WO2021088548A1 - Smart contract based privacy data query method and apparatus - Google Patents

Smart contract based privacy data query method and apparatus Download PDF

Info

Publication number
WO2021088548A1
WO2021088548A1 PCT/CN2020/116990 CN2020116990W WO2021088548A1 WO 2021088548 A1 WO2021088548 A1 WO 2021088548A1 CN 2020116990 W CN2020116990 W CN 2020116990W WO 2021088548 A1 WO2021088548 A1 WO 2021088548A1
Authority
WO
WIPO (PCT)
Prior art keywords
query
transaction
contract
party
authority
Prior art date
Application number
PCT/CN2020/116990
Other languages
French (fr)
Chinese (zh)
Inventor
刘琦
闫莺
Original Assignee
蚂蚁区块链科技(上海)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 蚂蚁区块链科技(上海)有限公司 filed Critical 蚂蚁区块链科技(上海)有限公司
Publication of WO2021088548A1 publication Critical patent/WO2021088548A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2458Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
    • G06F16/2471Distributed queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Definitions

  • One or more embodiments of this specification relate to the field of blockchain technology, and in particular to a method and device for querying private data based on smart contracts.
  • Blockchain technology is built on a transmission network (such as a peer-to-peer network).
  • the network nodes in the transmission network use chained data structures to verify and store data, and use distributed node consensus algorithms to generate and update data.
  • TEE Trusted Execution Environment
  • TEE can play the role of a black box in the hardware. Neither the code executed in the TEE nor the data operating system layer can be peeped, and only the pre-defined interface in the code can operate on it.
  • plaintext data is calculated in TEE instead of complex cryptographic operations in homomorphic encryption. There is no loss of efficiency in the calculation process. Therefore, the combination with TEE can achieve less performance loss. Under the premise, the security and privacy of the blockchain are greatly improved. At present, the industry is very concerned about the TEE solution.
  • TEE solutions including TPM (Trusted Platform Module) in software and Intel SGX (Software Guard Extensions) in hardware. , Software Protection Extension), ARM Trustzone (trust zone) and AMD PSP (Platform Security Processor, platform security processor).
  • one or more embodiments of this specification provide a method and device for querying private data based on smart contracts.
  • a method for querying private data based on smart contracts is proposed, which is applied to the blockchain Node; the method includes: when receiving a query transaction for target private data initiated by the querying party, reading the transaction identifier of the historical transaction related to the target private data contained in the query transaction; according to the transaction Identify the acquisition of the historical transaction, and determine the business contract invoked by the historical transaction based on the historical transaction; execute the authority control code defined in the business contract to determine the query authority of the querying party for the target private data When the determined query authority is allowed to query, the decrypted target private data is obtained for viewing by the querying party, and the target private data is read into the trusted execution environment for decryption.
  • a device for querying private data based on smart contracts which is applied to a blockchain node; the device includes: a transaction reading unit, which is initiated by the querying party when received During the query transaction for target privacy data, read the transaction identifier of the historical transaction related to the target privacy data contained in the query transaction; the contract determination unit obtains the historical transaction according to the transaction identifier, and based on the transaction identifier The historical transaction determines the business contract invoked by the historical transaction; the authority query unit executes the authority control code defined in the business contract to determine the query authority of the query party for the target private data; a data acquisition unit, When the determined query authority is query permission, the decrypted target private data is obtained for viewing by the querying party, and the target private data is read into a trusted execution environment for decryption.
  • an electronic device including: a processor; a memory for storing executable instructions of the processor; wherein the processor runs the executable instructions In order to realize the method for querying private data as described in any of the above embodiments.
  • a computer-readable storage medium which stores computer instructions, which when executed by a processor, implements the method described in any of the above-mentioned embodiments. step.
  • Fig. 1 is a schematic diagram of creating a smart contract according to an exemplary embodiment.
  • Fig. 2 is a schematic diagram of invoking a smart contract provided by an exemplary embodiment.
  • Fig. 3 is a schematic diagram of invoking a business contract provided by an exemplary embodiment.
  • Fig. 4 is a flowchart of a method for querying private data based on smart contracts according to an exemplary embodiment.
  • Fig. 5 is a flowchart of another method for querying private data based on smart contracts provided by an exemplary embodiment.
  • Fig. 6 is a schematic structural diagram of a device provided by an exemplary embodiment.
  • Fig. 7 is a block diagram of a device for querying private data based on smart contracts according to an exemplary embodiment.
  • the steps of the corresponding method are not necessarily executed in the order shown and described in this specification.
  • the method may include more or fewer steps than described in this specification.
  • a single step described in this specification may be decomposed into multiple steps for description in other embodiments; and multiple steps described in this specification may also be combined into a single step in other embodiments. description.
  • Block chains are generally divided into three types: Public Blockchain, Private Blockchain and Consortium Blockchain.
  • the public chain is represented by Bitcoin and Ethereum. Participants who join the public chain can read the data records on the chain, participate in transactions, and compete for the accounting rights of new blocks. Moreover, each participant (ie, node) can freely join and exit the network, and perform related operations.
  • the private chain is the opposite.
  • the write permission of the network is controlled by an organization or institution, and the data read permission is regulated by the organization.
  • the private chain can be a weakly centralized system with strict restrictions and few participating nodes.
  • This type of blockchain is more suitable for internal use by specific institutions.
  • Consortium chain is a block chain between public chain and private chain, which can realize "partial decentralization".
  • Each node in the alliance chain usually has a corresponding entity or organization; participants are authorized to join the network and form a stakeholder alliance to jointly maintain the operation of the blockchain.
  • a smart contract on the blockchain is a contract that can be triggered and executed by a transaction on the blockchain system.
  • Smart contracts can be defined in the form of codes.
  • EVM Ethereum Virtual Machine
  • Every Ethereum node can run EVM.
  • EVM is a Turing complete virtual machine, which means that various complex logic can be implemented through it.
  • Users who publish and call smart contracts in Ethereum run on the EVM.
  • the virtual machine directly runs is the virtual machine code (virtual machine bytecode, hereinafter referred to as "byte code").
  • the smart contract deployed on the blockchain can be in the form of bytecode.
  • the EVM of node 1 can execute the transaction and generate a corresponding contract instance.
  • the "0x6f8ae93" in Figure 1 represents the address of this contract, the data field of the transaction can be stored in bytecode, and the to field of the transaction is empty.
  • the contract is successfully created and can be called in the subsequent process.
  • a contract account corresponding to the smart contract appears on the blockchain and has a specific address, and the contract code will be stored in the contract account.
  • the behavior of the smart contract is controlled by the contract code.
  • smart contracts enable virtual accounts containing contract codes and account storage (Storage) to be generated on the blockchain.
  • the EVM of a certain node can execute the transaction and generate a corresponding contract instance.
  • the from field of the transaction in Figure 2 is the address of the account of the transaction initiator (ie Bob), the "0x6f8ae93" in the to field represents the address of the called smart contract, and the value field in Ethereum is the value of Ether ,
  • the method and parameters of calling the smart contract are stored in the data field of the transaction.
  • the smart contract is executed independently on each node in the blockchain network in a prescribed manner. All execution records and data are stored on the blockchain. Therefore, when the transaction is completed, the blockchain will be stored on the blockchain that cannot be tampered with. Lost transaction certificate.
  • the receipt data obtained by a node executing a transaction can include the following content: Result field, indicating the execution result of the transaction; Gas used field, indicating the gas value consumed by the transaction; Logs field, indicating the log generated by the transaction, and the log can be It further includes the From field, To field, Topic field, Log data field, etc.
  • the From field represents the account address of the initiator of the call
  • the To field represents the account address of the called object (such as a smart contract)
  • the Topic field represents the subject of the log.
  • the Log data field indicates log data
  • the Output field indicates the output of the transaction.
  • the receipt data generated after the transaction is executed is stored in plain text, and anyone can see the contents of the above-mentioned receipt fields contained in the receipt data, and there is no privacy protection setting and ability.
  • the block chain is a data set stored in a database of a node and organized by a specific logic.
  • the physical carrier of the database may be a storage medium, such as a persistent storage medium.
  • only part of the content of the receipt data may be sensitive, while other content is not sensitive. Only sensitive content needs to be protected for privacy, and other content can be disclosed. In some cases, it may even be necessary to perform retrieval of part of the content to drive The implementation of related operations, then the implementation of privacy protection for this part of the content will affect the implementation of retrieval operations.
  • Step 302 User A creates a transaction for invoking a business contract, and sends the created transaction to the blockchain node.
  • User A can invoke the smart contract (ie, business contract) deployed on the blockchain by creating a transaction (including the account address of the called smart contract), so that the blockchain node executes the business contract to complete the corresponding business.
  • user A can use digital envelope encryption to encrypt the created transaction, which combines a symmetric encryption algorithm and an asymmetric encryption algorithm.
  • the transaction content is encrypted using a symmetric encryption algorithm (that is, the transaction content is encrypted using the symmetric key used by itself), and then the public key of the asymmetric encryption algorithm is used to encrypt the symmetric key.
  • Step 304 the blockchain node executes the business contract.
  • the blockchain node After receiving the encrypted transaction, the blockchain node reads the transaction into the TEE, first uses the private key of the asymmetric encryption algorithm to decrypt the symmetric key, and then uses the decrypted symmetric key to decrypt the transaction Obtain the transaction content, and then execute the business code of the business contract within the TEE.
  • step 306 the blockchain node stores private data related to the transaction.
  • the blockchain node after receiving the transaction, the blockchain node (after passing the consensus) will publish the transaction (encrypted in the form of a digital envelope) to the blockchain for certification.
  • the blockchain node executes the transaction, it will also encrypt and store the relevant data obtained from the execution of the transaction (publish it on the blockchain for certification, or store it locally); among them, for the transaction corresponding to the transaction
  • the receipt can be encrypted with the symmetric key used by user A
  • the contract status data obtained in response to the execution of the business contract in response to the transaction can be encrypted with a specific symmetric key inside the TEE.
  • data such as user A's account attribute information, business contract account attribute information, and business contract contract code can also be encrypted using a specific symmetric key inside the TEE.
  • the data encrypted by these blockchain nodes above all belong to user A's private data on the blockchain.
  • the user may need to share the privacy data related to the business realized by the blockchain to some specific users for viewing, that is, these specific users can view the privacy related to the historical transactions initiated by the user. data.
  • the query authority can be set for the user's private data, so that other users who are allowed to query can view it.
  • the following describes the private data query scheme of this specification in conjunction with FIG. 4.
  • FIG. 4 is a flowchart of a method for querying private data based on smart contracts according to an exemplary embodiment. As shown in FIG. 4, the method is applied to a blockchain node and may include the following steps 402 to 408.
  • Step 402 When receiving a query transaction for target privacy data initiated by the querying party, read the transaction identifier of the historical transaction related to the target privacy data included in the query transaction.
  • the initiator invokes the business contract that has been deployed on the blockchain to execute the corresponding business code through the historical transaction, thereby completing the corresponding business.
  • the business contract in addition to defining the business code corresponding to the business in the business contract, it is also necessary to define the authority control code of the privacy data related to the transaction that invokes the business contract in the business contract to determine Whether the inquirer of this private data is allowed to inquire.
  • the permission control code in the business contract the private data can be associated with the permission control code that controls the query permission of the private data, so that each business contract can control the private data related to the transaction calling itself.
  • the development and deployment of business contracts can be completed by roles such as blockchain users, blockchain members, and blockchain administrators. Take the consortium chain as an example.
  • Blockchain members or blockchain users, administrators
  • accounting authority set up authority control rules, and define the authority control rules in the form of authority control codes in the business contract (also Defined the business code).
  • the blockchain member can publish the business contract to the alliance chain through any node device in the alliance chain, and the business contract is specified by the member node device in the alliance chain. (For example, several authoritative node devices with accounting authority designated in the consortium chain) After completing the consensus, they are included in the distributed database (ie, distributed ledger) of the consortium chain.
  • the deploying party of the business contract i.e., ordinary users or ordinary members with accounting authority
  • Related privacy data i.e., ordinary users or ordinary members with accounting authority
  • the consensus algorithms supported in the blockchain can include: the first type of consensus algorithm, that is, the consensus algorithm that node devices need to compete for the accounting right of each round of accounting cycle; for example, Proof of Work (POW) ), Proof of Stake (POS), Delegated Proof of Stake (DPOS) and other consensus algorithms; the second type of consensus algorithm, that is, pre-election of accounting nodes for each round of accounting cycle (no need to compete Accounting rights) consensus algorithms; for example, practical Byzantine Fault Tolerance (PBFT) and other consensus algorithms.
  • the first type of consensus algorithm that is, the consensus algorithm that node devices need to compete for the accounting right of each round of accounting cycle
  • POW Proof of Work
  • POS Proof of Stake
  • DPOS Delegated Proof of Stake
  • PBFT Practical Byzantine Fault Tolerance
  • all node devices that compete for the right to bookkeeping can execute the transaction after receiving the transaction.
  • one node device may win this round of contention for the right to bookkeeping and become the bookkeeping node.
  • the accounting node can package the received transaction with other transactions to generate the latest block, and send the generated latest block or the block header of the latest block to other node devices for consensus.
  • the node device with the right to book accounts has been agreed before this round of bookkeeping. Therefore, after the node device receives the transaction, if it is not the billing node of this round, it can send the transaction to the billing node.
  • the transaction can be executed during or before the process of packaging the transaction with other transactions to generate the latest block.
  • the accounting node After the accounting node generates the latest block, it can send the latest block or the block header of the latest block to other node devices for consensus.
  • the accounting node of this round can package the received transaction to generate the latest block, and the generated latest block or the latest block
  • the header of the block is sent to other node devices for consensus verification. If other node devices receive the latest block or the block header of the latest block, and there is no problem after verification, the latest block can be appended to the end of the original blockchain to complete the accounting process of the blockchain. In the process of verifying the new block or block header sent by the accounting node, other nodes can also execute the transaction contained in the block.
  • each business contract only controls the query authority of private data related to the transaction that invokes itself. Therefore, when a user (as a query party) initiates a query transaction for target private data related to a historical transaction (initiated by any other user), the blockchain node needs to determine the business that controls the query authority of the target private data Contract, and then the business contract can be invoked to achieve permission control.
  • a distribution contract can be deployed on the blockchain in advance to identify whether the transaction received by the blockchain node is a query transaction, and when the received transaction is When querying a transaction, the corresponding business contract is further called to execute the authority control code (it can be understood as distributing the query transaction to the corresponding business contract).
  • the distribution code can be defined in the distribution contract, and the distribution code is used to call the business contract to execute the permission control code defined in the business contract. Therefore, the query transaction created by the querying party is a transaction for invoking the distribution contract. Then, when any transaction received by the blockchain node is used to call the distribution contract, any transaction can be used as a query transaction.
  • Step 404 Obtain the historical transaction according to the transaction identifier, and determine the business contract invoked by the historical transaction based on the historical transaction.
  • the transaction identifier of the historical transaction can be obtained by offline sharing between the initiator and the inquiring party of the historical transaction, or by any other means.
  • a querying party creates a query transaction, it can record the hash value (as a transaction identifier) of the historical transaction notified by the initiator of the historical transaction in the data field of the query transaction.
  • the blockchain node receives the query transaction, it can obtain the historical transaction stored on the blockchain through the hash value, and then according to the to field of the historical transaction (used to record the contract address of the called smart contract) Determine the business contract invoked by this historical transaction.
  • Step 406 Execute the authority control code defined in the business contract to determine the query authority for the target private data.
  • the blockchain node After the blockchain node determines that the received transaction is a query transaction and determines the business contract called by the historical transaction, it calls the distribution contract to execute the distribution code defined in the distribution contract, thereby calling the determined business Contract execution authority control code.
  • the distribution contract can be designed as a system-level smart contract. Therefore, the development and deployment of the distribution contract can be completed by the administrator of the blockchain. Also taking the alliance chain as an example, an administrator with management authority develops the distribution logic (calls the business contract based on the contract address of the business contract called by the historical transaction recorded in the query transaction), and distributes the logic in the form of code distribution Defined in the distribution contract. After completing the development of the distribution contract, the administrator can publish the distribution contract to the alliance chain for deployment (similar to the above-mentioned process of deploying smart contracts).
  • the distribution contract can be deployed through the genesis block of the blockchain, that is, the distribution contract is deployed when the blockchain is built, and the contract code of the distribution contract is recorded in the genesis block.
  • the distribution contract can be deployed in the subsequent process of building the blockchain; for example, the administrator wants to increase the permission query function in the subsequent use process. Then, the administrator can initiate a transaction to create a distribution contract to deploy the distribution contract on the blockchain.
  • the to field of the transaction is an empty string, and the binary code for initializing the contract is specified in the data field. When the contract is called later, the execution result of the code will be the contract code.
  • the above-mentioned distribution logic can also be solidified into the chain code in the form of distribution code, and released together with the chain code.
  • the administrator needs to deploy later, and the contract code is solidified in the chain code, making the contract code controllable and effectively improving security.
  • the operation of distributing the query transaction to the corresponding business contract is completed by the blockchain node itself, rather than by calling a smart contract.
  • the type of request initiated on the blockchain by a user who accesses the blockchain may specifically refer to a transaction used in a traditional blockchain.
  • the type of request initiated on the blockchain by a user who accesses the blockchain can also be other than a transaction, other forms of instructions, messages, etc. with a standard data structure, one or more embodiments of this specification It is not particularly limited.
  • the request initiated on the blockchain by the user accessing the blockchain is taken as an example for description.
  • the permission control rules defined in the form of permission control codes in the business contract can be flexibly set according to actual needs; of course, one or more embodiments of this specification do not limit the specific content of the permission control rules.
  • the identity information of the inquiring party can be used as the basis for authority control.
  • the inquiry transaction should contain the inquiring party's identity information.
  • the identity information of the inquiring party is the account ID (ie account address) of the inquiring party, and the account ID may be recorded in the from field of the inquiry transaction.
  • the permission control rule can be set to allow the querying party to query corresponding private data when the identity information of the querying party meets specific conditions.
  • the inquiry authority of the inquiring party can be determined to allow the inquiry, or when the inquiring party's credit score exceeds the preset credit threshold, the inquiry authority of the inquiring party can be determined to be allowed Query and so on. Therefore, when determining the query authority of the querying party, the authority control code defined in the business contract can be executed to determine the querying party's query authority for the target private data according to the identity information of the querying party.
  • the identity information of the inquiring party and the identity information of the initiator of the historical transaction can be used together as the basis for permission control, then the permission control rules can be set as the identity information of the inquiring party and the identity of the initiator
  • the query party is allowed to query the corresponding private data.
  • the query group and the queried group are recorded in the permission control rules, and members belonging to the query group are allowed to view the private data of the members of the queried group; or, the permission control rules directly record the correspondence of which other users each user can view; or
  • the inquiry authority of the inquiry party can be determined to allow inquiry and so on.
  • the identity information of the initiator of the historical transaction can be obtained based on the historical transaction, and then the authority control code defined in the business contract is executed, so as to be based on the identity information of the inquiring party and the identity of the initiator.
  • the information determines the querying authority of the querying party for the target private data.
  • the identity information of the initiator of the historical transaction can be used as the basis for permission control.
  • the permission control rules can be set to allow the inquiring party to query the corresponding information when the initiator’s identity information meets specific conditions. Privacy data. For example, when the initiator belongs to a pre-designated set of users that can be queried, the query authority of the inquiring party can be determined to allow the query, or when the credit score of the initiator exceeds the preset credit threshold, the query authority of the inquiring party can be determined to be allowed Query and so on.
  • the identity information of the initiator of the historical transaction can be obtained based on the historical transaction, and then the authority control code defined in the business contract is executed to determine that the inquirer is targeting the target according to the identity information of the initiator. Query permissions for private data.
  • Step 408 When the determined query authority is allowed to query, obtain the decrypted target private data for viewing by the querying party, and the target private data is read into a trusted execution environment for decryption.
  • the privacy data is encrypted and stored. Therefore, when it is determined that the query authority of the querying party is allowed to query, the target private data is obtained and the obtained target private data is read into the trusted execution environment for decryption, so as to be obtained by the querying party.
  • the target privacy data can be obtained according to the transaction identification.
  • the decryption method used is also different (because the encryption method is different).
  • the target privacy data includes historical transactions and/or transaction receipts of historical transactions
  • both historical transactions and transaction receipts of historical transactions are encrypted with the symmetric key used by the initiator of the historical transaction . Therefore, after obtaining the historical transaction and/or the transaction receipt of the historical transaction, the symmetric key used by the initiator (user A in the embodiment shown in FIG. 3) can be obtained first, and then the symmetric key can be passed in the TEE. The key decrypts historical transactions and/or transaction receipts of historical transactions.
  • the symmetric key used to encrypt historical transactions can be obtained first (the symmetric key is encrypted by the public key used by the initiator, that is, the digital envelope is used in the embodiment shown in FIG. 3). Encryption), the symmetric key is decrypted in the TEE through the private key corresponding to the public key used by the initiator to obtain the decrypted symmetric key.
  • the process of obtaining historical transactions and decrypting historical transactions is performed when step 404 is performed, that is, obtaining historical transactions according to the transaction identifier, and decrypting historical transactions to obtain plaintext transaction content, thereby Determine the business contract called by the historical transaction based on the content of the plaintext transaction. Therefore, when it is determined that the query permission is allowed to query, (no need to perform the operations of obtaining historical transactions and decrypting historical transactions) directly obtain the decrypted historical transactions for the querying party to view.
  • the symmetric key used by the initiator can be generated by the initiator through a symmetric encryption algorithm, or obtained through negotiation between the initiator and the blockchain node, or sent by the key management server.
  • the symmetric encryption algorithm for example, it may be the DES algorithm, the 3DES algorithm, the TDEA algorithm, the Blowfish algorithm, the RC5 algorithm, the IDEA algorithm, and so on.
  • the public key used by the initiator is sent to the initiator by the key management server through remote certification, the TEE of the blockchain node is established by the SGX architecture, and the private key corresponding to the public key is sent to the blockchain by the key management server through remote certification Enclave of nodes (enclave, also called enclave).
  • the asymmetric encryption algorithm used to generate the public key and the private key can be, for example, RSA, Elgamal, knapsack algorithm, Rabin, D-H, ECC (elliptic curve encryption algorithm), etc.
  • the target privacy data includes at least one of the account attribute information of the initiator of the historical transaction, the account attribute information of the business contract, the contract code of the business contract, and the contract status data of the business contract
  • these Private data is encrypted with a specific symmetric key inside the TEE. Therefore, after obtaining these private data, the private data can be decrypted by the specific symmetric key of the blockchain node in the TEE.
  • the SGX structure of the blockchain node is sent by the key management server after remote certification, or it is negotiated between the blockchain node and other blockchain nodes.
  • the querying party when the querying party initiates a query transaction, it can also use the symmetric key used by itself to encrypt the created query transaction, and use its own symmetric key to encrypt the created query transaction.
  • the public key encrypts the symmetric key. Therefore, after receiving the query transaction, the blockchain node first decrypts the symmetric key of the encrypted query transaction through the private key corresponding to the public key used by the querying party in the TEE, and then queries the transaction through the symmetric key pair obtained by decryption Decryption is performed to obtain the transaction content contained in the query transaction.
  • the blockchain node After obtaining the target private data and decrypting the target private data, the blockchain node can encrypt the decrypted target private data with the symmetric key of the querying party, so that the querying party can use the symmetric key pair used by itself.
  • the target private data is decrypted and viewed, thereby avoiding the target private data from being leaked.
  • the sources of the symmetric key, public key, and private key used for privacy protection of the query party are similar to those described above, and will not be repeated here.
  • the asymmetric keys (public key and private key) used in this process can be the asymmetric keys used for the privacy protection of the initiator as described above.
  • a contract receipt indicating that the inquiry party prohibits inquiry of the target private data may be generated to be viewed by the inquiry party.
  • the process of user B as the inquiring party inquiring the target private data may include the following steps.
  • step 502 the user B creates a query transaction by using the client terminal.
  • the to field of the query transaction records the contract address of the distribution contract, and the hash value (ie transaction ID) of the historical transaction can also be recorded in the data field (or other fields) of the query transaction.
  • the hash value of historical transactions can be obtained by offline sharing between user B and user A, or obtained by any other means.
  • step 504 the user B uses the digital envelope encryption to query the transaction through the client.
  • Step 506 User B initiates a query transaction to the blockchain node through the client.
  • step 508 the blockchain node decrypts the query transaction in the TEE.
  • TEE is a secure extension based on CPU hardware and a trusted execution environment that is completely isolated from the outside.
  • TEE was first proposed by Global Platform to solve the security isolation of resources on mobile devices, and parallel to the operating system to provide a trusted and secure execution environment for applications.
  • ARM's Trust Zone technology is the first to realize the real commercial TEE technology.
  • security requirements are getting higher and higher.
  • Not only mobile devices, cloud devices, and data centers have put forward more demands on TEE.
  • the concept of TEE has also been rapidly developed and expanded. Compared with the originally proposed concept, the TEE referred to now is a more generalized TEE. For example, server chip manufacturers Intel, AMD, etc.
  • TEE hardware-assisted TEE
  • enriched the concept and characteristics of TEE which has been widely recognized in the industry.
  • the TEE mentioned now usually refers more to this kind of hardware-assisted TEE technology.
  • cloud access requires remote access, and the end user is invisible to the hardware platform. Therefore, the first step in using TEE is to confirm the authenticity of TEE. Therefore, the current TEE technology has introduced a remote certification mechanism, which is endorsed by hardware manufacturers (mainly CPU manufacturers) and through digital signature technology to ensure that users can verify the state of the TEE.
  • security needs that can't be met by only secure resource isolation, further data privacy protection has also been proposed.
  • TEEs including Intel SGX and AMD SEV also provide memory encryption technology to limit the trusted hardware to the CPU, and the data on the bus and memory are ciphertexts to prevent malicious users from snooping.
  • TEE technologies such as Intel’s Software Protection Extensions (SGX) isolate code execution, remote attestation, secure configuration, secure storage of data, and trusted paths for code execution.
  • the applications running in TEE are protected by security and are almost impossible to be accessed by third parties.
  • SGX provides a circle, that is, an encrypted trusted execution area in the memory, and the CPU protects data from being stolen.
  • the SGX-supported CPU used by the blockchain node as an example.
  • EPC Enclave Page Cache, Enclave Page Cache, Enclave Page Cache
  • the engine MEE Memory Encryption Engine
  • SGX users can distrust the operating system, VMM (Virtual Machine Monitor), and even BIOS (Basic Input Output System). They only need to trust the CPU to ensure that private data will not leakage.
  • the key of the asymmetric encryption algorithm can be generated by the key management server.
  • the key management server sends the private key to the blockchain node, specifically, it can be passed into the circle of the blockchain node.
  • Blockchain nodes can contain multiple enclosures, and the above private key can be passed into the security enclosures in these enclosures; for example, the security enclosure can be a QE (Quoting Enclave) enclosure instead of AE (Application Enclave) ) Encircle the circle.
  • QE Quoting Enclave
  • AE Application Enclave
  • the client can use the symmetric encryption algorithm to encrypt the created transaction, that is, use the symmetric key of the symmetric encryption algorithm to encrypt the transaction content, and use the asymmetric encryption algorithm to encrypt the symmetric key used in the symmetric encryption algorithm.
  • the public key of the asymmetric encryption algorithm is used to encrypt the symmetric key used in the symmetric encryption algorithm.
  • the above encryption method is called digital envelope encryption.
  • step 510 the blockchain node determines that the received transaction is a query transaction for invoking the distribution contract.
  • the blockchain node after receiving any transaction, the blockchain node reads the content of the to field of the transaction.
  • the content of the to field is the contract address of the distribution contract, it means that the transaction is used to call the distribution contract, and then it can be determined that the transaction is a query transaction.
  • Step 512 The blockchain node reads the hash value contained in the query transaction.
  • step 514 the blockchain node obtains the from field and to field of the historical transaction according to the hsah value.
  • the content of the from field of the historical transaction is the address of the initiator of the historical transaction (in this embodiment, the identity information of the initiator), and the content of the to field of the historical transaction is the contract of the business contract invoked by the historical transaction address.
  • step 516 the blockchain node sends the from field and to field of the historical transaction to the distribution contract.
  • Step 518 The distribution contract determines the business contract invoked by the historical transaction according to the to field of the historical transaction.
  • Step 520 the distribution contract calls the business contract.
  • Step 522 The business contract determines the query authority of user B according to the from field of the query transaction and the from field of the historical transaction.
  • the identity information of the inquiring party and the initiator of the historical transaction are jointly used as the basis for permission control as an example.
  • the permission control rules (defined in the business contract in the form of permission control codes) record the query group and the queried group, and members belonging to the query group are allowed to view the private data of the queried group members; or, directly record in the permission control rules
  • Each user can view the corresponding relationship of which other users.
  • the account address is used as the user's identity information.
  • the blockchain node executes the authority control code defined in the business contract to determine according to the account address of the querying party (the content of the from field of the query transaction) and the account address of the initiator of the historical transaction (the content of the from field of the historical transaction) User B's query authority.
  • Step 524 The business contract returns the query authority of user B to the blockchain node.
  • Step 526 When the query permission of user B is allowed to query, the blockchain node obtains the target private data.
  • the blockchain node can obtain the target private data according to the hash value of the historical transaction.
  • a contract receipt regarding user B's forbidden to query the target private data can be generated for user B to view.
  • the blockchain node returns to user B a query-forbidden receipt to inform user B that the query permission is forbidden to query.
  • step 528 the blockchain node reads the target privacy data into the TEE for decryption.
  • the target privacy data includes historical transactions and/or transaction receipts of historical transactions
  • both historical transactions and transaction receipts of historical transactions are encrypted with the symmetric key used by the initiator of the historical transaction . Therefore, after obtaining the historical transaction and/or transaction receipt of the historical transaction, the symmetric key used by user A can be obtained first, and then the transaction receipt of the historical transaction and/or historical transaction can be decrypted by the symmetric key in the TEE .
  • the symmetric key used to encrypt historical transactions (the symmetric key is encrypted by the public key used by user A) can be obtained first, and the public key used with user A can be used in the TEE The corresponding private key decrypts the symmetric key to obtain the decrypted symmetric key.
  • the process of obtaining historical transactions and decrypting historical transactions is executed when step 514 is performed, that is, obtaining historical transactions according to the hash value of historical transactions, and decrypting historical transactions to obtain historical transactions
  • the clear text transaction content of the transaction so as to read the from field and to field of historical transactions. Therefore, in this case, when it is determined that the query permission is allowed to query, (no need to perform the operations of obtaining historical transactions and decrypting historical transactions) directly obtain the decrypted historical transactions for the querying party to view.
  • the target privacy data includes at least one of user A's account attribute information, business contract account attribute information, business contract contract code, business contract contract status data
  • the specific symmetric key of the blockchain node can be passed in the TEE Decrypt these private data.
  • the specific symmetric key can be a seal (Simple Encrypted Arithmetic Library) key, which can be sent to the blockchain node by the key management server after being remotely attested, or it can be between each blockchain node After negotiation, the blockchain node uses the seal key to encrypt and decrypt private data.
  • the key management server sends the symmetric key to the blockchain node, or the symmetric key negotiated between the various blockchain nodes may not be the above-mentioned seal key, but the root key (root key). ), and the above-mentioned seal key may be a derived key of the root key.
  • the root key can irreversibly derive several versions of derived keys in turn, and any two adjacent keys can irreversibly derive a low version key from a higher version key, thereby forming a chained key Derivative structure.
  • the root key and the version factor 0xFF the decimal value is 255, that is, the version number of the key that needs to be generated; of course, You can also use other values
  • hash calculation to obtain the key key-255 with the version number 255; by hashing the key key-255 and the version factor 0xFE, the key key- with the version number 254 is obtained. 254; ...
  • the key key-0 By hashing the key key-1 and the version factor 0x00, the key key-0 with the version number of 0 is obtained. Due to the characteristics of the hash algorithm, the calculation between the high version key and the low version key is irreversible. For example, the key key-0 can be calculated from the key key-1 and the version factor 0x00, but the key cannot be passed through the key. -0 and version factor 0x00 deduces the key key-1.
  • a certain version of the derived key can be designated as the above-mentioned seal key to encrypt private data.
  • the seal key can also be version updated, and based on the above-mentioned features, it should be updated from the lower version key to the higher version key, so that even if the lower version key is leaked, the higher version key cannot be reversed. Version key to ensure sufficient data security.
  • step 530 the blockchain node uses the user B's symmetric key to encrypt the target private data.
  • Step 532 User B views the target privacy data.
  • the blockchain node after the blockchain node encrypts the target private data, it can generate an event containing the target private data and store it in the blockchain log. Then, user B can use the client to call back through the blockchain Mechanism to obtain the event, so as to view the target privacy data. After obtaining the target private data, user B uses the symmetric key used by the client to decrypt the target private data to obtain the private data of the plaintext content.
  • the blockchain node after the blockchain node encrypts the target private data, it can directly return the encrypted target private data to the client used by the user B.
  • user B uses the symmetric key used by the client to decrypt the target private data to obtain the private data of the plaintext content.
  • this specification also provides an embodiment of a private data query device based on a smart contract.
  • the embodiment of the privacy data query device based on smart contract in this specification can be applied to electronic equipment.
  • the device embodiments can be implemented by software, or can be implemented by hardware or a combination of software and hardware.
  • Taking software implementation as an example as a logical device, it is formed by reading the corresponding computer program instructions in the non-volatile memory into the memory through the processor of the electronic device where it is located.
  • FIG. 6 is a schematic structural diagram of a device provided by an exemplary embodiment.
  • the device includes a processor 602, an internal bus 604, a network interface 606, a memory 608, and a non-volatile memory 610.
  • the processor 602 reads the corresponding computer program from the non-volatile memory 610 to the memory 608 and then runs it to form a smart contract-based privacy data query device at the logical level.
  • one or more embodiments of this specification do not exclude other implementations, such as logic devices or a combination of software and hardware, etc. That is to say, the execution subject of the following processing flow is not limited to each
  • the logic unit can also be a hardware or a logic device.
  • the query device is applied to a blockchain node and may include the following units.
  • the transaction reading unit 701 when receiving a query transaction for target private data initiated by the querying party, reads the transaction identifier of the historical transaction related to the target private data included in the query transaction.
  • the contract determining unit 702 obtains the historical transaction according to the transaction identifier, and determines the business contract invoked by the historical transaction based on the historical transaction
  • the authority query unit 703 executes the authority control code defined in the business contract to determine the query authority of the query party for the target private data.
  • the data obtaining unit 704 obtains the decrypted target private data for viewing by the inquiring party when the determined query authority is allowed to query, and the target private data is read into the trusted execution environment for decryption.
  • the device when any transaction received is used to invoke a distribution contract, the any transaction is regarded as the query transaction; the device further includes: a contract invocation unit 705, which executes the distribution defined in the distribution contract Code to call the business contract to execute the permission control code.
  • the target privacy data includes at least one of the following: the historical transaction, a transaction receipt corresponding to the historical transaction, the account attribute information of the initiator of the historical transaction, and the account attribute information of the business contract , The contract code of the business contract, and the contract status data of the business contract.
  • the target privacy data includes the historical transaction and/or the transaction receipt; the target privacy data is decrypted in the following manner: the symmetric key used by the initiator is obtained; The target private data is decrypted by the symmetric key in the execution environment.
  • the data obtaining unit 704 is further configured to: obtain a symmetric key used to encrypt the historical transaction, the symmetric key being encrypted by the public key used by the initiator; in the trusted execution environment The private key corresponding to the public key used by the initiator is used to decrypt the symmetric key to obtain the decrypted symmetric key.
  • the public key used by the initiator is sent to the initiator by the key management server through remote certification, and the trusted execution environment of the blockchain node is established by the SGX architecture, and corresponds to the public key
  • the private key is sent to the circle of blockchain nodes by the key management server through remote certification.
  • the target privacy data includes at least one of account attribute information of the initiator of the historical transaction, account attribute information of the business contract, contract code of the business contract, and contract status data of the business contract 1.
  • Decrypt the target privacy data in the following ways:
  • the target private data is decrypted through the specific symmetric key of the blockchain node in the trusted execution environment.
  • the trusted execution environment of the blockchain node is established by the SGX architecture, and the specific symmetric key is sent by the key management server after the SGX architecture of the blockchain node is remotely certified, or is It is obtained through negotiation between the blockchain node and other blockchain nodes.
  • the authority query unit 703 is specifically configured to execute the authority control code defined in the business contract to determine the query authority of the query party for the target private data according to the identity information of the query party;
  • the device further includes: an identity obtaining unit 706, which obtains the identity information of the initiator of the historical transaction based on the historical transaction;
  • the authority query unit 703 is specifically configured to: execute the authority control defined in the business contract Code to determine the query authority of the query party for the target private data according to the identity information of the query party and the identity information of the initiator; or, execute the authority control code defined in the business contract to The identity information of the initiator determines the query authority of the querying party for the target private data.
  • the symmetric key used to encrypt the query transaction is encrypted by the public key used by the query party.
  • the device After receiving the query transaction, the device further includes: a transaction decryption unit 707, which encrypts the symmetry of the query transaction in the trusted execution environment through a private key corresponding to the public key used by the query party Key decryption: decrypt the query transaction using the symmetric key obtained by decryption to obtain the transaction content contained in the query transaction; after decrypting the target private data, the device further includes: a data encryption unit 708, The decrypted target private data is encrypted by the symmetric key of the inquiring party.
  • a transaction decryption unit 707 which encrypts the symmetry of the query transaction in the trusted execution environment through a private key corresponding to the public key used by the query party Key decryption: decrypt the query transaction using the symmetric key obtained by decryption to obtain the transaction content contained in the query transaction; after decrypting the target private data, the device further includes: a data encryption unit 708, The decrypted target private data is encrypted by the symmetric key of the inquiring party.
  • it further includes: a privacy processing unit 709, when the determined query authority is query prohibition, generate a contract receipt indicating that the query party prohibits querying the target private data for viewing by the query party.
  • a typical implementation device is a computer.
  • the computer may be, for example, a personal computer, a laptop computer, a cell phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or Any combination of these devices.
  • the embodiments of the present invention can be provided as a method, a system, or a computer program product. Therefore, the present invention may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, the present invention may adopt the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program codes.
  • computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
  • program modules include routines, programs, objects, components, data structures, etc. that perform specific tasks or implement specific abstract data types.
  • This specification can also be practiced in distributed computing environments. In these distributed computing environments, tasks are performed by remote processing devices connected through a communication network. In a distributed computing environment, program modules can be located in local and remote computer storage media including storage devices.
  • These computer program instructions can also be stored in a computer-readable memory that can guide a computer or other programmable data processing equipment to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction device.
  • the device implements the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
  • These computer program instructions can also be loaded on a computer or other programmable data processing equipment, so that a series of operation steps are executed on the computer or other programmable equipment to produce computer-implemented processing, so as to execute on the computer or other programmable equipment.
  • the instructions provide steps for implementing the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
  • the computer includes one or more processors (CPU), input/output interfaces, network interfaces, and memory.
  • the memory may include non-permanent memory in a computer-readable medium, random access memory (RAM) and/or non-volatile memory, such as read-only memory (ROM) or flash memory (flash RAM).
  • RAM random access memory
  • ROM read-only memory
  • flash RAM flash memory
  • Computer-readable media include permanent and non-permanent, removable and non-removable media, and information storage can be realized by any method or technology.
  • the information can be computer-readable instructions, data structures, program modules, or other data.
  • Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technology, CD-ROM, digital versatile disc (DVD) or other optical storage, Magnetic cassettes, disk storage, quantum memory, graphene-based storage media or other magnetic storage devices or any other non-transmission media can be used to store information that can be accessed by computing devices. According to the definition in this article, computer-readable media does not include transitory media, such as modulated data signals and carrier waves.
  • first, second, third, etc. may be used to describe various information in one or more embodiments of this specification, the information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other.
  • first information may also be referred to as second information, and similarly, the second information may also be referred to as first information.
  • word “if” as used herein can be interpreted as "when” or “when” or "in response to determination”.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Business, Economics & Management (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Finance (AREA)
  • Data Mining & Analysis (AREA)
  • Accounting & Taxation (AREA)
  • Bioethics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Business, Economics & Management (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Medical Informatics (AREA)
  • Fuzzy Systems (AREA)
  • Mathematical Physics (AREA)
  • Probability & Statistics with Applications (AREA)
  • Computational Linguistics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

One or more embodiments of the present description provide a smart contract based privacy data query method and apparatus. The method is applied to a blockchain node, and comprises: when receiving a query transaction for target privacy data initiated by a query party, reading a transaction identifier of a historical transaction relevant to the target privacy data and contained in the query transaction; obtaining the historical transaction according to the transaction identifier, and based on the historical transaction, determining a service contract called by the historical transaction; executing authority control codes defined in the service contract to determine a query authority of the query party for the target privacy data; and when the determined query authority is query allowed, obtaining the decoded target privacy data for viewing by the query party, the target privacy data being read into a trusted execution environment for decoding.

Description

基于智能合约的隐私数据查询方法及装置Method and device for querying private data based on smart contract 技术领域Technical field
本说明书一个或多个实施例涉及区块链技术领域,尤其涉及一种基于智能合约的隐私数据查询方法及装置。One or more embodiments of this specification relate to the field of blockchain technology, and in particular to a method and device for querying private data based on smart contracts.
背景技术Background technique
区块链技术构建在传输网络(例如点对点网络)之上。传输网络中的网络节点利用链式数据结构来验证与存储数据,并采用分布式节点共识算法来生成和更新数据。Blockchain technology is built on a transmission network (such as a peer-to-peer network). The network nodes in the transmission network use chained data structures to verify and store data, and use distributed node consensus algorithms to generate and update data.
目前企业级的区块链平台技术上最大的两个挑战就是隐私和性能,往往这两个挑战很难同时解决。大多解决方案都是通过损失性能换取隐私,或者不大考虑隐私去追求性能。常见的解决隐私问题的加密技术,如同态加密(Homomorphic encryption)和零知识证明(Zero-knowledge proof)等复杂度高,通用性差,而且还可能带来严重的性能损失。At present, the two biggest challenges in enterprise-level blockchain platform technology are privacy and performance. It is often difficult to solve these two challenges at the same time. Most of the solutions are to lose performance in exchange for privacy, or do not consider privacy to pursue performance. Common encryption technologies that solve privacy problems, such as Homomorphic encryption and Zero-knowledge proof, are highly complex, have poor versatility, and may also cause serious performance losses.
可信执行环境(Trusted Execution Environment,TEE)是另一种解决隐私问题的方式。TEE可以起到硬件中的黑箱作用,在TEE中执行的代码和数据操作系统层都无法偷窥,只有代码中预先定义的接口才能对其进行操作。在效率方面,由于TEE的黑箱性质,在TEE中进行运算的是明文数据,而不是同态加密中的复杂密码学运算,计算过程效率没有损失,因此与TEE相结合可以在性能损失较小的前提下很大程度上提升区块链的安全性和隐私性。目前工业界十分关注TEE的方案,几乎所有主流的芯片和软件联盟都有自己的TEE解决方案,包括软件方面的TPM(Trusted Platform Module,可信赖平台模块)以及硬件方面的Intel SGX(Software Guard Extensions,软件保护扩展)、ARM Trustzone(信任区)和AMD PSP(Platform Security Processor,平台安全处理器)。Trusted Execution Environment (TEE) is another way to solve privacy issues. TEE can play the role of a black box in the hardware. Neither the code executed in the TEE nor the data operating system layer can be peeped, and only the pre-defined interface in the code can operate on it. In terms of efficiency, due to the black box nature of TEE, plaintext data is calculated in TEE instead of complex cryptographic operations in homomorphic encryption. There is no loss of efficiency in the calculation process. Therefore, the combination with TEE can achieve less performance loss. Under the premise, the security and privacy of the blockchain are greatly improved. At present, the industry is very concerned about the TEE solution. Almost all mainstream chip and software alliances have their own TEE solutions, including TPM (Trusted Platform Module) in software and Intel SGX (Software Guard Extensions) in hardware. , Software Protection Extension), ARM Trustzone (trust zone) and AMD PSP (Platform Security Processor, platform security processor).
发明内容Summary of the invention
有鉴于此,本说明书一个或多个实施例提供一种基于智能合约的隐私数据查询方法及装置。In view of this, one or more embodiments of this specification provide a method and device for querying private data based on smart contracts.
为实现上述目的,本说明书一个或多个实施例提供技术方案如下:根据本说明书一个或多个实施例的第一方面,提出了一种基于智能合约的隐私数据查询方法,应用于区块链节点;所述方法包括:当接收到查询方发起的针对目标隐私数据的查询交易时,读 取所述查询交易中包含的与所述目标隐私数据相关的历史交易的交易标识;根据所述交易标识获取所述历史交易,并基于所述历史交易确定所述历史交易调用的业务合约;执行所述业务合约中定义的权限控制代码,以确定所述查询方针对所述目标隐私数据的查询权限;当确定出的查询权限为允许查询时,获取解密后的所述目标隐私数据以由所述查询方查看,所述目标隐私数据被读入可信执行环境进行解密。In order to achieve the above objectives, one or more embodiments of this specification provide technical solutions as follows: According to the first aspect of one or more embodiments of this specification, a method for querying private data based on smart contracts is proposed, which is applied to the blockchain Node; the method includes: when receiving a query transaction for target private data initiated by the querying party, reading the transaction identifier of the historical transaction related to the target private data contained in the query transaction; according to the transaction Identify the acquisition of the historical transaction, and determine the business contract invoked by the historical transaction based on the historical transaction; execute the authority control code defined in the business contract to determine the query authority of the querying party for the target private data When the determined query authority is allowed to query, the decrypted target private data is obtained for viewing by the querying party, and the target private data is read into the trusted execution environment for decryption.
根据本说明书一个或多个实施例的第二方面,提出了一种基于智能合约的隐私数据查询装置,应用于区块链节点;所述装置包括:交易读取单元,当接收到查询方发起的针对目标隐私数据的查询交易时,读取所述查询交易中包含的与所述目标隐私数据相关的历史交易的交易标识;合约确定单元,根据所述交易标识获取所述历史交易,并基于所述历史交易确定所述历史交易调用的业务合约;权限查询单元,执行所述业务合约中定义的权限控制代码,以确定所述查询方针对所述目标隐私数据的查询权限;数据获取单元,当确定出的查询权限为允许查询时,获取解密后的所述目标隐私数据以由所述查询方查看,所述目标隐私数据被读入可信执行环境进行解密。According to the second aspect of one or more embodiments of this specification, a device for querying private data based on smart contracts is proposed, which is applied to a blockchain node; the device includes: a transaction reading unit, which is initiated by the querying party when received During the query transaction for target privacy data, read the transaction identifier of the historical transaction related to the target privacy data contained in the query transaction; the contract determination unit obtains the historical transaction according to the transaction identifier, and based on the transaction identifier The historical transaction determines the business contract invoked by the historical transaction; the authority query unit executes the authority control code defined in the business contract to determine the query authority of the query party for the target private data; a data acquisition unit, When the determined query authority is query permission, the decrypted target private data is obtained for viewing by the querying party, and the target private data is read into a trusted execution environment for decryption.
根据本说明书一个或多个实施例的第三方面,提出了一种电子设备,包括:处理器;用于存储处理器可执行指令的存储器;其中,所述处理器通过运行所述可执行指令以实现如上述任一实施例中所述的隐私数据的查询方法。According to a third aspect of one or more embodiments of this specification, an electronic device is proposed, including: a processor; a memory for storing executable instructions of the processor; wherein the processor runs the executable instructions In order to realize the method for querying private data as described in any of the above embodiments.
根据本说明书一个或多个实施例的第四方面,提出了一种计算机可读存储介质,其上存储有计算机指令,该指令被处理器执行时实现如上述实施例中任一所述方法的步骤。According to the fourth aspect of one or more embodiments of this specification, a computer-readable storage medium is provided, which stores computer instructions, which when executed by a processor, implements the method described in any of the above-mentioned embodiments. step.
附图说明Description of the drawings
图1是一示例性实施例提供的一种创建智能合约的示意图。Fig. 1 is a schematic diagram of creating a smart contract according to an exemplary embodiment.
图2是一示例性实施例提供的一种调用智能合约的示意图。Fig. 2 is a schematic diagram of invoking a smart contract provided by an exemplary embodiment.
图3是一示例性实施例提供的一种调用业务合约的示意图。Fig. 3 is a schematic diagram of invoking a business contract provided by an exemplary embodiment.
图4是一示例性实施例提供的一种基于智能合约的隐私数据查询方法的流程图。Fig. 4 is a flowchart of a method for querying private data based on smart contracts according to an exemplary embodiment.
图5是一示例性实施例提供的另一种基于智能合约的隐私数据查询方法的流程图。Fig. 5 is a flowchart of another method for querying private data based on smart contracts provided by an exemplary embodiment.
图6是一示例性实施例提供的一种设备的结构示意图。Fig. 6 is a schematic structural diagram of a device provided by an exemplary embodiment.
图7是一示例性实施例提供的一种基于智能合约的隐私数据查询装置的框图。Fig. 7 is a block diagram of a device for querying private data based on smart contracts according to an exemplary embodiment.
具体实施方式Detailed ways
这里将详细地对示例性实施例进行说明,其示例表示在附图中。下面的描述涉及附图时,除非另有表示,不同附图中的相同数字表示相同或相似的要素。以下示例性实施例中所描述的实施方式并不代表与本说明书一个或多个实施例相一致的所有实施方式。相反,它们仅是与如所附权利要求书中所详述的、本说明书一个或多个实施例的一些方面相一致的装置和方法的例子。The exemplary embodiments will be described in detail here, and examples thereof are shown in the accompanying drawings. When the following description refers to the drawings, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements. The implementation manners described in the following exemplary embodiments do not represent all implementation manners consistent with one or more embodiments of this specification. Rather, they are merely examples of devices and methods consistent with some aspects of one or more embodiments of this specification as detailed in the appended claims.
需要说明的是:在其他实施例中并不一定按照本说明书示出和描述的顺序来执行相应方法的步骤。在一些其他实施例中,其方法所包括的步骤可以比本说明书所描述的更多或更少。此外,本说明书中所描述的单个步骤,在其他实施例中可能被分解为多个步骤进行描述;而本说明书中所描述的多个步骤,在其他实施例中也可能被合并为单个步骤进行描述。It should be noted that in other embodiments, the steps of the corresponding method are not necessarily executed in the order shown and described in this specification. In some other embodiments, the method may include more or fewer steps than described in this specification. In addition, a single step described in this specification may be decomposed into multiple steps for description in other embodiments; and multiple steps described in this specification may also be combined into a single step in other embodiments. description.
区块链一般被划分为三种类型:公有链(Public Blockchain),私有链(Private Blockchain)和联盟链(Consortium Blockchain)。此外,还有多种类型的结合,比如私有链+联盟链、联盟链+公有链等不同组合形式。其中去中心化程度最高的是公有链。公有链以比特币、以太坊为代表,加入公有链的参与者可以读取链上的数据记录、参与交易以及竞争新区块的记账权等。而且,各参与者(即节点)可自由加入以及退出网络,并进行相关操作。私有链则相反,该网络的写入权限由某个组织或者机构控制,数据读取权限受组织规定。简单来说,私有链可以为一个弱中心化系统,参与节点具有严格限制且少。这种类型的区块链更适合于特定机构内部使用。联盟链则是介于公有链以及私有链之间的区块链,可实现“部分去中心化”。联盟链中各个节点通常有与之相对应的实体机构或者组织;参与者通过授权加入网络并组成利益相关联盟,共同维护区块链运行。Block chains are generally divided into three types: Public Blockchain, Private Blockchain and Consortium Blockchain. In addition, there are many types of combinations, such as private chain + alliance chain, alliance chain + public chain and other different combinations. Among them, the most decentralized one is the public chain. The public chain is represented by Bitcoin and Ethereum. Participants who join the public chain can read the data records on the chain, participate in transactions, and compete for the accounting rights of new blocks. Moreover, each participant (ie, node) can freely join and exit the network, and perform related operations. The private chain is the opposite. The write permission of the network is controlled by an organization or institution, and the data read permission is regulated by the organization. In simple terms, the private chain can be a weakly centralized system with strict restrictions and few participating nodes. This type of blockchain is more suitable for internal use by specific institutions. Consortium chain is a block chain between public chain and private chain, which can realize "partial decentralization". Each node in the alliance chain usually has a corresponding entity or organization; participants are authorized to join the network and form a stakeholder alliance to jointly maintain the operation of the blockchain.
不论是公有链、私有链还是联盟链,都可能提供智能合约的功能。区块链上的智能合约是在区块链系统上可以被交易触发执行的合约。智能合约可以通过代码的形式定义。Whether it is a public chain, a private chain or a consortium chain, it is possible to provide the function of a smart contract. A smart contract on the blockchain is a contract that can be triggered and executed by a transaction on the blockchain system. Smart contracts can be defined in the form of codes.
以以太坊为例,支持用户在以太坊网络中创建并调用一些复杂的逻辑,这是以太坊区别于比特币区块链技术的最大挑战。以太坊作为一个可编程区块链的核心是以太坊虚拟机(EVM),每个以太坊节点都可以运行EVM。EVM是一个图灵完备的虚拟机,这意味着可以通过它实现各种复杂的逻辑。用户在以太坊中发布和调用智能合约就是在EVM上运行的。实际上,虚拟机直接运行的是虚拟机代码(虚拟机字节码,下简称“字 节码”)。部署在区块链上的智能合约可以是字节码的形式。Taking Ethereum as an example, it supports users to create and call some complex logic in the Ethereum network. This is the biggest challenge that distinguishes Ethereum from Bitcoin blockchain technology. The core of Ethereum as a programmable blockchain is the Ethereum Virtual Machine (EVM), and every Ethereum node can run EVM. EVM is a Turing complete virtual machine, which means that various complex logic can be implemented through it. Users who publish and call smart contracts in Ethereum run on the EVM. In fact, what the virtual machine directly runs is the virtual machine code (virtual machine bytecode, hereinafter referred to as "byte code"). The smart contract deployed on the blockchain can be in the form of bytecode.
例如图1所示,Bob将一个包含创建智能合约信息的交易发送到以太坊网络后,节点1的EVM可以执行这个交易并生成对应的合约实例。图中1中的“0x6f8ae93…”代表了这个合约的地址,交易的data字段保存的可以是字节码,交易的to字段为空。节点间通过共识机制达成一致后,这个合约成功创建,并且可以在后续过程中被调用。合约创建后,区块链上出现一个与该智能合约对应的合约账户,并拥有一个特定的地址,合约代码将保存在该合约账户中。智能合约的行为由合约代码控制。换句话说,智能合约使得区块链上产生包含合约代码和账户存储(Storage)的虚拟账户。For example, as shown in Figure 1, after Bob sends a transaction containing the information to create a smart contract to the Ethereum network, the EVM of node 1 can execute the transaction and generate a corresponding contract instance. The "0x6f8ae93..." in Figure 1 represents the address of this contract, the data field of the transaction can be stored in bytecode, and the to field of the transaction is empty. After the nodes reach an agreement through the consensus mechanism, the contract is successfully created and can be called in the subsequent process. After the contract is created, a contract account corresponding to the smart contract appears on the blockchain and has a specific address, and the contract code will be stored in the contract account. The behavior of the smart contract is controlled by the contract code. In other words, smart contracts enable virtual accounts containing contract codes and account storage (Storage) to be generated on the blockchain.
如图2所示,仍以以太坊为例,Bob将一个用于调用智能合约的交易发送到以太坊网络后,某一节点的EVM可以执行这个交易并生成对应的合约实例。图中2中交易的from字段是交易发起方(即Bob)的账户的地址,to字段中的“0x6f8ae93…”代表了被调用的智能合约的地址,value字段在以太坊中是以太币的值,交易的data字段保存的调用智能合约的方法和参数。智能合约以规定的方式在区块链网络中每个节点独立的执行,所有执行记录和数据都保存在区块链上,所以当交易完成后,区块链上就保存了无法篡改、不会丢失的交易凭证。As shown in Figure 2, still taking Ethereum as an example, after Bob sends a transaction for invoking a smart contract to the Ethereum network, the EVM of a certain node can execute the transaction and generate a corresponding contract instance. The from field of the transaction in Figure 2 is the address of the account of the transaction initiator (ie Bob), the "0x6f8ae93..." in the to field represents the address of the called smart contract, and the value field in Ethereum is the value of Ether , The method and parameters of calling the smart contract are stored in the data field of the transaction. The smart contract is executed independently on each node in the blockchain network in a prescribed manner. All execution records and data are stored on the blockchain. Therefore, when the transaction is completed, the blockchain will be stored on the blockchain that cannot be tampered with. Lost transaction certificate.
区块链网络中的节点在执行Bob发起的交易后,会生成相应的收据(receipt)数据,以用于记录该交易相关的收据信息。这样,可以通过查询交易的收据来获得该交易执行结果的相关信息。以以太坊为例,节点执行交易所得的收据数据可以包括如下内容:Result字段,表示交易的执行结果;Gas used字段,表示交易消耗的gas值;Logs字段,表示交易产生的日志,日志可以进一步包括From字段、To字段、Topic字段和Log data字段等,其中From字段表示调用的发起方的账户地址、To字段表示被调用对象(如智能合约)的账户地址、Topic字段表示日志的主题、Log data字段表示日志数据;Output字段,表示交易的输出。After the nodes in the blockchain network execute the transaction initiated by Bob, they will generate corresponding receipt data to record the receipt information related to the transaction. In this way, information about the execution result of the transaction can be obtained by querying the receipt of the transaction. Taking Ethereum as an example, the receipt data obtained by a node executing a transaction can include the following content: Result field, indicating the execution result of the transaction; Gas used field, indicating the gas value consumed by the transaction; Logs field, indicating the log generated by the transaction, and the log can be It further includes the From field, To field, Topic field, Log data field, etc. The From field represents the account address of the initiator of the call, the To field represents the account address of the called object (such as a smart contract), and the Topic field represents the subject of the log. The Log data field indicates log data; the Output field indicates the output of the transaction.
一般的,交易执行后生成的收据数据以明文形式进行存储,任何人都可以看到收据数据所含的上述各个收据字段的内容,无隐私保护的设置和能力。而在一些区块链与TEE相结合的解决方案中,为了实现隐私保护,收据数据的全部内容均被当作需要隐私保护的数据存储在区块链上。所述区块链,是存储在节点的数据库中特定逻辑组织而成的数据集合。所述数据库,如后所述,其物理载体可以是存储介质,例如持久性存储介质。实际上,收据数据中可能只有部分内容是敏感的,而其它内容并不敏感,只需要针对敏感的内容进行隐私保护、其他内容可以公开,甚至在一些情况下可能需要对部分内 容实施检索以驱动相关操作的实施,那么针对这部分内容实施隐私保护将影响检索操作的实施。Generally, the receipt data generated after the transaction is executed is stored in plain text, and anyone can see the contents of the above-mentioned receipt fields contained in the receipt data, and there is no privacy protection setting and ability. In some solutions that combine blockchain and TEE, in order to achieve privacy protection, the entire content of the receipt data is stored on the blockchain as data that requires privacy protection. The block chain is a data set stored in a database of a node and organized by a specific logic. As described later, the physical carrier of the database may be a storage medium, such as a persistent storage medium. In fact, only part of the content of the receipt data may be sensitive, while other content is not sensitive. Only sensitive content needs to be protected for privacy, and other content can be disclosed. In some cases, it may even be necessary to perform retrieval of part of the content to drive The implementation of related operations, then the implementation of privacy protection for this part of the content will affect the implementation of retrieval operations.
其中,保护用户隐私的过程可如图3所示:步骤302,用户A创建一笔调用业务合约的交易,并将创建好的交易发送至区块链节点。The process of protecting user privacy can be shown in Figure 3: Step 302: User A creates a transaction for invoking a business contract, and sends the created transaction to the blockchain node.
用户A可通过创建一笔交易(包含所调用智能合约的账户地址)来调用部署于区块链上的智能合约(即业务合约),以使得区块链节点执行业务合约来完成相应的业务。出于隐私保护,用户A可采用数字信封加密的方式对创建好的交易进行加密,该数字信封加密结合对称加密算法和非对称加密算法。具体而言,采用对称加密算法加密交易内容(即采用自身使用的对称密钥对交易内容进行加密),再采用非对称加密算法的公钥对该对称密钥进行加密。User A can invoke the smart contract (ie, business contract) deployed on the blockchain by creating a transaction (including the account address of the called smart contract), so that the blockchain node executes the business contract to complete the corresponding business. For privacy protection, user A can use digital envelope encryption to encrypt the created transaction, which combines a symmetric encryption algorithm and an asymmetric encryption algorithm. Specifically, the transaction content is encrypted using a symmetric encryption algorithm (that is, the transaction content is encrypted using the symmetric key used by itself), and then the public key of the asymmetric encryption algorithm is used to encrypt the symmetric key.
步骤304,区块链节点执行业务合约。Step 304, the blockchain node executes the business contract.
区块链节点在接收到被加密的交易后,将该交易读入TEE内部,先采用该非对称加密算法的私钥进行解密得到对称密钥,再采用解密得到的对称密钥对交易进行解密得到交易内容,进而在TEE内部执行业务合约的业务代码。After receiving the encrypted transaction, the blockchain node reads the transaction into the TEE, first uses the private key of the asymmetric encryption algorithm to decrypt the symmetric key, and then uses the decrypted symmetric key to decrypt the transaction Obtain the transaction content, and then execute the business code of the business contract within the TEE.
步骤306,区块链节点存储与交易相关的隐私数据。In step 306, the blockchain node stores private data related to the transaction.
一方面,区块链节点在接收到交易后,(通过共识之后)会将交易(被采用数字信封的形式进行加密)发布至区块链上进行存证。另一方面,区块链节点在执行交易后,还会将执行交易得到的相关数据进行加密存储(发布至区块链上进行存证,或者存储在本地);其中,针对对应于交易的交易收据,可采用用户A使用的对称密钥进行加密,针对响应于交易执行业务合约而得到的合约状态数据,可采用TEE内部的特定对称密钥进行加密。另外,针对用户A的账户属性信息、业务合约的账户属性信息、业务合约的合约代码等数据,也可采用TEE内部的特定对称密钥进行加密。而上述这些区块链节点加密的数据,均属于用户A在区块链上的隐私数据。On the one hand, after receiving the transaction, the blockchain node (after passing the consensus) will publish the transaction (encrypted in the form of a digital envelope) to the blockchain for certification. On the other hand, after the blockchain node executes the transaction, it will also encrypt and store the relevant data obtained from the execution of the transaction (publish it on the blockchain for certification, or store it locally); among them, for the transaction corresponding to the transaction The receipt can be encrypted with the symmetric key used by user A, and the contract status data obtained in response to the execution of the business contract in response to the transaction can be encrypted with a specific symmetric key inside the TEE. In addition, data such as user A's account attribute information, business contract account attribute information, and business contract contract code can also be encrypted using a specific symmetric key inside the TEE. The data encrypted by these blockchain nodes above all belong to user A's private data on the blockchain.
在上述隐私保护的场景下,用户可能需要将自身利用区块链所实现业务相关的隐私数据分享给一些特定的用户查看,也即这些特定的用户可查看与该用户发起的历史交易相关的隐私数据。那么,可针对用户的隐私数据设定查询权限,以供允许查询的其他用户进行查看。以下结合图4对本说明书的隐私数据的查询方案进行说明。In the above privacy protection scenario, the user may need to share the privacy data related to the business realized by the blockchain to some specific users for viewing, that is, these specific users can view the privacy related to the historical transactions initiated by the user. data. Then, the query authority can be set for the user's private data, so that other users who are allowed to query can view it. The following describes the private data query scheme of this specification in conjunction with FIG. 4.
请参见图4,图4是一示例性实施例提供的一种基于智能合约的隐私数据查询方法的流程图。如图4所示,该方法应用于区块链节点,可以包括以下步骤402至408。Please refer to FIG. 4, which is a flowchart of a method for querying private data based on smart contracts according to an exemplary embodiment. As shown in FIG. 4, the method is applied to a blockchain node and may include the following steps 402 to 408.
步骤402,当接收到查询方发起的针对目标隐私数据的查询交易时,读取所述查询交易中包含的与所述目标隐私数据相关的历史交易的交易标识。Step 402: When receiving a query transaction for target privacy data initiated by the querying party, read the transaction identifier of the historical transaction related to the target privacy data included in the query transaction.
在本实施例中,发起方通过该历史交易来调用已经部署在区块链上的业务合约执行相应的业务代码,从而完成相应的业务。在开发该业务合约时,除了在业务合约中定义与该业务对应的业务代码之外,还需要在业务合约中定义与调用该业务合约的交易相关的隐私数据的权限控制代码,以用于判定针对该隐私数据的查询方是否被允许查询。通过上述在业务合约中定义权限控制代码的方式,可将隐私数据与控制该隐私数据的查询权限的权限控制代码建立关联关系,从而使得各个业务合约可以控制与调用自身的交易相关的隐私数据。In this embodiment, the initiator invokes the business contract that has been deployed on the blockchain to execute the corresponding business code through the historical transaction, thereby completing the corresponding business. When developing the business contract, in addition to defining the business code corresponding to the business in the business contract, it is also necessary to define the authority control code of the privacy data related to the transaction that invokes the business contract in the business contract to determine Whether the inquirer of this private data is allowed to inquire. By defining the permission control code in the business contract, the private data can be associated with the permission control code that controls the query permission of the private data, so that each business contract can control the private data related to the transaction calling itself.
可由区块链用户、区块链成员、区块链管理员等角色来完成对业务合约的开发和部署。以联盟链为例,由具备记账权限的区块链成员(或者区块链用户、管理员)来设定权限控制规则,并将权限控制规则以权限控制代码的形式定义在业务合约(还定义了业务代码)中。在完成对业务合约的开发后,该区块链成员可以通过联盟链中的任一节点设备将该业务合约发布至联盟链,并在该业务合约由该联盟链中的部分指定的成员节点设备(比如,联盟链中指定的若干个具有记账权限的权威节点设备)完成共识后,收录至该联盟链的分布式数据库(即分布式账本)。基于上述部署业务合约的方式,业务合约的部署方(即具备记账权限的普通用户或者普通成员)可控制是否允许其他人来查询与发送至该业务合约的交易(即调用该业务合约的交易)相关的隐私数据。The development and deployment of business contracts can be completed by roles such as blockchain users, blockchain members, and blockchain administrators. Take the consortium chain as an example. Blockchain members (or blockchain users, administrators) with accounting authority set up authority control rules, and define the authority control rules in the form of authority control codes in the business contract (also Defined the business code). After completing the development of the business contract, the blockchain member can publish the business contract to the alliance chain through any node device in the alliance chain, and the business contract is specified by the member node device in the alliance chain. (For example, several authoritative node devices with accounting authority designated in the consortium chain) After completing the consensus, they are included in the distributed database (ie, distributed ledger) of the consortium chain. Based on the above method of deploying a business contract, the deploying party of the business contract (i.e., ordinary users or ordinary members with accounting authority) can control whether others are allowed to inquire about and send transactions to the business contract (that is, the transaction that calls the business contract). ) Related privacy data.
其中,区块链中支持的共识算法可以包括:第一类共识算法,即节点设备需要争夺每一轮的记账周期的记账权的共识算法;例如,工作量证明(Proof of Work,POW)、股权证明(Proof of Stake,POS)、委任权益证明(Delegated Proof of Stake,DPOS)等共识算法;第二类共识算法,即预先为每一轮记账周期选举记账节点(不需要争夺记账权)的共识算法;例如,实用拜占庭容错(Practical Byzantine Fault Tolerance,PBFT)等共识算法。Among them, the consensus algorithms supported in the blockchain can include: the first type of consensus algorithm, that is, the consensus algorithm that node devices need to compete for the accounting right of each round of accounting cycle; for example, Proof of Work (POW) ), Proof of Stake (POS), Delegated Proof of Stake (DPOS) and other consensus algorithms; the second type of consensus algorithm, that is, pre-election of accounting nodes for each round of accounting cycle (no need to compete Accounting rights) consensus algorithms; for example, practical Byzantine Fault Tolerance (PBFT) and other consensus algorithms.
在采用第一类共识算法的区块链网络中,争夺记账权的节点设备,都可以在接收到交易后执行该笔交易。争夺记账权的节点设备中可能有一个节点设备在本轮争夺记账权的过程中胜出,成为记账节点。记账节点可以将收到的交易与其它交易一起打包以生成最新区块,并将生成的最新区块或者该最新区块的区块头发送至其它节点设备进行共识。In the blockchain network using the first type of consensus algorithm, all node devices that compete for the right to bookkeeping can execute the transaction after receiving the transaction. Among the node devices competing for the right to bookkeeping, one node device may win this round of contention for the right to bookkeeping and become the bookkeeping node. The accounting node can package the received transaction with other transactions to generate the latest block, and send the generated latest block or the block header of the latest block to other node devices for consensus.
在采用第二类共识算法的区块链网络中,具有记账权的节点设备在本轮记账前已经商定好。因此,节点设备在接收到交易后,如果自身不是本轮的记账节点,则可以将该 交易发送至记账节点。对于本轮的记账节点,在将该交易与其它交易一起打包以生成最新区块的过程中或者之前,可以执行该交易。记账节点在生成最新区块后,可以将该最新区块或者该最新区块的区块头发送至其它节点设备进行共识。In the blockchain network using the second type of consensus algorithm, the node device with the right to book accounts has been agreed before this round of bookkeeping. Therefore, after the node device receives the transaction, if it is not the billing node of this round, it can send the transaction to the billing node. For this round of accounting nodes, the transaction can be executed during or before the process of packaging the transaction with other transactions to generate the latest block. After the accounting node generates the latest block, it can send the latest block or the block header of the latest block to other node devices for consensus.
如上所述,无论区块链采用以上示出的哪种共识算法,本轮的记账节点都可以将接收到的交易打包以生成最新区块,并将生成的最新区块或者该最新区块的区块头发送至其它节点设备进行共识验证。如果其它节点设备接收到最新区块或者该最新区块的区块头后,经验证没有问题,可以将该最新区块追加到原有的区块链末尾,从而完成区块链的记账过程。其它节点验证记账节点发来的新的区块或区块头的过程中,也可以执行该区块中包含的交易。As mentioned above, no matter which consensus algorithm shown above is adopted by the blockchain, the accounting node of this round can package the received transaction to generate the latest block, and the generated latest block or the latest block The header of the block is sent to other node devices for consensus verification. If other node devices receive the latest block or the block header of the latest block, and there is no problem after verification, the latest block can be appended to the end of the original blockchain to complete the accounting process of the blockchain. In the process of verifying the new block or block header sent by the accounting node, other nodes can also execute the transaction contained in the block.
基于上述部署用于控制查询权限的业务合约的方式,各个业务合约仅控制与调用自身的交易相关的隐私数据的查询权限。因此,当用户(作为查询方)发起一笔针对与历史交易(由其他任一用户发起)相关的目标隐私数据的查询交易时,区块链节点需确定出控制目标隐私数据的查询权限的业务合约,进而才可调用该业务合约来实现权限控制。Based on the above method of deploying business contracts for controlling query authority, each business contract only controls the query authority of private data related to the transaction that invokes itself. Therefore, when a user (as a query party) initiates a query transaction for target private data related to a historical transaction (initiated by any other user), the blockchain node needs to determine the business that controls the query authority of the target private data Contract, and then the business contract can be invoked to achieve permission control.
而针对区块链节点调用业务合约来实现权限控制的方式,可预先在区块链上部署分发合约以用于识别区块链节点接收到的交易是否为查询交易,以及在接收到的交易为查询交易时,进一步调用相应的业务合约来执行权限控制代码(可理解为将查询交易分发给相应的业务合约)。具体而言,可在分发合约中定义分发代码,该分发代码用于调用业务合约执行定义在该业务合约中的权限控制代码。因此,查询方创建的查询交易为用于调用分发合约的交易。那么,当区块链节点接收到的任一交易用于调用分发合约时,可将该任一交易作为查询交易。For blockchain nodes to call business contracts to achieve permission control, a distribution contract can be deployed on the blockchain in advance to identify whether the transaction received by the blockchain node is a query transaction, and when the received transaction is When querying a transaction, the corresponding business contract is further called to execute the authority control code (it can be understood as distributing the query transaction to the corresponding business contract). Specifically, the distribution code can be defined in the distribution contract, and the distribution code is used to call the business contract to execute the permission control code defined in the business contract. Therefore, the query transaction created by the querying party is a transaction for invoking the distribution contract. Then, when any transaction received by the blockchain node is used to call the distribution contract, any transaction can be used as a query transaction.
步骤404,根据所述交易标识获取所述历史交易,并基于所述历史交易确定所述历史交易调用的业务合约。Step 404: Obtain the historical transaction according to the transaction identifier, and determine the business contract invoked by the historical transaction based on the historical transaction.
在本实施例中,历史交易的交易标识可由历史交易的发起方和查询方之间通过线下分享的方式得到,或者通过其他任意方式得到。以以太坊为例,查询方在创建查询交易时,可将历史交易的发起方告知的该历史交易的hash值(作为交易标识)记录在查询交易的data字段中。那么,区块链节点在接收到该查询交易时,可通过该hash值获取存证在区块链上的历史交易,进而根据历史交易的to字段(用于记录调用的智能合约的合约地址)确定该历史交易调用的业务合约。In this embodiment, the transaction identifier of the historical transaction can be obtained by offline sharing between the initiator and the inquiring party of the historical transaction, or by any other means. Taking Ethereum as an example, when a querying party creates a query transaction, it can record the hash value (as a transaction identifier) of the historical transaction notified by the initiator of the historical transaction in the data field of the query transaction. Then, when the blockchain node receives the query transaction, it can obtain the historical transaction stored on the blockchain through the hash value, and then according to the to field of the historical transaction (used to record the contract address of the called smart contract) Determine the business contract invoked by this historical transaction.
步骤406,执行所述业务合约中定义的权限控制代码,以确定所述查询方针对所述 目标隐私数据的查询权限。Step 406: Execute the authority control code defined in the business contract to determine the query authority for the target private data.
在本实施例中,区块链节点在确定接收到的交易为查询交易,并且确定出历史交易调用的业务合约之后,调用分发合约以执行分发合约中定义的分发代码,从而调用确定出的业务合约执行权限控制代码。In this embodiment, after the blockchain node determines that the received transaction is a query transaction and determines the business contract called by the historical transaction, it calls the distribution contract to execute the distribution code defined in the distribution contract, thereby calling the determined business Contract execution authority control code.
基于分发合约起到“分发查询交易”的作用,可将分发合约设计为系统级别的智能合约。因此,可由区块链的管理员来完成对分发合约的开发和部署。同样以联盟链为例,由具备管理权限的管理员来开发分发逻辑(根据查询交易中记录的历史交易调用的业务合约的合约地址,调用该业务合约),并将分发逻辑以分发代码的形式定义在分发合约中。在完成对分发合约的开发后,管理员可将该分发合约发布至联盟链上进行部署(与上述部署智能合约的过程类似)。Based on the role of the distribution contract as a "distribution query transaction", the distribution contract can be designed as a system-level smart contract. Therefore, the development and deployment of the distribution contract can be completed by the administrator of the blockchain. Also taking the alliance chain as an example, an administrator with management authority develops the distribution logic (calls the business contract based on the contract address of the business contract called by the historical transaction recorded in the query transaction), and distributes the logic in the form of code distribution Defined in the distribution contract. After completing the development of the distribution contract, the administrator can publish the distribution contract to the alliance chain for deployment (similar to the above-mentioned process of deploying smart contracts).
其中,在一种情况下,可通过区块链的创世块来部署分发合约,即在搭建区块链的时候部署分发合约,将分发合约的合约代码记录在创世块中。在另一种情况下,可在搭建好区块链的后续过程中部署分发合约;比如,在后续使用过程中管理员想增加权限查询功能。那么,管理员可发起一笔创建分发合约的交易,从而将分发合约部署到区块链上。其中,该交易的to字段是一个空字符串,在data字段中指定了初始化合约的二进制代码,在之后合约被调用时,该代码的执行结果将作为合约代码。Among them, in one case, the distribution contract can be deployed through the genesis block of the blockchain, that is, the distribution contract is deployed when the blockchain is built, and the contract code of the distribution contract is recorded in the genesis block. In another case, the distribution contract can be deployed in the subsequent process of building the blockchain; for example, the administrator wants to increase the permission query function in the subsequent use process. Then, the administrator can initiate a transaction to create a distribution contract to deploy the distribution contract on the blockchain. Among them, the to field of the transaction is an empty string, and the binary code for initializing the contract is specified in the data field. When the contract is called later, the execution result of the code will be the contract code.
在本说明书的技术方案中,除上述通过部署分发合约来调用业务合约以实现权限控制之外,还可将上述分发逻辑以分发代码的形式固化到链代码中,跟随链代码一起发布,从而不需要管理员后续再部署,并且合约代码固化在链代码中,使得合约代码可控,有效提高了安全性。换言之,将查询交易分发至相应业务合约的操作,由区块链节点自身来完成,而无需通过调用智能合约来完成。In the technical solution of this specification, in addition to the above-mentioned deployment of the distribution contract to call the business contract to achieve permission control, the above-mentioned distribution logic can also be solidified into the chain code in the form of distribution code, and released together with the chain code. The administrator needs to deploy later, and the contract code is solidified in the chain code, making the contract code controllable and effectively improving security. In other words, the operation of distributing the query transaction to the corresponding business contract is completed by the blockchain node itself, rather than by calling a smart contract.
需要说明的是,接入区块链的用户在区块链上发起的请求的类型,具体可以是指传统的区块链中所采用的交易(transaction)。当然,接入区块链的用户在区块链上发起的请求的类型,具体也可以是交易以外的,其它形式的具有标准的数据结构的指令、消息等,本说明书一个或多个实施例并不进行特别限定。在以下的各实施例中,将以接入区块链的用户在区块链上发起的请求为交易为例进行说明。It should be noted that the type of request initiated on the blockchain by a user who accesses the blockchain may specifically refer to a transaction used in a traditional blockchain. Of course, the type of request initiated on the blockchain by a user who accesses the blockchain can also be other than a transaction, other forms of instructions, messages, etc. with a standard data structure, one or more embodiments of this specification It is not particularly limited. In the following embodiments, the request initiated on the blockchain by the user accessing the blockchain is taken as an example for description.
在本实施例中,业务合约中以权限控制代码形式定义的权限控制规则,可根据实际需求灵活设定;当然,本说明书一个或多个实施例并不对权项控制规则的具体内容进行限制。在一种情况下,可将查询方的身份信息作为权限控制的依据。相应的,查询方在 创建查询交易时,查询交易中应包含查询方的身份信息。例如,查询方的身份信息为查询方的账户ID(即账户地址),该账户ID可记录于查询交易的from字段中。进一步的,权限控制规则可以设定为当查询方的身份信息符合特定的条件时,允许该查询方查询相应的隐私数据。比如,当查询方属于预先指定的查询用户集合时,可确定该查询方的查询权限为允许查询,或者当查询方的信用评分超过预设信用阈值时,可确定该查询方的查询权限为允许查询等等。因此,在确定查询方的查询权限时,可执行业务合约中定义的权限控制代码,以根据查询方的身份信息确定查询方针对目标隐私数据的查询权限。In this embodiment, the permission control rules defined in the form of permission control codes in the business contract can be flexibly set according to actual needs; of course, one or more embodiments of this specification do not limit the specific content of the permission control rules. In one case, the identity information of the inquiring party can be used as the basis for authority control. Correspondingly, when the inquiring party creates the inquiry transaction, the inquiry transaction should contain the inquiring party's identity information. For example, the identity information of the inquiring party is the account ID (ie account address) of the inquiring party, and the account ID may be recorded in the from field of the inquiry transaction. Further, the permission control rule can be set to allow the querying party to query corresponding private data when the identity information of the querying party meets specific conditions. For example, when the inquiring party belongs to a pre-designated set of inquiring users, the inquiry authority of the inquiring party can be determined to allow the inquiry, or when the inquiring party's credit score exceeds the preset credit threshold, the inquiry authority of the inquiring party can be determined to be allowed Query and so on. Therefore, when determining the query authority of the querying party, the authority control code defined in the business contract can be executed to determine the querying party's query authority for the target private data according to the identity information of the querying party.
在另一种情况下,可将查询方的身份信息和历史交易的发起方的身份信息共同作为权限控制的依据,那么,权限控制规则可以设定为当查询方的身份信息和发起方的身份信息符合特定的条件时,允许该查询方查询相应的隐私数据。比如,在权限控制规则中记录查询组和被查询组,属于查询组的成员允许查看被查询组成员的隐私数据;或者,权限控制规则中直接记录各个用户可以查看哪些其他用户的对应关系;或者当查询方和发起方属于同一团队时,可确定该查询方的查询权限为允许查询等等。因此,在确定查询方的查询权限时,可先基于历史交易获取该历史交易的发起方的身份信息,再执行业务合约中定义的权限控制代码,以根据查询方的身份信息和发起方的身份信息确定查询方针对目标隐私数据的查询权限。In another case, the identity information of the inquiring party and the identity information of the initiator of the historical transaction can be used together as the basis for permission control, then the permission control rules can be set as the identity information of the inquiring party and the identity of the initiator When the information meets specific conditions, the query party is allowed to query the corresponding private data. For example, the query group and the queried group are recorded in the permission control rules, and members belonging to the query group are allowed to view the private data of the members of the queried group; or, the permission control rules directly record the correspondence of which other users each user can view; or When the inquiry party and the initiator belong to the same team, the inquiry authority of the inquiry party can be determined to allow inquiry and so on. Therefore, when determining the query authority of the inquiring party, the identity information of the initiator of the historical transaction can be obtained based on the historical transaction, and then the authority control code defined in the business contract is executed, so as to be based on the identity information of the inquiring party and the identity of the initiator. The information determines the querying authority of the querying party for the target private data.
在又一种情况下,可将历史交易的发起方的身份信息作为权限控制的依据,那么,权限控制规则可以设定为当发起方的身份信息符合特定的条件时,允许该查询方查询相应的隐私数据。比如,当发起方属于预先指定的可被查询用户集合时,可确定查询方的查询权限为允许查询,或者当发起方的信用评分超过预设信用阈值时,可确定查询方的查询权限为允许查询等等。因此,在确定查询方的查询权限时,可先基于历史交易获取该历史交易的发起方的身份信息,再执行业务合约中定义的权限控制代码,以根据发起方的身份信息确定查询方针对目标隐私数据的查询权限。In another case, the identity information of the initiator of the historical transaction can be used as the basis for permission control. Then, the permission control rules can be set to allow the inquiring party to query the corresponding information when the initiator’s identity information meets specific conditions. Privacy data. For example, when the initiator belongs to a pre-designated set of users that can be queried, the query authority of the inquiring party can be determined to allow the query, or when the credit score of the initiator exceeds the preset credit threshold, the query authority of the inquiring party can be determined to be allowed Query and so on. Therefore, when determining the query authority of the inquirer, the identity information of the initiator of the historical transaction can be obtained based on the historical transaction, and then the authority control code defined in the business contract is executed to determine that the inquirer is targeting the target according to the identity information of the initiator. Query permissions for private data.
步骤408,当确定出的查询权限为允许查询时,获取解密后的所述目标隐私数据以由所述查询方查看,所述目标隐私数据被读入可信执行环境进行解密。Step 408: When the determined query authority is allowed to query, obtain the decrypted target private data for viewing by the querying party, and the target private data is read into a trusted execution environment for decryption.
在本实施例中,出于上述对用户隐私数据的保护,隐私数据被加密存储。因此,当确定出查询方的查询权限为允许查询时,获取目标隐私数据并将获取到的目标隐私数据读入可信执行环境进行解密,以由查询方获取。例如,可根据交易标识获取目标隐私数据。而根据目标隐私数据中包含的数据类型的不同,所采用的解密方式也不同(因为加 密方式不同)。In this embodiment, for the above-mentioned protection of user privacy data, the privacy data is encrypted and stored. Therefore, when it is determined that the query authority of the querying party is allowed to query, the target private data is obtained and the obtained target private data is read into the trusted execution environment for decryption, so as to be obtained by the querying party. For example, the target privacy data can be obtained according to the transaction identification. Depending on the type of data contained in the target private data, the decryption method used is also different (because the encryption method is different).
当目标隐私数据包括历史交易和/或历史交易的交易收据时,由上述图3所示实施例可知,历史交易和历史交易的交易收据均被采用历史交易的发起方使用的对称密钥进行加密。因此,在获取到历史交易和/或历史交易的交易收据后,可先获取发起方(在图3所示实施例中即为用户A)使用的对称密钥,再在TEE内通过该对称密钥对历史交易和/或历史交易的交易收据进行解密。而对于发起方使用的对称密钥的获取,可先获取用于加密历史交易的对称密钥(该对称密钥被发起方使用的公钥加密,即上述图3所示实施例中采用数字信封进行加密的方式),在TEE内通过与发起方使用的公钥对应的私钥,对该对称密钥进行解密以得到解密后的对称密钥。需要说明的是,当目标隐私数据为历史交易时,获取历史交易并解密历史交易的过程在执行步骤404时进行,即根据交易标识获取历史交易,并对历史交易进行解密得到明文交易内容,从而根据明文交易内容确定历史交易调用的业务合约。因此,当确定出查询权限为允许查询时,(无需再执行获取历史交易和解密历史交易的操作)直接获取解密后的历史交易供查询方查看即可。When the target privacy data includes historical transactions and/or transaction receipts of historical transactions, it can be seen from the embodiment shown in Figure 3 that both historical transactions and transaction receipts of historical transactions are encrypted with the symmetric key used by the initiator of the historical transaction . Therefore, after obtaining the historical transaction and/or the transaction receipt of the historical transaction, the symmetric key used by the initiator (user A in the embodiment shown in FIG. 3) can be obtained first, and then the symmetric key can be passed in the TEE. The key decrypts historical transactions and/or transaction receipts of historical transactions. For the acquisition of the symmetric key used by the initiator, the symmetric key used to encrypt historical transactions can be obtained first (the symmetric key is encrypted by the public key used by the initiator, that is, the digital envelope is used in the embodiment shown in FIG. 3). Encryption), the symmetric key is decrypted in the TEE through the private key corresponding to the public key used by the initiator to obtain the decrypted symmetric key. It should be noted that, when the target privacy data is a historical transaction, the process of obtaining historical transactions and decrypting historical transactions is performed when step 404 is performed, that is, obtaining historical transactions according to the transaction identifier, and decrypting historical transactions to obtain plaintext transaction content, thereby Determine the business contract called by the historical transaction based on the content of the plaintext transaction. Therefore, when it is determined that the query permission is allowed to query, (no need to perform the operations of obtaining historical transactions and decrypting historical transactions) directly obtain the decrypted historical transactions for the querying party to view.
其中,发起方使用的对称密钥可由发起方通过对称加密算法生成,或由发起方与区块链节点之间通过协商得到,或由密钥管理服务器发送得到。而对于对称加密算法,例如可以是DES算法、3DES算法、TDEA算法、Blowfish算法、RC5算法、IDEA算法等。发起方使用的公钥由密钥管理服务器通过远程证明发送至发起方,区块链节点的TEE由SGX架构建立,与公钥对应的私钥由密钥管理服务器通过远程证明发送至区块链节点的围圈(enclave,也称为飞地)。而用于生成公钥和私钥的非对称加密算法,例如可以是RSA、Elgamal、背包算法、Rabin、D-H、ECC(椭圆曲线加密算法)等。Among them, the symmetric key used by the initiator can be generated by the initiator through a symmetric encryption algorithm, or obtained through negotiation between the initiator and the blockchain node, or sent by the key management server. As for the symmetric encryption algorithm, for example, it may be the DES algorithm, the 3DES algorithm, the TDEA algorithm, the Blowfish algorithm, the RC5 algorithm, the IDEA algorithm, and so on. The public key used by the initiator is sent to the initiator by the key management server through remote certification, the TEE of the blockchain node is established by the SGX architecture, and the private key corresponding to the public key is sent to the blockchain by the key management server through remote certification Enclave of nodes (enclave, also called enclave). The asymmetric encryption algorithm used to generate the public key and the private key can be, for example, RSA, Elgamal, knapsack algorithm, Rabin, D-H, ECC (elliptic curve encryption algorithm), etc.
当目标隐私数据包括历史交易的发起方的账户属性信息、业务合约的账户属性信息、业务合约的合约代码、业务合约的合约状态数据中至少之一时,由上述图3所示实施例可知,这些隐私数据均被采用TEE内部的特定对称密钥进行加密。因此,在获取到这些隐私数据后,可在TEE内通过区块链节点的特定对称密钥对这些隐私数据进行解密。而对于TEE内部的特定对称密钥,在区块链节点的SGX架构通过远程证明后由密钥管理服务器发送,或者由区块链节点与其他区块链节点之间进行协商得到。When the target privacy data includes at least one of the account attribute information of the initiator of the historical transaction, the account attribute information of the business contract, the contract code of the business contract, and the contract status data of the business contract, it can be seen from the embodiment shown in FIG. 3 that these Private data is encrypted with a specific symmetric key inside the TEE. Therefore, after obtaining these private data, the private data can be decrypted by the specific symmetric key of the blockchain node in the TEE. For the specific symmetric key inside the TEE, the SGX structure of the blockchain node is sent by the key management server after remote certification, or it is negotiated between the blockchain node and other blockchain nodes.
在本实施例中,类似于上述对历史交易进行加密以保护隐私的方式,查询方在发起查询交易时,同样可采用自身使用的对称密钥对创建好的查询交易进行加密,并用自身使用的公钥对该对称密钥进行加密。因此,区块链节点在接收到查询交易后,先在TEE内通过与查询方使用的公钥对应的私钥对加密查询交易的对称密钥解密,再通过解密得 到的对称密钥对查询交易进行解密,以获取查询交易包含的交易内容。而在获取到目标隐私数据并对目标隐私数据进行解密后,区块链节点可通过查询方的对称密钥对解密后的目标隐私数据进行加密,使得查询方可通过自身使用的对称密钥对目标隐私数据进行解密查看,从而避免目标隐私数据被泄露。In this embodiment, similar to the above-mentioned way of encrypting historical transactions to protect privacy, when the querying party initiates a query transaction, it can also use the symmetric key used by itself to encrypt the created query transaction, and use its own symmetric key to encrypt the created query transaction. The public key encrypts the symmetric key. Therefore, after receiving the query transaction, the blockchain node first decrypts the symmetric key of the encrypted query transaction through the private key corresponding to the public key used by the querying party in the TEE, and then queries the transaction through the symmetric key pair obtained by decryption Decryption is performed to obtain the transaction content contained in the query transaction. After obtaining the target private data and decrypting the target private data, the blockchain node can encrypt the decrypted target private data with the symmetric key of the querying party, so that the querying party can use the symmetric key pair used by itself. The target private data is decrypted and viewed, thereby avoiding the target private data from being leaked.
其中,上述针对查询方进行隐私保护所使用的对称密钥、公钥和私钥的来源与上述类似,在此不再赘述。当然,该过程中使用的非对称密钥(公钥和私钥),可以是上述针对发起方进行隐私保护所使用的非对称密钥。Among them, the sources of the symmetric key, public key, and private key used for privacy protection of the query party are similar to those described above, and will not be repeated here. Of course, the asymmetric keys (public key and private key) used in this process can be the asymmetric keys used for the privacy protection of the initiator as described above.
在本实施例中,当确定出查询方的查询权限为禁止查询时,可生成用于表示该查询方禁止查询目标隐私数据的合约收据以由查询方查看。In this embodiment, when it is determined that the inquiry authority of the inquiry party is to prohibit inquiry, a contract receipt indicating that the inquiry party prohibits inquiry of the target private data may be generated to be viewed by the inquiry party.
为了便于理解,下面结合图5对查询方查看目标隐私数据的过程进行举例说明。For ease of understanding, the following describes the process of the querying party viewing the target private data with reference to FIG. 5.
如图5所示,承接于上述图3的场景,在用户A发起调用业务合约的交易后,用户A可向用户B分享与该交易(在该场景下作为历史交易)相关的隐私数据,或者用户B存在查看该隐私数据的需求。那么,用户B作为查询方查询目标隐私数据的过程可包括以下步骤。As shown in Figure 5, following the scenario of Figure 3 above, after user A initiates a transaction invoking the business contract, user A can share privacy data related to the transaction (in this scenario as a historical transaction) to user B, or User B has a need to view the private data. Then, the process of user B as the inquiring party inquiring the target private data may include the following steps.
步骤502,用户B通过使用的客户端创建查询交易。In step 502, the user B creates a query transaction by using the client terminal.
在本实施例中,查询交易的to字段记录的是分发合约的合约地址,同时还可在查询交易的data字段(或者其他字段)中记录历史交易的hash值(即交易ID)。其中,历史交易的hash值可由用户B与用户A之间通过线下分享的方式得到,或者通过其他任意方式得到。In this embodiment, the to field of the query transaction records the contract address of the distribution contract, and the hash value (ie transaction ID) of the historical transaction can also be recorded in the data field (or other fields) of the query transaction. Among them, the hash value of historical transactions can be obtained by offline sharing between user B and user A, or obtained by any other means.
步骤504,用户B通过客户端采用数字信封加密查询交易。In step 504, the user B uses the digital envelope encryption to query the transaction through the client.
步骤506,用户B通过客户端向区块链节点发起查询交易。Step 506: User B initiates a query transaction to the blockchain node through the client.
步骤508,区块链节点在TEE内解密查询交易。In step 508, the blockchain node decrypts the query transaction in the TEE.
TEE是基于CPU硬件的安全扩展,且与外部完全隔离的可信执行环境。TEE最早是由Global Platform提出的概念,用于解决移动设备上资源的安全隔离,平行于操作系统为应用程序提供可信安全的执行环境。ARM的Trust Zone技术最早实现了真正商用的TEE技术。伴随着互联网的高速发展,安全的需求越来越高,不仅限于移动设备,云端设备,数据中心都对TEE提出了更多的需求。TEE的概念也得到了高速的发展和扩充。现在所说的TEE相比与最初提出的概念已经是更加广义的TEE。例如,服务器 芯片厂商Intel,AMD等都先后推出了硬件辅助的TEE并丰富了TEE的概念和特性,在工业界得到了广泛的认可。现在提起的TEE通常更多指这类硬件辅助的TEE技术。不同于移动端,云端访问需要远程访问,终端用户对硬件平台不可见,因此使用TEE的第一步就是要确认TEE的真实可信。因此现在的TEE技术都引入了远程证明机制,由硬件厂商(主要是CPU厂商)背书并通过数字签名技术确保用户对TEE状态可验证。同时仅仅是安全的资源隔离也无法满足的安全需求,进一步的数据隐私保护也被提出。包括Intel SGX,AMD SEV在内的商用TEE也都提供了内存加密技术,将可信硬件限定在CPU内部,总线和内存的数据均是密文防止恶意用户进行窥探。例如,英特尔的软件保护扩展(SGX)等TEE技术隔离了代码执行、远程证明、安全配置、数据的安全存储以及用于执行代码的可信路径。在TEE中运行的应用程序受到安全保护,几乎不可能被第三方访问。TEE is a secure extension based on CPU hardware and a trusted execution environment that is completely isolated from the outside. TEE was first proposed by Global Platform to solve the security isolation of resources on mobile devices, and parallel to the operating system to provide a trusted and secure execution environment for applications. ARM's Trust Zone technology is the first to realize the real commercial TEE technology. With the rapid development of the Internet, security requirements are getting higher and higher. Not only mobile devices, cloud devices, and data centers have put forward more demands on TEE. The concept of TEE has also been rapidly developed and expanded. Compared with the originally proposed concept, the TEE referred to now is a more generalized TEE. For example, server chip manufacturers Intel, AMD, etc. have successively introduced hardware-assisted TEE and enriched the concept and characteristics of TEE, which has been widely recognized in the industry. The TEE mentioned now usually refers more to this kind of hardware-assisted TEE technology. Different from the mobile terminal, cloud access requires remote access, and the end user is invisible to the hardware platform. Therefore, the first step in using TEE is to confirm the authenticity of TEE. Therefore, the current TEE technology has introduced a remote certification mechanism, which is endorsed by hardware manufacturers (mainly CPU manufacturers) and through digital signature technology to ensure that users can verify the state of the TEE. At the same time, security needs that can't be met by only secure resource isolation, further data privacy protection has also been proposed. Commercial TEEs including Intel SGX and AMD SEV also provide memory encryption technology to limit the trusted hardware to the CPU, and the data on the bus and memory are ciphertexts to prevent malicious users from snooping. For example, TEE technologies such as Intel’s Software Protection Extensions (SGX) isolate code execution, remote attestation, secure configuration, secure storage of data, and trusted paths for code execution. The applications running in TEE are protected by security and are almost impossible to be accessed by third parties.
以Intel SGX技术为例,SGX提供了围圈,即内存中一个加密的可信执行区域,由CPU保护数据不被窃取。以区块链节点采用支持SGX的CPU为例,利用新增的处理器指令,在内存中可以分配一部分区域EPC(Enclave Page Cache,围圈页面缓存或飞地页面缓存),通过CPU内的加密引擎MEE(Memory Encryption Engine)对其中的数据进行加密。EPC中加密的内容只有进入CPU后才会被解密成明文。因此,在SGX中,用户可以不信任操作系统、VMM(Virtual Machine Monitor,虚拟机监控器)、甚至BIOS(Basic Input Output System,基本输入输出系统),只需要信任CPU便能确保隐私数据不会泄漏。Taking Intel SGX technology as an example, SGX provides a circle, that is, an encrypted trusted execution area in the memory, and the CPU protects data from being stolen. Take the SGX-supported CPU used by the blockchain node as an example. With the newly added processor instructions, a part of the area EPC (Enclave Page Cache, Enclave Page Cache, Enclave Page Cache) can be allocated in the memory through encryption in the CPU. The engine MEE (Memory Encryption Engine) encrypts the data in it. The encrypted content in EPC will be decrypted into plain text only after entering the CPU. Therefore, in SGX, users can distrust the operating system, VMM (Virtual Machine Monitor), and even BIOS (Basic Input Output System). They only need to trust the CPU to ensure that private data will not leakage.
在实际应用中,非对称加密算法的密钥,可由密钥管理服务器生成。通过远程证明的方式,密钥管理服务器将私钥发送至区块链节点,具体的,可以是传入区块链节点的围圈中。区块链节点可以包含多个围圈,而上述私钥可以被传入这些围圈中的安全围圈;例如,该安全围圈可以为QE(Quoting Enclave)围圈,而非AE(Application Enclave)围圈。对于非对称加密的公钥,可以由密钥管理服务器发送至用户的客户端。那么,客户端可采用对称加密算法加密创建好的交易,即采用对称加密算法的对称密钥加密交易内容,并用非对称加密算法加密对称加密算法中采用的对称密钥。一般的,采用非对称加密算法的公钥加密对称加密算法中采用的对称密钥。上述加密的方式被称为数字信封加密,那么区块链节点接收到加密的交易后,可以先采用非对称加密算法的私钥进行解密,得到对称加密算法的对称密钥,进而用对称加密算法的对称密钥解密得到交易内容。In practical applications, the key of the asymmetric encryption algorithm can be generated by the key management server. Through remote certification, the key management server sends the private key to the blockchain node, specifically, it can be passed into the circle of the blockchain node. Blockchain nodes can contain multiple enclosures, and the above private key can be passed into the security enclosures in these enclosures; for example, the security enclosure can be a QE (Quoting Enclave) enclosure instead of AE (Application Enclave) ) Encircle the circle. For asymmetrically encrypted public keys, they can be sent by the key management server to the user's client. Then, the client can use the symmetric encryption algorithm to encrypt the created transaction, that is, use the symmetric key of the symmetric encryption algorithm to encrypt the transaction content, and use the asymmetric encryption algorithm to encrypt the symmetric key used in the symmetric encryption algorithm. Generally, the public key of the asymmetric encryption algorithm is used to encrypt the symmetric key used in the symmetric encryption algorithm. The above encryption method is called digital envelope encryption. After the blockchain node receives the encrypted transaction, it can first use the private key of the asymmetric encryption algorithm to decrypt, obtain the symmetric key of the symmetric encryption algorithm, and then use the symmetric encryption algorithm Decrypt the symmetric key to get the transaction content.
步骤510,区块链节点确定接收到的交易为调用分发合约的查询交易。In step 510, the blockchain node determines that the received transaction is a query transaction for invoking the distribution contract.
在本实施例中,区块链节点在接收到任一交易后,读取该交易的to字段内容。当to字段内容为分发合约的合约地址时,说明该交易用于调用分发合约,那么可确定出该交易为查询交易。In this embodiment, after receiving any transaction, the blockchain node reads the content of the to field of the transaction. When the content of the to field is the contract address of the distribution contract, it means that the transaction is used to call the distribution contract, and then it can be determined that the transaction is a query transaction.
步骤512,区块链节点读取查询交易中包含的hash值。Step 512: The blockchain node reads the hash value contained in the query transaction.
步骤514,区块链节点根据hsah值获取历史交易的from字段和to字段。In step 514, the blockchain node obtains the from field and to field of the historical transaction according to the hsah value.
在本实施例中,历史交易的from字段的内容为历史交易的发起方的地址(本实施例中为发起方的身份信息),历史交易的to字段的内容为历史交易调用的业务合约的合约地址。In this embodiment, the content of the from field of the historical transaction is the address of the initiator of the historical transaction (in this embodiment, the identity information of the initiator), and the content of the to field of the historical transaction is the contract of the business contract invoked by the historical transaction address.
步骤516,区块链节点向分发合约发送历史交易的from字段和to字段。In step 516, the blockchain node sends the from field and to field of the historical transaction to the distribution contract.
步骤518,分发合约根据历史交易的to字段确定历史交易调用的业务合约。Step 518: The distribution contract determines the business contract invoked by the historical transaction according to the to field of the historical transaction.
步骤520,分发合约调用业务合约。Step 520, the distribution contract calls the business contract.
步骤522,业务合约根据查询交易的from字段和历史交易的from字段确定用户B的查询权限。Step 522: The business contract determines the query authority of user B according to the from field of the query transaction and the from field of the historical transaction.
在本实施例中,以查询方和历史交易的发起方的身份信息共同作为权限控制的依据为例。例如,权限控制规则(以权限控制代码的形式定义在业务合约中)中记录查询组和被查询组,属于查询组的成员允许查看被查询组成员的隐私数据;或者,权限控制规则中直接记录各个用户可以查看哪些其他用户的对应关系。其中,采用账户地址作为用户的身份信息。那么,区块链节点执行业务合约中定义的权限控制代码,从而根据查询方的账户地址(查询交易的from字段内容)和历史交易的发起方的账户地址(历史交易的from字段内容)来确定用户B的查询权限。In this embodiment, the identity information of the inquiring party and the initiator of the historical transaction are jointly used as the basis for permission control as an example. For example, the permission control rules (defined in the business contract in the form of permission control codes) record the query group and the queried group, and members belonging to the query group are allowed to view the private data of the queried group members; or, directly record in the permission control rules Each user can view the corresponding relationship of which other users. Among them, the account address is used as the user's identity information. Then, the blockchain node executes the authority control code defined in the business contract to determine according to the account address of the querying party (the content of the from field of the query transaction) and the account address of the initiator of the historical transaction (the content of the from field of the historical transaction) User B's query authority.
步骤524,业务合约向区块链节点返回用户B的查询权限。Step 524: The business contract returns the query authority of user B to the blockchain node.
步骤526,当用户B的查询权限为允许查询时,区块链节点获取目标隐私数据。Step 526: When the query permission of user B is allowed to query, the blockchain node obtains the target private data.
在本实施例中,区块链节点可根据历史交易的hash值获取目标隐私数据。而当利用业务合约确定出用户B的查询权限为禁止查询时,可生成关于用户B禁止查询目标隐私数据的合约收据以供用户B查看。或者,由区块链节点向用户B返回禁止查询的回执以告知用户B的查询权限为禁止查询。In this embodiment, the blockchain node can obtain the target private data according to the hash value of the historical transaction. When the business contract is used to determine that user B's query authority is forbidden to query, a contract receipt regarding user B's forbidden to query the target private data can be generated for user B to view. Or, the blockchain node returns to user B a query-forbidden receipt to inform user B that the query permission is forbidden to query.
步骤528,区块链节点将目标隐私数据读入TEE进行解密。In step 528, the blockchain node reads the target privacy data into the TEE for decryption.
在本实施例中,由上述图3所示实施例可知,出于隐私保护的目的,隐私数据被加 密存储。同时,根据隐私数据中包含的数据类型的不同,所采用的加密方式也不同。因此,在根据历史交易的hash值获取目标隐私数据后,将获取到的目标隐私数据读入可信执行环境进行解密,以由查询方获取。In this embodiment, it can be seen from the embodiment shown in FIG. 3 that, for the purpose of privacy protection, private data is encrypted and stored. At the same time, depending on the type of data contained in the private data, the encryption method used is also different. Therefore, after obtaining the target private data according to the hash value of the historical transaction, the obtained target private data is read into the trusted execution environment for decryption, so as to be obtained by the querying party.
当目标隐私数据包括历史交易和/或历史交易的交易收据时,由上述图3所示实施例可知,历史交易和历史交易的交易收据均被采用历史交易的发起方使用的对称密钥进行加密。因此,在获取到历史交易和/或历史交易的交易收据后,可先获取用户A使用的对称密钥,再在TEE内通过该对称密钥对历史交易和/或历史交易的交易收据进行解密。而对于发起方使用的对称密钥的获取,可先获取用于加密历史交易的对称密钥(该对称密钥被用户A使用的公钥加密),在TEE内通过与用户A使用的公钥对应的私钥,对该对称密钥进行解密以得到解密后的对称密钥。When the target privacy data includes historical transactions and/or transaction receipts of historical transactions, it can be seen from the embodiment shown in Figure 3 that both historical transactions and transaction receipts of historical transactions are encrypted with the symmetric key used by the initiator of the historical transaction . Therefore, after obtaining the historical transaction and/or transaction receipt of the historical transaction, the symmetric key used by user A can be obtained first, and then the transaction receipt of the historical transaction and/or historical transaction can be decrypted by the symmetric key in the TEE . For the acquisition of the symmetric key used by the initiator, the symmetric key used to encrypt historical transactions (the symmetric key is encrypted by the public key used by user A) can be obtained first, and the public key used with user A can be used in the TEE The corresponding private key decrypts the symmetric key to obtain the decrypted symmetric key.
需要说明的是,当目标隐私数据为历史交易时,获取历史交易并解密历史交易的过程在执行步骤514时执行,即根据历史交易的hash值获取历史交易,并对历史交易进行解密得到历史交易的明文交易内容,从而读取历史交易的from字段和to字段。因此,在该情况下,当确定出查询权限为允许查询时,(无需再执行获取历史交易和解密历史交易的操作)直接获取解密后的历史交易供查询方查看即可。It should be noted that when the target privacy data is a historical transaction, the process of obtaining historical transactions and decrypting historical transactions is executed when step 514 is performed, that is, obtaining historical transactions according to the hash value of historical transactions, and decrypting historical transactions to obtain historical transactions The clear text transaction content of the transaction, so as to read the from field and to field of historical transactions. Therefore, in this case, when it is determined that the query permission is allowed to query, (no need to perform the operations of obtaining historical transactions and decrypting historical transactions) directly obtain the decrypted historical transactions for the querying party to view.
当目标隐私数据包括用户A的账户属性信息、业务合约的账户属性信息、业务合约的合约代码、业务合约的合约状态数据中至少之一时,可在TEE内通过区块链节点的特定对称密钥对这些隐私数据进行解密。When the target privacy data includes at least one of user A's account attribute information, business contract account attribute information, business contract contract code, business contract contract status data, the specific symmetric key of the blockchain node can be passed in the TEE Decrypt these private data.
例如,特定对称密钥可以是seal(Simple Encrypted Arithmetic Library)密钥,该seal密钥可在通过远程证明后由密钥管理服务器发送给区块链节点,或者可以是各个区块链节点之间协商得到,进而区块链节点使用该seal密钥对隐私数据进行加密和解密。当然,通过远程证明后由密钥管理服务器发送给区块链节点,或者各个区块链节点之间协商得到的对称密钥,可以并非上述的seal密钥,而是root密钥(根密钥),且上述的seal密钥可以为该root密钥的衍生密钥。例如,root密钥可以不可逆地依次衍生出若干版本的衍生密钥,且任意相邻的两个密钥之间由高版本密钥不可逆地衍生出低版本密钥,从而形成链式的密钥衍生结构。比如,如果需要衍生出版本号分别为0~255的256个版本的密钥,可以将root密钥与版本因子0xFF(十进制的取值为255,即需要生成的密钥的版本号;当然,也可以采用其他取值)进行哈希计算,得到版本号为255的密钥key-255;通过将密钥key-255与版本因子0xFE进行哈希计算,得到版本号为254的密钥key-254;……通过将密钥key-1与版本因子0x00进行哈希计算,得到版本号为0的密 钥key-0。由于哈希算法的特性,使得高版本密钥与低版本密钥之间的计算不可逆,比如可以由密钥key-1与版本因子0x00计算得到密钥key-0,但是不能够通过密钥key-0与版本因子0x00反推出密钥key-1。For example, the specific symmetric key can be a seal (Simple Encrypted Arithmetic Library) key, which can be sent to the blockchain node by the key management server after being remotely attested, or it can be between each blockchain node After negotiation, the blockchain node uses the seal key to encrypt and decrypt private data. Of course, after remote certification, the key management server sends the symmetric key to the blockchain node, or the symmetric key negotiated between the various blockchain nodes may not be the above-mentioned seal key, but the root key (root key). ), and the above-mentioned seal key may be a derived key of the root key. For example, the root key can irreversibly derive several versions of derived keys in turn, and any two adjacent keys can irreversibly derive a low version key from a higher version key, thereby forming a chained key Derivative structure. For example, if you need to derive 256 versions of keys with version numbers ranging from 0 to 255, you can use the root key and the version factor 0xFF (the decimal value is 255, that is, the version number of the key that needs to be generated; of course, You can also use other values) for hash calculation to obtain the key key-255 with the version number 255; by hashing the key key-255 and the version factor 0xFE, the key key- with the version number 254 is obtained. 254; ... By hashing the key key-1 and the version factor 0x00, the key key-0 with the version number of 0 is obtained. Due to the characteristics of the hash algorithm, the calculation between the high version key and the low version key is irreversible. For example, the key key-0 can be calculated from the key key-1 and the version factor 0x00, but the key cannot be passed through the key. -0 and version factor 0x00 deduces the key key-1.
那么,可以指定某一版本的衍生密钥,作为上述的seal密钥对隐私数据进行加密。进一步地,还可以对seal密钥进行版本更新,且基于上文所述的特性,应当从低版本密钥向高版本密钥进行更新,使得即便低版本密钥泄露后,也无法反推出高版本密钥,确保足够的数据安全性。Then, a certain version of the derived key can be designated as the above-mentioned seal key to encrypt private data. Further, the seal key can also be version updated, and based on the above-mentioned features, it should be updated from the lower version key to the higher version key, so that even if the lower version key is leaked, the higher version key cannot be reversed. Version key to ensure sufficient data security.
步骤530,区块链节点采用用户B的对称密钥对目标隐私数据进行加密。In step 530, the blockchain node uses the user B's symmetric key to encrypt the target private data.
步骤532,用户B查看目标隐私数据。Step 532: User B views the target privacy data.
在一实施例中,区块链节点在对目标隐私数据进行加密后,可生成包含该目标隐私数据的事件存储到区块链日志中,那么,用户B可使用客户端通过区块链的回调机制来获取该事件,从而查看目标隐私数据。而在获取到目标隐私数据后,用户B通过客户端采用自身使用的对称密钥对目标隐私数据进行解密即可得到明文内容的隐私数据。In one embodiment, after the blockchain node encrypts the target private data, it can generate an event containing the target private data and store it in the blockchain log. Then, user B can use the client to call back through the blockchain Mechanism to obtain the event, so as to view the target privacy data. After obtaining the target private data, user B uses the symmetric key used by the client to decrypt the target private data to obtain the private data of the plaintext content.
在另一实施例中,区块链节点在对目标隐私数据进行加密后,可直接向用户B使用的客户端返回加密后的目标隐私数据。同理,用户B通过客户端采用自身使用的对称密钥对目标隐私数据进行解密即可得到明文内容的隐私数据。In another embodiment, after the blockchain node encrypts the target private data, it can directly return the encrypted target private data to the client used by the user B. In the same way, user B uses the symmetric key used by the client to decrypt the target private data to obtain the private data of the plaintext content.
可见,通过本说明书隐私数据的查询方案,用户A无需向用户B分享自身使用的对称密钥,便可实现用户A与用户B之间隐私数据的分享,从而提高了安全性与便捷性。It can be seen that through the private data query scheme of this manual, user A does not need to share the symmetric key used by himself with user B, and can realize the sharing of private data between user A and user B, thereby improving security and convenience.
与上述方法实施例相对应,本说明书还提供了一种基于智能合约的隐私数据查询装置的实施例。Corresponding to the above method embodiment, this specification also provides an embodiment of a private data query device based on a smart contract.
本说明书的基于智能合约的隐私数据查询装置的实施例可以应用在电子设备上。装置实施例可以通过软件实现,也可以通过硬件或者软硬件结合的方式实现。以软件实现为例,作为一个逻辑意义上的装置,是通过其所在电子设备的处理器将非易失性存储器中对应的计算机程序指令读取到内存中运行形成的。The embodiment of the privacy data query device based on smart contract in this specification can be applied to electronic equipment. The device embodiments can be implemented by software, or can be implemented by hardware or a combination of software and hardware. Taking software implementation as an example, as a logical device, it is formed by reading the corresponding computer program instructions in the non-volatile memory into the memory through the processor of the electronic device where it is located.
从硬件层面而言,请参考图6,图6是一示例性实施例提供的一种设备的示意结构图。如图6所示,在硬件层面,该设备包括处理器602、内部总线604、网络接口606、内存608以及非易失性存储器610,当然还可能包括其他业务所需要的硬件。处理器602从非易失性存储器610中读取对应的计算机程序到内存608中然后运行,在逻辑层面上形成基于智能合约的隐私数据查询装置。当然,除了软件实现方式之外,本说明书一个 或多个实施例并不排除其他实现方式,比如逻辑器件抑或软硬件结合的方式等等,也就是说以下处理流程的执行主体并不限定于各个逻辑单元,也可以是硬件或逻辑器件。From a hardware perspective, please refer to FIG. 6, which is a schematic structural diagram of a device provided by an exemplary embodiment. As shown in FIG. 6, at the hardware level, the device includes a processor 602, an internal bus 604, a network interface 606, a memory 608, and a non-volatile memory 610. Of course, it may also include hardware required for other services. The processor 602 reads the corresponding computer program from the non-volatile memory 610 to the memory 608 and then runs it to form a smart contract-based privacy data query device at the logical level. Of course, in addition to the software implementation, one or more embodiments of this specification do not exclude other implementations, such as logic devices or a combination of software and hardware, etc. That is to say, the execution subject of the following processing flow is not limited to each The logic unit can also be a hardware or a logic device.
请参考图7,在软件实施方式中,该查询装置应用于区块链节点,可以包括以下单元。Please refer to FIG. 7. In the software implementation, the query device is applied to a blockchain node and may include the following units.
交易读取单元701,当接收到查询方发起的针对目标隐私数据的查询交易时,读取所述查询交易中包含的与所述目标隐私数据相关的历史交易的交易标识。The transaction reading unit 701, when receiving a query transaction for target private data initiated by the querying party, reads the transaction identifier of the historical transaction related to the target private data included in the query transaction.
合约确定单元702,根据所述交易标识获取所述历史交易,并基于所述历史交易确定所述历史交易调用的业务合约The contract determining unit 702 obtains the historical transaction according to the transaction identifier, and determines the business contract invoked by the historical transaction based on the historical transaction
权限查询单元703,执行所述业务合约中定义的权限控制代码,以确定所述查询方针对所述目标隐私数据的查询权限。The authority query unit 703 executes the authority control code defined in the business contract to determine the query authority of the query party for the target private data.
数据获取单元704,当确定出的查询权限为允许查询时,获取解密后的所述目标隐私数据以由所述查询方查看,所述目标隐私数据被读入可信执行环境进行解密。The data obtaining unit 704 obtains the decrypted target private data for viewing by the inquiring party when the determined query authority is allowed to query, and the target private data is read into the trusted execution environment for decryption.
可选的,当接收到的任一交易用于调用分发合约时,所述任一交易被作为所述查询交易;所述装置还包括:合约调用单元705,执行所述分发合约中定义的分发代码,以调用所述业务合约执行所述权限控制代码。Optionally, when any transaction received is used to invoke a distribution contract, the any transaction is regarded as the query transaction; the device further includes: a contract invocation unit 705, which executes the distribution defined in the distribution contract Code to call the business contract to execute the permission control code.
可选的,所述目标隐私数据包括以下至少之一:所述历史交易、对应于所述历史交易的交易收据、所述历史交易的发起方的账户属性信息、所述业务合约的账户属性信息、所述业务合约的合约代码、所述业务合约的合约状态数据。Optionally, the target privacy data includes at least one of the following: the historical transaction, a transaction receipt corresponding to the historical transaction, the account attribute information of the initiator of the historical transaction, and the account attribute information of the business contract , The contract code of the business contract, and the contract status data of the business contract.
可选的,所述目标隐私数据包括所述历史交易和/或所述交易收据;通过以下方式对所述目标隐私数据进行解密:获取所述发起方使用的对称密钥;在所述可信执行环境内通过所述对称密钥对所述目标隐私数据进行解密。Optionally, the target privacy data includes the historical transaction and/or the transaction receipt; the target privacy data is decrypted in the following manner: the symmetric key used by the initiator is obtained; The target private data is decrypted by the symmetric key in the execution environment.
可选的,所述数据获取单元704进一步用于:获取用于加密所述历史交易的对称密钥,所述对称密钥被所述发起方使用的公钥加密;在所述可信执行环境内通过与所述发起方使用的公钥对应的私钥,对所述对称密钥进行解密以得到解密后的对称密钥。Optionally, the data obtaining unit 704 is further configured to: obtain a symmetric key used to encrypt the historical transaction, the symmetric key being encrypted by the public key used by the initiator; in the trusted execution environment The private key corresponding to the public key used by the initiator is used to decrypt the symmetric key to obtain the decrypted symmetric key.
可选的,所述发起方使用的公钥由密钥管理服务器通过远程证明发送至所述发起方,所述区块链节点的可信执行环境由SGX架构建立,与所述公钥对应的私钥由所述密钥管理服务器通过远程证明发送至所述区块链节点的围圈。Optionally, the public key used by the initiator is sent to the initiator by the key management server through remote certification, and the trusted execution environment of the blockchain node is established by the SGX architecture, and corresponds to the public key The private key is sent to the circle of blockchain nodes by the key management server through remote certification.
可选的,所述目标隐私数据包括所述历史交易的发起方的账户属性信息、所述 业务合约的账户属性信息、所述业务合约的合约代码、所述业务合约的合约状态数据中至少之一;通过以下方式对所述目标隐私数据进行解密:Optionally, the target privacy data includes at least one of account attribute information of the initiator of the historical transaction, account attribute information of the business contract, contract code of the business contract, and contract status data of the business contract 1. Decrypt the target privacy data in the following ways:
在所述可信执行环境内通过所述区块链节点的特定对称密钥对所述目标隐私数据进行解密。The target private data is decrypted through the specific symmetric key of the blockchain node in the trusted execution environment.
可选的,所述区块链节点的可信执行环境由SGX架构建立,所述特定对称密钥在所述区块链节点的SGX架构通过远程证明后由密钥管理服务器发送,或者由所述区块链节点与其他区块链节点之间进行协商得到。Optionally, the trusted execution environment of the blockchain node is established by the SGX architecture, and the specific symmetric key is sent by the key management server after the SGX architecture of the blockchain node is remotely certified, or is It is obtained through negotiation between the blockchain node and other blockchain nodes.
可选的,所述权限查询单元703具体用于:执行所述业务合约中定义的权限控制代码,以根据所述查询方的身份信息确定所述查询方针对所述目标隐私数据的查询权限;或者,所述装置还包括:身份获取单元706,基于所述历史交易获取所述历史交易的发起方的身份信息;所述权限查询单元703具体用于:执行所述业务合约中定义的权限控制代码,以根据所述查询方的身份信息和所述发起方的身份信息确定所述查询方针对所述目标隐私数据的查询权限;或者,执行所述业务合约中定义的权限控制代码,以根据所述发起方的身份信息确定所述查询方针对所述目标隐私数据的查询权限。Optionally, the authority query unit 703 is specifically configured to execute the authority control code defined in the business contract to determine the query authority of the query party for the target private data according to the identity information of the query party; Alternatively, the device further includes: an identity obtaining unit 706, which obtains the identity information of the initiator of the historical transaction based on the historical transaction; the authority query unit 703 is specifically configured to: execute the authority control defined in the business contract Code to determine the query authority of the query party for the target private data according to the identity information of the query party and the identity information of the initiator; or, execute the authority control code defined in the business contract to The identity information of the initiator determines the query authority of the querying party for the target private data.
可选的,加密所述查询交易的对称密钥被所述查询方使用的公钥加密。Optionally, the symmetric key used to encrypt the query transaction is encrypted by the public key used by the query party.
在接收到所述查询交易后,所述装置还包括:交易解密单元707,在所述可信执行环境内通过与所述查询方使用的公钥对应的私钥对加密所述查询交易的对称密钥解密,通过解密得到的对称密钥对所述查询交易进行解密,以获取所述查询交易包含的交易内容;在对目标隐私数据进行解密后,所述装置还包括:数据加密单元708,通过所述查询方的对称密钥对解密后的目标隐私数据进行加密。After receiving the query transaction, the device further includes: a transaction decryption unit 707, which encrypts the symmetry of the query transaction in the trusted execution environment through a private key corresponding to the public key used by the query party Key decryption: decrypt the query transaction using the symmetric key obtained by decryption to obtain the transaction content contained in the query transaction; after decrypting the target private data, the device further includes: a data encryption unit 708, The decrypted target private data is encrypted by the symmetric key of the inquiring party.
可选的,还包括:隐私处理单元709,当确定出的查询权限为禁止查询时,生成用于表示所述查询方禁止查询所述目标隐私数据的合约收据以由所述查询方查看。Optionally, it further includes: a privacy processing unit 709, when the determined query authority is query prohibition, generate a contract receipt indicating that the query party prohibits querying the target private data for viewing by the query party.
上述实施例阐明的系统、装置、模块或单元,具体可以由计算机芯片或实体实现,或者由具有某种功能的产品来实现。一种典型的实现设备为计算机。具体的,计算机例如可以为个人计算机、膝上型计算机、蜂窝电话、相机电话、智能电话、个人数字助理、媒体播放器、导航设备、电子邮件设备、游戏控制台、平板计算机、可穿戴设备或者这些设备中的任何设备的组合。The systems, devices, modules, or units explained in the above embodiments may be implemented by computer chips or entities, or implemented by products with certain functions. A typical implementation device is a computer. Specifically, the computer may be, for example, a personal computer, a laptop computer, a cell phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or Any combination of these devices.
为了描述的方便,描述以上装置时以功能分为各种单元分别描述。当然,在实施本说明书时可以把各单元的功能在同一个或多个软件和/或硬件中实现。For the convenience of description, when describing the above device, the functions are divided into various units and described separately. Of course, when implementing this specification, the functions of each unit can be implemented in one or more software and/or hardware.
本领域内的技术人员应明白,本发明的实施例可提供为方法、系统、或计算机程序产品。因此,本发明可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art should understand that the embodiments of the present invention can be provided as a method, a system, or a computer program product. Therefore, the present invention may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, the present invention may adopt the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program codes.
本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention is described with reference to flowcharts and/or block diagrams of methods, devices (systems), and computer program products according to embodiments of the present invention. It should be understood that each process and/or block in the flowchart and/or block diagram, and the combination of processes and/or blocks in the flowchart and/or block diagram can be implemented by computer program instructions. These computer program instructions can be provided to the processor of a general-purpose computer, a special-purpose computer, an embedded processor, or other programmable data processing equipment to generate a machine, so that the instructions executed by the processor of the computer or other programmable data processing equipment are generated It is a device that realizes the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
本说明书可以在由计算机执行的计算机可执行指令的一般上下文中描述,例如程序模块。一般地,程序模块包括执行特定任务或实现特定抽象数据类型的例程、程序、对象、组件、数据结构等等。也可以在分布式计算环境中实践本说明书,在这些分布式计算环境中,由通过通信网络而被连接的远程处理设备来执行任务。在分布式计算环境中,程序模块可以位于包括存储设备在内的本地和远程计算机存储介质中。This specification may be described in the general context of computer-executable instructions executed by a computer, such as program modules. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform specific tasks or implement specific abstract data types. This specification can also be practiced in distributed computing environments. In these distributed computing environments, tasks are performed by remote processing devices connected through a communication network. In a distributed computing environment, program modules can be located in local and remote computer storage media including storage devices.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions can also be stored in a computer-readable memory that can guide a computer or other programmable data processing equipment to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction device. The device implements the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。在一个典型的配置中,计算机包括一个或多个处理器(CPU)、输入/输出接口、网络接口和内存。These computer program instructions can also be loaded on a computer or other programmable data processing equipment, so that a series of operation steps are executed on the computer or other programmable equipment to produce computer-implemented processing, so as to execute on the computer or other programmable equipment. The instructions provide steps for implementing the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram. In a typical configuration, the computer includes one or more processors (CPU), input/output interfaces, network interfaces, and memory.
内存可能包括计算机可读介质中的非永久性存储器,随机存取存储器(RAM)和/或非易失性内存等形式,如只读存储器(ROM)或闪存(flash RAM)。内存是计算机可读介质的示例。The memory may include non-permanent memory in a computer-readable medium, random access memory (RAM) and/or non-volatile memory, such as read-only memory (ROM) or flash memory (flash RAM). Memory is an example of computer readable media.
计算机可读介质包括永久性和非永久性、可移动和非可移动媒体可以由任何方法或技术来实现信息存储。信息可以是计算机可读指令、数据结构、程序的模块或其他数据。计算机的存储介质的例子包括,但不限于相变内存(PRAM)、静态随机存取存储器(SRAM)、动态随机存取存储器(DRAM)、其他类型的随机存取存储器(RAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、快闪记忆体或其他内存技术、只读光盘只读存储器(CD-ROM)、数字多功能光盘(DVD)或其他光学存储、磁盒式磁带、磁盘存储、量子存储器、基于石墨烯的存储介质或其他磁性存储设备或任何其他非传输介质,可用于存储可以被计算设备访问的信息。按照本文中的界定,计算机可读介质不包括暂存电脑可读媒体(transitory media),如调制的数据信号和载波。Computer-readable media include permanent and non-permanent, removable and non-removable media, and information storage can be realized by any method or technology. The information can be computer-readable instructions, data structures, program modules, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technology, CD-ROM, digital versatile disc (DVD) or other optical storage, Magnetic cassettes, disk storage, quantum memory, graphene-based storage media or other magnetic storage devices or any other non-transmission media can be used to store information that can be accessed by computing devices. According to the definition in this article, computer-readable media does not include transitory media, such as modulated data signals and carrier waves.
还需要说明的是,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、商品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、商品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素的过程、方法、商品或者设备中还存在另外的相同要素。It should also be noted that the terms "include", "include" or any other variants thereof are intended to cover non-exclusive inclusion, so that a process, method, commodity or equipment including a series of elements not only includes those elements, but also includes Other elements that are not explicitly listed, or they also include elements inherent to such processes, methods, commodities, or equipment. If there are no more restrictions, the element defined by the sentence "including a..." does not exclude the existence of other identical elements in the process, method, commodity, or equipment that includes the element.
上述对本说明书特定实施例进行了描述。其它实施例在所附权利要求书的范围内。在一些情况下,在权利要求书中记载的动作或步骤可以按照不同于实施例中的顺序来执行并且仍然可以实现期望的结果。另外,在附图中描绘的过程不一定要求示出的特定顺序或者连续顺序才能实现期望的结果。在某些实施方式中,多任务处理和并行处理也是可以的或者可能是有利的。The foregoing describes specific embodiments of this specification. Other embodiments are within the scope of the appended claims. In some cases, the actions or steps described in the claims may be performed in a different order than in the embodiments and still achieve desired results. In addition, the processes depicted in the drawings do not necessarily require the specific order or sequential order shown in order to achieve the desired results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
在本说明书一个或多个实施例使用的术语是仅仅出于描述特定实施例的目的,而非旨在限制本说明书一个或多个实施例。在本说明书一个或多个实施例和所附权利要求书中所使用的单数形式的“一种”、“所述”和“该”也旨在包括多数形式,除非上下文清楚地表示其他含义。还应当理解,本文中使用的术语“和/或”是指并包含一个或多个相关联的列出项目的任何或所有可能组合。The terms used in one or more embodiments of this specification are only for the purpose of describing specific embodiments, and are not intended to limit one or more embodiments of this specification. The singular forms "a", "said" and "the" used in one or more embodiments of this specification and the appended claims are also intended to include plural forms, unless the context clearly indicates other meanings. It should also be understood that the term "and/or" as used herein refers to and includes any or all possible combinations of one or more associated listed items.
应当理解,尽管在本说明书一个或多个实施例可能采用术语第一、第二、第三等来描述各种信息,但这些信息不应限于这些术语。这些术语仅用来将同一类型的信息彼此区分开。例如,在不脱离本说明书一个或多个实施例范围的情况下,第一信息也可以被称为第二信息,类似地,第二信息也可以被称为第一信息。取决于语境,如在此所使用的词语“如果”可以被解释成为“在……时”或“当……时”或“响应于确定”。It should be understood that, although the terms first, second, third, etc. may be used to describe various information in one or more embodiments of this specification, the information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other. For example, without departing from the scope of one or more embodiments of this specification, the first information may also be referred to as second information, and similarly, the second information may also be referred to as first information. Depending on the context, the word "if" as used herein can be interpreted as "when" or "when" or "in response to determination".
以上所述仅为本说明书一个或多个实施例的较佳实施例而已,并不用以限制本 说明书一个或多个实施例,凡在本说明书一个或多个实施例的精神和原则之内,所做的任何修改、等同替换、改进等,均应包含在本说明书一个或多个实施例保护的范围之内。The foregoing descriptions are only preferred embodiments of one or more embodiments of this specification, and are not intended to limit one or more embodiments of this specification. All within the spirit and principle of one or more embodiments of this specification, Any modification, equivalent replacement, improvement, etc. made should be included in the protection scope of one or more embodiments of this specification.

Claims (24)

  1. 一种基于智能合约的隐私数据查询方法,应用于区块链节点,所述方法包括:A method for querying private data based on smart contracts, applied to a blockchain node, and the method includes:
    当接收到查询方发起的针对目标隐私数据的查询交易时,读取所述查询交易中包含的与所述目标隐私数据相关的历史交易的交易标识;When receiving a query transaction for target privacy data initiated by the querying party, read the transaction identifier of the historical transaction related to the target privacy data contained in the query transaction;
    根据所述交易标识获取所述历史交易,并基于所述历史交易确定所述历史交易调用的业务合约;Acquiring the historical transaction according to the transaction identifier, and determining the business contract invoked by the historical transaction based on the historical transaction;
    执行所述业务合约中定义的权限控制代码,以确定所述查询方针对所述目标隐私数据的查询权限;Execute the authority control code defined in the business contract to determine the query authority of the query party for the target private data;
    当确定出的查询权限为允许查询时,获取解密后的所述目标隐私数据以由所述查询方查看,所述目标隐私数据被读入可信执行环境进行解密。When the determined query authority is query permission, the decrypted target private data is obtained for viewing by the querying party, and the target private data is read into a trusted execution environment for decryption.
  2. 根据权利要求1所述的方法,当接收到的任一交易用于调用分发合约时,所述任一交易被作为所述查询交易;所述方法还包括:The method according to claim 1, when any transaction received is used to invoke a distribution contract, the any transaction is regarded as the query transaction; the method further comprises:
    执行所述分发合约中定义的分发代码,以调用所述业务合约执行所述权限控制代码。Execute the distribution code defined in the distribution contract to call the business contract to execute the permission control code.
  3. 根据权利要求1所述的方法,所述目标隐私数据包括以下至少之一:The method according to claim 1, wherein the target privacy data includes at least one of the following:
    所述历史交易、对应于所述历史交易的交易收据、所述历史交易的发起方的账户属性信息、所述业务合约的账户属性信息、所述业务合约的合约代码、所述业务合约的合约状态数据。The historical transaction, the transaction receipt corresponding to the historical transaction, the account attribute information of the initiator of the historical transaction, the account attribute information of the business contract, the contract code of the business contract, the contract of the business contract Status data.
  4. 根据权利要求3所述的方法,所述目标隐私数据包括所述历史交易和/或所述交易收据;通过以下方式对所述目标隐私数据进行解密:The method according to claim 3, wherein the target private data includes the historical transaction and/or the transaction receipt; the target private data is decrypted in the following manner:
    获取所述发起方使用的对称密钥;Acquiring the symmetric key used by the initiator;
    在所述可信执行环境内通过所述对称密钥对所述目标隐私数据进行解密。The target private data is decrypted through the symmetric key in the trusted execution environment.
  5. 根据权利要求4所述的方法,所述获取所述发起方使用的对称密钥,包括:The method according to claim 4, said obtaining the symmetric key used by the initiator comprises:
    获取用于加密所述历史交易的对称密钥,所述对称密钥被所述发起方使用的公钥加密;Obtaining a symmetric key used to encrypt the historical transaction, the symmetric key being encrypted by the public key used by the initiator;
    在所述可信执行环境内通过与所述发起方使用的公钥对应的私钥,对所述对称密钥进行解密以得到解密后的对称密钥。In the trusted execution environment, the symmetric key is decrypted by the private key corresponding to the public key used by the initiator to obtain the decrypted symmetric key.
  6. 根据权利要求5所述的方法,所述发起方使用的公钥由密钥管理服务器通过远程证明发送至所述发起方,所述区块链节点的可信执行环境由SGX架构建立,与所述公钥对应的私钥由所述密钥管理服务器通过远程证明发送至所述区块链节点的围圈。According to the method of claim 5, the public key used by the initiator is sent to the initiator by the key management server through remote certification, and the trusted execution environment of the blockchain node is established by the SGX architecture, and The private key corresponding to the public key is sent to the circle of blockchain nodes by the key management server through remote certification.
  7. 根据权利要求1所述的方法,所述目标隐私数据包括所述历史交易的发起方的账户属性信息、所述业务合约的账户属性信息、所述业务合约的合约代码、所述业务合 约的合约状态数据中至少之一;通过以下方式对所述目标隐私数据进行解密:The method according to claim 1, wherein the target privacy data includes account attribute information of the initiator of the historical transaction, account attribute information of the business contract, contract code of the business contract, and contract of the business contract At least one of the status data; decrypt the target private data in the following manner:
    在所述可信执行环境内通过所述区块链节点的特定对称密钥对所述目标隐私数据进行解密。The target private data is decrypted through the specific symmetric key of the blockchain node in the trusted execution environment.
  8. 根据权利要求7所述的方法,所述区块链节点的可信执行环境由SGX架构建立,所述特定对称密钥在所述区块链节点的SGX架构通过远程证明后由密钥管理服务器发送,或者由所述区块链节点与其他区块链节点之间进行协商得到。According to the method of claim 7, the trusted execution environment of the blockchain node is established by the SGX architecture, and the specific symmetric key is certified by the key management server after the SGX architecture of the blockchain node is remotely certified Sent, or negotiated between the blockchain node and other blockchain nodes.
  9. 根据权利要求1所述的方法,According to the method of claim 1,
    所述执行所述业务合约中定义的权限控制代码,以确定所述查询方针对所述目标隐私数据的查询权限,包括:执行所述业务合约中定义的权限控制代码,以根据所述查询方的身份信息确定所述查询方针对所述目标隐私数据的查询权限;The executing the authority control code defined in the business contract to determine the query authority for the target private data of the query party includes: executing the authority control code defined in the business contract to determine the authority control code defined in the business contract according to the query party The identity information of determines the query authority of the querying party for the target private data;
    或者,所述方法还包括:基于所述历史交易获取所述历史交易的发起方的身份信息;所述执行所述业务合约中定义的权限控制代码,以确定所述查询方针对所述目标隐私数据的查询权限,包括:执行所述业务合约中定义的权限控制代码,以根据所述查询方的身份信息和所述发起方的身份信息确定所述查询方针对所述目标隐私数据的查询权限;或者,执行所述业务合约中定义的权限控制代码,以根据所述发起方的身份信息确定所述查询方针对所述目标隐私数据的查询权限。Alternatively, the method further includes: obtaining the identity information of the initiator of the historical transaction based on the historical transaction; and executing the authority control code defined in the business contract to determine that the inquiring party is directed to the target privacy The data query authority includes: executing the authority control code defined in the business contract to determine the query authority of the query party for the target private data according to the identity information of the query party and the identity information of the initiator Or, execute the authority control code defined in the business contract to determine the query authority of the query party for the target private data according to the identity information of the initiator.
  10. 根据权利要求1所述的方法,加密所述查询交易的对称密钥被所述查询方使用的公钥加密;The method according to claim 1, wherein the symmetric key used to encrypt the query transaction is encrypted by the public key used by the query party;
    在接收到所述查询交易后,所述方法还包括:在所述可信执行环境内通过与所述查询方使用的公钥对应的私钥对加密所述查询交易的对称密钥解密,通过解密得到的对称密钥对所述查询交易进行解密,以获取所述查询交易包含的交易内容;After receiving the query transaction, the method further includes: decrypting the symmetric key that encrypts the query transaction by using a private key corresponding to the public key used by the query party in the trusted execution environment, and The decrypted symmetric key decrypts the query transaction to obtain the transaction content included in the query transaction;
    在对目标隐私数据进行解密后,所述方法还包括:通过所述查询方的对称密钥对解密后的目标隐私数据进行加密。After decrypting the target private data, the method further includes: encrypting the decrypted target private data with the symmetric key of the querying party.
  11. 根据权利要求1所述的方法,还包括:The method according to claim 1, further comprising:
    当确定出的查询权限为禁止查询时,生成用于表示所述查询方禁止查询所述目标隐私数据的合约收据以由所述查询方查看。When the determined query authority is query prohibition, a contract receipt indicating that the query party prohibits the query of the target private data is generated to be viewed by the query party.
  12. 一种基于智能合约的隐私数据查询装置,应用于区块链节点,所述装置包括:A privacy data query device based on smart contract, applied to a blockchain node, and the device includes:
    交易读取单元,当接收到查询方发起的针对目标隐私数据的查询交易时,读取所述查询交易中包含的与所述目标隐私数据相关的历史交易的交易标识;The transaction reading unit, when receiving a query transaction for target privacy data initiated by the querying party, reads the transaction identifier of the historical transaction related to the target privacy data contained in the query transaction;
    合约确定单元,根据所述交易标识获取所述历史交易,并基于所述历史交易确定所述历史交易调用的业务合约;A contract determining unit, acquiring the historical transaction according to the transaction identifier, and determining the business contract invoked by the historical transaction based on the historical transaction;
    权限查询单元,执行所述业务合约中定义的权限控制代码,以确定所述查询方针对所述目标隐私数据的查询权限;An authority query unit, which executes the authority control code defined in the business contract to determine the query authority of the query party for the target private data;
    数据获取单元,当确定出的查询权限为允许查询时,获取解密后的所述目标隐私数据以由所述查询方查看,所述目标隐私数据被读入可信执行环境进行解密。The data obtaining unit obtains the decrypted target private data for viewing by the inquiring party when the determined query authority is allowed to query, and the target private data is read into a trusted execution environment for decryption.
  13. 根据权利要求12所述的装置,当接收到的任一交易用于调用分发合约时,所述任一交易被作为所述查询交易;所述装置还包括:The device according to claim 12, when any transaction received is used to invoke a distribution contract, the any transaction is regarded as the query transaction; the device further comprises:
    合约调用单元,执行所述分发合约中定义的分发代码,以调用所述业务合约执行所述权限控制代码。The contract calling unit executes the distribution code defined in the distribution contract to call the business contract to execute the permission control code.
  14. 根据权利要求12所述的装置,所述目标隐私数据包括以下至少之一:The device according to claim 12, the target privacy data includes at least one of the following:
    所述历史交易、对应于所述历史交易的交易收据、所述历史交易的发起方的账户属性信息、所述业务合约的账户属性信息、所述业务合约的合约代码、所述业务合约的合约状态数据。The historical transaction, the transaction receipt corresponding to the historical transaction, the account attribute information of the initiator of the historical transaction, the account attribute information of the business contract, the contract code of the business contract, the contract of the business contract Status data.
  15. 根据权利要求14所述的装置,所述目标隐私数据包括所述历史交易和/或所述交易收据;通过以下方式对所述目标隐私数据进行解密:The device according to claim 14, wherein the target privacy data includes the historical transaction and/or the transaction receipt; the target privacy data is decrypted in the following manner:
    获取所述发起方使用的对称密钥;Acquiring the symmetric key used by the initiator;
    在所述可信执行环境内通过所述对称密钥对所述目标隐私数据进行解密。The target private data is decrypted through the symmetric key in the trusted execution environment.
  16. 根据权利要求15所述的装置,通过以下方式获取所述发起方使用的对称密钥:The device according to claim 15, obtaining the symmetric key used by the initiator in the following manner:
    获取用于加密所述历史交易的对称密钥,所述对称密钥被所述发起方使用的公钥加密;Obtaining a symmetric key used to encrypt the historical transaction, the symmetric key being encrypted by the public key used by the initiator;
    在所述可信执行环境内通过与所述发起方使用的公钥对应的私钥,对所述对称密钥进行解密以得到解密后的对称密钥。In the trusted execution environment, the symmetric key is decrypted by the private key corresponding to the public key used by the initiator to obtain the decrypted symmetric key.
  17. 根据权利要求16所述的装置,所述发起方使用的公钥由密钥管理服务器通过远程证明发送至所述发起方,所述区块链节点的可信执行环境由SGX架构建立,与所述公钥对应的私钥由所述密钥管理服务器通过远程证明发送至所述区块链节点的围圈。The device according to claim 16, wherein the public key used by the initiator is sent to the initiator by the key management server through remote certification, and the trusted execution environment of the blockchain node is established by the SGX architecture, and is The private key corresponding to the public key is sent to the circle of blockchain nodes by the key management server through remote certification.
  18. 根据权利要求12所述的装置,所述目标隐私数据包括所述历史交易的发起方的账户属性信息、所述业务合约的账户属性信息、所述业务合约的合约代码、所述业务合约的合约状态数据中至少之一;通过以下方式对所述目标隐私数据进行解密:The device according to claim 12, wherein the target privacy data includes account attribute information of the initiator of the historical transaction, account attribute information of the business contract, contract code of the business contract, and contract of the business contract At least one of the status data; decrypt the target private data in the following manner:
    在所述可信执行环境内通过所述区块链节点的特定对称密钥对所述目标隐私数据进行解密。The target private data is decrypted through the specific symmetric key of the blockchain node in the trusted execution environment.
  19. 根据权利要求18所述的装置,所述区块链节点的可信执行环境由SGX架构建立,所述特定对称密钥在所述区块链节点的SGX架构通过远程证明后由密钥管理服务 器发送,或者由所述区块链节点与其他区块链节点之间进行协商得到。The device according to claim 18, wherein the trusted execution environment of the blockchain node is established by the SGX architecture, and the specific symmetric key is certified by the key management server after the SGX architecture of the blockchain node is remotely certified Sent, or negotiated between the blockchain node and other blockchain nodes.
  20. 根据权利要求12所述的装置,The device according to claim 12,
    所述权限查询单元具体用于:执行所述业务合约中定义的权限控制代码,以根据所述查询方的身份信息确定所述查询方针对所述目标隐私数据的查询权限;The authority query unit is specifically configured to execute the authority control code defined in the business contract to determine the query authority of the query party for the target private data according to the identity information of the query party;
    或者,所述装置还包括:身份获取单元,基于所述历史交易获取所述历史交易的发起方的身份信息;所述权限查询单元具体用于:执行所述业务合约中定义的权限控制代码,以根据所述查询方的身份信息和所述发起方的身份信息确定所述查询方针对所述目标隐私数据的查询权限;或者,执行所述业务合约中定义的权限控制代码,以根据所述发起方的身份信息确定所述查询方针对所述目标隐私数据的查询权限。Alternatively, the device further includes: an identity obtaining unit, which obtains the identity information of the initiator of the historical transaction based on the historical transaction; the authority query unit is specifically configured to execute the authority control code defined in the business contract, To determine the query authority of the query party for the target private data according to the identity information of the query party and the identity information of the initiator; or execute the authority control code defined in the business contract to The identity information of the initiator determines the query authority of the querying party for the target private data.
  21. 根据权利要求12所述的装置,加密所述查询交易的对称密钥被所述查询方使用的公钥加密;The device according to claim 12, wherein the symmetric key used to encrypt the query transaction is encrypted by the public key used by the query party;
    在接收到所述查询交易后,所述装置还包括:交易解密单元,在所述可信执行环境内通过与所述查询方使用的公钥对应的私钥对加密所述查询交易的对称密钥解密,通过解密得到的对称密钥对所述查询交易进行解密,以获取所述查询交易包含的交易内容;After receiving the query transaction, the device further includes: a transaction decryption unit, which encrypts the symmetric secret of the query transaction through a private key corresponding to the public key used by the query party in the trusted execution environment Key decryption, decrypt the query transaction using the symmetric key obtained by decryption, to obtain the transaction content contained in the query transaction;
    在对目标隐私数据进行解密后,所述装置还包括:数据加密单元,通过所述查询方的对称密钥对解密后的目标隐私数据进行加密。After decrypting the target private data, the device further includes: a data encryption unit, which encrypts the decrypted target private data by the symmetric key of the querying party.
  22. 根据权利要求12所述的装置,还包括:The device according to claim 12, further comprising:
    隐私处理单元,当确定出的查询权限为禁止查询时,生成用于表示所述查询方禁止查询所述目标隐私数据的合约收据以由所述查询方查看。The privacy processing unit, when the determined query authority is query prohibition, generates a contract receipt indicating that the query party prohibits querying the target private data for viewing by the query party.
  23. 一种电子设备,包括:An electronic device including:
    处理器;processor;
    用于存储处理器可执行指令的存储器;A memory for storing processor executable instructions;
    其中,所述处理器通过运行所述可执行指令以实现如权利要求1-11中任一项所述的方法。Wherein, the processor implements the method according to any one of claims 1-11 by running the executable instruction.
  24. 一种计算机可读存储介质,其上存储有计算机指令,该指令被处理器执行时实现如权利要求1-11中任一项所述方法的步骤。A computer-readable storage medium having computer instructions stored thereon, which, when executed by a processor, implements the steps of the method according to any one of claims 1-11.
PCT/CN2020/116990 2019-11-08 2020-09-23 Smart contract based privacy data query method and apparatus WO2021088548A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201911085008.1A CN110580262B (en) 2019-11-08 2019-11-08 Private data query method and device based on intelligent contract
CN201911085008.1 2019-11-08

Publications (1)

Publication Number Publication Date
WO2021088548A1 true WO2021088548A1 (en) 2021-05-14

Family

ID=68815523

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/116990 WO2021088548A1 (en) 2019-11-08 2020-09-23 Smart contract based privacy data query method and apparatus

Country Status (2)

Country Link
CN (1) CN110580262B (en)
WO (1) WO2021088548A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113536379A (en) * 2021-07-19 2021-10-22 建信金融科技有限责任公司 Private data query method and device and electronic equipment

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110009498A (en) * 2019-03-29 2019-07-12 阿里巴巴集团控股有限公司 Resource allocation methods and device based on block chain
CN110580262B (en) * 2019-11-08 2020-03-10 支付宝(杭州)信息技术有限公司 Private data query method and device based on intelligent contract
CN111047443B (en) * 2019-11-29 2021-01-12 支付宝(杭州)信息技术有限公司 User scoring method and device, electronic equipment and computer readable storage medium
CN111127150B (en) * 2019-12-23 2022-10-21 卓尔智联(武汉)研究院有限公司 Intelligent contract demand matching method and device based on block chain and computer equipment
CN111400756A (en) * 2020-03-13 2020-07-10 杭州复杂美科技有限公司 Private data uplink method, device and storage medium
CN111090888B (en) * 2020-03-18 2020-07-07 支付宝(杭州)信息技术有限公司 Contract verification method and device
CN111597584B (en) * 2020-05-26 2023-12-19 牛津(海南)区块链研究院有限公司 Privacy protection and data sharing method, device and equipment based on blockchain
CN113015973B (en) * 2020-06-17 2023-08-11 达闼机器人股份有限公司 Data processing method, storage medium, electronic device and data transaction system
ES2808412A1 (en) * 2020-07-28 2021-02-26 Rodriguez Abril Ruben Procedure for creating and transmitting exchange documents using DLT technology (Machine-translation by Google Translate, not legally binding)
CN111737323B (en) * 2020-08-14 2021-03-16 支付宝(杭州)信息技术有限公司 Information query method and device based on block chain and electronic equipment
CN112651049B (en) * 2021-01-04 2021-10-12 上海尚象信息科技有限公司 Privacy data sharing method and system based on block chain
CN113114476B (en) * 2021-06-15 2021-11-16 支付宝(杭州)信息技术有限公司 Privacy evidence storing method and device based on contract
CN113312650B (en) * 2021-06-23 2023-07-04 中国农业银行股份有限公司 Transaction log privacy protection method and device
CN113449014B (en) * 2021-06-28 2022-10-14 电子科技大学 Selective cloud data query system based on block chain
CN113254163B (en) * 2021-07-06 2021-11-09 支付宝(杭州)信息技术有限公司 Processing method and device of block chain data
CN113609156B (en) * 2021-08-02 2023-12-12 北京百度网讯科技有限公司 Data query and write method and device, electronic equipment and readable storage medium
CN114363013B (en) * 2021-12-15 2024-04-26 武汉大学 Supervision-friendly blockchain content privacy protection system, message sending and query method

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018205137A1 (en) * 2017-05-09 2018-11-15 Accenture Global Solutions Limited Data storage layer index for efficient information retrieval
CN109523385A (en) * 2018-12-07 2019-03-26 深圳市智税链科技有限公司 Method, accounting nodes and the medium of Transaction Information are inquired in block chain network
CN110008735A (en) * 2019-01-31 2019-07-12 阿里巴巴集团控股有限公司 The method and node, storage medium that contract calls are realized in block chain
CN110060162A (en) * 2019-03-29 2019-07-26 阿里巴巴集团控股有限公司 Data grant, querying method and device based on block chain
CN110580262A (en) * 2019-11-08 2019-12-17 支付宝(杭州)信息技术有限公司 Private data query method and device based on intelligent contract

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018205137A1 (en) * 2017-05-09 2018-11-15 Accenture Global Solutions Limited Data storage layer index for efficient information retrieval
CN109523385A (en) * 2018-12-07 2019-03-26 深圳市智税链科技有限公司 Method, accounting nodes and the medium of Transaction Information are inquired in block chain network
CN110008735A (en) * 2019-01-31 2019-07-12 阿里巴巴集团控股有限公司 The method and node, storage medium that contract calls are realized in block chain
CN110060162A (en) * 2019-03-29 2019-07-26 阿里巴巴集团控股有限公司 Data grant, querying method and device based on block chain
CN110580262A (en) * 2019-11-08 2019-12-17 支付宝(杭州)信息技术有限公司 Private data query method and device based on intelligent contract

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113536379A (en) * 2021-07-19 2021-10-22 建信金融科技有限责任公司 Private data query method and device and electronic equipment

Also Published As

Publication number Publication date
CN110580262A (en) 2019-12-17
CN110580262B (en) 2020-03-10

Similar Documents

Publication Publication Date Title
WO2021088548A1 (en) Smart contract based privacy data query method and apparatus
WO2021088547A1 (en) Blockchain-based account private data query method and apparatus
WO2021088546A1 (en) Blockchain account-based privacy data query method and device
WO2021088536A1 (en) Off-chain authorization-based private data query method and apparatus
WO2021179743A1 (en) Method and apparatus for querying account privacy information in blockchain
WO2021082664A1 (en) Blockchain privacy data query method and apparatus
WO2020238255A1 (en) Smart contract management method and apparatus based on blockchain, and electronic device
WO2021088549A1 (en) Permission query configuration method and apparatus based on chain code
WO2021103794A1 (en) Method for realizing highly efficient privacy-preserving transaction in blockchain, and device
WO2021088533A1 (en) Method and device for sharing private data
WO2021088535A1 (en) Smart contract-based private data query method and device
WO2021088543A1 (en) Smart contract-based permission query configuration method and apparatus
WO2020233631A1 (en) Transaction type-based receipt storage method and node
WO2020233623A1 (en) Receipt storage method and node combining transaction type and judgment condition
WO2020233626A1 (en) Receipt storage method and node in combination with conditional limitation of transaction and user types
WO2020233635A1 (en) Receipt storage method combining conditional restrictions of multiple types of dimensions and node
WO2020233630A1 (en) User type-based receipt storing method and node
WO2020233619A1 (en) Receipt storage method and node in combination with user type and transaction type
WO2020233628A1 (en) Receipt storage method and node based on combination of event function type and judgment condition
WO2020233625A1 (en) Receipt storage method combining user type and determination conditions and node
WO2020233624A1 (en) Receipt storage method and node employing transaction type in combination with event function type
WO2020238955A1 (en) Method and apparatus for performing dynamic encryption on basis of transaction offset
WO2020233633A1 (en) Receipt storage method and node based on determination condition
WO2020233634A1 (en) Method and node for receipt storage combining transaction and event type condition restrictions

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20884933

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20884933

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 20884933

Country of ref document: EP

Kind code of ref document: A1

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 09.01.2023)

122 Ep: pct application non-entry in european phase

Ref document number: 20884933

Country of ref document: EP

Kind code of ref document: A1