[go: up one dir, main page]

CN109615525B - Protection method and system for multi-signature shared account and electronic equipment - Google Patents

Protection method and system for multi-signature shared account and electronic equipment Download PDF

Info

Publication number
CN109615525B
CN109615525B CN201910052466.9A CN201910052466A CN109615525B CN 109615525 B CN109615525 B CN 109615525B CN 201910052466 A CN201910052466 A CN 201910052466A CN 109615525 B CN109615525 B CN 109615525B
Authority
CN
China
Prior art keywords
signature
transaction
transfer
private
informed
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910052466.9A
Other languages
Chinese (zh)
Other versions
CN109615525A (en
Inventor
徐磊
袁力
邸烁
许文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Aershan Block Chain Alliance Technology Co ltd
Original Assignee
Beijing Aershan Block Chain Alliance Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Aershan Block Chain Alliance Technology Co ltd filed Critical Beijing Aershan Block Chain Alliance Technology Co ltd
Priority to CN201910052466.9A priority Critical patent/CN109615525B/en
Publication of CN109615525A publication Critical patent/CN109615525A/en
Application granted granted Critical
Publication of CN109615525B publication Critical patent/CN109615525B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Technology Law (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides a method, a system and electronic equipment for protecting a multi-signature shared account, wherein the method comprises the following steps: generating a multi-sign contract account with a signature mechanism of n/m and provided with a transfer quota parameter and a transfer interval time limit parameter, wherein the multi-sign contract account corresponds to a multi-sign contract stored on an Ethengfang block chain; when any n private accounts in the m private accounts carry out multi-sign transaction, acquiring transaction signatures of the n private accounts, and when the transfer amount is larger than the transfer limit parameter or the transfer time interval is smaller than the transfer interval time limit parameter, acquiring the informed signatures of the m-n private accounts which do not participate in the multi-sign transaction; and verifying the transaction signature or verifying the transaction signature and the informed signature through the multi-signature contract, and executing the multi-signature transaction after the verification is passed. The invention can avoid the communication among partial private accounts of the multiple contract accounts to carry out fraudulent transaction, thereby ensuring the asset security of the shared account.

Description

Protection method and system for multi-signature shared account and electronic equipment
Technical Field
The invention relates to the technical field of digital currency transactions, in particular to a method and a system for protecting a multi-signature shared account and electronic equipment.
Background
Currently, digital currency transactions based on etherhouse smart contracts use smart contracts and private key signature techniques. The user uses the private key to sign and authorize the transaction or contract operation of the user, and the external transfer transaction or contract execution of the digital currency is realized. The private key signature of the user can be verified through the user address, the private key is kept by the user, and the user address is open to the outside. The Etherhouse multi-signature technology refers to a shared contract account generated by a plurality of user addresses, and assets of the shared contract account are managed by a plurality of users. The asset transaction of the shared contract account can be authorized only by using the original private key of the generated account to carry out signature, so that the asset security of the shared contract account is protected, and the distributed security is realized.
Common multi-signature techniques use either 2/3 or 3/5 signatures. For example, 2/3 signature 3 individual accounts together generate a shared account, and any 2 accounts in the 3 accounts can use the shared account to realize the transfer transaction. However, in the current multi-signature transaction, the transaction information is not transparent for a plurality of individual accounts which do not participate in the transaction, and a problem that some signature users communicate with each other or do private transaction, so that account assets of other signature users are lost may occur.
Disclosure of Invention
In view of this, the present invention aims to provide a method, a system and an electronic device for protecting a multi-signature shared account, so as to alleviate the technical problem that in the current multi-signature transaction, for a multi-signature personal account that does not participate in the transaction, transaction information is not transparent, and partial signature users may collude with each other or perform private transactions, resulting in loss of account assets of other signature users.
In a first aspect, an embodiment of the present invention provides a method for protecting a multi-signature shared account, including:
generating a multi-sign contract account with a signature mechanism of n/m and provided with a transfer quota parameter and a transfer interval time limit parameter, wherein the multi-sign contract account corresponds to a multi-sign contract stored on an Etherhouse block chain; where m and n represent the number of private accounts, and 1 n m;
when any n private accounts in the m private accounts carry out multi-signature transaction, acquiring transaction signatures of the n private accounts, and when the transfer amount is larger than the transfer limit parameter or the transfer time interval is smaller than the transfer interval time limit parameter, acquiring the informed signatures of the m-n private accounts which do not participate in the multi-signature transaction; the transaction signature and the informed signature are both private accounts, and the private accounts adopt private keys to sign transaction information;
and verifying the transaction signature or verifying the transaction signature and the informed signature through the multi-signature contract, and executing the multi-signature transaction after the verification is passed.
With reference to the first aspect, an embodiment of the present invention provides a first possible implementation manner of the first aspect, where the step of obtaining transaction signatures of n private accounts, and obtaining the informed signatures of m-n private accounts that do not participate in the multi-sign transaction when a transfer amount is greater than the transfer limit parameter or a transfer time interval is less than the transfer interval time limit parameter includes:
sending the transaction information to n private accounts so that the n private accounts can confirm the transaction information, and further acquiring transaction signatures of the n private accounts on the transaction information; the transaction information comprises a transaction number, transaction time and transaction details;
judging whether the transfer amount is larger than the transfer limit parameter or whether the transfer time interval is smaller than the transfer interval time limit parameter;
if yes, the transaction information is sent to m-n private accounts which do not participate in the multi-sign transaction, so that the informed signatures of the m-n private accounts respectively aiming at the transaction information are obtained.
With reference to the first aspect, an embodiment of the present invention provides a second possible implementation manner of the first aspect, where the verifying the transaction signature or the verifying the transaction signature and the informed signature by the multi-sign contract, and after the verification passes, the executing the multi-sign transaction includes:
verifying the transaction signature and the number of private accounts corresponding to the transaction signature through the multi-sign contract;
after the verification is passed, judging whether the transfer amount is larger than the transfer limit parameter or whether the transfer time interval is smaller than the transfer interval time limit parameter;
if yes, judging whether an informed signature exists, and if not, executing the transaction;
if the informed signature exists, verifying the informed signature and the number of private accounts corresponding to the informed signature;
and when the verification is passed, determining that the private account corresponding to the transaction signature and the private account corresponding to the informed signature are all in m private accounts and the private accounts are not intersected with each other, executing the transaction.
With reference to the first aspect, an embodiment of the present invention provides a third possible implementation manner of the first aspect, where the step of generating a multi-sign contract account with a signature mechanism of n/m and a transfer limit parameter and a transfer interval time limit parameter is provided, includes:
respectively obtaining addresses of m private accounts, and setting the transfer limit parameter and the transfer interval time limit parameter to obtain n/m multi-sign contracts corresponding to the multi-sign contract accounts;
and deploying the n/m multi-sign contract on an Ethernet bay block chain to obtain the multi-sign contract account.
With reference to the first aspect, an embodiment of the present invention provides a fourth possible implementation manner of the first aspect, where after the step of setting the transfer quota parameter and the transfer interval time limit parameter, the method further includes:
setting overtime reply time;
the step of obtaining an informed signature of m-n private accounts not participating in the multi-sign transaction includes:
and sending the transaction information to m-n private accounts which do not participate in the multi-signature transaction, and if the reply time of the m-n private accounts exceeds the overtime reply time, ignoring the informed signature.
With reference to the first aspect, an embodiment of the present invention provides a fifth possible implementation manner of the first aspect, where the step of verifying the transaction signature or verifying the transaction signature and the informed signature through the multi-sign contract includes:
verifying the transaction signature by the multi-sign contract using a public key and an elliptic curve algorithm; or verifying the transaction signature and the informed signature by utilizing a public key and an elliptic curve algorithm.
In a second aspect, an embodiment of the present invention further provides a system for protecting a multi-sign-up contract account, including:
the generation module is used for generating a multi-sign contract account with a signature mechanism of n/m and provided with a transfer limit parameter and a transfer interval time limiting parameter, and the multi-sign contract account corresponds to a multi-sign contract stored on an Etherhouse block chain; where m and n represent the number of private accounts, and 1 n m;
the signature acquisition module is used for acquiring transaction signatures of n private accounts when any n private accounts in the m private accounts carry out multi-signature transactions, and acquiring informed signatures of m-n private accounts which do not participate in the multi-signature transactions when the transfer amount is larger than the transfer limit parameter or the transfer time interval is smaller than the transfer interval time limit parameter; the transaction signature and the informed signature are both private accounts, and the private accounts adopt private keys to sign transaction information;
and the signature verification module is used for verifying the transaction signature or verifying the transaction signature and the informed signature through the multi-sign contract, and executing the multi-sign transaction after the verification is passed.
With reference to the second aspect, an embodiment of the present invention provides a first possible implementation manner of the second aspect, where the signature obtaining module is further configured to:
sending the transaction information to n private accounts so that the n private accounts can confirm the transaction information, and further acquiring transaction signatures of the n private accounts on the transaction information; the transaction information comprises a transaction number, transaction time and transaction details;
judging whether the transfer amount is larger than the transfer limit parameter or whether the transfer time interval is smaller than the transfer interval time limit parameter;
if yes, the transaction information is sent to m-n private accounts which do not participate in the multi-sign transaction, so that the informed signatures of the m-n private accounts respectively aiming at the transaction information are obtained.
In a third aspect, an embodiment of the present invention further provides an electronic device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the method according to the first aspect when executing the computer program.
In a fourth aspect, embodiments of the present invention also provide a computer-readable medium having non-volatile program code executable by a processor, the program code causing the processor to perform the steps of the method according to the first aspect.
The embodiment of the invention has the following beneficial effects: the invention provides a method, a system and electronic equipment for protecting a multi-signature shared account, which relate to the technical field of digital currency transactions, and the method comprises the following steps: generating a multi-sign contract account with a signature mechanism of n/m and provided with a transfer quota parameter and a transfer interval time limit parameter, wherein the multi-sign contract account corresponds to a multi-sign contract stored on an Ethengfang block chain; when any n private accounts in the m private accounts carry out multi-sign transaction, acquiring transaction signatures of the n private accounts, and when the transfer amount is larger than the transfer limit parameter or the transfer time interval is smaller than the transfer interval time limit parameter, acquiring the informed signatures of the m-n private accounts which do not participate in the multi-sign transaction; and verifying the transaction signature or verifying the transaction signature and the informed signature through the multi-signature contract, and executing the multi-signature transaction after the verification is passed. When the transfer amount of the shared account is too large or the transfer frequency is too frequent, users who do not participate in the transaction submit informed signatures, information balance is carried out on each private account of the multi-sign contract account through a verification mechanism, mutual independence of each private account is guaranteed, private transaction or collusion of the private account cannot occur, and asset safety of the shared account is guaranteed.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a flowchart of a method for protecting a multi-signature shared account according to an embodiment of the present invention;
FIG. 2 is a flowchart of a method of step S102 according to an embodiment of the present invention;
fig. 3 is a flowchart of a method of step S103 according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of a multi-sign contract transfer provided by an embodiment of the invention;
FIG. 5 is a schematic diagram of a system for protecting a multi-signed shared account according to an embodiment of the present invention;
fig. 6 is a schematic diagram of an electronic device according to an embodiment of the present invention.
Icon: 10-a generating module; 20-a signature acquisition module; 30-a signature verification module; 1000-an electronic device; 500-a processor; 501-a memory; 502-a bus; 503 — a communication interface.
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is apparent that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The digital currency transaction is based on a user private key signature technology, namely when a user conducts transfer transaction, the user uses a private key to sign the transaction and issues the transaction to a block chain network, a block chain node verifies the transaction by using an address or a public key of the user, and the transaction is written into a block by a mining node after the verification is passed. When a user conducts transfer transaction, the transaction address uses the user address, the user signs the transaction by using a private key and sends the signed transaction to a block chain network, block chain nodes verify the signed transaction by using the user address and an elliptic curve algorithm and confirm the transaction by using a mining algorithm, once the transaction is confirmed, the transaction is successful, and the account information of related digital assets is recorded into the block chain.
The multi-signature technology is a further extension of the digital currency signature technology, and essentially signs one transaction by using a plurality of user private keys, thereby dispersing the transaction responsibility and realizing a distributed security mechanism. For example, in the etherhouse 2/3 signature transaction, 3 users have created a shared account and a multi-sign contract using respective user addresses, which may receive and roll out all tokens from the etherhouse. When the token is transferred out by the shared contract address, any 2 users in the 3 users use respective private keys to sign the transaction, so that the transaction is successful.
In the current multi-signature transaction, for a multi-signature personal account which does not participate in the transaction, transaction information is not transparent, and the problem that account assets of other signature users are lost due to the fact that partial signature users are communicated with each other or do private transaction may occur. Based on this, the protection method, the system and the electronic device for the multi-signature shared account provided by the embodiment of the invention can enable the user who does not participate in the transaction to submit the informed signature when the transfer amount of the shared account is too large or the transfer frequency is too frequent, and carry out information balance on each private account of the multi-signature contract account through the verification mechanism, thereby ensuring that each private account is independent from each other, private transactions or collusions of the private account cannot occur, and ensuring the asset security of the shared account.
For the convenience of understanding the embodiment, a detailed description will be first given of a protection method for a multi-signature shared account disclosed in the embodiment of the present invention.
As shown in fig. 1, an embodiment of the present invention provides a method for protecting a multi-signature shared account, including the following steps:
step S101, generating a multi-sign contract account with a signature mechanism of n/m and provided with a transfer limit parameter and a transfer interval time limiting parameter, wherein the multi-sign contract account corresponds to a multi-sign contract stored on an Ethernet house block chain; where m and n represent the number of private accounts, and 1 n m;
in the step, addresses of m private accounts are respectively obtained, and a transfer limit parameter and a transfer interval time limiting parameter are set, so that n/m multi-sign contracts corresponding to multi-sign contract accounts are obtained; and deploying the n/m multi-sign contract on the Etherhouse block chain to obtain a multi-sign contract account.
In practical application, m private accounts submit own addresses, transfer limit parameters and transfer interval time limiting parameters are initialized, n/m multi-sign contracts are initialized, and the addresses of all the private accounts, transfer amount limiting parameters and transfer interval limits are needed for initializing the contracts. And deploying the multi-sign contract on the Ethern to obtain a multi-sign contract account. The addresses of m private accounts are stored in the multi-sign contract, and when the contract transfer limit exceeds the transfer limit parameter or the time interval between two transfers is less than the transfer interval time limit parameter, the multi-sign private accounts which do not participate in the transaction need to submit informed signatures.
Step S102, when any n private accounts in the m private accounts carry out multi-sign transaction, acquiring transaction signatures of the n private accounts, and when the transfer amount is larger than the transfer limit parameter or the transfer time interval is smaller than the transfer interval time limit parameter, acquiring informed signatures of the m-n private accounts which do not participate in the multi-sign transaction; the transaction signature and the informed signature are both private accounts, and the private accounts adopt private keys to sign the transaction information; the information of the transaction signature comprises a transaction number, transaction time, transaction details and the like, and the n private accounts apply for the transaction signature. The informed signature also includes transaction number, transaction time, transaction details, and the like.
Further, as shown in fig. 2, step S102 includes the steps of:
step S201, the transaction information is sent to n private accounts, so that the n private accounts confirm the transaction information, and further, transaction signatures of the n private accounts on the transaction information are obtained; the transaction information comprises transaction numbers, transaction time and transaction details, and the transaction information comprises the amount of money, the transfer-out address, information of n private accounts and the like.
Step S202, judging whether the transfer amount is larger than the transfer limit parameter or whether the transfer time interval is smaller than the transfer interval time limit parameter; if yes, executing step S203, if no, executing step S204;
step S203, the transaction information is sent to m-n private accounts which do not participate in the multi-sign transaction, so as to obtain the informed signatures of the m-n private accounts respectively aiming at the transaction information.
Step S204, the transaction signature is verified.
In addition, when the transfer quota parameter and the transfer interval time limit parameter are set in step 101, the method further comprises the following steps: setting overtime reply time; further, when acquiring the informed signatures of the m-n private accounts which do not participate in the multi-sign transaction, the transaction information is sent to the m-n private accounts which do not participate in the multi-sign transaction, and if the reply time of the m-n private accounts exceeds the overtime reply time, the informed signatures can be ignored.
In practical application, any n of the m private accounts mutually confirm transaction information, including transaction numbers, transaction time, transaction details and the like. Each account of the n accounts signs the transaction information to obtain n transaction signatures. If the transfer amount is larger than the transfer limit parameter or the time interval between the last two transfers is smaller than the transfer interval time limit parameter, the transaction information such as the transaction number, the transaction time, the transaction details and the like is informed to the remaining m-n private accounts, and the m-n accounts respectively sign the obtained transaction information to obtain m-n informed signatures. If an informed signature is not received within the timeout reply time, the informed signature may be ignored. The last private account collects all signatures, merges all signatures, and sends to the multi-sign contract account. And the contract account can be traded after the signature is successfully verified.
And step S103, verifying the transaction signature or verifying the transaction signature and the informed signature through the multi-signature contract, and executing the multi-signature transaction after the verification is passed.
Further, as shown in fig. 3, step S103 includes the steps of:
step S301, verifying the transaction signature and the number of private accounts corresponding to the transaction signature through a multi-sign contract;
step S302, after the verification is passed, judging whether the transfer amount is larger than the transfer allowance parameter or whether the transfer time interval is smaller than the transfer interval time limit parameter; if yes, executing step S303, if no, executing step S304;
step S303, judging whether an informed signature exists; if yes, executing step S306, if no, executing step S305;
step S304, executing transaction;
step S305, recording the current transaction information to a log;
step S306, verifying the informed signature and the number of private accounts corresponding to the informed signature;
step S307, when the verification is passed and the private account corresponding to the transaction signature and the private account corresponding to the informed signature are determined to be in m private accounts and are not intersected with each other, executing step S304.
Further, the transaction signature is verified through the multi-signature contract by utilizing a public key and an elliptic curve algorithm; or the public key and the elliptic curve algorithm are utilized to verify the transaction signature and the informed signature.
Taking Ethern as an example, the private key is 32-byte code, the public key is 64-byte number generated by the private key and the elliptic curve algorithm together, and the user address is 20-byte code generated by the public key through a series of hash functions. In elliptic curve cryptography, some special form of elliptic curve, i.e. an elliptic curve defined over a finite field, is utilized. The equation is: y is2=x3+ ax + b (mod p); where p is a prime number, a and b are two non-negative integers less than p which satisfy: 4a3+27b2(mod p) ≠ 0 where x, y, a, b ∈ Fp, the point (x, y) satisfying the formula (2) and an infinite point O constitute an elliptic curve E.
The elliptic curve discrete logarithm problem ECDLP is defined as follows: given a prime number P and an elliptic curve E, a positive integer k smaller than P is found for Q ═ kP, given P, Q. It can be proved that k and P are known to be easier to calculate Q, and k is known to be more difficult to calculate by Q and P, so that no effective method is available to solve the problem, which is the principle of the elliptic curve encryption algorithm.
In the embodiment, for the multi-signature transaction of the n/m shared account, the n private accounts needing to be transacted are respectively transacted with signature, and when the contract transfer limit exceeds the transfer limit parameter or the time interval between two transfers is smaller than the transfer interval time limit parameter, the rest m-n private accounts are needed to sign the transaction without notice. If no replies are received to m-n private accounts within the timeout reply time, the informed signature may be ignored. The transaction signatures of the n private accounts and the informed signatures of the remaining m-n private accounts are jointly sent to the multi-sign contract account, and the transfer transaction can be executed only if all the signatures are verified successfully.
The present embodiment illustrates a multiple sign contract transaction process, taking the 2/3 signature contract as an example. As shown in fig. 4, the account addresses of three Ether house accounts a, B, and C are collected, a contract account S is generated by deployment of a, the transfer amount of S is limited to 90Ether, and the transfer time interval is limited to 5 minutes. Assume that the S account already has the Ethernet coin 300 Ether. Now a, B prepares to divert 100Ether of S account to personal account D. A puts forward the transaction content and applies for signature, and sends the transaction content and the application signature to B. B adds own application signature and sends the signature to C. C joins the confirmation signature to the contract account S. S, the signature is verified to be passed, and 100Ether is transferred to the account D.
In all examples shown and described herein, any particular value should be construed as merely exemplary, and not as a limitation, and thus other examples of example embodiments may have different values.
As shown in fig. 5, an embodiment of the present invention further provides a system for protecting a multi-sign-up contract account, including:
the generation module 10 is used for generating a multi-sign contract account with a signature mechanism of n/m and provided with a transfer limit parameter and a transfer interval time limiting parameter, wherein the multi-sign contract account corresponds to a multi-sign contract stored on an Etherhouse block chain; where m and n represent the number of private accounts, and 1 n m;
the signature acquisition module 20 is configured to acquire transaction signatures of n private accounts when any n private accounts in the m private accounts perform multi-sign transactions, and acquire the informed signatures of m-n private accounts not participating in the multi-sign transactions when the transfer amount is greater than the transfer limit parameter or the transfer time interval is smaller than the transfer interval time limit parameter; the transaction signature and the informed signature are both private accounts, and the private accounts adopt private keys to sign the transaction information;
and the signature verification module 30 is configured to verify the transaction signature or verify the transaction signature and the informed signature through the multi-signature contract, and execute the multi-signature transaction after the verification is passed.
Further, the signature obtaining module 20 is further configured to:
sending the transaction information to the n private accounts so that the n private accounts can confirm the transaction information and further obtain transaction signatures of the n private accounts on the transaction information; the transaction information comprises a transaction number, transaction time and transaction details;
judging whether the transfer amount is larger than the transfer limit parameter or whether the transfer time interval is smaller than the transfer interval time limit parameter;
if yes, the transaction information is sent to the m-n private accounts which do not participate in the multi-sign transaction, so that the informed signatures of the m-n private accounts respectively aiming at the transaction information are obtained.
The device provided by the embodiment of the present invention has the same implementation principle and technical effect as the method embodiments, and for the sake of brief description, reference may be made to the corresponding contents in the method embodiments without reference to the device embodiments.
The embodiment of the present invention further provides an electronic device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and is characterized in that the processor implements the steps of the method for protecting a multi-signature shared account as described above when executing the computer program.
Embodiments of the present invention also provide a computer readable medium having a non-volatile program code executable by a processor, where the program code causes the processor to execute the steps of the above method for protecting a multi-signature shared account.
The protection system for the multi-sign contract account provided by the embodiment of the invention has the same technical characteristics as the protection method for the multi-sign shared account provided by the embodiment, so that the same technical problems can be solved, and the same technical effect can be achieved.
The embodiment of the present invention further provides an electronic device, which includes a memory and a processor, where the memory stores a computer program that can be run on the processor, and the processor implements the steps of the method for protecting a multi-signature shared account provided in the foregoing embodiment when executing the computer program.
The embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the steps of the method for protecting a multi-signature shared account in the foregoing embodiment are executed.
Referring to fig. 6, an embodiment of the present invention further provides an electronic device 1000, including: the processor 500, the memory 501, the bus 502 and the communication interface 503, wherein the processor 500, the communication interface 503 and the memory 501 are connected through the bus 502; the memory 501 is used to store programs; the processor 500 is used for calling a program stored in the memory 501 through the bus 502 to execute the protection method of the multi-signature shared account of the above embodiment.
The Memory 501 may include a high-speed Random Access Memory (RAM) and may also include a non-volatile Memory (non-volatile Memory), such as at least one disk Memory. The communication connection between the network element of the system and at least one other network element is realized through at least one communication interface 503 (which may be wired or wireless), and the internet, a wide area network, a local network, a metropolitan area network, and the like can be used.
Bus 502 can be an ISA bus, PCI bus, EISA bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one double-headed arrow is shown in FIG. 6, but that does not indicate only one bus or one type of bus.
The memory 501 is used for storing a program, the processor 500 executes the program after receiving an execution instruction, and the method executed by the apparatus defined by the flow process disclosed in any of the foregoing embodiments of the present invention may be applied to the processor 500, or implemented by the processor 500.
The processor 500 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware or instructions in the form of software in the processor 500. The Processor 500 may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; the device can also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field-Programmable Gate Array (FPGA), or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components. The various methods, steps and logic blocks disclosed in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in the memory 501, and the processor 500 reads the information in the memory 501, and completes the steps of the method in combination with the hardware thereof.
The computer program product for performing the protection method for a multi-signature shared account provided in the embodiment of the present invention includes a computer-readable storage medium storing a non-volatile program code executable by a processor, where instructions included in the program code may be used to execute the method in the foregoing method embodiment, and specific implementation may refer to the method embodiment, and is not described herein again.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, a division of a unit is merely a division of one logic function, and there may be other divisions when actually implemented, and for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of devices or units through some communication interfaces, and may be in an electrical, mechanical or other form.
Units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a non-volatile computer-readable storage medium executable by a processor. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art will understand that: any person skilled in the art can modify or easily conceive the technical solutions described in the foregoing embodiments or equivalent substitutes for some technical features within the technical scope of the present disclosure; such modifications, changes or substitutions do not depart from the spirit and scope of the embodiments of the present invention, and they should be construed as being included therein. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (7)

1. A method for protecting a multi-signature shared account is characterized by comprising the following steps:
generating a multi-sign contract account with a signature mechanism of n/m and provided with a transfer quota parameter and a transfer interval time limit parameter, wherein the multi-sign contract account corresponds to a multi-sign contract stored on an Etherhouse block chain; where m and n represent the number of private accounts, and 1 n m;
when any n private accounts in the m private accounts carry out multi-signature transaction, acquiring transaction signatures of the n private accounts, and when the transfer amount is larger than the transfer limit parameter or the transfer time interval is smaller than the transfer interval time limit parameter, acquiring the informed signatures of the m-n private accounts which do not participate in the multi-signature transaction; the transaction signature and the informed signature are both private accounts, and the private accounts adopt private keys to sign transaction information;
verifying the transaction signature or verifying the transaction signature and the informed signature through the multi-sign contract, and executing the multi-sign transaction after the verification is passed;
the step of obtaining transaction signatures of n private accounts and obtaining the informed signatures of m-n private accounts not participating in the multi-signature transaction when the transfer amount is greater than the transfer limit parameter or the transfer time interval is less than the transfer interval time limit parameter comprises:
sending the transaction information to n private accounts so that the n private accounts can confirm the transaction information, and further acquiring transaction signatures of the n private accounts on the transaction information; the transaction information comprises a transaction number, transaction time and transaction details;
judging whether the transfer amount is larger than the transfer limit parameter or whether the transfer time interval is smaller than the transfer interval time limit parameter;
if yes, sending the transaction information to m-n private accounts which do not participate in the multi-signature transaction to acquire the informed signatures of the m-n private accounts respectively aiming at the transaction information;
the step of verifying the transaction signature or verifying the transaction signature and the informed signature by the multi-sign contract, and executing the multi-sign transaction after the verification is passed, includes:
verifying the transaction signature and the number of private accounts corresponding to the transaction signature through the multi-sign contract;
after the verification is passed, judging whether the transfer amount is larger than the transfer limit parameter or whether the transfer time interval is smaller than the transfer interval time limit parameter;
if yes, judging whether an informed signature exists, and if not, executing the transaction;
if the informed signature exists, verifying the informed signature and the number of private accounts corresponding to the informed signature;
and when the verification is passed, determining that the private account corresponding to the transaction signature and the private account corresponding to the informed signature are all in m private accounts and the private accounts are not intersected with each other, executing the transaction.
2. The method of claim 1, wherein the step of generating a multi-sign contract account with a signature mechanism of n/m and with a transfer limit parameter and a transfer interval time limit parameter, comprises:
respectively obtaining addresses of m private accounts, and setting the transfer limit parameter and the transfer interval time limit parameter to obtain n/m multi-sign contracts corresponding to the multi-sign contract accounts;
and deploying the n/m multi-sign contract on an Ethernet bay block chain to obtain the multi-sign contract account.
3. The method as claimed in claim 2, wherein the step of setting the transfer allowance parameter and the transfer interval time limit parameter further comprises, after the step of setting the transfer allowance parameter and the transfer interval time limit parameter:
setting overtime reply time;
the step of obtaining an informed signature of m-n private accounts not participating in the multi-sign transaction includes:
and sending the transaction information to m-n private accounts which do not participate in the multi-signature transaction, and if the reply time of the m-n private accounts exceeds the overtime reply time, ignoring the informed signature.
4. The method of claim 1, wherein the step of verifying the transaction signature or the transaction signature and the informed signature via the multi-sign contract comprises:
verifying the transaction signature by the multi-sign contract using a public key and an elliptic curve algorithm; or verifying the transaction signature and the informed signature by utilizing a public key and an elliptic curve algorithm.
5. A system for protecting a multi-sign-on contract account, comprising:
the generation module is used for generating a multi-sign contract account with a signature mechanism of n/m and provided with a transfer limit parameter and a transfer interval time limiting parameter, and the multi-sign contract account corresponds to a multi-sign contract stored on an Etherhouse block chain; where m and n represent the number of private accounts, and 1 n m;
the signature acquisition module is used for acquiring transaction signatures of n private accounts when any n private accounts in the m private accounts carry out multi-signature transactions, and acquiring informed signatures of m-n private accounts which do not participate in the multi-signature transactions when the transfer amount is larger than the transfer limit parameter or the transfer time interval is smaller than the transfer interval time limit parameter; the transaction signature and the informed signature are both private accounts, and the private accounts adopt private keys to sign transaction information;
the signature verification module is used for verifying the transaction signature or verifying the transaction signature and the informed signature through the multi-sign contract, and after the verification is passed, the multi-sign transaction is executed;
the signature acquisition module is further configured to:
sending the transaction information to n private accounts so that the n private accounts can confirm the transaction information, and further acquiring transaction signatures of the n private accounts on the transaction information; the transaction information comprises a transaction number, transaction time and transaction details;
judging whether the transfer amount is larger than the transfer limit parameter or whether the transfer time interval is smaller than the transfer interval time limit parameter;
if yes, sending the transaction information to m-n private accounts which do not participate in the multi-signature transaction to acquire the informed signatures of the m-n private accounts respectively aiming at the transaction information;
the signature verification module is further configured to:
verifying the transaction signature and the number of private accounts corresponding to the transaction signature through the multi-sign contract;
after the verification is passed, judging whether the transfer amount is larger than the transfer limit parameter or whether the transfer time interval is smaller than the transfer interval time limit parameter;
if yes, judging whether an informed signature exists, and if not, executing the transaction;
if the informed signature exists, verifying the informed signature and the number of private accounts corresponding to the informed signature;
and when the verification is passed, determining that the private account corresponding to the transaction signature and the private account corresponding to the informed signature are all in m private accounts and the private accounts are not intersected with each other, executing the transaction.
6. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the steps of the method according to any of claims 1 to 4 are implemented when the computer program is executed by the processor.
7. A computer-readable medium having non-volatile program code executable by a processor, characterized in that the program code causes the processor to perform the steps of the method according to any of claims 1 to 4.
CN201910052466.9A 2019-01-18 2019-01-18 Protection method and system for multi-signature shared account and electronic equipment Active CN109615525B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910052466.9A CN109615525B (en) 2019-01-18 2019-01-18 Protection method and system for multi-signature shared account and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910052466.9A CN109615525B (en) 2019-01-18 2019-01-18 Protection method and system for multi-signature shared account and electronic equipment

Publications (2)

Publication Number Publication Date
CN109615525A CN109615525A (en) 2019-04-12
CN109615525B true CN109615525B (en) 2020-12-04

Family

ID=66016998

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910052466.9A Active CN109615525B (en) 2019-01-18 2019-01-18 Protection method and system for multi-signature shared account and electronic equipment

Country Status (1)

Country Link
CN (1) CN109615525B (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110443697A (en) * 2019-08-08 2019-11-12 北京阿尔山区块链联盟科技有限公司 The management method and device of bank account
CN111027035B (en) * 2019-11-06 2022-04-08 香农数据有限公司 Multi-identity authentication method and system based on block chain
CN111147228B (en) * 2019-12-28 2022-04-01 西安电子科技大学 Ethernet IoT entity based lightweight authentication method, system and intelligent terminal
CN111523889B (en) * 2020-04-17 2023-09-01 昆明大棒客科技有限公司 Multiple signature implementation method, device, equipment and storage medium
CN111738704B (en) * 2020-05-29 2024-12-27 易联众信息技术股份有限公司 A donation data processing method, device and readable medium based on blockchain
CN112529709A (en) * 2020-12-30 2021-03-19 四川新华万云科技有限公司 Ether house intelligent contract implementation method based on multi-sign technology
CN113191751A (en) * 2021-04-22 2021-07-30 深圳前海移联科技有限公司 Block chain-based digital currency multi-sign method and system and electronic equipment

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101017586A (en) * 2006-02-10 2007-08-15 刘明晶 Method for customer self-defined combined authorization payment
US8719335B2 (en) * 2007-08-21 2014-05-06 Microsoft Corporation Framework for development of integration adapters that surface non-static, type-safe service contracts to LOB systems
CN105933331B (en) * 2016-06-13 2020-07-17 财付通支付科技有限公司 Method and device for operating account
CN108683509B (en) * 2018-05-15 2021-12-28 北京创世智链信息技术研究院 Block chain-based secure transaction method, device and system

Also Published As

Publication number Publication date
CN109615525A (en) 2019-04-12

Similar Documents

Publication Publication Date Title
CN109615525B (en) Protection method and system for multi-signature shared account and electronic equipment
US11930100B2 (en) Fund conversion between blockchains
CN112789824B (en) Block chain system, information transmission method, system, device and computer medium
JP6940182B2 (en) Blockchain management device, blockchain management method and program
US11637709B2 (en) Split-key wallet access between blockchains
CN109360091B (en) Random object selection method and device based on block chain
CN107454114B (en) Auction method, server and readable storage medium
EP3779750A1 (en) User identity content information authentication and verification methods and devices
CN116561789B (en) Processing method and device of privacy data, electronic equipment and readable storage medium
JP2024102183A (en) Computer execution method, system, and storage medium in blockchain
CN110266676B (en) Method and device for preventing malicious attack
AU2016202841A1 (en) Device, method and system for virtual asset transactions
CN111476572B (en) Block chain-based data processing method, device, storage medium and equipment
CN110599177A (en) Transaction verification method and related equipment
CN110597916B (en) Data processing method and device based on block chain, storage medium and terminal
CN113489671A (en) Cross-alliance-link communication method and device, computer equipment and storage medium
CN104599123A (en) Management method for account information, account management server and a POS terminal and system
CN112769548B (en) Block chain numerical information transmission method, system, device and computer medium
CN112288431A (en) Transaction method and device based on threshold signature
CN109413099B (en) Certificate-based hybrid cloud encrypted communication method and device and electronic equipment
CN110264172B (en) Transaction processing method and device based on blockchain
CN111614658A (en) Calculation force contract generation method based on block chain network, electronic device and medium
CN111291122A (en) Competitive bidding method and device based on block chain
US20220114276A1 (en) Controlling a data network with respect to a use of a distributed database
CN113411191A (en) Data auditing method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant