WO2021204067A1 - Transfert et acquisition d'une réclamation vérifiable - Google Patents

Transfert et acquisition d'une réclamation vérifiable Download PDF

Info

Publication number
WO2021204067A1
WO2021204067A1 PCT/CN2021/085169 CN2021085169W WO2021204067A1 WO 2021204067 A1 WO2021204067 A1 WO 2021204067A1 CN 2021085169 W CN2021085169 W CN 2021085169W WO 2021204067 A1 WO2021204067 A1 WO 2021204067A1
Authority
WO
WIPO (PCT)
Prior art keywords
verifiable
verifiable statement
verifier
obtaining
statement
Prior art date
Application number
PCT/CN2021/085169
Other languages
English (en)
Chinese (zh)
Inventor
杨仁慧
Original Assignee
支付宝(杭州)信息技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 支付宝(杭州)信息技术有限公司 filed Critical 支付宝(杭州)信息技术有限公司
Publication of WO2021204067A1 publication Critical patent/WO2021204067A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/28Databases characterised by their database models, e.g. relational or object models
    • G06F16/283Multi-dimensional databases or data warehouses, e.g. MOLAP or ROLAP
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Definitions

  • This application relates to the field of computer technology, in particular to the forwarding and obtaining of verifiable claims.
  • Decentralized IDentifier is a new type of identifier with global uniqueness, high availability, resolvability, and encryption verifiability. After the DID technology is put into use, one DID can correspond to multiple verifiable claims (VC). When the number of VCs is too large, there is a demand for storage and management of VCs. Thus, the VC data warehouse came into being. The data warehouse can store and manage the user's VC. In practical applications, users of the data warehouse hope to record the use of VC in order to perform statistical analysis on the use of VC. However, VC data warehouse does not have this function.
  • the embodiments of the present application provide a method, device, and equipment for forwarding and obtaining verifiable claims, so as to enable the verifier of the VC to obtain the VC on the blockchain system.
  • the embodiment of this specification provides a method for forwarding verifiable claims, including: a data warehouse monitors the on-chain transaction data containing verifiable claims generated in the target blockchain system; if the on-chain transaction data contains decentralized If the identity is the same as the decentralized identity of the verifier of the data warehouse service, the verifiable statement in the on-chain transaction data is obtained; the verifiable statement is sent to the verifier's device.
  • An embodiment of this specification provides a method for obtaining a verifiable claim, including: a verifier of a verifiable claim obtains a first verification request sent by a holder of the verifiable claim, and the first verification request includes at least all The identification of the verifiable claim; sending a second verification request for obtaining the verifiable claim to the data warehouse, the second verification request including the identifier; obtaining all the data that the data warehouse feedbacks based on the second verification request The verifiable statement is obtained by the data warehouse from the target blockchain system.
  • An embodiment of this specification provides a device for forwarding verifiable claims, the device is applied to a data warehouse, and the device includes: a monitoring module for monitoring on-chain transactions containing verifiable claims generated in a target blockchain system Data; a verifiable statement acquisition module for obtaining the on-chain transaction if the decentralized identity included in the on-chain transaction data is the same as the decentralized identity of the verifier of the data warehouse service The verifiable statement in the data; the verifiable statement sending module is used to send the verifiable statement to the device of the verifier.
  • the embodiment of this specification provides a device for obtaining a verifiable claim, which is applied to a verifier of a verifiable claim, and the device includes: a first verification request obtaining module, which is used to obtain a verification request sent by the holder of the verifiable claim A first verification request, the first verification request includes at least the identification of the verifiable claim; the second verification request sending module is configured to send a second verification request for obtaining the verifiable claim to the data warehouse, the first verification request 2.
  • the verification request includes the identifier; a verifiable statement obtaining module is used to obtain the verifiable statement fed back by the data warehouse based on the second verification request, and the verifiable statement is the data warehouse from the target area Obtained in the blockchain system.
  • An embodiment of this specification provides a verifiable claim forwarding device, which includes at least one processor and a memory communicatively connected with the at least one processor.
  • the memory stores instructions that can be executed by the at least one processor, and the instructions are executed by the at least one processor, so that the at least one processor can: On-chain transaction data containing verifiable claims; if the decentralized identity included in the on-chain transaction data is the same as the decentralized identity of the verifier of the data warehouse service, then the on-chain transaction is obtained The verifiable claim in the data; the verifiable claim is sent to the verifier's device.
  • the device for obtaining a verifiable statement includes: at least one processor; and a memory communicatively connected with the at least one processor.
  • the memory stores instructions executable by the at least one processor, and the instructions are executed by the at least one processor, so that the at least one processor can: obtain the holding of the verifiable statement
  • the first verification request sent by the party, the first verification request contains at least the identification of the verifiable claim; the second verification request to obtain the verifiable claim is sent to the data warehouse, and the second verification request contains all The identification; obtaining the verifiable statement fed back by the data warehouse based on the second verification request, where the verifiable statement is obtained by the data warehouse from the target blockchain system.
  • the data warehouse obtains the VC to be verified from the blockchain and sends it to the verifier. Since the verifiable statement is sent from the holder device to the verifier device through the blockchain, the transmission process of the verifiable statement can be made It is recorded by the blockchain system and can be traced back.
  • the above solutions provide specific implementation procedures for how the data warehouse transmits the VC to be verified to the verifier, and how the verifier obtains the VC to be verified from the data warehouse, which can be used as a standard process for reference.
  • FIG. 1 is a schematic diagram of the application background of the method in the embodiment of the specification.
  • FIG. 2 is a schematic diagram of the architecture of a verifiable claim transmission system provided by an embodiment of this specification
  • FIG. 3 is a schematic flowchart of a method for forwarding verifiable claims according to an embodiment of this specification
  • FIG. 5 is a schematic flowchart of another method for forwarding verifiable claims according to an embodiment of this specification
  • FIG. 6 is a schematic flowchart of a method for obtaining a verifiable statement according to an embodiment of the specification
  • FIG. 7 is a schematic structural diagram of a verifiable claim forwarding device corresponding to FIG. 3 provided by an embodiment of this specification;
  • FIG. 8 is a schematic structural diagram of a device for obtaining a verifiable statement corresponding to FIG. 6 provided by an embodiment of this specification;
  • Fig. 9 is a schematic structural diagram of the forwarding device corresponding to the verifiable claim of Fig. 3 and the obtaining device corresponding to the verifiable claim of Fig. 6 provided by an embodiment of this specification.
  • FIG. 1 is a schematic diagram of the application background of the method in the embodiment of the specification.
  • the client 101 may be a mobile terminal such as a mobile phone, or a device such as a desktop computer.
  • the user's account is logged in on the client, and each account can have a decentralized identification (DID) 102 corresponding to it.
  • DID decentralized identification
  • a DID can correspond to an individual user, or a device, or to a merchant, or to a company, and so on.
  • a verifiable statement can be understood as a statement on whether the identity identified by a DID has a certain qualification.
  • VC can be the data that records this kind of statement.
  • a DID can have multiple verifiable claims 103.
  • this DID can include VC1 used to prove that user A is over 18 years old, VC2 used to prove that user A's property is greater than 1 million, and used to prove that user A has a motor vehicle driving Qualified VC3 and so on.
  • VC1 used to prove that user A is over 18 years old
  • VC2 used to prove that user A's property is greater than 1 million
  • VC3 motor vehicle driving Qualified VC3 and so on.
  • the data warehouse 104 can be used to store the verifiable statement 103 corresponding to the DID.
  • VC Repo Data warehouse used to store VC, referred to as VC Repo.
  • VC Repo is a logical concept, which can be an application or a program.
  • VC Repo can be deployed on various types of hardware devices.
  • VC Repo stores VC
  • VC can be stored in a database that VC Repo has permission to use.
  • Fig. 2 is a schematic diagram of the architecture of a verifiable claim transmission system provided by an embodiment of the specification.
  • the method for sending and obtaining verifiable claims provided in the embodiments of this specification can be run based on the system.
  • 200 is the user terminal (also the sending device for the transmission request that can verify the declaration)
  • 201 is the first data warehouse
  • 202 is the second data warehouse
  • 203 is the operable database of the first data warehouse
  • 204 is the The server of the verifier who can verify the claim.
  • 11 is the first blockchain node
  • 12 is the second blockchain node
  • 13 is the third blockchain node.
  • the blockchain nodes 11, 12, and 13 belong to the first blockchain system.
  • FIG. 21 is the fourth blockchain node
  • 22 is the fifth blockchain node
  • 23 is the sixth blockchain node
  • the blockchain nodes 21, 22, and 23 belong to the second blockchain system.
  • 31 is the seventh blockchain node
  • 32 is the eighth blockchain node
  • 33 is the ninth blockchain node
  • the blockchain nodes 31, 32, and 33 belong to the third blockchain system.
  • Figure 2 is only a schematic diagram. In practical applications, the number of blockchain systems that can be connected to the data warehouse can be more, and the number of nodes in a blockchain system can also be more. It should also be noted that, in some cases, the first data warehouse 201 and the second data warehouse 202 are physically spaced, and may be located in the same place or deployed in the same device.
  • the first data warehouse 201 is the first data warehouse 201 and the other is the second data warehouse 202.
  • the two data warehouses respectively correspond to the holder and verifier of the VC.
  • the VC will still be sent to the second data warehouse 202 by the first data warehouse 201 through the blockchain system.
  • one of the functions is to send the verifiable statement to the server 204 of the verifier for verification.
  • the device that initially sends the verifiable claim to the first data warehouse may be the device of the holder of the verifiable claim.
  • the device of the holder is logged in with the account of the holder (which may be a DID).
  • the holder needs to send the VC to the verifier's device for verification.
  • the holder is also a user of the first data warehouse, and the VC that needs to be verified can be stored in the first data warehouse in advance.
  • the first data warehouse receives the request and can upload the corresponding VC to a blockchain system, and the corresponding VC is stored in the blockchain system. On-chain transaction data. After uploading to the blockchain system, the second data warehouse needs to obtain the corresponding VC from the blockchain system and send the VC to the verifier's device.
  • Fig. 3 is a schematic flowchart of a method for forwarding verifiable claims provided by an embodiment of the specification.
  • the execution subject of a process can be a program or an application client loaded on an application server. Specifically, it may be the second data warehouse in FIG. 2.
  • the method may include the following steps:
  • Step 302 Monitor the on-chain transaction data containing verifiable claims generated in the target blockchain system
  • Step 304 If the decentralized identity included in the on-chain transaction data is the same as the decentralized identity of the verifier of the data warehouse service, obtain the verifiable statement in the on-chain transaction data;
  • Step 306 Send the verifiable statement to the device of the verifier
  • the data warehouse may have an account in the target blockchain system.
  • the data warehouse can obtain data in the blockchain system after logging in to the blockchain system through the account.
  • the data warehouse does not have an account, and the data in the blockchain system can be obtained through a third-party platform with an account. This is not limited in the embodiments of this specification.
  • the data warehouse can monitor part or all of the blockchain systems in all the blockchain systems connected to it.
  • the verifier of the VC has a corresponding DID.
  • the DID can be included in the transaction data on the chain.
  • the verifier of the VC can be the user of the data warehouse.
  • the data warehouse needs to provide services for this user.
  • the data warehouse can monitor the VCs to be verified of all verifiers belonging to its own users.
  • the data warehouse may also not monitor the to-be-verified VCs of all verifiers belonging to its own users, but obtain all the newly generated on-chain transaction data in the target blockchain system, and obtain the local data warehouse. , And then analyze whether the VC to be verified contained in the newly generated chain transaction data needs to be sent to the user managed by the data warehouse.
  • the monitoring method can reduce the data warehouse's acquisition of transaction data on the chain that does not need to be forwarded, reduce the pressure on the data warehouse, and improve the efficiency of the data warehouse.
  • the verifiable statement may be included in the on-chain transaction data in the form of a subject matter.
  • the information in the authorization list can be mainly monitored, and when the authorization list contains the DID of the user of the data warehouse itself, the complete transaction data on the chain can be obtained.
  • the second data warehouse actively monitors the generation of on-chain transaction data in the blockchain system.
  • the second data warehouse actively obtains the on-chain transaction data, reads the VC as the subject matter from it, and then sends the VC to the verifier’s
  • the device in a nutshell, is equivalent to a method of actively pushing the VC to be verified to the device of the verifier. Using this method, on the one hand, the operation of the verifier’s device can be simplified.
  • the verifier’s device only needs to interact with the second data warehouse to obtain the VC to be verified, thereby verifying the VC; on the other hand, Since the verifiable statement is sent from the holder device to the verifier device through the blockchain, the transmission process of the verifiable statement can be recorded by the blockchain system and can be traced.
  • the monitoring method for newly generated on-chain transaction data in the blockchain system may specifically be: the data warehouse scans the block header data in the blockchain system according to a set time point.
  • the block header data may include the height of the block where the newly generated transaction data on the chain is located, and the destination address of the transaction data on the chain. Among them, when the height of the scanned block changes, the data warehouse can determine that there is new transaction data on the chain.
  • the destination address in the block header data can be represented by the DID of the verifier. The data warehouse can determine whether the destination address contains the DID of the verifier that the data warehouse is responsible for management.
  • step 304 is executed, from the blockchain system Pull the on-chain transaction data and upload it to the chain, and obtain the verifiable statement in the on-chain transaction data.
  • the information stored in the VC is usually the user's private information, in order to improve the protection of the user's privacy, the following methods can be used.
  • the obtaining the verifiable statement in the on-chain transaction data may specifically include: obtaining the encrypted verifiable statement from the on-chain transaction data.
  • the sending the verifiable statement to the verifier may specifically include: sending the encrypted verifiable statement to the verifier.
  • the VC in the transaction data on the chain is an encrypted VC, not the original VC. Even if the data on the blockchain has the characteristics of openness and transparency, after a third party obtains the transaction data on the chain, the original VC cannot be obtained, which can improve the protection of user privacy.
  • a symmetric key can be used to encrypt the verifiable statement, and then the public key of the verifier can be used to encrypt the symmetric key.
  • the encrypted symmetric key can be It is called the authorization key. Add the authorization key to the transaction data on the chain, and then upload the transaction data on the chain to the target blockchain system.
  • step 304 Obtain the verifiable statement in the on-chain transaction data.
  • the following methods may be used: Obtain the encrypted verifiable statement from the on-chain transaction data Obtain the authorization key from the transaction data on the chain; use the private key of the verifier to decrypt the authorization key to obtain the symmetric key; use the symmetric key to encrypt the verifiable statement Decryption is performed to obtain the verifiable statement.
  • Fig. 4 is a schematic diagram of the field structure of the transaction data on the chain provided by the embodiment of the specification. It should be noted that FIG. 4 is only a schematic diagram, and the fields shown in FIG. 4 may be included in the on-chain transaction data, but the position of these fields in the on-chain transaction data is not limited.
  • the first part of the field may be the VC original text (VC Content) encrypted by the Advanced Encryption Standard (AES).
  • a symmetric key can be used to encrypt the original VC.
  • the second part of the field it may be the authorization key obtained by using the public key of the verifier B to encrypt the above-mentioned symmetric key.
  • the third part of the field can be an authorization list.
  • the authorization list can include the authenticator's DID.
  • the identifier contained in the authorization list can be used to indicate the target verifier to which the VC contained in the transaction data on the chain needs to be sent.
  • the data warehouse on the verifier's side can obtain the use authority of the verifier's private key. After the data warehouse obtains on-chain transaction data with the same or similar field structure as shown in Figure 4, it can first obtain the authorization key in the second part of the field from the on-chain transaction data, and then use the verifier’s private key pair Authorize the key for decryption. After decryption, you can get the symmetric key, and then use the symmetric key to decrypt the encrypted VC to get the original VC.
  • the decryption process of the VC original text is all executed by the data warehouse, and the verifier device is not required for decryption, which can reduce the burden on the verifier device.
  • the private key of the verifier can also be entrusted to a decentralized identity server that provides a decentralized identity service (DID Service) for use.
  • DID Service decentralized identity service
  • the data warehouse on the verifier side no longer has the authority to use the verifier's private key.
  • the data warehouse can obtain the original VC from the transaction data on the chain in the following ways:
  • the decentralized identity server can use the private key of the verifier to decrypt the authorization key to obtain the symmetric key, and then The symmetric key is sent to the data warehouse of the verifier.
  • FIG. 5 is a schematic flowchart of another method for forwarding verifiable claims according to an embodiment of the specification.
  • the execution subject of a process can be a program or an application client loaded on an application server. Specifically, it may be the second data warehouse in FIG. 2. As shown in Figure 5, the method may include the following steps:
  • Step 502 Monitor the on-chain transaction data containing verifiable claims generated in the target blockchain system
  • Step 504 If the decentralized identity included in the on-chain transaction data is the same as the decentralized identity of the verifier of the data warehouse service, obtain the verifiable statement in the on-chain transaction data;
  • the aforementioned various methods can be used to obtain the verifiable statement in the transaction data on the chain from the target blockchain system.
  • Step 506 Save the verifiable statement in the database connected to the data warehouse
  • the verifier has the right to use the data warehouse, after obtaining the verifiable statement, it does not need to be sent to the verifier’s device immediately, and the verifiable statement can be stored in the data first.
  • the database connected to the warehouse.
  • the data warehouse obtains the verification request sent by the verifier's device to the data warehouse (the verification request is used to request to obtain the verifiable statement for verification), the verifiable statement is sent to the verifier's device.
  • Step 508 Obtain a verification request sent by the verifier, where the verification request includes at least the identifier of the verifiable claim;
  • the verifier may send the verification request through a device logged in to the verifier's account.
  • the verifier may be triggered by the verification request sent by the holder of the verifiable claim before sending the verification request. That is, the holder of the verifiable claim may first send the first verification request to the verifier's device through the device with the holder's account logged in.
  • the first verification request may be used to inform the verifier that the device has a VC to be verified, and wait for the verifier to perform verification.
  • the verifier device may send a second verification request (that is, the verification request in step 508) to the data warehouse.
  • the identifier of the verifiable claim can be expressed as Vcid, which is used to indicate the VC waiting to be verified.
  • Step 510 Find the verifiable statement from the database according to the identifier
  • Step 512 Send the found verifiable statement to the verifier's device.
  • the data warehouse does not need to actively send the verifiable statement to the verifier device. Therefore, the verifier device does not need to design an interface for receiving the verifiable statement sent by the data warehouse, which can simplify the verification of the verifier device. Changes.
  • the holder device may send multiple VCs waiting to be verified, but the verification order of these VCs to be verified has certain rules. Generally, if a VC fails the verification, it is not necessary to verify the remaining VCs. For example, a certain user wants to visit a certain website. The website requires users to be at least 25 years old, with assets greater than 300,000, and unmarried. These three conditions can correspond to three VCs.
  • the verifier can verify the three VCs in the order of age, assets, and marital status. In this case, using the method shown in Figure 5, the verifier does not need to obtain three VCs for verification at a time, but can obtain the VCs to be verified from the data warehouse one by one in order. Once it is found that a certain VC has not passed the verification, there is no need to obtain another VC. This can further reduce the burden on the verifier.
  • step 508 may further include the following steps after obtaining the verification request sent by the verifier:
  • step 510 is executed to search for the verifiable statement from the database according to the identifier.
  • Fig. 6 is a schematic flowchart of a method for obtaining a verifiable statement provided by an embodiment of the specification.
  • the execution subject of a process can be a program or an application client loaded on an application server. Specifically, it may be a program or application carried on a verifier device that can verify the statement.
  • the method may include the following steps:
  • Step 602 The verifier of the verifiable claim obtains the first verification request sent by the holder of the verifiable claim, and the first verification request includes at least the identifier of the verifiable claim;
  • the verifier of the verifiable claim may refer to the device logged in or used by the verifier.
  • the first verification request is a request for requesting the verifier to verify the verifiable statement.
  • the identifier of the verifiable claim can be expressed as Vcid, which is used to indicate the VC waiting to be verified.
  • Step 604 Send a second verification request for obtaining the verifiable statement to the data warehouse, where the second verification request includes the identifier;
  • Step 606 Obtain the verifiable statement fed back by the data warehouse based on the second verification request
  • the data warehouse can search for the verifiable statement from the database according to the method in Figure 5 and according to the identifier. Feedback the found VC to the verifier.
  • the verifiable statement is obtained by the data warehouse from the target blockchain system.
  • the method in FIG. 6 corresponds to the method in FIG. 5, and can bring about the same technical effects as the method in FIG. 5, which will not be repeated here.
  • FIG. 7 is a schematic structural diagram of a verifiable claim forwarding device corresponding to FIG. 3 provided by an embodiment of this specification.
  • the device can be applied to data warehouses. As shown in Figure 7, the device may include:
  • the monitoring module 701 is used to monitor the on-chain transaction data containing verifiable claims generated in the target blockchain system
  • the verifiable statement obtaining module 702 is configured to obtain the on-chain transaction data if the decentralized identity included in the on-chain transaction data is the same as the decentralized identity of the verifier of the data warehouse service Verifiable statement in
  • the verifiable statement sending module 703 is configured to send the verifiable statement to the device of the verifier.
  • the data warehouse may have an account in the target blockchain system.
  • the verifiable statement obtaining module 702 may specifically include a first verifiable statement obtaining unit for obtaining encrypted verifiable claims from the transaction data on the chain.
  • the verifiable statement sending module 703 may specifically include a first verifiable statement sending unit for sending the encrypted verifiable statement to the device of the verifier.
  • the verifiable statement obtaining module 702 may specifically include: a second verifiable statement obtaining unit, configured to obtain an encrypted verifiable statement from the transaction data on the chain; and a first authorized key obtaining unit, It is used to obtain the authorization key from the transaction data on the chain; the first decryption unit is used to decrypt the authorization key using the private key of the verifier to obtain the symmetric key; the second decryption unit uses Then, the encrypted verifiable statement is decrypted by using the symmetric key to obtain the verifiable statement.
  • the verifiable statement obtaining module 702 may specifically include: a third verifiable statement obtaining unit, configured to obtain an encrypted verifiable statement from the on-chain transaction data; and a second authorized key obtaining unit, It is used to obtain the authorization key from the transaction data on the chain; the authorization key sending unit is used to send the authorization key to the decentralized identity server; the symmetric key obtaining unit is used to obtain the decentralized identity server The authentication server decrypts the symmetric key obtained by decrypting the authorization key; the third decryption unit is configured to use the symmetric key to decrypt the encrypted verifiable statement to obtain the verifiable statement.
  • the above-mentioned device may further include: a verifiable statement storage module for storing the verifiable statement in the database connected to the data warehouse after obtaining the verifiable statement in the on-chain transaction data;
  • the verification request obtaining module is configured to obtain a verification request sent by the verifier before sending the verifiable statement to the device of the verifier, and the verification request includes at least the identifier of the verifiable statement.
  • the verifiable statement sending module 703 may specifically include: a verifiable statement searching unit for searching the verifiable statement from the database according to the identifier; a second verifiable statement sending unit for searching The arrived verifiable statement is sent to the verifier's device.
  • the device may further include: a decentralized identity acquisition module, which is used to acquire the decentralized identity of the verifier whose verifiability statement is claimed after acquiring the verification request sent by the verifier; and a judgment module , Used for judging whether the verifier has the right to use the data warehouse according to the decentralized identity.
  • the verifiable statement search unit may specifically include: a verifiable statement search subunit, which is used to search for the verifiable statement from the database when the verifier has the right to use the data warehouse. Verify the statement.
  • FIG. 8 is a schematic structural diagram of a device for obtaining a verifiable statement corresponding to FIG. 6 provided by an embodiment of this specification.
  • the device can be applied to verifiers who can verify claims.
  • the device may include:
  • the first verification request obtaining module 801 is configured to obtain the first verification request sent by the holder of the verifiable claim, where the first verification request includes at least the identifier of the verifiable claim;
  • the second verification request sending module 802 is configured to send a second verification request for obtaining the verifiable statement to the data warehouse, where the second verification request includes the identifier;
  • the verifiable statement obtaining module 803 is configured to obtain the verifiable statement fed back by the data warehouse based on the second verification request, and the verifiable statement is obtained by the data warehouse from the target blockchain system.
  • the second verification request may also include the decentralized identity of the verifier.
  • the embodiment of this specification also provides a device corresponding to the above method.
  • Fig. 9 is a schematic structural diagram of the forwarding device corresponding to the verifiable claim of Fig. 3 and the obtaining device corresponding to the verifiable claim of Fig. 6 provided by an embodiment of this specification.
  • the device 900 may include: at least one processor 910; and a memory 930 communicatively connected with the at least one processor.
  • the memory 930 stores instructions 920 that can be executed by the at least one processor 910, and the instructions are executed by the at least one processor 910, so that the at least one processor 910 can: monitor the target block On-chain transaction data containing verifiable claims generated in the chain system; if the decentralized identity included in the on-chain transaction data is the same as the decentralized identity of the verifier of the data warehouse service, then obtain The verifiable statement in the transaction data on the chain; the verifiable statement is sent to the verifier's device.
  • the instruction is executed by the at least one processor 910, so that the at least one processor 910 can: obtain the first verification request sent by the holder of the verifiable claim, in the first verification request At least the identifier of the verifiable statement is included; a second verification request for obtaining the verifiable statement is sent to the data warehouse, and the second verification request includes the identifier; the data warehouse is obtained based on the second verification request The verifiable statement that is fed back is obtained by the data warehouse from the target blockchain system.
  • the improvement of a technology can be clearly distinguished between hardware improvements (for example, improvements in circuit structures such as diodes, transistors, switches, etc.) or software improvements (improvements in method flow).
  • hardware improvements for example, improvements in circuit structures such as diodes, transistors, switches, etc.
  • software improvements improvements in method flow.
  • the improvement of many methods and processes of today can be regarded as a direct improvement of the hardware circuit structure.
  • Designers almost always get the corresponding hardware circuit structure by programming the improved method flow into the hardware circuit. Therefore, it cannot be said that the improvement of a method flow cannot be realized by the hardware entity module.
  • a programmable logic device for example, a Field Programmable Gate Array (Field Programmable Gate Array, FPGA)
  • PLD Programmable Logic Device
  • FPGA Field Programmable Gate Array
  • HDL Hardware Description Language
  • ABEL Advanced Boolean Expression Language
  • AHDL Altera Hardware Description Language
  • HDCal JHDL
  • Lava Lava
  • Lola MyHDL
  • PALASM RHDL
  • VHDL Very-High-Speed Integrated Circuit Hardware Description Language
  • Verilog Verilog
  • the controller can be implemented in any suitable manner.
  • the controller can take the form of, for example, a microprocessor or a processor and a computer-readable medium storing computer-readable program codes (such as software or firmware) executable by the (micro)processor. , Logic gates, switches, application specific integrated circuits (ASICs), programmable logic controllers and embedded microcontrollers.
  • controllers include but are not limited to the following microcontrollers: ARC625D, Atmel AT91SAM, Microchip PIC18F26K20 and Silicon Labs C8051F320, the memory controller can also be implemented as a part of the control logic of the memory.
  • controllers in addition to implementing the controller in a purely computer-readable program code manner, it is entirely possible to program the method steps to make the controller use logic gates, switches, application specific integrated circuits, programmable logic controllers, and embedded logic.
  • the same function can be realized in the form of a microcontroller or the like. Therefore, such a controller can be regarded as a hardware component, and the devices included in it for realizing various functions can also be regarded as a structure within the hardware component. Or even, the device for realizing various functions can be regarded as both a software module for realizing the method and a structure within a hardware component.
  • a typical implementation device is a computer.
  • the computer may be, for example, a personal computer, a laptop computer, a cell phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or Any combination of these devices.
  • the embodiments of the present invention can be provided as a method, a system, or a computer program product. Therefore, the present invention may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, the present invention may adopt the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program codes.
  • computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
  • These computer program instructions can also be stored in a computer-readable memory that can guide a computer or other programmable data processing equipment to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction device.
  • the device implements the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
  • These computer program instructions can also be loaded on a computer or other programmable data processing equipment, so that a series of operation steps are executed on the computer or other programmable equipment to produce computer-implemented processing, so as to execute on the computer or other programmable equipment.
  • the instructions provide steps for implementing the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
  • the computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
  • processors CPUs
  • input/output interfaces network interfaces
  • memory volatile and non-volatile memory
  • the memory may include non-permanent memory in computer readable media, random access memory (RAM) and/or non-volatile memory, such as read-only memory (ROM) or flash memory (flash RAM). Memory is an example of computer readable media.
  • RAM random access memory
  • ROM read-only memory
  • flash RAM flash memory
  • Computer-readable media include permanent and non-permanent, removable and non-removable media, and information storage can be realized by any method or technology.
  • the information can be computer-readable instructions, data structures, program modules, or other data.
  • Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technology, CD-ROM, digital versatile disc (DVD) or other optical storage, Magnetic cartridges, magnetic tape storage or other magnetic storage devices or any other non-transmission media can be used to store information that can be accessed by computing devices. According to the definition in this article, computer-readable media does not include transitory media, such as modulated data signals and carrier waves.
  • This application may be described in the general context of computer-executable instructions executed by a computer, such as a program module.
  • program modules include routines, programs, objects, components, data structures, etc. that perform specific tasks or implement specific abstract data types.
  • This application can also be practiced in distributed computing environments. In these distributed computing environments, tasks are performed by remote processing devices connected through a communication network. In a distributed computing environment, program modules can be located in local and remote computer storage media including storage devices.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Mining & Analysis (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé, un appareil et un dispositif permettant de transférer une réclamation vérifiable, ainsi qu'un procédé, un appareil et un dispositif permettant d'acquérir une réclamation vérifiable. La solution consiste : au moyen d'un entrepôt de données associé à une partie de vérification, à acquérir une réclamation vérifiable, qui doit être vérifiée, à partir de données de transaction en chaîne dans un système de chaîne de blocs ; et, ensuite, à envoyer ladite réclamation vérifiable à un dispositif de la partie de vérification.
PCT/CN2021/085169 2020-04-10 2021-04-02 Transfert et acquisition d'une réclamation vérifiable WO2021204067A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010277163.X 2020-04-10
CN202010277163.XA CN111190974B (zh) 2020-04-10 2020-04-10 可验证声明的转发、获取方法、装置及设备

Publications (1)

Publication Number Publication Date
WO2021204067A1 true WO2021204067A1 (fr) 2021-10-14

Family

ID=70710289

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/085169 WO2021204067A1 (fr) 2020-04-10 2021-04-02 Transfert et acquisition d'une réclamation vérifiable

Country Status (2)

Country Link
CN (1) CN111190974B (fr)
WO (1) WO2021204067A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113779637A (zh) * 2021-11-10 2021-12-10 腾讯科技(深圳)有限公司 一种属性数据处理方法、装置、设备以及介质

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111190974B (zh) * 2020-04-10 2021-01-26 支付宝(杭州)信息技术有限公司 可验证声明的转发、获取方法、装置及设备
CN111680305B (zh) * 2020-07-31 2023-04-18 支付宝(杭州)信息技术有限公司 一种基于区块链的数据处理方法、装置及设备
CN113395281B (zh) * 2021-06-11 2022-11-01 网易(杭州)网络有限公司 可验证声明的验证方法、装置和电子设备

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108898389A (zh) * 2018-06-26 2018-11-27 阿里巴巴集团控股有限公司 基于区块链的内容验证方法及装置、电子设备
CN109947848A (zh) * 2019-01-30 2019-06-28 阿里巴巴集团控股有限公司 基于区块链的存证方法和装置
WO2019143582A1 (fr) * 2018-01-22 2019-07-25 Microsoft Technology Licensing, Llc Gestion d'attestation
CN111190974A (zh) * 2020-04-10 2020-05-22 支付宝(杭州)信息技术有限公司 可验证声明的转发、获取方法、装置及设备

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109493082A (zh) * 2018-09-25 2019-03-19 西安纸贵互联网科技有限公司 一种农产品区块链溯源方法及装置
CN109492431A (zh) * 2018-10-31 2019-03-19 国网河南省电力公司信息通信公司 财务数据的存储方法及其系统和电子设备
CN110199307B (zh) * 2018-11-16 2023-08-22 创新先进技术有限公司 区块链系统中进行跨链交互的域名方案
CN110224837B (zh) * 2019-06-06 2021-11-19 西安纸贵互联网科技有限公司 基于分布式身份标识的零知识证明方法及终端
CN110795501A (zh) * 2019-10-11 2020-02-14 支付宝(杭州)信息技术有限公司 基于区块链的可验证声明的创建方法、装置、设备及系统
CN115396114A (zh) * 2019-10-11 2022-11-25 支付宝(杭州)信息技术有限公司 基于可验证声明的授权方法、装置、设备及系统

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019143582A1 (fr) * 2018-01-22 2019-07-25 Microsoft Technology Licensing, Llc Gestion d'attestation
CN108898389A (zh) * 2018-06-26 2018-11-27 阿里巴巴集团控股有限公司 基于区块链的内容验证方法及装置、电子设备
CN109947848A (zh) * 2019-01-30 2019-06-28 阿里巴巴集团控股有限公司 基于区块链的存证方法和装置
CN111190974A (zh) * 2020-04-10 2020-05-22 支付宝(杭州)信息技术有限公司 可验证声明的转发、获取方法、装置及设备

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113779637A (zh) * 2021-11-10 2021-12-10 腾讯科技(深圳)有限公司 一种属性数据处理方法、装置、设备以及介质

Also Published As

Publication number Publication date
CN111190974A (zh) 2020-05-22
CN111190974B (zh) 2021-01-26

Similar Documents

Publication Publication Date Title
TWI723261B (zh) 資料儲存方法、資料查詢方法及裝置
WO2021204067A1 (fr) Transfert et acquisition d'une réclamation vérifiable
WO2021209041A1 (fr) Traitement d'autorisation reposant sur un justificatif d'identité vérifiable
CN112818380B (zh) 业务行为的回溯处理方法、装置、设备及系统
WO2021204068A1 (fr) Stockage d'une réclamation vérifiable
CN108932297B (zh) 一种数据查询、数据共享的方法、装置及设备
TWI686071B (zh) 密鑰管理方法、裝置及設備
US10389728B2 (en) Multi-level security enforcement utilizing data typing
US11626984B2 (en) Blockchain integrated station and cryptographic acceleration card, key management methods and apparatuses
US11546348B2 (en) Data service system
WO2021179748A1 (fr) Procédés, appareils et dispositifs pour paiement par balayage de code à barres, transmission d'informations et génération de code de collecte
WO2017036190A1 (fr) Procédé d'accès à des données sur la base d'une plate-forme informatique en nuage, et terminal d'utilisateur
CN111612462B (zh) 区块链中实现隐私保护的方法、节点和存储介质
TWI723525B (zh) 報警方法、裝置及系統
US20190215164A1 (en) Revocable biometric-based keys for digital signing
US11683298B2 (en) Secure messaging
CN114884674B (zh) 一种基于区块链的用户数据流转方法、装置及设备
CN111193597B (zh) 一种可验证声明的传输方法、装置、设备及系统
CN111639362B (zh) 区块链中实现隐私保护的方法、节点和存储介质
TW201937425A (zh) 交易處理方法、伺服器、客戶端及系統
CN112788001A (zh) 一种基于数据加密的数据处理业务处理方法、装置及设备
CN113792346B (zh) 一种可信数据处理方法、装置及设备
CN116432235A (zh) 区块链中账户数据的隐私保护方法及装置
US11423169B1 (en) System, method and apparatus for securely storing data on public networks
CN110011807A (zh) 一种关键信息维护方法及系统

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21783740

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21783740

Country of ref document: EP

Kind code of ref document: A1