WO2021134897A1 - Blockchain supply chain transaction hidden dynamic supervision system and method - Google Patents

Blockchain supply chain transaction hidden dynamic supervision system and method Download PDF

Info

Publication number
WO2021134897A1
WO2021134897A1 PCT/CN2020/077624 CN2020077624W WO2021134897A1 WO 2021134897 A1 WO2021134897 A1 WO 2021134897A1 CN 2020077624 W CN2020077624 W CN 2020077624W WO 2021134897 A1 WO2021134897 A1 WO 2021134897A1
Authority
WO
WIPO (PCT)
Prior art keywords
parameter
signature
node device
candidate
utxo
Prior art date
Application number
PCT/CN2020/077624
Other languages
French (fr)
Chinese (zh)
Inventor
辛佳骏
张骁
来鑫
Original Assignee
深圳市网心科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市网心科技有限公司 filed Critical 深圳市网心科技有限公司
Publication of WO2021134897A1 publication Critical patent/WO2021134897A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Definitions

  • the present invention relates to the technical field of block chains, in particular to a dynamic supervision system and method for block chain supply chain transaction hiding.
  • the existing blockchain supply chain system connects core enterprise node equipment, supplier node equipment, factor node equipment, and bank node equipment through the blockchain.
  • core enterprise node equipment, supplier node equipment, factorer node equipment, and bank node equipment are used as blockchain nodes to join the blockchain supply chain system, they need to be authorized to join, and there is a certain degree of trust between the blockchain nodes Basically, the credibility of the data is enhanced by the way of transaction data on the chain such as accounts receivable, bill vouchers, and mortgage goods vouchers.
  • the main purpose of the present invention is to provide a block chain supply chain transaction hidden dynamic supervision system and method, which aims to solve the technical problem of privacy leakage and no supervision caused by the clear text of transaction data in the block chain supply chain.
  • the first aspect of the present invention provides a blockchain supply chain transaction hidden dynamic supervision system, the system includes:
  • the supervisory authority node device is used to send multiple signature parameters when receiving a signature parameter application from the core enterprise node device;
  • the core enterprise node device is used to use Pedersen's commitment to encrypt the payables promised by the core enterprise to the first-tier supplier to obtain confidential transactions; use Bulletproof range certification to calculate the certification parameters based on the multiple signature parameters and the generated random numbers; Sign the confidential transaction and the certification parameters and upload the signed transaction data to the blockchain supply chain platform;
  • a first-level supplier node device configured to use the blockchain supply chain platform to receive the transaction data, decrypt it, and output it to the first-level supplier;
  • the regulatory agency node device is also used to obtain the transaction data from the blockchain supply chain platform; obtain confidential transactions and certification parameters in the transaction data, and determine the confidential transaction based on the certification parameters Payables in to achieve the supervision of said payables;
  • the blockchain supply chain platform is used to store the transaction data; verify the correctness of the transaction data and the legitimacy of the signature of the regulatory agency node device.
  • the multiple signature parameters include a first signature parameter, a second signature parameter, and a third signature parameter, and the random number includes a first random number and a second random number;
  • Pedersen's commitment to encrypt the payables promised by the core enterprise to the first-tier suppliers to obtain confidential transactions includes:
  • the core enterprise node equipment uses the Bulletproof range to prove that the calculation proof parameters based on the multiple signature parameters and the generated random numbers include:
  • the target certification parameter is calculated based on the first calculation number and the second signature parameter.
  • the calculating target certification parameters based on the first calculation number and the second signature parameter includes:
  • the target certification parameter is calculated based on the first calculation number, the second signature parameter, the first public parameter, and the second public parameter.
  • sending multiple signature parameters includes:
  • first candidate parameter Generate a first candidate parameter, a second candidate parameter, and a third candidate parameter; sign the first candidate parameter to obtain a first signature parameter, sign the second candidate parameter to obtain a second signature parameter, and perform a signature on the first candidate parameter; Signing the three candidate parameters to obtain the third signature parameter; when receiving the signature parameter application of the core enterprise node device, send the first signature parameter, the second signature parameter, and the third signature parameter; or
  • the first-level supplier node device is further configured to:
  • the first-level supplier node device or the other blockchain entity node device is also used to pay the core enterprise node device to the core enterprise node device when the payable is due
  • the UTXO held is invalidated and signed or returned to the core enterprise node device.
  • system further includes:
  • At least one risk assessment agency node device used to read transaction data stored on the blockchain supply chain platform, use a pre-trained risk assessment model to perform risk assessment on the transaction data, and send the risk assessment result to The other blockchain entity node devices.
  • the second aspect of the present invention provides a dynamic supervision method for block chain supply chain transaction hiding, and the method includes:
  • the supervisory authority node device When the supervisory authority node device receives the signature parameter request of the core enterprise node device, sending the first signature parameter, the second signature parameter, and the third signature parameter to the core enterprise node device;
  • the core enterprise node device uses Pedersen's commitment to encrypt the payables promised by the core enterprise to the primary supplier to obtain confidential transactions;
  • the core enterprise node device uses the Bulletproof range certificate to calculate the proof parameter based on the multiple signature parameters and the generated random number;
  • the core enterprise node device signs the confidential transaction and the certification parameters and uploads the signed transaction data to the blockchain supply chain platform;
  • the first-level supplier node device uses the blockchain supply chain platform to receive the transaction data, decrypt it, and output it to the first-level supplier;
  • the regulatory agency node device obtains the transaction data from the blockchain supply chain platform; obtains the confidential transaction and certification parameters in the transaction data, and determines the payable in the confidential transaction based on the certification parameters In order to achieve the supervision of the said payables.
  • the supervisory authority node device when the supervisory authority node device receives the signature parameter request of the core enterprise node device, it sends the first signature parameter, the second signature parameter, and the third signature parameter to the core enterprise node device include:
  • first candidate parameter Generate a first candidate parameter, a second candidate parameter, and a third candidate parameter; sign the first candidate parameter to obtain a first signature parameter, sign the second candidate parameter to obtain a second signature parameter, and perform a signature on the first candidate parameter; Signing the three candidate parameters to obtain the third signature parameter; when receiving the signature parameter application of the core enterprise node device, send the first signature parameter, the second signature parameter, and the third signature parameter; or
  • the certification parameter is signed and the signature and the corresponding first candidate parameter, the second candidate parameter, and the third candidate parameter are saved; when a signature parameter request from the core enterprise node device is received, the The first candidate parameter is used as the first signature parameter, the second candidate parameter is used as the second signature parameter, and the third candidate parameter is used as the third signature parameter and sent to the core enterprise node device.
  • the method further includes:
  • the UTXO in the transaction data is split into a first UTXO and a second UTXO through the first-level supplier node device, wherein the sum of the amount in the first UTXO and the amount in the second UTXO is equal to the The amount in UTXO;
  • the method further includes:
  • the blockchain supply chain transaction hidden dynamic supervision system and method according to the embodiment of the present invention, by introducing the concepts of Pedersen commitment and Bulletproof scope proof, encrypts the plaintext payables of core enterprises into confidential transactions and puts them on the chain. Only both parties can Decrypt the amount in the transaction data, protect the transaction privacy from being leaked, and protect the business secrets of the blockchain entity. After obtaining the confidential transaction and Bulletproof scope certificate, the supervisory authority will supervise the confidential transaction through the Bulletproof scope certificate.
  • FIG. 1 is a schematic diagram of the architecture of a dynamic supervision system for block chain supply chain transaction hiding according to an embodiment of the present invention
  • FIG. 2 is a schematic diagram of the architecture of a dynamic supervision system for block chain supply chain transaction hiding according to an embodiment of the present invention
  • FIG. 3 is a schematic flowchart of a method for dynamic supervision of transaction hiding in a blockchain supply chain according to an embodiment of the present invention
  • FIG. 4 is a schematic diagram of the structure of a blockchain node device according to an embodiment of the present invention.
  • FIG. 1 it is a schematic diagram of the architecture of a dynamic supervision system for blockchain supply chain transaction hiding according to an embodiment of the present invention.
  • the block chain supply chain transaction hidden dynamic supervision system 1 can include, but is not limited to: block chain supply chain platform 10, core enterprise node equipment 11, first-tier supplier node equipment 12, other block chain entity node equipment 13 and supervision Institutional node equipment 14.
  • the other block chain entity node device 13 may include one or a combination of the following: a secondary supplier node device 13, a bank node device 13, and a factor node device 13.
  • the core enterprises, primary suppliers, secondary suppliers, banks, and factoring companies are all referred to as blockchain entities.
  • the core enterprise node equipment 11, the first-level supplier node equipment 12, the second-level supplier node equipment 13, the bank node equipment 13, and the factoring company node equipment 13 are referred to as blockchain entity node equipment.
  • the blockchain entity Before accessing the blockchain supply chain platform 10, the blockchain entity first applies for a digital certificate from a certificate authority (CA). After the CA determines the identity of the applicant, it assigns a public key to the applicant, and at the same time associates the distributed public key with the applicant's identity information and signs it to form a digital certificate and send it to the applicant. Subsequently, when the blockchain entity is connected to the blockchain supply chain platform 10, the blockchain supply chain platform 10 uses the public key of the CA to verify the signature on the digital certificate of the connected blockchain entity, and when the verification passes , The digital certificate is considered valid and the blockchain entity is allowed to access the blockchain supply chain platform 10. When the verification fails, the digital certificate is considered invalid and the blockchain entity is denied access to the blockchain supply chain Platform 10.
  • the content of the digital certificate includes: information of the electronic visa authority, public key user information, public key, signature, validity period, and so on.
  • the core enterprise node device 11 is used to apply to the regulatory agency node device 14 for multiple signature parameters and generate random numbers; Pedersen promises to encrypt the payables promised by the core enterprise to the first-tier suppliers to obtain confidential transactions Use Bulletproof range proof to calculate proof parameters based on the multiple signature parameters and the random number; sign the confidential transaction and the proof parameters and upload the signed transaction data to the blockchain supply chain platform 10.
  • the core enterprise purchases the products of the first-tier supplier and promises to pay
  • the first-tier supplier can purchase the products of the second-tier supplier based on a part of the said payables
  • the second-tier supplier can further split the payables promised by the first-tier supplier Purchase products from other second-tier suppliers after distribution, and so on.
  • Factors can purchase payables held by primary and secondary suppliers.
  • the bank can provide loans based on the supplier's payables.
  • the core company After the core company purchases the products of the first-tier supplier and promises to pay, the core company encrypts the payables through the core company node device 11 to obtain confidential transactions, ensuring that the core company and the first-tier supplier Privacy of transactions between.
  • the core enterprise may apply for the first signature parameter ⁇ , the second signature parameter s L, and the third signature parameter s R from the node device of the regulatory agency before proceeding with the proof of the transaction data range.
  • the signature parameter refers to a plurality of candidate parameters selected by a regulatory agency node device, and parameters obtained after signing the multiple candidate parameters; or, a plurality of candidate parameters selected by a regulatory agency node device based on multiple candidate parameters
  • the parameter calculates the proof parameter, signs the proof parameter and saves the signature. At this time, the candidate parameter corresponding to the signature is used as the signature parameter.
  • the core enterprise node device 11 may calculate the first calculation number and the second calculation number based on the transaction data, and generate the first random number and the second random number.
  • the core enterprise node device may use a random number generation algorithm to generate random numbers in advance. For example, a first random number r and a second random number ⁇ are generated.
  • the second random number ⁇ is a number within Z p.
  • the Z p is an integer modulo p additive group.
  • the calculation of the first calculation number and the second calculation number based on the transaction data includes:
  • the difference between the first calculation number and the unit array is calculated to obtain the second calculation number.
  • the first calculation number a L is an n-dimensional array composed of binary numbers 0 or 1, and the product of each number in the n-dimensional array and 2 n corresponds to the data at the same position in the transaction data .
  • the second calculated number 1 n is an n-dimensional array composed of binary numbers 1.
  • a L ⁇ 0,1,1,...0,1,0 ⁇
  • a R ⁇ -1,0,0,...-1,0,-1 ⁇ .
  • the core enterprise node device 11 is used to use Pedersen's commitment to encrypt the payables promised by the core enterprise to the primary supplier to obtain confidential transactions.
  • the core enterprise node device can then choose to decrypt the promised value. Once the promise is issued, the core enterprise node device cannot find another value that still has the same promise calculation result.
  • the first system parameter g and the second system parameter h are the basis of discrete logarithms, and are a system parameter that is published worldwide.
  • the core enterprise node device 11 uses Bulletproof range certification to calculate a first certification parameter based on the first random number, the second random number, and the first calculation number.
  • Bulletproof is the most efficient range proof algorithm currently used to prove that the value of a promise is between [0, 2 n -1].
  • the first certification parameter wherein, g and h are all public system parameters, ⁇ is the second random number, a L is the first calculation number, and a R is the second calculation number.
  • system parameters g and h in this embodiment are different from the first system parameter g and the second system parameter h.
  • the core enterprise node device 11 uses the Bulletproof range proof to calculate a second proof parameter based on the first signature parameter, the second signature parameter, and the third signature parameter.
  • the second certification parameter Where ⁇ is the first signature parameter, s L is the second signature parameter, and s R is the third signature parameter.
  • the core enterprise node device 11 calculates a target certification parameter based on the first calculation number and the second signature parameter.
  • the core enterprise node device 11 calculating target certification parameters based on the first calculation number and the second signature parameter includes:
  • the target proof parameter P a L -z ⁇ 1 n +s L ⁇ x is calculated, where z Is the first public parameter, and x is the second public parameter.
  • the core enterprise node device sends the first certification parameter to the supervisory authority node device
  • the second proof parameter The node device of the regulatory agency dynamically selects a random number z as the first public number and publicly responds to the node device of the core enterprise, where the random number
  • the core enterprise node device 11 generates a fifth random number ⁇ 1 and a sixth random number ⁇ 2 , and the fifth random number ⁇ 1 and the sixth random number ⁇ 2 are both numbers within Z p .
  • the core enterprise node device 11 may use the Pedersen commitment to calculate the first commitment based on the fifth random number, the first system parameter g, and the second system parameter h Use the Pedersen promise to calculate the second promise based on the sixth random number, the first system parameter g, and the second system parameter h
  • the core enterprise node device 11 sends the first promise and the second promise to the supervisory authority node device 14.
  • the regulatory agency node device 14 dynamically selects a random number x as the second public number and publicly responds to the core enterprise node device, where the random number
  • the core enterprise node device 11 sends the confidential transaction, the first certification parameter, the second certification parameter, and the target certification parameter to the regulatory agency node device 14, so that the regulatory agency node device 14 is based on the The target proof parameter, the first public parameter, and the second public parameter determine the payable in the confidential transaction, so as to realize the supervision of the payable.
  • the primary supplier node device 12 is configured to use the blockchain supply chain platform 10 to receive the transaction data, decrypt it, and output it to the primary supplier.
  • the first-level supplier as the recipient of the payable by the core enterprise, receives the verification parameters sent by the core enterprise node device 11 through the first-level supplier node device 12.
  • the core enterprise can inform the primary supplier of the payment and the first random number r through key agreement and other methods.
  • the first-level supplier node device 12 is also used to split the UTXO in the transaction data into a first UTXO and a second UTXO, based on the first UTXO and the second UTXO.
  • UTXO conducts transactions with other blockchain entity node devices.
  • the primary supplier node device 12 sends the transaction data to the blockchain supply chain platform 10 for storage.
  • the sum of the amount in the first UTXO and the amount in the second UTXO is equal to the amount in the UTXO.
  • the primary supplier can split the UTXO in the transaction data and trade it to secondary suppliers, factoring companies, or mortgage loans through banks.
  • the secondary supplier, factor or bank can further split and trade the UTXO after receiving the split.
  • the first-tier supplier node device 12 is also used to perform range certification on the first UTXO and the second UTXO based on Bulletproof.
  • the amount is a legal value, that is, the amount in UTXO is a positive number within a certain range.
  • the splitting of UTXO into two sub-UTXOs is taken as an example.
  • the first-tier supplier node device can also split UTXO into 3 or more parts for more flexibility. Deal with secondary suppliers.
  • the first-level supplier node device when the first-level supplier node device splits the UTXO into multiple sub-UTXOs, it can also initiate a supervisable confidential transaction based on the sub-UTXO, and initiate a supervisable confidential transaction with the core enterprise node device Similarly, the first-tier supplier node device also needs to first apply for the first signature parameter, the second signature parameter, and the third signature parameter from the regulatory agency node device, and then initiate a supervisable secret transaction according to the method of the core enterprise node device to initiate a supervisable secret transaction. Confidential transactions.
  • supplier node devices including primary, secondary, tertiary or even lower-level supplier node devices
  • the first-level supplier node device 12 or the other blockchain entity node device 13 is also used to pay the core enterprise node device when the payable is due The payable, in response to the successful redemption of the payable, invalidate the UTXO held or return it to the core enterprise node device.
  • the due time stamp of the payment is marked in the UTXO.
  • the core enterprise When the core enterprise receives the information of redemption of the payable through the core enterprise node device 11, it confirms whether the payable is due. After confirming that the due payment is due, the debt is redeemed. After receiving the debt, the blockchain entity signs, indicating that the debt has been received. When or after receiving the debt, the blockchain entity holding the UTXO invalidates the UTXO signature or returns it to the core enterprise to form a complete transaction data record on the blockchain supply chain platform 10.
  • the regulatory agency node device 14 is configured to send multiple signature parameters when receiving a signature parameter application from the core enterprise node device.
  • sending multiple signature parameters includes:
  • first candidate parameter Generate a first candidate parameter, a second candidate parameter, and a third candidate parameter; sign the first candidate parameter to obtain a first signature parameter, sign the second candidate parameter to obtain a second signature parameter, and perform a signature on the first candidate parameter;
  • the three candidate parameters are signed to obtain the third signature parameter; upon receiving the signature parameter application of the core enterprise node device, the first signature parameter, the second signature parameter, and the third signature parameter are sent.
  • the regulatory agency node device respectively signs the first candidate parameter, the second candidate parameter, and the third candidate parameter, and sends the first candidate parameter, the second candidate parameter, and the third candidate parameter and their respective Sign to the core enterprise node device.
  • sending multiple signature parameters includes:
  • the regulatory agency node device sets the second certification parameter
