COMPUTER IMPLEMENTED METHOD, LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER AND SYSTEM

专利摘要:
A method for performing a recovery process from a network node of a trust protocol network includes transmitting a status request message through the network node to the other network nodes of the trust protocol network to recover a target transaction from a target sequence number, receive status response messages that each include a sequence number from the other network nodes, identify the target sequence number based on the sequence numbers in the status response messages, send a requesting message to other network nodes to request an echo message from each of the other network nodes, determine the amount of valid echo messages that are sent by the other network nodes, retrieve the target transaction based on the amount of valid echo messages and send a message to the other network nodes indicating that the network node has been recovered.
公开号:BR112019014815A2
申请号:R112019014815-9
申请日:2018-12-13
公开日:2020-02-27
发明作者:Lin Peng
申请人:Alibaba Group Holding Limited；
IPC主号:

专利说明:

“METHOD IMPLEMENTED BY COMPUTER, LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER AND SYSTEM” Background of the Invention [001] Distributed accounting systems (DLSs), which can also be referred to as consensus networks and / or trust protocol networks ( blockchain), allow participating entities to store data safely and immutably. DLSs are commonly called trust protocol networks without referring to any specific user case. Examples of trust networks can include: public trust networks, private trust networks and consortium trust networks. A public trust protocol network is open for all entities to use DLS and participate in the consensus process. A private trusted protocol network is provided for a specific entity, which centrally controls read and write permissions. A consortium trust protocol network is provided for a select group of entities, which control the consensus process and include an access control layer.
[002] Consensus mechanisms are a primary component of distributed trust protocol systems. A consensus mechanism is a process in computer science that is used to reach agreement on a single data value between distributed processes or systems. Consensus mechanisms are designed to achieve reliability in a network involving several untrusted nodes. Solving this problem - known as a consensus problem - is important in distributed and multi-agent computing systems.
[003] The trust protocol depends on mechanisms of
Petition 870190068052, of 07/18/2019, p. 97/212
2/89 consensus to reach agreement between us. A trusted protocol is a decentralized database that is managed by computers distributed over a point-to-point (P2P) network. Each point maintains a copy of the ledger to avoid a single point of failure (SPOF). Updates and validations are reflected in all copies simultaneously.
[004] Although several existing techniques can be used to execute consensus between network nodes of a reliable protocol system, a more efficient solution to execute consensus would be advantageous.
Short Description [005] The embodiments of this specification include methods implemented by computer to address consensus issues in a distributed system (for example, a trusted protocol network). More particularly, the embodiments of the present specification are intended to carry out a recovery process for a network node in a distributed system.
[006] In some embodiments, actions include: transmitting a status request message to a number of trust protocol network nodes through a trust protocol network node, where the trust node network must retrieve a target transaction from a target sequence number; receiving a number of status response messages by the network node from the number of network nodes, each of the number of status response messages including a sequence number; identifying the target sequence number by the network node based on the same sequence number in response to the determination that a number of status response messages exceeds a predetermined threshold, where each of the number of status messages includes the same number of sequence; send a requesting message to
Petition 870190068052, of 07/18/2019, p. 98/212
3/89 plurality of network nodes per network node, where the requesting message requests an ECO message from each of the number of network nodes, where the ECO message is a message transmitted by each of the number of network nodes to reach a consensus between the number of network nodes in the target transaction having the target sequence number, and the ECO message includes a part of the target transaction and a signature from each of the plurality of network nodes; receiving a number of ECO messages by the network node from the plurality of network nodes; determining a quantity of valid ECO messages from the plurality of ECO messages by the network node, each of the quantity of valid ECO messages including the target sequence number; retrieving the target transaction having the same sequence number on the network node based on the number of valid ECO messages in response to the determination that the number of valid ECO messages exceeds a predetermined threshold; send a message to the plurality of network nodes by the network node, indicating that the network node has been recovered.
[007] Other embodiments include corresponding systems, devices and computer programs, configured to perform the actions of the methods, encoded in computer storage devices.
[008] These and other embodiments may optionally include one or more of the following characteristics:
[009] A first characteristic, combinable with any of the following characteristics, in which the number of network nodes includes a primary node and one or more backup nodes.
[010] A second characteristic, which can be combined with any of the following characteristics, where the network node is a primary node or a backup node.
Petition 870190068052, of 07/18/2019, p. 99/212
4/89 [011] A third feature, combinable with any of the following features, where the requesting message includes the target sequence number.
[012] A fourth characteristic, combinable with any of the following characteristics, in which each of the number of network nodes, different from the network node, checks the requesting message before sending the ECO messages to the network node.
[013] A fifth characteristic, combinable with any of the following characteristics, in which the network node checks whether each ECO message is valid using a Merkel tree.
[014] A sixth characteristic, which can be combined with any of the following characteristics, in which the network node also checks whether the signature in the ECO message is valid.
[015] A seventh characteristic, combinable with any of the following characteristics, in which each of the ECO messages further includes at least one of the number of erasure code (EC) blocks associated with the target transaction, in which the number of blocks EC is generated according to an EC code using the target transaction.
[016] An eighth characteristic, combinable with any of the following characteristics, in which the network node reconstructs the target transaction using a subset of the number of EC blocks that are in the number of valid ECO messages.
[017] A ninth characteristic, combinable with any of the following characteristics, in which the message for the number of network nodes indicating that the network node has been recovered includes a set of signatures on the number of valid ECO messages and the sequence number target.
[018] This specification also provides one or more
Petition 870190068052, of 07/18/2019, p. 100/212
5/89 more non-transitory, computer-readable storage media coupled to one or more processors and having instructions stored on them that, when executed by one or more processors, cause the one or more processors to perform operations according to the embodiments of the methods provided here.
[019] This specification also provides a system for implementing the methods provided here. The system includes one or more processors, and a computer-readable storage medium coupled to one or more processors having instructions stored on it that, when executed by one or more processors, cause the one or more processors to perform operations according to forms carrying out the methods provided here.
[020] This specification discloses improved consensus mechanisms, including techniques for reaching consensus between network nodes in a distributed system, performing a primary node change in a distributed system, and performing a recovery process for a network node in a distributed system. The consensus mechanisms described can achieve several advantages in different applications.
[021] For example, the consensus process, as discussed below, includes many features that improve the operations of the trust protocol system and help to alleviate network bottlenecks. For example, the consensus process described includes converting a transaction request into a number of erase code (EC) blocks according to an EC code and sending one of the EC blocks to each of the network nodes. The EC block is smaller in size than the original transaction request. Thus, sending the EC block, instead of the complete transaction request to the network nodes, reduces the size of the data blocks that are transmitted between the network nodes of the trust protocol network,
Petition 870190068052, of 07/18/2019, p. 101/212
6/89 thus conserving the network bandwidth and reducing the network load. This further reduces the size of the data that is written to and read from the memory space of the network nodes, thereby reducing the load on the memory space of the network nodes and improving the efficiency of the generally trusted protocol system.
[022] In addition, this specification describes a period change process that includes assigning respective weights to multiple phases of the consensus process, determining a weight sum based on the respective weights of the multiple phases and determining a new primary node with based on the sum of weight. The period change process based on the sum of weight instead of a round robin method can facilitate the choice of a new primary node that is not defective in a timely manner. Unlike the circular method, the period change process in the present specification depends on the weight sum to select the new primary node, which can reduce latency or delay in locating the new primary node that is not defective. This can further improve the efficiency of the general trust protocol system in providing trust protocol services.
[023] In addition, this specification discusses a recovery process that includes operations such as sending a status request message through a network node that applies to be a new primary node and receiving status response messages from other network nodes. These operations are performed in such a way that the defective network node recovery process does not interfere with the normal operation of the consensus process among the other non-defective network nodes. This facilitates the conservation of computing and network characteristics to recover the defective network node, reducing the complexity of the recovery process.
Petition 870190068052, of 07/18/2019, p. 102/212
7/89 [024] It is recognized that the methods according to the present specification can include any combination of the aspects and characteristics described here. That is, the methods according to the present specification are not limited to the combinations of aspects and characteristics specifically described here, but also include any combination of the aspects and characteristics provided.
[025] Details of one or more embodiments of this specification are presented in the attached figures and in the description below. Other characteristics and advantages of this specification will be evident from the description and figures, and from the claims.
Description of the Figures [026] Figure 1 represents an example of an environment that can be used to execute embodiments of this specification.
[027] Figure 2 represents an example of a conceptual architecture according to the embodiments of this specification.
[028] Figure 3 represents an example of a consensus process that can be carried out according to embodiments of this specification.
[029] Figure 4 represents an example of a consensus process that can be carried out according to embodiments of this specification.
[030] Figure 5 represents an example of a summary tree according to the embodiments of this specification.
[031] Figure 6 represents an example of messages that are communicated between network nodes of a distributed system according to the embodiments of this specification.
Petition 870190068052, of 07/18/2019, p. 103/212
8/89 [032] Figure 7 represents an example of a process for making a change to a primary node in a distributed system according to the embodiments of this specification.
[033] Figure 8 represents an example of a process for making a change to a primary node in a distributed system according to the embodiments of this specification.
[034] Figure 9 represents an example of messages that are communicated between network nodes of a distributed system according to the embodiments of this specification.
[035] Figure 10 represents an example of a process for carrying out a recovery process for a network node in a distributed system according to the embodiments of this specification.
[036] Figure 11 represents an example of a process for carrying out a recovery process for a network node in a distributed system according to the embodiments of this specification.
[037] Figure 12 represents an example of messages that are communicated between network nodes of a distributed system according to the embodiments of this specification.
[038] Figure 13 represents an example of a diagram that illustrates modules of a consensus apparatus, according to an embodiment of the present specification.
[039] Figure 14 represents an example of a diagram illustrating modules of a consensus apparatus, according to an embodiment of the present specification.
[040] Figure 15 represents an example of a diagram that illustrates modules of a primary node changing apparatus, according to an embodiment of this specification.
[041] Figure 16 represents an example of a diagram that
Petition 870190068052, of 07/18/2019, p. 104/212
9/89 illustrates modules of a primary node change apparatus, according to an embodiment of this specification.
[042] Figure 17 represents an example of a diagram that illustrates modules of a recovery device, according to an embodiment of this specification.
[043] Same reference symbols in the various figures indicate identical elements.
Detailed Description [044] The embodiments of this specification include methods implemented by computer to address consensus issues in a distributed system (for example, a trusted protocol network). More particularly, the embodiments of the present specification are intended to carry out a recovery process for a network node in a distributed system.
[045] In some embodiments, actions include: transmitting a status request message to a number of trust protocol network nodes through a trust protocol network node, where the trust node network must retrieve a target transaction from a target sequence number; receiving a number of status response messages by the network node from the number of network nodes, each of the number of status response messages including a sequence number; identifying the target sequence number by the network node based on the same sequence number in response to the determination that a number of status response messages exceeds a predetermined threshold, where each of the number of status messages includes the same number of sequence; send a requesting message to the plurality of network nodes by the network node, where the requesting message requests an ECO message from each of the number of network nodes
Petition 870190068052, of 07/18/2019, p. 105/212
10/89 network, where the ECO message is a message transmitted by each of the number of network nodes to reach a consensus between the number of network nodes in the target transaction having the target sequence number, and the ECO message includes a part of the target transaction and a signature from each of the plurality of network nodes; receiving a number of ECO messages by the network node from the plurality of network nodes; determining a quantity of valid ECO messages from the plurality of ECO messages by the network node, each of the quantity of valid ECO messages including the target sequence number; retrieving the target transaction having the same sequence number on the network node based on the number of valid ECO messages in response to the determination that the number of valid ECO messages exceeds a predetermined threshold; send a message to the plurality of network nodes by the network node, indicating that the network node has been recovered.
[046] To provide an additional context for embodiments of this specification, and as introduced above, distributed accounting systems (DLSs), which can also be referred to as consensus networks (for example, formed by us point by point) point) or trust protocol networks, allow participating entities to carry out transactions in a secure and immutable way and store data. The term trust protocol is used here to refer generally to a DLS without reference to any particular use case. As shown above, a trust protocol network can be provided as a public trust protocol network, a private trust protocol network, or a consortium trust network.
[047] A trust protocol is a data structure that stores transactions in order to allow future transactions to be checked for consistency with all previous transactions
Petition 870190068052, of 07/18/2019, p. 106/212
11/89 stored in the chain. A trust protocol includes one or more blocks. Each block in the chain is linked to a previous block immediately before it in the chain, including a cryptographic summary of the previous block. Each block also includes a time stamp, its own cryptographic summary and one or more transactions. The transactions, which have already been verified by the trust protocol network nodes, are summarized and encoded in a Merkle tree. A Merkle tree is a data structure in which the data in the leaf nodes of the tree are summarized and all summaries in each branch of the tree are concatenated at the root of the branch. This process continues up the tree to the root of the entire tree, which stores a summary that is representative of all the data in the tree. A summary of a transaction supposedly stored in the tree can be checked quickly by determining if it is consistent with the structure of the tree.
[048] While a trust protocol is a data structure for storing transactions, a trust protocol network is a network of computing nodes that manages, updates and maintains one or more trust protocol structures. As shown above, a trust protocol network can be provided as a public trust protocol network, a private trust protocol network, or a consortium trust network.
[049] In a public trust protocol network, the consensus process is controlled by nodes in the consensus network. For example, hundreds, thousands and even millions of entities can cooperate in a public trust protocol network, each operating at least one node in the public trust protocol network. Thus, the public trust protocol network can be considered a public network in relation to the participating entities. In some examples, most entities (nodes) must sign each block for the block to be valid and added to the protocol
Petition 870190068052, of 07/18/2019, p. 107/212
12/89 confidence (distributed ledger) of the trust protocol network. Examples of public trust protocol networks include private point-to-point payment networks that leverage a distributed ledger, known as a trust protocol. As noted above, the term trust protocol, however, is used to generally refer to ledgers distributed without particular reference to any particular trust protocol network.
[050] In general, a public trust protocol network supports public transactions. A public transaction is shared with all nodes within the public trust protocol network and is stored in a global trust protocol. A global trust protocol is a trust protocol that is replicated on all nodes. That is, all nodes are in a perfect state of consensus regarding the global trust protocol. To reach a consensus (for example, I agree to add a block to a trust protocol), a consensus protocol is implemented in the public trust protocol network. Examples of consensus protocols include, without limitation, proof of work (POW), proof of participation (POS) and proof of authority (POA). POW is also referred to here as a non-limiting example.
[051] In general, a private trusted protocol network is provided for a specific entity, which centrally controls read and write permissions. The entity controls which nodes are able to participate in the trust protocol network, so private trust protocol networks are often called permission networks that place restrictions on who can participate in the network and their level of participation (e.g. certain transactions only). Various types of access control mechanisms can be used (for example, existing participants vote to add new entities, an authority
Petition 870190068052, of 07/18/2019, p. 108/212
13/89 regulator can control admission).
[052] In general, a consortium trust protocol network is private between participating entities. In a consortium trust protocol network, the consensus process is controlled by an authorized set of nodes, one or more nodes being operated by a respective entity (for example, a financial institution, insurance company). For example, a consortium of ten (10) entities (for example, financial institutions, insurance companies) may operate a consortium trust protocol network, each operating at least one node in the consortium's trust protocol network. In this sense, the consortium trust protocol network can be considered a private network in relation to the participating entities. In some examples, each entity (node) must sign all blocks for the block to be valid and added to the trust protocol. In some examples, at least a subset of entities (nodes) (for example, at least 7 entities) must sign all blocks for the block to be valid and added to the trust protocol.
[053] The embodiments of this specification are described in more detail here with reference to a consortium trust protocol network. It is contemplated, however, that the embodiments of this specification can be carried out in any appropriate type of trust protocol network.
[054] The embodiments of this specification are described in greater detail here in view of the above context. More particularly, and as presented above, the embodiments of the present specification are intended to carry out a recovery process for a network node in a distributed system.
[055] A trust protocol is a tamper-proof shared digital ledger that records transactions on a network
Petition 870190068052, of 07/18/2019, p. 109/212
14/89 point to point public or private. The ledger is distributed to all network member nodes and the history of asset transactions occurring on the network is permanently recorded in the block.
[056] Consensus mechanisms ensure that all network nodes in a distributed trust protocol network execute transactions in the same order and then write to the same ledgers. One issue that consensus models are intended to address is overcoming the Byzantine flaws. In a Byzantine fault, a component such as a server or a network node in a distributed trust protocol network can appear inconsistently both with failure and functioning for fault detection systems, presenting different symptoms for different observers. It is difficult for other network nodes to declare that it has failed and to disconnect it from the network, because they must first reach a consensus on which network node failed in the first place.
[057] In the context of distributed systems, Byzantine fault tolerance (BFT) is the ability of a distributed computer network to function as desired and to reach a sufficient consensus correctly despite malicious components (that is, network nodes of a network). trust protocol network) of the system fail or propagate incorrect information to other points. The objective is to defend against catastrophic system failures, mitigating the influence that these malicious nodes have on the correct functioning of the network and the correct consensus that is reached by honest nodes in the system.
[058] However, existing BFT mechanisms have proven to be inefficient in many ways. For example, existing BFT mechanisms have added implementation complexity to the distributed trust protocol network when trying to overcome Byzantine failures, so that latency is increased for communication between network nodes in the network.
Petition 870190068052, of 07/18/2019, p. 110/212
15/89 distributed trust protocol. Practical Byzantine Fault Tolerance (PBFT) is one of the optimizations that aims to improve the existing BFT consensus mechanisms. The PBFT model focuses on providing a practical Byzantine state machine replication that tolerates Byzantine failures (malicious nodes) by assuming that there are independent node failures and manipulated messages that are propagated by specific, independent nodes.
[059] In the PBFT model, all nodes are ordered in a sequence, with one node being the primary node (leader) and the others referred to as the backup nodes. All nodes within the system communicate with each other and the goal is for most honest nodes to agree on the state of the system. The nodes communicate with each other and not only need to prove that the messages came from a specific point node, but they also need to verify that the message has not been modified during transmission.
[060] For the PBFT model to work, it is assumed that the number of malicious nodes in the network cannot simultaneously equal or exceed 1/3 of the general nodes in the system in a given vulnerability window. The more nodes in the system, then the more mathematically it is unlikely that a number that approaches 1/3 of the general nodes will be maligned. The algorithm effectively provides both liveliness and security, provided that at most (n-1) / 3 nodes are malicious or defective at the same time, where n represents the total nodes.
