HK1259242B - Blockchain data processing method, device, processing equipment and system - Google Patents

Description

Blockchain data processing method, device, processing equipment and system

Technical Field

The embodiments of this specification belong to the technical field of computer data processing, and in particular, to a blockchain data processing method, apparatus, processing equipment, and system.

Background Art

With the rapid development of the internet, all kinds of data are emerging and growing explosively. Blockchain, due to its inherent decentralization, immutability, and distribution, has become a key focus and research direction in many technology fields.

Previously, blockchain data updates were primarily driven by transactions. For example, a summary of transactions over a period of time was generated and stored together with the summary of the previous blockchain block to form a new block. In one blockchain application, two parties can agree on the content or execution of a contract offline and then store the relevant data on the blockchain. Contracts are typically encrypted during the on-chain process (the process of storing data on the blockchain) to ensure the security of their content and prevent the creation of illegal contracts or unauthorized tampering with them. However, in some application scenarios, the private key information of contract participants can be maliciously stolen or lost. This poses a significant data security risk to the blockchain, reduces users' trust in the security of the provided blockchain services, and reduces the user experience.

Therefore, there is an urgent need for a solution that can more effectively improve data security in blockchain data services.

Summary of the Invention

The embodiments of this specification aim to provide a blockchain data processing method, apparatus, processing equipment, and system, whereby each party to a contract can use the generated temporary key to process data and generate more secure and reliable blockchain data.

The blockchain data processing method, apparatus, processing device, and system provided in the embodiments of this specification are implemented in the following ways:

A blockchain data processing method, the method comprising:

Generate a temporary key for the target contract, wherein the temporary key includes a temporary public key and a temporary private key generated based on an asymmetric encryption algorithm;

Generate blockchain data of the target contract on the blockchain based on the temporary key.

A blockchain data processing method, the method comprising:

Receiving and storing creation data of a target contract, the creation data including a temporary key generated by a contract participant for the target contract, generating data information of the target contract processed based on the temporary key and then uploaded to the blockchain, the temporary key including a temporary public key and a temporary private key generated based on an asymmetric encryption algorithm; and

Receive contract execution data;

Using the public key corresponding to the target contract participant to perform signature verification on the contract execution data;

If the signature verification is successful, the stored target contract is updated to the encrypted new contract.

A blockchain data processing device, comprising:

A temporary key generation module, configured to generate a temporary key for a target contract, wherein the temporary key includes a temporary public key and a temporary private key generated based on an asymmetric encryption algorithm;

The contract encryption signature processing module is used to generate the blockchain data of the target contract on the blockchain based on the temporary key.

A blockchain data processing device, comprising a processor and a memory for storing processor-executable instructions, wherein when the processor executes the instructions:

Generate a temporary key for the target contract, wherein the temporary key includes a temporary public key and a temporary private key generated based on an asymmetric encryption algorithm;

Generate blockchain data of the target contract on the blockchain based on the temporary key.

A blockchain system includes a blockchain terminal and a blockchain server, wherein the blockchain terminal and the blockchain server each include at least one processor and a memory for storing processor-executable instructions, and when the processor of the blockchain terminal executes the instructions, the following is achieved:

Any step in any embodiment method involved by the contract participants in the embodiments of this specification;

When the processor of the blockchain server executes the instructions, the following is achieved:

The method steps for on-chain data processing of any blockchain involved in the contract participants in the embodiments of this specification.

The embodiments of this specification provide a blockchain data processing method, apparatus, processing device, and system. Contract participants can use temporarily generated secret keys to perform encryption processing related to the target contract, such as contract signing, encryption, and verification. Data processed with the temporary key is then uploaded to the blockchain for storage, effectively ensuring the secure processing of contract data by each contract participant off-chain while also improving the security of data storage within the blockchain.

BRIEF DESCRIPTION OF THE DRAWINGS

In order to more clearly illustrate the embodiments of this specification or the technical solutions in the prior art, the following briefly introduces the drawings required for use in the embodiments or the description of the prior art. Obviously, the drawings described below are only some embodiments recorded in this specification. For ordinary technicians in this field, other drawings can be obtained based on these drawings without paying any creative labor.

FIG1 is a schematic diagram of a processing flow of an embodiment of the method described in this specification;

FIG2 is a schematic diagram of an embodiment of a method for processing data using a temporary key during a contract creation process provided in this specification;

FIG3 is a schematic diagram of an implementation example of using a temporary key to process data during a contract creation process provided in this specification;

FIG4 is a flow chart of an embodiment of contract execution in a blockchain data processing method provided in this specification;

FIG5 is a schematic diagram of an implementation example of using a temporary key to process data during contract execution provided in this specification;

FIG6 is a schematic diagram of a processing flow of another embodiment of the method described in this specification;

FIG7 is a block diagram of the hardware structure of a blockchain data processing device according to an embodiment of the present invention;

FIG8 is a schematic diagram of the module structure of an embodiment of a blockchain data processing device provided in this specification.

DETAILED DESCRIPTION

To help those skilled in the art better understand the technical solutions in this specification, the following will provide a clear and complete description of the technical solutions in the embodiments of this specification, in conjunction with the accompanying drawings. Obviously, the described embodiments are only some of the embodiments in this specification, not all of them. All other embodiments obtained by those skilled in the art based on one or more embodiments in this specification without creative work should fall within the scope of protection of the embodiments of this specification.

Blockchain technology, also known as BT (Blockchain Technology), is an internet database technology characterized by decentralization, transparency, and data immutability. Blockchain technology has expanded beyond simple digital currency applications to encompass diverse sectors of the economy and society, including financial services, supply chain management, entertainment, real estate, healthcare, and e-commerce. Based on the characteristics of blockchain technology, multiple users, groups, or institutions can establish consortium blockchains or private chains, join them, and become members. Transaction data between members can be stored on the blockchain, such as the content of contracts signed off-chain.

It should be noted that the off-chain or subsequent on-chain operations described in the embodiments of this specification mainly refer to whether the data operations are performed on the blockchain. Operations outside the blockchain, such as offline users negotiating and signing contracts, certification agencies performing identity verification, issuing certificates, etc., can be off-chain related operations, and submitting public keys or certificates to the blockchain, verification of blockchain nodes, data storage, etc. can be on-chain related operations. For example, submitting data to the blockchain for storage can be called on-chain.

Traditional contracts are typically recorded on paper after the parties reach an agreement through negotiation and discussion. The contracts discussed in the embodiments of this specification can be stored digitally or in other computer data storage formats (such as quantum computers) on a blockchain. The contracts described in the embodiments of this specification can include contract creation and contract execution. Creation can involve one or more contract parties or a third party pre-drafting a standard contract, which can pre-define certain necessary rights and obligations. The specific content of the standard contract can be set and determined based on the cooperation needs of the parties. Once the standard contract is finalized, it can be stored on the blockchain after processing using a temporary key. The data corresponding to the standard contract can be referred to as creation data. Contract execution occurs when the contract parties add, modify, or update the contract content based on the standard contract to generate a new contract, or when the contract parties confirm the content and sign it to effectuate the contract. For example, contract parties A and B reach a consensus offline on the execution process of target contract T_C (a pre-created standard contract) to generate a new contract containing the new contract content. The content of the new contract can then be processed using a temporary key and stored on the blockchain. In one or more embodiments of this specification, blockchain nodes can participate in both contract creation and contract execution using temporary keys. FIG1 is a flow chart of an embodiment of a blockchain data processing method provided in this specification. Specifically, as shown in FIG1 , the method may include:

S0: Generate a temporary key for the target contract, where the temporary key includes a temporary public key and a temporary private key generated based on an asymmetric encryption algorithm.

Generally, a temporary key corresponding to a target contract can be generated by a contract participant, and different contract participants can each independently generate their own temporary keys. Of course, in other implementation schemes, the temporary keys of all or part of the contract participants can be distributed to the corresponding contract participants according to certain rules by a designated processing device. This situation in which the contract participant uses the received temporary key to act on the target contract can also be classified as a situation in which a temporary key of the target contract is generated (determined) for the contract participant processing terminal. The contract participants generally refer to the parties involved in the contract, such as the contract content involves participants A and B. This embodiment does not exclude that the contract participants can also include other parties allowed by the agreement, such as third parties, guarantors, regulators, etc. that are not involved in the contract business content. Contracts can have multiple forms of existence, such as the same contract participants can create different contracts, such as contract participants A and B can create contract T_C1, and can also create contract T_C2. Different partners of the same participant can create different contracts, such as contract participants A and B create contract T_C3, while contract participants A and D can create contract T_C4. For ease of description, in this embodiment, the contract processed by the contract participants can be called the target contract. Of course, the target contract can have other corresponding names as other subsequent processes, such as contract execution, status changes, etc.

In some embodiments of this specification, temporary keys may be used for encryption or signing related to contract processing, such as determining contract content and encrypting contracts. In this application scenario involving blockchain data processing, asymmetric encryption algorithms can be used to generate temporary keys, which can include temporary public keys and temporary private keys. Unlike symmetric encryption algorithms, asymmetric encryption algorithms require two keys: a public key and a private key, or simply a public key and a private key. The public key and private key form a pair. If data is encrypted with the public key, it can only be decrypted with the corresponding private key; if data is encrypted with the private key, it can only be decrypted with the corresponding public key. In some embodiments of this specification, the use of temporary keys primarily includes: decrypting data after encrypting it with a temporary public key, and verifying data after signing it with a temporary private key using a temporary public key. Algorithms used in asymmetric encryption include RSA, Elgamal, Knapsack, Rabin, D-H, and ECC (Elliptic Curve Cryptography).

S2: Generate blockchain data of the target contract on the blockchain based on the temporary key.

The target contract is processed using the temporary key, and the resulting blockchain data can be stored on the blockchain. For example, in one example, contract participants A and B each sign the agreed-upon target contract T_C1 using their own private keys and upload it to the blockchain. Alternatively, other data processing can be included based on the blockchain's data processing requirements, such as encrypting the contract and then signing it using the private keys of each contract participant, or uploading it to the blockchain along with the public keys of each contract participant.

The temporary key update method described in this specification can be customized. Generally, using a single temporary key pair for each contract can more effectively improve the security of blockchain data. For example, in some embodiments of this specification, the temporary key can be used to encrypt or sign related processes for a target contract. For example, contract participant A uses a different temporary key pair each time it processes a different target contract. In other embodiments, a single temporary key pair can be used multiple times. For example, contract participant A's temporary key pair is only valid for processing data from three contracts, requiring a new key pair for processing the fourth contract. Alternatively, in other embodiments, the temporary key can be updated based on the contract participants. For example, if contract participant A uses the same temporary keys PK1 and SK1 for multiple contracts with contract participant B, and a new contract participant C joins, meaning the contract involves parties A, B, and C, contract participant A must use new temporary keys PK2 and SK2, or the contract signed by contract participant A and contract participant C must use new temporary keys PK3 and SK3. Similarly, contract participants B or C can also implement the same temporary key update strategy as contract participant A. In the above, PK represents the public key, and SK represents the private key. In the following, TPK or tpk represents the temporary public key, and the corresponding TSK or tsk represents the temporary private key. For example, tpk_A can represent the temporary public key of contract participant A.

Therefore, in another embodiment of the method described in this specification, the temporary key may be:

S02: Performing a temporary key update based on at least one of different contract participants and different target contracts.

If there is a change in the parties to the contract or for different target contract contents, a new temporary public key and temporary private key can be generated. For example, in one example, when contract parties A and B sign different contracts, they can use different temporary key pairs. When contract parties A and B, or contract parties A and C sign the same contract, contract party A uses different temporary key pairs for A and B respectively. In addition, the different target contracts can include different contract contents, and can also include different contract signing times. For example, if the contract parties and contract contents remain unchanged, the temporary key can be updated when the contract data is processed at different times or different time periods. In one implementation scenario, facing different transaction participants, or changing the temporary key each time a transaction is made, it is difficult to associate transactions on the blockchain, which can effectively prevent illegal or breach of contract or other malicious data analysis of blockchain ledger data, and effectively improve the security of blockchain data.

In another embodiment, the temporary key can be replaced periodically according to a pre-set setting, such as the temporary key pair of each contract participant is replaced once a day. The replacement cycle can be pre-set uniformly, or different replacement frequencies can be set according to the authority of the contract participants (such as weight, identity of Party A or Party B, credit level, equity, etc.). For example, if contract participant A is an important asset manager, its temporary key pair is replaced once a day, and the temporary key pairs of its partners B and C are replaced once a week. Therefore, in another embodiment of the method described in this specification, the temporary key includes:

S04: Update the temporary key based on the preset replacement period.

In one example, temporary key update strategies based on the replacement cycle and the authority of the contract participants are both used. Contract participants with the same authority can be set to the same replacement cycle, or contract participants with the same authority can be set to different replacement cycles, such as Party A changes the temporary key pair once a day, Party B changes the temporary key pair once a week, and Party C changes the temporary key pair every three days.

In some embodiments of this specification, the updated key information may still continue to be retained in the blockchain node.

The embodiments of this specification use data information processed with a temporary key and then uploaded to the blockchain for storage, which can effectively ensure the secure processing of contract data by each contract participant off-chain, while improving the security of data storage in the blockchain.

The following describes the implementation scheme of this specification using another specific application scenario of contract creation as an example. Specifically, Figure 2 is a flow chart of an embodiment of the blockchain data processing method provided in this specification. Although this specification provides the method operation steps or device structure shown in the following embodiments or figures, the method or device may include more or fewer operation steps or module units after partial merger based on routine or no creative work. In steps or structures that do not logically have a necessary causal relationship, the execution order of these steps or the module structure of the device is not limited to the execution order or module structure shown in the embodiments or figures of this specification. When the method or module structure described is applied in actual devices, servers, or terminal products, it can be executed sequentially or in parallel according to the method or module structure shown in the embodiments or figures (for example, in a parallel processor or multi-threaded processing environment, or even in a distributed processing or server cluster implementation environment).

The contract creation may include the creation of the aforementioned format contract, and may also include the signing and confirmation of the formal contract. The subsequent process may also include the execution of the contract. Of course, the description of the following embodiment does not limit other technical solutions that can be expanded based on this specification. For example, other implementation scenarios may also include memoranda, contracts, regulations, reports, announcements, etc., which need to be stored on the blockchain by one party or both parties or multiple parties to update the blockchain node data. A specific embodiment is shown in Figure 2. In another embodiment of the method provided in this specification, the blockchain data includes the creation data of the target contract, and the creation data is determined in the following manner:

S20: The contract participants send each other the temporary public key generated by each of them;

S22: The contract participant uses the temporary private key of the local end to sign the data information including the target contract and the temporary public key of each contract participant, thereby generating first signature data corresponding to each contract participant;

S24: Encrypting the predetermined contract information using the supervisory key of the supervisor to generate an encrypted contract, wherein the predetermined contract information includes the target contract, the temporary public key of each contract participant, and the first signature data;

S26: After each contract participant signs the encrypted contract using a corresponding temporary private key, the creation data of the target contract is determined based on the signed data and the temporary public keys of the contract participants.

In the execution of S20 mentioned above, for the processing device of a unilateral contract participant, it can be understood as sending the temporary public key generated by this end to other contract participants. The other contract participants generally include contract participants involving the interests of both parties, or participants who sign the contract. Other embodiments may also include predetermined legal other participants. The generated creation data can be directly uploaded to the chain and stored in the blockchain as blockchain data, or it can be stored after other data processing before or after being uploaded to the chain. Figure 3 is a schematic diagram of an implementation example of using a temporary key for data processing during a contract creation process provided in this specification. As shown in Figure 3, it is assumed that the target contract involves two contract participants A and B. A and B are members of the alliance chain and hold corresponding certificates respectively. The certificate can prove that it is a legal member on the blockchain and can perform the creation, execution and other processing of the contract on the blockchain.

A and B can each independently generate their own temporary key pairs (tpk_A, tsk_A) and (tpk_B, tsk_B). The temporary public keys of both parties can be transmitted through an established end-to-end encrypted channel, such as an end-to-end encrypted channel based on the SSL (Secure Sockets Layer) protocol. This can further improve the security of data transmission. To support the end-to-end offline communication needs of two users on the blockchain, users (including contract participants) generally need to verify each other's identities and be able to communicate with the blockchain, query the other party's identity through the blockchain, and verify that they are legitimate blockchain users. A specific process may include the following:

(1) Users A and B can register their physical information and digital identity on the blockchain platform through a blockchain registration agency in the form of a smart contract or a non-smart contract. The blockchain platform verifies the signature of the registration agency. If it passes, A and B's physical information and digital identity are stored on the blockchain. The digital identity can include the user's public key and private key, and the physical information can include the user's name, ID card, and other information.

(2) User A and User B establish an encrypted channel. A and B first send each other’s digital identity summaries to the blockchain platform. After the platform verifies that A and B are legitimate users, it returns a confirmation message to A and B. Otherwise, it sends a negative message and the communication between A and B is terminated.

(3) To confirm B’s identity, A can obtain the query authorization from B (i.e., the signature of A’s query request) and submit the query request to the blockchain. B similarly performs the same step to submit a query to A.

(4) The blockchain platform verifies A and B’s query and authorization signatures, and if it finds that A and B are blockchain users, it sends A and B’s entity information to both parties. If A or B is not a blockchain user, a failure message is returned. Communication between A and B is terminated.

(5) After A and B verify each other's entity information, they use digital identities to establish an encrypted channel and exchange messages, such as exchanging temporary public keys.

After A and B exchange their temporary public keys, they can each use their own private key to sign the target contract's contract content, tpk_A, tpk_B, generating data signed by their respective private keys. This data is collectively referred to as the first signature data. Similarly, the signature of the target contract's contract content can also be referred to as the signature of the target contract. For example, A can use private key tsk_A to sign the target contract, tpk_A, tpk_B, generating A's first signature data sigA, while B can use private key tsk_B to sign the target contract, tpk_A, tpk_B, generating B's first signature data sigB. The first signature data can also be sent back and forth, such as A sending sigA to B.

In some embodiments, contract transactions can be supervised by regulators, who can review, audit, examine, and block contracts, and supervise illegal activities based on contracts. In some embodiments, the regulators can include legitimate regulatory agencies, such as national financial regulatory agencies such as the central bank and the China Securities Regulatory Commission, which can use regulatory keys to oversee blockchain transactions. In other embodiments, the regulators with regulatory power can be agreed upon in advance in the contract rules, such as one or more designated members, or in another embodiment, it can be agreed that if a predetermined number or proportion of members recognize a certain member, the member will have regulatory rights. Members who reach a predetermined number or proportion can form a member supervision group. For example, if there are 10 members in the blockchain, it can be predetermined that if 7 members or 70% of the members recognize member A, member A can serve as the regulator.

Therefore, in the implementation scenario of this embodiment, the supervisor's supervisory key can also be used to encrypt relevant information about the target contract. In this implementation scenario, the supervisor's supervisory key can be the public key of an asymmetric encryption algorithm. Of course, this specification does not exclude the possibility that in other embodiments, the supervisory key can be generated using other encryption algorithms. The information encrypted using the public key broadcast by the supervisor can include the target contract (contract content), the temporary public keys of all contract participants, the signature data of all contract participants, or even the certificates of all contract participants. For example, A uses the supervisory key key to encrypt (target contract, tpk_A, tpk_B, sigA, sigB, certA, certB) to generate an encrypted contract. The encrypted contract can be generated after processing by any contract participant. In this way, the supervisor can use its corresponding decryption key, such as a private key, to retrieve the target contract from the blockchain and verify whether the contract participants are illegal and whether the contract content is illegal, thereby supervising and regulating contracts on the blockchain. For example, if the supervisor decrypts the contract, reviews the contract content and the foreign partner, and discovers that the contract involves the illegal transfer of technology involving national defense patents, it can submit a blockchain transaction to block the contract. Of course, in other embodiments, if the transaction involving the target contract is visible to other blockchain member C, it can also be encrypted using C's public key. The processing method of using C's public key to encrypt and member C to decrypt and view the target contract using its own private key can refer to the processing of the supervisor above and will not be repeated here.

Before the generated encrypted contract is uploaded to the blockchain, each contract participant can sign the encrypted contract with a private key. The signed data together with the temporary public keys tpk_A and tpk_B of each contract participant are used as the creation data stored on the blockchain.

The creation data can be submitted to the blockchain for storage. Of course, the blockchain can also be provided with a smart contract platform, and the creation data can be submitted to the smart contract platform for management.

The above embodiment describes an implementation scenario where a contract is created and stored on a blockchain using a temporary key. The following describes an implementation scenario where a temporary key is used during contract execution. Figure 4 is a flow chart of an embodiment of contract execution in a blockchain data processing method provided in this specification. As shown in Figure 4, the blockchain data may also include contract execution data, and the contract execution data may be determined using the following method:

S40: Encrypting the determined new contract using the supervision key to generate an encrypted new contract, wherein the new contract is determined after the contract participants reach a consensus on the execution process of the target contract offline;

S42: Each contract participant may sign the encrypted new contract using the temporary private key corresponding to the encrypted new contract to generate second signature data;

S44: Based on the second signature data, encrypt the new contract and determine the contract execution data.

The execution process of the above S42 can be understood as, for the processing device of the contract participants, determining the signature of each contract participant on the encrypted new contract, and then determining the contract execution data based on the second signature data and the encrypted new contract. For example, after a contract participant determines that all other contract participants (including himself) have used a temporary private key to sign, the second signature data signed by each party and the encrypted new contract are determined as the contract execution data. The contract execution data can then be submitted to the blockchain. The temporary key corresponding to the encrypted new contract shown in the above S42 can be the same as the temporary key used when the target contract corresponding to the encrypted new contract was created, or it can be different. For example, when the new contract is signed and confirmed to update the contract content, the temporary key replacement cycle has been reached. At this time, the temporary key used when signing the encrypted new contract is different from the temporary key when the corresponding target contract was created and stored on the blockchain. The updated temporary key can be updated to the corresponding data in the blockchain by submitting a transaction.

Figure 5 is a schematic diagram of an implementation example provided in this specification for using a temporary key to process data during the execution of a contract. As shown in Figure 5, assume that the execution of a contract involves the interests of both parties A and B. A and B reach a consensus on the contract execution process offline, such as adding or modifying the contract content, to form a new contract v1. A or B encrypts the new contract using the supervisory key key to generate an encrypted new contract V1. Each contract participant can then use the temporary private key of the corresponding original target contract to sign. For example, A can use the temporary private key tsk_A used when establishing the target contract to sign, and then B can use the temporary private key tsk_B to sign. The data signed by all contract participants is uploaded to the blockchain together with the encrypted new contract. The data to be submitted to the blockchain, including the second signature data and the new contract, can be called contract execution data, or after being submitted to the blockchain for storage, it can also be called contract execution data. The same applies to the creation data of the target contract mentioned above. Unlike creating a new contract, A and B do not need to obtain the regulator's authorization when executing contract status transfers, such as contract changes, contract entry into force, contract interruption, and contract termination. Once the contract participants encrypt the contract or contract status transfer using the regulator's public key and then sign with their private keys to confirm the new contract or contract status transfer, the contract content and contract status will take effect. Unless otherwise specified, there is no need to obtain the regulator's authorization.

The above embodiments can be executed by the processing equipment of the contract participants, which may include a device that communicates with the server of the blockchain node, or be executed on the server of the blockchain node. Furthermore, after all new contracts encrypted with private key signatures are uploaded to the blockchain, the blockchain node can use the public key corresponding to the contract to verify the signature to determine the legality/compliance of the contract execution. For example, the smart contract platform on the blockchain can use the public keys tpk_A and tpk_B of the target contract participants corresponding to the encrypted new contract to verify the signature. If the verification passes, the stored target contract can be updated to the encrypted new contract. Therefore, for the processing equipment of the blockchain node, the method may also include:

S60: Using the public key corresponding to the target contract participant to perform signature verification on the contract execution data;

S62: If the signature verification passes, the stored target contract is updated to the encrypted new contract.

Based on the above description, this specification also provides another embodiment of the method for a processing device of a blockchain node, as shown in FIG6 , the method comprising:

S80: Receive and store creation data of the target contract, the creation data including a temporary key generated by the contract participants for the target contract, data information generated based on the temporary key and then processed and uploaded to the blockchain, the temporary key including a temporary public key and a temporary private key generated based on an asymmetric encryption algorithm; and

S82: receiving contract execution data;

S84: Using the public key corresponding to the target contract participant to perform signature verification on the contract execution data;

S86: If the signature verification passes, the stored target contract is updated to the encrypted new contract.

It should be noted that the above-mentioned embodiments of this specification can be implemented on the client of the blockchain or the server of the blockchain node. For example, the client uses a temporary key to process the creation and execution of the contract, the blockchain data stored on the server of the blockchain node is data processed using a temporary key, and the server uses the stored temporary public key to verify changes to the contract or state transfer, etc.

In this specification, the various embodiments of the above method are described in a progressive manner. The same or similar parts between the various embodiments can be referred to each other. Each embodiment focuses on the differences from other embodiments. For related parts, please refer to the partial description of the method embodiment.

The method embodiments provided in the embodiments of this application can be executed in a blockchain terminal, blockchain server, or similar computing device. Taking the example of a blockchain node device (which can be a client, a single server, or a server cluster), FIG7 is a hardware block diagram of a blockchain data processing device according to an embodiment of the present invention. As shown in FIG7 , the processing device 10 may include one or more (only one is shown) processors 102 (processor 102 may include, but is not limited to, a microprocessor MCU or a programmable logic device FPGA, etc.), a memory 104 for storing data, and a transmission module 106 for communication functions. Those skilled in the art will understand that the structure shown in FIG7 is merely illustrative and does not limit the structure of the electronic device described above. For example, the processing device 10 may include more or fewer components than shown in FIG7 , for example, other processing hardware such as a GPU (Graphics Processing Unit), or have a configuration different from that shown in FIG7 .

The memory 104 can be used to store software programs and modules of application software, such as the program instructions/modules corresponding to the search method in the embodiment of the present invention. The processor 102 executes various functional applications and data processing by running the software programs and modules stored in the memory 104, that is, to implement the processing method for displaying the content of the above-mentioned navigation interactive interface. The memory 104 may include a high-speed random access memory, and may also include a non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some instances, the memory 104 may further include a memory remotely located relative to the processor 102, and these remote memories may be connected to the processing device 10 via a network. Examples of the above-mentioned network include, but are not limited to, the Internet, an intranet, a local area network, a mobile communication network, and combinations thereof.

The transmission module 106 is configured to receive or transmit data via a network. A specific example of the aforementioned network may include a wireless network provided by the communications provider of the computer terminal 10. In one embodiment, the transmission module 106 includes a network interface controller (NIC), which can be connected to other network devices via a base station to enable communication with the Internet. In another embodiment, the transmission module 106 may be a radio frequency (RF) module, which is configured to communicate with the Internet wirelessly.

Based on the above-mentioned method for processing blockchain data, this specification also provides a blockchain data processing device. The device may include a system (including a distributed system), software (application), module, component, server, client, etc. using the method described in the embodiment of this specification and combined with necessary implementation hardware. Based on the same innovative concept, the processing device in one embodiment provided in this specification is as described in the following embodiment. Since the implementation scheme and method for solving the problem of the device are similar, the implementation of the specific processing device in the embodiment of this specification can refer to the implementation of the aforementioned method, and the repetitions will not be repeated. Although the device described in the following embodiments is preferably implemented in software, the implementation of hardware, or a combination of software and hardware, is also possible and conceived. Specifically, as shown in Figure 8, a blockchain data processing device may include:

A temporary key generation module 201 may be used to generate a temporary key for a target contract, wherein the temporary key includes a temporary public key and a temporary private key generated based on an asymmetric encryption algorithm;

The contract encryption signature processing module 202 can be used to generate the blockchain data of the target contract on the blockchain based on the temporary key.

It should be noted that the processing device described in the embodiments of this specification may also include other implementations according to the description of the relevant method embodiments. Specific implementations can refer to the description of the method embodiments and will not be described in detail here.

The device model identification method provided in the embodiments of this specification can be implemented in a computer by a processor executing corresponding program instructions, such as using the C++/Java language of the Windows/Linux operating system on a PC/server, or other application design languages corresponding to Android and iOS systems, with the necessary hardware, or based on the processing logic of a quantum computer. Specifically, in an embodiment of the above method implemented by a processing device provided in this specification, the processing device may include a processor and a memory for storing processor-executable instructions, and when the processor executes the instructions, the following is achieved:

Generate a temporary key for the target contract, wherein the temporary key includes a temporary public key and a temporary private key generated based on an asymmetric encryption algorithm;

Generate blockchain data of the target contract on the blockchain based on the temporary key.

Based on the description of the aforementioned method embodiment, in another embodiment of the apparatus, the temporary key is updated based on at least one of different contract participants and different target contracts.

Based on the description of the aforementioned method embodiment, in another embodiment of the device, the temporary key is updated based on a preset replacement period.

Based on the description of the aforementioned method embodiment, in another embodiment of the device, the processor performs the following steps to determine the creation data of the target contract:

Send the temporary public key generated by this end to other contract participants;

Using the temporary private key of the local end to sign the data information including the target contract and the temporary public key of each contract participant, to generate first signature data corresponding to each of the contract participants;

Encrypting the predetermined contract information using the supervisory key of the supervisor to generate an encrypted contract, the predetermined contract information including the target contract, the temporary public key of each contract participant, and the first signature data;

After it is determined that each contract participant uses the corresponding temporary private key to sign the encrypted contract, the creation data of the target contract is determined based on the signed data and the temporary public keys of the contract participants.

Based on the description of the foregoing method embodiment, in another embodiment of the device, the processor further performs:

The creation data is submitted to the blockchain.

Based on the description of the aforementioned method embodiment, in another embodiment of the device, the processor performs the following steps to determine the contract execution creation data:

Encrypting the determined new contract using the supervisory key to generate an encrypted new contract, wherein the new contract is determined after the contract participants reach a consensus on the execution process of the target contract offline;

Signing the encrypted new contract using the temporary private key corresponding to the target contract to generate second signature data;

After the signatures of the encrypted new contract by each contract participant are determined, the contract execution data is determined based on the second signature data and the encrypted new contract.

Based on the description of the foregoing method embodiment, in another embodiment of the device, the temporary public key sent by the processor includes using an established end-to-end encrypted channel for data transmission.

Another embodiment of the above-mentioned method implemented by a processing device provided in this specification can be applied to data processing on a blockchain, such as a server of a smart contract platform on a blockchain, or a blockchain node server. Specifically, in one embodiment, the processing device may include a processor and a memory for storing processor-executable instructions. When the processor executes the instructions, it can achieve the following:

Receiving and storing creation data of a target contract, the creation data including a temporary key generated by a contract participant for the target contract, generating data information of the target contract processed based on the temporary key and then uploaded to the blockchain, the temporary key including a temporary public key and a temporary private key generated based on an asymmetric encryption algorithm; and

Receive contract execution data;

Using the public key corresponding to the target contract participant to perform signature verification on the contract execution data;

If the signature verification is successful, the stored target contract is updated to the encrypted new contract.

The above instructions can be stored in a variety of computer-readable storage media. The computer-readable storage medium may include a physical device for storing information, which can digitize the information and then store it in a medium using electrical, magnetic or optical means. The computer-readable storage medium described in this embodiment may include: devices that use electrical energy to store information, such as various memories, such as RAM, ROM, etc.; devices that use magnetic energy to store information, such as hard disks, floppy disks, magnetic tapes, magnetic core memories, bubble memories, USB flash drives; devices that use optical means to store information, such as CDs or DVDs. Of course, there are other types of readable storage media, such as quantum memories, graphene memories, etc. The instructions in the device, server, client, or processing device or system described in this embodiment are the same as described above.

Based on the foregoing, an embodiment of this specification further provides a blockchain system. The system includes a blockchain terminal and a blockchain server, wherein the blockchain terminal and the blockchain server each include at least one processor for storing processor-executable instructions. When the processor of the blockchain terminal executes the instructions, the following are achieved:

Any steps in any embodiment of the method involved by the contract participants in the above method embodiment;

When the processor of the blockchain server executes the instructions, the following is achieved:

The method steps for on-chain data processing of any blockchain involved in the contract participants in the above method embodiment.

The blockchain terminal and blockchain node server may be a client/server architecture. In some implementation scenarios, the blockchain terminal and blockchain node server may be the same processing device.

It should be noted that the apparatus, processing device, terminal, server, and system described in the embodiments of this specification may also include other implementation methods according to the description of the relevant method embodiments. Specific implementation methods can refer to the description of the method embodiments and will not be described in detail here.

The various embodiments in this specification are described in a progressive manner. Similar portions between the various embodiments can be referenced to each other. Each embodiment focuses on the differences between the other embodiments. In particular, the hardware + program embodiments are generally similar to the method embodiments, so their description is relatively simple. For relevant portions, refer to the description of the method embodiments.

The foregoing description of this specification describes specific embodiments. Other embodiments are within the scope of the appended claims. In some cases, the actions or steps recited in the claims can be performed in an order different from that described in the embodiments and still achieve the desired results. Furthermore, the processes depicted in the accompanying drawings do not necessarily require the specific order shown or the sequential order to achieve the desired results. In certain embodiments, multitasking and parallel processing are also possible or may be advantageous.

The embodiments of this specification provide a blockchain data processing method, apparatus, processing device, and system. Contract participants can use temporarily generated secret keys to perform encryption processing related to the target contract, such as contract signing, encryption, and verification. Data processed with the temporary key is then uploaded to the blockchain for storage, effectively ensuring the secure processing of contract data by each contract participant off-chain while also improving the security of data storage within the blockchain.

Although the present application provides method operation steps as described in the embodiments or flowcharts, more or fewer operation steps may be included based on conventional or non-creative work. The order of steps listed in the embodiments is only one way of executing the steps among many steps and does not represent the only execution order. When the actual device or client product is executed, it can be executed in sequence or in parallel according to the method shown in the embodiments or the drawings (for example, in a parallel processor or multi-threaded processing environment).

Although the embodiments of this specification mention the data acquisition, definition, interaction, calculation, judgment, encryption and other operations and data descriptions such as SSL encrypted communication, contract establishment and execution, and encrypted signatures performed by public and private keys, the embodiments of this specification are not limited to the situations that must comply with industry communication standards, standard asymmetric encryption algorithms, communication protocols and standard data models/templates or the embodiments of this specification. Certain industry standards or slightly modified implementation plans based on the implementation described in the custom method or embodiment can also achieve the same, equivalent or similar, or predictable implementation effects after deformation of the above embodiments. The embodiments obtained by applying these modified or deformed data acquisition, storage, judgment, processing methods, etc. can still fall within the scope of the optional implementation plans of this specification.

In the 1990s, technological improvements could be clearly distinguished as either hardware improvements (for example, improvements to circuit structures like diodes, transistors, and switches) or software improvements (improvements to process flows). However, with the advancement of technology, many process flow improvements today can now be considered direct improvements to hardware circuit structures. Designers almost always create the corresponding hardware circuit structure by programming the improved process flow into the hardware circuit. Therefore, it cannot be said that a process flow improvement cannot be implemented using hardware modules. For example, a programmable logic device (PLD), such as a field programmable gate array (FPGA), is an integrated circuit whose logical function is determined by user programming. Designers can "integrate" a digital system on a PLD through their own programming, without having to hire a chip manufacturer to design and manufacture a dedicated integrated circuit chip. Moreover, nowadays, instead of manually fabricating integrated circuit chips, this programming is mostly done using "logic compiler" software. This is similar to the software compiler used when developing programs. Before compilation, the original code must also be written in a specific programming language, called a hardware description language (HDL). There is not just one HDL, but many, such as ABEL (Advanced Boolean Expression Language), AHDL (Altera Hardware Description Language), Confluence, CUPL (Cornell University Programming Language), HDCal, JHDL (Java Hardware Description Language), Lava, Lola, MyHDL, PALASM, RHDL (Ruby Hardware Description Language), etc. The most commonly used ones are VHDL (Very-High-Speed Integrated Circuit Hardware Description Language) and Verilog. Those skilled in the art will also understand that by simply programming the method flow in one of these hardware description languages and then programming it into an integrated circuit, a hardware circuit that implements the logic method flow can be easily obtained.

The controller can be implemented in any suitable manner. For example, the controller can take the form of a microprocessor or processor and a computer-readable medium storing computer-readable program code (e.g., software or firmware) executable by the (micro)processor, logic gates, switches, application-specific integrated circuits (ASICs), programmable logic controllers, and embedded microcontrollers. Examples of controllers include, but are not limited to, the following microcontrollers: ARC 625D, Atmel AT91SAM, Microchip PIC18F26K20, and Silicone Labs C8051F320. The memory controller can also be implemented as part of the control logic of the memory. Those skilled in the art will also know that in addition to implementing the controller in a purely computer-readable program code format, the controller can be implemented in the form of logic gates, switches, application-specific integrated circuits, programmable logic controllers, and embedded microcontrollers by logically programming the method steps. Therefore, such a controller can be considered a hardware component, and the devices included therein for implementing various functions can also be considered as structures within the hardware component. Or even, the devices for implementing various functions can be considered as both software modules that implement the method and structures within the hardware component.

The systems, devices, modules, or units described in the above embodiments may be implemented by computer chips or entities, or by products having certain functions. A typical implementation device is a computer. Specifically, the computer may be, for example, a personal computer, a laptop computer, an in-vehicle human-computer interaction device, a cellular phone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.

Although the present specification embodiment provides the method operation steps as described in the embodiment or flow chart, more or less operation steps may be included based on conventional or non-creative means. The order of steps listed in the embodiment is only one way in the order of execution of many steps and does not represent a unique execution order. When the device or terminal product in practice is executed, it can be performed in sequence or in parallel according to the method shown in the embodiment or the accompanying drawings (such as a parallel processor or a multi-threaded processing environment, or even a distributed data processing environment). The term "comprise", "comprising" or any other variant thereof is intended to cover non-exclusive inclusion, so that the process, method, product or equipment including a series of elements not only include those elements, but also include other elements not clearly listed, or also include elements inherent to such process, method, product or equipment. In the absence of more restrictions, it is not excluded that there are other identical or equivalent elements in the process, method, product or equipment including the elements.

For the convenience of description, the above devices are described in terms of functions divided into various modules. Of course, when implementing the embodiments of this specification, the functions of each module can be implemented in the same or multiple software and/or hardware, or the modules that implement the same function can be implemented by a combination of multiple sub-modules or sub-units, etc. The device embodiments described above are merely schematic. For example, the division of the units is only a logical function division. In actual implementation, there may be other division methods, such as multiple units or components can be combined or integrated into another system, or some features can be ignored or not executed. Another point is that the mutual coupling or direct coupling or communication connection shown or discussed can be an indirect coupling or communication connection through some interfaces, devices or units, which can be electrical, mechanical or other forms.

Those skilled in the art will also appreciate that, in addition to implementing the controller in pure computer-readable program code, it is entirely possible to implement the same functionality by logically programming the method steps in the form of logic gates, switches, application-specific integrated circuits, programmable logic controllers, embedded microcontrollers, and the like. Therefore, such a controller can be considered a hardware component, and the devices included therein for implementing various functions can also be considered structures within the hardware component. Alternatively, the devices for implementing various functions can be considered both software modules implementing the method and structures within the hardware component.

The present invention is described with reference to the flowcharts and/or block diagrams of the methods, devices (systems), and computer program products according to embodiments of the present invention. It should be understood that each process and/or box in the flowchart and/or block diagram, as well as the combination of processes and/or boxes in the flowchart and/or block diagram, can be implemented by computer program instructions. These computer program instructions can be provided to a processor of a general-purpose computer, a special-purpose computer, an embedded processor, or other programmable data processing device to produce a machine, so that the instructions executed by the processor of the computer or other programmable data processing device produce a device for implementing the functions specified in one or more processes in the flowchart and/or one or more boxes in the block diagram.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing device to operate in a specific manner, so that the instructions stored in the computer-readable memory produce a product including an instruction device that implements the functions specified in one or more processes in the flowchart and/or one or more boxes in the block diagram.

These computer program instructions can also be loaded onto a computer or other programmable data processing device so that a series of operating steps are executed on the computer or other programmable device to produce a computer-implemented process, so that the instructions executed on the computer or other programmable device provide steps for implementing the functions specified in one or more processes in the flowchart and/or one or more boxes in the block diagram.

In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

Memory may include non-permanent storage in a computer-readable medium, random access memory (RAM) and/or non-volatile memory in the form of read-only memory (ROM) or flash RAM. Memory is an example of a computer-readable medium.

Computer-readable media includes permanent and non-permanent, removable and non-removable media that can be implemented by any method or technology to store information. The information can be computer-readable instructions, data structures, program modules or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technology, compact disc read-only memory (CD-ROM), digital versatile disc (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices or any other non-transmission media that can be used to store information that can be accessed by a computing device. As defined herein, computer-readable media does not include transitory computer-readable media (transitory media), such as modulated data signals and carrier waves.

Those skilled in the art will appreciate that the embodiments of this specification may be provided as methods, systems, or computer program products. Therefore, the embodiments of this specification may take the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Furthermore, the embodiments of this specification may take the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to magnetic disk storage, CD-ROM, optical storage, etc.) containing computer-usable program code.

Embodiments of this specification may be described in the general context of computer-executable instructions executed by a computer, such as program modules. Generally, program modules include routines, programs, objects, components, data structures, and the like that perform specific tasks or implement specific abstract data types. Embodiments of this specification may also be practiced in distributed computing environments where tasks are performed by remote processing devices connected via a communications network. In distributed computing environments, program modules may be located in local and remote computer storage media, including storage devices.

The various embodiments in this specification are described in a progressive manner. Similar or identical parts between the various embodiments can be referenced across them. Each embodiment focuses on the differences from the other embodiments. In particular, since the system embodiments are generally similar to the method embodiments, their description is relatively simple. For relevant parts, reference can be made to the description of the method embodiments. Throughout this specification, reference to the terms "one embodiment," "some embodiments," "example," "specific example," or "some examples" means that the specific features, structures, materials, or characteristics described in conjunction with that embodiment or example are included in at least one embodiment or example of the embodiments in this specification. In this specification, the schematic representations of these terms do not necessarily refer to the same embodiment or example. Furthermore, the specific features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, those skilled in the art may combine and integrate the different embodiments or examples, and features of different embodiments or examples, described in this specification, without conflict.

The above description is merely an example of the embodiments of this specification and is not intended to limit the embodiments of this specification. For those skilled in the art, various modifications and variations of the embodiments of this specification are possible. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and principles of the embodiments of this specification shall be included within the scope of the claims of the embodiments of this specification.

Claims (15)

1. A blockchain data processing method, the method comprising: Generate a temporary key for the target contract, the temporary key including a temporary public key and a temporary private key generated based on an asymmetric encryption algorithm; Generate blockchain data of the target contract on the blockchain based on the temporary key; The blockchain data includes the creation data of the target contract, and the creation data is determined in the following manner: Send the temporary public key generated on this end to other contract participants; The temporary private key of the local end is used to sign the data information including the target contract and the temporary public keys of each contract participant, thereby generating the first signature data corresponding to each contract participant; The regulatory key of the regulator is used to encrypt the pre-contract information to generate an encrypted contract. The pre-contract information includes the target contract, the temporary public keys of each contract participant, and the first signature data. After each contract participant signs the encrypted contract using their respective temporary private key, the creation data of the target contract is determined based on the signed data and the temporary public keys of the contract participants. 2. The method of claim 1, wherein the temporary key is updated based on at least one of different contract participants and different target contracts. 3. The method as described in claim 1, wherein the temporary key is updated based on a preset replacement cycle. 4. The method of claim 1, further comprising: The creation data is submitted to the blockchain for storage. 5. The method of claim 1, wherein the blockchain data further includes contract execution data, and the contract execution data is determined in the following manner: The new contract is encrypted using the regulatory key to generate an encrypted new contract. The new contract is determined by the contract participants after reaching a consensus offline on the execution process of the target contract. The encrypted new contract is signed using the temporary private key corresponding to the encrypted new contract to generate second signature data; After confirming the signatures of each contract participant on the encrypted new contract, contract execution data is determined based on the second signature data and the encrypted new contract. 6. The method of claim 1, wherein the temporary public key sent includes data transmission using an established end-to-end encrypted channel. 7. A blockchain data processing method, the method comprising: The system receives and stores creation data for a target contract, including a temporary key generated by the contract participants, and generates data information based on the temporary key to process the target contract before uploading it to the blockchain. The temporary key includes a temporary public key and a temporary private key generated based on an asymmetric encryption algorithm. Receive contract execution data; The contract execution data is signed and verified using the public key corresponding to the target contract participant. If the signature verification passes, the stored target contract will be updated to a new encrypted contract; The creation data is determined in the following manner: Send the temporary public key generated on this end to other contract participants; The temporary private key of the local end is used to sign the data information including the target contract and the temporary public keys of each contract participant, thereby generating the first signature data corresponding to each contract participant; The regulatory key of the regulator is used to encrypt the pre-contract information to generate an encrypted contract. The pre-contract information includes the target contract, the temporary public keys of each contract participant, and the first signature data. After each contract participant signs the encrypted contract using their respective temporary private key, the creation data of the target contract is determined based on the signed data and the temporary public keys of the contract participants. 8. A blockchain data processing device, the device comprising: A temporary key generation module is used to generate a temporary key for the target contract, wherein the temporary key includes a temporary public key and a temporary private key generated based on an asymmetric encryption algorithm; A contract encryption and signature processing module is used to generate blockchain data of the target contract on the blockchain based on the temporary key; The blockchain data includes the creation data of the target contract, and the creation data is determined in the following manner: The contract participant sends the temporary public key generated on its own end to the other contract participants; The contract participants use their own temporary private keys to sign data information including the target contract and the temporary public keys of each contract participant, generating first signature data corresponding to each contract participant. The regulatory key of the regulator is used to encrypt the pre-contract information to generate an encrypted contract. The pre-contract information includes the target contract, the temporary public keys of each contract participant, and the first signature data. After each contract participant signs the encrypted contract using their respective temporary private key, the creation data of the target contract is determined based on the signed data and the temporary public keys of the contract participants. 9. A blockchain data processing device, the blockchain data processing device comprising a processor and a memory for storing processor-executable instructions, wherein the processor, when executing the instructions, implements: Generate a temporary key for the target contract, the temporary key including a temporary public key and a temporary private key generated based on an asymmetric encryption algorithm; Generate blockchain data of the target contract on the blockchain based on the temporary key; The processor performs the following steps to determine the creation data of the target contract: Send the temporary public key generated on this end to other contract participants; The temporary private key of the local end is used to sign the data information including the target contract and the temporary public keys of each contract participant, thereby generating the first signature data corresponding to each contract participant; The regulatory key of the regulator is used to encrypt the pre-contract information to generate an encrypted contract. The pre-contract information includes the target contract, the temporary public keys of each contract participant, and the first signature data. After each contract participant signs the encrypted contract using their respective temporary private key, the creation data of the target contract is determined based on the signed data and the temporary public keys of the contract participants. 10. The blockchain data processing device as described in claim 9, wherein the temporary key is updated based on at least one of different contract participants and different target contracts. 11. The blockchain data processing device as described in claim 9, wherein the temporary key is updated based on a preset replacement cycle. 12. The blockchain data processing device of claim 9, wherein the processor further performs: Submit the creation data to the blockchain. 13. The blockchain data processing device of claim 9, wherein the processor performs the following steps to determine contract execution creation data: The new contract is encrypted using the regulatory key to generate an encrypted new contract. The new contract is determined by the contract participants after reaching a consensus offline on the execution process of the target contract. The encrypted new contract is signed using the temporary private key corresponding to the encrypted new contract to generate second signature data; After confirming the signatures of each contract participant on the encrypted new contract, contract execution data is determined based on the second signature data and the encrypted new contract. 14. The blockchain data processing device of claim 9, wherein the temporary public key sent by the processor includes data transmission using an established end-to-end encrypted channel. 15. A blockchain system, comprising a blockchain terminal and a blockchain server, wherein the blockchain terminal and the blockchain server each include at least one processor and a memory for storing processor-executable instructions, wherein the processor of the blockchain terminal executes the instructions to achieve: The method steps according to any one of claims 1-6; When the processor of the blockchain server executes the instructions, it implements the steps of the method described in claim 7.