  • the signature of and multiple signature parameters are sent to the core enterprise node device, and the core enterprise node device verifies the signature of the second certification parameter to determine the authenticity of the three signature parameters. Since only the second proof parameter needs to be signed, there is no need to sign the first candidate parameter, the second candidate parameter, and the third candidate parameter, which reduces the number of signatures; and sends multiple unsigned candidate parameters as multiple signature parameters For core enterprise node devices, the amount of information transmission is reduced, and the efficiency of sending signature parameters is improved.
  • first signature parameter p the second signature parameter s L, and the third signature parameter s R are all numbers within the range of Z p.
  • These signature parameters are all dynamically generated one-time random numbers.
  • the supervisory authority node device 14 uses Bulletproof range proof to calculate proof parameters based on the first signature parameter, the second signature parameter, and the third signature parameter.
  • the supervisory authority node device 14 uses a private key to sign the certification parameter and saves the signature and the corresponding first signature parameter, the second signature parameter, and the third signature parameter.
  • the regulatory agency node device 14 uses digital signature technology to sign the certification parameters.
  • Digital signature technology is based on asymmetric encryption algorithm and message digest algorithm to achieve the authentication of the source and integrity of the message, and at the same time, it is a guarantee that the signer cannot deny.
  • There are two roles in a digital signature system one is the signer of the message and the other is the authenticator of the message.
  • the signer of the message can sign the information digest of a message according to his private key, and the authenticator of the message verifies the information digest of a message according to his public key. If the verification is passed, it can be proved that the source of the message is the signer of the message, the information digest of the message is the same and the signer cannot deny it.
  • the supervisory authority node device 14 is further configured to send the first signature parameter, the second signature parameter, and the third signature parameter to the core enterprise node device when a signature parameter request from the core enterprise node device is received. Signature parameters.
  • the transaction data sender Before the transaction data sender performs the transaction data range certification, it applies to the regulatory agency node device for signature parameters through the core enterprise node device, and the regulatory agency node device sends the signed certification parameters to the first signature parameter, the second signature parameter, and The third signature parameter is sent to the supervisory authority node device.
  • the supervisory authority node device 14 is further configured to reply to the first certification parameter and the second certification parameter sent by the core enterprise node device.
  • One public parameter One public parameter.
  • the core enterprise node device sends the first certification parameter to the supervisory authority node device And the second proof parameter
  • the node device of the regulatory agency dynamically selects a random number z as the first public number and publicly responds to the node device of the core enterprise, where the random number
  • the regulatory agency node device 14 is further configured to reply to the second public parameter when the first commitment parameter and the second commitment parameter sent by the core enterprise node device are received.
  • the core enterprise node device sends the first promise and the second promise to the supervisory authority node device.
  • the regulatory agency node device dynamically selects a random number x as the second public number and publicly responds to the core enterprise node device, where the random number
  • the random number y is a one-time random number dynamically and randomly generated when the regulatory agency node device 14 receives the first certification parameter and the second certification parameter sent by the core enterprise node device
  • the random number x is the A one-time random number dynamically and randomly generated when the regulatory agency node device 14 receives the first commitment parameter and the second commitment parameter.
  • the regulatory agency node device 14 is also used to obtain the transaction data from the blockchain supply chain platform; obtain confidential transactions and certification parameters in the transaction data, and determine the confidentiality based on the certification parameters Payables in the transaction to achieve the supervision of said payables.
  • the supervisory authority node device 14 determining the payable in the confidential transaction based on the certification parameter to implement the supervision of the payable includes:
  • the target random number is an n-dimensional array composed of 0 or 1, and the product of each number in the n-dimensional array and 2n corresponds to the data at the same position in the payable.
  • the supervisory authority node device can calculate the transaction data v in the certificate according to the signature in the certificate and the parameter P in the certificate. Since a L is the binary form of transaction data v, P, x, and z are all public values, so the regulator node device can calculate the value of a L according to the value of the random number s L possessed, and then calculate the payable v .
  • multiple signature parameters are selected by the regulatory agency node device and the certification parameters are calculated. After signing the calculated certification parameters, the signed multiple signature parameters can be sent to the core enterprise node device, so that the core enterprise node The device calculates the certification parameters based on multiple signature parameters. Since the supervisory authority node equipment and the core enterprise node equipment use the same multiple signature parameters to calculate the same proof parameters, when the confidential transaction is reversed on the blockchain network, the supervisory authority node equipment can supervise the core enterprise node equipment Proof parameters, thus realizing the supervision of confidential transactions.
  • the blockchain supply chain platform 10 is used to store the transaction data; verify the correctness of the transaction data and the legitimacy of the signature of the regulatory agency node device.
  • the blockchain supply chain platform 10 the core enterprise node equipment 11, the first-tier supplier node equipment 12, and the regulatory agency node equipment 14 in the blockchain supply chain transaction hidden dynamic supervision system 1 must If it exists, the other blockchain entity node device 13 optionally exists. That is, the secondary supplier node equipment, bank node equipment, and factor node equipment may optionally exist in the blockchain supply chain transaction hidden dynamic supervision system 1.
  • FIG. 2 it is a schematic diagram of another architecture of the blockchain supply chain transaction hiding dynamic supervision system according to an embodiment of the present invention.
  • the blockchain supply chain transaction hidden dynamic supervision system 1 includes the blockchain supply chain platform 10, core enterprise node equipment 11, first-tier supplier node equipment 12, and other blockchain entity node equipment 13, which are described in Figure 1.
  • the regulatory agency node device 14 may also include at least one risk assessment agency node device 15.
  • the at least one risk assessment agency node device 15 is used to read transaction data stored on the blockchain supply chain platform 10, use a pre-trained risk assessment model to perform risk assessment on the transaction data, and The risk assessment result is sent to the other blockchain entity node device 13.
  • At least one risk assessment agency node device 15 can obtain the historical transaction data recorded on the blockchain supply chain platform 10 in advance, and train a risk assessment model based on the historical transaction data to evaluate the value of the payment in each transaction data.
  • At least one risk assessment agency node device 15 When at least one risk assessment agency node device 15 reads the newly recorded transaction data on the blockchain supply chain platform 10, it uses a risk assessment model to evaluate the value of the payable in the newly recorded transaction data, and evaluate the risk The result is sent to potential purchasers of UTXO (that is, the payable of the core enterprise) corresponding to the transaction data.
  • the potential purchasers may include, but are not limited to, secondary suppliers, factoring companies, banks, etc.
  • the blockchain supply chain platform 10 may be a blockchain system based on any UTXO model and a blockchain system supporting the UTXO account model.
  • the blockchain supply chain system 1 may further include: a data decryption module, a UTXO amount range certification module, a blockchain wallet, a lightweight wallet, a statistical analysis tool, an entity list, etc.
  • one-time signature parameters dynamically selected by the regulatory agency and proof parameters based on random number calculations need to be obtained and signed in advance, and the blockchain entity generates Bulletproof based on the one-time signature parameters. Prove that it has the characteristics of forward security.
  • the blockchain supply chain platform also verifies the legitimacy of the signature of the regulatory agency. Since the signature parameter is a one-time number dynamically generated by the regulatory agency, when the regulatory agency's key is leaked, it will not cause a wide range of transaction data to be leaked.
  • the blockchain supply chain privacy transaction dynamic supervision system described in this embodiment introduces the concepts of Pedersen commitment and Bulletproof scope proof, encrypts the plaintext payables of core enterprises into confidential transactions and uploads them to the chain. Only both parties to the transaction can decrypt the transaction data The amount in the transaction privacy is protected from being leaked, and the business secrets of the blockchain entity are protected. After obtaining the confidential transaction and Bulletproof scope certificate, the supervisory authority will supervise the confidential transaction through the Bulletproof scope certificate.
  • FIG. 3 is a schematic flowchart of a method for dynamic supervision of transaction hiding in a blockchain supply chain disclosed in an embodiment of the present invention.
  • the block chain supply chain transaction concealment dynamic supervision method is applied to a block chain supply chain network.
  • the block chain supply chain transaction concealment dynamic supervision method specifically includes the following steps. According to different needs, the steps in the flowchart The order can be changed, and some steps can be omitted.
  • S31 When the supervisory authority node device receives the signature parameter request of the core enterprise node device, it sends the first signature parameter, the second signature parameter, and the third signature parameter to the core enterprise node device.
  • the supervisory authority node device when the supervisory authority node device receives the signature parameter request of the core enterprise node device, it sends the first signature parameter, the second signature parameter, and the third signature parameter to the core enterprise node device.
  • the supervisory authority node device when the supervisory authority node device receives the signature parameter request of the core enterprise node device, it sends the first signature parameter, the second signature parameter, and the third signature parameter to the core enterprise node device.
  • first candidate parameter Generate a first candidate parameter, a second candidate parameter, and a third candidate parameter; sign the first candidate parameter to obtain a first signature parameter, sign the second candidate parameter to obtain a second signature parameter, and perform a signature on the first candidate parameter;
  • the three candidate parameters are signed to obtain the third signature parameter; upon receiving the signature parameter application of the core enterprise node device, the first signature parameter, the second signature parameter, and the third signature parameter are sent.
  • the first candidate parameter, the second candidate parameter, and the third candidate parameter are generated; the Bulletproof range proof is based on the first candidate parameter, the second candidate parameter, and the third candidate parameter Calculate the certification parameters; use the private key to sign the certification parameters and save the signature and the corresponding first candidate parameter, the second candidate parameter, and the third candidate parameter; when the core enterprise node device is received When requesting signature parameters, send the first candidate parameter as the first signature parameter, the second candidate parameter as the second signature parameter, and the third candidate parameter as the third signature parameter.
  • Core enterprise node equipment When requesting signature parameters, send the first candidate parameter as the first signature parameter, the second candidate parameter as the second signature parameter, and the third candidate parameter as the third signature parameter.
  • the core enterprise node device uses Pedersen's commitment to encrypt the payables promised by the core enterprise to the first-tier supplier to obtain confidential transactions.
  • the core enterprise node device uses Bulletproof range proof to calculate proof parameters based on the multiple signature parameters and the generated random numbers.
  • the core enterprise node device signs the confidential transaction and the certification parameters and uploads the signed transaction data to the blockchain supply chain platform.
  • the first-level supplier node device uses the blockchain supply chain platform to receive the transaction data, decrypt it, and output it to the first-level supplier.
  • the regulatory agency node device obtains the transaction data from the blockchain supply chain platform; obtains the confidential transaction and certification parameters in the transaction data, and determines the confidential transaction in the confidential transaction based on the certification parameters. Payables to achieve the supervision of said payables.
  • the method further includes:
  • the UTXO in the transaction data is split into a first UTXO and a second UTXO through the first-level supplier node device, wherein the sum of the amount in the first UTXO and the amount in the second UTXO is equal to the The amount in UTXO;
  • the method further includes:
  • the blockchain supply chain privacy transaction dynamic supervision method described in this embodiment introduces the concepts of Pedersen commitment and Bulletproof scope proof, encrypts the plaintext payables of core companies into confidential transactions and uploads them to the chain. Only both parties to the transaction can decrypt the transaction data The amount in the transaction privacy is protected from being leaked, and the business secrets of the blockchain entity are protected. After obtaining the confidential transaction and Bulletproof scope certificate, the supervisory authority will supervise the confidential transaction through the Bulletproof scope certificate.
  • FIG. 4 is a schematic diagram of the internal structure of a blockchain node device disclosed in an embodiment of the present invention.
  • the blockchain node device 4 may include a memory 41, a processor 42, a bus 43, and a transceiver 44.
  • the blockchain node device 4 may be a core enterprise node device, a regulatory agency node device, or a first-tier supplier node device, other blockchain entities (for example, a second-tier supplier, bank, factor) Node equipment, etc.
  • the blockchain node device 4 is a core enterprise node device, the function of the core enterprise node device described in Embodiment 1 or Embodiment 2 is performed;
  • the blockchain node device 4 is a regulatory agency node device , Execute the function of the regulatory agency node device described in the first embodiment or the second embodiment;
  • the blockchain node device 4 is the first-tier supplier node device, execute the function described in the first embodiment or the second embodiment
  • the function of the first-level supplier node device; when the blockchain node device 4 is another blockchain entity node device, the function of the other blockchain entity node device described in the first embodiment or the second embodiment is performed.
  • the memory 41 includes at least one type of readable storage medium, and the readable storage medium includes flash memory, hard disk, multimedia card, card-type memory (for example, SD or DX memory, etc.), magnetic memory, magnetic disk, optical disk, and the like.
  • the memory 41 may be an internal storage unit of the blockchain node device 4 in some embodiments, for example, the hard disk of the blockchain node device 4.
  • the memory 41 may also be an external storage device of the blockchain node device 4, for example, a plug-in hard disk equipped on the blockchain node device 4, a smart memory card (Smart Media Card, SMC). ), Secure Digital (SD) card, Flash Card, etc.
  • the memory 41 may also include not only the internal storage unit of the blockchain node device 4, but also an external storage device.
  • the memory 41 can be used not only to store application programs and various data installed in the blockchain node device 4, but also to temporarily store data that has been output or will be output.
  • the processor 42 may be a central processing unit (CPU), controller, microcontroller, or microprocessor in some embodiments, and is used to run program codes or process data stored in the memory 41.
  • CPU central processing unit
  • controller microcontroller
  • microprocessor in some embodiments, and is used to run program codes or process data stored in the memory 41.
  • the bus 43 may be a peripheral component interconnect standard (PCI) bus or an extended industry standard architecture (EISA) bus, etc.
  • PCI peripheral component interconnect standard
  • EISA extended industry standard architecture
  • the bus can be divided into address bus, data bus, control bus and so on. For ease of representation, only one thick line is used in FIG. 4 to represent it, but it does not mean that there is only one bus or one type of bus.
  • the blockchain node device 4 may also include a network interface, and the network interface may optionally include a wired interface and/or a wireless interface (such as a WI-FI interface, a Bluetooth interface, etc.), which is usually used in the block
  • the link node device 4 establishes a communication connection with other dispatch servers.
  • the blockchain node device 4 may also include a user interface.
  • the user interface may include a display (Display) and an input unit, such as a keyboard (Keyboard).
  • the user interface may also include a standard wired interface, wireless interface.
  • the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an organic light-emitting diode (OLED) touch device, and the like.
  • the display may also be called a display screen or a display unit, which is used to display the messages processed in the dispatch server and to display a visualized user interface.
  • FIG. 4 only shows the blockchain node device 4 with components 41-44.
  • the structure shown in FIG. 4 does not constitute a limitation on the blockchain node device 4. It may be a bus-type structure or a star-shaped structure.
  • the blockchain node device 4 may also include fewer or more components than shown in the figure, or a combination of certain components, or a different component arrangement.
  • Other existing or future electronic products that can be adapted to the present invention should also be included in the protection scope of the present invention, and are included here by reference.
  • the computer program product includes one or more computer instructions.
  • the computer may be a general-purpose computer, a special-purpose computer, a computer network, or other programmable devices.
  • the computer instructions may be stored in a computer-readable storage medium or transmitted from one computer-readable storage medium to another computer-readable storage medium.
  • the computer instructions may be transmitted from a website, computer, server, or data center. Transmission to another website site, computer, server or data center via wired (for example, coaxial cable, optical fiber, digital subscriber line) or wireless (for example, infrared, wireless, microwave, etc.).
  • the computer-readable storage medium may be any available medium that can be stored by a computer or a data storage device such as a server or a data center integrated with one or more available media.
  • the usable medium may be a magnetic medium (for example, a floppy disk, a hard disk, and a magnetic tape), an optical medium (for example, a DVD), or a semiconductor medium (for example, a solid state disk (SSD)).
  • the disclosed system, device, and method may be implemented in other ways.
  • the device embodiments described above are merely illustrative.
  • the division of the units is only a logical function division, and there may be other divisions in actual implementation, for example, multiple units or components may be combined It can be integrated into another system, or some features can be ignored or not implemented.
  • the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or units, and may be in electrical, mechanical or other forms.
  • the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, they may be located in one place, or they may be distributed on multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution in this embodiment.
  • the functional units in the various embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit.
  • the above-mentioned integrated unit can be implemented in the form of hardware or application program functional unit.
  • the integrated unit is implemented in the form of an application function unit and sold or used as an independent product, it can be stored in a computer readable storage medium.
  • a computer readable storage medium includes several instructions to make a dispatch server (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the methods described in the various embodiments of the present application.
  • the aforementioned storage media include: U disk, hard disk, Read-Only Memory (Read-Only Memory, ROM), magnetic disk or optical disk and other media that can store program codes.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Accounting & Taxation (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

Disclosed are a blockchain supply chain transaction hidden dynamic supervision system and method. The system comprises: a supervision institution node device, which is used for transmitting a plurality of signature parameters when a signature parameter application of a core enterprise node device is received; the core enterprise node device, which is used for encrypting a payable using a Pedeersen commitment to obtain a confidential transaction, calculating a proof parameter by using a Bulletproof range proof and on the basis of the plurality of signature parameters and a random number, and signing the confidential transaction and the proof parameter and chaining same; a first-level supplier node device, which is used for receiving transaction data and decrypting same, wherein the supervision institution node device is also used for acquiring the confidential transaction and the proof parameter and determining the payable on the basis of the proof parameter so as to realize supervision of the payable; and a blockchain supply chain platform, which is used for storing the transaction data and verifying the correctness of the transaction data and the signature. By means of the method, a payable in a blockchain supply chain can be encrypted and chained to avoid privacy leakage, and the payable is supervised.

