• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    implementations of the present disclosure include receiving, from a first account, a digitally signed copy of a plurality of notes, a commitment of a transaction amount of a transaction between the first account and a second account paid by at least a portion of the plurality of notes, a commitment to an amendment by deducting the transaction amount from a total value of the plurality of notes, and a zero knowledge proof generated based on one or more selected random numbers. the first account determines that the total value of the plurality of notes equals the sum of the transaction and change amount, validates the transaction, and updates the first account and second account based on the plurality of notes, the transaction amount, and the change.
    公开号:BR112019008160B1
    申请号:R112019008160-7
    申请日:2018-11-07
    公开日:2021-08-24
    发明作者:Baoli Ma;Wenbin Zhang;Huanyu Ma;Zheng Liu;Lichun Li
    申请人:Advanced New Technologies Co., Ltd;
    IPC主号:
    专利说明:

    FIELD OF THE INVENTION
    [0001] The present invention relates to computer-implemented methods for non-interactive privacy-preserving checks of block chain transactions with proof of zero knowledge based on the billing model. BACKGROUND OF THE INVENTION
    [0002] Block chain networks, which may also be called block chain systems, consensus networks, distributed accounting system networks or blockchain, allow participating entities to store data securely and immutably. A block chain can be described as a transaction ledger and multiple copies of the block chain are stored in the block chain network. Examples of block chain types can include public block chains, block chain consortia, and private block chains. A public block chain is open for all entities to use the block chain and participate in the consensus process. A block chain consortium is a chain of blocks where the consensus process is controlled by a pre-selected set of nodes, such as certain organizations or institutions. A private block chain is provided for a specific entity, which centrally controls read and write permissions.
    [0003] Block chains are used in cryptocurrency networks, which allow participants to carry out transactions to buy/sell goods/services using an encrypted currency. A common cryptocurrency includes Bitcoin. In cryptocurrency networks, record keeping models are used to record transactions between users. Examples of record keeping models include the unspent transaction output (UTXO) model and the account balance model. In the UTXO model, each transaction expends the output of previous transactions and generates new output that can be expended on subsequent transactions. A user's unspent transactions are tracked and a balance of what the user must spend is calculated as the sum of unspent transactions. In the account balance model, each user's account balance is tracked as a global state. For each transaction, an expense account balance is checked to ensure that it is greater than or equal to the transaction amount. This is comparable to traditional banking.
    [0004] A block chain includes a series of blocks, each containing one or more transactions executed on the network. Each block can be converted to a ledger page, while the block chain itself is a complete copy of the ledger. Individual transactions are committed and added to a block which is added to the block chain. Block chain copies are replicated across nodes in the network. In this way, there is a global consensus on the state of the block chain. Furthermore, the block chain is open to view for all nodes, at least in the case of public networks. To protect the privacy of block chain users, encryption technologies are implemented.
    [0005] In the account balance model, commitment schemes can be used to hide amounts that both parties to a transaction commit to. Commitment schemes can arise from the need for parties to commit to a choice or value and then later communicate that value to the other parties involved. For example, in an interactive Pedersen (PC) commitment scheme, a first user can confirm a transaction amount t by sending a commitment value PC (t, r) that is generated based on the random value r. The commitment amount is generated and a second user can only reveal the transaction amount t by getting the random number r. To ensure that the transaction amount is valid, a range proof can be created to prove that the transaction amount is greater than or equal to zero and less than or equal to the account balance.
    [0006] In some cases, multiple transactions can be made from one user. As the proof of range is tied to the remaining balance of the account, it is important that the various transactions are verified sequentially in the block chain. Thus, the corresponding interval proofs can be correctly associated with the remaining account balances after each transaction. DESCRIPTION OF THE INVENTION
    [0007] Embodiments of the present invention include computer-implemented methods for non-interactive privacy-preserving checks of block chain transactions with proof of zero knowledge based on the bill-of-note model. More specifically, the embodiments of the present invention are intended to validate transactions between accounts in chain of blocks in the bill-of-note model. In some embodiments, in the account note model, account balances are stored as a note aggregation. According to the embodiments of the present invention, transaction validation can be performed based on compromise schemes and public key encryption scheme or embedded encryption scheme without revealing transaction amount, note value or random numbers to generate compromises .
    [0008] In some achievements, actions include; the receipt, from a first account, of a digitally signed copy of a plurality of note identifiers (IDs), identifying a corresponding plurality of notes, a commitment of a transaction amount of a transaction between the first account and a second account paid by at least a portion of the plurality of notes, a commitment of an amendment by deducting the transaction amount from a total amount of the plurality of notes, a first random number used to generate the commitment of the encrypted transaction amount by a public key of the second account, the transaction amount encrypted by the public key of the second account, a second random number used to generate the commitment of the change encrypted by the public key of the first account, the change encrypted by the public key of the first account, a or more interval tests and a zero knowledge test generated based on one or more selected random numbers. swims; verifying a digital signature corresponding to the digitally signed copy using the public key of the first account; the determination that one or more gap tests prove that the transaction amount and change are greater than or equal to zero; determining that the total value of the plurality of notes is equal to the sum of the transaction and amendment amount; determining that the transaction amount in the commitment is the same as the encrypted transaction amount and whether a random number used to generate the transaction amount commitment is the same as the first random number; and updating the first account and second account based on the plurality of notes, the transaction amount and changing if the transaction amount in the commitment is the same as the encrypted transaction amount and if the random number used to generate the commitment of the amount of the transaction is the same as the first random number. Other embodiments include corresponding computer systems, apparatus and programs configured to perform the actions of methods encoded on computer storage devices.
    [0009] These and other embodiments may optionally include one or more of the following features: each of the plurality of notes includes one or more of a note type, a commitment of a note value, the note value encrypted by key cryptography public or embedded encryption and a random number used to generate the pledge encrypted by public key encryption or embedded encryption; determining that each plurality of notes have the same type of note; the transaction amount commitment, the change commitment, and the note value commitment are generated using a commitment scheme that is homomorphic; determining whether the total value of the plurality of notes is equal to the sum of the transaction amount and the change is based on comparing a commitment sum of each note amount and a commitment sum of the transaction amount and the change commitment; each of the plurality of note IDs includes an address and a transaction index number indicating a corresponding note order in the transaction output, and wherein the transaction address is generated by transaction hashing information of the transaction; determining that each of the plurality of note IDs is associated with the first account; the first random number and transaction amount are encrypted by a public key encryption of the second account based on Paillier encryption or Okamoto-Uchiyama encryption; determining whether the transaction amount in the commitment is the same as the transaction amount that is encrypted, and whether a random number used to generate the transaction amount commitment is the same as the first random number and is based on proof of knowledge zero no interactions between the first account and the second account outside the blockchain network.
    [0010] The present invention also provides one or more non-transient computer readable storage media coupled to one or more processors and having instructions stored therein that, when executed by one or more processors, cause one or more processors to perform operations according to the embodiments of the methods provided in the present invention.
    [0011] The present invention further provides a system for implementing the methods provided herein. The system includes one or more processors, and a computer-readable storage medium coupled to one or more processors with instructions stored therein that, when executed by one or more processors, cause the one or more processors to perform operations in accordance with the realizations of the methods provided here.
    [0012] It is understood that the methods in accordance with the present invention may include any combination of the aspects and features described herein. That is, the methods according to the present invention are not limited to the combinations of features and features specifically described herein, but also include any combination of the features and features provided.
    [0013] Details of one or more embodiments of the present invention are set forth in the accompanying drawings and in the description below. Other features and advantages of the present invention will be apparent from the description and drawings, and from the claims. BRIEF DESCRIPTION OF THE DRAWINGS
    - FIG. 1: illustrates an example environment that can be used to carry out embodiments of the present invention.- FIG. 2: illustrates an example of conceptual architecture according to embodiments of the present invention.- FIG. 3: illustrates an example of the privacy-protected validation process of a block chain transaction based on an account note model according to the embodiments of the present invention.- FIG. 4: illustrates an example block chain transaction based on the bill-of-note model according to embodiments of the present invention.- FIG. 5: illustrates an example process that can be carried out in accordance with embodiments of the present invention.
    [0014] Similar reference symbols in the various drawings indicate similar elements. DESCRIPTION OF ACHIEVEMENTS OF THE INVENTION
    [0015] Embodiments of the present invention include computer-implemented methods for non-interactive privacy-protected checks of block chain transactions with proof of zero knowledge based on the bill-of-note model. More specifically, the embodiments of the present invention are intended to validate transactions between accounts in a chain of blocks under a bill-of-account model. In some embodiments, in the account note model, account balances are stored as a note aggregation. According to the embodiments of the present invention, transaction validation can be performed based on compromise schemes and public key encryption scheme or embedded encryption scheme without revealing transaction amount, note value or random numbers to generate compromises . In some achievements, actions include; the receipt, from a first account, of a digitally signed copy of a plurality of note identifiers (IDs) identifying a corresponding plurality of notes, a commitment of a transaction amount of a transaction between the first account and a second account paid by at least a portion of the plurality of notes, a commitment of an amendment by deducting the transaction amount from a total amount of the plurality of notes, a first random number used to generate the commitment of the transaction amount encrypted by a public key of the second account, the transaction amount encrypted by the public key of the second account, a second random number used to generate the commitment of the change encrypted by the public key of the first account, the change encrypted by the public key of the first account, a or plus interval tests and a zero knowledge test generated based on one or more random numbers selected. ed; verifying a digital signature corresponding to the digitally signed copy using the public key of the first account; the determination that one or more gap tests prove that the transaction amount and change are greater than or equal to zero; determining that the total value of the plurality of notes is equal to the sum of the transaction and amendment amount; determining that the transaction amount in the commitment is the same as the encrypted transaction amount and whether a random number used to generate the transaction amount commitment is the same as the first random number; and updating the first account and second account based on the plurality of notes, transaction amount and change identifying whether the transaction amount in the commitment is the same as the encrypted transaction amount and whether the random number used to generate the commitment of the transaction amount is the same as the first random number.
    [0016] To provide additional context for embodiments of the present invention, and as introduced above, block chain networks, which may also be referred to as consensus networks (for example, consisting of peer-to-peer nodes -peer)), distributable ledger system, or simple block chain, allows participating entities to conduct transactions and store data securely and immutably. A block chain can be provided as a public block chain, a private block chain, or a block chain consortium. Embodiments of the present invention are described in more detail herein with reference to a public block chain, which is public among participating entities. It is contemplated, however, that embodiments of the present invention can be carried out in any suitable type of block chain.
    [0017] In a public block chain, the consensus process is controlled by nodes of the consensus network. For example, hundreds, thousands, and even millions of entities can participate in a public block chain, each operating at least one node in the public block chain. Thus, the public block chain can be considered a public network in relation to the participating entities. In some examples, most entities (nodes) must sign each block for the block to be valid and added to the block chain. An example of a public block chain includes the block chain used in the Bitcoin network, which is a peer-to-peer payment network (cripitocurrency network). Although the term blockchain (or blockchain) is commonly referred to with the Bitcoin network, as used herein, the term blockchain generally refers to ledgers distributed with no particular reference to the Bitcoin network.
    [0018] In general, a public block chain supports public transactions. A public transaction is shared with all nodes within the block chain, and the block chain is replicated across all nodes. That is, all nodes are in a perfect state of consensus regarding the block chain. To reach consensus (for example, agree to add a block to a blockchain), a consensus protocol is implemented within the blockchain network. An example of a consensus protocol includes, without limitation, the Proof-of-Work (POW) implemented on the Bitcoin network.
    [0019] The embodiments of the present invention are described in greater detail herein, in view of the above context. More specifically, and as introduced above, embodiments of the present invention are intended to validate transactions between accounts in block chain under the bill-of-note model, where account balances are stored as a bill aggregation. In some embodiments, and as described in more detail in the present invention, transaction validation can be performed based on commitment and HE schemes without revealing the transaction amount, note value or random numbers to generate commitments.
    [0020] According to the embodiments of the present invention, block chain nodes can use the bill model as a method of record keeping. In comparison to the account balance model, block chain nodes that adopt the account note model keep records of a plurality of notes instead of account balances. Each of the plurality of notes is associated with a note type and a note value. The note type can be a currency or asset type associated with the note. The currency type can be any type of real currency or cryptocurrency. The banknote value can indicate the face value of the banknote with the corresponding banknote type.
    [0021] To protect data privacy, transactions can be recorded in a block chain (led ledger) based on the commitment, without revealing the transaction amount or monetary value information associated with user accounts in the data chain. blocks. A commitment scheme can be used to generate a commitment of a transaction amount using a random number. An exemplary compromise scheme includes, without limitation, the Pedersen (PC) compromise scheme. Since the transaction amount is hidden in the commitment, one or more interval proofs can be used to prove that the transaction amount does not exceed the block chain user account value.
    [0022] In the account balance model, interval proofs are associated with the account balance. If more than one transaction is made, but not all transactions are validated and recorded in the block chain, interval proofs may be associated with incorrect account balances and therefore may be invalid. In comparison, in the bill-of-note model, the account value is calculated by summing a plurality of notes. When a transaction amount is to be transferred between block chain user accounts, a portion of the plurality of notes with a combined value greater than or equal to the transaction amount can be used to make the transfer. Additional transfers can be made under the condition that the remaining notes have a combined value greater than the amount to be transferred. Thus, even if transactions are not validated and recorded in the block chain, interval proofs that show that the combined value of the remaining notes is greater than or equal to the transaction amount can still be valid.
    [0023] To validate a transaction between a user A (node) and a user B (node), for example, the transaction amount and random number can be encrypted by user A using a public key encryption scheme (for example , EIGamal) or embedded encryption scheme (eg ECIES) based on a user B's public key. The transaction amount and random number can also be used to generate a proof of zero knowledge (ZKP) to validate the transaction . The transaction commitment, encrypted transaction amount, encrypted random number, and ZKP can be used by a node in the blockchain to verify that the transaction is valid. During the validation process, the account balance, transaction amount or random number does not need to be revealed or sent to User B.
    [0024] FIG. 1 illustrates an example environment (100) that can be used to carry out embodiments of the present invention. In some examples, the example environment (100) allows entities to participate in a public block chain (102). The example environment (100) includes computing systems (106), (108) and a network (110). In some examples, the network (110) includes a local area network (LAN), wide area network (WAN), the Internet, or a combination thereof, and connects websites, user devices (eg, devices computing) and back-end systems. In some examples, the network (110) can be accessed through a wired and/or wireless communication link.
    [0025] In the illustrated example, the computing systems (106), (108) can each include any appropriate computing system that allows participation as a node in the public block chain (102). Examples of computing devices include, but are not limited to, a server, a desktop computer, a laptop computer, a tablet-type computing device, and a smartphone. In some examples, computing systems (106), (108) host one or more computer-implemented services to interact with the public block chain (102). For example, the computing system (106) may host computer-implemented services of a first entity (eg User A), such as a transaction management system that the first entity uses to manage its transactions with one or more different entities. (eg other users). The computing system (108) may host computer-implemented services of a second entity (e.g., user B), such as a transaction management system that the second entity uses to manage its transactions with one or more different entities (per example, other users). In the example of FIG. 1, the public block chain (102) is represented as a peer-to-peer network of nodes, and the computing systems (106), (108) provide nodes of the first entity, and the second entity respectively, participating in the public block chain (102).
    [0026] FIG. 2 illustrates an example conceptual architecture (200) in accordance with embodiments of the present invention. The example conceptual architecture (200) includes an entity layer (202), a hosted services layer (204), and a public blockchain layer (206). In the example described, the entity layer (202) includes three entities, Entity_1 (E1), Entity_2 (E2) and Entity_3 (E3), each entity having a respective transaction management system (208).
    [0027] In the depicted example, the hosted services layer (204) includes block chain interfaces (210) for each transaction management system (208). In some examples, a respective transaction management system (208) communicates with a respective block chain interface (210) over a network (e.g., the network (110) of Figure 1) using a communication protocol (by example, secure hypertext transfer protocol (HTTPS)). In some examples, each blockchain interface (210) provides a communication link between a transaction management system (208) and the blockchain layer (206). More particularly, each blockchain interface (210) allows the respective entity to conduct transactions recorded in a blockchain network (212) of the blockchain layer (206). In some examples, communication between a blockchain interface (210) and the blockchain layer (206) is conducted using remote procedure calls (RPCs). In some examples, blockchain interfaces (210) “host” blockchain nodes to respective transaction management systems (208). For example, the blockchain interfaces (210) provide the application programming interface (API) for accessing the blockchain network (212).
    [0028] As described herein, the block chain network (212) is provided as a point-to-point network, including a plurality of nodes (214) that record immutable information in a block chain (216). Although a single chain of blocks (216) is schematically represented, multiple copies of chains of blocks (216) are provided and maintained across the block chain network (212). For example, each node (214) stores a copy of the chain of blocks (216). In some embodiments, the block chain (216) stores information associated with transactions that are performed between two or more entities that participate in the public block chain.
    [0029] FIG. 3 illustrates an example of the method (300) of privacy-protected validation of a blockchain transaction based on an account note model in accordance with the embodiments of the present invention. At a high level, the example method (300) is performed by a user node A (302), a user node B (not shown in FIG. 3), and a block chain node (304), also referred to as a node of consensus. The user node A account (302) and the user node account are based on the account note template. That is, the coins of user node A (302) and user node B are held as a plurality of bills. A transaction, such as a transfer of value, can be made from user node A (302) to user node B. User node A (302) can select a set of notes from its account to cover the transaction amount . The difference between the total value of the note set and the transaction amount can be calculated as a change from user node A (302).
    [0030] To protect the privacy of the account, user node A (302) can generate a commitment of a transaction amount t using a commitment scheme, such as PC, based on a random number r. User node A (302) can encrypt the transaction amount and random number using a public key encryption scheme or built-in encryption scheme based on a public key of user node B. User node A (302) may also encrypt the change and a random number corresponding to the change using a public key encryption scheme or integrated encryption scheme based on the public key of user node A. To check the validity of the transaction, the block chain node (304) can check the encrypted transaction amount and the random number with the corresponding transaction amount and the random number in the commitment based on ZKP. If the transaction values and random numbers match, the transaction is determined to be valid by the block chain node (304). More details of the example method (300) are discussed in the following description of FIG. 3
    [0031] At (306), user node A (302) selects a plurality of notes to transfer a transaction amount to user node B. User node A (302) and user node B can be consensus node block chain or user nodes that use the block chain network without participating in the consensus process. As discussed earlier, user node A (302) can use an account note template to maintain records. Instead of keeping the account balance for recording in the account balance template, the account value of user node A (302) is measured by the total value of its notes. User node A (302) can select a plurality of notes from the notes that should be sufficient to cover the transaction amount. For example, if the transaction amount is 7.5 bitcoin, user node A (302) can select three notes that are worth 5, 2 and 1 bitcoin, respectively, to cover the transaction amount.
    [0032] In some embodiments, each note may have a note type that identifies the currency or asset type of the note. Each note can also have a note ID that includes a transaction ID and an index number. The transaction ID can be the transaction information hash. The index can indicate an order of the corresponding note at the exit of the transaction. For example, when sending the three grades with a grade value of 5, 2, and 1 bitcoin, the 2 bitcoin grade can be the second transaction output with an index number of 2. In some examples, k grades are selected , their note types and note IDs can be expressed as NoteType1 , NoteIda1,. . ., NoteTypek , NoteIdak. In some examples, the same type of notes can be selected to carry out the transaction amount transfer. In some cases, the note IDs corresponding to the change and the transaction amount cannot be obtained before the transaction is created. In these cases, note IDs can be generated based on a block chain contract that can perform consensus and contract updates.
    [0033] At (308), user node A (302) calculates a change based on the total value of the plurality of notes and the transaction amount. As the notes are selected to have a total amount greater than the transaction amount, the change can be calculated as the total amount of the selected notes minus the transaction amount. Using t to represent the transaction amount and t0 to represent the change, the change calculation can be expressed as t0 = a1 +. . . + ak – t, where a1,. . ., ak are the values of notes k selected by user node A (302) to cover the amount of transaction t.
    [0034] In (310), user node A (302) generates a plurality of random numbers corresponding to the plurality of notes and calculates a random number corresponding to the change. A plurality of random numbers can be generated to produce compromises of the grade values. For example, a1. .., ak are the grade values and the random numbers that correspond to the grade values can be expressed as ra1, … , rak. Note commitments can be expressed as PC(ra1, a1), . . ., PC(rak, ak).
    [0035] In some embodiments, a random number r0 can be computed to correspond to change t0. The calculation can be expressed as r0= ra1 + . . . + rak – r, where r is the random number generated to produce a commitment for the transaction amount t. In calculating r0, user node A (302) does not need to generate an additional ZKP to show that the total value of the transferred notes is equal to the total value of the received notes.
    [0036] At (312), user node A (302) generates commitments and public key encrypted cryptograms of the transaction and change amount. To protect data privacy, monetary values, including note values, transaction amount and change, can be hidden by commitments based on commitment schemes. The block chain can keep appointments as a record. In some embodiments, homomorphic commitment schemes such as PC can be used to generate the commitments. Using PC as a non-limiting example, the PC of a transaction t can be generated using a random number r, which can be expressed as T = PC(r,t) = grht, where g and h can be generators of an elliptic curve, and PC(r,t) is a scalar multiplication of points on the curve. It should be understood that other HE-based commitment schemes, such as the Fujisaki-Okamoto commitment scheme, can also be used to generate the commitment value.
    [0037] The transaction amount and random number can also be encrypted using the B user node public key. The encryption can be based on a public key encryption scheme, such as the Paillier or ElGamal algorithm, or an encryption scheme integrated, such as ECIES. Thus, user node B can use its corresponding private key to reveal the transaction amount and random number. The encrypted random number of the public key and the transaction amount can be expressed as PB = E(PkB, r), QB = E(PkB, t), respectively, where PkB represents the public key of user node B.
    [0038] Similarly, the change commitment can be expressed as T0 = PC(r0, t0). The random number R0 and the change value t0 can also be encrypted by the public key of user node A (302) expressed as PA = E(PKA, r0), QA = E(PKA, t0), respectively, where PkA represents a public key of user node A (302).
    [0039] In (314), user node A (302) generates one or more interval tests. In some embodiments, a first interval proof, RP1, can be generated to show that the transaction amount t ≥ 0. A second interval proof, RP2, can be generated to show that the change t0 ≥ 0, or in other words, the value The total of the plurality of notes is greater than or equal to the transaction amount.
    [0040] In (316), user node A (302) generates a ZKP. In some realizations, ZKP can be used to prove that the random number of transaction amounts t included in PB and QB are equal to the random number and transaction amount included in commitment T. In some embodiments, the ZKP can be generated using arguments from succinct non-interactive knowledge and zero knowledge (also known as zk-SNARKs, doingles zero-knowledge succinct non-interactive argument of knowledge).
    [0041] In (318), user node A (302) uses a private key to generate a digital signature of transaction data. In some embodiments, transaction data may include NoteType1, NoteIda1,. . ., NoteTypek,NoteIdak; T0, T, PB, QB, PA, QA, RP1, RP2, and the ZKP.
    [0042] At (320), user node A (302) sends the digitally signed copy of transaction data to a block chain network.
    [0043] In (322), the block chain node (304) checks the digital signature. Verification of the digital signature can ensure that transaction data is sent by user node A (302).
    [0044] In (324), the block chain node (304) checks the type denotes the plurality of notes. In other words, the blockchain node (304) verifies that NoteType1 to NoteTypek are the same.
    [0045] In (326), the block chain node (304) checks that the total value of the selected plurality of notes is equal to the sum of the transaction and change amount. In other words, the blockchain checks that a1+. . . + aK = t + t0. As discussed earlier, in the bill-of-note model, the bills can be kept in the block chain like PCs to protect data privacy. Based on PC homomorphism, PC(ra1, a1) + . . . +PC(rak, ak) = PC(ra1 + . . . + rak, a1 + . . . + ak), and PC(r, t) + PC(r0, t0) = PC(r + r0, t+ t0 ). Therefore, showing that PC(ra1, a1) + . . . + PC(rak, ak) = PC(r, t) + PC(r0,t0), it can be proved that a1 + . . . + ak = t + t0.
    [0046] At (328), the block chain node (304) checks for one or more range probes.
    [0047] At (330), the blockchain node (304) checks the ZKP, if the ZKP is successfully verified, the transaction amount and the random number encrypted using the public key of user node B are proven to be equal to the corresponding transaction amount and random number hidden by the PC. As discussed above, ZKP can be generated using zk-SNARK.
    [0048] In some embodiments, ZKP can also be generated based on Sigma protocols. Using Paillier's public-key cryptography as an example, PB and QB can be expressed as PB = E(PkB, r) = uryn, QB = E(Pk,t) = utzn, respectively, where uen are public keys, y and z are random numbers.
    [0049] To generate the ZKP based on Sigma protocols, user node A (302) can generate four additional random numbers, r*, t*, y* and z*, to calculate three ciphertexts (cryptograms) C, D and E. C, D, and E can be expressed as C = gr*ht*, D = ur*y*n, and E = ut*z*n. A hash value x can be calculated by hashing T, PB, QB, g, h, u, n, C, D, and E, which can be expressed as x = Hash(T, PB, QB, g, h, u , n, C, D, E). Four additional ciphertexts a, b, c and d can be calculated as a = r* + xr, b = t* + xt, c = y*yx, d = z*zx. Finally, ZKP can be formed as ZKP = (C, D, E, a, b, c, d).
    [0050] To check the ZKP, the block chain node (304) can first calculate x = Hash(T, PB, QB, g, h, u, n, C, D, E). The block chain node (304) can check if gahb = CTx, uacn = DPx, and ubdn = EQx. If so, the ZKP is verified and it is proven that the transaction amount and the random number encrypted using the public key of user node B are the same as the corresponding transaction amount and the random number hidden by the PC.
    [0051] In another example, public key encryption OR can be used to encrypt the transaction amount and random number. PB and QB can be expressed as PB = E(PkB, r) = urvy, QB = E(Pk, t) = utvz, respectively, where u, v and n are public keys, r, y and z are random numbers.
    [0052] To generate the ZKP based on Sigma protocols, user node A (302) can generate four additional random numbers, r*, t*, y* and z*, to calculate three ciphertexts (cryptograms) C, D and E. Encrypted texts C, D, and E can be calculated as C = gr*ht*, D = ur*v*y, and E = ut*v*z. A hash value x can be calculated by hashing T, PB, QB, g, h, u, v, n, C, D, and E, which can be expressed as x = Hash(T, PB, QB, g, h, u, v, n, C, D, E). Four additional ciphertexts a, b, c and d can be calculated as a = r* + xr, b = t* + xt, c = y* + xy, d = z* + xz. Finally, ZKP can be formed as ZKP = (C, D, E, a, b, c, d).
    [0053] To check the ZKP, the block chain node (304) can calculate x = Hash(T, PB, QB, g, h, u, v, n, C, D, E). The block chain node (304) can check if gahb = CTx, uavc = DPx, and ubvd = EQx. If so, the ZKP is verified and it is proven that the transaction amount and the random number encrypted using the public key of user node B are the same as the corresponding transaction amount and the random number hidden by the PC.
    [0054] In (332), the block chain node (304) checks that the plurality of notes belongs to user node A (302). Verification can be based on note IDs, NoteIdai , where i = 1, . . ., k.
    [0055] In (334), the block chain node (304) updates the accounts of user node A (302) and user node B. How the accounts of user node A (302) and user node B keep notes as records in the account note template, after the transaction, the plurality of notes transferred out of user node A (302) can be removed from user node A account (302). The change can be added back to the user node A account. The transaction amount, the corresponding note type and the note ID can be added as a new note to the user node B account. Updating the accounts is described in more details in the present application with reference to FIG. 4.
    [0056] FIG. 4 depicts an example block chain transaction (400) based on the bill-of-note model in accordance with embodiments of the present invention. As shown in the block chain transaction example (400), a user node A (402) transfers a transaction amount t to a user node B (404). Before the operation, the user node (402) has m notes including NoteIda1, PC(ra1, a1), E(PkA, ra1), E(PkA, a1); NoteIda2, PC(ra2, a2), E(PkA, ra2), E(PKA, a2); ... ; Noteldam, PC(ram, am), E(PkA, ram), E(PKA, am).
    [0057] Using the compromise schemes, encryption schemes and transaction process described herein with reference to FIG. 3 as an example, user node A (402) generates transaction data (408), which can include note IDs of selected notes from k and their type expressed as NoteType1, NoteIda1, . . ., NoteTypek, NoteIdak. Transaction data (408) may further include T0, T, PB, QB, PA, QA, RP1, RP2, and the ZKP. After the transaction data (408) is generated, user node A (402) can add its digital signature and submit the digitally signed transaction data to the network block chain (406) for consensus.
    [0058] After the transaction, the selected notes of k can be removed from user A's account (402). The change can be added back to user node A (402). Therefore, user node A (402) can have the following grades expressed as GradeIda(k+1), PC(ra(k+1), a(k+1)), E(PkA, ra(k+1) ), E(PkA, a(k+1)), . . ., NoteIdam, PC(ram, am), E(PkA, ram), E(PkA, am), NoteIda(m+1), PC(r0, t0), E(PkA, r0), E(PkA, t0), where NoteIda(m+1) represents the note ID of change t0.
    [0059] Before the operation, user node B (404) has m notes, which can be expressed as NoteIdb1, PC(rb1, b1), E(PkB, rb1), E(PkB, b1); NoteIdb2, PC(rb2, b2), E(PkB, rb2), E(PkB, b2); ... ; Noteldbm, PC(rbm, bm), E(PkB, rbm), E(PkB, bm). After the transaction, the transaction amount can be added to user node B (404). User node (404) B can have the following notes expressed as NoteIdb1, PC(rb1, b1), E(PkB, rb1), E(PkB, b1), . . ., NoteIdbm, PC(rbm, bm), E(PkB, rbm), E(PkB, bm), NoteIdb(m+1), PC(r, t), E(PkB, r), E(PkB, t), where NoteIdb(m+1) represents the note ID of the transaction amount t.
    [0060] FIG. 5 illustrates an example process (500) that may be carried out in accordance with embodiments of the present invention. For clarity of presentation, the following description generally describes the example process (500) in the context of the other figures in this description. However, it will be understood that the example process (500) can be performed, for example, by any system, environment, software and hardware, or a combination of systems, environments, software and hardware, as appropriate. In some embodiments, multiple steps of the example process (500) can be performed in parallel, in combination, in loops, or in any order.
    [0061] At (502), a consensus node receives, from a first account, a digitally signed copy of a plurality of note IDs identifying a corresponding plurality of notes. In some examples, the consensus nodes may further receive a commitment of a transaction amount from a transaction between the first account and a second account paid by at least a portion of the plurality of notes. In some instances, the consensus nodes may still receive a commitment to a change by deducting the transaction amount from a total value of the plurality of notes. In some examples, the consensus nodes may further receive a first random number used to generate the commitment of the transaction amount encrypted by a public key of the second account, and the transaction amount encrypted by the public key of the second account. In some instances, the consensus node may further receive a second random number used to generate the change commitment encrypted by the first account's public key, the change encrypted by the first account's public key, one or more range proofs, and a proof of zero knowledge generated based on one or more selected random numbers.
    [0062] In one or more embodiments, each of a plurality of notes includes one or more of a note type, a commitment of a note value, the note value encrypted by the public key encryption scheme or encryption scheme built-in and a random number used to generate the appointment encrypted by the public key encryption scheme or the built-in encryption scheme. In some realizations, the transaction amount commitment, the change commitment, and the note value commitment are generated using a commitment scheme that is homomorphic. In some embodiments, each plurality of note IDs includes a transaction address and an index number indicating a corresponding note order in the transaction output, and wherein the transaction address is generated by transaction hashing information of the transaction. In some embodiments, the first random number and transaction amount are encrypted by a public key of the second account based on an encryption scheme such as EIGamal, ECIES.
    [0063] At (504), the consensus node verifies a digital signature corresponding to the digitally signed copy using the public key of the first account.
    [0064] In (506), the consensus node determines that one or more interval proofs prove that the transaction amount and change are greater than or equal to zero.
    [0065] At (508), the consensus node determines that the total value of the plurality of notes is equal to the sum of the transaction amount and the change amount. In some embodiments, determining whether the total value of the plurality of notes is equal to the sum of the transaction amount and the change is based on comparing a commitment sum of each note amount and a commitment sum of the transaction amount and the compromise of the amendment.
    [0066] At (510), the consensus node determines whether the transaction amount in the commitment is the same as the transaction amount that is encrypted, and whether a random number used to generate the transaction amount commitment is the same as the first random number. In some embodiments, the consensus node further determines that each plurality of notes has the same note type. In some embodiments, the consensus node further determines that each of the plurality of note IDs is associated with the first account. In some realizations, determining whether the transaction amount in the commitment is the same as the transaction amount that is encrypted and whether a random number used to generate the transaction amount commitment is the same as the first random number is based on proof of zero knowledge with no interactions between the first account and the second account outside the blockchain network.
    [0067] At (512), the consensus node updates the first account and the second account based on the plurality of notes, the transaction amount, and the change if the transaction amount in the commitment is the same as the transaction amount which is encrypted, and the random number used to generate the transaction amount commitment is the same as the first random number.
    [0068] Embodiments of the present invention can be implemented so as to realize specific advantages or technical effects. For example, embodiments of the present invention allow the account balance and transaction amount of block chain nodes to be private during transactions. The funds transfer recipient does not need to confirm the transaction or use a random number to verify a commitment, transaction validation may be non-interactive. A blockchain node can validate the transaction based on the public key encryption scheme and compromise schemes to allow proof of zero knowledge.
    [0069] The described methodology allows for the enhancement of account/data security of various mobile computing devices. Account balance and transaction amounts can be hidden by commitment schemes. Thus, a consensus node can update account balances in the ledger after the transaction without revealing the actual account balance. As the random number does not need to be sent to a recipient to confirm the transaction, the risk of data leakage can be reduced and less computing and memory resources need to be used to manage the random number.
    [0070] The achievements and operations described in this descriptive report may be implemented in digital electronic circuits, or in computer software, firmware or hardware, including the structures disclosed in this descriptive report or in combinations of one or more of them. Operations may be implemented as operations performed by a data processing apparatus on data stored on one or more computer readable storage devices or received from other sources. A data processing device, computer or computing device may encompass apparatus, devices and machines for processing data, including, for example, a programmable processor, a computer, a system on a chip or several, or combinations thereof. The apparatus may include special purpose logic circuits, for example, a central processing unit (CPU), Field Programmable Gate Array (FPGA) or an application-specific integrated circuit (ASIC). application-specific integrated circuit). The apparatus may also include code that creates an execution environment for the computer program in question, for example, code that constitutes processor firmware, a protocol stack, a database management system, a system operating system (for example, an operating system or a combination of operating systems), a cross-platform runtime environment, a virtual machine, or a combination of one or more of these. The apparatus and execution environment can realize various infrastructures of different computing models, such as web services, distributed computing, and grid computing infrastructures.
    [0071] A computer program (also known, for example, as a program, software, software application, software module, software unit, script, or code) may be written in any form of programming language, including compiled languages or interpreted, declarative or procedural languages, and can be deployed in any form, including as a standalone program or as a module, component, subroutine, object, or other unit suitable for use in a computing environment. A program can be stored in part of a file that contains other programs or data (for example, one or more scripts stored in a markup language document), in a single file dedicated to the program in question, or in multiple coordinated files (by (eg files that store one or more modules, subprograms or pieces of code). A computer program can run on one computer or on multiple computers located at one site or distributed across multiple sites and interconnected by a communication network.
    [0072] Processors for executing a computer program include, by way of example, general and special purpose microprocessors, and any one or more processors of any type of digital computer. Generally, a processor will receive instructions and data from read-only memory or random access memory, or both. The essential elements of a computer are a processor to perform actions according to instructions and one or more memory devices to store instructions and data. Generally speaking, a computer will also include, or be operatively coupled to receive data or transfer data to, or both, one or more mass storage devices for storing data. A computer can be embedded in another device, for example, a mobile device, a personal digital assistant (PDA), a game console, a Global Positioning System (GPS) receiver or a portable storage device. Devices suitable for storing computer program instructions and data include non-volatile memory, memory media and devices, including, by way of example only, semiconductor memory devices, magnetic disks, and magneto-optical disks. Processor and memory can be supplemented by, or incorporated into, special purpose logic circuitry.
    [0073] Mobile devices may include mobile phones, user equipment (EU), mobile phones (eg smartphones), tablets, wearable devices (eg smart watches and smart glasses), devices implanted in the human body (eg , biosensors, cochlear implants) or other types of mobile devices. Mobile devices can communicate wirelessly (for example, using radio frequency (RF) signals) to various communication networks (described below). Mobile devices can include sensors to determine the characteristics of the mobile device's current environment. Sensors can include cameras, microphones, proximity sensors, GPS sensors, motion sensors, accelerometers, ambient light sensors, humidity sensors, gyroscopes, compasses, barometers, fingerprint sensors, facial recognition systems, RF sensors (eg Wi-Fi and cellular radio), thermal sensors or other types of sensors. For example, cameras can include a forward-facing or backward-facing camera with moving or fixed lenses, a flash, an image sensor, and an image processor. The camera may be a megapixel camera capable of capturing details for facial and/or iris recognition. The camera, together with a data processor and authentication information stored in memory or accessed remotely, can form a facial recognition system. The facial recognition system or one or more sensors, eg microphones, motion sensors, accelerometers, GPS sensors or RF sensors, can be used for user authentication.
    [0074] To provide interaction with a user, realizations can be implemented on a computer with a display device and an input device, for example, a liquid crystal display (LCD) or organic light-emitting diode display device ( OLED)/ Augmented Reality (AR) virtual reality (VR) display device for displaying information to the user and a touch screen, keyboard and a pointing device by which the user can provide input to the computer. Other types of devices can also be used to provide interaction with a user; for example, the feedback provided to the user can be any form of sensory feedback, eg visual feedback, auditory feedback or tactile feedback; and user input can be received in any form, including acoustic, speech, or tactile input. In addition, a computer can interact with a user by sending documents to and receiving documents from a device used by the user; for example, sending web pages to a web browser on a user's client device in response to requests received from the web browser.
    [0075] The embodiments may be implemented using computing devices interconnected by any form or means of wired or wireless digital data communication (or combination thereof), for example, a communication network. Examples of interconnected devices are a client and a server that are usually remote from each other and that normally interact through a communication network. A customer, for example, a mobile device, can carry out transactions itself, with a server or through a server, for example, carrying out purchase, sale, payment, delivery, shipment or loan transactions, or by authorizing the same. Such transactions can be real-time, so that an action and a response are temporarily close together; for example, an individual perceives the action and the response occurs substantially simultaneously, the time difference for a response after the individual's action is less than 1 millisecond (ms) or less than 1 second (s), or the response occurs no intentional delays taking into account the processing limitations of the system.
    [0076] Examples of communication networks include a local area network (LAN), a radio access network (RAN), a metropolitan area network (MAN), a wide area network (WAN). The communication network can include all or part of the Internet, another communication network or a combination of communication networks. Information can be transmitted over the communication network in accordance with various protocols and standards, including Long Term Evolution (LTE), 5G, IEEE 802, Internet Protocol (IP) or other protocols or combinations of protocols . The communication network can transmit voice, video, biometric or authentication data, or other information between connected computing devices.
    [0077] Features described as separate realizations can be implemented, in combination, in a single implementation, while features described as a single implementation can be implemented in multiple realizations, separately or in any suitable subcombination. Operations described and claimed in a specific order should not be understood as requiring that specific order, nor should all illustrated operations be performed (some operations may be optional). As appropriate, multitasking or parallel processing (or a combination of multitasking and parallel processing) can be performed.
    权利要求:
    Claims (11)
    [0001]
    1. METHOD (300, 500) IMPLEMENTED BY A COMPUTER EXECUTED BY A CONSENSUS NODE (304) OF A BLOCK CHAIN NETWORK (102), characterized by comprising: - the receipt (320, 502), from a first account, of a digitally signed copy of a plurality of note identifiers (IDs) identifying a corresponding plurality of notes associated with the first account, of a commitment of a transaction amount of a transaction between the first account and a second account paid by at least one portion of the plurality of notes, of a commitment of an amendment by deducting the transaction amount from a total amount of the plurality of notes, of a first random number used to generate (312) the commitment of the transaction amount encrypted by a second account public key, of the transaction amount encrypted by the second account's public key, of a second random number used to generate (312, 314, 316) the crypto change commitment spelled by the public key of the first account, the change encrypted by the public key of the first account, one or more range tests, and a zero knowledge test generated (310) based on one or more selected random numbers, where the one or more gap tests includes a first gap test (RP1) generated (314) to prove that the transaction amount is greater than or equal to zero, and a second gap test (RP2) generated (314) to prove that a amount of change is greater than or equal to zero; - verification (322, 504) of a digital signature corresponding to the digitally signed copy using the public key of the first account; - determination (328, 506) that one or more proofs interval prove that the transaction amount and change are greater than or equal to zero; - the determination (326, 508) that the total value of the plurality of notes is equal to the sum of the transaction amount and the change; - the determination (510) that the transaction amount in the commitment is the same transaction amount as is encrypted, and if a random number used to generate the transaction amount commitment is the same as the first random number; and - updating (334, 512) of the first account and second account based on the plurality of notes, transaction amount, and change identifying whether the transaction amount in the commitment is the same as the transaction amount that is encrypted, and if the random number used to generate the transaction amount commitment is the same as the first random number.
    [0002]
    2. COMPUTER IMPLEMENTED METHOD (300,500), according to claim 1, characterized in that each of the plurality of notes includes one or more of a note type, a commitment of a note value, the note value encrypted by the encryption public key encryption or embedded encryption and a random number used to generate the compromise encrypted by public key encryption or embedded encryption.
    [0003]
    3. METHOD IMPLEMENTED BY COMPUTER (300,500), according to claim 2, characterized in that it further comprises the determination (324) that each of the plurality of notes has the same type of note.
    [0004]
    4. COMPUTER IMPLEMENTED METHOD (300,500), according to claim 2, characterized in that the transaction amount commitment, the change commitment and the note value commitment are generated using a commitment scheme that is homomorphic.
    [0005]
    5. METHOD IMPLEMENTED BY COMPUTER (300,500), according to claim 4, characterized by determining (326) whether the total value of the plurality of notes is equal to the sum of the transaction amount and the change is based on a comparison of a sum of the commitment of each note value and a sum of the commitment of the transaction amount and the change commitment.
    [0006]
    6. COMPUTER IMPLEMENTED METHOD (300,500) according to claim 1, characterized in that each of the plurality of note IDs includes a transaction address and an index number indicating an order of the corresponding note in the transaction output, and in that the transaction address is generated by the transaction's transaction hashing information.
    [0007]
    7. COMPUTER IMPLEMENTED METHOD (300,500) according to claim 1, further comprising determining that each of the plurality of note IDs is associated with the first account.
    [0008]
    8. METHOD IMPLEMENTED BY COMPUTER (300,500), according to claim 1, characterized in that the first random number and the transaction amount are encrypted by a public key of the second account based on Paillier encryption or Okamoto-Uchiyama encryption.
    [0009]
    9. COMPUTER IMPLEMENTED METHOD (300,500), according to claim 1, characterized by determining whether the transaction amount in the commitment is the same as the transaction amount that is encrypted and whether a random number used to generate the commitment amount of the transaction is the same as the first random number being based on proof of zero knowledge with no interactions between the first account and the second account outside the blockchain network (102).
    [0010]
    10. COMPUTER-READABLE STORAGE MEANS, non-transient, characterized by being coupled to one or more processors and having instructions stored in it that, when executed by one or more processors, cause the one or more processors to perform operations in accordance with the method (300, 500) as defined in any one of claims 1 to 9.
    [0011]
    11. SYSTEM FOR IMPLEMENTING A METHOD, characterized in that it comprises:- a computing device (120); and - a computer readable storage device coupled to the computing device (120) which has instructions stored therein and which, when executed by the computing device (120), cause the computing device (120) to perform operations in accordance with the method (300, 500) as defined in any one of claims 1 to 9.
    类似技术:
    公开号 | 公开日 | 专利标题
    BR112019008160B1|2021-08-24|COMPUTER IMPLEMENTED METHOD EXECUTED BY A CONSENSUS NODE OF A BLOCK CHAIN NETWORK, COMPUTER-READABLE STORAGE MEDIA, AND SYSTEM TO IMPLEMENT A METHOD
    BR112019008148B1|2021-08-10|METHOD IMPLEMENTED BY COMPUTER AND SYSTEM FOR IMPLEMENTING A METHOD
    KR20200079219A|2020-07-02|Blockchain data protection based on general account model and homogeneous encryption
    BR112019014629A2|2021-07-20|computer implemented method, computer readable storage medium and system
    BR112019008151A2|2019-09-10|computer-implemented method, non-transient computer-readable storage medium, and system
    BR112019008171A2|2019-09-10|computer-implemented method for validating blockchain transactions based on account templates, computer readable storage media, and system
    同族专利:
    公开号 | 公开日
    BR112019008160A2|2019-09-10|
    EP3542336A4|2019-11-20|
    CN110419055A|2019-11-05|
    TW202018572A|2020-05-16|
    PL3542336T3|2021-07-12|
    JP6817429B2|2021-01-20|
    EP3829104A1|2021-06-02|
    WO2019072268A2|2019-04-18|
    KR20200054131A|2020-05-19|
    KR102215773B1|2021-02-17|
    WO2019072268A3|2019-08-22|
    JP2020503718A|2020-01-30|
    ZA201902549B|2019-12-18|
    EP3542336A2|2019-09-25|
    RU2729595C1|2020-08-11|
    AU2018347190A1|2020-05-21|
    AU2018347190B2|2020-10-22|
    PH12019500890A1|2019-11-25|
    US20190251553A1|2019-08-15|
    SG11201903586SA|2019-05-30|
    EP3542336B1|2021-01-27|
    MX2019004658A|2019-08-12|
    CA3041160A1|2019-04-18|
    ES2863559T3|2021-10-11|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    US5999625A|1997-02-27|1999-12-07|International Business Machines Corporation|Method for electronic payment system with issuer control|
    US8515058B1|2009-11-10|2013-08-20|The Board Of Trustees Of The Leland Stanford Junior University|Bootstrappable homomorphic encryption method, computer program and apparatus|
    AU2014321178A1|2013-09-20|2016-04-14|Visa International Service Association|Secure remote payment transaction processing including consumer authentication|
    WO2016200885A1|2015-06-08|2016-12-15|Blockstream Corporation|Cryptographically concealing amounts transacted on a ledger while preserving a network's ability to verify the transaction|
    CN106911470B|2017-01-23|2020-07-07|北京航空航天大学|Bit currency transaction privacy enhancement method|
    US20190108517A1|2017-10-06|2019-04-11|Allocrypt, Llc|Digital currency for performing cash-equivalent transactions|
    CN107888375A|2017-11-08|2018-04-06|深圳市携网科技有限公司|A kind of electronic evidence safety system and method based on block chain technology|
    CN108021821A|2017-11-28|2018-05-11|北京航空航天大学|Multicenter block chain transaction intimacy protection system and method|
    CN108418689B|2017-11-30|2020-07-10|矩阵元技术(深圳)有限公司|Zero-knowledge proof method and medium suitable for block chain privacy protection|
    CN108764874B|2018-05-17|2021-09-07|深圳前海微众银行股份有限公司|Anonymous transfer method, system and storage medium based on block chain|US11196541B2|2017-01-20|2021-12-07|Enveil, Inc.|Secure machine learning analytics using homomorphic encryption|
    US10771237B2|2017-01-20|2020-09-08|Enveil, Inc.|Secure analytics using an encrypted analytics matrix|
    US20180212753A1|2017-01-20|2018-07-26|Enveil, Inc.|End-To-End Secure Operations Using a Query Vector|
    US10693627B2|2017-01-20|2020-06-23|Enveil, Inc.|Systems and methods for efficient fixed-base multi-precision exponentiation|
    CN111899001A|2018-08-30|2020-11-06|创新先进技术有限公司|Remittance method and device based on block chain|
    US10902133B2|2018-10-25|2021-01-26|Enveil, Inc.|Computational operations in enclave computing environments|
    US10817262B2|2018-11-08|2020-10-27|Enveil, Inc.|Reduced and pipelined hardware architecture for Montgomery Modular Multiplication|
    US10721217B2|2018-11-08|2020-07-21|Accenture Global Solutions Limited|Cryptographic datashare control for blockchain|
    EP3794537A4|2020-02-03|2021-05-26|AlipayInformation Technology Co., Ltd.|Blockchain-based trustable guarantees|
    EP3799644A4|2020-02-03|2021-06-09|AlipayInformation Technology Co., Ltd.|Blockchain-based trustable guarantees|
    EP3794773A4|2020-02-03|2021-05-05|AlipayInformation Technology Co., Ltd.|Blockchain-based trustable guarantees|
    SG11202013136SA|2020-02-03|2021-01-28|Alipay Hangzhou Information Technology Co Ltd|Blockchain-based trustable guarantees|
    EP3794484A4|2020-02-03|2021-05-05|AlipayInformation Technology Co., Ltd.|Blockchain-based trustable guarantees|
    SG11202013213UA|2020-02-03|2021-01-28|Alipay Hangzhou Information Technology Co Ltd|Blockchain-Based Trustable Guarantees|
    EP3794483A4|2020-02-03|2021-04-28|AlipayInformation Technology Co., Ltd.|Blockchain-based trustable guarantees|
    CN111523892B|2020-04-23|2021-07-27|深圳前海微众银行股份有限公司|Block chain cross-chain transaction method and device|
    DE102020119569B3|2020-07-24|2021-12-09|Infineon Technologies Ag|Provision of cryptographic information|
    CN113630411A|2021-08-05|2021-11-09|华中农业大学|Method and device for auditing multi-party privacy protection data on alliance block chain|
    CN113570373B|2021-09-23|2022-02-11|北京理工大学|Responsibility pursuing transaction method and system based on block chain|
    法律状态:
    2021-01-19| B25A| Requested transfer of rights approved|Owner name: ADVANTAGEOUS NEW TECHNOLOGIES CO., LTD. (KY) |
    2021-02-09| B25A| Requested transfer of rights approved|Owner name: ADVANCED NEW TECHNOLOGIES CO., LTD. (KY) |
    2021-07-13| B09A| Decision: intention to grant [chapter 9.1 patent gazette]|
    2021-08-24| B16A| Patent or certificate of addition of invention granted [chapter 16.1 patent gazette]|Free format text: PRAZO DE VALIDADE: 20 (VINTE) ANOS CONTADOS A PARTIR DE 07/11/2018, OBSERVADAS AS CONDICOES LEGAIS. |
    优先权:
    申请号 | 申请日 | 专利标题
    PCT/CN2018/114420|WO2019072268A2|2018-11-07|2018-11-07|Blockchain data protection based on account note model with zero-knowledge proof|
    [返回顶部]