CN120337303A - Transaction processing method and related methods, devices, storage media and equipment - Google Patents
Transaction processing method and related methods, devices, storage media and equipmentInfo
- Publication number
- CN120337303A CN120337303A CN202410064390.2A CN202410064390A CN120337303A CN 120337303 A CN120337303 A CN 120337303A CN 202410064390 A CN202410064390 A CN 202410064390A CN 120337303 A CN120337303 A CN 120337303A
- Authority
- CN
- China
- Prior art keywords
- transaction
- registration
- data structure
- verification
- signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
本申请实施例公开一种事务处理方法及相关方法、装置、存储介质及设备。通过接收客户端发送的事务请求,并根据事务请求对应的通讯地址返回生成的验证信息;接收客户端根据验证信息生成的事务数据结构,事务数据结构包括事务签名、加密验证信息和对象签名;根据对象签名和事务签名对事务数据结构进行数字签名的第一验证,根据加密验证信息对事务数据结构进行验证信息的第二验证,得到目标验证结果;当目标验证结果指示通过时,将事务数据结构广播至同一区块链的其他节点中进行广播验证,得到广播验证结果;当广播验证结果指示通过时,执行事务数据结构中对应的事务。以此,通过数字签名验证和验证信息的双重验证机制,提升事务处理的安全性。
The embodiments of the present application disclose a transaction processing method and related methods, devices, storage media and equipment. By receiving a transaction request sent by a client, and returning the generated verification information according to the communication address corresponding to the transaction request; receiving a transaction data structure generated by the client according to the verification information, the transaction data structure includes a transaction signature, encrypted verification information and an object signature; performing a first verification of the digital signature of the transaction data structure according to the object signature and the transaction signature, and performing a second verification of the verification information of the transaction data structure according to the encrypted verification information to obtain a target verification result; when the target verification result indicates a pass, broadcasting the transaction data structure to other nodes in the same blockchain for broadcast verification to obtain a broadcast verification result; when the broadcast verification result indicates a pass, executing the corresponding transaction in the transaction data structure. In this way, the security of transaction processing is improved through the dual verification mechanism of digital signature verification and verification information.
Description
Technical Field
The present application relates to the field of blockchain technologies, and in particular, to a transaction processing method, and related method, apparatus, storage medium, and device.
Background
With the development of the blockchain technology, more transaction processing systems based on the blockchain technology are presented at present, and the objects can realize operations such as virtual resource transfer, resource interchange and the like based on the transaction processing systems.
In the related art, when an object needs to perform a transaction processing through a transaction processing system, a private key corresponding to an account needs to be input, and the transaction to be processed is authorized through the private key, for example, when virtual resource transfer is performed, the virtual resource transfer can be realized in a blockchain after the object needs to input the private key for authorization.
However, in the related art, once the private key of the object is leaked or stolen, the pirate can transfer the virtual resource of the object according to the account and the private key of the object, which causes the virtual resource loss of the object. Accordingly, there is an unsafe problem in the related art in the course of the transaction.
Disclosure of Invention
The embodiment of the application provides a transaction processing method, a transaction processing device, a transaction processing storage medium and transaction processing equipment. The security in the transaction process can be improved.
In a first aspect, an embodiment of the present application provides a transaction processing method, including:
receiving a transaction request sent by a client, and returning generated verification information according to a communication address corresponding to the transaction request;
Receiving a transaction data structure generated by a client according to verification information, wherein the transaction data structure comprises a transaction signature generated by encrypting transaction-related data, encrypted verification information generated by encrypting the verification information, and an object signature generated by encrypting the transaction-related data, the transaction signature and the encrypted verification information;
Performing first verification of digital signature on the transaction data structure according to the object signature and the transaction signature, and performing second verification of verification information on the transaction data structure according to the encryption verification information to obtain a target verification result;
when the target verification result indicates that the target verification result passes, broadcasting the transaction data structure to other nodes of the same block chain for broadcast verification, and obtaining a broadcast verification result;
When the broadcast validation result indicates pass, a corresponding transaction in the transaction data structure is executed.
In a second aspect, an embodiment of the present application provides a transaction request method, including:
generating a transaction request according to the transaction input by the object, and sending the transaction request to the target node, wherein the transaction request comprises a target account address of the object;
receiving verification information which is generated by the target node according to the transaction request and returned by the communication address associated with the target account address, and encrypting the verification information according to the node public key of the target node to generate encrypted verification information;
Generating transaction-related data based on the target account address and the transaction, and encrypting the transaction-related data through an object private key of the object to generate a transaction signature;
Encrypting the transaction associated data, the transaction signature and the encryption verification information according to the object private key to generate an object signature;
generating a transaction data structure according to the transaction association data, the transaction signature, the encryption verification information and the object signature, and transmitting the transaction data structure to the target node.
In a third aspect, an embodiment of the present application provides a transaction processing apparatus, including:
The first receiving module is used for receiving a transaction request sent by the client and returning generated verification information according to a communication address corresponding to the transaction request;
The second receiving module is used for receiving a transaction data structure generated by the client according to the verification information, wherein the transaction data structure comprises a transaction signature generated by encrypting the transaction associated data, encrypted verification information generated by encrypting the verification information, and an object signature generated by encrypting the transaction associated data, the transaction signature and the encrypted verification information;
the verification module is used for carrying out first verification of the digital signature on the transaction data structure according to the object signature and the transaction signature, and carrying out second verification of the verification information on the transaction data structure according to the encryption verification information, so as to obtain a target verification result;
the broadcasting module is used for broadcasting the transaction data structure to other nodes of the same block chain for broadcasting verification when the target verification result indicates that the target verification result passes, so as to obtain a broadcasting verification result;
And the execution module is used for executing the corresponding transaction in the transaction data structure when the broadcast verification result indicates that the broadcast verification result passes.
In some embodiments, the transaction data structure is comprised of a sub-transaction data structure and an object signature, the sub-transaction data structure including transaction-related data, a transaction signature, and encryption validation information, the validation module comprising:
The first determining submodule is used for determining an object public key corresponding to the transaction data structure;
The first verification sub-module is used for verifying the object signature according to the object public key to obtain a first target verification result, and the first target verification result is used for verifying the integrity of the sub-transaction data structure;
the second verification sub-module is used for verifying the transaction signature according to the object public key to obtain a second target verification result, and the second target verification result is used for verifying the integrity of the transaction associated data;
the first decryption sub-module is used for decrypting the encrypted verification information to obtain decryption verification information when the first target verification result and the second target verification result indicate that the first target verification result and the second target verification result pass;
And the third verification sub-module is used for verifying the decryption verification information according to the verification information to obtain a target verification result.
In some embodiments, the first decryption sub-module is further configured to:
when the first target verification result and the second target verification result both indicate that the first target verification result and the second target verification result pass, determining a node private key corresponding to the current node;
and decrypting the encrypted verification information according to the node private key to obtain decrypted verification information, wherein the encrypted verification information is generated by the client according to the node public key of the current node.
In some embodiments, a broadcast module includes:
the first signature sub-module is used for encrypting the sub-transaction data structure according to the node private key of the current node to generate a node signature;
the first generation sub-module is used for replacing the node signature with the object signature in the transaction data structure to obtain a target transaction data structure;
And the first broadcasting sub-module is used for broadcasting the target transaction data structure to other nodes of the same block chain for broadcasting verification, and obtaining a broadcasting verification result.
In some embodiments, the first broadcast sub-module is further configured to:
Broadcasting the target transaction data structure to other nodes of the same blockchain, so that the other nodes determine node signatures, transaction signatures, object public keys and node public keys corresponding to the target transaction data structure, verify the node signatures according to the node public keys to obtain a third target verification result, verify the transaction signatures according to the object public keys to obtain a fourth target verification result, and obtain a broadcast verification result based on the third target verification result and the fourth target verification result;
The third target verification result is used for verifying the authenticity of the node corresponding to the target transaction data structure, and the fourth target verification result is used for verifying the integrity of the transaction-associated data.
In some embodiments, before broadcasting the transaction data structure to other nodes of the same blockchain for broadcast verification, the broadcasting module is further configured to:
acquiring the duration time calculated from the generation of verification information;
and when the duration does not exceed the preset duration, broadcasting the transaction data structure to other nodes of the same block chain for broadcast verification, and obtaining a broadcast verification result.
In some embodiments, the first receiving module is further configured to:
generating verification information according to the transaction request, and determining a target account address carried in the transaction request;
And inquiring a communication address associated with the target account address in an account book of the blockchain, and returning verification information through the communication address.
In some embodiments, the transaction device further comprises a third receiving module, a first authentication module, a second authentication module, and a registration module, wherein:
The third receiving module is used for receiving the transaction request sent by the client, receiving a registration data structure sent by the client before returning the generated verification information according to the communication address corresponding to the transaction request, wherein the registration data structure comprises a registration transaction signature generated by encrypting the registration association data, an encrypted communication address generated by encrypting the communication address, and a registration object signature generated by encrypting the registration association data, the registration transaction signature and the encrypted communication address;
The first verification module is used for verifying the digital signature of the registration data structure according to the registration object signature and the registration transaction signature, and verifying the communication address of the registration data structure according to the encrypted communication address to obtain a registration verification result;
The second verification module is used for broadcasting the registration data structure to other nodes for registration verification when the registration verification result indicates that the registration verification result passes, so as to obtain a target registration verification result;
and the registration module is used for realizing the registration of the corresponding target account address and communication address in the registration data structure when the target registration verification result indicates that the target account address and communication address pass.
In some embodiments, the first authentication module is further to:
before verifying the digital signature of the registration data structure according to the registration object signature and the registration transaction signature and verifying the communication address of the registration data structure according to the encrypted communication address to obtain a registration verification result, determining a target field in registration associated data, wherein the target field at least comprises a field corresponding to the account address;
and determining whether the target field is empty, and when the target field is empty, verifying the digital signature of the registration data structure according to the registration object signature and the registration transaction signature, and verifying the communication address of the registration data structure according to the encrypted communication address to obtain a registration verification result.
In some embodiments, the registration data structure is comprised of a sub-registration data structure and a registration object signature, the sub-registration data structure including registration association data, a registration transaction signature, and an encrypted communication address, the first authentication module further comprising:
The second determining submodule is used for determining an object public key corresponding to the registration data structure;
The first registration verification sub-module is used for verifying the registration object signature according to the object public key to obtain a first registration verification result, and the first registration verification result is used for verifying the integrity of the sub-registration data structure;
the second registration verification sub-module verifies the registration transaction signature according to the object public key to obtain a second registration verification result, and the second registration verification result is used for verifying the integrity of registration associated data;
The second decryption sub-module is used for decrypting the encrypted communication address through the node private key of the current node when the first registration verification result and the second registration verification result indicate that the first registration verification result and the second registration verification result pass, and obtaining a decrypted communication address;
and the third registration verification sub-module is used for carrying out authenticity verification on the decrypted communication address to obtain a registration verification result.
In some embodiments, the second authentication module further comprises:
the second signature sub-module is used for encrypting the sub-registration data structure according to the node private key of the current node to generate a registration node signature;
The second generation sub-module is used for replacing the registration object signature in the registration data structure with the registration node signature to obtain a target registration data structure;
And the second broadcasting sub-module is used for broadcasting the target registration data structure to other nodes for registration verification to obtain a target registration verification result.
In some embodiments, the registration module is further to:
The object public key, the encrypted communication address and the character strings corresponding to the node public key of the current node are spliced in sequence to obtain an associated address corresponding to the target account address;
and writing the associated address into an account book corresponding to the blockchain.
In a fourth aspect, an embodiment of the present application provides a transaction request device, including:
the sending module is used for generating a transaction request according to the transaction input by the object and sending the transaction request to the target node, wherein the transaction request comprises a target account address of the object;
The encryption module is used for receiving verification information which is generated by the target node according to the transaction request and returned by the communication address associated with the target account address, and encrypting the verification information according to the node public key of the target node to generate encrypted verification information;
The first signature module is used for generating transaction-related data based on the target account address and the transaction, and encrypting the transaction-related data through an object private key of the object to generate a transaction signature;
The second signature module is used for encrypting the transaction associated data, the transaction signature and the encryption verification information according to the object private key to generate an object signature;
And the generation module is used for generating a transaction data structure according to the transaction associated data, the transaction signature, the encryption verification information and the object signature and sending the transaction data structure to the target node.
In some embodiments, the transaction request device further comprises:
The registration request module is used for generating a transaction request according to the transaction input by the object, generating registration associated data before sending the transaction request to the target node, and encrypting the registration associated data according to the object private key of the object to generate a registration transaction signature;
The communication encryption module is used for encrypting the communication address of the object according to the node public key of the target node to obtain an encrypted communication address;
the registration object signature module is used for encrypting the registration associated data, the registration transaction signature and the encrypted communication address according to the object private key to generate a registration object signature;
the registration data generation module is used for generating a registration data structure according to the registration association data, the registration transaction signature, the encrypted communication address and the registration object signature;
And the registration data sending module is used for sending the registration data structure to the target node so as to request registration of the corresponding target account address and communication address in the registration data structure.
In a fifth aspect, embodiments of the present application provide a computer readable storage medium storing a plurality of instructions adapted to be loaded by a processor to perform a transaction method provided by embodiments of the present application or a transaction request method provided by embodiments of the present application.
In a sixth aspect, an embodiment of the present application provides a computer device, including a memory, a processor, and a computer program stored in the memory and capable of running on the processor, where the processor implements a transaction processing method provided by an embodiment of the present application or a transaction request method provided by an embodiment of the present application when the processor executes the computer program.
In a seventh aspect, an embodiment of the present application provides a computer program product, including a computer program or an instruction, where the computer program or the instruction implement, when executed by a processor, a transaction processing method provided by an embodiment of the present application or a transaction request method provided by an embodiment of the present application.
The embodiment of the application comprises the steps of receiving a transaction request sent by a client and returning generated verification information according to a communication address corresponding to the transaction request, receiving a transaction data structure generated by the client according to the verification information, wherein the transaction data structure comprises a transaction signature generated by encrypting transaction associated data, encrypted verification information generated by encrypting the verification information, and an object signature generated by encrypting the transaction associated data, the transaction signature and the encrypted verification information, performing first verification of a digital signature on the transaction data structure according to the object signature and the transaction signature, and performing second verification of the verification information on the transaction data structure according to the encrypted verification information, so as to obtain a target verification result, broadcasting the transaction data structure to other nodes of the same blockchain for broadcast verification when the target verification result indicates that the target verification result passes, and executing corresponding transactions in the transaction data structure when the broadcast verification result indicates that the target verification result passes. In the embodiment of the application, the current node can return generated verification information according to the communication address corresponding to the transaction request, then receive the transaction data structure returned by the client according to the verification information, carry out digital signature verification on the transaction data structure through the object signature and the transaction signature in the transaction data structure, carry out verification information verification on the encrypted verification information in the transaction data structure after the digital signature verification is passed, confirm that the transaction data structure is generated by the operation of the object itself after the verification information is passed, and finally execute the transaction corresponding to the transaction data structure, thereby ensuring that the transaction data structure is authorized and complete by the object legal through the double verification of the digital signature verification and the verification information verification, and further ensuring the security in the transaction processing process.
Additional features and advantages of the application will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the application. The objectives and other advantages of the application will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1A is a schematic diagram of a data sharing system according to an embodiment of the present application;
FIG. 1B is a schematic diagram of a block chain architecture according to an embodiment of the present application;
FIG. 1C is a diagram illustrating a new block generation process in a blockchain according to an embodiment of the present application;
FIG. 2 is a schematic diagram of a transaction in a blockchain provided by an embodiment of the present application;
FIG. 3 is a general flow diagram of a transaction method according to an embodiment of the present application;
FIG. 4 is a schematic diagram of a transaction data structure provided by an embodiment of the present application;
FIG. 5 is a schematic flow chart of determining a target verification result according to an embodiment of the present application;
fig. 6 is a schematic flow chart of determining a broadcast verification result according to an embodiment of the present application;
FIG. 7 is a schematic diagram of a target transaction data structure provided by an embodiment of the present application;
FIG. 8 is a flow chart illustrating verification of a target transaction data structure provided by an embodiment of the present application;
FIG. 9 is a schematic flow diagram of a transaction provided by an embodiment of the present application;
FIG. 10 is an interactive schematic diagram of a transaction provided by an embodiment of the present application;
FIG. 11 is a registration flow diagram during a transaction provided by an embodiment of the present application;
FIG. 12 is a schematic diagram of a registration data structure provided by an embodiment of the present application;
FIG. 13 is a schematic flow chart of verification of a registration data structure according to an embodiment of the present application;
FIG. 14 is a schematic diagram of a destination entry data structure provided by an embodiment of the present application;
FIG. 15 is a flow chart of a registration process provided by an embodiment of the present application;
FIG. 16 is an interactive schematic diagram of a registration process provided by an embodiment of the present application;
FIG. 17 is another flow chart of a transaction method according to an embodiment of the present application;
FIG. 18 is a general flow diagram of a transaction request method provided by an embodiment of the present application;
FIG. 19 is another flow chart of a transaction request method provided by an embodiment of the present application;
FIG. 20 is a schematic diagram of a transaction processing device according to an embodiment of the present application;
FIG. 21 is a schematic diagram of a transaction request device according to an embodiment of the present application;
fig. 22 is a schematic structural diagram of a server according to an embodiment of the present application;
Fig. 23 is a schematic structural diagram of a computer device according to an embodiment of the present application.
Detailed Description
In order that those skilled in the art will better understand the solution of the present application, a technical solution of an embodiment of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiment of the present application, and it is apparent that the described embodiment is only a part of the embodiment of the present application, not all the embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to fall within the scope of the application.
It will be appreciated that in the specific embodiment of the present application, related data such as account addresses, communication addresses, etc. of objects are involved, and when the above embodiments of the present application are applied to specific products or technologies, user permission or consent is required, and the collection, use and processing of related data is required to comply with related laws and regulations and standards.
In addition, when the embodiment of the application needs to acquire the related data such as the account address, the communication address and the like, the independent permission or independent agreement of the related data such as the account address, the communication address and the like is acquired through popup or skip to a confirmation page and the like, and after the independent permission or independent agreement of the related data such as the account address, the communication address and the like is definitely acquired, the related data such as the account address, the communication address and the like which are necessary for enabling the embodiment of the application to normally operate are acquired.
It should be noted that, in some of the processes described in the specification, claims and drawings above, a plurality of steps appearing in a particular order are included, but it should be clearly understood that the steps may be performed out of order or performed in parallel, the step numbers are merely used to distinguish between the different steps, and the numbers themselves do not represent any order of execution. Furthermore, the description of "first," "second," or "object" and the like herein is for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order.
Before describing embodiments of the present application in further detail, the terms and terminology involved in the embodiments of the present application will be described, and the terms and terminology involved in the embodiments of the present application are suitable for the following explanation:
Two-factor authentication (2FA,2Factor Authentication) two-factor authentication is a secure password authentication scheme. Unlike conventional password verification, which is composed of a set of static information such as characters, images, gestures, etc., it is easy to obtain and relatively unsafe. The two-factor verification is based on time, history length, physical (credit card, SMS mobile phone, token, fingerprint) and other natural variables combined with a certain encryption algorithm to form a group of dynamic passwords, which are generally refreshed every 60 seconds. Is not easy to be obtained and broken, and is relatively safe.
One-time Password (OTP), also known as dynamic Password or One-time Password, refers to a Password that can only be used once on a computer system or other digital device, and the expiration date is only One login session or transaction.
Data structure the data structure is the mode of computer storage and organization of data. A data structure refers to a collection of data elements that have one or more specific relationships with each other.
The blockchain (Blockchain) is a chain of blocks. Each block holds certain information which is linked in a chain according to the time sequence of their respective generation.
The Block (Block) has a main structure including a Block Header (Block Header) and a Block Body (Block Body), and data in the Block Header and the Block Body are Block data. The block header stores the hash value of the previous block, the hash value of the current block, the random number, the timestamp, and the merck root. The chunk contains a set of transactions or other data records that are encoded and put together and also calculated in the hash value of the entire chunk. The size of the zone blocks may vary as desired, and is typically limited in size.
Node (Node) refers to each participant or network Node in the blockchain network.
Random number (Nonce), a one-time random number automatically generated by the system, is used to solve the problem of mathematical problems, and the random number is regenerated each time the problem is solved.
Ledger Ledger refers to a block chain data structure, a record of all transaction information, similar and accounting, and is called "ledger".
Point-to-point (P2P), meaning that a single node can interact directly with other nodes without intermediate nodes or intervening mechanisms.
Remote procedure call (RPC, remote Procedure Call) allows remote services to be invoked as local services. Throughout the process, the RPC may hide specific communication details. The RPC is a communication mode, which can be realized through HTTP, and can also be realized through socket to realize a set of protocols.
The digital signature Digital Signature is also called public key digital signature, which is a section of digital string that can not be forged by others only the sender of data, and is also a valid proof of the authenticity of the information sent by the sender of data.
Asymmetric encryption, also known as public key encryption (public key encryption), refers to an encryption method consisting of a corresponding pair of unique keys (i.e., a public key and a private key).
With the development of the blockchain technology, more transaction processing systems based on the blockchain technology are presented at present, and the objects can realize operations such as virtual resource transfer, resource interchange and the like based on the transaction processing systems.
In the related art, when an object needs to perform a transaction processing through a transaction system, an account of the object and a private key corresponding to the account need to be input, and the transaction needing to be processed is authorized through the private key, for example, when virtual resource transfer is performed, the virtual resource transfer can be performed after the object inputs the account and the private key to be authorized.
However, in the related art, once the private key of the object is leaked or stolen, the pirate can transfer the virtual resource of the object according to the account and the private key of the object, which causes the virtual resource loss of the object. Accordingly, there is an unsafe problem in the related art in the course of the transaction.
In order to solve the problems, the embodiment of the application provides a scheme for realizing the blockchain transaction processing based on double-factor verification, which performs double verification on the transaction to be processed through an object private key and dynamic verification information, and is different from the scheme for verifying the transaction to be processed by only using the private key in the related technology.
The transaction processing method, the related method, the device, the storage medium and the equipment provided by the embodiment of the application are described in detail below.
Before describing the transaction processing method provided by the embodiment of the present application, please refer to fig. 1A to 1C, and the entire data sharing system is described in fig. 1A to 1C. The transaction processing method provided by the embodiment of the application can be executed based on the data sharing system.
Referring to fig. 1A, a schematic diagram of a data sharing system according to an embodiment of the present application is shown. The data sharing system 100 refers to a system for performing data sharing between nodes, where the data sharing system may include a plurality of nodes 101, and the plurality of nodes 101 may be respective clients in the data sharing system. Each node 101 may receive input information while operating normally and maintain shared data within the data sharing system based on the received input information. In order to ensure the information intercommunication in the data sharing system, information connection can exist between each node in the data sharing system, and the nodes can transmit information through the information connection. For example, when any node in the data sharing system receives input information, other nodes in the data sharing system acquire the input information according to a consensus algorithm, and store the input information as data in the shared data, so that the data stored on all nodes in the data sharing system are consistent.
Each node in the data sharing system has a node identifier corresponding to the node identifier, and each node in the data sharing system can store the node identifiers of other nodes in the data sharing system, so that the generated block can be broadcast to other nodes in the data sharing system according to the node identifiers of other nodes. Each node can maintain a node identification list shown in the following table, and the node names and the node identifications are correspondingly stored in the node identification list. The node identifier may be an IP (Internet Protocol, protocol interconnected between networks) address and any other information that can be used to identify the node, and the IP address is only illustrated in table 1.
| Node name | Node identification |
| Node 1 | 117.114.151.174 |
| Node 2 | 117.116.189.145 |
| ... | ... |
| Node N | 119.123.789.258 |
Each node in the data sharing system stores one and the same blockchain. The blockchain is made up of a plurality of blocks.
Referring to fig. 1B, fig. 1B is a schematic diagram of a block chain according to an embodiment of the present application. The block chain consists of a plurality of blocks, wherein the starting block comprises a block head and a block main body, the block head is stored with an input information characteristic value, a version number, a time stamp and a difficulty value, the block main body is stored with input information, the next block of the starting block takes the starting block as a father block, the next block also comprises a block head and a block main body, the block head is stored with the input information characteristic value of the current block, the block head characteristic value of the father block, the version number, the time stamp and the difficulty value, and the like, so that the block data stored in each block in the block chain are associated with the block data stored in the father block, and the safety of the input information in the block is ensured.
Referring to fig. 1C, fig. 1C is a schematic diagram illustrating a new block generation process in a blockchain according to an embodiment of the present application. When each block in the blockchain is generated, when the node where the blockchain is located receives input information, checking the input information, after the checking is completed, storing the input information into a memory pool, updating a hash tree used for recording the input information, updating an update timestamp to the time of receiving the input information, trying different random numbers, and calculating the characteristic value for a plurality of times, so that the calculated characteristic value can meet the following formula:
SHA256(SHA256(version+prev_hash+merkle_root+ntime+nbits+x))<TARGET
the SHA256 is a eigenvalue algorithm used for calculating eigenvalues, version is version information of related block protocols in a block chain, prev_hash is a block header eigenvalue of a parent block of a current block, merkle _root is an eigenvalue of input information, ntime is update time of an update timestamp, nbits is a current difficulty, is a fixed value in a period of time and is determined again after exceeding a fixed period of time, x is a random number, and TARGET is an eigenvalue threshold, wherein the eigenvalue threshold can be determined according to nbits.
Thus, when the random number meeting the formula is calculated, the information can be correspondingly stored to generate the block head and the block main body, and the current block is obtained. And then, the node where the blockchain is located sends the newly generated blocks to other nodes in the data sharing system where the newly generated blocks are located according to the node identification of other nodes in the data sharing system, the other nodes verify the newly generated blocks, and the newly generated blocks are added into the blockchain stored in the newly generated blocks after the verification is completed.
With continued reference to fig. 2, fig. 2 is a schematic diagram illustrating a transaction scenario in a blockchain according to an embodiment of the present application.
As shown in fig. 2, when the object needs to process some transactions, for example, the object needs to transfer the virtual resource, the client and the current node can communicate, so that the corresponding transaction is processed. For example, an object may input a corresponding transaction at a client, the client generates a transaction request according to the transaction, and sends the transaction request to a corresponding node, which is one node in the blockchain, and the node may be a server corresponding to the client, and in order to distinguish the node in the blockchain from other nodes in the blockchain, the node is hereinafter referred to as a current node.
After receiving the transaction request, the current node generates verification information according to the transaction request, determines a target account address of the object, inquires a communication address corresponding to the target account address in a stored account book of the blockchain according to the target account address, and then sends the verification information to the object through the communication address.
After receiving the verification information, the object inputs the verification information to the client, the client encrypts the verification information to generate encrypted verification information, and meanwhile, a transaction data structure is generated according to the transaction input by the object and the encrypted verification information. The transaction data structure comprises transaction associated data, transaction signatures, encryption verification information and object signatures. The client then sends the transaction data structure to the current node by way of remote procedure call communication. Wherein, the transaction corresponding to the transaction data structure may be a virtual resource transfer.
The current node can verify the transaction data structure, for example, the object signature can be verified through the object public key, the transaction signature can be verified through the object public key, when the object signature and the transaction signature pass the verification, the encrypted verification information needs to be decrypted and verified, and when the verification passes, the current node can set the node signature of the current node for the transaction data structure, for example, the node signature replaces the object signature in the transaction data structure, so that the target transaction data structure is obtained. Finally, the target transaction data structure is sent to other nodes of the same blockchain, for example, the target transaction data is broadcast to other nodes in a point-to-point mode. As shown in FIG. 2, other nodes including node 1, node 2, node 3, node 4, etc., the current node in the blockchain may be in point-to-point communication with any other node.
After receiving the target transaction data structure, other nodes can verify the node signature of the target transaction data structure through the node public key of the current node, verify the transaction signature of the target transaction data structure through the object public key of the object, and when the node signature and the transaction signature pass the verification, the other nodes agree on the transaction corresponding to the target transaction data structure.
After other nodes agree on the transaction, the current node may execute the transaction corresponding to the transaction data structure, such as to implement virtual resource transfer. The current node may write the transaction data structure into a corresponding target block, such as a block that is not fully stored, or a newly created block, so as to obtain an updated block, and finally send the updated block to other nodes. And the other nodes check the updated block, and when the other nodes pass the check of the updated block, the current node can receive the message which is sent by the other nodes and passes the check of the updated block.
The current node adds the updated block to its stored blockchain, and the transaction execution is complete. Each node in the blockchain writes the execution result corresponding to the transaction into the account book corresponding to the blockchain.
As can be seen from the above, in the embodiment of the present application, during the transaction processing, the current node in the blockchain performs verification on the transaction to be processed in a two-factor verification manner, that is, the current node performs digital signature verification and verification information verification, thereby ensuring the security during the transaction processing.
For a more detailed understanding of the transaction method according to the embodiment of the present application, please refer to fig. 3, and fig. 3 is a general flow chart of the transaction method according to the embodiment of the present application. The transaction processing method can improve the security in the transaction processing process.
The execution subject of the transaction processing method may be a server or a terminal, the terminal includes, but is not limited to, a mobile phone, a computer, an intelligent voice interaction device, an intelligent home appliance, a vehicle-mounted terminal, an aircraft, and the like, and the server may be one high-performance computer, a cluster of a plurality of high-performance computers, a part (such as a virtual machine) of one high-performance computer, a combination of a part (such as a virtual machine) of a plurality of high-performance computers, and the like in a network platform. Embodiments of the present application may be applied to a variety of scenarios including, but not limited to, virtual resource transfer, resource interchange, and the like.
It will be appreciated that in the following description of the transaction method, it may be described in terms of a node in the blockchain, referred to as the current node.
As shown in fig. 3, the transaction method may include the steps of:
Step 210, receiving a transaction request sent by a client, and returning generated verification information according to a communication address corresponding to the transaction request;
Step 220, receiving a transaction data structure generated by the client according to the verification information, wherein the transaction data structure comprises a transaction signature generated by encrypting the transaction-related data, encrypted verification information generated by encrypting the verification information, and an object signature generated by encrypting the transaction-related data, the transaction signature and the encrypted verification information;
Step 230, performing a first verification of the digital signature on the transaction data structure according to the object signature and the transaction signature, and performing a second verification of the verification information on the transaction data structure according to the encrypted verification information, so as to obtain a target verification result;
Step 240, broadcasting the transaction data structure to other nodes of the same block chain for broadcast verification when the target verification result indicates that the target verification result passes, so as to obtain a broadcast verification result;
Step 250, when the broadcast verification result indicates pass, executing the corresponding transaction in the transaction data structure.
Steps 210 to 250 will be described in detail below.
In step 210, a transaction request sent by the client is received, and the generated verification information is returned according to the communication address corresponding to the transaction request.
It will be appreciated that when an object requires a transaction, the corresponding transaction may be entered at the client, from which the client generates a transaction request, which is then sent to the current node. For example, the object needs to make a virtual resource transfer, the transaction is input at the client, and then the client generates a transaction request according to the transaction, and then sends the transaction request to the current node.
The current node may generate verification information according to the transaction request, and return verification information according to the communication address of the object, where the verification information is used to verify whether the transaction request is created by the object, where the communication address includes, but is not limited to, a terminal number, a mailbox address, and a software account address, where the verification information may be a string, for example, a string of pure numbers, a string of pure english, or a string of mixed numbers and english, where the verification information is randomly generated, that is, when each transaction request is received, a random verification information needs to be generated.
In some embodiments, the method for returning generated verification information according to the communication address corresponding to the transaction request may include the following steps:
(1.1) generating verification information according to the transaction request, and determining a target account address carried in the transaction request;
and (1.2) inquiring the communication address associated with the target account address in the account book of the blockchain, and returning verification information through the communication address.
After receiving the transaction request, the current node may generate verification information according to the transaction request, where the verification information may be a verification code or a one-time password.
The transaction request contains the target account address of the object, and the current node can determine the target account address only by reading the transaction request. And then, the associated address of the target account address is found in the account book of the stored blockchain through the target account address, then, the encrypted communication address corresponding to the target account address is found from the associated address, and the encrypted communication address is decrypted through the node private key, so that the communication address corresponding to the target account address is obtained.
It should be noted that, the object has an object private key and an object public key, where the object private key is kept by the object private key, and the object public key may be broadcast to any node of the blockchain. The current node is provided with a node private key and a node public key, the node private key is only kept by the current node, and the node public key can be sent to the client and other nodes of the same blockchain. That is, when the object public key and the node public key are used in the following of the present application, it may be understood that the object public key and the node public key have been obtained in advance, or the object public key and the node public key may be read from the interacted data. The object private key and the object public key are generated by adopting an asymmetric encryption algorithm, and the node private key and the node public key are generated by adopting an asymmetric encryption algorithm.
The current node sends the verification information to the client through the communication address, and the current node caches the verification information so as to be used in the follow-up verification process. The verification information has randomness, and the verification information is generated in a random generation mode, so that the verification information can be prevented from being cracked by following a single rule. The verification information has a certain character length, for example, a character length consisting of 10 characters, and when the character length reaches a certain length, the probability that the verification information is cracked is lower. The verification information has timeliness, for example, 60 seconds, and when the verification information is counted from the generation, the duration reaches the preset duration, the verification information is identified as invalid verification information and cannot be used for verification.
It can be understood that the verification information can only be sent to the communication address designated by the target account address, so as to ensure the security of sending the verification information, thereby ensuring the security in the subsequent transaction processing process.
In some embodiments, after generating and returning the verification information, the current node may determine whether the client continues to request to acquire the verification information, detect an acquisition frequency of acquiring the verification information requested by the client within a preset duration when the client continues to request to acquire the verification information, and if the acquisition frequency is higher than the preset acquisition frequency, the current node may stop continuing to transmit the verification information to the client. Therefore, the current node can be prevented from being subjected to external malicious requests, and the safety of the current node is protected.
From the above, verification information is generated by the transaction request, and the transaction is verified by the verification information later, so that the security in the transaction processing process can be improved.
In step 220, a transaction data structure generated by the client from the validation information is received, the transaction data structure including a transaction signature generated from the transaction-related data encryption, encrypted validation information generated from the validation information encryption, and an object signature generated from the transaction-related data, the transaction signature, and the encrypted validation information encryption.
It will be appreciated that after the object views the authentication information, the authentication information may be entered into the client, which may generate a transaction data structure from the transaction, authentication information, etc. The transaction data structure contains a plurality of different types of data.
For better illustrating the embodiments of the present application, please refer to fig. 4, fig. 4 is a schematic diagram of a transaction data structure according to an embodiment of the present application.
As shown in FIG. 4, the transaction data structure includes multiple types of data, and the transaction data structure is composed of a sub-transaction data structure and an object signature. The sub-transaction data structure contains transaction-related data, transaction signatures, and encryption validation information.
The transaction associated data consists of fields respectively corresponding to a target account address, a transfer account address, an amount, a random number and an object public key. The target account address may also be understood as a roll-out account address from which the virtual resource may be rolled out. Virtual resources may be transferred through the transfer account address. The amount is the amount that the virtual resource needs to be transferred. The random number is a randomly generated number, and can be used for preventing replay attack and improving the security of transaction associated data. The object public key is a public key of the object which is opened to the current node, and the object also has an object private key which is grasped by the object independently.
The transaction signature is generated by encrypting the transaction-related data by the client through the object private key, namely, the hash value of the transaction-related data is calculated by adopting an asymmetric encryption algorithm, and then the hash value is encrypted by adopting the object private key, so that the transaction signature is generated. The transaction signature is used by the current node to verify the integrity of the transaction-associated data.
In some embodiments, the object public key may not be included in the transaction-related data, e.g., the client may set the object public key in the transaction signature, and may obtain the object public key from the transaction signature when the current node reads the transaction signature.
The encrypted verification information is generated by encrypting the verification information by the client based on the node public key of the current node, and the verification information is encrypted by the node public key of the current node, so that the obtained encrypted verification information can only be read after the current node uses the node private key to decrypt, and the risk of leakage of the verification information is avoided.
The object signature is generated by the client encrypting the sub-transaction data structure with the object private key. The object signature may be used to verify the integrity of the sub-transaction data structure, thereby enabling verification of the integrity of the encrypted verification information.
In some implementations, the current node may read the transaction data structure, thereby reading different types of data therein.
In step 230, a first verification of the digital signature is performed on the transaction data structure based on the object signature and the transaction signature, and a second verification of the verification information is performed on the transaction data structure based on the encrypted verification information, resulting in a target verification result.
In the process of performing the transaction, the first verification of the digital signature on the transaction data structure can be performed according to the object signature and the transaction signature, for example, the integrity of the sub-transaction data structure in the transaction data structure can be verified through the object signature verification, and the integrity of the transaction associated data in the sub-transaction data structure can be verified through the transaction signature, so that the integrity of the transaction data structure is ensured to be intact. After verification is passed, the transaction data structure is verified according to the second verification of the verification information by encrypting the verification information, and the transaction data structure is verified by the verification information, so that the transaction data structure can be ensured to be generated by the operation of the object per se. Therefore, double factor verification of the transaction data structure is realized, and the security in the transaction processing process is improved.
Referring to fig. 5, fig. 5 is a flowchart illustrating a process of determining a target verification result according to an embodiment of the application. In some embodiments, the first verification of the digital signature on the transaction data structure according to the object signature and the transaction signature, and the second verification of the verification information on the transaction data structure according to the encrypted verification information, to obtain the target verification result, may include the following steps:
step 310, determining an object public key corresponding to the transaction data structure;
Step 320, verifying the object signature according to the object public key to obtain a first target verification result, wherein the first target verification result is used for verifying the integrity of the sub-transaction data structure;
Step 330, verifying the transaction signature according to the object public key to obtain a second target verification result, wherein the second target verification result is used for verifying the integrity of the transaction-related data;
Step 340, decrypting the encrypted verification information to obtain decrypted verification information when the first target verification result and the second target verification result both indicate passing;
and 350, verifying the decryption verification information according to the verification information to obtain a target verification result.
Steps 310 to 350 will be described in detail below.
In step 310, an object public key corresponding to the transaction data structure is determined.
In some embodiments, the client has sent the object public key to the current node before verifying the transaction signature and the object signature using the object public key, which can be obtained directly locally by the current node.
In some embodiments, the transaction-related data corresponding to the transaction data structure includes an object public key, and the current node may read the transaction-related data to obtain the object public key in the transaction-related data.
In step 320, the object signature is verified according to the object public key, resulting in a first target verification result, which is used to verify the integrity of the sub-transaction data structure.
In some embodiments, if the object signature is generated by encrypting the sub-transaction data structure by using an RSA encryption algorithm (RSA algoritm) and an object private key, the current node may decrypt the object signature by using the RSA encryption algorithm and the object public key to obtain a corresponding hash value A1, and the current node may calculate a hash value A2 of the sub-transaction data structure by using a hash function, and compare the hash value A1 with the hash value A2 to obtain the first target verification result. The hash value is also referred to as a hash value. When the first target verification result is verification pass, the sub-transaction data structure is complete.
If the hash value A1 is equal to the hash value A2, then the verification of the object signature is indicated. If the hash value A1 is not equal to the hash value A2, the object signature verification is not passed. By verifying the object signature, the integrity of the sub-transaction data structure can be verified, so that the integrity of the encrypted verification information in the sub-transaction data structure is indirectly verified.
If the object signature is generated by another encryption algorithm, the current node needs to use the corresponding encryption algorithm to decrypt when verifying the object signature. For example, ECDSA (Elliptic Curve DSA) algorithm, i.e., elliptic curve digital signature algorithm (DSA, digital Signature Algorithm) may be employed. Which is a variation of the digital signature algorithm that applies elliptic curve cryptography. The elliptic curve algorithm is quite complex in principle, but has good public key algorithm characteristics, and a private key cannot be reversely obtained through a public key. For another example, an SM2 algorithm may be used, where the SM2 algorithm is collectively referred to as an SM2 elliptic curve public key cryptography algorithm (SM is a pinyin abbreviation for commercial cryptography), and is a "elliptic curve" based cryptography ECC (Elliptic Curve Cryptography). SM2 is asymmetric encryption, because the algorithm is based on ECC, the signature speed and the secret key generation speed are faster than RSA, the security strength of ECC 256 bits (SM 2 adopts one of ECC 256 bits) is higher than RSA2048 bits, but the operation speed is faster than RSA.
It can be understood that in the embodiment of the application, the object public key and the object private key are obtained through an asymmetric encryption algorithm, so that the security in the information transmission process can be ensured. That is, the current node cannot acquire the object private key through the object public key, and the current node can verify whether the transaction data structure sent by the client is complete through the object public key.
In step 330, the transaction signature is verified according to the object public key, and a second target verification result is obtained, where the second target verification result is used to verify the integrity of the transaction-related data.
In some embodiments, if the transaction signature is generated by encrypting the transaction signature by the RSA encryption algorithm and the object private key, the current node may decrypt the transaction signature by using the RSA encryption algorithm and the object public key to obtain the corresponding hash value B1, and the current node may calculate the hash value B2 of the transaction-related data by using the hash function, and compare the hash value B1 with the hash value B2 to obtain the second target verification result. And when the second target verification result is verification passing, indicating that the transaction associated data is complete.
If the hash value B1 is equal to the hash value B2, then this indicates that the transaction signature verification passed. If the hash value B1 is not equal to the hash value B2, the transaction signature verification is not passed. By verifying the transaction signature, the integrity of the transaction-related data can be verified.
Similarly, if the transaction signature is generated by encrypting the client by using other encryption algorithms, the current node can decrypt by using the corresponding encryption algorithm.
In step 340, when the first target verification result and the second target verification result both indicate passing, the encrypted verification information is decrypted, and decrypted verification information is obtained.
It will be appreciated that when both the first target validation result and the second target validation result indicate pass, it is stated that both the transaction association data and the sub-transaction data structure are complete and the encrypted validation information is also complete, which also indirectly states that the transaction data structure is sent by the subject person operation.
The process adopts two times of digital signature verification, namely object signature verification and transaction signature verification, so that the security verification level of the transaction data structure is improved, and compared with one time of digital signature verification in the related technology, the security of the two times of digital signature verification is obviously higher.
In addition, when the first target verification result and the second target verification result both indicate passing, the encrypted verification information needs to be decrypted to obtain decrypted verification information. Thereby further validating the transaction data structure to determine whether it is generated for the subject person operation.
In some embodiments, step 340, decrypting the encrypted authentication information to obtain decrypted authentication information may include the steps of:
(1.1) determining a node private key corresponding to the current node;
And (1.2) decrypting the encrypted verification information according to the node private key to obtain decrypted verification information, wherein the encrypted verification information is generated by the client according to the node public key encryption of the current node.
It can be understood that the client and the current node hold public keys of each other, and the client can encrypt the verification information through the node public key of the current node, so as to generate encrypted verification information.
When the current node decrypts the encrypted verification information, the node private key can be adopted to decrypt the encrypted verification information, so that the decrypted verification information is obtained. Wherein, the algorithm adopted in the process of decrypting the encrypted verification information by the current node is consistent with the algorithm adopted in the process of generating the encrypted verification information.
In step 350, the decrypted authentication information is authenticated according to the authentication information to obtain a target authentication result.
It can be understood that the current node may compare the decrypted authentication information with the authentication information, so as to obtain a target authentication result, and when the decrypted authentication information is consistent with the authentication information, the target authentication result is that the authentication is passed. And when the decryption verification information is inconsistent with the verification information, the target verification result is that the verification is not passed.
For example, the verification information is a string of verification codes, and the decryption verification information is also a string of verification codes, so that whether the two verification codes are consistent can be directly compared, and a target verification result is obtained. When the two verification codes are consistent, the target verification result is verification passing. When the two verification codes are inconsistent, the target verification result is that the verification is not passed.
By re-verifying the transaction data structure by using the verification information, whether the transaction data is generated for the operation of the object per se can be further determined, so that the safety in the transaction processing process is further ensured.
As can be seen from steps 310 to 350, in the process of verifying the transaction data structure, in the embodiment of the present application, digital signature verification and verification information verification are adopted, where the digital signature verification can verify the integrity of the transaction data structure, and the verification information verification can verify whether the transaction data structure is generated by the operation of the object, so that the security in the transaction processing process can be improved by two verification methods.
In step 240, when the target verification result indicates pass, the transaction data structure is broadcast to other nodes of the same blockchain for broadcast verification, and a broadcast verification result is obtained.
When the target verification result indicates passing, the transaction data structure is generated by the operation of the object, and the current node can broadcast the transaction data structure to other nodes of the same blockchain for broadcast verification, so that a broadcast verification result is obtained.
Referring to fig. 6, fig. 6 is a flowchart illustrating a broadcast verification result determination process according to an embodiment of the application. In some embodiments, broadcasting the transaction data structure to other nodes of the same blockchain for broadcast verification, to obtain a broadcast verification result, including:
step 410, encrypting the sub-transaction data structure according to the node private key of the current node to generate a node signature;
step 420, replacing the node signature with the object signature in the transaction data structure to obtain a target transaction data structure;
Step 430, broadcasting the target transaction data structure to other nodes of the same block chain for broadcast verification, thereby obtaining a broadcast verification result.
Steps 410 to 430 will be described in detail below.
In step 410, the child transaction data structure is encrypted according to the node private key of the current node to generate a node signature.
The current node may perform node authentication processing for the transaction corresponding to the transaction data structure, for example, set a node signature of the current node for the transaction data structure, so as to obtain the target transaction data structure.
The current node can encrypt the sub-transaction data structure through the node private key to generate a node signature. For example, the current node first calculates a digest value, which may be a hash value, of the sub-transaction data structure. The digest value is then encrypted by the node private key to generate a node signature, which also corresponds to a value.
In step 420, the node signature replaces the object signature in the transaction data structure, resulting in the target transaction data structure.
Referring to fig. 7, fig. 7 is a schematic diagram of a target transaction data structure according to an embodiment of the application. The transaction association data and the sub-transaction data structure are not changed, and only the current node replaces the object signature in the transaction data structure with the node signature, so that the target transaction data structure is generated.
By setting the node signature, the authentication of the target transaction data structure by other subsequent nodes through the node signature is facilitated. Thereby realizing the authentication of the transaction corresponding to the target transaction data.
In step 430, the target transaction data structure is broadcast to other nodes of the same blockchain for broadcast verification, resulting in a broadcast verification result.
It will be appreciated that during execution of a transaction, other nodes of the same blockchain to which the current node corresponds are required to agree on the transaction to be able to execute the transaction. For example, other nodes may verify the target transaction data structure, and when most nodes in the blockchain verify the target transaction data structure, for example, more than eighty percent of nodes verify the target transaction data structure, the target transaction data structure can be identified as corresponding to the target transaction data, and the current node can execute the transaction.
Therefore, the target transaction data structure needs to be broadcasted to other nodes of the same blockchain for broadcast verification, and a broadcast verification result is obtained.
In some embodiments, broadcasting the target transaction data structure to other nodes of the same blockchain for broadcast verification, to obtain a broadcast verification result, including:
Broadcasting the target transaction data structure to other nodes of the same blockchain, so that the other nodes determine node signatures, transaction signatures, object public keys and node public keys corresponding to the target transaction data structure, verify the node signatures according to the node public keys to obtain a third target verification result, verify the transaction signatures according to the object public keys to obtain a fourth target verification result, and obtain a broadcast verification result based on the third target verification result and the fourth target verification result, wherein the third target verification result is used for verifying the authenticity of the nodes corresponding to the target transaction data structure, and the fourth target verification result is used for verifying the integrity of transaction-related data.
That is, other nodes may implement verification of transactions through object signatures and node signatures.
Referring to fig. 8 in combination, fig. 8 is a schematic flow chart of verifying a target transaction data structure according to an embodiment of the application. In connection with fig. 8, described below in terms of other nodes, the other nodes may verify the target transaction data structure by:
Step 410, determining a node signature, a transaction signature, an object public key and a node public key corresponding to the target transaction data structure;
step 420, verifying the node signature according to the node public key to obtain a third target verification result, wherein the third target verification result is used for verifying the authenticity of the node corresponding to the target transaction data structure;
Step 430, verifying the transaction signature according to the object public key to obtain a fourth target verification result, wherein the fourth target verification result is used for verifying the integrity of the transaction-related data;
step 440, obtaining a broadcast verification result based on the third target verification result and the fourth target verification result.
Steps 410 to 440 will be described in detail below.
In step 410, a node signature, a transaction signature, an object public key, and a node public key corresponding to the target transaction data structure are determined.
It will be appreciated that other nodes may receive the node public key that will broadcast the current node together while receiving the target transaction data structure broadcast by the current node.
Other nodes may read the object public key, transaction signature, and node signature from the target transaction data structure.
In step 420, the node signature is verified according to the node public key, and a third target verification result is obtained, where the third target verification result is used to verify the authenticity of the node corresponding to the target transaction data structure.
In some embodiments, after receiving the target transaction data structure, if the node signature is generated by encrypting the sub-transaction data structure by using the asymmetric encryption algorithm and the node private key, the other node may verify the node signature by using the corresponding asymmetric encryption algorithm and the node public key, thereby obtaining a third target verification result. And verifying the integrity of the sub-transaction data structure through a third target verification result. When the third target verification result is verification pass, the sub-transaction data structure is complete.
For example, other nodes can decrypt the node signature through a corresponding asymmetric encryption algorithm and a node public key to obtain a corresponding hash value C1, then obtain a hash value C2 of the sub-transaction data structure, and compare the hash value C1 with the hash value C2 to obtain a third target verification result. If the hash value C1 is equal to the hash value C2, then the node signature verification is verified. If the hash value C1 is not equal to the hash value C2, the node signature verification is not passed.
In step 430, the transaction signature is verified according to the object public key, and a fourth target verification result is obtained, where the fourth target verification result is used to verify the integrity of the transaction-related data.
In some embodiments, after receiving the target transaction data structure, if the transaction signature is generated by encrypting the transaction-related data by using the asymmetric encryption algorithm and the object private key, the other node may verify the transaction signature by using the corresponding asymmetric encryption algorithm and the object public key, thereby obtaining a fourth target verification result. And verifying the integrity of the transaction-related data through a fourth target verification result. And when the fourth target verification result is verification passing, the transaction association data is complete.
For example, other nodes can decrypt the node signature through a corresponding asymmetric encryption algorithm and the object public key to obtain a corresponding hash value D1, then obtain a hash value D2 of the transaction-related data, and compare the hash value D1 with the hash value D2 to obtain a fourth target verification result. If the hash value D1 is equal to the hash value D2, then this indicates that the transaction signature verification passed. If the hash value D1 is not equal to the hash value D2, then the transaction signature verification is not passed.
In step 440, a broadcast verification result is obtained based on the third target verification result and the fourth target verification result.
It will be appreciated that when both the third target validation result and the fourth target validation result indicate pass, the resulting broadcast validation result indicates that the target transaction data structure is validated. Other nodes agree on the transaction corresponding to the target transaction data structure.
If any one of the third target verification result and the fourth target verification result fails to pass the verification, the obtained broadcast verification result indicates that the target transaction data structure fails to pass the verification.
The other nodes may send the broadcast authentication result to the current node.
As can be seen from steps 410 to 440, during the execution of the transaction, the target transaction data structure corresponding to the transaction also needs other nodes to verify, and the current node can execute the transaction only after the verification is passed, thereby improving the security during the transaction processing.
In some embodiments, the duration of time that the validation information is calculated from the generation may also be obtained before broadcasting the transaction data structure to other nodes of the same blockchain for broadcast validation, resulting in a broadcast validation result. For example, when the current node generates the verification information, the generation time is determined, and then timing is started by taking the generation time as the start, so that the duration of the verification information is calculated.
And when the target verification result indication passes and the duration does not exceed the preset duration, broadcasting the transaction data structure to other nodes of the same block chain for broadcast verification, and obtaining a broadcast verification result. The duration time does not exceed the preset duration time, whether the verification information is effective is indicated, and the security in the transaction processing process can be further ensured by setting the effective preset duration time of the verification information. When the duration exceeds the preset duration, the duration of verification information calculated from the generation is described for a long time, and the risk of verification information leakage possibly occurs in the process, and at the moment, the current node selects not to broadcast the transaction data structure to other nodes of the same blockchain for broadcast verification so as to ensure the security in the transaction processing process.
In step 250, when the broadcast validation result indicates a pass, the corresponding transaction in the transaction data structure is executed.
In some embodiments, when the broadcast validation result indicates pass, it is stated that other nodes in the blockchain agree on the transaction, at which point the current node may execute the corresponding transaction in the transaction data structure.
Specifically, executing the corresponding transaction in the transaction data structure includes:
(1.1) writing the transaction data structure into a target block to obtain an updated block;
And (1.2) sending the updated block to other nodes, writing the updated block into a blockchain after receiving verification passing information of other nodes on the updated block, and writing an execution result corresponding to the transaction into an account book corresponding to the blockchain.
For example, the current node may determine a block that is not locally stored as the target block, or create a new block that is determined to be the template block. The transaction data structure is then written to the target block, resulting in an updated block.
The current node sends the updated block to other nodes, so that the other nodes can verify the updated block, the other nodes can verify the node signature corresponding to the updated block, and after the verification is passed, the updated block is agreed. After receiving the verification passing message of other nodes on the updated block, the current node can write the updated block into the blockchain, and simultaneously write the execution result corresponding to the transaction in the account book corresponding to the blockchain.
For example, if the transaction is a virtual resource transfer, the transfer account address, target account address, amount, etc. may be written into the blockchain ledger.
As can be seen from steps 210 to 250, in the embodiment of the present application, double verification of the transaction data structure is achieved through digital signature verification and verification information verification, and then the transaction corresponding to the transaction data structure is executed, so that the security in the transaction processing process is ensured.
The embodiment of the application comprises the steps of receiving a transaction request sent by a client and returning generated verification information according to a communication address corresponding to the transaction request, receiving a transaction data structure generated by the client according to the verification information, wherein the transaction data structure comprises a transaction signature generated by encrypting transaction associated data, encrypted verification information generated by encrypting the verification information, and an object signature generated by encrypting the transaction associated data, the transaction signature and the encrypted verification information, performing first verification of a digital signature on the transaction data structure according to the object signature and the transaction signature, and performing second verification of the verification information on the transaction data structure according to the encrypted verification information, so as to obtain a target verification result, broadcasting the transaction data structure to other nodes of the same blockchain for broadcast verification when the target verification result indicates that the target verification result passes, and executing corresponding transactions in the transaction data structure when the broadcast verification result indicates that the target verification result passes. In the embodiment of the application, the current node can return generated verification information according to the communication address corresponding to the transaction request, then receive the transaction data structure returned by the client according to the verification information, carry out digital signature verification on the transaction data structure through the object signature and the transaction signature in the transaction data structure, carry out verification information verification on the encrypted verification information in the transaction data structure after the digital signature verification is passed, confirm that the transaction data structure is generated by the operation of the object itself after the verification information is passed, and finally execute the transaction corresponding to the transaction data structure, thereby ensuring that the transaction data structure is authorized and complete by the object legal through the double verification of the digital signature verification and the verification information verification, and further ensuring the security in the transaction processing process.
Referring to fig. 9 together, fig. 9 is a schematic flow chart of a transaction according to an embodiment of the application. Wherein the station is described at the current node.
As shown in fig. 9, after the current node receives the transaction data structure sent by the client, the object signature and the transaction signature in the transaction data structure need to be verified using cryptographic techniques. The transaction data structure comprises a sub-transaction data structure and an object signature, wherein the sub-transaction data structure comprises transaction association data, the transaction signature and encrypted verification information generated by a client according to verification information sent by a current node.
After the object signature and the transaction signature pass verification, the node private key of the current node is used for decrypting the encrypted verification information, so that decryption verification information is obtained, whether the decryption verification information is identical to the verification information stored by the current node or not is determined, and if the decryption verification information is identical to the verification information stored by the current node, the transaction data structure passes verification.
The current node needs to send the transaction data structure to other nodes of the same blockchain for verification, at this time, the node private key can be used for encrypting the sub-transaction data structure to generate a node signature, and the node signature replaces the object signature, so that the target transaction data structure is generated. The target transaction data structure is then broadcast to other nodes. After the verification of the target transaction data structure by other nodes is passed, the other nodes agree on the transaction corresponding to the target transaction data structure.
After receiving the information that the other nodes pass through the verification of the target transaction data structure, the current node executes the transaction corresponding to the transaction data structure, and writes the execution result of the transaction into the account book of the blockchain, thereby completing the transaction processing.
According to the method, double verification of the transaction data structure is realized through digital signature verification and verification information verification, and the security of the transaction processing process is improved.
The specific implementation of the above steps can be referred to the previous embodiments, and will not be repeated here.
Referring to fig. 10, fig. 10 is an interaction diagram of a transaction according to an embodiment of the present application. Where clients, current nodes, and other nodes are involved.
When the object is to execute the transaction, the transaction is input to the client, and the client sends a transaction request to the current node. The current node may return authentication information corresponding to the client according to the transaction request. The client may generate a transaction data structure from the validation information and the transaction, and send the transaction data structure to the current node. The current node verifies the transaction data structure, and the object signature, the transaction signature and the encryption verification information in the transaction data structure are verified in detail, namely, double factor verification of digital signature verification and verification information verification is realized.
After the current node verifies the target transaction data structure, node signatures are set for sub-transaction data structures in the transaction data structure, the node signatures are replaced by object signatures in the transaction data structure, so that the target transaction data structure is generated, and then the target transaction data structure is broadcast to other nodes.
And the other nodes verify the target transaction data structure and return broadcast verification results to the current node. When the broadcast verification result indicates that the broadcast verification result passes, the current node executes a transaction corresponding to the transaction data structure, writes the transaction data structure into the target block to obtain an updated block, and then broadcasts the updated block to other nodes.
After the other nodes verify the updated block, consensus is achieved, and a block verification result is returned to the current node. When the block verification result indicates that the block verification result passes, the current node writes the updated block into the block chain, and writes the execution result of the transaction into the account book of the block, and the current node sends a transaction processing result to the client, so that the success of the transaction processing of the object is informed.
The specific implementation of the above steps can be referred to the previous embodiments, and will not be repeated here.
Referring to fig. 11, fig. 11 is a flowchart of registration in a transaction process according to an embodiment of the present application.
In some embodiments, before receiving a transaction request sent by a client and returning generated verification information according to a communication address corresponding to the transaction request, registration of a target account address and a communication address of an object is also involved. The transaction can be requested only if the target account address and the communication address of the object are registered.
Specifically, as shown in fig. 11, before receiving a transaction request sent by a client, and returning generated verification information according to a communication address corresponding to the transaction request, the method further includes:
Step 610, receiving a registration data structure sent by the client, where the registration data structure includes a registration transaction signature encrypted according to registration association data, an encrypted communication address encrypted according to a communication address, and a registration object signature encrypted according to the registration association data, the registration transaction signature, and the encrypted communication address;
Step 620, verifying the digital signature of the registration data structure according to the registration object signature and the registration transaction signature, and verifying the communication address of the registration data structure according to the encrypted communication address to obtain a registration verification result;
step 630, broadcasting the registration data structure to other nodes for registration verification when the registration verification result indicates that the registration verification result passes, so as to obtain a target registration verification result;
and 640, when the target registration verification result indicates that the target registration verification result passes, the registration of the corresponding target account address and communication address in the registration data structure is realized.
Steps 610 to 640 will be described in detail below.
In step 610, a registration data structure sent by the client is received, the registration data structure including a registration transaction signature generated based on registration association data encryption, an encrypted communication address generated based on communication address encryption, and a registration object signature generated based on registration association data, the registration transaction signature, and the encrypted communication address encryption.
It will be appreciated that when an object needs to register its target account address and communication address, the client generates a registration data structure. For example, the client may generate a registration data structure according to the target account address to be registered by the object and the communication address of the object. The registration data structure consists of a sub-registration data structure and a registration object signature, wherein the sub-registration data structure comprises registration association data, a registration transaction signature and an encrypted communication address.
It should be noted that, the object has an object private key and an object public key, where the object private key is kept by the object private key, and the object public key may be broadcast to any node of the blockchain. The current node is provided with a node private key and a node public key, the node private key is only kept by the current node, and the node public key can be sent to the client and other nodes of the same blockchain. That is, when the object public key and the node public key are used in the following of the present application, it may be understood that the object public key and the node public key have been obtained in advance, or the object public key and the node public key may be read from the interacted data. The object private key and the object public key are generated by adopting an asymmetric encryption algorithm, and the node private key and the node public key are generated by adopting an asymmetric encryption algorithm.
Referring to fig. 12 together, fig. 12 is a schematic diagram of a registration data structure according to an embodiment of the application.
As shown in fig. 12, the registration data structure includes a plurality of types of data, and is composed of a sub-registration data structure and a registration object signature. The sub-registration data structure includes registration association data, a registration transaction signature, and an encrypted communication address.
The registration association data consists of fields corresponding to a target account address, a transfer account address, an amount, a random number and an object public key respectively. Because the registration association data is actually used for registration, the field corresponding to the transfer account address and the field corresponding to the amount in the registration association data can be null. Thus, there are the target account address, the random number, and the object public key that are actually present in the registration association data.
The target account address is an account address to be registered. The random number can be used for preventing replay attack and improving the security of the registration associated data. The object public key is a public key of the object which is opened to the current node, and the object also has an object private key which is grasped by the object independently.
The registration transaction signature is generated by encrypting registration association data by the client through the object private key. The registration transaction signature is used by the current node to verify the integrity of the registration association data.
In some embodiments, the registration association data may not include the object public key, for example, the client may set the object public key in the registration transaction signature, and may obtain the object public key from the registration transaction signature when the current node reads the registration transaction signature.
The encrypted communication address is generated by encrypting the communication address of the object by the client based on the node public key of the current node.
The registration object signature is generated by the client encrypting the sub-registration data structure with the object private key. The registration object signature may be used to verify the integrity of the sub-registration data structure, thereby enabling verification of the integrity of the encrypted communication address.
The current node may read the registration data structure to read different types of data therein.
In some embodiments, before verifying the registration data structure, a target field in the registration association data may be determined, where the target field includes at least a field corresponding to the account address, and the target field may further include other fields, such as a field corresponding to the amount. If the target field is empty, the registration data structure is validated.
It will be appreciated that when the target field is empty, the current node is able to determine that the registration transaction data structure is for registration with the target account.
In step 620, the registration data structure is verified by digital signature based on the registration object signature and the registration transaction signature, and the registration data structure is verified by the communication address based on the encrypted communication address, so as to obtain a registration verification result.
In some embodiments, the current node may verify the digital signature of the registration data structure by using the registration object signature and the registration transaction signature, decrypt the encrypted communication address after the verification is passed, obtain a decrypted communication address, and then perform authenticity verification on the decrypted communication address, thereby obtaining a registration verification result.
Referring to fig. 13 together, fig. 13 is a schematic flow chart of verification of a registration data structure according to an embodiment of the application.
In some embodiments, the method for verifying the digital signature on the registration data structure according to the registration object signature and the registration transaction signature, and verifying the communication address on the registration data structure according to the encrypted communication address, to obtain a registration verification result, may include the following steps:
Step 710, determining an object public key corresponding to the registration data structure;
step 720, verifying the registered object signature according to the object public key to obtain a first registration verification result, wherein the first registration verification result is used for verifying the integrity of the sub-registration data structure;
Step 730, verifying the registration transaction signature according to the object public key to obtain a second registration verification result, wherein the second registration verification result is used for verifying the integrity of registration associated data;
Step 740, when the first registration verification result and the second registration verification result both indicate that the first registration verification result and the second registration verification result pass, decrypting the encrypted communication address through the node private key of the current node to obtain a decrypted communication address;
And 750, carrying out authenticity verification on the decrypted communication address to obtain a registration verification result.
Steps 710 to 750 will be described in detail below.
In step 710, an object public key corresponding to the registration data structure is determined.
The current node may read the registration association data in the registration data structure and then read the object public key of the object in the registration association data.
In step 720, the registration object signature is verified according to the object public key to obtain a first registration verification result, where the first registration verification result is used to verify the integrity of the sub-registration data structure.
In some embodiments, if the registration object signature is generated by encrypting the sub-registration data structure by using an asymmetric encryption algorithm and an object private key, the current node may decrypt the registration object signature by using the asymmetric encryption algorithm and the object public key to obtain a corresponding hash value E1, and the current node may calculate a hash value E2 of the sub-registration data structure by using a hash function, and compare the hash value E1 with the hash value E2 to obtain the first registration verification result. The hash value is also referred to as a hash value. When the first registration verification result is verification passing, the sub-registration data structure is complete.
If the hash value E1 is equal to the hash value E2, the verification of the registration object signature is passed. If the hash value A1 is not equal to the hash value A2, it is indicated that the registration target signature verification is not passed. By verifying the signature of the registration object, the integrity of the sub-registration data structure can be verified, so that the integrity of the encrypted communication information in the sub-registration data structure is indirectly verified.
In step 730, the registration transaction signature is verified according to the object public key, and a second registration verification result is obtained, where the second registration verification result is used to verify the integrity of the registration association data.
In some embodiments, if the registered transaction signature is generated by encrypting the registered transaction signature by using an asymmetric encryption algorithm and an object private key, the current node may decrypt the registered transaction signature by using the asymmetric encryption algorithm and the object public key to obtain a corresponding hash value F1, and the current node may calculate a hash value F2 of the registered associated data by using a hash function, and may obtain a second registration verification result by comparing the hash value F1 with the hash value F2. And when the second registration verification result is verification passing, indicating that the registration association data is complete.
If the hash value F1 is equal to the hash value F2, then the registration transaction signature verification is indicated as passing. If the hash value F1 is not equal to the hash value F2, the registration transaction signature verification is not passed. By verifying the registration transaction signature, the integrity of the registration association data can be verified.
In step 740, when the first registration verification result and the second registration verification result both indicate that the first registration verification result and the second registration verification result pass, the encrypted communication address is decrypted by the node private key of the current node, so as to obtain a decrypted communication address.
It will be appreciated that when both the first registration verification result and the second registration verification result indicate pass, the registration association data and the sub-registration data structure are both complete, and the encrypted communication address is also complete, thereby verifying the security of the registration data structure.
The process adopts two times of digital signature verification, namely registration object signature verification and registration transaction signature verification, so that the security verification level of a registration data structure is improved, and compared with one time of digital signature verification in the related technology, the security of the two times of digital signature verification is obviously higher.
In addition, when the first registration verification result and the second registration verification result both indicate that the first registration verification result and the second registration verification result pass, the encrypted communication address also needs to be decrypted, and the decrypted communication address is obtained. The decrypted address is actually the address provided by the object, because the verification of the signature of the registered object has already verified the integrity of the sub-registration data structure, i.e. the integrity of the encrypted address in the sub-transaction data structure, which indicates that the encrypted address has not been changed.
Specifically, for example, the current node may decrypt the encrypted communication address by using the node private key, so as to obtain a decrypted communication address, where the encrypted communication address is generated by encrypting the communication address of the object by the client according to the node public key of the current node.
In step 750, the decrypted address is verified for authenticity, resulting in a registration verification result.
After the current node obtains the communication address, the current node also needs to perform authenticity verification on the communication address, for example, whether the communication address is an actually available communication address is verified, the current node can send a communication address authenticity inquiry request to an operator, if the operator replies that the communication address is the actually available address, the decrypted communication address is determined to be available for registration, so that a registration verification result is obtained, and the registration verification result at the moment indicates that the decrypted communication address passes the verification. Otherwise, if the decrypted address is not a truly available address, the registration verification result indicates that the decrypted address is not verified.
It should be noted that, for the verification of the authenticity of the decrypted communication address, the verification may be performed in other manners.
From steps 710 to 750, it can be seen that the security of the registration data structure can be determined by verifying the digital signature of the registration object signature and the registration transaction signature, and then the authenticity of the encrypted communication address can be determined by verifying the communication address of the encrypted communication address. Thereby achieving security in the registration process from two-way authentication.
In step 630, when the registration verification result indicates that the registration verification result is passed, the registration data structure is broadcasted to other nodes for registration verification, and a target registration verification result is obtained.
When the registration verification result indicates that the registration data structure is safe and registrable, the current node can set a registration node signature for a sub-registration data structure in the registration data structure, for example, the sub-registration data structure is encrypted by a node private key to generate the registration node signature, and then the registration node signature is replaced with a registration object signature in the registration data structure, so that the target registration data structure is obtained. The target registration data structure is then broadcast to other nodes for registration verification.
Referring to fig. 14 together, fig. 14 is a schematic diagram of a destination register data structure according to an embodiment of the application. The target registration data structure is composed of a sub-registration data structure and a registration node signature, wherein the sub-registration data structure comprises registration association data, a registration transaction signature and an encrypted communication address. That is, the target registration data structure is simply a replacement for the registration object signature with respect to the registration data structure.
In some embodiments, after the other nodes receive the target registration data structure, the other nodes may determine an object public key, a node public key, a registration node signature, and a registration transaction signature corresponding to the target registration data structure. Other nodes can verify the registration node signature through the node public key, so that a third registration verification result is obtained, and the third registration verification result is used for verifying the authenticity of the node corresponding to the target registration data structure. Other nodes can verify the registration transaction signature through the object public key, so that a fourth registration verification result is obtained, and the fourth registration verification result is used for verifying the integrity of registration associated data in the target registration data structure. And obtaining a target registration verification result based on the third registration verification result and the fourth registration verification result. When the third registration verification result and the fourth registration verification result are both indicating verification passing, the target registration verification result indicates that the target registration data structure verification passes. When either one of the third registration verification result and the fourth registration verification result does not indicate that the verification is passed, the target registration verification result indicates that the target registration data structure is not passed.
The current node may receive the target registration verification result sent by the other verification node.
In step 640, when the target registration verification result indicates that the target registration verification result is passed, registration of the corresponding target account address and communication address in the registration data structure is achieved.
It will be appreciated that when the target registration verification result indicates that the target account address and the communication address pass, the current node may perform registration on the target account address and the communication address, for example, write registration association data into a block, thereby obtaining a registration block, and then send the registration block to other nodes, and after the registration block passes verification, the other nodes reach consensus. The current node may then write the registration block into the blockchain to thereby effect registration of the target account address and the communication address.
The current node may also write the target account address and encrypted communication address of the object to the ledger of the blockchain.
In some embodiments, the registering of the corresponding target account address and communication address in the registration data structure is implemented, including:
The method comprises the steps of (1.1) sequentially splicing character strings respectively corresponding to an object public key, an encrypted communication address and a node public key of a current node to obtain an associated address corresponding to a target account address;
(1.2) writing the associated address into the ledger corresponding to the blockchain.
The current node can acquire the character strings respectively corresponding to the object public key, the encrypted communication address and the node public key, and then splice the character strings respectively corresponding to the object public key, the encrypted communication address and the node public key of the current node in sequence to obtain the associated address corresponding to the target account address. The associated address may be stored in the form of a key-value in the ledger of the blockchain. Thus, when the subsequent object is to execute the transaction, the current node can directly query the encrypted communication address of the object in the account book of the blockchain and then decrypt the encrypted communication address, thereby obtaining the communication address of the object.
In steps 610 to 640, when the object is to register its target account address and communication address, the digital signature verification is performed on the registered object signature and the registered transaction signature of the registration data structure, and at the same time, the communication address verification is performed on the encrypted communication address, so that the security in the registration process is ensured in two aspects.
Referring to fig. 15 together, fig. 15 is a flow chart illustrating a registration process according to an embodiment of the application.
When the current node receives the registration data structure, the current node can read the registration data structure, and when the target field in the registration data structure is empty, the current node starts to execute the registration process. And then extracting the target account address from the registration data structure, and if the current node does not have the registration information of the target account address, registering the target registration address later.
The current node uses a cryptographic technology to verify the registered transaction signature and the registered object signature in the registered data structure, and when the registered transaction signature and the registered object signature pass the verification, the current node also needs to decrypt the encrypted communication address to obtain a decrypted communication address, and then performs authenticity verification on the decrypted communication address to obtain a registered verification result.
And if the registration verification result indicates that the registration verification result passes, encrypting the sub-registration data structure in the registration data structure by using the node private key to generate a registration node signature. And then replacing the registration object signature in the registration data structure with the registration node signature so as to obtain a target registration data structure, and broadcasting the target registration data structure to other nodes. The other nodes can verify the target registration data structure, generate a target registration verification result, and send the target registration verification result to the current node. When the target verification result indicates that the target verification result passes, other nodes achieve consensus on the registration request, the current node can achieve registration of the target account address and the communication address, and the target account address and the communication address are written into an account book of the blockchain.
According to the method, the double verification is realized by carrying out digital signature verification and communication address verification on the registration data structure, so that the security of the registration data structure is determined, and the security in the registration process is ensured.
The specific implementation of the above steps can be referred to the previous embodiments, and will not be repeated here.
Referring to fig. 16, fig. 16 is an interaction diagram of a registration process according to an embodiment of the application. Including clients, current nodes, and other nodes.
When the object needs to register the account, the target account address and the communication address which need to be registered can be input into the client, the client generates a registration data structure according to the target account address and the communication address, and then the registration data structure is sent to the current node.
The current node performs verification on the registration data structure, for example, performs digital verification on the registration object signature and the registration transaction signature in the registration data structure, and performs address verification on the encrypted address in the registration data structure when verification passes, so as to obtain a registration verification result.
When the registration verification result indicates that the registration verification result passes, the current node encrypts a sub-registration data structure in the registration data structure by using a node private key to generate a registration node signature. And then replacing the registration object signature in the registration data structure with the registration node signature so as to obtain a target registration data structure, and broadcasting the target registration data structure to other nodes.
The other nodes can verify the target registration data structure, generate a target registration verification result, and send the target registration verification result to the current node. And when the target registration verification result indicates that the target registration verification result passes, the current node executes the target account address and the communication address and sends the registration result to the client.
The specific implementation of the above steps can be referred to the previous embodiments, and will not be repeated here.
The embodiment of the application provides a detailed flow of a transaction processing method.
Referring to fig. 17, fig. 17 is another flow chart of a transaction processing method according to an embodiment of the application. The transaction method may further include the steps of:
Step 801, receiving a registration data structure sent by a client, wherein the registration data structure comprises a registration transaction signature generated by encrypting registration associated data, an encrypted communication address generated by encrypting a communication address, and a registration object signature generated by encrypting the registration associated data, the registration transaction signature and the encrypted communication address;
Step 802, determining an object public key corresponding to the registration data structure, and verifying the registration object signature according to the object public key to obtain a first registration verification result, wherein the first registration verification result is used for verifying the integrity of the sub-registration data structure;
Step 803, verifying the registration transaction signature according to the object public key to obtain a second registration verification result, wherein the second registration verification result is used for verifying the integrity of registration associated data;
Step 804, when the first registration verification result and the second registration verification result indicate that the first registration verification result and the second registration verification result pass, decrypting the encrypted communication address through the node private key of the current node to obtain a decrypted communication address, and performing authenticity verification on the decrypted communication address to obtain a registration verification result;
step 805, broadcasting the registration data structure to other nodes for registration verification when the registration verification result indicates that the registration verification result passes, so as to obtain a target registration verification result;
step 806, when the target registration verification result indicates that the target registration verification result passes, the registration of the corresponding target account address and communication address in the registration data structure is realized;
Step 807, receiving a transaction request sent by the client, and returning generated verification information according to a communication address corresponding to the transaction request;
Step 808, receiving a transaction data structure generated by the client according to the verification information, wherein the transaction data structure comprises a transaction signature generated by encrypting the transaction-related data, encrypted verification information generated by encrypting the verification information, and an object signature generated by encrypting the transaction-related data, the transaction signature and the encrypted verification information;
step 809, determining an object public key corresponding to the transaction data structure, and verifying the object signature according to the object public key to obtain a first target verification result, wherein the first target verification result is used for verifying the integrity of the sub-transaction data structure;
step 810, verifying the transaction signature according to the object public key to obtain a second target verification result, wherein the second target verification result is used for verifying the integrity of the transaction associated data;
step 811, decrypting the encrypted verification information to obtain decrypted verification information when the first target verification result and the second target verification result both indicate passing, and verifying the decrypted verification information according to the verification information to obtain a target verification result;
Step 812, broadcasting the transaction data structure to other nodes of the same blockchain for broadcast verification when the target verification result indicates that the target verification result passes, so as to obtain a broadcast verification result;
Step 813, when the broadcast verification result indicates that the pass, executing the corresponding transaction in the transaction data structure.
The whole flow from registration to execution of the transaction is described in this embodiment, and the number of relevant faces of the above steps is described in detail in the above embodiment, and will not be described here again.
In the embodiment of the application, the execution flow standing on the angle of the client is implemented.
In some embodiments, the transaction process may also be described from the perspective of the client, please continue to refer to fig. 18, and fig. 18 is a general flow chart of a transaction request method according to an embodiment of the present application. The transaction request method may include the steps of:
step 910, generating a transaction request according to the transaction input by the object, and sending the transaction request to the target node, wherein the transaction request comprises the target account address of the object;
Step 920, receiving verification information generated by the target node according to the transaction request and returned by the communication address associated with the target account address, and encrypting the verification information according to the node public key of the target node to generate encrypted verification information;
step 930, generating transaction-related data based on the target account address and the transaction, and encrypting the transaction-related data through an object private key of the object to generate a transaction signature;
step 940, encrypting the transaction associated data, the transaction signature and the encryption verification information according to the object private key to generate an object signature;
Step 950, generating a transaction data structure according to the transaction association data, the transaction signature, the encryption validation information, and the object signature, and transmitting the transaction data structure to the target node.