[061] Each PBFT consensus round (called views) includes 4 phases:
(1) A customer sends a request to the leader node to invoke a service operation;
(2) The leader node multicast the request to the copy nodes
Petition 870190068052, of 07/18/2019, p. 111/212
16/89 security;
(3) The nodes execute the request and then send a response to the customer; and (4) The client waits for f + 1 (f represents the maximum number of nodes that may be defective) responses from different nodes with the same result.
[062] The end result is that all honest nodes reach an agreement on the order of registration and they accept or reject it. The leader node is changed in a circular scheme during each view and can even be replaced by a protocol called view change if a specific amount of time has passed without the leader node multicasting the request. Most honest nodes can also decide if a leader is defective and remove them with the next leader in the queue as the replacement.
[063] However, there are some limitations to the PBFT consensus mechanism. For example, the PBFT model can work well in its classic form, with relatively small consensus group sizes, due to the large amount of communication that is required between nodes. Bulky block data that is transmitted between network nodes causes a network load problem and leads to a network bottleneck. In addition, the use of method authentication codes (MAC) as the format for authentication messages in the PBFT model can be inefficient with the amount of communication required between nodes in large consensus groups, such as cryptocurrency networks and with MACs. There may be an inherent inability to prove the authenticity of messages to third parties.
[064] Furthermore, finding consecutive malicious nodes when changing the leader node using a circular method used by PBFT affects the trust protocol service, introducing latency or delay in
Petition 870190068052, of 07/18/2019, p. 112/212
17/89 locating a leading node that is honest. For example, when selecting a first network node as the new leader node, the first network node can be a malicious node, so it cannot be selected as the new leader node. In a circular method, a second network node on the line can be selected as the new leader node. However, if the second network node is also a malicious node, another network node on the line will be checked to see if it is suitable to be the leading node. This process continues until a new honest leader is identified. This frequent change of the leader node introduces significant latency in trusted protocol services.
[065] In addition, network nodes in a trusted protocol network can experience Byzantine failures or collapse failures at any time. For example, a network node can be compromised by a malicious cyber attacker and behave incorrectly. If network nodes that are compromised are not recovered immediately, the malicious cyber attacker can compromise the trusted protocol network and services by corrupting more than 1/3 of the network nodes undetected.
[066] To address the issues and concerns described above associated with existing BFT consensus mechanisms and the PBFT consensus mechanism, this specification discloses improved consensus mechanisms including techniques for achieving consensus between network nodes in a distributed system , performing a primary node change on a distributed system and performing a recovery process for a network node on a distributed system. The consensus mechanisms described can achieve several advantages in different applications.
[067] For example, the consensus process, as discussed below, includes many features that improve the operations of the
Petition 870190068052, of 07/18/2019, p. 113/212
18/89 trust protocol and help to relieve network bottlenecks. For example, the consensus process described includes converting a transaction request into a number of erase code (EC) blocks according to an EC code and sending one of the EC blocks to each of the network nodes. The EC block is smaller in size than the original transaction request. Thus, sending the EC block, instead of the complete transaction request to the network nodes, reduces the size of the data blocks that are transmitted between the network nodes of the trust protocol network, thus conserving the bandwidth network and reducing the network load. This further reduces the size of the data that is written to and read from the memory space of the network nodes, thereby reducing the load on the memory space of the network nodes and improving the efficiency of the generally trusted protocol system.
[068] In addition, this specification describes a period change process that includes assigning respective weights to multiple phases of the consensus process, determining a weight sum based on the respective weights of the multiple phases and determining a new primary node with based on the sum of weight. The period change process based on the sum of weight, instead of a circular method, can facilitate the choice of a new primary node that is not defective in a timely manner. A primary node can be a leader node that has the authority to initiate a round of consensus process between several network nodes, including the primary node. The other network nodes in the trust protocol network can be referred to as backup nodes. The period change process can help address the circular method problem that causes a frequent change from the primary node when multiple network nodes on the line to the new primary node are defective. Unlike the circular method, the process of changing the period, in this specification, depends on the sum of
Petition 870190068052, of 07/18/2019, p. 114/212
19/89 weight to select the new primary node, which can reduce latency or delay in locating the new primary node that is not defective. This can further improve the efficiency of the general trust protocol system in providing trust protocol services.
[069] In addition, this specification discusses a recovery process that includes operations such as sending a status request message through a network node that applies to be a new primary node and receiving status response messages from others network nodes. These operations are performed in such a way that the defective network node recovery process does not interfere with the normal operation of the consensus process among the other non-defective network nodes. This facilitates the conservation of computing and network characteristics to recover the failed network node, reducing the complexity of the recovery process.
[070] Figure 1 represents an example of an environment (100) that can be used to execute the embodiments of this specification. In some examples, the environment (100) allows entities to participate in a consortium trust protocol network (102). The environment (100) includes computing devices or systems (106, 108) and a network (110). In some examples, the network (110) includes a local area network (LAN), wide area network (WAN), the Internet or a combination of them, and connects web sites, user devices (for example, computing devices ) and secondary systems (back-end). In some examples, the network (110) can be accessed via a wired and / or wireless communication connection. In some instances, the network (110) allows communication with, and within the consortium trust protocol network (102). In general, the network (110) represents one or more communication networks. In some cases, the computing devices (106, 108) may be nodes of a cloud computing system (not shown) or they may each
Petition 870190068052, of 07/18/2019, p. 115/212
20/89 computing device (106, 108), be a separate cloud computing system including a plurality of computers interconnected by a network and functioning as a distributed processing system.
[071] In the example shown, the computing systems (106, 108) can each include any appropriate computing system that allows participation as a node in the consortium trust protocol network (102). Examples of computing devices include, without limitation, a server, a desktop computer, a portable computer, a tablet computing device and a smart phone. In some instances, computer systems (106, 108) host one or more services implemented per computer to interact with the consortium trust protocol network (102). For example, the computing system (106) can host computer-implemented services from a first entity (for example, user A), such as a transaction management system that the first entity uses to manage its transactions with one or more others entities (for example, other users). The computing system (108) can host computer-implemented services from a second entity (for example, user B), such as the transaction management system that the second entity uses to manage its transactions with one or more other entities (for example , other users). In the example in Figure 1, the consortium trust protocol network (102) is represented as a network of point-to-point nodes, and the computing systems (106, 108) provide nodes of the first entity and second entity, respectively, which participate in the consortium trust protocol network (102).
[072] Figure 2 represents an example of conceptual architecture (200) according to embodiments of this specification. The example of a conceptual architecture (200) includes the systems
Petition 870190068052, of 07/18/2019, p. 116/212
21/89 participants (202, 204, 206) that correspond to Participant (A), Participant (B) and Participant (C), respectively. Each participant (for example, user, company) participates in a trust protocol network (212) provided as a point-to-point network including a plurality of nodes (214), at least some of which record information immutably in a protocol of trust (216). Although a single trust protocol (216) is schematically represented within the trust protocol network (212), multiple copies of the trust protocol (216) are provided, and are maintained through the trust protocol network (212), as described in more detail here.
[073] In the example shown, each participating system (202, 204, 206) is provided by, or on behalf of Participant (A), Participant (B) and Participant (C), respectively, and functions as a respective node (214 ) within the trust protocol network. As used herein, a node generally refers to an individual system (e.g., computer, server) that is connected to the trust protocol network (212) and allows a respective participant to participate in the trust protocol network. In the example in Figure 2, one participant corresponds to each node (214). It is contemplated, however, that a participant can operate multiple nodes (214) within the trust protocol network (212), and / or multiple participants can share a node (214). In some examples, participating systems (202, 204, 206) communicate with or through the trust protocol network (212) using a protocol (for example, secure hypertext transfer protocol (HTTPS)) and / or using remote procedure calls (RPCs).
[074] Nodes (214) can have different degrees of participation within the trust protocol network (212). For example, some nodes (214) may participate in the consensus process (for example, as
Petition 870190068052, of 07/18/2019, p. 117/212
22/89 inspection that add blocks to the trust protocol (216), while other nodes (214) do not participate in the consensus process. As another example, some nodes (214) store a complete copy of the trust protocol (216), while other nodes (214) only store copies of parts of the trust protocol (216). For example, data access privileges can limit the trust protocol data that a respective Participant stores within its respective system. In the example of Figure 2, the participating systems (202, 204, 206) store their respective complete copies (216 ’, 216”, 216 ”’) of the trust protocol (216).
[075] A trust protocol (for example, the trust protocol (216) in Figure 2) consists of a chain of blocks, each block storing data. Examples of data include transaction data representative of a transaction between two or more participants. Although transactions are used here as non-limiting examples, it is contemplated that any appropriate data can be stored in a trust protocol (for example, documents, images, videos, audio). Examples of transactions may include, without limitation, exchanges of something of value (for example, assets, products, services and currency). The transaction data is stored immutably within the trust protocol. That is, the transaction data cannot be changed.
[076] Before storing in a block, the transaction data is summarized. Hashing is a process of transforming the transaction data (provided as sequence data) into a fixed-length summary value (also provided as sequence data). It is not possible to not summarize the summary value to obtain the transaction data. The summary ensures that even a small change in the transaction data results in a completely different summary value. In addition, and as noted above, the summary value is fixed in length. Or
Petition 870190068052, of 07/18/2019, p. 118/212
That is, no matter the size of the transaction data, the length of the summary value is fixed. The summary includes processing the transaction data through a summary function to generate the summary value. An example of a summary function includes, without limitation, the secure summary (SHA) -256 algorithm, which produces 256-bit summary values.
[077] Transaction data from multiple transactions is summarized and stored in one block. For example, summary values for two transactions are provided and are themselves summarized to provide another summary. This process is repeated until, in order for all transactions to be stored in one block, a single summary value is provided. This summary value is referred to as a Merkle root summary and is stored in a block header. A change in any of the transactions will result in changes in its summary value and, ultimately, a change in the Merkle root summary.
[078] Blocks are added to the trust protocol through a consensus protocol. Multiple nodes within the trust protocol network participate in the consensus protocol and compete to have a block added to the trust protocol. These nodes are referred to as miners (or inspection nodes). POW, introduced above, is used as a non-limiting example.
[079] Mining nodes perform the consensus process to add transactions to the trust protocol. Although multiple mining nodes participate in the consensus process, only one mining node can write the block to the trust protocol. In other words, mining nodes compete in the consensus process to have their block added to the trust protocol. In more detail, a mining node periodically collects pending transactions from a transaction grouping (for example, up to a predefined limit on the number of transactions that can be
Petition 870190068052, of 07/18/2019, p. 119/212
24/89 included in a block, if any). The transaction grouping includes transaction messages from participants in the trust protocol network. The mining node builds a block and adds transactions to the block. Before adding transactions to the block, the mining node checks whether any of the transactions are already included in a block of the trust protocol. If a transaction is already included in another block, the transaction will be discarded.
[080] The mining node generates a block header, summarizes all transactions in the block and combines the summary value in pairs to generate more summary values until a single summary value is provided for all transactions in the block (the summary Merkle root). This summary is added to the block header. The miner also determines the summary value of the most recent block in the trust protocol (that is, the last block added to the trust protocol). The mining node also adds a random value (nonce) and a time stamp to the block header. In a mining process, the mining node tries to find a summary value that meets the required parameters. The mining node continues to change the random value until it finds a summary value that meets the necessary parameters.
[081] Each miner in the trust protocol network tries to find a summary value that meets the necessary parameters and thus competes with each other. Eventually, one of the mining nodes finds a summary value that meets the required parameters and announces this to all other mining nodes in the trust protocol network. The other mining nodes verify the summary value and, if determined to be correct, verify each transaction in the block, accept the block and attach the block to its copy of the trust protocol. In this way, a global state of the trust protocol is consistent across all mining nodes within the trust protocol network. The above process
Petition 870190068052, of 07/18/2019, p. 120/212
25/89 described is the POW consensus protocol.
[082] A non-limitative example is provided with reference to Figure 2. In this example, Participant (A) wishes to send a fund amount to Participant (B). Participant (A) generates a transaction message (for example, including the From, To and Value fields) and sends the transaction message to the trust protocol network, which adds the transaction message to a transaction pool. Each mining node in the trust protocol network creates a block and takes all transactions from the transaction pool (for example, up to a predefined limit on the number of transactions that can be added to a block, if any) and adds transactions to the block . In this way, the transaction published by Participant (A) is added to the blocks of the mining nodes.
[083] In some trust protocol networks, encryption is implemented to maintain transaction privacy. For example, if two nodes want to keep a transaction private, so that other nodes in the trust protocol network cannot discern details of the transaction, the nodes can encrypt the transaction data. Examples of cryptographic methods include, without limitation, symmetric encryption and asymmetric encryption. Symmetric encryption refers to an encryption process that uses a single key for encryption (generation of cipher text from clear text) and decryption (generation of clear text from cipher text). In symmetric encryption, the same key is available for multiple nodes, so each node can encrypt or decrypt the transaction data.
[084] Asymmetric cryptography uses key pairs that each include a private key and a public key, the private key being known only to a respective node and the public key being known to any or all of the other nodes on the network protocol
Petition 870190068052, of 07/18/2019, p. 121/212
26/89 confidence. A node can use another node's public key to encrypt data, and encrypted data can be decrypted using another node's private key. For example, and referring again to Figure 2, Participant (A) can use Participant (B) 's public key to encrypt data and send the encrypted data to Participant (B). Participant (B) can use his private key to decrypt the encrypted data (encrypted text) and extract the original data (clear text). Messages encrypted with a node's public key can only be decrypted using the node's private key.
[085] Asymmetric cryptography is used to provide digital signatures, which allows participants in a transaction to confirm other participants in the transaction, as well as the validity of the transaction. For example, one node can digitally sign a message and another node can confirm that the message was sent by the node based on the Participant's (A) digital signature. Digital signatures can also be used to ensure that messages are not tampered with in transit. For example, and again referring to Figure 2, Participant (A) must send a message to Participant (B). Participant (A) generates a summary of the message and then, using his private key, encrypts the summary to provide a digital signature as the encrypted summary. Participant (A) attaches the digital signature to the message and sends the message with digital signature to Participant (B). Participant (B) decrypts the digital signature using Participant (A) 's public key and extracts the summary. Participant (B) summarizes the message and compares the summaries. If the abstracts are the same, Participant (B) can confirm that the message was actually from Participant (A) and has not been tampered with.
[086] Figure 3 represents an example of a process (300) for reaching consensus between network nodes (for example, node (214)) of a
Petition 870190068052, of 07/18/2019, p. 122/212
27/89 distributed system (for example, trust protocol network (102) and (212)) that can be executed according to embodiments of the present specification. Specifically, Figure 3 illustrates a diagram showing an exemplary embodiment of a method (300) of reaching consensus in a normal case, according to the present specification. As illustrated in Figure 3, the consensus process (300) includes three phases or steps (310), (320) and (330) as discussed below.
[087] In a first phase (310) of the consensus process (300), a primary node (or a leader node) of the trust protocol network sends a first message to the other network nodes (that is, the backup). The first message indicates that the primary node is starting a consensus process. For example, as illustrated in Figure 3, the primary node (Ro) sends an INITIAL message to other network nodes (Ri, R2 and R3) in the trust protocol network. Note that the process (300) is illustrated as including four network nodes (Ro, R1, R2 and R3) for illustrative purposes only, the process (300) can include any suitable number of network nodes. The first phase and format of the INITIAL message will be discussed below in greater detail with reference to Figures 4 to 6.
[088] In a second phase (320) of the consensus process (300), each of the backup nodes receives the first message that is sent by the primary node, prepares a second message in response to the first message and multicast the second message to 0 another network node. The second message indicates that the backup node received the first message from the primary node and is sending a response in response to the first message. For example, as illustrated in Figure 3, the backup node (R1) receives the INITIAL message that is sent by the primary node (Ro) and responds to the primary node (Ro) with an ECO message as an example of the second message. Meanwhile, the copy node of
Petition 870190068052, of 07/18/2019, p. 123/212
28/89 security (Ri) also multicast the ECO message to other backup nodes, such as backup nodes (R2) and (R3). Likewise, the backup nodes (R2) and (R3) multicast each ECO message to the other network nodes, including the primary node (Ro).
[089] When a network node, for example, as a primary node or a backup node, receives ECO messages from other network nodes, the network node can verify the information in ECO messages. The second phase and format of the ECO message will be discussed below in greater detail with reference to Figures 4 to 6.
[090] In a third phase (330) of the consensus process (300), each of the network nodes multicast a third message to the other network nodes. The third message indicates that a network node has accepted a predetermined number of second messages. In some embodiments, the third message may indicate that the network node is ready to perform the transaction. In some embodiments, the third message may indicate that the transaction has been successfully rebuilt on the network node. For example, as illustrated in Figure 3, the primary node (Ro) multicast an ACCEPT message to the backup nodes (R1, R2 and R3). Likewise, the backup nodes (R1, R2 and R3) multicast each ACCEPT message to the other network nodes. In some embodiments of this specification, before multicasting the ACCEPT message, a network node determines whether 0 ACCEPT is sent according to an erasure code (EC) and the information in the ECO messages is the one received in the second phase. . The third phase, the EC code, and an ACCEPT message format will be discussed below in greater detail with reference to Figures 4 to 6.
[091] When a network node receives ACCEPT messages
Petition 870190068052, of 07/18/2019, p. 124/212
29/89 enough of the other network nodes, the network node determines that a consensus has been reached. For example, if the primary node (Ro) or the backup nodes (Ri, R2 or R3) receive a quorum number (for example, 2f + 1, where f represents a number of faulty network nodes) of ACCEPT messages, a consensus is automatically reached between network nodes.
[092] Figure 4 represents an example of a process (400) for reaching consensus between network nodes (for example, node (214) or nodes (Ro, R1, R2 and R3)) of a distributed system (for example, trust protocol network (102) or (212)) that can be executed according to the embodiments of this specification. In some embodiments, the process (400) can be performed using one or more computer executable programs executed using one or more computing devices. For clarity of presentation, the following description generally describes the method (400) in the context of the other figures in this description. It will be understood that the method (400) can be performed, for example, by any suitable system, environment, software and hardware, or a combination of systems, environments, software and hardware, as appropriate. In some embodiments, several steps of the method (400) can be performed in parallel, in combination, in cycles or in any order.
[093] In the beginning, the process (400) can be implemented in conjunction with the system (100) - (300), as illustrated in Figures 1 to 3. In some embodiments of this specification, the protocol network trust (102) and / or (212) includes a primary node (404) and one or more backup nodes (406). The trust protocol network (102) and / or (212) communicates with the computing system (106) and / or (108), such as, client nodes (402) through the network (110) to provide trust protocol. Each of the client nodes (402), primary node (404) and
Petition 870190068052, of 07/18/2019, p. 125/212
The backup node (406) can be a special purpose computer or other data processing device configured to perform the processes discussed here. For example, the client node (402) can also be referred to as a client terminal or a client device that interacts with a trusted protocol network. The client node (402) can install, for example, a client application or a client software development kit (SDK) in connection with the trust protocol network for access and communication with the trust protocol network. The primary node (404) and one or more backup nodes (406) can also be referred to as consensus nodes or network nodes that obtain consensus and record information immutably on the trust protocol network.
[094] Process (400) starts at (408), where the client node (402) generates a transaction request. In some embodiments of this specification, the transaction request may include a request requesting a trust protocol service from the trust protocol network (102) and / or (212).
[095] In (410), the client node (402) multicast the transaction request to the primary node (404) of the trust protocol network (102) and / or (212). In some embodiments of this specification, the primary node (404) assigns a sequence number to the transaction request to keep track of transaction requests after receiving the transaction request from the customer node (402).
[096] In (412), the primary node (402) generates a number of EC blocks after receiving the transaction request from the customer node (402). In some embodiments of this specification, the primary node (404) generates the number of EC blocks according to an EC code using the transaction request. For example, referring to Figure 5, the primary node (404) applies an EC code (504) to a transaction request
Petition 870190068052, of 07/18/2019, p. 126/212
31/89 (502) and transforms the transaction request (502) into an EC message (506) using the EC code (504). The EC code (504) is an early error correction (FEC) code in the assumption of bit deletions. The EC code (504) transforms the original transaction request (502) into a longer EC message (506), such that the original transaction request (502) can be retrieved from a part or fragment of the EC message (506).
[097] In some embodiments of this specification, the EC code (504) is an almost ideal erasure code, such as a Tornado code or a low density parity check code. In alternative embodiments of this specification, the EC code (504) is an almost ideal source code, such as a source code, an online code, a Luby transformation code (LT), or a raptor code. In alternative embodiments of this specification, the EC code (504) is an ideal erasure code, such as a parity code, a Parchive code, a Reed-Solomon code or a regeneration code. In some embodiments of this specification, the EC code (504) can be any suitable type of erasure code.
[098] After transforming the transaction request (502) into the EC message (506), the primary node (404) generates a number of EC blocks (508) using the EC message (506). For example, as illustrated in Figure 5, the primary node (404) generates four EC blocks (508), EC block (A), EC block (B), EC block (C) and EC block ( D) splitting the EC message (506). Note that EC blocks (508) are shown in Figure 5 as including four blocks for illustrative purposes, EC blocks (508) can be generated as including any suitable number of EC blocks (508). The EC blocks (508) will be sent to the respective copy nodes
Petition 870190068052, of 07/18/2019, p. 127/212
32/89 security (406) within the INITIAL messages.
[099] In some embodiments of this specification, EC blocks (508) are the same size. However, in alternative embodiments, the EC blocks (508) can have sizes that are different from each other.
[0100] In some embodiments of this specification, the primary node (404) generates a summary tree (500) (for example, a Merkle tree) using EC blocks (508). The summary tree (500) includes a number of leaf nodes that are labeled with the summary of data blocks and a number of non-leaf nodes that are labeled with the cryptographic summary of their child node labels. For example, as illustrated in Figure 5, the summary tree (500) is configured to include four leaf nodes (510), summary (A), summary (B), summary (C) and summary (D) that are generated as a cryptographic summary of their respective EC blocks (508), four non-leaf nodes (512) that are generated as a summary of the concatenation of their respective child nodes (510), and a non-leaf node (514) that is generated as a summary of its child nodes (512) and is a root summary of the summary tree (500).
[0101] Summary trees (500) allow efficient and secure verification of the content of large data structures. Summary trees (500) can be used to check any type of data stored, manipulated and transferred on and between computers. They can help to ensure that data blocks received from other points in a P2P network are received undamaged and unchanged, and even to verify that the other points do not send false blocks. The verification of data blocks using the summary tree (500) will be discussed below in greater detail with reference to the following steps in the consensus process (400).
[0102] Referring again to Figure 4, the primary node (404) generates
Petition 870190068052, of 07/18/2019, p. 128/212
33/89 a first message (for example, an INITIAL message) after generating the EC blocks (508) and the summary tree (500). The first message indicates that the primary node is starting a consensus process. In some embodiments, the INITIAL message, as an example of the first message, is generated using the information in the EC blocks (508) and the summary tree (500). In some embodiments of this specification, referring to Figure 6, the INITIAL message has a format of <period, tx_raiz_resumo, ec_bloco_resumo, ec_bloco, seq, j>, where "period" represents a round of consensus in which the message is being sent, “tx_raiz_resumo” represents the root summary (514) in the summary tree (500), “ec_bloco_resumo” represents the summaries (510) and / or (512) in the summary tree (500), “ec_bloco” represents the EC blocks (508) in the summary tree (500), “seq” represents the sequence number associated with the transaction request (502) and “j” represents the network node that generates and sends the INITIAL message. In some embodiments, the INITIAL message can take a different format, for example, including additional or different fields.
[0103] Referring again to Figure 4, in (416), in the first phase of the consensus process, the primary node (404) multicast the INITIAL message to the other network nodes (for example, backup nodes (406)). In some embodiments, the INITIAL messages that are sent to the backup nodes (406) have a format of <period, tx_raiz_resumo, ec_bloco_resumo, ec_bloco, seq, j>. For example, the primary node (404) can send a first INITIAL message <period 1, ABCD Summary, {Summary B, Summary C, Summary D}, EC block A, 1.0> to a first backup node (406) and a second INITIAL message <period 1, ABCD Digest, {Digest A, Digest C, Digest D}, EC block B, 1.0> to a second backup node (406), and so on
Petition 870190068052, of 07/18/2019, p. 129/212
34/89 on. Note that the information in the INITIAL message, such as "ec_bloco", can be used with "ec_bloco_resumo" to reconstruct the summary tree (500). For example, in the first INITIAL message <period 1, ABCD Summary, {Summary B, Summary C, Summary D}, EC block A, 1.0>, the EC block (508) “EC block A” can be summary to generate a cryptographic summary (510) “Summary A”, which is later used with the other summaries (510) “{Summary B, Summary C, Summary D}” to reconstruct the summary tree (500). The reconstructed summary tree (500) will be used to check ECO messages, as discussed in more detail below with reference to the following steps in the consensus process.
[0104] In (418), each of the backup nodes (406) generates a second message (for example, an ECO message) in the second phase of the consensus process after receiving the INITIAL message from the primary node ( 404). The second message indicates that the backup node received the first message from the primary node. The second message is sent as a reply in response to the first message. In some embodiments of this specification, the ECO message is generated by a backup node (406) as including the INITIAL message or a part of the INITIAL message and a signature of the backup node (406) associated with the INITIAL message. For example, the backup node (406) can generate the signature by signing the INITIAL message or a compilation of the INITIAL message using a private key. The private key signature can be used by other network nodes using a public key paired with the private key to authenticate the ECO message that includes the private key signature.
[0105] In some embodiments of this specification, referring to Figure 6, the ECO message has a format of
Petition 870190068052, of 07/18/2019, p. 130/212
35/89 <period, tx_raiz_resumo, ec_bloco_resumo, ec_bloco, seq, signature_prova, j>, where "period" represents a round of consensus in which the message is being sent, "tx_raiz_resumo" represents the root summary (514) in the tree of summary (500), “ec_bloco_resumo” represents the summaries (510) and / or (512) in the summary tree (500), “ec_bloco” represents the EC blocks (508) in the summary tree (500) that are received by respective backup nodes (406), “seq” represents the sequence number associated with the transaction request (502), “signature_prove” represents the signature of the backup nodes (406) associated with the INITIAL messages, and “j ”Represents the network node that generates and sends the ECO message. In some embodiments, the ECO message may have a different format, for example, including additional or different fields.
[0106] Referring again to Figure 4, at (420), the backup nodes (406) send the ECO messages to the primary node (404). In (421), each of the backup nodes (406) sends the ECO messages to the other backup nodes (406). At (423), each of the backup nodes (406) can receive ECO messages from the other backup nodes (406).
[0107] In (422), the primary node (404) checks the ECO messages that are sent by the backup nodes (406). In some embodiments of this specification, the primary node (404) checks whether the ECO messages are valid according to the summary tree (500). For example, the primary node (404) can receive a first ECO message <period 1, ABCD Digest, {Digest B, Digest C, Digest D}, EC block A, 1, 1> from a first backup node (406). The primary node (404) can retrieve the EC block (508) "EC A block" from the message and summarize it to generate a cryptographic summary (510) "Summary A." The primary node (404) also uses the generated summary (510) “Summary A” with the other summaries
Petition 870190068052, of 07/18/2019, p. 131/212
36/89 (510) “{Summary B, Summary C, Summary D}” in the message to reconstruct the summary tree (500). Then, the primary node (404) determines the root summary (514) of the reconstructed summary tree (500) and compares it with the root summary (514) in the ECO message, such as "ABCD Summary". If the two root summaries (514) match, the primary node (404) determines that the ECO message is valid. The primary node (404) can store the valid ECO messages and discard the ECO messages that are determined to be invalid.
[0108] In (424), the primary node (404) determines whether a number of valid ECO messages exceed a predetermined threshold. In some embodiments of this specification, the primary node (404) determines whether the number of valid ECO messages reaches a quorum number nf or 2f + 1, where n is the total number of network nodes and f is the maximum number of failed nodes that the network can tolerate.
[0109] In (426), the primary node (404) reconstructs the transaction request (502) in response to the determination that the number of valid ECO messages reaches the quorum number. In some embodiments of this specification, the primary node (404) reconstructs the transaction request (502) based on at least a subset of valid ECO messages according to the EC code. For example, the primary node (404) can retrieve an amount of n-2f or f + 1 from the EC blocks (508) that are in the quorum number (for example, nf or 2f + 1) of valid ECO messages, and use the recovered EC blocks (508) to reconstruct the transaction request (502) according to the EC code (504).
[0110] In (428), in the third phase of the consensus process, the primary node (404) generates a third message (for example, an ACCEPT message) in response to the determination that the transaction request (502) has been reconstructed with success. The third message indicates that a network node has accepted a predetermined number of second messages. In some
Petition 870190068052, of 07/18/2019, p. 132/212
37/89 embodiments, the third message may indicate that the network node is ready to perform the transaction. In some embodiments, the third message may indicate that the transaction has been successfully rebuilt on the network node. For example, the ACCEPT message can be used to indicate to other network nodes that the transaction request (502) has been successfully rebuilt. If the primary node (404) fails to rebuild the transaction request (502), the primary node (404) may not generate the ACCEPT message.
[0111] In some embodiments of the present specification, referring to Figure 6, the ACCEPT message has a format of <period, tx_raiz_resumo, seq, signature_provas, j>, where "period" represents a round of consensus in which the message is being sent, “tx_raiz_resumo” represents the root summary (514) in the summary tree (500), “seq” represents the sequence number associated with the transaction request (502), “signature_provas” represents a set of signatures in valid ECO messages and “j” represents the network node that generates and sends the ACCEPT message. In some embodiments, the ACCEPT message may take a different format, for example, including additional or different fields.
[0112] Referring again to Figure 4, at (430), the primary node (404) sends the ACCEPT message to the backup nodes (406).
[0113] Similar to the primary node (404), each of the backup nodes (406) can reconstruct the transaction request, for example, by performing steps similar to steps (422) - (428) as the primary node (404 ). At (432), each of the backup nodes (406) generates an ACCEPT message in response to the determination that the transaction request (502) has been successfully reconstructed by the backup node (406). In some embodiments, the primary node (404) and the copy node
Petition 870190068052, of 07/18/2019, p. 133/212
Security 38/89 (406) can perform steps (422) - (428) in a parallel manner, for example, as shown in Figure 3 [0114] In (434), the backup nodes (406) send ACCEPT messages to the primary node (404). However, each of the backup nodes (406) can send the ACCEPT messages to the other backup nodes (406).
[0115] In (436), the primary node (404) executes the transaction request (502) in response to the determination that a quantity of ACCEPT messages exceeds a predetermined threshold. In some embodiments of this specification, the primary node (404) determines whether the ACCEPT messages received are identical and whether a number of ACCEPT messages that are identical reaches a quorum number (for example, 2f + 1). If the number of identical ACCEPT messages reaches the quorum number, the primary node (404) determines that a consensus has been reached between all network nodes and then executes the transaction request (502) locally. In some embodiments of this specification, if the primary node (404) determines that the number of ACCEPT messages that are identical does not reach the quorum number, the primary node (404) determines that a consensus has not been reached among all network nodes and then refrain from executing the transaction request (502).
[0116] In some embodiments of this specification, each of the backup nodes (406) can perform the same operations that are performed by the primary node (404), as described above in (436), before executing the transaction request (502). If a backup node (406) determines that the ACCEPT messages it receives exceed a predetermined threshold, the backup node (406) determines that a consensus has been reached between the network nodes and performs the
Petition 870190068052, of 07/18/2019, p. 134/212
39/89 transaction request (502) locally. In some embodiments of this specification, if the backup node (406) determines that the number of ACCEPT messages that are identical does not reach the quorum number, the backup node (406) determines that it was not consensus was reached among all network nodes and then refrains from executing the transaction request (502).
[0117] In (438), the primary node (404) sends a transaction result to the customer node (402) after executing the transaction request (502). Backup nodes (406) that successfully executed the transaction request (502) locally can also send their respective transaction results to the client node (402).
[0118] The consensus process, as discussed above, includes many features that improve the operation of the entire trust protocol system and help to alleviate network bottlenecks. For example, the consensus process in this specification includes generating a number of EC blocks according to an EC code using a transaction request and sending one of the EC blocks to each of the network nodes. The EC block is smaller in size than the original transaction request. Therefore, sending the EC block instead of the transaction request to the network nodes reduces the size of the data blocks that are transmitted between the network nodes of the trust protocol network, thereby conserving the network bandwidth and reducing the network bandwidth. the network load. This further reduces the size of the data that is written to and read from the memory space of the network nodes, thereby reducing the load on the memory space of the network nodes and improving the efficiency of the generally trusted protocol system.
[0119] During the consensus process, backup nodes are waiting for a request from the primary node. However, the
Petition 870190068052, of 07/18/2019, p. 135/212
40/89 primary can encounter a Byzantine fault or a collapse fault so that the primary node cannot transmit the request within a predetermined time window. When a specific amount of time has passed without the primary node multicasting the request, a new primary node may need to be chosen to prevent backup nodes from waiting indefinitely for requests to be executed.
[0120] Figure 7 represents an example of a process (700) for making a change to a primary node (for example, node (214) or (404)) of a distributed system (for example, trust protocol network ( 102) and (212)) that can be executed according to the embodiments of this specification. Specifically, Figure 7 illustrates a diagram showing an exemplary embodiment of a method (700) of making a change to a primary node, according to the present specification. In some embodiments, a primary node is associated with a period that includes a consensus process with the primary node being the leader. A change in a primary node can result in a period change.
[0121] In some embodiments, in response to the determination that a primary node for a current period needs to be changed, a trust protocol backup node sends a first message to the other network nodes. The first message indicates that the backup node would like to be a new primary node in a new period. For example, as illustrated in Figure 7, the backup node (Ro) sends a CHANGE_ PERIOD message to the other network nodes (Ri, R2 and R3) in the trust protocol network in response to which the backup node safety (Ro) determines that a current primary node is defective and that a period change needs to be performed. The PERIOD_CHANGE message is an example of the first message indicating that the backup node (Ro) applies to be the new node
Petition 870190068052, of 07/18/2019, p. 136/212
41/89 primary. The period change can cause a change from a current period with a current primary node to a new period with a new primary node. Note that process (700) is illustrated as implemented in conjunction with four network nodes for illustrative purposes only. The process (700) can be implemented in conjunction with any suitable number of network nodes.
[0122] Then, each of the network nodes receives the first message that is sent by the backup node, prepares a second message in response to the first message and multicast the second message to the other network nodes. For example, as illustrated in Figure 7, the network node (Ri) receives the PERIOD_Change message that is sent by the backup node (Ro) and responds to the backup node (Ro) with a NEW_PERIOD message indicating a confirmation that the backup node (Ro) can become the new primary node. Meanwhile, the network node (Ri) also multicast the NEW_PERIOD message to the other network nodes, such as the network nodes (R2) and (R3). Likewise, the network nodes (R2) and (R3) each multicast a NEW_PERIOD message to the other network nodes.
[0123] The period change process as discussed above, a message format PERIOD_Change, and a message format NEW_PERIOD will be discussed below in greater detail with reference to Figures 8-9.
[0124] Figure 8 represents an example of a process (800) to perform a change of a primary node in a distribution system (for example, trust protocol network (102) or (212)) that can be performed according to the embodiments of this specification. In some embodiments, the example process (800) can be performed using one or more computer executable programs
Petition 870190068052, of 07/18/2019, p. 137/212
42/89 executed using one or more computing devices. For clarity of presentation, the following description generally describes the method (800) in the context of the other figures in this description. It will be understood that method (800) can be performed, for example, by any suitable system, environment, software and hardware, or a combination of systems, environments, software and hardware, as appropriate. In some embodiments, several steps of the method (800) can be performed in parallel, in combination, in cycles or in any order.
[0125] The process (800) starts at (806), where a backup node (802) determines that a period change needs to be performed. The period change discussed here causes a change from a current period with a current primary node to a new period with a new primary node. An example period can include a consensus process (for example, consensus process (300) or (400)) to reach consensus between a number of network nodes using a primary node as discussed above with reference to Figures 3 to 6 .
[0126] In some embodiments of this specification, the backup node (802) determines that a period change needs to be performed in response to the determination that the backup node (802) is still waiting for a current primary node request after a specific amount of time has passed without receiving the current primary node request. For example, the current primary node may encounter a Byzantine fault or a collapse fault, so that the current primary node cannot multicast the request within a predetermined time window. Therefore, the period change is caused by intervals that prevent backup nodes from waiting indefinitely for requests to be performed. The period change process discussed here provides liveliness and reduces network latency,
Petition 870190068052, of 07/18/2019, p. 138/212
43/89 allowing the system to progress when the primary node fails.
[0127] In (808), the backup node (802) determines a respective weight of the backup node (802) associated with each of the phases of the consensus process in the current period. In some embodiments, the consensus process includes three phases as described above with reference to Figures 3 to 6 Weight is a metric for a backup node qualification (802) to be the new primary node in a new period .
[0128] In some embodiments of this specification, the backup node (802) determines a weight of the backup node (802) for a first phase of the consensus process in the current period to be a first value . For example, the backup node (802) can be assigned an initial weight of 10% if the backup node (802) has entered a first phase of the consensus process (for example, the first phase (310 ) of the consensus process (300)). In alternative embodiments of this specification, the backup node (802) can assign any appropriate weight value to the backup node (802) for the first phase of the current consensus process.
[0129] In some embodiments of this specification, the backup node (802) determines a weight of the backup node (802) for a second stage of the consensus process (for example, the first stage ( 320) of the consensus process (300) in the current period based on a quorum verification process. The quorum verification process is carried out by determining whether the backup node (802) receives a predetermined number (for example, 2f + 1) of ECO messages from the other network nodes in the second phase of the consensus process.
[0130] In some embodiments of this specification, if the backup node (802) fails to verify the quorum
Petition 870190068052, of 07/18/2019, p. 139/212
44/89 (for example, the backup node (802) receives an amount of ECO messages that is less than a predetermined threshold), the backup node (802) can determine the weight of the backup node (802) for the second phase of the consensus process to be a first value. If the backup node (802) passes the quorum check (for example, the backup node (802) receives an amount of ECO messages that equals or exceeds a predetermined threshold), the backup node ( 802) can determine the weight of the backup node (802) for the second stage of the consensus process as a second value. In some embodiments of this specification, the second value is determined to be greater than the first value. For example, if the backup node (802) fails to verify the quorum, the backup node (802) can be assigned a zero weight value for the second phase of the consensus process. If the backup node (802) passes the quorum check, the backup node (802) can be assigned a weight value of 45% for the backup node (802) for the second phase consensus process. However, in alternative embodiments of this specification, the backup node (802) can assign any appropriate value to the backup node (802) for the second phase of the consensus process in the current period.
[0131] In some embodiments of this specification, quorum verification also includes verifying that the ECO messages that the backup node (802) receives from the other network nodes during the second phase of the consensus process are valid . For example, the backup node (802) can authenticate private key signatures on ECO messages using a public key to determine whether ECO messages are valid.
[0132] Similar to determining the weight for the second phase, in
Petition 870190068052, of 07/18/2019, p. 140/212
45/89 some embodiments, the backup node (802) determines a weight of the backup node (802) for a third stage of the consensus process (for example, the third stage (330) of the consensus (300)) in the current period based on a quorum verification process. The quorum verification process is carried out by determining whether the backup node (802) receives a predetermined number (for example, 2f + 1) of acceptance messages from the other network nodes in the third phase of the consensus process in the current period . Each acceptance message from other network nodes indicates that each of the other network nodes accepted a predetermined number of ECO messages. The acceptance message can be, for example, the ACCEPT messages described above with reference to the third stage (330) of the consensus process (300).
[0133] In some embodiments of this specification, if the backup node (802) fails to verify the quorum (for example, the backup node (802) receives an ACCEPT message that is less at a predetermined threshold), the backup node (802) can determine the weight of the backup node (802) for the third stage of the consensus process to be a first value. If the backup node (802) passes the quorum check (for example, the backup node (802) receives a number of ACCEPT messages that equal or exceed a predetermined threshold), the backup node ( 802) can determine the weight of the backup node (802) for the third phase of the consensus process as a second value. In some embodiments, the second value is determined to be greater than the first value. For example, if the backup node (802) fails to verify the quorum, the backup node (802) can be assigned a value of zero weight for the backup node (802) for the second stage of the consensus process. If the backup node (802)
Petition 870190068052, of 07/18/2019, p. 141/212
46/89 pass the quorum check, the backup node (802) can be assigned a weight value of 45% for the backup node (802) for the second stage of the consensus process. However, in alternative embodiments of the present specification, the backup node (802) can assign any appropriate value to the backup node (802) for the third phase of the consensus process in the current period.
[0134] In (810), after determining the respective backup node weights (802) for the phases of the consensus process in the current period, the backup node (802) determines a sum of node weight backup (802) for the consensus process based on the respective weights. In some embodiments of this specification, the weight sum is a sum of the respective sums of the backup nodes associated with each of the phases of the consensus process in the current period. For example, if the backup node (802) determined a first backup node weight value (802) for the first phase to be 10%, a second backup node weight value (802 ) for the second phase as being 45% and a third weight value of the backup node (802) for the third phase as being 45%, the backup node (802) determines the weight sum as being 100%. As another example, if the backup node (802) determined a first weight value of the backup node (802) for the first phase to be 10%, a second weight value of the backup node ( 802) for the second phase as being 45% and a third weight value of the backup node (802) for the third phase as being 0, the backup node (802) determines the weight sum as being 55 %.
[0135] At (812), the backup node (802) sends a CHANGE_ PERIOD message to the other network nodes (804) if the
Petition 870190068052, of 07/18/2019, p. 142/212
47/89 backup (802) determines that the weight sum that was determined in (810) reaches or exceeds a predetermined threshold. For example, the backup node (802) may send a CHANGE_ PERIOD message to the other network nodes (804) if the weight sum as determined in (810) reaches 100%. The message PERIOD_CHANGE indicates a request for a change from the current period with the current primary node to the new period, with the backup node being the new primary node.
[0136] In some embodiments of the present specification, referring to Figure 9, the PERIOD_Change message has a format of <weight, period + 1, ECO {}, ACCEPT {}, j>, where "weight" represents the weight sum of the backup node (802) as previously determined in (810) for the consensus process, “period + 1” represents a round of new consensus (that is, a new period) associated with a new node primary, “ECO {}” represents a set of ECO messages that the backup node (802) receives during the second phase of the consensus process, “ACCEPT {}” represents a set of ACCEPT messages that the backup node of security (802) receives during the third phase of the consensus process, and “j” represents the network node (for example, backup node (802)) that generates and sends the PERIOD_Change message. In some embodiments, the PERIOD_Change message may have a different format, for example, including additional or different fields.
[0137] Referring again to Figure 8, at (814), the network nodes (804) other than the backup node (802) check the PERIOD_Change message that is sent by the backup node (802). In some embodiments, each of the network nodes (804) checks whether the PERIOD_Change message is valid by verifying that the weight sum in the PERIOD_Change message is valid. In some embodiments, verify that the weight sum in the PERIOD_Change message is valid
Petition 870190068052, of 07/18/2019, p. 143/212
48/89 includes verifying that the set of signatures in the ECO messages included in the PERIOD_ CHANGE message is valid. For example, each of the network nodes (804) can authenticate the set of private key signatures on ECO messages including the PERIOD_Change message using a public key.
[0138] In (816), each of the network nodes (804) sends a NEW_PERIOD message to the backup node (802) in response to the verification that the PERIOD_CHANGE message sent by the backup node (802) is valid. The NEW_PERIOD message indicates a confirmation that the backup node is the new primary node. For example, the NEW_PERIOD message sent by a network node (804) includes an indication that the network node (804) recognizes that the backup node (802) will become the new primary node in the new period. However, each of the network nodes (804) also sends the NEW_PERIOD message to the other network nodes (804).
[0139] Referring to Figure 9, the message NOVO_PERÍODO is generating as having a format of <period + 1, i, j, seq, ec_compilation>, where "period + 1" represents a round of new consensus (that is, a new period) associated with a new primary node, “i” represents the new primary node in the new period, “j” represents a network node (804) that sends the message NEW_PERIOD and “ec_compilation” represents a compilation of the PERIOD_ CHANGE message. In some embodiments, compiling the PERIOD_Change message includes a summary value for the PERIOD_Change message. In some embodiments, the NEW_PERIOD message may have a different format, for example, including additional or different fields.
[0140] Referring again to Figure 8, in (818), the backup node (802) checks whether the NEW_PERIOD messages that are
Petition 870190068052, of 07/18/2019, p. 144/212
49/89 sent by network nodes (804) are valid. In some embodiments, the backup node (802) checks the NEW_PERIOD messages, verifying whether the compilation of the PERIOD_Change message in the NEW_PERIOD messages is valid. Since the compilation includes information from the PERÍODO_MUDANÇA message, the compilation also includes the signatures in the PERÍODO_MUDANÇA message. The backup node (802) can verify the compilation of the PERIOD_CHANGE message, verifying that the signature set in the PERIOD_CHANGE message is valid.
[0141] In (820), the backup node (802) determines whether a valid NEW_PERIOD message quantity, as determined in (818), exceeds a predetermined threshold. In some embodiments, the predetermined threshold is a quorum number (for example, 2f + 1).
[0142] In (822), the backup node (802) determines that the backup node (802) is the new primary node in the new period in response to the determination that the NEW_PERIOD message quantity is valid, as determined, exceeds the predetermined threshold. Note that each of the network nodes (804) performs the same steps (818) - (822) as the backup node (802), and the network nodes (804) and the backup node (802 ) can perform steps (818) - (822) in a parallel manner. For example, each of the network nodes (804) can check a set of NEW_PERIOD messages that are sent from other network nodes (804), determine whether a number of valid NEW_PERIOD messages exceed a predetermined threshold and determine a new primary node.
[0143] The period change process (for example, process (700) or (800)), as discussed above, includes many features that improve the operation of the entire trust protocol system and
Petition 870190068052, of 07/18/2019, p. 145/212
50/89 help to alleviate the bottleneck in the network. For example, the period change process in this specification includes assigning respective weights to the three phases of the consensus process, determining a weight sum based on the respective weights of the three phases, and determining a new primary node based on the weight sum . The period change process based on the sum of weight, instead of a circular method, can facilitate the choice of a new primary node that is not defective in a timely manner. A circular method can cause a frequent change of the primary node when several network nodes in the line for the new primary node are defective. This significantly affects the trust protocol service, introducing latency or delay in finding a primary node that is not defective. Unlike the circular method, the period change process in the present specification depends on the weight sum to select the new primary node, which can reduce the time in locating the new primary node that is not defective. This can further improve the efficiency of the general trust protocol system in providing trust protocol services.
[0144] During the operation of a trusted protocol network, the execution speed of some network nodes may fall behind that of most network nodes due to network instability, sudden power failure, disk failure and the like . In this scenario, more than 1/3 of the network nodes in the system may fail. BFT provides security and liveliness if less than 1/3 of the network nodes fail during the life of the system. However, these guarantees are insufficient for long-lived systems because the upper limit is likely to be exceeded in the scenario described above. Therefore, a recovery process is desirable that will cause the faulty network nodes to behave correctly again and continue to participate in subsequent consensus processes to allow the
Petition 870190068052, of 07/18/2019, p. 146/212
51/89 system tolerates more than faults during its useful life. In addition, the described recovery process can recover one or more network nodes that are still running a consensus process (for example, the consensus process (300) or (400)) and do not need to wait until consensus is reached between all network nodes. As such, the recovery process described can further reduce system latency and improve the efficiency of the trust protocol network.
[0145] Figure 10 represents an example of a process (1000) to perform a recovery process for a network node (for example, node (214) or (404)) of a distributed system (for example, network protocol) confidence (102) and (212)) that can be executed according to the embodiments of this specification. Specifically, Figure 10 illustrates a diagram showing an exemplary embodiment of a method (1000) of performing a network node recovery process, according to the present specification. As illustrated in Figure 10, the process (1000) includes some phases and steps.
[0146] In a first phase (1010), a network node (for example, network node (Ro)) that would like to retrieve a target transaction with a target sequence number (Ro) multicast a request message from status (for example, ASK_STATE message) for the other network nodes indicating that the network node should be recovered. The status request message can include the target sequence number that the network node (Ro) would like to retrieve. In a second phase (1020), the other network nodes receive the status request message and send a status response message (for example, RESPONSE_ESTATE message) to the network node (Ro). In a third phase (1030), the network node (Ro) sends a request message (for example, EXTRAIR_ECO message) to the other network nodes, requesting an ECO message from each other
Petition 870190068052, of 07/18/2019, p. 147/212
52/89 network nodes. The ECO message can be the same ECO message sent by the respective other network nodes in the second phase (320) of the consensus process (300) as described above with reference to Figures 3 to 6. In a fourth phase (1040), each from the other network nodes it sends an ECO message to the network node (Ro) in response to the EXTRAIR_ECO message. In a fifth phase (1050), the network node (Ro) checks the ECO messages and retrieves the target transaction according to an EC code, for example, according to the example reconstruction techniques as described above with reference to Figure 4. In a sixth phase (1060), the network node (Ro) sends an ACCEPT message to the other network nodes, indicating that the network node has been recovered.
[0147] Note that the process (1000) is illustrated as implemented in conjunction with four network nodes for illustrative purposes only. The process (1000) can be implemented in conjunction with any suitable number of network nodes. The process (1000), a message format ASK_STATE and a message format ANSWER_STATE will be discussed below in greater detail with reference to Figures 11-12.
[0148] Figure 11 represents an example of a process (1100) to perform a recovery process of a network node in a distribution system (for example, trust protocol network (102) or (212)) that can be carried out in accordance with the embodiments of this specification. In some embodiments, the process (1100) can be performed using one or more computer executable programs executed using one or more computing devices. For clarity of presentation, the following description generally describes the method (1100) in the context of the other figures in this description. It will be understood that method (1100) can be executed, for example, by any system,
Petition 870190068052, of 07/18/2019, p. 148/212
53/89 environment, software and hardware, or a combination of systems, environments, software and hardware, as appropriate. In some embodiments, several steps of the method (1100) can be performed in parallel, in combination, in cycles or in any order.
[0149] The process (1100) starts at (1106), where a network node (1102) is multi-broadcasting a status request message to the other network nodes (1104). The status request message includes an indication that the network node (1102) must retrieve a target transaction with a target sequence number. The network node (1102) can be a primary node or a backup node.
[0150] In some embodiments of the present specification, referring to Figure 12, the QUESTION_STATE message, as an example of the status request message, has a format of <j, seq>, where “j” represents a network node (1102) that sends the message ASK_STATE and "seq" represents a higher sequence number or a more recent sequence number for the network node (1102) in the current consensus process. In some embodiments, the ASK_STATE message may have a different format, for example, including additional or different fields.
[0151] When transmitting the ASK_STATE message to the other network nodes (1104), the network node (1102) is requesting the other network nodes (1104) to send their most recent sequence number to the network node ( 1102), thus obtaining the most recent block information from the trust protocol system. And by obtaining the most recent block information from the entire trust protocol system, the network node (1102) may be able to synchronize with the most recent state of the entire system, thus recovering and continuing to participate in the process consensus.
[0152] Referring again to Figure 11, in (1108), each
Petition 870190068052, of 07/18/2019, p. 149/212
54/89 of the other network nodes (1104) sends a status response message (for example, RESPONSE_STATE message) to the network node (1102) in response to receiving the status request message. In some embodiments, the status response message includes a previous sequence number associated with the network nodes (1104).
[0153] In some embodiments, referring to Figure 12, the RESPONSE_ESTATE message, as an example of the status response message, has a format of <j, ultima_seq>, where “j” represents a network node ( 1104) which sends the message RESPONSE_ESTATE and “last_seq” represents a previous sequence number for the network node (1104) in the current consensus process. In some embodiments, the RESPONSE_ESTATE message may have a different format, for example, including additional or different fields.
[0154] Referring again to Figure 11, at (1110), the network node (1102) determines whether a quantity of the received status response messages exceeds a predetermined threshold. For example, the network node (1102) can determine whether the number of received RESPONSE messages exceeds a quorum number (for example, 2f + 1 or n-f). In some embodiments, the network node (1102) further determines whether the quorum number of received RESPONSE_STATE messages includes an identical sequence number. The quorum number of the RESPONSE_ESTATE messages received includes an identical sequence number which means that most network nodes (1104) agree on a common system-wide state.
[0155] In (1112), the network node (1102) determines the target sequence number based on an identical sequence number if the network node (1102) determines that the number of status response messages including the number identical sequence received from network nodes (1104)
Petition 870190068052, of 07/18/2019, p. 150/212
55/89 exceeds the predetermined threshold. For example, the network node (1102) can determine that the target sequence number is an increment (for example, “last_seq + 1”) of the identical sequence number (for example, “last_seq”).
[0156] In (1114), the network node (1102) sends a requesting message (for example, EXTRAIR_ECO message) to the other network nodes (1104). The EXTRAIR_ECO message is sent by the network node (1102) to request an ECO message from each of the other network nodes (1104). As discussed above with reference to Figures 3 to 6, the ECO message is a message transmitted by the network nodes (1104) to obtain consensus between the network nodes (1104) in a target transaction. The ECO message includes a part of the target transaction (for example, an EC block) and a signature from the network node (1104) that sends the ECO message.
[0157] In some embodiments, referring to Figure 12, the EXTRAIR_ECO message, as an example of the requesting message, has a format of <j, last_seq + 1>, where “j” represents a network node (1102 ) that sends the message EXTRAIR_ECO and “last_seq + 1” represents a target sequence number associated with the ECO messages that the network node (1102) is requesting from the other network nodes (1104). In some embodiments, the EXTRAIR_ECO message may have a different format, for example, including additional or different fields.
[0158] The EXTRAIR_ECO message as discussed here is sent by the network node (1102) to request ECO messages including a more recent sequence number or a greater sequence number from the other network nodes (1104). By collecting ECO messages including a more recent sequence number or a greater sequence number of the other network nodes (1104), the network node (1102) may be able to recover to the most recent state associated with the most recent sequence number.
[0159] Referring again to Figure 11, in (1116), each
Petition 870190068052, of 07/18/2019, p. 151/212
56/89 of the network nodes (1104) sends an ECO message to the network node (1102) in response to receiving the EXTRAIR_ECO message. In some embodiments, each of the network nodes (1104) checks the EXTRAIR_ECO message before sending the ECO message to the network node (1102). In some embodiments, each of the network nodes (1104) checks the EXTRAIR_ECO message by determining whether the sequence number included in the EXTRAIR_ECO messages exceeds a more recent sequence number associated with the network node (1104). If the sequence number included in EXTRAIR_ECO messages is equal to the most recent sequence number associated with the network node (1104), the network node (1104) determines that the EXTRAIR_ECO message is valid and that an ECO message will be sent to the node network (1102). If the sequence number included in EXTRAIR_ECO messages exceeds the most recent sequence number associated with the network node (1104), the network node (1104) determines that the EXTRAIR_ECO message is invalid and that an ECO message will not be sent to the node network (1102).
[0160] In (1118), the network node (1102) checks whether the ECO messages sent by the network nodes (1104) are valid. In some embodiments, the network node (1102) checks for ECO messages using a Merkel tree. For example, the network node (1102) can use the data included in the ECO message to reconstruct a Merkel tree and determine a reconstructed root summary value from the reconstructed Merkel tree. The network node (1102) can then compare the reconstructed root summary value with a root summary value included in the ECO message. If the reconstructed root summary value matches the root summary value included in the ECO message, the network node (1102) will determine that the ECO message is valid. If the reconstructed root summary value does not match the root summary value included in the ECO message, the
Petition 870190068052, of 07/18/2019, p. 152/212
57/89 network (1102) will determine that the ECO message is invalid and can discard the invalid ECO message.
[0161] In some embodiments, the network node (1102) checks whether the ECO message is valid, while also checking whether the signature on the ECO message is valid. For example, the network node (1102) can authenticate the private key signature in the ECO message using a public key paired with the private key to verify the signature.
[0162] In (1120), the network node (1102) determines whether a quantity of valid ECO messages received from the other network nodes (1104) exceeds a predetermined threshold. For example, the network node (1102) can determine whether a number of valid ECO messages received from the other network nodes (1104) exceed a quorum number (for example, 2f + 1).
[0163] In (1122), the network node (1102) retrieves the target transaction with the target sequence number in response to the determination that the number of valid ECO messages exceeds the predetermined threshold. In some embodiments, the network node (1102) retrieves the target transaction using the data included in the number of valid ECO messages. For example, the network node (1102) can retrieve a subset of EC blocks included in the ECO messages to reconstruct the target transaction according to an EC code.
[0164] In (1124), the network node (1102) multicast an ACCEPT message to the other network nodes (1104) after retrieving the target transaction. For example, network node (1102) can multicast an ACCEPT message to other network nodes (1104) after successfully reconstructing the target transaction. In some embodiments, the ACCEPT message includes a set of signatures on the ECO messages and the target sequence number. When sending the ACCEPT message including signatures and the target sequence number to the other network nodes (1104), the
Petition 870190068052, of 07/18/2019, p. 153/212
58/89 network node (1102) indicates to the other network nodes (1104) that the network node (1102) has recovered and synchronized with the most recent state of the system.
[0165] The recovery process, as discussed above in this specification, includes many features that improve the operation of computers that implement the recovery process and help alleviate network bottlenecks. For example, the recovery process in this specification includes operations including sending a status request message through a network node that applies to being a new primary node, receiving status response messages from other network nodes and sending a EXTRAIR_ECO message by the network node to request ECO messages from the other network nodes. These operations are performed in such a way that the defective network node recovery process does not interfere with the normal operation of the consensus process among the other non-defective network nodes. This facilitates the conservation of computing and network characteristics to recover the failed network node, reducing the complexity of the recovery process.
[0166] Referring to Figure 13, Figure 13 is a diagram that illustrates modules of a consensus apparatus (1300), according to an embodiment of this specification. The consensus apparatus (1300) can be applied to a consensus system based on reliable protocol technology. For example, the apparatus (1300) can correspond to the embodiments shown in Figures 1 to 6. The apparatus (1300) can be implemented on a primary node in the trust protocol network. The apparatus (1300) includes the following: a receiver or receiving unit (1302), configured to receive a transaction request; a generating unit (1304), configured to generate a number of erasure code (EC) blocks according to an EC code using the transaction request; a transmitter or transmission unit (1306), configured
Petition 870190068052, of 07/18/2019, p. 154/212
59/89 to send a quantity of first messages to the one or more backup nodes, respectively, where each of the quantity of first messages includes a composite summary value associated with the quantity of EC blocks; the receiver or receiving unit (1302), further configured to receive at least a second message from at least one of the backup nodes, wherein the at least a second message includes one of the number of first messages and a signature from at least one of the backup nodes associated with one of the first message quantity; a verification unit (1306) configured to verify that at least one second message is valid in response to receiving at least one second message from at least one of the backup node; a determination unit (1310), configured to determine whether an amount of second valid messages exceeds a predetermined threshold; a reconstruction unit (1312), configured to reconstruct the transaction request based on a subset of the number of second valid messages according to the EC code in response to the determination that the number of second valid messages exceeds the predetermined threshold; the transmitter or transmission unit (1306), additionally configured to send a third message to the other network nodes in response to the determination that the transaction request has been successfully reconstructed, wherein the third message includes a set of signatures that are in the second valid messages; the receiver or the receiving unit (1302), further configured to receive at least a third message from at least one of the backup nodes; and an execution unit (1314), configured to execute the transaction request in response to receiving a predetermined number of third messages that are identical.
Petition 870190068052, of 07/18/2019, p. 155/212
60/89 [0167] In an optional embodiment, the transaction request is associated with a sequence number.
[0168] In an optional embodiment, the generation of the plurality of EC blocks according to an EC code includes the following: transforming the transaction request into an EC message using the EC code and dividing the EC message into the block quantity of EC.
[0169] In an optional embodiment, the summary value composed of the number of EC blocks is generated using a summary tree.
[0170] In an optional embodiment, the summary tree includes a Merkle tree and where the composite summary value is a root summary value for the Merkle tree.
[0171] In an optional embodiment, the signature of at least one of the backup nodes associated with one of the first message quantity includes a private key signature of at least one of the backup nodes associated with one of the number of first messages.
[0172] In an optional embodiment, the at least a second message also includes at least one of the number of EC blocks.
[0173] In an optional embodiment, checking whether the at least one second message is valid includes the following: generating a reconstructed summary tree using at least one of the number of EC blocks in at least one second message; determining a reconstructed composite summary value from the reconstructed summary tree; and determining whether the reconstructed composite summary value matches the composite summary values in at least a second message.
[0174] In an optional embodiment, the unit of
Petition 870190068052, of 07/18/2019, p. 156/212
61/89 determination (1310) is further configured to determine that at least a second message is valid in response to the determination that the reconstructed composite summary value matches the composite summary values in the second messages.
[0175] In an optional embodiment, the predetermined number of third messages that are identical includes the predetermined number of third messages with an identical set of signatures.
[0176] Figure 13 is a schematic diagram that illustrates an internal functional module and a structure of a consensus apparatus (1300). An execution body, in essence, can be an electronic device, and the electronic device includes the following: at least one processor; and a memory configured to store an executable instruction from at least one processor.
[0177] The at least one processor is configured to receive a transaction request; generate a number of erasure code (EC) blocks according to an EC code using the transaction request; sending a quantity of first messages to the one or more backup nodes, respectively, where each of the quantity of first messages includes a composite summary value associated with the quantity of EC blocks; receive at least a second message from at least one of the backup nodes, where the at least a second message includes one of the number of first messages and a signature from at least one of the backup nodes associated with one of the quantity first messages; verify that at least one second message is valid in response to receiving at least one second message from at least one of the backup node; determine whether an amount of seconds
Petition 870190068052, of 07/18/2019, p. 157/212
62/89 valid messages exceed a predetermined threshold; reconstruct the transaction request based on a subset of the number of valid second messages according to the EC code, in response to the determination that the number of valid second messages exceeds the predetermined threshold; send a third message to the other network nodes in response to the determination that the transaction request has been successfully rebuilt, where the third message includes a set of signatures that are in the second valid messages; receive at least a third message from at least one of the backup nodes; and executing the transaction request in response to receiving a predetermined number of third messages that are identical.
[0178] Optionally, the transaction request is associated with a sequence number.
[0179] Optionally, the generation of the plurality of EC blocks according to an EC code includes the following: transforming the transaction request into an EC message using the EC code and dividing the EC message into the EC block quantity.
[0180] Optionally, the summary value composed of the number of EC blocks is generated using a summary tree.
[0181] Optionally, the summary tree includes a Merkle tree, where the composite summary value is a root summary value from the Merkle tree.
[0182] Optionally, the signature of at least one of the backup nodes associated with one of the first message quantity includes a private key signature of at least one of the backup nodes associated with one of the first message quantity.
[0183] Optionally, at least a second message also includes at least one of the number of EC blocks.
Petition 870190068052, of 07/18/2019, p. 158/212
63/89 [0184] Optionally, checking whether the at least one second message is valid includes the following: generating a reconstructed summary tree using at least one of the number of EC blocks in at least one second message; determining a reconstructed composite summary value from the reconstructed summary tree; and determining whether the reconstructed composite summary value matches the composite summary values in at least a second message.
[0185] Optionally, the at least one processor is further configured to determine that the at least one second message is valid in response to the determination that the reconstructed composite summary value matches the composite summary values in the second messages.
[0186] Optionally, the predetermined number of third messages that are identical includes the predetermined number of third messages with an identical set of signatures.
[0187] Referring to Figure 14, Figure 14 is a diagram that illustrates modules of a consensus apparatus (1400), according to an embodiment of this specification. The apparatus (1400) for obtaining consensus can be applied to a consensus system based on a reliable protocol technology. The apparatus (1400) can correspond to the embodiments shown in Figures 1 to 6. For example, the apparatus (1400) can be implemented in a backup node of a trusted protocol network. The apparatus (1400) includes the following: a receiver or receiver unit (1402), configured to receive a first message from the primary node, where the first message includes a composite summary value associated with a number of EC blocks, where the number of EC blocks is generated by the primary node according to an EC code using a transaction request; a transmitter or unit of
Petition 870190068052, of 07/18/2019, p. 159/212
64/89 transmission (1404), configured to send, through the backup node, a second message to the other network nodes in response to the receipt of the first message, in which the second message includes the first message and a signature of the node backup copy associated with the first message; the receiver or receiver unit (1402), further configured to receive at least a second message from at least one backup node other than the backup node; a verification unit (1406), configured to verify that at least one second message is valid in response to receiving at least one second message from at least one backup node; a determination unit (1408), configured to determine whether an amount of second valid messages exceeds a predetermined threshold; a reconstruction unit (1410), configured to reconstruct the transaction request based on a subset of the number of second valid messages according to the EC code in response to the determination that the number of second valid messages exceeds the predetermined threshold; the transmitter or transmission unit (1404), configured to send a third message to the other network nodes in response to the determination that the transaction request has been successfully reconstructed, where the third message includes a set of signatures that are in the second valid messages; the receiver or receiver unit (1402), further configured to receive at least a third message from at least one of the backup nodes; and an execution unit (1412), configured to execute the transaction request in response to receiving a predetermined number of third messages that are identical.
[0188] In an optional embodiment, the generation of the plurality of EC blocks according to an EC code includes the following:
Petition 870190068052, of 07/18/2019, p. 160/212
65/89 transform the transaction request into an EC message using the EC code; and dividing the EC message into the EC block quantity.
[0189] In an optional embodiment, the summary value composed of the plurality of EC blocks is generated using a summary tree.
[0190] In an optional embodiment, the summary tree includes a Merkle tree and the composite summary value is a root summary value from the Merkle tree.
[0191] In an optional embodiment, the backup node signature associated with the first message includes a private key signature of the backup node associated with the first message.
[0192] In an optional embodiment, the at least a second message further includes at least one of the number of EC blocks.
[0193] In an optional embodiment, checking whether the at least one second message is valid includes the following: generating a reconstructed summary tree using at least one of the number of EC blocks in at least one second message; determining a reconstructed composite summary value from the reconstructed summary tree; comparing the reconstructed composite summary value with a composite summary value in at least a second message; and determining whether the reconstructed composite summary value matches the composite summary values in at least a second message.
[0194] In an optional embodiment, the unit of determination (1408) is further configured to determine that at least a second message is valid in response to the determination that the reconstructed composite summary value matches the summary values
Petition 870190068052, of 07/18/2019, p. 161/212
66/89 composed in the second messages.
[0195] In an optional embodiment, the predetermined number of third messages that are identical includes the predetermined number of third messages with an identical set of signatures.
[0196] Figure 14 is a schematic diagram that illustrates an internal functional module and a structure of a consensus apparatus (1400). An execution body in essence can be an electronic device, and the electronic device includes the following: at least one processor; and a memory configured to store an executable instruction from at least one processor.
[0197] The at least one processor is configured to receive a first message from the primary node, where the first message includes a composite summary value associated with a number of EC blocks, where the number of EC blocks is generated by primary node according to an EC code using a transaction request; send, by the backup node, a second message to the other network nodes in response to the receipt of the first message, where the second message includes the first message and a signature of the backup node associated with the first message; receive at least a second message from at least one backup node other than the backup node; verify that at least one second message is valid in response to receiving at least one second message from at least one backup node; determine whether the number of valid second messages exceeds a predetermined threshold; reconstruct the transaction request based on a subset of the number of valid second messages according to the EC code, in response to the determination that the number of valid second messages exceeds the
Petition 870190068052, of 07/18/2019, p. 162/212
67/89 predetermined threshold; send a third message to the other network nodes in response to the determination that the transaction request has been successfully rebuilt, where the third message includes a set of signatures that are in the second valid messages; receive at least a third message from at least one of the backup nodes; and executing the transaction request in response to receiving a predetermined number of third messages that are identical.
[0198] Optionally, the generation of the plurality of EC blocks according to an EC code includes the following: transform the transaction request into an EC message using the EC code; and dividing the EC message into the EC block quantity.
[0199] Optionally, the summary value composed of the plurality of EC blocks is generated using a summary tree.
[0200] Optionally, the summary tree includes a Merkle tree and the composite summary value is a root summary value for the Merkle tree.
[0201] Optionally, the backup node signature associated with the first message includes a private key signature of the backup node associated with the first message.
[0202] Optionally, at least a second message also includes at least one of the number of EC blocks.
[0203] Optionally, checking whether the at least one second message is valid includes the following: generating a reconstructed summary tree using at least one of the number of EC blocks in at least one second message; determining a reconstructed composite summary value from the reconstructed summary tree; comparing the reconstructed composite summary value with a composite summary value in at least a second message; and determine whether the reconstructed composite summary value
Petition 870190068052, of 07/18/2019, p. 163/212
68/89 corresponds to the composite summary values in at least a second message.
[0204] Optionally, the at least one processor is further configured to determine that the at least one second message is valid in response to the determination that the reconstructed composite summary value matches the composite summary values in the second messages.
[0205] Optionally, the predetermined number of third messages that are identical includes the predetermined number of third messages with an identical set of signatures.
[0206] Referring to Figure 15, Figure 15 is a diagram that illustrates modules of a primary node change apparatus (1500), according to an embodiment of this specification. The apparatus (1500) for changing a primary node can be applied to a consensus system based on reliable protocol technology. The apparatus (1500) can correspond to the embodiments shown in Figures 7 to 9. For example, the apparatus (1500) can be implemented in a backup node of a trusted protocol network. The apparatus (1500) includes the following: a unit of determination (1502), configured to determine that a period change needs to be performed, where the period change causes a change from a current period with a current primary node to a new one period with a new primary node, where the current period comprises a consensus process to achieve consensus between the number of network nodes using the primary node, the consensus process including three phases; the determination unit (1502) is further configured to determine a respective backup node weight associated with each of the three phases of the consensus process in the current period, where the weight is a metric of a copy node qualification security to be
Petition 870190068052, of 07/18/2019, p. 164/212
69/89 the new primary node; the determination unit (1502) is further configured to determine a sum of weight for the backup node based on the respective weight of the backup node associated with each of the three phases in the current period; a transmitter or transmission unit (1504), configured to send a PERIOD_CHANGE message for the number of network nodes other than the network node in response to the determination that the weight sum reaches a predetermined first threshold, where the PERIOD_Change message indicates a request for a change from the current period with the current primary node to the new period, with the backup node being the new primary node, and the PERIOD_ CHANGE message includes the weight sum of the backup node; a receiver or receiver unit (1506), configured to receive at least one NEW_PERIOD message from at least one of the number of network nodes other than the backup node, where the NEW_PERIOD message indicates a confirmation of the backup node as the new primary node being; a verification unit (1508), configured to verify that at least one NEW_PERIOD message is valid; the determination unit (1502) is further configured to determine whether an amount of valid NEW_PERIOD messages from at least one NEW_PERIOD message exceeds a second predetermined threshold; and the determination unit (1502) is further configured to determine the backup node as the new primary node in the new period, in response to the determination that the number of valid NEW_PERIOD messages exceeds the second predetermined threshold.
[0207] In an optional embodiment, determining a respective backup node weight associated with each of the three phases of the consensus process in the current period includes determining a backup node weight for a first phase of the
Petition 870190068052, of 07/18/2019, p. 165/212
70/89 consensus as being a first value.
[0208] In an optional embodiment, determining a respective backup node weight associated with each of the three phases of the consensus process in the current period includes the following: in response to determining a failure in the verification of quorum in a second phase of the consensus process in the current period, determine a backup node weight for the second phase of the consensus process to be a first value; and in response to determining the success of a quorum check in the second phase of the consensus process in the current period, determining the weight of the backup node for the second phase of the consensus process as a second value, where the first value is less than the second value.
[0209] In an optional embodiment, quorum verification in the second phase for the network node includes receiving a predetermined number of ECO messages from other network nodes.
[0210] In an optional embodiment, determining a respective backup node weight associated with each of the three phases of the consensus process in the current period includes the following: in response to determining a failure in the verification of quorum in a third phase of the consensus process in the current period, determine a backup node weight for the third phase of the consensus process as a third value; and in response to determining the success of a quorum check in the third phase of the consensus process in the current period, determining the weight of the backup node for the third phase of the consensus process as a fourth value, where the third value is less than the fourth value.
[0211] In an optional embodiment, quorum verification in the third phase for the network node includes receiving a number
Petition 870190068052, of 07/18/2019, p. 166/212
71/89 predetermined messages accepted from other network nodes, where each message accepted from other network nodes indicates that each of the other network nodes accepted a predetermined number of ECO messages.
[0212] In an optional embodiment, the message PERÍODO_MUDANÇA also includes a set of signatures associated with a set of network nodes based on the number of network nodes, and in which the message NOVO_PERÍODO comprises a compilation of the message PERIOD-CHANGE .
[0213] In an optional embodiment, verifying that at least one NEW_PERIOD message is valid includes verifying that the PERIOD_Change message compilation is valid at least one NEW_PERIOD message is valid, and verifying that the PERIOD_Change message compilation is at least valid a NEW_PERIOD message is valid and includes verifying that the signature set in the PERIOD_Change message is valid.
[0214] In an optional embodiment, the determination that a period change needs to be made includes determining that a period change needs to be carried out in response to the determination that consensus was not reached in the previous period within a period of predetermined time.
[0215] In an optional embodiment, the primary node change apparatus (1500) further includes the following: an operating unit (1510), configured to operate in the new period with the new primary node, in which the new period it comprises a consensus process to achieve consensus among the plurality of network nodes using the new primary node.
[0216] Figure 15 is a schematic diagram illustrating an internal functional module and a structure for a node change device
Petition 870190068052, of 07/18/2019, p. 167/212
72/89 primary (1500). An execution body in essence can be an electronic device, and the electronic device includes the following: at least one processor; and a memory configured to store an executable instruction from at least one processor.
[0217] The at least one processor is configured to determine that a period change needs to be performed, where the period change causes a change from a current period with a current primary node to a new period with a new primary node, in whereas the current period comprises a consensus process to reach consensus between the number of network nodes using the primary node, the consensus process including three phases; determine a respective backup node weight associated with each of the three phases of the consensus process in the current period, where the weight is a metric of a qualification of the backup node to be the new primary node; determining a weight sum for the backup node based on the respective weight of the backup node associated with each of the three phases in the current period; send a PERIOD_Change message to the number of network nodes other than the network node in response to the determination that the weight sum reaches a predetermined first threshold, where the PERIOD_Change message indicates a request for a change of the current period with the primary node current for the new period with the backup node being the new primary node and the message PERIOD_CHANGE includes the weight sum of the backup node; receive at least one NEW_PERIOD message from at least one of the number of network nodes other than the backup node, where the NEW_PERIOD message indicates an acknowledgment from the backup node as the new primary node; check if at least one NEW_PERIOD message is valid; determine whether a number of messages
Petition 870190068052, of 07/18/2019, p. 168/212
73/89
NOVO_PERÍODO valid from at least one NOVO_PERÍODO message exceeds a second predetermined threshold; and determining that the backup node as the new primary node in the new period in response to the determination that the number of valid NEW_PERIOD messages exceeds the second predetermined threshold.
[0218] Optionally, determining a respective backup node weight associated with each of the three phases of the consensus process in the current period includes determining a backup node weight for a first phase of the backup process. consensus as a first value.
[0219] Optionally, determining a respective backup node weight associated with each of the three phases of the consensus process in the current period includes the following: in response to determining a quorum verification failure in a second phase of the consensus process in the current period, determine a backup node weight for the second phase of the consensus process to be a first value; and in response to determining the success of a quorum check in the second phase of the consensus process in the current period, determining the weight of the backup node for the second phase of the consensus process as a second value, where the first value is less than the second value.
[0220] Optionally, checking the quorum in the second phase for the network node includes receiving a predetermined number of ECO messages from other network nodes.
[0221] Optionally, determining a respective backup node weight associated with each of the three phases of the consensus process in the current period includes the following: in response to determining a failure to verify the quorum in a third phase of the process
Petition 870190068052, of 07/18/2019, p. 169/212
74/89 consensus in the current period, determine a backup node weight for the third phase of the consensus process to be a third value; and in response to determining the success of a quorum check in the third phase of the consensus process in the current period, determining the weight of the backup node for the third phase of the consensus process as a fourth value, where the third value is less than the fourth value.
[0222] Optionally, checking the quorum in the third phase for the network node includes receiving a predetermined number of acceptance messages from other network nodes, where each acceptance message from other network nodes indicates that each of the other network nodes accepted a predetermined number of ECO messages.
[0223] Optionally, the message PERÍODO_MUDANÇA also includes a set of signatures associated with a set of network nodes based on the number of network nodes, and in which the message NOVO_PERÍODO comprises a compilation of the message PERÍODO_MUDANÇA.
[0224] Optionally, checking whether the at least one valid NEW_PERIOD message is valid includes checking whether the compilation of the PERIOD_Change message on at least one NEW_PERIOD message is valid, and checking whether the compilation of the PERIOD_Change message on at least one message NOVO_PERÍODO is valid includes checking if the set of signatures in the PERIOD-CHANGE message is valid.
[0225] Optionally, the determination that a period change needs to be made includes the determination that a period change needs to be made in response to the determination that consensus was not reached in the previous period within a predetermined period of time.
[0226] Optionally, the at least one processor is still
Petition 870190068052, of 07/18/2019, p. 170/212
75/89 configured to operate in the new period with the new primary node, in which the new period comprises a consensus process to obtain consensus between the plurality of network nodes using the new primary node.
[0227] Referring to Figure 16, Figure 16 is a diagram illustrating modules of a primary node changing apparatus (1600), according to an embodiment of this specification. The apparatus (1600) for changing a primary node can be applied to a consensus system based on reliable protocol technology. The apparatus (1600) corresponds to the embodiments shown in Figures 7 to 9. For example, the apparatus (1400) can be implemented in a network node of a trusted protocol network. The apparatus (1600) includes the following: a receiver or receiver unit (1602), configured to receive a PERIOD_ CHANGE message from a backup node other than the network node, where the PERIOD_ CHANGE message includes an indication that a change in period needs to be performed, where the period change causes a change from a current period with a current primary node to a new period with a new primary node; a verification unit (1604), configured to verify that the PERIOD_ CHANGE message is valid; a transmitter or transmission unit (1606), configured to send a NEW_PERIOD message to other network nodes in response to the verification that the PERIOD_Change message is valid, where the NEW_PERIOD message comprises a compilation of the PERIOD_Change message; the receiver or receiver unit (1602), still configured to receive at least one NEW_PERIOD message from at least one of the number of network nodes other than the network node; the verification unit (1604), still configured to verify that at least one NEW_PERIOD message is valid; a determination unit (1608), configured to determine whether a
Petition 870190068052, of 07/18/2019, p. 171/212
76/89 quantity of valid NEW_PERIOD messages from at least one NEW_PERIOD message exceeds a predetermined threshold; and the determination unit (1608), still configured to determine the backup node as the new primary node in the new period, in response to the determination that the number of valid NEW_PERIOD messages exceeds the predetermined threshold.
[0228] In an optional embodiment, the PERIOD_CHANGE message includes a sum of weight associated with the backup node and a set of signatures associated with a set of network nodes based on the number of network nodes.
[0229] In an optional embodiment, checking whether the PERIOD_Change message is valid includes checking whether the weight sum in the PERIOD_Change message is valid, and checking whether the weight sum in the PERIOD_Change message is valid includes checking if the signature set is valid.
[0230] In an optional embodiment, checking whether the at least one NOVO_PERÍODO message is valid includes verifying that the compilation of the PERIOD_Change message on at least one NOVO_PERÍODO message is valid, and verifying whether the compilation of the PERIOD_Change message on at least one NEW_PERIOD message is valid includes verifying that the signature set in the PERIOD_Change message is valid.
[0231] Figure 16 is a schematic diagram illustrating an internal functional module and a structure of a primary node change device (1600). An execution body in essence can be an electronic device, and the electronic device includes the following: one at least one processor; and a memory configured to store an executable instruction from at least one processor.
Petition 870190068052, of 07/18/2019, p. 172/212
77/89 [0232] The at least one processor is configured to receive a PERIOD_ CHANGE message from a backup node other than the network node, where the PERIOD_ CHANGE message includes an indication that a period change needs to be performed, in that the period change causes a change from a current period with a current primary node to a new period with a new primary node; check if the message PERIOD_CHANGE is valid; send a message
NOVO_PERÍODO to the other network nodes in response to the verification that the PERIOD_Change message is valid, in which the message
NOVO_PERÍODO comprises a compilation of the message PERÍODO_MUDANÇA; receive at least one NEW_PERIOD message from at least one of the number of network nodes other than the network node; check if at least one NEW_PERIOD message is valid; determine if a quantity of valid NEW_PERIOD messages from at least one NEW_PERIOD message exceeds a predetermined threshold; and determining the backup node as the new primary node in the new period in response to the determination that the number of valid NEW_PERIOD messages exceeds the predetermined threshold.
[0233] Optionally, the PERIOD_Change message includes a sum of weight associated with the backup node and a set of signatures associated with a set of network nodes based on the number of network nodes.
[0234] Optionally, checking whether the PERIOD_Change message is valid includes checking whether the weight sum in the PERIOD_Change message is valid, and checking whether the weight sum in the PERIOD_Change message is valid includes verifying that the signature set is valid .
[0235] Optionally, checking whether at least one
Petition 870190068052, of 07/18/2019, p. 173/212
78/89 NOVO_PERÍODO message is valid includes verifying that the compilation of the PERIOD_Change message in at least one NOVO_PERÍODO message is valid, and verifying that the compilation of the PERIOD_Change message in at least one NOVO_PERÍODO message is valid includes verifying if the signature set in the PERIOD-CHANGE message is valid.
[0236] Referring to Figure 17, Figure 17 is a diagram that illustrates modules of a recovery device (1700), according to an embodiment of the present specification. The retrieval device (1700) can be applied to a consensus system based on reliable protocol technology. The apparatus (1700) can correspond to the embodiments shown in Figures 10 to 12. For example, the apparatus (1700) can be implemented on a network node of a trusted protocol network. The apparatus (1700) includes the following: a broadcasting unit (1702), configured to transmit, through a network node of a trusted protocol network, a status request message to several other network nodes of the protocol network reliable, where the network node must retrieve a target transaction from a target sequence number; a receiver (1704) or receiver unit (1704), configured to receive a number of status response messages from the number of other network nodes, each of the number of status response messages includes a number of sequence; an identification unit (1706) configured to identify the target sequence number based on the same sequence number in response to the determination that an amount of status response messages exceeds a predetermined threshold, each of which amount of messages of state comprises the same sequence number; a transmitter (1708) or a transmission unit (1708), configured to send a message
Petition 870190068052, of 07/18/2019, p. 174/212
79/89 requesting to the number of other network nodes, where the requesting message requests an ECO message from each of the number of other network nodes, where the ECO message is a message transmitted by each of the number of other network nodes network to obtain a consensus between the number of other network nodes in the target transaction that has the target sequence number and the ECO message includes a part of the target transaction and a signature for each of the number of other network nodes; the receiver (1704) or the receiving unit (1704), additionally configured to receive a number of ECO messages from the number of other network nodes; a determination unit (1710), configured to determine a quantity of valid ECO messages from the quantity of ECO messages, wherein each of the quantity of valid ECO messages includes the target sequence number; a retrieval unit (1712), configured to retrieve the target transaction with the same sequence number on the network node based on the number of valid ECO messages in response to the determination that the number of valid ECO messages exceeds a predetermined threshold; and the transmitter (1708), still configured to send a message to the number of other network nodes, indicating that the network node has been recovered.
[0237] In an optional embodiment, the number of network nodes includes a primary node and one or more backup nodes.
[0238] In an optional embodiment, the network node is a primary node or a backup node.
[0239] In an optional embodiment, the requesting message includes the target sequence number.
[0240] In an optional embodiment, the recovery device (1700) also includes the following: a verification unit (1714), configured to check, for each of the number of other network nodes
Petition 870190068052, of 07/18/2019, p. 175/212
80/89 different from the network node, the requesting message before sending ECO messages to the network node.
[0241] In an optional embodiment, the verification unit (1714) is further configured to verify that each of the ECO messages is valid, in which the verification of whether each of the ECO messages is valid includes verifying that each one of ECO messages is valid using a Merkel tree.
[0242] In an optional embodiment, verifying that each ECO message is valid also includes verifying that the signature on the ECO message is valid.
[0243] In an optional embodiment, each of the ECO messages further includes at least one of the number of erasure code (EC) blocks associated with the target transaction, in which the number of EC blocks is generated according to an EC code using the target transaction.
[0244] In an optional embodiment, retrieving the target transaction with the same sequence number on the network node based on the amount of valid ECO messages comprises reconstructing the target transaction using a subset of the plurality of EC blocks that are in the number of valid ECO messages.
[0245] In an optional embodiment, the message for the number of other network nodes indicating that the network node has been recovered includes a set of signatures on the number of valid ECO messages and the target sequence number.
[0246] The system, device, module or unit illustrated in the previous embodiments can be implemented using a computer chip or an entity, or can be implemented using a product with a certain function. A typical implementation device is a
Petition 870190068052, of 07/18/2019, p. 176/212
81/89 computer, and the computer can be a personal computer, a portable computer, a cell phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, a receiving device and sends emails, a game console, a tablet computer, a usable device, or any combination of those devices.
[0247] For a process of implementing the functions and roles of each unit in the device, references can be made to a process of implementing corresponding steps in the previous method. Details are omitted here for simplicity.
[0248] As an apparatus embodiment basically corresponds to a method embodiment, for related parties, references can be made to descriptions related to the method embodiment. The apparatus described above is merely an example. The units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one position, or may be distributed over a plurality of network units. Some or all of the modules can be selected based on real demands to achieve the objectives of the solutions in this specification. A person skilled in the art can understand and implement the embodiments of the present patent application without creative efforts.
[0249] Figure 17 is a schematic diagram illustrating an internal functional module and a structure of a recovery device (1700). An execution body, in essence, can be an electronic device, and the electronic device includes the following: at least one processor; and a memory configured to store an executable instruction from at least one processor.
Petition 870190068052, of 07/18/2019, p. 177/212
82/89 [0250] The at least one processor is configured to transmit, through a network node of a trust protocol network, a status request message to several other network nodes of the trust protocol network, where the network node must retrieve a target transaction from a target sequence number; receiving a number of status response messages from the number of other network nodes, each of the number of status response messages including a sequence number; identifying the target sequence number based on the same sequence number in response to determining that an amount of status response messages exceeds a predetermined threshold, each of the amount of status messages comprising the same sequence number; send a requesting message to the number of other network nodes, where the requesting message requests an ECO message from each of the number of other network nodes, where the ECO message is a message transmitted by each of the number of other network nodes network to reach consensus between the number of other network nodes in the target transaction with the target sequence number, and the ECO message includes a portion of the target transaction and a signature from each of the number of other network nodes; receiving a number of ECO messages from the plurality of other network nodes; determining a quantity of valid ECO messages from the quantity of ECO messages, where each of the quantity of valid ECO messages includes the target sequence number; retrieving the target transaction with the same sequence number on the network node based on the number of valid ECO messages in response to the determination that the number of valid ECO messages exceeds a predetermined threshold; and send a message to the number of other network nodes indicating that the network node has been recovered.
Petition 870190068052, of 07/18/2019, p. 178/212
83/89 [0251] Optionally, the number of network nodes includes a primary node and one or more backup nodes.
[0252] Optionally, the network node is a primary node or a backup node.
[0253] Optionally, the requesting message includes the target sequence number.
[0254] Optionally, at least one processor is also configured to check, for each of the number of other network nodes other than the network node, the requesting message before sending the ECO messages to the network node.
[0255] Optionally, at least one processor is still configured to verify that each of the ECO messages is valid, where checking whether each of the ECO messages is valid includes checking whether each of the ECO messages is valid using a tree of Merkel.
[0256] Optionally, checking whether each ECO message is valid also includes checking whether the signature on the ECO message is valid.
[0257] Optionally, each of the ECO messages also includes at least one of the number of erasure code (EC) blocks associated with the target transaction, in which the number of EC blocks is generated according to an EC code using the target transaction.
[0258] Optionally, retrieving the target transaction with the same sequence number on the network node based on the amount of valid ECO messages includes reconstructing the target transaction using a subset of the amount of EC blocks that are in the amount of ECO messages valid.
[0259] Optionally, the message for the number of other network nodes indicating that the network node has been recovered includes a set of signatures on the number of valid ECO messages and the number of
Petition 870190068052, of 07/18/2019, p. 179/212
84/89 target sequence.
[0260] The forms of realization of the object-matter and the actions and operations described in this specification can be implemented in digital electronic circuits, in software or computer firmware tangibly incorporated, in computer hardware, including the structures revealed in this specification and structural equivalents, or in combinations of one or more of them. The embodiments of the subject matter described in this specification can be implemented as one or more computer programs, for example, one or more computer program instruction modules, encoded in a computer program carrier, for execution or control of the operation of data processing apparatus. The carrier can be a tangible non-transitory computer storage medium. Alternatively, or in addition, the carrier may be an artificially generated propagated signal, for example, an electrical, optical or electromagnetic signal generated by a machine that is generated to encode information for transmission to a receiver apparatus suitable for execution by a data processing apparatus . The computer storage medium may be or be part of a machine-readable storage device, a machine-readable storage substrate, a random or serial access memory device, or a combination of one or more of them. A computer storage medium is not a propagated signal.
[0261] The term “data processing apparatus” covers all types of data processing apparatus, devices and machines, including, for example, a programmable processor, a computer or multiple processors or computers. The data processing apparatus may include a special purpose logic circuit, for example, an FPGA (field programmable port array), an ASIC
Petition 870190068052, of 07/18/2019, p. 180/212
85/89 (application-specific integrated circuit), or a GPU (graphics processing unit). The device may also include, in addition to hardware, code that creates an execution environment for computer programs, for example, code that constitutes processor firmware, a protocol stack, a database management system, an operating system, or a combination of one or more of them.
[0262] A computer program, which can also be referred to or described as a program, software, a software application, an application, a module, a software module, a mechanism, a script or code can be written in any form programming language, including compiled or interpreted languages, declarative or procedural languages, and can be implemented in any way, including as a stand-alone program or as a module, component, mechanism, subroutine or other unit suitable for execution in an environment computing, whose environment may include one or more computers interconnected by a data communication network in one or more locations.
[0263] A computer program can, but need not, correspond to a file in a file system. A program can be stored in a part of a file that contains other programs or data, for example, one or more scripts stored in a markup language document, in a single file dedicated to the program in question or in several coordinated files, for example. example, files that store one or more modules, subprograms, or parts of code.
[0264] The processes and logic flows described in this specification can be performed by one or more computers running one or more computer programs to perform functions operating on input data and generating output data. Logical processes and flows can also be performed by special purpose logic circuits, for example,
Petition 870190068052, of 07/18/2019, p. 181/212
86/89 an FPGA, an ASIC or a GPU, or by a combination of special purpose logic circuits and one or more programmed computers.
[0265] Computers suitable for the execution of a computer program can be based on microprocessors of general or special purpose or both or any other type of central processing unit. Generally, a central processing unit will receive instructions and data from a read-only memory or from a random access memory or both. The elements of a computer can include a central processing unit for executing instructions, and one or more memory devices for storing instructions and data. The central processing unit and the memory can be supplemented by, or incorporated into special purpose logic circuits.
[0266] Generally, a computer will be attached to at least one non-transitory computer-readable storage medium (also called computer-readable memory). The storage medium attached to the computer can be an internal component of the computer (for example, an integrated hard drive) or an external component (for example, a universal serial bus (USB) hard drive or a storage system accessed through a network). Examples of storage media may include, for example, magnetic, magneto-optical or optical disks, solid-state drives, network storage resources, such as cloud storage systems or other types of storage media. However, a computer does not need to have these devices. In addition, a computer can be incorporated into another device, for example, a cell phone, a personal digital assistant (PDA), a mobile audio or video player, a game console, a global positioning system (GPS) receiver or a portable storage device, for example, a serial bus flash drive
Petition 870190068052, of 07/18/2019, p. 182/212
87/89 universal (USB), to name just a few [0267] To provide interaction with a user, embodiments of the subject matter described in this specification can be implemented in, or configured to communicate with, a computer with a display, for example, an LCD monitor (liquid crystal display), to display information to the user and an input device, by which the user can provide input data to the computer, for example, a keyboard and a pointing device, for example example, a mouse, a rolling ball, or touchpad. Other types of devices can also be used to provide interaction with a user; for example, the feedback provided to the user can be any form of sensory feedback, for example, visual feedback, auditory feedback or tactile feedback; and user input can be received in any form, including acoustic, speech, or tactile input. In addition, a computer can interact with a user by sending documents and receiving documents from a device that is used by the user; for example, sending web pages to a web browser on a user's device in response to requests received from the web browser or interacting with an application running on a user's device, for example, a smart phone or electronic tablet. In addition, a computer can interact with a user by sending text messages or other forms of messages to a personal device, for example, a smart phone that is running a messaging application and receiving responsive messages from the user in return.
[0268] This specification uses the term “configured for” in connection with systems, devices and computer program components. For a system of one or more computers to be configured
Petition 870190068052, of 07/18/2019, p. 183/212
88/89 to perform particular operations or actions, means that the system has installed software, firmware, hardware or a combination of them in operation that cause the system to perform the operations or actions. For one or more computer programs to be configured to perform particular operations or actions, it means that the one or more programs include instructions that, when executed by the data processing device, cause the device to perform the operations or actions. For special purpose logic circuits to be configured to perform particular operations or actions, it means that the circuit has electronic logic that performs the operations or actions.
[0269] Although this specification contains many specific implementation details, these should not be interpreted as limitations on the scope of what is being claimed, which is defined by the claims themselves, but rather as descriptions of characteristics that may be specific to forms of particular realizations. Certain characteristics that are described in this specification in the context of separate embodiments can also be implemented, in combination in a single embodiment. On the other hand, several features that are described in the context of a single embodiment can also be implemented in several embodiments, separately or in any suitable sub-combination. In addition, although features may be described previously as acting on certain combinations and even initially claimed as such, one or more features of a claimed combination may, in some cases, be removed from the combination, and the claim may be directed to a sub-combination or variation of a sub-combination.
[0270] Likewise, while operations are represented in the figures and recited in the claims in an order
Petition 870190068052, of 07/18/2019, p. 184/212
89/89 particular, this should not be understood as requiring that such operations be performed in the particular order shown or in sequential order, or that all illustrated operations be performed, to achieve desirable results. In certain circumstances, multitasking and parallel processing can be advantageous. In addition, the separation of various modules and system components in the embodiments described above should not be understood as requiring such separation in all embodiments, and it should be understood that the program components and systems described can generally be integrated into a single software product or bundled into multiple software products.
[0271] The particular embodiments of the subject matter have been described. Other embodiments are within the scope of the following claims. For example, the actions cited in the claims can be carried out in a different order and still achieve desirable results. As an example, the processes represented in the attached figures do not necessarily require the particular order shown, or sequential order, to achieve the desired results. In some cases, multitasking and parallel processing can be advantageous.

权利要求:
Claims (30)
[1]
1. COMPUTER IMPLEMENTED METHOD to perform a recovery process of a network node of a trust protocol network (blockchain), characterized by the fact that the method comprises:
transmit, over a network node of a trust protocol network, a status request message to a plurality of other network nodes of the trust protocol network, in which the network node must retrieve a transaction targeted by a number target sequence;
receiving, by the network node, a plurality of status response messages from the plurality of other network nodes, each of the plurality of status response messages comprising a sequence number;
in response to the determination that a number of status response messages exceeds a predetermined threshold, wherein each of the number of status messages comprises the same sequence number, identifying the target sequence number by the network node based on in the same sequence number;
send, via the network node, a requesting message to the plurality of other network nodes, where the requesting message requests an ECO message from each of the plurality of other network nodes, where the ECO message is a message transmitted by each one of the plurality of other network nodes to obtain a consensus between the plurality of other network nodes in the target transaction having the target sequence number, and the ECO message comprises a part of the target transaction and a signature from each of the plurality of others network nodes;
receiving, through the network node, a plurality of ECO messages from the plurality of other network nodes;
Petition 870190068052, of 07/18/2019, p. 186/212
[2]
2/9 determine, through the network node, a number of valid ECO messages from the plurality of ECO messages, where each of the number of valid ECO messages comprises the target sequence number;
in response to the determination that the number of valid ECO messages exceeds a predetermined threshold, retrieve, by the network node, the target transaction having the same sequence number on the network node based on the number of valid ECO messages; and sending, through the network node, a message to the plurality of other network nodes indicating that the network node has been recovered.
2. METHOD, according to claim 1, characterized by the fact that the plurality of network nodes comprises a primary node and one or more backup nodes.
[3]
3. METHOD, according to claim 1, characterized by the fact that the network node is a primary node or a backup node.
[4]
4. METHOD, according to claim 1, characterized by the fact that the requesting message comprises the target sequence number.
[5]
5. METHOD, according to claim 4, characterized by the fact that the method also comprises:
verify, for each of the plurality of other network nodes other than the network node, the requesting message before sending the ECO messages to the network node.
[6]
6. METHOD, according to claim 1, characterized by the fact that the method further comprises:
check, by the network node, if each of the ECO messages is valid, where the check of whether each of the ECO messages is valid
Petition 870190068052, of 07/18/2019, p. 187/212
3/9 comprises verifying that each of the ECO messages is valid using a Merkel tree.
[7]
7. METHOD, according to claim 6, characterized by the fact that the verification of whether each of the ECO messages is valid also comprises verifying whether the signature in the ECO message is valid.
[8]
8. METHOD, according to claim 1, characterized by the fact that each of the ECO messages further comprises at least one of a plurality of erasure code (EC) blocks associated with the target transaction, in which the plurality of blocks of erasure code. EC is generated according to an EC code using the target transaction.
[9]
9. METHOD, according to claim 1, characterized by the fact that the recovery of the target transaction having the same sequence number on the network node based on the amount of valid ECO messages comprises reconstructing the target transaction using a subset of the plurality of EC blocks that are in the amount of valid ECO messages.
[10]
10. METHOD, according to claim 1, characterized by the fact that the message for the plurality of other network nodes, indicating that the network node has been recovered, comprises a set of signatures in the amount of valid ECO messages and the number of target sequence.
[11]
11. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, characterized by the fact that it is coupled to one or more computers and configured with instructions executable by one or more computers to:
transmit, over a network node of a trust protocol network, a status request message to a plurality of other network nodes of the trust protocol network, where the network node
Petition 870190068052, of 07/18/2019, p. 188/212
4/9 must retrieve a target transaction from a target sequence number;
receiving, by the network node, a plurality of status response messages from the plurality of other network nodes, each of the plurality of status response messages comprising a sequence number;
in response to the determination that a number of status response messages exceeds a predetermined threshold, wherein each of the number of status messages comprises the same sequence number, identifying the target sequence number by the network node based on in the same sequence number;
send, via the network node, a requesting message to the plurality of other network nodes, where the requesting message requests an ECO message from each of the plurality of other network nodes, where the ECO message is a message transmitted by each of the plurality of other network nodes to obtain a consensus between the plurality of other network nodes in the target transaction having the target sequence number, and the ECO message comprises a part of the target transaction and a signature from each of the plurality of other network nodes;
receiving, through the network node, a plurality of ECO messages from the plurality of other network nodes;
determining, through the network node, a number of valid ECO messages from the plurality of ECO messages, wherein each of the number of valid ECO messages comprises the target sequence number;
in response to the determination that the number of valid ECO messages exceeds a predetermined threshold, retrieve, by the network node, the target transaction having the same sequence number on the network node based on the number of valid ECO messages; and
Petition 870190068052, of 07/18/2019, p. 189/212
5/9 send, through the network node, a message to the plurality of other network nodes indicating that the network node has been recovered.
[12]
12. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 11, characterized by the fact that the plurality of network nodes comprises a primary node and one or more backup nodes.
[13]
13. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 11, characterized by the fact that the network node is a primary node or a backup node.
[14]
14. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 11, characterized by the fact that the requesting message comprises the target sequence number.
[15]
15. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 14, characterized by the fact that it is further configured with instructions executable by one or more computers to:
verify, for each of the plurality of other network nodes other than the network node, the requesting message before sending the ECO messages to the network node.
[16]
16. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 11, characterized by the fact that it is further configured with instructions executable by one or more computers to:
verify, by the network node, if each of the ECO messages is valid, in which the verification of whether each of the ECO messages is valid comprises verifying whether each of the ECO messages is valid using a
Petition 870190068052, of 07/18/2019, p. 190/212
6/9 Merkel tree.
[17]
17. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 16, characterized by the fact that the verification of whether each of the ECO messages is valid also includes verifying whether the signature in the ECO message is valid.
[18]
18. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 11, characterized by the fact that each of the ECO messages further comprises at least one of a plurality of erasure code (EC) blocks associated with the target transaction, wherein the plurality of EC blocks are generated according to an EC code using the target transaction.
[19]
19. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 11, characterized by the fact that the recovery of the target transaction having the same sequence number on the network node based on the amount of valid ECO messages comprises reconstructing the transaction target using a subset of the plurality of EC blocks that are in the amount of valid ECO messages.
[20]
20. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 1, characterized by the fact that the message for the plurality of other network nodes, indicating that the network node has been recovered, comprises a set of signatures in the amount of valid ECO messages and the target sequence number.
[21]
21. SYSTEM, characterized by the fact that it comprises: one or more computers; and one or more computer-readable memories coupled to one
Petition 870190068052, of 07/18/2019, p. 191/212
7/9 or more computers and configured with instructions executable by one or more computers to:
transmit, over a network node of a trust protocol network, a status request message to a plurality of other network nodes of the trust protocol network, in which the network node must retrieve a transaction targeted by a number target sequence;
receiving, by the network node, a plurality of status response messages from the plurality of other network nodes, each of the plurality of status response messages comprising a sequence number;
in response to the determination that a number of status response messages exceeds a predetermined threshold, each of the number of status messages comprising the same sequence number, identifying the target sequence number by the network node based on in the same sequence number;
send, via the network node, a requesting message to the plurality of other network nodes, where the requesting message requests an ECO message from each of the plurality of other network nodes, where the ECO message is a message transmitted by each of the plurality of other network nodes to obtain a consensus between the plurality of other network nodes in the target transaction having the target sequence number, and the ECO message comprises a part of the target transaction and a signature from each of the plurality of other network nodes;
receiving, through the network node, a plurality of ECO messages from the plurality of other network nodes;
determine, through the network node, a number of valid ECO messages from the plurality of ECO messages, where each of the number of valid ECO messages comprises the number of
Petition 870190068052, of 07/18/2019, p. 192/212
8/9 target sequence;
in response to the determination that the number of valid ECO messages exceeds a predetermined threshold, retrieve, by the network node, the target transaction having the same sequence number on the network node based on the number of valid ECO messages; and sending, through the network node, a message to the plurality of other network nodes indicating that the network node has been recovered.
[22]
22. SYSTEM, according to claim 21, characterized by the fact that the plurality of network nodes comprises a primary node and one or more backup nodes.
[23]
23. SYSTEM, according to claim 21, characterized by the fact that the network node is a primary node or a backup node.
[24]
24. SYSTEM, according to claim 21, characterized by the fact that the requesting message comprises the target sequence number.
[25]
25. SYSTEM, according to claim 24, characterized by the fact that computer memories are still configured with instructions executable by one or more computers to:
verify, for each of the plurality of other network nodes other than the network node, the requesting message before sending the ECO messages to the network node.
[26]
26. SYSTEM, according to claim 21, characterized by the fact that computer memories are still configured with instructions executable by one or more computers to:
verify, by the network node, if each of the ECO messages is valid, in which the verification of whether each of the ECO messages is valid comprises verifying whether each of the ECO messages is valid using a
Petition 870190068052, of 07/18/2019, p. 193/212
9/9 Merkel tree.
[27]
27. SYSTEM, according to claim 26, characterized by the fact that the verification of whether each of the ECO messages is valid also comprises verifying whether the signature on the ECO message is valid.
[28]
28. SYSTEM, according to claim 21, characterized by the fact that each of the ECO messages further comprises at least one of a plurality of erasure code (EC) blocks associated with the target transaction, in which the plurality of blocks of erasure code EC is generated according to an EC code using the target transaction.
[29]
29. SYSTEM, according to claim 21, characterized by the fact that the recovery of the target transaction having the same sequence number on the network node based on the amount of valid ECO messages comprises reconstructing the target transaction using a subset of the plurality of EC blocks that are in the amount of valid ECO messages.
[30]
30. SYSTEM, according to claim 21, characterized by the fact that the message for the plurality of other network nodes, indicating that the network node has been recovered, comprises a set of signatures in the number of valid ECO messages and the number target sequence.

类似技术:

---

公开号 | 公开日 | 专利标题

---

BR112019015208A2|2021-07-27|computer-implemented methods, non-transient computer-readable storage media, and systems

---

BR112019014815A2|2020-02-27|COMPUTER IMPLEMENTED METHOD, LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER AND SYSTEM

---

BR112019016598A2|2020-03-31|COMPUTER IMPLEMENTED METHODS, NON-TRANSITIONAL STORAGE MEDIA AND SYSTEMS

同族专利:

---

公开号 | 公开日

---

WO2019072295A3|2019-10-10|

---

RU2718411C1|2020-04-02|

---

KR20200074911A|2020-06-25|

---

EP3560142A2|2019-10-30|

---

JP2020516105A|2020-05-28|

---

WO2019072295A2|2019-04-18|

---

ES2818597T3|2021-04-13|

---

JP6732321B2|2020-07-29|

---

PL3560142T3|2021-01-11|

---

CN110178340B|2021-05-18|

---

CA3050560A1|2019-04-18|

---

CA3050560C|2020-06-30|

---

US10649859B2|2020-05-12|

---

EP3748906A1|2020-12-09|

---

KR102157452B1|2020-09-18|

---

EP3560142A4|2020-03-25|

---

PH12019501710A1|2020-03-09|

---

US20190286531A1|2019-09-19|

---

CN110178340A|2019-08-27|

---

EP3560142B1|2020-09-09|

---

MX2019008741A|2019-09-09|

---

SG11201906535WA|2019-08-27|

---

AU2018348335A1|2020-07-02|

---

PH12019501710B1|2020-03-09|

---

AU2018348335B2|2020-07-30|

---

EP3748906B1|2021-12-01|

引用文献:

---

公开号 | 申请日 | 公开日 | 申请人 | 专利标题

---

---

US4309569A|1979-09-05|1982-01-05|The Board Of Trustees Of The Leland Stanford Junior University|Method of providing digital signatures|

---

EP0135499B1|1983-02-09|1990-05-02|International Business Machines Corporation|A method for achieving multiple processor agreement optimized for no faults|

---

US7249259B1|1999-09-07|2007-07-24|Certicom Corp.|Hybrid signature scheme|

---

US6671821B1|1999-11-22|2003-12-30|Massachusetts Institute Of Technology|Byzantine fault tolerance|

---

US6985956B2|2000-11-02|2006-01-10|Sun Microsystems, Inc.|Switching system|

---

US6931431B2|2001-01-13|2005-08-16|International Business Machines Corporation|Agreement and atomic broadcast in asynchronous networks|

---

US7502360B2|2005-03-04|2009-03-10|Itt Manufacturing Enterprises, Inc.|Method and apparatus for dynamic neighbor discovery within wireless networks using time division multiple access |

---

US8819102B2|2007-07-03|2014-08-26|Cisco Technology, Inc.|Method and system for managing message communications|

---

JP5427574B2|2009-12-02|2014-02-26|株式会社日立製作所|Virtual computer migration management method, computer using the migration management method, virtualization mechanism using the migration management method, and computer system using the migration management method|

---

CA2849930C|2011-10-25|2017-06-20|Nicira, Inc.|Chassis controllers for converting universal flows|

---

US9471622B2|2012-04-30|2016-10-18|International Business Machines Corporation|SCM-conscious transactional key-value store|

---

WO2016003708A1|2014-07-01|2016-01-07|Sas Institute Inc.|Systems and methods for fault tolerant communications|

---

WO2016155002A1|2015-04-03|2016-10-06|Yahoo! Inc.|Method and system for data recovery in a data system|

---

EP3345360B1|2015-09-04|2021-03-03|Nec Corporation|Method for storing an object on a plurality of storage nodes|

---

WO2017136527A1|2016-02-05|2017-08-10|Manifold Technology, Inc.|Blockchain-enhanced database|

---

US10204341B2|2016-05-24|2019-02-12|Mastercard International Incorporated|Method and system for an efficient consensus mechanism for permissioned blockchains using bloom filters and audit guarantees|

---

EP3281115B1|2016-10-04|2019-06-19|Nec Corporation|Method and system for byzantine fault-tolerance replicating of data on a plurality of servers|

---

US10360191B2|2016-10-07|2019-07-23|International Business Machines Corporation|Establishing overlay trust consensus for blockchain trust validation system|

---

US10158527B2|2016-10-28|2018-12-18|International Business Machines Corporation|Changing an existing blockchain trust configuration|

---

US10554746B2|2016-11-14|2020-02-04|International Business Machines Corporation|Decentralized immutable storage blockchain configuration|

---

US10311230B2|2016-12-24|2019-06-04|Cisco Technology, Inc.|Anomaly detection in distributed ledger systems|

---

CN106529951A|2016-12-30|2017-03-22|杭州云象网络技术有限公司|Node consensus verification method under league chain network through asynchronous mode|

---

RU2639015C1|2017-01-26|2017-12-19|Игорь Сан-Сенович Дю|Authenticity and quality control procedure of production in the process of manufacture and implementation|

---

CN107360206B|2017-03-29|2020-03-27|创新先进技术有限公司|Block chain consensus method, equipment and system|

---

US20180308091A1|2017-04-21|2018-10-25|Vmware, Inc.|Fairness preserving byzantine agreements|

---

CN107423152B|2017-04-24|2019-05-21|杭州趣链科技有限公司|A kind of block chain common recognition node automatic recovery method|

---

EP3632037A4|2017-05-22|2020-04-08|Visa International Service Association|Network for improved verification speed with tamper resistant data|

---

CN112804349A|2017-07-14|2021-05-14|创新先进技术有限公司|Method and device for processing consensus request in block chain consensus network and electronic equipment|

---

US11023608B2|2017-09-15|2021-06-01|Identify3D, Inc.|System and method for data management and security for digital manufacturing|

---

US11165862B2|2017-10-24|2021-11-02|0Chain, LLC|Systems and methods of blockchain platform for distributed applications|

---

CN108306760A|2017-12-28|2018-07-20|中国银联股份有限公司|For making the self-healing method and apparatus of managerial ability in a distributed system|

---

CN108365993B|2018-03-09|2020-04-28|深圳前海微众银行股份有限公司|Block link point dynamic changing method, system and computer readable storage medium|

---

CN108616596B|2018-05-09|2020-12-25|南京邮电大学|Block chain self-adaptive consensus method based on dynamic authorization and network environment perception|

---

CN108768749B|2018-06-21|2021-03-30|佛山科学技术学院|Node isolation self-recovery method and device based on block chain|

---

JP6726367B2|2018-12-13|2020-07-22|アリババ・グループ・ホールディング・リミテッドＡｌｉｂａｂａ Ｇｒｏｕｐ Ｈｏｌｄｉｎｇ Ｌｉｍｉｔｅｄ|Changing the primary node in a distributed system|

---

MX2019008861A|2018-12-13|2019-09-11|Alibaba Group Holding Ltd|Achieving consensus among network nodes in a distributed system.|MX2019008861A|2018-12-13|2019-09-11|Alibaba Group Holding Ltd|Achieving consensus among network nodes in a distributed system.|

---

JP6726367B2|2018-12-13|2020-07-22|アリババ・グループ・ホールディング・リミテッドＡｌｉｂａｂａ Ｇｒｏｕｐ Ｈｏｌｄｉｎｇ Ｌｉｍｉｔｅｄ|Changing the primary node in a distributed system|

---

US11204933B2|2019-05-23|2021-12-21|Advanced New Technologies Co., Ltd.|Data manipulation record storage method, system, apparatus, and device|

---

CN111033491A|2019-08-01|2020-04-17|阿里巴巴集团控股有限公司|Storing shared blockchain data based on error correction coding|

---

CN111095210A|2019-08-01|2020-05-01|阿里巴巴集团控股有限公司|Storing shared blockchain data based on error correction coding|

---

WO2021017009A1|2019-08-01|2021-02-04|Advanced New Technologies Co., Ltd.|Shared blockchain data storage based on error correction code|

---

EP3908932A1|2019-10-14|2021-11-17|NEC Laboratories Europe GmbH|Topology-driven byzantine fault-tolerant consensus protocol with vote aggregation|

---

WO2021175036A1|2020-03-06|2021-09-10|杜晓楠|Methods for preventing client node from invalidly occupying a connection resource for a long time and for guiding client node to reasonably select node bandwidth in p2p network|

---

CN111510317A|2020-03-06|2020-08-07|杜晓楠|Method, computer-readable storage medium, and DBFT network for mitigating delay caused by failure of a plurality of consecutive nodes in a DBFT|

---

CN112866374A|2020-07-02|2021-05-28|吴春香|Communication data processing method combined with block chain payment network and big data server|

---

CN111526218B|2020-07-03|2020-09-22|支付宝信息技术有限公司|Consensus method and system in alliance chain|

---

CN111526217B|2020-07-03|2020-10-09|支付宝信息技术有限公司|Consensus method and system in block chain|

---

CN113518005B|2021-06-22|2021-11-16|腾讯科技（深圳）有限公司|Block consensus method, device, equipment and storage medium|

---

CN113630258B|2021-10-09|2022-01-11|支付宝信息技术有限公司|Consensus method, block chain system and consensus node|

法律状态:
2021-04-06| B25A| Requested transfer of rights approved|Owner name: ADVANTAGEOUS NEW TECHNOLOGIES CO., LTD. (KY) |

---

2021-04-27| B25A| Requested transfer of rights approved|Owner name: ADVANCED NEW TECHNOLOGIES CO., LTD. (KY) |

---

2021-10-13| B350| Update of information on the portal [chapter 15.35 patent gazette]|

优先权:

---

申请号 | 申请日 | 专利标题

---

PCT/CN2018/120870|WO2019072295A2|2018-12-13|2018-12-13|Performing a recovery process for a network node in a distributed system|

---