[go: up one dir, main page]

WO2020063354A1 - Block chain private key storage and recovery method, device and system - Google Patents

Block chain private key storage and recovery method, device and system Download PDF

Info

Publication number
WO2020063354A1
WO2020063354A1 PCT/CN2019/105466 CN2019105466W WO2020063354A1 WO 2020063354 A1 WO2020063354 A1 WO 2020063354A1 CN 2019105466 W CN2019105466 W CN 2019105466W WO 2020063354 A1 WO2020063354 A1 WO 2020063354A1
Authority
WO
WIPO (PCT)
Prior art keywords
sub
private key
storage device
blockchain
blockchain private
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2019/105466
Other languages
French (fr)
Chinese (zh)
Inventor
雷超然
李伟
胡建东
张康宗
史国芸
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Kingsoft Internet Security Software Co Ltd
Original Assignee
Beijing Kingsoft Internet Security Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from CN201811142961.0A external-priority patent/CN109088729B/en
Priority claimed from CN201811141408.5A external-priority patent/CN109240858A/en
Priority claimed from CN201811141594.2A external-priority patent/CN109308609B/en
Priority claimed from CN201811141434.8A external-priority patent/CN109302284B/en
Priority claimed from CN201811143070.7A external-priority patent/CN109389397B/en
Priority claimed from CN201811141586.8A external-priority patent/CN109379184A/en
Application filed by Beijing Kingsoft Internet Security Software Co Ltd filed Critical Beijing Kingsoft Internet Security Software Co Ltd
Publication of WO2020063354A1 publication Critical patent/WO2020063354A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords

Definitions

  • the present application relates to the field of data storage technology, and in particular, to a method, a device, and a system for storing and recovering a private key of a blockchain.
  • Blockchain technology has gained important applications and developments. It is a new application model of computer technologies such as distributed data storage, point-to-point transmission, consensus mechanisms, and encryption algorithms.
  • Blockchain is an important concept of Bitcoin. It is essentially a de-intermediate database and at the same time serves as the underlying technology of Bitcoin.
  • Blockchain is a series of data blocks generated by using cryptographic methods. Each data block contains information about a Bitcoin network transaction, which is used to verify the validity of the information and generate the next block.
  • users can own one or more virtual wallets as wallets that store virtual currency owned by users. Each virtual wallet corresponds to a blockchain private key, which is used for virtual currency transactions after users log in to the virtual wallet.
  • the blockchain private key After the user obtains the blockchain private key, it can be stored in electronic devices such as mobile phones, but once the electronic devices such as mobile phones that store the blockchain private key are lost or information is stolen, the blockchain private key will be Loss has a significant impact on the user's property safety.
  • the purpose of the embodiments of the present application is to provide a method, a device, and a system for storing and recovering a private key of a blockchain, so as to improve the storage security of the private key of the blockchain and reduce the loss or theft of the private key of the blockchain Damage caused by property.
  • Specific technical solutions are as follows:
  • an embodiment of the present application provides a method for storing a blockchain private key, and the method includes:
  • each storage medium stores a third preset number of sub-blockchain private keys, the third preset number is greater than 1 and Less than the first preset number, the sub-blockchain private keys stored in each storage medium are not exactly the same.
  • the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset method includes:
  • the step of storing the sub-blockchain private key in a second preset number of storage media includes:
  • the sub-blockchain private keys are respectively stored in a second preset number of storage media.
  • the method before the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys in a preset manner, the method further includes:
  • a first preset number and a second preset number set by a user based on the number setting prompt information are acquired.
  • the storage media are different storage media in the same physical device
  • the storage medium is a storage medium in different physical devices
  • Some of the storage media are different storage media in the same physical device, and the rest are storage media in different physical devices.
  • the second preset number is 3, and the storage medium is a storage medium in the terminal device, a storage medium in the first storage device, and a storage medium in the second storage device;
  • the step of storing the sub-blockchain private key in a second preset number of storage media includes:
  • sub-blockchain private keys determine the first number of sub-blockchain private keys as the first sub-blockchain private key, and determine the second number of sub-blockchain private keys as the second sub-block.
  • Blockchain private key determine the third number of subblockchain private keys as the third subblockchain private key;
  • the blockchain private key is stored locally.
  • the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset method includes:
  • the steps of storing the three sub-blockchain private keys locally include:
  • the first sub-blockchain private key is sent to the first storage device for storage
  • the second sub-blockchain private key is sent to the second storage device for storage
  • the step of storing the third private blockchain private key locally includes:
  • the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset method includes:
  • the steps of storing the three sub-blockchain private keys locally include:
  • the first sub-blockchain private key is sent to the first storage device for storage
  • the second sub-blockchain private key is sent to the second storage device for storage.
  • the steps of storing the third private blockchain private key locally include:
  • the method before the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys in a preset manner, the method further includes:
  • Optional methods for verifying the target storage device include:
  • the target storage device sends verification information for encryption processing using a preset key to the target storage device, so that the target storage device decrypts the received verification information by using the preset verification information stored locally to obtain the preset A key, which uses the preset key to encrypt a locally stored target identifier to obtain an encrypted identifier, wherein the target storage device is the first storage device or the second storage device;
  • the encrypted identifier decrypting the encrypted identifier by using the preset key, obtaining the decrypted identifier to be matched, matching the identifier to be matched with the preset identifier, and if matching, determining whether to The target storage device is successfully verified, wherein the preset identifier is a pre-stored identifier corresponding to the target storage device.
  • an embodiment of the present application provides a method for recovering a private key of a blockchain, which is applied to a terminal device.
  • the method includes:
  • a sub-blockchain private key stored therein is obtained from a fourth preset number of storage media of the second preset number of storage media, where each storage medium A third preset number of sub-blockchain private keys are stored in the first preset number of sub-blockchain private keys, and the sub-blockchain private keys stored in each storage medium are not completely the same, and the sub-areas
  • the blockchain private key is obtained by dividing the blockchain private key to be stored in a preset manner, and the third preset number is less than the second preset number;
  • the blockchain private key to be stored is obtained as the target private blockchain key.
  • the step of recovering the private blockchain private key to be stored according to the obtained private blockchain private key includes:
  • the obtained sub-blockchain private key is recovered to obtain the blockchain private key to be stored.
  • the blockchain private key acquisition instruction is a transaction confirmation instruction for a transaction
  • the method further includes:
  • the transaction is confirmed based on the target blockchain private key.
  • the second preset number is 3, and the storage medium is a storage medium in the terminal device, a storage medium in the first storage device, and a storage medium in the second storage device;
  • the step of obtaining a stored private blockchain private key from a fourth preset number of storage media from the second preset number of storage media includes:
  • the step of recovering the blockchain private key to be stored according to the obtained private blockchain private key includes:
  • the private blockchain private key stored locally and the target private blockchain private key are used to recover the private blockchain private key to be stored.
  • the step of obtaining the sub-blockchain private key stored in the first storage device as the target sub-blockchain private key includes:
  • the first storage device is not electrically connected to the second storage device, obtaining a sub-blockchain private key stored in the first storage device as a target sub-blockchain private key;
  • the first storage device is electrically connected to the second storage device, when the second identification of the second storage device is recorded in the terminal device, the first storage device or the first storage device is obtained.
  • the sub-blockchain private key stored in the second storage device is used as the target sub-blockchain private key.
  • the step of obtaining the sub-blockchain private key stored in the first storage device or the second storage device includes:
  • the method further includes:
  • the first identifier is not recorded, obtaining a second identifier of a second storage device that is electrically connected to the first storage device;
  • the sub-blockchain private key stored in the second storage device is obtained as the target sub-blockchain private key.
  • the method further includes:
  • first storage device If the first storage device is not electrically connected to the second storage device, prompting the user to establish an electrical connection between the first storage device and the second storage device;
  • the step of obtaining a second identity of the second storage device electrically connected to the first storage device is triggered.
  • the method further includes:
  • the user is prompted to replace the second storage device that is electrically connected to the first storage device.
  • an embodiment of the present application provides a method for recovering a private key of a blockchain, which is applied to a terminal device.
  • the method includes:
  • a target storage medium is determined from a second preset number of storage media, where each storage medium stores a third preset number of the first preset number of sub-blockchain private keys Sub-blockchain private keys, the sub-blockchain private keys stored in each storage medium are not exactly the same, and the sub-blockchain private keys are obtained by dividing the block chain private keys to be stored in a preset manner ,
  • the fourth preset number is less than the second preset number
  • the sub-blockchain private key stored in the non-target storage medium among the second preset number of storage media is used to recover the sub-blockchain private key required to be stored in the target storage medium.
  • the second preset number is 3, and the storage medium is a storage medium in the terminal device, a storage medium in the first storage device, and a storage medium in the second storage device;
  • the step of determining a target storage medium from the second preset number of storage media includes:
  • a device to be restored among itself, the first storage device, and the second storage device is determined as a target device.
  • the step of determining, based on the first identifier and the second identifier, one device of data to be recovered among itself, the first storage device, and the second storage device, as a target device includes: :
  • the second storage device is a target device of data to be recovered
  • the second identifier is recorded and the first identifier is not recorded, determining that the first storage device is a target device of data to be recovered;
  • the second identifier and the first identifier are not recorded, it is determined that it is the target device of the data to be recovered.
  • the step of determining the second storage device as a target device of data to be recovered includes:
  • the second storage device is an initialization device, it is determined that the second storage device is a target device of data to be recovered.
  • the method further includes:
  • the user is prompted to establish a communication connection with the first storage device, and the user is prompted to electrically connect the first storage device to the second storage device.
  • an embodiment of the present application provides a storage system for a private key of a blockchain, the system includes a first storage device and a second storage device, and the first storage device is connected to the second storage device;
  • the first storage device is configured to store a first sub-blockchain private key, and the first sub-blockchain private key includes: a first obtained by dividing the private key of the blockchain to be stored in a preset manner; The third preset number of sub-blockchain private keys among the preset number of sub-blockchain private keys;
  • the second storage device is configured to store a second sub-blockchain private key, and the second sub-blockchain private key includes: a first obtained by dividing the private key of the blockchain to be stored in a preset manner; The third preset number of sub-blockchain private keys among the preset number of sub-blockchain private keys;
  • the first preset number is not less than 3
  • the third preset number is greater than 1 and less than the first preset number
  • the first sub-blockchain private key includes a sub-blockchain private key.
  • the sub-blockchain private key included in the second sub-blockchain private key is not exactly the same, the first sub-blockchain private key and the second sub-blockchain private key can obtain the to-be-stored Key.
  • the system further includes a terminal device
  • the terminal device is configured to obtain the blockchain private key to be stored, and divide the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset manner, and determine The first storage device, the second storage device, and the sub-blockchain private key corresponding to itself, storing the sub-blockchain private key corresponding to itself locally, The sub-blockchain private key corresponding to the storage device is sent to the first storage device as the first sub-blockchain private key and the second sub-blockchain private key, respectively;
  • the first storage device is specifically configured to receive the first sub-blockchain private key and the second sub-blockchain private key sent by the terminal device, save the first sub-blockchain private key, and Sending the second sub-blockchain private key to the second storage device;
  • the second storage device is specifically configured to receive and save the second sub-blockchain private key.
  • the first storage device is electrically connected to the second storage device through a universal serial bus USB interface;
  • the first storage device is specifically configured to send the second sub-blockchain private key to the second storage device through the USB interface.
  • the terminal device is specifically configured to use the wireless communication method to use the private key of the sub-blockchain corresponding to the first storage device and the second storage device as the first sub-blockchain private key, respectively.
  • the key and the second sub-blockchain private key are sent to the first storage device.
  • the wireless communication method includes a Bluetooth communication method or a short-range wireless communication NFC communication method.
  • the first storage device includes a transceiver module and a storage module; the transceiver module is electrically connected to the storage module;
  • the receiving module is configured to receive the first sub-blockchain private key and the second sub-blockchain private key sent by the terminal device, and send the second sub-blockchain private key to all Mentioned second storage device;
  • the storage module is configured to store the first sub-blockchain private key.
  • the first storage device further includes a power supply module and a flash module; the hair extension module, the storage module, and the flash module are electrically connected to the power supply module;
  • the power supply module is configured to supply power to the hair extension module, the storage module, and the flash module;
  • the flash module is configured to activate a flash when a flash start instruction is received.
  • the first storage device further includes a display screen
  • the display screen is used to display at least one of the remaining power of the power supply module, identification information of the terminal device, and a transaction amount of a digital currency transaction performed by the terminal device.
  • an embodiment of the present application provides a terminal device including a processor, a communication interface, a memory, and a communication bus, wherein the processor, the communication interface, and the memory complete communication with each other through the communication bus;
  • the processor is configured to implement any one of the method for storing the private key of the blockchain or the method for recovering the private key of the blockchain when the program stored in the memory is executed.
  • an embodiment of the present application further provides a computer-readable storage medium, characterized in that a computer program is stored in the computer-readable storage medium, and when the computer program is executed by a processor, any one of the foregoing is implemented.
  • an embodiment of the present application further provides a computer program, wherein the computer program is configured to execute, when running, any one of the method for storing a private key of a blockchain, or a blockchain Steps to recover the private key.
  • the terminal device first obtains the private blockchain private key to be stored, and divides the private private blockchain key to be stored into a first preset number of sub-blockchain private keys according to a preset method.
  • the first preset number is not less than 3, and then the sub-blockchain private keys are stored in a second preset number of storage media, where each storage medium stores a third preset number of sub-blockchain private keys.
  • the third preset number is greater than 1 and less than the first preset number, and the sub-blockchain private keys stored in each storage medium are not exactly the same.
  • FIG. 1 is a flowchart of a method for storing a blockchain private key according to an embodiment of the present application
  • FIG. 2 is a flowchart of a method for determining a first quantity, that is, a second quantity, based on the embodiment shown in FIG. 1;
  • FIG. 3 is a flowchart of a first method for recovering a private key of a blockchain provided by an embodiment of the present application
  • FIG. 4 is another flowchart of a method for recovering a private key of a blockchain based on the embodiment shown in FIG. 3;
  • FIG. 5 is a flowchart of a second method for recovering a private key of a blockchain according to an embodiment of the present application
  • FIG. 6 is another flowchart of a method for recovering a private key of a blockchain based on the embodiment shown in FIG. 5;
  • FIG. 7 is a schematic structural diagram of a blockchain private key storage system according to an embodiment of the present application.
  • FIG. 8 is a schematic structural diagram of a blockchain private key storage system based on the embodiment shown in FIG. 7;
  • FIG. 9 is another schematic structural diagram of a blockchain private key storage system based on the embodiment shown in FIG. 7; FIG.
  • FIG. 10 is another schematic structural diagram of a blockchain private key storage system based on the embodiment shown in FIG. 7; FIG.
  • FIG. 11 is another schematic structural diagram of a blockchain private key storage system based on the embodiment shown in FIG. 7; FIG.
  • FIG. 12 is another schematic structural diagram of a blockchain private key storage system based on the embodiment shown in FIG. 7; FIG.
  • FIG. 13 is a signaling interaction diagram of a storage method of a blockchain private key based on the embodiment shown in FIG. 9; FIG.
  • FIG. 14 is a signaling interaction diagram of a method for recovering a private key of a blockchain based on the embodiment shown in FIG. 9; FIG.
  • 15 is a schematic structural diagram of a blockchain private key storage device according to an embodiment of the present application.
  • FIG. 16 is a schematic structural diagram of a first blockchain private key recovery device according to an embodiment of the present application.
  • FIG. 17 is a schematic structural diagram of a second blockchain private key recovery device according to an embodiment of the present application.
  • FIG. 18 is a schematic structural diagram of a terminal device according to an embodiment of the present application.
  • the embodiments of the present application provide a method and device for storing and recovering the private key of the blockchain. , System, terminal device and computer-readable storage medium.
  • a method for storing a blockchain private key provided in the embodiments of the present application can be applied to any terminal device, such as a mobile phone, a computer, a tablet computer, a processor, and the like, and is not specifically limited herein.
  • a method for storing a blockchain private key is applied to a terminal device, and the method includes:
  • the first preset number is not less than three.
  • Each storage medium stores a third preset number of sub-blockchain private keys, the third preset number is greater than 1 and less than the first preset number, and the sub-blockchain private keys stored in each storage medium Not exactly the same.
  • the terminal device first obtains the private key of the blockchain to be stored, and divides the private key of the blockchain to be stored into a first preset number of sub-blockchain private keys in a preset manner. Key, where the first preset number is not less than 3, and then the sub-blockchain private key is stored in a second preset number of storage media, where each storage medium stores a third preset number of sub-blockchain private keys Key, the third preset number is greater than 1 and less than the first preset number, and the sub-blockchain private keys stored in each storage medium are not exactly the same.
  • the terminal device can obtain the blockchain private key as the blockchain private key to be stored.
  • the terminal device can display the blockchain storage prompt information, and the user can determine the area to be stored based on the blockchain private key storage prompt information.
  • Blockchain private key For example, the terminal device may display an OK storage button, and when the user clicks the OK storage button, the terminal device may determine that the private blockchain private key currently obtained by the user is the private blockchain private key to be stored.
  • the terminal device can preset a memory area for realizing the storage of the private key of the blockchain.
  • the memory area can display the blockchain storage prompt information.
  • the functional area can be opened, and the terminal device can display the blockchain storage prompt information, and the user can determine the blockchain private key to be stored based on the blockchain private key storage prompt information.
  • the terminal device may display an input box, and the user may input the private key of the blockchain to be stored by clicking the input box.
  • the terminal device may obtain the private blockchain key to be stored from other terminal devices that are communicatively connected to the terminal device.
  • the terminal device is a computer
  • a user can send the blockchain private key stored in the mobile phone to the computer, and then the computer can obtain the blockchain private key, which is the blockchain private key to be stored.
  • the terminal device can also obtain the private key of the blockchain to be stored in other reasonable ways, which is not specifically limited here.
  • the terminal device may perform the above step S102, that is, the blockchain private key to be stored is divided into a first preset number of sub-blockchain private keys according to a preset method.
  • the first number is generally not less than three. For example, it can be 3, 5, 10, etc., which is not specifically limited herein.
  • the key to be stored is the key to be stored, that is, the private key of the blockchain to be stored.
  • the rules for decomposing the stored keys can be customized.
  • the keys to be stored can be evenly decomposed according to the key length of the key to be stored, that is, the key length of each sub-blockchain private key obtained after the decomposition process is the same. For example, if the key length of the key to be stored is 90 bits and the first target number is 3, then the 90-bit key to be stored is averagely decomposed to obtain 3 sub-blockchain private keys, each of which is a sub-block
  • the key length of the blockchain private key is 30 bits.
  • the storage key to be treated can also be randomly decomposed, that is, the key length of each sub-blockchain private key obtained may be different. For example, if the key length of the to-be-stored key is 68 bits and the first target number is 3, then the 68-bit to-be-stored key is randomly decomposed to obtain subkey 1, subkey 2, and subkey. 3, where the key length of subkey 1 is 10 bits, the key length of subkey 2 is 20 bits, and the key length of subkey 3 is 38 bits.
  • the rules for decomposing and processing the storage key are not limited to the above two implementations, and are not limited here.
  • the terminal device can store the sub-blockchain private keys in the second preset number of storage media respectively, that is, execute Step S103.
  • the storage medium is a storage space that can store data, for example, it can be a memory in an electronic device.
  • each storage medium stores a third preset number of sub-blockchain private keys.
  • the third preset number is greater than 1 and less than the first.
  • a preset number That is, a part of the sub-blockchain private key is stored in each storage medium, instead of all the sub-blockchain private keys.
  • the number of sub-blockchain private keys stored in each storage medium is greater than 1, not each Only one sub-blockchain private key is stored in the storage medium.
  • each storage medium If only one sub-blockchain private key is stored in each storage medium, once one or more storage media is lost or damaged, the blockchain private key cannot be recovered, so the storage quantity of each storage medium is greater than 1 and less than the first A preset number of child blockchain private keys.
  • the sub-blockchain private key stored in the storage medium may have duplicate sub-blockchain private keys.
  • the block-chain private key to be stored is divided into three sub-blockchain private keys, which are subblocks.
  • the chain private key AC is stored in three storage media ac respectively, then the storage medium a can store the sub-blockchain private key A and the sub-blockchain private key B, and the storage medium b can store the sub-blockchain private key B.
  • the sub-blockchain private key C the storage medium c can store the sub-blockchain private key A and the sub-blockchain private key C.
  • any loss or theft of the storage medium ac will not affect the security of the private key of the blockchain to be stored, and will not affect the private key of the blockchain to be stored through the recovery of the private key of the sub-blockchain. .
  • storage medium b is lost, then since storage medium a and storage medium c store the sub-blockchain private key AC, the storage medium a and storage medium c store the sub-blockchain private key AC. , You can recover the private key of the blockchain to be stored.
  • the foregoing step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset method may include:
  • the blockchain private key to be stored is divided into a first preset number of sub-blockchain private keys.
  • the foregoing step of storing the sub-blockchain private key in a second preset number of storage media may include:
  • the sub-blockchain private key is stored in a second preset number of storage media.
  • the above threshold algorithm may be any threshold algorithm in the related technical field.
  • a (t, n) threshold algorithm an SM2 elliptic curve threshold algorithm, or the like may be used, which is not specifically limited herein.
  • the (t, n) threshold algorithm can be used to divide the above-mentioned blockchain private key to be stored into a first preset number of sub-blockchain private keys, and according to the (t, n) threshold algorithm , Storing the sub-blockchain private keys in a second preset number of storage media, respectively.
  • the terminal device can construct a polynomial of order t:
  • n the number of storage media, that is, the above-mentioned second preset number.
  • d (i) represents a set of sub-blockchain private keys stored in a storage medium, which is a part of the first preset number of sub-blockchain private keys.
  • the terminal device can recover the blockchain private key to be stored as d through any set of sub-blockchain private keys stored in t + 1 storage media.
  • the private key of the blockchain to be stored can be recovered by the following Lagrange interpolation formula: d:
  • Q represents a set of any t + 1 storage media U i .
  • the terminal device can use a threshold algorithm to divide the private key of the blockchain to be stored, and then obtain multiple sub-blockchain private keys, which can quickly and accurately divide the private key of the blockchain to be stored into Multiple sub-blockchain private keys, and the sub-blockchain private keys can be stored in a second preset number of storage media respectively according to the threshold algorithm, ensuring that the above can be successfully and successfully obtained through the sub-blockchain private key recovery in the future
  • the private key of the blockchain to be stored will not affect users' use of the virtual wallet.
  • the above method may further include:
  • the steps of dividing the block-chain private key to be stored into a first preset number of sub-blockchain private keys in a preset manner are being performed.
  • the terminal device could display a quantity setting prompt message, so that the user could set the corresponding quantity.
  • the terminal device can display the quantity setting prompt information by displaying the quantity input box, quantity selection box, quantity selection slider, etc., so that the user can set the quantity setting prompt information based on the quantity input box, quantity selection box, or quantity selection slider.
  • Set the first preset number and the second preset number As an example, the user may set the first preset number to five and the second preset number to five.
  • the terminal device can also obtain the first preset number and the second preset number set by the user based on the above-mentioned number setting prompt information.
  • the terminal device can also obtain the first preset number and the second preset number set by the user based on the above-mentioned number setting prompt information.
  • the user sets the first preset number to 5, and the second The preset number is also 5, so the user wants to divide the blockchain private key to be stored into 5 sub-blockchain private keys and store them in 5 storage media respectively.
  • the terminal device can also divide the blockchain private key to be stored into 5 sub-blockchain private keys, and store them in 5 storage media respectively.
  • the terminal device can divide the blockchain private key to be stored into 5 sub-blockchain private keys A * -E *, and then store the 5 sub-blockchain private keys A * -E * respectively on the storage medium a * -e *.
  • the 5 sub-blockchain private keys are arranged and combined to obtain 5 sub-blockchain private keys, so that the data included in each sub-blockchain private key is not exactly the same, and any three of the sub-blockchain private keys are private.
  • the key can be recovered to obtain the complete private key of the blockchain.
  • the terminal device can store the sub-blockchain private keys A *, B *, and C * in the storage medium a *, and store the sub-blockchain private keys B *, C *, and D * in the storage.
  • Medium b * store the sub-blockchain private keys C *, D *, and E * in storage medium c *, store the sub-blockchain private keys D *, E *, and A * in storage medium d *, Blockchain private keys E *, A *, B * are stored on the storage medium e *.
  • the sub-blockchain private key stored in any three of the five storage media includes all the sub-blockchain private keys, so through any three storage media in the five storage media
  • the private blockchain private keys stored in it can be recovered to obtain the private blockchain private key to be stored.
  • any one or any two storage media are lost, and the stored private blockchain private key is stolen, and the complete private blockchain private key to be stored cannot be recovered, and the security is greatly improved.
  • the terminal device can display the quantity setting prompt information, and obtain the first preset number and the second preset number set by the user based on the quantity setting prompt information, so that the user can conveniently use the storage medium owned by him.
  • the actual situation determines the storage of the blockchain private key to be stored, which improves user friendliness and improves user experience.
  • the storage medium may be different storage media in the same physical device, or the storage medium may be a storage medium in different physical devices, or a part of the storage medium may be Are different storage media in the same physical device, and the rest can be storage media in different physical devices.
  • the blockchain private key to be stored is divided into multiple sub-blockchain private keys by the terminal device, it can be stored in different storage media in the same physical device, or storage media in different physical devices. , Or it can be stored separately in different storage media in the same physical device and storage media in different physical devices.
  • these storage media may be storage media in the terminal device, or they may not be storage media in the terminal device, or some of them are storage media in the terminal device, and the rest are storage media in other terminal device.
  • the terminal device that executes the method for storing a blockchain private key described in the embodiment of the present application is a computer P.
  • the computer P divides the blockchain private key to be stored into three sub-blockchain private keys, it may Each of the two is stored in three storage media, and the three storage media may be storage media in the computer P, for example, the three storage media are different disks.
  • one of them may be a storage medium in the computer P, and the other two may be storage media in the mobile phone M. It is also reasonable that one of them is the storage medium in the computer P, the other one is the storage medium in the mobile phone M, and the remaining one is the storage medium in the mobile hard disk N.
  • the terminal device When the terminal device stores the sub-blockchain private key in a storage medium in a different physical device, the terminal device can send the corresponding sub-blockchain private key to the corresponding physical device, and receive the sub-blockchain private key.
  • the physical device can store the sub-blockchain private key.
  • the foregoing storage media may be different storage media in the same physical device, or may be storage media in different physical devices, and some may be different storage media in the same physical device, and the rest may be Storage media in different physical devices.
  • the storage location of the private key of the blockchain is more diverse, the difficulty of being stolen is greatly increased, and the security of the private key storage of the blockchain is further improved.
  • the second preset number may be three
  • the storage medium may be a storage medium in a terminal device, a storage medium in a first storage device, and a storage medium in a second storage device.
  • the terminal device is connected to the first memory and is connected to the second memory, that is, the terminal device can be communicatively connected to the first memory, and can also be communicatively connected to the second memory.
  • the first memory in this document is the above-mentioned first storage device
  • the second memory is the above-mentioned second storage device.
  • the terminal device is directly connected to the first memory, and the terminal device is also directly connected to the second memory. That is, the terminal device can directly send information to the first memory, and can also directly send information to the second memory.
  • both the first memory and the second memory may have information processing capabilities.
  • the first memory and the second memory are each configured with a processor, and the processor may perform information processing.
  • the first memory is connected to the second memory, and the connection manner may be a parallel bus connection. Any one of the first memory and the second memory is directly connected to the terminal device, and the other memory is indirectly connected to the terminal device through the memory directly connected to the terminal device.
  • direct connection means that the terminal device and the memory can communicate directly
  • indirect connection means that the terminal device and the memory need to communicate through other devices.
  • the second memory is indirectly connected to the terminal device through the first memory. That is, the terminal device can send information directly to the first memory, and when the terminal device sends information to the second memory, the terminal device sends the information to the first memory, and the first memory forwards the information to the second memory A memory, which enables communication between the terminal device and the second memory.
  • the first storage is connected to the second storage and the second storage is directly connected to the terminal device, the first storage is indirectly connected to the terminal device through the second storage.
  • the memory directly connected to the terminal device may have information processing capability, and the memory having information processing capability may be referred to as a master disk.
  • the memory indirectly connected to the terminal device may not have the information processing capability, and rely on the connected memory with the information processing capability for information processing.
  • For the memory without the information processing capability it may be called a subdisk.
  • the child disk communicates with the terminal device through the mother disk, which can save costs.
  • the above steps of storing the sub-blockchain private key in a second preset number of storage media may include the following steps.
  • a blockchain private key determining a third number of sub-blockchain private keys as a third sub-blockchain private key; sending the first sub-blockchain private key to the first storage device for storage, Sending the second sub-blockchain private key to the second storage device for storage, and storing the third sub-blockchain private key locally.
  • a correspondence relationship may be set between the first memory and the second memory, and the correspondence relationship is preset. Only the first memory and the second memory can be used if the correspondence relationship is satisfied. In this way, even if an unexpected situation such as loss of any of the first memory and the second memory occurs, it cannot be used because the corresponding relationship cannot be satisfied, thereby ensuring the security of the keys stored in the memory and reducing the possibility of key theft Sex.
  • a one-to-one correspondence relationship may be set between the first memory and the second memory, that is, each first memory is matched with a unique second memory, and the first memory is matched with the matched one. Only the second memory can be used.
  • the first memory C11 and the second memory C12 are matched, and the first memory C11 and the second memory C12 are in a one-to-one correspondence relationship. Then, the first memory C11 can only be used in cooperation with the second memory C12, and the information stored in the first memory C11 and the information stored in the second memory C12 are obtained.
  • the first memory C11 does not match the other second memories such as the second memories C22 and C32, and cannot be used even if they are connected.
  • the first memory and the second memory must be matched with the terminal device, that is, the terminal device, the first memory, and the second memory Can only be used if the three match.
  • the matching between the first memory, the second memory, and the terminal device may include at least the following two cases.
  • the first memory and the second memory are matched with the terminal device installed in the terminal device.
  • the correspondence between the first memory, the second memory and the terminal device is the first memory, Correspondence between the second memory and the terminal device.
  • the first storage and the second storage are matched with the terminal device a, then the first storage and the second storage can be used with the terminal device a only when a connection is established with the terminal device a .
  • the terminal device is used in a manner of user authentication and login.
  • the correspondence between the first memory, the second memory, and the terminal device is the correspondence between the first memory, the second memory, and a user who logs in to the terminal device.
  • it can also be matched with the corresponding first storage and the second storage and used.
  • the first memory, the second memory, and the user a are in a corresponding relationship.
  • the terminal device 1 may match the first memory and the second memory at this time.
  • the terminal device 2 matches the first storage and the second storage.
  • the matching between the first memory, the second memory, and the terminal device is not limited to the above two types, and may include other situations, which are not limited herein.
  • the terminal device After the terminal device matches the first memory and the second memory, the terminal device can perform a decomposition process on the storage key to obtain a first preset number of sub-blockchain private keys. That is, the blockchain private key to be stored is divided into a first preset number of sub-blockchain private keys in a preset manner.
  • the first number of sub-blockchain private keys is determined as the first sub-blockchain private key
  • the second number of sub-blockchain private keys is determined as the second Share the private blockchain private key
  • determine the third private blockchain private key is determined as the third private blockchain private key.
  • the first quantity, the second quantity, and the third quantity are all smaller than the first preset quantity, and the first quantity, the second quantity, and the third quantity can all be customized.
  • the settings of the first quantity, the second quantity, and the third quantity may include at least the following three cases.
  • the first quantity, the second quantity, and the third quantity may all be the same.
  • the first preset quantity is 3, the first quantity, the second quantity, and the third quantity are all 2.
  • the first quantity is 4, the first quantity is 3, and the second quantity and the third quantity are the same.
  • the number is 2.
  • the first quantity, the second quantity, and the third quantity may all be different.
  • the first preset quantity is 5, the first quantity is 2, the second quantity is 3, and the third quantity Is 4.
  • the first number of sub-blockchain private keys, the second number of sub-blockchain private keys, and the third number of sub-blockchain private keys are all a part of the sub-block private keys obtained.
  • the determined first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key may each include a different sub-blockchain private key, and may also Contains the same sub-blockchain private key.
  • the obtained sub-blockchain private key includes sub-key 1, sub-key 2, sub-key 3, and sub-key 4, where sub-key 1, sub-key 2 and sub-key 3 are determined as the first A sub-blockchain private key, the sub-key 2, sub-key 3, and sub-key 4 are determined as the second sub-blockchain private key, and the sub-key 1, sub-key 2 and sub-key 4 are determined as the first Three sub-blockchain private keys.
  • the first sub-blockchain private key and the second sub-blockchain private key both include subkey 2 and subkey 3, and the first subblockchain private key contains subkey 1 and second subkey.
  • the subkey 4 contained in the blockchain private key is different.
  • any two sub-blockchain private keys among the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key can obtain the key to be stored.
  • the obtained sub-blockchain private key includes sub-key 1, sub-key 2, sub-key 3, and sub-key 4, where sub-key 1, sub-key 2 and sub-key 3 are determined as the first A sub-blockchain private key, the sub-key 2, sub-key 3, and sub-key 4 are determined as the second sub-blockchain private key, and the sub-key 3, sub-key 4, and sub-key 1 are determined as the first Three sub-blockchain private keys, sub-key 4, sub-key 1, and sub-key 2 are determined as the fourth sub-blockchain private key.
  • the first sub-blockchain private key and the second sub-blockchain private key can be used to obtain the obtained sub-blockchain private key, that is, the key to be stored can be obtained, or the second sub-blockchain private key can be obtained.
  • the third sub-blockchain private key can also get the key to be stored, etc. Any two sub-block private key can get the key to be stored.
  • the first preset number is three, and the first number, the second number, and the third number are all two.
  • three sub-blockchain private keys can be obtained. From these three sub-blockchain private keys, two of the sub-blockchain private keys can be determined as the first sub-block.
  • the two sub-blockchain private keys are determined as the second sub-blockchain private key, and the two sub-blockchain private keys are determined as the third sub-blockchain private key.
  • any two sub-blockchain private keys in the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key can obtain the key to be stored.
  • the obtained sub-blockchain private key includes sub-key 1, sub-key 2 and sub-key 3, where sub-key 1 and sub-key 2 are determined as the first sub-blockchain private key, and the sub-block Key 2 and sub-key 3 are determined as the second sub-blockchain private key, and sub-key 1 and sub-key 3 are determined as the third sub-blockchain private key.
  • the first sub-blockchain private key and the second sub-blockchain private key can be used to obtain the obtained sub-blockchain private key, that is, the key to be stored can be obtained, or the second sub-blockchain private key can be obtained.
  • the third sub-blockchain private key can also obtain the key to be stored, or the first sub-blockchain private key and the third sub-blockchain private key can also obtain the key to be stored.
  • the terminal device can send the first sub-blockchain private key to the first storage for storage, the second sub-blockchain private key to the second storage for storage, and the third sub-blockchain private key. Stored locally on the terminal device.
  • the terminal device When the terminal device is directly connected to both the first storage and the second storage, the terminal device can directly send the second sub-blockchain private key to the first storage, and the first storage stores the second sub-blockchain private key.
  • the terminal device can directly send the third sub-blockchain private key to the second memory, and the second memory stores the third sub-blockchain private key.
  • the terminal device When the terminal device is directly connected to the first storage and indirectly connected to the second storage, that is, the second storage is connected to the terminal device through the first storage. Then the terminal device can directly send the first sub-blockchain private key to the first memory for storage. For the storage of the second sub-blockchain private key, the terminal device can send the second sub-blockchain private key to the first storage, and the first storage then forwards the second sub-blockchain private key to the second storage. For storage.
  • the terminal device When the terminal device is directly connected to the second storage and indirectly connected to the first storage, that is, the first storage is connected to the terminal device through the second storage. Then the terminal device can directly send the second sub-blockchain private key to the second memory for storage. For the storage of the first sub-blockchain private key, the terminal device can send the first sub-blockchain private key to the second storage, and the second storage then forwards the first sub-blockchain private key to the first storage. For storage.
  • the obtained sub-blockchain private key can be encrypted.
  • the foregoing sends the first sub-blockchain private key to the first storage for storage
  • the second sub-blockchain private key is sent to the second storage for storage
  • the blockchain private key is stored locally on the terminal device and can include the following steps.
  • the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key are determined, the first sub-blockchain private key, The private blockchain private key and the third private blockchain private key are encrypted.
  • the preset encryption algorithm may be customized.
  • the preset encryption algorithm may be AES (Advanced Encryption Standard) encryption algorithm, RSA encryption algorithm, DES (Data Encryption Standard) encryption. Any of encryption algorithms such as algorithms.
  • the preset encryption algorithm in the embodiment of the present application is not limited to the above three encryption algorithms, and may include other encryption algorithms, which is not limited herein.
  • the terminal device can obtain a target key of a preset encryption algorithm.
  • the target key is a preset key for a preset encryption algorithm, which can be stored locally on the terminal device, and the terminal device can obtain the preset target key locally.
  • the target key is a corresponding decryption key encrypted by a preset encryption algorithm.
  • the target key can be used to decrypt the first sub-blockchain private key after encryption processing, can be used to decrypt the second sub-blockchain private key after encryption processing, and can also be used to encrypt processing
  • the third private blockchain private key is decrypted.
  • the terminal device can send the encrypted first sub-blockchain private key and target key to the first memory for storage, and the encrypted second sub-blockchain private key and target The key is sent to the second memory for storage, and the encrypted third sub-blockchain private key and target key are stored locally on the terminal device.
  • the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset manner may include the following steps.
  • the preset encryption algorithm is used to perform encryption processing on the storage key to obtain the encryption processing to-be-stored key; the encryption processing to-be-stored key is decomposed to obtain a first preset number of sub-blockchain private keys.
  • the decomposition processing of the encryption key to be stored may be divided by a threshold algorithm, and may also be divided by other decomposition methods, which is not limited herein.
  • the first sub-blockchain private key is sent to the first storage device for storage
  • the second sub-blockchain private key is sent to the second storage device for storage
  • the third sub-blockchain private key is stored in the terminal device.
  • Local steps can include:
  • the foregoing sends the first sub-blockchain private key to the first storage device for storage, and sends the second sub-blockchain private key to the second storage.
  • the steps for the device to store and store the third sub-blockchain private key locally on the terminal device may include the following steps.
  • the target number can be set by users.
  • the target number can be three. After the target key is decomposed, three target sub-keys can be obtained.
  • the rules for decomposing the target key can be customized.
  • the target keys can be evenly decomposed according to the key length of the target key, that is, the key length of each target sub-key obtained after the decomposition process is the same. For example, if the target key has a key length of 60 bits and the number of targets is 3, then the 60-bit target key is averagely decomposed to obtain 3 target sub-keys, and the key of each target sub-key 20 bits in length.
  • the target key may also be randomly decomposed, that is, the key length of each target sub-key obtained may be different. For example, if the target key has a key length of 128 bits and the number of targets is 3, the 128-bit target key is randomly decomposed to obtain the target subkey 1, target subkey 2 and target subkey. 3, where the key length of the target subkey 1 is 30 bits, the key length of the target subkey 2 is 40 bits, and the key length of the target subkey 3 is 58 bits.
  • the rules for decomposing the target key are not limited to the above two implementations, and are not limited here.
  • a fourth number of target subkeys can be determined as the first target subkey from the obtained target subkeys, and the fifth number of target subkeys can be determined. It is determined as the second target subkey, and the sixth number of target subkeys is determined as the third target subkey.
  • the fourth quantity, the fifth quantity, and the sixth quantity are all smaller than the target quantity, and the fourth quantity, the fifth quantity, and the sixth quantity can all be customized.
  • the fourth quantity, the fifth quantity, and the sixth quantity may all be the same.
  • the target quantity is 3, the fourth quantity, the fifth quantity, and the sixth quantity are 2; only any two of them may be the same.
  • the target quantity is 4, the fourth quantity is 3, the fifth quantity and the sixth quantity are 2; they can also be different, for example, when the target quantity is 5, the fourth quantity is 2, and the fifth quantity Is 3 and the sixth number is 4.
  • the fourth number of target subkeys, the fifth number of target subkeys, and the sixth number of target subkeys are all a part of the target subkeys obtained.
  • Each of the determined first target subkey, second target subkey, and third target subkey may include different target subkeys, and may also include the same target subkey. Key.
  • the obtained target sub-keys include target sub-key 1, target sub-key 2, target sub-key 3, and target sub-key 4, wherein the target sub-key 1, target sub-key 2 and target Subkey 3 is determined as the first target subkey, target subkey 2, target subkey 3, and target subkey 4 are determined as the second target subkey, and target subkey 1, target Subkey 2 and target subkey 4 are determined as the third target subkey.
  • the first target subkey and the second target subkey both include the target subkey 2 and the target subkey 3, and the first target subkey contains the target subkey 1 and the second The target subkey 4 contained in the target subkey is different.
  • any two target subkeys of the first target subkey, the second target subkey, and the third target subkey can obtain the target key.
  • the obtained target subkey can be obtained from the first target subkey and the second target subkey, that is, the target key can be obtained, or the second target subkey Key and the third target subkey can also get the target key, etc. Any two target subkeys can get the target key.
  • the first subkey and the first target subkey after the encryption process can be sent to the first memory for storage, and the second subkey and the second part after the encryption process are stored.
  • the target subkey is sent to the second memory for storage, and the third subkey and the third target subkey after the encryption process are stored locally on the terminal device.
  • the terminal device When the terminal device is directly connected to the first storage and the second storage, the terminal device may directly send the first subkey and the first target subkey after the encryption process to the first storage for storage.
  • the terminal device may directly send the second subkey and the second target subkey after the encryption process to the second memory for storage.
  • the terminal device When the terminal device is directly connected to the first storage and indirectly connected to the second storage, that is, the second storage is connected to the terminal device through the first storage. Then, the terminal device may send the first sub key and the first target sub key after the encryption process to the first memory for storage. For the storage of the second subkey and the second target subkey after the encryption process, the terminal device may send the second subkey and the second target subkey after the encryption process to the first memory, A memory forwards the received second encrypted subkey and the second target subkey to the second memory for storage.
  • the terminal device When the terminal device is directly connected to the second storage and indirectly connected to the first storage, that is, the first storage is connected to the terminal device through the second storage. Then, the terminal device may directly send the second subkey and the second target subkey after the encryption process to the second memory for storage. For the storage of the first subkey and the first target subkey after the encryption process, the terminal device may send the first subkey and the first target subkey after the encryption process to the second memory, and the first The two memories forward the received first encrypted subkey and the first target subkey to the first memory for storage.
  • the target number may be three, and the fourth number, the fifth number, and the sixth number may be two.
  • the target key is decomposed to obtain three target sub-keys. From the three target sub-keys obtained, two target sub-keys are determined. Is the first target subkey, two target subkeys are determined as the second target subkey, and two target subkeys are determined as the third target subkey, where the first target subkey is Any two target subkeys among the key, the second target subkey and the third target subkey can obtain the target key.
  • the target key is decomposed, and three target sub-keys are obtained, including target sub-key 1, target sub-key 2 and target sub-key 3.
  • target sub-key 1 and target sub-key 2 Determined as the first target subkey, determined target subkey 2 and target subkey 3 as the second target subkey, and determined target subkey 3 and target subkey 1 as the third target Child key.
  • the target key can be obtained from the first target subkey and the second target subkey, or the target key can also be obtained from the second target subkey and the third target subkey.
  • One target subkey and a third target subkey can get the target key.
  • the above-mentioned first private blockchain private key is sent to the first storage for storage
  • the second private blockchain private key is sent to the second storage for storage
  • the third private blockchain private key is stored
  • the steps stored locally on the terminal device may include:
  • the fifth number of target subkeys in the target number of target subkeys is determined as the second target subkey
  • the sixth number of target subkeys in the target number of target subkeys is determined as the third copy.
  • the target sub-key sending the first sub-blockchain private key and the first target sub-key to the first memory for storage; sending the second sub-blockchain private key and the second target sub-key Go to the second memory for storage; store the third sub-blockchain private key and the third target sub-key locally.
  • the terminal device After the terminal device determines the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key, the terminal device can use a preset encryption algorithm to The two sub-blockchain private keys and the third sub-blockchain private key are encrypted.
  • the decomposition processing of the target key may be performed by a threshold algorithm, and may also be performed by other decomposition methods, which is not limited herein.
  • the terminal device may verify the first memory and may also verify the second memory.
  • the above method may further include:
  • the verification of the first memory and the verification of the second memory may be performed separately.
  • the first memory may be verified first and then the second memory may be verified, and the second memory may be verified first before the second memory is verified.
  • a memory for verification In this embodiment of the present application, the order of verifying the first memory and the second memory is not limited.
  • the verification results after the first memory and the second memory are verified may include the following four cases: the verification of the first memory and the second memory are successful; the verification of the first memory is successful and the verification of the second memory fails; The verification of the second memory succeeds and the verification of the first memory fails; the verification of both the first memory and the second memory fails.
  • the verification of the first memory and the second memory After the verification of the first memory and the second memory is completed, it is determined whether the verification of the first memory and the verification of the second memory are successful. If both the first memory and the second memory are successfully verified, it can be determined that the terminal device matches the first memory and the second memory.
  • any one of the following three situations occurs: the verification of the first memory is successful and the verification of the second memory fails; The verification of the two memories is successful and the verification of the first memory fails; the verification of both the first memory and the second memory fails. It can be determined that the matching of the terminal device with the first memory and the second memory fails.
  • the terminal device may disconnect from the first memory and disconnect from the second memory to ensure the security of the blockchain private key to be stored.
  • the terminal device verifies the first memory and the second memory separately before storing the private key of the blockchain to be stored. Only when the verification passes, the terminal device and the first memory, The second memory matches before the store operation can continue. Through the verification process, storage security is improved.
  • the target storage device is the first storage device or the second storage device
  • a method for verifying the target storage device may include:
  • the target storage device decrypts the received verification information by using the preset verification information stored locally to obtain the preset Key, use the preset key to encrypt the locally stored target ID to obtain an encrypted ID; obtain the encrypted ID, use the preset key to decrypt the encrypted ID, and obtain the decrypted
  • the to-be-matched identifier matches the to-be-matched identifier with a preset identifier, and if it matches, it is determined that the verification of the target storage device is successful.
  • the preset identifier is a previously stored identifier corresponding to the target storage device.
  • the preset key is the first key
  • the preset identifier is the first identifier.
  • the method for verifying the first memory may include the following steps.
  • the first authentication information is local authentication information stored in advance by the terminal device.
  • the method for encrypting the first authentication information by the terminal device may be preset, for example, an RSA encryption method, an AES encryption method, or a DES (Data Encryption Standard) encryption method, and the like is not limited herein.
  • the first key used may be customized.
  • the first key in order to improve the security after the first authentication information is encrypted, the first key may be a random key, that is, the first key for each time the first authentication information is encrypted is different. .
  • the use of random keys increases the difficulty of cracking and improves security.
  • the method for sending the first authentication information to the first storage includes at least the following two methods: if the terminal device is directly connected to the first storage, the terminal device can directly send the first authentication information to the first storage; The first memory is indirectly connected, and the terminal device can send the first authentication information to the second memory, and the second memory forwards the first authentication information to the first memory.
  • the first memory may use the first preset authentication information stored locally to decrypt the first authentication information to obtain a first key.
  • the first preset verification information is local verification information previously stored in the first memory, and the first preset verification information corresponds to the first verification information stored in the terminal device.
  • the first memory stores The first preset verification information is the same as the first verification information stored by the terminal device.
  • the first key interacts with the first preset authentication information. That is, the first authentication information can be encrypted by using the first key to obtain the encrypted first authentication information, and the first preset authentication information can be used to decrypt the encrypted first authentication information to obtain the first authentication information. A key.
  • the first memory may use the first preset verification information to decrypt the received first verification information, and then obtain the first key.
  • the first key obtained in the first memory is the same as the first key used by the terminal device.
  • the first key may be used to encrypt the first identifier stored locally in the first memory to obtain an encrypted identifier, and send the encrypted identifier to the terminal device.
  • the first identifier is pre-stored in the first memory, and the first identifier may be a fixed character string, and the fixed character string may be custom set.
  • the first identifier corresponds to the first memory.
  • the first identifier corresponds to the first memory in a one-to-one relationship, and each first memory corresponds to a unique first identifier, so that the terminal device can verify the first memory according to the first identifier.
  • the first memory uses the first preset authentication information stored locally to decrypt the first authentication information to obtain a first key, and uses the first key to the first memory locally stored in the first memory.
  • An identifier is encrypted, and the encrypted first identifier is sent to the terminal device, which can be divided into the following two cases.
  • the first memory itself can complete operations such as decryption processing and encryption processing. Specifically, the first memory acquires the first preset verification information stored locally, and uses the first preset verification information to decrypt the first verification information to obtain a first key, and uses the first key to locally store the first memory. The stored first identifier is encrypted, and the encrypted first identifier is sent to the terminal device.
  • the first memory may interact with the second memory having information processing capabilities, and perform operations such as decryption processing and encryption processing through the second memory.
  • the first memory sends the locally stored first preset verification information and the first identifier to the second memory
  • the second memory uses the first preset verification information to perform decryption processing to obtain the first key, and uses the The first key performs encryption processing on the first identifier, and sends the encrypted first identifier to the first memory.
  • the terminal device After receiving the encrypted first identifier sent by the first memory, the terminal device can use the first key to decrypt the encrypted first identifier to obtain the decrypted first identifier, that is, the identifier to be matched.
  • the identifier to be matched is matched with the first preset identifier that is stored in advance, and if it is matched, it is determined that the verification of the first memory is successful.
  • the first preset identifier stored in advance by the terminal device corresponds to the first identifier, and the corresponding relationship between the first preset identifier and the first identifier may be preset. For the terminal device, only if the received first identifier and the pre-stored first preset identifier satisfy a preset correspondence relationship, it can be determined that the first identifier matches the first preset identifier.
  • the first preset identifier is the same as the first identifier, that is, the matching identifier is the same in the matched terminal device and the first memory. For example, if the terminal device matches the first memory, and the first identifier stored in the first memory is a character string a, then the first preset identifier stored in the terminal device is also a character string a.
  • the preset key is the second key
  • the preset identifier is the second identifier.
  • the method for verifying the second storage may include the following steps.
  • the second verification information is verification information stored locally by the terminal device in advance.
  • a method for encrypting the second authentication information by the terminal device may be preset, for example, an RSA encryption method, an AES encryption method, or a DES (Data Encryption Standard) encryption method, and the like is not limited herein.
  • the second key used may be customized.
  • the second key in order to improve the security after the second authentication information is encrypted, the second key may be a random key, that is, the second key that is used to encrypt the second authentication information is different every time. .
  • the use of random keys increases the difficulty of cracking and improves security.
  • the method for sending the second authentication information to the second storage includes at least the following two methods: if the terminal device is directly connected to the second storage, the terminal device can directly send the second authentication information to the second storage;
  • the second memory is indirectly connected, and the terminal device can send the second authentication information to the first memory, and the first memory forwards the second authentication information to the second memory.
  • the second memory may use the second preset authentication information stored locally to decrypt the second authentication information to obtain a second key.
  • the second preset verification information is local verification information stored in the second memory in advance, and the second preset verification information corresponds to the second verification information stored in the terminal device.
  • the second memory stores The second preset verification information is the same as the second verification information stored by the terminal device.
  • the second key interacts with the second authentication information. That is, the second authentication information can be encrypted by using the second key to obtain encrypted second authentication information, and the second preset authentication information can be used to decrypt the encrypted second authentication information to obtain the first authentication information. Two keys.
  • the second memory may use the second preset verification information to decrypt the received second verification information, and then obtain a second key.
  • the second key obtained in the second memory is the same as the second key used by the terminal device.
  • the second key may be used to encrypt the second identifier stored locally in the second memory to obtain an encrypted identifier, and send the encrypted identifier to the terminal device.
  • the second identifier is pre-stored in the second memory, and the second identifier may be a fixed character string, and the fixed character string may be custom set.
  • the second identifier corresponds to the second memory.
  • the second identifier has a one-to-one correspondence with the second memory, and each second memory corresponds to a unique second identifier, so that the terminal device can verify the second memory according to the second identifier.
  • the second memory uses the second preset authentication information stored locally to decrypt the second authentication information to obtain a second key, and uses the second key to the second memory locally stored in the second memory.
  • the second identification is encrypted and the encrypted second identification is sent to the terminal device, which can be divided into the following two cases.
  • the second storage has information processing capabilities, and the second storage itself can complete operations such as decryption processing and encryption processing.
  • the second memory acquires the second preset verification information stored locally, and uses the second preset verification information to decrypt the second verification information to obtain a second key, and uses the second key to locally store the second memory.
  • the stored second identifier is encrypted, and the encrypted second identifier is sent to the terminal device.
  • the second storage may interact with the first storage having information processing capabilities, and perform operations such as decryption processing and encryption processing through the first storage.
  • the second memory sends the second preset authentication information and the second identifier stored locally to the first memory, and the first memory uses the second preset authentication information to perform decryption processing to obtain a second key, and uses the The second key performs encryption processing on the second identifier, and sends the encrypted second identifier to the second memory.
  • the terminal device After receiving the encrypted second identifier sent by the second memory, the terminal device can use the second key to decrypt the encrypted second identifier to obtain the decrypted second identifier, that is, the identifier to be matched, and The identifier to be matched is matched with a second preset identifier that is stored in advance, and if it is matched, it is determined that the verification of the second memory is successful.
  • the second preset identifier stored in advance by the terminal device corresponds to the second identifier, and the corresponding relationship between the second preset identifier and the second identifier may be preset. For the terminal device, if the received second identifier and the pre-stored second preset identifier satisfy a preset correspondence relationship, it can be determined that the second identifier matches the second preset identifier.
  • the second preset identifier is the same as the second identifier, that is, the stored identifier is the same in the matching terminal device and the second memory. For example, if the terminal device matches the second memory, and the second identifier stored in the second memory is a character string b, the second preset identifier stored in the terminal device is also a character string b.
  • the first key and the second key may be the same key, or both may be random keys.
  • the first verification information and the second verification information stored by the terminal device are the same verification information, and the first preset identifier and the second preset identifier are the same preset identifier.
  • the first preset verification information stored in the first memory and the second preset verification information stored in the second memory may be the same, that is, There is a corresponding relationship between the first preset verification information, the second preset verification information, the first verification information and the second verification information stored by the terminal device, and when the four satisfy the corresponding relationship, then for the terminal device, the first For any one of the first memory and the second memory, the authentication information sent by any other party may be decrypted using the authentication information stored locally.
  • the terminal device when the terminal device, the first memory, and the second memory match, all of the first preset verification information, the second preset verification information, the first verification information, and the second verification information are all Same, same authentication information.
  • the first memory and the second memory can be verified by storing only one verification information locally, which not only saves storage space, but also reduces the complexity of the verification process.
  • the first identifier stored in the first memory and the second identifier stored in the second memory may be the same, that is, the first identifier, the second identifier, and the second identifier.
  • the terminal device can match the identifier in the first memory and the identifier in the second memory respectively.
  • the terminal device when the terminal device, the first memory, and the second memory match, the first identifier, the second identifier, the first preset identifier, and the second preset identifier are the same and are the same identifier.
  • the terminal device can match the first memory and the second memory only by storing an identifier, which not only saves storage space, but also reduces the complexity of the matching process.
  • the terminal device is connected to the first memory and connected to the second memory. After determining that both the first memory and the second memory match, the storage key is decomposed to obtain the first memory.
  • the target number of sub-blockchain private keys from the obtained sub-blockchain private keys, the first number of sub-blockchain private keys is determined as the first sub-blockchain private key, and the second number of sub-block private keys
  • the blockchain private key is determined as the second sub-blockchain private key, and the third number of sub-blockchain private keys are determined as the third sub-blockchain private key; the first sub-blockchain private key is sent to the One memory is used for storage, the second sub-blockchain private key is sent to the second memory for storage, and the third sub-blockchain private key is stored locally on the terminal device.
  • the terminal device divides the key to be stored into several sub-blockchain private keys and stores some of the sub-blockchain private keys in the terminal device, the first memory, and the second memory, respectively, and the terminal Any two sub-blockchain private keys in the device, the first memory and the second memory can obtain the complete key.
  • the complete key can only be obtained by obtaining the stored private key of the sub-blockchain from any two of the terminal device, the first storage, and the second storage, and even if any of them is lost, it will not cause the complete blockchain private Key theft, which improves the security of blockchain private key storage.
  • the embodiment of the present application further provides a method for recovering the private key of the blockchain.
  • the following describes a method for recovering a private key of a blockchain provided by an embodiment of the present application.
  • a method for recovering a private key of a blockchain is applied to a terminal device, and the method may include:
  • each storage medium stores a third preset number of sub-blockchain private keys among the first preset number of sub-blockchain private keys, and the sub-blockchain private keys stored in each storage medium are incomplete Similarly, the sub-blockchain private key is obtained by dividing the blockchain private key to be stored in a preset manner, and the third preset number is less than the second preset number.
  • the terminal device when receiving a blockchain private key acquisition instruction, acquires it from a fourth preset number of storage media from the second preset number of storage media.
  • the stored private blockchain private key is recovered from the obtained private blockchain private key to obtain the private blockchain private key to be stored as the target private blockchain private key.
  • the terminal device can recover the private blockchain key to be stored without acquiring all the private blockchain private keys stored in the storage medium. Therefore, the loss of some storage media will not affect the user's recovery of the area to be stored. Blockchain private key, better user experience, and improve the security of the virtual wallet.
  • the terminal device may be provided with an instruction interface, and the user may issue a blockchain private key acquisition instruction through the instruction interface.
  • the terminal device may display a button, and when the user clicks the button, the blockchain may be issued. Private key acquisition instruction.
  • the terminal device can also receive the blockchain private key acquisition instruction. Then, in order to recover and obtain the complete private blockchain private key to be stored, the terminal device may obtain the stored private blockchain private key from the fourth preset number of the storage media storing the private blockchain private key. .
  • the terminal device can obtain all the sub-blocks corresponding to the private key of the blockchain to be stored without obtaining the private key of the sub-blockchain stored in all storage media.
  • Chain private key so the fourth preset number is generally smaller than the second preset number.
  • the terminal device can obtain the sub-blockchain private key stored in all storage media.
  • the terminal device divides the blockchain private key to be stored into 5 sub-blockchain private keys A * -E *, and then stores the sub-blockchain private keys A *, B *, and C * on the storage medium a * .
  • the sub-blockchain private keys B *, C *, D * are stored in the storage medium b *
  • the sub-blockchain private keys C *, D *, E * are stored in the storage medium c *
  • the sub-blockchain private key D *, E *, A * are stored on the storage medium d *
  • the sub-blockchain private keys E *, A *, B * are stored on the storage medium e *.
  • the terminal device can obtain the stored sub block chain private key from any three of the five storage media.
  • the terminal device After the terminal device obtains the private blockchain private key, it can recover the private blockchain private key to be stored according to the obtained private blockchain private key. Since the sub-blockchain private key obtained by the terminal device includes all the sub-blockchain private keys corresponding to the blockchain private key to be stored, the above-mentioned to-be-stored can be recovered according to the obtained sub-blockchain private key. Blockchain private key.
  • the specific method of recovering the private blockchain key to be stored according to the obtained private blockchain private key can be determined according to the manner in which the private blockchain key to be stored is divided into the private private blockchain key, which can be understood The thing is, the two are reciprocal processes.
  • deduplication processing may be performed, that is, duplicate sub-blocks are removed.
  • the blockchain private key, and then the remaining non-repeating sub-blockchain private keys are combined and restored to obtain the target blockchain private key.
  • a serial number identifier can be set for each sub-blockchain private key, so that it can be obtained on the terminal device.
  • the sub-block chain private keys with duplicate serial number identifiers can be deduplicated, and then the remaining sub-blockchain private keys are arranged according to the serial numbers corresponding to the serial number identifiers, and the arrangement order is By performing a combination restoration and deleting the serial number identifier, the target blockchain private key can be obtained.
  • the step of recovering the blockchain private key to be stored according to the obtained private blockchain private key may include:
  • the obtained private blockchain private key is restored to obtain the private blockchain private key to be stored.
  • the terminal device may use a threshold algorithm when the private key of the blockchain to be stored is divided into the first preset number of sub-block private keys according to a preset method, and the acquired private key of the sub-block chain may be recovered. , And then obtain the blockchain private key to be stored.
  • the terminal device divides the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset method, and the threshold algorithm is a (t, n) threshold algorithm, then (t N) Threshold algorithm, recovers the obtained private blockchain private key to obtain the private blockchain private key to be stored.
  • the terminal device divides the blockchain private key to be stored into the first preset number of sub-blockchain private keys according to a preset method, and uses the threshold algorithm as the SM2 elliptic curve threshold algorithm, then the SM2 elliptic curve threshold algorithm may be used.
  • the acquired private blockchain private key is recovered to obtain the private blockchain private key to be stored.
  • the terminal device recovers the obtained private blockchain private key according to a threshold algorithm, and then obtains the private blockchain private key to be stored. Can quickly and accurately recover the private key of the blockchain to be stored.
  • the above-mentioned blockchain private key acquisition instruction may be a transaction confirmation instruction for a transaction.
  • the foregoing is obtained by restoring the private blockchain private key obtained according to the foregoing.
  • the above method may further include:
  • the transaction is confirmed based on the target blockchain private key.
  • the terminal device can confirm the transaction based on the target blockchain private key, and the user's virtual currency transaction behavior has been completed.
  • the second preset number may be three
  • the storage medium may be a storage medium in a terminal device, a storage medium in a first storage device, and a storage medium in a second storage device.
  • the method for recovering the private key of the blockchain may include the following steps:
  • the sub-blockchain private key stored by the terminal device and the first storage device includes: two pieces of data of the first sub-data, the second sub-data, and the third sub-data obtained by dividing the private key of the blockchain to be stored.
  • the terminal data and the first storage device store sub-data that are not completely the same; the first storage device has a communication connection with the terminal device.
  • the first storage device is a device capable of storing data.
  • the first storage device may be a storage disk, that is, the first storage disk.
  • the terminal device and the first storage device are two independent devices and can be placed separately.
  • the terminal device When the terminal device receives the transaction confirmation instruction for the transaction, the terminal device can directly obtain the sub-blockchain private key stored in the first storage device as the target sub-blockchain private key.
  • the terminal device may also first determine whether it has recorded: the first identifier of the first storage device that has established a communication connection with itself.
  • the first identifier of the first storage device includes, but is not limited to, a custom name set by the user to the first storage device and a product serial number of the first storage device.
  • the terminal device When the first identifier is stored in the terminal device, it indicates that the first storage device is a transaction assistance device of the terminal device. At this time, the terminal device can obtain the two sub-blockchain private keys stored by the first storage device from the first storage device as the target sub-blockchain private key.
  • the terminal device may send an identification information acquisition request for the first storage device to the first storage device.
  • the first storage device may send the first identification of the first storage device itself to the terminal device.
  • the terminal device may match the first identification with the device identification of the transaction assistance device stored in the terminal device. If the matching is successful, it indicates that the first identifier is recorded in the terminal device, that is, the first storage device is a transaction assistance device.
  • the terminal device may obtain the sub-blockchain private key stored by the first storage device from the first storage device as the target sub-blockchain private key.
  • the sub-blockchain private key stored in the terminal device is the first sub-data and the second sub-data
  • the obtained sub-blockchain private key stored in the first storage device is the first sub-data and the second sub-data.
  • Third child data is the first sub-data and the third sub-data stored in the first storage device.
  • the target sub-blockchain private key for recovering the target blockchain private key can be obtained from the first storage device.
  • the matching fails, it indicates that the first identifier is not recorded in the terminal device, that is, the first storage device is not a transaction assistance device.
  • the first storage device is not a transaction assistance device.
  • the terminal device Before determining whether the terminal device has recorded the first identification of the first storage device, the terminal device may also detect whether the terminal device has established a communication connection with the first storage device. When detecting that the terminal device has not established a communication connection with the first storage device, the terminal device may prompt the user to establish a communication connection between the terminal device and the first storage device. After detecting that the communication connection is established, the terminal device may perform an operation of determining whether the first identifier is recorded.
  • any method for detecting whether a communication connection is established between the devices can be applied to the embodiments of the present application, and details are not described herein.
  • the communication connection established between the terminal device and the first storage device may be a wireless communication connection, of course, it is not limited to this.
  • the wireless communication connection includes, but is not limited to, a Bluetooth communication connection or a Near Field Communication (NFC) communication connection. That is, the terminal device may perform Bluetooth communication or NFC communication with the first storage device, of course, it is not limited to this.
  • NFC Near Field Communication
  • the first storage device may also transmit the encrypted data corresponding to the first subdata and the third subdata to the terminal device. .
  • the terminal device can decrypt the encrypted data to obtain the first sub data and the third sub data, and use the first sub data and the third sub data as the target sub-blockchain. Private key, this is also reasonable.
  • the operation of obtaining the sub-data stored in the first storage device as the target sub-blockchain private key may specifically include: determining whether the first storage device is electrically connected to the second storage device. If the first storage device is not electrically connected to the second storage device, it indicates that the terminal device can only obtain sub-data from the first storage device. Therefore, the terminal device can obtain the sub data stored in the first storage device as the target sub data.
  • the terminal device may also obtain the sub-device from the second storage device through the first storage device. data.
  • the positional relationship between the terminal device, the first storage device, and the second storage device can be seen in FIG. 5, that is, the terminal device performs a Bluetooth communication connection with the first storage device, and the first storage device and the second storage device are plugged and unplugged. Electrical connection.
  • the system composed of the terminal device, the first storage device, and the second storage device may also be referred to as a hardware wallet.
  • the sub-data stored by the second storage device includes: the private key of the blockchain to be stored. Divide the two pieces of data obtained by the first sub data, the second sub data, and the third sub data.
  • the sub data stored by the second storage device and the terminal device are not completely the same.
  • the sub data stored in the terminal device are the first sub data and the second sub data
  • the sub data stored in the second storage device are the second sub data and the third sub data. Therefore, the terminal device may obtain the sub-blockchain private key stored in the first storage device from the first storage device as the target sub-blockchain private key.
  • the sub-blockchain private key stored in the second storage device may also be obtained from the second storage device as the target sub-blockchain private key. That is, the target sub-blockchain private key for recovering the target blockchain private key may be obtained from the first storage device or from the second storage device.
  • the first storage device since the first storage device may be initialized, the first storage device is an initialization device.
  • the terminal device may also determine whether the first storage device is an initialization device. If the first storage device is not an initialization device, the sub-blockchain private key stored in the first storage device can be obtained as the target sub-blockchain private key. If the first storage device is an initialization device, the sub-blockchain private key stored in the second storage device can be obtained as the target sub-blockchain private key.
  • the terminal device can also determine whether the second storage device is initialized. If the second device is initialized, it prompts the user with a prompt message that the private key cannot be recovered and the transaction fails.
  • the second storage device is a device capable of storing data.
  • the second storage device may be another storage disk, that is, a second storage disk.
  • the terminal device, the first storage device, and the second storage device are three independent devices and can be placed separately.
  • the second identifier of the second storage device includes, but is not limited to, a custom name set by the user to the second storage device and a product serial number of the second storage device.
  • a plug-in electrical connection refers to an electrical connection established through a plug-in interface.
  • the communication connection between the first storage device and the second storage device can be established / disconnected in a plug / unplug manner.
  • the first storage device may be electrically connected to the second storage device through a USB (Universal Serial Bus) interface. In this way, serial communication can be performed between the first storage device and the second storage device.
  • USB Universal Serial Bus
  • S402 Use the locally stored private blockchain private key and the target private blockchain private key to recover the private blockchain private key to be stored;
  • the first sub-data, the second sub-data, and the third sub-data may be obtained by the terminal device using a preset secret sharing algorithm to perform partition calculation on the private key of the blockchain to be stored.
  • the secret sharing algorithm can better design the splitting scheme and recovery scheme for the blockchain private key to be stored.
  • data recovery calculations can be performed on the first sub data, the second sub data, and the third sub data based on the secret sharing algorithm, and the private key of the blockchain to be stored can be recovered by recovery.
  • a malicious user needs to know the secret sharing algorithm before recovering the private blockchain private key, which increases the difficulty for the malicious user to recover the private blockchain private key to be stored, that is, improving the recovery of the private key. Difficulty.
  • the first sub data, the second sub data, and the third sub data may also be obtained after the terminal device directly cuts the blockchain private key to be stored, which is also reasonable.
  • the first sub data, the second sub data, and the second sub data can be spliced, so that the target blockchain private key can be recovered.
  • the private key of the blockchain to be stored is an encrypted file
  • a malicious user can obtain the first subdata, the second subdata, and the third subdata, and use the first subdata, the second subdata, and the first subdata.
  • the third-child data recovery obtains the target private key of the blockchain, and it is difficult to decrypt the private key of the target blockchain, which increases the difficulty for malicious users to obtain the private key.
  • the encrypted file can be obtained by encrypting and calculating the private key of the blockchain to be stored by using the RSA encryption algorithm or DES (Data Encryption Standard). Of course, it is not limited to this.
  • the encrypted file can be decrypted by using a preset decryption key to obtain the target blockchain private key. Then, the transaction is confirmed using the target blockchain private key.
  • the target blockchain private key is not an encrypted file, you can directly use the recovered target blockchain private key to confirm the transaction.
  • the sub-blockchain private key stored in the first storage device includes: the first sub-data, the second sub-data, and the third sub-data obtained by dividing the block-chain private key to be stored.
  • the terminal device also records two pieces of data of the first sub data, the second sub data, and the third sub data, and the sub data stored by the terminal device and the first storage device are not completely the same.
  • the first storage device has a communication connection with the terminal device. Therefore, when receiving a transaction confirmation instruction for a transaction, the terminal device can obtain the sub-blockchain private key stored in the first storage device as the target sub-blockchain private key.
  • the private blockchain private key stored in the terminal and the obtained private blockchain private key can be used to recover the private blockchain private key. Furthermore, the transaction can be confirmed based on the target blockchain private key. In this way, the situation that the transaction can be confirmed through a terminal device is avoided, and the difficulty of obtaining the blockchain private key is increased, thereby improving the security of the transaction and ensuring the security of user assets.
  • the following describes a case where the first identifier of the first storage device is not recorded in the terminal device.
  • the terminal device can determine whether the first storage device is electrically connected to the second storage device.
  • any method for detecting whether a plug-in electrical connection is established between the devices can be applied to the embodiments of the present application, and details are not described herein.
  • the terminal device can obtain a second identifier of the second storage device that is electrically connected to the first storage device. Then, it is determined whether the second identifier is recorded in the terminal device.
  • the terminal device may send identification information to the first storage device to obtain the identification information for the second storage device. request. Then, after receiving the identification information acquisition request for the second storage device, the first storage device may obtain the second identification of the second storage device from the second storage device; and then send the second identification to the terminal device.
  • the terminal device can match the second identification with the device identification of the transaction assistance device stored in the terminal device. If the matching is successful, it indicates that the first identifier is recorded in the terminal device. If the matching fails, it indicates that the second identifier is not recorded in the terminal device.
  • the sub-blockchain private key stored in the second storage device includes: the first sub-data, the second sub-data, and the first sub-data obtained by dividing the block-chain private key to be stored. Two of the three sub-data, and the sub-blockchain private keys stored in the second storage device and the terminal device are not exactly the same. Therefore, the terminal device can obtain the sub-blockchain private key stored in the second storage device, and use the obtained sub-blockchain private key as the target sub-blockchain private key. Then, the private blockchain private key stored in the terminal device and the target private blockchain private key are used to recover the private blockchain private key, and the transaction is confirmed based on the private blockchain private key. In this way, it is possible to avoid the situation that the transaction can be confirmed through the terminal device, which improves the security of the transaction, thereby ensuring the security of the user's assets.
  • the terminal device may also prompt the user to replace the second storage device that is electrically connected to the first storage device, which is reasonable. Specifically, the terminal device may prompt the user to replace the second storage device with a device consistent with the device identification of the transaction assistance device.
  • the terminal device may also prompt the user to establish an electrical connection between the first storage device and the second storage device.
  • the terminal device detects that the first storage device is electrically connected to the second storage device, the above-mentioned step of obtaining the second identity of the second storage device that is electrically connected to the first storage device may be triggered. To repeat.
  • the embodiment of the present application also provides another method for recovering the private key of the blockchain.
  • the following describes a second method for recovering a private key of a blockchain provided by an embodiment of the present application.
  • the second method for recovering a private key of a blockchain provided by the embodiment of the present application can be applied to a terminal device.
  • a digital wallet client can be installed in the terminal device.
  • the terminal devices include, but are not limited to, desktop computers, tablet computers, and smart watches.
  • a method for recovering a private key of a blockchain may include the following steps:
  • each storage medium stores a third preset number of sub-blockchain private keys among the first preset number of sub-blockchain private keys, and the sub-blockchain private keys stored in each storage medium are incomplete Similarly, the private blockchain private key is obtained by dividing the private blockchain private key to be stored in a preset manner, and the fourth preset number is less than the second preset number.
  • the terminal device when receiving a data recovery instruction, determines a target storage medium from a second preset number of storage media, and then uses the second preset number of storage media to The sub-blockchain private key stored in the non-target storage medium is used to recover the sub-blockchain private key stored in the target storage medium.
  • the terminal device can recover the sub-blockchain private key stored in the non-target storage medium according to the sub-blockchain private key stored in the target storage medium. Therefore, the sub-blockchain private key in some storage media is lost. Under the circumstances, the lost private blockchain private key can be recovered to ensure the integrity of the data and better user experience.
  • the second preset number may be three
  • the storage medium may be a storage medium in a terminal device, a storage medium in a first storage device, and a storage medium in a second storage device.
  • the above-mentioned second method for recovering the private key of a blockchain may include:
  • S601 When a data recovery instruction is received, determine a first identifier of a first storage device that is communicatively connected, and determine a second identifier of a second storage device that is electrically connected to the first storage device;
  • the first storage device is a device capable of storing data.
  • the first storage device may be a storage disk, that is, the first storage disk.
  • the second storage device is a device capable of storing data.
  • the second storage device may be another storage disk, that is, a second storage disk.
  • the terminal device, the first storage device, and the second storage device are three independent devices and can be placed separately.
  • the terminal device when the terminal device receives a data recovery instruction, the terminal device does not know which device needs to perform data recovery. At this time, the terminal device may first determine a first identifier of a first storage device that has established a communication connection with itself, and determine a second identifier of a second storage device that is electrically connected to the first storage device.
  • the terminal device When the terminal device establishes a communication connection with the first storage device, and the first storage device is electrically connected to the second storage device, the terminal device may send an identification information acquisition request to the first storage device. Then, after receiving the identification information acquisition request, the first storage device may obtain the second identification of the second storage device from the second storage device; and then send the first identification of the first storage device and the second identification to Terminal Equipment. In this way, the terminal device can obtain the first identifier of the first storage device and the second identifier of the second storage device.
  • the terminal device can also detect whether the terminal device has been established with the first storage device before determining the first identification and the second identification. Communication connection, and whether the first storage device is electrically connected to the second storage device. Any one of the methods for detecting whether a communication connection is established between the devices and the method for detecting whether a plug-in electrical connection is established between the devices can be applied to the embodiments of the present application, and details are not described herein.
  • the operation of the terminal device detecting whether the terminal device has established a communication connection with the first storage device and whether the first storage device is electrically connected to the second storage device may specifically include: first detecting whether the terminal device is established with the first storage device. Communication connection. If it is detected that the terminal device has established a communication connection with the first storage device, then it can be detected whether the first storage device is electrically connected to the second storage device.
  • the terminal device may perform an operation of determining a first identification of the first storage device and a second identification of the second storage device. If it is detected that the first storage device is not electrically connected to the second storage device, the terminal device may prompt the user to electrically connect the first storage device to the second storage device.
  • the terminal device may prompt the user: establish a communication connection between the terminal device and the first storage device, and electrically connect the first storage device to the second storage device.
  • the user may be prompted to establish a wireless communication connection between the terminal device and the first storage device.
  • the wireless communication connection includes: a Bluetooth communication connection or a Near Field Communication (NFC) communication connection. That is, the terminal device may perform Bluetooth communication or NFC communication with the first storage device, of course, it is not limited to this.
  • NFC Near Field Communication
  • the first identifier of the first storage device includes, but is not limited to, a custom name set by the user to the first storage device and a product serial number of the first storage device.
  • the second identifier of the second storage device includes, but is not limited to, a custom name set by the user to the second storage device and a product serial number of the second storage device.
  • a plug-in electrical connection refers to an electrical connection established through a plug-in interface.
  • the communication connection between the first storage device and the second storage device can be established / disconnected in a plug / unplug manner.
  • the first storage device may be electrically connected to the second storage device through a USB (Universal Serial Bus) interface. In this way, serial communication can be performed between the first storage device and the second storage device.
  • USB Universal Serial Bus
  • S602 Based on the first identifier and the second identifier, determine a device to be restored among itself, the first storage device, and the second storage device as a target device;
  • S603 Use the sub-blockchain private key stored by the non-target device to recover the sub-blockchain private key that the target device needs to store.
  • each non-target device and target device stores: the first sub-block obtained by dividing the blockchain private key to be stored
  • the two data in the chain private key, the second sub-blockchain private key, and the third sub-blockchain private key, and the data stored in any two devices are not exactly the same.
  • the terminal device may determine which device needs to perform data recovery according to the first identification and the second identification.
  • one device to be subjected to data recovery may be referred to as a target device, and each device that does not require data recovery may be referred to as a non-target device.
  • the terminal device may determine that the second storage device is the target device of the data to be recovered.
  • the terminal device may also detect whether the second storage device corresponding to the second identifier is an initialization device, and upon detecting that the second storage device is initialized Device, and then determine that the second storage device is the target device of the data to be recovered. In this way, the second storage device that is not stored with data after initialization may be determined as the target device.
  • the terminal device may determine that the first storage device is a target device of the data to be recovered.
  • the terminal device may determine that the terminal device itself is the target device of the data to be recovered.
  • the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key can be used to pair the sub-blockchain private keys stored in the target device. Perform recovery. Furthermore, the private blockchain private key stored in any two of the terminal device, the first storage device, and the second storage device can also be used to recover the private blockchain key to be stored. Key security.
  • the terminal device can directly use the first sub-blockchain private key and the second sub-blockchain based on the principle of the sub-blockchain private key recovery.
  • the private key and the third sub-blockchain private key recover the sub-blockchain private key stored in the target device.
  • the principle of recovering the private key of the sub-blockchain is: after recovering the private key of the sub-blockchain that the target device needs to recover, each non-target device and the target device store two copies of the private key of the sub-blockchain. And the sub-blockchain private keys stored in any two devices are not exactly the same.
  • the terminal device and the first storage device are non-target devices, and the terminal device stores the first sub-blockchain private key and the second sub-blockchain private key
  • the first storage device stores the first
  • the terminal device can obtain from the terminal device itself and the first storage device: the first sub-blockchain private key and the second sub-blockchain private key And the third sub-blockchain private key, and it can be determined that the sub-blockchain private key to be stored by the second storage device is the second sub-blockchain private key and the third sub-blockchain private key.
  • the terminal device can directly extract the second sub-blockchain private key and the third sub-blockchain private key from the obtained three sub-blockchain private keys based on the sub-data recovery principle. Then, the second sub-blockchain private key and the third sub-blockchain private key are transferred to the second storage device through the first storage device, thereby realizing private sub-blockchain storage in the second storage device. Key recovery.
  • the terminal device and the second storage device are non-target devices, and the terminal device stores the first sub-blockchain private key and the second sub-blockchain private key, and the second storage device stores a second sub-blockchain private key.
  • the terminal device can obtain from the terminal device itself and the second storage device: the first sub-blockchain private key, the second sub-blockchain private key, and The third sub-blockchain private key, and it can be determined that the sub-blockchain private key to be stored by the first storage device is the first sub-blockchain private key and the third sub-blockchain private key.
  • the terminal device can directly extract the first sub-blockchain private key and the third sub-blockchain private key from the three sub-blockchain private keys obtained based on the sub-data recovery principle. Then, the first sub-blockchain private key and the third sub-blockchain private key are stored in the first storage device, so as to recover the sub-blockchain private key to be stored in the first storage device.
  • the terminal device obtains from the terminal device itself and the first storage device: the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key Afterwards, the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key can also be used to recover the target blockchain private key. Then, the preset private segmentation algorithm is used to segment the target blockchain private key, so as to obtain the first target sub-blockchain private key, the second target sub-blockchain private key, and the third target sub-blockchain private key. .
  • the first target sub-blockchain private key, the second target sub-blockchain private key, and the third target sub-blockchain private key obtained from the segmentation may be separately from the first sub-block chain private key and the second sub-region.
  • the blockchain private key is the same as the third sub-blockchain private key.
  • the first target sub-blockchain private key, the second target sub-blockchain private key, and the third target sub-blockchain private key obtained by segmentation can also be It is also reasonable that the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key are different.
  • the terminal device may also replace the first sub-blockchain stored originally with the private key of the first target sub-blockchain and the private key of the second target sub-blockchain. Private key, private key of the second sub-blockchain.
  • the first target sub-blockchain private key and the third target sub-blockchain private key are sent to the first storage device, so that the first storage device uses the received first target sub-blockchain private key and the third
  • the target sub-blockchain private key replaces the first sub-blockchain private key and the third sub-blockchain private key that were originally stored.
  • the terminal device also sends the second target sub-blockchain private key and the third target sub-blockchain private key to the second storage device through the first storage device, so that the second storage device stores the second target sub-blockchain.
  • Blockchain private key and the third target sub-blockchain private key may record: the first identifier of the first storage device and the second identifier of the second storage device for decentrally storing the private key of the target sub-blockchain.
  • the sub-blockchain private key to be stored by the second storage device can be recovered.
  • the first target sub-blockchain private key, the second target sub-blockchain private key, and the third target sub-blockchain private key can be distributedly stored, increasing the difficulty for malicious users to steal the block chain private key. , Thereby improving the security of the private key of the blockchain, and thus ensuring the security of user assets.
  • an embodiment of the present application provides a storage system of the private key of the blockchain.
  • the system may include a first storage device and a second storage device.
  • a storage device is connected to the second storage device;
  • the first storage device 710 is configured to store a first sub-blockchain private key.
  • the first sub-blockchain private key includes: a first preset number obtained by dividing the private key of the blockchain to be stored in a preset manner. The third preset number of sub-blockchain private keys among the sub-blockchain private keys;
  • the second storage device 720 is configured to store a second sub-blockchain private key.
  • the second sub-blockchain private key includes a first preset number obtained by dividing the private key of the blockchain to be stored in a preset manner.
  • the first preset number is not less than 3
  • the third preset number is greater than 1 and less than the first preset number
  • the first sub-blockchain private key includes the sub-blockchain private key and the second sub-blockchain private key.
  • the sub-blockchain private key included in the key is not exactly the same.
  • the first sub-blockchain private key and the second sub-blockchain private key can obtain the key to be stored.
  • the storage system of the private key of the blockchain includes a first memory and a second memory, and the first memory and the second memory are connected; the first memory is configured to store the first sub-block
  • the chain private key and the second memory are used to store the second sub-blockchain private key; wherein the first preset number is not less than 3, the third preset number is greater than 1 and less than the first preset number, and the first sub-area
  • the sub-blockchain private key included in the blockchain private key is not exactly the same as the sub-blockchain private key included in the second sub-blockchain private key.
  • the first sub-blockchain private key and the second sub-blockchain private key The key to be stored can be obtained.
  • the private key of the blockchain to be stored is decomposed into a plurality of sub-block private keys, and the first storage and the second storage respectively store a part of the several sub-block private keys.
  • the private blockchain subkey and only when the first private blockchain private key stored in the first storage is combined with the second private blockchain private key stored in the second storage can a complete block to be stored be obtained Private chain key. In this way, even if any of the first memory and the second memory is lost, the complete private key of the blockchain will not be lost, and the complete private key of the blockchain to be stored will be dispersed in the private key of the blockchain.
  • the two memories in the storage system improve the security of storing blockchain private keys.
  • the first memory is the foregoing first storage device
  • the second memory is the foregoing second storage device.
  • the first preset number may be customized. For example, if the first preset number is 3, after the blockchain private key to be stored is decomposed, three sub-blockchain private keys can be obtained.
  • FIG. 8 a schematic diagram of an application scenario is provided in the embodiment of the present application.
  • the first memory 710 and the second memory 720 are connected, and the first memory 710 and the second memory 720 can communicate with each other.
  • the first memory 710 and the second memory 720 are connected through a parallel bus.
  • the foregoing system may further include a terminal device 730.
  • the terminal device 730 may be a terminal device such as a mobile phone, a tablet, or a computer.
  • the terminal device is connected to the first memory 710 and the second memory 720, respectively.
  • the connection methods include direct connection and indirect connection. Direct connection means that the terminal device and the memory can communicate directly, and indirect connection means that the terminal device and the memory need to communicate through other devices.
  • the terminal device is directly connected to the first memory 710, that is, the terminal device can directly communicate with the first memory.
  • the terminal device 730 and the second memory 720 are also directly connected, that is, the terminal device can directly communicate with the second memory.
  • any one of the first memory and the second memory is directly connected to the terminal device, and the other memory is indirectly connected to the terminal device through a memory directly connected to the terminal device.
  • the first memory 710 is directly connected to the terminal device 730, and the second memory 720 is indirectly connected to the terminal device 730 through the first memory 710.
  • the terminal device can directly send information to the first storage, and when the terminal device sends information to the second storage, the terminal device sends the information to the first storage, and the first storage forwards the information to the second storage. In this way, a communication connection between the terminal device and the second memory is implemented.
  • the first storage is connected to the second storage and the second storage is directly connected to the terminal device, the first storage is indirectly connected to the terminal device through the second storage.
  • the memory directly connected to the terminal device has an information processing capability
  • the memory having the information processing capability may be referred to as a master disk.
  • the memory indirectly connected to the terminal device may not have the information processing capability, and the information processing is performed through the connected memory with the information processing capability.
  • the memory without the information processing capability it may be called a subdisk.
  • the child disk communicates with the terminal device through the mother disk, which can save costs.
  • an application program "hardware wallet” 731 can be installed in a terminal device, and the terminal device 730 is directly connected to the first storage 710, that is, the terminal device 730 is directly connected to the first storage 710.
  • a memory 710 is connected to the second memory 720, so that the terminal device 730 is indirectly connected to the second memory 720.
  • the first memory directly connected to the terminal device has information processing capabilities, that is, the first memory is a mother disk, and the second memory is a child disk.
  • the terminal device is used to store the third sub-blockchain private key.
  • the third sub-blockchain private key includes: a first preset number of sub-blockchains obtained after the blockchain private key to be stored is decomposed and processed. The third preset number of private blockchain private keys.
  • the third sub-blockchain private key stored in the terminal device may be stored locally on the terminal device, or may be stored on a cloud server connected to the terminal device.
  • the terminal device may be specifically configured to divide the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a threshold algorithm;
  • the threshold algorithm determines the first storage device, the second storage device, and the corresponding private blockchain private key.
  • the foregoing terminal device may be further configured to divide the private blockchain key to be stored into a first preset number of sub-blockchain private keys according to a preset manner in the preset manner. Displaying the number setting prompt information; obtaining a first preset number set by the user based on the number setting prompt information.
  • the above-mentioned terminal device may be specifically used to perform encryption processing on the obtained sub-blockchain private key.
  • the terminal device is configured to use a preset encryption algorithm to encrypt the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key respectively, and obtain a pre- Set the target key of the encryption algorithm.
  • the terminal device may also be used to decompose the target key to obtain the target number of target subkeys; and from the obtained target subkeys, determine the fourth number of target subkeys as the first target subkey. Key, determine the fifth target subkey as the second target subkey, and determine the sixth target subkey as the third target subkey; send the first target subkey to The first memory sends the second target subkey to the second memory, and stores the third target subkey.
  • the first memory may further store the first target subkey
  • the second memory may further store the second target subkey
  • the terminal device may further store the third target subkey
  • the first target subkey sent by the terminal device can be received, and the first target subkey is stored.
  • the second target subkey sent by the terminal device may be received, and the second target subkey may be stored.
  • the first preset number may be three, and the fourth number, the fifth number, and the sixth number may be two.
  • the terminal device may be specifically configured to perform encryption processing on the private blockchain key to be stored by using a preset encryption algorithm, to obtain the encrypted private blockchain key;
  • the key is decomposed to obtain a first preset number of sub-blockchain private keys; the first number of sub-blockchain private keys of the first preset number of sub-blockchain private keys are determined as the first sub-key
  • the second number of sub-blockchain private keys in the first number of sub-blockchain private keys is determined as the second sub-blockchain private key, and the first preset number of The third sub-blockchain private key in the sub-blockchain private key is determined as the third sub-blockchain private key.
  • the first storage device can also be used to save the first target subkey; the second storage device can also be used to save the second target subkey.
  • the terminal device may be specifically configured to perform encryption processing on the private blockchain key to be stored by using a preset encryption algorithm, to obtain the encrypted private blockchain key;
  • the blockchain private key is decomposed to obtain a first preset number of sub-blockchain private keys; the first number of sub-blockchain private keys of the first preset number of sub-blockchain private keys are used as the first A sub-blockchain private key and target key are sent to the first memory for storage; a second number of sub-blockchain private keys in the first preset number of sub-blockchain private keys are used as the second sub-block
  • the private chain key and the target key are sent to the second memory for storage;
  • the third sub-block private key of the first preset number of sub-block private keys is used as the third sub-block private key and
  • the target key is stored locally;
  • the target key is a key of a preset encryption algorithm.
  • the first storage device is further configured to save the target key;
  • the second storage device is further configured to save the target key.
  • the terminal device may be further configured to use a preset encryption algorithm to respectively encrypt the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key.
  • Perform encryption processing and obtain the target key corresponding to the preset encryption algorithm; send the target key to the first storage and the second storage respectively; and store the target key locally;
  • the first storage is also used to receive the The target key, and stores the target key;
  • the second memory is also used for receiving the target key sent by the terminal device, and storing the target key.
  • the terminal device may further divide the private key to be stored into a first preset number of sub-blockchain private keys with the first storage device and
  • the second storage device establishes a connection; after establishing a connection with the first storage and the second storage respectively, the first storage is verified and the second storage is verified; the verification of the first storage device and the first storage are determined. Whether the verification of the two storage devices is successful; when the verification of the first storage and the verification of the second storage are both successful, it is determined to match with both the first storage and the second storage. If not, disconnect from the first storage device and the second storage device.
  • the terminal device verifies the first memory and the second memory separately before storing the private key of the blockchain. Only when the verification succeeds can the terminal device be considered to match the first memory and the second memory. To continue the save operation. Through the verification process, the security of blockchain private key storage is improved.
  • the above-mentioned terminal device may be specifically configured to send verification information for performing encryption processing by using a preset key to the target storage, so that the target storage uses a preset verification stored locally.
  • the information performs decryption processing on the received verification information to obtain the preset key, and uses the preset key to encrypt the target identifier stored locally to obtain an encrypted identifier; to obtain the encrypted identifier, to use the preset identifier
  • the key is used to decrypt the encrypted identifier to obtain the decrypted identifier to be matched, and the identifier to be matched is matched with a preset identifier. If the identifier is matched, the verification of the target memory is determined to be successful.
  • the target storage is the first storage device or the second storage device, and the preset identifier is a pre-stored identifier corresponding to the target memory.
  • the above-mentioned terminal device may be further configured to obtain a sub-blockchain private key stored in the first storage device as a target when receiving a blockchain private key acquisition instruction.
  • Sub-blockchain private key using the locally stored sub-blockchain private key and the target sub-blockchain private key to recover the block-chain private key to be stored.
  • the above-mentioned blockchain private key acquisition instruction may be a transaction confirmation instruction for a transaction
  • the above-mentioned terminal device may be further configured to confirm the transaction based on the target blockchain private key after the blockchain private key to be stored is recovered according to the obtained sub-blockchain private key.
  • the terminal device may be further configured to determine whether a first identifier of the first storage device is recorded locally after receiving a transaction confirmation instruction for the transaction; if recorded, The first identifier executes the step of obtaining the sub-blockchain private key stored in the first storage device as the target sub-blockchain private key; if the first identifier is not recorded, obtaining a plug-in electrical connection A second identification to a second storage device of the first storage device; determining whether the second identification is recorded locally; and if the second identification is recorded, obtaining a subarea stored in the second storage device Blockchain private key, as the target subblockchain private key.
  • the foregoing terminal device may be further configured to determine the first storage device before obtaining the second identifier of the second storage device that is electrically connected to the first storage device. Whether the device is electrically connected to the second storage device; if the first storage device is not electrically connected to the second storage device, prompting the user to establish the first storage device and the second storage device After detecting that the first storage device is electrically connected to the second storage device, perform the first step of obtaining the second storage device that is electrically connected to the first storage device. Two identified steps.
  • the foregoing terminal device may be further configured to prompt the user to replace the second storage device that is electrically connected to the first storage device when the second identifier is not recorded locally.
  • the terminal device may be specifically used to determine whether the first storage device is electrically connected to the second storage device; if the first storage device is not connected to the first storage device, The two storage devices are electrically connected to obtain the sub-blockchain private key stored in the first storage device as the target sub-blockchain private key; if the first storage device is plugged into the second storage device When unplugged, when the second identifier of the second storage device is recorded in the terminal device, the private key stored in the first storage device or the sub-blockchain in the second storage device is obtained as Target sub-blockchain private key.
  • the terminal device may be specifically used to determine whether the first storage device is an initialization device; if it is not an initialization device, obtain a sub-block stored in the first storage device. Chain private key; if it is an initialization device, obtain the sub-blockchain private key stored in the second storage device.
  • the above-mentioned terminal device may be further configured to determine a first identifier of the first storage device that is communicatively connected when receiving a data recovery instruction, and determine a connection with the first storage device. Plug and unplug the second identifier of the second storage device that is electrically connected; based on the first identifier and the second identifier, determine the data to be restored in itself, the first storage device, and the second storage device.
  • One device is used as the target device; the sub-blockchain private key stored in the non-target storage medium is used to recover the sub-blockchain private key required to be stored in the target storage medium.
  • the terminal device may be specifically configured to determine whether the first identifier and the second identifier are recorded locally; if the first identifier is recorded and the second identifier is not recorded; Identification, determining that the second storage device is a target device of data to be recovered; if the second identification is recorded and the first identification is not recorded, determining that the first storage device is a target device of data to be recovered; If the second identifier and the first identifier are not recorded, it is determined that it is the target device of the data to be recovered.
  • the terminal device may be specifically configured to detect whether the second storage device is an initialization device; and if the second storage device is an initialization device, determine that the second storage device is a standby device. Target device for data recovery.
  • the foregoing terminal device may be further configured to, after receiving the data recovery instruction, determine a first identifier of a first storage device that is communicatively connected, and determine a connection with the first Before a storage device is plugged and unplugged to a second identification of a second storage device, it is detected whether a communication connection is established with the first storage device, and whether the first storage device is plugged and connected to the second storage device. ; If not, prompt the user to establish a communication connection with the first storage device, and prompt the user to electrically connect the first storage device to the second storage device.
  • the terminal device 730, the first storage device 710, and the second storage device 720 may be used to perform the following operations:
  • the terminal device 730 obtains the first sub data, the second sub data, and the third sub data obtained by segmenting the target data;
  • the target data is the private key of the blockchain to be stored
  • the first sub data, the second sub data, and the third sub data are the first sub blockchain private key and the second sub blockchain private key, respectively.
  • the third private blockchain private key is the private key of the blockchain to be stored
  • the first sub data, the second sub data, and the third sub data are the first sub blockchain private key and the second sub blockchain private key, respectively.
  • the third private blockchain private key is the third private blockchain private key.
  • the terminal device 730 determines the sub-data to be stored by the terminal device 730, the first storage device 710, and the second storage device 720;
  • the target data can be recovered through the sub data to be stored by any two devices of the terminal device 730, the first storage device 710, and the second storage device 720.
  • the terminal device 730 stores the sub-data to be stored in the terminal device 730 locally on the terminal device 730;
  • the terminal device 730 sends the sub data to be stored by the first storage device 710 and the second storage device 720 to the first storage device 710;
  • the first storage device 710 saves sub-data to be stored by the first storage device 710;
  • the first storage device 710 sends the sub-data to be stored by the second storage device 720 to the second storage device 720;
  • the second storage device 720 stores the sub data sent by the first storage device and to be stored by the second storage device 720.
  • the terminal device 730, the first storage device 710, and the second storage device 720 can also be used to perform the following operations:
  • the terminal device 730 sends a recovery instruction for the target data to the first storage device 710;
  • the first storage device 710 uses a second preset encryption algorithm to encrypt the sub-data stored in the first storage device 710 to obtain a sub-data encrypted file;
  • the first storage device 710 sends the sub-data encrypted file to the terminal device 730;
  • the terminal device 730 decrypts the sub-data encrypted file based on the second preset encryption algorithm to obtain the sub-data stored by the first storage device 710.
  • the terminal device 730 recovers the target data by using the sub data stored in the first storage device and the sub data stored locally by the terminal device.
  • the first storage device is electrically connected to the second storage device through a universal serial bus USB interface, and the first storage device is specifically configured to connect the second subarea through the USB interface
  • the blockchain private key is sent to the second storage device.
  • the terminal device is specifically configured to use the wireless communication method to use the private key of the sub-blockchain corresponding to the first storage device and the second storage device as the first sub-blockchain private key and The second sub-blockchain private key is sent to the first storage device.
  • the foregoing wireless communication method may include a Bluetooth communication method or a short-range wireless communication NFC communication method.
  • the foregoing first storage device may include a transceiver module and a storage module.
  • the hair extension module is electrically connected to the storage module.
  • the transceiver module may be configured to receive sub-data to be stored by the first storage device and the second storage device from the terminal device, and send the sub-data to be stored by the second storage device to the second storage device.
  • the storage module may be configured to store the sub-data received by the transceiver module and to be stored by the first storage device.
  • the receiving module is configured to receive the first sub-blockchain private key and the second sub-blockchain private key sent by the terminal device, and send the second sub-blockchain private key to the second storage device.
  • the storage module is used to save the first sub-blockchain private key.
  • the foregoing first storage device may further include a power supply module and a flash module.
  • the hair extension module, the storage module, and the flash module are electrically connected to the power supply module.
  • the power supply module is used to supply power to the transceiver module, the storage module, and the flash module of the first storage device.
  • the power supply module is further configured to supply power to a storage chip of the second storage device.
  • the flash module is used to activate the flash when a flash-on instruction is received.
  • the flash module may include a light emitting strip, and the light emitting strip may be disposed on an outer contour of the first storage device. Wherein, when the flash module is activated, the light-emitting bar is in a lit state, which improves a user's visual experience.
  • the foregoing first storage device may further include a display screen module, that is, a display screen.
  • the display module can be used to display the remaining power of the power supply module. In this way, the user can see the power of the power supply module on the display screen, and then can decide whether to charge or replace the first storage device, thereby ensuring the normal use of the first storage device.
  • the display module may also display identification information of the terminal device.
  • the user can check whether the terminal device that establishes a wireless communication connection with the first storage device is a terminal device that the user wants to connect. When it is not the terminal device to which the user wants to connect, the user can timely connect the terminal device to be connected with the first storage device in a communication connection.
  • the identification information of the terminal device includes, but is not limited to, a custom name set by the user to the terminal device, a product serial number of the terminal device, and a MAC (Media Access Control) address of the terminal device.
  • the display module can also display the transaction amount of digital currency transactions performed by the terminal device. In this way, the user can view the transaction amount of the digital currency transaction through the display screen in the first storage device, which is convenient for the user to confirm whether the transaction amount is correct.
  • an embodiment of the present application further provides a storage device for a blockchain private key.
  • the following describes a storage device for a blockchain private key provided in an embodiment of the present application.
  • a blockchain private key storage device is applied to a terminal device, and the device includes:
  • Blockchain private key acquisition module 1510 configured to obtain the blockchain private key to be stored
  • a blockchain private key division module 1520 configured to divide the blockchain private key to be stored into a first preset number of sub-blockchain private keys in a preset manner
  • the first preset number is not less than three.
  • the blockchain private key storage module 1530 is configured to store the sub-blockchain private key in a second preset number of storage media.
  • Each storage medium stores a third preset number of sub-blockchain private keys, the third preset number is greater than 1 and less than the first preset number, and the sub-blockchain private keys stored in each storage medium Not exactly the same.
  • the terminal device first obtains the private key of the blockchain to be stored, and divides the private key of the blockchain to be stored into a first preset number of sub-blockchain private keys in a preset manner. Key, where the first preset number is not less than 3, and then the sub-blockchain private key is stored in a second preset number of storage media, where each storage medium stores a third preset number of sub-blockchain private keys Key, the third preset number is greater than 1 and less than the first preset number, and the sub-blockchain private keys stored in each storage medium are not exactly the same.
  • the above-mentioned blockchain private key division module 1520 may include:
  • a first blockchain private key division unit configured to divide the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a threshold algorithm
  • the above-mentioned blockchain private key storage module 1530 may include:
  • the first blockchain private key storage unit is configured to store the sub-blockchain private key in a second preset number of storage media according to the threshold algorithm.
  • the foregoing apparatus may further include:
  • a prompt information display module configured to display the number setting prompt information before the blockchain private key to be stored is divided into a first preset number of sub-blockchain private keys in a preset manner
  • the quantity obtaining module is configured to obtain a first preset quantity and a second preset quantity set by the user based on the quantity setting prompt information.
  • the foregoing apparatus may further include:
  • a sub-blockchain private key acquisition module is configured to obtain a sub-blockchain private key stored from a fourth preset number of the storage media when a block-chain private key acquisition instruction is received.
  • the fourth preset number is less than the second preset number;
  • the block chain private key recovery module is configured to recover the block chain private key to be stored according to the obtained sub block chain private key.
  • the foregoing storage media are different storage media in a same physical device
  • the storage medium is a storage medium in different physical devices
  • Some of the storage media are different storage media in the same physical device, and the rest are storage media in different physical devices.
  • the second preset number is 3, and the storage medium is a storage medium in the terminal device, a storage medium in the first storage device, and a storage medium in the second storage device;
  • the above-mentioned blockchain private key storage module 1530 may include:
  • the sub-blockchain private key determination unit is configured to determine the first number of sub-blockchain private keys from the obtained sub-blockchain private keys as the first sub-blockchain private key, and the second number of The sub-blockchain private key is determined as the second sub-blockchain private key, and the third number of sub-blockchain private keys are determined as the third sub-blockchain private key;
  • a second blockchain private key storage unit is configured to send the first sub-blockchain private key to the first storage device for storage, and send the second sub-blockchain private key to the first Two storage devices perform storage, and the third sub-blockchain private key is stored locally.
  • the above-mentioned blockchain private key division module 1520 may include:
  • a first encryption unit configured to perform encryption processing on the blockchain private key to be stored by using a preset encryption algorithm to obtain the encrypted blockchain private key
  • a second blockchain private key division unit configured to decompose the encrypted blockchain private key in a preset manner to obtain the first preset number of sub-blockchain private keys
  • the above-mentioned second blockchain private key storage unit may include:
  • a first key determining subunit configured to obtain a target key of the preset encryption algorithm, and perform decomposition processing on the target key to obtain a target number of target subkeys;
  • a first sub-key division sub-unit configured to determine a fourth number of target sub-keys among the target number of target sub-keys as the first target sub-key, and set the target number of target sub-keys
  • the fifth number of target subkeys in the key is determined as the second target subkey
  • the sixth number of target subkeys in the target number of target subkeys is determined as the third target subkey.
  • a first blockchain private key storage subunit configured to send the first subblockchain private key and the first target subkey to the first storage device for storage; and store the second Send the private blockchain private key and the second target subkey to the second storage device for storage; store the third private blockchain private key and the third target subkey in local.
  • the second blockchain private key storage unit may include:
  • the first encryption subunit is configured to encrypt the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key using a preset encryption algorithm, respectively.
  • a second subkey determination subunit configured to obtain a target key of the preset encryption algorithm, and perform decomposition processing on the target key to obtain a target number of target subkeys
  • a second sub-key division sub-unit configured to determine a fourth number of target sub-keys among the target number of target sub-keys as a first target sub-key, and set the target number of target sub-keys
  • the fifth number of target subkeys in the key is determined as the second target subkey
  • the sixth number of target subkeys in the target number of target subkeys is determined as the third target subkey.
  • the second blockchain private key storage subunit is configured to send the first subblockchain private key and the first target subkey after encryption processing to the first storage device for storage, and perform the encryption processing. Send the second private sub-chain private key and the second target sub-key to the second storage device for storage, and encrypt the third private sub-chain private key and the third share
  • the target subkey is stored locally.
  • the foregoing sub-blockchain private key determination unit may include:
  • a first encryption subunit configured to perform encryption processing on the blockchain private key to be stored by using a preset encryption algorithm to obtain the encrypted blockchain private key
  • a sub-blockchain private key determination subunit configured to decompose the encrypted private blockchain key in a preset manner to obtain the first preset number of sub-blockchain private keys
  • the above-mentioned second blockchain private key storage unit may include:
  • a first target key acquisition subunit configured to acquire a target key of the preset encryption algorithm
  • a third blockchain private key storage subunit configured to send the first sub-blockchain private key and the target key to the first storage device for storage; and store the second sub-blockchain The private key and the target key are sent to the second storage device for storage; the third sub-blockchain private key and the target key are stored locally.
  • the second blockchain private key storage unit includes:
  • the second encryption subunit is configured to encrypt the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key by using a preset encryption algorithm, respectively.
  • a second target key acquisition subunit configured to acquire a target key of the preset encryption algorithm
  • a fourth blockchain private key storage subunit configured to send the first encrypted private blockchain subkey and the target key to the first storage device for storage, and store the second encrypted cryptographic key
  • the private blockchain private key and the target key are sent to the second storage device for storage, and the third private blockchain private key and the target key after encryption processing are stored locally.
  • the foregoing apparatus may further include:
  • a connection establishment module configured to communicate with the first storage device and the second storage device before the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys in a preset manner. establish connection;
  • a verification module configured to verify the first storage device and verify the second storage device
  • a judging module configured to judge whether verification of the first storage device and verification of the second storage device are successful
  • a matching determination module configured to determine that both the first storage device and the second storage device match if the verification of the first storage device and the verification of the second storage device are successful
  • connection disconnection module is used to disconnect the first storage device and the second storage device if the verification of the first storage device and the verification of the second storage device are not uniformly successful.
  • the verification module may include:
  • a verification unit configured to send verification information that is encrypted using a preset key to the target storage device, so that the target storage device decrypts the received verification information by using the preset verification information stored locally
  • Obtain the preset key use the preset key to perform encryption processing on a locally stored target identifier to obtain an encrypted identifier; obtain the encrypted identifier, and use the preset key to decrypt the encrypted identifier
  • the target storage device is the first storage device or the second storage device
  • the preset identifier is a previously stored identifier corresponding to the target storage device.
  • An embodiment of the present application further provides a device for recovering a private key of a blockchain.
  • the first type of blockchain private key recovery device provided in the embodiments of the present application is described below.
  • a device for recovering a private key of a blockchain is applied to a terminal device, and the device includes:
  • a sub-blockchain private key acquisition module 1610 is configured to obtain a stored sub-key from a fourth preset number of storage media from a second preset number of storage media when a blockchain private key acquisition instruction is received.
  • each storage medium stores a third preset number of sub-blockchain private keys among the first preset number of sub-blockchain private keys, and the sub-blockchain private keys stored in each storage medium are incomplete Similarly, the sub-blockchain private key is obtained by dividing the blockchain private key to be stored in a preset manner, and the third preset number is less than the second preset number.
  • the first recovery module 1620 is configured to recover the private blockchain key to be stored according to the obtained private blockchain private key as the target private blockchain key.
  • the terminal device when receiving a blockchain private key acquisition instruction, acquires it from a fourth preset number of storage media from the second preset number of storage media.
  • the stored private blockchain private key is recovered from the obtained private blockchain private key to obtain the private blockchain private key to be stored as the target private blockchain private key.
  • the terminal device can recover the private blockchain key to be stored without acquiring all the private blockchain private keys stored in the storage medium. Therefore, the loss of some storage media will not affect the user's recovery of the area to be stored. Blockchain private key, better user experience, and improve the security of the virtual wallet.
  • the foregoing first recovery module 1620 may include:
  • the first recovery unit is configured to recover the obtained private blockchain private key according to a threshold algorithm to obtain the private blockchain private key to be stored.
  • the above-mentioned blockchain private key acquisition instruction may be a transaction confirmation instruction for a transaction
  • the above device may further include:
  • a transaction confirmation module is configured to confirm the transaction based on the target blockchain private key after the blockchain private key to be stored is recovered according to the obtained sub-blockchain private key.
  • the second preset number may be three, and the storage medium is a storage medium in the terminal device, a storage medium in the first storage device, and a storage medium in the second storage device;
  • the above-mentioned sub-blockchain private key acquisition module 1610 may include:
  • a sub-blockchain private key obtaining unit configured to obtain the sub-blockchain private key stored in the first storage device as a target sub-blockchain private key
  • the above-mentioned first recovery module 1620 may include
  • a second recovery unit is configured to recover the private blockchain private key to be stored by using the local private blockchain private key and the target private blockchain private key.
  • the above-mentioned sub-blockchain private key obtaining unit may include:
  • An electrical connection judging subunit configured to determine whether the first storage device is electrically connected to the second storage device
  • the first sub-blockchain private key acquisition subunit is configured to obtain the sub-blockchain private storage stored in the first storage device if the first storage device is not electrically connected to the second storage device. Key, as the private key of the target sub-blockchain;
  • the second sub-blockchain private key acquisition subunit is configured to: if the first storage device is electrically connected to the second storage device, when the second storage device records the second storage device's second During the identification, the sub-blockchain private key stored in the first storage device or the second storage device is obtained as the target sub-blockchain private key.
  • the above-mentioned sub-blockchain private key obtaining unit may include:
  • An initialization device determination subunit configured to determine whether the first storage device is an initialization device
  • a third sub-blockchain private key acquisition subunit configured to obtain the sub-blockchain private key stored in the first storage device if it is not an initialization device;
  • the fourth sub-blockchain private key acquisition subunit is configured to, if it is an initialization device, obtain the sub-blockchain private key stored in the second storage device.
  • the foregoing apparatus may further include:
  • a first identifier determining module configured to determine whether a first identifier of the first storage device is recorded locally after receiving a transaction confirmation instruction for the transaction;
  • a first triggering module configured to trigger the sub-blockchain private key acquisition unit if the first identifier is recorded
  • An identifier obtaining module configured to obtain a second identifier of a second storage device that is electrically connected to the first storage device if the first identification is not recorded;
  • a second identifier determining module configured to determine whether the second identifier is recorded locally
  • the obtaining module is configured to obtain the sub-blockchain private key stored in the second storage device as the target sub-blockchain private key if the second identifier is recorded.
  • the foregoing apparatus may further include:
  • An electrical connection judging module configured to determine whether the first storage device is plugged into or removed from the second storage device before the second identifier of the second storage device electrically connected to the first storage device is obtained; Electrical connection
  • a first prompting module configured to prompt a user to establish a pluggable electrical connection between the first storage device and the second storage device if the first storage device is not electrically connected to the second storage device;
  • a second triggering module is configured to trigger the identity acquisition module after detecting that the first storage device is electrically connected to the second storage device.
  • the foregoing apparatus may further include:
  • a second prompting module is configured to prompt the user to replace the second storage device electrically connected to the first storage device when the second identification is not recorded locally.
  • the target blockchain private key may be a private key encrypted file
  • the above transaction confirmation module may include:
  • a first decryption unit configured to decrypt the private key encrypted file by using a preset decryption key to obtain a blockchain private key
  • a transaction confirmation unit is configured to confirm the transaction by using the blockchain private key.
  • the sub-blockchain private key obtaining module 1610 may include:
  • An encrypted data obtaining unit configured to obtain the encrypted data corresponding to the sub-blockchain private key stored in the first storage device
  • a second decryption unit is configured to decrypt the encrypted data to obtain a sub-blockchain private key stored in the first storage device.
  • An embodiment of the present application also provides another device for recovering a private key of a blockchain.
  • the following describes a second type of blockchain private key recovery device provided in an embodiment of the present application.
  • a device for recovering a private key of a blockchain is applied to a terminal device, and the device includes:
  • a target storage medium determining module 1710 configured to determine a target storage medium from a second preset number of storage media when a data recovery instruction is received;
  • each storage medium stores a third preset number of sub-blockchain private keys among the first preset number of sub-blockchain private keys, and the sub-blockchain private keys stored in each storage medium are incomplete Similarly, the private blockchain private key is obtained by dividing the private blockchain private key to be stored in a preset manner, and the fourth preset number is less than the second preset number.
  • a second recovery module 1720 is configured to recover a private sub-blockchain private key required by the target storage medium by using a private sub-blockchain private key stored in a non-target storage medium among the second preset number of storage media. key.
  • the terminal device when receiving a data recovery instruction, determines a target storage medium from a second preset number of storage media, and then uses the second preset number of storage media to The sub-blockchain private key stored in the non-target storage medium is used to recover the sub-blockchain private key stored in the target storage medium.
  • the terminal device can recover the sub-blockchain private key stored in the non-target storage medium according to the sub-blockchain private key stored in the target storage medium. Therefore, the sub-blockchain private key in some storage media is lost. Under the circumstances, the lost private blockchain private key can be recovered to ensure the integrity of the data and better user experience.
  • the second preset number may be three
  • the storage medium is a storage medium in the terminal device, a storage medium in the first storage device, and a storage medium in the second storage device.
  • the above-mentioned target storage medium determination module 1710 may include:
  • An identifier determining unit configured to determine a first identifier of the first storage device that is communicatively connected, and determine a second identifier of the second storage device that is electrically connected to the first storage device;
  • a target device determining unit is configured to determine, based on the first identifier and the second identifier, one device of data to be recovered among itself, the first storage device, and the second storage device, as a target device.
  • the target device determining unit may include:
  • An identifier judging subunit configured to determine whether the first identifier and the second identifier are recorded locally
  • a first target device determining subunit configured to determine, if the first identifier is recorded and the second identifier is not recorded, the second storage device as a target device of data to be recovered;
  • a second target device determining subunit configured to, if the second identifier is recorded and the first identifier is not recorded, determine the first storage device as a target device of data to be recovered;
  • the third target device determining subunit is configured to determine itself as a target device of data to be restored if the second identifier and the first identifier are not recorded.
  • the foregoing first target device determination subunit may include:
  • An initialization detection subunit configured to detect whether the second storage device is an initialization device
  • the device determining subunit is configured to determine that the second storage device is a target device of data to be restored if the second storage device is an initialization device.
  • the foregoing apparatus may further include:
  • a connection detection module configured to, after receiving the data recovery instruction, determine a first identifier of a first storage device that is communicatively connected, and determine a second storage device that is electrically connected to the first storage device Detecting whether a communication connection is established with the first storage device and whether the first storage device is electrically connected to the second storage device before the second identification;
  • the connection prompting module is configured to prompt the user to establish a communication connection with the first storage device if not, and prompt the user to electrically connect the first storage device to the second storage device.
  • the terminal device may include a processor 1801, a communication interface 1802, a memory 1803, and a communication bus 1804.
  • the processor 1801, the communication interface 1802, and the memory 1803 pass through The communication bus 1804 completes communication with each other,
  • the processor 1801 is configured to implement a method for storing or recovering the private key of the blockchain according to any one of the foregoing embodiments when the program stored in the memory 1803 is executed.
  • the communication bus mentioned in the above terminal device may be a Peripheral Component Interconnect (PCI) bus or an Extended Industry Standard Architecture (EISA) bus, etc.
  • PCI Peripheral Component Interconnect
  • EISA Extended Industry Standard Architecture
  • the communication bus can be divided into an address bus, a data bus, a control bus, and the like.
  • the figure only uses a thick line to represent, but it does not mean that there is only one bus or one type of bus.
  • the communication interface is used for communication between the terminal device and other devices.
  • the memory may include random access memory (Random Access Memory, RAM), and may also include non-volatile memory (Non-Volatile Memory, NVM), such as at least one disk memory.
  • NVM non-Volatile Memory
  • the memory may also be at least one storage device located far from the foregoing processor.
  • the aforementioned processor may be a general-purpose processor, including a central processing unit (CPU), a network processor (NP), etc .; it may also be a digital signal processor (Digital Signal Processing, DSP), special integration Circuit (Application Specific Integrated Circuit, ASIC), Field-Programmable Gate Array (FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components.
  • CPU central processing unit
  • NP network processor
  • DSP Digital Signal Processing
  • ASIC Application Specific Integrated Circuit
  • FPGA Field-Programmable Gate Array
  • An embodiment of the present application further provides a computer-readable storage medium, where the computer-readable storage medium stores a computer program, and when the computer program is executed by a processor, the private blockchain according to any one of the foregoing embodiments is implemented.
  • the key storage method or recovery method is implemented.
  • An embodiment of the present application further provides a computer program, which is used to execute a method for storing or recovering a private key of a blockchain according to any one of the foregoing embodiments when running.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

Embodiments of the present application provide a block chain private key storage and recovery method, device and system. The method comprises: obtaining a block chain private key to be stored; dividing said block chain private key into a first preset number of sub-block chain private keys according to a preset mode, wherein the first preset number is not less than 3; and storing the sub-block chain private keys in a second preset number of storage media, wherein each storage medium stores a third preset number of sub-block chain private keys, the third preset number is greater than 1 and less than the first preset number, and the sub-block chain private keys stored in each storage medium are not completely the same. Therefore, since the block chain private key is not completely stored in one storage medium, even if the sub-block chain private keys in a certain storage medium are lost or stolen, the property security of a user is not influenced due to incompleteness of the sub-block chain private keys; therefore, the storage security of the block chain private key is greatly improved.

Description

一种区块链私钥的存储、恢复方法、装置及系统Method, device and system for storing and recovering private key of blockchain

本申请要求于2018年9月28日提交中国专利局、申请号为201811141586.8发明名称为“一种区块链私钥的存储方法、装置及电子设备”、申请号为201811143070.7发明名称为“一种硬件钱包”、申请号为201811141434.8发明名称为“一种硬件钱包”、申请号为201811142961.0发明名称为“一种密钥存储方法及装置”、申请号为201811141408.5发明名称为“一种数据恢复方法、装置、数字钱包设备及可读存储介质”及申请号为201811141594.2发明名称为“一种交易确认方法、装置、数字钱包设备及可读存储介质”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application requires that the Chinese Patent Office be filed on September 28, 2018, with the application number 201811141586.8, the invention name is "a method, device and electronic device for storing a private key of a blockchain", and the application number is 201811143070.7. "Hardware wallet", application number 201811141434.8 invention name "a hardware wallet", application number 201811142961.0 invention name "a key storage method and device", application number 201811141408.5 invention name "a data recovery method, Device, digital wallet device and readable storage medium "and application number 201811141594.2 The priority of the Chinese patent application entitled" A Method, Device, Digital Wallet Device and Readable Storage Medium for Transaction Confirmation ", the entire contents of which are incorporated by reference Incorporated in this application.

技术领域Technical field

本申请涉及数据存储技术领域,特别是涉及一种区块链私钥的存储、恢复方法、装置及系统。The present application relates to the field of data storage technology, and in particular, to a method, a device, and a system for storing and recovering a private key of a blockchain.

背景技术Background technique

近些年,区块链(Block chain)技术得到重要应用及发展,其是分布式数据存储、点对点传输、共识机制、加密算法等计算机技术的新型应用模式。区块链是比特币的一个重要概念,它本质上是一个去中介化的数据库,同时作为比特币的底层技术。In recent years, Blockchain technology has gained important applications and developments. It is a new application model of computer technologies such as distributed data storage, point-to-point transmission, consensus mechanisms, and encryption algorithms. Blockchain is an important concept of Bitcoin. It is essentially a de-intermediate database and at the same time serves as the underlying technology of Bitcoin.

区块链是一串使用密码学方法相关联产生的数据块,每一个数据块中包含了一次比特币网络交易的信息,用于验证其信息的有效性和生成下一个区块。在区块链技术中,用户可以拥有一个或多个虚拟钱包,作为存储用户拥有的虚拟货币的钱包。每个虚拟钱包对应有一个区块链私钥,其用于用户登录虚拟钱包后进行虚拟货币交易。Blockchain is a series of data blocks generated by using cryptographic methods. Each data block contains information about a Bitcoin network transaction, which is used to verify the validity of the information and generate the next block. In blockchain technology, users can own one or more virtual wallets as wallets that store virtual currency owned by users. Each virtual wallet corresponds to a blockchain private key, which is used for virtual currency transactions after users log in to the virtual wallet.

目前,用户获得区块链私钥后,可以将其保存在手机等电子设备中,但是存储区块链私钥的手机等电子设备一旦丢失,或者信息被盗取,区块链私钥便会丢失,对用户的财产安全造成重大影响。At present, after the user obtains the blockchain private key, it can be stored in electronic devices such as mobile phones, but once the electronic devices such as mobile phones that store the blockchain private key are lost or information is stolen, the blockchain private key will be Loss has a significant impact on the user's property safety.

发明内容Summary of the Invention

本申请实施例的目的在于提供一种区块链私钥的存储、恢复方法、装置及系统,以提高区块链私钥存储的安全性,降低区块链私钥丢失或被盗取对用户财产造成的危害。具体技术方案如下:The purpose of the embodiments of the present application is to provide a method, a device, and a system for storing and recovering a private key of a blockchain, so as to improve the storage security of the private key of the blockchain and reduce the loss or theft of the private key of the blockchain Damage caused by property. Specific technical solutions are as follows:

第一方面,本申请实施例提供了一种区块链私钥的存储方法,所述方法包括:In a first aspect, an embodiment of the present application provides a method for storing a blockchain private key, and the method includes:

获取待存储的区块链私钥;Obtain the blockchain private key to be stored;

将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥,其中,所述第一预设数量不小于3;Dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset manner, wherein the first preset number is not less than 3;

将所述子区块链私钥存储于第二预设数量个存储介质中,其中,每个存储介质存储第三预设数量个子区块链私钥,所述第三预设数量大于1且小于第一预设数量,所述每个存储介质存储的子区块链私钥不完全相同。Storing the sub-blockchain private key in a second preset number of storage media, wherein each storage medium stores a third preset number of sub-blockchain private keys, the third preset number is greater than 1 and Less than the first preset number, the sub-blockchain private keys stored in each storage medium are not exactly the same.

可选的,所述将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥的步骤,包括:Optionally, the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset method includes:

按照门限算法,将所述待存储的区块链私钥划分为第一预设数量个子区块链私钥;Dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a threshold algorithm;

所述将所述子区块链私钥存储于第二预设数量个存储介质中的步骤,包括:The step of storing the sub-blockchain private key in a second preset number of storage media includes:

按照所述门限算法,将所述子区块链私钥分别存储于第二预设数量个存储介质中。According to the threshold algorithm, the sub-blockchain private keys are respectively stored in a second preset number of storage media.

可选的,在所述将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥的步骤之前,所述方法还包括:Optionally, before the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys in a preset manner, the method further includes:

显示数量设置提示信息;Display quantity setting prompt information;

获取用户基于所述数量设置提示信息设置的第一预设数量及第二预设数量。A first preset number and a second preset number set by a user based on the number setting prompt information are acquired.

可选的,所述存储介质为同一物理设备中的不同存储介质;Optionally, the storage media are different storage media in the same physical device;

或,or,

所述存储介质为不同物理设备中的存储介质;The storage medium is a storage medium in different physical devices;

或,or,

所述存储介质中一部分为同一物理设备中的不同存储介质,其余为不同物理设备中的存储介质。Some of the storage media are different storage media in the same physical device, and the rest are storage media in different physical devices.

可选的,所述第二预设数量为3,所述存储介质为所述终端设备中的存储介质、第一存储设备中的存储介质及第二存储设备中的存储介质;Optionally, the second preset number is 3, and the storage medium is a storage medium in the terminal device, a storage medium in the first storage device, and a storage medium in the second storage device;

所述将所述子区块链私钥存储于第二预设数量个存储介质中的步骤,包括:The step of storing the sub-blockchain private key in a second preset number of storage media includes:

从所得到的子区块链私钥中,将第一数量的子区块链私钥确定为第一份子区块链私钥,将第二数量的子区块链私钥确定为第二份子区块链私钥,将第三数量的子区块链私钥确定为第三份子区块链私钥;From the obtained sub-blockchain private keys, determine the first number of sub-blockchain private keys as the first sub-blockchain private key, and determine the second number of sub-blockchain private keys as the second sub-block. Blockchain private key, determine the third number of subblockchain private keys as the third subblockchain private key;

将所述第一份子区块链私钥发送至所述第一存储设备进行存储,将所述第二份子区块链私钥发送至所述第二存储设备进行存储,将所述第三份子区块链私钥存储在本地。Send the first sub-blockchain private key to the first storage device for storage, send the second sub-blockchain private key to the second storage device for storage, and send the third sub-block The blockchain private key is stored locally.

可选的,所述将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥的步骤,包括:Optionally, the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset method includes:

利用预设加密算法对待存储的区块链私钥进行加密处理,得到加密处理后的区块链私钥;Encrypt the blockchain private key to be stored by using a preset encryption algorithm to obtain the encrypted blockchain private key;

对加密处理后的区块链私钥按照预设方式进行分解处理,得到所述第一预设数量的子区块链私钥;Decomposing the encrypted private blockchain key in a preset manner to obtain the first preset number of sub-blockchain private keys;

所述将所述第一份子区块链私钥发送至所述第一存储设备进行存储,将所述第二份子区块链私钥发送至所述第二存储设备进行存储,将所述第三份子区块链私钥存储在本地的步骤,包括:Sending the first sub-blockchain private key to the first storage device for storage, sending the second sub-blockchain private key to the second storage device for storage, and storing the first The steps of storing the three sub-blockchain private keys locally include:

获取所述预设加密算法的目标密钥,并对所述目标密钥进行分解处理,得到目标数量的目标子密钥;Obtaining a target key of the preset encryption algorithm, and performing decomposition processing on the target key to obtain a target number of target subkeys;

将所述目标数量的目标子密钥中的第四数量的目标子密钥确定为第一份目标子密钥,将所述目标数量的目标子密钥中的第五数量的目标子密钥确定为第二份目标子密钥,将所述目标数量的目标子密钥中的第六数量的目标子密钥确定为第三份目标子密钥;Determining a fourth number of target subkeys among the target number of target subkeys as the first target subkey, and determining a fifth number of target subkeys among the target number of target subkeys Determining a second target subkey, and determining a sixth number of target subkeys among the target number of target subkeys as a third target subkey;

将所述第一份子区块链私钥和所述第一份目标子密钥发送至所述第一存储设备进行存储;将所述第二份子区块链私钥和所述第二份目标子密钥发送至所述第二存储设备进行存储;将所述第三份子区块链私钥和所述第三份目标子密钥存储于本地。Sending the first sub-blockchain private key and the first target sub-key to the first storage device for storage; sending the second sub-blockchain private key and the second target The sub-key is sent to the second storage device for storage; the third sub-blockchain private key and the third target sub-key are stored locally.

可选的,所述将所述第一份子区块链私钥发送至所述第一存储设备进行存储,将所述第二份子区块链私钥发送至所述第二存储设备进行存储,将所述第三份子区块链私钥存储在本地的步骤,包括:Optionally, the first sub-blockchain private key is sent to the first storage device for storage, and the second sub-blockchain private key is sent to the second storage device for storage, The step of storing the third private blockchain private key locally includes:

利用预设加密算法分别对所述第一份子区块链私钥、所述第二份子区块链私钥和所述第三份子区块链私钥进行加密处理;Encrypting the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key using a preset encryption algorithm, respectively;

获取所述预设加密算法的目标密钥,并对所述目标密钥进行分解处理,得到目标数量的目标子密钥;Obtaining a target key of the preset encryption algorithm, and performing decomposition processing on the target key to obtain a target number of target subkeys;

将所述目标数量的目标子密钥中的第四数量的目标子密钥确定为第一份目标子密钥,将所述目标数量的目标子密钥中的第五数量的目标子密钥确定为第二份目标子密钥,将所述目标数量的目标子密钥中的第六数量的目标子密钥确定为第三份目标子密钥;Determining a fourth number of target subkeys among the target number of target subkeys as the first target subkey, and determining a fifth number of target subkeys among the target number of target subkeys Determining a second target subkey, and determining a sixth number of target subkeys among the target number of target subkeys as a third target subkey;

将加密处理后的第一份子区块链私钥和所述第一份目标子密钥发送至所述第一存储设备进行存储,将加密处理后的第二份子区块链私钥和所述第二份目标子密钥发送至所述第二存储设备进行存储,将加密处理后的第三份子区块链私钥和所述第三份目标子密钥存储在本地。Sending the encrypted first sub-blockchain private key and the first target sub-key to the first storage device for storage, and sending the encrypted second sub-blockchain private key and the The second target sub-key is sent to the second storage device for storage, and the third sub-blockchain private key after encryption processing and the third target sub-key are stored locally.

可选的,所述将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥的步骤,包括:Optionally, the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset method includes:

利用预设加密算法对所述待存储的区块链私钥进行加密处理,得到加密处理后的区块链私钥;Encrypting the blockchain private key to be stored by using a preset encryption algorithm to obtain the encrypted blockchain private key;

对加密处理后的区块链私钥按照预设方式进行分解处理,得到所述第一预设数量的子区块链私钥;Decomposing the encrypted private blockchain key in a preset manner to obtain the first preset number of sub-blockchain private keys;

所述将所述第一份子区块链私钥发送至所述第一存储设备进行存储,将所述第二份子区块链私钥发送至所述第二存储设备进行存储,将所述第三份子区块链私钥存储在本地的步骤,包括:Sending the first sub-blockchain private key to the first storage device for storage, sending the second sub-blockchain private key to the second storage device for storage, and storing the first The steps of storing the three sub-blockchain private keys locally include:

获取所述预设加密算法的目标密钥;Obtaining a target key of the preset encryption algorithm;

将所述第一份子区块链私钥和所述目标密钥发送至所述第一存储设备进行存储;将所述第二份子区块链私钥和所述目标密钥发送至所述第二存储设备进行存储;将所述第三份子区块链私钥和所述目标密钥存储于本地。Sending the first sub-blockchain private key and the target key to the first storage device for storage; sending the second sub-blockchain private key and the target key to the first Two storage devices for storing; storing the third sub-blockchain private key and the target key locally.

可选的,将所述第一份子区块链私钥发送至所述第一存储设备进行存储,将所述第二 份子区块链私钥发送至所述第二存储设备进行存储,将所述第三份子区块链私钥存储在本地的步骤,包括:Optionally, the first sub-blockchain private key is sent to the first storage device for storage, and the second sub-blockchain private key is sent to the second storage device for storage. The steps of storing the third private blockchain private key locally include:

利用预设加密算法分别对所述第一份子区块链私钥、所述第二份子区块链私钥和所述第三份子区块链私钥进行加密处理;Encrypting the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key using a preset encryption algorithm, respectively;

获取所述预设加密算法的目标密钥;Obtaining a target key of the preset encryption algorithm;

将加密处理后的第一份子区块链私钥和所述目标密钥发送至所述第一存储设备进行存储,将加密处理后的第二份子区块链私钥和所述目标密钥发送至所述第二存储设备进行存储,将加密处理后的第三份子区块链私钥和所述目标密钥存储在本地。Sending the encrypted first sub-blockchain private key and the target key to the first storage device for storage, and sending the encrypted second sub-blockchain private key and the target key Go to the second storage device for storage, and store the third sub-blockchain private key and the target key after encryption processing locally.

可选的,在所述将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥的步骤之前,所述方法还包括:Optionally, before the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys in a preset manner, the method further includes:

与第一存储设备及第二存储设备建立连接;Establishing a connection with a first storage device and a second storage device;

对所述第一存储设备进行验证,对所述第二存储设备进行验证;Verifying the first storage device and verifying the second storage device;

判断对所述第一存储设备的验证、对所述第二存储设备的验证是否均成功;Determining whether the verification of the first storage device and the verification of the second storage device are successful;

如果是,判定与所述第一存储设备及所述第二存储设备均匹配;If yes, it is determined to match both the first storage device and the second storage device;

如果否,与所述第一存储设备及所述第二存储设备断开连接。If not, disconnect from the first storage device and the second storage device.

可选的,对目标存储设备进行验证的方式,包括:Optional methods for verifying the target storage device include:

将利用预设密钥进行加密处理的验证信息发送至所述目标存储设备,以使得所述目标存储设备利用本地存储的预设验证信息对所接收到的验证信息进行解密处理得到所述预设密钥,利用所述预设密钥对本地存储的目标标识进行加密处理,得到加密标识,其中,所述目标存储设备为所述第一存储设备或所述第二存储设备;Sending verification information for encryption processing using a preset key to the target storage device, so that the target storage device decrypts the received verification information by using the preset verification information stored locally to obtain the preset A key, which uses the preset key to encrypt a locally stored target identifier to obtain an encrypted identifier, wherein the target storage device is the first storage device or the second storage device;

获取所述加密标识,利用所述预设密钥对所述加密标识进行解密处理,得到解密后的待匹配标识,将所述待匹配标识与预设标识进行匹配,若匹配,则判定对所述目标存储设备验证成功,其中,所述预设标识为预先存储的与所述目标存储设备对应的标识。Obtaining the encrypted identifier, decrypting the encrypted identifier by using the preset key, obtaining the decrypted identifier to be matched, matching the identifier to be matched with the preset identifier, and if matching, determining whether to The target storage device is successfully verified, wherein the preset identifier is a pre-stored identifier corresponding to the target storage device.

第二方面,本申请实施例提供了一种区块链私钥的恢复方法,应用于终端设备,所述方法包括:In a second aspect, an embodiment of the present application provides a method for recovering a private key of a blockchain, which is applied to a terminal device. The method includes:

当接收到区块链私钥获取指令时,从第二预设数量个存储介质中的第四预设数量个存储介质中获取其所存储的子区块链私钥,其中,每个存储介质中存储有第一预设数量个子区块链私钥中的第三预设数量个子区块链私钥,所述每个存储介质存储的子区块链私钥不完全相同,所述子区块链私钥为将待存储的区块链私钥按照预设方式划分得到的,所述第三预设数量小于所述第二预设数量;When a blockchain private key acquisition instruction is received, a sub-blockchain private key stored therein is obtained from a fourth preset number of storage media of the second preset number of storage media, where each storage medium A third preset number of sub-blockchain private keys are stored in the first preset number of sub-blockchain private keys, and the sub-blockchain private keys stored in each storage medium are not completely the same, and the sub-areas The blockchain private key is obtained by dividing the blockchain private key to be stored in a preset manner, and the third preset number is less than the second preset number;

根据所获取的子区块链私钥恢复得到所述待存储的区块链私钥,作为目标区块链私钥。According to the obtained private blockchain private key, the blockchain private key to be stored is obtained as the target private blockchain key.

可选的,所述根据所获取的子区块链私钥恢复得到所述待存储的区块链私钥的步骤,包括:Optionally, the step of recovering the private blockchain private key to be stored according to the obtained private blockchain private key includes:

按照门限算法,将所获取的子区块链私钥进行恢复处理,得到所述待存储的区块链私 钥。According to the threshold algorithm, the obtained sub-blockchain private key is recovered to obtain the blockchain private key to be stored.

可选的,所述区块链私钥获取指令为针对交易的交易确认指令;Optionally, the blockchain private key acquisition instruction is a transaction confirmation instruction for a transaction;

在所述根据所获取的子区块链私钥恢复得到所述待存储的区块链私钥的步骤之后,所述方法还包括:After the step of recovering the blockchain private key to be stored according to the obtained sub-blockchain private key, the method further includes:

基于所述目标区块链私钥对所述交易进行确认。The transaction is confirmed based on the target blockchain private key.

可选的,所述第二预设数量为3,所述存储介质为所述终端设备中的存储介质、第一存储设备中的存储介质及第二存储设备中的存储介质;Optionally, the second preset number is 3, and the storage medium is a storage medium in the terminal device, a storage medium in the first storage device, and a storage medium in the second storage device;

所述从第二预设数量个存储介质中的第四预设数量个存储介质中获取其所存储的子区块链私钥的步骤,包括:The step of obtaining a stored private blockchain private key from a fourth preset number of storage media from the second preset number of storage media includes:

获得所述第一存储设备中所存储的子区块链私钥,作为目标子区块链私钥;Obtaining the sub-blockchain private key stored in the first storage device as a target sub-blockchain private key;

所述根据所获取的子区块链私钥恢复得到所述待存储的区块链私钥的步骤,包括:The step of recovering the blockchain private key to be stored according to the obtained private blockchain private key includes:

利用本地所存储的子区块链私钥和所述目标子区块链私钥,恢复得到所述待存储的区块链私钥。The private blockchain private key stored locally and the target private blockchain private key are used to recover the private blockchain private key to be stored.

可选的,所述获得第一存储设备中所存储的子区块链私钥,作为目标子区块链私钥的步骤,包括:Optionally, the step of obtaining the sub-blockchain private key stored in the first storage device as the target sub-blockchain private key includes:

判断所述第一存储设备是否与所述第二存储设备插拔电连接;Determining whether the first storage device is electrically connected to the second storage device;

若所述第一存储设备未与所述第二存储设备插拔电连接,获得所述第一存储设备中所存储的子区块链私钥,作为目标子区块链私钥;If the first storage device is not electrically connected to the second storage device, obtaining a sub-blockchain private key stored in the first storage device as a target sub-blockchain private key;

若所述第一存储设备与所述第二存储设备插拔电连接,当所述终端设备中记录有所述第二存储设备的第二标识时,获得所述第一存储设备或所述第二存储设备中所存储的子区块链私钥,作为目标子区块链私钥。If the first storage device is electrically connected to the second storage device, when the second identification of the second storage device is recorded in the terminal device, the first storage device or the first storage device is obtained. The sub-blockchain private key stored in the second storage device is used as the target sub-blockchain private key.

可选的,所述获得所述第一存储设备或所述第二存储设备中所存储的子区块链私钥的步骤,包括:Optionally, the step of obtaining the sub-blockchain private key stored in the first storage device or the second storage device includes:

判断所述第一存储设备是否为初始化设备;Determining whether the first storage device is an initialization device;

若不为初始化设备,获得所述第一存储设备中所存储的子区块链私钥;If it is not an initialization device, obtaining the sub-blockchain private key stored in the first storage device;

若为初始化设备,获得所述第二存储设备中所存储的子区块链私钥。If it is an initialization device, obtain the sub-blockchain private key stored in the second storage device.

可选的,在接收到针对所述交易的交易确认指令后,所述方法还包括:Optionally, after receiving a transaction confirmation instruction for the transaction, the method further includes:

判断本地是否记录有所述第一存储设备的第一标识;Determining whether a first identifier of the first storage device is recorded locally;

若记录有所述第一标识,触发所述获得第一存储设备中所存储的子区块链私钥,作为目标子区块链私钥的步骤;If the first identifier is recorded, triggering the step of obtaining the sub-blockchain private key stored in the first storage device as the target sub-blockchain private key;

若未记录所述第一标识,获得插拔电连接至所述第一存储设备的第二存储设备的第二标识;If the first identifier is not recorded, obtaining a second identifier of a second storage device that is electrically connected to the first storage device;

判断本地是否记录有所述第二标识;Determining whether the second identifier is recorded locally;

若记录有所述第二标识,获得所述第二存储设备中所存储的子区块链私钥,作为目标 子区块链私钥。If the second identifier is recorded, the sub-blockchain private key stored in the second storage device is obtained as the target sub-blockchain private key.

可选的,在所述获得插拔电连接至所述第一存储设备的第二存储设备的第二标识的步骤之前,所述方法还包括:Optionally, before the step of obtaining a second identification of a second storage device electrically connected to the first storage device, the method further includes:

判断所述第一存储设备是否与所述第二存储设备插拔电连接;Determining whether the first storage device is electrically connected to the second storage device;

若所述第一存储设备未与所述第二存储设备插拔电连接,提示用户建立所述第一存储设备和所述第二存储设备的插拔电连接;If the first storage device is not electrically connected to the second storage device, prompting the user to establish an electrical connection between the first storage device and the second storage device;

在检测到所述第一存储设备与所述第二存储设备插拔电连接后,触发所述获得插拔电连接至所述第一存储设备的第二存储设备的第二标识的步骤。After detecting that the first storage device is electrically connected to the second storage device, the step of obtaining a second identity of the second storage device electrically connected to the first storage device is triggered.

可选的,当本地未记录所述第二标识时,所述方法还包括:Optionally, when the second identifier is not recorded locally, the method further includes:

提示用户更换插拔电连接至所述第一存储设备的所述第二存储设备。The user is prompted to replace the second storage device that is electrically connected to the first storage device.

第三方面,本申请实施例提供了一种区块链私钥的恢复方法,应用于终端设备,所述方法包括:In a third aspect, an embodiment of the present application provides a method for recovering a private key of a blockchain, which is applied to a terminal device. The method includes:

当接收到数据恢复指令时,从第二预设数量个存储介质中确定目标存储介质,其中,每个存储介质中存储有第一预设数量个子区块链私钥中的第三预设数量个子区块链私钥,所述每个存储介质存储的子区块链私钥不完全相同,所述子区块链私钥为将待存储的区块链私钥按照预设方式划分得到的,所述第四预设数量小于所述第二预设数量;When a data recovery instruction is received, a target storage medium is determined from a second preset number of storage media, where each storage medium stores a third preset number of the first preset number of sub-blockchain private keys Sub-blockchain private keys, the sub-blockchain private keys stored in each storage medium are not exactly the same, and the sub-blockchain private keys are obtained by dividing the block chain private keys to be stored in a preset manner , The fourth preset number is less than the second preset number;

利用所述第二预设数量个存储介质中的非目标存储介质所存储的子区块链私钥,恢复所述目标存储介质所需存储的子区块链私钥。The sub-blockchain private key stored in the non-target storage medium among the second preset number of storage media is used to recover the sub-blockchain private key required to be stored in the target storage medium.

可选的,所述第二预设数量为3,所述存储介质为所述终端设备中的存储介质、第一存储设备中的存储介质及第二存储设备中的存储介质;Optionally, the second preset number is 3, and the storage medium is a storage medium in the terminal device, a storage medium in the first storage device, and a storage medium in the second storage device;

所述从第二预设数量个存储介质中确定目标存储介质的步骤,包括:The step of determining a target storage medium from the second preset number of storage media includes:

确定通信连接的所述第一存储设备的第一标识,并确定与所述第一存储设备插拔电连接的所述第二存储设备的第二标识;Determining a first identifier of the first storage device that is communicatively connected, and determining a second identifier of the second storage device that is electrically connected to the first storage device;

基于所述第一标识和所述第二标识,确定自身、所述第一存储设备和所述第二存储设备中待恢复数据的一个设备,作为目标设备。Based on the first identifier and the second identifier, a device to be restored among itself, the first storage device, and the second storage device is determined as a target device.

可选的,所述基于所述第一标识和所述第二标识,确定自身、所述第一存储设备和所述第二存储设备中待恢复数据的一个设备,作为目标设备的步骤,包括:Optionally, the step of determining, based on the first identifier and the second identifier, one device of data to be recovered among itself, the first storage device, and the second storage device, as a target device includes: :

判断本地是否记录有所述第一标识和所述第二标识;Determining whether the first identifier and the second identifier are recorded locally;

若记录有所述第一标识且未记录所述第二标识,确定所述第二存储设备为待恢复数据的目标设备;If the first identifier is recorded and the second identifier is not recorded, determining that the second storage device is a target device of data to be recovered;

若记录有所述第二标识且未记录有所述第一标识,确定所述第一存储设备为待恢复数据的目标设备;If the second identifier is recorded and the first identifier is not recorded, determining that the first storage device is a target device of data to be recovered;

若未记录有所述第二标识和所述第一标识,确定自身为待恢复数据的目标设备。If the second identifier and the first identifier are not recorded, it is determined that it is the target device of the data to be recovered.

可选的,所述确定所述第二存储设备为待恢复数据的目标设备的步骤,包括:Optionally, the step of determining the second storage device as a target device of data to be recovered includes:

检测所述第二存储设备是否为初始化设备;Detecting whether the second storage device is an initialization device;

若所述第二存储设备为初始化设备,确定所述第二存储设备为待恢复数据的目标设备。If the second storage device is an initialization device, it is determined that the second storage device is a target device of data to be recovered.

可选的,在接收到所述数据恢复指令之后,在所述确定通信连接的第一存储设备的第一标识,并确定与所述第一存储设备插拔电连接的第二存储设备的第二标识的步骤之前,所述方法还包括:Optionally, after the data recovery instruction is received, the first identification of the first storage device that is communicatively connected is determined, and the second storage device that is electrically connected to the first storage device is Before the two identifying steps, the method further includes:

检测是否与所述第一存储设备建立通信连接,且所述第一存储设备是否插拔电连接至所述第二存储设备;Detecting whether a communication connection is established with the first storage device, and whether the first storage device is electrically connected to the second storage device;

若否,提示用户建立与所述第一存储设备的通信连接,并提示用户将所述第一存储设备插拔电连接至所述第二存储设备。If not, the user is prompted to establish a communication connection with the first storage device, and the user is prompted to electrically connect the first storage device to the second storage device.

第四方面,本申请实施例提供了一种区块链私钥的存储系统,所述系统包括第一存储设备和第二存储设备,所述第一存储设备和所述第二存储设备连接;In a fourth aspect, an embodiment of the present application provides a storage system for a private key of a blockchain, the system includes a first storage device and a second storage device, and the first storage device is connected to the second storage device;

所述第一存储设备,用于存储第一份子区块链私钥,所述第一份子区块链私钥包括:待存储的区块链私钥被按照预设方式划分所得到的第一预设数量个子区块链私钥中第三预设数量个子区块链私钥;The first storage device is configured to store a first sub-blockchain private key, and the first sub-blockchain private key includes: a first obtained by dividing the private key of the blockchain to be stored in a preset manner; The third preset number of sub-blockchain private keys among the preset number of sub-blockchain private keys;

所述第二存储设备,用于存储第二份子区块链私钥,所述第二份子区块链私钥包括:待存储的区块链私钥被按照预设方式划分所得到的第一预设数量个子区块链私钥中第三预设数量个子区块链私钥;The second storage device is configured to store a second sub-blockchain private key, and the second sub-blockchain private key includes: a first obtained by dividing the private key of the blockchain to be stored in a preset manner; The third preset number of sub-blockchain private keys among the preset number of sub-blockchain private keys;

其中,所述第一预设数量不小于3,所述第三预设数量大于1且小于所述第一预设数量,所述第一份子区块链私钥包括的子区块链私钥与所述第二份子区块链私钥包括的子区块链私钥不完全相同,所述第一份子区块链私钥和所述第二份子区块链私钥能够得到所述待存储密钥。The first preset number is not less than 3, the third preset number is greater than 1 and less than the first preset number, and the first sub-blockchain private key includes a sub-blockchain private key. The sub-blockchain private key included in the second sub-blockchain private key is not exactly the same, the first sub-blockchain private key and the second sub-blockchain private key can obtain the to-be-stored Key.

可选的,所述系统还包括终端设备;Optionally, the system further includes a terminal device;

所述终端设备,用于获取所述待存储的区块链私钥,并将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥,确定所述第一存储设备和所述第二存储设备及自身对应的子区块链私钥,将自身对应的子区块链私钥存储于本地,将所述第一存储设备和所述第二存储设备对应的子区块链私钥分别作为所述第一份子区块链私钥及所述第二份子区块链私钥发送至所述第一存储设备;The terminal device is configured to obtain the blockchain private key to be stored, and divide the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset manner, and determine The first storage device, the second storage device, and the sub-blockchain private key corresponding to itself, storing the sub-blockchain private key corresponding to itself locally, The sub-blockchain private key corresponding to the storage device is sent to the first storage device as the first sub-blockchain private key and the second sub-blockchain private key, respectively;

所述第一存储设备,具体用于接收所述终端设备发送的第一份子区块链私钥及所述第二份子区块链私钥,保存所述第一份子区块链私钥,并将所述第二份子区块链私钥发送给所述第二存储设备;The first storage device is specifically configured to receive the first sub-blockchain private key and the second sub-blockchain private key sent by the terminal device, save the first sub-blockchain private key, and Sending the second sub-blockchain private key to the second storage device;

所述第二存储设备,具体用于接收并保存所述第二份子区块链私钥。The second storage device is specifically configured to receive and save the second sub-blockchain private key.

可选的,所述第一存储设备通过通用串行总线USB接口插拔电连接至所述第二存储设备;Optionally, the first storage device is electrically connected to the second storage device through a universal serial bus USB interface;

所述第一存储设备,具体用于通过所述USB接口将所述第二份子区块链私钥发送给所 述第二存储设备。The first storage device is specifically configured to send the second sub-blockchain private key to the second storage device through the USB interface.

可选的,所述终端设备,具体用于通过无线通信方式,将所述第一存储设备和所述第二存储设备对应的子区块链私钥分别作为所述第一份子区块链私钥及所述第二份子区块链私钥发送至所述第一存储设备。Optionally, the terminal device is specifically configured to use the wireless communication method to use the private key of the sub-blockchain corresponding to the first storage device and the second storage device as the first sub-blockchain private key, respectively. The key and the second sub-blockchain private key are sent to the first storage device.

可选的,所述无线通信方式包括:蓝牙通信方式或近距离无线通信NFC通信方式。Optionally, the wireless communication method includes a Bluetooth communication method or a short-range wireless communication NFC communication method.

可选的,所述第一存储设备包括接发模块和存储模块;所述接发模块和所述存储模块电连接;Optionally, the first storage device includes a transceiver module and a storage module; the transceiver module is electrically connected to the storage module;

所述接发模块,用于接收所述终端设备发送的第一份子区块链私钥及所述第二份子区块链私钥,并将所述第二份子区块链私钥发送给所述第二存储设备;The receiving module is configured to receive the first sub-blockchain private key and the second sub-blockchain private key sent by the terminal device, and send the second sub-blockchain private key to all Mentioned second storage device;

所述存储模块,用于保存所述第一份子区块链私钥。The storage module is configured to store the first sub-blockchain private key.

可选的,所述第一存储设备还包括供电模块和闪光灯模块;所述接发模块、所述存储模块和所述闪光灯模块与所述供电模块电连接;Optionally, the first storage device further includes a power supply module and a flash module; the hair extension module, the storage module, and the flash module are electrically connected to the power supply module;

所述供电模块,用于为所述接发模块、所述存储模块和所述闪光灯模块供电;The power supply module is configured to supply power to the hair extension module, the storage module, and the flash module;

所述闪光灯模块,用于当接收到闪光灯开启指令时,启动闪光灯。The flash module is configured to activate a flash when a flash start instruction is received.

可选的,所述第一存储设备还包括显示屏;Optionally, the first storage device further includes a display screen;

所述显示屏,用于显示所述供电模块的剩余电量、所述终端设备的标识信息和所述终端设备所执行的数字货币交易的交易金额中的至少一项。The display screen is used to display at least one of the remaining power of the power supply module, identification information of the terminal device, and a transaction amount of a digital currency transaction performed by the terminal device.

第五方面,本申请实施例提供了一种终端设备,包括处理器、通信接口、存储器和通信总线,其中,处理器,通信接口,存储器通过通信总线完成相互间的通信;In a fifth aspect, an embodiment of the present application provides a terminal device including a processor, a communication interface, a memory, and a communication bus, wherein the processor, the communication interface, and the memory complete communication with each other through the communication bus;

存储器,用于存放计算机程序;Memory for storing computer programs;

处理器,用于执行存储器上所存放的程序时,实现上述任一所述的区块链私钥的存储方法步骤,或区块链私钥的恢复方法步骤。The processor is configured to implement any one of the method for storing the private key of the blockchain or the method for recovering the private key of the blockchain when the program stored in the memory is executed.

第六方面,本申请实施例还提供了一种计算机可读存储介质,其特征在于,所述计算机可读存储介质内存储有计算机程序,所述计算机程序被处理器执行时实现上述任一所述的区块链私钥的存储方法步骤,或区块链私钥的恢复方法步骤。According to a sixth aspect, an embodiment of the present application further provides a computer-readable storage medium, characterized in that a computer program is stored in the computer-readable storage medium, and when the computer program is executed by a processor, any one of the foregoing is implemented. The method steps of storing the private key of the blockchain, or the method steps of recovering the private key of the blockchain.

第七方面,本申请实施例还提供了一种计算机程序,其特征在于,所述计算机程序用于在运行时执行上述任一所述的区块链私钥的存储方法步骤,或区块链私钥的恢复方法步骤。According to a seventh aspect, an embodiment of the present application further provides a computer program, wherein the computer program is configured to execute, when running, any one of the method for storing a private key of a blockchain, or a blockchain Steps to recover the private key.

本申请实施例所提供的方案中,终端设备首先获取待存储的区块链私钥,将待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥,其中,第一预设数量不小于3,然后将子区块链私钥中存储于第二预设数量个存储介质中,其中,每个存储介质存储第三预设数量个子区块链私钥,第三预设数量大于1且小于第一预设数量,每个存储介质存储的子区块链私钥不完全相同。这样,由于区块链私钥不是完整地存储于一个存储介质,即使某一个存储介质中的子区块链私钥丢失或被盗取,由于其并不完整,所以也不会 对用户的财产安全造成影响,区块链私钥存储的安全性大大提高。In the solution provided by the embodiment of the present application, the terminal device first obtains the private blockchain private key to be stored, and divides the private private blockchain key to be stored into a first preset number of sub-blockchain private keys according to a preset method. The first preset number is not less than 3, and then the sub-blockchain private keys are stored in a second preset number of storage media, where each storage medium stores a third preset number of sub-blockchain private keys. The third preset number is greater than 1 and less than the first preset number, and the sub-blockchain private keys stored in each storage medium are not exactly the same. In this way, because the private key of the blockchain is not completely stored in a storage medium, even if the private key of the sub-blockchain in a certain storage medium is lost or stolen, because it is not complete, it will not affect the user's property. Security has an impact, and the security of blockchain private key storage is greatly improved.

附图说明BRIEF DESCRIPTION OF THE DRAWINGS

为了更清楚地说明本申请实施例和现有技术的技术方案,下面对实施例和现有技术中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly explain the embodiments of the present application and the technical solutions of the prior art, the following briefly introduces the drawings used in the embodiments and the prior art. Obviously, the drawings in the following description are only the present invention. Some embodiments of the application, for those of ordinary skill in the art, can obtain other drawings according to the drawings without paying creative labor.

图1为本申请实施例所提供的一种区块链私钥的存储方法的流程图;FIG. 1 is a flowchart of a method for storing a blockchain private key according to an embodiment of the present application;

图2为基于图1所示实施例的第一数量即第二数量的一种确定方式的流程图;2 is a flowchart of a method for determining a first quantity, that is, a second quantity, based on the embodiment shown in FIG. 1;

图3为本申请实施例所提供的第一种区块链私钥的恢复方法的流程图;3 is a flowchart of a first method for recovering a private key of a blockchain provided by an embodiment of the present application;

图4为基于图3所示实施例的区块链私钥的恢复方法的另一种流程图;4 is another flowchart of a method for recovering a private key of a blockchain based on the embodiment shown in FIG. 3;

图5为本申请实施例所提供的第二种区块链私钥的恢复方法的流程图;5 is a flowchart of a second method for recovering a private key of a blockchain according to an embodiment of the present application;

图6为基于图5所示实施例的区块链私钥的恢复方法的另一种流程图;6 is another flowchart of a method for recovering a private key of a blockchain based on the embodiment shown in FIG. 5;

图7为本申请实施例提供了一种区块链私钥的存储系统的结构示意图;FIG. 7 is a schematic structural diagram of a blockchain private key storage system according to an embodiment of the present application;

图8为基于图7所示实施例的区块链私钥的存储系统的一种结构示意图;8 is a schematic structural diagram of a blockchain private key storage system based on the embodiment shown in FIG. 7;

图9为基于图7所示实施例的区块链私钥的存储系统的另一种结构示意图;FIG. 9 is another schematic structural diagram of a blockchain private key storage system based on the embodiment shown in FIG. 7; FIG.

图10为基于图7所示实施例的区块链私钥的存储系统的另一种结构示意图;FIG. 10 is another schematic structural diagram of a blockchain private key storage system based on the embodiment shown in FIG. 7; FIG.

图11为基于图7所示实施例的区块链私钥的存储系统的另一种结构示意图;FIG. 11 is another schematic structural diagram of a blockchain private key storage system based on the embodiment shown in FIG. 7; FIG.

图12为基于图7所示实施例的区块链私钥的存储系统的另一种结构示意图;FIG. 12 is another schematic structural diagram of a blockchain private key storage system based on the embodiment shown in FIG. 7; FIG.

图13为基于图9所示实施例的区块链私钥的存储方式的一种信令交互图;FIG. 13 is a signaling interaction diagram of a storage method of a blockchain private key based on the embodiment shown in FIG. 9; FIG.

图14为基于图9所示实施例的区块链私钥的恢复方式的一种信令交互图;FIG. 14 is a signaling interaction diagram of a method for recovering a private key of a blockchain based on the embodiment shown in FIG. 9; FIG.

图15为本申请实施例所提供的一种区块链私钥的存储装置的结构示意图;15 is a schematic structural diagram of a blockchain private key storage device according to an embodiment of the present application;

图16为本申请实施例所提供的第一种区块链私钥的恢复装置的结构示意图;FIG. 16 is a schematic structural diagram of a first blockchain private key recovery device according to an embodiment of the present application; FIG.

图17为本申请实施例所提供的第二种区块链私钥的恢复装置的结构示意图;FIG. 17 is a schematic structural diagram of a second blockchain private key recovery device according to an embodiment of the present application; FIG.

图18为本申请实施例所提供的一种终端设备的结构示意图。FIG. 18 is a schematic structural diagram of a terminal device according to an embodiment of the present application.

具体实施方式detailed description

为使本申请的目的、技术方案、及优点更加清楚明白,以下参照附图并举实施例,对本申请进一步详细说明。显然,所描述的实施例仅仅是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。In order to make the purpose, technical solution, and advantages of the present application clearer and clearer, the following describes the present application in detail with reference to the accompanying drawings and examples. Obviously, the described embodiments are only a part of the embodiments of the present application, but not all the embodiments. Based on the embodiments in the present application, all other embodiments obtained by a person of ordinary skill in the art without creative efforts shall fall within the protection scope of the present application.

为了提高区块链私钥存储的安全性,降低区块链私钥丢失或被盗取对用户财产造成的危害,本申请实施例提供了一种区块链私钥的存储、恢复方法、装置、系统、终端设备及计算机可读存储介质。In order to improve the security of the blockchain private key storage and reduce the damage to the user's property caused by the loss or theft of the blockchain private key, the embodiments of the present application provide a method and device for storing and recovering the private key of the blockchain. , System, terminal device and computer-readable storage medium.

下面首先对本申请实施例所提供的一种区块链私钥的存储方法进行介绍。The following first describes a method for storing a private key of a blockchain provided by an embodiment of the present application.

本申请实施例所提供的一种区块链私钥的存储方法可以应用于任意终端设备,例如, 手机、电脑、平板电脑、处理器等,在此不做具体限定。A method for storing a blockchain private key provided in the embodiments of the present application can be applied to any terminal device, such as a mobile phone, a computer, a tablet computer, a processor, and the like, and is not specifically limited herein.

如图1所示,一种区块链私钥的存储方法,应用于终端设备,所述方法包括:As shown in FIG. 1, a method for storing a blockchain private key is applied to a terminal device, and the method includes:

S101,获取待存储的区块链私钥;S101. Obtain a blockchain private key to be stored.

S102,将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥;S102. Divide the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset manner;

其中,所述第一预设数量不小于3。The first preset number is not less than three.

S103,将所述子区块链私钥存储于第二预设数量个存储介质中。S103. Store the sub-blockchain private key in a second preset number of storage media.

其中,每个存储介质存储第三预设数量个子区块链私钥,所述第三预设数量大于1且小于第一预设数量,所述每个存储介质存储的子区块链私钥不完全相同。Each storage medium stores a third preset number of sub-blockchain private keys, the third preset number is greater than 1 and less than the first preset number, and the sub-blockchain private keys stored in each storage medium Not exactly the same.

可见,本申请实施例所提供的方案中,终端设备首先获取待存储的区块链私钥,将待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥,其中,第一预设数量不小于3,然后将子区块链私钥存储于第二预设数量个存储介质中,其中,每个存储介质存储第三预设数量个子区块链私钥,第三预设数量大于1且小于第一预设数量,每个存储介质存储的子区块链私钥不完全相同。这样,由于区块链私钥不是完整地存储于一个存储介质,即使某一个存储介质中的子区块链私钥丢失或被盗取,由于其并不完整,所以也不会对用户的财产安全造成影响,区块链私钥存储的安全性大大提高。It can be seen that, in the solution provided by the embodiment of the present application, the terminal device first obtains the private key of the blockchain to be stored, and divides the private key of the blockchain to be stored into a first preset number of sub-blockchain private keys in a preset manner. Key, where the first preset number is not less than 3, and then the sub-blockchain private key is stored in a second preset number of storage media, where each storage medium stores a third preset number of sub-blockchain private keys Key, the third preset number is greater than 1 and less than the first preset number, and the sub-blockchain private keys stored in each storage medium are not exactly the same. In this way, because the private key of the blockchain is not completely stored in a storage medium, even if the private key of the sub-blockchain in a certain storage medium is lost or stolen, because it is not complete, it will not affect the user's property. Security has an impact, and the security of blockchain private key storage is greatly improved.

在上述步骤S101中,当用户需要存储某区块链私钥时,终端设备便可以获取该区块链私钥,作为待存储的区块链私钥。在一种实现方式中,在用户创建虚拟钱包获得区块链私钥时,终端设备可以显示区块链存储提示信息,用户便可以基于该区块链私钥存储提示信息,确定待存储的区块链私钥。例如,终端设备可以显示确定存储按钮,用户点击该确定存储按钮,终端设备便可以确定用户当前获得的区块链私钥为待存储的区块链私钥。In the above step S101, when the user needs to store a blockchain private key, the terminal device can obtain the blockchain private key as the blockchain private key to be stored. In one implementation, when a user creates a virtual wallet to obtain the blockchain private key, the terminal device can display the blockchain storage prompt information, and the user can determine the area to be stored based on the blockchain private key storage prompt information. Blockchain private key. For example, the terminal device may display an OK storage button, and when the user clicks the OK storage button, the terminal device may determine that the private blockchain private key currently obtained by the user is the private blockchain private key to be stored.

又例如,为了方便用户随时存储区块链私钥,终端设备可以预设一用于实现区块链私钥存储的内存区域,该内存区域可以显示区块链存储提示信息,当用户需要存储区块链私钥时,可以开启该功能区域,终端设备便可以显示区块链存储提示信息,用户便可以基于该区块链私钥存储提示信息,确定待存储的区块链私钥。例如,终端设备可以显示输入框,用户点击该输入框,可以输入待存储的区块链私钥。For another example, in order to facilitate the user to store the private key of the blockchain at any time, the terminal device can preset a memory area for realizing the storage of the private key of the blockchain. The memory area can display the blockchain storage prompt information. When the user needs the storage area When the blockchain private key is opened, the functional area can be opened, and the terminal device can display the blockchain storage prompt information, and the user can determine the blockchain private key to be stored based on the blockchain private key storage prompt information. For example, the terminal device may display an input box, and the user may input the private key of the blockchain to be stored by clicking the input box.

在另一种实现方式中,终端设备可以从与其通信连接的其他终端设备获取待存储的区块链私钥。例如,假设该终端设备为电脑,用户可以将存储在手机中的区块链私钥发送至该电脑,那么电脑便可以获取该区块链私钥,即为待存储的区块链私钥。当然,终端设备还可以通过其他合理的方式获取待存储的区块链私钥,在此不做具体限定。In another implementation, the terminal device may obtain the private blockchain key to be stored from other terminal devices that are communicatively connected to the terminal device. For example, assuming that the terminal device is a computer, a user can send the blockchain private key stored in the mobile phone to the computer, and then the computer can obtain the blockchain private key, which is the blockchain private key to be stored. Of course, the terminal device can also obtain the private key of the blockchain to be stored in other reasonable ways, which is not specifically limited here.

为了能提高区块链私钥存储的安全性,终端设备可以执行上述步骤S102,即将待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥。为了能保证区块链私钥存储的安全性,一般该第一数量不小于3。例如,可以为3、5、10等,在此不做具体限定。In order to improve the security of the blockchain private key storage, the terminal device may perform the above step S102, that is, the blockchain private key to be stored is divided into a first preset number of sub-blockchain private keys according to a preset method. In order to ensure the security of the blockchain private key storage, the first number is generally not less than three. For example, it can be 3, 5, 10, etc., which is not specifically limited herein.

待存储密钥即为所需存储的密钥,也就是待存储的区块链私钥。对待存储密钥进行分解处理的规则可以是自定义设定的。一种实现方式中,可以按照待存储密钥的密钥长度对 待存储密钥进行平均分解,即分解处理之后所得到的每一个子区块链私钥的密钥长度是相同的。例如,待存储密钥的密钥长度为90比特,第一目标数量为3,则将该90比特的待存储密钥进行平均分解处理,可以得到3个子区块链私钥,每一个子区块链私钥的密钥长度30比特。The key to be stored is the key to be stored, that is, the private key of the blockchain to be stored. The rules for decomposing the stored keys can be customized. In one implementation manner, the keys to be stored can be evenly decomposed according to the key length of the key to be stored, that is, the key length of each sub-blockchain private key obtained after the decomposition process is the same. For example, if the key length of the key to be stored is 90 bits and the first target number is 3, then the 90-bit key to be stored is averagely decomposed to obtain 3 sub-blockchain private keys, each of which is a sub-block The key length of the blockchain private key is 30 bits.

另一种实现方式中,还可以对待存储密钥进行随机分解,即所得到的每一个子区块链私钥的密钥长度可能不相同。例如,待存储密钥的密钥长度为68比特,第一目标数量为3,则对该68比特的待存储密钥进行随机分解处理,可以得到子密钥1、子密钥2和子密钥3,其中,子密钥1的密钥长度为10比特,子密钥2的密钥长度为20比特,子密钥3的密钥长度为38比特。In another implementation manner, the storage key to be treated can also be randomly decomposed, that is, the key length of each sub-blockchain private key obtained may be different. For example, if the key length of the to-be-stored key is 68 bits and the first target number is 3, then the 68-bit to-be-stored key is randomly decomposed to obtain subkey 1, subkey 2, and subkey. 3, where the key length of subkey 1 is 10 bits, the key length of subkey 2 is 20 bits, and the key length of subkey 3 is 38 bits.

对待存储密钥进行分解处理的规则并不仅限于以上两种实现方式,在此不做限定。The rules for decomposing and processing the storage key are not limited to the above two implementations, and are not limited here.

将待存储的区块链私钥划分为第一预设数量个子区块链私钥后,终端设备便可以将子区块链私钥分别存储于第二预设数量个存储介质中,即执行步骤S103。其中,存储介质为可以存储数据的存储空间,例如,可以为电子设备中的存储器等。After the blockchain private key to be stored is divided into the first preset number of sub-blockchain private keys, the terminal device can store the sub-blockchain private keys in the second preset number of storage media respectively, that is, execute Step S103. The storage medium is a storage space that can store data, for example, it can be a memory in an electronic device.

为了保证区块链私钥不会因为一个存储介质丢失或被盗取而丢失,所以每个存储介质存储第三预设数量个子区块链私钥,该第三预设数量大于1且小于第一预设数量。也就是说,每个存储介质中存储一部分子区块链私钥,而不是全部子区块链私钥。In order to ensure that the private key of the blockchain is not lost because one storage medium is lost or stolen, each storage medium stores a third preset number of sub-blockchain private keys. The third preset number is greater than 1 and less than the first. A preset number. That is, a part of the sub-blockchain private key is stored in each storage medium, instead of all the sub-blockchain private keys.

同时,又为了保证在部分存储介质丢失的情况下,可以恢复区块链私钥,所以一般情况下每个存储介质中存储的子区块链私钥的数量是大于1的,而不是每个存储介质中只存储一个子区块链私钥。At the same time, in order to ensure that the private key of the blockchain can be recovered in the case of loss of some storage media, in general, the number of sub-blockchain private keys stored in each storage medium is greater than 1, not each Only one sub-blockchain private key is stored in the storage medium.

如果每个存储介质中只存储一个子区块链私钥,那么一旦一个或几个存储介质丢失或者损坏,区块链私钥便无法恢复,所以每个存储介质存储数量大于1且小于第一预设数量的子区块链私钥。If only one sub-blockchain private key is stored in each storage medium, once one or more storage media is lost or damaged, the blockchain private key cannot be recovered, so the storage quantity of each storage medium is greater than 1 and less than the first A preset number of child blockchain private keys.

并且存储介质中存储的子区块链私钥可以存在重复的子区块链私钥,例如,将待存储的区块链私钥的划分为3个子区块链私钥,分别为子区块链私钥A-C,分别存储于3个存储介质a-c中,那么存储介质a中可以存储子区块链私钥A和子区块链私钥B,存储介质b中可以存储子区块链私钥B和子区块链私钥C,存储介质c中可以存储子区块链私钥A和子区块链私钥C。And the sub-blockchain private key stored in the storage medium may have duplicate sub-blockchain private keys. For example, the block-chain private key to be stored is divided into three sub-blockchain private keys, which are subblocks. The chain private key AC is stored in three storage media ac respectively, then the storage medium a can store the sub-blockchain private key A and the sub-blockchain private key B, and the storage medium b can store the sub-blockchain private key B. And the sub-blockchain private key C, the storage medium c can store the sub-blockchain private key A and the sub-blockchain private key C.

这样,存储介质a-c任意一个丢失或者被盗取,均不会影响待存储的区块链私钥的安全性,并且不会影响通过子区块链私钥恢复得到待存储的区块链私钥。举例来说,假设存储介质b丢失,那么由于存储介质a和存储介质c中存储有子区块链私钥A-C,因此,通过存储介质a和存储介质c中存储有子区块链私钥A-C,便可以恢复得到待存储的区块链私钥。In this way, any loss or theft of the storage medium ac will not affect the security of the private key of the blockchain to be stored, and will not affect the private key of the blockchain to be stored through the recovery of the private key of the sub-blockchain. . For example, if storage medium b is lost, then since storage medium a and storage medium c store the sub-blockchain private key AC, the storage medium a and storage medium c store the sub-blockchain private key AC. , You can recover the private key of the blockchain to be stored.

作为本申请实施例的一种实施方式,上述将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥的步骤,可以包括:As an implementation manner of the embodiment of the present application, the foregoing step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset method may include:

按照门限算法,将所述待存储的区块链私钥划分为第一预设数量个子区块链私钥。According to a threshold algorithm, the blockchain private key to be stored is divided into a first preset number of sub-blockchain private keys.

相应的,上述将所述子区块链私钥存储于第二预设数量个存储介质中的步骤,可以包括:Accordingly, the foregoing step of storing the sub-blockchain private key in a second preset number of storage media may include:

按照所述门限算法,将所述子区块链私钥存储于第二预设数量个存储介质中。According to the threshold algorithm, the sub-blockchain private key is stored in a second preset number of storage media.

其中,上述门限算法可以为相关技术领域的任意门限算法,例如,可以采用(t,n)门限算法、SM2椭圆曲线门限算法等,在此不做具体限定。The above threshold algorithm may be any threshold algorithm in the related technical field. For example, a (t, n) threshold algorithm, an SM2 elliptic curve threshold algorithm, or the like may be used, which is not specifically limited herein.

在一种实施方式中,可以采用(t,n)门限算法,将上述待存储的区块链私钥划分为第一预设数量个子区块链私钥,并按照(t,n)门限算法,将子区块链私钥分别存储于第二预设数量个存储介质中。In one embodiment, the (t, n) threshold algorithm can be used to divide the above-mentioned blockchain private key to be stored into a first preset number of sub-blockchain private keys, and according to the (t, n) threshold algorithm , Storing the sub-blockchain private keys in a second preset number of storage media, respectively.

具体来说,终端设备可以构造t阶多项式:Specifically, the terminal device can construct a polynomial of order t:

Figure PCTCN2019105466-appb-000001
Figure PCTCN2019105466-appb-000001

其中,n表示存储介质的数量,即上述第二预设数量。待存储的区块链私钥即为d=f(0)=a 0Wherein, n represents the number of storage media, that is, the above-mentioned second preset number. The private key of the blockchain to be stored is d = f (0) = a 0 .

终端设备进一步可以计算d(i)=f(i),并将d(i)存储于存储介质U i。其中,d(i)便表示存储于一个存储介质中的子区块链私钥的集合,即为第一预设数量个子区块链私钥中的一部分。 The terminal device may further calculate d (i) = f (i), and store d (i) in the storage medium U i . Among them, d (i) represents a set of sub-blockchain private keys stored in a storage medium, which is a part of the first preset number of sub-blockchain private keys.

在这种情况下,终端设备通过任意大于t+1个存储介质中所存储的子区块链私钥的集合,便可以恢复得到待存储的区块链私钥为d。In this case, the terminal device can recover the blockchain private key to be stored as d through any set of sub-blockchain private keys stored in t + 1 storage media.

可以通过下述拉格朗日插值公式恢复得到待存储的区块链私钥为d:The private key of the blockchain to be stored can be recovered by the following Lagrange interpolation formula: d:

Figure PCTCN2019105466-appb-000002
Figure PCTCN2019105466-appb-000002

其中,Q表示任意t+1个存储介质U i的集合。 Among them, Q represents a set of any t + 1 storage media U i .

可见,在本实施例中,终端设备可以采用门限算法对待存储的区块链私钥进行划分,进而得到多个子区块链私钥,可以快速准确地将待存储的区块链私钥划分为多个子区块链私钥,并且可以按照该门限算法将子区块链私钥分别存储于第二预设数量个存储介质中,保证后续可以顺利准确地通过子区块链私钥恢复得到上述待存储的区块链私钥,不会影响用户使用虚拟钱包。It can be seen that, in this embodiment, the terminal device can use a threshold algorithm to divide the private key of the blockchain to be stored, and then obtain multiple sub-blockchain private keys, which can quickly and accurately divide the private key of the blockchain to be stored into Multiple sub-blockchain private keys, and the sub-blockchain private keys can be stored in a second preset number of storage media respectively according to the threshold algorithm, ensuring that the above can be successfully and successfully obtained through the sub-blockchain private key recovery in the future The private key of the blockchain to be stored will not affect users' use of the virtual wallet.

为了提高用户友好度,方便用户根据自己拥有的存储介质的实际情况确定待存储的区块链私钥的存储情况,作为本申请实施例的一种实施方式,如图2所示,在上述将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥的步骤之前,上述方法还可以包括:In order to improve the user-friendliness and facilitate the user to determine the storage situation of the blockchain private key to be stored according to the actual situation of the storage medium owned by the user, as an implementation manner of the embodiment of the present application, as shown in FIG. Before the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys in a preset manner, the above method may further include:

S201,显示数量设置提示信息;S201: Display a prompt message for setting the quantity;

为了方便用户设置子区块链私钥的数量,以及设置存储介质的数量,在执行将待存储 的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥的步骤之前,终端设备可以显示数量设置提示信息,这样,用户便可以设置相应的数量。In order to facilitate the user to set the number of sub-blockchain private keys and the number of storage media, the steps of dividing the block-chain private key to be stored into a first preset number of sub-blockchain private keys in a preset manner are being performed. Previously, the terminal device could display a quantity setting prompt message, so that the user could set the corresponding quantity.

例如,终端设备可以通过显示数量输入框、数量选择框、数量选择滑块等方式显示数量设置提示信息,这样,用户便可以基于数量输入框、数量选择框或数量选择滑块等数量设置提示信息设置上述第一预设数量及第二预设数量。作为一个例子,用户可以设置第一预设数量为5,第二预设数量也为5。For example, the terminal device can display the quantity setting prompt information by displaying the quantity input box, quantity selection box, quantity selection slider, etc., so that the user can set the quantity setting prompt information based on the quantity input box, quantity selection box, or quantity selection slider. Set the first preset number and the second preset number. As an example, the user may set the first preset number to five and the second preset number to five.

S202,获取用户基于所述数量设置提示信息设置的第一预设数量及第二预设数量。S202. Acquire a first preset number and a second preset number set by the user based on the number setting prompt information.

接下来,终端设备也就可以获取用户基于上述数量设置提示信息设置的第一预设数量及第二预设数量,依然以上述例子为例,假设用户设置第一预设数量为5,第二预设数量也为5,那么说明用户想要将待存储的区块链私钥划分为5个子区块链私钥,并且分别存储于5个存储介质中。Next, the terminal device can also obtain the first preset number and the second preset number set by the user based on the above-mentioned number setting prompt information. Still taking the above example as an example, suppose the user sets the first preset number to 5, and the second The preset number is also 5, so the user wants to divide the blockchain private key to be stored into 5 sub-blockchain private keys and store them in 5 storage media respectively.

终端设备也就可以将待存储的区块链私钥划分为5个子区块链私钥,并且分别存储于5个存储介质中。例如,终端设备可以将待存储的区块链私钥划分为5个子区块链私钥A*-E*,然后将该5个子区块链私钥A*-E*分别存储于存储介质a*-e*中。也就是说,将该5个子区块链私钥进行排列组合得到5份子区块链私钥,使得每份子区块链私钥所包括的数据不完全相同,并且其中任意3份子区块链私钥可以恢复得到完整的区块链私钥。The terminal device can also divide the blockchain private key to be stored into 5 sub-blockchain private keys, and store them in 5 storage media respectively. For example, the terminal device can divide the blockchain private key to be stored into 5 sub-blockchain private keys A * -E *, and then store the 5 sub-blockchain private keys A * -E * respectively on the storage medium a * -e *. In other words, the 5 sub-blockchain private keys are arranged and combined to obtain 5 sub-blockchain private keys, so that the data included in each sub-blockchain private key is not exactly the same, and any three of the sub-blockchain private keys are private. The key can be recovered to obtain the complete private key of the blockchain.

在一种实现方式中,终端设备可以将子区块链私钥A*、B*、C*存储于存储介质a*,将子区块链私钥B*、C*、D*存储于存储介质b*,将子区块链私钥C*、D*、E*存储于存储介质c*,将子区块链私钥D*、E*、A*存储于存储介质d*,将子区块链私钥E*、A*、B*存储于存储介质e*。In one implementation, the terminal device can store the sub-blockchain private keys A *, B *, and C * in the storage medium a *, and store the sub-blockchain private keys B *, C *, and D * in the storage. Medium b *, store the sub-blockchain private keys C *, D *, and E * in storage medium c *, store the sub-blockchain private keys D *, E *, and A * in storage medium d *, Blockchain private keys E *, A *, B * are stored on the storage medium e *.

在该实施方式中,该5个存储介质中任意3个存储介质中存储的子区块链私钥即包括全部的子区块链私钥,所以通过该5个存储介质中任意3个存储介质中存储的子区块链私钥均可以恢复得到待存储的区块链私钥。并且其中任意一个或者任意两个存储介质丢失,其中存储的子区块链私钥被盗取,也无法恢复得到完整的待存储的区块链私钥,安全性大大提高。In this embodiment, the sub-blockchain private key stored in any three of the five storage media includes all the sub-blockchain private keys, so through any three storage media in the five storage media The private blockchain private keys stored in it can be recovered to obtain the private blockchain private key to be stored. In addition, any one or any two storage media are lost, and the stored private blockchain private key is stolen, and the complete private blockchain private key to be stored cannot be recovered, and the security is greatly improved.

可见,在本实施例中,终端设备可以显示数量设置提示信息,并获取用户基于数量设置提示信息设置的第一预设数量及第二预设数量,这样可以方便用户根据自己拥有的存储介质的实际情况确定待存储的区块链私钥的存储情况,提高用户友好度,用户体验更好。It can be seen that, in this embodiment, the terminal device can display the quantity setting prompt information, and obtain the first preset number and the second preset number set by the user based on the quantity setting prompt information, so that the user can conveniently use the storage medium owned by him. The actual situation determines the storage of the blockchain private key to be stored, which improves user friendliness and improves user experience.

作为本申请实施例的一种实施方式,上述存储介质可以为同一物理设备中的不同存储介质,或,所述存储介质可以为不同物理设备中的存储介质,或,所述存储介质中一部分可以为同一物理设备中的不同存储介质,其余可以为不同物理设备中的存储介质。As an implementation manner of the embodiment of the present application, the storage medium may be different storage media in the same physical device, or the storage medium may be a storage medium in different physical devices, or a part of the storage medium may be Are different storage media in the same physical device, and the rest can be storage media in different physical devices.

也就是说,终端设备将待存储的区块链私钥划分为多个子区块链私钥后,可以将其分别存储于同一物理设备中的不同存储介质,或者为不同物理设备中的存储介质,也可以将其分别存储于同一物理设备中的不同存储介质和不同物理设备中的存储介质。并且,这些 存储介质,可以是终端设备中的存储介质,也可以不是终端设备中的存储介质,或者,一部分为终端设备中的存储介质,其余为其他终端设备中的存储介质。In other words, after the blockchain private key to be stored is divided into multiple sub-blockchain private keys by the terminal device, it can be stored in different storage media in the same physical device, or storage media in different physical devices. , Or it can be stored separately in different storage media in the same physical device and storage media in different physical devices. In addition, these storage media may be storage media in the terminal device, or they may not be storage media in the terminal device, or some of them are storage media in the terminal device, and the rest are storage media in other terminal device.

例如,假设执行本申请实施例所述区块链私钥的存储方法的终端设备为电脑P,电脑P将待存储的区块链私钥划分为3个子区块链私钥后,可以将其中的每2个分别存储于3个存储介质,该3个存储介质可以都为电脑P中的存储介质,例如该3个存储介质为不同的磁盘。也可以其中1个为电脑P中的存储介质,另外2个为手机M中的存储介质。还可以其中1个为电脑P中的存储介质,另1个为手机M中的存储介质,其余1个为移动硬盘N中的存储介质,均是合理的。For example, it is assumed that the terminal device that executes the method for storing a blockchain private key described in the embodiment of the present application is a computer P. After the computer P divides the blockchain private key to be stored into three sub-blockchain private keys, it may Each of the two is stored in three storage media, and the three storage media may be storage media in the computer P, for example, the three storage media are different disks. Alternatively, one of them may be a storage medium in the computer P, and the other two may be storage media in the mobile phone M. It is also reasonable that one of them is the storage medium in the computer P, the other one is the storage medium in the mobile phone M, and the remaining one is the storage medium in the mobile hard disk N.

在终端设备将子区块链私钥存储于不同的物理设备中的存储介质时,终端设备可以将对应的子区块链私钥发送至相应的物理设备,接收到子区块链私钥的物理设备便可以将子区块链私钥进行存储。When the terminal device stores the sub-blockchain private key in a storage medium in a different physical device, the terminal device can send the corresponding sub-blockchain private key to the corresponding physical device, and receive the sub-blockchain private key. The physical device can store the sub-blockchain private key.

可见,在本实施例中,上述存储介质可以为同一物理设备中的不同存储介质,也可以为不同物理设备中的存储介质,还可以一部分可以为同一物理设备中的不同存储介质,其余可以为不同物理设备中的存储介质。这样,区块链私钥的存储位置更加多样性,被盗取的难度大大提高,进一步提高区块链私钥存储的安全性。It can be seen that, in this embodiment, the foregoing storage media may be different storage media in the same physical device, or may be storage media in different physical devices, and some may be different storage media in the same physical device, and the rest may be Storage media in different physical devices. In this way, the storage location of the private key of the blockchain is more diverse, the difficulty of being stolen is greatly increased, and the security of the private key storage of the blockchain is further improved.

作为本申请实施例的一种实施方式,上述第二预设数量可以为3,上述存储介质可以为终端设备中的存储介质、第一存储设备中的存储介质及第二存储设备中的存储介质。As an implementation manner of the embodiment of the present application, the second preset number may be three, and the storage medium may be a storage medium in a terminal device, a storage medium in a first storage device, and a storage medium in a second storage device. .

终端设备与第一存储器连接,并与第二存储器连接,即终端设备与第一存储器之间可以通信连接,还可以与第二存储器之间通信连接。本文中的第一存储器即为上述第一存储设备,第二存储器即为上述第二存储设备。The terminal device is connected to the first memory and is connected to the second memory, that is, the terminal device can be communicatively connected to the first memory, and can also be communicatively connected to the second memory. The first memory in this document is the above-mentioned first storage device, and the second memory is the above-mentioned second storage device.

一种实施方式中,终端设备与第一存储器之间为直接连接,终端设备与第二存储器之间也为直接连接。即终端设备可以将信息直接发送至第一存储器,还可以将信息直接发送至第二存储器。In one embodiment, the terminal device is directly connected to the first memory, and the terminal device is also directly connected to the second memory. That is, the terminal device can directly send information to the first memory, and can also directly send information to the second memory.

在该实施方式中,第一存储器和第二存储器均可以具有信息处理能力,一种实现方式中,第一存储器和第二存储器均配置有处理器,处理器可以进行信息处理。In this embodiment, both the first memory and the second memory may have information processing capabilities. In an implementation manner, the first memory and the second memory are each configured with a processor, and the processor may perform information processing.

另一种实施方式中,第一存储器与第二存储器之间连接,其中,连接方式可以是通过并行总线连接。第一存储器和第二存储器中任意一个存储器与终端设备直接连接,另一个存储器则通过与终端设备直接连接的存储器,进而与该终端设备间接连接。其中,直接连接是指终端设备与存储器之间可以直接通信,间接连接是指终端设备与存储器之间需要通过其他设备才能进行通信。In another embodiment, the first memory is connected to the second memory, and the connection manner may be a parallel bus connection. Any one of the first memory and the second memory is directly connected to the terminal device, and the other memory is indirectly connected to the terminal device through the memory directly connected to the terminal device. Among them, direct connection means that the terminal device and the memory can communicate directly, and indirect connection means that the terminal device and the memory need to communicate through other devices.

一种实现方式中,第一存储器与第二存储器之间连接,第一存储器与终端设备直接连接,则第二存储器通过第一存储器与该终端设备间接连接。也就是说,终端设备可以将信息直接发送至第一存储器,而当终端设备向第二存储器发送信息时,终端设备将该信息发送至第一存储器,由第一存储器将该信息转发至第二存储器,这样实现终端设备与第二存 储器之间的通信。In an implementation manner, if the first memory is connected to the second memory, and the first memory is directly connected to the terminal device, the second memory is indirectly connected to the terminal device through the first memory. That is, the terminal device can send information directly to the first memory, and when the terminal device sends information to the second memory, the terminal device sends the information to the first memory, and the first memory forwards the information to the second memory A memory, which enables communication between the terminal device and the second memory.

另一种实现方式中,第一存储器与第二存储器之间连接,第二存储器与终端设备直接连接,则第一存储器通过第二存储器与该终端设备间接连接。In another implementation manner, if the first storage is connected to the second storage and the second storage is directly connected to the terminal device, the first storage is indirectly connected to the terminal device through the second storage.

在该实施方式中,与终端设备直接连接的存储器可以具有信息处理能力,对于具有信息处理能力的存储器,可以称为母盘。与终端设备间接连接的存储器则可以不具有信息处理能力,而依靠连接的具有信息处理能力的存储器进行信息处理,对于不具有信息处理能力的存储器,可以称为子盘。子盘通过母盘与终端设备通信连接,这样可以节省成本。In this implementation manner, the memory directly connected to the terminal device may have information processing capability, and the memory having information processing capability may be referred to as a master disk. The memory indirectly connected to the terminal device may not have the information processing capability, and rely on the connected memory with the information processing capability for information processing. For the memory without the information processing capability, it may be called a subdisk. The child disk communicates with the terminal device through the mother disk, which can save costs.

上述将所述子区块链私钥存储于第二预设数量个存储介质中的步骤,可以包括如下步骤。The above steps of storing the sub-blockchain private key in a second preset number of storage media may include the following steps.

从所得到的子区块链私钥中,将第一数量的子区块链私钥确定为第一份子区块链私钥,将第二数量的子区块链私钥确定为第二份子区块链私钥,将第三数量的子区块链私钥确定为第三份子区块链私钥;将所述第一份子区块链私钥发送至所述第一存储设备进行存储,将所述第二份子区块链私钥发送至所述第二存储设备进行存储,将所述第三份子区块链私钥存储在本地。From the obtained sub-blockchain private keys, determine the first number of sub-blockchain private keys as the first sub-blockchain private key, and determine the second number of sub-blockchain private keys as the second sub-block. A blockchain private key, determining a third number of sub-blockchain private keys as a third sub-blockchain private key; sending the first sub-blockchain private key to the first storage device for storage, Sending the second sub-blockchain private key to the second storage device for storage, and storing the third sub-blockchain private key locally.

为了提高安全性,第一存储器和第二存储器可以设定对应关系,该对应关系是预先设定的,只有第一存储器和第二存储器在满足对应关系的情况下才能使用。这样,即使第一存储器和第二存储器中的任意一个出现丢失等意外情况时,因为不能满足对应关系而不能使用,进而可以保障存储器中所存储密钥的安全,降低了密钥被盗的可能性。In order to improve security, a correspondence relationship may be set between the first memory and the second memory, and the correspondence relationship is preset. Only the first memory and the second memory can be used if the correspondence relationship is satisfied. In this way, even if an unexpected situation such as loss of any of the first memory and the second memory occurs, it cannot be used because the corresponding relationship cannot be satisfied, thereby ensuring the security of the keys stored in the memory and reducing the possibility of key theft Sex.

一种实现方式中,第一存储器与第二存储器之间可以设定为一一对应的关系,也就是说,每一个第一存储器与唯一的第二存储器是匹配的,第一存储器与匹配的第二存储器才能使用。In an implementation manner, a one-to-one correspondence relationship may be set between the first memory and the second memory, that is, each first memory is matched with a unique second memory, and the first memory is matched with the matched one. Only the second memory can be used.

例如,第一存储器C11与第二存储器C12是相匹配的,且第一存储器C11与第二存储器C12是一一对应的关系。那么,第一存储器C11只能与第二存储器C12配合才能使用,获取到第一存储器C11中存储的信息以及第二存储器C12中存储的信息。而第一存储器C11与第二存储器C22、C32等其他的第二存储器是不匹配的,即使相连接也不能使用的。For example, the first memory C11 and the second memory C12 are matched, and the first memory C11 and the second memory C12 are in a one-to-one correspondence relationship. Then, the first memory C11 can only be used in cooperation with the second memory C12, and the information stored in the first memory C11 and the information stored in the second memory C12 are obtained. The first memory C11 does not match the other second memories such as the second memories C22 and C32, and cannot be used even if they are connected.

另外,在使用终端设备的情况下,除了第一存储器与第二存储器匹配以外,第一存储器、第二存储器还要与终端设备进行匹配,也就是说,终端设备、第一存储器和第二存储器三者匹配的情况下才能使用。其中,第一存储器、第二存储器与终端设备的匹配可以至少包括以下两种情况。In addition, in the case of using a terminal device, in addition to the first memory and the second memory, the first memory and the second memory must be matched with the terminal device, that is, the terminal device, the first memory, and the second memory Can only be used if the three match. The matching between the first memory, the second memory, and the terminal device may include at least the following two cases.

第一种情况,第一存储器、第二存储器与终端设备所安装的终端设备进行匹配,在匹配的对应关系中,第一存储器、第二存储器与终端设备的对应关系,即为第一存储器、第二存储器与终端设备的对应关系。In the first case, the first memory and the second memory are matched with the terminal device installed in the terminal device. In the matching correspondence, the correspondence between the first memory, the second memory and the terminal device is the first memory, Correspondence between the second memory and the terminal device.

例如,预设的对应关系中,第一存储器、第二存储器与终端设备a是相匹配的,则第一存储器、第二存储器只有与该终端设备a建立连接才能与该终端设备a进行配合使用。For example, in the preset correspondence relationship, the first storage and the second storage are matched with the terminal device a, then the first storage and the second storage can be used with the terminal device a only when a connection is established with the terminal device a .

第二种情况,终端设备以用户认证登录的方式使用。第一存储器、第二存储器与终端设备的对应关系,即为第一存储器、第二存储器与登录该终端设备的用户的对应关系。在这种情况下,只要是同一用户,即使用不同的终端设备登录,也可以与对应的第一存储器、第二存储器相匹配并进行使用。In the second case, the terminal device is used in a manner of user authentication and login. The correspondence between the first memory, the second memory, and the terminal device is the correspondence between the first memory, the second memory, and a user who logs in to the terminal device. In this case, as long as the same user logs in using a different terminal device, it can also be matched with the corresponding first storage and the second storage and used.

例如,第一存储器、第二存储器和用户a是对应关系,则当用户a登录终端设备1时,此时该终端设备1可以与第一存储器、第二存储器匹配。当用户a登录终端设备2时,此时该终端设备2则与第一存储器、第二存储器匹配。For example, the first memory, the second memory, and the user a are in a corresponding relationship. When the user a logs in to the terminal device 1, the terminal device 1 may match the first memory and the second memory at this time. When the user a logs in to the terminal device 2, the terminal device 2 then matches the first storage and the second storage.

第一存储器、第二存储器与终端设备的匹配情况并不仅限于以上两种,还可以包括其他的情况,在此不做限定。The matching between the first memory, the second memory, and the terminal device is not limited to the above two types, and may include other situations, which are not limited herein.

在终端设备与第一存储器、第二存储器均匹配之后,终端设备可以对待存储密钥进行分解处理,得到第一预设数量的子区块链私钥。也就是说,将待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥。After the terminal device matches the first memory and the second memory, the terminal device can perform a decomposition process on the storage key to obtain a first preset number of sub-blockchain private keys. That is, the blockchain private key to be stored is divided into a first preset number of sub-blockchain private keys in a preset manner.

进而从所得到的子区块链私钥中,将第一数量的子区块链私钥确定为第一份子区块链私钥,将第二数量的子区块链私钥确定为第二份子区块链私钥,将第三数量的子区块链私钥确定为第三份子区块链私钥。Further, from the obtained sub-blockchain private keys, the first number of sub-blockchain private keys is determined as the first sub-blockchain private key, and the second number of sub-blockchain private keys is determined as the second Share the private blockchain private key, and determine the third private blockchain private key as the third private blockchain private key.

其中,第一数量、第二数量和第三数量均小于第一预设数量,第一数量、第二数量和第三数量均可以是自定义设定的。对于第一数量、第二数量和第三数量的设定,至少可以包括以下三种情况。The first quantity, the second quantity, and the third quantity are all smaller than the first preset quantity, and the first quantity, the second quantity, and the third quantity can all be customized. The settings of the first quantity, the second quantity, and the third quantity may include at least the following three cases.

第一种情况,第一数量、第二数量和第三数量三者可以均相同,例如,在第一预设数量为3时,第一数量、第二数量和第三数量均为2。In the first case, the first quantity, the second quantity, and the third quantity may all be the same. For example, when the first preset quantity is 3, the first quantity, the second quantity, and the third quantity are all 2.

第二种情况,在第一数量、第二数量和第三数量中可以只有其中任意两者相同,例如,在第一预设数量为4时,第一数量为3,第二数量和第三数量均为2。In the second case, only any two of the first quantity, the second quantity, and the third quantity may be the same. For example, when the first preset quantity is 4, the first quantity is 3, and the second quantity and the third quantity are the same. The number is 2.

第三种情况,第一数量、第二数量和第三数量三者可以均不相同,例如,在第一预设数量为5时,第一数量为2,第二数量为3,第三数量为4。In the third case, the first quantity, the second quantity, and the third quantity may all be different. For example, when the first preset quantity is 5, the first quantity is 2, the second quantity is 3, and the third quantity Is 4.

其中,第一数量的子区块链私钥、第二数量的子区块链私钥以及第三数量的子区块链私钥均为所得到的子区块链私钥中的一部分子区块链私钥。Among them, the first number of sub-blockchain private keys, the second number of sub-blockchain private keys, and the third number of sub-blockchain private keys are all a part of the sub-block private keys obtained. Blockchain private key.

所确定出的第一份子区块链私钥、第二份子区块链私钥和第三份子区块链私钥中,每两者之间可以包含不同的子区块链私钥,还可以包含相同的子区块链私钥。The determined first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key may each include a different sub-blockchain private key, and may also Contains the same sub-blockchain private key.

例如,所得到的子区块链私钥包括子密钥1、子密钥2、子密钥3和子密钥4,其中,将子密钥1、子密钥2和子密钥3确定为第一份子区块链私钥,将子密钥2、子密钥3和子密钥4确定为第二份子区块链私钥,将子密钥1、子密钥2和子密钥4确定为第三份子区块链私钥。则其中,第一份子区块链私钥与第二份子区块链私钥均包含有子密钥2和子密钥3,第一份子区块链私钥包含的子密钥1与第二份子区块链私钥包含的子密钥4是不相同的。For example, the obtained sub-blockchain private key includes sub-key 1, sub-key 2, sub-key 3, and sub-key 4, where sub-key 1, sub-key 2 and sub-key 3 are determined as the first A sub-blockchain private key, the sub-key 2, sub-key 3, and sub-key 4 are determined as the second sub-blockchain private key, and the sub-key 1, sub-key 2 and sub-key 4 are determined as the first Three sub-blockchain private keys. Then, the first sub-blockchain private key and the second sub-blockchain private key both include subkey 2 and subkey 3, and the first subblockchain private key contains subkey 1 and second subkey. The subkey 4 contained in the blockchain private key is different.

其中,第一份子区块链私钥、第二份子区块链私钥和第三份子区块链私钥中的任意两 份子区块链私钥能够得到待存储密钥。Among them, any two sub-blockchain private keys among the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key can obtain the key to be stored.

例如,所得到的子区块链私钥包括子密钥1、子密钥2、子密钥3和子密钥4,其中,将子密钥1、子密钥2和子密钥3确定为第一份子区块链私钥,将子密钥2、子密钥3和子密钥4确定为第二份子区块链私钥,将子密钥3、子密钥4和子密钥1确定为第三份子区块链私钥,将子密钥4、子密钥1和子密钥2确定为第四份子区块链私钥。则由第一份子区块链私钥和第二份子区块链私钥可以得到所得到的子区块链私钥,即可以得到待存储密钥,或者,由第二份子区块链私钥和第三份子区块链私钥也可以得到待存储密钥,等等任意两份子区块链私钥能够得到待存储密钥。For example, the obtained sub-blockchain private key includes sub-key 1, sub-key 2, sub-key 3, and sub-key 4, where sub-key 1, sub-key 2 and sub-key 3 are determined as the first A sub-blockchain private key, the sub-key 2, sub-key 3, and sub-key 4 are determined as the second sub-blockchain private key, and the sub-key 3, sub-key 4, and sub-key 1 are determined as the first Three sub-blockchain private keys, sub-key 4, sub-key 1, and sub-key 2 are determined as the fourth sub-blockchain private key. Then the first sub-blockchain private key and the second sub-blockchain private key can be used to obtain the obtained sub-blockchain private key, that is, the key to be stored can be obtained, or the second sub-blockchain private key can be obtained. And the third sub-blockchain private key can also get the key to be stored, etc. Any two sub-block private key can get the key to be stored.

一种实施方式中,第一预设数量为三,第一数量、第二数量和第三数量均为二。也就是说,对待存储密钥进行分解处理,可以得到三个子区块链私钥;从这三个子区块链私钥中,可以将其中两个子区块链私钥确定为第一份子区块链私钥,将其中两个子区块链私钥确定为第二份子区块链私钥,将其中两个子区块链私钥确定为第三份子区块链私钥。其中,第一份子区块链私钥、第二份子区块链私钥和第三份子区块链私钥中的任意两份子区块链私钥能够得到待存储密钥In one embodiment, the first preset number is three, and the first number, the second number, and the third number are all two. In other words, if the storage key is decomposed, three sub-blockchain private keys can be obtained. From these three sub-blockchain private keys, two of the sub-blockchain private keys can be determined as the first sub-block. For the chain private key, the two sub-blockchain private keys are determined as the second sub-blockchain private key, and the two sub-blockchain private keys are determined as the third sub-blockchain private key. Among them, any two sub-blockchain private keys in the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key can obtain the key to be stored.

例如,所得到的子区块链私钥包括子密钥1、子密钥2和子密钥3,其中,将子密钥1和子密钥2确定为第一份子区块链私钥,将子密钥2和子密钥3确定为第二份子区块链私钥,将子密钥1和子密钥3确定为第三份子区块链私钥。则由第一份子区块链私钥和第二份子区块链私钥可以得到所得到的子区块链私钥,即可以得到待存储密钥,或者,由第二份子区块链私钥和第三份子区块链私钥也可以得到待存储密钥,或者,由第一份子区块链私钥和第三份子区块链私钥也可以得到待存储密钥。For example, the obtained sub-blockchain private key includes sub-key 1, sub-key 2 and sub-key 3, where sub-key 1 and sub-key 2 are determined as the first sub-blockchain private key, and the sub-block Key 2 and sub-key 3 are determined as the second sub-blockchain private key, and sub-key 1 and sub-key 3 are determined as the third sub-blockchain private key. Then the first sub-blockchain private key and the second sub-blockchain private key can be used to obtain the obtained sub-blockchain private key, that is, the key to be stored can be obtained, or the second sub-blockchain private key can be obtained. And the third sub-blockchain private key can also obtain the key to be stored, or the first sub-blockchain private key and the third sub-blockchain private key can also obtain the key to be stored.

接下来,终端设备便可以将第一份子区块链私钥发送至第一存储器进行存储,将第二份子区块链私钥发送至第二存储器进行存储,将第三份子区块链私钥存储在终端设备本地。Next, the terminal device can send the first sub-blockchain private key to the first storage for storage, the second sub-blockchain private key to the second storage for storage, and the third sub-blockchain private key. Stored locally on the terminal device.

当终端设备与第一存储器、第二存储器均直接连接时,终端设备可以将第二份子区块链私钥直接发送至第一存储器,由第一存储器存储第二份子区块链私钥。终端设备可以将第三份子区块链私钥直接发送至第二存储器,由第二存储器存储第三份子区块链私钥。When the terminal device is directly connected to both the first storage and the second storage, the terminal device can directly send the second sub-blockchain private key to the first storage, and the first storage stores the second sub-blockchain private key. The terminal device can directly send the third sub-blockchain private key to the second memory, and the second memory stores the third sub-blockchain private key.

当终端设备与第一存储器直接连接,而与第二存储器间接连接时,即第二存储器通过第一存储器与终端设备连接。则终端设备可以将第一份子区块链私钥直接发送至第一存储器进行存储。对于第二份子区块链私钥的存储,终端设备可以将第二份子区块链私钥发送至第一存储器,由第一存储器再将该第二份子区块链私钥转发至第二存储器进行存储。When the terminal device is directly connected to the first storage and indirectly connected to the second storage, that is, the second storage is connected to the terminal device through the first storage. Then the terminal device can directly send the first sub-blockchain private key to the first memory for storage. For the storage of the second sub-blockchain private key, the terminal device can send the second sub-blockchain private key to the first storage, and the first storage then forwards the second sub-blockchain private key to the second storage. For storage.

当终端设备与第二存储器直接连接,而与第一存储器间接连接时,即第一存储器通过第二存储器与终端设备连接。则终端设备可以将第二份子区块链私钥直接发送至第二存储器进行存储。对于第一份子区块链私钥的存储,终端设备可以将第一份子区块链私钥发送至第二存储器,由第二存储器再将该第一份子区块链私钥转发至第一存储器进行存储。When the terminal device is directly connected to the second storage and indirectly connected to the first storage, that is, the first storage is connected to the terminal device through the second storage. Then the terminal device can directly send the second sub-blockchain private key to the second memory for storage. For the storage of the first sub-blockchain private key, the terminal device can send the first sub-blockchain private key to the second storage, and the second storage then forwards the first sub-blockchain private key to the first storage. For storage.

为了进一步地提高密钥存储的安全性,可以对所得到的子区块链私钥进行加密处理。 作为本申请实施例的一种实施方式,上述将第一份子区块链私钥发送至第一存储器进行存储,将第二份子区块链私钥发送至第二存储器进行存储,将第三份子区块链私钥存储在终端设备本地,可以包括如下步骤。In order to further improve the security of key storage, the obtained sub-blockchain private key can be encrypted. As an implementation manner of the embodiment of the present application, the foregoing sends the first sub-blockchain private key to the first storage for storage, the second sub-blockchain private key is sent to the second storage for storage, and the third sub-block The blockchain private key is stored locally on the terminal device and can include the following steps.

在确定出第一份子区块链私钥、第二份子区块链私钥和第三份子区块链私钥之后,可以利用预设加密算法分别对第一份子区块链私钥、第二份子区块链私钥和第三份子区块链私钥进行加密处理。After the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key are determined, the first sub-blockchain private key, The private blockchain private key and the third private blockchain private key are encrypted.

其中,预设加密算法可以是自定义设定的,例如,预设加密算法可以是AES(Advanced Encryption Standard,高级加密标准)加密算法、RSA加密算法、DES(Data Encryption Standard,数据加密标准)加密算法等加密算法中的任一种。本申请实施例中的预设加密算法不仅限于以上三种加密算法,还可以包括其他的加密算法,在此不做限定。The preset encryption algorithm may be customized. For example, the preset encryption algorithm may be AES (Advanced Encryption Standard) encryption algorithm, RSA encryption algorithm, DES (Data Encryption Standard) encryption. Any of encryption algorithms such as algorithms. The preset encryption algorithm in the embodiment of the present application is not limited to the above three encryption algorithms, and may include other encryption algorithms, which is not limited herein.

接下来,终端设备可以获取预设加密算法的目标密钥。一种实现方式中,目标密钥是预先设定的、针对预设加密算法的密钥,可以保存于终端设备本地,终端设备可以从本地获取预设的目标密钥。目标密钥为利用预设加密算法加密后对应的解密密钥。目标密钥可以用于对加密处理后的第一份子区块链私钥进行解密处理,可以用于对加密处理后的第二份子区块链私钥进行解密处理,还可以用于对加密处理后的第三份子区块链私钥进行解密处理。Next, the terminal device can obtain a target key of a preset encryption algorithm. In one implementation manner, the target key is a preset key for a preset encryption algorithm, which can be stored locally on the terminal device, and the terminal device can obtain the preset target key locally. The target key is a corresponding decryption key encrypted by a preset encryption algorithm. The target key can be used to decrypt the first sub-blockchain private key after encryption processing, can be used to decrypt the second sub-blockchain private key after encryption processing, and can also be used to encrypt processing The third private blockchain private key is decrypted.

在得到目标密钥后,终端设备可以将加密处理后的第一份子区块链私钥和目标密钥发送至第一存储器进行存储,将加密处理后的第二份子区块链私钥和目标密钥发送至第二存储器进行存储,将加密处理后的第三份子区块链私钥和目标密钥存储在终端设备本地。After obtaining the target key, the terminal device can send the encrypted first sub-blockchain private key and target key to the first memory for storage, and the encrypted second sub-blockchain private key and target The key is sent to the second memory for storage, and the encrypted third sub-blockchain private key and target key are stored locally on the terminal device.

一种实施方式中,所述对待存储的区块链私钥按照预设方式划分为第一预设数量的子区块链私钥的步骤,可以包括如下步骤。In an implementation manner, the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset manner may include the following steps.

利用预设加密算法对待存储密钥进行加密处理,得到加密处理后的待存储密钥;对加密处理后的待存储密钥进行分解处理,得到第一预设数量的子区块链私钥。The preset encryption algorithm is used to perform encryption processing on the storage key to obtain the encryption processing to-be-stored key; the encryption processing to-be-stored key is decomposed to obtain a first preset number of sub-blockchain private keys.

其中,对加密处理后的待存储密钥进行分解处理可以通过门限算法进行分割处理,还可以通过其他的分解方式,在此不做限定。The decomposition processing of the encryption key to be stored may be divided by a threshold algorithm, and may also be divided by other decomposition methods, which is not limited herein.

上述将第一份子区块链私钥发送至第一存储设备进行存储,将第二份子区块链私钥发送至第二存储设备进行存储,将第三份子区块链私钥存储在终端设备本地的步骤,可以包括:In the above, the first sub-blockchain private key is sent to the first storage device for storage, the second sub-blockchain private key is sent to the second storage device for storage, and the third sub-blockchain private key is stored in the terminal device. Local steps can include:

获取预设加密算法的目标密钥,将第一份子区块链私钥和目标密钥发送至第一存储器进行存储;将第二份子区块链私钥和目标密钥发送至第二存储器进行存储;将第三份子区块链私钥和目标密钥存储于本地。Obtain the target key of the preset encryption algorithm, and send the first sub-blockchain private key and target key to the first memory for storage; send the second sub-blockchain private key and target key to the second memory for storage Storage; store the third sub-blockchain private key and target key locally.

为了提高针对目标密钥存储的安全性,一种实施方式中,上述将第一份子区块链私钥发送至第一存储设备进行存储,将第二份子区块链私钥发送至第二存储设备进行存储,将第三份子区块链私钥存储在终端设备本地的步骤,可以包括如下步骤。In order to improve the security of the target key storage, in one embodiment, the foregoing sends the first sub-blockchain private key to the first storage device for storage, and sends the second sub-blockchain private key to the second storage. The steps for the device to store and store the third sub-blockchain private key locally on the terminal device may include the following steps.

利用预设加密算法分别对第一份子区块链私钥、第二份子区块链私钥和第三份子区块链私钥进行加密处理;获取预设加密算法的目标密钥,并可以对目标密钥进行分解处理,得到目标数量的目标子密钥。Use the preset encryption algorithm to encrypt the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key respectively; obtain the target key of the preset encryption algorithm, and The target key is decomposed to obtain the target number of target subkeys.

其中,目标数量可以是自定义设定的,比如,目标数量可以为3,则将目标密钥进行分解处理之后,可以得到3个目标子密钥。The target number can be set by users. For example, the target number can be three. After the target key is decomposed, three target sub-keys can be obtained.

对目标密钥进行分解处理的规则可以是自定义设定的。一种实现方式中,可以按照目标密钥的密钥长度对目标密钥进行平均分解,即分解处理之后所得到的每一个目标子密钥的密钥长度是相同的。例如,目标密钥的密钥长度为60比特,目标数量为3,则将该60比特的目标密钥进行平均分解处理,可以得到3个目标子密钥,每一个目标子密钥的密钥长度20比特。The rules for decomposing the target key can be customized. In an implementation manner, the target keys can be evenly decomposed according to the key length of the target key, that is, the key length of each target sub-key obtained after the decomposition process is the same. For example, if the target key has a key length of 60 bits and the number of targets is 3, then the 60-bit target key is averagely decomposed to obtain 3 target sub-keys, and the key of each target sub-key 20 bits in length.

另一种实现方式中,还可以对目标密钥进行随机分解,即所得到的每一个目标子密钥的密钥长度可能不相同。例如,目标密钥的密钥长度为128比特,目标数量为3,则对该128比特的目标密钥进行随机分解处理,可以得到目标子密钥1、目标子密钥2和目标子密钥3,其中,目标子密钥1的密钥长度为30比特,目标子密钥2的密钥长度为40比特,目标子密钥3的密钥长度为58比特。In another implementation manner, the target key may also be randomly decomposed, that is, the key length of each target sub-key obtained may be different. For example, if the target key has a key length of 128 bits and the number of targets is 3, the 128-bit target key is randomly decomposed to obtain the target subkey 1, target subkey 2 and target subkey. 3, where the key length of the target subkey 1 is 30 bits, the key length of the target subkey 2 is 40 bits, and the key length of the target subkey 3 is 58 bits.

对目标密钥进行分解处理的规则并不仅限于以上两种实现方式,在此不做限定。The rules for decomposing the target key are not limited to the above two implementations, and are not limited here.

在得到目标数量的目标子密钥之后,可以从所得到的目标子密钥中,将第四数量的目标子密钥确定为第一份目标子密钥,将第五数量的目标子密钥确定为第二份目标子密钥,将第六数量的目标子密钥确定为第三份目标子密钥。After obtaining the target number of target subkeys, a fourth number of target subkeys can be determined as the first target subkey from the obtained target subkeys, and the fifth number of target subkeys can be determined. It is determined as the second target subkey, and the sixth number of target subkeys is determined as the third target subkey.

其中,第四数量、第五数量和第六数量均小于目标数量,第四数量、第五数量和第六数量均可以是自定义设定的。第四数量、第五数量和第六数量三者可以均相同,例如,在目标数量为3时,第四数量、第五数量和第六数量均为2;还可以只有其中任意两者相同,例如,在目标数量为4时,第四数量为3,第五数量和第六数量均为2;还可以均不相同,例如,在目标数量为5时,第四数量为2,第五数量为3,第六数量为4。Among them, the fourth quantity, the fifth quantity, and the sixth quantity are all smaller than the target quantity, and the fourth quantity, the fifth quantity, and the sixth quantity can all be customized. The fourth quantity, the fifth quantity, and the sixth quantity may all be the same. For example, when the target quantity is 3, the fourth quantity, the fifth quantity, and the sixth quantity are 2; only any two of them may be the same. For example, when the target quantity is 4, the fourth quantity is 3, the fifth quantity and the sixth quantity are 2; they can also be different, for example, when the target quantity is 5, the fourth quantity is 2, and the fifth quantity Is 3 and the sixth number is 4.

其中,第四数量的目标子密钥、第五数量的目标子密钥以及第六数量的目标子密钥均为所得到的目标子密钥中的一部分目标子密钥。The fourth number of target subkeys, the fifth number of target subkeys, and the sixth number of target subkeys are all a part of the target subkeys obtained.

所确定出的第一份目标子密钥、第二份目标子密钥和第三份目标子密钥中,每两者之间可以包含不同的目标子密钥,还可以包含相同的目标子密钥。Each of the determined first target subkey, second target subkey, and third target subkey may include different target subkeys, and may also include the same target subkey. Key.

例如,所得到的目标子密钥包括目标子密钥1、目标子密钥2、目标子密钥3和目标子密钥4,其中,将目标子密钥1、目标子密钥2和目标子密钥3确定为第一份目标子密钥,将目标子密钥2、目标子密钥3和目标子密钥4确定为第二份目标子密钥,将目标子密钥1、目标子密钥2和目标子密钥4确定为第三份目标子密钥。则其中,第一份目标子密钥与第二份目标子密钥均包含有目标子密钥2和目标子密钥3,第一份目标子密钥包含的目标子密钥1与第二份目标子密钥包含的目标子密钥4是不相同的。For example, the obtained target sub-keys include target sub-key 1, target sub-key 2, target sub-key 3, and target sub-key 4, wherein the target sub-key 1, target sub-key 2 and target Subkey 3 is determined as the first target subkey, target subkey 2, target subkey 3, and target subkey 4 are determined as the second target subkey, and target subkey 1, target Subkey 2 and target subkey 4 are determined as the third target subkey. Then, the first target subkey and the second target subkey both include the target subkey 2 and the target subkey 3, and the first target subkey contains the target subkey 1 and the second The target subkey 4 contained in the target subkey is different.

其中,第一份目标子密钥、第二份目标子密钥和第三份目标子密钥中的任意两份目标子密钥能够得到目标密钥。Among them, any two target subkeys of the first target subkey, the second target subkey, and the third target subkey can obtain the target key.

例如,基于上一个例子,则由第一份目标子密钥和第二份目标子密钥可以得到所得到的目标子密钥,即可以得到目标密钥,或者,由第二份目标子密钥和第三份目标子密钥也可以得到目标密钥,等等任意两份目标子密钥能够得到目标密钥。For example, based on the previous example, the obtained target subkey can be obtained from the first target subkey and the second target subkey, that is, the target key can be obtained, or the second target subkey Key and the third target subkey can also get the target key, etc. Any two target subkeys can get the target key.

确定了上述目标子密钥后,可以将加密处理后的第一份子密钥和第一份目标子密钥发送至第一存储器进行存储,将加密处理后的第二份子密钥和第二份目标子密钥发送至第二存储器进行存储,将加密处理后的第三份子密钥和第三份目标子密钥存储在终端设备本地。After the target subkey is determined, the first subkey and the first target subkey after the encryption process can be sent to the first memory for storage, and the second subkey and the second part after the encryption process are stored. The target subkey is sent to the second memory for storage, and the third subkey and the third target subkey after the encryption process are stored locally on the terminal device.

当终端设备与第一存储器、第二存储器均直接连接时,终端设备可以将加密处理后的第一份子密钥和第一份目标子密钥直接发送至第一存储器进行存储。终端设备可以将加密处理后的第二份子密钥和第二份目标子密钥直接发送至第二存储器进行存储。When the terminal device is directly connected to the first storage and the second storage, the terminal device may directly send the first subkey and the first target subkey after the encryption process to the first storage for storage. The terminal device may directly send the second subkey and the second target subkey after the encryption process to the second memory for storage.

当终端设备与第一存储器直接连接,而与第二存储器间接连接时,即第二存储器通过第一存储器与终端设备连接。则终端设备可以将加密处理后的第一份子密钥和第一份目标子密钥发送至第一存储器进行存储。对于加密处理后的第二份子密钥和第二份目标子密钥的存储,终端设备可以将加密处理后的第二份子密钥和第二份目标子密钥发送至第一存储器,由第一存储器再将所接收到的加密处理后的第二份子密钥和第二份目标子密钥转发至第二存储器进行存储。When the terminal device is directly connected to the first storage and indirectly connected to the second storage, that is, the second storage is connected to the terminal device through the first storage. Then, the terminal device may send the first sub key and the first target sub key after the encryption process to the first memory for storage. For the storage of the second subkey and the second target subkey after the encryption process, the terminal device may send the second subkey and the second target subkey after the encryption process to the first memory, A memory forwards the received second encrypted subkey and the second target subkey to the second memory for storage.

当终端设备与第二存储器直接连接,而与第一存储器间接连接时,即第一存储器通过第二存储器与终端设备连接。则终端设备可以将加密处理后的第二份子密钥和第二份目标子密钥直接发送至第二存储器进行存储。对于加密处理后的第一份子密钥和第一份目标子密钥的存储,终端设备可以将加密处理后的第一份子密钥和第一份目标子密钥发送至第二存储器,由第二存储器再将所接收到的加密处理后的第一份子密钥和第一份目标子密钥转发至第一存储器进行存储。When the terminal device is directly connected to the second storage and indirectly connected to the first storage, that is, the first storage is connected to the terminal device through the second storage. Then, the terminal device may directly send the second subkey and the second target subkey after the encryption process to the second memory for storage. For the storage of the first subkey and the first target subkey after the encryption process, the terminal device may send the first subkey and the first target subkey after the encryption process to the second memory, and the first The two memories forward the received first encrypted subkey and the first target subkey to the first memory for storage.

在一种实施方式中,上述目标数量可以为三,第四数量、第五数量和第六数量均可以为二。In one embodiment, the target number may be three, and the fourth number, the fifth number, and the sixth number may be two.

即在得到预设加密算法对应的目标密钥后,对目标密钥进行分解处理,得到三个目标子密钥;从所得到的三个目标子密钥中,将两个目标子密钥确定为第一份目标子密钥,将两个目标子密钥确定为第二份目标子密钥,将两个目标子密钥确定为第三份目标子密钥,其中,第一份目标子密钥、第二份目标子密钥和第三份目标子密钥中的任意两份目标子密钥能够得到目标密钥。That is, after obtaining the target key corresponding to the preset encryption algorithm, the target key is decomposed to obtain three target sub-keys. From the three target sub-keys obtained, two target sub-keys are determined. Is the first target subkey, two target subkeys are determined as the second target subkey, and two target subkeys are determined as the third target subkey, where the first target subkey is Any two target subkeys among the key, the second target subkey and the third target subkey can obtain the target key.

例如,对目标密钥进行分解处理,得到三个目标子密钥包括目标子密钥1、目标子密钥2和目标子密钥3,其中,将目标子密钥1和目标子密钥2确定为第一份目标子密钥,将目标子密钥2和目标子密钥3确定为第二份目标子密钥,将目标子密钥3和目标子密钥1确定为第三份目标子密钥。则由第一份目标子密钥和第二份目标子密钥可以得到目标密钥,或者, 由第二份目标子密钥和第三份目标子密钥也可以得到目标密钥,由第一份目标子密钥和第三份目标子密钥可以得到目标密钥。For example, the target key is decomposed, and three target sub-keys are obtained, including target sub-key 1, target sub-key 2 and target sub-key 3. Among them, target sub-key 1 and target sub-key 2 Determined as the first target subkey, determined target subkey 2 and target subkey 3 as the second target subkey, and determined target subkey 3 and target subkey 1 as the third target Child key. Then the target key can be obtained from the first target subkey and the second target subkey, or the target key can also be obtained from the second target subkey and the third target subkey. One target subkey and a third target subkey can get the target key.

一种实施方式中,上述将第一份子区块链私钥发送至第一存储器进行存储,将第二份子区块链私钥发送至第二存储器进行存储,将第三份子区块链私钥存储在终端设备本地的步骤,可以包括:In one embodiment, the above-mentioned first private blockchain private key is sent to the first storage for storage, the second private blockchain private key is sent to the second storage for storage, and the third private blockchain private key is stored The steps stored locally on the terminal device may include:

利用预设加密算法对所述第一份子区块链私钥、所述第二份子区块链私钥和所述第三份子区块链私钥进行加密处理;获取预设加密算法的目标密钥,并对目标密钥进行分解处理,得到目标数量的目标子密钥,并将目标数量的目标子密钥中的第四数量的目标子密钥确定为第一份目标子密钥,将目标数量的目标子密钥中的第五数量的目标子密钥确定为第二份目标子密钥,将目标数量的目标子密钥中的第六数量的目标子密钥确定为第三份目标子密钥;将第一份子区块链私钥和所述第一份目标子密钥发送至第一存储器进行存储;将第二份子区块链私钥和第二份目标子密钥发送至第二存储器进行存储;将第三份子区块链私钥和第三份目标子密钥存储于本地。Encrypting the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key by using a preset encryption algorithm; obtaining a target secret of the preset encryption algorithm Key, and decompose the target key to obtain the target number of target subkeys, and determine the fourth number of target subkeys among the target number of target subkeys as the first target subkey. The fifth number of target subkeys in the target number of target subkeys is determined as the second target subkey, and the sixth number of target subkeys in the target number of target subkeys is determined as the third copy. The target sub-key; sending the first sub-blockchain private key and the first target sub-key to the first memory for storage; sending the second sub-blockchain private key and the second target sub-key Go to the second memory for storage; store the third sub-blockchain private key and the third target sub-key locally.

终端设备在确定上述第一份子区块链私钥、第二份子区块链私钥和第三份子区块链私钥后,可以利用预设加密算法对第一份子区块链私钥、第二份子区块链私钥和第三份子区块链私钥进行加密处理。After the terminal device determines the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key, the terminal device can use a preset encryption algorithm to The two sub-blockchain private keys and the third sub-blockchain private key are encrypted.

其中,对目标密钥进行分解处理可以通过门限算法进行分割处理,还可以通过其他的分解方式,在此不做限定。Among them, the decomposition processing of the target key may be performed by a threshold algorithm, and may also be performed by other decomposition methods, which is not limited herein.

基于终端设备与第一存储器、第二存储器均匹配的情况下,才可以进行存储,或者获取所存储的密钥等信息。在一种实施方式中,在终端设备分别与第一存储器、第二存储器建立连接之后,终端设备可以对第一存储器进行验证,还可以对第二存储器进行验证。Only when the terminal device matches the first memory and the second memory can storage be performed, or information such as a stored key can be obtained. In an implementation manner, after the terminal device establishes connections with the first memory and the second memory, the terminal device may verify the first memory and may also verify the second memory.

具体来说,在上述将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥的步骤之前,上述方法还可以包括:Specifically, before the foregoing step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys in a preset manner, the above method may further include:

与第一存储设备及第二存储设备建立连接;对所述第一存储设备进行验证,对所述第二存储设备进行验证;判断对所述第一存储设备的验证、对所述第二存储设备的验证是否均成功;如果是,判定与所述第一存储设备及所述第二存储设备均匹配;如果否,与所述第一存储设备及所述第二存储设备断开连接。Establishing a connection with a first storage device and a second storage device; verifying the first storage device, verifying the second storage device; determining verification of the first storage device, and verifying the second storage device Whether the verification of the device is successful; if yes, it is determined to match the first storage device and the second storage device; if not, the connection is disconnected from the first storage device and the second storage device.

其中,对第一存储器的验证和对第二存储器的验证可以是分别进行的,既可以先对第一存储器进行验证再对第二存储器进行验证,还可以先对第二存储器进行验证再对第一存储器进行验证。本申请实施例中对第一存储器和第二存储器进行验证的顺序不做限定。The verification of the first memory and the verification of the second memory may be performed separately. The first memory may be verified first and then the second memory may be verified, and the second memory may be verified first before the second memory is verified. A memory for verification. In this embodiment of the present application, the order of verifying the first memory and the second memory is not limited.

对第一存储器和第二存储器进行验证之后的验证结果可以包括以下四种情况:对第一存储器和第二存储器的验证均成功;对第一存储器的验证成功而对第二存储器的验证失败;对第二存储器的验证成功而对第一存储器的验证失败;对第一存储器和第二存储器的验证均失败。The verification results after the first memory and the second memory are verified may include the following four cases: the verification of the first memory and the second memory are successful; the verification of the first memory is successful and the verification of the second memory fails; The verification of the second memory succeeds and the verification of the first memory fails; the verification of both the first memory and the second memory fails.

在完成对第一存储器和第二存储器的验证之后,判断对第一存储器的验证、对第二存储器的验证是否均成功。如果对第一存储器和第二存储器的验证均成功,则可以判定终端设备与第一存储器、第二存储器均匹配。After the verification of the first memory and the second memory is completed, it is determined whether the verification of the first memory and the verification of the second memory are successful. If both the first memory and the second memory are successfully verified, it can be determined that the terminal device matches the first memory and the second memory.

如果判断出对第一存储器的验证、对第二存储器的验证不是均成功,即出现以下三种情况中的任一种:对第一存储器的验证成功而对第二存储器的验证失败;对第二存储器的验证成功而对第一存储器的验证失败;对第一存储器和第二存储器的验证均失败。则可以判定终端设备与第一存储器、第二存储器的匹配失败。If it is determined that the verification of the first memory and the verification of the second memory are not successful, any one of the following three situations occurs: the verification of the first memory is successful and the verification of the second memory fails; The verification of the two memories is successful and the verification of the first memory fails; the verification of both the first memory and the second memory fails. It can be determined that the matching of the terminal device with the first memory and the second memory fails.

在判断出匹配失败后,终端设备可以与第一存储器断开连接,与第二存储器断开连接,以保证待存储的区块链私钥的安全性。After determining that the matching fails, the terminal device may disconnect from the first memory and disconnect from the second memory to ensure the security of the blockchain private key to be stored.

通过该实施方式,终端设备在进行待存储的区块链私钥的存储之前,对第一存储器和第二存储器分别进行验证,只有在验证通过的情况下才可以认为终端设备与第一存储器、第二存储器匹配,才能继续存储操作。通过验证过程,提高了存储的安全性。With this implementation mode, the terminal device verifies the first memory and the second memory separately before storing the private key of the blockchain to be stored. Only when the verification passes, the terminal device and the first memory, The second memory matches before the store operation can continue. Through the verification process, storage security is improved.

一种实施方式中,目标存储设备为上述第一存储设备或第二存储设备,对目标存储设备进行验证的方式,可以包括:In an implementation manner, the target storage device is the first storage device or the second storage device, and a method for verifying the target storage device may include:

将利用预设密钥进行加密处理的验证信息发送至所述目标存储设备,以使得所述目标存储设备利用本地存储的预设验证信息对所接收到的验证信息进行解密处理得到所述预设密钥,利用所述预设密钥对本地存储的目标标识进行加密处理,得到加密标识;获取所述加密标识,利用所述预设密钥对所述加密标识进行解密处理,得到解密后的待匹配标识,将所述待匹配标识与预设标识进行匹配,若匹配,则判定对所述目标存储设备验证成功。其中,预设标识为预先存储的与目标存储设备对应的标识。Sending verification information for encryption processing using a preset key to the target storage device, so that the target storage device decrypts the received verification information by using the preset verification information stored locally to obtain the preset Key, use the preset key to encrypt the locally stored target ID to obtain an encrypted ID; obtain the encrypted ID, use the preset key to decrypt the encrypted ID, and obtain the decrypted The to-be-matched identifier matches the to-be-matched identifier with a preset identifier, and if it matches, it is determined that the verification of the target storage device is successful. The preset identifier is a previously stored identifier corresponding to the target storage device.

当目标存储设备为上述第一存储器时,预设密钥为第一密钥,预设标识为第一标识,对第一存储器进行验证的方式,可以包括如下步骤。When the target storage device is the first memory, the preset key is the first key, and the preset identifier is the first identifier. The method for verifying the first memory may include the following steps.

将利用第一密钥进行加密处理的第一验证信息发送至第一存储器,以使得第一存储器利用本地存储的第一预设验证信息对第一验证信息进行解密处理得到第一密钥,利用第一密钥对第一存储器本地存储的第一标识进行加密处理,并将加密处理后的第一标识发送至终端设备;Sending the first authentication information that is encrypted by using the first key to the first memory, so that the first memory uses the first preset authentication information stored locally to decrypt the first authentication information to obtain the first key, and uses the The first key encrypts the first identifier stored locally in the first memory, and sends the encrypted first identifier to the terminal device;

其中,第一验证信息是终端设备预先存储在本地的验证信息。终端设备对第一验证信息进行加密处理的方式可以是预设的,例如,RSA加密方式、AES加密方式、DES(Data Encryption Standard,数据加密标准)加密方式等,在此不作限定。The first authentication information is local authentication information stored in advance by the terminal device. The method for encrypting the first authentication information by the terminal device may be preset, for example, an RSA encryption method, an AES encryption method, or a DES (Data Encryption Standard) encryption method, and the like is not limited herein.

其中,所利用的第一密钥可以是自定义设定的。一种实现方式中,为了提高对第一验证信息加密处理后的安全性,第一密钥可以是随机密钥,即每一次对第一验证信息进行加密的第一密钥均是不相同的。采用随机密钥增加了破解的难度,提高了安全性。The first key used may be customized. In an implementation manner, in order to improve the security after the first authentication information is encrypted, the first key may be a random key, that is, the first key for each time the first authentication information is encrypted is different. . The use of random keys increases the difficulty of cracking and improves security.

其中,将第一验证信息发送至第一存储器的方式至少包括以下两种:若终端设备与第一存储器直接连接,则终端设备可以将第一验证信息直接发送至第一存储器;若终端设备 与第一存储器间接连接,则终端设备可以将第一验证信息发送至第二存储器,由第二存储器将该第一验证信息转发至第一存储器。The method for sending the first authentication information to the first storage includes at least the following two methods: if the terminal device is directly connected to the first storage, the terminal device can directly send the first authentication information to the first storage; The first memory is indirectly connected, and the terminal device can send the first authentication information to the second memory, and the second memory forwards the first authentication information to the first memory.

第一存储器接收到终端设备发送的经过加密处理的第一验证信息之后,可以利用本地存储的第一预设验证信息对第一验证信息进行解密处理得到第一密钥。After receiving the encrypted first authentication information sent by the terminal device, the first memory may use the first preset authentication information stored locally to decrypt the first authentication information to obtain a first key.

其中,第一预设验证信息是第一存储器预先存储在本地的验证信息,该第一预设验证信息与终端设备存储的第一验证信息是对应的,一种实现方式中,第一存储器存储的第一预设验证信息与终端设备存储的第一验证信息是相同的。The first preset verification information is local verification information previously stored in the first memory, and the first preset verification information corresponds to the first verification information stored in the terminal device. In an implementation manner, the first memory stores The first preset verification information is the same as the first verification information stored by the terminal device.

第一密钥与第一预设验证信息是相互作用的。也就是说,利用第一密钥可以对第一验证信息进行加密得到加密处理的第一验证信息,利用第一预设验证信息可以对加密处理的第一验证信息进行解密处理,进而得到该第一密钥。The first key interacts with the first preset authentication information. That is, the first authentication information can be encrypted by using the first key to obtain the encrypted first authentication information, and the first preset authentication information can be used to decrypt the encrypted first authentication information to obtain the first authentication information. A key.

基于第一预设验证信息与第一验证信息的对应关系,第一存储器可以利用第一预设验证信息对所接收到的第一验证信息进行解密处理,进而可以得到第一密钥。第一存储器所得到的第一密钥与终端设备所利用的第一密钥相同。Based on the correspondence between the first preset verification information and the first verification information, the first memory may use the first preset verification information to decrypt the received first verification information, and then obtain the first key. The first key obtained in the first memory is the same as the first key used by the terminal device.

第一存储器在得到第一密钥之后,可以利用第一密钥对第一存储器本地存储的第一标识进行加密处理,得到加密标识,并将加密标识发送至终端设备。After the first memory obtains the first key, the first key may be used to encrypt the first identifier stored locally in the first memory to obtain an encrypted identifier, and send the encrypted identifier to the terminal device.

其中,第一标识是第一存储器中预先存储的,第一标识可以是固定字符串,固定字符串可以是自定义设定的。The first identifier is pre-stored in the first memory, and the first identifier may be a fixed character string, and the fixed character string may be custom set.

其中,第一标识与第一存储器为对应关系。一种实施方式中,第一标识与第一存储器为一一对应关系,每一个第一存储器对应唯一的第一标识,这样便于终端设备可以依据第一标识对第一存储器进行验证。The first identifier corresponds to the first memory. In an implementation manner, the first identifier corresponds to the first memory in a one-to-one relationship, and each first memory corresponds to a unique first identifier, so that the terminal device can verify the first memory according to the first identifier.

针对第一存储器是否具有信息处理能力,第一存储器利用本地存储的第一预设验证信息对第一验证信息进行解密处理得到第一密钥,利用第一密钥对第一存储器本地存储的第一标识进行加密处理,并将加密处理后的第一标识发送至终端设备,可以分为以下两种情况。Regarding whether the first memory has the information processing capability, the first memory uses the first preset authentication information stored locally to decrypt the first authentication information to obtain a first key, and uses the first key to the first memory locally stored in the first memory. An identifier is encrypted, and the encrypted first identifier is sent to the terminal device, which can be divided into the following two cases.

第一种情况,第一存储器具有信息处理能力,则第一存储器自身可以完成解密处理、加密处理等操作。具体地,第一存储器获取本地存储的第一预设验证信息,并利用该第一预设验证信息对第一验证信息进行解密处理得到第一密钥,利用第一密钥对第一存储器本地存储的第一标识进行加密处理,并将加密处理后的第一标识发送至终端设备。In the first case, if the first memory has information processing capabilities, the first memory itself can complete operations such as decryption processing and encryption processing. Specifically, the first memory acquires the first preset verification information stored locally, and uses the first preset verification information to decrypt the first verification information to obtain a first key, and uses the first key to locally store the first memory. The stored first identifier is encrypted, and the encrypted first identifier is sent to the terminal device.

第二种情况,第一存储器不具有信息处理能力,则第一存储器可以与具有信息处理能力的第二存储器进行交互,通过第二存储器完成解密处理、加密处理等操作。一种实现方式中,第一存储器将本地存储的第一预设验证信息和第一标识发送至第二存储器,第二存储器利用第一预设验证信息对进行解密处理得到第一密钥,利用第一密钥对第一标识进行加密处理,并将加密处理后的第一标识发送至第一存储器。In the second case, if the first memory does not have information processing capabilities, the first memory may interact with the second memory having information processing capabilities, and perform operations such as decryption processing and encryption processing through the second memory. In an implementation manner, the first memory sends the locally stored first preset verification information and the first identifier to the second memory, and the second memory uses the first preset verification information to perform decryption processing to obtain the first key, and uses the The first key performs encryption processing on the first identifier, and sends the encrypted first identifier to the first memory.

终端设备接收第一存储器发送的加密处理后的第一标识,便可以利用第一密钥对加密 处理后的第一标识进行解密处理,得到解密后的第一标识,也就是待匹配标识,将该待匹配标识与预先存储的第一预设标识进行匹配,若匹配,则判定对第一存储器验证成功。After receiving the encrypted first identifier sent by the first memory, the terminal device can use the first key to decrypt the encrypted first identifier to obtain the decrypted first identifier, that is, the identifier to be matched. The identifier to be matched is matched with the first preset identifier that is stored in advance, and if it is matched, it is determined that the verification of the first memory is successful.

其中,终端设备预先存储的第一预设标识与第一标识是对应关系,第一预设标识与第一标识的对应关系可以是预设的。对于终端设备来说,只有接收到的第一标识与预先存储的第一预设标识满足预设的对应关系,则可以确定该第一标识与该第一预设标识匹配。The first preset identifier stored in advance by the terminal device corresponds to the first identifier, and the corresponding relationship between the first preset identifier and the first identifier may be preset. For the terminal device, only if the received first identifier and the pre-stored first preset identifier satisfy a preset correspondence relationship, it can be determined that the first identifier matches the first preset identifier.

一种实现方式中,第一预设标识与第一标识为相同标识,也就是说,在匹配的终端设备和第一存储器中,存储的标识是相同的。例如,终端设备与第一存储器匹配,第一存储器中存储的第一标识为字符串a,则终端设备中存储的第一预设标识也为字符串a。In an implementation manner, the first preset identifier is the same as the first identifier, that is, the matching identifier is the same in the matched terminal device and the first memory. For example, if the terminal device matches the first memory, and the first identifier stored in the first memory is a character string a, then the first preset identifier stored in the terminal device is also a character string a.

当目标存储设备为上述第二存储器时,预设密钥为第二密钥,预设标识为第二标识,对第二存储器进行验证的方式,可以包括如下步骤。When the target storage device is the second storage, the preset key is the second key, and the preset identifier is the second identifier. The method for verifying the second storage may include the following steps.

将利用第二密钥进行加密处理的第二验证信息发送至第二存储器,以使得第二存储器利用本地存储的第二预设验证信息对第二验证信息进行解密处理得到第二密钥,利用第二密钥对第二存储器本地存储的第二标识进行加密处理,并将加密处理后的第二标识发送至终端设备;Sending the second authentication information that is encrypted by using the second key to the second memory, so that the second memory uses the second preset authentication information stored locally to decrypt the second authentication information to obtain the second key, and uses the The second key encrypts the second identifier stored locally in the second memory, and sends the encrypted second identifier to the terminal device;

其中,第二验证信息是终端设备预先存储在本地的验证信息。终端设备对第二验证信息进行加密处理的方式可以是预设的,例如,RSA加密方式、AES加密方式、DES(Data Encryption Standard,数据加密标准)加密方式等,在此不作限定。The second verification information is verification information stored locally by the terminal device in advance. A method for encrypting the second authentication information by the terminal device may be preset, for example, an RSA encryption method, an AES encryption method, or a DES (Data Encryption Standard) encryption method, and the like is not limited herein.

其中,所利用的第二密钥可以是自定义设定的。一种实现方式中,为了提高对第二验证信息加密处理后的安全性,第二密钥可以是随机密钥,即每一次对第二验证信息进行加密的第二密钥均是不相同的。采用随机密钥增加了破解的难度,提高了安全性。The second key used may be customized. In an implementation manner, in order to improve the security after the second authentication information is encrypted, the second key may be a random key, that is, the second key that is used to encrypt the second authentication information is different every time. . The use of random keys increases the difficulty of cracking and improves security.

其中,将第二验证信息发送至第二存储器的方式至少包括以下两种:若终端设备与第二存储器直接连接,则终端设备可以将第二验证信息直接发送至第二存储器;若终端设备与第二存储器间接连接,则终端设备可以将第二验证信息发送至第一存储器,由第一存储器将该第二验证信息转发至第二存储器。The method for sending the second authentication information to the second storage includes at least the following two methods: if the terminal device is directly connected to the second storage, the terminal device can directly send the second authentication information to the second storage; The second memory is indirectly connected, and the terminal device can send the second authentication information to the first memory, and the first memory forwards the second authentication information to the second memory.

第二存储器接收到终端设备发送的经过加密处理的第二验证信息之后,可以利用本地存储的第二预设验证信息对第二验证信息进行解密处理得到第二密钥。After receiving the encrypted second authentication information sent by the terminal device, the second memory may use the second preset authentication information stored locally to decrypt the second authentication information to obtain a second key.

其中,第二预设验证信息是第二存储器预先存储在本地的验证信息,该第二预设验证信息与终端设备存储的第二验证信息是对应的,一种实现方式中,第二存储器存储的第二预设验证信息与终端设备存储的第二验证信息是相同的。The second preset verification information is local verification information stored in the second memory in advance, and the second preset verification information corresponds to the second verification information stored in the terminal device. In one implementation, the second memory stores The second preset verification information is the same as the second verification information stored by the terminal device.

第二密钥与第二验证信息是相互作用的。也就是说,利用第二密钥可以对第二验证信息进行加密得到加密处理的第二验证信息,利用第二预设验证信息可以对加密处理的第二验证信息进行解密处理,进而得到该第二密钥。The second key interacts with the second authentication information. That is, the second authentication information can be encrypted by using the second key to obtain encrypted second authentication information, and the second preset authentication information can be used to decrypt the encrypted second authentication information to obtain the first authentication information. Two keys.

基于第二预设验证信息与第二验证信息的对应关系,第二存储器可以利用第二预设验证信息对所接收到的第二验证信息进行解密处理,进而可以得到第二密钥。第二存储器所 得到的第二密钥与终端设备所利用的第二密钥相同。Based on the correspondence between the second preset verification information and the second verification information, the second memory may use the second preset verification information to decrypt the received second verification information, and then obtain a second key. The second key obtained in the second memory is the same as the second key used by the terminal device.

第二存储器在得到第二密钥之后,可以利用第二密钥对第二存储器本地存储的第二标识进行加密处理,得到加密标识,并将加密标识发送至终端设备。After the second memory obtains the second key, the second key may be used to encrypt the second identifier stored locally in the second memory to obtain an encrypted identifier, and send the encrypted identifier to the terminal device.

其中,第二标识是第二存储器中预先存储的,第二标识可以是固定字符串,固定字符串可以是自定义设定的。The second identifier is pre-stored in the second memory, and the second identifier may be a fixed character string, and the fixed character string may be custom set.

其中,第二标识与第二存储器为对应关系。一种实施方式中,第二标识与第二存储器为一一对应关系,每一个第二存储器对应唯一的第二标识,这样便于终端设备可以依据第二标识对第二存储器进行验证。The second identifier corresponds to the second memory. In an implementation manner, the second identifier has a one-to-one correspondence with the second memory, and each second memory corresponds to a unique second identifier, so that the terminal device can verify the second memory according to the second identifier.

针对第二存储器是否具有信息处理能力,第二存储器利用本地存储的第二预设验证信息对第二验证信息进行解密处理得到第二密钥,利用第二密钥对第二存储器本地存储的第二标识进行加密处理,并将加密处理后的第二标识发送至终端设备,可以分为以下两种情况。With regard to whether the second memory has information processing capability, the second memory uses the second preset authentication information stored locally to decrypt the second authentication information to obtain a second key, and uses the second key to the second memory locally stored in the second memory. The second identification is encrypted and the encrypted second identification is sent to the terminal device, which can be divided into the following two cases.

第一种情况,第二存储器具有信息处理能力,则第二存储器自身可以完成解密处理、加密处理等操作。具体地,第二存储器获取本地存储的第二预设验证信息,并利用该第二预设验证信息对第二验证信息进行解密处理得到第二密钥,利用第二密钥对第二存储器本地存储的第二标识进行加密处理,并将加密处理后的第二标识发送至终端设备。In the first case, the second storage has information processing capabilities, and the second storage itself can complete operations such as decryption processing and encryption processing. Specifically, the second memory acquires the second preset verification information stored locally, and uses the second preset verification information to decrypt the second verification information to obtain a second key, and uses the second key to locally store the second memory. The stored second identifier is encrypted, and the encrypted second identifier is sent to the terminal device.

第二种情况,第二存储器不具有信息处理能力,则第二存储器可以与具有信息处理能力的第一存储器进行交互,通过第一存储器完成解密处理、加密处理等操作。一种实现方式中,第二存储器将本地存储的第二预设验证信息和第二标识发送至第一存储器,第一存储器利用第二预设验证信息对进行解密处理得到第二密钥,利用第二密钥对第二标识进行加密处理,并将加密处理后的第二标识发送至第二存储器。In the second case, if the second storage does not have information processing capabilities, the second storage may interact with the first storage having information processing capabilities, and perform operations such as decryption processing and encryption processing through the first storage. In an implementation manner, the second memory sends the second preset authentication information and the second identifier stored locally to the first memory, and the first memory uses the second preset authentication information to perform decryption processing to obtain a second key, and uses the The second key performs encryption processing on the second identifier, and sends the encrypted second identifier to the second memory.

终端设备接收第二存储器发送的加密处理后的第二标识,便可以利用第二密钥对加密处理后的第二标识进行解密处理,得到解密后的第二标识,也就是待匹配标识,将该待匹配标识与预先存储的第二预设标识进行匹配,若匹配,则判定对第二存储器验证成功。After receiving the encrypted second identifier sent by the second memory, the terminal device can use the second key to decrypt the encrypted second identifier to obtain the decrypted second identifier, that is, the identifier to be matched, and The identifier to be matched is matched with a second preset identifier that is stored in advance, and if it is matched, it is determined that the verification of the second memory is successful.

其中,终端设备预先存储的第二预设标识与第二标识是对应关系,第二预设标识与第二标识的对应关系可以是预设的。对于终端设备来说,只有接收到的第二标识与预先存储的第二预设标识满足预设的对应关系,则可以确定该第二标识与该第二预设标识匹配。The second preset identifier stored in advance by the terminal device corresponds to the second identifier, and the corresponding relationship between the second preset identifier and the second identifier may be preset. For the terminal device, if the received second identifier and the pre-stored second preset identifier satisfy a preset correspondence relationship, it can be determined that the second identifier matches the second preset identifier.

一种实现方式中,第二预设标识与第二标识为相同标识,也就是说,在匹配的终端设备和第二存储器中,存储的标识是相同的。例如,终端设备与第二存储器匹配,第二存储器中存储的第二标识为字符串b,则终端设备中存储的第二预设标识也为字符串b。In an implementation manner, the second preset identifier is the same as the second identifier, that is, the stored identifier is the same in the matching terminal device and the second memory. For example, if the terminal device matches the second memory, and the second identifier stored in the second memory is a character string b, the second preset identifier stored in the terminal device is also a character string b.

针对于上述第一存储器的验证和第二存储器的验证,一种实施方式中,第一密钥和第二密钥可以为相同的密钥,还可以均为随机密钥。终端设备存储的第一验证信息和第二验证信息为相同的验证信息,第一预设标识和第二预设标识为相同的预设标识。For the verification of the first memory and the verification of the second memory, in one embodiment, the first key and the second key may be the same key, or both may be random keys. The first verification information and the second verification information stored by the terminal device are the same verification information, and the first preset identifier and the second preset identifier are the same preset identifier.

相应地,在终端设备、第一存储器和第二存储器三者匹配的情况下,第一存储器中存 储的第一预设验证信息和第二存储器中存储的第二预设验证信息可以相同,即第一预设验证信息、第二预设验证信息、终端设备存储的第一验证信息和第二验证信息四者之间存在对应关系,在四者满足该对应关系时,则对于终端设备、第一存储器和第二存储器三者中的任一个来说,可以利用本地存储的验证信息对其他任一方发送的经过加密处理的验证信息进行解密处理。Accordingly, when the terminal device, the first memory, and the second memory match, the first preset verification information stored in the first memory and the second preset verification information stored in the second memory may be the same, that is, There is a corresponding relationship between the first preset verification information, the second preset verification information, the first verification information and the second verification information stored by the terminal device, and when the four satisfy the corresponding relationship, then for the terminal device, the first For any one of the first memory and the second memory, the authentication information sent by any other party may be decrypted using the authentication information stored locally.

一种实现方式中,在终端设备、第一存储器和第二存储器三者匹配的情况下,第一预设验证信息、第二预设验证信息、第一验证信息和第二验证信息四者均相同,为同一验证信息。这种情况下,对于终端设备来说,在本地只存储一个验证信息便可以对第一存储器和第二存储器进行验证,不仅节省了存储空间,而且降低了验证过程的复杂程度。In an implementation manner, when the terminal device, the first memory, and the second memory match, all of the first preset verification information, the second preset verification information, the first verification information, and the second verification information are all Same, same authentication information. In this case, for the terminal device, the first memory and the second memory can be verified by storing only one verification information locally, which not only saves storage space, but also reduces the complexity of the verification process.

相应地,在终端设备、第一存储器和第二存储器三者匹配的情况下,第一存储器中存储的第一标识和第二存储器中存储的第二标识可以相同,即第一标识、第二标识、第一预设标识和第二预设标识四者之间存在对应关系。根据该对应关系,终端设备可以分别对第一存储器中的标识和第二存储器中的标识进行匹配。Accordingly, when the terminal device, the first memory, and the second memory match, the first identifier stored in the first memory and the second identifier stored in the second memory may be the same, that is, the first identifier, the second identifier, and the second identifier. There is a corresponding relationship among the four identifiers, the first preset identifier and the second preset identifier. According to the corresponding relationship, the terminal device can match the identifier in the first memory and the identifier in the second memory respectively.

一种实现方式中,在终端设备、第一存储器和第二存储器三者匹配的情况下,第一标识、第二标识、第一预设标识和第二预设标识相同,为同一标识。此时,终端设备仅需存储一个标识便可以对第一存储器和第二存储器进行匹配,不仅节省了存储空间,而且降低了匹配过程的复杂程度。In an implementation manner, when the terminal device, the first memory, and the second memory match, the first identifier, the second identifier, the first preset identifier, and the second preset identifier are the same and are the same identifier. At this time, the terminal device can match the first memory and the second memory only by storing an identifier, which not only saves storage space, but also reduces the complexity of the matching process.

本申请实施例提供的技术方案中,终端设备与第一存储器连接,并与第二存储器连接,在确定与第一存储器、第二存储器均匹配之后,对待存储密钥进行分解处理,得到第一目标数量的子区块链私钥;从所得到的子区块链私钥中,将第一数量的子区块链私钥确定为第一份子区块链私钥,将第二数量的子区块链私钥确定为第二份子区块链私钥,将第三数量的子区块链私钥确定为第三份子区块链私钥;将第一份子区块链私钥发送至第一存储器进行存储,将第二份子区块链私钥发送至第二存储器进行存储,将第三份子区块链私钥存储在终端设备本地。通过本申请实施例提供的技术方案,终端设备将待存储密钥分成若干份子区块链私钥并将部分子区块链私钥分别存储于终端设备、第一存储器和第二存储器,且终端设备、第一存储器和第二存储器中任意两份子区块链私钥能够得到完整的密钥。这样,只有从终端设备、第一存储器和第二存储器中任意两个获取所存储的子区块链私钥才能得到完整的密钥,即使其中任意一个丢失也不会导致完整的区块链私钥被盗,提高了区块链私钥存储的安全性。In the technical solution provided in the embodiment of the present application, the terminal device is connected to the first memory and connected to the second memory. After determining that both the first memory and the second memory match, the storage key is decomposed to obtain the first memory. The target number of sub-blockchain private keys; from the obtained sub-blockchain private keys, the first number of sub-blockchain private keys is determined as the first sub-blockchain private key, and the second number of sub-block private keys The blockchain private key is determined as the second sub-blockchain private key, and the third number of sub-blockchain private keys are determined as the third sub-blockchain private key; the first sub-blockchain private key is sent to the One memory is used for storage, the second sub-blockchain private key is sent to the second memory for storage, and the third sub-blockchain private key is stored locally on the terminal device. Through the technical solution provided in the embodiments of the present application, the terminal device divides the key to be stored into several sub-blockchain private keys and stores some of the sub-blockchain private keys in the terminal device, the first memory, and the second memory, respectively, and the terminal Any two sub-blockchain private keys in the device, the first memory and the second memory can obtain the complete key. In this way, the complete key can only be obtained by obtaining the stored private key of the sub-blockchain from any two of the terminal device, the first storage, and the second storage, and even if any of them is lost, it will not cause the complete blockchain private Key theft, which improves the security of blockchain private key storage.

相应于上述种区块链私钥的存储方法,本申请实施例还提供了一种区块链私钥的恢复方法。下面对本申请实施例所提供的一种区块链私钥的恢复方法进行介绍。Corresponding to the foregoing methods for storing the private key of the blockchain, the embodiment of the present application further provides a method for recovering the private key of the blockchain. The following describes a method for recovering a private key of a blockchain provided by an embodiment of the present application.

如图3所示,一种区块链私钥的恢复方法,应用于终端设备,所述方法可以包括:As shown in FIG. 3, a method for recovering a private key of a blockchain is applied to a terminal device, and the method may include:

S301,当接收到区块链私钥获取指令时,从第二预设数量个存储介质中的第四预设数 量个存储介质中获取其所存储的子区块链私钥;S301. When receiving the private key acquisition instruction of the blockchain, obtain the stored private blockchain key from the fourth preset number of the second preset number of storage media;

其中,每个存储介质中存储有第一预设数量个子区块链私钥中的第三预设数量个子区块链私钥,所述每个存储介质存储的子区块链私钥不完全相同,所述子区块链私钥为将待存储的区块链私钥按照预设方式划分得到的,所述第三预设数量小于所述第二预设数量。Wherein, each storage medium stores a third preset number of sub-blockchain private keys among the first preset number of sub-blockchain private keys, and the sub-blockchain private keys stored in each storage medium are incomplete Similarly, the sub-blockchain private key is obtained by dividing the blockchain private key to be stored in a preset manner, and the third preset number is less than the second preset number.

S302,根据所获取的子区块链私钥恢复得到所述待存储的区块链私钥,作为目标区块链私钥。S302. Recovering the private blockchain private key to be stored according to the obtained private blockchain private key as the target private blockchain key.

可见,在本申请实施例所公开的方案中,终端设备在当接收到区块链私钥获取指令时,从第二预设数量个存储介质中的第四预设数量个存储介质中获取其所存储的子区块链私钥,根据所获取的子区块链私钥恢复得到待存储的区块链私钥,作为目标区块链私钥。终端设备无需获取所有存储介质中存储的子区块链私钥便可以恢复得到待存储的区块链私钥,因此,在部分存储介质丢失的情况下也不会影响用户恢复得到待存储的区块链私钥,用户体验更好,且提高了虚拟钱包的安全性。It can be seen that, in the solution disclosed in the embodiment of the present application, when receiving a blockchain private key acquisition instruction, the terminal device acquires it from a fourth preset number of storage media from the second preset number of storage media. The stored private blockchain private key is recovered from the obtained private blockchain private key to obtain the private blockchain private key to be stored as the target private blockchain private key. The terminal device can recover the private blockchain key to be stored without acquiring all the private blockchain private keys stored in the storage medium. Therefore, the loss of some storage media will not affect the user's recovery of the area to be stored. Blockchain private key, better user experience, and improve the security of the virtual wallet.

当用户需要使用已经存储的待存储区块链私钥进行虚拟货币交易时,用户可以发出区块链私钥获取指令。作为一种实施方式,终端设备可以设置指令接口,用户可以通过该指令接口发出区块链私钥获取指令,例如,终端设备可以显示一按钮,当用户点击该按钮时,便可以发出区块链私钥获取指令。When the user needs to use the stored private blockchain private key for virtual currency transactions, the user can issue a blockchain private key acquisition instruction. As an implementation manner, the terminal device may be provided with an instruction interface, and the user may issue a blockchain private key acquisition instruction through the instruction interface. For example, the terminal device may display a button, and when the user clicks the button, the blockchain may be issued. Private key acquisition instruction.

进而,终端设备也就可以接收到该区块链私钥获取指令。那么为了恢复得到完整的待存储的区块链私钥,终端设备可以从第四预设数量个上述存储有子区块链私钥的存储介质中,获取其所存储的子区块链私钥。Furthermore, the terminal device can also receive the blockchain private key acquisition instruction. Then, in order to recover and obtain the complete private blockchain private key to be stored, the terminal device may obtain the stored private blockchain private key from the fourth preset number of the storage media storing the private blockchain private key. .

通过上述对存储子区块链私钥的方式的描述可知,终端设备无需获取全部存储介质中存储的子区块链私钥,即可以获得待存储的区块链私钥对应的全部子区块链私钥,所以,该第四预设数量一般小于第二预设数量。当然,终端设备可以获取全部存储介质中存储的子区块链私钥,这也是合理的。According to the above description of the method for storing the private key of the sub-blockchain, it is known that the terminal device can obtain all the sub-blocks corresponding to the private key of the blockchain to be stored without obtaining the private key of the sub-blockchain stored in all storage media. Chain private key, so the fourth preset number is generally smaller than the second preset number. Of course, it is reasonable that the terminal device can obtain the sub-blockchain private key stored in all storage media.

例如,终端设备将待存储的区块链私钥划分为5个子区块链私钥A*-E*,然后将子区块链私钥A*、B*、C*存储于存储介质a*,子区块链私钥B*、C*、D*存储于存储介质b*,子区块链私钥C*、D*、E*存储于存储介质c*,子区块链私钥D*、E*、A*存储于存储介质d*,子区块链私钥E*、A*、B*存储于存储介质e*。For example, the terminal device divides the blockchain private key to be stored into 5 sub-blockchain private keys A * -E *, and then stores the sub-blockchain private keys A *, B *, and C * on the storage medium a * , The sub-blockchain private keys B *, C *, D * are stored in the storage medium b *, the sub-blockchain private keys C *, D *, E * are stored in the storage medium c *, and the sub-blockchain private key D *, E *, A * are stored on the storage medium d *, and the sub-blockchain private keys E *, A *, B * are stored on the storage medium e *.

那么终端设备在接收区块链私钥获取指令时,便可以从该5个存储介质中的任意3个存储介质中获取其存储的子区块链私钥。可以从存储介质a*、b*及c*中获取其存储的子区块链私钥,也可以从存储介质a*、b*及e*中获取其存储的子区块链私钥,还可以从存储介质c*、d*及e*中获取其存储的子区块链私钥等,当然,还可以从存储介质a*-e*中获取其存储的子区块链私钥,这都是合理的。Then, when receiving the block chain private key acquisition instruction, the terminal device can obtain the stored sub block chain private key from any three of the five storage media. You can obtain the stored private blockchain private keys from storage media a *, b *, and c *, or you can obtain the private blockchain private key stored from storage media a *, b *, and e *. You can obtain the stored private blockchain subkeys from storage media c *, d *, and e *. Of course, you can also obtain the private blockchain private key stored from storage media a * -e *. All are reasonable.

终端设备获取上述子区块链私钥后,便可以根据所获取的子区块链私钥恢复得到上述待存储的区块链私钥。由于终端设备所获取的子区块链私钥包括待存储的区块链私钥对应 的所有的子区块链私钥,所以根据所获取的子区块链私钥便可以恢复得到上述待存储的区块链私钥。After the terminal device obtains the private blockchain private key, it can recover the private blockchain private key to be stored according to the obtained private blockchain private key. Since the sub-blockchain private key obtained by the terminal device includes all the sub-blockchain private keys corresponding to the blockchain private key to be stored, the above-mentioned to-be-stored can be recovered according to the obtained sub-blockchain private key. Blockchain private key.

根据所获取的子区块链私钥恢复得到上述待存储的区块链私钥的具体方式可以根据将待存储的区块链私钥划分为子区块链私钥时的方式确定,可以理解的是,二者为互逆的过程。The specific method of recovering the private blockchain key to be stored according to the obtained private blockchain private key can be determined according to the manner in which the private blockchain key to be stored is divided into the private private blockchain key, which can be understood The thing is, the two are reciprocal processes.

在一种实施方式中,终端设备获取上述子区块链私钥后,由于获取的子区块链私钥包括重复的子区块链私钥,所以可以进行去重处理,即去掉重复的子区块链私钥,进而,将剩余的不重复的子区块链私钥进行组合还原,得到目标区块链私钥。In one embodiment, after the terminal device obtains the above-mentioned sub-blockchain private key, since the obtained sub-blockchain private key includes a duplicate sub-blockchain private key, deduplication processing may be performed, that is, duplicate sub-blocks are removed. The blockchain private key, and then the remaining non-repeating sub-blockchain private keys are combined and restored to obtain the target blockchain private key.

例如,终端设备将待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥后,可以为每个子区块链私钥设置序号标识,这样在终端设备获取上述子区块链私钥后,便可以对序号标识重复的子区块链私钥进行去重处理,然后将剩余的子区块链私钥按照序号标识对应的序号进行排列,进行按照排列顺序进行组合还原,并删除序号标识,便可以得到目标区块链私钥。For example, after a terminal device divides a blockchain private key to be stored into a first preset number of sub-blockchain private keys in a preset manner, a serial number identifier can be set for each sub-blockchain private key, so that it can be obtained on the terminal device. After the above sub-blockchain private keys, the sub-block chain private keys with duplicate serial number identifiers can be deduplicated, and then the remaining sub-blockchain private keys are arranged according to the serial numbers corresponding to the serial number identifiers, and the arrangement order is By performing a combination restoration and deleting the serial number identifier, the target blockchain private key can be obtained.

针对终端设备将待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥时采用门限算法的情况而言,作为本申请实施例的一种实施方式,上述根据所获取的子区块链私钥恢复得到所述待存储的区块链私钥的步骤,可以包括:Regarding a case where a threshold algorithm is used when a terminal device divides a blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset manner, as an implementation manner of the embodiment of the present application, the foregoing The step of recovering the blockchain private key to be stored according to the obtained private blockchain private key may include:

按照门限算法,将所获取的子区块链私钥进行恢复处理,得到所述待存储的区块链私钥。According to the threshold algorithm, the obtained private blockchain private key is restored to obtain the private blockchain private key to be stored.

其中,终端设备可以按照将待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥时采用门限算法,将所获取的子区块链私钥进行恢复处理,进而得到待存储的区块链私钥。Wherein, the terminal device may use a threshold algorithm when the private key of the blockchain to be stored is divided into the first preset number of sub-block private keys according to a preset method, and the acquired private key of the sub-block chain may be recovered. , And then obtain the blockchain private key to be stored.

例如,如果终端设备将待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥时采用门限算法为(t,n)门限算法,那么便可以采用(t,n)门限算法,将所获取的子区块链私钥进行恢复处理,得到待存储的区块链私钥。For example, if the terminal device divides the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset method, and the threshold algorithm is a (t, n) threshold algorithm, then (t N) Threshold algorithm, recovers the obtained private blockchain private key to obtain the private blockchain private key to be stored.

如果终端设备将待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥时采用门限算法为SM2椭圆曲线门限算法,那么便可以采用SM2椭圆曲线门限算法,将所获取的子区块链私钥进行恢复处理,得到待存储的区块链私钥。If the terminal device divides the blockchain private key to be stored into the first preset number of sub-blockchain private keys according to a preset method, and uses the threshold algorithm as the SM2 elliptic curve threshold algorithm, then the SM2 elliptic curve threshold algorithm may be used. The acquired private blockchain private key is recovered to obtain the private blockchain private key to be stored.

可见,在实施例中,终端设备按照门限算法,将所获取的子区块链私钥进行恢复处理,进而得到待存储的区块链私钥。可以快速准确的恢复得到待存储的区块链私钥。It can be seen that, in the embodiment, the terminal device recovers the obtained private blockchain private key according to a threshold algorithm, and then obtains the private blockchain private key to be stored. Can quickly and accurately recover the private key of the blockchain to be stored.

作为本申请实施例的一种实施方式,上述区块链私钥获取指令可以为针对交易的交易确认指令,在这种情况下,在上述根据所获取的子区块链私钥恢复得到所述待存储的区块链私钥的步骤之后,上述方法还可以包括:As an implementation manner of the embodiment of the present application, the above-mentioned blockchain private key acquisition instruction may be a transaction confirmation instruction for a transaction. In this case, the foregoing is obtained by restoring the private blockchain private key obtained according to the foregoing. After the step of storing the blockchain private key, the above method may further include:

基于所述目标区块链私钥对所述交易进行确认。The transaction is confirmed based on the target blockchain private key.

在恢复得到上述目标区块链私钥后,终端设备便可以基于该目标区块链私钥对交易进 行确认,已完成用户所进行的虚拟货币的交易行为。After the target blockchain private key is recovered, the terminal device can confirm the transaction based on the target blockchain private key, and the user's virtual currency transaction behavior has been completed.

作为本申请实施例的一种实施方式,上述第二预设数量可以为3,上述存储介质可以为终端设备中的存储介质、第一存储设备中的存储介质及第二存储设备中的存储介质。As an implementation manner of the embodiment of the present application, the second preset number may be three, and the storage medium may be a storage medium in a terminal device, a storage medium in a first storage device, and a storage medium in a second storage device. .

在这种情况下,参见图4,本申请实施例提供的区块链私钥的恢复方法可以包括如下步骤:In this case, referring to FIG. 4, the method for recovering the private key of the blockchain provided by the embodiment of the present application may include the following steps:

S401:当接收到针对交易的交易确认指令时,获得第一存储设备中所存储的子区块链私钥,作为目标子区块链私钥;S401: When a transaction confirmation instruction for a transaction is received, the sub-blockchain private key stored in the first storage device is obtained as the target sub-blockchain private key;

终端设备、第一存储设备所存储的子区块链私钥包括:对待存储的区块链私钥进行分割所得到的第一子数据、第二子数据和第三子数据中的两份数据;终端设备、第一存储设备所存储的子数据不完全相同;第一存储设备与终端设备建立有通信连接。The sub-blockchain private key stored by the terminal device and the first storage device includes: two pieces of data of the first sub-data, the second sub-data, and the third sub-data obtained by dividing the private key of the blockchain to be stored. The terminal data and the first storage device store sub-data that are not completely the same; the first storage device has a communication connection with the terminal device.

其中,第一存储设备为能够存储数据的设备。具体地,第一存储设备可以为一个存储盘,即第一存储盘。其中,终端设备和第一存储设备为两个独立的设备,可以分开放置。The first storage device is a device capable of storing data. Specifically, the first storage device may be a storage disk, that is, the first storage disk. The terminal device and the first storage device are two independent devices and can be placed separately.

当终端设备接收到针对交易的交易确认指令时,终端设备可以直接获得第一存储设备中所存储的子区块链私钥作为目标子区块链私钥。When the terminal device receives the transaction confirmation instruction for the transaction, the terminal device can directly obtain the sub-blockchain private key stored in the first storage device as the target sub-blockchain private key.

当然,当终端设备接收到针对交易的交易确认指令时,终端设备还可以先判断自身是否记录了:与自身建立了通信连接的第一存储设备的第一标识。其中,第一存储设备的第一标识包括但并不局限于:用户给该第一存储设备设置的自定义名称和该第一存储设备的产品序列号。Of course, when the terminal device receives the transaction confirmation instruction for the transaction, the terminal device may also first determine whether it has recorded: the first identifier of the first storage device that has established a communication connection with itself. The first identifier of the first storage device includes, but is not limited to, a custom name set by the user to the first storage device and a product serial number of the first storage device.

当终端设备中存储了第一标识时,表明该第一存储设备为该终端设备的交易协助设备。此时,终端设备可以从第一存储设备中获得第一存储设备所存储的两份子区块链私钥作为目标子区块链私钥。When the first identifier is stored in the terminal device, it indicates that the first storage device is a transaction assistance device of the terminal device. At this time, the terminal device can obtain the two sub-blockchain private keys stored by the first storage device from the first storage device as the target sub-blockchain private key.

具体地,终端设备可以向第一存储设备发送针对第一存储设备的标识信息获取请求。这样,第一存储设备在接收到该针对第一存储设备的标识信息获取请求之后,可以将第一存储设备自身的第一标识发送给终端设备。终端设备在接收到第一标识后,可以将该第一标识与该终端设备中所存储的、确认交易协助设备的设备标识进行匹配。若匹配成功,则表明该终端设备中记录有该第一标识,即该第一存储设备为交易协助设备。此时,终端设备可以从第一存储设备中获取第一存储设备所存储的子区块链私钥作为目标子区块链私钥。Specifically, the terminal device may send an identification information acquisition request for the first storage device to the first storage device. In this way, after receiving the identification information acquisition request for the first storage device, the first storage device may send the first identification of the first storage device itself to the terminal device. After receiving the first identification, the terminal device may match the first identification with the device identification of the transaction assistance device stored in the terminal device. If the matching is successful, it indicates that the first identifier is recorded in the terminal device, that is, the first storage device is a transaction assistance device. At this time, the terminal device may obtain the sub-blockchain private key stored by the first storage device from the first storage device as the target sub-blockchain private key.

举例而言,终端设备中所存储的子区块链私钥为第一子数据和第二子数据,获得的第一存储设备中所存储的子区块链私钥为第一子数据和第三子数据。那么,可以将第一存储设备中所存储的第一子数据和第三子数据作为目标子区块链私钥。这样,可以从第一存储设备中获取用于恢复目标区块链私钥的目标子区块链私钥。For example, the sub-blockchain private key stored in the terminal device is the first sub-data and the second sub-data, and the obtained sub-blockchain private key stored in the first storage device is the first sub-data and the second sub-data. Third child data. Then, the first sub-data and the third sub-data stored in the first storage device can be used as the target sub-blockchain private key. In this way, the target sub-blockchain private key for recovering the target blockchain private key can be obtained from the first storage device.

若匹配失败,则表明该终端设备中未记录有该第一标识,即该第一存储设备不是交易协助设备。为了清晰布局,后续对终端设备中未记录有第一存储设备的第一标识的情况进 行说明。If the matching fails, it indicates that the first identifier is not recorded in the terminal device, that is, the first storage device is not a transaction assistance device. In order to clarify the layout, a case where the first identifier of the first storage device is not recorded in the terminal device will be described later.

其中,终端设备在判断自身是否记录了第一存储设备的第一标识之前,还可以先检测终端设备是否与第一存储设备建立了通信连接。当检测到终端设备未与第一存储设备建立通信连接时,该终端设备可以提示用户建立终端设备与第一存储设备之间的通信连接。在检测到通信连接建立之后,该终端设备则可以执行判断自身是否记录有第一标识的操作。Before determining whether the terminal device has recorded the first identification of the first storage device, the terminal device may also detect whether the terminal device has established a communication connection with the first storage device. When detecting that the terminal device has not established a communication connection with the first storage device, the terminal device may prompt the user to establish a communication connection between the terminal device and the first storage device. After detecting that the communication connection is established, the terminal device may perform an operation of determining whether the first identifier is recorded.

其中,任意一种检测设备之间是否建立了通信连接的方式均可适用于本申请实施例,在此不做详述。Among them, any method for detecting whether a communication connection is established between the devices can be applied to the embodiments of the present application, and details are not described herein.

终端设备与第一存储设备之间所建立的通信连接可以为无线通信连接,当然并不局限于此。其中,无线通信连接包括但并不局限于:蓝牙通信连接或NFC(Near Field Communication,近距离无线通信)通信连接。也就是说,终端设备可以与第一存储设备进行蓝牙通信或NFC通信,当然并不局限于此。The communication connection established between the terminal device and the first storage device may be a wireless communication connection, of course, it is not limited to this. Among them, the wireless communication connection includes, but is not limited to, a Bluetooth communication connection or a Near Field Communication (NFC) communication connection. That is, the terminal device may perform Bluetooth communication or NFC communication with the first storage device, of course, it is not limited to this.

另外,为了避免上述示例中的第一子数据和第三子数据在传输过程中被恶意用户截取,第一存储设备还可以将第一子数据和第三子数据对应的加密数据传输给终端设备。这样,终端设备在接收到该加密数据后,可以对该加密数据进行解密,从而得到第一子数据和第三子数据,并将该第一子数据和第三子数据作为目标子区块链私钥,这也是合理的。In addition, in order to prevent the first subdata and the third subdata from being intercepted by a malicious user during the transmission process, the first storage device may also transmit the encrypted data corresponding to the first subdata and the third subdata to the terminal device. . In this way, after receiving the encrypted data, the terminal device can decrypt the encrypted data to obtain the first sub data and the third sub data, and use the first sub data and the third sub data as the target sub-blockchain. Private key, this is also reasonable.

另外,获得第一存储设备中所存储的子数据作为目标子区块链私钥的操作具体可以包括:判断第一存储设备是否与第二存储设备插拔电连接。若第一存储设备未与第二存储设备插拔电连接,则表明终端设备只能从第一存储设备中获取子数据。因而,终端设备可以获得第一存储设备中所存储的子数据作为目标子数据。In addition, the operation of obtaining the sub-data stored in the first storage device as the target sub-blockchain private key may specifically include: determining whether the first storage device is electrically connected to the second storage device. If the first storage device is not electrically connected to the second storage device, it indicates that the terminal device can only obtain sub-data from the first storage device. Therefore, the terminal device can obtain the sub data stored in the first storage device as the target sub data.

反之,若第一存储设备与第二存储设备插拔电连接,并且终端设备中记录有第二存储设备的第二标识,则终端设备还可以通过第一存储设备从第二存储设备中获取子数据。在该种情况下,终端设备、第一存储设备和第二存储设备的位置关系可以参见图5,即终端设备与第一存储设备进行蓝牙通信连接,第一存储设备与第二存储设备插拔电连接。其中,的终端设备、第一存储设备和第二存储设备所组成的系统也可以称作硬件钱包。Conversely, if the first storage device is electrically connected to the second storage device and the terminal device records the second identification of the second storage device, the terminal device may also obtain the sub-device from the second storage device through the first storage device. data. In this case, the positional relationship between the terminal device, the first storage device, and the second storage device can be seen in FIG. 5, that is, the terminal device performs a Bluetooth communication connection with the first storage device, and the first storage device and the second storage device are plugged and unplugged. Electrical connection. The system composed of the terminal device, the first storage device, and the second storage device may also be referred to as a hardware wallet.

其中,由于当终端设备中记录有第二存储设备的第二标识时,即第二存储设备为交易协助设备时,第二存储设备所存储的子数据包括:对待存储的区块链私钥进行分割所得到的第一子数据、第二子数据和第三子数据中的两份数据。而且,第二存储设备与终端设备所存储的子数据不完全相同。例如,终端设备中所存储的子数据为第一子数据和第二子数据,第二存储设备中所存储的子数据为第二子数据和第三子数据。因而,终端设备可以从第一存储设备中,获取第一存储设备中所存储的子区块链私钥作为目标子区块链私钥。当然,也可以从第二存储设备中获取第二存储设备中所存储的子区块链私钥作为目标子区块链私钥。也就是说,可以从第一存储设备或从第二存储设备中获取用于恢复目标区块链私钥的目标子区块链私钥。Wherein, when the second identification of the second storage device is recorded in the terminal device, that is, when the second storage device is a transaction assistance device, the sub-data stored by the second storage device includes: the private key of the blockchain to be stored. Divide the two pieces of data obtained by the first sub data, the second sub data, and the third sub data. Moreover, the sub data stored by the second storage device and the terminal device are not completely the same. For example, the sub data stored in the terminal device are the first sub data and the second sub data, and the sub data stored in the second storage device are the second sub data and the third sub data. Therefore, the terminal device may obtain the sub-blockchain private key stored in the first storage device from the first storage device as the target sub-blockchain private key. Of course, the sub-blockchain private key stored in the second storage device may also be obtained from the second storage device as the target sub-blockchain private key. That is, the target sub-blockchain private key for recovering the target blockchain private key may be obtained from the first storage device or from the second storage device.

另外,由于第一存储设备可能会被初始化,即第一存储设备为初始化设备。并且,当 第一存储设备为初始化设备时,第一存储设备中不存储有数据,即第一存储设备中不再存储有:对待存储的区块链私钥进行分割所得到的子区块链私钥中的两份数据。因而,为了保证交易的正常进行,终端设备还可以判断第一存储设备是否为初始化设备。如果第一存储设备不为初始化设备,则可以获得第一存储设备中所存储的子区块链私钥作为目标子区块链私钥。如果第一存储设备为初始化设备,则可以获得第二存储设备中所存储的子区块链私钥为目标子区块链私钥。In addition, since the first storage device may be initialized, the first storage device is an initialization device. In addition, when the first storage device is an initialization device, no data is stored in the first storage device, that is, no longer stored in the first storage device: the sub-blockchain obtained by dividing the private key of the blockchain to be stored Two pieces of data in the private key. Therefore, in order to ensure the normal progress of the transaction, the terminal device may also determine whether the first storage device is an initialization device. If the first storage device is not an initialization device, the sub-blockchain private key stored in the first storage device can be obtained as the target sub-blockchain private key. If the first storage device is an initialization device, the sub-blockchain private key stored in the second storage device can be obtained as the target sub-blockchain private key.

当然,终端设备还可以判断第二存储设备是否被初始化,若第二设备被初始化,则给用户提示无法恢复私钥且交易失败的提示信息。Of course, the terminal device can also determine whether the second storage device is initialized. If the second device is initialized, it prompts the user with a prompt message that the private key cannot be recovered and the transaction fails.

其中,第二存储设备为能够存储数据的设备。具体地,第二存储设备可以为另一个存储盘,即第二存储盘。而且,终端设备、第一存储设备和第二存储设备为三个独立的设备,可以分开放置。The second storage device is a device capable of storing data. Specifically, the second storage device may be another storage disk, that is, a second storage disk. Moreover, the terminal device, the first storage device, and the second storage device are three independent devices and can be placed separately.

另外,该第二存储设备的第二标识包括但并不局限于:用户给该第二存储设备设置的自定义名称和该第二存储设备的产品序列号。In addition, the second identifier of the second storage device includes, but is not limited to, a custom name set by the user to the second storage device and a product serial number of the second storage device.

此外,插拔电连接是指通过插拔接口建立的电连接。其中,可以通过插/拔的方式,建立/解除第一存储设备和第二存储设备之间的通信连接。具体地,第一存储设备可以通过USB(Universal Serial Bus,通用串行总线)接口插拔电连接至第二存储设备。这样,第一存储设备与第二存储设备之间可以进行串口通信。In addition, a plug-in electrical connection refers to an electrical connection established through a plug-in interface. The communication connection between the first storage device and the second storage device can be established / disconnected in a plug / unplug manner. Specifically, the first storage device may be electrically connected to the second storage device through a USB (Universal Serial Bus) interface. In this way, serial communication can be performed between the first storage device and the second storage device.

S402:利用本地所存储的子区块链私钥和目标子区块链私钥,恢复得到所述待存储的区块链私钥;S402: Use the locally stored private blockchain private key and the target private blockchain private key to recover the private blockchain private key to be stored;

其中,上述第一子数据、第二子数据和第三子数据可以是终端设备利用预设秘密共享算法对待存储的区块链私钥进行分割计算所得到的。其中,通过秘密共享算法可以更好地设计针对待存储的区块链私钥的拆分方案和恢复方案。The first sub-data, the second sub-data, and the third sub-data may be obtained by the terminal device using a preset secret sharing algorithm to perform partition calculation on the private key of the blockchain to be stored. Among them, the secret sharing algorithm can better design the splitting scheme and recovery scheme for the blockchain private key to be stored.

对于该种分割方式,可以基于该秘密共享算法对第一子数据、第二子数据和第三子数据进行数据恢复计算,恢复得到待存储的区块链私钥。而且,该种分割方式,恶意用户需要知道该秘密共享算法后才能对待存储的区块链私钥进行恢复,提高了恶意用户恢复待存储的区块链私钥的难度,即提高了恢复私钥的难度。For this segmentation method, data recovery calculations can be performed on the first sub data, the second sub data, and the third sub data based on the secret sharing algorithm, and the private key of the blockchain to be stored can be recovered by recovery. Moreover, in this segmentation method, a malicious user needs to know the secret sharing algorithm before recovering the private blockchain private key, which increases the difficulty for the malicious user to recover the private blockchain private key to be stored, that is, improving the recovery of the private key. Difficulty.

当然,该第一子数据、第二子数据和第三子数据也可以是终端设备对待存储的区块链私钥进行直接切割后得到的,这也是合理的。对于该种切割方式,可以对第一子数据、第二子数据和第二子数据进行拼接,从而可以恢复得到目标区块链私钥。Of course, the first sub data, the second sub data, and the third sub data may also be obtained after the terminal device directly cuts the blockchain private key to be stored, which is also reasonable. For this cutting method, the first sub data, the second sub data, and the second sub data can be spliced, so that the target blockchain private key can be recovered.

其中,当待存储的区块链私钥为加密文件时,恶意用户即使能够拿到第一子数据、第二子数据和第三子数据,并利用第一子数据、第二子数据和第三子数据恢复得到目标区块链私钥,也难以对目标区块链私钥进行解密,提高了恶意用户获取私钥的难度。Among them, when the private key of the blockchain to be stored is an encrypted file, a malicious user can obtain the first subdata, the second subdata, and the third subdata, and use the first subdata, the second subdata, and the first subdata. The third-child data recovery obtains the target private key of the blockchain, and it is difficult to decrypt the private key of the target blockchain, which increases the difficulty for malicious users to obtain the private key.

该加密文件可以是利用RSA加密算法或DES(Data Encryption Standard,对称加密算法)对待存储的区块链私钥进行加密计算得到的,当然并不局限于此。The encrypted file can be obtained by encrypting and calculating the private key of the blockchain to be stored by using the RSA encryption algorithm or DES (Data Encryption Standard). Of course, it is not limited to this.

S403:基于目标区块链私钥对交易进行确认。S403: Confirm the transaction based on the target blockchain private key.

其中,当目标区块链私钥为加密文件时,可以先利用预设的解密密钥对加密文件进行解密,得到目标区块链私钥。然后,利用目标区块链私钥对交易进行确认。当目标区块链私钥不为加密文件时,可以直接利用恢复得到的目标区块链私钥对交易进行确认。Wherein, when the target blockchain private key is an encrypted file, the encrypted file can be decrypted by using a preset decryption key to obtain the target blockchain private key. Then, the transaction is confirmed using the target blockchain private key. When the target blockchain private key is not an encrypted file, you can directly use the recovered target blockchain private key to confirm the transaction.

在本申请实施例中,由于第一存储设备中所存储的子区块链私钥包括:对待存储的区块链私钥进行分割所得的第一子数据、第二子数据和第三子数据中的两份数据。另外,终端设备中也记录有第一子数据、第二子数据和第三子数据中的两份数据,且终端设备和第一存储设备所存储的子数据不完全相同。第一存储设备与该终端设备建立有通信连接。因而,在接收到针对交易的交易确认指令时,终端设备可以获得第一存储设备中所存储的子区块链私钥作为目标子区块链私钥。然后,可以利用终端中所存储的子区块链私钥和获得的目标子区块链私钥来恢复目标区块链私钥。进而,可以基于该目标区块链私钥对交易进行确认。这样,避免通过终端设备这一个设备即可对交易进行确认的情况,并提高了区块链私钥获取难度,从而提高了交易的安全性,保证了用户资产安全。In the embodiment of the present application, since the sub-blockchain private key stored in the first storage device includes: the first sub-data, the second sub-data, and the third sub-data obtained by dividing the block-chain private key to be stored. Two data in. In addition, the terminal device also records two pieces of data of the first sub data, the second sub data, and the third sub data, and the sub data stored by the terminal device and the first storage device are not completely the same. The first storage device has a communication connection with the terminal device. Therefore, when receiving a transaction confirmation instruction for a transaction, the terminal device can obtain the sub-blockchain private key stored in the first storage device as the target sub-blockchain private key. Then, the private blockchain private key stored in the terminal and the obtained private blockchain private key can be used to recover the private blockchain private key. Furthermore, the transaction can be confirmed based on the target blockchain private key. In this way, the situation that the transaction can be confirmed through a terminal device is avoided, and the difficulty of obtaining the blockchain private key is increased, thereby improving the security of the transaction and ensuring the security of user assets.

下面对当终端设备中未记录有第一存储设备的第一标识的情况进行说明。The following describes a case where the first identifier of the first storage device is not recorded in the terminal device.

当终端设备中未记录有第一存储设备的第一标识时,则表明终端设备不是交易协作设备。在该种情况下,为了提高交易的安全性,终端设备可以判断第一存储设备是否与第二存储设备插拔电连接。其中,任意一种检测设备之间是否建立了插拔电连接的方式均可适用于本申请实施例,在此不做详述。When the first identification of the first storage device is not recorded in the terminal device, it indicates that the terminal device is not a transaction cooperation device. In this case, in order to improve the security of the transaction, the terminal device can determine whether the first storage device is electrically connected to the second storage device. Among them, any method for detecting whether a plug-in electrical connection is established between the devices can be applied to the embodiments of the present application, and details are not described herein.

若第一存储设备与第二存储设备插拔电连接,终端设备可以获得插拔电连接至第一存储设备的第二存储设备的第二标识。然后,判断终端设备中是否记录有该第二标识。If the first storage device is electrically connected to the second storage device, the terminal device can obtain a second identifier of the second storage device that is electrically connected to the first storage device. Then, it is determined whether the second identifier is recorded in the terminal device.

具体地,当终端设备与第一存储设备建立了通信连接,且第一存储设备插拔电连接至第二存储设备时,终端设备可以向第一存储设备发送针对第二存储设备的标识信息获取请求。那么,第一存储设备接收到该针对第二存储设备的标识信息获取请求之后,可以从第二存储设备中获得第二存储设备的第二标识;然后,将该第二标识发送给终端设备。Specifically, when the terminal device establishes a communication connection with the first storage device, and the first storage device is electrically connected to the second storage device, the terminal device may send identification information to the first storage device to obtain the identification information for the second storage device. request. Then, after receiving the identification information acquisition request for the second storage device, the first storage device may obtain the second identification of the second storage device from the second storage device; and then send the second identification to the terminal device.

这样,终端设备在接收到第二标识后,可以将该第二标识与该终端设备中所存储的、确认交易协助设备的设备标识进行匹配。若匹配成功,则表明该终端设备中记录有该第一标识。若匹配失败,则表明该终端设备中未记录有该第二标识。In this way, after receiving the second identification, the terminal device can match the second identification with the device identification of the transaction assistance device stored in the terminal device. If the matching is successful, it indicates that the first identifier is recorded in the terminal device. If the matching fails, it indicates that the second identifier is not recorded in the terminal device.

若终端设备中记录有第二标识,则第二存储设备所存储的子区块链私钥包括:对待存储的区块链私钥进行分割所得到的第一子数据、第二子数据和第三子数据中的两份数据,且第二存储设备与终端设备所存储的子区块链私钥不完全相同。因而,该终端设备可以获得第二存储设备中所存储的子区块链私钥,并将所获得的子区块链私钥作为目标子区块链私钥。然后,利用终端设备中存储的子区块链私钥和该目标子区块链私钥来恢复目标区块链私钥,进而基于该目标区块链私钥对交易进行确认。这样,可以避免通过终端设备这一个设备即可对交易进行确认的情况,提高了交易的安全性,从而可以保证用户的资产安全。If the second identifier is recorded in the terminal device, the sub-blockchain private key stored in the second storage device includes: the first sub-data, the second sub-data, and the first sub-data obtained by dividing the block-chain private key to be stored. Two of the three sub-data, and the sub-blockchain private keys stored in the second storage device and the terminal device are not exactly the same. Therefore, the terminal device can obtain the sub-blockchain private key stored in the second storage device, and use the obtained sub-blockchain private key as the target sub-blockchain private key. Then, the private blockchain private key stored in the terminal device and the target private blockchain private key are used to recover the private blockchain private key, and the transaction is confirmed based on the private blockchain private key. In this way, it is possible to avoid the situation that the transaction can be confirmed through the terminal device, which improves the security of the transaction, thereby ensuring the security of the user's assets.

若终端设备中未记录有第二标识,终端设备还可以提示用户更换插拔电连接至第一存储设备的第二存储设备,这是合理的。具体地,终端设备可以提示用户:将第二存储设备更换为与交易协助设备的设备标识一致的设备。If the second identifier is not recorded in the terminal device, the terminal device may also prompt the user to replace the second storage device that is electrically connected to the first storage device, which is reasonable. Specifically, the terminal device may prompt the user to replace the second storage device with a device consistent with the device identification of the transaction assistance device.

另外,若检测到第一存储设备未与第二存储设备插拔电连接,该终端设备还可以提示用户建立第一存储设备和第二存储设备的插拔电连接。其中,当终端设备检测到第一存储设备与第二存储设备插拔电连接后,可以触发上述获得插拔电连接至第一存储设备的第二存储设备的第二标识的步骤,在此不做赘述。In addition, if it is detected that the first storage device is not electrically connected to the second storage device, the terminal device may also prompt the user to establish an electrical connection between the first storage device and the second storage device. Wherein, when the terminal device detects that the first storage device is electrically connected to the second storage device, the above-mentioned step of obtaining the second identity of the second storage device that is electrically connected to the first storage device may be triggered. To repeat.

相应于上述种区块链私钥的存储方法,本申请实施例还提供了另一种区块链私钥的恢复方法。下面对本申请实施例所提供的第二种区块链私钥的恢复方法进行介绍。Corresponding to the foregoing method for storing the private key of the blockchain, the embodiment of the present application also provides another method for recovering the private key of the blockchain. The following describes a second method for recovering a private key of a blockchain provided by an embodiment of the present application.

本申请实施例提供的第二种区块链私钥的恢复方法可以应用于终端设备。该终端设备中可以安装有数字钱包客户端。该终端设备包括但并不局限于台式电脑、平板电脑和智能手表。The second method for recovering a private key of a blockchain provided by the embodiment of the present application can be applied to a terminal device. A digital wallet client can be installed in the terminal device. The terminal devices include, but are not limited to, desktop computers, tablet computers, and smart watches.

参见图5,本申请实施例提供的区块链私钥的恢复方法可以包括如下步骤:Referring to FIG. 5, a method for recovering a private key of a blockchain provided by an embodiment of the present application may include the following steps:

S501,当接收到数据恢复指令时,从第二预设数量个存储介质中确定目标存储介质;S501. When a data recovery instruction is received, determine a target storage medium from a second preset number of storage media.

其中,每个存储介质中存储有第一预设数量个子区块链私钥中的第三预设数量个子区块链私钥,所述每个存储介质存储的子区块链私钥不完全相同,所述子区块链私钥为将待存储的区块链私钥按照预设方式划分得到的,所述第四预设数量小于所述第二预设数量。Wherein, each storage medium stores a third preset number of sub-blockchain private keys among the first preset number of sub-blockchain private keys, and the sub-blockchain private keys stored in each storage medium are incomplete Similarly, the private blockchain private key is obtained by dividing the private blockchain private key to be stored in a preset manner, and the fourth preset number is less than the second preset number.

S502,利用所述第二预设数量个存储介质中的非目标存储介质所存储的子区块链私钥,恢复所述目标存储介质所需存储的子区块链私钥。S502. Use the sub-blockchain private key stored in the non-target storage medium in the second preset number of storage media to recover the sub-blockchain private key required to be stored in the target storage medium.

可见,在本申请实施例所公开的方案中,终端设备在当接收到数据恢复指令时,从第二预设数量个存储介质中确定目标存储介质,然后利用第二预设数量个存储介质中的非目标存储介质所存储的子区块链私钥,恢复目标存储介质所需存储的子区块链私钥。终端设备可以根据目标存储介质中存储的子区块链私钥便可以恢复得到非目标存储介质中存储的子区块链私钥,因此,在部分存储介质中的子区块链私钥丢失的情况下,可以恢复得到丢失的子区块链私钥,保证数据的完好,用户体验更好。It can be seen that, in the solution disclosed in the embodiment of the present application, when receiving a data recovery instruction, the terminal device determines a target storage medium from a second preset number of storage media, and then uses the second preset number of storage media to The sub-blockchain private key stored in the non-target storage medium is used to recover the sub-blockchain private key stored in the target storage medium. The terminal device can recover the sub-blockchain private key stored in the non-target storage medium according to the sub-blockchain private key stored in the target storage medium. Therefore, the sub-blockchain private key in some storage media is lost. Under the circumstances, the lost private blockchain private key can be recovered to ensure the integrity of the data and better user experience.

作为本申请实施例的一种实施方式,上述第二预设数量可以为3,上述存储介质可以为终端设备中的存储介质、第一存储设备中的存储介质及第二存储设备中的存储介质。As an implementation manner of the embodiment of the present application, the second preset number may be three, and the storage medium may be a storage medium in a terminal device, a storage medium in a first storage device, and a storage medium in a second storage device. .

在这种情况下,如图6所示,上述第二种区块链私钥的恢复方法可以包括:In this case, as shown in FIG. 6, the above-mentioned second method for recovering the private key of a blockchain may include:

S601:当接收到数据恢复指令时,确定通信连接的第一存储设备的第一标识,并确定与第一存储设备插拔电连接的第二存储设备的第二标识;S601: When a data recovery instruction is received, determine a first identifier of a first storage device that is communicatively connected, and determine a second identifier of a second storage device that is electrically connected to the first storage device;

其中,第一存储设备为能够存储数据的设备。具体地,第一存储设备可以为一个存储盘,即第一存储盘。同理,第二存储设备也为能够存储数据的设备。具体地,第二存储设备可以为另一个存储盘,即第二存储盘。而且,终端设备、第一存储设备和第二存储设备 为三个独立的设备,可以分开放置。The first storage device is a device capable of storing data. Specifically, the first storage device may be a storage disk, that is, the first storage disk. Similarly, the second storage device is a device capable of storing data. Specifically, the second storage device may be another storage disk, that is, a second storage disk. Moreover, the terminal device, the first storage device, and the second storage device are three independent devices and can be placed separately.

在本实施例中,当终端设备接收到数据恢复指令时,终端设备并不知道需要对哪个设备进行数据恢复。此时,终端设备可以先确定与自身建立有通信连接的第一存储设备的第一标识,并确定与第一存储设备插拔电连接的第二存储设备的第二标识。In this embodiment, when the terminal device receives a data recovery instruction, the terminal device does not know which device needs to perform data recovery. At this time, the terminal device may first determine a first identifier of a first storage device that has established a communication connection with itself, and determine a second identifier of a second storage device that is electrically connected to the first storage device.

当终端设备与第一存储设备建立了通信连接,且第一存储设备插拔电连接至第二存储设备时,终端设备可以向第一存储设备发送标识信息获取请求。那么,第一存储设备接收到该标识信息获取请求之后,可以从第二存储设备中获得第二存储设备的第二标识;然后,将第一存储设备的第一标识和该第二标识发送给终端设备。这样,终端设备即可获得该第一存储设备的第一标识和第二存储设备的第二标识。When the terminal device establishes a communication connection with the first storage device, and the first storage device is electrically connected to the second storage device, the terminal device may send an identification information acquisition request to the first storage device. Then, after receiving the identification information acquisition request, the first storage device may obtain the second identification of the second storage device from the second storage device; and then send the first identification of the first storage device and the second identification to Terminal Equipment. In this way, the terminal device can obtain the first identifier of the first storage device and the second identifier of the second storage device.

由于在确定第一标识和第二标识之前,第一存储设备可能未与终端设备建立通信连接,第一存储设备也可能未插拔电连接至第二存储设备。因而,为了成功获取到第一存储设备的第一标识和第二存储设备的第二标识,终端设备在确定第一标识和第二标识之前,还可以检测终端设备是否与第一存储设备建立了通信连接,且第一存储设备是否插拔电连接至第二存储设备。其中,任意一种检测设备之间是否建立了通信连接的方式及检测设备之间是否建立了插拔电连接的方式均可适用于本申请实施例,在此不做详述。Because before the first identifier and the second identifier are determined, the first storage device may not establish a communication connection with the terminal device, and the first storage device may not be electrically connected to the second storage device. Therefore, in order to successfully obtain the first identification of the first storage device and the second identification of the second storage device, the terminal device can also detect whether the terminal device has been established with the first storage device before determining the first identification and the second identification. Communication connection, and whether the first storage device is electrically connected to the second storage device. Any one of the methods for detecting whether a communication connection is established between the devices and the method for detecting whether a plug-in electrical connection is established between the devices can be applied to the embodiments of the present application, and details are not described herein.

其中,终端设备检测终端设备是否与第一存储设备建立了通信连接,且第一存储设备是否插拔电连接至第二存储设备的操作具体可以为:先检测终端设备是否与第一存储设备建立了通信连接。若检测到终端设备与第一存储设备建立了通信连接,则可以再检测第一存储设备是否插拔电连接至第二存储设备。The operation of the terminal device detecting whether the terminal device has established a communication connection with the first storage device and whether the first storage device is electrically connected to the second storage device may specifically include: first detecting whether the terminal device is established with the first storage device. Communication connection. If it is detected that the terminal device has established a communication connection with the first storage device, then it can be detected whether the first storage device is electrically connected to the second storage device.

若检测到第一存储设备插拔电连接至第二存储设备,则终端设备可以执行:确定第一存储设备的第一标识和第二存储设备的第二标识的操作。若检测到第一存储设备未插拔电连接至第二存储设备,则终端设备可以提示用户:将第一存储设备插拔电连接至第二存储设备。If it is detected that the first storage device is electrically connected to the second storage device, the terminal device may perform an operation of determining a first identification of the first storage device and a second identification of the second storage device. If it is detected that the first storage device is not electrically connected to the second storage device, the terminal device may prompt the user to electrically connect the first storage device to the second storage device.

若检测到终端设备未与第一存储设备建立通信连接,则放弃检测第一存储设备是否插拔电连接至第二存储设备。在该种情况下,则认为终端设备未与第一存储设备建立通信连接,且第一存储设备未插拔电连接至第二存储设备。此时,终端设备可以提示用户:建立终端设备和第一存储设备的通信连接,并将第一存储设备插拔电连接至第二存储设备。If it is detected that the terminal device has not established a communication connection with the first storage device, then it is discarded to detect whether the first storage device is electrically connected to the second storage device. In this case, it is considered that the terminal device has not established a communication connection with the first storage device, and the first storage device is not electrically connected to the second storage device. At this time, the terminal device may prompt the user: establish a communication connection between the terminal device and the first storage device, and electrically connect the first storage device to the second storage device.

具体地,可以提示用户建立终端设备和第一存储设备的无线通信连接。其中,无线通信连接包括:蓝牙通信连接或NFC(Near Field Communication,近距离无线通信)通信连接。也就是说,终端设备可以与第一存储设备进行蓝牙通信或NFC通信,当然并不局限于此。Specifically, the user may be prompted to establish a wireless communication connection between the terminal device and the first storage device. Among them, the wireless communication connection includes: a Bluetooth communication connection or a Near Field Communication (NFC) communication connection. That is, the terminal device may perform Bluetooth communication or NFC communication with the first storage device, of course, it is not limited to this.

另外,第一存储设备的第一标识包括但并不局限于:用户给该第一存储设备设置的自定义名称和该第一存储设备的产品序列号。同理,该第二存储设备的第二标识包括但并不局限于:用户给该第二存储设备设置的自定义名称和该第二存储设备的产品序列号。In addition, the first identifier of the first storage device includes, but is not limited to, a custom name set by the user to the first storage device and a product serial number of the first storage device. Similarly, the second identifier of the second storage device includes, but is not limited to, a custom name set by the user to the second storage device and a product serial number of the second storage device.

此外,插拔电连接是指通过插拔接口建立的电连接。其中,可以通过插/拔的方式,建立/解除第一存储设备和第二存储设备之间的通信连接。具体地,第一存储设备可以通过USB(Universal Serial Bus,通用串行总线)接口插拔电连接至第二存储设备。这样,第一存储设备与第二存储设备之间可以进行串口通信。In addition, a plug-in electrical connection refers to an electrical connection established through a plug-in interface. The communication connection between the first storage device and the second storage device can be established / disconnected in a plug / unplug manner. Specifically, the first storage device may be electrically connected to the second storage device through a USB (Universal Serial Bus) interface. In this way, serial communication can be performed between the first storage device and the second storage device.

S602:基于第一标识和第二标识,确定自身、第一存储设备和第二存储设备中待恢复数据的一个设备,作为目标设备;S602: Based on the first identifier and the second identifier, determine a device to be restored among itself, the first storage device, and the second storage device as a target device;

S603:利用非目标设备所存储的子区块链私钥,恢复目标设备所需存储的子区块链私钥。S603: Use the sub-blockchain private key stored by the non-target device to recover the sub-blockchain private key that the target device needs to store.

其中,在对目标设备所需存储的子区块链私钥进行恢复之后,每个非目标设备和目标设备中存储有:对待存储的区块链私钥进行分割所得到的第一份子区块链私钥、第二份子区块链私钥和第三份子区块链私钥中的两份数据,并且任意两个设备中存储的数据不完全相同。Among them, after recovering the sub-blockchain private key that the target device needs to store, each non-target device and target device stores: the first sub-block obtained by dividing the blockchain private key to be stored The two data in the chain private key, the second sub-blockchain private key, and the third sub-blockchain private key, and the data stored in any two devices are not exactly the same.

终端设备在获得第一存储设备的第一标识和第二存储设备的第二标识之后,可以根据该第一标识和该第二标识来确定需要对哪个设备进行数据恢复。并且,可以将待进行数据恢复的一个设备记为目标设备,将不需要进行数据恢复的每个设备记为一个非目标设备。After obtaining the first identification of the first storage device and the second identification of the second storage device, the terminal device may determine which device needs to perform data recovery according to the first identification and the second identification. In addition, one device to be subjected to data recovery may be referred to as a target device, and each device that does not require data recovery may be referred to as a non-target device.

具体地,当终端设备中记录有第一标识但未记录有第二标识时,终端设备可以确定第二存储设备为待恢复数据的目标设备。当然,在检测到终端设备中记录有第一标识但未记录有第二标识之后,终端设备还可以检测第二标识对应的第二存储设备是否为初始化设备,在检测到第二存储设备为初始化设备,再确定第二存储设备为待恢复数据的目标设备。这样,可以将初始化后的未存储有数据的第二存储设备确定为目标设备。Specifically, when the first identifier is recorded in the terminal device but the second identifier is not recorded, the terminal device may determine that the second storage device is the target device of the data to be recovered. Of course, after detecting that the first identifier is recorded in the terminal device but not the second identifier, the terminal device may also detect whether the second storage device corresponding to the second identifier is an initialization device, and upon detecting that the second storage device is initialized Device, and then determine that the second storage device is the target device of the data to be recovered. In this way, the second storage device that is not stored with data after initialization may be determined as the target device.

另外,当终端设备中记录有第二标识但未记录有第一标识时,终端设备可以确定第一存储设备为待恢复数据的目标设备。当终端设备中未记录有第二标识且未记录有第一标识时,终端设备可以确定终端设备自身为待恢复数据的目标设备。In addition, when the second identifier is recorded in the terminal device but the first identifier is not recorded, the terminal device may determine that the first storage device is a target device of the data to be recovered. When the second identifier is not recorded in the terminal device and the first identifier is not recorded, the terminal device may determine that the terminal device itself is the target device of the data to be recovered.

在确定待恢复数据的目标设备之后,可以通过第一份子区块链私钥、第二份子区块链私钥和第三份子区块链私钥对目标设备中存储的子区块链私钥进行恢复。进而,通过终端设备、第一存储设备和第二存储设备中的任意两个设备中存储的子区块链私钥还可以恢复得到上述待存储的区块链私钥,提高了区块链私钥的安全性。After the target device of the data to be recovered is determined, the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key can be used to pair the sub-blockchain private keys stored in the target device. Perform recovery. Furthermore, the private blockchain private key stored in any two of the terminal device, the first storage device, and the second storage device can also be used to recover the private blockchain key to be stored. Key security.

在一种实现方式中,终端设备在获得两个非目标设备中存储的数据之后,可以基于子区块链私钥恢复原则,直接利用第一份子区块链私钥、第二份子区块链私钥和第三份子区块链私钥对目标设备中存储的子区块链私钥进行恢复。其中,该子区块链私钥恢复原则为:使对目标设备所需存储的子区块链私钥进行恢复之后,每个非目标设备和目标设备中存储有两份子区块链私钥,并且任意两个设备中存储的子区块链私钥不完全相同。In one implementation, after obtaining the data stored in the two non-target devices, the terminal device can directly use the first sub-blockchain private key and the second sub-blockchain based on the principle of the sub-blockchain private key recovery. The private key and the third sub-blockchain private key recover the sub-blockchain private key stored in the target device. The principle of recovering the private key of the sub-blockchain is: after recovering the private key of the sub-blockchain that the target device needs to recover, each non-target device and the target device store two copies of the private key of the sub-blockchain. And the sub-blockchain private keys stored in any two devices are not exactly the same.

举例而言,当终端设备和第一存储设备为非目标设备,且终端设备中存储有第一子区块链私钥和第二子区块链私钥,第一存储设备中存储有第一子区块链私钥和第三子区块链 私钥时,终端设备可以从该终端设备自身和第一存储设备中获得:第一子区块链私钥、第二子区块链私钥和第三子区块链私钥,并可以确定第二存储设备待存储的子区块链私钥为第二子区块链私钥和第三子区块链私钥。For example, when the terminal device and the first storage device are non-target devices, and the terminal device stores the first sub-blockchain private key and the second sub-blockchain private key, the first storage device stores the first When the sub-blockchain private key and the third sub-blockchain private key, the terminal device can obtain from the terminal device itself and the first storage device: the first sub-blockchain private key and the second sub-blockchain private key And the third sub-blockchain private key, and it can be determined that the sub-blockchain private key to be stored by the second storage device is the second sub-blockchain private key and the third sub-blockchain private key.

从而,终端设备可以基于子数据恢复原则直接从所获得的三份子区块链私钥中提取出第二子区块链私钥和第三子区块链私钥。然后,通过第一存储设备将该第二子区块链私钥和第三子区块链私钥转存至第二存储设备中,从而实现对第二存储设备中存储的子区块链私钥的恢复。Therefore, the terminal device can directly extract the second sub-blockchain private key and the third sub-blockchain private key from the obtained three sub-blockchain private keys based on the sub-data recovery principle. Then, the second sub-blockchain private key and the third sub-blockchain private key are transferred to the second storage device through the first storage device, thereby realizing private sub-blockchain storage in the second storage device. Key recovery.

又例如,当终端设备和第二存储设备为非目标设备,且终端设备中存储有第一子区块链私钥和第二子区块链私钥,第二存储设备中存储有第二子区块链私钥和第三子区块链私钥时,终端设备可以从该终端设备自身和第二存储设备中获得:第一子区块链私钥、第二子区块链私钥和第三子区块链私钥,并可以确定第一存储设备待存储的子区块链私钥为第一子区块链私钥和第三子区块链私钥。As another example, when the terminal device and the second storage device are non-target devices, and the terminal device stores the first sub-blockchain private key and the second sub-blockchain private key, and the second storage device stores a second sub-blockchain private key. When the blockchain private key and the third sub-blockchain private key, the terminal device can obtain from the terminal device itself and the second storage device: the first sub-blockchain private key, the second sub-blockchain private key, and The third sub-blockchain private key, and it can be determined that the sub-blockchain private key to be stored by the first storage device is the first sub-blockchain private key and the third sub-blockchain private key.

从而,终端设备可以基于子数据恢复原则直接从所获得的三份子区块链私钥中提取出第一子区块链私钥和第三子区块链私钥。然后,将该第一子区块链私钥和第三子区块链私钥存储至第一存储设备中,从而实现对第一存储设备中待存储的子区块链私钥的恢复。Therefore, the terminal device can directly extract the first sub-blockchain private key and the third sub-blockchain private key from the three sub-blockchain private keys obtained based on the sub-data recovery principle. Then, the first sub-blockchain private key and the third sub-blockchain private key are stored in the first storage device, so as to recover the sub-blockchain private key to be stored in the first storage device.

在另一种实现方式中,终端设备在从该终端设备自身和第一存储设备中获取:第一子区块链私钥、第二子区块链私钥和第三子区块链私钥之后,还可以先利用第一子区块链私钥、第二子区块链私钥和第三子区块链私钥恢复目标区块链私钥。然后,利用预设秘密分割算法对目标区块链私钥进行分割,从而分割得到第一目标子区块链私钥、第二目标子区块链私钥和第三目标子区块链私钥。In another implementation, the terminal device obtains from the terminal device itself and the first storage device: the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key Afterwards, the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key can also be used to recover the target blockchain private key. Then, the preset private segmentation algorithm is used to segment the target blockchain private key, so as to obtain the first target sub-blockchain private key, the second target sub-blockchain private key, and the third target sub-blockchain private key. .

其中,分割得到的第一目标子区块链私钥、第二目标子区块链私钥和第三目标子区块链私钥可以分别与第一子区块链私钥、第二子区块链私钥和第三子区块链私钥相同。当然,为了进一步提高区块链私钥的安全性,也可以使分割得到的第一目标子区块链私钥、第二目标子区块链私钥和第三目标子区块链私钥与第一子区块链私钥、第二子区块链私钥和第三子区块链私钥不相同,这也是合理的。The first target sub-blockchain private key, the second target sub-blockchain private key, and the third target sub-blockchain private key obtained from the segmentation may be separately from the first sub-block chain private key and the second sub-region. The blockchain private key is the same as the third sub-blockchain private key. Of course, in order to further improve the security of the blockchain private key, the first target sub-blockchain private key, the second target sub-blockchain private key, and the third target sub-blockchain private key obtained by segmentation can also be It is also reasonable that the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key are different.

当分割得到的第一目标子区块链私钥、第二目标子区块链私钥和第三目标子区块链私钥与第一子区块链私钥、第二子区块链私钥和第三子区块链私钥不相同时,该终端设备还可以利用第一目标子区块链私钥、第二目标子区块链私钥替换原来所存储的第一子区块链私钥、第二子区块链私钥。然后,将第一目标子区块链私钥和第三目标子区块链私钥发送给第一存储设备,使第一存储设备利用接收到的第一目标子区块链私钥和第三目标子区块链私钥替换原来所存储的第一子区块链私钥和第三子区块链私钥。When the first target sub-blockchain private key, the second target sub-blockchain private key, and the third target sub-blockchain private key are obtained, the first sub-blockchain private key and the second sub-blockchain private key are obtained. When the key and the private key of the third sub-blockchain are not the same, the terminal device may also replace the first sub-blockchain stored originally with the private key of the first target sub-blockchain and the private key of the second target sub-blockchain. Private key, private key of the second sub-blockchain. Then, the first target sub-blockchain private key and the third target sub-blockchain private key are sent to the first storage device, so that the first storage device uses the received first target sub-blockchain private key and the third The target sub-blockchain private key replaces the first sub-blockchain private key and the third sub-blockchain private key that were originally stored.

另外,该终端设备还通过该第一存储设备将第二目标子区块链私钥和第三目标子区块链私钥发送给第二存储设备,使第二存储设备存储该第二目标子区块链私钥和第三目标子区块链私钥。然后,终端设备中可以记录:用于分散存储目标子区块链私钥的第一存储设 备的第一标识和第二存储设备的第二标识。这样,可以对第二存储设备待存储的子区块链私钥进行恢复。而且,还可以对第一目标子区块链私钥、第二目标子区块链私钥和第三目标子区块链私钥进行分散存储,增加恶意用户盗取区块链私钥的难度,从而提高了区块链私钥的安全性,进而可以保证用户资产的安全。In addition, the terminal device also sends the second target sub-blockchain private key and the third target sub-blockchain private key to the second storage device through the first storage device, so that the second storage device stores the second target sub-blockchain. Blockchain private key and the third target sub-blockchain private key. Then, the terminal device may record: the first identifier of the first storage device and the second identifier of the second storage device for decentrally storing the private key of the target sub-blockchain. In this way, the sub-blockchain private key to be stored by the second storage device can be recovered. In addition, the first target sub-blockchain private key, the second target sub-blockchain private key, and the third target sub-blockchain private key can be distributedly stored, increasing the difficulty for malicious users to steal the block chain private key. , Thereby improving the security of the private key of the blockchain, and thus ensuring the security of user assets.

为了提高存储区块链私钥的安全性,本申请实施例提供了一种区块链私钥的存储系统,如图7所示,该系统可以包括第一存储设备和第二存储设备,第一存储设备和第二存储设备连接;In order to improve the security of storing the private key of the blockchain, an embodiment of the present application provides a storage system of the private key of the blockchain. As shown in FIG. 7, the system may include a first storage device and a second storage device. A storage device is connected to the second storage device;

第一存储设备710,用于存储第一份子区块链私钥,第一份子区块链私钥包括:待存储的区块链私钥被按照预设方式划分所得到的第一预设数量个子区块链私钥中第三预设数量个子区块链私钥;The first storage device 710 is configured to store a first sub-blockchain private key. The first sub-blockchain private key includes: a first preset number obtained by dividing the private key of the blockchain to be stored in a preset manner. The third preset number of sub-blockchain private keys among the sub-blockchain private keys;

第二存储设备720,用于存储第二份子区块链私钥,第二份子区块链私钥包括:待存储的区块链私钥被按照预设方式划分所得到的第一预设数量个子区块链私钥中第三预设数量个子区块链私钥;The second storage device 720 is configured to store a second sub-blockchain private key. The second sub-blockchain private key includes a first preset number obtained by dividing the private key of the blockchain to be stored in a preset manner. The third preset number of sub-blockchain private keys among the sub-blockchain private keys;

其中,第一预设数量不小于3,第三预设数量大于1且小于第一预设数量,第一份子区块链私钥包括的子区块链私钥与第二份子区块链私钥包括的子区块链私钥不完全相同,第一份子区块链私钥和第二份子区块链私钥能够得到待存储密钥。Among them, the first preset number is not less than 3, the third preset number is greater than 1 and less than the first preset number, and the first sub-blockchain private key includes the sub-blockchain private key and the second sub-blockchain private key. The sub-blockchain private key included in the key is not exactly the same. The first sub-blockchain private key and the second sub-blockchain private key can obtain the key to be stored.

可见,本申请实施例提供的技术方案中,区块链私钥的存储系统包括第一存储器和第二存储器,第一存储器和第二存储器连接;第一存储器,用于存储第一份子区块链私钥,第二存储器,用于存储第二份子区块链私钥;其中,第一预设数量不小于3,第三预设数量大于1且小于第一预设数量,第一份子区块链私钥包括的子区块链私钥与第二份子区块链私钥包括的子区块链私钥不完全相同,第一份子区块链私钥和第二份子区块链私钥能够得到待存储密钥。通过本申请实施例提供的技术方案,待存储的区块链私钥被分解为若干份子区块链私钥,第一存储器和第二存储器中分别存储该若干份子区块链私钥中的一部分子区块链私钥,并且只有将第一存储器中存储的第一份子区块链私钥与第二存储器中存储的第二份子区块链私钥结合才能够得到完整的待存储的区块链私钥。这样,即使第一存储器和第二存储器中的任一个丢失,也不会导致完整的区块链私钥丢失,并且,将完整的待存储的区块链私钥分散于区块链私钥的存储系统中的两个存储器,提高了存储区块链私钥的安全性。It can be seen that, in the technical solution provided by the embodiment of the present application, the storage system of the private key of the blockchain includes a first memory and a second memory, and the first memory and the second memory are connected; the first memory is configured to store the first sub-block The chain private key and the second memory are used to store the second sub-blockchain private key; wherein the first preset number is not less than 3, the third preset number is greater than 1 and less than the first preset number, and the first sub-area The sub-blockchain private key included in the blockchain private key is not exactly the same as the sub-blockchain private key included in the second sub-blockchain private key. The first sub-blockchain private key and the second sub-blockchain private key. The key to be stored can be obtained. Through the technical solution provided by the embodiment of the present application, the private key of the blockchain to be stored is decomposed into a plurality of sub-block private keys, and the first storage and the second storage respectively store a part of the several sub-block private keys. The private blockchain subkey, and only when the first private blockchain private key stored in the first storage is combined with the second private blockchain private key stored in the second storage can a complete block to be stored be obtained Private chain key. In this way, even if any of the first memory and the second memory is lost, the complete private key of the blockchain will not be lost, and the complete private key of the blockchain to be stored will be dispersed in the private key of the blockchain. The two memories in the storage system improve the security of storing blockchain private keys.

本申请实施例中的第一存储器即为上述第一存储设备,第二存储器即为上述第二存储设备。第一预设数量可以是自定义设定的。比如,第一预设数量为3,则将待存储的区块链私钥进行分解处理之后,可以得到3个子区块链私钥。In the embodiment of the present application, the first memory is the foregoing first storage device, and the second memory is the foregoing second storage device. The first preset number may be customized. For example, if the first preset number is 3, after the blockchain private key to be stored is decomposed, three sub-blockchain private keys can be obtained.

其中,如图8所示的本申请实施例提供的一种应用场景示意图,第一存储器710和第二存储器720连接,第一存储器710和第二存储器720之间可以通信。一种实现方式中,第一 存储器710和第二存储器720之间通过并行总线连接。As shown in FIG. 8, a schematic diagram of an application scenario is provided in the embodiment of the present application. The first memory 710 and the second memory 720 are connected, and the first memory 710 and the second memory 720 can communicate with each other. In an implementation manner, the first memory 710 and the second memory 720 are connected through a parallel bus.

作为本申请实施例的一种实施方式,如图9所示,上述系统还可以包括终端设备730。终端设备730可以是手机、平板、电脑等终端设备。终端设备分别与第一存储器710、第二存储器720连接。其中,连接的方式包括直接连接和间接连接,直接连接是指终端设备与存储器之间可以直接通信,间接连接是指终端设备与存储器之间需要通过其他设备才能进行通信。As an implementation manner of an embodiment of the present application, as shown in FIG. 9, the foregoing system may further include a terminal device 730. The terminal device 730 may be a terminal device such as a mobile phone, a tablet, or a computer. The terminal device is connected to the first memory 710 and the second memory 720, respectively. The connection methods include direct connection and indirect connection. Direct connection means that the terminal device and the memory can communicate directly, and indirect connection means that the terminal device and the memory need to communicate through other devices.

一种实施方式中,如图10所示,终端设备与第一存储器710之间为直接连接,即终端设备可以与第一存储器直接进行通信。终端设备730与第二存储器720之间也为直接连接,即终端设备可以与第二存储器直接进行通信。In one embodiment, as shown in FIG. 10, the terminal device is directly connected to the first memory 710, that is, the terminal device can directly communicate with the first memory. The terminal device 730 and the second memory 720 are also directly connected, that is, the terminal device can directly communicate with the second memory.

另一种实施方式中,第一存储器和第二存储器中的任意一个存储器与终端设备直接连接,另一个存储器则通过与终端设备直接连接的存储器,与该终端设备间接连接。In another implementation manner, any one of the first memory and the second memory is directly connected to the terminal device, and the other memory is indirectly connected to the terminal device through a memory directly connected to the terminal device.

一种实现方式中,如图11所示,第一存储器710与终端设备730直接连接,第二存储器720通过第一存储器710与该终端设备730间接连接。也就是说,终端设备可以将信息直接发送至第一存储器,而当终端设备向第二存储器发送信息时,终端设备将信息发送至第一存储器,由第一存储器将该信息转发至第二存储器,这样实现终端设备与第二存储器之间的通信连接。In an implementation manner, as shown in FIG. 11, the first memory 710 is directly connected to the terminal device 730, and the second memory 720 is indirectly connected to the terminal device 730 through the first memory 710. In other words, the terminal device can directly send information to the first storage, and when the terminal device sends information to the second storage, the terminal device sends the information to the first storage, and the first storage forwards the information to the second storage. In this way, a communication connection between the terminal device and the second memory is implemented.

另一种实现方式中,第一存储器与第二存储器之间连接,第二存储器与终端设备直接连接,则第一存储器通过第二存储器与该终端设备间接连接。In another implementation manner, if the first storage is connected to the second storage and the second storage is directly connected to the terminal device, the first storage is indirectly connected to the terminal device through the second storage.

在该实施方式中,与终端设备直接连接的存储器具有信息处理能力,对于具有信息处理能力的存储器,可以称为母盘。与终端设备间接连接的存储器则可以不具有信息处理能力,通过连接的具有信息处理能力的存储器进行信息处理,对于不具有信息处理能力的存储器,可以称为子盘。子盘通过母盘与终端设备通信连接,这样可以节省成本。In this embodiment, the memory directly connected to the terminal device has an information processing capability, and the memory having the information processing capability may be referred to as a master disk. The memory indirectly connected to the terminal device may not have the information processing capability, and the information processing is performed through the connected memory with the information processing capability. For the memory without the information processing capability, it may be called a subdisk. The child disk communicates with the terminal device through the mother disk, which can save costs.

如图12所示的一种应用场景示意图,终端设备中可以安装应用程序“硬件钱包”731,终端设备730与第一存储器710直接连接,即该终端设备730与第一存储器710直接连接,第一存储器710与第二存储器720连接,这样,终端设备730与第二存储器720间接连接。与终端设备直接连接的第一存储器具有信息处理能力,即第一存储器为母盘,第二存储器为子盘。As shown in a schematic diagram of an application scenario shown in FIG. 12, an application program "hardware wallet" 731 can be installed in a terminal device, and the terminal device 730 is directly connected to the first storage 710, that is, the terminal device 730 is directly connected to the first storage 710. A memory 710 is connected to the second memory 720, so that the terminal device 730 is indirectly connected to the second memory 720. The first memory directly connected to the terminal device has information processing capabilities, that is, the first memory is a mother disk, and the second memory is a child disk.

终端设备用于存储第三份子区块链私钥,第三份子区块链私钥包括:在待存储的区块链私钥被分解处理后所得到的第一预设数量的子区块链私钥中第三预设数量的子区块链私钥。The terminal device is used to store the third sub-blockchain private key. The third sub-blockchain private key includes: a first preset number of sub-blockchains obtained after the blockchain private key to be stored is decomposed and processed. The third preset number of private blockchain private keys.

其中,终端设备中存储的第三份子区块链私钥可以是存储于该终端设备本地,还可以是存储于该终端设备连接的云服务器。The third sub-blockchain private key stored in the terminal device may be stored locally on the terminal device, or may be stored on a cloud server connected to the terminal device.

作为本申请实施例的一种实施方式,上述终端设备具体可以用于按照门限算法,将所述待存储的区块链私钥划分为第一预设数量个子区块链私钥;按照所述门限算法,确定所 述第一存储设备和所述第二存储设备及自身对应的子区块链私钥。As an implementation manner of the embodiment of the present application, the terminal device may be specifically configured to divide the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a threshold algorithm; The threshold algorithm determines the first storage device, the second storage device, and the corresponding private blockchain private key.

作为本申请实施例的一种实施方式,上述终端设备还可以用于在所述将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥之前,显示数量设置提示信息;获取用户基于所述数量设置提示信息设置的第一预设数量。As an implementation manner of the embodiment of the present application, the foregoing terminal device may be further configured to divide the private blockchain key to be stored into a first preset number of sub-blockchain private keys according to a preset manner in the preset manner. Displaying the number setting prompt information; obtaining a first preset number set by the user based on the number setting prompt information.

为了进一步地提高区块链私钥存储的安全性,作为本申请实施例的一种实施方式,上述终端设备具体可以用于对所得到的子区块链私钥进行加密处理。一种实施方式中,终端设备用于利用预设加密算法分别对第一份子区块链私钥、第二份子区块链私钥和第三份子区块链私钥进行加密处理,并获取预设加密算法的目标密钥。In order to further improve the security of the blockchain private key storage, as an implementation of the embodiment of the present application, the above-mentioned terminal device may be specifically used to perform encryption processing on the obtained sub-blockchain private key. In one embodiment, the terminal device is configured to use a preset encryption algorithm to encrypt the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key respectively, and obtain a pre- Set the target key of the encryption algorithm.

终端设备还可以用于对目标密钥进行分解处理,得到目标数量的目标子密钥;从所得到的目标子密钥中,将第四数量的目标子密钥确定为第一份目标子密钥,将第五数量的目标子密钥确定为第二份目标子密钥,将第六数量的目标子密钥确定为第三份目标子密钥;将第一份目标子密钥发送至第一存储器,将第二份目标子密钥发送至第二存储器,对第三份目标子密钥进行存储。The terminal device may also be used to decompose the target key to obtain the target number of target subkeys; and from the obtained target subkeys, determine the fourth number of target subkeys as the first target subkey. Key, determine the fifth target subkey as the second target subkey, and determine the sixth target subkey as the third target subkey; send the first target subkey to The first memory sends the second target subkey to the second memory, and stores the third target subkey.

相应的,第一存储器还可以存储第一份目标子密钥,第二存储器还可以存储第二份目标子密钥,终端设备还可以存储第三份目标子密钥。Correspondingly, the first memory may further store the first target subkey, the second memory may further store the second target subkey, and the terminal device may further store the third target subkey.

对于第一存储器,可以接收终端设备发送的第一份目标子密钥,并存储该第一份目标子密钥。对于第二存储器,可以接收终端设备发送的第二份目标子密钥,并存储该第二份目标子密钥。For the first memory, the first target subkey sent by the terminal device can be received, and the first target subkey is stored. For the second memory, a second target subkey sent by the terminal device may be received, and the second target subkey may be stored.

一种实施方式中,上述第一预设数量可以为三,第四数量、第五数量和第六数量均可以为二。In one embodiment, the first preset number may be three, and the fourth number, the fifth number, and the sixth number may be two.

作为本申请实施例的一种实施方式,终端设备具体可以用于利用预设加密算法对待存储的区块链私钥进行加密处理,得到加密处理后的区块链私钥;对加密处理后的密钥进行分解处理,得到第一预设数量的子区块链私钥;将第一预设数量的子区块链私钥中的第一数量的子区块链私钥确定为第一份子区块链私钥,将第一目预设数量的子区块链私钥中的第二数量的子区块链私钥确定为第二份子区块链私钥,将第一预设数量的子区块链私钥中的第三数量的子区块链私钥确定为第三份子区块链私钥。As an implementation manner of the embodiment of the present application, the terminal device may be specifically configured to perform encryption processing on the private blockchain key to be stored by using a preset encryption algorithm, to obtain the encrypted private blockchain key; The key is decomposed to obtain a first preset number of sub-blockchain private keys; the first number of sub-blockchain private keys of the first preset number of sub-blockchain private keys are determined as the first sub-key For the blockchain private key, the second number of sub-blockchain private keys in the first number of sub-blockchain private keys is determined as the second sub-blockchain private key, and the first preset number of The third sub-blockchain private key in the sub-blockchain private key is determined as the third sub-blockchain private key.

还可以用于获取预设加密算法的目标密钥,并对目标密钥进行分解处理,得到目标数量的目标子密钥,并将目标数量的目标子密钥中的第四数量的目标子密钥确定为第一份目标子密钥,将目标数量的目标子密钥中的第五数量的目标子密钥确定为第二份目标子密钥,将目标数量的目标子密钥中的第六数量的目标子密钥确定为第三份目标子密钥。It can also be used to obtain the target key of the preset encryption algorithm, decompose the target key to obtain the target number of target subkeys, and the fourth number of target subkeys among the target number of target subkeys. Key is determined as the first target subkey, the fifth number of target subkeys in the target number of target subkeys is determined as the second target subkey, and the first Six number of target subkeys are determined as the third target subkey.

将第一份子区块链私钥和第一份目标子密钥发送至第一存储器进行存储;将第二份子区块链私钥和第二份目标子密钥发送至第二存储器进行存储;将第三份子区块链私钥和第三份目标子密钥存储于本地。Send the first sub-blockchain private key and the first target sub-key to the first storage for storage; send the second sub-blockchain private key and the second target sub-key to the second storage for storage; Store the third sub-blockchain private key and the third target sub-key locally.

相应的,第一存储设备还可以用于保存第一份目标子密钥;第二存储设备还可以用于 保存第二份目标子密钥。Correspondingly, the first storage device can also be used to save the first target subkey; the second storage device can also be used to save the second target subkey.

作为本申请实施例的一种实施方式,终端设备具体可以用于利用预设加密算法对待存储的区块链私钥进行加密处理,得到加密处理后的区块链私钥;对加密处理后的区块链私钥进行分解处理,得到第一预设数量的子区块链私钥;将第一预设数量的子区块链私钥中的第一数量的子区块链私钥作为第一份子区块链私钥和目标密钥发送至第一存储器进行存储;将第一预设数量的子区块链私钥中的第二数量的子区块链私钥作为第二份子区块链私钥和目标密钥发送至第二存储器进行存储;将第一预设数量的子区块链私钥中的第三数量的子区块链私钥作为第三份子区块链私钥和目标密钥存储于本地;其中,目标密钥为预设加密算法的密钥。相应的,第一存储设备还用于保存目标密钥;第二存储设备还用于保存目标密钥。As an implementation manner of the embodiment of the present application, the terminal device may be specifically configured to perform encryption processing on the private blockchain key to be stored by using a preset encryption algorithm, to obtain the encrypted private blockchain key; The blockchain private key is decomposed to obtain a first preset number of sub-blockchain private keys; the first number of sub-blockchain private keys of the first preset number of sub-blockchain private keys are used as the first A sub-blockchain private key and target key are sent to the first memory for storage; a second number of sub-blockchain private keys in the first preset number of sub-blockchain private keys are used as the second sub-block The private chain key and the target key are sent to the second memory for storage; the third sub-block private key of the first preset number of sub-block private keys is used as the third sub-block private key and The target key is stored locally; the target key is a key of a preset encryption algorithm. Correspondingly, the first storage device is further configured to save the target key; the second storage device is further configured to save the target key.

作为本申请实施例的一种实施方式,终端设备还可以用于利用预设加密算法分别对第一份子区块链私钥、第二份子区块链私钥和第三份子区块链私钥进行加密处理,并获取预设加密算法对应的目标密钥;将目标密钥分别发送至第一存储器和第二存储器;并在本地存储目标密钥;第一存储器还用于接收终端设备发送的目标密钥,并存储目标密钥;第二存储器还用于接收终端设备发送的目标密钥,并存储目标密钥。As an implementation manner of the embodiment of the present application, the terminal device may be further configured to use a preset encryption algorithm to respectively encrypt the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key. Perform encryption processing, and obtain the target key corresponding to the preset encryption algorithm; send the target key to the first storage and the second storage respectively; and store the target key locally; the first storage is also used to receive the The target key, and stores the target key; the second memory is also used for receiving the target key sent by the terminal device, and storing the target key.

作为本申请实施例的一种实施方式,终端设备还可以在将待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥之前,与第一存储设备及第二存储设备建立连接;在分别与第一存储器、第二存储器建立连接之后,对第一存储器进行验证,对第二存储器进行验证;判断对所述第一存储设备的验证、对所述第二存储设备的验证是否均成功;当对第一存储器的验证、对第二存储器的验证均成功时,确定与第一存储器、第二存储器均匹配。如果否,与第一存储设备及第二存储设备断开连接。As an implementation manner of the embodiment of the present application, the terminal device may further divide the private key to be stored into a first preset number of sub-blockchain private keys with the first storage device and The second storage device establishes a connection; after establishing a connection with the first storage and the second storage respectively, the first storage is verified and the second storage is verified; the verification of the first storage device and the first storage are determined. Whether the verification of the two storage devices is successful; when the verification of the first storage and the verification of the second storage are both successful, it is determined to match with both the first storage and the second storage. If not, disconnect from the first storage device and the second storage device.

通过该实施方式,终端设备在进行区块链私钥存储之前,对第一存储器和第二存储器分别进行验证,只有在验证通过的情况下才可以认为终端设备与第一存储器、第二存储器匹配,才能继续存储操作。通过验证过程,提高了区块链私钥存储的安全性。With this implementation mode, the terminal device verifies the first memory and the second memory separately before storing the private key of the blockchain. Only when the verification succeeds can the terminal device be considered to match the first memory and the second memory. To continue the save operation. Through the verification process, the security of blockchain private key storage is improved.

作为本申请实施例的一种实施方式,上述终端设备具体可以用于将利用预设密钥进行加密处理的验证信息发送至所述目标存储器,以使得所述目标存储器利用本地存储的预设验证信息对所接收到的验证信息进行解密处理得到所述预设密钥,利用所述预设密钥对本地存储的目标标识进行加密处理,得到加密标识;获取所述加密标识,利用所述预设密钥对所述加密标识进行解密处理,得到解密后的待匹配标识,将所述待匹配标识与预设标识进行匹配,若匹配,则判定对所述目标存储器验证成功,其中,所述目标存储器为所述第一存储设备或所述第二存储设备,所述预设标识为预先存储的与所述目标存储器对应的标识。As an implementation manner of the embodiment of the present application, the above-mentioned terminal device may be specifically configured to send verification information for performing encryption processing by using a preset key to the target storage, so that the target storage uses a preset verification stored locally. The information performs decryption processing on the received verification information to obtain the preset key, and uses the preset key to encrypt the target identifier stored locally to obtain an encrypted identifier; to obtain the encrypted identifier, to use the preset identifier The key is used to decrypt the encrypted identifier to obtain the decrypted identifier to be matched, and the identifier to be matched is matched with a preset identifier. If the identifier is matched, the verification of the target memory is determined to be successful. The target storage is the first storage device or the second storage device, and the preset identifier is a pre-stored identifier corresponding to the target memory.

作为本申请实施例的一种实施方式,上述终端设备还可以用于当接收到区块链私钥获取指令时,获得所述第一存储设备中所存储的子区块链私钥,作为目标子区块链私钥;利 用本地所存储的子区块链私钥和所述目标子区块链私钥,恢复得到所述待存储的区块链私钥。As an implementation manner of the embodiment of the present application, the above-mentioned terminal device may be further configured to obtain a sub-blockchain private key stored in the first storage device as a target when receiving a blockchain private key acquisition instruction. Sub-blockchain private key; using the locally stored sub-blockchain private key and the target sub-blockchain private key to recover the block-chain private key to be stored.

作为本申请实施例的一种实施方式,上述区块链私钥获取指令可以为针对交易的交易确认指令;As an implementation manner of the embodiment of the present application, the above-mentioned blockchain private key acquisition instruction may be a transaction confirmation instruction for a transaction;

上述终端设备还可以用于在所述根据所获取的子区块链私钥恢复得到所述待存储的区块链私钥之后,基于所述目标区块链私钥对所述交易进行确认。The above-mentioned terminal device may be further configured to confirm the transaction based on the target blockchain private key after the blockchain private key to be stored is recovered according to the obtained sub-blockchain private key.

作为本申请实施例的一种实施方式,上述终端设备还可以用于在接收到针对所述交易的交易确认指令后,判断本地是否记录有所述第一存储设备的第一标识;若记录有所述第一标识,执行所述获得第一存储设备中所存储的子区块链私钥,作为目标子区块链私钥的步骤;若未记录所述第一标识,获得插拔电连接至所述第一存储设备的第二存储设备的第二标识;判断本地是否记录有所述第二标识;若记录有所述第二标识,获得所述第二存储设备中所存储的子区块链私钥,作为目标子区块链私钥。As an implementation manner of the embodiment of the present application, the terminal device may be further configured to determine whether a first identifier of the first storage device is recorded locally after receiving a transaction confirmation instruction for the transaction; if recorded, The first identifier executes the step of obtaining the sub-blockchain private key stored in the first storage device as the target sub-blockchain private key; if the first identifier is not recorded, obtaining a plug-in electrical connection A second identification to a second storage device of the first storage device; determining whether the second identification is recorded locally; and if the second identification is recorded, obtaining a subarea stored in the second storage device Blockchain private key, as the target subblockchain private key.

作为本申请实施例的一种实施方式,上述终端设备还可以用于在所述获得插拔电连接至所述第一存储设备的第二存储设备的第二标识之前,判断所述第一存储设备是否与所述第二存储设备插拔电连接;若所述第一存储设备未与所述第二存储设备插拔电连接,提示用户建立所述第一存储设备和所述第二存储设备的插拔电连接;在检测到所述第一存储设备与所述第二存储设备插拔电连接后,执行所述获得插拔电连接至所述第一存储设备的第二存储设备的第二标识的步骤。As an implementation manner of the embodiment of the present application, the foregoing terminal device may be further configured to determine the first storage device before obtaining the second identifier of the second storage device that is electrically connected to the first storage device. Whether the device is electrically connected to the second storage device; if the first storage device is not electrically connected to the second storage device, prompting the user to establish the first storage device and the second storage device After detecting that the first storage device is electrically connected to the second storage device, perform the first step of obtaining the second storage device that is electrically connected to the first storage device. Two identified steps.

作为本申请实施例的一种实施方式,上述终端设备还可以用于当本地未记录所述第二标识时,提示用户更换插拔电连接至所述第一存储设备的所述第二存储设备。As an implementation manner of the embodiment of the present application, the foregoing terminal device may be further configured to prompt the user to replace the second storage device that is electrically connected to the first storage device when the second identifier is not recorded locally. .

作为本申请实施例的一种实施方式,上述终端设备具体可以用于判断所述第一存储设备是否与所述第二存储设备插拔电连接;若所述第一存储设备未与所述第二存储设备插拔电连接,获得所述第一存储设备中所存储的子区块链私钥,作为目标子区块链私钥;若所述第一存储设备与所述第二存储设备插拔电连接,当所述终端设备中记录有所述第二存储设备的第二标识时,获得所述第一存储设备或所述第二存储设备中所存储的子区块链私钥,作为目标子区块链私钥。As an implementation manner of the embodiment of the present application, the terminal device may be specifically used to determine whether the first storage device is electrically connected to the second storage device; if the first storage device is not connected to the first storage device, The two storage devices are electrically connected to obtain the sub-blockchain private key stored in the first storage device as the target sub-blockchain private key; if the first storage device is plugged into the second storage device When unplugged, when the second identifier of the second storage device is recorded in the terminal device, the private key stored in the first storage device or the sub-blockchain in the second storage device is obtained as Target sub-blockchain private key.

作为本申请实施例的一种实施方式,上述终端设备具体可以用于判断所述第一存储设备是否为初始化设备;若不为初始化设备,获得所述第一存储设备中所存储的子区块链私钥;若为初始化设备,获得所述第二存储设备中所存储的子区块链私钥。As an implementation manner of the embodiment of the present application, the terminal device may be specifically used to determine whether the first storage device is an initialization device; if it is not an initialization device, obtain a sub-block stored in the first storage device. Chain private key; if it is an initialization device, obtain the sub-blockchain private key stored in the second storage device.

作为本申请实施例的一种实施方式,上述终端设备还可以用于当接收到数据恢复指令时,确定通信连接的所述第一存储设备的第一标识,并确定与所述第一存储设备插拔电连接的所述第二存储设备的第二标识;基于所述第一标识和所述第二标识,确定自身、所述第一存储设备和所述第二存储设备中待恢复数据的一个设备,作为目标设备;利用非目标存储介质所存储的子区块链私钥,恢复所述目标存储介质所需存储的子区块链私钥。As an implementation manner of the embodiment of the present application, the above-mentioned terminal device may be further configured to determine a first identifier of the first storage device that is communicatively connected when receiving a data recovery instruction, and determine a connection with the first storage device. Plug and unplug the second identifier of the second storage device that is electrically connected; based on the first identifier and the second identifier, determine the data to be restored in itself, the first storage device, and the second storage device. One device is used as the target device; the sub-blockchain private key stored in the non-target storage medium is used to recover the sub-blockchain private key required to be stored in the target storage medium.

作为本申请实施例的一种实施方式,上述终端设备具体可以用于判断本地是否记录有所述第一标识和所述第二标识;若记录有所述第一标识且未记录所述第二标识,确定所述第二存储设备为待恢复数据的目标设备;若记录有所述第二标识且未记录有所述第一标识,确定所述第一存储设备为待恢复数据的目标设备;若未记录有所述第二标识和所述第一标识,确定自身为待恢复数据的目标设备。As an implementation manner of the embodiment of the present application, the terminal device may be specifically configured to determine whether the first identifier and the second identifier are recorded locally; if the first identifier is recorded and the second identifier is not recorded; Identification, determining that the second storage device is a target device of data to be recovered; if the second identification is recorded and the first identification is not recorded, determining that the first storage device is a target device of data to be recovered; If the second identifier and the first identifier are not recorded, it is determined that it is the target device of the data to be recovered.

作为本申请实施例的一种实施方式,上述终端设备具体可以用于检测所述第二存储设备是否为初始化设备;若所述第二存储设备为初始化设备,确定所述第二存储设备为待恢复数据的目标设备。As an implementation manner of the embodiment of the present application, the terminal device may be specifically configured to detect whether the second storage device is an initialization device; and if the second storage device is an initialization device, determine that the second storage device is a standby device. Target device for data recovery.

作为本申请实施例的一种实施方式,上述终端设备还可以用于在接收到所述数据恢复指令之后,在所述确定通信连接的第一存储设备的第一标识,并确定与所述第一存储设备插拔电连接的第二存储设备的第二标识之前,检测是否与所述第一存储设备建立通信连接,且所述第一存储设备是否插拔电连接至所述第二存储设备;若否,提示用户建立与所述第一存储设备的通信连接,并提示用户将所述第一存储设备插拔电连接至所述第二存储设备。As an implementation manner of the embodiment of the present application, the foregoing terminal device may be further configured to, after receiving the data recovery instruction, determine a first identifier of a first storage device that is communicatively connected, and determine a connection with the first Before a storage device is plugged and unplugged to a second identification of a second storage device, it is detected whether a communication connection is established with the first storage device, and whether the first storage device is plugged and connected to the second storage device. ; If not, prompt the user to establish a communication connection with the first storage device, and prompt the user to electrically connect the first storage device to the second storage device.

参见图13,在本申请实施例中,终端设备730、第一存储设备710和第二存储设备720可以用于执行如下操作:Referring to FIG. 13, in the embodiment of the present application, the terminal device 730, the first storage device 710, and the second storage device 720 may be used to perform the following operations:

S1:终端设备730获得对目标数据进行分割所得到的第一子数据、第二子数据和第三子数据;S1: The terminal device 730 obtains the first sub data, the second sub data, and the third sub data obtained by segmenting the target data;

其中,目标数据即为上述待存储的区块链私钥,第一子数据、第二子数据和第三子数据分别为上述第一份子区块链私钥、第二份子区块链私钥以及第三份子区块链私钥。The target data is the private key of the blockchain to be stored, and the first sub data, the second sub data, and the third sub data are the first sub blockchain private key and the second sub blockchain private key, respectively. And the third private blockchain private key.

S2:终端设备730确定终端设备730、第一存储设备710和第二存储设备720待存储的子数据;S2: The terminal device 730 determines the sub-data to be stored by the terminal device 730, the first storage device 710, and the second storage device 720;

其中,通过终端设备730、第一存储设备710和第二存储设备720中任意两个设备待存储的子数据能够恢复得到目标数据。Among them, the target data can be recovered through the sub data to be stored by any two devices of the terminal device 730, the first storage device 710, and the second storage device 720.

S3:终端设备730将终端设备730待存储的子数据存储在终端设备730本地;S3: The terminal device 730 stores the sub-data to be stored in the terminal device 730 locally on the terminal device 730;

S4:终端设备730发送第一存储设备710和第二存储设备720待存储的子数据至第一存储设备710;S4: The terminal device 730 sends the sub data to be stored by the first storage device 710 and the second storage device 720 to the first storage device 710;

S5:第一存储设备710保存第一存储设备710待存储的子数据;S5: The first storage device 710 saves sub-data to be stored by the first storage device 710;

S6:第一存储设备710发送第二存储设备720待存储的子数据至第二存储设备720;S6: The first storage device 710 sends the sub-data to be stored by the second storage device 720 to the second storage device 720;

S7:第二存储设备720保存第一存储设备发送的、第二存储设备720待存储的子数据。S7: The second storage device 720 stores the sub data sent by the first storage device and to be stored by the second storage device 720.

参见图14,在图13所示实施例的基础上,终端设备730、第一存储设备710和第二存储设备720还可以用于执行如下操作:Referring to FIG. 14, based on the embodiment shown in FIG. 13, the terminal device 730, the first storage device 710, and the second storage device 720 can also be used to perform the following operations:

S8:终端设备730向第一存储设备710发送针对目标数据的恢复指令;S8: The terminal device 730 sends a recovery instruction for the target data to the first storage device 710;

S9:第一存储设备710利用第二预设加密算法,对第一存储设备710所存储的子数据进行加密,得到子数据加密文件;S9: The first storage device 710 uses a second preset encryption algorithm to encrypt the sub-data stored in the first storage device 710 to obtain a sub-data encrypted file;

S10:第一存储设备710向终端设备730发送该子数据加密文件;S10: The first storage device 710 sends the sub-data encrypted file to the terminal device 730;

S11:终端设备730基于第二预设加密算法对该子数据加密文件进行解密,得到第一存储设备710所存储的子数据;S11: The terminal device 730 decrypts the sub-data encrypted file based on the second preset encryption algorithm to obtain the sub-data stored by the first storage device 710.

S12:终端设备730利用第一存储设备所存储的子数据和终端设备本地存储的子数据,恢复目标数据。S12: The terminal device 730 recovers the target data by using the sub data stored in the first storage device and the sub data stored locally by the terminal device.

作为本申请实施例的一种实施方式,上述第一存储设备通过通用串行总线USB接口插拔电连接至所述第二存储设备;第一存储设备具体用于通过USB接口将第二份子区块链私钥发送给第二存储设备。As an implementation manner of the embodiment of the present application, the first storage device is electrically connected to the second storage device through a universal serial bus USB interface, and the first storage device is specifically configured to connect the second subarea through the USB interface The blockchain private key is sent to the second storage device.

作为本申请实施例的一种实施方式,终端设备具体用于通过无线通信方式,将第一存储设备和第二存储设备对应的子区块链私钥分别作为第一份子区块链私钥及第二份子区块链私钥发送至第一存储设备。As an implementation manner of the embodiment of the present application, the terminal device is specifically configured to use the wireless communication method to use the private key of the sub-blockchain corresponding to the first storage device and the second storage device as the first sub-blockchain private key and The second sub-blockchain private key is sent to the first storage device.

作为本申请实施例的一种实施方式,上述无线通信方式可以包括:蓝牙通信方式或近距离无线通信NFC通信方式。As an implementation manner of the embodiment of the present application, the foregoing wireless communication method may include a Bluetooth communication method or a short-range wireless communication NFC communication method.

作为本申请实施例的一种实施方式,上述第一存储设备可以包括接发模块和存储模块。该接发模块与该存储模块电连接。其中,该接发模块可以用于:接收终端设备发送的、第一存储设备和第二存储设备待存储的子数据,并将第二存储设备待存储的子数据发送给第二存储设备。该存储模块可以用于:保存接发模块接收到的、第一存储设备待存储的子数据。As an implementation manner of the embodiment of the present application, the foregoing first storage device may include a transceiver module and a storage module. The hair extension module is electrically connected to the storage module. The transceiver module may be configured to receive sub-data to be stored by the first storage device and the second storage device from the terminal device, and send the sub-data to be stored by the second storage device to the second storage device. The storage module may be configured to store the sub-data received by the transceiver module and to be stored by the first storage device.

也就是说,接发模块用于接收终端设备发送的第一份子区块链私钥及第二份子区块链私钥,并将第二份子区块链私钥发送给第二存储设备。存储模块用于保存第一份子区块链私钥。That is, the receiving module is configured to receive the first sub-blockchain private key and the second sub-blockchain private key sent by the terminal device, and send the second sub-blockchain private key to the second storage device. The storage module is used to save the first sub-blockchain private key.

作为本申请实施例的一种实施方式,上述第一存储设备还可以包括:供电模块和闪光灯模块。其中,接发模块、存储模块和闪光灯模块与供电模块电连接。该供电模块用于为第一存储设备的接发模块、存储模块和闪光灯模块供电。另外,当第一存储设备和第二存储设备处于电连接状态时,该供电模块还用于为第二存储设备的存储芯片供电。As an implementation manner of the embodiment of the present application, the foregoing first storage device may further include a power supply module and a flash module. The hair extension module, the storage module, and the flash module are electrically connected to the power supply module. The power supply module is used to supply power to the transceiver module, the storage module, and the flash module of the first storage device. In addition, when the first storage device and the second storage device are in an electrically connected state, the power supply module is further configured to supply power to a storage chip of the second storage device.

该闪光灯模块用于当接收到闪光灯开启指令时,启动闪光灯。该闪光灯模块可以包括发光条,该发光条可以设置在第一存储设备的外部轮廓。其中,当该闪光灯模块被启动时,该发光条处于点亮状态,提高了用户的视觉体验。The flash module is used to activate the flash when a flash-on instruction is received. The flash module may include a light emitting strip, and the light emitting strip may be disposed on an outer contour of the first storage device. Wherein, when the flash module is activated, the light-emitting bar is in a lit state, which improves a user's visual experience.

作为本申请实施例的一种实施方式,上述第一存储设备还可以包括:显示屏模块,也就是显示屏。该显示屏模块可以用于显示供电模块的剩余电量。这样,使用户可以在显示屏上看到供电模块的电量,进而可以决定是否对第一存储设备进行充电或更换电池,从而保证第一存储设备的正常使用。As an implementation manner of the embodiment of the present application, the foregoing first storage device may further include a display screen module, that is, a display screen. The display module can be used to display the remaining power of the power supply module. In this way, the user can see the power of the power supply module on the display screen, and then can decide whether to charge or replace the first storage device, thereby ensuring the normal use of the first storage device.

该显示屏模块还可以显示该终端设备的标识信息。这样,使得用户可以查看:与该第一存储设备建立无线通信连接的终端设备是否为用户想要连接的终端设备。当不是用户想 要连接的终端设备时,用户可以及时将想要连接的终端设备与该第一存储设备进行通信连接。其中,该终端设备的标识信息包括但并不局限于:用户给该终端设备设置的自定义名称、该终端设备的产品序列号和该终端设备的MAC(Media Access Control,媒体访问控制)地址。The display module may also display identification information of the terminal device. In this way, the user can check whether the terminal device that establishes a wireless communication connection with the first storage device is a terminal device that the user wants to connect. When it is not the terminal device to which the user wants to connect, the user can timely connect the terminal device to be connected with the first storage device in a communication connection. The identification information of the terminal device includes, but is not limited to, a custom name set by the user to the terminal device, a product serial number of the terminal device, and a MAC (Media Access Control) address of the terminal device.

该显示屏模块还可以显示该终端设备所执行的数字货币交易的交易金额。这样,使得用户可以通过第一存储设备中显示屏查看到数字货币交易的交易金额,便于用户确认交易金额是否正确。The display module can also display the transaction amount of digital currency transactions performed by the terminal device. In this way, the user can view the transaction amount of the digital currency transaction through the display screen in the first storage device, which is convenient for the user to confirm whether the transaction amount is correct.

相应于上述区块链私钥的存储方法,本申请实施例还提供了一种区块链私钥的存储装置。Corresponding to the foregoing method for storing a blockchain private key, an embodiment of the present application further provides a storage device for a blockchain private key.

下面对本申请实施例所提供的一种区块链私钥的存储装置进行介绍。The following describes a storage device for a blockchain private key provided in an embodiment of the present application.

如图15所示,一种区块链私钥的存储装置,应用于终端设备,所述装置包括:As shown in FIG. 15, a blockchain private key storage device is applied to a terminal device, and the device includes:

区块链私钥获取模块1510,用于获取待存储的区块链私钥;Blockchain private key acquisition module 1510, configured to obtain the blockchain private key to be stored;

区块链私钥划分模块1520,用于将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥;A blockchain private key division module 1520, configured to divide the blockchain private key to be stored into a first preset number of sub-blockchain private keys in a preset manner;

其中,所述第一预设数量不小于3。The first preset number is not less than three.

区块链私钥存储模块1530,用于将所述子区块链私钥存储于第二预设数量个存储介质中。The blockchain private key storage module 1530 is configured to store the sub-blockchain private key in a second preset number of storage media.

其中,每个存储介质存储第三预设数量个子区块链私钥,所述第三预设数量大于1且小于第一预设数量,所述每个存储介质存储的子区块链私钥不完全相同。Each storage medium stores a third preset number of sub-blockchain private keys, the third preset number is greater than 1 and less than the first preset number, and the sub-blockchain private keys stored in each storage medium Not exactly the same.

可见,本申请实施例所提供的方案中,终端设备首先获取待存储的区块链私钥,将待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥,其中,第一预设数量不小于3,然后将子区块链私钥存储于第二预设数量个存储介质中,其中,每个存储介质存储第三预设数量个子区块链私钥,第三预设数量大于1且小于第一预设数量,每个存储介质存储的子区块链私钥不完全相同。这样,由于区块链私钥不是完整地存储于一个存储介质,即使某一个存储介质中的子区块链私钥丢失或被盗取,由于其并不完整,所以也不会对用户的财产安全造成影响,区块链私钥存储的安全性大大提高。It can be seen that, in the solution provided by the embodiment of the present application, the terminal device first obtains the private key of the blockchain to be stored, and divides the private key of the blockchain to be stored into a first preset number of sub-blockchain private keys in a preset manner. Key, where the first preset number is not less than 3, and then the sub-blockchain private key is stored in a second preset number of storage media, where each storage medium stores a third preset number of sub-blockchain private keys Key, the third preset number is greater than 1 and less than the first preset number, and the sub-blockchain private keys stored in each storage medium are not exactly the same. In this way, because the private key of the blockchain is not completely stored in a storage medium, even if the private key of the sub-blockchain in a certain storage medium is lost or stolen, because it is not complete, it will not affect the user's property. Security has an impact, and the security of blockchain private key storage is greatly improved.

作为本申请实施例的一种实施方式,上述区块链私钥划分模块1520可以包括:As an implementation manner of the embodiment of the present application, the above-mentioned blockchain private key division module 1520 may include:

第一区块链私钥划分单元,用于按照门限算法,将所述待存储的区块链私钥划分为第一预设数量个子区块链私钥;A first blockchain private key division unit, configured to divide the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a threshold algorithm;

上述区块链私钥存储模块1530可以包括:The above-mentioned blockchain private key storage module 1530 may include:

第一区块链私钥存储单元,用于按照所述门限算法,将所述子区块链私钥存储于第二预设数量个存储介质中。The first blockchain private key storage unit is configured to store the sub-blockchain private key in a second preset number of storage media according to the threshold algorithm.

作为本申请实施例的一种实施方式,上述装置还可以包括:As an implementation manner of an embodiment of the present application, the foregoing apparatus may further include:

提示信息显示模块,用于在所述将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥之前,显示数量设置提示信息;A prompt information display module, configured to display the number setting prompt information before the blockchain private key to be stored is divided into a first preset number of sub-blockchain private keys in a preset manner;

数量获取模块,用于获取用户基于所述数量设置提示信息设置的第一预设数量及第二预设数量。The quantity obtaining module is configured to obtain a first preset quantity and a second preset quantity set by the user based on the quantity setting prompt information.

作为本申请实施例的一种实施方式,上述装置还可以包括:As an implementation manner of an embodiment of the present application, the foregoing apparatus may further include:

子区块链私钥获取模块,用于当接收到区块链私钥获取指令时,从第四预设数量个所述存储介质中获取其所存储的子区块链私钥,其中,所述第四预设数量小于所述第二预设数量;A sub-blockchain private key acquisition module is configured to obtain a sub-blockchain private key stored from a fourth preset number of the storage media when a block-chain private key acquisition instruction is received. The fourth preset number is less than the second preset number;

区块链私钥恢复模块,用于根据所获取的子区块链私钥恢复得到所述待存储的区块链私钥。The block chain private key recovery module is configured to recover the block chain private key to be stored according to the obtained sub block chain private key.

作为本申请实施例的一种实施方式,上述存储介质为同一物理设备中的不同存储介质;As an implementation manner of an embodiment of the present application, the foregoing storage media are different storage media in a same physical device;

或,or,

上述存储介质为不同物理设备中的存储介质;The storage medium is a storage medium in different physical devices;

或,or,

上述存储介质中一部分为同一物理设备中的不同存储介质,其余为不同物理设备中的存储介质。Some of the storage media are different storage media in the same physical device, and the rest are storage media in different physical devices.

作为本申请实施例的一种实施方式,上述第二预设数量为3,上述存储介质为终端设备中的存储介质、第一存储设备中的存储介质及第二存储设备中的存储介质;As an implementation manner of the embodiment of the present application, the second preset number is 3, and the storage medium is a storage medium in the terminal device, a storage medium in the first storage device, and a storage medium in the second storage device;

上述区块链私钥存储模块1530可以包括:The above-mentioned blockchain private key storage module 1530 may include:

子区块链私钥确定单元,用于从所得到的子区块链私钥中,将第一数量的子区块链私钥确定为第一份子区块链私钥,将第二数量的子区块链私钥确定为第二份子区块链私钥,将第三数量的子区块链私钥确定为第三份子区块链私钥;The sub-blockchain private key determination unit is configured to determine the first number of sub-blockchain private keys from the obtained sub-blockchain private keys as the first sub-blockchain private key, and the second number of The sub-blockchain private key is determined as the second sub-blockchain private key, and the third number of sub-blockchain private keys are determined as the third sub-blockchain private key;

第二区块链私钥存储单元,用于将所述第一份子区块链私钥发送至所述第一存储设备进行存储,将所述第二份子区块链私钥发送至所述第二存储设备进行存储,将所述第三份子区块链私钥存储在本地。A second blockchain private key storage unit is configured to send the first sub-blockchain private key to the first storage device for storage, and send the second sub-blockchain private key to the first Two storage devices perform storage, and the third sub-blockchain private key is stored locally.

作为本申请实施例的一种实施方式,上述区块链私钥划分模块1520可以包括:As an implementation manner of the embodiment of the present application, the above-mentioned blockchain private key division module 1520 may include:

第一加密单元,用于利用预设加密算法对待存储的区块链私钥进行加密处理,得到加密处理后的区块链私钥;A first encryption unit, configured to perform encryption processing on the blockchain private key to be stored by using a preset encryption algorithm to obtain the encrypted blockchain private key;

第二区块链私钥划分单元,用于对加密处理后的区块链私钥按照预设方式进行分解处理,得到所述第一预设数量的子区块链私钥;A second blockchain private key division unit, configured to decompose the encrypted blockchain private key in a preset manner to obtain the first preset number of sub-blockchain private keys;

上述第二区块链私钥存储单元可以包括:The above-mentioned second blockchain private key storage unit may include:

第一密钥确定子单元,用于获取所述预设加密算法的目标密钥,并对所述目标密钥进行分解处理,得到目标数量的目标子密钥;A first key determining subunit, configured to obtain a target key of the preset encryption algorithm, and perform decomposition processing on the target key to obtain a target number of target subkeys;

第一子密钥划分子单元,用于将所述目标数量的目标子密钥中的第四数量的目标子密钥确定为第一份目标子密钥,将所述目标数量的目标子密钥中的第五数量的目标子密钥确定为第二份目标子密钥,将所述目标数量的目标子密钥中的第六数量的目标子密钥确定为第三份目标子密钥;A first sub-key division sub-unit, configured to determine a fourth number of target sub-keys among the target number of target sub-keys as the first target sub-key, and set the target number of target sub-keys The fifth number of target subkeys in the key is determined as the second target subkey, and the sixth number of target subkeys in the target number of target subkeys is determined as the third target subkey. ;

第一区块链私钥存储子单元,用于将所述第一份子区块链私钥和所述第一份目标子密钥发送至所述第一存储设备进行存储;将所述第二份子区块链私钥和所述第二份目标子密钥发送至所述第二存储设备进行存储;将所述第三份子区块链私钥和所述第三份目标子密钥存储于本地。A first blockchain private key storage subunit, configured to send the first subblockchain private key and the first target subkey to the first storage device for storage; and store the second Send the private blockchain private key and the second target subkey to the second storage device for storage; store the third private blockchain private key and the third target subkey in local.

作为本申请实施例的一种实施方式,上述第二区块链私钥存储单元可以包括:As an implementation manner of the embodiment of the present application, the second blockchain private key storage unit may include:

第一加密子单元,用于利用预设加密算法分别对所述第一份子区块链私钥、所述第二份子区块链私钥和所述第三份子区块链私钥进行加密处理;The first encryption subunit is configured to encrypt the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key using a preset encryption algorithm, respectively. ;

第二子密钥确定子单元,用于获取所述预设加密算法的目标密钥,并对所述目标密钥进行分解处理,得到目标数量的目标子密钥;A second subkey determination subunit, configured to obtain a target key of the preset encryption algorithm, and perform decomposition processing on the target key to obtain a target number of target subkeys;

第二子密钥划分子单元,用于将所述目标数量的目标子密钥中的第四数量的目标子密钥确定为第一份目标子密钥,将所述目标数量的目标子密钥中的第五数量的目标子密钥确定为第二份目标子密钥,将所述目标数量的目标子密钥中的第六数量的目标子密钥确定为第三份目标子密钥;A second sub-key division sub-unit, configured to determine a fourth number of target sub-keys among the target number of target sub-keys as a first target sub-key, and set the target number of target sub-keys The fifth number of target subkeys in the key is determined as the second target subkey, and the sixth number of target subkeys in the target number of target subkeys is determined as the third target subkey. ;

第二区块链私钥存储子单元,用于将加密处理后的第一份子区块链私钥和所述第一份目标子密钥发送至所述第一存储设备进行存储,将加密处理后的第二份子区块链私钥和所述第二份目标子密钥发送至所述第二存储设备进行存储,将加密处理后的第三份子区块链私钥和所述第三份目标子密钥存储在本地。The second blockchain private key storage subunit is configured to send the first subblockchain private key and the first target subkey after encryption processing to the first storage device for storage, and perform the encryption processing. Send the second private sub-chain private key and the second target sub-key to the second storage device for storage, and encrypt the third private sub-chain private key and the third share The target subkey is stored locally.

作为本申请实施例的一种实施方式,上述子区块链私钥确定单元可以包括:As an implementation manner of the embodiment of the present application, the foregoing sub-blockchain private key determination unit may include:

第一加密子单元,用于利用预设加密算法对所述待存储的区块链私钥进行加密处理,得到加密处理后的区块链私钥;A first encryption subunit, configured to perform encryption processing on the blockchain private key to be stored by using a preset encryption algorithm to obtain the encrypted blockchain private key;

子区块链私钥确定子单元,用于对加密处理后的区块链私钥按照预设方式进行分解处理,得到所述第一预设数量的子区块链私钥;A sub-blockchain private key determination subunit, configured to decompose the encrypted private blockchain key in a preset manner to obtain the first preset number of sub-blockchain private keys;

上述第二区块链私钥存储单元可以包括:The above-mentioned second blockchain private key storage unit may include:

第一目标密钥获取子单元,用于获取所述预设加密算法的目标密钥;A first target key acquisition subunit, configured to acquire a target key of the preset encryption algorithm;

第三区块链私钥存储子单元,用于将所述第一份子区块链私钥和所述目标密钥发送至所述第一存储设备进行存储;将所述第二份子区块链私钥和所述目标密钥发送至所述第二存储设备进行存储;将所述第三份子区块链私钥和所述目标密钥存储于本地。A third blockchain private key storage subunit, configured to send the first sub-blockchain private key and the target key to the first storage device for storage; and store the second sub-blockchain The private key and the target key are sent to the second storage device for storage; the third sub-blockchain private key and the target key are stored locally.

作为本申请实施例的一种实施方式,上述第二区块链私钥存储单元包括:As an implementation manner of the embodiment of the present application, the second blockchain private key storage unit includes:

第二加密子单元,用于利用预设加密算法分别对所述第一份子区块链私钥、所述第二份子区块链私钥和所述第三份子区块链私钥进行加密处理;The second encryption subunit is configured to encrypt the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key by using a preset encryption algorithm, respectively. ;

第二目标密钥获取子单元,用于获取所述预设加密算法的目标密钥;A second target key acquisition subunit, configured to acquire a target key of the preset encryption algorithm;

第四区块链私钥存储子单元,用于将加密处理后的第一份子区块链私钥和所述目标密钥发送至所述第一存储设备进行存储,将加密处理后的第二份子区块链私钥和所述目标密钥发送至所述第二存储设备进行存储,将加密处理后的第三份子区块链私钥和所述目标密钥存储在本地。A fourth blockchain private key storage subunit, configured to send the first encrypted private blockchain subkey and the target key to the first storage device for storage, and store the second encrypted cryptographic key The private blockchain private key and the target key are sent to the second storage device for storage, and the third private blockchain private key and the target key after encryption processing are stored locally.

作为本申请实施例的一种实施方式,上述装置还可以包括:As an implementation manner of an embodiment of the present application, the foregoing apparatus may further include:

连接建立模块,用于在上述将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥的步骤之前,与第一存储设备及第二存储设备建立连接;A connection establishment module, configured to communicate with the first storage device and the second storage device before the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys in a preset manner. establish connection;

验证模块,用于对所述第一存储设备进行验证,对所述第二存储设备进行验证;A verification module, configured to verify the first storage device and verify the second storage device;

判断模块,用于判断对所述第一存储设备的验证、对所述第二存储设备的验证是否均成功;A judging module, configured to judge whether verification of the first storage device and verification of the second storage device are successful;

匹配判定模块,用于如果对所述第一存储设备的验证、对所述第二存储设备的验证均成功,判定与所述第一存储设备及所述第二存储设备均匹配;A matching determination module, configured to determine that both the first storage device and the second storage device match if the verification of the first storage device and the verification of the second storage device are successful;

连接断开模块,有用于如果对所述第一存储设备的验证、对所述第二存储设备的验证不均成功,与所述第一存储设备及所述第二存储设备断开连接。The connection disconnection module is used to disconnect the first storage device and the second storage device if the verification of the first storage device and the verification of the second storage device are not uniformly successful.

作为本申请实施例的一种实施方式,上述验证模块可以包括:As an implementation manner of the embodiment of the present application, the verification module may include:

验证单元,用于将利用预设密钥进行加密处理的验证信息发送至所述目标存储设备,以使得所述目标存储设备利用本地存储的预设验证信息对所接收到的验证信息进行解密处理得到所述预设密钥,利用所述预设密钥对本地存储的目标标识进行加密处理,得到加密标识;获取所述加密标识,利用所述预设密钥对所述加密标识进行解密处理,得到解密后的待匹配标识,将所述待匹配标识与预设标识进行匹配,若匹配,则判定对所述目标存储设备验证成功;A verification unit, configured to send verification information that is encrypted using a preset key to the target storage device, so that the target storage device decrypts the received verification information by using the preset verification information stored locally Obtain the preset key, use the preset key to perform encryption processing on a locally stored target identifier to obtain an encrypted identifier; obtain the encrypted identifier, and use the preset key to decrypt the encrypted identifier To obtain the decrypted to-be-matched identifier, match the to-be-matched identifier with a preset identifier, and if it matches, determine that the target storage device is successfully verified;

其中,所述目标存储设备为所述第一存储设备或所述第二存储设备所述预设标识为预先存储的与所述目标存储设备对应的标识。Wherein, the target storage device is the first storage device or the second storage device, and the preset identifier is a previously stored identifier corresponding to the target storage device.

本申请实施例还提供了一种区块链私钥的恢复装置。下面对本申请实施例所提供的第一种区块链私钥的恢复装置进行介绍。An embodiment of the present application further provides a device for recovering a private key of a blockchain. The first type of blockchain private key recovery device provided in the embodiments of the present application is described below.

如图16所示,一种区块链私钥的恢复装置,应用于终端设备,所述装置包括:As shown in FIG. 16, a device for recovering a private key of a blockchain is applied to a terminal device, and the device includes:

子区块链私钥获取模块1610,用于当接收到区块链私钥获取指令时,从第二预设数量个存储介质中的第四预设数量个存储介质中获取其所存储的子区块链私钥;A sub-blockchain private key acquisition module 1610 is configured to obtain a stored sub-key from a fourth preset number of storage media from a second preset number of storage media when a blockchain private key acquisition instruction is received. Blockchain private key;

其中,每个存储介质中存储有第一预设数量个子区块链私钥中的第三预设数量个子区块链私钥,所述每个存储介质存储的子区块链私钥不完全相同,所述子区块链私钥为将待存储的区块链私钥按照预设方式划分得到的,所述第三预设数量小于所述第二预设数量。Wherein, each storage medium stores a third preset number of sub-blockchain private keys among the first preset number of sub-blockchain private keys, and the sub-blockchain private keys stored in each storage medium are incomplete Similarly, the sub-blockchain private key is obtained by dividing the blockchain private key to be stored in a preset manner, and the third preset number is less than the second preset number.

第一恢复模块1620,用于根据所获取的子区块链私钥恢复得到所述待存储的区块链私 钥,作为目标区块链私钥。The first recovery module 1620 is configured to recover the private blockchain key to be stored according to the obtained private blockchain private key as the target private blockchain key.

可见,在本申请实施例所公开的方案中,终端设备在当接收到区块链私钥获取指令时,从第二预设数量个存储介质中的第四预设数量个存储介质中获取其所存储的子区块链私钥,根据所获取的子区块链私钥恢复得到待存储的区块链私钥,作为目标区块链私钥。终端设备无需获取所有存储介质中存储的子区块链私钥便可以恢复得到待存储的区块链私钥,因此,在部分存储介质丢失的情况下也不会影响用户恢复得到待存储的区块链私钥,用户体验更好,且提高了虚拟钱包的安全性。It can be seen that, in the solution disclosed in the embodiment of the present application, when receiving a blockchain private key acquisition instruction, the terminal device acquires it from a fourth preset number of storage media from the second preset number of storage media. The stored private blockchain private key is recovered from the obtained private blockchain private key to obtain the private blockchain private key to be stored as the target private blockchain private key. The terminal device can recover the private blockchain key to be stored without acquiring all the private blockchain private keys stored in the storage medium. Therefore, the loss of some storage media will not affect the user's recovery of the area to be stored. Blockchain private key, better user experience, and improve the security of the virtual wallet.

作为本申请实施例的一种实施方式,上述第一恢复模块1620可以包括:As an implementation manner of the embodiment of the present application, the foregoing first recovery module 1620 may include:

第一恢复单元,用于按照门限算法,将所获取的子区块链私钥进行恢复处理,得到所述待存储的区块链私钥。The first recovery unit is configured to recover the obtained private blockchain private key according to a threshold algorithm to obtain the private blockchain private key to be stored.

作为本申请实施例的一种实施方式,上述区块链私钥获取指令可以为针对交易的交易确认指令;As an implementation manner of the embodiment of the present application, the above-mentioned blockchain private key acquisition instruction may be a transaction confirmation instruction for a transaction;

上述装置还可以包括:The above device may further include:

交易确认模块,用于在所述根据所获取的子区块链私钥恢复得到所述待存储的区块链私钥之后,基于所述目标区块链私钥对所述交易进行确认。A transaction confirmation module is configured to confirm the transaction based on the target blockchain private key after the blockchain private key to be stored is recovered according to the obtained sub-blockchain private key.

作为本申请实施例的一种实施方式,上述第二预设数量可以为3,存储介质为终端设备中的存储介质、第一存储设备中的存储介质及第二存储设备中的存储介质;As an implementation manner of the embodiment of the present application, the second preset number may be three, and the storage medium is a storage medium in the terminal device, a storage medium in the first storage device, and a storage medium in the second storage device;

上述子区块链私钥获取模块1610可以包括:The above-mentioned sub-blockchain private key acquisition module 1610 may include:

子区块链私钥获取单元,用于获得所述第一存储设备中所存储的子区块链私钥,作为目标子区块链私钥;A sub-blockchain private key obtaining unit, configured to obtain the sub-blockchain private key stored in the first storage device as a target sub-blockchain private key;

上述第一恢复模块1620可以包括The above-mentioned first recovery module 1620 may include

第二恢复单元,用于利用本地所存储的子区块链私钥和所述目标子区块链私钥,恢复得到所述待存储的区块链私钥。A second recovery unit is configured to recover the private blockchain private key to be stored by using the local private blockchain private key and the target private blockchain private key.

作为本申请实施例的一种实施方式,上述子区块链私钥获取单元可以包括:As an implementation manner of the embodiment of the present application, the above-mentioned sub-blockchain private key obtaining unit may include:

电连接判断子单元,用于判断所述第一存储设备是否与所述第二存储设备插拔电连接;An electrical connection judging subunit, configured to determine whether the first storage device is electrically connected to the second storage device;

第一子区块链私钥获取子单元,用于若所述第一存储设备未与所述第二存储设备插拔电连接,获得所述第一存储设备中所存储的子区块链私钥,作为目标子区块链私钥;The first sub-blockchain private key acquisition subunit is configured to obtain the sub-blockchain private storage stored in the first storage device if the first storage device is not electrically connected to the second storage device. Key, as the private key of the target sub-blockchain;

第二子区块链私钥获取子单元,用于若所述第一存储设备与所述第二存储设备插拔电连接,当所述终端设备中记录有所述第二存储设备的第二标识时,获得所述第一存储设备或所述第二存储设备中所存储的子区块链私钥,作为目标子区块链私钥。The second sub-blockchain private key acquisition subunit is configured to: if the first storage device is electrically connected to the second storage device, when the second storage device records the second storage device's second During the identification, the sub-blockchain private key stored in the first storage device or the second storage device is obtained as the target sub-blockchain private key.

作为本申请实施例的一种实施方式,上述子区块链私钥获取单元可以包括:As an implementation manner of the embodiment of the present application, the above-mentioned sub-blockchain private key obtaining unit may include:

初始化设备判断子单元,用于判断所述第一存储设备是否为初始化设备;An initialization device determination subunit, configured to determine whether the first storage device is an initialization device;

第三子区块链私钥获取子单元,用于若不为初始化设备,获得所述第一存储设备中所存储的子区块链私钥;A third sub-blockchain private key acquisition subunit, configured to obtain the sub-blockchain private key stored in the first storage device if it is not an initialization device;

第四子区块链私钥获取子单元,用于若为初始化设备,获得所述第二存储设备中所存储的子区块链私钥。The fourth sub-blockchain private key acquisition subunit is configured to, if it is an initialization device, obtain the sub-blockchain private key stored in the second storage device.

作为本申请实施例的一种实施方式,上述装置还可以包括:As an implementation manner of an embodiment of the present application, the foregoing apparatus may further include:

第一标识判断模块,用于在接收到针对所述交易的交易确认指令后,判断本地是否记录有所述第一存储设备的第一标识;A first identifier determining module, configured to determine whether a first identifier of the first storage device is recorded locally after receiving a transaction confirmation instruction for the transaction;

第一触发模块,用于若记录有所述第一标识,触发上述子区块链私钥获取单元;A first triggering module, configured to trigger the sub-blockchain private key acquisition unit if the first identifier is recorded;

标识获取模块,用于若未记录所述第一标识,获得插拔电连接至所述第一存储设备的第二存储设备的第二标识;An identifier obtaining module, configured to obtain a second identifier of a second storage device that is electrically connected to the first storage device if the first identification is not recorded;

第二标识判断模块,用于判断本地是否记录有所述第二标识;A second identifier determining module, configured to determine whether the second identifier is recorded locally;

获取模块,用于若记录有所述第二标识,获得所述第二存储设备中所存储的子区块链私钥,作为目标子区块链私钥。The obtaining module is configured to obtain the sub-blockchain private key stored in the second storage device as the target sub-blockchain private key if the second identifier is recorded.

作为本申请实施例的一种实施方式,上述装置还可以包括:As an implementation manner of an embodiment of the present application, the foregoing apparatus may further include:

电连接判断模块,用于在所述获得插拔电连接至所述第一存储设备的第二存储设备的第二标识之前,判断所述第一存储设备是否与所述第二存储设备插拔电连接;An electrical connection judging module, configured to determine whether the first storage device is plugged into or removed from the second storage device before the second identifier of the second storage device electrically connected to the first storage device is obtained; Electrical connection

第一提示模块,用于若所述第一存储设备未与所述第二存储设备插拔电连接,提示用户建立所述第一存储设备和所述第二存储设备的插拔电连接;A first prompting module, configured to prompt a user to establish a pluggable electrical connection between the first storage device and the second storage device if the first storage device is not electrically connected to the second storage device;

第二触发模块,用于在检测到所述第一存储设备与所述第二存储设备插拔电连接后,触发所述标识获取模块。A second triggering module is configured to trigger the identity acquisition module after detecting that the first storage device is electrically connected to the second storage device.

作为本申请实施例的一种实施方式,上述装置还可以包括:As an implementation manner of an embodiment of the present application, the foregoing apparatus may further include:

第二提示模块,用于当本地未记录所述第二标识时,提示用户更换插拔电连接至所述第一存储设备的所述第二存储设备。A second prompting module is configured to prompt the user to replace the second storage device electrically connected to the first storage device when the second identification is not recorded locally.

作为本申请实施例的一种实施方式,上述目标区块链私钥可以为私钥加密文件;As an implementation manner of the embodiment of the present application, the target blockchain private key may be a private key encrypted file;

上述交易确认模块可以包括:The above transaction confirmation module may include:

第一解密单元,用于利用预设的解密密钥对所述私钥加密文件进行解密,得到区块链私钥;A first decryption unit, configured to decrypt the private key encrypted file by using a preset decryption key to obtain a blockchain private key;

交易确认单元,用于利用所述区块链私钥对所述交易进行确认。A transaction confirmation unit is configured to confirm the transaction by using the blockchain private key.

作为本申请实施例的一种实施方式,上述子区块链私钥获取模块1610可以包括:As an implementation manner of the embodiment of the present application, the sub-blockchain private key obtaining module 1610 may include:

加密数据获取单元,用于获得所述第一存储设备中所存储的子区块链私钥对应的加密数据;An encrypted data obtaining unit, configured to obtain the encrypted data corresponding to the sub-blockchain private key stored in the first storage device;

第二解密单元,用于对所述加密数据进行解密,得到所述第一存储设备中所存储的子区块链私钥。A second decryption unit is configured to decrypt the encrypted data to obtain a sub-blockchain private key stored in the first storage device.

本申请实施例还提供了另一种区块链私钥的恢复装置。下面对本申请实施例所提供的第二种区块链私钥的恢复装置进行介绍。An embodiment of the present application also provides another device for recovering a private key of a blockchain. The following describes a second type of blockchain private key recovery device provided in an embodiment of the present application.

如图17所示,一种区块链私钥的恢复装置,应用于终端设备,所述装置包括:As shown in FIG. 17, a device for recovering a private key of a blockchain is applied to a terminal device, and the device includes:

目标存储介质确定模块1710,用于当接收到数据恢复指令时,从第二预设数量个存储介质中确定目标存储介质;A target storage medium determining module 1710, configured to determine a target storage medium from a second preset number of storage media when a data recovery instruction is received;

其中,每个存储介质中存储有第一预设数量个子区块链私钥中的第三预设数量个子区块链私钥,所述每个存储介质存储的子区块链私钥不完全相同,所述子区块链私钥为将待存储的区块链私钥按照预设方式划分得到的,所述第四预设数量小于所述第二预设数量。Wherein, each storage medium stores a third preset number of sub-blockchain private keys among the first preset number of sub-blockchain private keys, and the sub-blockchain private keys stored in each storage medium are incomplete Similarly, the private blockchain private key is obtained by dividing the private blockchain private key to be stored in a preset manner, and the fourth preset number is less than the second preset number.

第二恢复模块1720,用于利用所述第二预设数量个存储介质中的非目标存储介质所存储的子区块链私钥,恢复所述目标存储介质所需存储的子区块链私钥。A second recovery module 1720 is configured to recover a private sub-blockchain private key required by the target storage medium by using a private sub-blockchain private key stored in a non-target storage medium among the second preset number of storage media. key.

可见,在本申请实施例所公开的方案中,终端设备在当接收到数据恢复指令时,从第二预设数量个存储介质中确定目标存储介质,然后利用第二预设数量个存储介质中的非目标存储介质所存储的子区块链私钥,恢复目标存储介质所需存储的子区块链私钥。终端设备可以根据目标存储介质中存储的子区块链私钥便可以恢复得到非目标存储介质中存储的子区块链私钥,因此,在部分存储介质中的子区块链私钥丢失的情况下,可以恢复得到丢失的子区块链私钥,保证数据的完好,用户体验更好。It can be seen that, in the solution disclosed in the embodiment of the present application, when receiving a data recovery instruction, the terminal device determines a target storage medium from a second preset number of storage media, and then uses the second preset number of storage media to The sub-blockchain private key stored in the non-target storage medium is used to recover the sub-blockchain private key stored in the target storage medium. The terminal device can recover the sub-blockchain private key stored in the non-target storage medium according to the sub-blockchain private key stored in the target storage medium. Therefore, the sub-blockchain private key in some storage media is lost. Under the circumstances, the lost private blockchain private key can be recovered to ensure the integrity of the data and better user experience.

作为本申请实施例的一种实施方式,上述第二预设数量可以为3,所述存储介质为所述终端设备中的存储介质、第一存储设备中的存储介质及第二存储设备中的存储介质;As an implementation manner of the embodiment of the present application, the second preset number may be three, and the storage medium is a storage medium in the terminal device, a storage medium in the first storage device, and a storage medium in the second storage device. Storage medium

上述目标存储介质确定模块1710可以包括:The above-mentioned target storage medium determination module 1710 may include:

标识确定单元,用于确定通信连接的所述第一存储设备的第一标识,并确定与所述第一存储设备插拔电连接的所述第二存储设备的第二标识;An identifier determining unit, configured to determine a first identifier of the first storage device that is communicatively connected, and determine a second identifier of the second storage device that is electrically connected to the first storage device;

目标设备确定单元,用于基于所述第一标识和所述第二标识,确定自身、所述第一存储设备和所述第二存储设备中待恢复数据的一个设备,作为目标设备。A target device determining unit is configured to determine, based on the first identifier and the second identifier, one device of data to be recovered among itself, the first storage device, and the second storage device, as a target device.

作为本申请实施例的一种实施方式,上述目标设备确定单元可以包括:As an implementation manner of the embodiment of the present application, the target device determining unit may include:

标识判断子单元,用于判断本地是否记录有所述第一标识和所述第二标识;An identifier judging subunit, configured to determine whether the first identifier and the second identifier are recorded locally;

第一目标设备确定子单元,用于若记录有所述第一标识且未记录所述第二标识,确定所述第二存储设备为待恢复数据的目标设备;A first target device determining subunit, configured to determine, if the first identifier is recorded and the second identifier is not recorded, the second storage device as a target device of data to be recovered;

第二目标设备确定子单元,用于若记录有所述第二标识且未记录有所述第一标识,确定所述第一存储设备为待恢复数据的目标设备;A second target device determining subunit, configured to, if the second identifier is recorded and the first identifier is not recorded, determine the first storage device as a target device of data to be recovered;

第三目标设备确定子单元,用于若未记录有所述第二标识和所述第一标识,确定自身为待恢复数据的目标设备。The third target device determining subunit is configured to determine itself as a target device of data to be restored if the second identifier and the first identifier are not recorded.

作为本申请实施例的一种实施方式,上述第一目标设备确定子单元可以包括:As an implementation manner of the embodiment of the present application, the foregoing first target device determination subunit may include:

初始化检测子单元,用于检测所述第二存储设备是否为初始化设备;An initialization detection subunit, configured to detect whether the second storage device is an initialization device;

设备确定子单元,用于若所述第二存储设备为初始化设备,确定所述第二存储设备为待恢复数据的目标设备。The device determining subunit is configured to determine that the second storage device is a target device of data to be restored if the second storage device is an initialization device.

作为本申请实施例的一种实施方式,上述装置还可以包括:As an implementation manner of an embodiment of the present application, the foregoing apparatus may further include:

连接检测模块,用于在接收到所述数据恢复指令之后,在所述确定通信连接的第一存储设备的第一标识,并确定与所述第一存储设备插拔电连接的第二存储设备的第二标识之前,检测是否与所述第一存储设备建立通信连接,且所述第一存储设备是否插拔电连接至所述第二存储设备;A connection detection module, configured to, after receiving the data recovery instruction, determine a first identifier of a first storage device that is communicatively connected, and determine a second storage device that is electrically connected to the first storage device Detecting whether a communication connection is established with the first storage device and whether the first storage device is electrically connected to the second storage device before the second identification;

连接提示模块,用于若否,提示用户建立与所述第一存储设备的通信连接,并提示用户将所述第一存储设备插拔电连接至所述第二存储设备。The connection prompting module is configured to prompt the user to establish a communication connection with the first storage device if not, and prompt the user to electrically connect the first storage device to the second storage device.

本申请实施例还提供了一种终端设备,如图18所示,终端设备可以包括处理器1801、通信接口1802、存储器1803和通信总线1804,其中,处理器1801,通信接口1802,存储器1803通过通信总线1804完成相互间的通信,An embodiment of the present application further provides a terminal device. As shown in FIG. 18, the terminal device may include a processor 1801, a communication interface 1802, a memory 1803, and a communication bus 1804. The processor 1801, the communication interface 1802, and the memory 1803 pass through The communication bus 1804 completes communication with each other,

存储器1803,用于存放计算机程序;A memory 1803 for storing a computer program;

处理器1801,用于执行存储器1803上所存放的程序时,实现上述任一实施例所述的区块链私钥的存储方法或恢复方法。The processor 1801 is configured to implement a method for storing or recovering the private key of the blockchain according to any one of the foregoing embodiments when the program stored in the memory 1803 is executed.

可见,本申请实施例所提供的方案中,由于区块链私钥不是完整地存储于一个存储介质,即使某一个存储介质中的子区块链私钥丢失或被盗取,由于其并不完整,所以也不会对用户的财产安全造成影响,区块链私钥存储的安全性大大提高。It can be seen that, in the solution provided by the embodiment of the present application, since the private key of the blockchain is not completely stored in a storage medium, even if the private key of the sub-blockchain in a certain storage medium is lost or stolen, it is not Complete, so it will not affect the security of the user's property, and the security of blockchain private key storage is greatly improved.

上述终端设备提到的通信总线可以是外设部件互连标准(Peripheral Component Interconnect,PCI)总线或扩展工业标准结构(Extended Industry Standard Architecture,EISA)总线等。该通信总线可以分为地址总线、数据总线、控制总线等。为便于表示,图中仅用一条粗线表示,但并不表示仅有一根总线或一种类型的总线。The communication bus mentioned in the above terminal device may be a Peripheral Component Interconnect (PCI) bus or an Extended Industry Standard Architecture (EISA) bus, etc. The communication bus can be divided into an address bus, a data bus, a control bus, and the like. For ease of representation, the figure only uses a thick line to represent, but it does not mean that there is only one bus or one type of bus.

通信接口用于上述终端设备与其他设备之间的通信。The communication interface is used for communication between the terminal device and other devices.

存储器可以包括随机存取存储器(Random Access Memory,RAM),也可以包括非易失性存储器(Non-Volatile Memory,NVM),例如至少一个磁盘存储器。可选的,存储器还可以是至少一个位于远离前述处理器的存储装置。The memory may include random access memory (Random Access Memory, RAM), and may also include non-volatile memory (Non-Volatile Memory, NVM), such as at least one disk memory. Optionally, the memory may also be at least one storage device located far from the foregoing processor.

上述的处理器可以是通用处理器,包括中央处理器(Central Processing Unit,CPU)、网络处理器(Network Processor,NP)等;还可以是数字信号处理器(Digital Signal Processing,DSP)、专用集成电路(Application Specific Integrated Circuit,ASIC)、现场可编程门阵列(Field-Programmable Gate Array,FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件。The aforementioned processor may be a general-purpose processor, including a central processing unit (CPU), a network processor (NP), etc .; it may also be a digital signal processor (Digital Signal Processing, DSP), special integration Circuit (Application Specific Integrated Circuit, ASIC), Field-Programmable Gate Array (FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components.

本申请实施例还提供了一种计算机可读存储介质,所述计算机可读存储介质内存储有计算机程序,所述计算机程序被处理器执行时实现上述任一实施例所述的区块链私钥的存储方法或恢复方法。An embodiment of the present application further provides a computer-readable storage medium, where the computer-readable storage medium stores a computer program, and when the computer program is executed by a processor, the private blockchain according to any one of the foregoing embodiments is implemented. The key storage method or recovery method.

可见,本申请实施例所提供的方案中,由于区块链私钥不是完整地存储于一个存储介 质,即使某一个存储介质中的子区块链私钥丢失或被盗取,由于其并不完整,所以也不会对用户的财产安全造成影响,区块链私钥存储的安全性大大提高。It can be seen that, in the solution provided by the embodiment of the present application, since the private key of the blockchain is not completely stored in a storage medium, even if the private key of the sub-blockchain in a certain storage medium is lost or stolen, it is not Complete, so it will not affect the security of the user's property, and the security of blockchain private key storage is greatly improved.

本申请实施例还提供了一种计算机程序,该计算机程序用于在运行时执行上述任一实施例所述的区块链私钥的存储方法或恢复方法。An embodiment of the present application further provides a computer program, which is used to execute a method for storing or recovering a private key of a blockchain according to any one of the foregoing embodiments when running.

可见,本申请实施例所提供的方案中,由于区块链私钥不是完整地存储于一个存储介质,即使某一个存储介质中的子区块链私钥丢失或被盗取,由于其并不完整,所以也不会对用户的财产安全造成影响,区块链私钥存储的安全性大大提高。It can be seen that, in the solution provided by the embodiment of the present application, since the private key of the blockchain is not completely stored in a storage medium, even if the private key of the sub-blockchain in a certain storage medium is lost or stolen, it is not Complete, so it will not affect the security of the user's property, and the security of blockchain private key storage is greatly improved.

需要说明的是,对于上述系统、装置、终端设备、计算机可读存储介质以及计算机程序实施例而言,由于其基本相似于方法实施例,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。It should be noted that, for the foregoing system, device, terminal device, computer-readable storage medium, and computer program embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and the relevant parts refer to the method embodiment Partial description is sufficient.

进一步需要说明的是,在本文中,诸如第一和第二等之类的关系术语仅仅用来将一个实体或者操作与另一个实体或操作区分开来,而不一定要求或者暗示这些实体或操作之间存在任何这种实际的关系或者顺序。而且,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素的过程、方法、物品或者设备中还存在另外的相同要素。It should be further noted that in this article, relational terms such as first and second are only used to distinguish one entity or operation from another entity or operation, and do not necessarily require or imply these entities or operations There is any such actual relationship or order among them. Moreover, the terms "including", "comprising", or any other variation thereof are intended to encompass non-exclusive inclusion, such that a process, method, article, or device that includes a series of elements includes not only those elements but also those that are not explicitly listed Or other elements inherent to such a process, method, article, or device. Without more restrictions, the elements defined by the sentence "including a ..." do not exclude the existence of other identical elements in the process, method, article, or equipment including the elements.

本说明书中的各个实施例均采用相关的方式描述,各个实施例之间相同相似的部分互相参见即可,每个实施例重点说明的都是与其他实施例的不同之处。Each embodiment in this specification is described in a related manner, and the same or similar parts between the various embodiments can be referred to each other. Each embodiment focuses on the differences from other embodiments.

以上所述仅为本申请的较佳实施例而已,并不用以限制本申请,凡在本申请的精神和原则之内,所做的任何修改、等同替换、改进等,均应包含在本申请保护的范围之内。The above are only preferred embodiments of this application, and are not intended to limit this application. Any modification, equivalent replacement, or improvement made within the spirit and principles of this application shall be included in this application Within the scope of protection.

Claims (36)

一种区块链私钥的存储方法,其特征在于,应用于终端设备,所述方法包括:A method for storing a blockchain private key, which is characterized in that the method is applied to a terminal device, and the method includes: 获取待存储的区块链私钥;Obtain the blockchain private key to be stored; 将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥,其中,所述第一预设数量不小于3;Dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset manner, wherein the first preset number is not less than 3; 将所述子区块链私钥存储于第二预设数量个存储介质中,其中,每个存储介质存储第三预设数量个子区块链私钥,所述第三预设数量大于1且小于第一预设数量,所述每个存储介质存储的子区块链私钥不完全相同。Storing the sub-blockchain private key in a second preset number of storage media, wherein each storage medium stores a third preset number of sub-blockchain private keys, the third preset number is greater than 1 and Less than the first preset number, the sub-blockchain private keys stored in each storage medium are not exactly the same. 如权利要求1所述的方法,其特征在于,所述将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥的步骤,包括:The method according to claim 1, wherein the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset method comprises: 按照门限算法,将所述待存储的区块链私钥划分为第一预设数量个子区块链私钥;Dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a threshold algorithm; 所述将所述子区块链私钥存储于第二预设数量个存储介质中的步骤,包括:The step of storing the sub-blockchain private key in a second preset number of storage media includes: 按照所述门限算法,将所述子区块链私钥存储于第二预设数量个存储介质中。According to the threshold algorithm, the sub-blockchain private key is stored in a second preset number of storage media. 如权利要求1所述的方法,其特征在于,在所述将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥的步骤之前,所述方法还包括:The method according to claim 1, wherein before the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset manner, the method The method also includes: 显示数量设置提示信息;Display quantity setting prompt information; 获取用户基于所述数量设置提示信息设置的第一预设数量及第二预设数量。A first preset number and a second preset number set by a user based on the number setting prompt information are acquired. 如权利要求1-3任一项所述的方法,其特征在于,The method according to any one of claims 1-3, wherein: 所述存储介质为同一物理设备中的不同存储介质;The storage media are different storage media in the same physical device; 或,or, 所述存储介质为不同物理设备中的存储介质;The storage medium is a storage medium in different physical devices; 或,or, 所述存储介质中一部分为同一物理设备中的不同存储介质,其余为不同物理设备中的存储介质。Some of the storage media are different storage media in the same physical device, and the rest are storage media in different physical devices. 如权利要求4所述的方法,其特征在于,所述第二预设数量为3,所述存储介质为所述终端设备中的存储介质、第一存储设备中的存储介质及第二存储设备中的存储介质;The method according to claim 4, wherein the second preset number is three, and the storage medium is a storage medium in the terminal device, a storage medium in the first storage device, and a second storage device Storage medium 所述将所述子区块链私钥存储于第二预设数量个存储介质中的步骤,包括:The step of storing the sub-blockchain private key in a second preset number of storage media includes: 从所得到的子区块链私钥中,将第一数量的子区块链私钥确定为第一份子区块链私钥,将第二数量的子区块链私钥确定为第二份子区块链私钥,将第三数量的子区块链私钥确定为第三份子区块链私钥;From the obtained sub-blockchain private keys, determine the first number of sub-blockchain private keys as the first sub-blockchain private key, and determine the second number of sub-blockchain private keys as the second sub-block. Blockchain private key, determine the third number of subblockchain private keys as the third subblockchain private key; 将所述第一份子区块链私钥发送至所述第一存储设备进行存储,将所述第二份子区块链私钥发送至所述第二存储设备进行存储,将所述第三份子区块链私钥存储在本地。Send the first sub-blockchain private key to the first storage device for storage, send the second sub-blockchain private key to the second storage device for storage, and send the third sub-block The blockchain private key is stored locally. 根据权利要求5所述的方法,其特征在于,所述将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥的步骤,包括:The method according to claim 5, wherein the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset method comprises: 利用预设加密算法对待存储的区块链私钥进行加密处理,得到加密处理后的区块链私钥;Encrypt the blockchain private key to be stored by using a preset encryption algorithm to obtain the encrypted blockchain private key; 对加密处理后的区块链私钥按照预设方式进行分解处理,得到所述第一预设数量的子区块链私钥;Decomposing the encrypted private blockchain key in a preset manner to obtain the first preset number of sub-blockchain private keys; 所述将所述第一份子区块链私钥发送至所述第一存储设备进行存储,将所述第二份子区块链私钥发送至所述第二存储设备进行存储,将所述第三份子区块链私钥存储在本地的步骤,包括:Sending the first sub-blockchain private key to the first storage device for storage, sending the second sub-blockchain private key to the second storage device for storage, and storing the first The steps of storing the three sub-blockchain private keys locally include: 获取所述预设加密算法的目标密钥,并对所述目标密钥进行分解处理,得到目标数量的目标子密钥;Obtaining a target key of the preset encryption algorithm, and performing decomposition processing on the target key to obtain a target number of target subkeys; 将所述目标数量的目标子密钥中的第四数量的目标子密钥确定为第一份目标子密钥,将所述目标数量的目标子密钥中的第五数量的目标子密钥确定为第二份目标子密钥,将所述目标数量的目标子密钥中的第六数量的目标子密钥确定为第三份目标子密钥;Determining a fourth number of target subkeys among the target number of target subkeys as the first target subkey, and determining a fifth number of target subkeys among the target number of target subkeys Determining a second target subkey, and determining a sixth number of target subkeys among the target number of target subkeys as a third target subkey; 将所述第一份子区块链私钥和所述第一份目标子密钥发送至所述第一存储设备进行存储;将所述第二份子区块链私钥和所述第二份目标子密钥发送至所述第二存储设备进行存储;将所述第三份子区块链私钥和所述第三份目标子密钥存储于本地。Sending the first sub-blockchain private key and the first target sub-key to the first storage device for storage; sending the second sub-blockchain private key and the second target The sub-key is sent to the second storage device for storage; the third sub-blockchain private key and the third target sub-key are stored locally. 根据权利要求5所述的方法,其特征在于,所述将所述第一份子区块链私钥发送至所述第一存储设备进行存储,将所述第二份子区块链私钥发送至所述第二存储设备进行存储,将所述第三份子区块链私钥存储在本地的步骤,包括:The method according to claim 5, wherein the first sub-blockchain private key is sent to the first storage device for storage, and the second sub-blockchain private key is sent to The step of storing by the second storage device and storing the third sub-blockchain private key locally includes: 利用预设加密算法分别对所述第一份子区块链私钥、所述第二份子区块链私钥和所述第三份子区块链私钥进行加密处理;Encrypting the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key using a preset encryption algorithm, respectively; 获取所述预设加密算法的目标密钥,并对所述目标密钥进行分解处理,得到目标数量的目标子密钥;Obtaining a target key of the preset encryption algorithm, and performing decomposition processing on the target key to obtain a target number of target subkeys; 将所述目标数量的目标子密钥中的第四数量的目标子密钥确定为第一份目标子密钥,将所述目标数量的目标子密钥中的第五数量的目标子密钥确定为第二份目标子密钥,将所述目标数量的目标子密钥中的第六数量的目标子密钥确定为第三份目标子密钥;Determining a fourth number of target subkeys among the target number of target subkeys as the first target subkey, and determining a fifth number of target subkeys among the target number of target subkeys Determining a second target subkey, and determining a sixth number of target subkeys among the target number of target subkeys as a third target subkey; 将加密处理后的第一份子区块链私钥和所述第一份目标子密钥发送至所述第一存储设备进行存储,将加密处理后的第二份子区块链私钥和所述第二份目标子密钥发送至所述第二存储设备进行存储,将加密处理后的第三份子区块链私钥和所述第三份目标子密钥存储在本地。Sending the encrypted first sub-blockchain private key and the first target sub-key to the first storage device for storage, and sending the encrypted second sub-blockchain private key and the The second target sub-key is sent to the second storage device for storage, and the third sub-blockchain private key after encryption processing and the third target sub-key are stored locally. 根据权利要求5所述的方法,其特征在于,所述将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥的步骤,包括:The method according to claim 5, wherein the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset method comprises: 利用预设加密算法对所述待存储的区块链私钥进行加密处理,得到加密处理后的区块链私钥;Encrypting the blockchain private key to be stored by using a preset encryption algorithm to obtain the encrypted blockchain private key; 对加密处理后的区块链私钥按照预设方式进行分解处理,得到所述第一预设数量的子 区块链私钥;Decomposing the encrypted private blockchain key in a preset manner to obtain the first preset number of sub-blockchain private keys; 所述将所述第一份子区块链私钥发送至所述第一存储设备进行存储,将所述第二份子区块链私钥发送至所述第二存储设备进行存储,将所述第三份子区块链私钥存储在本地的步骤,包括:Sending the first sub-blockchain private key to the first storage device for storage, sending the second sub-blockchain private key to the second storage device for storage, and storing the first The steps of storing the three sub-blockchain private keys locally include: 获取所述预设加密算法的目标密钥;Obtaining a target key of the preset encryption algorithm; 将所述第一份子区块链私钥和所述目标密钥发送至所述第一存储设备进行存储;将所述第二份子区块链私钥和所述目标密钥发送至所述第二存储设备进行存储;将所述第三份子区块链私钥和所述目标密钥存储于本地。Sending the first sub-blockchain private key and the target key to the first storage device for storage; sending the second sub-blockchain private key and the target key to the first Two storage devices for storing; storing the third sub-blockchain private key and the target key locally. 根据权利要求5所述的方法,其特征在于,将所述第一份子区块链私钥发送至所述第一存储设备进行存储,将所述第二份子区块链私钥发送至所述第二存储设备进行存储,将所述第三份子区块链私钥存储在本地的步骤,包括:The method according to claim 5, wherein the first sub-blockchain private key is sent to the first storage device for storage, and the second sub-blockchain private key is sent to the first The step of storing by the second storage device and storing the third sub-blockchain private key locally includes: 利用预设加密算法分别对所述第一份子区块链私钥、所述第二份子区块链私钥和所述第三份子区块链私钥进行加密处理;Encrypting the first sub-blockchain private key, the second sub-blockchain private key, and the third sub-blockchain private key using a preset encryption algorithm, respectively; 获取所述预设加密算法的目标密钥;Obtaining a target key of the preset encryption algorithm; 将加密处理后的第一份子区块链私钥和所述目标密钥发送至所述第一存储设备进行存储,将加密处理后的第二份子区块链私钥和所述目标密钥发送至所述第二存储设备进行存储,将加密处理后的第三份子区块链私钥和所述目标密钥存储在本地。Sending the encrypted first sub-blockchain private key and the target key to the first storage device for storage, and sending the encrypted second sub-blockchain private key and the target key Go to the second storage device for storage, and store the third sub-blockchain private key and the target key after encryption processing locally. 根据权利要求5所述的方法,其特征在于,在所述将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥的步骤之前,所述方法还包括:The method according to claim 5, characterized in that before the step of dividing the blockchain private key to be stored into a first preset number of sub-blockchain private keys in a preset manner, the method The method also includes: 与第一存储设备及第二存储设备建立连接;Establishing a connection with a first storage device and a second storage device; 对所述第一存储设备进行验证,对所述第二存储设备进行验证;Verifying the first storage device and verifying the second storage device; 判断对所述第一存储设备的验证、对所述第二存储设备的验证是否均成功;Determining whether the verification of the first storage device and the verification of the second storage device are successful; 如果是,判定与所述第一存储设备及所述第二存储设备均匹配;If yes, it is determined to match both the first storage device and the second storage device; 如果否,与所述第一存储设备及所述第二存储设备断开连接。If not, disconnect from the first storage device and the second storage device. 根据权利要求10所述的方法,其特征在于,对目标存储设备进行验证的方式,包括:The method according to claim 10, wherein the method for verifying the target storage device comprises: 将利用预设密钥进行加密处理的验证信息发送至所述目标存储设备,以使得所述目标存储设备利用本地存储的预设验证信息对所接收到的验证信息进行解密处理得到所述预设密钥,利用所述预设密钥对本地存储的目标标识进行加密处理,得到加密标识,其中,所述目标存储设备为所述第一存储设备或所述第二存储设备;Sending verification information for encryption processing using a preset key to the target storage device, so that the target storage device decrypts the received verification information by using the preset verification information stored locally to obtain the preset A key, which uses the preset key to encrypt a locally stored target identifier to obtain an encrypted identifier, wherein the target storage device is the first storage device or the second storage device; 获取所述加密标识,利用所述预设密钥对所述加密标识进行解密处理,得到解密后的待匹配标识,将所述待匹配标识与预设标识进行匹配,若匹配,则判定对所述目标存储设备验证成功,其中,所述预设标识为预先存储的与所述目标存储设备对应的标识。Obtaining the encrypted identifier, decrypting the encrypted identifier by using the preset key, obtaining the decrypted identifier to be matched, matching the identifier to be matched with the preset identifier, and if matching, determining whether to The target storage device is successfully verified, wherein the preset identifier is a pre-stored identifier corresponding to the target storage device. 一种区块链私钥的恢复方法,其特征在于,应用于终端设备,所述方法包括:A method for recovering a private key of a blockchain, which is characterized in that the method is applied to a terminal device, and the method includes: 当接收到区块链私钥获取指令时,从第二预设数量个存储介质中的第四预设数量个存储介质中获取其所存储的子区块链私钥,其中,每个存储介质中存储有第一预设数量个子区块链私钥中的第三预设数量个子区块链私钥,所述每个存储介质存储的子区块链私钥不完全相同,所述子区块链私钥为将待存储的区块链私钥按照预设方式划分得到的,所述第四预设数量小于所述第二预设数量;When a blockchain private key acquisition instruction is received, a sub-blockchain private key stored therein is obtained from a fourth preset number of storage media of the second preset number of storage media, where each storage medium A third preset number of sub-blockchain private keys are stored in the first preset number of sub-blockchain private keys, and the sub-blockchain private keys stored in each storage medium are not completely the same, and the sub-areas The blockchain private key is obtained by dividing the blockchain private key to be stored in a preset manner, and the fourth preset number is less than the second preset number; 根据所获取的子区块链私钥恢复得到所述待存储的区块链私钥,作为目标区块链私钥。According to the obtained private blockchain private key, the blockchain private key to be stored is obtained as the target private blockchain key. 如权利要求12所述的方法,其特征在于,所述根据所获取的子区块链私钥恢复得到所述待存储的区块链私钥的步骤,包括:The method according to claim 12, wherein the step of recovering the private blockchain private key to be stored according to the obtained private blockchain private key comprises: 按照门限算法,将所获取的子区块链私钥进行恢复处理,得到所述待存储的区块链私钥。According to the threshold algorithm, the obtained private blockchain private key is restored to obtain the private blockchain private key to be stored. 如权利要求12所述的方法,其特征在于,所述区块链私钥获取指令为针对交易的交易确认指令;The method of claim 12, wherein the blockchain private key acquisition instruction is a transaction confirmation instruction for a transaction; 在所述根据所获取的子区块链私钥恢复得到所述待存储的区块链私钥的步骤之后,所述方法还包括:After the step of recovering the blockchain private key to be stored according to the obtained sub-blockchain private key, the method further includes: 基于所述目标区块链私钥对所述交易进行确认。The transaction is confirmed based on the target blockchain private key. 如权利要求14所述的方法,其特征在于,所述第二预设数量为3,所述存储介质为所述终端设备中的存储介质、第一存储设备中的存储介质及第二存储设备中的存储介质;The method according to claim 14, wherein the second preset number is three, and the storage medium is a storage medium in the terminal device, a storage medium in the first storage device, and a second storage device Storage medium 所述从第二预设数量个存储介质中的第四预设数量个存储介质中获取其所存储的子区块链私钥的步骤,包括:The step of obtaining a stored private blockchain private key from a fourth preset number of storage media from the second preset number of storage media includes: 获得所述第一存储设备中所存储的子区块链私钥,作为目标子区块链私钥;Obtaining the sub-blockchain private key stored in the first storage device as a target sub-blockchain private key; 所述根据所获取的子区块链私钥恢复得到所述待存储的区块链私钥的步骤,包括:The step of recovering the blockchain private key to be stored according to the obtained private blockchain private key includes: 利用本地所存储的子区块链私钥和所述目标子区块链私钥,恢复得到所述待存储的区块链私钥。The private blockchain private key stored locally and the target private blockchain private key are used to recover the private blockchain private key to be stored. 如权利要求15所述的方法,其特征在于,所述获得第一存储设备中所存储的子区块链私钥,作为目标子区块链私钥的步骤,包括:The method according to claim 15, wherein the step of obtaining the sub-blockchain private key stored in the first storage device as the target sub-blockchain private key comprises: 判断所述第一存储设备是否与所述第二存储设备插拔电连接;Determining whether the first storage device is electrically connected to the second storage device; 若所述第一存储设备未与所述第二存储设备插拔电连接,获得所述第一存储设备中所存储的子区块链私钥,作为目标子区块链私钥;If the first storage device is not electrically connected to the second storage device, obtaining a sub-blockchain private key stored in the first storage device as a target sub-blockchain private key; 若所述第一存储设备与所述第二存储设备插拔电连接,当所述终端设备中记录有所述第二存储设备的第二标识时,获得所述第一存储设备或所述第二存储设备中所存储的子区块链私钥,作为目标子区块链私钥。If the first storage device is electrically connected to the second storage device, when the second identification of the second storage device is recorded in the terminal device, the first storage device or the first storage device is obtained. The sub-blockchain private key stored in the second storage device is used as the target sub-blockchain private key. 根据权利要求16所述的方法,其特征在于,所述获得所述第一存储设备或所述第二存储设备中所存储的子区块链私钥的步骤,包括:The method according to claim 16, wherein the step of obtaining the sub-blockchain private key stored in the first storage device or the second storage device comprises: 判断所述第一存储设备是否为初始化设备;Determining whether the first storage device is an initialization device; 若不为初始化设备,获得所述第一存储设备中所存储的子区块链私钥;If it is not an initialization device, obtaining the sub-blockchain private key stored in the first storage device; 若为初始化设备,获得所述第二存储设备中所存储的子区块链私钥。If it is an initialization device, obtain the sub-blockchain private key stored in the second storage device. 根据权利要求15所述的方法,其特征在于,在接收到针对所述交易的交易确认指令后,所述方法还包括:The method according to claim 15, wherein after receiving a transaction confirmation instruction for the transaction, the method further comprises: 判断本地是否记录有所述第一存储设备的第一标识;Determining whether a first identifier of the first storage device is recorded locally; 若记录有所述第一标识,触发所述获得第一存储设备中所存储的子区块链私钥,作为目标子区块链私钥的步骤;If the first identifier is recorded, triggering the step of obtaining the sub-blockchain private key stored in the first storage device as the target sub-blockchain private key; 若未记录所述第一标识,获得插拔电连接至所述第一存储设备的第二存储设备的第二标识;If the first identifier is not recorded, obtaining a second identifier of a second storage device that is electrically connected to the first storage device; 判断本地是否记录有所述第二标识;Determining whether the second identifier is recorded locally; 若记录有所述第二标识,获得所述第二存储设备中所存储的子区块链私钥,作为目标子区块链私钥。If the second identifier is recorded, the sub-blockchain private key stored in the second storage device is obtained as the target sub-blockchain private key. 根据权利要求18所述的方法,其特征在于,在所述获得插拔电连接至所述第一存储设备的第二存储设备的第二标识的步骤之前,所述方法还包括:The method according to claim 18, wherein before the step of obtaining a second identification of a second storage device electrically connected to the first storage device, the method further comprises: 判断所述第一存储设备是否与所述第二存储设备插拔电连接;Determining whether the first storage device is electrically connected to the second storage device; 若所述第一存储设备未与所述第二存储设备插拔电连接,提示用户建立所述第一存储设备和所述第二存储设备的插拔电连接;If the first storage device is not electrically connected to the second storage device, prompting the user to establish an electrical connection between the first storage device and the second storage device; 在检测到所述第一存储设备与所述第二存储设备插拔电连接后,触发所述获得插拔电连接至所述第一存储设备的第二存储设备的第二标识的步骤。After detecting that the first storage device is electrically connected to the second storage device, the step of obtaining a second identity of the second storage device electrically connected to the first storage device is triggered. 根据权利要求18所述的方法,其特征在于,当本地未记录所述第二标识时,所述方法还包括:The method according to claim 18, wherein when the second identifier is not recorded locally, the method further comprises: 提示用户更换插拔电连接至所述第一存储设备的所述第二存储设备。The user is prompted to replace the second storage device that is electrically connected to the first storage device. 一种区块链私钥的恢复方法,其特征在于,应用于终端设备,所述方法包括:A method for recovering a private key of a blockchain, which is characterized in that the method is applied to a terminal device, and the method includes: 当接收到数据恢复指令时,从第二预设数量个存储介质中确定目标存储介质,其中,每个存储介质中存储有第一预设数量个子区块链私钥中的第三预设数量个子区块链私钥,所述每个存储介质存储的子区块链私钥不完全相同,所述子区块链私钥为将待存储的区块链私钥按照预设方式划分得到的,所述第三预设数量小于所述第二预设数量;When a data recovery instruction is received, a target storage medium is determined from a second preset number of storage media, where each storage medium stores a third preset number of the first preset number of sub-blockchain private keys Sub-blockchain private keys, the sub-blockchain private keys stored in each storage medium are not exactly the same, and the sub-blockchain private keys are obtained by dividing the block chain private keys to be stored in a preset manner , The third preset number is less than the second preset number; 利用所述第二预设数量个存储介质中的非目标存储介质所存储的子区块链私钥,恢复所述目标存储介质所需存储的子区块链私钥。The sub-blockchain private key stored in the non-target storage medium among the second preset number of storage media is used to recover the sub-blockchain private key required to be stored in the target storage medium. 根据权利要求21所述的方法,其特征在于,所述第二预设数量为3,所述存储介质为所述终端设备中的存储介质、第一存储设备中的存储介质及第二存储设备中的存储介质;The method according to claim 21, wherein the second preset number is 3, and the storage medium is a storage medium in the terminal device, a storage medium in the first storage device, and a second storage device Storage medium 所述从第二预设数量个存储介质中确定目标存储介质的步骤,包括:The step of determining a target storage medium from the second preset number of storage media includes: 确定通信连接的所述第一存储设备的第一标识,并确定与所述第一存储设备插拔电连 接的所述第二存储设备的第二标识;Determining a first identifier of the first storage device that is communicatively connected, and determining a second identifier of the second storage device that is electrically connected to the first storage device; 基于所述第一标识和所述第二标识,确定自身、所述第一存储设备和所述第二存储设备中待恢复数据的一个设备,作为目标设备。Based on the first identifier and the second identifier, a device to be restored among itself, the first storage device, and the second storage device is determined as a target device. 根据权利要求22所述的方法,其特征在于,所述基于所述第一标识和所述第二标识,确定自身、所述第一存储设备和所述第二存储设备中待恢复数据的一个设备,作为目标设备的步骤,包括:The method according to claim 22, wherein, based on the first identifier and the second identifier, determining one of data to be restored among itself, the first storage device, and the second storage device. Device as a target device, including: 判断本地是否记录有所述第一标识和所述第二标识;Determining whether the first identifier and the second identifier are recorded locally; 若记录有所述第一标识且未记录所述第二标识,确定所述第二存储设备为待恢复数据的目标设备;If the first identifier is recorded and the second identifier is not recorded, determining that the second storage device is a target device of data to be recovered; 若记录有所述第二标识且未记录有所述第一标识,确定所述第一存储设备为待恢复数据的目标设备;If the second identifier is recorded and the first identifier is not recorded, determining that the first storage device is a target device of data to be recovered; 若未记录有所述第二标识和所述第一标识,确定自身为待恢复数据的目标设备。If the second identifier and the first identifier are not recorded, it is determined that it is the target device of the data to be recovered. 根据权利要求22所述的方法,其特征在于,所述确定所述第二存储设备为待恢复数据的目标设备的步骤,包括:The method according to claim 22, wherein the step of determining the second storage device as a target device of data to be recovered comprises: 检测所述第二存储设备是否为初始化设备;Detecting whether the second storage device is an initialization device; 若所述第二存储设备为初始化设备,确定所述第二存储设备为待恢复数据的目标设备。If the second storage device is an initialization device, it is determined that the second storage device is a target device of data to be recovered. 根据权利要求22-24中任一项所述的方法,其特征在于,在接收到所述数据恢复指令之后,在所述确定通信连接的第一存储设备的第一标识,并确定与所述第一存储设备插拔电连接的第二存储设备的第二标识的步骤之前,所述方法还包括:The method according to any one of claims 22 to 24, wherein after receiving the data recovery instruction, a first identifier of a first storage device that determines a communication connection is determined, and determines a connection with the first storage device. Before the step of inserting and removing the second identification of the second storage device electrically connected to the first storage device, the method further includes: 检测是否与所述第一存储设备建立通信连接,且所述第一存储设备是否插拔电连接至所述第二存储设备;Detecting whether a communication connection is established with the first storage device, and whether the first storage device is electrically connected to the second storage device; 若否,提示用户建立与所述第一存储设备的通信连接,并提示用户将所述第一存储设备插拔电连接至所述第二存储设备。If not, the user is prompted to establish a communication connection with the first storage device, and the user is prompted to electrically connect the first storage device to the second storage device. 一种区块链私钥的存储系统,其特征在于,所述系统包括第一存储设备和第二存储设备,所述第一存储设备和所述第二存储设备连接;A blockchain private key storage system, characterized in that the system includes a first storage device and a second storage device, and the first storage device is connected to the second storage device; 所述第一存储设备,用于存储第一份子区块链私钥,所述第一份子区块链私钥包括:待存储的区块链私钥被按照预设方式划分所得到的第一预设数量个子区块链私钥中第三预设数量个子区块链私钥;The first storage device is configured to store a first sub-blockchain private key, and the first sub-blockchain private key includes: a first obtained by dividing the private key of the blockchain to be stored in a preset manner; The third preset number of sub-blockchain private keys among the preset number of sub-blockchain private keys; 所述第二存储设备,用于存储第二份子区块链私钥,所述第二份子区块链私钥包括:待存储的区块链私钥被按照预设方式划分所得到的第一预设数量个子区块链私钥中第三预设数量个子区块链私钥;The second storage device is configured to store a second sub-blockchain private key, and the second sub-blockchain private key includes: a first obtained by dividing the private key of the blockchain to be stored in a preset manner; The third preset number of sub-blockchain private keys among the preset number of sub-blockchain private keys; 其中,所述第一预设数量不小于3,所述第三预设数量大于1且小于所述第一预设数量,所述第一份子区块链私钥包括的子区块链私钥与所述第二份子区块链私钥包括的子区块链私钥不完全相同,所述第一份子区块链私钥和所述第二份子区块链私钥能够得到所述 待存储密钥。The first preset number is not less than 3, the third preset number is greater than 1 and less than the first preset number, and the first sub-blockchain private key includes a sub-blockchain private key. The sub-blockchain private key included in the second sub-blockchain private key is not exactly the same, the first sub-blockchain private key and the second sub-blockchain private key can obtain the to-be-stored Key. 根据权利要求26所述的系统,其特征在于,所述系统还包括终端设备;The system according to claim 26, wherein the system further comprises a terminal device; 所述终端设备,用于获取所述待存储的区块链私钥,并将所述待存储的区块链私钥按照预设方式划分为第一预设数量个子区块链私钥,确定所述第一存储设备和所述第二存储设备及自身对应的子区块链私钥,将自身对应的子区块链私钥存储于本地,将所述第一存储设备和所述第二存储设备对应的子区块链私钥分别作为所述第一份子区块链私钥及所述第二份子区块链私钥发送至所述第一存储设备;The terminal device is configured to obtain the blockchain private key to be stored, and divide the blockchain private key to be stored into a first preset number of sub-blockchain private keys according to a preset manner, and determine The first storage device, the second storage device, and the sub-blockchain private key corresponding to itself, storing the sub-blockchain private key corresponding to itself locally, The sub-blockchain private key corresponding to the storage device is sent to the first storage device as the first sub-blockchain private key and the second sub-blockchain private key, respectively; 所述第一存储设备,具体用于接收所述终端设备发送的第一份子区块链私钥及所述第二份子区块链私钥,保存所述第一份子区块链私钥,并将所述第二份子区块链私钥发送给所述第二存储设备;The first storage device is specifically configured to receive the first sub-blockchain private key and the second sub-blockchain private key sent by the terminal device, save the first sub-blockchain private key, and Sending the second sub-blockchain private key to the second storage device; 所述第二存储设备,具体用于接收并保存所述第二份子区块链私钥。The second storage device is specifically configured to receive and save the second sub-blockchain private key. 根据权利要求27所述的系统,其特征在于,所述第一存储设备通过通用串行总线USB接口插拔电连接至所述第二存储设备;The system according to claim 27, wherein the first storage device is electrically connected to the second storage device through a universal serial bus USB interface; 所述第一存储设备,具体用于通过所述USB接口将所述第二份子区块链私钥发送给所述第二存储设备。The first storage device is specifically configured to send the second sub-blockchain private key to the second storage device through the USB interface. 根据权利要求28所述的系统,其特征在于,The system of claim 28, wherein: 所述终端设备,具体用于通过无线通信方式,将所述第一存储设备和所述第二存储设备对应的子区块链私钥分别作为所述第一份子区块链私钥及所述第二份子区块链私钥发送至所述第一存储设备。The terminal device is specifically configured to use the wireless communication method to use the sub-blockchain private key corresponding to the first storage device and the second storage device as the first sub-blockchain private key and the private key respectively. The second sub-blockchain private key is sent to the first storage device. 根据权利要求29所述的系统,其特征在于,所述无线通信方式包括:蓝牙通信方式或近距离无线通信NFC通信方式。The system according to claim 29, wherein the wireless communication method comprises a Bluetooth communication method or a short-range wireless communication NFC communication method. 根据权利要求27所述的系统,其特征在于,所述第一存储设备包括接发模块和存储模块;所述接发模块和所述存储模块电连接;The system according to claim 27, wherein the first storage device comprises a transceiver module and a memory module; the transceiver module is electrically connected to the memory module; 所述接发模块,用于接收所述终端设备发送的第一份子区块链私钥及所述第二份子区块链私钥,并将所述第二份子区块链私钥发送给所述第二存储设备;The receiving module is configured to receive the first sub-blockchain private key and the second sub-blockchain private key sent by the terminal device, and send the second sub-blockchain private key to all Mentioned second storage device; 所述存储模块,用于保存所述第一份子区块链私钥。The storage module is configured to store the first sub-blockchain private key. 根据权利要求31所述的系统,其特征在于,所述第一存储设备还包括供电模块和闪光灯模块;所述接发模块、所述存储模块和所述闪光灯模块与所述供电模块电连接;The system according to claim 31, wherein the first storage device further comprises a power supply module and a flash module; the hair extension module, the storage module, and the flash module are electrically connected to the power supply module; 所述供电模块,用于为所述接发模块、所述存储模块和所述闪光灯模块供电;The power supply module is configured to supply power to the hair extension module, the storage module, and the flash module; 所述闪光灯模块,用于当接收到闪光灯开启指令时,启动闪光灯。The flash module is configured to activate a flash when a flash start instruction is received. 根据权利要求32所述的系统,其特征在于,所述第一存储设备还包括显示屏;The system according to claim 32, wherein the first storage device further comprises a display screen; 所述显示屏,用于显示所述供电模块的剩余电量、所述终端设备的标识信息和所述终端设备所执行的数字货币交易的交易金额中的至少一项。The display screen is used to display at least one of the remaining power of the power supply module, identification information of the terminal device, and a transaction amount of a digital currency transaction performed by the terminal device. 一种终端设备,其特征在于,包括处理器、通信接口、存储器和通信总线,其中, 处理器,通信接口,存储器通过通信总线完成相互间的通信;A terminal device includes a processor, a communication interface, a memory, and a communication bus, wherein the processor, the communication interface, and the memory complete communication with each other through the communication bus; 存储器,用于存放计算机程序;Memory for storing computer programs; 处理器,用于执行存储器上所存放的程序时,实现权利要求1-11或12-20或21-25任一所述的方法步骤。The processor is configured to implement the method steps according to any one of claims 1-11 or 12-20 or 21-25 when executing a program stored in the memory. 一种计算机可读存储介质,其特征在于,所述计算机可读存储介质内存储有计算机程序,所述计算机程序被处理器执行时实现权利要求1-11或12-20或21-25任一所述的方法步骤。A computer-readable storage medium, characterized in that a computer program is stored in the computer-readable storage medium, and when the computer program is executed by a processor, any one of claims 1-11 or 12-20 or 21-25 is implemented. The method steps described. 一种计算机程序,其特征在于,所述计算机程序用于在运行时执行权利要求1-11或12-20或21-25任一项所述的方法步骤。A computer program, characterized in that the computer program is used to execute the method steps according to any one of claims 1-11 or 12-20 or 21-25 when running.
PCT/CN2019/105466 2018-09-28 2019-09-11 Block chain private key storage and recovery method, device and system Ceased WO2020063354A1 (en)

Applications Claiming Priority (12)

Application Number Priority Date Filing Date Title
CN201811142961.0A CN109088729B (en) 2018-09-28 2018-09-28 Key storage method and device
CN201811141408.5A CN109240858A (en) 2018-09-28 2018-09-28 Data recovery method and device, digital wallet equipment and readable storage medium
CN201811141434.8 2018-09-28
CN201811141594.2 2018-09-28
CN201811141408.5 2018-09-28
CN201811141594.2A CN109308609B (en) 2018-09-28 2018-09-28 Transaction confirmation method and device, digital wallet equipment and readable storage medium
CN201811141434.8A CN109302284B (en) 2018-09-28 2018-09-28 Hardware wallet
CN201811143070.7A CN109389397B (en) 2018-09-28 2018-09-28 Hardware wallet
CN201811143070.7 2018-09-28
CN201811142961.0 2018-09-28
CN201811141586.8A CN109379184A (en) 2018-09-28 2018-09-28 Block chain private key storage method and device and electronic equipment
CN201811141586.8 2018-09-28

Publications (1)

Publication Number Publication Date
WO2020063354A1 true WO2020063354A1 (en) 2020-04-02

Family

ID=69950015

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/105466 Ceased WO2020063354A1 (en) 2018-09-28 2019-09-11 Block chain private key storage and recovery method, device and system

Country Status (1)

Country Link
WO (1) WO2020063354A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230104585A1 (en) * 2020-05-20 2023-04-06 New H3C Technologies Co., Ltd. Method and Apparatus for Monitoring Software License Information, and Server and Storage Medium
US20240193587A1 (en) * 2022-02-07 2024-06-13 Capital One Services, Llc Knowledge-based authentication for asset wallets

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030026432A1 (en) * 2001-07-31 2003-02-06 Intel Corporation System and method for enhanced piracy protection in a wireless personal communication device
CN101236590A (en) * 2008-03-07 2008-08-06 北京邮电大学 A Realization Method of Software Segmentation Protection Based on Threshold Cryptosystem
CN105227566A (en) * 2015-10-16 2016-01-06 中国联合网络通信集团有限公司 Cipher key processing method, key handling device and key handling system
CN106027234A (en) * 2016-05-12 2016-10-12 山东渔翁信息技术股份有限公司 Key protection method
CN109088729A (en) * 2018-09-28 2018-12-25 北京金山安全软件有限公司 Key storage method and device
CN109240858A (en) * 2018-09-28 2019-01-18 北京金山安全软件有限公司 Data recovery method and device, digital wallet equipment and readable storage medium
CN109302284A (en) * 2018-09-28 2019-02-01 北京金山安全软件有限公司 Hardware wallet
CN109308609A (en) * 2018-09-28 2019-02-05 北京金山安全软件有限公司 Transaction confirmation method and device, digital wallet equipment and readable storage medium
CN109379184A (en) * 2018-09-28 2019-02-22 北京金山安全软件有限公司 Block chain private key storage method and device and electronic equipment
CN109389397A (en) * 2018-09-28 2019-02-26 北京金山安全软件有限公司 Hardware wallet

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030026432A1 (en) * 2001-07-31 2003-02-06 Intel Corporation System and method for enhanced piracy protection in a wireless personal communication device
CN101236590A (en) * 2008-03-07 2008-08-06 北京邮电大学 A Realization Method of Software Segmentation Protection Based on Threshold Cryptosystem
CN105227566A (en) * 2015-10-16 2016-01-06 中国联合网络通信集团有限公司 Cipher key processing method, key handling device and key handling system
CN106027234A (en) * 2016-05-12 2016-10-12 山东渔翁信息技术股份有限公司 Key protection method
CN109088729A (en) * 2018-09-28 2018-12-25 北京金山安全软件有限公司 Key storage method and device
CN109240858A (en) * 2018-09-28 2019-01-18 北京金山安全软件有限公司 Data recovery method and device, digital wallet equipment and readable storage medium
CN109302284A (en) * 2018-09-28 2019-02-01 北京金山安全软件有限公司 Hardware wallet
CN109308609A (en) * 2018-09-28 2019-02-05 北京金山安全软件有限公司 Transaction confirmation method and device, digital wallet equipment and readable storage medium
CN109379184A (en) * 2018-09-28 2019-02-22 北京金山安全软件有限公司 Block chain private key storage method and device and electronic equipment
CN109389397A (en) * 2018-09-28 2019-02-26 北京金山安全软件有限公司 Hardware wallet

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230104585A1 (en) * 2020-05-20 2023-04-06 New H3C Technologies Co., Ltd. Method and Apparatus for Monitoring Software License Information, and Server and Storage Medium
US12406036B2 (en) * 2020-05-20 2025-09-02 New H3C Technologies Co., Ltd. Method and apparatus for monitoring software license information and adding information block into an information chain, and server and storage medium
US20240193587A1 (en) * 2022-02-07 2024-06-13 Capital One Services, Llc Knowledge-based authentication for asset wallets
US12456114B2 (en) * 2022-02-07 2025-10-28 Capital One Services, Llc Knowledge-based authentication for asset wallets

Similar Documents

Publication Publication Date Title
CN106797317B (en) Secure shared key sharing system and method
CN110324143B (en) Data transmission method, electronic device and storage medium
CN109474424B (en) Block chain account key backup and recovery method and system
CN110798315B (en) Data processing method and device based on block chain and terminal
US9673975B1 (en) Cryptographic key splitting for offline and online data protection
CN103842956B (en) Secure print between printer and print client equipment
CN109379189B (en) Block chain account key backup and recovery method, device, terminal and system
CN108183972B (en) File processing method and terminal
KR20210046357A (en) Method and apparatus for key storing and recovery for blockchain based system
CN105005731A (en) A data encryption and decryption method and mobile terminal
US12231572B2 (en) SSL communication system, client, server, SSL communication method, and computer program
CN106487758B (en) data security signature method, service terminal and private key backup server
CN111178884A (en) Information processing method, device, equipment and readable storage medium
CN113836506A (en) Identity authentication method, device, system, electronic device, storage medium
CN107563176A (en) Login authentication method and system based on USB flash disk, readable storage medium and computer
CN109299618B (en) Quantum-resistant computing cloud storage method and system based on quantum key card
JP6172866B2 (en) Agent for providing security cloud service and security key device for security cloud service
CN109389397B (en) Hardware wallet
CN107707562A (en) Method and device for asymmetric dynamic token encryption and decryption algorithm
WO2020063354A1 (en) Block chain private key storage and recovery method, device and system
CN105574429A (en) Method, device and terminal for file data encryption and decryption processing
CN105592056A (en) Password safety system for mobile device and password safety input method thereof
CN110912683B (en) Password storage method and device and password verification method and device
CN114745115A (en) An information transmission method, device, computer equipment and storage medium
CN110968878B (en) Information transmission method, system, electronic equipment and readable medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19864348

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19864348

Country of ref document: EP

Kind code of ref document: A1