HK40086064A - A data processing method based on blockchain network and related equipment - Google Patents

Description

A data processing method and related equipment based on a blockchain network

Technical Field

This application relates to the field of computer technology, specifically to the field of artificial intelligence, and in particular to a data processing method based on a blockchain network, a data processing device based on a blockchain network, a data processing equipment based on a blockchain network, a computer-readable storage medium, and a program product.

Background Technology

With the rapid development of computer technology, more and more users or enterprises are choosing to use digital identities to prove their true identity. Digital identities are obtained by digitizing users' identity information (such as user names, behavioral information, etc.), and digital identities can improve the efficiency of identity recognition to a certain extent.

However, practice has revealed that existing methods of circulating and storing digital identities pose a risk of data leakage. For example, when the issuer of a digital identity directly sends the user's digital identity to the holder, the digital identity could be intercepted, potentially leading to the leakage of the user's private information. Therefore, improving data security has become a hot research topic.

Summary of the Invention

This application provides a data processing method and related equipment based on a blockchain network, which can improve data security.

On one hand, embodiments of this application provide a data processing method based on a blockchain network, the method comprising:

Send a first data clearing request to the consensus node of the blockchain network, and receive the declaration data related to the holding node in the blockchain network returned by the consensus node in response to the first data clearing request;

Based on the declared data, identity representation data corresponding to the holding node is generated. The identity representation data is used to indicate the identity of the holding node.

Set the identifier of the first visible node that can access the identity representation data;

The blockchain stores identity representation data and visible node identifiers in the blockchain network.

On the other hand, embodiments of this application provide a data processing method based on a blockchain network, the method comprising:

Receive the first data clearing request sent by the holding node in the blockchain network. The first data clearing request is used to request the clearing of the claim data related to the holding node.

In response to the first data clearing request, the declaration data related to the holding node is cleared and returned to the holding node, so that the holding node can generate identity expression data corresponding to the holding node based on the declaration data. The identity expression data is used to indicate the identity of the holding node and to set the first visible node identifier that can access the identity expression data.

Receive the first storage request sent by the holding node, and in response to the first storage request, store the identity expression data and the first visible node identifier contained in the first storage request to the blockchain of the blockchain network.

On the other hand, embodiments of this application provide a data processing apparatus based on a blockchain network, the apparatus comprising:

The sending unit is used to send a first data clearing request to the consensus node of the blockchain network and to receive the declaration data related to the holding node in the blockchain network returned by the consensus node in response to the first data clearing request.

The processing unit is used to generate identity representation data corresponding to the holding node based on the declaration data. The identity representation data is used to indicate the identity of the holding node.

The processing unit is also used to set the first visible node identifier that can access identity expression data;

The processing unit is also used to store identity representation data and visible node identifiers into the blockchain of the blockchain network.

In one implementation, when the processing unit generates identity representation data corresponding to the holding node based on the declared data, it specifically performs the following functions:

Sign the declared data to generate identity representation data corresponding to the holding node.

In one implementation, the processing unit is further used for:

Send a claim request to the issuing node of the blockchain network, and the issuing node will execute a response process based on the claim request to store the claim data in the blockchain.

In one implementation, the declaration request carries the object identifier corresponding to the holding node and candidate object data; the response processing flow includes:

Based on the declaration application request, the identity verification process of the holding node is performed to obtain the identity verification result;

If the identity verification result is successful, then the declaration data corresponding to the holding node is generated, and the second visible node identifier that can access the declaration data is set.

Store the declared data and the second visible node identifier in the blockchain.

In one implementation, the identity verification process includes:

The issuing node sends an identity query request to the consensus node, and the identity query request carries the object identifier corresponding to the holding node;

Receive reference object data associated with the object identifier returned by the consensus node;

The identity verification result is obtained by comparing the reference object data with the candidate object data.

In one implementation, when the processing unit stores the identity representation data and the identifier of the first visible node into the blockchain, it is specifically used for:

Generate expression transaction data based on identity expression data and the identifier of the first visible node;

The transaction data is sent to the consensus node, which then generates a block based on the transaction data and adds the block to the blockchain.

On the other hand, embodiments of this application provide a data processing apparatus based on a blockchain network, the apparatus comprising:

The receiving unit is used to receive the first data clearing request sent by the holding node in the blockchain network. The first data clearing request is used to request the clearing of the declaration data related to the holding node.

The processing unit is configured to clear the declaration data related to the holding node in response to the first data clearing request, and return the declaration data to the holding node so that the holding node can generate identity expression data corresponding to the holding node based on the declaration data. The identity expression data is used to indicate the identity of the holding node and to set the first visible node identifier that can access the identity expression data.

The processing unit is also configured to receive a first storage request sent by the holding node, and in response to the first storage request, store the identity expression data and the first visible node identifier contained in the first storage request into the blockchain of the blockchain network.

In one implementation, the first data clearing request includes the block height _h1 of the block to be processed that the holding node expects to synchronize, where _h1 is a positive integer; the processing unit, in response to the first data clearing request, clears the declaration data related to the holding node, specifically for:

Get the highest block height _H1 of the blockchain, where _H1 is an integer greater than 1;

Based on the height _h1 of the block to be processed and the height _H1 of the highest block, the blockchain is cleared to obtain the declaration data related to the holding node.

In one implementation, the processing unit is used to perform data clearing processing on the blockchain based on the height _h1 of the block to be processed and the height _H1 of the highest block. Specifically, when obtaining the declaration data related to the holding node, it is used for:

If the height _h1 of the block to be processed satisfies a height condition with the highest block height _H1 , then the block to be processed corresponding to the height _h1 in the blockchain is obtained. The height condition between the height _h1 of the block to be processed and the highest block height _H1 includes: if the consensus node is a light node, then the height _h1 of the block to be processed is less than or equal to the highest block height _H1 ; or, if the consensus node is a full node, then the height _h1 of the block to be processed is less than the highest block height _H1 .

The visibility of the first candidate transaction data contained in the block to be processed is checked to obtain the first visibility check result;

If the first visibility detection result meets the visibility condition, then the first candidate transaction data is determined as the claim data related to the holding node; wherein, the first visibility detection result meeting the visibility condition includes: the holding node can access the first candidate transaction data, and the first candidate transaction data contains claim data;

If the first visibility detection result does not meet the visibility condition, then let the new block height _h1 = _h1 + 1, and obtain the highest block height _H2 of the updated blockchain in the blockchain network, where _H2 is an integer greater than 1. If the new block height _h1 and the block height _H2 meet the height condition, then continue to execute the step of data clearing processing based on the new block height _h1 and the block height _H2 to obtain the declaration data related to the holding node.

In one implementation, the processing unit is also used for:

Receive a second storage request sent by the issuing node in the blockchain network. The second storage request carries the claim data corresponding to the holding node and the identifier of the second visible node that can access the claim data.

In response to the second storage request, the declared data and the identifier of the second visible node are stored in the blockchain.

In one implementation, the processing unit is also used for:

Receive a second data clearing request sent by a verification node in the blockchain network. The second data clearing request is used to request identity representation data related to the verification node.

In response to the second data clearing request, the identity representation data related to the verification node is cleared.

The identity representation data is returned to the verification node so that the verification node can perform identity verification processing on the holding node based on the identity representation data.

On the other hand, embodiments of this application provide a data processing device based on a blockchain network, the device comprising:

A processor, adapted to execute computer programs;

A computer-readable storage medium storing a computer program, which, when executed by a processor, implements the data processing method based on a blockchain network as described above.

On the other hand, embodiments of this application provide a computer-readable storage medium storing a computer program adapted to be loaded by a processor and executed as described above for data processing based on a blockchain network.

On the other hand, embodiments of this application provide a computer program product or computer program that includes computer instructions stored in a computer-readable storage medium. A processor of a data processing device reads the computer instructions from the computer-readable storage medium and executes the computer instructions, causing the data processing device to perform the aforementioned data processing method based on a blockchain network.

In this embodiment, the holding node can send a first data clearing request to the consensus node, causing the consensus node to clear and return the claim data related to the holding node from the blockchain in response to the first data clearing request. The holding node then generates identity expression data based on the claim data and stores the identity expression data along with the identifier of the first visible node that can access the identity expression data in the blockchain of the blockchain network. In the above scheme, both the claim data and identity expression data related to the holding node are stored in the blockchain of the blockchain network, realizing decentralized storage of the claim data and identity expression data. Furthermore, the data flow of the claim data and identity expression data and the setting of visible nodes are carried out on the blockchain through the data clearing capability of the holding node, so that only the designated visible nodes can access the claim data and identity expression data, effectively reducing the risk of data leakage and improving data security.

Attached Figure Description

To more clearly illustrate the technical solutions in the embodiments of this application or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are only some embodiments of this application. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.

Figure 1a shows a schematic diagram of the architecture of a data sharing system provided in an exemplary embodiment of this application;

Figure 1b shows a schematic diagram of the structure of a block provided in an exemplary embodiment of this application;

Figure 1c shows a schematic diagram of the architecture of a data processing system provided in an exemplary embodiment of this application;

Figure 1d shows a schematic diagram of the structure of a data processing system provided in an exemplary embodiment of this application;

Figure 1e shows a schematic diagram of an academic qualification verification scenario provided by an exemplary embodiment of this application;

Figure 2 shows a flowchart illustrating a data processing method based on a blockchain network provided in an exemplary embodiment of this application;

Figure 3 illustrates a schematic diagram of an identifier hit processing provided in an exemplary embodiment of this application;

Figure 4 shows a flowchart illustrating a data processing method based on a blockchain network provided in an exemplary embodiment of this application;

Figure 5 illustrates a flowchart of a data clearing process provided in an exemplary embodiment of this application;

Figure 6 shows a flowchart illustrating a data processing method based on a blockchain network provided in an exemplary embodiment of this application;

Figure 7 illustrates a data processing apparatus based on a blockchain network provided in an exemplary embodiment of this application;

Figure 8 illustrates a data processing apparatus based on a blockchain network provided in an exemplary embodiment of this application;

Figure 9 illustrates a data processing device based on a blockchain network provided in an exemplary embodiment of this application.

Detailed Implementation

The technical solutions of the embodiments of this application will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of this application, and not all embodiments. Based on the embodiments of this application, all other embodiments obtained by those of ordinary skill in the art without creative effort are within the scope of protection of this application.

This application relates to blockchain technology. The following is a brief introduction to the relevant terms and concepts of blockchain technology:

A blockchain network can be understood as a data sharing system 100, which refers to a system for data sharing between nodes. An exemplary structure of this data sharing system 100 is shown in Figure 1a. As shown in Figure 1a, the data sharing system 100 may include multiple nodes 101, which can refer to various clients (or terminal devices, servers, etc.) within the data sharing system 100. To ensure information interoperability within the data sharing system 100, information connections can exist between each node in the data sharing system 100, enabling information transmission and sharing. The methods for establishing information connections between nodes may include: each node in the data sharing system 100 has a corresponding node identifier, and each node in the data sharing system 100 can store the node identifiers of other nodes in the data sharing system 100. Thus, any node can share information based on the node identifiers of other nodes (e.g., broadcasting generated blocks to other nodes in the data sharing system 100). Each node can maintain a node identifier list as shown in the table below, storing the node name and node identifier in this list. The node identifier can be an IP (Internet Protocol) address or any other information that can be used to identify the node. Table 1 uses IP addresses as an example only:

Table 1 Node Identifier List

Node Name Node identifier Node 1 117.114.151.174 Node 2 117.116.189.145 … … Node S (S is a positive integer) xx.xx.xx.xx

Each node in the data sharing system 100 stores the same blockchain. A blockchain is a novel application model of computer technologies such as distributed data storage, peer-to-peer (P2P) transmission, consensus mechanisms, and cryptographic algorithms. Essentially, a blockchain is a decentralized database, a chain of data blocks linked together using cryptographic methods. Each data block contains information about a batch of network transactions, used to verify the validity of the information (anti-counterfeiting) and generate the next block. A blockchain consists of multiple blocks, each including input information. Nodes store this input information by storing the blockchain. The structural diagram of the block can be seen in Figure 1b. As shown in Figure 1b, the genesis block of a block includes a block header and a block body. The block header stores the input information feature value, version number, timestamp, and difficulty value, while the block body stores the input information. The next block of the genesis block takes the genesis block as its parent block. The next block also includes a block header and a block body. The block header stores the input information feature value of the current block, the block header feature value of the parent block, the version number, the timestamp, and the difficulty value, and so on. This ensures that the block data stored in each block of the blockchain is related to the block data stored in the parent block, guaranteeing the security of the input information in the block. The process by which nodes in the data sharing system 100 reach consensus on input information and, upon successful consensus, add the generated block to the blockchain (i.e., add the block to the blockchain) may include: when any node in the data sharing system 100 receives input information, other nodes in the data sharing system 100 reach consensus on the input information according to the consensus algorithm, generate a block based on the input information upon successful consensus, and add the block to the blockchain, thereby achieving distributed storage of the input information and ensuring that the data stored on all nodes in the data sharing system 100 is consistent. The nodes that reach consensus on the input information according to the consensus algorithm mentioned above are typically referred to as consensus nodes, and this is explained here.

As mentioned earlier regarding blocks in a blockchain, a block consists of a block header and a block body. The block body stores input information. Based on whether a node contains all the input information within its blockchain blocks—specifically, whether the block body of each block contains all the input information—nodes in a blockchain network can be categorized as full nodes and light nodes. This distinction is made by determining whether the node contains the complete data of the block. A full node's blockchain synchronously contains all the data of the block (i.e., the complete input information), including the block header, block body, transaction data, and other relevant information. Light nodes only synchronize the block headers of each block in the blockchain network, as well as the transaction data associated with the light node. In one implementation, the block headers in the light node are not connected to form a blockchain, meaning the light node does not contain a blockchain. In another implementation, the block headers in the light node can still be connected to form a blockchain, and some blocks in this blockchain have empty block bodies (e.g., no input information), while some blocks have non-empty block bodies (e.g., containing transaction data associated with the light node). To easily distinguish between a blockchain containing all data and a blockchain containing only block headers (and some transaction data), this application refers to a blockchain containing all data as a blockchain, and a blockchain containing only block headers (or some input information) as a sub-blockchain, as explained here.

Additionally, light nodes may include SPV (Special Purpose Vehicle) nodes. These SPV nodes possess data clearing capabilities. This data clearing capability can be simply understood as: synchronizing transaction data related to themselves (i.e., the SPV node) from full nodes (specifically, the blockchain contained within the full node). Furthermore, they support the ability to set visible node identifiers that can access transaction data uploaded to the blockchain. This ensures that only the node corresponding to the set visible node identifier can retrieve the transaction data from the blockchain, thus improving data security to a certain extent. In this embodiment, an example is provided where a light node contains a sub-blockchain, and the block body of some blocks in this sub-blockchain contains transaction data related to the light node.

Based on the above introduction to blockchain technology, this application proposes a data processing system based on a blockchain network, which can be called a decentralized identity authentication system (DID). In different identity authentication scenarios, this data processing system can realize on-chain circulation and decentralized storage of data involved in different identity authentication scenarios (i.e., data is distributed and stored in consensus nodes included in the blockchain network). For example, in an identity authentication scenario involving academic qualification verification, this data processing system can achieve decentralized storage of users' academic certificates (such as information or credentials used to prove users' academic qualifications) and realize the circulation of academic certificates on the blockchain; this improves the security of academic certificates to a certain extent.

The overall structure of the data processing system can be seen in Figure 1c. As shown in Figure 1c, the data processing system, from top to bottom, includes: an application layer, a service interface layer, and a persistence layer. The application layer provides blockchain-based application services to users. The service interface layer includes a decomposer, used to provide decentralized services and data acquisition functions. The persistence layer includes service interfaces (such as API interfaces and SQL interfaces), providing basic blockchain services for upper-layer application scenarios. Furthermore, the data processing system shown in Figure 1c can also be represented as the structural diagram shown in Figure 1d. As shown in Figure 1d, the data processing system includes: a consensus node 102, an issuing node 103, a holding node 104, and a verification node 105. The nodes included in the data processing system (such as consensus node 102, issuing node 103, holding node 104, and verification node 105) can refer to computer devices or applications running on computer devices (referred to as applications). The computer equipment may include, but is not limited to, smart devices such as smartphones, tablets, portable personal computers, mobile internet devices, smart TVs, in-vehicle devices, and head-mounted devices. The applications running on the computer equipment can refer to computer programs designed to perform one or more specific functions, and may include, but are not limited to, clients installed on the computer equipment, small programs that can be used without downloading and installation, and web applications opened through a browser. It should be noted that this application embodiment does not limit the number and type of nodes included in the data processing system; for example, in Figure 1a, the number of consensus nodes 102 is 1, and the number of verification nodes 105 is 1, but in actual applications, the number of consensus nodes 102 may be greater than 1 (e.g., 100), and the number of verification nodes 105 may be greater than 1 (e.g., 50).

Based on the data processing system shown in Figure 1d, this application proposes a data processing scheme based on a blockchain network. In this scheme, the flow of data between various light nodes (such as issuing node 101, holding node 102, and verification node 105) is realized through the blockchain, and the data is stored in the blockchain contained in the full node, avoiding the risk of data leakage and improving data security. The following section, using the nodes included in the data processing system shown in Figure 1d and taking the academic certificate authentication scenario shown in Figure 1e as an example, gives the general flow of the data processing scheme, wherein:

(1) Holding node 104.

Holding node 104 is a node used by a target user (such as any user) who needs to apply for declared data (such as an academic certificate). For example, if student "Xiaoming" needs to apply for an academic certificate from XX school, then student "Xiaoming" can send a declaration application request to issuing node 103 (such as the node used by XX school) through holding node 104; issuing node 103 responds to the declaration application request and generates student "Xiaoming's" academic certificate. The node type of holding node 104 is a light node, meaning that only a portion of the blocks in the blockchain containing holding node 104 contain transaction data related to holding node 104 (such as student "Xiaoming's" enrollment information, academic information, etc.).

(2) Issuance node 103.

Issuing node 103 is the node used by users to issue declared data. In the academic qualification verification scenario, issuing node 103 can be a node used by XX school. When issuing node 103 receives a declaration application request from holding node 104, it can use the object identifier of the holding node 104 object carried in the declaration application request (e.g., the identity identifier of the student "Xiaoming" on the holding node object, such as user name, user number, user ID, etc.) to issue the academic qualification certificate of student "Xiaoming". It also sets a second visible node identifier that can access the academic qualification certificate of student "Xiaoming". For example, if the node identifier of node X in the blockchain network is set as the second visible node identifier, then node X can obtain (e.g., download, cache) the academic qualification certificate of student "Xiaoming" from the blockchain. Issuing node 103 then sends the academic qualification certificate of student "Xiaoming" and the second visible node identifier that can access the academic qualification certificate to consensus node 102, so that consensus node 102 can upload it to the blockchain for storage after successful consensus on the academic qualification certificate. The node type of issuing node 103 is a light node, meaning that issuing node 103 only contains data related to itself, such as academic qualification certificates of one or more students issued in the past.

(3) Consensus node 102.

Consensus node 102 is a node capable of using a consensus algorithm to process received data and, upon successful consensus, generating a block and storing it in the blockchain. The consensus algorithm may include, but is not limited to, Proof-of-Work, Proof-of-Stake, and Delegated Proof-of-Stake, etc. The consensus algorithm used varies depending on the business scenario, and this application embodiment does not limit the type of consensus algorithm. Based on the above description, it is clear that consensus node 102 is a full node, meaning that the blockchain contained within consensus node 102 contains all the data in the blockchain network. Specifically, when consensus node 102 receives the academic certificate and the second visible node identifier that can access the academic certificate from issuing node 103, it can reach a consensus on the academic certificate and the second visible node identifier. Upon successful consensus, it generates a block based on the academic certificate and the second visible node identifier and stores the block in the blockchain, thus broadcasting the block (i.e., the academic certificate and the second visible node identifier) in the blockchain network. This allows other nodes in the blockchain network (full nodes and/or light nodes) to synchronously access the block containing the academic certificate and the second visible node identifier from the consensus node's blockchain. For example, if the node identifier of holding node 104 is set to be a second visible node identifier that can access the academic certificate, then holding node 104 can send a first data clearing request to the consensus node so that the consensus node can clear the declaration data related to holding node 104 in the blockchain and return the declaration data to holding node 104; so that holding node 104 can sign the declaration data and store the identity expression data (such as the signed academic certificate) and the first visible node identifier that can access the identity expression data in the blockchain.

(4) Verify node 105.

Verification node 105 is a node used by a user to verify identity representation data (such as an academic certificate). In an academic qualification verification scenario, verification node 105 can be a node used by a recruiting unit (such as company X, which needs to recruit employees). Verification node 105 can synchronize transaction data related to itself from the blockchain in the blockchain network, and after obtaining the transaction data, verify the identity representation data contained in the transaction data. For example, the blockchain in the blockchain network contains a signed academic certificate uploaded by student "Xiaoming" through node 104. When uploading the signed academic certificate, if the node identifier of verification node X is set to the first visible node identifier that can access the signed academic certificate, then verification node X can synchronize the signed academic certificate from the blockchain and perform identity verification on the signed academic certificate. This identity verification can verify the authenticity of the signed academic certificate, etc. This embodiment of the application does not limit the implementation method of identity verification, but it is described here.

As described above, the data processing scheme based on a blockchain network mentioned in this application embodiment, combined with the immutability of the blockchain, uploads data (such as the aforementioned declaration data or identity expression data) to the chain to achieve decentralized data storage. Furthermore, by leveraging the data clearing capabilities of holding nodes to perform data flow and set visible node identifiers (such as the aforementioned first visible node identifier and second visible node identifier), it effectively protects the secure flow of data among the issuing node, holding node, and verification node, ensuring that only designated nodes can access the data, effectively reducing the risk of data leakage and improving data security.

Based on the data processing scheme based on the blockchain network described above, this application proposes a more detailed data processing method based on the blockchain network. The data processing method based on the blockchain network proposed in this application will be described in detail below with reference to the accompanying drawings.

Please refer to Figure 2, which shows a flowchart illustrating a data processing method based on a blockchain network according to an exemplary embodiment of this application; this data processing method can be executed by the holding node 104 in the system shown in Figure 1d, and the data processing method includes, but is not limited to, steps S201-S204:

S201: Send a first data clearing request to the consensus node of the blockchain network and receive the declaration data related to the holding node in the blockchain network returned by the consensus node in response to the first data clearing request.

The first data clearing request is used to request the clearing of claim data related to the holding node from the consensus node. Claim data related to the holding node refers to verifiable claims (VCs), which are claim documents formed by the issuing node endorsing the attributes of the holding node based on the object identifier corresponding to the holding node. For example, in an academic qualification verification scenario, the issuing node can refer to the node used by the school, and the claim data refers to the academic certificate issued by the school based on the student's identity identifier DID (such as student ID, number, etc.). Specifically, the first data clearing request can carry the object identifier corresponding to the holding node. In response to the first data clearing request, the consensus node can clear the claim data related to the holding node from the blockchain based on the identity identifier DID carried in the first data clearing request. The object identifier corresponding to the holding node can refer to the identity identifier DID of the target user who used the holding node to make the claim application; it is an identity identifier used to represent the identity of the target user. The identity identifier can be a string composed of multiple characters, which can include at least one of the following: Chinese characters (i.e., 汉字), English characters (i.e., letters), numbers, and punctuation marks (such as commas ",", periods ".", square brackets "【】").

S202: Generate identity representation data corresponding to the holding node based on the declared data.

S203: Set the identifier of the first visible node that can access the identity representation data.

In steps S202-S203, the identity expression data can refer to a verifiable presentation (VP), which is generated by the holding node based on the declaration data and is used to represent the identity of the holding node. Specifically, after obtaining the declaration data from the consensus node, the holding node can sign the declaration data to generate the identity expression data corresponding to the holding node. Signing the declaration data can refer to digitally signing the declaration data. A digital signature is a string of numbers that only the information sender (such as the holding node) can generate and that cannot be forged by others. This string of numbers also serves as valid proof of the authenticity of the information sent by the information sender. Digital signature methods can include, but are not limited to, HASH algorithms (such as Message-Digest (MD), Secure Hash Algorithm (SHA), Digital Signature Algorithm (DSA), ECDSA (Elliptic Curve Digital Signature Algorithm), Elliptic Curve Digital Signature Algorithm, etc.). This application embodiment does not limit the specific digital signature algorithm used to sign the declaration data; this is only a description of the specific algorithm used.

For example, in an academic qualification verification scenario, signing declared data (such as student "Xiaoming's" academic certificate) may include: student "Xiaoming" signing the academic certificate through the holding node to generate a signed academic certificate (i.e., identity expression data); since the signed academic certificate contains student "Xiaoming's" digital signature, the authenticity of the signed academic certificate can be effectively proven based on the signed academic certificate.

This application also supports the holding node to set visibility of identity representation data. Visibility setting can be simply understood as the process by which the holding node sets the node identifiers that can access the identity representation data. In identity authentication scenarios, the holding node (specifically, the target user using the holding node) can set different nodes to have access permissions to the identity representation data. For example, in an academic qualification authentication scenario, if student "Xiaoming" wants employers A and B to be able to access his signed academic certificate, but wants employer C to be unable to access it, then student "Xiaoming" can set the first visible node identifiers that can access the signed academic certificate to the node identifiers corresponding to employers A and B. By setting the visibility of identity representation data, only specified nodes can access the identity representation data, greatly reducing the risk of identity representation data leakage and improving data security.

S204: A blockchain that stores identity representation data and the identifier of the first visible node in the blockchain network.

Specifically, expression transaction data can be generated based on identity expression data and the first visible node identifier. This expression transaction data is then sent to a consensus node in the blockchain network, enabling the consensus node to generate a block based on the expression transaction data and add the block to the blockchain. This achieves the storage of identity expression data and the first visible node identifier in the blockchain network. It should be noted that this application embodiment supports setting multiple first visible node identifiers capable of accessing the identity expression data. Thus, the expression transaction data provided in this application embodiment may include a visibility list containing one or more first visible node identifiers capable of accessing the identity expression data. When an access request for accessing the identity expression data exists, the consensus node can perform an identifier matching process on the visibility list contained in the expression transaction data to detect whether the accessing node sending the access request has permission to access the identity expression data. If the visibility list contains the node identifier of the accessing node sending the access request, it is determined that the accessing node has permission to access the identity expression data, and the expression transaction data containing the identity expression data is sent to the accessing node. Conversely, if the visibility list does not contain the node identifier of the accessing node sending the access request, it is determined that the accessing node does not have permission to access the identity expression data.

An exemplary process for determining whether an access node can access identity expression data by judging whether the node identifier of the access node is contained in the visible list can be seen in Figure 3. As shown in Figure 3, the visible list 301 contains first visible node identifier 1, first visible node identifier 2, ..., first visible node identifier N, where N is an integer greater than 2. When the consensus node 102 receives the access request for accessing identity expression data sent by the access node 302, the consensus node 102 can perform identifier matching processing on the visible list 301 according to the node identifier of the access node 302. Specifically, it can traverse the visible list 301. If the node identifier of the access node 302 exists during the traversal of the visible list 301, the node identifier of the access node 302 is determined to be the first visible node identifier, indicating that the access node 302 can access the identity expression data, and the expression transaction data is returned to the access node 302. Conversely, if no first visible node identifier is found to be the same as the node identifier of the access node 301 after traversing the visible list 301, it is determined that the access node 302 cannot access the identity expression data.

In this embodiment, the holding node can send a first data clearing request to the consensus node, causing the consensus node to clear and return the claim data related to the holding node from the blockchain in response to the first data clearing request. The holding node then generates identity expression data based on the claim data and stores the identity expression data along with the identifier of the first visible node that can access the identity expression data in the blockchain of the blockchain network. In the above scheme, both the claim data and identity expression data related to the holding node are stored in the blockchain of the blockchain network, realizing decentralized storage of the claim data and identity expression data. Furthermore, the data clearing capability of the holding node enables the data flow process of the claim data and identity expression data and the setting of visible nodes on the blockchain, ensuring that only designated nodes can access the claim data and identity expression data, effectively reducing the risk of data leakage and improving data security.

Please refer to Figure 4, which shows a flowchart illustrating a data processing method based on a blockchain network according to an exemplary embodiment of this application; this data processing method can be executed by the consensus node 102 in the system shown in Figure 1d, and includes, but is not limited to, steps S401-S403:

S401: Receive the first data clearing request sent by the holding node in the blockchain network.

S402: In response to the first data clearing request, clear the claim data related to the holding node and return the claim data to the holding node.

As described above, if the holding node is a light node, it has the ability to clear the declared data associated with itself from the consensus network. Therefore, when a target user using the holding node needs to retrieve declared data from the blockchain, the target user can send a first data clearing request to a consensus node in the blockchain network through the holding node. The consensus node will then respond to the first data clearing request, clear the data, and return the declared data associated with the holding node. It should be noted that the consensus node receiving the first data clearing request can be the consensus node in the blockchain network that is closest to the holding node, thus improving data transmission efficiency. Alternatively, the consensus node can also be the node with the highest network signal in the blockchain network, ensuring the speed and stability of data transmission. Alternatively, the consensus node can connect to one or more light nodes. The consensus node can communicate directly or indirectly with these connected light nodes to achieve data transmission. In this implementation, the holding node can send a first data clearing request to a light node connected to the consensus node, and then clear the declared data related to the holding node from the consensus node through that light node. For example, if the consensus node is connected to light node 1, and light node 1 is connected to light node 2, the holding node can send the first data clearing request to light node 2, thus indirectly clearing the declared data related to the holding node from the consensus node through light node 2 and light node 1. This application embodiment does not limit the specific type of consensus node receiving the first data clearing request; this is only a description of the specific circumstances described above.

The following explanation, using the data clearing process flowchart shown in Figure 5, illustrates how to clear the declared data related to the holding node from the consensus node. As shown in Figure 5, the lower-level node is the holding node (or verification node), and the upper-level node is the consensus node or a light node connected to the consensus node. The data clearing process may include:

① Receive a first data clearing request sent by the holding node. This first data clearing request is used to request the clearing of declaration data related to the holding node. The first data clearing request includes the unprocessed block height _h1 of the unprocessed block that the holding node expects to synchronize, where _h1 is a positive integer. The unprocessed block height _h1 is obtained by adding ₁ to the highest block height h0 of the blockchain currently contained by the holding node. In specific implementations, the sub-blockchains contained by the holding node are not the same as the blockchain contained by the consensus node. The blockchain contained by the holding node only stores a portion of the data related to the holding node, while the blockchain contained by the consensus node stores all the data in the blockchain network. Thus, the unprocessed block that the holding node expects to synchronize is often the next unsynchronized block in the sub-blockchain contained by the holding node. For example, if the current highest block height of the sub-blockchain contained by the holding node is 5, then the unprocessed block height _h1 of the unprocessed block that the holding node expects to synchronize is 6.

② The consensus node receives the first data clearing request and, in response, obtains the highest block height _H1 of the blockchain, where _H1 is an integer greater than 1. Based on the block height _h1 to be processed and the obtained highest block height _H1 , the node performs data clearing processing on the blockchain to obtain the declaration data related to the holding node. Specifically, the consensus node compares whether the block height _h1 to be processed and the obtained highest block height _H1 satisfy a height condition. This height condition means that: if the consensus node's node type is a light node (i.e., a light node connected to the consensus node receives the first data clearing request ₎ , then the block height _h1 to be processed is less than or equal to the highest block height _{H1 ;} or, if the consensus node's node type is a full node (i.e., the consensus node itself receives the first data clearing request), then the block height _h1 to be processed is less than the highest block height _H1 .

If the height _h1 of the block to be processed does not meet the height condition with the highest obtained block height _H1 , it means that the height of the block to be processed requested by the holding node is too high, i.e., the blockchain contained in the consensus node has not yet synchronized the block to be processed corresponding to the height of the block to be processed. In this case, a notification message is returned to the holding node to indicate that the holding node has not synchronized the block to be processed corresponding to the height of the block to be processed. If the height _h1 of the block to be processed meets the height condition with the highest obtained block height _H1 , it means that the blockchain contained in the consensus node has already synchronized the block to be processed corresponding to the height of the block to be processed. In this case, the block to be processed corresponding to the height of the block to be processed is obtained from the blockchain, and visibility detection is performed on the first candidate transaction data contained in the block to be processed to obtain the first visibility detection result. The visibility detection of the first candidate transaction data contained in the block to be processed may include: querying the smart contract corresponding to the first candidate transaction data, which contains the IsReadable function for performing visibility detection on the first candidate transaction data; calling the IsReadable function to perform identifier hit processing in the visible list contained in the first candidate transaction data to detect whether the visible list contains the node identifier of the holding node; and generating a first visibility detection result based on the hit result of the identifier hit processing and the data contained in the first candidate transaction data.

③ Determine whether the first visibility detection result meets the visibility conditions. The first visibility detection result meeting the visibility conditions includes: the holding node can access the first candidate transaction data, that is, the visible list of the first candidate transaction data contains the node identifier of the holding node, and the data contained in the first candidate transaction data is declaration data. The first visibility detection result not meeting the visibility conditions includes: the holding node cannot access the first candidate transaction data, that is, the visible list of the first candidate transaction data does not contain the node identifier of the holding node; or, the holding node can access the first candidate transaction data, and the first candidate transaction data does not contain declaration data; or, the smart contract does not contain the IsReadable function; or, an exception occurs during the call to the IsReadable function; etc. This application embodiment does not limit the specific circumstances under which the first visibility detection result does not meet the visibility conditions.

If the first visibility detection result meets the visibility condition, the first candidate transaction data is determined as the claim data related to the holding node, and the first candidate transaction data is returned to the holding node. Conversely, if the first visibility detection result does not meet the visibility condition, the reason why the first candidate transaction data cannot be accessed by the holding node is queried. When the reason for invisibility is: the first candidate transaction data does not contain the node identifier of the holding node, it means that the holding node has not been set as a node that can access the first candidate transaction data; or, the reason for invisibility is: the holding node can access the first candidate transaction data, and the first candidate transaction data does not contain declaration data; or, the reason for invisibility is: the smart contract does not contain the IsReadable function. Then, the new block height _h1 = _h1 + 1 is set, and the highest block height _H2 of the updated blockchain in the blockchain network is obtained, where _H2 is an integer greater than 1. If the new block height _h1 and the block height _H2 meet the height condition, the step of performing data clearing processing based on the new block height _h1 and the block height _H2 to obtain the declaration data related to the holding node is continued. When the data becomes invisible due to an exception during the IsReadable function call or other reasons, the data clearing process is terminated, and an error notification is sent to the holding node. This error notification informs the holding node that the current data clearing process has encountered an exception and needs to be repaired before retrying.

Through the specific implementation process shown in steps ①-③ above, the holding node can obtain the declaration data related to the holding node from the consensus node. This method of using the data clearing capability of the light node SPV (such as the holding node) to clear only the data (such as the declaration data) related to the holding node from the consensus node, to a certain extent, ensures the security of data that cannot be accessed by the holding node, and reduces the storage of unrelated data by the holding node, thereby reducing storage pressure.

S403: Receive the first storage request sent by the holding node, and in response to the first storage request, store the identity representation data and the first visible node identifier contained in the first storage request to the blockchain of the blockchain network.

Specifically, the first storage request carries identity representation data generated by the holding node and a first visible node identifier that can access the identity representation data. Consensus is reached on the identity representation data and the first visible node identifier, which verifies the correctness of the identity representation data, such as whether the identity representation data was generated by the holding node's signature or whether it meets legal and ethical requirements. After successful consensus, a new block is generated and added to the blockchain, thus storing the identity representation data and the first visible node identifier in the blockchain network, improving the security of the storage and transfer of these data.

In this embodiment, the consensus node can receive a first data clearing request sent by the holding node and, in response to the first data clearing request, clear the declaration data related to the holding node from the blockchain. This avoids clearing data unrelated to the holding node to the holding node, maintains the security of the data stored in the blockchain, and reduces the storage pressure on the holding node. The consensus node can also receive a first storage request sent by the holding node, and after successfully reaching consensus on the identity expression data carried in the first storage request, generate a block by the identity expression data and the first visible node identifier and add it to the blockchain. This method of storing the identity expression data and the first visible node identifier in the blockchain can improve the security of the identity expression data and the first visible node identifier.

Please refer to Figure 6, which shows a flowchart of a data processing method based on a blockchain network provided by an exemplary embodiment of this application; the data processing method can be jointly executed by the consensus node 102, issuing node 103, holding node 104, and verification node 105 in the system shown in Figure 1d, and the data processing method includes, but is not limited to, steps S601-S613:

S601: The holding node sends a claim request to the issuing node in the blockchain network.

S602: Issuing node responds to statement request and executes response processing.

S603: The issuing node sends a second storage request to the consensus node.

In steps S601-S603, when a target user using a holding node needs to apply for declaration data, the target user can send a declaration application request to the issuing node through the holding node. The issuing node then performs a response process based on the declaration application request to generate the declaration data corresponding to the holding node and store the declaration data in the blockchain. The declaration application request includes the object identifier corresponding to the holding node for which the declaration data is to be applied and candidate object data. Here, the candidate object data may refer to the identity information of the target user using the holding node to make the declaration application, such as the user's name, gender, age, and other relevant information.

Specifically, the response process for an issuing node to a claim application request may include: First, performing identity verification on the holding node according to the claim application request to obtain an identity verification result. This identity verification process can be simplified as follows: the issuing node sends an identity query request to the consensus node, carrying the object identifier corresponding to the holding node. The consensus node responds to the identity query request by querying and returning reference object data associated with the object identifier. The issuing node then receives the reference object data returned by the consensus node and compares it with candidate object data to obtain the identity verification result. If the reference object data matches the candidate object data, the identity verification result is determined to be successful; otherwise, if the reference object data does not match the candidate object data, the identity verification result is determined to be unsuccessful. Secondly, if the identity verification result is successful, it indicates that the issuing node has successfully verified the identity of the holding node. The issuing node then generates claim data corresponding to the holding node and sets a second visible node identifier that can access the claim data. The issuing node includes Public Key Infrastructure (PKI), which binds relevant key pairs to the identity of the certificate holder, providing users with convenient certificate management functions. Based on this, the issuing node can use PKI to issue claim data to the holding node. Finally, the issuing node stores the claim data and the second visible node identifier in the blockchain. Specifically, after the issuing node issues claim data to the holding node and sets a second visible node identifier that can access the claim data, the issuing node can generate a second storage request based on the claim data and the second visible node identifier and send this second storage request to the consensus node, so that the consensus node can store the claim data and the second visible node identifier in the blockchain.

S604: The consensus node responds to the second storage request by storing the declared data and the second visible node identifier into the blockchain.

After receiving a second storage request from the issuing node, the consensus node responds by reaching a consensus on the declared data and the second visible node identifier carried in the second storage request. Upon successful consensus, a new block is generated based on the declared data and the second visible node identifier, and this new block is added to the blockchain. This achieves on-chain storage of the declared data and the second visible node identifier, improving the security of their storage and transfer. The consensus process for verifying the correctness of the declared data and the second visible node identifier is not limited in this embodiment, but is described herein.

S605: The holding node sends the first data clearing request to the consensus node.

S606: The consensus node responds to the first data clearing request by clearing the declared data related to the holding node.

S607: The consensus node returns the cleared declaration data related to the holding node to the holding node.

S608: The holding node generates identity expression data corresponding to the holding node based on the declared data, and sets the first visible node identifier that can access the identity expression data.

S609: The holding node sends the first storage request to the consensus node.

S610: The consensus node responds to the first storage request by storing the identity representation data and the first visible node identifier to the blockchain.

It should be noted that the specific implementation process shown in steps S65-S610 can be found in the relevant descriptions of the specific implementation process in the embodiments shown in Figure 2 and Figure 4, and will not be repeated here.

S611: The validator node sends a second data clearing request to the consensus node.

S612: The consensus node responds to the second data clearing request by clearing the identity representation data associated with the verification node.

S613: The consensus node returns the identity representation data obtained from the clearing to the verification node, so that the verification node can verify the identity of the holding node based on the identity representation data.

In steps S611-S613, when a verification node needs to obtain the identity representation data of the holding node (e.g., in an academic qualification verification scenario, a recruiting unit often needs to obtain the signed academic certificate of student "Xiaoming"), the verification node can send a second data clearing request to the consensus node. This second data clearing request is used to request the identity representation data related to the verification node. The consensus node receives the second data clearing request from the verification node, responds by clearing the identity representation data related to the verification node, and returns the identity representation data to the verification node. Specifically, it returns the identity representation data and the identifier of the first visible node that can access the identity representation data (or representation transaction data generated based on the identity representation data and the identifier of the first visible node that can access the identity representation data) to the verification node. In this way, the verification node can verify the identity of the holding node based on the identity representation data and the identifier of the first visible node that can access the identity representation data. The specific implementation method of the consensus node performing data clearing processing according to the second data clearing request can be seen in the flowchart of data clearing processing shown in Figure 5, and will not be elaborated here.

For example, in an academic qualification verification scenario, assuming the verification node is the hiring unit X, when hiring unit X needs to invite student "Xiaoming" to submit his resume, hiring unit X can send a second data clearing request to the consensus node. This second data clearing request can carry the student "Xiaoming's" identity identifier DID. In this way, the consensus node can respond to the second data clearing request to clear the academic qualification certificate (such as identity expression data) signed by student "Xiaoming" and return the academic qualification certificate to hiring unit X so that hiring unit X can verify the authenticity of the academic qualification certificate.

It should be noted that when a validator node wants to obtain the identity representation data of all users related to itself in the blockchain, the second data clearing request sent by the validator node can carry the identity identifiers (DIDs) of all users, or the second data clearing request can not carry the identity identifiers (DIDs) of any user, but only carry the node identifier of the validator node. In this way, the consensus node can return all the identity representation data related to the validator node stored in the blockchain. This application embodiment does not limit which type or multiple types of content are carried in the second data clearing request. Furthermore, the specific process by which the validator node performs identity verification based on the identity representation data is related to the specific identity authentication scenario. This application embodiment does not limit the identity verification process of the validator node, and this is hereby explained. In addition, a validator node is a node that has the need to verify identity representation data; therefore, issuing nodes and holding nodes in the blockchain network can all act as validator nodes. This application embodiment does not limit the validator node.

In this embodiment, after issuing the claim data for the holding node, the issuing node can upload the claim data to the blockchain. The holding node can then retrieve the claim data from the blockchain, sign it, and upload the resulting identity expression data to the blockchain, allowing the verification node to retrieve the identity expression data from the blockchain. In this scheme, both the claim data and identity expression data related to the holding node are stored on the blockchain network, achieving decentralized storage. Furthermore, the data clearing capability of the holding node enables the data flow process of the claim data and identity expression data and the setting of visible nodes on the blockchain, ensuring that only designated nodes can access the claim data and identity expression data, effectively reducing the risk of data leakage and improving data security.

The methods of the embodiments of this application have been described in detail above. In order to facilitate better implementation of the methods of the embodiments of this application, the apparatus of the embodiments of this application is provided below.

Figure 7 shows a schematic diagram of a data processing device based on a blockchain network according to an exemplary embodiment of this application. The data processing device can be a computer program (including program code) running on a holding node. The data processing device can be used to execute some or all of the steps in the method embodiments shown in Figures 2 and 6. The data processing device includes the following units:

The sending unit 701 is used to send a first data clearing request to the consensus node of the blockchain network and receive the declaration data related to the holding node in the blockchain network returned by the consensus node in response to the first data clearing request.

Processing unit 702 is used to generate identity expression data corresponding to the holding node based on the declaration data, and the identity expression data is used to indicate the identity of the holding node;

The processing unit 702 is also used to set the first visible node identifier that can access the identity expression data;

The processing unit 702 is also used to store identity expression data and visible node identifiers to the blockchain of the blockchain network.

In one implementation, when processing unit 702 generates identity representation data corresponding to the holding node based on the declaration data, it is specifically used for:

Sign the declared data to generate identity representation data corresponding to the holding node.

In one implementation, the processing unit 702 is further configured to:

Send a claim request to the issuing node of the blockchain network, and the issuing node will execute a response process based on the claim request to store the claim data in the blockchain.

In one implementation, the declaration request carries the object identifier corresponding to the holding node and candidate object data; the response processing flow includes:

Based on the declaration application request, the identity verification process of the holding node is performed to obtain the identity verification result;

If the identity verification result is successful, then the declaration data corresponding to the holding node is generated, and the second visible node identifier that can access the declaration data is set.

Store the declared data and the second visible node identifier in the blockchain.

In one implementation, the identity verification process includes:

The issuing node sends an identity query request to the consensus node, and the identity query request carries the object identifier corresponding to the holding node;

Receive reference object data associated with the object identifier returned by the consensus node;

The identity verification result is obtained by comparing the reference object data with the candidate object data.

In one implementation, when the processing unit 702 stores the identity representation data and the first visible node identifier into the blockchain, it is specifically used for:

Generate expression transaction data based on identity expression data and the identifier of the first visible node;

The transaction data is sent to the consensus node, which then generates a block based on the transaction data and adds the block to the blockchain.

According to one embodiment of this application, the various units in the blockchain-based data processing device shown in FIG. 7 can be individually or entirely merged into one or more other units, or some of the units can be further divided into multiple functionally smaller units. This can achieve the same operation without affecting the technical effect of the embodiment of this application. The above-mentioned units are based on logical function division. In practical applications, the function of one unit can also be implemented by multiple units, or the function of multiple units can be implemented by one unit. In other embodiments of this application, the blockchain-based data processing device may also include other units. In practical applications, these functions can also be implemented with the assistance of other units, and can be implemented by multiple units working together. According to another embodiment of this application, the blockchain-based data processing device shown in FIG. 7 and the blockchain-based data processing method of the embodiment of this application can be implemented by running a computer program (including program code) capable of executing the steps involved in the corresponding methods shown in FIG. 2 and FIG. 6 on a general-purpose computing device, such as a computer, which includes processing elements and storage elements such as a central processing unit (CPU), random access storage medium (RAM), and read-only storage medium (ROM). Computer programs can be recorded on, for example, a computer-readable recording medium, loaded onto the aforementioned computing device via the computer-readable recording medium, and run therein.

In this embodiment, the sending unit 701 is configured to send a first data clearing request to the consensus node, causing the consensus node to clear the data from the blockchain and return the declaration data related to the holding node in response to the first data clearing request. The processing unit 702 then generates identity expression data based on the declaration data and stores the identity expression data and the identifier of the first visible node that can access the identity expression data together in the blockchain of the blockchain network. In the above scheme, both the declaration data and the identity expression data related to the holding node are stored in the blockchain of the blockchain network, realizing decentralized storage of the declaration data and the identity expression data. Furthermore, the data flow of the declaration data and the identity expression data and the setting of visible nodes are carried out on the blockchain through the data clearing capability of the holding node, so that only the designated visible nodes can access the declaration data and the identity expression data, effectively reducing the risk of data leakage and improving data security.

Figure 8 shows a schematic diagram of a data processing device based on a blockchain network according to an exemplary embodiment of this application. The data processing device can be a computer program (including program code) running on a holding node. The data processing device can be used to execute some or all of the steps in the method embodiments shown in Figures 4 and 6. The data processing device includes the following units:

The receiving unit 801 is used to receive a first data clearing request sent by a holding node in the blockchain network. The first data clearing request is used to request the clearing of the declaration data related to the holding node.

The processing unit 802 is configured to clear the declaration data related to the holding node in response to the first data clearing request, and return the declaration data to the holding node so that the holding node can generate identity expression data corresponding to the holding node based on the declaration data. The identity expression data is used to indicate the identity of the holding node and to set the first visible node identifier that can access the identity expression data.

The processing unit 802 is also configured to receive a first storage request sent by the holding node, and in response to the first storage request, store the identity expression data and the first visible node identifier contained in the first storage request into the blockchain of the blockchain network.

In one implementation, the first data clearing request includes the block height _h1 of the block to be processed that the holding node expects to synchronize, where _h1 is a positive integer; the processing unit 802 is used to clear the declaration data related to the holding node in response to the first data clearing request, specifically for:

Get the highest block height _H1 of the blockchain, where _H1 is an integer greater than 1;

Based on the height _h1 of the block to be processed and the height _H1 of the highest block, the blockchain is cleared to obtain the declaration data related to the holding node.

In one implementation, the processing unit 802 is used to perform data clearing processing on the blockchain based on the height _h1 of the block to be processed and the height _H1 of the highest block, and to obtain the declaration data related to the holding node, specifically for:

If the height _h1 of the block to be processed satisfies a height condition with the highest block height _H1 , then the block to be processed corresponding to the height _h1 in the blockchain is obtained. The height condition between the height _h1 of the block to be processed and the highest block height _H1 includes: if the consensus node is a light node, then the height _h1 of the block to be processed is less than or equal to the highest block height _H1 ; or, if the consensus node is a full node, then the height _h1 of the block to be processed is less than the highest block height _H1 .

The visibility of the first candidate transaction data contained in the block to be processed is checked to obtain the first visibility check result;

If the first visibility detection result meets the visibility condition, then the first candidate transaction data is determined as the claim data related to the holding node; wherein, the first visibility detection result meeting the visibility condition includes: the holding node can access the first candidate transaction data, and the first candidate transaction data contains claim data;

If the first visibility detection result does not meet the visibility condition, then let the new block height _h1 = _h1 + ₁ , and obtain the highest block height H2 of the updated blockchain in the blockchain network, where _H2 is an integer greater than 1. If the new block height _h1 and the block height _H2 meet the height condition, then continue to execute the step of data clearing processing based on the new block height _h1 and the block height _H2 to obtain the declaration data related to the holding node.

In one implementation, the processing unit 802 is further configured to:

Receive a second storage request sent by the issuing node in the blockchain network. The second storage request carries the claim data corresponding to the holding node and the identifier of the second visible node that can access the claim data.

In response to the second storage request, the declared data and the identifier of the second visible node are stored in the blockchain.

In one implementation, the processing unit 802 is further configured to:

Receive a second data clearing request sent by a verification node in the blockchain network. The second data clearing request is used to request identity representation data related to the verification node.

In response to the second data clearing request, the identity representation data related to the verification node is cleared.

The identity representation data is returned to the verification node so that the verification node can perform identity verification processing on the holding node based on the identity representation data.

According to one embodiment of this application, the various units in the blockchain-based data processing device shown in FIG8 can be individually or entirely merged into one or more other units, or some of the units can be further divided into multiple functionally smaller units. This can achieve the same operation without affecting the technical effect of the embodiment of this application. The above-mentioned units are based on logical function division. In practical applications, the function of one unit can also be implemented by multiple units, or the function of multiple units can be implemented by one unit. In other embodiments of this application, the blockchain-based data processing device may also include other units. In practical applications, these functions can also be implemented with the assistance of other units, and can be implemented by multiple units working together. According to another embodiment of this application, the blockchain-based data processing device shown in FIG8 and the blockchain-based data processing method of the embodiment of this application can be constructed by running a computer program (including program code) capable of executing the steps involved in the corresponding methods shown in FIG4 and FIG6 on a general-purpose computing device including processing elements and storage elements such as a computer, such as a central processing unit (CPU), random access storage medium (RAM), and read-only storage medium (ROM). Computer programs can be recorded on, for example, a computer-readable recording medium, loaded onto the aforementioned computing device via the computer-readable recording medium, and run therein.

In this embodiment, the receiving unit 801 can receive a first data clearing request sent by the holding node, and the processing unit 802 can respond to the first data clearing request to clear the declaration data related to the holding node from the blockchain. This avoids clearing data unrelated to the holding node to the holding node, maintains the security of the data stored in the blockchain, and also reduces the storage pressure on the holding node. The consensus node can also receive a first storage request sent by the holding node, and after successfully reaching consensus on the identity expression data carried in the first storage request, generate a block by the identity expression data and the first visible node identifier and add it to the blockchain. This method of storing the identity expression data and the first visible node identifier in the blockchain can improve the security of the identity expression data and the first visible node identifier.

Figure 9 shows a schematic diagram of a data processing device based on a blockchain network according to an exemplary embodiment of this application. Referring to Figure 9, the terminal includes a processor 901, a communication interface 902, and a computer-readable storage medium 903. The processor 901, communication interface 902, and computer-readable storage medium 903 can be connected via a bus or other means. The communication interface 902 is used to receive and send data. The computer-readable storage medium 903 can be stored in the terminal's memory and is used to store a computer program, including program instructions. The processor 901 is used to execute the program instructions stored in the computer-readable storage medium 903. The processor 901 (or CPU (Central Processing Unit)) is the computing and control core of the terminal, suitable for implementing one or more instructions, specifically suitable for loading and executing one or more instructions to achieve corresponding method flows or corresponding functions.

This application embodiment also provides a computer-readable storage medium (Memory), which is a memory device in a terminal for storing programs and data. It is understood that the computer-readable storage medium here can include both the built-in storage medium in the terminal and extended storage media supported by the terminal. The computer-readable storage medium provides storage space that stores the terminal's processing system. Furthermore, the storage space also stores one or more instructions suitable for loading and execution by the processor 901. These instructions can be one or more computer programs (including program code). It should be noted that the computer-readable storage medium here can be high-speed RAM or non-volatile memory, such as at least one disk storage device; optionally, it can also be at least one computer-readable storage medium located remotely from the aforementioned processor.

In one embodiment, the computer-readable storage medium stores one or more instructions; the processor 901 loads and executes one or more instructions stored in the computer-readable storage medium to implement the corresponding steps in the above-described embodiment of the data processing method based on a blockchain network; specifically, the processor 901 loads and executes one or more instructions in the computer-readable storage medium for the following steps:

Send a first data clearing request to the consensus node of the blockchain network, and receive the declaration data related to the holding node in the blockchain network returned by the consensus node in response to the first data clearing request;

Based on the declared data, identity representation data corresponding to the holding node is generated. The identity representation data is used to indicate the identity of the holding node.

Set the identifier of the first visible node that can access the identity representation data;

The blockchain stores identity representation data and visible node identifiers in the blockchain network.

In one implementation, when one or more instructions in the computer-readable storage medium are loaded by the processor 901 and executed to generate identity representation data corresponding to the holding node based on the claim data, the following steps are specifically performed:

Sign the declared data to generate identity representation data corresponding to the holding node.

In one implementation, one or more instructions in a computer-readable storage medium are loaded by processor 901 and the following steps are also performed:

Send a claim request to the issuing node of the blockchain network, and the issuing node will execute a response process based on the claim request to store the claim data in the blockchain.

In one implementation, the declaration request carries the object identifier corresponding to the holding node and candidate object data; the response processing flow includes:

Based on the declaration application request, the identity verification process of the holding node is performed to obtain the identity verification result;

If the identity verification result is successful, then the declaration data corresponding to the holding node is generated, and the second visible node identifier that can access the declaration data is set.

Store the declared data and the second visible node identifier in the blockchain.

In one implementation, the identity verification process includes:

The issuing node sends an identity query request to the consensus node, and the identity query request carries the object identifier corresponding to the holding node;

Receive reference object data associated with the object identifier returned by the consensus node;

The identity verification result is obtained by comparing the reference object data with the candidate object data.

In one implementation, when one or more instructions in the computer-readable storage medium are loaded by the processor 901 and executed to store the identity representation data and the first visible node identifier into the blockchain, the following steps are specifically performed:

Generate expression transaction data based on identity expression data and the identifier of the first visible node;

The transaction data is sent to the consensus node, which then generates a block based on the transaction data and adds the block to the blockchain.

In another embodiment, the computer-readable storage medium stores one or more instructions; the processor 901 loads and executes one or more instructions stored in the computer-readable storage medium to implement the corresponding steps in the above-described embodiment of the data processing method based on a blockchain network; specifically, the processor 901 loads and executes one or more instructions in the computer-readable storage medium for the following steps:

Receive the first data clearing request sent by the holding node in the blockchain network. The first data clearing request is used to request the clearing of the claim data related to the holding node.

In response to the first data clearing request, the declaration data related to the holding node is cleared and returned to the holding node, so that the holding node can generate identity expression data corresponding to the holding node based on the declaration data. The identity expression data is used to indicate the identity of the holding node and to set the first visible node identifier that can access the identity expression data.

Receive the first storage request sent by the holding node, and in response to the first storage request, store the identity expression data and the first visible node identifier contained in the first storage request to the blockchain of the blockchain network.

In one implementation, the first data clearing request includes the block height _h1 of the block to be processed that the holding node expects to synchronize, where _h1 is a positive integer; one or more instructions in the computer-readable storage medium are loaded by the processor 901 and, when clearing the declared data related to the holding node in response to the first data clearing request, specifically perform the following steps:

Get the highest block height _H1 of the blockchain, where _H1 is an integer greater than 1;

Based on the height _h1 of the block to be processed and the height _H1 of the highest block, the blockchain is cleared to obtain the declaration data related to the holding node.

In one implementation, when one or more instructions in the computer-readable storage medium are loaded by the processor 901 and executed to perform data clearing processing on the blockchain based on the height _h1 of the block to be processed and the highest block height _H1 , and to obtain the claim data related to the holding node, the following steps are specifically performed:

If the height _h1 of the block to be processed satisfies a height condition with the highest block height _H1 , then the block to be processed corresponding to the height _h1 in the blockchain is obtained. The height condition between the height _h1 of the block to be processed and the highest block height _H1 includes: if the consensus node is a light node, then the height _h1 of the block to be processed is less than or equal to the highest block height _H1 ; or, if the consensus node is a full node, then the height _h1 of the block to be processed is less than the highest block height _H1 .

The visibility of the first candidate transaction data contained in the block to be processed is checked to obtain the first visibility check result;

If the first visibility detection result meets the visibility condition, then the first candidate transaction data is determined as the claim data related to the holding node; wherein, the first visibility detection result meeting the visibility condition includes: the holding node can access the first candidate transaction data, and the first candidate transaction data contains claim data;

If the first visibility detection result does not meet the visibility condition, then let the new block height _h1 = _h1 + ₁ , and obtain the highest block height H2 of the updated blockchain in the blockchain network, where _H2 is an integer greater than 1. If the new block height _h1 and the block height _H2 meet the height condition, then continue to execute the step of data clearing processing based on the new block height _h1 and the block height _H2 to obtain the declaration data related to the holding node.

In one implementation, one or more instructions in a computer-readable storage medium are loaded by processor 901 and the following steps are also performed:

Receive a second storage request sent by the issuing node in the blockchain network. The second storage request carries the claim data corresponding to the holding node and the identifier of the second visible node that can access the claim data.

In response to the second storage request, the declared data and the identifier of the second visible node are stored in the blockchain.

In one implementation, one or more instructions in a computer-readable storage medium are loaded by processor 901 and the following steps are also performed:

Receive a second data clearing request sent by a verification node in the blockchain network. The second data clearing request is used to request identity representation data related to the verification node.

In response to the second data clearing request, the identity representation data related to the verification node is cleared.

The identity representation data is returned to the verification node so that the verification node can perform identity verification processing on the holding node based on the identity representation data.

In this embodiment, the holding node can send a first data clearing request to the consensus node, causing the consensus node to clear and return the claim data related to the holding node from the blockchain in response to the first data clearing request. The holding node then generates identity expression data based on the claim data and stores the identity expression data along with the identifier of the first visible node that can access the identity expression data in the blockchain of the blockchain network. In the above scheme, both the claim data and identity expression data related to the holding node are stored in the blockchain of the blockchain network, realizing decentralized storage of the claim data and identity expression data. Furthermore, the data flow of the claim data and identity expression data and the setting of visible nodes are carried out on the blockchain through the data clearing capability of the holding node, so that only the designated visible nodes can access the claim data and identity expression data, effectively reducing the risk of data leakage and improving data security.

This application also provides a computer program product or computer program, which includes computer instructions stored in a computer-readable storage medium. A processor of a data processing device reads the computer instructions from the computer-readable storage medium and executes the computer instructions, causing the data processing device to perform the aforementioned data processing method based on a blockchain network.

Those skilled in the art will recognize that the units and algorithm steps of the various examples described in conjunction with the embodiments disclosed in this application can be implemented in electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are implemented in hardware or software depends on the specific application and design constraints of the technical solution. Those skilled in the art can use different methods to implement the described functions for each specific application, but such implementation should not be considered beyond the scope of this application.

In the above embodiments, implementation can be achieved, in whole or in part, through software, hardware, firmware, or any combination thereof. When implemented in software, it can be implemented, in whole or in part, as a computer program product. A computer program product includes one or more computer instructions. When the computer program instructions are loaded and executed on a computer, all or part of the processes or functions described in the embodiments of the present invention are generated. The computer can be a general-purpose computer, a special-purpose computer, a computer network, or other programmable device. The computer instructions can be stored in or transmitted through a computer-readable storage medium. The computer instructions can be transmitted from one website, computer, server, or data center to another website, computer, server, or data center via wired (e.g., coaxial cable, fiber optic, digital subscriber line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that a computer can access or a data processing device such as a server or data center that integrates one or more available media. The available medium can be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid-state disk (SSD)).

The above description is merely a specific embodiment of this application, but the scope of protection of this application is not limited thereto. Any variations or substitutions that can be easily conceived by those skilled in the art within the technical scope disclosed in this invention should be included within the scope of protection of this application. Therefore, the scope of protection of this application should be determined by the scope of the claims.

Claims (16)

1. A data processing method based on a blockchain network, characterized in that it includes: Send a first data clearing request to the consensus node of the blockchain network, and receive the declaration data related to the holding node in the blockchain network returned by the consensus node in response to the first data clearing request; Based on the declared data, identity expression data corresponding to the holding node is generated, and the identity expression data is used to indicate the identity of the holding node; Set a first visible node identifier that can access the identity expression data; The identity representation data and the visible node identifier are stored in the blockchain of the blockchain network. 2. The method as described in claim 1, wherein generating the identity representation data corresponding to the holding node based on the declaration data includes: The declared data is signed to generate identity representation data corresponding to the holding node. 3. The method as described in claim 1, characterized in that the method further comprises: A declaration request is sent to the issuing node of the blockchain network, causing the issuing node to perform response processing based on the declaration request to store the declaration data in the blockchain. 4. The method as described in claim 3, wherein the declaration request carries the object identifier corresponding to the holding node and candidate object data; the response processing flow includes: The identity verification process for the holding node is performed according to the stated application request, and the identity verification result is obtained; If the identity verification result is successful, then the declaration data corresponding to the holding node is generated, and a second visible node identifier that can access the declaration data is set. The declaration data and the second visible node identifier are stored in the blockchain. 5. The method as described in claim 4, wherein the identity verification process includes: The issuing node sends an identity query request to the consensus node, and the identity query request carries the object identifier corresponding to the holding node; Receive reference object data associated with the object identifier returned by the consensus node; The reference object data is compared with the candidate object data to obtain the identity verification result. 6. The method as described in claim 1, wherein storing the identity expression data and the first visible node identifier in the blockchain comprises: Generate expression transaction data based on the identity expression data and the first visible node identifier; The expressed transaction data is sent to the consensus node, so that the consensus node generates a block based on the expressed transaction data and adds the block to the blockchain. 7. A data processing method based on a blockchain network, characterized in that it includes: Receive a first data clearing request sent by a holding node in the blockchain network, wherein the first data clearing request is used to request the clearing of the declaration data related to the holding node; In response to the first data clearing request, the declaration data related to the holding node is cleared and returned to the holding node, so that the holding node generates identity expression data corresponding to the holding node based on the declaration data. The identity expression data is used to indicate the identity of the holding node and to set a first visible node identifier that can access the identity expression data. The system receives a first storage request sent by the holding node and, in response to the first storage request, stores the identity expression data and the first visible node identifier contained in the first storage request into the blockchain of the blockchain network. 8. The method as described in claim 7, wherein the first data clearing request includes the unprocessed block height _h1 of the unprocessed block that the holding node expects to synchronize, where _h1 is a positive integer; the clearing of the declaration data related to the holding node in response to the first data clearing request includes: Obtain the highest block height _H1 of the blockchain, where _H1 is an integer greater than 1; Based on the height _h1 of the block to be processed and the height _H1 of the highest block, the blockchain is cleared to obtain the declaration data related to the holding node. 9. The method as described in claim 8, characterized in that, the step of performing data clearing processing on the blockchain based on the height _h1 of the block to be processed and the height _H1 of the highest block to obtain the declaration data related to the holding node includes: If the height _h1 of the block to be processed and the highest block height _H1 satisfy a height condition, then the block to be processed corresponding to the height _h1 of the block to be processed in the blockchain is obtained; wherein, satisfying the height condition between the height _h1 of the block to be processed and the highest block height _H1 includes: if the node type of the consensus node is a light node, then the height _h1 of the block to be processed is less than or equal to the highest block height _H1 ; or, if the node type of the consensus node is a full node, then the height _h1 of the block to be processed is less than the highest block height _H1 ; Visibility detection is performed on the first candidate transaction data contained in the block to be processed to obtain the first visibility detection result; If the first visibility detection result meets the visibility condition, then the first candidate transaction data is determined as the declaration data related to the holding node; wherein, the first visibility detection result meeting the visibility condition includes: the holding node can access the first candidate transaction data, and the first candidate transaction data contains the declaration data; If the first visibility detection result does not meet the visibility condition, then the new block height _h1 = _h1 + ₁ is set, and the highest block height H2 of the updated blockchain in the blockchain network is obtained, where _H2 is an integer greater than 1. If the new block height _h1 and the block height _H2 meet the height condition, then the step of performing data clearing processing based on the new block height _h1 and the block height _H2 to obtain the declaration data related to the holding node continues. 10. The method of claim 7, wherein the method further comprises: Receive a second storage request sent by the issuing node in the blockchain network, the second storage request carrying the declaration data corresponding to the holding node and the identifier of a second visible node that can access the declaration data; In response to the second storage request, the claim data and the second visible node identifier are stored in the blockchain. 11. The method of claim 7, wherein the method further comprises: Receive a second data clearing request sent by a verification node in the blockchain network, the second data clearing request being used to request identity expression data related to the verification node; In response to the second data clearing request, the identity representation data associated with the verification node is cleared; The identity representation data is returned to the verification node so that the verification node can perform identity verification processing on the holding node based on the identity representation data. 12. A data processing device based on a blockchain network, characterized in that it comprises: The sending unit is configured to send a first data clearing request to the consensus node of the blockchain network, and receive declaration data related to the holding node in the blockchain network returned by the consensus node in response to the first data clearing request. The processing unit is configured to generate identity expression data corresponding to the holding node based on the declaration data, wherein the identity expression data is used to indicate the identity of the holding node; The processing unit is also configured to set a first visible node identifier that can access the identity expression data; The processing unit is also used to store the identity expression data and the visible node identifier to the blockchain of the blockchain network. 13. A data processing device based on a blockchain network, characterized in that it comprises: The receiving unit is configured to receive a first data clearing request sent by a holding node in the blockchain network, wherein the first data clearing request is used to request the clearing of declaration data related to the holding node; The processing unit is configured to clear and obtain the declaration data related to the holding node in response to the first data clearing request, and return the declaration data to the holding node, so that the holding node generates identity expression data corresponding to the holding node based on the declaration data, the identity expression data being used to indicate the identity of the holding node, and setting a first visible node identifier that can access the identity expression data; The processing unit is further configured to receive a first storage request sent by the holding node, and in response to the first storage request, store the identity expression data and the first visible node identifier contained in the first storage request into the blockchain of the blockchain network. 14. A data processing device based on a blockchain network, characterized in that it comprises: A processor, adapted to execute computer programs; A computer-readable storage medium storing a computer program, which, when executed by the processor, implements the data processing method based on a blockchain network as described in any one of claims 1-6, or implements the data processing method based on a blockchain network as described in any one of claims 7-11. 15. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program adapted to be loaded by a processor and execute the data processing method based on a blockchain network as described in any one of claims 1-6, or implement the data processing method based on a blockchain network as described in any one of claims 7-11. 16. A computer program product, characterized in that the computer program product includes computer instructions, which, when executed by a processor, implement the data processing method based on a blockchain network as described in any one of claims 1-6, or implement the data processing method based on a blockchain network as described in any one of claims 7-11.