Description

区块链供应链交易隐藏动态监管系统及方法Block chain supply chain transaction hidden dynamic supervision system and method 技术领域Technical field
本发明涉及区块链技术领域,尤其涉及一种区块链供应链交易隐藏动态监管系统及方法。The present invention relates to the technical field of block chains, in particular to a dynamic supervision system and method for block chain supply chain transaction hiding.
背景技术Background technique
现有的区块链供应链系统,将核心企业节点设备、供应商节点设备、保理商节点设备及银行节点设备等通过区块链联系了起来。核心企业节点设备、供应商节点设备、保理商节点设备及银行节点设备等作为区块链节点加入区块链供应链系统时,需要经过授权才能加入,区块链节点之间具有一定的信任基础,通过应收账款、票据凭证、抵押货物凭证等交易数据上链的方式增强了数据的可信性。The existing blockchain supply chain system connects core enterprise node equipment, supplier node equipment, factor node equipment, and bank node equipment through the blockchain. When core enterprise node equipment, supplier node equipment, factorer node equipment, and bank node equipment are used as blockchain nodes to join the blockchain supply chain system, they need to be authorized to join, and there is a certain degree of trust between the blockchain nodes Basically, the credibility of the data is enhanced by the way of transaction data on the chain such as accounts receivable, bill vouchers, and mortgage goods vouchers.
然而,这些交易数据中往往存在商业机密,将交易数据明文上链,导致了商业机密和个人隐私的泄露,且没有监管机构的监管。However, these transaction data often contain commercial secrets, and the transaction data is written on the chain, resulting in the leakage of commercial secrets and personal privacy, and there is no supervision by regulatory agencies.
因此,有必要提供一种区块链供应链交易隐藏动态监管方案。Therefore, it is necessary to provide a hidden dynamic supervision scheme for blockchain supply chain transactions.
发明内容Summary of the invention
本发明的主要目的在于提供一种区块链供应链交易隐藏动态监管系统及方法,旨在解决区块链供应链中交易数据明文上链导致隐私泄露且无监管的技术问题。The main purpose of the present invention is to provide a block chain supply chain transaction hidden dynamic supervision system and method, which aims to solve the technical problem of privacy leakage and no supervision caused by the clear text of transaction data in the block chain supply chain.
为实现上述目的,本发明的第一方面提供一种区块链供应链交易隐藏动态监管系统,所述系统包括:In order to achieve the above-mentioned objective, the first aspect of the present invention provides a blockchain supply chain transaction hidden dynamic supervision system, the system includes:
监管机构节点设备,用于在接收到核心企业节点设备的签名参数申请时,发送多个签名参数;The supervisory authority node device is used to send multiple signature parameters when receiving a signature parameter application from the core enterprise node device;
所述核心企业节点设备,用于利用Pedersen承诺对核心企业承诺给一级供应商的应付款进行加密得到机密交易;利用Bulletproof范围证明基于所述多个签名参数及生成的随机数计算证明参数;对所述机密交易及所述证明参数进行签名并将签名后的交易数据上传至区块链供应链平台;The core enterprise node device is used to use Pedersen's commitment to encrypt the payables promised by the core enterprise to the first-tier supplier to obtain confidential transactions; use Bulletproof range certification to calculate the certification parameters based on the multiple signature parameters and the generated random numbers; Sign the confidential transaction and the certification parameters and upload the signed transaction data to the blockchain supply chain platform;
一级供应商节点设备,用于利用所述区块链供应链平台接收所述交易数据并解密后输出给所述一级供应商;A first-level supplier node device, configured to use the blockchain supply chain platform to receive the transaction data, decrypt it, and output it to the first-level supplier;
所述监管机构节点设备,还用于从所述区块链供应链平台上获取所述交易数据;获取所述交易数据中的机密交易及证明参数,并基于所述证明参数确定所述机密交易中的应付款以实现所述应付款的监管;The regulatory agency node device is also used to obtain the transaction data from the blockchain supply chain platform; obtain confidential transactions and certification parameters in the transaction data, and determine the confidential transaction based on the certification parameters Payables in to achieve the supervision of said payables;
所述区块链供应链平台,用于存储所述交易数据;验证所述交易数据的正确性及所述监管机构节点设备签名的合法性。The blockchain supply chain platform is used to store the transaction data; verify the correctness of the transaction data and the legitimacy of the signature of the regulatory agency node device.
根据本发明的一个可选实施例,所述多个签名参数包括第一签名参数、第二签名参数及第三签名参数,所述随机数包括第一随机数及第二随机数;According to an optional embodiment of the present invention, the multiple signature parameters include a first signature parameter, a second signature parameter, and a third signature parameter, and the random number includes a first random number and a second random number;
所述利用Pedersen承诺对核心企业承诺给一级供应商的应付款进行加密得到机密交易包括:The use of Pedersen's commitment to encrypt the payables promised by the core enterprise to the first-tier suppliers to obtain confidential transactions includes:
利用Pedersen承诺基于所述应付款及所述第一随机数加密得到机密交易;Use Pedersen to promise to obtain confidential transactions based on the payable and the first random number encryption;
所述核心企业节点设备利用Bulletproof范围证明基于所述多个签名参数及生成的随机数计算证明参数包括:The core enterprise node equipment uses the Bulletproof range to prove that the calculation proof parameters based on the multiple signature parameters and the generated random numbers include:
基于所述交易数据计算得到第一计算数及第二计算数;Calculating the first calculation number and the second calculation number based on the transaction data;
利用Bulletproof范围证明基于所述第一计算数、所述第二计算数及所述第二随机数计算第一证明参数;Use Bulletproof range proof to calculate the first proof parameter based on the first calculation number, the second calculation number, and the second random number;
利用所述Bulletproof范围证明基于所述第一签名参数、所述第二签名参数及所述第三签名参数计算第二证明参数;Using the Bulletproof range proof to calculate a second proof parameter based on the first signature parameter, the second signature parameter, and the third signature parameter;
基于所述第一计算数及所述第二签名参数计算目标证明参数。The target certification parameter is calculated based on the first calculation number and the second signature parameter.
根据本发明的一个可选实施例,所述基于所述第一计算数及所述第二签名参数计算目标证明参数包括:According to an optional embodiment of the present invention, the calculating target certification parameters based on the first calculation number and the second signature parameter includes:
向所述监管机构节点设备发送所述第一证明参数和所述第二证明参数并接收所述监管机构节点设备回复的第一公开参数;Sending the first certification parameter and the second certification parameter to the regulatory agency node device, and receiving the first public parameter replies from the regulatory agency node device;
利用Pedersen承诺随机计算第一承诺参数和第二承诺参数;Use Pedersen commitment to randomly calculate the first commitment parameter and the second commitment parameter;
向所述监管机构节点设备发送所述第一承诺参数和所述第二承诺参数并接收所述监管机构节点设备回复的第二公开参数;Sending the first commitment parameter and the second commitment parameter to the regulatory agency node device, and receiving a second public parameter replies from the regulatory agency node device;
基于所述第一计算数、所述第二签名参数、所述第一公开参数和所述第二公开参数计算目标证明参数。The target certification parameter is calculated based on the first calculation number, the second signature parameter, the first public parameter, and the second public parameter.
根据本发明的一个可选实施例,所述监管机构节点设备在接收到所述核心企业节点设备的签名参数申请时,发送多个签名参数包括:According to an optional embodiment of the present invention, when the supervisory authority node device receives the signature parameter application of the core enterprise node device, sending multiple signature parameters includes:
生成第一候选参数、第二候选参数及第三候选参数;对所述第一候选参数进行签名得到第一签名参数,对所述第二候选参数进行签名得到第二签名参数及对所述第三候选参数进行签名得到第三签名参数;在接收到所述核心企业节点设备的签名参数申请时,发送所述第一签名参数、所述第二签名参数及所述第三签名参数;或者Generate a first candidate parameter, a second candidate parameter, and a third candidate parameter; sign the first candidate parameter to obtain a first signature parameter, sign the second candidate parameter to obtain a second signature parameter, and perform a signature on the first candidate parameter; Signing the three candidate parameters to obtain the third signature parameter; when receiving the signature parameter application of the core enterprise node device, send the first signature parameter, the second signature parameter, and the third signature parameter; or
生成第一候选参数、第二候选参数及第三候选参数;利用Bulletproof范围证明基于所述第一候选参数、所述第二候选参数及所述第三候选参数计算第二证明参数;使用私钥对所述第二证明参数进行签名并保存所述签名及对应的所述第一候选参数、所述第二候选参数及所述第三候选参数;当接收到核心企业节点设备的签名参数请求时,将所述第一候选参数作为第一签名参数、所述第二候选参数作为所述第二签名参数及所述第三候选参数作为所述第三签名参数发送给所述核心企业节点设备,并将所述第二证明参数的签名一并发送给所述核心企业节点设备。Generate the first candidate parameter, the second candidate parameter and the third candidate parameter; use the Bulletproof range to prove the calculation of the second proof parameter based on the first candidate parameter, the second candidate parameter and the third candidate parameter; use the private key Sign the second certification parameter and save the signature and the corresponding first candidate parameter, the second candidate parameter, and the third candidate parameter; when a signature parameter request from the core enterprise node device is received Sending the first candidate parameter as the first signature parameter, the second candidate parameter as the second signature parameter, and the third candidate parameter as the third signature parameter to the core enterprise node device, And send the signature of the second certification parameter to the core enterprise node device.
根据本发明的一个可选实施例,所述一级供应商节点设备,还用于:According to an optional embodiment of the present invention, the first-level supplier node device is further configured to:
将所述交易数据中的UTXO拆分为第一UTXO和第二UTXO,其中,所述第一UTXO中的金额和第二UTXO中的金额之和等于所述UTXO中的金额;Splitting the UTXO in the transaction data into a first UTXO and a second UTXO, wherein the sum of the amount in the first UTXO and the amount in the second UTXO is equal to the amount in the UTXO;
基于所述第一UTXO和第二UTXO与其他区块链实体节点设备进行交易;Perform transactions with other blockchain entity node devices based on the first UTXO and the second UTXO;
基于Bulletproof对所述第一UTXO和第二UTXO进行范围证明。Perform range proof on the first UTXO and the second UTXO based on Bulletproof.
根据本发明的一个可选实施例,所述一级供应商节点设备或者所述其他区块链实体节点设备,还用于当所述应付款到期后,向所述核心企业节点设备兑付应付款,响应于所述应付款兑付成功,将持有的UTXO进行无效化签名或者返还给所述核心企业节点设备。According to an optional embodiment of the present invention, the first-level supplier node device or the other blockchain entity node device is also used to pay the core enterprise node device to the core enterprise node device when the payable is due In response to the successful redemption of the payable, the UTXO held is invalidated and signed or returned to the core enterprise node device.
根据本发明的一个可选实施例,所述系统还包括:According to an optional embodiment of the present invention, the system further includes:
至少一个风险评估机构节点设备,用于读取所述区块链供应链平台上存储的交易数据,使用预先训练好的风险评估模型对所述交易数据进行风险评估,并将风险评估结果发送给所述其他区块链实体节点设备。At least one risk assessment agency node device, used to read transaction data stored on the blockchain supply chain platform, use a pre-trained risk assessment model to perform risk assessment on the transaction data, and send the risk assessment result to The other blockchain entity node devices.
本发明的第二方面提供一种区块链供应链交易隐藏动态监管方法,所述方法包括:The second aspect of the present invention provides a dynamic supervision method for block chain supply chain transaction hiding, and the method includes:
当所述监管机构节点设备接收到核心企业节点设备的签名参数请求时,向所述核心企业节点设备发送第一签名参数、第二签名参数及第三签名参数;When the supervisory authority node device receives the signature parameter request of the core enterprise node device, sending the first signature parameter, the second signature parameter, and the third signature parameter to the core enterprise node device;
所述核心企业节点设备利用Pedersen承诺对核心企业承诺给一级供应商的应付款进行加密得到机密交易;The core enterprise node device uses Pedersen's commitment to encrypt the payables promised by the core enterprise to the primary supplier to obtain confidential transactions;
所述核心企业节点设备利用Bulletproof范围证明基于所述多个签名参数及生成的 随机数计算证明参数;The core enterprise node device uses the Bulletproof range certificate to calculate the proof parameter based on the multiple signature parameters and the generated random number;
所述核心企业节点设备对所述机密交易及所述证明参数进行签名并将签名后的交易数据上传至区块链供应链平台;The core enterprise node device signs the confidential transaction and the certification parameters and uploads the signed transaction data to the blockchain supply chain platform;
一级供应商节点设备利用所述区块链供应链平台接收所述交易数据并解密后输出给所述一级供应商;The first-level supplier node device uses the blockchain supply chain platform to receive the transaction data, decrypt it, and output it to the first-level supplier;
所述监管机构节点设备从所述区块链供应链平台上获取所述交易数据;获取所述交易数据中的机密交易及证明参数,并基于所述证明参数确定所述机密交易中的应付款以实现所述应付款的监管。The regulatory agency node device obtains the transaction data from the blockchain supply chain platform; obtains the confidential transaction and certification parameters in the transaction data, and determines the payable in the confidential transaction based on the certification parameters In order to achieve the supervision of the said payables.
根据本发明的一个可选实施例,所述监管机构节点设备接收到核心企业节点设备的签名参数请求时,向所述核心企业节点设备发送第一签名参数、第二签名参数及第三签名参数包括:According to an optional embodiment of the present invention, when the supervisory authority node device receives the signature parameter request of the core enterprise node device, it sends the first signature parameter, the second signature parameter, and the third signature parameter to the core enterprise node device include:
生成第一候选参数、第二候选参数及第三候选参数;对所述第一候选参数进行签名得到第一签名参数,对所述第二候选参数进行签名得到第二签名参数及对所述第三候选参数进行签名得到第三签名参数;在接收到所述核心企业节点设备的签名参数申请时,发送所述第一签名参数、所述第二签名参数及所述第三签名参数;或者Generate a first candidate parameter, a second candidate parameter, and a third candidate parameter; sign the first candidate parameter to obtain a first signature parameter, sign the second candidate parameter to obtain a second signature parameter, and perform a signature on the first candidate parameter; Signing the three candidate parameters to obtain the third signature parameter; when receiving the signature parameter application of the core enterprise node device, send the first signature parameter, the second signature parameter, and the third signature parameter; or
生成第一候选参数、第二候选参数及第三候选参数;利用Bulletproof范围证明基于所述第一候选参数、所述第二候选参数及所述第三候选参数计算证明参数;使用私钥对所述证明参数进行签名并保存所述签名及对应的所述第一候选参数、所述第二候选参数及所述第三候选参数;当接收到核心企业节点设备的签名参数请求时,将所述第一候选参数作为第一签名参数、所述第二候选参数作为所述第二签名参数及所述第三候选参数作为所述第三签名参数发送给所述核心企业节点设备。Generate the first candidate parameter, the second candidate parameter, and the third candidate parameter; use the Bulletproof range to prove the calculation of the proof parameter based on the first candidate parameter, the second candidate parameter, and the third candidate parameter; The certification parameter is signed and the signature and the corresponding first candidate parameter, the second candidate parameter, and the third candidate parameter are saved; when a signature parameter request from the core enterprise node device is received, the The first candidate parameter is used as the first signature parameter, the second candidate parameter is used as the second signature parameter, and the third candidate parameter is used as the third signature parameter and sent to the core enterprise node device.
根据本发明的一个可选实施例,所述方法还包括:According to an optional embodiment of the present invention, the method further includes:
通过所述一级供应商节点设备将所述交易数据中的UTXO拆分为第一UTXO和第二UTXO,其中,所述第一UTXO中的金额和第二UTXO中的金额之和等于所述UTXO中的金额;The UTXO in the transaction data is split into a first UTXO and a second UTXO through the first-level supplier node device, wherein the sum of the amount in the first UTXO and the amount in the second UTXO is equal to the The amount in UTXO;
基于所述第一UTXO和第二UTXO与其他区块链实体节点设备进行交易;Perform transactions with other blockchain entity node devices based on the first UTXO and the second UTXO;
基于Bulletproof对所述第一UTXO和第二UTXO进行范围证明。Perform range proof on the first UTXO and the second UTXO based on Bulletproof.
根据本发明的一个可选实施例,所述方法还包括:According to an optional embodiment of the present invention, the method further includes:
通过至少一个风险评估机构节点设备读取所述区块链供应链平台上存储的交易数据,使用预先训练好的风险评估模型对所述交易数据进行风险评估,并将风险评估结果发送给所述其他区块链实体节点设备。Read transaction data stored on the blockchain supply chain platform through at least one risk assessment agency node device, use a pre-trained risk assessment model to perform risk assessment on the transaction data, and send the risk assessment result to the Other blockchain entity node equipment.
本发明实施例所述的区块链供应链交易隐藏动态监管系统及方法,通过引入Pedersen承诺和Bulletproof范围证明的概念,将核心企业的明文应付款加密成机密交易并上链,只有交易双方能够解密交易数据中的金额,保护了交易隐私不被泄露,保障了区块链实体商业机密。而监管机构在获取到机密交易和Bulletproof范围证明后,通过Bulletproof范围证明对机密交易进行监管。The blockchain supply chain transaction hidden dynamic supervision system and method according to the embodiment of the present invention, by introducing the concepts of Pedersen commitment and Bulletproof scope proof, encrypts the plaintext payables of core enterprises into confidential transactions and puts them on the chain. Only both parties can Decrypt the amount in the transaction data, protect the transaction privacy from being leaked, and protect the business secrets of the blockchain entity. After obtaining the confidential transaction and Bulletproof scope certificate, the supervisory authority will supervise the confidential transaction through the Bulletproof scope certificate.
附图说明Description of the drawings
图1为本发明实施例的区块链供应链交易隐藏动态监管系统的架构示意图;FIG. 1 is a schematic diagram of the architecture of a dynamic supervision system for block chain supply chain transaction hiding according to an embodiment of the present invention;
图2为本发明实施例的区块链供应链交易隐藏动态监管系统的架构示意图;2 is a schematic diagram of the architecture of a dynamic supervision system for block chain supply chain transaction hiding according to an embodiment of the present invention;
图3为本发明实施例的区块链供应链交易隐藏动态监管方法的流程示意图;3 is a schematic flowchart of a method for dynamic supervision of transaction hiding in a blockchain supply chain according to an embodiment of the present invention;
图4为本发明实施例的区块链节点设备的结构示意图。FIG. 4 is a schematic diagram of the structure of a blockchain node device according to an embodiment of the present invention.
具体实施方式Detailed ways
为了使本发明的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对 本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅用以解释本发明,并不用于限定本发明。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to make the objectives, technical solutions and advantages of the present invention clearer, the following further describes the present invention in detail with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, but not used to limit the present invention. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the protection scope of the present invention.
本申请的说明书和权利要求书及上述附图中的术语“第一”、“第二”是用于区别类似的对象,而不必用于描述特定的顺序或先后次序。应该理解这样使用的数据在适当情况下可以互换,以便这里描述的实施例能够以除了在这里图示或描述的内容以外的顺序实施。此外,术语“包括”和“具有”以及他们的任何变形,意图在于覆盖不排他的包含,例如,包含了一系列步骤或单元的过程、方法、系统、产品或设备不必限于清楚地列出的那些步骤或单元,而是可包括没有清楚地列出的或对于这些过程、方法、产品或设备固有的其它步骤或单元。The terms "first" and "second" in the specification and claims of this application and the above-mentioned drawings are used to distinguish similar objects, and are not necessarily used to describe a specific sequence or sequence. It should be understood that the data used in this way can be interchanged under appropriate circumstances so that the embodiments described herein can be implemented in a sequence other than the content illustrated or described herein. In addition, the terms "including" and "having" and any variations of them are intended to cover non-exclusive inclusions. For example, a process, method, system, product, or device that includes a series of steps or units is not necessarily limited to those clearly listed. Those steps or units may include other steps or units that are not clearly listed or are inherent to these processes, methods, products, or equipment.
另外,各个实施例之间的技术方案可以相互结合,但是必须是以本领域普通技术人员能够实现为基础,当技术方案的结合出现相互矛盾或无法实现时应当认为这种技术方案的结合不存在,也不在本发明要求的保护范围之内。In addition, the technical solutions between the various embodiments can be combined with each other, but it must be based on what can be achieved by a person of ordinary skill in the art. When the combination of technical solutions is contradictory or cannot be achieved, it should be considered that such a combination of technical solutions does not exist. , Is not within the protection scope of the present invention.
实施例一Example one
如图1所示,为本发明实施例的区块链供应链交易隐藏动态监管系统的架构示意图。As shown in FIG. 1, it is a schematic diagram of the architecture of a dynamic supervision system for blockchain supply chain transaction hiding according to an embodiment of the present invention.
区块链供应链交易隐藏动态监管系统1可以包括,但不限于:区块链供应链平台10、核心企业节点设备11、一级供应商节点设备12、其他区块链实体节点设备13及监管机构节点设备14。The block chain supply chain transaction hidden dynamic supervision system 1 can include, but is not limited to: block chain supply chain platform 10, core enterprise node equipment 11, first-tier supplier node equipment 12, other block chain entity node equipment 13 and supervision Institutional node equipment 14.
在一个可选的实施例中,所述其他区块链实体节点设备13可以包括以下一种或多种的组合:二级供应商节点设备13、银行节点设备13、保理商节点设备13。所述核心企业、一级供应商、二级供应商、银行、保理商均称之为区块链实体。所述核心企业节点设备11、一级供应商节点设备12、二级供应商节点设备13、银行节点设备13、保理商节点设备13称之为区块链实体节点设备。In an optional embodiment, the other block chain entity node device 13 may include one or a combination of the following: a secondary supplier node device 13, a bank node device 13, and a factor node device 13. The core enterprises, primary suppliers, secondary suppliers, banks, and factoring companies are all referred to as blockchain entities. The core enterprise node equipment 11, the first-level supplier node equipment 12, the second-level supplier node equipment 13, the bank node equipment 13, and the factoring company node equipment 13 are referred to as blockchain entity node equipment.
区块链实体在接入区块链供应链平台10之前,先向证书颁发机构(Certificate Authority,CA)申请数字证书。CA在判明申请者的身份后,便为申请者分配一个公钥,同时将分配的公钥与申请者的身份信息关联起来并签字后形成数字证书发给申请者。后续,当区块链实体接入区块链供应链平台10时,区块链供应链平台10使用CA的公钥对接入的区块链实体的数字证书上的签字进行验证,当验证通过,则数字证书被认为是有效的,允许区块链实体接入区块链供应链平台10,当验证失败,则数字证书被认为是无效的,拒绝区块链实体接入区块链供应链平台10。所述数字证书的内容包括:电子签证机关的信息、公钥用户信息、公钥、签字和有效期等等。Before accessing the blockchain supply chain platform 10, the blockchain entity first applies for a digital certificate from a certificate authority (CA). After the CA determines the identity of the applicant, it assigns a public key to the applicant, and at the same time associates the distributed public key with the applicant's identity information and signs it to form a digital certificate and send it to the applicant. Subsequently, when the blockchain entity is connected to the blockchain supply chain platform 10, the blockchain supply chain platform 10 uses the public key of the CA to verify the signature on the digital certificate of the connected blockchain entity, and when the verification passes , The digital certificate is considered valid and the blockchain entity is allowed to access the blockchain supply chain platform 10. When the verification fails, the digital certificate is considered invalid and the blockchain entity is denied access to the blockchain supply chain Platform 10. The content of the digital certificate includes: information of the electronic visa authority, public key user information, public key, signature, validity period, and so on.
在一些实施例中,核心企业节点设备11,用于向监管机构节点设备14申请多个签名参数及生成随机数;利用Pedersen承诺对核心企业承诺给一级供应商的应付款进行加密得到机密交易;利用Bulletproof范围证明基于所述多个签名参数及所述随机数计算证明参数;对所述机密交易及所述证明参数进行签名并将签名后的交易数据上传至区块链供应链平台10。In some embodiments, the core enterprise node device 11 is used to apply to the regulatory agency node device 14 for multiple signature parameters and generate random numbers; Pedersen promises to encrypt the payables promised by the core enterprise to the first-tier suppliers to obtain confidential transactions Use Bulletproof range proof to calculate proof parameters based on the multiple signature parameters and the random number; sign the confidential transaction and the proof parameters and upload the signed transaction data to the blockchain supply chain platform 10.
核心企业购买一级供应商的产品并承诺应付款,一级供应商可基于所述应付款的一部分购买二级供应商的产品,二级供应商可以进一步将一级供应商承诺的应付款拆分后购买其他二级供应商的产品,以此类推。保理商可以购买一级供应商、二级供应商持有的应付款。银行可以基于供应商的应付款提供贷款。The core enterprise purchases the products of the first-tier supplier and promises to pay, the first-tier supplier can purchase the products of the second-tier supplier based on a part of the said payables, and the second-tier supplier can further split the payables promised by the first-tier supplier Purchase products from other second-tier suppliers after distribution, and so on. Factors can purchase payables held by primary and secondary suppliers. The bank can provide loans based on the supplier's payables.
为了避免交易隐私被泄露,核心企业购买一级供应商的产品并承诺应付款之后,核心企业通过核心企业节点设备11对所述应付款进行加密得到机密交易,确保了核心企业与一级供应商之间的交易隐私。In order to avoid the disclosure of transaction privacy, after the core company purchases the products of the first-tier supplier and promises to pay, the core company encrypts the payables through the core company node device 11 to obtain confidential transactions, ensuring that the core company and the first-tier supplier Privacy of transactions between.
核心企业在进行交易数据范围证明之前,可以预先向监管机构节点设备申请第一签 名参数ρ、第二签名参数s L及第三签名参数s RThe core enterprise may apply for the first signature parameter ρ, the second signature parameter s L, and the third signature parameter s R from the node device of the regulatory agency before proceeding with the proof of the transaction data range.
由于签名参数与交易数据证明值无关,所以可以提前申请多个签名参数并保存在本地,最后离线使用这些签名参数并生成证明参数。所述签名参数是指通过监管机构节点设备选取的多个候选参数,并对多个候选参数进行签名后得到的参数;或者,通过监管机构节点设备选取的多个候选参数,并基于多个候选参数计算证明参数,对证明参数签名并保存签名,此时与签名对应的候选参数作为签名参数。Since the signature parameters have nothing to do with the transaction data proof value, you can apply for multiple signature parameters in advance and save them locally, and finally use these signature parameters offline and generate proof parameters. The signature parameter refers to a plurality of candidate parameters selected by a regulatory agency node device, and parameters obtained after signing the multiple candidate parameters; or, a plurality of candidate parameters selected by a regulatory agency node device based on multiple candidate parameters The parameter calculates the proof parameter, signs the proof parameter and saves the signature. At this time, the candidate parameter corresponding to the signature is used as the signature parameter.
在一个可选的实施例中,所述核心企业节点设备11可以基于所述交易数据计算得到第一计算数及第二计算数,并生成第一随机数及第二随机数。In an optional embodiment, the core enterprise node device 11 may calculate the first calculation number and the second calculation number based on the transaction data, and generate the first random number and the second random number.
核心企业节点设备可以预先使用随机数生成算法生成随机数。例如,生成第一随机数r,第二随机数α。The core enterprise node device may use a random number generation algorithm to generate random numbers in advance. For example, a first random number r and a second random number α are generated.
其中,所述第二随机数α为在Z p内的一个数。所述Z p为整数模p加法群。 Wherein, the second random number α is a number within Z p. The Z p is an integer modulo p additive group.
在本发明的一个可选实施例中,所述基于所述交易数据计算得到第一计算数及第二计算数包括:In an optional embodiment of the present invention, the calculation of the first calculation number and the second calculation number based on the transaction data includes:
对所述交易数据进行二进制展开;Perform binary expansion on the transaction data;
计算展开后的交易数据中的每一个二进制数与2 n的商值得到所述第一计算数; Calculating the quotient of each binary number in the expanded transaction data and 2 n to obtain the first calculated number;
计算所述第一计算数与单位数组的差值得到所述第二计算数。The difference between the first calculation number and the unit array is calculated to obtain the second calculation number.
所述第一计算数a L为由二进制数0或者1组成的一个n维数组,且所述n维数组中的每一个数与2 n的乘积与所述交易数据中相同位置处的数据对应。 The first calculation number a L is an n-dimensional array composed of binary numbers 0 or 1, and the product of each number in the n-dimensional array and 2 n corresponds to the data at the same position in the transaction data .
示例性的,假设n维数组a L={0,1,1,…0,1,0},那么{0*2 0,1*2 1,1*2 2,…,0*2 n-2,1*2 n-1}=v,v为应付款。 Exemplarily, assuming an n-dimensional array a L = {0,1,1,...0,1,0}, then {0*2 0 , 1*2 1 , 1*2 2 ,..., 0*2 n- 2 , 1*2 n-1 }=v, where v is the payable.
在本发明的一个可选实施例中,所述第二计算数
Figure PCTCN2020077624-appb-000001
1 n为由二进制数1组成的n维数组。 In an optional embodiment of the present invention, the second calculated number
Figure PCTCN2020077624-appb-000001
1 n is an n-dimensional array composed of binary numbers 1.
示例性的,假设n维数组a L={0,1,1,…0,1,0},那么a R={-1,0,0,…-1,0,-1}。 Exemplarily, suppose an n-dimensional array a L ={0,1,1,...0,1,0}, then a R ={-1,0,0,...-1,0,-1}.
在一个可选的实施例中,所述核心企业节点设备11用于利用Pedersen承诺对核心企业承诺给一级供应商的应付款进行加密得到机密交易。In an optional embodiment, the core enterprise node device 11 is used to use Pedersen's commitment to encrypt the payables promised by the core enterprise to the primary supplier to obtain confidential transactions.
Pedersen承诺将一个交易数据隐藏进一个加密后的密文中。核心企业节点设备可以之后选择解密承诺的数值。承诺一旦发出,则核心企业节点设备无法找到另外一个数值依然具有相同的承诺计算结果。Pedersen promised to hide a transaction data in an encrypted ciphertext. The core enterprise node device can then choose to decrypt the promised value. Once the promise is issued, the core enterprise node device cannot find another value that still has the same promise calculation result.
机密交易是指使用Pedersen承诺隐藏交易数据,使得只有交易双方可以看到交易数据,而其他人看不到交易数据,同时双方无法伪造交易数据。Confidential transactions refer to the use of Pedersen promises to hide transaction data, so that only both parties to the transaction can see the transaction data, while others cannot see the transaction data, and both parties cannot forge the transaction data.
在具体实施时,利用Pedersen承诺基于所述应付款及所述第一随机数加密得到的机密交易中的UTXO=g vh r,其中,v为所述应付款,v∈[0,2 n-1],r为所述第一随机数。 In specific implementation, Pedersen promises UTXO=g v h r in the confidential transaction obtained based on the payment and the first random number encryption, where v is the payment, v∈[0, 2 n -1], r is the first random number.
第一系统参数g和第二系统参数h是离散对数的基,是一个全世界范围内公开的系统参数。The first system parameter g and the second system parameter h are the basis of discrete logarithms, and are a system parameter that is published worldwide.
所述核心企业节点设备11利用Bulletproof范围证明基于所述第一随机数、所述第二随机数及所述第一计算数计算第一证明参数。The core enterprise node device 11 uses Bulletproof range certification to calculate a first certification parameter based on the first random number, the second random number, and the first calculation number.
Bulletproof是当前最高效的范围证明算法,用于证明一个承诺的值处于[0,2 n-1]之间。 Bulletproof is the most efficient range proof algorithm currently used to prove that the value of a promise is between [0, 2 n -1].
在本发明的一个可选实施例中,所述第一证明参数
Figure PCTCN2020077624-appb-000002
其中,g、h均为公开的系统参数,α为所述第二随机数,a L为所述第一计算数,a R为所述第二计算数。 In an optional embodiment of the present invention, the first certification parameter
Figure PCTCN2020077624-appb-000002
Wherein, g and h are all public system parameters, α is the second random number, a L is the first calculation number, and a R is the second calculation number.
需要注意的是,本实施例中系统参数g、h与第一系统参数g和第二系统参数h不同。It should be noted that the system parameters g and h in this embodiment are different from the first system parameter g and the second system parameter h.
所述核心企业节点设备11利用所述Bulletproof范围证明基于所述第一签名参数、所述第二签名参数及所述第三签名参数计算第二证明参数。The core enterprise node device 11 uses the Bulletproof range proof to calculate a second proof parameter based on the first signature parameter, the second signature parameter, and the third signature parameter.
在本发明的一个可选实施例中,所述第二证明参数
Figure PCTCN2020077624-appb-000003
其中,ρ为所述第一签名参数,s L为所述第二签名参数,s R为所述第三签名参数。 In an optional embodiment of the present invention, the second certification parameter
Figure PCTCN2020077624-appb-000003
Where ρ is the first signature parameter, s L is the second signature parameter, and s R is the third signature parameter.
所述核心企业节点设备11基于所述第一计算数及所述第二签名参数计算目标证明参数。The core enterprise node device 11 calculates a target certification parameter based on the first calculation number and the second signature parameter.
具体的,所述核心企业节点设备11基于所述第一计算数及所述第二签名参数计算目标证明参数包括:Specifically, the core enterprise node device 11 calculating target certification parameters based on the first calculation number and the second signature parameter includes:
向所述监管机构节点设备14发送所述第一证明参数A和所述第二证明参数S并接收所述监管机构节点设备回复的第一公开参数z;Sending the first certification parameter A and the second certification parameter S to the regulatory agency node device 14 and receiving the first public parameter z replies from the regulatory agency node device;
利用Pedersen承诺随机计算第一承诺参数
Figure PCTCN2020077624-appb-000004
和第二承诺参数
Figure PCTCN2020077624-appb-000005
Use Pedersen commitment to randomly calculate the first commitment parameter
Figure PCTCN2020077624-appb-000004
And the second commitment parameter
Figure PCTCN2020077624-appb-000005
向所述交易数据监管方节点设备发送所述第一承诺参数和所述第二承诺参数并接收所述交易数据监管方节点设备回复的第二公开参数x;Sending the first commitment parameter and the second commitment parameter to the transaction data supervisor node device and receiving the second public parameter x returned by the transaction data supervisor node device;
基于所述第一计算数、所述第二签名参数、所述第一公开参数和所述第二公开参数计算目标证明参数P=a L-z·1 n+s L·x,其中,z为所述第一公开参数,x为所述第二公开参数。 Based on the first calculation number, the second signature parameter, the first public parameter, and the second public parameter, the target proof parameter P=a L -z·1 n +s L ·x is calculated, where z Is the first public parameter, and x is the second public parameter.
在该可选的实施例中,核心企业节点设备向监管机构节点设备发送所述第一证明参数
Figure PCTCN2020077624-appb-000006
所述第二证明参数
Figure PCTCN2020077624-appb-000007
所述监管机构节点设备动态选择一个随机数z作为第一公开数并公开回复给核心企业节点设备,其中随机数
Figure PCTCN2020077624-appb-000008
In this optional embodiment, the core enterprise node device sends the first certification parameter to the supervisory authority node device
Figure PCTCN2020077624-appb-000006
The second proof parameter
Figure PCTCN2020077624-appb-000007
The node device of the regulatory agency dynamically selects a random number z as the first public number and publicly responds to the node device of the core enterprise, where the random number
Figure PCTCN2020077624-appb-000008
核心企业节点设备11生成第五随机数τ 1和第六随机数τ 2,第五随机数τ 1和第六随机数τ 2均为在Z p内的一个数。 The core enterprise node device 11 generates a fifth random number τ 1 and a sixth random number τ 2 , and the fifth random number τ 1 and the sixth random number τ 2 are both numbers within Z p .
核心企业节点设备11可以利用Pedersen承诺基于所述第五随机数、第一系统参数g和第二系统参数h计算第一承诺
Figure PCTCN2020077624-appb-000009
利用Pedersen承诺基于所述第六随机数、第一系统参数g和第二系统参数h计算第二承诺
Figure PCTCN2020077624-appb-000010
The core enterprise node device 11 may use the Pedersen commitment to calculate the first commitment based on the fifth random number, the first system parameter g, and the second system parameter h
Figure PCTCN2020077624-appb-000009
Use the Pedersen promise to calculate the second promise based on the sixth random number, the first system parameter g, and the second system parameter h
Figure PCTCN2020077624-appb-000010
核心企业节点设备11将第一承诺和第二承诺发送给监管机构节点设备14。所述监管机构节点设备14动态选择一个随机数x作为第二公开数并公开回复给核心企业节点设备,其中随机数
Figure PCTCN2020077624-appb-000011
The core enterprise node device 11 sends the first promise and the second promise to the supervisory authority node device 14. The regulatory agency node device 14 dynamically selects a random number x as the second public number and publicly responds to the core enterprise node device, where the random number
Figure PCTCN2020077624-appb-000011
核心企业节点设备11发送所述机密交易、所述第一证明参数、所述第二证明参数及所述目标证明参数至所述监管机构节点设备14,使得所述监管机构节点设备14基于所述目标证明参数、第一公开参数及第二公开参数确定所述机密交易中的应付款,从而实现对所述应付款的监管。The core enterprise node device 11 sends the confidential transaction, the first certification parameter, the second certification parameter, and the target certification parameter to the regulatory agency node device 14, so that the regulatory agency node device 14 is based on the The target proof parameter, the first public parameter, and the second public parameter determine the payable in the confidential transaction, so as to realize the supervision of the payable.
在一些实施例中,一级供应商节点设备12用于利用所述区块链供应链平台10接收所述交易数据并解密后输出给所述一级供应商。In some embodiments, the primary supplier node device 12 is configured to use the blockchain supply chain platform 10 to receive the transaction data, decrypt it, and output it to the primary supplier.
一级供应商作为核心企业应付款的接收方,通过一级供应商节点设备12接收核心企业节点设备11发送的验证参数。核心企业可以通过密钥协商等方式告知一级供应商应付款及第一随机数r。The first-level supplier, as the recipient of the payable by the core enterprise, receives the verification parameters sent by the core enterprise node device 11 through the first-level supplier node device 12. The core enterprise can inform the primary supplier of the payment and the first random number r through key agreement and other methods.
在一个可选的实施例中,所述一级供应商节点设备12,还用于将所述交易数据中的UTXO拆分为第一UTXO和第二UTXO,基于所述第一UTXO和第二UTXO与其他区块链实体节点设备进行交易。In an optional embodiment, the first-level supplier node device 12 is also used to split the UTXO in the transaction data into a first UTXO and a second UTXO, based on the first UTXO and the second UTXO. UTXO conducts transactions with other blockchain entity node devices.
所述一级供应商节点设备12将交易数据发送给所述区块链供应链平台10进行存储。The primary supplier node device 12 sends the transaction data to the blockchain supply chain platform 10 for storage.
在该可选的实施例中,所述第一UTXO中的金额和第二UTXO中的金额之和等于所述UTXO中的金额。In this optional embodiment, the sum of the amount in the first UTXO and the amount in the second UTXO is equal to the amount in the UTXO.
一级供应商可以将交易数据中的UTXO拆分后交易给二级供应商、保理商或者通过银行进行抵押贷款。二级供应商、保理商或者银行接收到拆分后的UTXO可以进一步进行拆分并交易。一旦拆分后的UTXO被使用后,原来的UTXO就不再可用,但是关于原来的UTXO的交易数据依旧会记录在区块链供应链平台上,供溯源和查询。The primary supplier can split the UTXO in the transaction data and trade it to secondary suppliers, factoring companies, or mortgage loans through banks. The secondary supplier, factor or bank can further split and trade the UTXO after receiving the split. Once the split UTXO is used, the original UTXO is no longer available, but the transaction data about the original UTXO will still be recorded on the blockchain supply chain platform for traceability and inquiries.
在一个可选的实施例中,所述一级供应商节点设备12,还用于基于Bulletproof对所述第一UTXO和第二UTXO进行范围证明。In an optional embodiment, the first-tier supplier node device 12 is also used to perform range certification on the first UTXO and the second UTXO based on Bulletproof.
在该可选的实施例中,当一笔UTXO0拆分成UTXO1和UTXO2时,可以使用加法同态性,得到UTXO0=UTXO1+UTXO2,并且可以使用Bulletproof算法证明拆分后的UTXO1和UTXO2中的金额均为合法值,即UTXO中的金额为一定范围内的正数。In this optional embodiment, when a sum of UTXO0 is split into UTXO1 and UTXO2, additive homomorphism can be used to obtain UTXO0=UTXO1+UTXO2, and the Bulletproof algorithm can be used to prove that the split UTXO1 and UTXO2 The amount is a legal value, that is, the amount in UTXO is a positive number within a certain range.
示例性的,假设
Figure PCTCN2020077624-appb-000012
该UTXO的持有者可以将其拆分为UTXO 1和UTXO 2。使用加法同态性得到:
Figure PCTCN2020077624-appb-000013
由此可见,x 0=x 1+x 2,如此保证了两笔UTXO中的金额之和等于原UTXO所隐藏的金额。于此同时,使用Bulletproof算法生成范围证明,用于证明UTXO 1和UTXO 2中的金额在合理范围内。举例来说,金额的范围可以设置为[0,2^32-1]。关于Bulletproof算法生成范围证明的过程,为现有技术,本发明不再详细赘述。 Exemplary, assuming
Figure PCTCN2020077624-appb-000012
The holder of the UTXO can split it into UTXO 1 and UTXO 2 . Use additive homomorphism to get:
Figure PCTCN2020077624-appb-000013
It can be seen that x 0 = x 1 + x 2 , which ensures that the sum of the amounts in the two UTXOs is equal to the amount hidden by the original UTXOs. At the same time, the Bulletproof algorithm is used to generate a range proof, which is used to prove that the amount in UTXO 1 and UTXO 2 is within a reasonable range. For example, the range of the amount can be set to [0, 2^32-1]. The process of generating range proof by the Bulletproof algorithm is the prior art, and the present invention will not go into details.
需要说明的是,上述实施例中以将UTXO拆分为两个子UTXO为例进行了说明,实际上一级供应商节点设备也可以将UTXO拆分成3份或者更多份,以更灵活的与二级供应商进行交易。It should be noted that in the above embodiment, the splitting of UTXO into two sub-UTXOs is taken as an example. In fact, the first-tier supplier node device can also split UTXO into 3 or more parts for more flexibility. Deal with secondary suppliers.
需要说明的是,本实施例中,一级供应商节点设备在将UTXO拆分为多个子UTXO时,还可以基于子UTXO发起可监管机密交易,与核心企业节点设备发起可监管机密交易的方法相同,一级供应商节点设备也需要先向监管机构节点设备先申请第一签名参数、第二签名参数及第三签名参数,然后按照前述核心企业节点设备发起可监管机密交易的方法发起可监管机密交易,同样的,其它的供应商节点设备(包括一级、二级、三级甚至更低级的供应商节点设备)在获取到UTXO后同样能按照前述方法发起可监管机密交易,这样整个系统中的机密交易都处于监管机构节点设备的监管之下。It should be noted that, in this embodiment, when the first-level supplier node device splits the UTXO into multiple sub-UTXOs, it can also initiate a supervisable confidential transaction based on the sub-UTXO, and initiate a supervisable confidential transaction with the core enterprise node device Similarly, the first-tier supplier node device also needs to first apply for the first signature parameter, the second signature parameter, and the third signature parameter from the regulatory agency node device, and then initiate a supervisable secret transaction according to the method of the core enterprise node device to initiate a supervisable secret transaction. Confidential transactions. Similarly, other supplier node devices (including primary, secondary, tertiary or even lower-level supplier node devices) can also initiate supervisable confidential transactions according to the aforementioned method after obtaining UTXO, so that the entire system Confidential transactions in are all under the supervision of the node device of the regulatory agency.
在一个可选的实施例中,所述一级供应商节点设备12或者所述其他区块链实体节点设备13,还用于当所述应付款到期后,向所述核心企业节点设备兑付应付款,响应于所述应付款兑付成功,将持有的UTXO进行无效化签名或者返还给所述核心企业节点设备。In an optional embodiment, the first-level supplier node device 12 or the other blockchain entity node device 13 is also used to pay the core enterprise node device when the payable is due The payable, in response to the successful redemption of the payable, invalidate the UTXO held or return it to the core enterprise node device.
所述UTXO中标记了应付款的到期时间戳。The due time stamp of the payment is marked in the UTXO.
当持有UTXO的区块链实体(例如,一级供应商、二级供应商、保理商、银行等)通过各自的节点设备确定应付款到期后,可以通过所述区块链供应链平台10上记录的交易数据向所述核心企业节点设备11兑付应付款。When the blockchain entities holding UTXOs (for example, primary suppliers, secondary suppliers, factoring companies, banks, etc.) determine through their respective node devices that the payables are due, they can use the blockchain supply chain The transaction data recorded on the platform 10 redeem the payables to the core enterprise node device 11.
核心企业通过核心企业节点设备11接收到兑付应付款的信息时,确认应付款是否到期。在确认应付款到期后,兑付债款。收到债款后的区块链实体进行签名,表示已经收到了债款。持有UTXO的区块链实体在收到债款的同时或者之后,将自身所持有的UTXO无效化签名或者返还给核心企业,形成完整的交易数据记录在区块链供应链平台10上。When the core enterprise receives the information of redemption of the payable through the core enterprise node device 11, it confirms whether the payable is due. After confirming that the due payment is due, the debt is redeemed. After receiving the debt, the blockchain entity signs, indicating that the debt has been received. When or after receiving the debt, the blockchain entity holding the UTXO invalidates the UTXO signature or returns it to the core enterprise to form a complete transaction data record on the blockchain supply chain platform 10.
所述监管机构节点设备14,用于在接收到所述核心企业节点设备的签名参数申请时,发送多个签名参数。The regulatory agency node device 14 is configured to send multiple signature parameters when receiving a signature parameter application from the core enterprise node device.
在一个可选的实施例中,所述监管机构节点设备在接收到所述核心企业节点设备的签名参数申请时,发送多个签名参数包括:In an optional embodiment, when the supervisory authority node device receives the signature parameter application of the core enterprise node device, sending multiple signature parameters includes:
生成第一候选参数、第二候选参数及第三候选参数;对所述第一候选参数进行签名得到第一签名参数,对所述第二候选参数进行签名得到第二签名参数及对所述第三候选参数进行签名得到第三签名参数;在接收到所述核心企业节点设备的签名参数申请时,发送所述第一签名参数、所述第二签名参数及所述第三签名参数。Generate a first candidate parameter, a second candidate parameter, and a third candidate parameter; sign the first candidate parameter to obtain a first signature parameter, sign the second candidate parameter to obtain a second signature parameter, and perform a signature on the first candidate parameter; The three candidate parameters are signed to obtain the third signature parameter; upon receiving the signature parameter application of the core enterprise node device, the first signature parameter, the second signature parameter, and the third signature parameter are sent.
在该可选的实施例中,监管机构节点设备分别对第一候选参数、第二候选参数及第三候选参数进行签名,发送第一候选参数、第二候选参数及第三候选参数及各自的签名给核心企业节点设备。In this optional embodiment, the regulatory agency node device respectively signs the first candidate parameter, the second candidate parameter, and the third candidate parameter, and sends the first candidate parameter, the second candidate parameter, and the third candidate parameter and their respective Sign to the core enterprise node device.
在一个替代的实施例中,所述监管机构节点设备在接收到所述核心企业节点设备的 签名参数申请时,发送多个签名参数包括:In an alternative embodiment, when the supervisory authority node device receives the signature parameter application of the core enterprise node device, sending multiple signature parameters includes:
生成第一候选参数、第二候选参数及第三候选参数;利用Bulletproof范围证明基于所述第一候选参数、所述第二候选参数及所述第三候选参数计算第二证明参数;使用私钥对所述第二证明参数进行签名并保存所述签名及对应的所述第一候选参数、所述第二候选参数及所述第三候选参数;当接收到核心企业节点设备的签名参数请求时,将所述第一候选参数作为第一签名参数、所述第二候选参数作为所述第二签名参数及所述第三候选参数作为所述第三签名参数发送给所述核心企业节点设备,并将所述第二证明参数的签名一并发送给所述核心企业节点设备。Generate the first candidate parameter, the second candidate parameter and the third candidate parameter; use the Bulletproof range to prove the calculation of the second proof parameter based on the first candidate parameter, the second candidate parameter and the third candidate parameter; use the private key Sign the second certification parameter and save the signature and the corresponding first candidate parameter, the second candidate parameter, and the third candidate parameter; when a signature parameter request from the core enterprise node device is received Sending the first candidate parameter as the first signature parameter, the second candidate parameter as the second signature parameter, and the third candidate parameter as the third signature parameter to the core enterprise node device, And send the signature of the second certification parameter to the core enterprise node device.
在该可选的实施例中,监管机构节点设备将第二证明参数
Figure PCTCN2020077624-appb-000014
的签名及多个签名参数发送给核心企业节点设备,核心企业节点设备验证第二证明参数的签名即可确定上述三个签名参数的真实性。由于仅需对第二证明参数进行签名,无需对第一候选参数、第二候选参数及第三候选参数进行签名,减少了签名次数;且将未签名的多个候选参数作为多个签名参数发送给核心企业节点设备,减少了信息的传输量,提高了签名参数的发送效率。 In this optional embodiment, the regulatory agency node device sets the second certification parameter
Figure PCTCN2020077624-appb-000014
The signature of and multiple signature parameters are sent to the core enterprise node device, and the core enterprise node device verifies the signature of the second certification parameter to determine the authenticity of the three signature parameters. Since only the second proof parameter needs to be signed, there is no need to sign the first candidate parameter, the second candidate parameter, and the third candidate parameter, which reduces the number of signatures; and sends multiple unsigned candidate parameters as multiple signature parameters For core enterprise node devices, the amount of information transmission is reduced, and the efficiency of sending signature parameters is improved.
其中,所述第一签名参数ρ、所述第二签名参数s L及所述第三签名参数s R均为Z p范围内的数。这些签名参数都是动态生成的一次性随机数。 Wherein, the first signature parameter p, the second signature parameter s L, and the third signature parameter s R are all numbers within the range of Z p. These signature parameters are all dynamically generated one-time random numbers.
所述监管机构节点设备14利用Bulletproof范围证明基于所述第一签名参数、所述第二签名参数及所述第三签名参数计算证明参数。The supervisory authority node device 14 uses Bulletproof range proof to calculate proof parameters based on the first signature parameter, the second signature parameter, and the third signature parameter.
在本发明的一个可选实施例中,所述第二证明参数
Figure PCTCN2020077624-appb-000015
其中,h是离散对数的基,是一个全世界范围内公开的系统参数,g、h均为公开的系统参数,ρ为所述第一签名参数,s L为所述第二签名参数,s R为所述第三签名参数。 In an optional embodiment of the present invention, the second certification parameter
Figure PCTCN2020077624-appb-000015
Among them, h is the base of discrete logarithm, which is a system parameter publicly disclosed worldwide, g and h are public system parameters, ρ is the first signature parameter, and s L is the second signature parameter. s R is the third signature parameter.
所述监管机构节点设备14使用私钥对所述证明参数进行签名并保存所述签名及对应的所述第一签名参数、所述第二签名参数及所述第三签名参数。The supervisory authority node device 14 uses a private key to sign the certification parameter and saves the signature and the corresponding first signature parameter, the second signature parameter, and the third signature parameter.
监管机构节点设备14使用数字签名技术对证明参数进行签名。数字签名技术是基于非对称加密算法和信息摘要算法实现的对于消息来源及完整性的认证,同时是签名者不可抵赖的保证。在一个数字签名系统中有两个角色,一个是消息的签名者,一个是消息的认证者。消息的签名者根据自己的私钥可以对一条消息的信息摘要进行签名,消息的认证者根据自己的公钥对一条消息的信息摘要进行验证。如果验证通过则可证明该消息的来源是消息的签名者,消息的信息摘要相同且签名者不可抵赖。The regulatory agency node device 14 uses digital signature technology to sign the certification parameters. Digital signature technology is based on asymmetric encryption algorithm and message digest algorithm to achieve the authentication of the source and integrity of the message, and at the same time, it is a guarantee that the signer cannot deny. There are two roles in a digital signature system, one is the signer of the message and the other is the authenticator of the message. The signer of the message can sign the information digest of a message according to his private key, and the authenticator of the message verifies the information digest of a message according to his public key. If the verification is passed, it can be proved that the source of the message is the signer of the message, the information digest of the message is the same and the signer cannot deny it.
所述监管机构节点设备14,还用于当接收到核心企业节点设备的签名参数请求时,向所述核心企业节点设备发送所述第一签名参数、所述第二签名参数及所述第三签名参数。The supervisory authority node device 14 is further configured to send the first signature parameter, the second signature parameter, and the third signature parameter to the core enterprise node device when a signature parameter request from the core enterprise node device is received. Signature parameters.
交易数据发送方在进行交易数据范围证明之前,通过核心企业节点设备向监管机构节点设备申请签名参数,监管机构节点设备将签名过的证明参数对应的第一签名参数、所述第二签名参数及所述第三签名参数发送给监管机构节点设备。Before the transaction data sender performs the transaction data range certification, it applies to the regulatory agency node device for signature parameters through the core enterprise node device, and the regulatory agency node device sends the signed certification parameters to the first signature parameter, the second signature parameter, and The third signature parameter is sent to the supervisory authority node device.
在本发明的一个可选实施例中,所述监管机构节点设备14,还用于当接收到所述核心企业节点设备发送的所述第一证明参数和所述第二证明参数时,回复第一公开参数。In an optional embodiment of the present invention, the supervisory authority node device 14 is further configured to reply to the first certification parameter and the second certification parameter sent by the core enterprise node device. One public parameter.
在该可选的实施例中,核心企业节点设备向监管机构节点设备发送第一证明参数
Figure PCTCN2020077624-appb-000016
和第二证明参数
Figure PCTCN2020077624-appb-000017
所述监管机构节点设备动态选择一个随机数z作为第一公开数并公开回复给核心企业节点设备,其中随机数
Figure PCTCN2020077624-appb-000018
In this optional embodiment, the core enterprise node device sends the first certification parameter to the supervisory authority node device
Figure PCTCN2020077624-appb-000016
And the second proof parameter
Figure PCTCN2020077624-appb-000017
The node device of the regulatory agency dynamically selects a random number z as the first public number and publicly responds to the node device of the core enterprise, where the random number
Figure PCTCN2020077624-appb-000018
在本发明的一个可选实施例中,所述监管机构节点设备14,还用于当接收到所述核心企业节点设备发送的第一承诺参数和第二承诺参数时,回复第二公开参数。In an optional embodiment of the present invention, the regulatory agency node device 14 is further configured to reply to the second public parameter when the first commitment parameter and the second commitment parameter sent by the core enterprise node device are received.
在该可选的实施例中,核心企业节点设备将第一承诺和第二承诺发送给监管机构节点设备。所述监管机构节点设备动态选择一个随机数x作为第二公开数并公开回复给核 心企业节点设备,其中随机数
Figure PCTCN2020077624-appb-000019
In this optional embodiment, the core enterprise node device sends the first promise and the second promise to the supervisory authority node device. The regulatory agency node device dynamically selects a random number x as the second public number and publicly responds to the core enterprise node device, where the random number
Figure PCTCN2020077624-appb-000019
由此可见,随机数y是所述监管机构节点设备14在接收到核心企业节点设备发送的第一证明参数和第二证明参数时动态并随机产生的一次性随机数,随机数x是所述监管机构节点设备14在接收到第一承诺参数和第二承诺参数时动态并随机产生的一次性随机数。It can be seen that the random number y is a one-time random number dynamically and randomly generated when the regulatory agency node device 14 receives the first certification parameter and the second certification parameter sent by the core enterprise node device, and the random number x is the A one-time random number dynamically and randomly generated when the regulatory agency node device 14 receives the first commitment parameter and the second commitment parameter.
所述监管机构节点设备14,还用于从所述区块链供应链平台上获取所述交易数据;获取所述交易数据中的机密交易及证明参数,并基于所述证明参数确定所述机密交易中的应付款以实现所述应付款的监管。The regulatory agency node device 14 is also used to obtain the transaction data from the blockchain supply chain platform; obtain confidential transactions and certification parameters in the transaction data, and determine the confidentiality based on the certification parameters Payables in the transaction to achieve the supervision of said payables.
在本发明的一个可选实施例中,所述监管机构节点设备14基于所述证明参数确定所述机密交易中的应付款以实现所述应付款的监管包括:In an optional embodiment of the present invention, the supervisory authority node device 14 determining the payable in the confidential transaction based on the certification parameter to implement the supervision of the payable includes:
将所述第一公开参数、所述第二公开参数及所述第二签名参数带入所述目标证明参数中,计算得到目标随机数;Bring the first public parameter, the second public parameter, and the second signature parameter into the target certification parameter, and calculate a target random number;
根据所述目标随机数计算出所述机密交易中的交易数据;Calculating transaction data in the confidential transaction according to the target random number;
其中,所述目标随机数为由0或者1组成的n维数组,且所述n维数组中的每一个数与2 n的乘积与所述应付款中相同位置处的数据对应。 Wherein, the target random number is an n-dimensional array composed of 0 or 1, and the product of each number in the n-dimensional array and 2n corresponds to the data at the same position in the payable.
在该可选的实施例中,监管机构节点设备根据证明中的签名及证明中的参数P即可推算出证明中的交易数据v。由于a L是交易数据v的二进制形式,P,x,z均为公开值,因而监管机构节点设备可以根据所拥有的随机数s L的值计算出a L的值,进而推算出应付款v。 In this optional embodiment, the supervisory authority node device can calculate the transaction data v in the certificate according to the signature in the certificate and the parameter P in the certificate. Since a L is the binary form of transaction data v, P, x, and z are all public values, so the regulator node device can calculate the value of a L according to the value of the random number s L possessed, and then calculate the payable v .
本实施例,通过监管机构节点设备选取多个签名参数并计算出证明参数,对计算得到的证明参数进行签名后即可将签名后的多个签名参数发给核心企业节点设备,使得核心企业节点设备根据多个签名参数计算证明参数。由于监管机构节点设备与核心企业节点设备均使用相同的多个签名参数计算得到相同的证明参数,因而在区块链网络上进行机密交易扭转时,监管机构节点设备便能够监管到核心企业节点设备的证明参数,从而实现了机密交易的监管。In this embodiment, multiple signature parameters are selected by the regulatory agency node device and the certification parameters are calculated. After signing the calculated certification parameters, the signed multiple signature parameters can be sent to the core enterprise node device, so that the core enterprise node The device calculates the certification parameters based on multiple signature parameters. Since the supervisory authority node equipment and the core enterprise node equipment use the same multiple signature parameters to calculate the same proof parameters, when the confidential transaction is reversed on the blockchain network, the supervisory authority node equipment can supervise the core enterprise node equipment Proof parameters, thus realizing the supervision of confidential transactions.
所述区块链供应链平台10,用于存储所述交易数据;验证所述交易数据的正确性及所述监管机构节点设备签名的合法性。The blockchain supply chain platform 10 is used to store the transaction data; verify the correctness of the transaction data and the legitimacy of the signature of the regulatory agency node device.
需要说明的是,所述区块链供应链交易隐藏动态监管系统1中的区块链供应链平台10、核心企业节点设备11、一级供应商节点设备12、所述监管机构节点设备14必须存在的,所述其他区块链实体节点设备13可选的存在。即,二级供应商节点设备、银行节点设备、保理商节点设备可选的存在于所述区块链供应链交易隐藏动态监管系统1中。It should be noted that the blockchain supply chain platform 10, the core enterprise node equipment 11, the first-tier supplier node equipment 12, and the regulatory agency node equipment 14 in the blockchain supply chain transaction hidden dynamic supervision system 1 must If it exists, the other blockchain entity node device 13 optionally exists. That is, the secondary supplier node equipment, bank node equipment, and factor node equipment may optionally exist in the blockchain supply chain transaction hidden dynamic supervision system 1.
允许监管机构动态监管,不需要对每笔交易进行审核,通过预先分发的一次性随机数进行监管,具有完美前向安全的特性。Allows regulatory agencies to dynamically supervise, do not need to review every transaction, and supervise by pre-distributed one-time random numbers, with perfect forward security characteristics.
实施例二Example two
如图2所示,为本发明实施例的区块链供应链交易隐藏动态监管系统的另一架构示意图。As shown in FIG. 2, it is a schematic diagram of another architecture of the blockchain supply chain transaction hiding dynamic supervision system according to an embodiment of the present invention.
区块链供应链交易隐藏动态监管系统1除了包括图1中所述的区块链供应链平台10、核心企业节点设备11、一级供应商节点设备12、其他区块链实体节点设备13、监管机构节点设备14,还可以包括至少一个风险评估机构节点设备15。The blockchain supply chain transaction hidden dynamic supervision system 1 includes the blockchain supply chain platform 10, core enterprise node equipment 11, first-tier supplier node equipment 12, and other blockchain entity node equipment 13, which are described in Figure 1. The regulatory agency node device 14 may also include at least one risk assessment agency node device 15.
其中,所述至少一个风险评估机构节点设备15,用于读取所述区块链供应链平台10上存储的交易数据,使用预先训练好的风险评估模型对所述交易数据进行风险评估,并将风险评估结果发送给所述其他区块链实体节点设备13。Wherein, the at least one risk assessment agency node device 15 is used to read transaction data stored on the blockchain supply chain platform 10, use a pre-trained risk assessment model to perform risk assessment on the transaction data, and The risk assessment result is sent to the other blockchain entity node device 13.
至少一个风险评估机构节点设备15可以事先获取所述区块链供应链平台10上记录的历史交易数据,并基于历史交易数据训练风险评估模型,来评估每笔交易数据中的应 付款的价值。At least one risk assessment agency node device 15 can obtain the historical transaction data recorded on the blockchain supply chain platform 10 in advance, and train a risk assessment model based on the historical transaction data to evaluate the value of the payment in each transaction data.
至少一个风险评估机构节点设备15读取到所述区块链供应链平台10上新记录的交易数据时,使用风险评估模型来评估新记录的交易数据中的应付款的价值,并将风险评估结果发送给交易数据对应的UTXO(即核心企业的应付款)的潜在购买者。所述潜在购买者可以包括,但不限于二级供应商,保理商,银行等。When at least one risk assessment agency node device 15 reads the newly recorded transaction data on the blockchain supply chain platform 10, it uses a risk assessment model to evaluate the value of the payable in the newly recorded transaction data, and evaluate the risk The result is sent to potential purchasers of UTXO (that is, the payable of the core enterprise) corresponding to the transaction data. The potential purchasers may include, but are not limited to, secondary suppliers, factoring companies, banks, etc.
二级供应商,保理商,银行等获取了风险评估结果后,可以选择与UTXO的持有者进行交易,并最终完成应付款的兑付过程。After secondary suppliers, factoring companies, banks, etc. obtain the risk assessment results, they can choose to trade with UTXO holders and finally complete the payment process of the payables.
在一些实施例中,所述区块链供应链平台10,可以是基于任何UTXO模型的区块链系统以及支持UTXO账户模型的区块链系统。In some embodiments, the blockchain supply chain platform 10 may be a blockchain system based on any UTXO model and a blockchain system supporting the UTXO account model.
在一些实施例中,所述区块链供应链系统1还可以包括:数据解密模块,UTXO金额范围证明模块,区块链钱包,轻量钱包,统计分析工具,实体列表等。In some embodiments, the blockchain supply chain system 1 may further include: a data decryption module, a UTXO amount range certification module, a blockchain wallet, a lightweight wallet, a statistical analysis tool, an entity list, etc.
需要说明的是,所有区块链实体的交易上链之前,需要提前获取监管机构动态选取的一次性签名参数及基于随机数计算的证明参数并签名,区块链实体基于一次性签名参数生成Bulletproof证明,具有前向安全的特性。区块链供应链平台除了验证交易数据的正确性以外,还要验证监管机构签名的合法性。由于签名参数是由监管机构动态生成的一次性数,当监管机构的密钥泄露,不会导致大范围的交易数据泄露。It should be noted that before transactions of all blockchain entities are put on the chain, one-time signature parameters dynamically selected by the regulatory agency and proof parameters based on random number calculations need to be obtained and signed in advance, and the blockchain entity generates Bulletproof based on the one-time signature parameters. Prove that it has the characteristics of forward security. In addition to verifying the correctness of transaction data, the blockchain supply chain platform also verifies the legitimacy of the signature of the regulatory agency. Since the signature parameter is a one-time number dynamically generated by the regulatory agency, when the regulatory agency's key is leaked, it will not cause a wide range of transaction data to be leaked.
本实施例所述的区块链供应链隐私交易动态监管系统,通过引入Pedersen承诺和Bulletproof范围证明的概念,将核心企业的明文应付款加密成机密交易并上链,只有交易双方能够解密交易数据中的金额,保护了交易隐私不被泄露,保障了区块链实体商业机密。而监管机构在获取到机密交易和Bulletproof范围证明后,通过Bulletproof范围证明对机密交易进行监管。The blockchain supply chain privacy transaction dynamic supervision system described in this embodiment introduces the concepts of Pedersen commitment and Bulletproof scope proof, encrypts the plaintext payables of core enterprises into confidential transactions and uploads them to the chain. Only both parties to the transaction can decrypt the transaction data The amount in the transaction privacy is protected from being leaked, and the business secrets of the blockchain entity are protected. After obtaining the confidential transaction and Bulletproof scope certificate, the supervisory authority will supervise the confidential transaction through the Bulletproof scope certificate.
实施例三Example three
参阅图3所示,为本发明实施例揭露的区块链供应链交易隐藏动态监管方法的流程示意图。Refer to FIG. 3, which is a schematic flowchart of a method for dynamic supervision of transaction hiding in a blockchain supply chain disclosed in an embodiment of the present invention.
所述区块链供应链交易隐藏动态监管方法,应用于区块链供应链网络中,所述区块链供应链交易隐藏动态监管方法具体包括以下步骤,根据不同的需求,该流程图中步骤的顺序可以改变,某些步骤可以省略。The block chain supply chain transaction concealment dynamic supervision method is applied to a block chain supply chain network. The block chain supply chain transaction concealment dynamic supervision method specifically includes the following steps. According to different needs, the steps in the flowchart The order can be changed, and some steps can be omitted.
S31,当所述监管机构节点设备接收到核心企业节点设备的签名参数请求时,向所述核心企业节点设备发送第一签名参数、第二签名参数及第三签名参数。S31: When the supervisory authority node device receives the signature parameter request of the core enterprise node device, it sends the first signature parameter, the second signature parameter, and the third signature parameter to the core enterprise node device.
在一个可选的实施例中,,所述监管机构节点设备接收到核心企业节点设备的签名参数请求时,向所述核心企业节点设备发送第一签名参数、第二签名参数及第三签名参数包括:In an optional embodiment, when the supervisory authority node device receives the signature parameter request of the core enterprise node device, it sends the first signature parameter, the second signature parameter, and the third signature parameter to the core enterprise node device. include:
生成第一候选参数、第二候选参数及第三候选参数;对所述第一候选参数进行签名得到第一签名参数,对所述第二候选参数进行签名得到第二签名参数及对所述第三候选参数进行签名得到第三签名参数;在接收到所述核心企业节点设备的签名参数申请时,发送所述第一签名参数、所述第二签名参数及所述第三签名参数。Generate a first candidate parameter, a second candidate parameter, and a third candidate parameter; sign the first candidate parameter to obtain a first signature parameter, sign the second candidate parameter to obtain a second signature parameter, and perform a signature on the first candidate parameter; The three candidate parameters are signed to obtain the third signature parameter; upon receiving the signature parameter application of the core enterprise node device, the first signature parameter, the second signature parameter, and the third signature parameter are sent.
在一个可选的实施例中,生成第一候选参数、第二候选参数及第三候选参数;利用Bulletproof范围证明基于所述第一候选参数、所述第二候选参数及所述第三候选参数计算证明参数;使用私钥对所述证明参数进行签名并保存所述签名及对应的所述第一候选参数、所述第二候选参数及所述第三候选参数;当接收到核心企业节点设备的签名参数请求时,将所述第一候选参数作为第一签名参数、所述第二候选参数作为所述第二签名参数及所述第三候选参数作为所述第三签名参数发送给所述核心企业节点设备。In an optional embodiment, the first candidate parameter, the second candidate parameter, and the third candidate parameter are generated; the Bulletproof range proof is based on the first candidate parameter, the second candidate parameter, and the third candidate parameter Calculate the certification parameters; use the private key to sign the certification parameters and save the signature and the corresponding first candidate parameter, the second candidate parameter, and the third candidate parameter; when the core enterprise node device is received When requesting signature parameters, send the first candidate parameter as the first signature parameter, the second candidate parameter as the second signature parameter, and the third candidate parameter as the third signature parameter. Core enterprise node equipment.
S32,所述核心企业节点设备利用Pedersen承诺对核心企业承诺给一级供应商的应付款进行加密得到机密交易。S32, the core enterprise node device uses Pedersen's commitment to encrypt the payables promised by the core enterprise to the first-tier supplier to obtain confidential transactions.
S33,所述核心企业节点设备利用Bulletproof范围证明基于所述多个签名参数及生成的随机数计算证明参数。S33, the core enterprise node device uses Bulletproof range proof to calculate proof parameters based on the multiple signature parameters and the generated random numbers.
S34,所述核心企业节点设备对所述机密交易及所述证明参数进行签名并将签名后的交易数据上传至区块链供应链平台。S34. The core enterprise node device signs the confidential transaction and the certification parameters and uploads the signed transaction data to the blockchain supply chain platform.
S35,一级供应商节点设备利用所述区块链供应链平台接收所述交易数据并解密后输出给所述一级供应商。S35: The first-level supplier node device uses the blockchain supply chain platform to receive the transaction data, decrypt it, and output it to the first-level supplier.
S36,所述监管机构节点设备从所述区块链供应链平台上获取所述交易数据;获取所述交易数据中的机密交易及证明参数,并基于所述证明参数确定所述机密交易中的应付款以实现所述应付款的监管。S36. The regulatory agency node device obtains the transaction data from the blockchain supply chain platform; obtains the confidential transaction and certification parameters in the transaction data, and determines the confidential transaction in the confidential transaction based on the certification parameters. Payables to achieve the supervision of said payables.
在一个可选的实施例中,所述方法还包括:In an optional embodiment, the method further includes:
通过所述一级供应商节点设备将所述交易数据中的UTXO拆分为第一UTXO和第二UTXO,其中,所述第一UTXO中的金额和第二UTXO中的金额之和等于所述UTXO中的金额;The UTXO in the transaction data is split into a first UTXO and a second UTXO through the first-level supplier node device, wherein the sum of the amount in the first UTXO and the amount in the second UTXO is equal to the The amount in UTXO;
基于所述第一UTXO和第二UTXO与其他区块链实体节点设备进行交易;Perform transactions with other blockchain entity node devices based on the first UTXO and the second UTXO;
基于Bulletproof对所述第一UTXO和第二UTXO进行范围证明。Perform range proof on the first UTXO and the second UTXO based on Bulletproof.
在一个可选的实施例中,所述方法还包括:In an optional embodiment, the method further includes:
通过至少一个风险评估机构节点设备读取所述区块链供应链平台上存储的交易数据,使用预先训练好的风险评估模型对所述交易数据进行风险评估,并将风险评估结果发送给所述其他区块链实体节点设备。Read transaction data stored on the blockchain supply chain platform through at least one risk assessment agency node device, use a pre-trained risk assessment model to perform risk assessment on the transaction data, and send the risk assessment result to the Other blockchain entity node equipment.
关于实施例三所述的区块链供应链隐私交易动态监管方法中的各个实施例的具体过程可参见实施例一及实施例二的相应描述,本发明不再详细阐述。For the specific process of each embodiment in the method for dynamic supervision of privacy transactions in a blockchain supply chain described in the third embodiment, please refer to the corresponding descriptions in the first and second embodiments, and the present invention will not elaborate on it.
需要说明的是,所有区块链实体的交易上链之前,需要提前获取监管机构动态生成的一次性签名参数及基于随机数计算的证明参数并签名,区块链实体基于一次性签名参数生成Bulletproof证明,具有前向安全的特性。区块链供应链平台除了验证交易数据的正确性以外,还要验证监管机构签名的合法性。由于签名参数是由监管机构动态生成的一次性数,当监管机构的密钥泄露,不会导致大范围的交易数据泄露。It should be noted that before transactions of all blockchain entities are put on the chain, they need to obtain and sign in advance the one-time signature parameters dynamically generated by the regulatory agency and the proof parameters calculated based on random numbers. The blockchain entity generates Bulletproof based on the one-time signature parameters. Prove that it has the characteristics of forward security. In addition to verifying the correctness of transaction data, the blockchain supply chain platform also verifies the legitimacy of the signature of the regulatory agency. Since the signature parameter is a one-time number dynamically generated by the regulatory agency, when the regulatory agency's key is leaked, it will not cause a wide range of transaction data to be leaked.
本实施例所述的区块链供应链隐私交易动态监管方法,通过引入Pedersen承诺和Bulletproof范围证明的概念,将核心企业的明文应付款加密成机密交易并上链,只有交易双方能够解密交易数据中的金额,保护了交易隐私不被泄露,保障了区块链实体商业机密。而监管机构在获取到机密交易和Bulletproof范围证明后,通过Bulletproof范围证明对机密交易进行监管。The blockchain supply chain privacy transaction dynamic supervision method described in this embodiment introduces the concepts of Pedersen commitment and Bulletproof scope proof, encrypts the plaintext payables of core companies into confidential transactions and uploads them to the chain. Only both parties to the transaction can decrypt the transaction data The amount in the transaction privacy is protected from being leaked, and the business secrets of the blockchain entity are protected. After obtaining the confidential transaction and Bulletproof scope certificate, the supervisory authority will supervise the confidential transaction through the Bulletproof scope certificate.
实施例四Example four
图4为本发明实施例揭露的区块链节点设备的内部结构示意图。FIG. 4 is a schematic diagram of the internal structure of a blockchain node device disclosed in an embodiment of the present invention.
在本实施例中,所述区块链节点设备4可以包括存储器41、处理器42和总线43及收发器44。In this embodiment, the blockchain node device 4 may include a memory 41, a processor 42, a bus 43, and a transceiver 44.
所述区块链节点设备4可以为核心企业节点设备,还可以为监管机构节点设备,或者一级供应商节点设备,其他区块链实体(例如,二级供应商,银行,保理商)节点设备等。当所述区块链节点设备4为核心企业节点设备时,执行实施例一或者实施例二中所述的核心企业节点设备的功能;当所述区块链节点设备4为监管机构节点设备时,执行实施例一或者实施例二中所述的监管机构节点设备的功能;当所述区块链节点设备4为一级供应商节点设备时,执行实施例一或者实施例二中所述的一级供应商节点设备的功能;当所述区块链节点设备4为其他区块链实体节点设备时,执行实施例一或者实施例二中所述的其他区块链实体节点设备的功能。The blockchain node device 4 may be a core enterprise node device, a regulatory agency node device, or a first-tier supplier node device, other blockchain entities (for example, a second-tier supplier, bank, factor) Node equipment, etc. When the blockchain node device 4 is a core enterprise node device, the function of the core enterprise node device described in Embodiment 1 or Embodiment 2 is performed; when the blockchain node device 4 is a regulatory agency node device , Execute the function of the regulatory agency node device described in the first embodiment or the second embodiment; when the blockchain node device 4 is the first-tier supplier node device, execute the function described in the first embodiment or the second embodiment The function of the first-level supplier node device; when the blockchain node device 4 is another blockchain entity node device, the function of the other blockchain entity node device described in the first embodiment or the second embodiment is performed.
其中,存储器41至少包括一种类型的可读存储介质,所述可读存储介质包括闪存、 硬盘、多媒体卡、卡型存储器(例如,SD或DX存储器等)、磁性存储器、磁盘、光盘等。存储器41在一些实施例中可以是所述区块链节点设备4的内部存储单元,例如所述区块链节点设备4的硬盘。存储器41在另一些实施例中也可以是所述区块链节点设备4的外部存储设备,例如所述区块链节点设备4上配备的插接式硬盘,智能存储卡(Smart Media Card,SMC),安全数字(Secure Digital,SD)卡,闪存卡(Flash Card)等。进一步地,存储器41还可以既包括所述区块链节点设备4的内部存储单元,也包括外部存储设备。存储器41不仅可以用于存储安装于所述区块链节点设备4的应用程序及各类数据,还可以用于暂时地存储已经输出或者将要输出的数据。The memory 41 includes at least one type of readable storage medium, and the readable storage medium includes flash memory, hard disk, multimedia card, card-type memory (for example, SD or DX memory, etc.), magnetic memory, magnetic disk, optical disk, and the like. The memory 41 may be an internal storage unit of the blockchain node device 4 in some embodiments, for example, the hard disk of the blockchain node device 4. In other embodiments, the memory 41 may also be an external storage device of the blockchain node device 4, for example, a plug-in hard disk equipped on the blockchain node device 4, a smart memory card (Smart Media Card, SMC). ), Secure Digital (SD) card, Flash Card, etc. Further, the memory 41 may also include not only the internal storage unit of the blockchain node device 4, but also an external storage device. The memory 41 can be used not only to store application programs and various data installed in the blockchain node device 4, but also to temporarily store data that has been output or will be output.
处理器42在一些实施例中可以是一中央处理器(Central Processing Unit,CPU)、控制器、微控制器、微处理器,用于运行存储器41中存储的程序代码或处理数据。The processor 42 may be a central processing unit (CPU), controller, microcontroller, or microprocessor in some embodiments, and is used to run program codes or process data stored in the memory 41.
该总线43可以是外设部件互连标准(peripheral component interconnect,PCI)总线或扩展工业标准结构(extended industry standard architecture,EISA)总线等。该总线可以分为地址总线、数据总线、控制总线等。为便于表示,图4中仅用一条粗线表示,但并不表示仅有一根总线或一种类型的总线。The bus 43 may be a peripheral component interconnect standard (PCI) bus or an extended industry standard architecture (EISA) bus, etc. The bus can be divided into address bus, data bus, control bus and so on. For ease of representation, only one thick line is used in FIG. 4 to represent it, but it does not mean that there is only one bus or one type of bus.
进一步地,所述区块链节点设备4还可以包括网络接口,网络接口可选的可以包括有线接口和/或无线接口(如WI-FI接口、蓝牙接口等),通常用于在该区块链节点设备4与其他调度服务器之间建立通信连接。Further, the blockchain node device 4 may also include a network interface, and the network interface may optionally include a wired interface and/or a wireless interface (such as a WI-FI interface, a Bluetooth interface, etc.), which is usually used in the block The link node device 4 establishes a communication connection with other dispatch servers.
可选地,该区块链节点设备4还可以包括用户接口,用户接口可以包括显示器(Display)、输入单元,比如键盘(Keyboard),可选的,用户接口还可以包括标准的有线接口、无线接口。可选地,在一些实施例中,显示器可以是LED显示器、液晶显示器、触控式液晶显示器以及有机发光二极管(Organic Light-Emitting Diode,OLED)触摸器等。其中,显示器也可以称为显示屏或显示单元,用于显示在所述调度服务器中处理的消息以及用于显示可视化的用户界面。Optionally, the blockchain node device 4 may also include a user interface. The user interface may include a display (Display) and an input unit, such as a keyboard (Keyboard). Optionally, the user interface may also include a standard wired interface, wireless interface. Optionally, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an organic light-emitting diode (OLED) touch device, and the like. The display may also be called a display screen or a display unit, which is used to display the messages processed in the dispatch server and to display a visualized user interface.
图4仅示出了具有组件41-44的所述区块链节点设备4,本领域技术人员可以理解的是,图4示出的结构并不构成对所述区块链节点设备4的限定,既可以是总线型结构,也可以是星形结构,所述区块链节点设备4还可以包括比图示更少或者更多的部件,或者组合某些部件,或者不同的部件布置。其他现有的或今后可能出现的电子产品如可适应于本发明,也应包含在本发明的保护范围以内,并以引用方式包含于此。FIG. 4 only shows the blockchain node device 4 with components 41-44. Those skilled in the art can understand that the structure shown in FIG. 4 does not constitute a limitation on the blockchain node device 4. It may be a bus-type structure or a star-shaped structure. The blockchain node device 4 may also include fewer or more components than shown in the figure, or a combination of certain components, or a different component arrangement. Other existing or future electronic products that can be adapted to the present invention should also be included in the protection scope of the present invention, and are included here by reference.
在上述实施例中,可以全部或部分地通过应用程序、硬件、固件或者其任意组合来实现。当使用应用程序实现时,可以全部或部分地以计算机程序产品的形式实现。In the above-mentioned embodiments, it may be implemented in whole or in part by application programs, hardware, firmware, or any combination thereof. When implemented using an application program, it can be implemented in the form of a computer program product in whole or in part.
所述计算机程序产品包括一个或多个计算机指令。在计算机上加载和执行所述计算机程序指令时,全部或部分地产生按照本发明实施例所述的流程或功能。所述计算机可以是通用计算机、专用计算机、计算机网络、或者其他可编程装置。所述计算机指令可以存储在计算机可读存储介质中,或者从一个计算机可读存储介质向另一计算机可读存储介质传输,例如,所述计算机指令可以从一个网站站点、计算机、服务器或数据中心通过有线(例如,同轴电缆、光纤、数字用户线)或无线(例如,红外、无线、微波等)方式向另一个网站站点、计算机、服务器或数据中心进行传输。所述计算机可读存储介质可以是计算机能够存储的任何可用介质或者是包含一个或多个可用介质集成的服务器、数据中心等数据存储设备。所述可用介质可以是磁性介质(例如,软盘、硬盘、磁带),光介质(例如,DVD),或者半导体介质(例如,固态硬盘(Solid State Disk,SSD))等。The computer program product includes one or more computer instructions. When the computer program instructions are loaded and executed on the computer, the processes or functions described in the embodiments of the present invention are generated in whole or in part. The computer may be a general-purpose computer, a special-purpose computer, a computer network, or other programmable devices. The computer instructions may be stored in a computer-readable storage medium or transmitted from one computer-readable storage medium to another computer-readable storage medium. For example, the computer instructions may be transmitted from a website, computer, server, or data center. Transmission to another website site, computer, server or data center via wired (for example, coaxial cable, optical fiber, digital subscriber line) or wireless (for example, infrared, wireless, microwave, etc.). The computer-readable storage medium may be any available medium that can be stored by a computer or a data storage device such as a server or a data center integrated with one or more available media. The usable medium may be a magnetic medium (for example, a floppy disk, a hard disk, and a magnetic tape), an optical medium (for example, a DVD), or a semiconductor medium (for example, a solid state disk (SSD)).
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的系统,装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。Those skilled in the art can clearly understand that, for the convenience and conciseness of the description, the specific working process of the above-described system, device, and unit can refer to the corresponding process in the foregoing method embodiment, which will not be repeated here.
在本申请所提供的几个实施例中,应该理解到,所揭露的系统,装置和方法,可以 通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。In the several embodiments provided in this application, it should be understood that the disclosed system, device, and method may be implemented in other ways. For example, the device embodiments described above are merely illustrative. For example, the division of the units is only a logical function division, and there may be other divisions in actual implementation, for example, multiple units or components may be combined It can be integrated into another system, or some features can be ignored or not implemented. In addition, the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or units, and may be in electrical, mechanical or other forms.
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例中的方案的目的。The units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, they may be located in one place, or they may be distributed on multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution in this embodiment.
另外,在本申请各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用应用程序功能单元的形式实现。In addition, the functional units in the various embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit. The above-mentioned integrated unit can be implemented in the form of hardware or application program functional unit.
所述集成的单元如果以应用程序功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以应用程序产品的形式体现出来,该计算机应用程序产品存储在一个存储介质中,包括若干指令用以使得一台调度服务器(可以是个人计算机,服务器,或者网络设备等)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、硬盘、只读存储器(Read-Only Memory,ROM)、磁碟或者光盘等各种可以存储程序代码的介质。If the integrated unit is implemented in the form of an application function unit and sold or used as an independent product, it can be stored in a computer readable storage medium. Based on this understanding, the technical solution of the present application essentially or the part that contributes to the prior art or all or part of the technical solution can be embodied in the form of an application product, and the computer application product is stored in a storage The medium includes several instructions to make a dispatch server (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the methods described in the various embodiments of the present application. The aforementioned storage media include: U disk, hard disk, Read-Only Memory (Read-Only Memory, ROM), magnetic disk or optical disk and other media that can store program codes.
需要说明的是,上述本发明实施例序号仅仅为了描述,不代表实施例的优劣。It should be noted that the sequence numbers of the above-mentioned embodiments of the present invention are only for description, and do not represent the advantages and disadvantages of the embodiments.
以上仅为本发明的优选实施例,并非因此限制本发明的专利范围,凡是利用本发明说明书及附图内容所作的等效结构或等效流程变换,或直接或间接运用在其他相关的技术领域,均同理包括在本发明的专利保护范围内。The above are only preferred embodiments of the present invention, and do not limit the scope of the present invention. Any equivalent structure or equivalent process transformation made by using the content of the description and drawings of the present invention, or directly or indirectly applied to other related technical fields , The same reason is included in the scope of patent protection of the present invention.

Claims (11)

  1. 一种区块链供应链交易隐藏动态监管系统,其特征在于,所述系统包括:A block chain supply chain transaction hidden dynamic supervision system, characterized in that, the system includes:
    监管机构节点设备,用于在接收到核心企业节点设备的签名参数申请时,发送多个签名参数;The supervisory authority node device is used to send multiple signature parameters when receiving a signature parameter application from the core enterprise node device;
    所述核心企业节点设备,用于利用Pedersen承诺对核心企业承诺给一级供应商的应付款进行加密得到机密交易;利用Bulletproof范围证明基于所述多个签名参数及生成的随机数计算证明参数;对所述机密交易及所述证明参数进行签名并将签名后的交易数据上传至区块链供应链平台;The core enterprise node device is used to use Pedersen's commitment to encrypt the payables promised by the core enterprise to the first-tier supplier to obtain confidential transactions; use Bulletproof range certification to calculate the certification parameters based on the multiple signature parameters and the generated random numbers; Sign the confidential transaction and the certification parameters and upload the signed transaction data to the blockchain supply chain platform;
    一级供应商节点设备,用于利用所述区块链供应链平台接收所述交易数据并解密后输出给所述一级供应商;A first-level supplier node device, configured to use the blockchain supply chain platform to receive the transaction data, decrypt it, and output it to the first-level supplier;
    所述监管机构节点设备,还用于从所述区块链供应链平台上获取所述交易数据;获取所述交易数据中的机密交易及证明参数,并基于所述证明参数确定所述机密交易中的应付款以实现所述应付款的监管;The regulatory agency node device is also used to obtain the transaction data from the blockchain supply chain platform; obtain confidential transactions and certification parameters in the transaction data, and determine the confidential transaction based on the certification parameters Payables in to achieve the supervision of said payables;
    所述区块链供应链平台,用于存储所述交易数据;验证所述交易数据的正确性及所述监管机构节点设备签名的合法性。The blockchain supply chain platform is used to store the transaction data; verify the correctness of the transaction data and the legitimacy of the signature of the regulatory agency node device.
  2. 如权利要求1所述的区块链供应链交易隐藏动态监管系统,其特征在于,所述多个签名参数包括第一签名参数、第二签名参数及第三签名参数,所述随机数包括第一随机数及第二随机数;The block chain supply chain transaction hidden dynamic supervision system of claim 1, wherein the multiple signature parameters include a first signature parameter, a second signature parameter, and a third signature parameter, and the random number includes the first signature parameter. A random number and a second random number;
    所述利用Pedersen承诺对核心企业承诺给一级供应商的应付款进行加密得到机密交易包括:The use of Pedersen's commitment to encrypt the payables promised by the core enterprise to the first-tier suppliers to obtain confidential transactions includes:
    利用Pedersen承诺基于所述应付款及所述第一随机数加密得到机密交易;Use Pedersen to promise to obtain confidential transactions based on the payable and the first random number encryption;
    所述核心企业节点设备利用Bulletproof范围证明基于所述多个签名参数及生成的随机数计算证明参数包括:The core enterprise node equipment uses the Bulletproof range to prove that the calculation proof parameters based on the multiple signature parameters and the generated random numbers include:
    基于所述交易数据计算得到第一计算数及第二计算数;Calculating the first calculation number and the second calculation number based on the transaction data;
    利用Bulletproof范围证明基于所述第一计算数、所述第二计算数及所述第二随机数计算第一证明参数;Use Bulletproof range proof to calculate the first proof parameter based on the first calculation number, the second calculation number, and the second random number;
    利用所述Bulletproof范围证明基于所述第一签名参数、所述第二签名参数及所述第三签名参数计算第二证明参数;Using the Bulletproof range proof to calculate a second proof parameter based on the first signature parameter, the second signature parameter, and the third signature parameter;
    基于所述第一计算数及所述第二签名参数计算目标证明参数。The target certification parameter is calculated based on the first calculation number and the second signature parameter.
  3. 如权利要求2所述的区块链供应链交易隐藏动态监管系统,其特征在于,所述基于所述第一计算数及所述第二签名参数计算目标证明参数包括:The block chain supply chain transaction hidden dynamic supervision system according to claim 2, wherein the calculation of the target proof parameter based on the first calculation number and the second signature parameter comprises:
    向所述监管机构节点设备发送所述第一证明参数和所述第二证明参数并接收所述监管机构节点设备回复的第一公开参数;Sending the first certification parameter and the second certification parameter to the regulatory agency node device, and receiving the first public parameter replies from the regulatory agency node device;
    利用Pedersen承诺随机计算第一承诺参数和第二承诺参数;Use Pedersen commitment to randomly calculate the first commitment parameter and the second commitment parameter;
    向所述监管机构节点设备发送所述第一承诺参数和所述第二承诺参数并接收所述监管机构节点设备回复的第二公开参数;Sending the first commitment parameter and the second commitment parameter to the regulatory agency node device, and receiving a second public parameter replies from the regulatory agency node device;
    基于所述第一计算数、所述第二签名参数、所述第一公开参数和所述第二公开参数计算目标证明参数。The target certification parameter is calculated based on the first calculation number, the second signature parameter, the first public parameter, and the second public parameter.
  4. 如权利要求3所述的区块链供应链交易隐藏动态监管系统,其特征在于,所述监管机构节点设备在接收到所述核心企业节点设备的签名参数申请时,发送多个签名参数包括:The blockchain supply chain transaction concealment dynamic supervision system according to claim 3, wherein when the supervisory authority node device receives the signature parameter application of the core enterprise node device, sending multiple signature parameters comprises:
    生成第一候选参数、第二候选参数及第三候选参数;对所述第一候选参数进行签名得到第一签名参数,对所述第二候选参数进行签名得到第二签名参数及对所述第三候选参数进行签名得到第三签名参数;在接收到所述核心企业节点设备的签名参数申请时, 发送所述第一签名参数、所述第二签名参数及所述第三签名参数;或者Generate a first candidate parameter, a second candidate parameter, and a third candidate parameter; sign the first candidate parameter to obtain a first signature parameter, sign the second candidate parameter to obtain a second signature parameter, and perform a signature on the first candidate parameter; Signing the three candidate parameters to obtain the third signature parameter; upon receiving the signature parameter application of the core enterprise node device, sending the first signature parameter, the second signature parameter, and the third signature parameter; or
    生成第一候选参数、第二候选参数及第三候选参数;利用Bulletproof范围证明基于所述第一候选参数、所述第二候选参数及所述第三候选参数计算第二证明参数;使用私钥对所述第二证明参数进行签名并保存所述签名及对应的所述第一候选参数、所述第二候选参数及所述第三候选参数;当接收到核心企业节点设备的签名参数请求时,将所述第一候选参数作为第一签名参数、所述第二候选参数作为所述第二签名参数及所述第三候选参数作为所述第三签名参数发送给所述核心企业节点设备,并将所述第二证明参数的签名一并发送给所述核心企业节点设备。Generate the first candidate parameter, the second candidate parameter and the third candidate parameter; use the Bulletproof range to prove the calculation of the second proof parameter based on the first candidate parameter, the second candidate parameter and the third candidate parameter; use the private key Sign the second certification parameter and save the signature and the corresponding first candidate parameter, the second candidate parameter, and the third candidate parameter; when a signature parameter request from the core enterprise node device is received Sending the first candidate parameter as the first signature parameter, the second candidate parameter as the second signature parameter, and the third candidate parameter as the third signature parameter to the core enterprise node device, And send the signature of the second certification parameter to the core enterprise node device.
  5. 如权利要求1所述的区块链供应链交易隐藏动态监管系统,其特征在于,所述一级供应商节点设备,还用于:The block chain supply chain transaction hidden dynamic supervision system of claim 1, wherein the first-level supplier node device is also used for:
    将所述交易数据中的UTXO拆分为第一UTXO和第二UTXO,其中,所述第一UTXO中的金额和第二UTXO中的金额之和等于所述UTXO中的金额;Splitting the UTXO in the transaction data into a first UTXO and a second UTXO, wherein the sum of the amount in the first UTXO and the amount in the second UTXO is equal to the amount in the UTXO;
    基于所述第一UTXO和第二UTXO与其他区块链实体节点设备进行交易;Perform transactions with other blockchain entity node devices based on the first UTXO and the second UTXO;
    基于Bulletproof对所述第一UTXO和第二UTXO进行范围证明。Perform range proof on the first UTXO and the second UTXO based on Bulletproof.
  6. 如权利要求5所述的区块链供应链交易隐藏动态监管系统,其特征在于,所述一级供应商节点设备或者所述其他区块链实体节点设备,还用于当所述应付款到期后,向所述核心企业节点设备兑付应付款,响应于所述应付款兑付成功,将持有的UTXO进行无效化签名或者返还给所述核心企业节点设备。The block chain supply chain transaction hidden dynamic supervision system according to claim 5, wherein the first-level supplier node device or the other block chain entity node device is also used when the payable reaches After the period, the payable is redeemed to the core enterprise node device, and in response to the successful redemption of the payable, the UTXO held is invalidated or returned to the core enterprise node device.
  7. 如权利要求5或6所述的区块链供应链交易隐藏动态监管系统,其特征在于,所述系统还包括:The block chain supply chain transaction hidden dynamic supervision system according to claim 5 or 6, characterized in that, the system further comprises:
    至少一个风险评估机构节点设备,用于读取所述区块链供应链平台上存储的交易数据,使用预先训练好的风险评估模型对所述交易数据进行风险评估,并将风险评估结果发送给所述其他区块链实体节点设备。At least one risk assessment agency node device, used to read transaction data stored on the blockchain supply chain platform, use a pre-trained risk assessment model to perform risk assessment on the transaction data, and send the risk assessment result to The other blockchain entity node devices.
  8. 一种区块链供应链交易隐藏动态监管方法,其特征在于,所述方法包括:A block chain supply chain transaction hidden dynamic supervision method, characterized in that, the method includes:
    当监管机构节点设备接收到核心企业节点设备的签名参数请求时,向所述核心企业节点设备发送第一签名参数、第二签名参数及第三签名参数;When the supervisory authority node device receives the signature parameter request of the core enterprise node device, sending the first signature parameter, the second signature parameter, and the third signature parameter to the core enterprise node device;
    所述核心企业节点设备利用Pedersen承诺对核心企业承诺给一级供应商的应付款进行加密得到机密交易;The core enterprise node device uses Pedersen's commitment to encrypt the payables promised by the core enterprise to the primary supplier to obtain confidential transactions;
    所述核心企业节点设备利用Bulletproof范围证明基于所述多个签名参数及生成的随机数计算证明参数;The core enterprise node device uses the Bulletproof range proof to calculate the proof parameter based on the multiple signature parameters and the generated random number;
    所述核心企业节点设备对所述机密交易及所述证明参数进行签名并将签名后的交易数据上传至区块链供应链平台;The core enterprise node device signs the confidential transaction and the certification parameters and uploads the signed transaction data to the blockchain supply chain platform;
    一级供应商节点设备利用所述区块链供应链平台接收所述交易数据并解密后输出给所述一级供应商;The first-level supplier node device uses the blockchain supply chain platform to receive the transaction data, decrypt it, and output it to the first-level supplier;
    所述监管机构节点设备从所述区块链供应链平台上获取所述交易数据;获取所述交易数据中的机密交易及证明参数,并基于所述证明参数确定所述机密交易中的应付款以实现所述应付款的监管。The regulatory agency node device obtains the transaction data from the blockchain supply chain platform; obtains the confidential transaction and certification parameters in the transaction data, and determines the payable in the confidential transaction based on the certification parameters In order to achieve the supervision of the said payables.
  9. 如权利要求8所述的区块链供应链交易隐藏动态监管方法,其特征在于,所述监管机构节点设备接收到核心企业节点设备的签名参数请求时,向所述核心企业节点设备发送第一签名参数、第二签名参数及第三签名参数包括:The blockchain supply chain transaction hidden dynamic supervision method according to claim 8, wherein when the supervisory authority node device receives the signature parameter request of the core enterprise node device, it sends the first node device to the core enterprise node device. The signature parameters, the second signature parameters, and the third signature parameters include:
    生成第一候选参数、第二候选参数及第三候选参数;对所述第一候选参数进行签名得到第一签名参数,对所述第二候选参数进行签名得到第二签名参数及对所述第三候选参数进行签名得到第三签名参数;在接收到所述核心企业节点设备的签名参数申请时,发送所述第一签名参数、所述第二签名参数及所述第三签名参数;或者Generate a first candidate parameter, a second candidate parameter, and a third candidate parameter; sign the first candidate parameter to obtain a first signature parameter, sign the second candidate parameter to obtain a second signature parameter, and perform a signature on the first candidate parameter; Signing the three candidate parameters to obtain the third signature parameter; when receiving the signature parameter application of the core enterprise node device, send the first signature parameter, the second signature parameter, and the third signature parameter; or
    生成第一候选参数、第二候选参数及第三候选参数;利用Bulletproof范围证明基于所述第一候选参数、所述第二候选参数及所述第三候选参数计算证明参数;使用私钥对所述证明参数进行签名并保存所述签名及对应的所述第一候选参数、所述第二候选参数及所述第三候选参数;当接收到核心企业节点设备的签名参数请求时,将所述第一候选参数作为第一签名参数、所述第二候选参数作为所述第二签名参数及所述第三候选参数作为所述第三签名参数发送给所述核心企业节点设备。Generate the first candidate parameter, the second candidate parameter, and the third candidate parameter; use the Bulletproof range to prove the calculation of the proof parameter based on the first candidate parameter, the second candidate parameter, and the third candidate parameter; The certification parameter is signed and the signature and the corresponding first candidate parameter, the second candidate parameter, and the third candidate parameter are saved; when a signature parameter request from the core enterprise node device is received, the The first candidate parameter is used as the first signature parameter, the second candidate parameter is used as the second signature parameter, and the third candidate parameter is used as the third signature parameter and sent to the core enterprise node device.
  10. 如权利要求8或9所述的区块链供应链交易隐藏动态监管方法,其特征在于,所述方法还包括:The method for dynamic supervision of block chain supply chain transaction concealment according to claim 8 or 9, characterized in that the method further comprises:
    通过所述一级供应商节点设备将所述交易数据中的UTXO拆分为第一UTXO和第二UTXO,其中,所述第一UTXO中的金额和第二UTXO中的金额之和等于所述UTXO中的金额;The UTXO in the transaction data is split into a first UTXO and a second UTXO through the first-level supplier node device, wherein the sum of the amount in the first UTXO and the amount in the second UTXO is equal to the The amount in UTXO;
    基于所述第一UTXO和第二UTXO与其他区块链实体节点设备进行交易;Perform transactions with other blockchain entity node devices based on the first UTXO and the second UTXO;
    基于Bulletproof对所述第一UTXO和第二UTXO进行范围证明。Perform range proof on the first UTXO and the second UTXO based on Bulletproof.
  11. 如权利要求8或9所述的区块链供应链交易隐藏动态监管方法,其特征在于,所述方法还包括:The method for dynamic supervision of block chain supply chain transaction concealment according to claim 8 or 9, characterized in that the method further comprises:
    通过至少一个风险评估机构节点设备读取所述区块链供应链平台上存储的交易数据,使用预先训练好的风险评估模型对所述交易数据进行风险评估,并将风险评估结果发送给所述其他区块链实体节点设备。Read transaction data stored on the blockchain supply chain platform through at least one risk assessment agency node device, use a pre-trained risk assessment model to perform risk assessment on the transaction data, and send the risk assessment result to the Other blockchain entity node equipment.
PCT/CN2020/077624 2019-12-31 2020-03-03 Blockchain supply chain transaction hidden dynamic supervision system and method WO2021134897A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201911416606.2 2019-12-31
CN201911416606.2A CN111079190A (en) 2019-12-31 2019-12-31 Block chain supply chain transaction hiding dynamic supervision system and method

Publications (1)

Publication Number Publication Date
WO2021134897A1 true WO2021134897A1 (en) 2021-07-08

Family

ID=70320948

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/077624 WO2021134897A1 (en) 2019-12-31 2020-03-03 Blockchain supply chain transaction hidden dynamic supervision system and method

Country Status (2)

Country Link
CN (1) CN111079190A (en)
WO (1) WO2021134897A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112990928B (en) * 2021-05-10 2021-08-24 南开大学 Safety protection method for digital currency transaction data
CN113657914A (en) * 2021-08-26 2021-11-16 卓尔智联(武汉)研究院有限公司 Commodity tracing method based on block chain, computer device and storage medium
CN116389164B (en) * 2023-05-26 2023-09-12 建信金融科技有限责任公司 Data detection method and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108418689A (en) * 2017-11-30 2018-08-17 矩阵元技术(深圳)有限公司 A kind of the zero-knowledge proof method and medium of suitable block chain secret protection
CN109377215A (en) * 2018-08-06 2019-02-22 阿里巴巴集团控股有限公司 Block chain method of commerce and device, electronic equipment
CN109584055A (en) * 2018-09-20 2019-04-05 阿里巴巴集团控股有限公司 Method of commerce, device and remittance abroad method, apparatus based on block chain
CN110383311A (en) * 2018-11-07 2019-10-25 阿里巴巴集团控股有限公司 Supervise the transaction of block chain secret
CN110505046A (en) * 2019-07-29 2019-11-26 深圳壹账通智能科技有限公司 The cross-platform Zero Knowledge method of calibration of more data providing encryption datas, device and medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108418689A (en) * 2017-11-30 2018-08-17 矩阵元技术(深圳)有限公司 A kind of the zero-knowledge proof method and medium of suitable block chain secret protection
CN109377215A (en) * 2018-08-06 2019-02-22 阿里巴巴集团控股有限公司 Block chain method of commerce and device, electronic equipment
CN109584055A (en) * 2018-09-20 2019-04-05 阿里巴巴集团控股有限公司 Method of commerce, device and remittance abroad method, apparatus based on block chain
CN110383311A (en) * 2018-11-07 2019-10-25 阿里巴巴集团控股有限公司 Supervise the transaction of block chain secret
CN110505046A (en) * 2019-07-29 2019-11-26 深圳壹账通智能科技有限公司 The cross-platform Zero Knowledge method of calibration of more data providing encryption datas, device and medium

Also Published As

Publication number Publication date
CN111079190A (en) 2020-04-28

Similar Documents

Publication Publication Date Title
US10673632B2 (en) Method for managing a trusted identity
US10547446B2 (en) Method and apparatus for providing a universal deterministically reproducible cryptographic key-pair representation for all SKUs, shipping cartons, and items
TWI725124B (en) Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys
US11095449B2 (en) System and method for securely processing an electronic identity
US11625490B2 (en) Method and apparatus for obtaining input of secure multiparty computation protocol
TWI709314B (en) Data processing method and device
US11251937B2 (en) Distributed security mechanism for blockchains and distributed ledgers
WO2021134900A1 (en) Blockchain supply chain transaction hidden static supervision system and method
US20150193744A1 (en) Methods and systems for creating and using massless currency
CN111160908B (en) Supply chain transaction privacy protection system, method and related equipment based on blockchain
WO2021134897A1 (en) Blockchain supply chain transaction hidden dynamic supervision system and method
US8220040B2 (en) Verifying that group membership requirements are met by users
CN111105235B (en) Supply chain transaction privacy protection system, method and related equipment based on blockchain
TWI622949B (en) Know your customer (kyc) data marking dispute relief system with multiple secret key and method thereof
WO2021114495A1 (en) Supply chain transaction privacy protection system and method based on blockchain, and related device
CN112435026A (en) Method and device for protecting file transaction information by using zero-knowledge proof and electronic equipment
Cebeci et al. Secure e-commerce scheme
TWI734729B (en) Method and device for realizing electronic signature and signature server
CN114514550A (en) Partitioning requests into blockchains
CN113342802A (en) Method and device for storing block chain data
US20220092587A1 (en) Verification systems for blockchains and distributed ledgers
CN112950356B (en) Personal loan processing method, system, equipment and medium based on digital identity
CN115310978A (en) Transaction method and device for digital assets
CN111429119B (en) Blockchain technology for encryption, payment, inquiry and submission of digital currency
US20230124498A1 (en) Systems And Methods For Whitebox Device Binding

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20910638

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20910638

Country of ref document: EP

Kind code of ref document: A1