Steps 910 to 950 will be described in detail below.
In step 910, a transaction request is generated from a transaction entered by the object and sent to the target node, the transaction request including a target account address of the object.
When the object needs to execute the transaction, a corresponding transaction can be input at the client, the client generates a transaction request according to the input transaction, and then the transaction request is sent to the target node, wherein the transaction request also contains the target account address of the object. And may also include amounts, transfer-to account addresses, etc.
It should be noted that, the target node is the current node in the corresponding embodiment of the transaction processing method.
In step 920, the verification information generated by the target node according to the transaction request and returned by the communication address associated with the target account address is received, and the verification information is encrypted according to the node public key of the target node to generate encrypted verification information.
After receiving the transaction request, the target node generates verification information according to the transaction request and returns the verification information through the communication address associated with the target account address. The returned node public key of the target node can be also included.
The client may encrypt the authentication information according to the node public key of the target node to generate encrypted authentication information. The encrypted verification information can be decrypted only through the node private key of the target node, so that the verification information is prevented from being stolen, and the security of the verification information can be ensured.
In step 930, transaction-related data is generated based on the target account address and the transaction, and a transaction signature is generated by encrypting the transaction-related data with the object private key of the object.
The client may generate transaction-related data from the target account address and the transaction, such as transaction-related data including the target account address, the transfer-in account address, the amount, the random number, the object public key, and the like. The client may encrypt the transaction-associated data by an object private key of the object to generate a transaction signature. For example, a hash value corresponding to the transaction-related data is calculated, and then the hash value is encrypted by the object private key, thereby generating the object signature.
The transaction signature is used to verify the integrity of the transaction-associated data.
In step 940, the transaction association data, the transaction signature, and the encryption validation information are encrypted according to the object private key to generate an object signature.
The client may then encrypt the transaction-related data, the transaction signature, and the encrypted verification information according to the object private key to generate an object signature. For example, a hash value corresponding to the transaction-related data, the transaction signature, and the encryption verification information is calculated, and then the hash value is encrypted by the object private key, thereby generating the object signature.
The object signature is used to verify the integrity of the transaction-associated data, the transaction signature, and the encrypted verification information.
In step 950, a transaction data structure is generated from the transaction association data, the transaction signature, the encrypted validation information, and the object signature, and the transaction data structure is sent to the target node.
That is, the transaction data structure includes transaction-related data, a transaction signature, encryption verification information, and an object signature, and then the transaction data structure is transmitted to the target node. The subsequent target node may implement verification of the transaction data structure.
In some embodiments, after the target node verifies the transaction data structure, the transaction corresponding to the transaction data structure may be executed, and then the execution result is returned to the client.
As can be seen from steps 910 to 950, by setting the transaction signature and the object signature to the transaction data structure and encrypting the verification information, the transaction data structure can be prevented from being intercepted and tampered, and the security of the transaction data structure is ensured, thereby ensuring the security of the subsequent transaction processing.
Referring to fig. 19 together, fig. 19 is another flow chart of the transaction request method according to the embodiment of the application.
Before generating a transaction request according to the transaction input by the object and sending the transaction request to the target node, the registration of the target account address and the communication address of the object is required to be realized before the transaction request comprises the target account address of the object.
Before generating the transaction request according to the transaction input by the object and sending the transaction request to the target node, the method further comprises the following steps:
Step 1010, generating registration association data, and encrypting the registration association data according to an object private key of the object to generate a registration transaction signature;
Step 1020, encrypting the communication address of the object according to the node public key of the target node to obtain an encrypted communication address;
Step 1030, encrypting the registration association data, the registration transaction signature and the encrypted communication address according to the object private key to generate a registration object signature;
Step 1040, generating a registration data structure according to the registration association data, the registration transaction signature, the encrypted communication address and the registration object signature;
step 1050, send the registration data structure to the destination node to request registration of the corresponding destination account address and communication address in the registration data structure.
Steps 1010 to 1050 will be described in detail below.
In step 1010, registration association data is generated and encrypted according to an object private key of the object to generate a registration transaction signature.
The object inputs a target account address and a communication address of the object at the client, the client can generate registration association data according to the target account address, and the registration association data is encrypted according to an object private key of the object to generate a registration transaction signature. For example, a hash value corresponding to the registration association data is calculated, and then the hash value is encrypted by the object private key, so as to generate a registration transaction signature.
The registration transaction signature is used to verify the integrity of the registration association data.
In step 1020, an encrypted communication address is obtained based on the communication address of the object encrypted by the node public key of the target node.
The communication address is encrypted by the node public key, and the obtained encrypted communication address can be read only by decrypting the node private key of the target node, so that the communication address is prevented from being read by other devices.
In step 1030, the registration association data, the registration transaction signature, and the encrypted communication address are encrypted according to the object private key to generate a registration object signature.
For example, a hash value corresponding to registration association data, a registration transaction signature and an encrypted communication address may be calculated, and then the hash value is encrypted by an object private key, thereby generating a registration object signature.
The registration object signature is used to verify the integrity of registration association data, registration transaction signature, encrypted address of communication.
In step 1040, a registration data structure is generated from the registration association data, the registration transaction signature, the encrypted communication address, and the registration object signature.
The registration data structure comprises registration association data, registration transaction signatures, encrypted communication addresses and registration object signatures. By registering the data structure, these data can be sent to the target node at once.
In step 1050, the registration data structure is sent to the destination node to request registration of the corresponding destination account address and communication address in the registration data structure.
The client sends the registration data structure to the destination node to request registration of the corresponding destination account address and communication address in the registration data structure. And the target node verifies the registration data structure, and after the verification is passed, the target node stores the target account address and the communication address of the object and returns a registration result to the client.
As can be seen from steps 1010 to 1050, by setting the registration transaction signature and the registration object signature to the registration data structure, and encrypting the communication address, the security of the registration data structure is ensured, thereby ensuring the security of the subsequent registration process.
The embodiment of the application provides descriptions about virtual devices and hardware.
Referring to fig. 20, fig. 20 is a schematic structural diagram of a transaction processing device according to an embodiment of the present application. Where nouns have the same meaning as in the transaction method described above, specific implementation details may be referred to in the description of the method embodiments.
In the present embodiment, the term "module" or "unit" refers to a computer program or a part of a computer program having a predetermined function and working together with other relevant parts to achieve a predetermined object, and may be implemented in whole or in part by using software, hardware (such as a processing circuit or a memory), or a combination thereof. Also, a processor (or multiple processors or memories) may be used to implement one or more modules or units. Furthermore, each module or unit may be part of an overall module or unit that incorporates the functionality of the module or unit.
As shown in fig. 20, the transaction processing apparatus 2000 includes:
the first receiving module 2010 is configured to receive a transaction request sent by a client, and return generated verification information according to a communication address corresponding to the transaction request;
A second receiving module 2020, configured to receive a transaction data structure generated by the client according to the verification information, where the transaction data structure includes a transaction signature generated by encrypting the transaction-related data, encrypted verification information generated by encrypting the verification information, and an object signature generated by encrypting the transaction-related data, the transaction signature, and the encrypted verification information;
a verification module 2030, configured to perform a first verification of a digital signature on the transaction data structure according to the object signature and the transaction signature, and perform a second verification of verification information on the transaction data structure according to the encrypted verification information, to obtain a target verification result;
The broadcasting module 2040 is configured to broadcast the transaction data structure to other nodes of the same blockchain for broadcast verification when the target verification result indicates that the target verification result passes, so as to obtain a broadcast verification result;
an execution module 2050 is configured to execute a corresponding transaction in the transaction data structure when the broadcast verification result indicates a pass.
In some implementations, the transaction data structure is comprised of a sub-transaction data structure and an object signature, the sub-transaction data structure including transaction-related data, the transaction signature, and encryption validation information, the validation module 2030 further comprising:
The first determining submodule is used for determining an object public key corresponding to the transaction data structure;
The first verification sub-module is used for verifying the object signature according to the object public key to obtain a first target verification result, and the first target verification result is used for verifying the integrity of the sub-transaction data structure;
the second verification sub-module is used for verifying the transaction signature according to the object public key to obtain a second target verification result, and the second target verification result is used for verifying the integrity of the transaction associated data;
the first decryption sub-module is used for decrypting the encrypted verification information to obtain decryption verification information when the first target verification result and the second target verification result indicate that the first target verification result and the second target verification result pass;
And the third verification sub-module is used for verifying the decryption verification information according to the verification information to obtain a target verification result.
In some embodiments, the first decryption sub-module is further configured to:
when the first target verification result and the second target verification result both indicate that the first target verification result and the second target verification result pass, determining a node private key corresponding to the current node;
and decrypting the encrypted verification information according to the node private key to obtain decrypted verification information, wherein the encrypted verification information is generated by the client according to the node public key of the current node.
In some implementations, the broadcast module 2040 further includes:
the first signature sub-module is used for encrypting the sub-transaction data structure according to the node private key of the current node to generate a node signature;
the first generation sub-module is used for replacing the node signature with the object signature in the transaction data structure to obtain a target transaction data structure;
And the first broadcasting sub-module is used for broadcasting the target transaction data structure to other nodes of the same block chain for broadcasting verification, and obtaining a broadcasting verification result.
In some embodiments, the first broadcast sub-module is further configured to:
Broadcasting the target transaction data structure to other nodes of the same blockchain, so that the other nodes determine node signatures, transaction signatures, object public keys and node public keys corresponding to the target transaction data structure, verify the node signatures according to the node public keys to obtain a third target verification result, verify the transaction signatures according to the object public keys to obtain a fourth target verification result, and obtain a broadcast verification result based on the third target verification result and the fourth target verification result;
The third target verification result is used for verifying the authenticity of the node corresponding to the target transaction data structure, and the fourth target verification result is used for verifying the integrity of the transaction-associated data.
In some embodiments, before broadcasting the transaction data structure to other nodes of the same blockchain for broadcast verification, the broadcasting module 2040 is further configured to:
acquiring the duration time calculated from the generation of verification information;
and when the duration does not exceed the preset duration, broadcasting the transaction data structure to other nodes of the same block chain for broadcast verification, and obtaining a broadcast verification result.
In some embodiments, the first receiving module 2010 is further configured to:
generating verification information according to the transaction request, and determining a target account address carried in the transaction request;
And inquiring a communication address associated with the target account address in an account book of the blockchain, and returning verification information through the communication address.
In some embodiments, the transaction device further comprises a third receiving module, a first authentication module, a second authentication module, and a registration module, wherein:
The third receiving module is used for receiving the transaction request sent by the client, receiving a registration data structure sent by the client before returning the generated verification information according to the communication address corresponding to the transaction request, wherein the registration data structure comprises a registration transaction signature generated by encrypting the registration association data, an encrypted communication address generated by encrypting the communication address, and a registration object signature generated by encrypting the registration association data, the registration transaction signature and the encrypted communication address;
The first verification module is used for verifying the digital signature of the registration data structure according to the registration object signature and the registration transaction signature, and verifying the communication address of the registration data structure according to the encrypted communication address to obtain a registration verification result;
The second verification module is used for broadcasting the registration data structure to other nodes for registration verification when the registration verification result indicates that the registration verification result passes, so as to obtain a target registration verification result;
and the registration module is used for realizing the registration of the corresponding target account address and communication address in the registration data structure when the target registration verification result indicates that the target account address and communication address pass.
In some embodiments, the first authentication module is further to:
before verifying the digital signature of the registration data structure according to the registration object signature and the registration transaction signature and verifying the communication address of the registration data structure according to the encrypted communication address to obtain a registration verification result, determining a target field in registration associated data, wherein the target field at least comprises a field corresponding to the account address;
and determining whether the target field is empty, and when the target field is empty, verifying the digital signature of the registration data structure according to the registration object signature and the registration transaction signature, and verifying the communication address of the registration data structure according to the encrypted communication address to obtain a registration verification result.
In some embodiments, the registration data structure is comprised of a sub-registration data structure and a registration object signature, the sub-registration data structure including registration association data, a registration transaction signature, and an encrypted communication address, the first authentication module further comprising:
The second determining submodule is used for determining an object public key corresponding to the registration data structure;
The first registration verification sub-module is used for verifying the registration object signature according to the object public key to obtain a first registration verification result, and the first registration verification result is used for verifying the integrity of the sub-registration data structure;
the second registration verification sub-module verifies the registration transaction signature according to the object public key to obtain a second registration verification result, and the second registration verification result is used for verifying the integrity of registration associated data;
The second decryption sub-module is used for decrypting the encrypted communication address through the node private key of the current node when the first registration verification result and the second registration verification result indicate that the first registration verification result and the second registration verification result pass, and obtaining a decrypted communication address;
and the third registration verification sub-module is used for carrying out authenticity verification on the decrypted communication address to obtain a registration verification result.
In some embodiments, the second authentication module further comprises:
the second signature sub-module is used for encrypting the sub-registration data structure according to the node private key of the current node to generate a registration node signature;
The second generation sub-module is used for replacing the registration object signature in the registration data structure with the registration node signature to obtain a target registration data structure;
And the second broadcasting sub-module is used for broadcasting the target registration data structure to other nodes for registration verification to obtain a target registration verification result.
In some embodiments, the registration module is further to:
The object public key, the encrypted communication address and the character strings corresponding to the node public key of the current node are spliced in sequence to obtain an associated address corresponding to the target account address;
and writing the associated address into an account book corresponding to the blockchain.
The embodiment of the application comprises the steps of receiving a transaction request sent by a client and returning generated verification information according to a communication address corresponding to the transaction request, receiving a transaction data structure generated by the client according to the verification information, wherein the transaction data structure comprises a transaction signature generated by encrypting transaction associated data, encrypted verification information generated by encrypting the verification information, and an object signature generated by encrypting the transaction associated data, the transaction signature and the encrypted verification information, performing first verification of a digital signature on the transaction data structure according to the object signature and the transaction signature, and performing second verification of the verification information on the transaction data structure according to the encrypted verification information, so as to obtain a target verification result, broadcasting the transaction data structure to other nodes of the same blockchain for broadcast verification when the target verification result indicates that the target verification result passes, and executing corresponding transactions in the transaction data structure when the broadcast verification result indicates that the target verification result passes. In the embodiment of the application, the current node can return generated verification information according to the communication address corresponding to the transaction request, then receive the transaction data structure returned by the client according to the verification information, carry out digital signature verification on the transaction data structure through the object signature and the transaction signature in the transaction data structure, carry out verification information verification on the encrypted verification information in the transaction data structure after the digital signature verification is passed, confirm that the transaction data structure is generated by the operation of the object itself after the verification information is passed, and finally execute the transaction corresponding to the transaction data structure, thereby ensuring that the transaction data structure is authorized and complete by the object legal through the double verification of the digital signature verification and the verification information verification, and further ensuring the security in the transaction processing process.
Referring to fig. 21, fig. 21 is a schematic structural diagram of a transaction request device according to an embodiment of the application.
The transaction request device 3000 includes:
the sending module 3010 is configured to generate a transaction request according to a transaction input by the object, and send the transaction request to the target node, where the transaction request includes a target account address of the object;
the encryption module 3020 is configured to receive verification information generated by the target node according to the transaction request and returned by the communication address associated with the target account address, and encrypt the verification information according to the node public key of the target node to generate encrypted verification information;
the first signature module 3030 is configured to generate transaction related data based on the target account address and the transaction, and encrypt the transaction related data by using an object private key of the object to generate a transaction signature;
The second signature module 3040 is configured to encrypt the transaction association data, the transaction signature and the encryption verification information according to the object private key to generate an object signature;
the generating module 3050 is configured to generate a transaction data structure according to the transaction association data, the transaction signature, the encryption verification information, and the object signature, and send the transaction data structure to the target node.
In some embodiments, the transaction request device further comprises a registration request module for:
Generating a transaction request according to the transaction input by the object, generating registration associated data before the transaction request is sent to the target node, and encrypting the registration associated data according to the object private key of the object to generate a registration transaction signature;
Encrypting the communication address of the object according to the node public key of the target node to obtain an encrypted communication address;
Encrypting the registration association data, the registration transaction signature and the encrypted communication address according to the object private key to generate a registration object signature;
Generating a registration data structure according to the registration association data, the registration transaction signature, the encrypted communication address and the registration object signature;
The registration data structure is sent to the destination node to request registration of the corresponding destination account address and communication address in the registration data structure.
The embodiment of the application also provides a server, as shown in fig. 22, which shows a schematic structural diagram of the server according to the embodiment of the application, specifically:
The server may include one or more processing cores 'processors 4010, one or more computer-readable storage media's memory 4020, a power supply 4030, and an input unit 4040, among other components. Those skilled in the art will appreciate that the server structure shown in fig. 22 is not limiting of the server and may include more or fewer components than shown, or may combine certain components, or a different arrangement of components.
Wherein:
The processor 4010 is a control center of the server, connects respective portions of the entire server using various interfaces and lines, and performs various functions of the server and processes data by running or executing software programs and/or modules stored in the memory 4020, and calling data stored in the memory 4020, thereby performing overall control of the server. Optionally, the processor 4010 may comprise one or more processing cores, and preferably the processor 4010 may integrate an application processor and a modem processor, wherein the application processor primarily handles operating systems, user interfaces, application programs, etc., and the modem processor primarily handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 4010.
The memory 4020 may be used to store software programs and modules, and the processor 4010 executes various functional applications and data processing by executing the software programs and modules stored in the memory 4020. The memory 4020 may mainly include a storage program area that may store an operating system, an application program required for at least one function (such as a sound playing function, an image playing function, etc.), and the like, and a storage data area that may store data created according to the use of the server, etc. In addition, the memory 4020 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid-state storage device. Accordingly, the memory 4020 may also include a memory controller to provide the processor 4010 with access to the memory 4020.
The computer device further includes a power supply 4030 for powering the various components, and optionally, the power supply 4030 may be logically coupled to the processor 4010 via a power management system so as to implement functions such as managing charging, discharging, and power consumption via the power management system. The power supply 4030 may also include one or more of any components, such as a dc or ac power supply, a recharging system, a power failure detection circuit, a power converter or inverter, a power status indicator, and the like.
The computer device may also include an input unit 4040, which input unit 4040 may be used to receive input numeric or character information and to generate keyboard, mouse, joystick, optical or trackball signal inputs related to user settings and function control.
Although not shown, the computer device may further include a display unit or the like, which is not described herein. In particular, in this embodiment, the processor 4010 in the computer device loads executable files corresponding to the processes of one or more application programs into the memory 4020 according to the following instructions, and the processor 4010 executes the application programs stored in the memory 4020, so as to implement the various method steps provided in the foregoing embodiment, as follows:
receiving a transaction request sent by a client, and returning generated verification information according to a communication address corresponding to the transaction request;
Receiving a transaction data structure generated by a client according to verification information, wherein the transaction data structure comprises a transaction signature generated by encrypting transaction-related data, encrypted verification information generated by encrypting the verification information, and an object signature generated by encrypting the transaction-related data, the transaction signature and the encrypted verification information;
Performing first verification of digital signature on the transaction data structure according to the object signature and the transaction signature, and performing second verification of verification information on the transaction data structure according to the encryption verification information to obtain a target verification result;
when the target verification result indicates that the target verification result passes, broadcasting the transaction data structure to other nodes of the same block chain for broadcast verification, and obtaining a broadcast verification result;
When the broadcast validation result indicates pass, a corresponding transaction in the transaction data structure is executed.
In the foregoing embodiments, the descriptions of the embodiments are focused on, and the portions of an embodiment that are not described in detail in the foregoing embodiments may be referred to in the foregoing detailed description of the transaction processing method, which is not repeated herein.
The embodiment of the application also provides a computer device, which may be a terminal, as shown in fig. 23, which shows a schematic structural diagram of the terminal according to the embodiment of the application, specifically:
the computer device can include Radio Frequency (RF) circuitry 5010, memory 5020 comprising one or more computer readable storage media, input unit 5030, display unit 5040, sensor 5050, audio circuitry 5060, wireless fidelity (WiFi, wireless Fidelity) module 5070, processor 5080 comprising one or more processing cores, and power supply 5090. It will be appreciated by those skilled in the art that the terminal structure shown in fig. 23 is not limiting of the terminal and may include more or fewer components than shown, or may combine certain components, or a different arrangement of components. Wherein:
The RF circuit 5010 can be used for receiving and transmitting signals during the transmission and reception of information or communication, in particular, after receiving downlink information from a base station, it can be processed by one or more processors 5080, and in addition, it can transmit data related to uplink to the base station. In general, RF circuitry 5010 includes, but is not limited to, antennas, at least one amplifier, a tuner, one or more oscillators, a subscriber identity module (SIM, subscriber Identity Module) card, a transceiver, a coupler, a low noise amplifier (LNA, low Noise Amplifier), a duplexer, and the like. In addition, the RF circuit 5010 can also communicate with networks and other devices through wireless communication. The wireless communication may use any communication standard or protocol including, but not limited to, global system for mobile communications (GSM, global System of Mobile communication), universal packet Radio Service (GPRS, general Packet Radio Service), code division multiple access (CDMA, code Division Multiple Access), wideband code division multiple access (WCDMA, wideband Code Division Multiple Access), long term evolution (LTE, long Term Evolution), email, short message Service (SMS, short MESSAGING SERVICE), and the like.
Memory 5020 may be used to store software programs and modules that are stored in memory 5020 for execution by processor 5080 to perform various functional applications and information retrieval. The memory 5020 may mainly include a storage program area which may store an operating system, an application program required for at least one function (such as a sound playing function, an image playing function, etc.), etc., and a storage data area which may store data created according to the use of the terminal (such as audio data, a phonebook, etc.), etc. In addition, the memory 5020 can include high-speed random access memory and can also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid-state storage device. Accordingly, the memory 5020 can also include a memory controller to provide access to the memory 5020 by the processor 5080 and the input unit 5030.
The input unit 5030 may be used to receive input numeric or character information and to generate keyboard, mouse, joystick, optical or trackball signal inputs related to object settings and function control. In particular, in one particular embodiment, the input unit 5030 may include a touch-sensitive surface, as well as other input devices. The touch-sensitive surface, also referred to as a touch display screen or a touch pad, may collect touch operations on or near the object (such as operations of the object on or near the touch-sensitive surface using any suitable object or accessory such as a finger, a stylus, etc.), and actuate the corresponding connection means according to a pre-set program. Alternatively, the touch-sensitive surface may comprise two parts, a touch detection device and a touch controller. The touch controller receives touch information from the touch detection device, converts the touch information into touch point coordinates, sends the touch point coordinates to the processor 5080, and can receive and execute commands sent by the processor 5080. In addition, touch sensitive surfaces may be implemented in a variety of types, such as resistive, capacitive, infrared, and surface acoustic waves. In addition to the touch-sensitive surface, the input unit 5030 may also include other input devices. In particular, other input devices may include, but are not limited to, one or more of a physical keyboard, function keys (such as volume control keys, switch keys, etc.), a trackball, mouse, joystick, etc.
The display unit 5040 may be used to display information input by an object or information provided to the object and various graphic object interfaces of the terminal, which may be composed of graphics, text, icons, video, and any combination thereof. The display unit 5040 may include a display panel, which may be optionally configured in the form of a Liquid Crystal Display (LCD), an Organic Light-Emitting Diode (OLED), or the like. Further, the touch-sensitive surface may overlay a display panel, upon detection of a touch operation thereon or thereabout by the touch-sensitive surface, being communicated to the processor 5080 to determine a type of touch event, and the processor 5080 then provides a corresponding visual output at the display panel based on the type of touch event. Although in fig. 23 the touch sensitive surface and the display panel are implemented as two separate components for input and output functions, in some embodiments the touch sensitive surface may be integrated with the display panel to implement the input and output functions.
The terminal may also include at least one sensor 5050, such as a light sensor, a motion sensor, and other sensors. Specifically, the light sensor may include an ambient light sensor that may adjust the brightness of the display panel according to the brightness of ambient light, and a proximity sensor that may turn off the display panel and/or backlight when the terminal moves to the ear. The gravity acceleration sensor can detect the acceleration in all directions (generally three axes), can detect the gravity and the direction when the mobile phone is stationary, can be used for identifying the gesture of the mobile phone (such as horizontal and vertical screen switching, related games, magnetometer gesture calibration), vibration identification related functions (such as pedometer and knocking), and other sensors such as a gyroscope, a barometer, a hygrometer, a thermometer, an infrared sensor and the like which are also configured by the terminal are not repeated herein.
Audio circuitry 5060, a speaker, and a microphone may provide an audio interface between the subject and the terminal. The audio circuit 5060 may convert the received audio data into an electrical signal, transmit the electrical signal to a speaker, and convert the electrical signal to a sound signal for output by the speaker, and on the other hand, the microphone converts the collected sound signal into an electrical signal, receives the electrical signal from the audio circuit 5060, converts the electrical signal into audio data, processes the audio data with the audio data output processor 5080, sends the audio data to another terminal, for example, via the RF circuit 5010, or outputs the audio data to the memory 5020 for further processing. Audio circuitry 5060 may also include an ear bud jack to provide communication between the peripheral ear bud and the terminal.
WiFi belongs to a short-distance wireless transmission technology, and a terminal can help an object to send and receive e-mails, browse webpages, access streaming media and the like through a WiFi module 5070, so that wireless broadband Internet access is provided for the object. Although fig. 23 shows a WiFi module 5070, it is understood that it does not belong to the essential constitution of the terminal, and can be omitted entirely as required within the scope of not changing the essence of the invention.
The processor 5080 is a control center of the terminal, connects various parts of the entire mobile phone using various interfaces and lines, and performs various functions of the terminal and processes data by running or executing software programs and/or modules stored in the memory 5020 and calling data stored in the memory 5020, thereby performing overall monitoring of the mobile phone. Optionally, the processor 5080 may include one or more processing cores, and preferably the processor 5080 may integrate an application processor and a modem processor, wherein the application processor primarily processes operating systems, object interfaces, application programs, etc., and the modem processor primarily processes wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 5080.
The terminal also includes a power supply 5090 (e.g., a battery) for powering the various components, which may be logically connected to the processor 5080 via a power management system so as to provide for the management of charge, discharge, and power consumption by the power management system. The power supply 5090 may also include one or more of any components, such as a direct current or alternating current power supply, a recharging system, a power failure detection circuit, a power converter or inverter, a power status indicator, and the like.
Although not shown, the terminal may further include a camera, a bluetooth module, etc., which will not be described herein. In this embodiment, the processor 5080 in the terminal loads executable files corresponding to the processes of one or more application programs into the memory 5020 according to the following instructions, and the processor 5080 runs the application programs stored in the memory 5020, so as to implement various functions:
receiving a transaction request sent by a client, and returning generated verification information according to a communication address corresponding to the transaction request;
Receiving a transaction data structure generated by a client according to verification information, wherein the transaction data structure comprises a transaction signature generated by encrypting transaction-related data, encrypted verification information generated by encrypting the verification information, and an object signature generated by encrypting the transaction-related data, the transaction signature and the encrypted verification information;
Performing first verification of digital signature on the transaction data structure according to the object signature and the transaction signature, and performing second verification of verification information on the transaction data structure according to the encryption verification information to obtain a target verification result;
when the target verification result indicates that the target verification result passes, broadcasting the transaction data structure to other nodes of the same block chain for broadcast verification, and obtaining a broadcast verification result;
When the broadcast validation result indicates pass, a corresponding transaction in the transaction data structure is executed.
In the foregoing embodiments, the descriptions of the embodiments are focused on, and the portions of an embodiment that are not described in detail in the foregoing embodiments may be referred to in the foregoing detailed description of the transaction processing method, which is not repeated herein.
According to the embodiment of the application, the transaction request sent by the client is received, the generated verification information is returned according to the communication address corresponding to the transaction request, the transaction data structure generated by the client according to the verification information is received, the transaction data structure comprises a transaction signature generated by encrypting transaction related data according to the verification information, encrypted verification information generated by encrypting the transaction related data according to the verification information, and an object signature generated by encrypting the transaction related data, the transaction signature and the encrypted verification information, the first verification of the digital signature is carried out on the transaction data structure according to the object signature and the transaction signature, the second verification of the verification information is carried out on the transaction data structure according to the encrypted verification information, a target verification result is obtained, when the target verification result indicates that the target verification result passes, the transaction data structure is broadcasted to other nodes of the same block chain for broadcast verification, and when the broadcast verification result indicates that the target verification result passes, the corresponding transaction in the transaction data structure is executed. In the embodiment of the application, the current node can return generated verification information according to the communication address corresponding to the transaction request, then receive the transaction data structure returned by the client according to the verification information, carry out digital signature verification on the transaction data structure through the object signature and the transaction signature in the transaction data structure, carry out verification information verification on the encrypted verification information in the transaction data structure after the digital signature verification is passed, confirm that the transaction data structure is generated by the operation of the object itself after the verification information is passed, and finally execute the transaction corresponding to the transaction data structure, thereby ensuring that the transaction data structure is authorized and complete by the object legal through the double verification of the digital signature verification and the verification information verification, and further ensuring the security in the transaction processing process.
In this embodiment, the processor 5080 in the terminal loads executable files corresponding to the processes of one or more application programs into the memory 5020 according to the following instructions, and the processor 5080 executes the application programs stored in the memory 5020, so as to implement various functions:
generating a transaction request according to the transaction input by the object, and sending the transaction request to the target node, wherein the transaction request comprises a target account address of the object;
receiving verification information which is generated by the target node according to the transaction request and returned by the communication address associated with the target account address, and encrypting the verification information according to the node public key of the target node to generate encrypted verification information;
Generating transaction-related data based on the target account address and the transaction, and encrypting the transaction-related data through an object private key of the object to generate a transaction signature;
Encrypting the transaction associated data, the transaction signature and the encryption verification information according to the object private key to generate an object signature;
generating a transaction data structure according to the transaction association data, the transaction signature, the encryption verification information and the object signature, and transmitting the transaction data structure to the target node.
In the foregoing embodiments, the descriptions of the embodiments are focused on, and the portions of an embodiment that are not described in detail in the foregoing embodiments may be referred to the detailed description of the transaction request method, which is not repeated herein.
Those of ordinary skill in the art will appreciate that all or a portion of the steps of the various methods of the above embodiments may be performed by instructions, or by instructions controlling associated hardware, which may be stored in a computer-readable storage medium and loaded and executed by a processor.
To this end, embodiments of the present application provide a computer readable storage medium having stored therein a plurality of instructions capable of being loaded by a processor to perform the steps of any of the transaction methods provided by the embodiments of the present application. For example, the instructions may perform the steps of:
receiving a transaction request sent by a client, and returning generated verification information according to a communication address corresponding to the transaction request;
Receiving a transaction data structure generated by a client according to verification information, wherein the transaction data structure comprises a transaction signature generated by encrypting transaction-related data, encrypted verification information generated by encrypting the verification information, and an object signature generated by encrypting the transaction-related data, the transaction signature and the encrypted verification information;
Performing first verification of digital signature on the transaction data structure according to the object signature and the transaction signature, and performing second verification of verification information on the transaction data structure according to the encryption verification information to obtain a target verification result;
when the target verification result indicates that the target verification result passes, broadcasting the transaction data structure to other nodes of the same block chain for broadcast verification, and obtaining a broadcast verification result;
When the broadcast validation result indicates pass, a corresponding transaction in the transaction data structure is executed.
In the foregoing embodiments, the descriptions of the embodiments are focused on, and the portions of an embodiment that are not described in detail in the foregoing embodiments may be referred to in the foregoing detailed description of the transaction processing method, which is not repeated herein.
Embodiments of the present application provide a computer readable storage medium having stored therein a plurality of instructions capable of being loaded by a processor to perform steps in any of the transaction request methods provided by embodiments of the present application. For example, the instructions may perform the steps of:
generating a transaction request according to the transaction input by the object, and sending the transaction request to the target node, wherein the transaction request comprises a target account address of the object;
receiving verification information which is generated by the target node according to the transaction request and returned by the communication address associated with the target account address, and encrypting the verification information according to the node public key of the target node to generate encrypted verification information;
Generating transaction-related data based on the target account address and the transaction, and encrypting the transaction-related data through an object private key of the object to generate a transaction signature;
Encrypting the transaction associated data, the transaction signature and the encryption verification information according to the object private key to generate an object signature;
generating a transaction data structure according to the transaction association data, the transaction signature, the encryption verification information and the object signature, and transmitting the transaction data structure to the target node.
In the foregoing embodiments, the descriptions of the embodiments are focused on, and the portions of an embodiment that are not described in detail in the foregoing embodiments may be referred to the detailed description of the transaction request method, which is not repeated herein.
Embodiments of the present application also provide a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions, so that the computer device performs the transaction processing method or the transaction request method provided in the various alternative implementations provided in the above embodiments.
The specific implementation of each operation above may be referred to the previous embodiments, and will not be described herein.
The computer readable storage medium may include, among others, read Only Memory (ROM), random access Memory (RAM, random Access Memory), magnetic or optical disks, and the like.
Because the instructions stored in the computer readable storage medium may execute steps in any transaction processing method and steps in the transaction request method provided by the embodiments of the present application, the beneficial effects that any transaction processing method and transaction request method provided by the embodiments of the present application can be achieved are detailed in the previous embodiments and will not be described herein.
While the foregoing describes the principles and embodiments of the present application with specific examples, the foregoing examples are provided to facilitate understanding of the principles and embodiments of the present application, and are not to be construed as limiting the application to any particular extent by those skilled in the art, in light of the present teachings, but are instead provided to facilitate understanding of the principles and embodiments of the present application.
Claims (19)
1. A method of transaction processing, comprising:
Receiving a transaction request sent by a client, and returning generated verification information according to a communication address corresponding to the transaction request;
receiving a transaction data structure generated by the client according to the verification information, wherein the transaction data structure comprises a transaction signature generated by encrypting transaction associated data, encrypted verification information generated by encrypting the verification information, and an object signature generated by encrypting the transaction associated data, the transaction signature and the encrypted verification information;
Performing first verification of a digital signature on the transaction data structure according to the object signature and the transaction signature, and performing second verification of verification information on the transaction data structure according to the encryption verification information to obtain a target verification result;
When the target verification result indicates that the target verification result passes, broadcasting the transaction data structure to other nodes of the same block chain for broadcast verification, and obtaining a broadcast verification result;
And when the broadcast verification result indicates that the transaction is passed, executing the corresponding transaction in the transaction data structure.
2. The transaction processing method of claim 1, wherein the transaction data structure is comprised of a sub-transaction data structure and the object signature, the sub-transaction data structure including the transaction-related data, the transaction signature, and the encryption validation information;
The first verification of the digital signature on the transaction data structure according to the object signature and the transaction signature, and the second verification of the verification information on the transaction data structure according to the encryption verification information, to obtain a target verification result, include:
determining an object public key corresponding to the transaction data structure;
Verifying the object signature according to the object public key to obtain a first target verification result, wherein the first target verification result is used for verifying the integrity of the sub-transaction data structure;
verifying the transaction signature according to the object public key to obtain a second target verification result, wherein the second target verification result is used for verifying the integrity of the transaction-related data;
When the first target verification result and the second target verification result indicate that the first target verification result and the second target verification result pass, decrypting the encrypted verification information to obtain decryption verification information;
And verifying the decryption verification information according to the verification information to obtain a target verification result.
3. The transaction method according to claim 2, wherein decrypting the encrypted authentication information to obtain decrypted authentication information includes:
Determining a node private key corresponding to the current node;
and decrypting the encrypted verification information according to the node private key to obtain decrypted verification information, wherein the encrypted verification information is generated by the client according to the node public key of the current node.
4. The transaction processing method according to claim 2, wherein broadcasting the transaction data structure to other nodes of the same blockchain for broadcast verification, to obtain a broadcast verification result, includes:
Encrypting the sub-transaction data structure according to the node private key of the current node to generate a node signature;
Replacing the node signature with the object signature in the transaction data structure to obtain a target transaction data structure;
broadcasting the target transaction data structure to other nodes of the same block chain for broadcast verification, and obtaining a broadcast verification result.
5. The transaction processing method of claim 4, wherein broadcasting the target transaction data structure to other nodes of the same blockchain for broadcast verification, to obtain a broadcast verification result, comprises:
Broadcasting the target transaction data structure to other nodes of the same blockchain, so that other nodes determine node signatures, transaction signatures, object public keys and node public keys corresponding to the target transaction data structure, verify the node signatures according to the node public keys to obtain a third target verification result, verify the transaction signatures according to the object public keys to obtain a fourth target verification result, and obtain a broadcast verification result based on the third target verification result and the fourth target verification result;
The third target verification result is used for verifying the authenticity of the node corresponding to the target transaction data structure, and the fourth target verification result is used for verifying the integrity of the transaction-related data.
6. The transaction processing method of claim 1, further comprising, prior to broadcasting the transaction data structure to other nodes of the same blockchain for broadcast verification,:
Acquiring the duration time calculated from the generation of the verification information;
Broadcasting the transaction data structure to other nodes of the same block chain for broadcast verification, and obtaining a broadcast verification result, wherein the method comprises the following steps:
And broadcasting the transaction data structure to other nodes of the same block chain for broadcast verification when the duration does not exceed the preset duration, and obtaining a broadcast verification result.
7. The transaction processing method according to claim 1, wherein the returning the generated authentication information according to the communication address corresponding to the transaction request includes:
Generating verification information according to the transaction request, and determining a target account address carried in the transaction request;
and inquiring a communication address associated with the target account address in an account book of the blockchain, and returning verification information through the communication address.
8. The method according to claim 1, further comprising, before the receiving the transaction request sent by the client and returning the generated verification information according to the communication address corresponding to the transaction request:
Receiving a registration data structure sent by the client, wherein the registration data structure comprises a registration transaction signature generated by encryption according to registration association data, an encrypted communication address generated by encryption according to a communication address, and a registration object signature generated by encryption according to the registration association data, the registration transaction signature and the encrypted communication address;
Verifying the digital signature of the registration data structure according to the registration object signature and the registration transaction signature, and verifying the communication address of the registration data structure according to the encrypted communication address to obtain a registration verification result;
when the registration verification result indicates that the registration verification result passes, broadcasting the registration data structure to the other nodes for registration verification to obtain a target registration verification result;
and when the target registration verification result indicates that the target registration verification result passes, the registration of the corresponding target account address and communication address in the registration data structure is realized.
9. The transaction method according to claim 8, further comprising, before the verifying the digital signature of the registration data structure based on the registration object signature and the registration transaction signature and the verifying the communication address of the registration data structure based on the encrypted communication address, obtaining a registration verification result:
determining a target field in the registration association data, wherein the target field at least comprises a field corresponding to a transfer account address;
The verifying the digital signature of the registration data structure according to the registration object signature and the registration transaction signature, and the verifying the communication address of the registration data structure according to the encrypted communication address, to obtain a registration verification result, including:
and determining whether the target field is empty, and when the target field is empty, verifying the digital signature of the registration data structure according to the registration object signature and the registration transaction signature, and verifying the communication address of the registration data structure according to the encrypted communication address to obtain a registration verification result.
10. The transaction method according to claim 8, wherein the registration data structure is composed of a sub-registration data structure and a registration object signature, the sub-registration data structure including the registration association data, the registration transaction signature, and the encrypted communication address;
The verifying the digital signature of the registration data structure according to the registration object signature and the registration transaction signature, and the verifying the communication address of the registration data structure according to the encrypted communication address, to obtain a registration verification result, including:
determining an object public key corresponding to the registration data structure;
Verifying the registration object signature according to the object public key to obtain a first registration verification result, wherein the first registration verification result is used for verifying the integrity of the sub-registration data structure;
verifying the registration transaction signature according to the object public key to obtain a second registration verification result, wherein the second registration verification result is used for verifying the integrity of the registration associated data;
when the first registration verification result and the second registration verification result indicate that the first registration verification result and the second registration verification result pass, decrypting the encrypted communication address through a node private key of the current node to obtain a decrypted communication address;
And carrying out authenticity verification on the decrypted communication address to obtain a registration verification result.
11. The transaction method according to claim 10, wherein broadcasting the registration data structure to the other nodes for registration verification, to obtain a target registration verification result, includes:
Encrypting the sub-registration data structure according to the node private key of the current node to generate a registration node signature;
Replacing the registration node signature with the registration object signature in the registration data structure to obtain a target registration data structure;
broadcasting the target registration data structure to the other nodes for registration verification to obtain a target registration verification result.
12. The transaction method according to claim 10, wherein the implementing registration of the corresponding target account address and communication address in the registration data structure includes:
the object public key, the encrypted communication address and the character strings respectively corresponding to the node public key of the current node are spliced in sequence to obtain an associated address corresponding to the target account address;
And writing the associated address into an account book corresponding to the blockchain.
13. A transaction request method, comprising:
Generating a transaction request according to a transaction input by an object, and sending the transaction request to a target node, wherein the transaction request comprises a target account address of the object;
Receiving verification information which is generated by the target node according to the transaction request and returned by the communication address associated with the target account address, and encrypting the verification information according to a node public key of the target node to generate encrypted verification information;
Generating transaction-related data based on the target account address and the transaction, and encrypting the transaction-related data through an object private key of an object to generate a transaction signature;
encrypting the transaction associated data, the transaction signature and the encryption verification information according to the object private key to generate an object signature;
Generating a transaction data structure according to the transaction association data, the transaction signature, the encryption verification information and the object signature, and sending the transaction data structure to the target node.
14. The transaction request method according to claim 13, further comprising, before the generating a transaction request from the transaction input by the object and transmitting the transaction request to the target node:
generating registration association data, and encrypting the registration association data according to an object private key of an object to generate a registration transaction signature;
Obtaining an encrypted communication address according to the communication address of the node public key encryption object of the target node;
encrypting the registration associated data, the registration transaction signature and the encrypted communication address according to an object private key to generate a registration object signature;
Generating a registration data structure according to the registration association data, the registration transaction signature, the encrypted communication address and the registration object signature;
And sending the registration data structure to the target node to request registration of the corresponding target account address and communication address in the registration data structure.
15. A transaction processing device, comprising:
the first receiving module is used for receiving a transaction request sent by a client and returning generated verification information according to a communication address corresponding to the transaction request;
The second receiving module is used for receiving a transaction data structure generated by the client according to the verification information, wherein the transaction data structure comprises a transaction signature generated by encrypting transaction-related data, encrypted verification information generated by encrypting the verification information, and an object signature generated by encrypting the transaction-related data, the transaction signature and the encrypted verification information;
The verification module is used for carrying out first verification of a digital signature on the transaction data structure according to the object signature and the transaction signature, and carrying out second verification of verification information on the transaction data structure according to the encryption verification information, so as to obtain a target verification result;
The broadcasting module is used for broadcasting the transaction data structure to other nodes of the same block chain for broadcasting verification when the target verification result indicates that the target verification result passes, so as to obtain a broadcasting verification result;
and the execution module is used for executing the corresponding transaction in the transaction data structure when the broadcast verification result indicates that the broadcast verification result passes.
16. A transaction request device, comprising:
The sending module is used for generating a transaction request according to the transaction input by the object and sending the transaction request to the target node, wherein the transaction request comprises a target account address of the object;
The encryption module is used for receiving verification information which is generated by the target node according to the transaction request and returned through the communication address associated with the target account address, and encrypting the verification information according to the node public key of the target node to generate encrypted verification information;
the first signature module is used for generating transaction-related data based on the target account address and the transaction, and encrypting the transaction-related data through an object private key of an object to generate a transaction signature;
The second signature module is used for encrypting the transaction associated data, the transaction signature and the encryption verification information according to the object private key to generate an object signature;
And the generation module is used for generating a transaction data structure according to the transaction associated data, the transaction signature, the encryption verification information and the object signature, and sending the transaction data structure to the target node.
17. A computer readable storage medium storing a plurality of instructions adapted to be loaded by a processor to perform the transaction method of any one of claims 1 to 12 or the transaction request method of claims 13 to 14.
18. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the transaction method of any of claims 1 to 12 or the transaction request method of claims 13 to 14 when the computer program is executed.
19. A computer program product comprising a computer program or instructions which, when executed by a processor, implements the transaction method of any of claims 1 to 12 or the transaction request method of claims 13 to 14.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410064390.2A CN120337303A (en) | 2024-01-16 | 2024-01-16 | Transaction processing method and related methods, devices, storage media and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410064390.2A CN120337303A (en) | 2024-01-16 | 2024-01-16 | Transaction processing method and related methods, devices, storage media and equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN120337303A true CN120337303A (en) | 2025-07-18 |
Family
ID=96352010
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410064390.2A Pending CN120337303A (en) | 2024-01-16 | 2024-01-16 | Transaction processing method and related methods, devices, storage media and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN120337303A (en) |
-
2024
- 2024-01-16 CN CN202410064390.2A patent/CN120337303A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112733107B (en) | Information verification method, related device, equipment and storage medium | |
| US11456864B2 (en) | Information storage method, device, and computer-readable storage medium | |
| US11336634B2 (en) | Identity management via a centralized identity management server device | |
| TWI672648B (en) | Business process method and device, data share system, and storage medium | |
| CN111193695B (en) | Encryption method and device for third party account login and storage medium | |
| US10601795B2 (en) | Service processing method and electronic device | |
| CN109600223B (en) | Verification method, activation method, device, equipment and storage medium | |
| CN111737366B (en) | Private data processing method, device, equipment and storage medium of block chain | |
| CN108540433B (en) | User identity verification method and device | |
| US9215064B2 (en) | Distributing keys for decrypting client data | |
| EP2491672A2 (en) | Low-latency peer session establishment | |
| CN115001841A (en) | Identity authentication method, identity authentication device and storage medium | |
| CN107154935B (en) | Service request method and device | |
| US10439809B2 (en) | Method and apparatus for managing application identifier | |
| CN103888429A (en) | Virtual machine starting method, correlation devices and systems | |
| CN113037741A (en) | Authentication method and related device | |
| US20250112784A1 (en) | Signature authentication methods and apparatuses | |
| WO2018108062A1 (en) | Method and device for identity verification, and storage medium | |
| CN120337303A (en) | Transaction processing method and related methods, devices, storage media and equipment | |
| CN115567297A (en) | Cross-site request data processing method and device | |
| CN119814441B (en) | Data processing method, hardware security module, client, storage medium and computer program product | |
| US20250028846A1 (en) | Storing portions of data across multiple machines | |
| CN120833158A (en) | Virtual resource scheduling method, device, storage medium and equipment | |
| HK40041995B (en) | Information verification method, related apparatus, device and storage medium | |
| HK40041995A (en) | Information verification method, related apparatus, device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication |