodiments of one or more embodiments of this specification, and are not intended to limit one or more embodiments of this specification. All within the spirit and principle of one or more embodiments of this specification, Any modification, equivalent replacement, improvement, etc. made should be included in the protection scope of one or more embodiments of this specification.

Claims (10)

  1. 一种基于FPGA的安全智能合约处理器的交易处理方法,包括:An FPGA-based transaction processing method for a secure smart contract processor, including:
    FPGA结构将存储器中已部署的电路逻辑配置文件加载至FPGA芯片上,以在所述FPGA芯片上形成用于实现虚拟机逻辑的寄存器式片上处理器;The FPGA structure loads the circuit logic configuration file deployed in the memory onto the FPGA chip to form a register-type on-chip processor for realizing virtual machine logic on the FPGA chip;
    所述FPGA结构根据所属区块链节点收到的交易,获取所述交易涉及的智能合约的寄存器式代码程序;The FPGA structure obtains the register type code program of the smart contract involved in the transaction according to the transaction received by the blockchain node to which it belongs;
    所述FPGA结构将所述寄存器式代码程序传入所述寄存器式片上处理器,使所述寄存器式片上处理器执行所述寄存器式代码程序。The FPGA structure transmits the register type code program to the register type on-chip processor, so that the register type on-chip processor executes the register type code program.
  2. 根据权利要求1所述的方法,在由所述寄存器式片上处理器进行处理的过程中,所述寄存器式代码程序所涉及的操作数被写入所述FPGA芯片上的寄存器中。According to the method of claim 1, in the process of processing by the register type on-chip processor, the operands involved in the register type code program are written into the registers on the FPGA chip.
  3. 根据权利要求1所述的方法,According to the method of claim 1,
    所述寄存器式代码程序由高级语言程序直接编译得到;或者,The register code program is directly compiled by a high-level language program; or,
    所述寄存器式代码程序由字节码程序直接编译得到,所述字节码程序由所述高级语言程序直接编译得到。The register code program is directly compiled by a byte code program, and the byte code program is directly compiled by the high-level language program.
  4. 根据权利要求1所述的方法,还包括:The method according to claim 1, further comprising:
    所述FPGA结构从所属的区块链节点处获得经过加密的交易,并将所述交易传入所述FPGA芯片上的解密模块以得到明文交易内容;其中,所述解密模块由所述已部署的电路逻辑配置文件在所述FPGA芯片上形成;The FPGA structure obtains the encrypted transaction from the blockchain node to which it belongs, and passes the transaction to the decryption module on the FPGA chip to obtain the plaintext transaction content; wherein the decryption module is used by the deployed The circuit logic configuration file of is formed on the FPGA chip;
    在所述交易用于部署智能合约的情况下,所述FPGA结构从所述明文交易内容中提取所述寄存器式代码程序;In the case that the transaction is used to deploy a smart contract, the FPGA structure extracts the register code program from the plaintext transaction content;
    在所述交易用于调用智能合约的情况下,所述FPGA结构从所述明文交易内容中提取合约地址,并基于所述合约地址获取所述寄存器式代码程序。In the case that the transaction is used to call a smart contract, the FPGA structure extracts the contract address from the plaintext transaction content, and obtains the register-style code program based on the contract address.
  5. 根据权利要求4所述的方法,所述FPGA结构基于所述合约地址获取所述寄存器式代码程序,包括:According to the method of claim 4, the FPGA structure acquiring the register code program based on the contract address includes:
    所述FPGA结构向所述区块链节点请求并获得所述合约地址对应的加密后寄存器式代码程序;The FPGA structure requests and obtains the encrypted register-type code program corresponding to the contract address from the blockchain node;
    所述FPGA结构将所述加密后寄存器式代码程序传入所述解密模块,以解密得到所述寄存器式代码程序。The FPGA structure transmits the encrypted register-type code program to the decryption module to decrypt the register-type code program.
  6. 根据权利要求1所述的方法,还包括:The method according to claim 1, further comprising:
    所述FPGA结构将所述寄存器式代码程序运行后更新的合约状态存储于所述FPGA芯片的片上存储空间;或者,The FPGA structure stores the updated contract state after the register-type code program runs in the on-chip storage space of the FPGA chip; or,
    所述FPGA结构通过所述FPGA芯片上的加密模块对所述寄存器式代码程序运行后更新的合约状态进行加密,并将加密后合约状态存储于所述FPGA芯片之外的外部存储空间;其中,所述加密模块由所述已部署的电路逻辑配置文件在所述FPGA芯片上形成。The FPGA structure encrypts the contract state updated after the register code program runs through the encryption module on the FPGA chip, and stores the encrypted contract state in an external storage space outside the FPGA chip; wherein, The encryption module is formed on the FPGA chip by the deployed circuit logic configuration file.
  7. 根据权利要求1所述的方法,所述虚拟机逻辑包括:以太坊虚拟机的执行逻辑或者WASM虚拟机的执行逻辑。The method according to claim 1, wherein the virtual machine logic comprises: the execution logic of the Ethereum virtual machine or the execution logic of the WASM virtual machine.
  8. 一种基于FPGA的安全智能合约处理器的交易处理装置,包括:A transaction processing device based on an FPGA-based secure smart contract processor, including:
    加载单元,使FPGA结构将存储器中已部署的电路逻辑配置文件加载至FPGA芯片上,以在所述FPGA芯片上形成用于实现虚拟机逻辑的寄存器式片上处理器;The loading unit causes the FPGA structure to load the deployed circuit logic configuration file in the memory onto the FPGA chip to form a register-type on-chip processor for realizing virtual machine logic on the FPGA chip;
    获取单元,使所述FPGA结构根据所属区块链节点收到的交易,获取所述交易涉及的智能合约的寄存器式代码程序;The obtaining unit enables the FPGA structure to obtain the register type code program of the smart contract involved in the transaction according to the transaction received by the blockchain node to which it belongs;
    执行单元,使所述FPGA结构将所述寄存器式代码程序传入所述寄存器式片上处理器,使所述寄存器式片上处理器执行所述寄存器式代码程序。The execution unit causes the FPGA structure to transfer the register type code program to the register type on-chip processor, and causes the register type on-chip processor to execute the register type code program.
  9. 一种电子设备,包括:An electronic device including:
    处理器;processor;
    用于存储处理器可执行指令的存储器;A memory for storing processor executable instructions;
    其中,所述处理器通过运行所述可执行指令以实现如权利要求1-7中任一项所述的方法。Wherein, the processor implements the method according to any one of claims 1-7 by running the executable instruction.
  10. 一种计算机可读存储介质,其上存储有计算机指令,该指令被处理器执行时实现如权利要求1-7中任一项所述方法的步骤。A computer-readable storage medium having computer instructions stored thereon, which, when executed by a processor, implements the steps of the method according to any one of claims 1-7.
PCT/CN2020/100492 2019-09-25 2020-07-06 Method and device for transaction processing for fpga-based secure smart contract processor WO2021057167A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910913482.2A CN110738567B (en) 2019-09-25 2019-09-25 Transaction processing method and device of safe intelligent contract processor based on FPGA
CN201910913482.2 2019-09-25

Publications (1)

Publication Number Publication Date
WO2021057167A1 true WO2021057167A1 (en) 2021-04-01

Family

ID=69269582

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/100492 WO2021057167A1 (en) 2019-09-25 2020-07-06 Method and device for transaction processing for fpga-based secure smart contract processor

Country Status (2)

Country Link
CN (1) CN110738567B (en)
WO (1) WO2021057167A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110738567B (en) * 2019-09-25 2021-02-09 支付宝(杭州)信息技术有限公司 Transaction processing method and device of safe intelligent contract processor based on FPGA
CN110688651A (en) * 2019-09-25 2020-01-14 支付宝(杭州)信息技术有限公司 Method and device for realizing state updating based on FPGA
CN111770206B (en) * 2020-08-31 2020-12-29 支付宝(杭州)信息技术有限公司 Method for deploying intelligent contract, block chain node and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109886682A (en) * 2019-01-31 2019-06-14 阿里巴巴集团控股有限公司 The method and node, storage medium that contract calls are realized in block chain
WO2019120315A2 (en) * 2019-03-26 2019-06-27 Alibaba Group Holding Limited Field-programmable gate array based trusted execution environment for use in a blockchain network
CN110032884A (en) * 2019-01-31 2019-07-19 阿里巴巴集团控股有限公司 The method and node, storage medium of secret protection are realized in block chain
CN110245506A (en) * 2019-05-30 2019-09-17 阿里巴巴集团控股有限公司 Intelligent contract administration method and device based on block chain, electronic equipment
CN110738567A (en) * 2019-09-25 2020-01-31 支付宝(杭州)信息技术有限公司 Transaction processing method and device of safe intelligent contract processor based on FPGA

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101834638A (en) * 2010-05-28 2010-09-15 哈尔滨工业大学 Bluetooth communication system capable of identifying target bluetooth function device
US20190095879A1 (en) * 2017-09-26 2019-03-28 Cornell University Blockchain payment channels with trusted execution environments
CN110264361A (en) * 2019-06-24 2019-09-20 深圳前海微众银行股份有限公司 A kind of data analysis method and device of block chain

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109886682A (en) * 2019-01-31 2019-06-14 阿里巴巴集团控股有限公司 The method and node, storage medium that contract calls are realized in block chain
CN110032884A (en) * 2019-01-31 2019-07-19 阿里巴巴集团控股有限公司 The method and node, storage medium of secret protection are realized in block chain
WO2019120315A2 (en) * 2019-03-26 2019-06-27 Alibaba Group Holding Limited Field-programmable gate array based trusted execution environment for use in a blockchain network
CN110245506A (en) * 2019-05-30 2019-09-17 阿里巴巴集团控股有限公司 Intelligent contract administration method and device based on block chain, electronic equipment
CN110738567A (en) * 2019-09-25 2020-01-31 支付宝(杭州)信息技术有限公司 Transaction processing method and device of safe intelligent contract processor based on FPGA

Also Published As

Publication number Publication date
CN110738567B (en) 2021-02-09
CN110738567A (en) 2020-01-31

Similar Documents

Publication Publication Date Title
US11048825B2 (en) Managing a smart contract on a blockchain
CN110020855B (en) Method, node and storage medium for realizing privacy protection in block chain
TW202113645A (en) Managing a smart contract on a blockchain
WO2021057168A1 (en) Method and apparatus for realizing virtual machine operation on the basis of fpga
CN110264195B (en) Receipt storage method and node combining code marking with transaction and user type
CN110245490B (en) Conditional receipt storage method and node combining code labeling and type dimension
CN110266644B (en) Receipt storage method and node combining code marking and transaction types
CN110060054B (en) Method, node, system and storage medium for implementing privacy protection in block chain
WO2021057184A1 (en) Efficient operation method and apparatus for security intelligent contract processor based on fpga
WO2020233637A1 (en) Receipt storage method combining code labelling with user type, and node
CN110264198B (en) Conditional receipt storage method and node combining code labeling and transaction type
CN110020856B (en) Method, node and storage medium for realizing mixed transaction in block chain
CN110264196B (en) Conditional receipt storage method and node combining code labeling and user type
WO2021057166A1 (en) Method and apparatus for implementing external call in fpga
WO2021057167A1 (en) Method and device for transaction processing for fpga-based secure smart contract processor
WO2021057181A1 (en) Fpga-based key negotiation method and device
WO2020233640A1 (en) Receipt storage method and node based on code labeling and determination condition
WO2020233630A1 (en) User type-based receipt storing method and node
WO2020233639A1 (en) Receipt storage method and node based on code labeling and event function type
WO2020233629A1 (en) Object-level receipt storage method and node based on code labeling
WO2021057182A1 (en) Trusted update method and apparatus for fpga logic
WO2021057180A1 (en) Fpga-based privacy blockchain implementation method, and device
WO2020233627A1 (en) Receipt storage method and node based on multiple types of dimensions
WO2021057272A1 (en) Method and apparatus for implementing contract invoking based on fpga
WO2021057273A1 (en) Method and apparatus for realizing efficient contract calling on fpga

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20867956

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20867956

Country of ref document: EP

Kind code of ref document: A1