WO2020108138A1 - 区块链中实现隐私保护的方法 - Google Patents
区块链中实现隐私保护的方法 Download PDFInfo
- Publication number
- WO2020108138A1 WO2020108138A1 PCT/CN2019/111304 CN2019111304W WO2020108138A1 WO 2020108138 A1 WO2020108138 A1 WO 2020108138A1 CN 2019111304 W CN2019111304 W CN 2019111304W WO 2020108138 A1 WO2020108138 A1 WO 2020108138A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- smart contract
- contract
- blockchain node
- transaction
- key
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G06Q20/06—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
- G06Q20/065—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
- G06Q20/0658—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash e-cash managed locally
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0637—Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2105—Dual mode as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Definitions
- This application relates to the field of blockchain technology, in particular to a method for realizing privacy protection in blockchain.
- Blockchain technology is built on a transmission network (such as a peer-to-peer network).
- Network nodes in the transmission network use a chained data structure to verify and store data, and use a distributed node consensus algorithm to generate and update data.
- the nodes in these blockchain networks sometimes need to be increased.
- TEE Trusted Execution Environment
- TEE can function as a black box in hardware.
- the code and data operating system layer executed in TEE cannot be peeped, and only the predefined interface in the code can operate it.
- plaintext data is operated in TEE, rather than complex cryptographic operations in homomorphic encryption.
- the security and privacy of the blockchain are greatly improved.
- the industry is very concerned about TEE solutions. Almost all mainstream chips and software alliances have their own TEE solutions, including TPM (Trusted Platform Module) for software and Intel SGX (Software Guard Extensions) for hardware. , Software protection extension), ARM Trustzone (trust zone) and AMD PSP (Platform Security Processor, platform security processor).
- the entire smart contract is treated as data requiring privacy protection in TEE and the entire contract state is stored encrypted on the blockchain.
- part of the content in the smart contract may be sensitive, so privacy protection is required, while other content is not sensitive and can be disclosed.
- the current solution does not have a more flexible method to achieve privacy protection.
- the purpose of the embodiments of the present application is to provide a method for realizing privacy protection in a blockchain.
- a method for realizing privacy protection in blockchain includes:
- the client encrypts the transaction containing the smart contract and sends the encrypted transaction to the first blockchain node.
- the code of the smart contract includes the contract status indicated by the privacy identifier;
- the first blockchain node decrypts the code of the smart contract in the transaction, executes the code of the smart contract in a trusted execution environment, and writes the contract status indicated by the privacy identifier to the database, using Key encryption.
- a method for realizing privacy protection in blockchain includes:
- the first blockchain node receives an encrypted transaction containing a smart contract, and the code of the smart contract includes the contract status indicated by the privacy identifier;
- the first blockchain node decrypts the code of the smart contract in the transaction
- the first blockchain node executes the decrypted code of the smart contract in a trusted execution environment, and encrypts the key when writing the contract status indicated by the privacy identifier into the database.
- a system for privacy protection in a blockchain including a client and a first blockchain node, where:
- the client is used to encrypt the transaction containing the smart contract and send the encrypted transaction to the first blockchain node.
- the code of the smart contract includes the contract status indicated by the privacy identifier;
- the first blockchain node is used to decrypt the code of the smart contract in the transaction, execute the code of the smart contract in a trusted execution environment, and write the contract status indicated by the privacy identifier into the database , Encrypted with a key.
- a node for privacy protection in a blockchain including:
- the receiving module is used to receive encrypted transactions containing smart contracts, and the code of the smart contract includes the contract status indicated by the privacy identifier;
- a decryption module used to decrypt the code of the smart contract in the transaction
- An execution module for executing the decrypted code of the smart contract in a trusted execution environment
- a writing module used for encrypting the contract state indicated by the privacy identifier into the database after the execution module executes the decrypted code of the smart contract
- the database is used to store the written contract state encrypted with the key.
- the embodiments of the present application can encrypt and store the contract status indicated by the privacy identifier in the smart contract code in the database.
- the contract status not indicated by the privacy identifier in the smart contract code it may still be stored in the database in plain text.
- this embodiment can flexibly encrypt the contract state that indicates privacy protection.
- FIG. 1 is an illustration process of creating a smart contract according to an embodiment of this application
- FIG. 2 is a schematic diagram of calling a smart contract according to an embodiment of this application
- FIG. 3 is a schematic diagram of creating a smart contract and calling a smart contract in an embodiment of the application
- FIG. 6 is a composition diagram of an embodiment of a system for implementing privacy protection in this application.
- FIG. 7 is a composition diagram of an embodiment of a node that implements privacy protection in this application.
- the embodiments of the present application provide a method for realizing privacy protection in a blockchain.
- Blockchain is generally divided into three types: public chain (PublicBlockchain), private chain (PrivateBlockchain) and alliance chain (ConsortiumBlockchain).
- PublicBlockchain public chain
- PrivateBlockchain private chain
- alliance chain ConsortiumBlockchain
- the highest degree of decentralization is the public chain.
- the public chain is represented by Bitcoin and Ethereum. Participants who join the public chain can read the data records on the chain, participate in transactions, and compete for the accounting rights of new blocks.
- each participant ie node
- the private chain is the opposite.
- the write permission of the network is controlled by an organization or organization, and the data read permission is regulated by the organization.
- the private chain can be a weakly centralized system, and there are strict restrictions and few participating nodes.
- This type of blockchain is more suitable for internal use by specific institutions.
- the alliance chain is a blockchain between the public chain and the private chain, which can achieve "partial decentralization". Each node in the alliance chain usually has a corresponding entity or organization; participants join the network through authorization and form a stake-related alliance to jointly maintain the operation of the blockchain.
- Smart contracts on the blockchain are contracts that can be triggered by transactions on the blockchain system. Smart contracts can be defined in code.
- EVM Ethereum Virtual Machine
- bytecode virtual machine code
- Node 1 After Bob sends a transaction containing smart contract creation information to the Ethereum network, Node 1's EVM can execute the transaction and generate the corresponding contract instance. "0x6f8ae93" in Figure 1 represents the address of this contract.
- the data field of the transaction can be stored in byte code, and the to field of the transaction is an empty account. After the nodes reach agreement through a consensus mechanism, this contract is successfully created, and subsequent users can call this contract.
- a contract account corresponding to the smart contract appears on the blockchain and has a specific address.
- the contract code and account storage will be saved in the contract account.
- the behavior of the smart contract is controlled by the contract code, and the account storage of the smart contract saves the state of the contract.
- the smart contract makes a virtual account containing the contract code and account storage (Storage) on the blockchain.
- the data field containing the transaction for creating a smart contract may store the byte code of the smart contract.
- the bytecode consists of a series of bytes, each byte can identify an operation. Based on various considerations such as development efficiency and readability, developers can choose not to write bytecode directly, but to choose a high-level language to write smart contract code.
- the smart contract code written in the high-level language is compiled by the compiler to generate bytecode, which can then be deployed on the blockchain.
- Ethereum supports many high-level languages, such as Solidity, Serpent, LLL languages, etc.
- the contract written with it is very similar to the class in the object-oriented programming language.
- a variety of members can be declared in a contract, including state variables, functions, function modifiers, and events.
- State variables are values that are permanently stored in the account storage of the smart contract and are used to save the state of the contract.
- the storage state corresponding to the "balance" state variable is plain text, and anyone can see its state, without privacy protection settings and capabilities. If users want to protect state privacy, the current solution with zero-knowledge proof and homomorphic encryption needs to rewrite this contract so that the "balance" state variable is encrypted and protected, and all operations of balance on the encrypted domain need to be supported . Generally, this encryption method is complicated in operation, and it is difficult to design a suitable algorithm to support it in the encryption domain.
- all contract states of smart contracts are treated as data requiring privacy protection and stored on the blockchain.
- the blockchain is a collection of data organized in a specific logic and stored in a database of nodes. As described later, the database may have a physical carrier as a storage medium, such as a persistent storage medium. In fact, in a smart contract, only the "balance" contract state is sensitive and privacy protection is needed, while other content is not sensitive and can be disclosed.
- Node 1's EVM can execute the transaction and generate the corresponding contract instance.
- the from field of the transaction in Figure 2 is the address of the account that initiated the smart contract.
- the "0x6f8ae93" in the to field represents the address of the called smart contract.
- the value field is the value of Ether in Ethereum.
- the data field saves the method and parameters for calling the smart contract. After calling the smart contract, the value of balance may change. Later, a client can view the current value of balance through a blockchain node (such as node 6 in Figure 2).
- Smart contracts can be independently executed by each node in the blockchain network in a prescribed manner, and all execution records and data are saved on the blockchain, so when such a transaction is completed, the blockchain cannot be saved. Tampered, non-lost transaction documents.
- FIG. 3 The schematic diagram of creating a smart contract and calling a smart contract is shown in Figure 3.
- Calling a smart contract in Ethereum is to initiate a transaction that points to the address of the smart contract.
- the smart contract code runs distributed in the virtual machine of each node in the Ethereum network.
- the client encrypts the transaction including the smart contract and sends the encrypted transaction to the first blockchain node.
- the code of the smart contract includes the contract status indicated by the privacy identifier.
- the user can use the privacy identifier to identify the contract status that needs privacy protection.
- a privacy identifier can be used to identify the contract status that requires privacy protection.
- the contract state here is, for example, a state variable in a programming language.
- privacy identifiers can also be used to identify state variables that require privacy protection.
- Solidity language currently mainly supports the state variable types can be: Booleans, Integers, Fixed Point Numbers, Address, Fixed-size bytes array, Address Literals, Rational and Integral Literals, String Literals, Hexadecimal Literals, Enums.
- the privacy identifier here may be an identifier specifically indicating that privacy protection is required, for example, expressed by the keyword Confidential. Then, if you want to protect the state variables supported by the above Solidity language, you can add the privacy identifier Confidential. In this way, using Confidential as a prefix can indicate the state variables that need privacy protection.
- the types of state variables supported by the Solidity language for privacy protection can be: Confidential, Booleans, Confidential, Integers, Confidential, Fixed Points, Confidential, Address, Confidential, Fixed-size, byte array, Confidential, Address, Literals, Confidential, Rational, Integrator, Literals, Confidential, String Hexadecimal Literals, and Confidential Enums.
- the smart contract in the transaction received by the first blockchain node may be a user directly writing a smart contract in a high-level language on the first blockchain node, or may receive a smart contract written in a high-level language on the client, It can also be a smart contract that receives transactions from the second blockchain node. Specifically, it may be a smart contract in a transaction sent by the client through the second blockchain node.
- smart contracts deployed on the blockchain are generally in the form of bytecode. If the user directly writes a smart contract in a high-level language on the first blockchain node, the first blockchain node can also use a compiler to compile the smart contract written in the high-level language to generate bytecode. If the user receives a smart contract written in a high-level language on the client, after the user writes the smart contract on the client, the client may also use a compiler to compile the smart contract written in the high-level language to generate bytecode, Furthermore, the smart contract in the form of bytecode is sent to the first blockchain node, so that the first blockchain node receives the smart contract in the form of bytecode.
- the smart contract written in the high-level language can be directly sent to the first blockchain node, and then the first blockchain node can use the compiler to write the smart contract in the high-level language Compile to generate bytecode.
- the smart contract in the transaction sent by the second blockchain node received by the first blockchain node it is generally a smart contract in the form of bytecode; of course, it can also be a smart contract written in a high-level language.
- a blockchain node can use a compiler to compile a smart contract written in a high-level language to generate bytecode.
- the compiler needs to be adjusted to process the contract state indicated by the privacy identifier.
- dup2/* copies the second item from the top to the bottom of the stack, so at this time the stack has three data from top to top 1, 0, 1 */
- dup2/* copies the second item from the top to the bottom of the stack, so at this time the stack has three data from top to top 1, 0, 1 */
- the privacy identifier Confidential indicates the contract state balance that needs privacy protection.
- the byte code here also uses the keyword Confidential to indicate the operation that requires privacy protection, which is the same as the smart contract written in Solidity language, that is, the same as in code example 2.
- the byte identifier may be different from the privacy identifier in Code Example 2, that is, the byte identifier may be different from the privacy identifier in the code written in the high-level language.
- the privacy identifier in the code written in the high-level language is different from the bytecode, it is assumed that the privacy identifier in the code written in the high-level language is the first identifier, and the privacy identifier in the code in the bytecode form is the second For a privacy identifier, there is a corresponding relationship between the first privacy identifier and the second privacy identifier.
- the first blockchain node can also use a compiler to compile a smart contract written in a high-level language to generate bytecode.
- the contract status requiring privacy protection is indicated in the smart contract code through a privacy identifier.
- the smart contract written in the high-level language includes a privacy identifier indicating the status of the contract that requires privacy protection.
- the privacy identifier in the code written in the high-level language corresponds to the privacy identifier in the code in the form of byte code.
- the client may also use a compiler to compile the smart contract in the high-level language to generate bytecode, and Send the smart contract in the form of bytecode to the first blockchain node.
- the first blockchain node receives a transaction containing a smart contract, where the smart contract is a smart contract in the form of bytecode.
- the smart contract in the form of bytecode includes a privacy identifier indicating the contract status that needs privacy protection.
- the smart contract written in the high-level language includes a privacy identifier indicating the status of the contract that requires privacy protection.
- the privacy identifier in the code written in the high-level language corresponds to the privacy identifier in the code in the form of byte code.
- the smart contract written in a high-level language can also be directly sent to the first blockchain node.
- the smart contract written in the high-level language includes a privacy identifier indicating the status of the contract that requires privacy protection.
- the first blockchain node can use a compiler to compile a smart contract written in a high-level language to generate bytecode.
- the contract status requiring privacy protection is indicated in the smart contract code through the privacy identifier.
- the privacy identifier in the code written in the high-level language corresponds to the privacy identifier in the code in the form of byte code.
- the smart contract in the transaction sent by the second blockchain node received by the first blockchain node it is generally a smart contract in the form of bytecode, of course, it is not excluded in the form of high-level language Smart contract.
- the latter can be further compiled by the first blockchain node to form bytecode.
- the privacy identifier in code written in the latter high-level language corresponds to the privacy identifier in code in the form of bytecode.
- the client can encrypt the transaction containing the creation of a smart contract with a key.
- the encryption may be symmetric encryption or asymmetric encryption.
- the encryption algorithm used for symmetric encryption is, for example, DES algorithm, 3DES algorithm, TDEA algorithm, Blowfish algorithm, RC5 algorithm, IDEA algorithm, etc.
- Asymmetric encryption algorithms such as RSA, Elgamal, knapsack algorithm, Rabin, D-H, ECC (elliptic curve encryption algorithm), etc.
- the client can encrypt the transaction including the creation of a smart contract with a key, or a combination of symmetric encryption and asymmetric encryption.
- the client uses a symmetric encryption algorithm to encrypt the transaction content, that is, the private key encryption using the symmetric encryption algorithm includes transactions that create smart contracts, and the private key used in the symmetric encryption algorithm is encrypted using the asymmetric encryption algorithm.
- the private key used in the symmetric encryption algorithm is encrypted using the public key of the asymmetric encryption algorithm.
- the first blockchain node can first use the private key of the asymmetric encryption algorithm to decrypt to obtain the private key of the symmetric encryption algorithm, and then use the private key of the symmetric encryption algorithm to decrypt to obtain the transaction content, namely Get the code to create a smart contract.
- the first blockchain node receives a transaction that includes a smart contract, and the code of the smart contract includes the contract status indicated by the privacy identifier that requires privacy protection.
- the transaction sent by the client to the first blockchain node may also include a transaction that invokes a smart contract.
- the client may encrypt the transaction including calling the smart contract with the key, and send the encrypted transaction to the first blockchain node.
- the called smart contract may include the contract status indicated by the privacy identifier.
- the transaction calling the smart contract may be a call with multiple nested structures. For example, the code in smart contract 1 is called, and smart contract 2 is called, and the code in smart contract 2 points to the contract address 3 generated by creating the smart contract code, so that the code in smart contract 1 indirectly calls all
- the smart contract code in the contract address 3 is described, and the code in the contract address 3 may include the contract status indicated by the privacy identifier. In this way, it is equivalent to calling the smart contract 1 including the contract status indicated by the privacy identifier.
- the specific implementation process is similar to the above process and will not be repeated here.
- the transaction sent by the client to the first blockchain node can also be a transaction that involves creating and calling a smart contract.
- the client can encrypt the transaction including creating and calling the smart contract with the key, and send the encrypted transaction to the first blockchain node.
- the smart contract includes the identifier indicated by the privacy identifier. Contract status. The specific implementation process is similar to the above process and will not be repeated here.
- the first blockchain node decrypts the code of the smart contract in the transaction, executes the code of the smart contract in a trusted execution environment, and writes the contract status indicated by the privacy identifier into the database , Encrypted with a key.
- the transaction containing the smart contract received by the first blockchain node may be, for example, a transaction for creating and/or calling a smart contract.
- the first blockchain node can check whether the transaction is valid, the format is correct, and verify whether the signature of the transaction is legal.
- the nodes in Ethereum are also the nodes competing for accounting rights. Therefore, as the nodes competing for accounting rights, the first blockchain node can execute the transaction including the smart contract locally. If one of the nodes competing for accounting rights wins in the process of competing for accounting rights in the current round, it becomes the accounting node. If the first blockchain node wins in the process of competing for accounting power in this round, it becomes the accounting node; of course, if the two nodes in the first block do not win in the process of competing for accounting power in this round, it is not Accounting node, and other nodes may become accounting nodes.
- a smart contract is similar to a class in object-oriented programming.
- the result of execution generates a contract instance corresponding to the smart contract, similar to generating an object corresponding to the class.
- the process of executing the code for creating a smart contract in a transaction creates a contract account and deploys the contract in the account space.
- the address of the smart contract account is generated by the encryption algorithm by using the sender's address (0xf5e... in Figure 1 or 0x14c5f88a in Figure 2) and transaction nonce as inputs.
- the contract address in Figure 2 is generated by the sender's address 0x14c5f88a... and the nonce in the transaction through an encryption algorithm.
- All the nodes competing for the accounting right can execute the transaction after receiving the transaction including the creation of the smart contract. It is possible that one of the nodes competing for the accounting power wins in the process of competing for the accounting power and becomes the accounting node.
- the accounting node can package the transaction containing the smart contract with other transactions and generate new blocks, and send the generated new blocks to other nodes for consensus.
- the first blockchain node can send the transaction to the accounting node if it is not the accounting node of the current round.
- accounting nodes which can be the first blockchain node
- the transaction including the smart contract may be executed.
- the accounting node packages the transaction containing the smart contract (or includes other transactions together) and generates a new block, and then sends the generated new block or block header to other nodes for consensus.
- the current accounting node can include the smart contract
- the transaction is packaged and a new block is generated, and the block header is sent to other nodes for consensus after the generated new block. If other nodes receive the block and verify that there is no problem, they can append the new block to the end of the original block chain to complete the billing process and reach a consensus, which also completes the smart contract in the block Deployment on the chain network. In the process of verifying the new block or block header sent by the accounting node, other nodes may also execute transactions containing smart contracts in the block.
- the execution process may generally be executed by a virtual machine, for example, a virtual machine (Ethereum Virtual Machine, EVM) in Ethereum.
- EVM executes smart contracts in the form of bytecode.
- the contract state is written to the database in the form of key-value pairs. Words expressed in code, such as setstorage(key, value).
- the first blockchain node may execute the decrypted smart contract code in a trusted execution environment (Trusted Execution, Environment, TEE).
- TEE is a trusted execution environment based on the security extension of CPU hardware and completely isolated from the outside.
- TEE was originally a concept proposed by Global Platform to solve the security isolation of resources on mobile devices, and provides a trusted and safe execution environment for applications in parallel to the operating system.
- ARM's Trust Zone technology was the first to implement a truly commercial TEE technology.
- TEE TEE
- server chip manufacturers Intel, AMD, etc. have successively launched hardware-assisted TEE and enriched the concept and characteristics of TEE, which has been widely recognized in the industry.
- the TEE mentioned now usually refers to this kind of hardware-assisted TEE technology.
- cloud access requires remote access and the end user is not visible to the hardware platform, so the first step in using TEE is to confirm the authenticity of TEE.
- TEE technology has introduced a remote certification mechanism, endorsed by hardware manufacturers (mainly CPU manufacturers) and through digital signature technology to ensure that users can verify the TEE status.
- hardware manufacturers mainly CPU manufacturers
- digital signature technology to ensure that users can verify the TEE status.
- TEEs including Intel, SGX, and AMD SEV also provide memory encryption technology, which limits the trusted hardware to the CPU.
- the bus and memory data are ciphertext to prevent malicious users from snooping.
- TEE technologies such as Intel’s Software Protection Extensions (SGX) isolate code execution, remote attestation, security configuration, secure storage of data, and trusted paths for executing code.
- Applications running in TEE are protected by security and are almost impossible to be accessed by third parties.
- SGX provides an enclave (also known as an enclave), which is an encrypted and trusted execution area in memory, and the CPU protects data from being stolen.
- enclave also known as an enclave
- the CPU protects data from being stolen.
- a part of the area EPC Enclave Page Cache, encircling page cache or enclave page cache
- MEE Memory Encryption Engine
- VMM Virtual Machine Monitor, virtual machine monitor
- BIOS Basic Input, Output System
- the client can encrypt the transaction containing the creation of a smart contract with a key.
- the encryption may be symmetric encryption or asymmetric encryption.
- the first blockchain node may decrypt the code of the smart contract in the transaction with the corresponding key. If the client in S401 uses a symmetric encryption method, that is, uses the symmetrically encrypted private key to encrypt the transaction that creates the contract, then in S403, accordingly, the first blockchain node can decrypt the transaction using the symmetrically encrypted private key The code of the smart contract in.
- the encryption algorithm used for symmetric encryption is, for example, DES algorithm, 3DES algorithm, TDEA algorithm, Blowfish algorithm, RC5 algorithm, IDEA algorithm, etc.
- the symmetric encryption key can be determined by negotiation between the client and the first blockchain node, for example.
- the client in S401 uses an asymmetric encryption method, that is, uses the asymmetric encryption public key to encrypt the transaction that creates the contract
- the first blockchain node can decrypt using the asymmetric encryption private key
- the code of the smart contract in the transaction Asymmetric encryption algorithms, such as RSA, Elgamal, knapsack algorithm, Rabin, D-H, ECC (elliptic curve encryption algorithm), etc.
- the asymmetric encryption key may be, for example, the first blockchain node generates a pair of public and private keys, and sends the public key to the client before S401, so that the client in S401 may include Transactions that create smart contracts are encrypted with a key.
- Asymmetrically encrypted keys can also be generated by a key management server.
- the key management server sends the private key to the first blockchain node. Specifically, it can be passed into the circle of the first blockchain node.
- the asymmetrically encrypted public key can be sent to the client by the key management server.
- the client can use the public key to encrypt the transaction that includes the creation of a smart contract, and accordingly, the first blockchain node can use the private key to decrypt the transaction of the smart contract in the transaction Code.
- the client also uses a combination of symmetric encryption and asymmetric encryption.
- the client uses a symmetric encryption algorithm to encrypt the transaction content, that is, the private key encryption using the symmetric encryption algorithm includes transactions that create smart contracts, and the private key used in the symmetric encryption algorithm is encrypted using the asymmetric encryption algorithm.
- the private key used in the symmetric encryption algorithm is encrypted using the public key of the asymmetric encryption algorithm.
- the first blockchain node can first use the private key of the asymmetric encryption algorithm to decrypt to obtain the private key of the symmetric encryption algorithm, and then use the private key of the symmetric encryption algorithm to decrypt the transaction content, namely Get the code to create a smart contract.
- the key management server can send the private key of the asymmetric encryption algorithm to the circle of the first blockchain node through remote proof, and send the public key of the asymmetric encryption algorithm to the client.
- the client can use the private key of the symmetric encryption algorithm to encrypt the transaction content, that is, the private key of the symmetric encryption algorithm is used to encrypt the transaction including the creation of a smart contract, and the public key of the asymmetric encryption algorithm is used to encrypt the symmetric encryption algorithm The private key used.
- the client can send the encrypted transaction content and the private key used in the symmetric encryption algorithm of the public key encryption of the asymmetric encryption algorithm to the first blockchain node.
- the first blockchain node After receiving the encrypted transaction content and the public key encryption of the asymmetric encryption algorithm, the first blockchain node can use the private key of the symmetric encryption algorithm to decrypt the symmetric encryption algorithm.
- the private key decrypts the transaction using the private key of the symmetric encryption algorithm to obtain the plain text of the transaction, thereby obtaining the plain text of the code for creating a smart contract.
- the encryption method here is generally called digital envelope encryption. The situation of invoking a smart contract is similar to that of creating a smart contract above, and will not be described in detail.
- the first blockchain node can execute the code of the smart contract in plain text in a trusted execution environment.
- the first blockchain node can use the newly added processor instruction in the CPU to allocate a part of the EPC in the memory, and encrypt the plaintext code obtained by the decryption through the encryption engine MEE in the CPU and store it in the EPC in.
- the encrypted content in EPC is decrypted into plain text after entering the CPU.
- the code of the plain text is operated to complete the execution process.
- the code that executes the smart contract can load the EVM into the enclosure.
- the key management server can calculate the hash value of the local EVM code and compare it with the hash value of the EVM code loaded in the first blockchain node. The result of the comparison is correct as a necessity for remote certification Conditions, thus completing the measurement of the code loaded on the first blockchain node SGX circle.
- the correct EVM can execute the smart contract code in SGX.
- the contract status will change.
- the plaintext code of the smart contract is executed in a trusted execution environment.
- the state of the contract indicated by the privacy identifier in the smart contract will also change.
- the contract status is stored in the blockchain. From the perspective of the blockchain node, the contract status is written into a database, such as a local database.
- the database is generally stored in a storage medium, and the more common is a persistent storage medium.
- the persistent storage medium may be a magnetic disk, a floppy disk, or a memory that can recover data after power-on so that it can be permanently stored.
- the operation of writing to the database is expressed in code, such as setstorage(key,ENC(value,secret_key)).
- setstorage(key,ENC(value,secret_key)) the key can be written in the same way as the traditional key.
- Intel SGX technology can be used
- ENC means enclave
- secret_key means the key used when writing the database in SGX technology.
- the key may be a symmetric encryption key, for example, a seal (Simple Encrypted Arithmetic Library) key.
- the seal key may be sent to the first blockchain node by the key management server after remote certification, for example.
- the key may also be an asymmetrically encrypted key.
- the contract status indicated by the privacy identifier in the smart contract code can be encrypted and stored in the database.
- the contract status not indicated by the privacy identifier in the smart contract code it may still be stored in the database in plain text.
- the entire contract state of a smart contract is treated as data requiring privacy protection, it is calculated in TEE and stored in a database.
- This embodiment can flexibly store encrypted contract states that indicate privacy protection.
- FIG. 5 illustrates an embodiment of a method for realizing privacy protection in this application. This embodiment focuses on describing the implementation process from the perspective of the first blockchain node. As shown in FIG. 5, the method embodiment includes:
- the first blockchain node receives an encrypted transaction including a smart contract, and the code of the smart contract includes the contract status indicated by the privacy identifier.
- the contract state may include state variables in code written in a programming language. Taking the user writing "Creating a smart contract" in Solidity language as an example, during the writing process, a privacy identifier can be used to identify the contract status that requires privacy protection.
- the contract state here is, for example, a state variable in a programming language.
- the privacy identifier here may be an identifier specifically indicating that privacy protection is required, for example, expressed by the keyword Confidential. Then, if you want to protect the state variables supported by the above Solidity language, you can add the privacy identifier Confidential. In this way, using Confidential as a prefix can indicate the state variables that need privacy protection.
- the smart contract in the transaction received by the first blockchain node may include:
- smart contracts deployed on the blockchain are generally in the form of bytecode. If the user directly writes a smart contract in a high-level language on the first blockchain node, the first blockchain node can also use a compiler to compile the smart contract written in the high-level language to generate bytecode. If the user receives a smart contract written in a high-level language on the client, after the user writes the smart contract on the client, the client may also use a compiler to compile the smart contract written in the high-level language to generate bytecode, Furthermore, the smart contract in the form of bytecode is sent to the first blockchain node, so that the first blockchain node receives the smart contract in the form of bytecode.
- the smart contract written in the high-level language can be directly sent to the first blockchain node, and then the first blockchain node can use the compiler to write the smart contract in the high-level language Compile to generate bytecode.
- the smart contract in the transaction sent by the second blockchain node received by the first blockchain node it is generally a smart contract in the form of bytecode; of course, it can also be a smart contract written in a high-level language.
- a blockchain node can use a compiler to compile a smart contract written in a high-level language to generate bytecode.
- the compiler needs to be adjusted to process the contract state indicated by the privacy identifier.
- the compiled bytecode also uses the keyword Confidential to indicate the operation requiring privacy protection, which is the same as the smart contract written in the Solidity language, that is, the same as in code example 2.
- the byte identifier may be different from the privacy identifier in Code Example 2, that is, the byte identifier may be different from the privacy identifier in the code written in the high-level language.
- the privacy identifier in the code written in the high-level language is different from the bytecode, it is assumed that the privacy identifier in the code written in the high-level language is the first identifier, and the privacy identifier in the code in the bytecode form is the second For a privacy identifier, there is a corresponding relationship between the first privacy identifier and the second privacy identifier.
- An encrypted transaction containing a smart contract received by the first blockchain node uses symmetric encryption or asymmetric encryption, or a combination of symmetric encryption and asymmetric encryption.
- the client can encrypt the transaction containing the creation of a smart contract with a key.
- the encryption may be symmetric encryption or asymmetric encryption.
- the client may use a combination of symmetric encryption and asymmetric encryption.
- the first blockchain node For transactions that contain smart contracts are encrypted with a symmetrically encrypted private key, the first blockchain node decrypts the transaction with the corresponding symmetrically encrypted private keys to obtain the code for the smart contract; or, for transactions that contain smart contracts Symmetrically encrypted public key encryption, the first blockchain node decrypts the transaction with the corresponding asymmetrically encrypted private key to obtain the code of the smart contract.
- the symmetric encryption combined with asymmetric encryption includes digital envelope encryption.
- the first blockchain node can use the private keys of asymmetric encryption algorithms to decrypt Obtain the private key of the symmetric encryption algorithm, and use the private key of the symmetric encryption algorithm to decrypt to obtain the transaction content.
- the public key of the symmetric encryption algorithm can be obtained through negotiation between the encryption party and the first blockchain node, or can be obtained from the key management server.
- the public key of the symmetric encryption algorithm can also be generated by the encrypting party, and the key management server sends the private key of the asymmetric encryption algorithm to the circle of the first blockchain node through remote certification to encrypt the asymmetric encryption
- the public key of the algorithm is sent to the encryption party.
- the transaction containing the smart contract received by the first blockchain node may be, for example, a transaction for creating and/or calling a smart contract.
- S503 The first blockchain node decrypts the code of the smart contract in the transaction.
- the decryption process is as described above and will not be repeated here.
- the first blockchain node executes the decrypted code of the smart contract in a trusted execution environment, and encrypts the key when writing the contract status indicated by the privacy identifier into the database.
- the first blockchain node can use the newly added processor instruction in the CPU, and can allocate a part of the EPC in the memory, and encrypt the plaintext code obtained by the decryption through the encryption engine MEE in the CPU and store it in the EPC.
- the encrypted content in EPC is decrypted into plain text after entering the CPU.
- the code of the plain text is operated to complete the execution process.
- the code that executes the smart contract can load the EVM into the enclosure.
- the key management server can calculate the hash value of the local EVM code and compare it with the hash value of the EVM code loaded in the first blockchain node. The result of the comparison is correct as a necessity for remote certification Conditions, thus completing the measurement of the code loaded on the first blockchain node SGX circle.
- the correct EVM can execute the smart contract code in SGX.
- the contract status will change.
- the plaintext code of the smart contract is executed in a trusted execution environment.
- the state of the contract indicated by the privacy identifier in the smart contract will also change.
- the contract status is written to a database, such as a local database.
- the database is generally stored in a storage medium, and the more common is a persistent storage medium.
- the persistent storage medium may be a magnetic disk, a floppy disk, or a memory that can recover data after power-on so that it can be permanently stored.
- the key includes a symmetrically encrypted key or an asymmetrically encrypted key.
- the symmetrically encrypted key includes a seal key.
- the seal key may be sent by the key management server after the SGX of the first blockchain node passes the remote certification.
- the compiler mentioned in the above embodiments is applicable to compiled languages. That is, before the code is run, the entire language (programming language) that humans can understand is translated into a language that the machine can understand by the compiler. Furthermore, the compiled code is executed by a virtual machine, such as the EVM described above. Applications written in compiled languages can be run directly after compilation. Compiled languages are characterized by fast speed and high efficiency.
- interpreted language is also a human-understandable language (programming language), which also needs to be converted into a language that the machine can understand to execute, but it is converted at runtime.
- the interpreted language appears directly in the form of source code, which is parsed into machine code in real time and executed when it is run.
- Programs in interpreted languages do not need to be compiled before running, and are only translated when the program is run.
- a special interpreter is responsible for interpreting the program code when each statement is executed.
- Such an interpreted language needs to be translated every time it is executed, which is less efficient.
- JavaScript is an interpreted language, which means that the system only knows whether this sentence of code is wrong when each sentence of code is running. In other words, because the compiled language is compiled before running, the compiler checks all the code so that it does not produce some low-level errors, such as the use of non-existent names, or the use of wrong names. JavaScript may have these problems.
- the interpreted language can be used instead of the compiled language. That is, the first blockchain node may receive smart contract code written in an interpreted language, and does not need to be compiled by a compiler. During execution, the smart contract code can be executed by the interpreter.
- the interpreter is, for example, JIT (Just In Time Compilation) such as JVM (Java Virtual Machine, Java Virtual Machine).
- the code that executes the smart contract can load the JVM into the enclosure.
- the key management server can calculate the hash value of the local JVM code, and compare it with the hash value of the JVM code loaded in the first blockchain node. Conditions, thus completing the measurement of the code loaded on the first blockchain node SGX circle. After measurement, the correct JVM can execute the smart contract code in SGX.
- the system for achieving privacy protection includes a client 601 and a first blockchain node 602, where:
- the client 601 is used to encrypt the transaction containing the smart contract and send the encrypted transaction to the first blockchain node.
- the code of the smart contract includes the contract status indicated by the privacy identifier;
- the first blockchain node 602 is used to decrypt the code of the smart contract in the transaction, execute the code of the smart contract in a trusted execution environment, and write the contract status indicated by the privacy identifier into the database , Use the key to encrypt.
- the contract state includes state variables in code written in a programming language.
- the contract status indicated by the first privacy identifier needs to be protected for privacy
- the smart contract in the bytecode format includes the need for privacy protection indicated by the second privacy identifier
- the contract status of; the first privacy identifier is the same as or corresponds to the second privacy identifier.
- the receiving module 701 is used to receive an encrypted transaction containing a smart contract, and the code of the smart contract includes the contract status indicated by the privacy identifier;
- the execution module 703 is used to execute the decrypted code of the smart contract in a trusted execution environment
- a writing module 704 which is used to encrypt the contract state indicated by the privacy identifier into the database after the execution module executes the decrypted code of the smart contract;
- the database 705 is used to store the written contract state encrypted with the key.
- the contract state includes state variables in code written in a programming language.
- the smart contract in the form of high-level language includes a contract state indicated by the first privacy identifier that requires privacy protection, and the smart contract in the form of bytecode includes the need for privacy indicated by the second privacy identifier Protected contract status; the first privacy identifier is the same as or corresponds to the second privacy identifier.
- the symmetrically encrypted key includes a seal key.
- the improvement of a technology can be clearly distinguished from the improvement in hardware (for example, the improvement of circuit structures such as diodes, transistors, and switches) or the improvement in software (the improvement of the process flow).
- the improvement of many methods and processes can be regarded as a direct improvement of the hardware circuit structure.
- Designers almost get the corresponding hardware circuit structure by programming the improved method flow into the hardware circuit. Therefore, it cannot be said that the improvement of a method flow cannot be realized by hardware physical modules.
- a programmable logic device Programmable Logic Device, PLD
- PLD Programmable Logic Device
- FPGA Field Programmable Gate Array
- HDL Hardware Description Language
- ABEL Advanced Boolean Expression
- AHDL AlteraHardwareDescriptionLanguage
- Confluence a specific programming language
- CUPL CornellUniversityProgrammingLanguage
- HDCal JHDL (JavaHardwareDescriptionLanguage)
- Lava Lola
- MyHDL PALASM
- RHDL RubyHardwareDescription
- the controller may be implemented in any suitable manner, for example, the controller may take a microprocessor or processor and a computer-readable medium storing computer-readable program code (such as software or firmware) executable by the (micro)processor , Logic gates, switches, application specific integrated circuits (Application Specific Integrated Circuit, ASIC), programmable logic controllers and embedded microcontrollers.
- Examples of controllers include but are not limited to the following microcontrollers: ARC625D, Atmel AT91SAM, Microchip PIC18F26K20 and Silicon Labs C8051F320, the memory controller can also be implemented as part of the control logic of the memory.
- controller in addition to implementing the controller in the form of pure computer-readable program code, it is entirely possible to logically program method steps to make the controller use logic gates, switches, application specific integrated circuits, programmable logic controllers and embedded The same function is realized in the form of a microcontroller or the like. Therefore, such a controller can be regarded as a hardware component, and the device for implementing various functions included therein can also be regarded as a structure within the hardware component. Or even, the means for realizing various functions can be regarded as both a software module of an implementation method and a structure within a hardware component.
- the system, device, module or unit explained in the above embodiments may be specifically implemented by a computer chip or entity, or implemented by a product with a certain function.
- a typical implementation device is a computer.
- the computer may be, for example, a personal computer, a laptop computer, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device A combination of any of these devices.
- the embodiments of the present invention may be provided as methods, systems, or computer program products. Therefore, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware. Moreover, the present invention may take the form of a computer program product implemented on one or more computer usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer usable program code.
- computer usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
- each flow and/or block in the flowchart and/or block diagram and a combination of the flow and/or block in the flowchart and/or block diagram may be implemented by computer program instructions.
- These computer program instructions can be provided to the processor of a general-purpose computer, special-purpose computer, embedded processing machine, or other programmable data processing device to produce a machine that enables the generation of instructions executed by the processor of the computer or other programmable data processing device
- the present application may be described in the general context of computer-executable instructions executed by a computer, such as program modules.
- program modules include routines, programs, objects, components, data structures, etc. that perform specific tasks or implement specific abstract data types.
- the present application may also be practiced in distributed computing environments in which tasks are performed by remote processing devices connected through a communication network.
- program modules may be located in local and remote computer storage media including storage devices.
- These computer program instructions may also be stored in a computer-readable memory that can guide a computer or other programmable data processing device to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including an instruction device, the instructions
- the device implements the functions specified in one block or multiple blocks of the flowchart one flow or multiple flows and/or block diagrams.
- These computer program instructions can also be loaded onto a computer or other programmable data processing device, so that a series of operating steps are performed on the computer or other programmable device to produce computer-implemented processing, which is executed on the computer or other programmable device
- the instructions provide steps for implementing the functions specified in one block or multiple blocks of the flowchart one flow or multiple flows and/or block diagrams.
- the computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
- processors CPUs
- input/output interfaces network interfaces
- memory volatile and non-volatile memory
- the memory may include non-permanent memory, random access memory (RAM) and/or non-volatile memory in computer-readable media, such as read only memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.
- RAM random access memory
- ROM read only memory
- flash RAM flash random access memory
- Computer-readable media including permanent and non-permanent, removable and non-removable media, can store information by any method or technology.
- the information may be computer readable instructions, data structures, modules of programs, or other data.
- Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technologies, read-only compact disc read-only memory (CD-ROM), digital versatile disc (DVD) or other optical storage, Magnetic tape cassettes, magnetic tape magnetic disk storage or other magnetic storage devices or any other non-transmission media can be used to store information that can be accessed by computing devices.
- computer-readable media does not include temporary computer-readable media (transitory media), such as modulated data signals and carrier waves.
- first touch may be named the second touch and similarly the second touch may be named the first touch without departing from the scope of various described embodiments.
- the term “if” may be interpreted to mean “when” ("when” or “upon”) or “in response to determination” or “in response to detection”.
- the phrase “if determined" or “if [the stated condition or event] is detected” may be interpreted to mean “at the time of determination” or “in response to the determination... “Or” when [the stated condition or event] is detected” or “in response to the detected [stated condition or event]”.
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Finance (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Development Economics (AREA)
- Marketing (AREA)
- Economics (AREA)
- Technology Law (AREA)
- Databases & Information Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
一种区块链中实现隐私保护的方法,包括:客户端将包含智能合约的交易加密,并将加密后的所述交易发给第一区块链节点,所述智能合约的代码中包括通过隐私标识符标明的合约状态(S401);第一区块链节点解密所述交易中的所述智能合约的代码,在可信执行环境中执行所述智能合约的代码,在将所述隐私标识符标明的合约状态写入数据库时,用密钥加密(S403)。该方法可以灵活的针对标明隐私保护的合约状态进行加密。
Description
本申请涉及区块链技术领域,尤其涉及一种区块链中实现隐私保护的方法。
区块链技术构建在传输网络(例如点对点网络)之上。传输网络中的网络节点利用链式数据结构来验证与存储数据,并采用分布式节点共识算法来生成和更新数据。这些区块链网络中的节点有时需要增加。
目前企业级的区块链平台技术上最大的两个挑战就是隐私和性能,往往这两个挑战很难同时解决。大多解决方案都是通过损失性能换取隐私,或者不大考虑隐私去追求性能。常见的解决隐私问题的加密技术,如同态加密(Homomorphic encryption)和零知识证明(Zero-knowledge proof)等复杂度高,通用性差,而且还可能带来严重的性能损失。
在解决隐私方面,可信执行环境(Trusted Execution Environment,TEE)是另一种解决方式。TEE可以起到硬件中的黑箱作用,在TEE中执行的代码和数据操作系统层都无法偷窥,只有代码中预先定义的接口才能对其进行操作。在效率方面,由于TEE的黑箱性质,在TEE中进行运算的是明文数据,而不是同态加密中的复杂密码学运算,计算过程效率没有损失,因此与TEE相结合可以在性能损失较小的前提下很大程度上提升区块链的安全性和隐私性。目前工业界十分关注TEE的方案,几乎所有主流的芯片和软件联盟都有自己的TEE解决方案,包括软件方面的TPM(Trusted Platform Module,可信赖平台模块)以及硬件方面的Intel SGX(Software Guard Extensions,软件保护扩展)、ARM Trustzone(信任区)和AMD PSP(Platform Security Processor,平台安全处理器)。
区块链2.0时代中出现的智能合约,将区块链的应用范围提升到了一个新高度。有了智能合约,区块链能做不再是单一的转账交易,而是还可以调用一段代码,而这段代码可以由用户自定义。
在传统的区块链与TEE相结合的解决方案中,为了实现隐私保护,智能合约整体被当作需要隐私保护的数据在TEE中进行运算并将全部合约状态加密存储在区块链上。而实际上智能合约中部分内容可能是敏感的,才需要进行隐私保护,而其它内容并不敏感,可以公开。目前的解决方案没有一种更加灵活的实现隐私保护的方法。
发明内容
本申请实施例的目的是提供一种区块链中实现隐私保护的方法。
为解决上述技术问题,本申请实施例是这样实现的:
一种区块链中实现隐私保护的方法,包括:
客户端将包含智能合约的交易加密,并将加密后的所述交易发给第一区块链节点,所述智能合约的代码中包括通过隐私标识符标明的合约状态;
第一区块链节点解密所述交易中的所述智能合约的代码,在可信执行环境中执行所述智能合约的代码,在将所述隐私标识符标明的合约状态写入数据库时,用密钥加密。
一种区块链中实现隐私保护的方法,包括:
第一区块链节点接收经过加密的包含智能合约的交易,所述智能合约的代码中包括通过隐私标识符标明的合约状态;
第一区块链节点解密所述交易中的所述智能合约的代码;
第一区块链节点在可信执行环境中执行解密的所述智能合约的代码,并在将所述隐私标识符标明的合约状态写入数据库时,用密钥加密。
一种区块链中实现隐私保护的系统,包括客户端和第一区块链节点,其中:
客户端用于将包含智能合约的交易加密,并将加密后的所述交易发给第一区块链节点,所述智能合约的代码中包括通过隐私标识符标明的合约状态;
第一区块链节点用于解密所述交易中的所述智能合约的代码,在可信执行环境中执行所述智能合约的代码,在将所述隐私标识符标明的合约状态写入数据库时,用密钥加密。
一种区块链中实现隐私保护的节点,包括:
接收模块,用于接收经过加密的包含智能合约的交易,所述智能合约的代码中包括通过隐私标识符标明的合约状态;
解密模块,用于解密所述交易中的所述智能合约的代码;
执行模块,用于在可信执行环境中执行解密的所述智能合约的代码;
写入模块,用于在执行模块执行解密的所述智能合约的代码后,将所述隐私标识符 标明的合约状态写入数据库时用密钥加密;
数据库,用于存储写入的用密钥加密的合约状态。
由以上本申请实施例提供的技术方案可见,本申请实施例对于智能合约代码中通过所述隐私标识符标明的合约状态,可以加密存储在所述数据库中。对于智能合约代码中没有通过所述隐私标识符标明的合约状态,可以仍然是明文存储在所述数据库中。相对于现有技术中智能合约的全部合约状态被当做需要隐私保护的数据在TEE中运算并将全部合约状态存储在数据库中,本实施例可以灵活的针对标明隐私保护的合约状态进行加密。
为了更清楚地说明本申请实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请中记载的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。
图1为本申请一个实施例的创建智能合约的图示过程;
图2为本申请一个实施例的调用智能合约的图示过程;
图3为本申请一个实施例中创建智能合约和调用智能合约的示意图;
图4为本申请一实现隐私保护的方法实施例的流程图;
图5为本申请一实现隐私保护的方法实施例的流程图;
图6为本申请一实现隐私保护的系统实施例的组成图;
图7为本申请一实现隐私保护的节点实施例的组成图。
本申请实施例提供一种区块链中实现隐私保护的方法。
为了使本技术领域的人员更好地理解本申请中的技术方案,下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都应当属于本 申请保护的范围。
区块链一般被划分为三种类型:公有链(Public Blockchain),私有链(Private Blockchain)和联盟链(Consortium Blockchain)。此外,还有多种类型的结合,比如私有链+联盟链、联盟链+公有链等不同组合形式。其中去中心化程度最高的是公有链。公有链以比特币、以太坊为代表,加入公有链的参与者可以读取链上的数据记录、参与交易以及竞争新区块的记账权等。而且,各参与者(即节点)可自由加入以及退出网络,并进行相关操作。私有链则相反,该网络的写入权限由某个组织或者机构控制,数据读取权限受组织规定。简单来说,私有链可以为一个弱中心化系统,参与节点具有严格限制且少。这种类型的区块链更适合于特定机构内部使用。联盟链则是介于公有链以及私有链之间的区块链,可实现“部分去中心化”。联盟链中各个节点通常有与之相对应的实体机构或者组织;参与者通过授权加入网络并组成利益相关联盟,共同维护区块链运行。
不论是公有链、私有链还是联盟链,都可能提供智能合约的功能。区块链上的智能合约是在区块链系统上可以被交易触发执行的合约。智能合约可以通过代码的形式定义。
以以太坊为例,支持用户在以太坊网络中创建并调用一些复杂的逻辑,这是以太坊区别于比特币区块链技术的最大挑战。以太坊作为一个可编程区块链的核心是以太坊虚拟机(EVM),每个以太坊节点都可以运行EVM。EVM是一个图灵完备的虚拟机,这意味着可以通过它实现各种复杂的逻辑。用户在以太坊中发布和调用智能合约就是在EVM上运行的。实际上,虚拟机直接运行的是虚拟机代码(虚拟机字节码,下简称“字节码”)。部署在区块链上的智能合约可以是字节码的形式。
例如图1所示,Bob将一个包含创建智能合约信息的交易发送到以太坊网络后,节点1的EVM可以执行这个交易并生成对应的合约实例。图中1中的“0x6f8ae93…”代表了这个合约的地址,交易的data字段保存的可以是字节码,交易的to字段为一个空的账户。节点间通过共识机制达成一致后,这个合约成功创建,后续用户可以调用这个合约。
合约创建后,区块链上出现一个与该智能合约对应的合约账户,并拥有一个特定的地址,合约代码和账户存储将保存在该合约账户中。智能合约的行为由合约代码控制,而智能合约的账户存储则保存了合约的状态。换句话说,智能合约使得区块链上产生包含合约代码和账户存储(Storage)的虚拟账户。
前述提到,包含创建智能合约的交易的data字段保存的可以是该智能合约的字节码。字节码由一连串的字节组成,每一字节可以标识一个操作。基于开发效率、可读性等多方面考虑,开发者可以不直接书写字节码,而是选择一门高级语言编写智能合约代码。高级语言编写的智能合约代码,经过编译器编译,生成字节码,进而该字节码可以部署到区块链上。以太坊支持的高级语言很多,如Solidity、Serpent、LLL语言等。
以Solidity语言为例,用其编写的合约与面向对象编程语言中的类(Class)很相似,在一个合约中可以声明多种成员,包括状态变量、函数、函数修改器、事件等。状态变量是永久存储在智能合约的账户存储中的值,用于保存合约的状态。
如下是以Solidity语言编写的一个简单的智能合约的代码示例1:
Contract Example{
int balance;
function C(){
balance+=1;
}
function getblance()returns(int){
return balance;
}
}
一般的,这个合约部署在区块链后,“balance”这个状态变量对应的存储状态是明文,任何人都可以看到其状态,无隐私保护的设置和能力。如果用户想将状态隐私保护起来,目前采用零知识证明、同态加密的解决方案,需要重新改写这个合约,使得“balance”这个状态变量加密保护起来,且需要支持balance在加密域上的所有运算。一般这种加密方式运算复杂,而且很难设计适合的算法在加密域上予以支持。而在有些区块链与TEE相结合的解决方案中,为了实现隐私保护,智能合约的全部合约状态被当作需要隐私保护的数据存储在区块链上。所述区块链,是存储在节点的数据库中特定逻辑组织而成的数据集合。所述数据库,如后所述,其物理载体可以存储介质,例如持久性存储介质。实际上,智能合约中可能只有“balance”这个合约状态是敏感的,才需要进行隐私保护,而其它内容并不敏感,可以公开。
此外,如图2所示,仍以以太坊为例,Bob将一个包含调用智能合约信息的交易发 送到以太坊网络后,节点1的EVM可以执行这个交易并生成对应的合约实例。图中2中交易的from字段是发起调用智能合约的账户的地址,to字段中的“0x6f8ae93…”代表了被调用的智能合约的地址,value字段在以太坊中是以太币的值,交易的data字段保存的调用智能合约的方法和参数。调用智能合约后,balance的值可能改变。后续,某个客户端可以通过某一区块链节点(例如图2中的节点6)查看balance的当前值。
智能合约可以以规定的方式在区块链网络中每个节点独立的执行,所有执行记录和数据都保存在区块链上,所以当这样的交易完成后后,区块链上就保存了无法篡改、不会丢失的交易凭证。
创建智能合约和调用智能合约的示意图如图3所示。以太坊中要创建一个智能合约,需要经过编写智能合约、变成字节码、部署到区块链等过程。以太坊中调用智能合约,是发起一笔指向智能合约地址的交易,智能合约代码分布式的运行在以太坊网络中每个节点的虚拟机中。
以下结合图4所示说明本申请一实现隐私保护的方法实施例的实现过程:
S401:客户端将包含智能合约的交易加密,并将加密后的所述交易发给第一区块链节点,所述智能合约的代码中包括通过隐私标识符标明的合约状态。
用户在客户端上编写智能合约代码的过程中,可以采用隐私标识符来标识需要隐私保护的合约状态。
以用户采用Solidity语言编写“创建智能合约”为例,在编写过程中,可以采用隐私标识符来标识需要隐私保护的合约状态。这里的合约状态例如是编程语言中的状态变量。类似的,在采用Serpent、LLL语言等编写智能合约过程中,也可以采用隐私标识符来标识需要隐私保护的状态变量。
Solidity语言目前主要支持状态变量类型可以是:Booleans,Integers,Fixed Point Numbers,Address,Fixed-size byte array,Address Literals,Rational and integer Literals,String Literals,Hexadecimal Literals,Enums.
这里的隐私标识符可以是专门标明需要隐私保护的标识符,例如通过Confidential这一关键字表示。那么,如果要对上述Solidity语言支持的状态变量进行隐私保护,可以在前面增加Confidential这一隐私标识符。这样,通过Confidential作为前缀可以标明需要隐私保护的状态变量。例如,Solidity语言支持隐私保护的状态变量类型可以是:Confidential Booleans,Confidential Integers,Confidential Fixed Point Numbers, Confidential Address,Confidential Fixed-size byte array,Confidential Address Literals,Confidential Rational and integer Literals,Confidential String Literals,Confidential Hexadecimal Literals,and Confidential Enums。
对上面提到的代码示例1,如果想将“balance”隐私保护起来,可以用隐私标识符Confidential在定义balance的类型int前标明(当然也可以将隐私标识符Confidential置于定义balance的类型int之后),如下代码示例2所示(下划线的部分表示隐私标识符):
Contract Example{
Confidential int balance;
function C(){
balance+=1;
}
function getblance()returns(int){
return balance;
}
}
第一区块链节点接收的交易中的智能合约,可以是用户在第一区块链节点上直接用高级语言编写智能合约,也可以是接收用户在客户端上用高级语言编写的智能合约,还可以是接收第二区块链节点发来的交易中的智能合约。具体的,可以是所述客户端通过第二区块链节点发来的交易中的智能合约。
如前所述,部署在区块链上的智能合约一般是字节码的形式。如果是用户在第一区块链节点上直接用高级语言编写智能合约,则第一区块链节点还可以采用编译器对高级语言编写的智能合约进行编译,生成字节码。如果接收用户在客户端上用高级语言编写的智能合约,则用户在客户端上书写智能合约后,所述客户端还可以采用编译器对高级语言编写的智能合约进行编译,生成字节码,进而将字节码形式的智能合约发送至第一区块链节点,这样,第一区块链节点接收的是字节码形式的智能合约。此外,用户在客户端上书写智能合约后,还可以是直接将高级语言编写的智能合约发送到第一区块链节点,进而第一区块链节点可以采用编译器对高级语言编写的智能合约进行编译,生成字节码。对于第一区块链节点接收的第二区块链节点发来的交易中的智能合约,一般来说是字节码形式的智能合约;当然也可以是用高级语言编写的智能合约,进而第一区块链 节点可以采用编译器对高级语言编写的智能合约进行编译,生成字节码。
在通过编译器对高级语言编写的智能合约编译的过程中,需要对编译器进行调整,以对隐私标识符标明的合约状态进行处理。
对于代码示例1中的传统的Solidity语言编写智能合约的C()函数部分,编译器编译结果例如为如下所示的代码示例3(/*…*/中…的部分为注释,后面如有汉字则为对应的中文注释):
/*compile function C()balance+=1编译函数C()balance+=1*/
tag_2
/*pushes 1 onto stack将1压入栈顶,这个1就是要赋值的1*/
0x1
/*pushes 0 onto stack将0压入栈顶,这个0是指balance这个数据将要存储到合约账户数据存储的0号位置。上面这两句执行完后,堆栈里从顶往下,就有了0和1两个数据*/
0x0
/*balance+=1将balance赋值为balance+1后的值*/
dup2/*复制栈中从顶往下数的第二项,所以这时堆栈从顶往上就有了1、0、1三个数据*/
swap1/*交换栈顶的两项数据,这时堆栈从顶往下存储的是0、1、1*/
/*store(0x0,0x1)存储(0x0,0x1),从栈顶往下数,将第二项数据存储到第一项标识的位置上,同时将这两项弹出堆栈。这里便是将数据1存储到0号位置,前面因为已经将balance与0号位置做了绑定,所以就完成了balance=1的赋值。这时堆栈里就只剩一层数据:1*/
sstore
pop/*丢弃栈顶数据,这时堆栈变成空,等待下一条指令的执行*/
对于代码示例2中包含隐私标识符标明合约状态的Solidity语言编写的智能合约,编译器编译结果如下所示的代码示例4(/*…*/中…的部分为注释,汉字为对应的中文):
/*compile function C()balance+=1编译函数C()balance+=1*/
tag_2
/*pushes 1 onto stack将1压入栈顶,这个1就是要赋值的1*/
0x1
/*pushes 0 onto stack将0压入栈顶,这个0是指balance这个数据将要存储到合约账户数据存储的0号位置。上面这两句执行完后,堆栈里从顶往下,就有了0和1两个数据*/
0x0
/*balance+=1将balance赋值为balance+1后的值*/
dup2/*复制栈中从顶往下数的第二项,所以这时堆栈从顶往上就有了1、0、1三个数据*/
swap1/*交换栈顶的两项数据,这时堆栈从顶往下存储的是0、1、1*/
/*Confidential_sstore(0x0,0x1)加密存储(0x0,0x1),从栈顶往下数,将第二项数据存储到第一项标识的位置上,同时将这两项弹出堆栈。这里即是将数据1存储到0号位置,前面已经将balance与0号位置做了绑定,所以这里就完成了balance=1的赋值。这时堆栈里就只剩一层数据:1*/
Confidential_sstore
pop/*丢弃栈顶数据,这时堆栈变成空,等待下一条指令的执行*/
上述字节码中,通过隐私标识符Confidential标明了需要进行隐私保护的合约状态balance。
这里的字节码中也采用了Confidential这一个关键词表示需要隐私保护的操作,与Solidity语言编写的智能合约中相同,即与代码示例2中的相同。本领域技术人员明白,字节码中可以采用不同于代码示例2中的隐私标识符,即字节码中可以采用不同于高级语言编写的代码中的隐私标识符。即使字节码中采用不同于高级语言编写的代码中的隐私标识符,假设高级语言编写的代码中的隐私标识符为第一标识符,字节码形式的代码中的隐私标识符为第二隐私标识符,则第一隐私标识符与第二隐私标识符存在对应关系。
如前所述,如果是用户在第一区块链节点上直接用高级语言编写智能合约,即第一区块链节点接收的包含智能合约的交易中的智能合约是用高级语言编写的,则第一区块链节点还可以采用编译器对高级语言编写的智能合约进行编译,生成字节码。生成的字 节码形式的智能合约中,通过隐私标识符在智能合约代码中标明需要进行隐私保护的合约状态。所述高级语言编写的智能合约中包括通过隐私标识符标明了需要进行隐私保护的合约状态。高级语言编写的代码中的隐私标识符对应于字节码形式的代码中的隐私标识符。
如果用户在客户端上用高级语言编写的智能合约,则用户在客户端上书写智能合约后,所述客户端还可以采用编译器对高级语言编写的智能合约进行编译,生成字节码,进而将字节码形式的智能合约发送至第一区块链节点。这样,第一区块链节点接收包含智能合约的交易,其中的智能合约是字节码形式的智能合约。该字节码形式的智能合约中包括通过隐私标识符标明需要进行隐私保护的合约状态。所述高级语言编写的智能合约中包括通过隐私标识符标明了需要进行隐私保护的合约状态。高级语言编写的代码中的隐私标识符对应于字节码形式的代码中的隐私标识符。
此外,用户在客户端上书写智能合约后,还可以是直接将高级语言编写的智能合约发送到第一区块链节点。所述高级语言编写的智能合约中包括通过隐私标识符标明了需要进行隐私保护的合约状态。进而,第一区块链节点可以采用编译器对高级语言编写的智能合约进行编译,生成字节码。生成的字节码形式的智能合约中,通过隐私标识符在智能合约代码中标明需要进行隐私保护的合约状态。高级语言编写的代码中的隐私标识符对应于字节码形式的代码中的隐私标识符。
如前所述,对于第一区块链节点接收的第二区块链节点发来的交易中的智能合约,一般来说是字节码形式的智能合约,当然也不排除是高级语言形式的智能合约。后者可以由第一区块链节点进一步编译而形成字节码。类似的,后者高级语言编写的代码中的隐私标识符对应于字节码形式的代码中的隐私标识符。
客户端可以将包含创建智能合约的交易用密钥加密。所述加密,可以采用对称加密,也可以采用非对称加密。对称加密采用的加密算法,例如是DES算法,3DES算法,TDEA算法,Blowfish算法,RC5算法,IDEA算法等。非对称加密算法,例如是RSA、Elgamal、背包算法、Rabin、D-H、ECC(椭圆曲线加密算法)等。
或者,客户端可以将包含创建智能合约的交易用密钥加密,还可以采用对称加密结合非对称加密相结合的方式。例如,客户端采用对称加密算法加密交易内容,即采用对称加密算法的私钥加密包含创建智能合约的交易,并用非对称加密算法加密对称加密算法中采用的私钥。一般的,采用非对称加密算法的公钥加密对称加密算法中采用的私钥。这样,第一区块链节点接收到加密的交易后,可以先采用非对称加密算法的私钥进行解 密,得到对称加密算法的私钥,进而用对称加密算法的私钥解密得到交易内容,即得到创建智能合约的代码。
第一区块链节点接收包含智能合约的交易,所述智能合约的代码中包括通过隐私标识符标明的需要进行隐私保护的合约状态。
客户端发送给第一区块链节点的交易中,也可以是包含调用智能合约的交易。对于这种情况,客户端可以将包含调用智能合约的交易用密钥加密,并将加密后的所述交易发给第一区块链节点。所述被调用的智能合约中可以包括通过隐私标识符标明的合约状态。所述调用智能合约的交易,可以是多重嵌套结构的调用。例如,调用智能合约1中的代码,调用了智能合约2,而调用智能合约2中的代码指向了经创建智能合约代码生成的合约地址3,从而,调用智能合约1中的代码间接调用了所述合约地址3中的智能合约代码,而合约地址3中的代码中可以包括通过隐私标识符标明的合约状态。这样,相当于调用智能合约1中包含了通过隐私标识符标明的合约状态。具体实现过程与上述过程类似,在此不再赘述。
客户端发送给第一区块链节点的交易中,也可以是包含创建和调用智能合约的交易。对于这种情况,客户端可以将包含创建和调用智能合约的交易用密钥加密,并将加密后的所述交易发给第一区块链节点,所述智能合约中包括通过隐私标识符标明的合约状态。具体实现过程与上述过程类似,在此不再赘述。
S403:第一区块链节点解密所述交易中的所述智能合约的代码,在可信执行环境中执行所述智能合约的代码,在将所述隐私标识符标明的合约状态写入数据库时,用密钥加密。
如前所述,第一区块链节点接收的包含智能合约的交易,例如可以是创建和/或调用智能合约的交易。例如在以太坊中,第一区块链节点接收到客户端发来的创建和/或调用智能合约的交易后,可以检查交易是否有效、格式是否正确,验证交易的签名是否合法等。
一般来说,以太坊中的节点一般也是争夺记账权的节点,因此,第一区块链节点作为争夺记账权的节点可以在本地执行所述包含智能合约的交易。如果争夺记账权的节点中的一个在本轮争夺记账权的过程中胜出,则成为记账节点。第一区块链节点如果在本轮争夺记账权的过程中胜出,就成为记账节点;当然,如果第一区块俩节点如果在本轮争夺记账权的过程中没有胜出,则不是记账节点,而其它节点可能成为记账节点。
智能合约类似于面向对象编程中的类,执行的结果生成对应该智能合约的合约实例,类似于生成类对应的对象。执行交易中创建智能合约的代码的过程,会创建合约账户,并在账户空间中部署合约。以太坊中,智能合约账户的地址是由发送者的地址(如图1中的0xf5e…或图2中的0x14c5f88a…)和交易随机数(nonce)作为输入,通过加密算法生成的。图2中的合约地址即由发送者的地址0x14c5f88a…和交易中的nonce经加密算法生成。
一般的,采用工作量证明(Proof of Work,POW)以及股权证明(Proof of Stake,POS)、委任权益证明(Delegated Proof of Stake,DPOS)等共识算法的支持智能合约的区块链网络中,争夺记账权的节点都可以在接收到包含创建智能合约的交易后执行所述交易。争夺记账权的节点中可能其中一个在本轮争夺记账权的过程中胜出,成为记账节点。记账节点可以将该包含智能合约的交易与其它交易一起打包并生成新的区块,并将生成的新的区块发送至其它节点进行共识。采用、
对于实用拜占庭容错(Practical Byzantine Fault Tolerance,PBFT)等机制的支持智能合约的区块链网络中,具有记账权的节点在本轮记账前已经商定好。因此,第一区块链节点接收到创建智能合约的交易后,如果自身不是本轮的记账节点,则可以将该交易发送至记账节点。对于本轮的记账节点(可以是第一区块链节点),在将该包含智能合约的交易打包并生成新区块的过程中或者之前,或在将该包含智能合约的交易与其它交易一起打包并生成新区块的过程中或者之前,可以执行所述包含智能合约的交易。所述记账节点将该包含智能合约的交易打包(或还包括其它交易一起打包)并生成新的区块后,将生成的新的区块或者区块头发送至其它节点进行共识。
如上所述,采用POW机制的支持智能合约的区块链网络中,或者采用POS、DPOS、PBFT机制的支持智能合约的区块链网络中,本轮的记账节点都可以将该包含智能合约的交易打包并生成新的区块,并将生成的新的区块后区块头发送至其它节点进行共识。如果其它节点接收到所述区块后经验证没有问题,可以将该新的区块追加到原有的区块链末尾,从而完成记账过程,达成共识,也就完成了智能合约在区块链网络上的部署。其它节点验证记账节点发来的新的区块或区块头的过程中,也可以执行所述区块中的包含智能合约的交易。
所述执行过程,一般可以通过虚拟机执行,例如以太坊中的虚拟机(Ethereum Virtual Machine,EVM)。一般的,EVM执行字节码形式的智能合约。当EVM执行到如代码示例3中的sstore时,传统的,是以键值对(key-value pair)的方式将合约状态 写入数据库。用代码表示的话,如setstorage(key,value)。
本实施例中,第一区块链节点可以在可信执行环境(Trusted Execution Environment,TEE)中执行所述解密的智能合约代码。TEE是基于CPU硬件的安全扩展,且与外部完全隔离的可信执行环境。TEE最早是由Global Platform提出的概念,用于解决移动设备上资源的安全隔离,平行于操作系统为应用程序提供可信安全的执行环境。ARM的Trust Zone技术最早实现了真正商用的TEE技术。
伴随着互联网的高速发展,安全的需求越来越高,不仅限于移动设备,云端设备,数据中心都对TEE提出了更多的需求。TEE的概念也得到了高速的发展和扩充。现在所说的TEE相比与最初提出的概念已经是更加广义的TEE。例如,服务器芯片厂商Intel,AMD等都先后推出了硬件辅助的TEE并丰富了TEE的概念和特性,在工业界得到了广泛的认可。现在提起的TEE通常更多指这类硬件辅助的TEE技术。不同于移动端,云端访问需要远程访问,终端用户对硬件平台不可见,因此使用TEE的第一步就是要确认TEE的真实可信。因此现在的TEE技术都引入了远程证明机制,由硬件厂商(主要是CPU厂商)背书并通过数字签名技术确保用户对TEE状态可验证。同时仅仅是安全的资源隔离也无法满足的安全需求,进一步的数据隐私保护也被提出。包括Intel SGX,AMD SEV在内的商用TEE也都提供了内存加密技术,将可信硬件限定在CPU内部,总线和内存的数据均是密文防止恶意用户进行窥探。例如,英特尔的软件保护扩展(SGX)等TEE技术隔离了代码执行、远程证明、安全配置、数据的安全存储以及用于执行代码的可信路径。在TEE中运行的应用程序受到安全保护,几乎不可能被第三方访问。
以Intel SGX技术为例,SGX提供了围圈(enclave,也称为飞地),即内存中一个加密的可信执行区域,由CPU保护数据不被窃取。以第一区块链节点采用支持SGX的CPU为例,利用新增的处理器指令,在内存中可以分配一部分区域EPC(Enclave Page Cache,围圈页面缓存或飞地页面缓存),通过CPU内的加密引擎MEE(Memory Encryption Engine)对其中的数据进行加密。EPC中加密的内容只有进入CPU后才会被解密成明文。因此,在SGX中,用户可以不信任操作系统、VMM(Virtual Machine Monitor,虚拟机监控器)、甚至BIOS(Basic Input Output System,基本输入输出系统),只需要信任CPU便能确保隐私数据不会泄漏。实际应用中,可以将隐私数据加密后以密文形式传递至围圈中,并通过远程证明将对应的秘钥也传入围圈。然后,在CPU的加密保护下利用数据进行运算,结果会以密文形式返回。这种模式下,既可以利用强大 的计算力,又不用担心数据泄漏。
如S401中所述,客户端可以将包含创建智能合约的交易用密钥加密。所述加密,可以采用对称加密,也可以采用非对称加密。S403中,相应地,第一区块链节点可以用对应的密钥解密所述交易中的所述智能合约的代码。如果S401中客户端用对称加密方式,即用对称加密的私钥对创建合约的交易加密,则S403中,相应地,第一区块链节点可以用所述对称加密的私钥解密所述交易中的所述智能合约的代码。对称加密采用的加密算法,例如是DES算法,3DES算法,TDEA算法,Blowfish算法,RC5算法,IDEA算法等。对称加密的密钥,例如可以是由客户端和第一区块链节点协商确定。
如果S401中客户端用非对称加密方式,即用非对称加密的公钥对创建合约的交易加密,则S403中,相应地,第一区块链节点可以用所述非对称加密的私钥解密所述交易中的所述智能合约的代码。非对称加密算法,例如是RSA、Elgamal、背包算法、Rabin、D-H、ECC(椭圆曲线加密算法)等。非对称加密的密钥,例如可以是由第一区块链节点生成一对公钥和私钥,并将公钥在S401之前发送至所述客户端,从而S401中所述客户端可以将包含创建智能合约的交易用密钥加密。
非对称加密的密钥,也可以由一个密钥管理服务器生成。通过远程证明的方式,密钥管理服务器将私钥发送至第一区块链节点,具体的,可以是传入第一区块链节点的围圈中。对于非对称加密的公钥,可以由密钥管理服务器发送至所述客户端。从而,S401中,所述客户端可以用该公钥加密所述包含创建智能合约的交易,相应地,第一区块链节点可以用所述私钥解密所述交易中的所述智能合约的代码。
如S401中所述,客户端也采用对称加密结合非对称加密相结合的方式。例如,客户端采用对称加密算法加密交易内容,即采用对称加密算法的私钥加密包含创建智能合约的交易,并用非对称加密算法加密对称加密算法中采用的私钥。一般的,采用非对称加密算法的公钥加密对称加密算法中采用的私钥。这样,第一区块链节点接收到加密的交易后,可以先采用非对称加密算法的私钥进行解密,得到对称加密算法的私钥,进而用对称加密算法的私钥解密得到交易内容,即得到创建智能合约的代码。
例如,密钥管理服务器通过远程证明可以将非对称加密算法的私钥发送至第一区块链节点的围圈,并将非对称加密算法的公钥发送至所述客户端。这样,S401中,所述客户端可以采用对称加密算法的私钥加密交易内容,即采用对称加密算法的私钥加密包含创建智能合约的交易,并用非对称加密算法的公钥加密对称加密算法中采用的私钥。进而,所述客户端可以将所述加密后的交易内容和非对称加密算法的公钥加密对称 加密算法中采用的私钥发送至第一区块链节点。第一区块链节点接收到所述加密后的交易内容和非对称加密算法的公钥加密对称加密算法中采用的私钥后,可以先用非对称加密算法的私钥解密得到对称加密算法的私钥,进而用该对称加密算法的私钥的解密所述交易,得到交易明文,从而得到所述创建智能合约的代码明文。这里的加密方式一般称为数字信封加密。调用智能合约的情形与上述创建智能合约类似,不再赘述。
这样,第一区块链节点可以在可信执行环境中执行明文的所述智能合约的代码。具体的,第一区块链节点可以利用CPU中新增的处理器指令,在内存中可以分配一部分区域EPC,通过CPU内的加密引擎MEE对上述解密得到的明文代码进行加密存入所述EPC中。EPC中加密的内容进入CPU后被解密成明文。在CPU中,对所述明文的代码进行运算,完成执行过程。
SGX技术中,执行所述智能合约的代码,可以将EVM加载进所述围圈中。远程证明过程中,所述密钥管理服务器可以计算本地EVM代码的hash值,并与第一区块链节点中加载的EVM代码的hash值比对,比对结果正确作为通过远程证明的一个必要条件,从而完成对第一区块链节点SGX围圈加载的代码的度量。经过度量,正确的EVM可以在SGX中执行所述智能合约代码。
一般的,CPU执行所述明文代码后,所述合约状态会发生变化。在可信执行环境中执行所述智能合约的明文代码,所述智能合约中通过隐私标识符标明的合约状态,其状态也会发生变化。
将合约状态存入区块链,从区块链节点的角度,是将该合约状态写入数据库,例如本地的数据库。所述数据库,一般存储于存储介质之中,更多见的是持久性存储介质。所述持久性存储介质,可以是磁盘、软盘,也可以是通电后可恢复数据从而可以持久存储的内存之类。
写入数据库的操作,用代码表示的话,如setstorage(key,ENC(value,secret_key))。setstorage(key,ENC(value,secret_key))中,键(key)可以与传统的键写入方式相同。至于value的写入,可以采用Intel SGX技术,ENC表示enclave,secret_key表示采用SGX技术中写入数据库时采用的密钥。所述密钥可以是对称加密的密钥,例如是seal(Simple Encrypted Arithmetic Library)密钥。所述seal密钥,例如可以是通过远程证明后由密钥管理服务器发送给第一区块链节点。此外,所述密钥也可以是非对称加密的密钥。
这样,对于智能合约代码中通过所述隐私标识符标明的合约状态,可以加密存 储在所述数据库中。对于智能合约代码中没有通过所述隐私标识符标明的合约状态,可以仍然是明文存储在所述数据库中。相对于现有技术中智能合约的全部合约状态被当做需要隐私保护的数据在TEE中运算并存储在数据库中,本实施例可以灵活的针对标明隐私保护的合约状态进行加密存储。
以下附图5说明本申请一实现隐私保护的方法实施例。该实施例侧重从第一区块链节点的角度描述实现过程。如图5所示,该方法实施例包括:
S501:第一区块链节点接收经过加密的包含智能合约的交易,所述智能合约的代码中包括通过隐私标识符标明的合约状态。
如前所述,所述合约状态,可以包括采用的编程语言编写的代码中的状态变量。以用户采用Solidity语言编写“创建智能合约”为例,在编写过程中,可以采用隐私标识符来标识需要隐私保护的合约状态。这里的合约状态例如是编程语言中的状态变量。这里的隐私标识符可以是专门标明需要隐私保护的标识符,例如通过Confidential这一关键字表示。那么,如果要对上述Solidity语言支持的状态变量进行隐私保护,可以在前面增加Confidential这一隐私标识符。这样,通过Confidential作为前缀可以标明需要隐私保护的状态变量。
第一区块链节点接收的交易中的智能合约,可以包括:
用户在第一区块链节点上用高级语言编写的智能合约;或,
用户在客户端上用高级语言编写的智能合约;或,
第二区块链节点发来的交易中的智能合约。
如前所述,部署在区块链上的智能合约一般是字节码的形式。如果是用户在第一区块链节点上直接用高级语言编写智能合约,则第一区块链节点还可以采用编译器对高级语言编写的智能合约进行编译,生成字节码。如果接收用户在客户端上用高级语言编写的智能合约,则用户在客户端上书写智能合约后,所述客户端还可以采用编译器对高级语言编写的智能合约进行编译,生成字节码,进而将字节码形式的智能合约发送至第一区块链节点,这样,第一区块链节点接收的是字节码形式的智能合约。此外,用户在客户端上书写智能合约后,还可以是直接将高级语言编写的智能合约发送到第一区块链节点,进而第一区块链节点可以采用编译器对高级语言编写的智能合约进行编译,生成字节码。对于第一区块链节点接收的第二区块链节点发来的交易中的智能合约,一般来说是字节码形式的智能合约;当然也可以是用高级语言编写的智能合约,进而第一区 块链节点可以采用编译器对高级语言编写的智能合约进行编译,生成字节码。
在通过编译器对高级语言编写的智能合约编译的过程中,需要对编译器进行调整,以对隐私标识符标明的合约状态进行处理。具体请参见图4对应的实施例。如前述代码示例3、4中,编译后的字节码中也采用了Confidential这一个关键词表示需要隐私保护的操作,与Solidity语言编写的智能合约中相同,即与代码示例2中的相同。本领域技术人员明白,字节码中可以采用不同于代码示例2中的隐私标识符,即字节码中可以采用不同于高级语言编写的代码中的隐私标识符。即使字节码中采用不同于高级语言编写的代码中的隐私标识符,假设高级语言编写的代码中的隐私标识符为第一标识符,字节码形式的代码中的隐私标识符为第二隐私标识符,则第一隐私标识符与第二隐私标识符存在对应关系。
第一区块链节点接收的经过加密的包含智能合约的交易,所述加密方式采用对称加密方式或非对称加密方式,或采用对称加密结合非对称加密的方式。例如,客户端可以将包含创建智能合约的交易用密钥加密。所述加密,可以采用对称加密,也可以采用非对称加密。或者,客户端可以采用对称加密结合非对称加密相结合的方式。对于包含智能合约的交易用对称加密的私钥加密,第一区块链节点用对应的对称加密的私钥解密所述交易得到所述智能合约的代码;或,对于包含智能合约的交易用非对称加密的公钥加密,第一区块链节点用对应的非对称加密的私钥解密所述交易得到所述智能合约的代码。所述对称加密结合非对称加密的方式,包括数字信封加密方式。
对于采用对称加密算法的私钥加密包含智能合约的交易,并用非对称加密算法的公钥加密对称加密算法中采用的私钥,第一区块链节点可以采用非对称加密算法的私钥进行解密得到对称加密算法的私钥,并用所述对称加密算法的私钥解密得到交易内容。所述对称加密算法的公钥,以由加密方与第一区块链节点协商得到,或由密钥管理服务器发送得到。所述对称加密算法的公钥也可以由加密方生成,密钥管理服务器通过远程证明将所述非对称加密算法的私钥发送至第一区块链节点的围圈,将所述非对称加密算法的公钥发送至所述加密方。
第一区块链节点接收的包含智能合约的交易,例如可以是创建和/或调用智能合约的交易。
S503:第一区块链节点解密所述交易中的所述智能合约的代码。
解密过程如上所述,不再赘述。
S505:第一区块链节点在可信执行环境中执行解密的所述智能合约的代码,并在将所述隐私标识符标明的合约状态写入数据库时,用密钥加密。
第一区块链节点可以利用CPU中新增的处理器指令,在内存中可以分配一部分区域EPC,通过CPU内的加密引擎MEE对上述解密得到的明文代码进行加密存入所述EPC中。EPC中加密的内容进入CPU后被解密成明文。在CPU中,对所述明文的代码进行运算,完成执行过程。
SGX技术中,执行所述智能合约的代码,可以将EVM加载进所述围圈中。远程证明过程中,所述密钥管理服务器可以计算本地EVM代码的hash值,并与第一区块链节点中加载的EVM代码的hash值比对,比对结果正确作为通过远程证明的一个必要条件,从而完成对第一区块链节点SGX围圈加载的代码的度量。经过度量,正确的EVM可以在SGX中执行所述智能合约代码。
一般的,CPU执行所述明文代码后,所述合约状态会发生变化。在可信执行环境中执行所述智能合约的明文代码,所述智能合约中通过隐私标识符标明的合约状态,其状态也会发生变化。
从区块链节点的角度,是将该合约状态写入数据库,例如本地的数据库。所述数据库,一般存储于存储介质之中,更多见的是持久性存储介质。所述持久性存储介质,可以是磁盘、软盘,也可以是通电后可恢复数据从而可以持久存储的内存之类。
所述密钥包括对称加密的密钥或非对称加密的密钥。所述对称加密的密钥包括seal密钥。所述seal密钥可以在第一区块链节点的SGX通过远程证明后由密钥管理服务器发送。
上述实施例中提到的编译器,适用于编译型语言。即,代码在运行前,需要整体由编译器将人类可以理解的语言(编程语言)转换成机器可以理解的语言。进而,经编译后的代码由虚拟机执行,如上述EVM。编译型语言编写的应用在编译后能直接运行。编译型语言的特点是运行速度快,效率高。
此外,还存在一种解释型语言。这类解释型语言也是人类可以理解的语言(编程语言),也需要转换成机器可以理解的语言才能执行,但是是在运行时转换的。换句话说,解释型语言是直接以源代码的形式出现,运行的时候再实时解析为机器码并执行。解释型语言的程序不需要在运行前编译,在运行程序的时候才翻译,专门的解释器负责在每个语句执行的时候解释程序代码。样解释型语言每执行一次就要翻译一次,效率比 较低。例如JavaScript即属于解释型语言,这就表示每句代码只有在运行时,系统才知道这句代码是否有错。换句话说,由于编译型语言在运行前进行了编译,编译器对所有代码都进行了检查,这样就不会产生一些低级错误,例如使用了不存在的名字,或者使用了错误的名字。而JavaScript就可能会出现这些问题。
上述实施例中,可以用解释型语言代替编译型语言。即第一区块链节点接收到的可以是解释型语言编写的智能合约代码,不需要经过编译器编译。执行时,可以由解释器执行智能合约代码。解释器例如是JVM(Java Virtual Machine,Java虚拟机)这种JIT编译(Just In Time compilation)。
类似的,SGX技术中,执行所述智能合约的代码,可以将JVM加载进所述围圈中。远程证明过程中,所述密钥管理服务器可以计算本地JVM代码的hash值,并与第一区块链节点中加载的JVM代码的hash值比对,比对结果正确作为通过远程证明的一个必要条件,从而完成对第一区块链节点SGX围圈加载的代码的度量。经过度量,正确的JVM可以在SGX中执行所述智能合约代码。
以下结合图6,介绍本申请一种区块链中实现隐私保护的系统实施例。该实施例中,所述实现隐私保护的系统包括客户端601和第一区块链节点602,其中:
客户端601用于将包含智能合约的交易加密,并将加密后的所述交易发给第一区块链节点,所述智能合约的代码中包括通过隐私标识符标明的合约状态;
第一区块链节点602用于解密所述交易中的所述智能合约的代码,在可信执行环境中执行所述智能合约的代码,在将所述隐私标识符标明的合约状态写入数据库时,用密钥加密。
所述合约状态包括采用的编程语言编写的代码中的状态变量。
其中,对于高级语言形式的智能合约中包括通过第一隐私标识符标明的需要进行隐私保护的合约状态,所述字节码形式的智能合约中包括通过第二隐私标识符标明的需要进行隐私保护的合约状态;所述第一隐私标识符与第二隐私标识符相同或存在对应关系。
以下结合图7介绍本申请一种区块链中实现隐私保护的节点实施例,包括:
接收模块701,用于接收经过加密的包含智能合约的交易,所述智能合约的代码中包括通过隐私标识符标明的合约状态;
解密模块702,用于解密所述交易中的所述智能合约的代码;
执行模块703,用于在可信执行环境中执行解密的所述智能合约的代码;
写入模块704,用于在执行模块执行解密的所述智能合约的代码后,将所述隐私标识符标明的合约状态写入数据库时用密钥加密;
数据库705,用于存储写入的用密钥加密的合约状态。
其中,所述合约状态包括采用的编程语言编写的代码中的状态变量。
其中,所述高级语言形式的智能合约中包括通过第一隐私标识符标明的需要进行隐私保护的合约状态,所述字节码形式的智能合约中包括通过第二隐私标识符标明的需要进行隐私保护的合约状态;所述第一隐私标识符与第二隐私标识符相同或存在对应关系。
其中,所述对称加密的密钥包括seal密钥。
在20世纪90年代,对于一个技术的改进可以很明显地区分是硬件上的改进(例如,对二极管、晶体管、开关等电路结构的改进)还是软件上的改进(对于方法流程的改进)。然而,随着技术的发展,当今的很多方法流程的改进已经可以视为硬件电路结构的直接改进。设计人员几乎都通过将改进的方法流程编程到硬件电路中来得到相应的硬件电路结构。因此,不能说一个方法流程的改进就不能用硬件实体模块来实现。例如,可编程逻辑器件(Programmable Logic Device,PLD)(例如现场可编程门阵列(Field Programmable Gate Array,FPGA))就是这样一种集成电路,其逻辑功能由用户对器件编程来确定。由设计人员自行编程来把一个数字系统“集成”在一片PLD上,而不需要请芯片制造厂商来设计和制作专用的集成电路芯片。而且,如今,取代手工地制作集成电路芯片,这种编程也多半改用“逻辑编译器(logic compiler)”软件来实现,它与程序开发撰写时所用的软件编译器相类似,而要编译之前的原始代码也得用特定的编程语言来撰写,此称之为硬件描述语言(Hardware Description Language,HDL),而HDL也并非仅有一种,而是有许多种,如ABEL(Advanced Boolean Expression Language)、AHDL(Altera Hardware Description Language)、Confluence、CUPL(Cornell University Programming Language)、HDCal、JHDL(Java Hardware Description Language)、Lava、Lola、MyHDL、PALASM、RHDL(Ruby Hardware Description Language)等,目前最普遍使用的是VHDL(Very-High-Speed Integrated Circuit Hardware Description Language)与Verilog。本领域技术人员也应该清楚,只需要将方法流程用上述几种硬件描述语言 稍作逻辑编程并编程到集成电路中,就可以很容易得到实现该逻辑方法流程的硬件电路。
控制器可以按任何适当的方式实现,例如,控制器可以采取例如微处理器或处理器以及存储可由该(微)处理器执行的计算机可读程序代码(例如软件或固件)的计算机可读介质、逻辑门、开关、专用集成电路(Application Specific Integrated Circuit,ASIC)、可编程逻辑控制器和嵌入微控制器的形式,控制器的例子包括但不限于以下微控制器:ARC 625D、Atmel AT91SAM、Microchip PIC18F26K20以及Silicone Labs C8051F320,存储器控制器还可以被实现为存储器的控制逻辑的一部分。本领域技术人员也知道,除了以纯计算机可读程序代码方式实现控制器以外,完全可以通过将方法步骤进行逻辑编程来使得控制器以逻辑门、开关、专用集成电路、可编程逻辑控制器和嵌入微控制器等的形式来实现相同功能。因此这种控制器可以被认为是一种硬件部件,而对其内包括的用于实现各种功能的装置也可以视为硬件部件内的结构。或者甚至,可以将用于实现各种功能的装置视为既可以是实现方法的软件模块又可以是硬件部件内的结构。
上述实施例阐明的系统、装置、模块或单元,具体可以由计算机芯片或实体实现,或者由具有某种功能的产品来实现。一种典型的实现设备为计算机。具体的,计算机例如可以为个人计算机、膝上型计算机、蜂窝电话、相机电话、智能电话、个人数字助理、媒体播放器、导航设备、电子邮件设备、游戏控制台、平板计算机、可穿戴设备或者这些设备中的任何设备的组合。
为了描述的方便,描述以上装置时以功能分为各种单元分别描述。当然,在实施本申请时可以把各单元的功能在同一个或多个软件和/或硬件中实现。
本领域内的技术人员应明白,本发明的实施例可提供为方法、系统、或计算机程序产品。因此,本发明可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。
本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执 行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。
本申请可以在由计算机执行的计算机可执行指令的一般上下文中描述,例如程序模块。一般地,程序模块包括执行特定任务或实现特定抽象数据类型的例程、程序、对象、组件、数据结构等等。也可以在分布式计算环境中实践本申请,在这些分布式计算环境中,由通过通信网络而被连接的远程处理设备来执行任务。在分布式计算环境中,程序模块可以位于包括存储设备在内的本地和远程计算机存储介质中。
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。
在一个典型的配置中,计算设备包括一个或多个处理器(CPU)、输入/输出接口、网络接口和内存。
内存可能包括计算机可读介质中的非永久性存储器,随机存取存储器(RAM)和/或非易失性内存等形式,如只读存储器(ROM)或闪存(flash RAM)。内存是计算机可读介质的示例。
计算机可读介质包括永久性和非永久性、可移动和非可移动媒体可以由任何方法或技术来实现信息存储。信息可以是计算机可读指令、数据结构、程序的模块或其他数据。计算机的存储介质的例子包括,但不限于相变内存(PRAM)、静态随机存取存储器(SRAM)、动态随机存取存储器(DRAM)、其他类型的随机存取存储器(RAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、快闪记忆体或其他内存技术、只读光盘只读存储器(CD-ROM)、数字多功能光盘(DVD)或其他光学存储、磁盒式磁带,磁带磁磁盘存储或其他磁性存储设备或任何其他非传输介质,可用于存储可以被计算设备访问的信息。按照本文中的界定,计算机可读介质不包括暂存电脑可读媒体(transitory media),如调制的数据信号和载波。
还需要说明的是,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、商品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、商品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素的过程、方法、商品或者设备中还存在另外的相同要素。
尽管上述内容中的描述使用术语“第一”、“第二”等来描述各种元件,但这些元件不应受术语的限制。这些术语只是用于将一个元件与另一元件区分开。例如,第一触摸可被命名为第二触摸并且类似地第二触摸可被命名为第一触摸,而不脱离各种所述实施方案的范围。
根据上下文,术语“如果”可被解释为意指“当...时”(“when”或“upon”)或“响应于确定”或“响应于检测到”。类似地,根据上下文,短语“如果确定...”或“如果检测到[所陈述的条件或事件]”可被解释为意指“在确定...时”或“响应于确定...”或“在检测到[所陈述的条件或事件]时”或“响应于检测到[所陈述的条件或事件]”。
上述对本说明书特定实施例进行了描述。其它实施例在所附权利要求书的范围内。在一些情况下,在权利要求书中记载的动作或步骤可以按照不同于实施例中的顺序来执行并且仍然可以实现期望的结果。另外,在附图中描绘的过程不一定要求示出的特定顺序或者连续顺序才能实现期望的结果。在某些实施方式中,多任务处理和并行处理也是可以的或者可能是有利的。
本说明书中的各个实施例均采用递进的方式描述,各个实施例之间相同相似的部分互相参见即可,每个实施例重点说明的都是与其他实施例的不同之处。尤其,对于系统实施例而言,由于其基本相似于方法实施例,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。
以上所述仅为本申请的实施例而已,并不用于限制本申请。对于本领域技术人员来说,本申请可以有各种更改和变化。凡在本申请的精神和原理之内所作的任何修改、等同替换、改进等,均应包含在本申请的权利要求范围之内。
Claims (46)
- 一种区块链中实现隐私保护的方法,包括:客户端将包含智能合约的交易加密,并将加密后的所述交易发给第一区块链节点,所述智能合约的代码中包括通过隐私标识符标明的合约状态;第一区块链节点解密所述交易中的所述智能合约的代码,在可信执行环境中执行所述智能合约的代码;在将所述隐私标识符标明的合约状态写入数据库时,用密钥加密。
- 如权利要求1所述的方法,其中,第一区块链节点接收的交易中的智能合约,包括:用户在第一区块链节点上用高级语言编写的智能合约;或,用户在客户端上用高级语言编写的智能合约;或,客户端通过第二区块链节点发来的交易中的智能合约。
- 如权利要求2所述的方法,其中,对于用户在第一区块链节点上用高级语言编写的智能合约,第一区块链节点接收所述收包含智能合约的交易后,还包括:采用编译器对所述高级语言编写的智能合约进行编译,生成字节码。
- 如权利要求2所述的方法,其中,对于用户在客户端上用高级语言编写的智能合约,用户在客户端上书写智能合约后,所述客户端还采用编译器对高级语言编写的智能合约进行编译,生成字节码,进而将字节码形式的智能合约发送至第一区块链节点;相应地,所述第一区块链节点接收包含智能合约的交易,其中的智能合约为字节码形式的智能合约。
- 如权利要求2所述的方法,其中,对于用户在客户端上用高级语言编写的智能合约,用户在客户端上书写智能合约后,将高级语言编写的智能合约发送到第一区块链节点;相应地,所述第一区块链节点接收包含智能合约的交易,其中的智能合约为高级语言形式的智能合约;所述方法还包括:第一区块链节点采用编译器对所述高级语言编写的智能合约进行编译,生成字节码。
- 如权利要求2所述的方法,其中,所述客户端通过第二区块链节点发来的交易中的智能合约,包括字节码形式的智能合约或用高级语言编写的智能合约。
- 如权利要求6所述的方法,其中,对于用高级语言编写的智能合约,第一区块链节点接收所述收包含智能合约的交易后,还包括:采用编译器对所述高级语言编写的智能合约进行编译,生成字节码。
- 如权利要求3-7任一项所述的方法,其中,所述高级语言形式的智能合约中包括通过第一隐私标识符标明的需要进行隐私保护的合约状态,所述字节码形式的智能合约中包括通过第二隐私标识符标明的需要进行隐私保护的合约状态;所述第一隐私标识符与第二隐私标识符相同或存在对应关系。
- 如权利要求1所述的方法,其中,所述客户端将包含智能合约的交易加密,所述加密方式采用对称加密方式或非对称加密方式,或采用对称加密结合非对称加密的方式。
- 如权利要求9所述的方法,其中,所述客户端将包含智能合约的交易用对称加密的私钥加密,第一区块链节点用对应的对称加密的私钥解密所述交易得到所述智能合约的代码;或,所述客户端将包含智能合约的交易用非对称加密的公钥加密,第一区块链节点用对应的非对称加密的私钥解密所述交易得到所述智能合约的代码。
- 如权利要求9所述的方法,其中,所述对称加密结合非对称加密的方式,包括数字信封加密方式。
- 如权利要求11所述的方法,其中,所述客户端采用对称加密算法的私钥加密包含智能合约的交易,并用非对称加密算法的公钥加密对称加密算法中采用的私钥;相应地,第一区块链节点接收到所述加密的交易后,采用非对称加密算法的私钥进行解密得到对称加密算法的私钥,并用所述对称加密算法的私钥解密得到交易内容。
- 如权利要求10或12所述的方法,其中,所述对称加密算法的公钥,由所述客户端与第一区块链节点协商得到,或由密钥管理服务器发送得到。
- 如权利要求12所述的方法,其中,所述对称加密算法的公钥由所述客户端生成,密钥管理服务器通过远程证明将所述非对称加密算法的私钥发送至第一区块链节点的围圈,将所述非对称加密算法的公钥发送至所述客户端。
- 如权利要求1所述的方法,其中,所述智能合约包括创建和/或调用智能合约。
- 如权利要求1所述的方法,其中,所述数据库存储于持久性存储介质。
- 如权利要求16所述的方法,所述持久性存储介质包括磁盘、软盘或通电后可恢复数据从而可以持久存储的内存。
- 如权利要求1所述的方法,其中,所述密钥包括对称加密的密钥或非对称加密的密钥。
- 如权利要求18所述的方法,其中,所述对称加密的密钥包括seal密钥。
- 如权利要求18所述的方法,其中,所述seal密钥在第一区块链节点的SGX通 过远程证明后由密钥管理服务器发送。
- 一种区块链中实现隐私保护的方法,包括:第一区块链节点接收经过加密的包含智能合约的交易,所述智能合约的代码中包括通过隐私标识符标明的合约状态;第一区块链节点解密所述交易中的所述智能合约的代码;第一区块链节点在可信执行环境中执行解密的所述智能合约的代码,并在将所述隐私标识符标明的合约状态写入数据库时,用密钥加密。
- 如权利要求21所述的方法,其中,第一区块链节点接收的交易中的智能合约,包括:用户在第一区块链节点上用高级语言编写的智能合约;或,用户在客户端上用高级语言编写的智能合约;或,所述客户端通过第二区块链节点发来的交易中的智能合约。
- 如权利要求22所述的方法,其中,对于用户在第一区块链节点上用高级语言编写的智能合约,第一区块链节点接收所述收包含智能合约的交易后,还包括:采用编译器对所述高级语言编写的智能合约进行编译,生成字节码。
- 如权利要求22所述的方法,其中,对于用户在客户端上用高级语言编写的智能合约,用户在客户端上书写智能合约后,所述客户端还采用编译器对高级语言编写的智能合约进行编译,生成字节码,进而将字节码形式的智能合约发送至第一区块链节点;相应地,所述第一区块链节点接收包含智能合约的交易,其中的智能合约为字节码形式的智能合约。
- 如权利要求22所述的方法,其中,对于用户在客户端上用高级语言编写的智能合约,用户在客户端上书写智能合约后,将高级语言编写的智能合约发送到第一区块链节点;相应地,所述第一区块链节点接收包含智能合约的交易,其中的智能合约为高级语言形式的智能合约;所述方法还包括:第一区块链节点采用编译器对所述高级语言编写的智能合约进行编译,生成字节码。
- 如权利要求22所述的方法,其中,所述客户端通过第二区块链节点发来的交易中的智能合约,包括字节码形式的智能合约或用高级语言编写的智能合约。
- 如权利要求26所述的方法,其中,对于用高级语言编写的智能合约,第一区块链节点接收所述收包含智能合约的交易后,还包括:采用编译器对所述高级语言编写的智能合约进行编译,生成字节码。
- 如权利要求23-27任一项所述的方法,其中,所述高级语言形式的智能合约中包括通过第一隐私标识符标明的需要进行隐私保护的合约状态,所述字节码形式的智能合约中包括通过第二隐私标识符标明的需要进行隐私保护的合约状态;所述第一隐私标识符与第二隐私标识符相同或存在对应关系。
- 如权利要求21所述的方法,其中,第一区块链节点接收的经过加密的包含智能合约的交易,所述加密方式采用对称加密方式或非对称加密方式,或采用对称加密结合非对称加密的方式。
- 如权利要求29所述的方法,其中,对于包含智能合约的交易用对称加密的私钥加密,第一区块链节点用对应的对称加密的私钥解密所述交易得到所述智能合约的代码;或,对于包含智能合约的交易用非对称加密的公钥加密,第一区块链节点用对应的非对称加密的私钥解密所述交易得到所述智能合约的代码。
- 如权利要求29所述的方法,其中,所述对称加密结合非对称加密的方式,包括数字信封加密方式。
- 如权利要求31所述的方法,其中,对于采用对称加密算法的私钥加密包含智能合约的交易,并用非对称加密算法的公钥加密对称加密算法中采用的私钥:第一区块链节点采用非对称加密算法的私钥进行解密得到对称加密算法的私钥,并用所述对称加密算法的私钥解密得到交易内容。
- 如权利要求31或32所述的方法,其中,所述对称加密算法的公钥,由加密方与第一区块链节点协商得到,或由密钥管理服务器发送得到。
- 如权利要求32所述的方法,其中,所述对称加密算法的公钥由加密方生成,密钥管理服务器通过远程证明将所述非对称加密算法的私钥发送至第一区块链节点的围圈,将所述非对称加密算法的公钥发送至所述加密方。
- 如权利要求21所述的方法,其中,所述智能合约包括创建和/或调用智能合约。
- 如权利要求21所述的方法,其中,所述数据库存储于持久性存储介质。
- 如权利要求36所述的方法,所述持久性存储介质包括磁盘、软盘或通电后可恢复数据从而可以持久存储的内存。
- 如权利要求21所述的方法,其中,所述密钥包括对称加密的密钥或非对称加密的密钥。
- 如权利要求38所述的方法,其中,所述对称加密的密钥包括seal密钥。
- 如权利要求39所述的方法,其中,所述seal密钥在第一区块链节点的SGX通过远程证明后由密钥管理服务器发送。
- 如权利要求1或21所述的方法,其中,所述可信执行环境包括Intel SGX或AMD SEV或ARM Trustzone。
- 一种区块链中实现隐私保护的系统,包括客户端和第一区块链节点,其中:客户端用于将包含智能合约的交易加密,并将加密后的所述交易发给第一区块链节点,所述智能合约的代码中包括通过隐私标识符标明的合约状态;第一区块链节点用于解密所述交易中的所述智能合约的代码,在可信执行环境中执行所述智能合约的代码,在将所述隐私标识符标明的合约状态写入数据库时,用密钥加密。
- 如权利要求42所述的系统,其中,对于高级语言形式的智能合约中包括通过第一隐私标识符标明的需要进行隐私保护的合约状态,所述字节码形式的智能合约中包括通过第二隐私标识符标明的需要进行隐私保护的合约状态;所述第一隐私标识符与第二隐私标识符相同或存在对应关系。
- 一种区块链中实现隐私保护的节点,包括:接收模块,用于接收经过加密的包含智能合约的交易,所述智能合约的代码中包括通过隐私标识符标明的合约状态;解密模块,用于解密所述交易中的所述智能合约的代码;执行模块,用于在可信执行环境中执行解密的所述智能合约的代码;写入模块,用于在执行模块执行解密的所述智能合约的代码后,将所述隐私标识符标明的合约状态写入数据库时用密钥加密;数据库,用于存储写入的用密钥加密的合约状态。
- 如权利要求44所述的节点,其中,所述高级语言形式的智能合约中包括通过第一隐私标识符标明的需要进行隐私保护的合约状态,所述字节码形式的智能合约中包括通过第二隐私标识符标明的需要进行隐私保护的合约状态;所述第一隐私标识符与第二隐私标识符相同或存在对应关系。
- 如权利要求44所述的节点,其中,所述对称加密的密钥包括seal密钥。
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
SG11202100786YA SG11202100786YA (en) | 2018-11-30 | 2019-10-15 | Methods for implementing privacy protection in blockchain |
EP19891559.7A EP3813000A4 (en) | 2018-11-30 | 2019-10-15 | PROCEDURE FOR IMPLEMENTING DATA PROTECTION IN THE BLOCKCHAIN |
US17/160,216 US11049099B2 (en) | 2018-11-30 | 2021-01-27 | Methods for implementing privacy protection in blockchain |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811452984.1 | 2018-11-30 | ||
CN201811452984.1A CN110033368B (zh) | 2018-11-30 | 2018-11-30 | 区块链中实现隐私保护的方法 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US17/160,216 Continuation US11049099B2 (en) | 2018-11-30 | 2021-01-27 | Methods for implementing privacy protection in blockchain |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2020108138A1 true WO2020108138A1 (zh) | 2020-06-04 |
Family
ID=67235279
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2019/111304 WO2020108138A1 (zh) | 2018-11-30 | 2019-10-15 | 区块链中实现隐私保护的方法 |
Country Status (6)
Country | Link |
---|---|
US (1) | US11049099B2 (zh) |
EP (1) | EP3813000A4 (zh) |
CN (2) | CN111899102A (zh) |
SG (1) | SG11202100786YA (zh) |
TW (1) | TWI718662B (zh) |
WO (1) | WO2020108138A1 (zh) |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111931251A (zh) * | 2020-07-01 | 2020-11-13 | 陈子祺 | 一种基于区块链的可信计算芯片 |
CN112422500A (zh) * | 2020-09-25 | 2021-02-26 | 北京熠智科技有限公司 | 跨平台数据传输方法以及装置、存储介质、电子装置 |
CN112636928A (zh) * | 2020-12-29 | 2021-04-09 | 广东国腾量子科技有限公司 | 一种基于区块链的去中心化可信认证方法、存储装置及移动终端 |
CN113269636A (zh) * | 2020-12-28 | 2021-08-17 | 上海能链众合科技有限公司 | 一种面向区块链的嵌套交易方法 |
CN113327109A (zh) * | 2021-06-15 | 2021-08-31 | 重庆电子工程职业学院 | 一种区块链智能合约构建方法 |
EP3961375A1 (en) * | 2020-08-31 | 2022-03-02 | Alipay (Hangzhou) Information Technology Co., Ltd. | Improving smart contracts execution |
EP3961376A1 (en) * | 2020-08-31 | 2022-03-02 | Alipay (Hangzhou) Information Technology Co., Ltd. | Improving smart contracts execution with just-in-time compilation |
EP3961974A1 (en) * | 2020-08-28 | 2022-03-02 | Alipay (Hangzhou) Information Technology Co., Ltd. | Block content editing methods and apparatuses |
CN114172667A (zh) * | 2021-06-15 | 2022-03-11 | 支付宝(杭州)信息技术有限公司 | 基于合约的隐私存证方法及装置 |
CN114358764A (zh) * | 2021-11-15 | 2022-04-15 | 深圳众联数字科技有限公司 | 基于区块链中智能合约的隐私计算方法及相关设备 |
US12095926B2 (en) | 2022-03-25 | 2024-09-17 | Micro Focus Llc | Retroactively adding encryption and/or authentication levels to a blockchain |
Families Citing this family (36)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111899102A (zh) * | 2018-11-30 | 2020-11-06 | 创新先进技术有限公司 | 区块链中实现隐私保护的方法 |
CN110298643A (zh) * | 2019-08-22 | 2019-10-01 | 深圳市先河系统技术有限公司 | 基于区块链的手续费分配方法、装置及存储介质 |
CN110766550B (zh) * | 2019-09-05 | 2021-06-22 | 创新先进技术有限公司 | 基于区块链的资产查询方法及装置、电子设备 |
CN111125741B (zh) * | 2019-12-31 | 2022-07-01 | 广东卓启投资有限责任公司 | 一种基于区块链零知识验证方法 |
CN111277415B (zh) * | 2020-01-20 | 2023-12-19 | 布比(北京)网络技术有限公司 | 基于区块链智能合约的隐私保护方法及装置 |
CN111090888B (zh) * | 2020-03-18 | 2020-07-07 | 支付宝(杭州)信息技术有限公司 | 验证合约的方法及装置 |
CN111047450A (zh) * | 2020-03-18 | 2020-04-21 | 支付宝(杭州)信息技术有限公司 | 链上数据的链下隐私计算方法及装置 |
CN111427663A (zh) * | 2020-03-24 | 2020-07-17 | 杭州溪塔科技有限公司 | 一种基于智能合约的虚拟机系统及其操作方法 |
CN111683071B (zh) * | 2020-05-29 | 2023-02-28 | 百度在线网络技术(北京)有限公司 | 区块链的隐私数据处理方法、装置、设备以及存储介质 |
CN111815330A (zh) * | 2020-08-31 | 2020-10-23 | 支付宝(杭州)信息技术有限公司 | 一种部署智能合约的方法、区块链节点和存储介质 |
CN111768183B (zh) * | 2020-08-31 | 2024-04-19 | 支付宝(杭州)信息技术有限公司 | 一种执行智能合约的方法、区块链节点和存储介质 |
CN111815310B (zh) * | 2020-08-31 | 2021-08-17 | 支付宝(杭州)信息技术有限公司 | 一种执行智能合约的方法、区块链节点和存储介质 |
CN112866392B (zh) * | 2020-08-31 | 2023-06-30 | 支付宝(杭州)信息技术有限公司 | 一种执行智能合约的方法、区块链节点、系统和存储介质 |
CN112866412B (zh) | 2020-08-31 | 2023-06-30 | 支付宝(杭州)信息技术有限公司 | 一种部署智能合约的方法、区块链节点和存储介质 |
CN111768184A (zh) | 2020-08-31 | 2020-10-13 | 支付宝(杭州)信息技术有限公司 | 一种执行智能合约的方法及区块链节点 |
CN111770202B (zh) | 2020-08-31 | 2021-10-29 | 支付宝(杭州)信息技术有限公司 | 一种执行智能合约的方法、区块链节点和存储介质 |
CN111768187A (zh) * | 2020-08-31 | 2020-10-13 | 支付宝(杭州)信息技术有限公司 | 一种部署智能合约的方法、区块链节点和存储介质 |
CN111770204B (zh) | 2020-08-31 | 2021-10-22 | 支付宝(杭州)信息技术有限公司 | 一种执行智能合约的方法、区块链节点和存储介质 |
CN112287392B (zh) * | 2020-11-23 | 2023-06-02 | 广东科学技术职业学院 | 一种具备保护隐私信息的智能合约实现方法及系统 |
CN113726733B (zh) * | 2021-07-19 | 2022-07-22 | 东南大学 | 一种基于可信执行环境的加密智能合约隐私保护方法 |
CN113660226B (zh) * | 2021-07-30 | 2024-05-28 | 国网天津市电力公司 | 一种基于区块链的能源数据可信共享系统和方法 |
CN113642041A (zh) * | 2021-08-14 | 2021-11-12 | 深圳众享互联科技有限公司 | 一种实现合约隐私的数据处理与存储方法 |
CN113778564B (zh) * | 2021-09-03 | 2023-05-30 | 杭州复杂美科技有限公司 | 一种高效执行evm智能合约的方法、设备及储存介质 |
CN113852469B (zh) * | 2021-09-24 | 2024-03-22 | 成都质数斯达克科技有限公司 | 区块链节点间数据传输方法、装置、设备及可读存储介质 |
CN113742782B (zh) * | 2021-11-04 | 2022-02-08 | 中国信息通信研究院 | 基于隐私保护的区块链访问权限控制方法和区块链系统 |
CN114493587A (zh) * | 2021-12-20 | 2022-05-13 | 福建师范大学 | 一种高性能的隐私保护的智能合约的实现方法 |
CN115941230A (zh) * | 2022-01-11 | 2023-04-07 | 浪潮云信息技术股份公司 | 一种基于区块链保护隐私的监管方法及系统 |
US20230315880A1 (en) * | 2022-03-28 | 2023-10-05 | International Business Machines Corporation | Using smart contracts to manage hyper protect database as a service |
CN114912145B (zh) * | 2022-05-16 | 2024-08-16 | 清华大学深圳国际研究生院 | 一种智能合约机密执行方法及系统 |
CN115001715B (zh) * | 2022-08-02 | 2022-10-21 | 药融云数字科技(成都)有限公司 | 基于区块链的加密智能合约检测方法及终端 |
CN115396115B (zh) * | 2022-08-22 | 2024-02-09 | 国网浙江省电力有限公司物资分公司 | 区块链数据隐私保护方法、装置、设备及可读存储介质 |
CN115549906B (zh) * | 2022-11-24 | 2023-04-11 | 富算科技(上海)有限公司 | 基于区块链的隐私计算方法、系统、设备和介质 |
CN116522374A (zh) * | 2022-12-14 | 2023-08-01 | 南京迈特望科技股份有限公司 | 一种保护智慧养老设备数据隐私的方法、系统、电子设备和存储介质 |
CN116112185B (zh) * | 2023-02-10 | 2024-11-08 | 北京邮电大学 | 一种基于区块链和零知识证明的隐私数据分享方法 |
CN117194359A (zh) * | 2023-11-07 | 2023-12-08 | 国网信息通信产业集团有限公司 | 一种支持隐私保护的数据共享方法、装置、设备及介质 |
CN118353605B (zh) * | 2024-06-14 | 2024-08-20 | 长江三峡集团实业发展(北京)有限公司 | 分布式匿名认证方法、装置、系统及存储介质 |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104506710A (zh) * | 2014-11-24 | 2015-04-08 | 小米科技有限责任公司 | 短信息管理方法、终端及装置 |
US20150379510A1 (en) * | 2012-07-10 | 2015-12-31 | Stanley Benjamin Smith | Method and system to use a block chain infrastructure and Smart Contracts to monetize data transactions involving changes to data included into a data supply chain. |
CN106874781A (zh) * | 2015-12-11 | 2017-06-20 | 阿里巴巴集团控股有限公司 | 一种数据表加密方法及服务器 |
CN107911216A (zh) * | 2017-10-26 | 2018-04-13 | 矩阵元技术(深圳)有限公司 | 一种区块链交易隐私保护方法及系统 |
CN108776936A (zh) * | 2018-06-05 | 2018-11-09 | 中国平安人寿保险股份有限公司 | 保险理赔方法、装置、计算机设备和存储介质 |
CN108830716A (zh) * | 2018-05-31 | 2018-11-16 | 上海万向区块链股份公司 | 基于区块链和加密处理的保护用户隐私的交易系统 |
CN110033368A (zh) * | 2018-11-30 | 2019-07-19 | 阿里巴巴集团控股有限公司 | 区块链中实现隐私保护的方法 |
CN110032883A (zh) * | 2019-01-31 | 2019-07-19 | 阿里巴巴集团控股有限公司 | 区块链中实现隐私保护的方法、系统和节点 |
Family Cites Families (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9818092B2 (en) * | 2014-06-04 | 2017-11-14 | Antti Pennanen | System and method for executing financial transactions |
US10147087B2 (en) * | 2015-03-06 | 2018-12-04 | Mastercard International Incorporated | Primary account number (PAN) length issuer identifier in payment account number data field of a transaction authorization request message |
US9992028B2 (en) * | 2015-11-26 | 2018-06-05 | International Business Machines Corporation | System, method, and computer program product for privacy-preserving transaction validation mechanisms for smart contracts that are included in a ledger |
CN105592098B (zh) * | 2016-01-16 | 2018-09-14 | 杭州复杂美科技有限公司 | 区块链上的投票及ca证书的管理方法 |
US10046228B2 (en) * | 2016-05-02 | 2018-08-14 | Bao Tran | Smart device |
US10447478B2 (en) * | 2016-06-06 | 2019-10-15 | Microsoft Technology Licensing, Llc | Cryptographic applications for a blockchain system |
CN107809316A (zh) * | 2016-09-08 | 2018-03-16 | 李立中 | 金融供应链区块链方法、系统及装置 |
US20180268386A1 (en) * | 2016-09-13 | 2018-09-20 | C. Jay Wack | Identity Management Distributed Ledger and Blockchain |
CN106559211B (zh) * | 2016-11-22 | 2019-12-13 | 中国电子科技集团公司第三十研究所 | 一种区块链中隐私保护智能合约方法 |
CN106980794B (zh) | 2017-04-01 | 2020-03-17 | 北京元心科技有限公司 | 基于TrustZone的文件加解密方法、装置及终端设备 |
US10102265B1 (en) * | 2017-04-12 | 2018-10-16 | Vijay K. Madisetti | Method and system for tuning blockchain scalability for fast and low-cost payment and transaction processing |
CN107172074B (zh) * | 2017-06-26 | 2020-06-19 | 联动优势科技有限公司 | 一种信息发送方法、处理方法及装置 |
CN107342858B (zh) * | 2017-07-05 | 2019-09-10 | 武汉凤链科技有限公司 | 一种基于可信环境的智能合约保护方法和系统 |
CN107528835B (zh) * | 2017-08-10 | 2020-10-02 | 北方工业大学 | 一种基于安全的智能合约k-匿名激励机制的用户隐私保护方法 |
US10819684B2 (en) * | 2017-11-24 | 2020-10-27 | International Business Machines Corporation | Cognitive blockchain for internet of things |
CN108418689B (zh) * | 2017-11-30 | 2020-07-10 | 矩阵元技术(深圳)有限公司 | 一种适合区块链隐私保护的零知识证明方法和介质 |
CN108235772B (zh) * | 2017-12-29 | 2021-04-09 | 达闼机器人有限公司 | 基于区块链的数据处理方法、装置、存储介质及电子设备 |
CN108200079A (zh) * | 2018-01-19 | 2018-06-22 | 深圳四方精创资讯股份有限公司 | 基于对称和非对称混合加密的区块链隐私保护方法及装置 |
CN108389046B (zh) * | 2018-02-07 | 2020-08-28 | 西安交通大学 | 一种电子商务中基于区块链技术的隐私保护交易方法 |
CN108650647A (zh) * | 2018-04-27 | 2018-10-12 | 深圳市元征科技股份有限公司 | 一种无线网络资源共享方法以及无线网络资源共享装置 |
CN108848058A (zh) * | 2018-05-07 | 2018-11-20 | 众安信息技术服务有限公司 | 智能合约处理方法及区块链系统 |
US11296895B2 (en) * | 2018-09-12 | 2022-04-05 | Bitclave Pte. Ltd. | Systems and methods for preserving privacy and incentivizing third-party data sharing |
-
2018
- 2018-11-30 CN CN202010752752.9A patent/CN111899102A/zh active Pending
- 2018-11-30 CN CN201811452984.1A patent/CN110033368B/zh active Active
-
2019
- 2019-09-11 TW TW108132762A patent/TWI718662B/zh active
- 2019-10-15 WO PCT/CN2019/111304 patent/WO2020108138A1/zh unknown
- 2019-10-15 SG SG11202100786YA patent/SG11202100786YA/en unknown
- 2019-10-15 EP EP19891559.7A patent/EP3813000A4/en active Pending
-
2021
- 2021-01-27 US US17/160,216 patent/US11049099B2/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150379510A1 (en) * | 2012-07-10 | 2015-12-31 | Stanley Benjamin Smith | Method and system to use a block chain infrastructure and Smart Contracts to monetize data transactions involving changes to data included into a data supply chain. |
CN104506710A (zh) * | 2014-11-24 | 2015-04-08 | 小米科技有限责任公司 | 短信息管理方法、终端及装置 |
CN106874781A (zh) * | 2015-12-11 | 2017-06-20 | 阿里巴巴集团控股有限公司 | 一种数据表加密方法及服务器 |
CN107911216A (zh) * | 2017-10-26 | 2018-04-13 | 矩阵元技术(深圳)有限公司 | 一种区块链交易隐私保护方法及系统 |
CN108830716A (zh) * | 2018-05-31 | 2018-11-16 | 上海万向区块链股份公司 | 基于区块链和加密处理的保护用户隐私的交易系统 |
CN108776936A (zh) * | 2018-06-05 | 2018-11-09 | 中国平安人寿保险股份有限公司 | 保险理赔方法、装置、计算机设备和存储介质 |
CN110033368A (zh) * | 2018-11-30 | 2019-07-19 | 阿里巴巴集团控股有限公司 | 区块链中实现隐私保护的方法 |
CN110032883A (zh) * | 2019-01-31 | 2019-07-19 | 阿里巴巴集团控股有限公司 | 区块链中实现隐私保护的方法、系统和节点 |
Non-Patent Citations (1)
Title |
---|
See also references of EP3813000A4 * |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111931251B (zh) * | 2020-07-01 | 2024-01-12 | 陈子祺 | 一种基于区块链的可信计算芯片 |
CN111931251A (zh) * | 2020-07-01 | 2020-11-13 | 陈子祺 | 一种基于区块链的可信计算芯片 |
EP3961974A1 (en) * | 2020-08-28 | 2022-03-02 | Alipay (Hangzhou) Information Technology Co., Ltd. | Block content editing methods and apparatuses |
US11366677B2 (en) | 2020-08-31 | 2022-06-21 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods, blockchain nodes, and node devices for executing smart contract |
EP3961375A1 (en) * | 2020-08-31 | 2022-03-02 | Alipay (Hangzhou) Information Technology Co., Ltd. | Improving smart contracts execution |
EP3961376A1 (en) * | 2020-08-31 | 2022-03-02 | Alipay (Hangzhou) Information Technology Co., Ltd. | Improving smart contracts execution with just-in-time compilation |
CN112422500A (zh) * | 2020-09-25 | 2021-02-26 | 北京熠智科技有限公司 | 跨平台数据传输方法以及装置、存储介质、电子装置 |
CN113269636A (zh) * | 2020-12-28 | 2021-08-17 | 上海能链众合科技有限公司 | 一种面向区块链的嵌套交易方法 |
CN112636928B (zh) * | 2020-12-29 | 2023-01-17 | 广东国腾量子科技有限公司 | 一种基于区块链的去中心化可信认证方法、存储装置及移动终端 |
CN112636928A (zh) * | 2020-12-29 | 2021-04-09 | 广东国腾量子科技有限公司 | 一种基于区块链的去中心化可信认证方法、存储装置及移动终端 |
CN114172667A (zh) * | 2021-06-15 | 2022-03-11 | 支付宝(杭州)信息技术有限公司 | 基于合约的隐私存证方法及装置 |
CN113327109A (zh) * | 2021-06-15 | 2021-08-31 | 重庆电子工程职业学院 | 一种区块链智能合约构建方法 |
CN114358764A (zh) * | 2021-11-15 | 2022-04-15 | 深圳众联数字科技有限公司 | 基于区块链中智能合约的隐私计算方法及相关设备 |
US12095926B2 (en) | 2022-03-25 | 2024-09-17 | Micro Focus Llc | Retroactively adding encryption and/or authentication levels to a blockchain |
Also Published As
Publication number | Publication date |
---|---|
EP3813000A1 (en) | 2021-04-28 |
TWI718662B (zh) | 2021-02-11 |
CN111899102A (zh) | 2020-11-06 |
TW202023235A (zh) | 2020-06-16 |
EP3813000A4 (en) | 2021-09-29 |
CN110033368B (zh) | 2020-07-07 |
CN110033368A (zh) | 2019-07-19 |
SG11202100786YA (en) | 2021-03-30 |
US20210150524A1 (en) | 2021-05-20 |
US11049099B2 (en) | 2021-06-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2020108138A1 (zh) | 区块链中实现隐私保护的方法 | |
CN110032883B (zh) | 区块链中实现隐私保护的方法、系统和节点 | |
CN111614464B (zh) | 区块链中安全更新密钥的方法及节点、存储介质 | |
CN110020855B (zh) | 区块链中实现隐私保护的方法、节点、存储介质 | |
WO2020233616A1 (zh) | 结合代码标注与交易、用户类型的收据存储方法和节点 | |
CN110020856B (zh) | 区块链中实现混合交易的方法、节点和存储介质 | |
CN110266644B (zh) | 结合代码标注与交易类型的收据存储方法和节点 | |
CN110032876B (zh) | 区块链中实现隐私保护的方法、节点和存储介质 | |
WO2020233637A1 (zh) | 结合代码标注与用户类型的收据存储方法和节点 | |
CN110245944B (zh) | 基于用户类型的收据存储方法和节点 | |
CN110033266B (zh) | 区块链中实现隐私保护的方法、节点和存储介质 | |
WO2020233615A1 (zh) | 结合用户类型与事件函数类型的收据存储方法和节点 | |
WO2020233609A1 (zh) | 结合代码标注与用户类型的有条件的收据存储方法和节点 | |
WO2020233640A1 (zh) | 结合代码标注与判断条件的收据存储方法和节点 | |
WO2020233350A1 (zh) | 基于明文日志的收据存储方法、节点和系统 | |
WO2020233613A1 (zh) | 结合代码标注与交易类型的有条件的收据存储方法和节点 | |
WO2020233625A1 (zh) | 结合用户类型和判断条件的收据存储方法和节点 | |
WO2020233626A1 (zh) | 结合交易与用户类型的条件限制的收据存储方法和节点 | |
CN110008715B (zh) | 区块链中实现隐私保护的方法及节点、存储介质 | |
CN110263543B (zh) | 基于代码标注的对象级收据存储方法和节点 | |
WO2020233628A1 (zh) | 结合事件函数类型和判断条件的收据存储方法和节点 | |
CN110008737B (zh) | 区块链中实现隐私保护的方法、节点和存储介质 | |
WO2020233624A1 (zh) | 结合交易类型和事件函数类型的收据存储方法和节点 | |
WO2020233619A1 (zh) | 结合用户类型与交易类型的收据存储方法和节点 | |
CN110264194B (zh) | 基于事件函数类型的收据存储方法和节点 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 19891559 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2019891559 Country of ref document: EP Effective date: 20210125 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |