computer-implemented method, non-transitory computer-readable storage medium and system to provide s

专利摘要:
implementations of the specification include receiving, by a smart contract service provider including a trusted computing execution environment (tee) from a customer associated with a target blockchain network, a request to operate cross-chain data from one or more blockchain networks different from the target blockchain, where the smart contract service provider is outside the blockchain network; send, through the smart contract service provider to a data visitation service provider, a request for cross-chain data; receiving, by the smart contract service provider, cross-chain data from the data visitation service provider; generate, through the tee, a result using cross-chain data; and return, by the smart contract service provider, the result to the customer.
公开号:BR112019014847A2
申请号:R112019014847
申请日:2018-12-13
公开日:2020-04-14
发明作者:Zhao Boran；Qiu Honglin；Lin Li；Song Xuyang；Yan Ying
申请人:Alibaba Group Holding Ltd；
IPC主号:

专利说明:

“METHOD IMPLEMENTED IN COMPUTER, LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER AND SYSTEM TO PROVIDE INTELLIGENT CONTRACT SERVICE” Background to the Invention [0001] Distributed ledger systems (DLSs), which can also be cited as consensus networks and / or blockchain networks (blockchain), allow participating entities to store data in a secure and immutable way. DLSs are commonly referred to as blockchain networks without referencing any specific user case. Examples of types of blockchain networks can include public blockchain networks, private blockchain networks and consortium blockchain networks. A public blockchain network is open for all entities to use DLS and participate in the consensus process. A blockchain network is provided to a specific entity, which centrally controls read and write permissions. A blockchain consortium network is provided to a select group of entities, which controls the consensus process and includes an access control layer.
[0002] Blockchain is a decentralized and tamper-proof distributed data storage technology. User data and contracts are operated and logically stored in the chain in a public way. In many scenarios, users need to meet privacy protection requirements and do not want their data and logic to be disclosed to unauthorized parties.
[0003] While encryption can be used to improve privacy protection for some specific scenario projects, a more versatile and efficient solution to address existing privacy issues of blockchain operations is desirable.
Brief Description of the Invention [0004] Implementations of the specification include methods
Petition 870190068195, of 07/18/2019, p. 65/135
2/50 implemented on a computer for an off-chain smart contract service (outside the chain) based on blockchain (block chain) technologies (referred to as an off-chain smart contract service blockchain (outside the chain of the chain) blocks) or simply a smart contract service). More particularly, the descriptive report implementations are aimed at providing an intelligent off-chain contract service capable of operating cross-chain data in a reliable execution environment (TEE).
[0005] In some implementations, actions include receiving, by a smart contract service provider including a trusted computing execution environment (TEE) from a customer associated with a target blockchain network, a request to operate cross-chain data from one or more blockchain networks other than the target blockchain network, and the smart contract service provider is outside the blockchain network; send, through the smart contract service provider to a data visitation service provider, a request for cross-chain data; receiving, by the smart contract service provider, cross-chain data from the data visitation service provider; generate, by TEE, a result using cross-chain data; and return, by the smart contract service provider, the result to the customer. Other implementations include corresponding systems, devices and computer programs, configured to carry out the actions of the methods, encoded in the computer storage devices.
[0006] In some implementations, a non-transitory computer-readable storage medium is coupled to one or more computers and configured with instructions executable by one or more computers to: receive, by a smart contract service provider that comprises a trusted computing execution environment (TEE) for a customer associated with a target blockchain network, a request to operate cross-chain data from one or more block chain networks other than the network
Petition 870190068195, of 07/18/2019, p. 66/135
3/50 target block chain, where the smart contract service provider is outside the block chain network; send, by the smart contract service provider to a data visitation service provider, a request for cross-chain data: receive, by the smart contract service provider, cross-chain data from the service provider data visitation; generate, by TEE, a result using cross-chain data: and return, by the smart contract service provider, the result to the customer.
[0007] In some implementations, a system to provide smart contract service includes an interface configured to receive, from a customer associated with a target blockchain network, a request to operate cross-chain data from one or more blockchain networks other than target blockchain network; where the system is disconnected from the target blockchain network; and a reliable computing execution environment (TEE), in which the TEE includes one or more computers; and one or more computer-readable memories coupled to one or more computers and configured with instructions executable by one or more computers to: send a request for cross-chain data to a data that visits a service provider; receive cross-chain data from data that visits the service provider; and generate a result using cross-chain data: and where the interface is configured to return the result to the customer.
[0008] These and other implementations may each optionally include one or more of the following characteristics:
[0009] A first feature, combinable with any of the following features, in which the request to operate cross-chain data includes computational logic of smart contract to operate the crosschain data.
[0010] A second characteristic, combinable with any of the following characteristics, in which the computational logics of
Petition 870190068195, of 07/18/2019, p. 67/135
4/50 smart contract to operate cross-chain data are self-designed by the customer.
[0011] A third characteristic, combinable with any of the following characteristics, in which the result is generated by the TEE that executes the computational logic of the smart contract using the cross-chain data.
[0012] A fourth feature, which can be combined with any of the following features, further includes proving, by the smart contract service provider to the customer, that the TEE includes an operable virtual machine to execute the intelligent contract computational logic in the request to operate cross-chain data.
[0013] A fifth feature, which can be combined with any of the following features, includes before receiving a request to operate cross-chain data from the client, proving, by the smart contract service provider to the client, that the smart contract service includes TEE.
[0014] A sixth feature, combinable with any of the following features, further includes proving, by the smart contract service provider to the service provider that visits the data, that the smart contract service provider includes the TEE; and verify, by the smart contract service provider, that the service provider that visits the data includes a TEE.
[0015] A seventh feature, combinable with any of the following features, still includes uploading, by the smart contract service provider, the result to the target blockchain network.
[0016] An eighth feature, combinable with any of the following features, still includes uploading the result to the target blockchain network, proving, by the contract service provider
Petition 870190068195, of 07/18/2019, p. 68/135
5/50 smart for the target blockchain network, which the smart contract service provider includes TEE.
[0017] A ninth feature, combinable with any of the following features, where the smart contract service provider includes a cloud-based server.
[0018] A tenth characteristic, combinable with any of the following characteristics, in which the result is signed by the TEE using a private key.
[0019] An eleventh feature, combinable with any of the following features, in which cross-chain data is obtained from two or more blockchain networks.
[0020] In some implementations, actions include generating, by a customer associated with a target blockchain network, a request to operate cross-chain data from one or more blockchain networks other than the target blockchain network, in which the request to operate cross data -chain includes computational logic of smart contract to operate cross-chain data; send, from the client, the request to operate cross-chain data to the smart contract service provider including a trusted computing execution environment (TEE), in which the smart contract service provider is disconnected from the target blockchain network ; and receiving, by the customer, a result from the smart contract service provider, where the result is generated by the TEE using the cross-chain data obtained by the smart contract service provider. Other implementations include corresponding systems, devices and computer programs, configured to carry out the actions of the methods, encoded in the computer storage devices.
[0021] In some implementations, a non-transitory computer-readable storage medium is coupled to one or more computers and
Petition 870190068195, of 07/18/2019, p. 69/135
6/50 configured with instructions executable by one or more computers to generate, by a client associated with a target blockchain network, a request to operate cross-chain data from one or more blockchain networks other than the target blockchain network, in which the request to operating cross-chain data includes computational logic of smart contract to operate cross-chain data; send, from the client, the request to operate cross-chain data to the smart contract service provider that comprises a trusted computing execution environment (TEE), in which the smart contract service provider is disconnected from the blockchain network target; and receiving, by the customer, a result from the smart contract service provider, where the result is generated by the TEE using the cross-chain data obtained by the smart contract service provider.
[0022] In some implementations, a system includes one or more computers; and one or more computer-readable memories coupled to one or more computers and configured with instructions executable by one or more computers to: generate, by a customer associated with a target blockchain network, a request to operate cross-chain data from one or more blockchain networks other than the target blockchain network, where the request to operate cross-chain data includes computational logic of smart contract to operate the cross-chain data; send, from the client, the request to operate cross-chain data to the smart contract service provider that comprises a trusted computing execution environment (TEE), in which the smart contract service provider is disconnected from the blockchain network target; and receiving, by the customer, a result from the smart contract service provider, where the result is generated by the TEE using the cross-chain data obtained by the smart contract service provider.
[0023] These and other implementations may each include
Petition 870190068195, of 07/18/2019, p. 70/135
7/50 optionally, one or more of the following:
[0024] A first feature, which can be combined with any of the following features, also includes sending, by the client, the result received to the target blockchain network.
[0025] A second feature, combinable with any of the following features, still includes, before sending the request to operate cross-chain data to the smart contract service provider, verify, by the customer, that the contract service provider smart includes TEE.
[0026] A third characteristic, which can be combined with any of the following characteristics, also includes verifying, by the customer, that the TEE includes an operable virtual machine to execute the computational logic of intelligent contract in the request to operate the cross-chain data.
[0027] A fourth characteristic, which can be combined with any of the following characteristics, also includes designing, by the customer, the computational logic of intelligent contract to operate the cross-chain data.
[0028] A fifth feature, combinable with any of the following features, in which the client includes a software development kit (SDK).
[0029] A sixth feature, combinable with any of the following features, in which the result is signed by the TEE using a private key, the method also including decrypting, by the client, the result received using a public key corresponding to the private key.
[0030] A seventh feature, combinable with any of the following features, still includes, before sending the request to operate cross-chain data to the smart contract service provider, encrypt, by the customer, the request to operate cross- chain.
Petition 870190068195, of 07/18/2019, p. 71/135
8/50 [0031] An eighth characteristic, combinable with any of the following characteristics, in which the cross-chain data is obtained from two or more blockchain networks.
[0032] The specification also provides one or more non-temporary, computer-readable storage media coupled to one or more processors and having instructions stored on it that, when executed by one or more processors, causes one or more processors to perform processing operations. according to the implementations of the methods provided in this application.
[0033] The specification also provides a system for implementing the methods provided in this application. The system includes one or more processors, and a computer-readable storage medium coupled to one or more processors that have instructions stored in it that, when executed by one or more processors, causes one or more processors to perform operations according to implementations the methods provided in this application.
[0034] The off-chain smart contract service provider described is not coupled to any specific blockchain network, so the service provided is not limited to a specific form of a contract (for example, configured for a specific blockchain network ), but supports user-defined off-chain computations. In addition, the off-chain smart contract service provider described can support crosschain data visits and mutually allow untrusted parties to execute smart contracts on private data from one or more blockchain networks. The techniques described can have some advantages. For example, using a TEE as a temporary medium to perform calculations can protect data privacy. In addition, offloading computational tasks from the blockchain network to off-chain TEE can save computing time and
Petition 870190068195, of 07/18/2019, p. 72/135
9/50 blockchain network resources. In addition, due to the fact that the user can self-design computational logics for the calculations they need and request, TEE performs the calculations using these computational logics, and various calculations can be performed in a more flexible way.
[0035] It is considered that methods according to the specification can include any combination of the aspects and characteristics described in the present application. That is, methods according to the specification are not limited to the combinations of aspects and characteristics specifically described in the present application, but also include any combination of the aspects and characteristics provided.
[0036] Details of one or more implementations of the specification are presented in the attached Figures and in the description below. Other features and advantages of the specification will be evident from the description and figures, and from the claims.
Description of the Figures [0037] Figure 1 represents an example of an environment that can be used to perform descriptive report implementations.
[0038] Figure 2 represents an example of a conceptual architecture according to implementations of the specification.
[0039] Figure 3 represents an example of a process to provide cross-chain data service to a customer according to implementations of the specification.
[0040] Figure 4 represents an example of a process that can be performed according to implementations of the specification.
[0041] Figure 5 represents an example of a diagram that illustrates modules of a cross-chain data operation device according to implementations of the specification.
[0042] Figure 6 represents an example of a diagram that
Petition 870190068195, of 07/18/2019, p. 73/135
10/50 illustrates modules of another cross-chain data operation device according to implementations of the specification.
[0043] Similar reference symbols in the various figures indicate similar elements.
Detailed Description [0044] Descriptive report implementations include computer-implemented methods for an off-chain (off-chain) smart contract service based on blockchain (block chain) technologies (referred to as an off-chain smart contract service) blockchain (outside the chain of the block chain) or simply a smart contract service). More particularly, descriptive report implementations are aimed at providing an intelligent off-chain contract service capable of operating cross-chain data in a reliable execution environment.
[0045] To provide more context for implementations of the specification, and as introduced above, distributed ledger systems (DLSs), which can also be cited as consensus networks (for example, composed of point-to-point nodes ( peer-to-peep) and blockchain networks, allow participating entities to carry out transactions securely and immutably, and store data.The term blockchain is used in this application to refer generally to a DLS without reference to any specific use case.
[0046] A blockchain is a data structure that stores transactions in a way that transactions are immutable, and can be verified subsequently. A blockchain includes one or more blocks. Each block in the chain is linked to a previous block immediately before it in the chain, including a cryptographic hash of the previous block. Each block also includes a timestamp, its own cryptographic dispersion, and one or more transactions. Transactions, which have already been
Petition 870190068195, of 07/18/2019, p. 74/135
11/50 verified by the nodes of the blockchain network, are dispersed and encoded in a Merkle tree. A Merkle tree is a data structure in which the data at the leaf nodes is dispersed, and all hashes in each branch of the tree are concatenated at the root of the branch. This process continues up the tree to the root of the entire tree, which stores a hash that is representative of all the data in the tree. A hash of a transaction supposedly stored in the tree can be quickly verified by determining whether it is consistent with the structure of the tree.
[0047] While a blockchain is a data structure for storing transactions, a blockchain network is a network of computing nodes that manages, updates and maintains one or more blockchains. As introduced above, a blockchain network can be provided as a public blockchain network, a private blockchain network, or a consortium blockchain network.
[0048] In a public blockchain network, the consensus process is controlled by the nodes of the consensus network. For example, hundreds, thousands, even millions of entities can cooperate with a public blockchain network, each of which operates at least one node on the public blockchain network. Consequently, the public blockchain network can be considered a public network in relation to the participating entities. In some examples, most entities (nodes) must sign each block in order for the block to be validated and added to the blockchain (distributed ledger) of the blockchain network. Example public blockchain networks include peer-to-peer payment networks that take advantage of a distributed ledger, referred to as blockchain. As noted above, the term blockchain, however, is used to generally refer to ledgers distributed without particular reference to any specific blockchain network.
[0049] In general, a public blockchain network supports transactions
Petition 870190068195, of 07/18/2019, p. 75/135
12/50 public. A public transaction is shared with all nodes within the public blockchain network, and is stored on a global blockchain. A global blockchain is a blockchain that is replicated across all nodes. That is, all nodes are in perfect state of consensus regarding the global blockchain. To obtain consensus (for example, agreement to add a block to a blockchain), a consensus protocol is implemented within the public blockchain network. Examples of consensus protocols include, without limitation, proof of work (POA), proof of participation (POS) and proof of authority (POA). POW is further referred to in the present application as a non-limiting example.
[0050] In general, a private blockchain network is provided to a specific entity, which centrally controls read and write permissions. The entity controls, which nodes are able to participate in the blockchain network. Consequently, private blockchain networks are generally cited as permissioned networks that place restrictions on who can participate in the network and their level of participation (for example, only in certain transactions). Various types of access control mechanisms can be used (for example, existing participants vote on adding new entities, a regulatory authority can control admission).
[0051] In general, a blockchain consortium network is private between participating entities. In a blockchain consortium network, the consensus process is controlled by an authorized set of nodes, one or more nodes being operated by a respective entity (for example, a financial institution, insurance company). For example, a consortium of ten (10) entities (for example, financial institutions, insurance companies) can operate a consortium blockchain network, each of which operates at least one node in the consortium blockchain network. Consequently, the consortium blockchain network can be considered a private network in relation to entities
Petition 870190068195, of 07/18/2019, p. 76/135
13/50 participants. In some examples, each entity (node) must sign each block in order for the block to be validated and added to the blockchain. In some examples, at least a subset of entities (nodes) (for example, at least 7 entities) must sign each block in order for the block to be validated and added to the blockchain.
[0052] A blockchain is a tamper-proof shared digital ledger that records transactions on a public or private point-to-point network. The ledger is distributed to all member nodes in the network, and the history of resource transactions that occurs on the network is permanently recorded in the block. Before participating in a transaction, a node on the blockchain may need to perform calculations using various techniques. With current solutions, due to the fact that each service is independent, a blockchain node cannot communicate with other chains. For example, a node cannot read data from other blockchains or exchange data with other blockchains. In addition, even if a node does not require data from other blockchains to perform a calculation, performing these calculations entirely on a blockchain can be very time consuming and computational resources on the blockchain, if these require complicated computational logic and protocols.
[0053] Implementations of the specification are described in more detail in this application with reference to a consortium blockchain network, which is public among the participating entities. It is contemplated, however, that implementations of the specification can be carried out on any type of blockchain network.
[0054] Implementations of the specification are described in more detail in the present application in view of the above context. More particularly, and as introduced above, the descriptive report implementations are aimed at providing an intelligent offchain contract service capable of operating cross-chain data in an execution environment
Petition 870190068195, of 07/18/2019, p. 77/135
Reliable 14/50.
[0055] Techniques to address these issues may include the use of an off-chain smart contract service to perform calculations and operate cross-chain data. A smart contract can be a computer agreement designed to disseminate, verify or enforce contracts in an informative manner. Smart contracts allow reliable transactions to be carried out without the involvement of third parties. These transactions are traceable and irreversible. A smart contract includes logic or computer programs that carry out the agreements or rules of a transaction. For example, a smart contract can include logics that control the transfer of currencies or digital resources between the parties under certain conditions. Smart contracts can be coded in a programming language and installed on the blockchain network runtime platform.
[0056] In some implementations, off-chain processing can be used to execute or install smart contracts. For example, the logic included in the smart contract can be executed outside the boundaries of a blockchain network, for example, by an off-chain smart contract service provider, while maintaining the trust and transparency of a blockchain network. For example, an offshore smart contract service provider can be a computer, server or other types of data processing devices independent of a blockchain network. With off-chain processing, smart contract logic can be performed in a trusted execution environment (TEE) to preserve the trust and transparency of a blockchain network. The TEE can be used to execute logic in a smart contract and perform other operations and transactions included in the smart contract, outside a blockchain network. The TEE can link the code to the smart contract, and provide various services, such as identity verification, key management, cerographic service and
Petition 870190068195, of 07/18/2019, p. 78/135
15/50 interactions with the outside world. The trusted TEE environment ensures that only authorized code is allowed to access the data, and these protections are applied throughout the execution of the code within it. In some implementations, the result of executing the smart contract returned by the off-chain smart contract service can be loaded or otherwise transmitted to the blockchain network, for example, to update the state of the blockchain network. As such, the off-chain smart contract service provider can offload a computing load from the blockchain network and have more flexibility to perform different and complicated computational logic and protocols.
[0057] In some implementations, the off-chain smart contract service provider described is not coupled to any specific blockchain network, so the service provided is not limited to a specific form of a contract (for example, configured for a specific blockchain network), but supports user-defined off-chain computations.
[0058] In addition, the described off-chain smart contract service provider can support cross-chain data visits and mutually allow untrusted parties to execute smart contracts on private data from one or more blockchain networks. For example, a customer on a blockchain network A can define a smart contract that operates on both customer data from blockchain network A, but also data from a different blockchain network, blockchain network B. In some implementations, the customer requests an off-chain contract service to execute your defined smart contract. The off-chain contract service can fetch the requested data from blockchain network A and blockchain network B, execute the customer-defined smart contract outside blockchain network A and blockchain network B to obtain a result, and then send the result to blockchain network A to update customer states.
Petition 870190068195, of 07/18/2019, p. 79/135
16/50 [0059] The sample techniques are described to make it possible and easier for a blockchain network node to perform complicated calculations, and use data from one or more among other networks to perform these calculations. Sample techniques can be based on a reliable execution environment (TEE). A TEE is a secure area on a host processor that guarantees the security, confidentiality and integrity of the codes and data uploaded to the environment. A TEE provides an isolated execution environment (for example, using dedicated, isolated hardware) that has several security features, such as isolated execution, trusted application integrity, trusted data confidentiality, and secure storage. The described off-chain smart contract service provider can include a TEE and implement the blockchain network calculation in the TEE. The techniques described may have some advantages. For example, using a TEE as a temporary medium to perform calculations can protect data privacy. For example, a blockchain network user A needs data from blockchain network B and blockchain network C to perform a calculation. Typically, each of the blockchain networks B and C is a closed chain and is not willing to share its data to the user of blockchain network A due to privacy concerns. With the use of TEE, the calculation can be performed without disclosing the detailed data from the blockchain network B and C data to the blockchain network A, but still realizing the cross-chain data visit and the execution of the smart contract based on the data cross-chain. In addition, as previously described, performing complicated calculations on a blockchain network costs computational resources from the chain. Downloading computational tasks from the blockchain network to the off-chain TEE can save computing time and resources on the blockchain network. Furthermore, due to the fact that the user can self-design computational logic for the calculations they need and request, the TEE performs the calculations using these
Petition 870190068195, of 07/18/2019, p. 80/135
17/50 computational logic, and various calculations can be performed in a more flexible and extensive way.
[0060] In some implementations, the proposed techniques may provide a universal smart contract service with privacy protection. For example, smart contracts used for financial transactions need to hide the transfer amount and parties (as sender and beneficiary) due to privacy concerns. Using the proposed approach, a sender can encrypt the content of the transaction and request an off-chain smart contract service. The off-chain smart contract service can decrypt the content of the transaction in a TEE, execute the transaction in the TEE, and then return the transaction's result to the chain in encoded text (for example, with proof that the transaction is executed in the correct logic). After the blockchain network verifies the returned result, the result can be updated to reflect the most recent state on the blockchain network.
[0061] In some implementations, the proposed techniques may provide cross-chain data computing services. As an example, the proposed techniques can be used to calculate personal credit scores. In practice, people need to participate in various services involving credit assessment. For example, bank loan applications, real estate rentals and car rentals. Each service can be run and maintained by an independent consortium blockchain network or a private blockchain network. Each service may not want to share data for other services, and they may encrypt personal data owned by them, in some cases. In order to obtain a global credit assessment of the person from different areas, the proposed solution can be used. In some implementations, the user can provide computational credit logic (codes), data request authorization (for example, with the use of a
Petition 870190068195, of 07/18/2019, p. 81/135
18/50 subscription or private key) to initiate a credit assessment request using a private channel. The service in the proposed solution requests data from several chains and decrypts the data in a TEE, ensuring that the result is generated using the correct calculation logic. The result and a certificate for the result are returned to the user, and the user can guarantee the confidentiality and integrity of data and logic through proof of verification. The user can then use this result and proof to provide a certified personal credit score to other nodes on their blockchain network.
[0062] In some implementations, when a user needs to execute a transaction under a blockchain network contract, it can deliver the complicated calculations in the contract to the off-chain smart contract service in advance and then load and store the result in blockchain network. In some implementations, the result can be used directly as an entry to a transaction carried out on the blockchain network, reducing the uptime of the blockchain network contract and improving efficiency. In these implementations, if the user does not wish to expose private contracts or security protocols that are applied to the blockchain network, the calculation can be done using the off-chain smart contract service and the data from the blockchain network can be reliably accessed .
[0063] Figure 1 represents an example of an environment (100) that can be used to perform descriptive report implementations. In some examples, the environment (100) allows entities to participate in a blockchain network (102). The environment (100) includes computing devices (106), (108) and a network (110). In some instances, the network (110) includes a local area network (LAN), wide area network (WAN), the Internet or a combination of them, and connects websites, user devices (for example, devices
Petition 870190068195, of 07/18/2019, p. 82/135
19/50 computing) and back-end systems. In some examples, the network (110) can be accessed via a wired network and / or a wireless communication link. In some examples, the network (110) allows communication with, and within the blockchain network (102). In general, the network (110) represents one or more communication networks. In some cases, the computing devices (106), (108) can be nodes of a cloud computing system (not shown) or each computing device (106), (108) can be a separate cloud computing system including a series of computers interconnected by a network and functioning as a distributed processing system.
[0064] In the example shown, each of the computing systems (106), (108) can include any appropriate computing system that allows participation as a node in the blockchain network (102). Examples of computing devices include, without limitation, a server, a desktop computer, a portable computer, a tablet, a computing device and a smartphone. In some examples, the computing systems (106), (108), host one or more services implemented on a computer to interact with the blockchain network (102). For example, the computing system (106) can host services implemented on a first entity's computer (for example, Participant A), as a transaction management system that the first entity uses to manage its transactions with one or more among other entities (for example, other participants). The computing system (108) can host services implemented on a second entity's computer (for example, Participant B), such as the transaction management system that the second entity uses to manage its transactions with one or more among other entities (for example, other participants). In the example in Figure 1, the blockchain network (102) is represented as a peer-to-peer network
Petition 870190068195, of 07/18/2019, p. 83/135
20/50 peek), and computing systems (106), (108) provide nodes of the first entity and the second entity, respectively, that participate in the blockchain network (102).
[0065] Figure 2 represents an example of a conceptual architecture (200) according to implementations of the specification. The example of a conceptual architecture (200) includes participating systems (202), (204), (206) that correspond to Participant A, Participant B and Participant C, respectively. Each participant (for example, user, company) participates in a blockchain network (212) provided as a peer-topeef network including a series of nodes (214), at least some of which record information in a way immutable on a blockchain (216). Although a single blockchain (216) is schematically represented within the blockchain network (212), several copies of the blockchain (216) are provided and maintained through the blockchain network (212), as described in more detail in this application.
[0066] In the example shown, each participating system (202), (204), (206) is provided by, or on behalf of Participant A, Participant B and Participant C, respectively, and functions as a respective node (214) within of the blockchain network. As used in the present application, a node generally refers to an individual system (e.g., computer, server) that is connected to the blockchain network (212) and allows a respective participant to participate in the blockchain network. In the example in Figure 2, one participant corresponds to each node (214). It is contemplated, however, that a participant can operate several nodes (214) within the blockchain network (214) and / or several participants can share a node (214). In some examples, participating systems (202), (204), (206) communicate with, or via the blockchain network (212) using a protocol (for example, secure hypertext transfer protocol (HTTPS)) and / or using calls
Petition 870190068195, of 07/18/2019, p. 84/135
21/50 remote procedures (RPCs).
[0067] Nodes (214) can have varying degrees of participation within the blockchain network (212). For example, some nodes (214) may participate in the consensus process (for example, as inspector nodes that add blocks to the blockchain (216)), while other nodes (214) do not participate in the consensus process. As another example, some nodes (214) store a complete copy of the blockchain (216), while other nodes (214) store only copies of portions of the blockchain (216). For example, data access privileges can limit the blockchain data that a respective participant stores within its respective system. In the example in Figure 2, the participating systems (202), (204), (206), store the respective complete copies (216 ’), (216”), (216 ”’) of the blockchain (216).
[0068] A blockchain (for example, blockchain (216) in Figure 2) is composed of a chain of blocks, each block storing data. Examples of data include transaction data representative of a transaction between two or more participants. While transactions are used in this application as an example, it is contemplated that any appropriate data may be stored on a blockchain (for example, documents, images, videos, audio). Examples of transactions may include, without limitation, the exchange of something of value (for example, resources, products, services and currency). Transaction data is stored immutably within the blockchain. That is, the transaction data cannot be changed.
[0069] Before storing in a block, the transaction data is hashed. Hashing is a process for transforming transaction data (provided as string data) into a fixed-length hash value (also provided as string data). It is not possible to not spread (hash) the hash value to obtain the transaction data. THE
Petition 870190068195, of 07/18/2019, p. 85/135
22/50 hashing ensures that even a slight change in transaction data results in a completely different hash value. In addition, as noted above, the hash value is fixed in length. That is, no matter the size of the transaction data, the length of the hash value is fixed. Hashing includes processing transaction data using a hash function to generate the hash value. Examples of a hash function include, without limitation, the safe hash algorithm (SHA) -256, which generates 256 bits of hash values.
[0070] The transaction data for several transactions are dispersed and stored in a block. For example, hash values for two transactions are provided and are themselves hashed to provide another hash. This process is repeated, for all transactions to be stored in one block, until a single hash value is provided. This hash value is referred to as a Merkle root hash, and is stored in a block header. A change in any of the transactions will result in a change in its hash value and, ultimately, a change in Merkle's root hash.
[0071] The blocks are added to the blockchain through a consensus protocol. Several nodes within the blockchain network participate in the consensus protocol, and compete to have a block added to the blockchain. These nodes are referred to as miners (or inspectors (minder nodes)). POW, introduced above, is used as a non-limiting example.
[0072] Mining nodes perform the consensus process to add transactions to the blockchain. Although several mining nodes participate in the consensus process, only one mining node can write the block for the blockchain. That is, the mining nodes compete in the consensus process for
Petition 870190068195, of 07/18/2019, p. 86/135
23/50 have their blocks added to the blockchain. In more detail, a mining node periodically collects pending transactions from a transaction group (for example, up to a predefined limit on the number of transactions that can be included in a block, if any). The transaction group includes transaction messages from participants in the blockchain network. The mining node builds a block and adds transactions to the block. Before adding transactions to the block, the mining node checks whether any of the transactions are already included in a block on the blockchain. If a transaction is already included in another block, the transaction is discarded.
[0073] The mining node generates a block header, hashes (hashes) all transactions in the block, and combines the hash value in pairs to generate additional hash values until a single dispersion value ( hash) is provided for all transactions in the block (Merkle hash). This hash is added to the block header. The miner also determines the dispersion (hash) value of the most recent block on the blockchain (i.e., the last block added to the blockchain). The mining node also adds a nonce value, and a timestamp to the block header. In a mining process, the mining node tries to find a hash value that meets the necessary parameters. The mining node continues to change the nonce value until it finds a hash value that meets the necessary parameters.
[0074] Each miner in the blockchain network tries to find a hash value that finds the necessary parameters and, in this way, compete with each other. Eventually, one of the mining nodes finds a hash value that finds the necessary parameters, and announces this to all other mining nodes in the blockchain network. The other mining nodes verify the hash value and, if determined to be correct, verify each transaction in the block, accept the block, and attach the block to its copy of
Petition 870190068195, of 07/18/2019, p. 87/135
24/50 blockchain. In this way, a global blockchain state is consistent across all mining nodes within the blockchain network. The process described above is the POW consensus protocol.
[0075] A non-limiting example is provided with reference to Figure 2. In this example, Participant A wants to send a fund amount to Participant B. Participant A generates a transaction message (for example, including From, To and fields Value), and sends the transaction message to the blockchain network, which adds the transaction message to a transaction group. Each mining node in the blockchain network creates a block and takes all transactions in the transaction group (for example, up to a predefined limit on the number of transactions that can be added to a block, if any) and adds the transactions to the block. In this way, the transaction published by Participant A is added to the blocks of the mining nodes.
[0076] In some blockchain networks, encryption is implemented to maintain transaction privacy. For example, if two nodes want to keep a transaction private, so that other nodes in the blockchain network cannot discern details of the transaction, the nodes can encrypt the transaction data. Examples of cryptographic methods include, without limitation, symmetric encryption and asymmetric encryption. Symmetric encryption refers to an encryption process that uses a single key for both encryption (generating encrypted text from plain text) and decryption (generating plain text from encrypted text). In symmetric encryption, the same key is available for multiple nodes, so each node encrypts / decrypts the transaction data.
[0077] Asymmetric cryptography uses key pairs that include a private key and a public key, the private key being known only to a respective node, and the public key being known to any or all of the other nodes in the blockchain network. A node can use the
Petition 870190068195, of 07/18/2019, p. 88/135
25/50 public key of another node to encrypt the data, and the encrypted data can be decrypted using the private key of the other node. For example, and referring again to Figure 2, Participant A can use Participant B's public key to encrypt the data, and send the encrypted data to Participant B. Participant B can use his private key to decrypt the data. encrypted data (encoded text) and extract the original data (plain text). Messages encrypted with a node's public key can only be decrypted using the node's private key.
[0078] Asymmetric cryptography is used to provide digital signatures, which allows participants in a transaction to confirm other participants in the transaction, as well as the validity of the transaction. For example, one node can digitally sign a message, and another node can confirm that the message was sent by the node based on participant A.'s digital signature. Digital signatures can also be used to ensure that messages are not tampered with in transit. For example, and referring again to Figure 2, Participant A will send a message to Participant B. Participant A generates a hash of the message and then uses his private key, encrypts the hash. to provide a digital signature as the encrypted hash. Participant A attaches the digital signature to the message and sends the message with a digital signature to Participant B. Participant B decrypts the digital signature using Participant A's public key, and extracts the hash. Participant B hashes the message and compares the hashes. If the hashes are the same, Participant B can confirm that the message was in fact from Participant A, and has not been tampered with.
[0079] Figure 3 represents an example of a process (300) for providing cross-chain data service to a customer according to
Petition 870190068195, of 07/18/2019, p. 89/135
26/50 implementations of the specification. In some implementations, a client (302) represents an application (for example, a client application) in connection with a blockchain network as a target blockchain network (306). For example, the client (302) can include a software development kit (SDK) to access and communicate with the blockchain network (306). The client (302) can be installed on a user's device (also referred to as a client or a node) (not shown in Figure 3). In some implementations, the user can participate in a transaction on the target blockchain network (306), initiating the transaction using the client (302). In some implementations, user account information may be stored on the target blockchain network (306) and the user is authorized to perform transactions on the target blockchain network. The client (302) can access and read the data stored on the target blockchain network (306). In some implementations, to obtain cross-chain data, for example, data from one or more different networks (for example, (316), (328) and (320) in Figure 3, the client (302) may need a retransmission or trusted data visitation service provider (312) to fill the communication gap between the client (302) of the target blockchain network (306) and the other different blockchain networks.
[0080] In some implementations, the customer (302) may initiate a confidential transaction under a contract from the target blockchain network, and this transaction information is visible only to the customer user (302) and possibly other participants or parties to the transaction, but not any other parties inside or outside the blockchain network. In some implementations, the client (302) needs to present a result to another entity inside or outside the target blockchain network (306).
[0081] In some implementations, a client transaction (302) from the target blockchain network (316) can include various computational operations using data from the target blockchain network (316), the data
Petition 870190068195, of 07/18/2019, p. 90/135
27/50 cross-chain (e.g. data from one or more different blockchain networks (316), (318) or (320)), or both. In some implementations, a client transaction (302) from the target blockchain network (316) may include a result calculated using the data from the target blockchain network (316), the cross-chain data, or both. In some implementations, the transaction may include several computational logic and protocols. In some implementations, the calculation can be complicated and consumes computational resources from the blockchain network. In some implementations, the transaction can be specified in a customer-designed smart contract (302).
[0082] For example, as shown in Figure 3, the customer (302) can, for example, use the customer's SDK (304) to prepare a smart contract that includes self-designed computational logic and protocols to perform a transaction based on cross data -chain (for example, data from one or more different blockchain networks (316), (318) or (320)). The customer (302) can send the smart contract to a smart contract service provider (308) for execution. The smart contract service provider (308) is outside the target blockchain network (306), so the smart contract service provider (308) can perform computational logic and protocols, as defined in the smart contract regardless of the blockchain network target (306).
[0083] Upon receiving and analyzing the smart contract, the smart contract service provider (308) determines what cross-chain data is needed to execute the smart contract. The smart contract service provider (308) can send a request for cross-chain data to a trusted data visitation service provider (312) to obtain data from the cross-chain data. For example, the client (302) may want to perform a calculation of "a plus b", where a is data from the target blockchain network (306), and b is data from the blockchain network (306). In this case, the smart contract
Petition 870190068195, of 07/18/2019, p. 91/135
28/50 sent from the client (302) contains the computational logic to add a and b together and data locations indicator a and b. The smart contract service provider (308) can send a request to a trusted data visitation service provider (312) to obtain private data b from the blockchain network (316). In some implementations, the smart contract can be encrypted to protect user privacy.
[0084] In some implementations, the off-chain smart contract service provider (308) may be a cloud-based server provider. In some implementations, this cloud server provider may be a third party server provider, such as Alibaba®. In some implementations, several entities are the data resources of crosschain data, and none of them want to download their own data to a third-party service provider. In such cases, these entities themselves can create a smart contract service provider.
[0085] The off-chain smart contract service provider (308) includes a trusted computing execution environment (TEE) (310), which provides a secure computing execution environment. In some implementations, the TEE calculation (310) is an independent hardware module whose independence guarantees the security of the data executed within the TEE (310). In some implementations, to configure the TEE (310) for blockchain network operations, one or more of a virtual machine, an application interface or an operating system can be programmed, coded or otherwise configured in the TEE (310) in order to make TEE (310) suitable for executing computational logic defined in an intelligent contract. In some implementations, before sending the smart contract to the off-chain smart contract service provider (308), the customer (302) can verify that the offchain smart contract service provider includes a TEE (310), and the TEE (310) includes execution programs or
Petition 870190068195, of 07/18/2019, p. 92/135
29/50 environment that corresponds to the customer (302). For example, if the target blockchain network (306) is an Ethereum-based blockchain network and the client's SDK (304) is an Ethereum-based SDK client (for example, using the Solidity language), the client (302) can check whether the TEE (302) includes an Ethereum Virtual Machine (EVM) (for example, which supports the Solidity language) to execute Ethereum-based computational logic before the customer (302) submits a request to execute a contract smart to the off-chain smart contract service provider (308).
[0086] After receiving the request to execute a smart contract, if the request is encrypted, the TEE (310) first decrypts the request, analyzes the smart contract and identifies the data necessary for the execution of the smart contract. The TEE (310) may request the trusted data visitation service provider (312) to obtain data from one or more different sources, for example, through the service provider's application program interface (API) (314) reliable data visitation (312). The trusted data visitation service provider (312) can be a trusted party that can retrieve data from one or more different blockchain networks. The trusted data visitation service provider (312) can provide reliable data to the TEE (310) from the off-chain smart contract service provider (308) and ensure data privacy and accuracy.
[0087] In some implementations, the trusted data visitation service provider (312) may also contain a TEE, for example, to retrieve data from correct locations on one or more different blockchain networks. In some implementations, the TEE logics included in the trusted data visitation service provider (312) are simpler than those of the TEE (310) in the off-chain smart contract service provider (308), since the first it is mainly used for data recovery and does not need to perform calculations on that recovered data.
Petition 870190068195, of 07/18/2019, p. 93/135
30/50 [0088] In some implementations, before the TEE (310) requests the API (314), a two-way verification process is carried out between the smart contract service provider (308) and the visitation service provider reliable database (312). In some implementations, during the verification process, each proves that it has included a TEE for the other party.
[0089] In some implementations, the trusted data visitation service provider (312) can retrieve data from one or more different sources, including one or more blockchain networks, a blockchain network collaboration, or a blockchain network platform (collectively cited as one or more blockchain networks). Examples of blockchain networks are shown as Mychain (316), Hiperleger (318) and Ethereum (320) in Figure 3. The data obtained is sent back to the TEE (310), which performs computational logic using the data obtained.
[0090] In some implementations, after generating the calculation result in the calculation of the TEE (310), the TEE (310) signs the result with a private key to prove the integrity and accuracy of the result. In some implementations, the signature is a proof indicating that the calculation result is performed by the TEE (310) according to computational logic included in the smart contract sent by the customer (302). As such, the result can be trusted by the other nodes in the target blockchain network (306).
[0091] In some implementations, TEE (310) returns the result to the client (302). For example, the client (302) decrypts the result with a public key corresponding to the TEE private key (310). In some implementations, the client (302) uploads the result to the target blockchain network (306), so that the result can be used to update the client's state (302) or as an entry to a transaction on the target blockchain network ( 306). In some implementations, the client (302) may use the result for purposes not related to the blockchain network, such as for
Petition 870190068195, of 07/18/2019, p. 94/135
31/50 calculate the user's average credit score. For example, the user can obtain data information from different chains (each represents a service provider, such as a car rental service, a bank loan or a home rental), and uses the data to calculate the average score of user credit. The user can present the result to a trader without downloading the result to any blockchain network.
[0092] In some implementations, TEE (310) can return the result directly to the target chain (306). In these implementations, before returning the result, the target blockchain network (306) can verify that the off-chain smart contract service provider (308) includes the TEE needed to establish trust between the offchain smart contract service provider (308) ) and the target strand (306).
[0093] Figure 4 represents an example of a process (400) that can be performed according to implementations of the specification. In some implementations, the sample process (400) can be performed using one or more computer executable programs executed using one or more computing devices. For clarity of presentation, the description which follows describes in general the method (400) in the context of the other Figures in this description. For example, the customer (420) can be the customer (302), the smart contract service provider (430) can be the smart contract service provider (308), the trusted data visitation service provider (440 ) can be the trusted data visitation service provider (312), blockchain networks (450) can be Mychain (316), HyperLeger (318) and / or Ethereum (320) and the target blockchain network (410) can be the target blockchain network (306), as described in relation to Figure 3. However, it will be understood that method (400) can be performed, for example, by any suitable system, environment, software and hardware, or a combination of systems , environments, software and hardware, as
Petition 870190068195, of 07/18/2019, p. 95/135
32/50 appropriate. In some implementations, several steps of the method (400) can be performed in parallel, in combination, in loops, or in any order.
[0094] In (412), a client (420) associated with a target blockchain network (410) generates a request to operate cross-chain data from one or more blockchain networks other than the target blockchain network. The request to operate cross-chain data includes computational logic of smart contract to operate the cross-chain data. In some implementations, the request to operate cross-chain data can be written as a smart contract. The request to operate cross-chain data can be an example of the request to execute a smart contract as described in relation to Figure 3.
[0095] In some implementations, the computational logic of smart contract to operate the cross-chain data is self-designed by the client, allowing the user the freedom and flexibility to specify the computational logic of smart contract to obtain the user's purposes, without being limited to computational logic defined by the target blockchain network. In these implementations, generating the request includes designing, by the customer, the computational logic of smart contract to operate the cross-chain data. In some implementations, the customer includes a software development kit (SDK) that allows the user to write computational logic for smart contracts. In some implementations, computational logic can be written in Solidity language. In some implementations, the request to operate cross-chain data is encrypted by the client.
[0096] In (414), a customer (420) associated with a target blockchain network (410) sends a request for an intelligent contract service provider (430) to operate cross-chain data from one or more blockchain networks other than target blockchain network (410). The service provider
Petition 870190068195, of 07/18/2019, p. 96/135
33/50 smart contract (430) includes a reliable computing execution environment (TEE). The smart contract service provider (430) is outside the target blockchain network. In some implementations, cross-chain data is obtained from two or more blockchain networks. In some implementations, the smart contract service provider (430) includes a cloud-based server.
[0097] In some implementations, the request for cross-chain data visit is a data visit request. In these implementations, the TEE retrieves data and returns the data to the client (420).
[0098] In some implementations, in addition to retrieving data from multiple blockchain networks, TEE operates on data based on the computational logic of smart contract included in the request. In some implementations, the smart contract service provider (430) can configure the TEE, for example, by incorporating an EVM within the TEE, for the TEE to correctly execute the computational logic of the smart contract included in the request.
[0099] In some implementations, before sending the request to operate the cross-chain data, in (426), the customer (420) checks the smart contract service provider (430) that is capable of executing the computational logics of smart contract in a secure way. In some implementations, this verification process includes: the smart contract service provider (430) proves to the customer (420) that the smart contract service provider (430) includes the TEE; and the smart contract service provider (430) proves to the customer (420) that the TEE includes an operable virtual machine to execute the smart contract computational logic in the request to operate cross-chain data.
[00100] For example, the TEE can be Intel® SGX. In this example, if the smart contract service provider (430) includes SGX it is proved by
Petition 870190068195, of 07/18/2019, p. 97/135
34/50 a subscription and verification service provided by Intel®. In addition, to prove the TEE includes a necessary EVM, the TEE calculates a hash of the so-called script and encodes the EVM and sends the hash to the client (420) for verification. Because the client (420) also has a complete set of EVM codes, it can also calculate a script hash value and the EVM codes it has, and compare whether the two hash values are consistent .
[00101] In some implementations, before generating the request, the customer (420) and the smart contract service provider (430) can configure a key pair. Therefore, after the smart contract service provider (430) receives the request signed by one of the keys, it can decrypt the request using the other key in the pair. In (428), the smart contract service provider (430) decrypts and analyzes the incoming request. In some implementations, the request is written in a predefined data format during development, in which case the request is analyzed for each data segment.
[00102] In (435), the smart contract service provider (430) sends a request for cross-chain data to a data visitation service provider (440) to obtain the cross-chain data that is specified in request to operate cross-chain data. In some implementations, before sending the request to the data visitation service provider (440), the smart contract service provider (430) verifies that the trusted data visitation service provider (440) is able to provide reliable cross-chain data from one or more blockchain networks other than the target blockchain network. In some implementations, this verification process includes that the smart contract service provider (430) verifies that the data visitation service provider (440) includes a TEE.
[00103] In some implementations, before sending the
Petition 870190068195, of 07/18/2019, p. 98/135
35/50 request to the data visitation service provider (440) in (434), the data visitation service provider (440) and the smart contract service provider (430) can perform a verification process to establish trust between the two. In some implementations, this verification process includes the smart contract service provider (430) to the data visit service provider (440) whereas the smart contract service provider (430) includes the TEE. In some implementations, in both stages of (432) and (434), checking / proving the existence of TEE can be performed by the same method, as referred to in step (426).
[00104] In (436), the data visitation service provider (440) requests data from one or more blockchain networks (450) other than the target blockchain network (410).
[00105] In (438), the data visitation service provider (440) receives data from one or more blockchain networks (450) other than the target blockchain network (410).
[00106] In (439), the smart contract service provider (430) receives cross-chain data from the data visitation service provider (440). In some implementations, cross-chain data is obtained from two or more blockchain networks.
[00107] In (441), the TEE of the smart contract service provider (430) generates a result using the cross-chain data received by executing the computational logic of the smart contract. In some implementations, the result is generated by the TEE that executes the computational logic of smart contract with the use of cross-chain data. In some implementations, EVM includes running the code in the TEE to perform calculations using computational logic and received data.
[00108] In (442), the smart contract service provider (430) signs the result. In some implementations, the result is signed
Petition 870190068195, of 07/18/2019, p. 99/135
36/50 with a private key. For example, TEE includes a private key that is isolated from external and other components of the TEE. In some implementations, the signature signed by the private key is proof that the result is generated within the TEE. In some implementations, after the smart contract service provider (430) signs the result, the final output result includes: the result generated by the TEE and a hash value of the result signed by the private key.
[00109] In (443), the smart contract service provider (430) returns the result to the customer (420).
[00110] In (444), the client (420) decrypts the result received. In some implementations, the client (420) decrypts the result received using a public key that corresponds to the private key. In these implementations, the result received contains the result generated by TEE and, signed the hash value of that result. In these implementations, the client (420) calculates a hash value of the result generated by the TEE with the use of the private key, and compares it with the signed hash value of that result to see if they are consistent.
[00111] In (446), the client (420) sends a transaction to the target blockchain network (410) based on the result received. In some implementations, the client (420) uploads the transaction to the target blockchain network (410), to update the client's state (420) or perform a transaction on the target blockchain network (410).
[00112] In some implementations, at (452), the smart contract service provider (430) uploads (uploads) the result to the target blockchain network (410). In some implementations, before uploading the result to the target blockchain network, at (448), the smart contract service provider proves to the target blockchain network, that the provider
Petition 870190068195, of 07/18/2019, p. 100/135
37/50 smart contract service includes TEE. The method used in the present application for verification may be the same as that used in step (426).
[00113] Referring to Figure 5, Figure 5 represents an example of a diagram illustrating modules of an apparatus (500) according to implementations of the specification. The apparatus (500) can be an example of implementing a smart contract service provider that includes a reliable computing execution environment (TEE), in which the smart contract service provider is outside the target blockchain network. The device (500) for cross-chain data operation can be used in an intelligent off-chain contract system based on blockchain network technology. The apparatus (500) can correspond to the implementation shown in Figures 3 and 4 and the apparatus (500) includes the following: a first receiver or receiver unit (510), configured to receive, from a client associated with a target blockchain network , a request to operate crosschain data from one or more blockchain networks other than the target blockchain network; a transmitter or transmission unit (520), configured to send a request for cross-chain data; a second receiver or receiver unit (530), configured to receive cross-chain data from the data visitation service provider; a generator or generating unit (540), configured to generate cross-chain data from the data of the visitation service provider; and a user interface (550), configured to return the result to the customer.
[00114] In an additional implementation, the request to operate cross-chain data includes computational logic of smart contract to operate cross-chain data.
[00115] In an additional implementation, the computational logic of the smart contract to operate the cross-chain data is self-designed by the client.
Petition 870190068195, of 07/18/2019, p. 101/135
38/50 [00116] In an optional implementation, the device (500) also includes the following: a first supply subunit, configured to enable the TEE to include an operable virtual machine to execute the computational logic of the smart contract in the request to operate cross-chain data.
[00117] In an optional implementation, before receiving a request to operate cross-chain data from the customer, the device also includes the following: a second supply subunit, configured to enable the smart contract service provider to include the TEE.
[00118] In an optional implementation, the apparatus (500) still includes the following: a third supply subunit, configured to enable the smart contract service provider to include the TEE; and a verification subunit, configured to verify that the data visitation service provider includes a TEE.
[00119] In an optional implementation, the device (500) still includes the following: a subunit of uploading, configured to upload (upload) the result to the target blockchain network.
[00120] In an optional implementation, before uploading the result to the target blockchain network, the device (500) still includes the following: a fourth supply subunit, configured to enable the smart contract service provider to include the TEE.
[00121] In an implementation, the smart contract service provider includes a cloud-based server.
[00122] In an optional implementation, cross-chain data is obtained from two or more blockchain networks.
[00123] Referring to Figure 6, Figure 6 represents an example of a diagram illustrating modules of another device (600) according to implementations of the specification. The apparatus (600) can be a
Petition 870190068195, of 07/18/2019, p. 102/135
39/50 example of implementing a client associated with a target blockchain network. The device (600) can be used in an off-chain smart contract system based on blockchain network technology. The apparatus (600) can correspond to the implementation shown in Figures 3 and 4 and the apparatus (600) includes the following: a generator or generation unit (610), configured to generate a request to operate cross-chain data from one or more blockchain networks other than the target blockchain network, where the request to operate cross-chain data includes computational logic of smart contract to operate the cross-chain data; a transmitter or transmission unit (620) configured to send the request to operate cross-chain data to the smart contract service provider that comprises a trusted computing execution environment (TEE), in which the smart contract service provider is disconnected from the target blockchain network; and a receiver or receiver unit (630), configured to receive a result from the smart contract service provider, where the result is generated by the TEE using the cross-chain data obtained by the smart contract service provider.
[00124] In an optional implementation, the device (600) still includes the following: a first subunit, configured to send the received result to the target blockchain network.
[00125] In an optional implementation, before sending the request to operate cross-chain data to the smart contract service provider, the device (600) still includes the following: a verification subunit, configured to verify that the TEE includes an operable virtual machine to execute the computational logic of smart contract in the request to operate the cross-chain data.
[00126] In an optional implementation, the device (600) still includes the following: a design subunit, configured to design the
Petition 870190068195, of 07/18/2019, p. 103/135
40/50 computational logic of smart contract to operate cross-chain data.
[00127] In an additional implementation, the client includes a software development kit (SDK).
[00128] In an optional implementation, the result is signed by the TEE using a private key, the device (600) still includes the following: a decryption subunit configured to decrypt the result received using a public key that matches the private key.
[00129] In an optional implementation, before sending the request to operate cross-chain data to the smart contract service provider, the device (600) still includes the following: A cryptographic unit, configured to encrypt the request to operate cross-chain data.
[00130] In an optional implementation, cross-chain data is obtained from two or more blockchain networks.
[00131] The system, device, module or unit illustrated in the previous implementations can be implemented using a computer chip or an entity, or it can be implemented using a product that has a certain function. A typical implementation device is a computer, and the computer can be a personal computer, a portable computer, a mobile phone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, a device that receives and sends email, a game console, a tablet, a portable device, or any combination of these devices.
[00132] For a process of implementing the functions and roles of each unit in the device, references can be made to a process of implementing corresponding steps in the previous method. Details are omitted in this application for simplicity.
[00133] Due to a device implementation corresponding
Petition 870190068195, of 07/18/2019, p. 104/135
41/50 basically to an implementation of the method, for related parties, references related to the descriptions in the implementation of the method can be made. The implementation of the device described above is merely an example. Units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one location, or may be distributed over a number of network units. Some or all of the modules can be selected based on the real demands to achieve the objectives of the descriptive report solutions. A person skilled in the art can understand and implement the implementations of this application without creative efforts.
[00134] Figure 5 is a schematic diagram that illustrates an internal functional module and a structure of a cross-chain data operation device. The cross-chain data operation apparatus can be an example of an intelligent contract service provider that comprises a reliable computing execution environment (TEE). An execution body, in essence, can be an electronic device and the electronic device includes the following: one or more processors; and a memory configured to store executable instructions from one or more processors.
[00135] receiving, by a smart contract service provider that comprises a trusted computing execution environment (TEE) from a customer associated with a target blockchain network, a request to operate cross-chain data from one or more more block chain networks other than the target block chain network, where the smart contract service provider is outside the block chain network; send, through the smart contract service provider to a data visitation service provider, a request for cross-chain data; receiving, by the smart contract service provider, cross-chain data from the data visitation service provider; generate, by TEE, a result using the data
Petition 870190068195, of 07/18/2019, p. 105/135
42/50 cross-chain; and return, by the smart contract service provider, the result to the customer.
[00136] Optionally, the request to operate crosschain data includes computational logic of smart contract to operate cross-chain data.
[00137] Optionally, the computational logic of smart contract to operate the cross-chain data is self-designed by the client.
[00138] Optionally, the result is generated by the TEE that executes the computational logic of smart contract with the use of cross-chain data.
[00139] Optionally, one or more processors are configured to prove to the customer that the TEE includes an operable virtual machine to execute the computational logic of the smart contract in the request to operate cross-chain data.
[00140] Optionally, before receiving a request to operate cross-chain data from the customer, one or more processors are configured to prove to the customer that the smart contract service provider includes the TEE.
[00141] Optionally, one or more processors are configured to prove to the data visitation service provider that the smart contract service provider includes the TEE; and verify that the data visitation service provider includes a TEE.
[00142] Optionally, one or more processors are configured to upload (upload) the result to the target blockchain network.
[00143] Optionally, before uploading the result to the target blockchain network, one or more processors are configured to prove to the target blockchain network, that the smart contract service provider includes the TEE.
Petition 870190068195, of 07/18/2019, p. 106/135
43/50 [00144] Optionally, the smart contract service provider includes a cloud-based server.
[00145] Optionally, the result is signed by the TEE using a private key.
[00146] Optionally, cross-chain data is obtained from two or more blockchain networks.
[00147] Figure 6 is a schematic diagram that illustrates an internal functional module and a structure of another cross-chain data operation device. The other cross-chain data operation device can be an example of a customer associated with a target blockchain network. An execution body, in essence, can be an electronic device and the electronic device includes the following: one or more processors; and a memory configured to store executable instructions from one or more processors.
[00148] One or more processors are configured to generate a request to operate cross-chain data from one or more blockchain networks other than the target blockchain network, where the request to operate cross-chain data includes computational logic of smart contract to operate the cross-chain data; send the request to operate cross-chain data to the smart contract service provider that comprises a trusted computing execution environment (TEE), in which the smart contract service provider is disconnected from the target blockchain network; and receiving a result from the smart contract service provider, where the result is generated by the TEE using the cross-chain data obtained by the smart contract service provider.
[00149] Optionally, one or more processors are configured to send the received result to the target blockchain network.
[00150] Optionally, before sending the request to operate
Petition 870190068195, of 07/18/2019, p. 107/135
44/50 cross-chain data for the smart contract service provider, one or more processors are configured to verify that the smart contract service provider includes the TEE.
[00151] Optionally, one or more processors are configured to verify that the TEE includes an operable virtual machine to execute the intelligent contract computational logic in the request to operate the cross-chain data.
[00152] Optionally, the customer includes a software development kit (SDK).
[00153] Optionally, the result is signed by the TEE using a private key. One or more processors are configured to decrypt the result received using a public key that corresponds to the private key.
[00154] Optionally, before sending the request to operate cross-chain data to the smart contract service provider, one or more processors are configured to encrypt the request to operate cross-chain data.
[00155] Optionally, cross-chain data is obtained from two or more blockchain networks.
[00156] Implementations of the matter in question and the actions and operations described in this specification can be implemented in digital electronic circuits, in software or computer firmware tangibly incorporated, in computer hardware, including the structures disclosed in this specification and their structural equivalents or in combinations of one or more of them. Implementations of the subject matter described in this specification can be implemented in one or more computer programs, for example, one or more computer program instruction modules, encoded in a computer program carrier.
Petition 870190068195, of 07/18/2019, p. 108/135
45/50 computer, for execution by, or to control the operation of the data processing apparatus. The carrier can be a tangible non-transitory computer storage medium. Alternatively, or in addition, the carrier can be an artificially generated propagated signal, for example, an electrical, optical or electromagnetic signal generated by a machine that is generated to encode information for transmission to the receiving device suitable for execution by a processing device of data. The computer storage medium may be or be part of a machine-readable storage device, a machine-readable storage substrate, a random or serial access memory device, or a combination of one or more of these. A computer storage medium is not a propagated signal.
[00157] The term "data processing device" encompasses all types of data processing devices, devices and machines, including, for example, a programmable processor, a computer or several processors or computers. The data processing apparatus may include logic circuits for specific use, for example, an FPGA (field programmable port arrangement), an ASIC (application-specific integrated circuit) or a GPU (graphics processing unit). The device may also include, in addition to the hardware, code that creates an execution environment for computer programs, for example, the code that constitutes the processor firmware, a protocol stack, a database management system, an operating system, or a combination of one or more of these.
[00158] A computer program, which can also be quoted or described as a program, software, software application, application (app), module, software module, machine, script or code, can be written in any form of programming language,
Petition 870190068195, of 07/18/2019, p. 109/135
46/50 including compiled or interpreted languages, or declarative or procedural languages; and can be installed in any way, including as a standalone program or as a module, component, machine, subroutine, or other unit suitable to run in a computing environment, whose environment may include one or more computers interconnected over a network data communication in one or more locations.
[00159] A computer program can, but does not need to correspond to a file in a file system. A computer program can be stored in a portion of a file that contains other programs or data, for example, one or more scripts stored in a markup language document, in a single file dedicated to the program in question, or in multiple coordinate files, for example, files that store one or more modules, subprograms or portions of code.
[00160] The processes and logical flows described in the specification can be performed by one or more computers running one or more computer programs to perform operations operating on the input data (input) and generating output (output). Logical processes and flows can also be performed by specific use logic circuits, for example, an FPGA, an ASIC or a GPU, or by a combination of specific use logic circuits and one or more programmed computers.
[00161] Computers suitable for the execution of a computer program can be based on microprocessors for general or specific use, or both, or any other type of central processing unit. Generally, a central processing unit will receive instructions and data from a read-only memory or a random access memory, or both. Elements of a computer can include a central processing unit for executing instructions and one or
Petition 870190068195, of 07/18/2019, p. 110/135
47/50 more memory devices to store instructions and data. The central processing unit and the memory can be supplemented or incorporated into a specific use logic circuit.
[00162] Generally, a computer will be coupled to at least one non-transitory computer-readable storage medium (also referred to as computer-readable memory). The storage medium attached to the computer can be an internal component of the computer (for example, an integrated hard drive) or an external component (for example, universal serial bus (USB) hard drive or a storage system accessed over a network ). Examples of storage media may include, for example, magnetic, magnetic-optical or optical disks, solid-state drives, network storage resources, such as cloud storage systems or other types of storage media. However, a computer does not need to have these devices. In addition, a computer can be incorporated into another device, for example, a mobile phone, a personal digital assistant (PDA), a mobile audio or video player, a game console, a Global Positioning System (GPS) receiver or a portable storage device, for example, a universal serial bus (USB) thumb drive, to name just a few.
[00163] To provide interaction with the user, the implementations of the subject in question described in this specification can be implemented or configured to communicate with a computer that has a display device, for example, an LCD monitor (liquid crystal display) , to display information to the user, and an input device by which the user can provide data to the computer, for example, a keyboard and a pointing device, for example, a mouse, trackball or touchpad. Other types of devices can be used to
Petition 870190068195, of 07/18/2019, p. 111/135
48/50 provide interaction with a user, as well as, for example, feedback provided to the user can be any form of sensory feedback, for example, visual feedback, auditory feedback or tactile feedback; and user input can be received in any form, including acoustic, speech, or tactile input. In addition, a computer can interact with a user by sending documents and receiving documents from a device that is used by the user; for example, sending web pages to a web browser on a user's device in response to requests received from the web browser or interacting with an application running on a user's device, for example, a smartphone or electronic tablet. In addition, a computer can interact with a user by sending text messages or other forms of message to a personal device, for example, a smartphone that is executing a message transmission request and receiving responsive messages from the user in return.
[00164] This specification uses the term “configured for” in connection with systems, devices and computer program components. For a system of one or more computers to be configured to perform specific operations or actions, it means that the system has installed in its software, hardware, firmware or a combination of them, which in operation cause the system to perform the operations or actions. For one or more computer programs to be configured to perform specific operations or actions, it means that one or more programs include instructions that, when executed by data processing devices, cause the device to perform the operations or actions. For logic circuits of specific use to be configured to perform specific operations or actions, it means that the circuit has electronic logic that performs the operations or actions.
[00165] Although this specification contains many details
Petition 870190068195, of 07/18/2019, p. 112/135
49/50 of specific implementation, these should be interpreted as limitations on the scope of what is being claimed, which is defined by the claims themselves, but preferably as descriptions of features that can be specific to specific implementations. Certain characteristics that are described in the specification in the context of separate implementations can also be realized in combination in a single implementation. On the other hand, several characteristics that are described in the context of a single implementation can also be realized in several implementations separately or in any suitable subcombination. In addition, although features such as how to act on certain combinations can be described above and even initially claimed as such, one or more features of a claimed combination can, in some cases, be excised from the combination, and the claim can be directed to a subcombination or variation of a subcombination.
[00166] Similarly, while the operations are represented in the figures and recited in the claims in a specific order, this should not be understood as requiring that these operations are carried out in the specific order shown or in sequential order, or that all operations illustrated to be carried out, to obtain desirable results. In certain circumstances, multitasking and parallel processing can be advantageous. In addition, the separation of multiple modules and system components in the implementations described above should not be understood as requiring this separation in all implementations, and it should be understood that the components and program systems described can generally be integrated together into a single product. software or bundled in various software products.
[00167] Specific implementations of the subject in question have been described. Other implementations are within the scope of the claims
Petition 870190068195, of 07/18/2019, p. 113/135
50/50 to follow. For example, the actions recited in the claims can be carried out in a different order and still obtain desirable results. As an example, the processes represented in the attached figures do not necessarily require the specific order shown, or sequential order, to obtain desirable results. In some cases, multitasking and parallel processing can be advantageous.

权利要求:
Claims (63)
[1]
Claims
1. METHOD IMPLEMENTED IN COMPUTER characterized by the fact of understanding:
receive, by a smart contract service provider that comprises a trusted computing execution environment (TEE) from a customer associated with a target blockchain network, a request to operate cross-chain data from one or more blockchain networks other than the blockchain network target, where the smart contract service provider is outside the target blockchain network;
send, through the smart contract service provider to a data visitation service provider, a request for crosschain data:
receiving, by the smart contract service provider, cross-chain data from the data visitation service provider;
generate, through TEE, a result using cross-chain data: and return, by the smart contract service provider, the result to the customer.
[2]
2. METHOD IMPLEMENTED IN COMPUTER, according to claim 1, characterized by the fact that the request to operate cross-chain data comprises computational logic of intelligent contract to operate the cross-chain data.
[3]
3. METHOD IMPLEMENTED IN COMPUTER, according to claim 2, characterized by the fact that the computational logic of intelligent contract to operate the cross-chain data is self-designed by the customer.
[4]
4. METHOD IMPLEMENTED IN COMPUTER, according to claim 2, characterized by the fact that the result is generated by the TEE that executes the computational logic of smart contract using
Petition 870190068195, of 07/18/2019, p. 115/135
2/14 cross-chain data.
[5]
5. METHOD IMPLEMENTED IN COMPUTER, according to claim 2, characterized by the fact that it still comprises proving, by the smart contract service provider to the client, that the TEE comprises a virtual machine operable to execute the computational logic of smart contract in request to operate crosschain data.
[6]
6. METHOD IMPLEMENTED IN COMPUTER, according to claim 1, characterized by the fact that it still comprises:
before receiving a request to operate cross-chain data from the customer, prove, by the smart contract service provider to the customer, that the smart contract service provider includes the TEE.
[7]
7. METHOD IMPLEMENTED IN COMPUTER, according to claim 1, characterized by the fact that it still comprises:
prove, by the smart contract service to the data visitation service provider, that the smart contract service provider includes the TEE; and verify, by the smart contract service provider, that the data visitation service provider includes a TEE.
[8]
8. METHOD IMPLEMENTED IN COMPUTER, according to claim 1, characterized by the fact that it still comprises:
uploading, by the smart contract service provider, the result to the target blockchain network.
[9]
9. METHOD IMPLEMENTED IN COMPUTER, according to claim 8, characterized by the fact that it still comprises:
before uploading the result to the target blockchain network, prove, by the smart contract service provider for the target blockchain network, that the smart contract service provider includes the TEE.
Petition 870190068195, of 07/18/2019, p. 116/135
3/14
[10]
10. METHOD IMPLEMENTED IN COMPUTER, according to claim 1, characterized by the fact that the smart contract service provider comprises a cloud-based server.
[11]
11. METHOD IMPLEMENTED IN COMPUTER, according to claim 1, characterized by the fact that the result is signed by TEE using a private key.
[12]
12. METHOD IMPLEMENTED IN COMPUTER, according to claim 1, characterized by the fact that cross-chain data are obtained from two or more blockchain networks.
[13]
13. METHOD IMPLEMENTED IN COMPUTER characterized by the fact of understanding:
generate, by a customer associated with a target blockchain network, a request to operate cross-chain data from one or more different blockchain networks from the target blockchain network, where the request to operate cross-chain data comprises computational logic of smart contract to operate cross-chain data;
send, from the client, the request to operate crosschain data to a smart contract service provider that comprises a trusted computing execution environment (TEE), in which the smart contract service provider is outside the target blockchain network; and receiving, by the customer, a result from the smart contract service provider, in which the result is generated by TEE using the cross-chain data obtained by the smart contract service provider.
[14]
14. METHOD IMPLEMENTED IN COMPUTER, according to claim 13, characterized by the fact that it still understands, sends, by the client, the result received to the target blockchain network.
[15]
15. METHOD IMPLEMENTED IN COMPUTER, according to claim 13, characterized by the fact that it still comprises:
Petition 870190068195, of 07/18/2019, p. 117/135
4/14 before sending the request to operate cross-chain data to the smart contract service provider, verify, by the customer, that the smart contract service provider includes the TEE.
[16]
16. METHOD IMPLEMENTED IN COMPUTER, according to claim 15, characterized by the fact that it still comprises:
verify, by the client, that the TEE comprises an operable virtual machine to execute the computational logic of intelligent contract in the request to operate the cross-chain data.
[17]
17. METHOD IMPLEMENTED IN COMPUTER, according to claim 13, characterized by the fact that it still comprises:
design, by the customer, the computational logic of smart contract to operate the cross-chain data.
[18]
18. METHOD IMPLEMENTED IN COMPUTER, according to claim 13, characterized by the fact that the customer comprises a software development kit (SDK).
[19]
19. METHOD IMPLEMENTED IN COMPUTER, according to claim 13, characterized by the fact that the result is signed by the TEE with the use of a private key, the method also comprising decrypting, by the client, the result received with the use of a public key corresponding to the private key.
[20]
20. METHOD IMPLEMENTED IN COMPUTER, according to claim 13, characterized by the fact that it still comprises:
before sending the request to operate cross-chain data to the smart contract service provider, encrypt, by the customer, the request to operate cross-chain data.
[21]
21. METHOD IMPLEMENTED IN COMPUTER, according to claim 13, characterized by the fact that cross-chain data is obtained from two or more blockchain networks.
Petition 870190068195, of 07/18/2019, p. 118/135
5/14
[22]
22. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER coupled to one or more computers and configured with instructions executable by one or more computers to:
receive, by a smart contract service provider that comprises a trusted computing execution environment (TEE) from a customer associated with a target blockchain network, a request to operate cross-chain data from one or more blockchain networks other than the blockchain network target, characterized by the fact that the smart contract service provider is outside the target blockchain network;
send, through the smart contract service provider to a data visitation service provider, a request for crosschain data;
receiving, by the smart contract service provider, cross-chain data from the data visitation service provider;
generate, by TEE, a result using cross-chain data; and return, by the smart contract service provider, the result to the customer.
[23]
23. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 22, characterized by the fact that the request to operate cross-chain data comprises computational logic of intelligent contract to operate the cross-chain data.
[24]
24. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 23, characterized by the fact that the computational logic of intelligent contract to operate the cross-chain data is self-projected by the customer.
[25]
25. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 23,
Petition 870190068195, of 07/18/2019, p. 119/135
6/14 characterized by the fact that the result is generated by the TEE that executes the computational logic of smart contract using cross-chain data.
[26]
26. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 23, characterized by the fact that it is still configured with instructions executable by one or more computers for:
prove, by the smart contract service provider to the customer, that the TEE comprises an operable virtual machine to execute the smart contract computational logic in the request to operate cross-chain data.
[27]
27. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 22, characterized by the fact that before receiving a request to operate cross-chain data from the client, it is still configured with instructions executable by one or more computers to:
prove, by the smart contract service provider to the customer, that the smart contract service provider includes the TEE.
[28]
28. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER according to claim 22, characterized by the fact that it is still configured with instructions executable by one or more computers to:
prove, by the smart contract service to the data visitation service provider, that the smart contract service provider includes the TEE; and verify, by the smart contract service provider, that the data visitation service provider includes a TEE.
[29]
29. MEIO, of non-transient computer-readable storage, according to claim 22, characterized by the fact that
Petition 870190068195, of 07/18/2019, p. 120/135
7/14 be configured with instructions executable by one or more computers to: upload (upload), by the smart contract service provider, the result to the target blockchain network.
[30]
30. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 29, characterized by the fact that before uploading the result to the target blockchain network, it will still be configured with instructions executable by one or more computers to:
prove, by the smart contract service provider for the target blockchain network, that the smart contract service provider includes the TEE.
[31]
31. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER according to claim 22, characterized by the fact that the smart contract service provider comprises a cloud-based server.
[32]
32. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 22, characterized by the fact that the result is signed by the TEE using a private key.
[33]
33. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 29, characterized by the fact that cross-chain data is obtained from two or more blockchain networks.
[34]
34. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER characterized by being coupled to one or more computers and configured with instructions executable by one or more computers to:
generate, by a customer associated with a target blockchain network, a request to operate cross-chain data from one or more blockchain networks
Petition 870190068195, of 07/18/2019, p. 121/135
8/14 different from the target blockchain network, where the request to operate cross-chain data comprises computational logic of smart contract to operate the cross-chain data;
send, from the client, the request to operate crosschain data to a smart contract service provider that comprises a trusted computing execution environment (TEE), in which the smart contract service provider is outside the target blockchain network; and receiving, by the customer, a result from the smart contract service provider, in which the result is generated by TEE using the cross-chain data obtained by the smart contract service provider.
[35]
35. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 34, characterized by the fact that it is still configured with instructions executable by one or more computers to:
send, by the client, the result received to the target blockchain network.
[36]
36. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 35, characterized by the fact that it is still configured with instructions executable by one or more computers to:
before submitting the request to operate cross-chain data to the smart contract service provider, verify by the customer that the smart contract service provider includes the TEE.
[37]
37. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 34, characterized by the fact that it is still configured with instructions executable by one or more computers for:
verify, by the customer, that the TEE comprises a virtual machine
Petition 870190068195, of 07/18/2019, p. 122/135
9/14 operable to execute the computational logic of smart contract in the request to operate the cross-chain data.
[38]
38. MEIO, of non-transient computer-readable storage, according to claim 34, characterized by the fact that it is still configured with instructions executable by one or more computers to:
design, by the customer, the computational logic of smart contract to operate the cross-chain data.
[39]
39. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 34, characterized by the fact that the customer comprises a software development kit (SDK).
[40]
40. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 34, characterized by the fact that the result is signed by the TEE using a private key, in addition, configured with instructions executable by one or more computers to:
decrypt, by the customer, the result received using a public key that corresponds to the private key.
[41]
41. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 34, characterized by the fact that it is still configured with instructions executable by one or more computers for:
before sending the request to operate cross-chain data to the smart contract service provider, encrypt, by the customer, the request to operate cross-chain data.
[42]
42. LEGIBLE STORAGE MEDIA BY NON-TRANSITIONAL COMPUTER, according to claim 34, characterized by the fact that cross-chain data are obtained from two or more
Petition 870190068195, of 07/18/2019, p. 123/135
10/14 more blockchain networks.
[43]
43. SYSTEM TO PROVIDE SMART CONTRACT SERVICE, characterized by the fact that it comprises:
an interface configured to receive, from a client associated with a target blockchain network, a request to operate crosschain data from one or more blockchain networks other than the target blockchain network, where the system is outside the target blockchain network; and a reliable computing execution environment (TEE), in which the TEE comprises:
one or more computers; and one or more computer-readable memories attached to one or more computers and configured with instructions executable by one or more computers to:
send a request for cross-chain data to a data visitation service provider;
receive cross-chain data from the data visitation service provider; and generate a result using cross-chain data; and where the interface is configured to return the result to the customer.
[44]
44. SYSTEM, according to claim 43, characterized by the fact that the request to operate cross-chain data comprises computational logic of intelligent contract to operate the cross-chain data.
[45]
45. SYSTEM, according to claim 44, characterized by the fact that the computational logic of intelligent contract to operate cross-chain data is self-projected by the customer.
[46]
46. SYSTEM, according to claim 44, characterized by the fact that the result is generated by the TEE that executes the logics
Petition 870190068195, of 07/18/2019, p. 124/135
11/14 computation of smart contract using cross-chain data.
[47]
47. SYSTEM, according to claim 44, characterized in that the computer-readable memories are still configured with instructions executable by one or more computers to:
prove, by the smart contract service provider to the customer, that the TEE comprises an operable virtual machine to execute the smart contract computational logic in the request to operate cross-chain data.
[48]
48. SYSTEM, according to claim 43, before receiving a request to operate cross-chain data from the customer, characterized by the fact that the computer-readable memories are still configured with instructions executable by one or more computers to:
prove, by the smart contract service provider to the customer, that the smart contract service provider includes the TEE.
[49]
49. SYSTEM, according to claim 43, characterized in that the computer-readable memories are still configured with instructions executable by one or more computers to:
prove, by the smart contract service to the data visitation service provider, that the smart contract service provider includes the TEE; and verify, by the smart contract service provider, that the data visitation service provider includes a TEE.
[50]
50. SYSTEM, according to claim 43, characterized in that the computer-readable memories are still configured with instructions executable by one or more computers to:
upload, by the smart contract service provider, the result to the target blockchain network.
[51]
51. SYSTEM, according to claim 50, before
Petition 870190068195, of 07/18/2019, p. 125/135
12/14 upload the result to the target blockchain network, characterized by the fact that the computer-readable memories are still configured with instructions executable by one or more computers to:
prove, by the smart contract service provider for the target blockchain network, that the smart contract service provider includes the TEE.
[52]
52. SYSTEM, according to claim 43, characterized in that the smart contract service provider comprises a cloud-based server.
[53]
53. SYSTEM, according to claim 43, characterized by the fact that the result is signed by the TEE using a private key.
[54]
54. SYSTEM, according to claim 43, characterized by the fact that cross-chain data is obtained from two or more blockchain networks.
[55]
55. SYSTEM, characterized by the fact of understanding:
one or more computers; and one or more computer-readable memories attached to one or more computers and configured with instructions executable by one or more computers to:
generate, by a customer associated with a target blockchain network, a request to operate cross-chain data from one or more different blockchain networks from the target blockchain network, where the request to operate cross-chain data comprises computational logic of smart contract to operate cross-chain data;
send, from the client, the request to operate crosschain data to a smart contract service provider that comprises a trusted computing execution environment (TEE), in which the smart contract service provider is outside the target blockchain network; and receive, by the customer, a result from the service provider
Petition 870190068195, of 07/18/2019, p. 126/135
13/14 of smart contract, in which the result is generated by TEE using the cross-chain data obtained by the smart contract service provider.
[56]
56. SYSTEM, according to claim 55, characterized in that the computer-readable memories are still configured with instructions executable by one or more computers to:
send, by the client, the result received to the target blockchain network.
[57]
57. SYSTEM, according to claim 56, characterized in that the computer-readable memories are still configured with instructions executable by one or more computers to:
before submitting the request to operate cross-chain data to the smart contract service provider, verify by the customer that the smart contract service provider includes the TEE.
[58]
58. SYSTEM, according to claim 55, characterized in that the computer-readable memories are still configured with instructions executable by one or more computers to:
verify, by the client, that the TEE comprises an operable virtual machine to execute the computational logic of intelligent contract in the request to operate the cross-chain data.
[59]
59. SYSTEM, according to claim 55, characterized in that the computer-readable memories are still configured with instructions executable by one or more computers to:
design, by the customer, the computational logic of smart contract to operate the cross-chain data.
[60]
60. SYSTEM, according to claim 55, characterized by the fact that the customer comprises a software development kit (SDK).
[61]
61. SYSTEM, according to claim 55, characterized by the fact that the result is signed by the TEE using a private key,
Petition 870190068195, of 07/18/2019, p. 127/135
14/14 computer-readable memories are still configured with instructions executable by one or more computers to:
decrypt, by the customer, the result received using a public key that corresponds to the private key.
[62]
62. SYSTEM, according to claim 55, characterized in that the computer-readable memories are still configured with instructions executable by one or more computers to:
before sending the request to operate cross-chain data to the smart contract service provider, encrypt, by the customer, the request to operate cross-chain data.
[63]
63. SYSTEM, according to claim 55, characterized by the fact that cross-chain data is obtained from two or more blockchain networks.

类似技术:

---

公开号 | 公开日 | 专利标题

---

BR112019014847A2|2020-04-14|computer-implemented method, non-transitory computer-readable storage medium and system to provide smart contract service

---

US20190027237A1|2019-01-24|Blockchain network for secure exchange of healthcare information

---

CA3061427C|2021-04-20|Processing blockchain data based on smart contract operations executed in a trusted execution environment

---

JP6690066B2|2020-04-28|Validating the integrity of data stored on the consortium blockchain using the public sidechain

---

BR112019016064A2|2020-03-31|COMPUTER IMPLEMENTED METHOD, LEGIBLE STORAGE MEDIA AND SYSTEM

---

KR102263325B1|2021-06-15|How to securely execute smart contract actions in a trusted execution environment

---

US10699006B1|2020-06-30|Processing and storing blockchain data under a trusted execution environment

---

TWI707245B|2020-10-11|Retrieving access data for blockchain networks using highly available trusted execution environments

---

ES2872101T3|2021-11-02|Distributed key management for trusted runtime environments

---

BR112019016188A2|2020-04-14|computer-implemented method for controlling access to smart contracts, non-transitory computer-readable storage medium and system

---

CN111066019A|2020-04-24|Processing data elements stored in a blockchain network

---

CA3061265C|2022-03-08|Processing and storing blockchain data under a trusted execution environment

同族专利:

---

公开号 | 公开日

---

MX2019008597A|2019-09-09|

---

EP3563329A2|2019-11-06|

---

EP3563329A4|2019-12-11|

---

AU2018347199B2|2021-07-01|

---

ZA201904934B|2021-05-26|

---

KR20200074910A|2020-06-25|

---

PH12019501714A1|2020-03-09|

---

AU2018347199A1|2020-07-02|

---

JP2020516104A|2020-05-28|

---

WO2019072297A3|2019-07-18|

---

SG11201906754SA|2019-08-27|

---

CA3049924A1|2019-04-18|

---

RU2729700C1|2020-08-11|

---

KR102212817B1|2021-02-08|

---

US20190279206A1|2019-09-12|

---

JP6892513B2|2021-06-23|

---

CN110520884A|2019-11-29|

---

WO2019072297A2|2019-04-18|

---

CA3049924C|2021-04-20|

---

EP3563329B1|2022-02-09|

引用文献:

---

公开号 | 申请日 | 公开日 | 申请人 | 专利标题

---

---

US7516326B2|2004-10-15|2009-04-07|Hewlett-Packard Development Company, L.P.|Authentication system and method|

---

US8095118B2|2009-01-09|2012-01-10|Microsoft Corporation|Address book remote access and extensibility|

---

US9904544B2|2015-06-08|2018-02-27|Ripple Luxembourg S.A.|System and method for determining that results produced from executions of software have not been altered or falsified|

---

US20170344988A1|2016-05-24|2017-11-30|Ubs Ag|System and method for facilitating blockchain-based validation|

---

US20170352027A1|2016-06-07|2017-12-07|Cornell University|Authenticated data feed for blockchains|

---

US10108954B2|2016-06-24|2018-10-23|PokitDok, Inc.|System and method for cryptographically verified data driven contracts|

---

US10445698B2|2016-06-30|2019-10-15|Clause, Inc.|System and method for forming, storing, managing, and executing contracts|

---

US11227675B2|2016-08-23|2022-01-18|BBM Health LLC|Blockchain-based mechanisms for secure health information resource exchange|

---

WO2018058105A1|2016-09-26|2018-03-29|Shapeshift Ag|System and method of managing trustless asset portfolios|

---

RU2639015C1|2017-01-26|2017-12-19|Игорь Сан-Сенович Дю|Authenticity and quality control procedure of production in the process of manufacture and implementation|

---

US10356102B2|2017-02-24|2019-07-16|Verizon Patent And Licensing Inc.|Permissions using blockchain|

---

US20180308072A1|2017-04-21|2018-10-25|Gem|Method and apparatus for blockchain management|

---

US10742393B2|2017-04-25|2020-08-11|Microsoft Technology Licensing, Llc|Confidentiality in a consortium blockchain network|

---

US20180315141A1|2017-04-26|2018-11-01|Clause, Inc.|System and method for business intelligence through data-driven contract analysis|

---

US10833858B2|2017-05-11|2020-11-10|Microsoft Technology Licensing, Llc|Secure cryptlet tunnel|

---

US11165589B2|2017-05-11|2021-11-02|Shapeshift Ag|Trusted agent blockchain oracle|

---

US11030681B2|2017-07-21|2021-06-08|International Business Machines Corporation|Intermediate blockchain system for managing transactions|

---

US20190050855A1|2017-07-24|2019-02-14|William Martino|Blockchain-based systems, methods, and apparatus for securing access to information stores|

---

US11146380B2|2017-08-03|2021-10-12|Parity Technologies Ltd.|Methods and systems for a heterogeneous multi-chain framework|

---

US10547594B2|2017-08-17|2020-01-28|Domanicom Corporation|Systems and methods for implementing data communication with security tokens|

---

GB2566741A|2017-09-26|2019-03-27|Phm Associates Ltd|Integrity of data records|

---

US11244309B2|2017-11-22|2022-02-08|Cornell University|Real-time cryptocurrency exchange using trusted hardware|

---

US20190172026A1|2017-12-02|2019-06-06|Alchemy Limited LLC|Cross blockchain secure transactions|

---

US20190188700A1|2017-12-15|2019-06-20|Fmr Llc|Social Data Tracking Datastructures, Apparatuses, Methods and Systems|

---

US20190188701A1|2017-12-15|2019-06-20|Fmr Llc|Social Data Tracking Datastructures, Apparatuses, Methods and Systems|

---

CN108712257B|2018-04-03|2020-04-17|阿里巴巴集团控股有限公司|Cross-block-chain authentication method and device and electronic equipment|

---

US11194837B2|2018-05-01|2021-12-07|International Business Machines Corporation|Blockchain implementing cross-chain transactions|

---

CN108898390B|2018-06-27|2021-01-12|创新先进技术有限公司|Intelligent contract calling method and device based on block chain and electronic equipment|US10764052B2|2018-01-24|2020-09-01|Sensoriant, Inc.|User identity and trust models in decentralized and distributed systems|

---

US10728020B2|2018-01-24|2020-07-28|Sensoriant, Inc.|Efficient mining operations in blockchain environments with non-secure devices|

---

US11218315B2|2018-01-24|2022-01-04|Safeshare, Inc.|System and method establishing a trust model for shared content on the internet|

---

US10686601B2|2018-01-24|2020-06-16|Sensoriant, Inc.|Consistency and consensus management in decentralized and distributed systems|

---

US10841213B2|2018-10-15|2020-11-17|Moac Blockchain Tech Inc|Apparatus and method for communication between chains in a decentralized system|

---

US11068316B2|2018-12-24|2021-07-20|LiquidApps Ltd|Systems and method for managing memory resources used by smart contracts of a blockchain|

---

US10725744B2|2018-12-27|2020-07-28|Silver Rocket Data TechnologyCo., Ltd|Method for adapting to blockchain and device, terminal and medium performing the same|

---

US11108559B2|2019-01-02|2021-08-31|International Business Machines Corporation|Producing proof of receipt, existence and other data provenance evidence|

---

EP3685334B1|2019-03-27|2021-11-24|Advanced New Technologies Co., Ltd.|Improving integrity of communications between blockchain networks and external data sources|

---

WO2019120336A2|2019-04-19|2019-06-27|Alibaba Group Holding Limited|Methods and devices for establishing communication between blockchain networks|

---

WO2019137565A2|2019-04-26|2019-07-18|Alibaba Group Holding Limited|Distributed key management for trusted execution environments|

---

CN109922162B|2019-04-26|2021-09-28|山东建筑大学|Flat building equipment Internet of things monitoring system and method based on block chain|

---

WO2019137564A2|2019-04-26|2019-07-18|Alibaba Group Holding Limited|Securely executing smart contract operations in a trusted execution environment|

---

CN110166249B|2019-05-14|2022-03-04|数字钱包（北京）科技有限公司|Information transmission method, device, verification end and computer readable storage medium|

---

CN110245946B|2019-05-20|2021-04-27|创新先进技术有限公司|Receipt storage method and node combining code labeling and multi-type dimensionality|

---

EP3701391B1|2019-06-28|2021-11-10|Advanced New Technologies Co., Ltd.|System and method for updating data in blockchain|

---

US10937096B2|2019-07-15|2021-03-02|Advanced New Technologies Co., Ltd.|Transaction processing in a service blockchain|

---

CN110471984B|2019-07-15|2020-08-25|阿里巴巴集团控股有限公司|Service processing method and device based on block chain and electronic equipment|

---

CN113221169A|2019-10-30|2021-08-06|支付宝信息技术有限公司|Method and device for inquiring block chain private data|

---

CN111373402A|2019-11-08|2020-07-03|支付宝信息技术有限公司|Lightweight decentralized application platform|

---

WO2020035089A2|2019-11-08|2020-02-20|AlipayInformation Technology Co., Ltd.|System and method for blockchain-based decentralized application development|

---

CN111475827A|2019-11-08|2020-07-31|支付宝信息技术有限公司|Private data query method and device based on down-link authorization|

---

CN110888935A|2019-11-12|2020-03-17|北京芯际科技有限公司|Data transaction method based on block chain|

---

JP2021096542A|2019-12-16|2021-06-24|株式会社日立製作所|Server, data processing method, computing system, and computer|

---

CN111163093A|2019-12-30|2020-05-15|杭州趣链科技有限公司|Method and device for acquiring external data from external data source in block chain of alliance|

---

CN111222160A|2019-12-30|2020-06-02|联动优势数字科技有限公司|Intelligent contract execution method and system|

---

CN111090888B|2020-03-18|2020-07-07|支付宝信息技术有限公司|Contract verification method and device|

---

CN111092914B|2020-03-18|2020-06-26|支付宝信息技术有限公司|Method and device for accessing external data|

---

CN112152800A|2020-03-18|2020-12-29|支付宝信息技术有限公司|Method and device for generating shared contract key|

---

CN111090875B|2020-03-18|2020-10-02|支付宝信息技术有限公司|Contract deployment method and device|

---

CN112199701A|2020-03-18|2021-01-08|支付宝信息技术有限公司|Contract calling method and device|

---

CN111988141A|2020-03-18|2020-11-24|支付宝信息技术有限公司|Method and device for sharing cluster key|

---

CN111090876B|2020-03-18|2020-07-17|支付宝信息技术有限公司|Contract calling method and device|

---

CN111047450A|2020-03-18|2020-04-21|支付宝信息技术有限公司|Method and device for calculating down-link privacy of on-link data|

---

CN111510462A|2020-04-28|2020-08-07|拉扎斯网络科技（上海）有限公司|Communication method, system, device, electronic equipment and readable storage medium|

---

CN111510918A|2020-04-28|2020-08-07|拉扎斯网络科技（上海）有限公司|Communication method, system, device, electronic equipment and readable storage medium|

---

CN111738859B|2020-07-08|2021-07-13|支付宝信息技术有限公司|Block chain all-in-one machine and block chain network|

---

CN111770201B|2020-08-31|2020-12-04|支付宝信息技术有限公司|Data verification method, device and equipment|

---

CN111935318B|2020-09-28|2021-01-19|北京百度网讯科技有限公司|Cross-link data verification method, device, equipment and medium|

---

CN112511355B|2020-12-18|2022-02-08|四川大学|Cross-chain intelligent contract cooperation possibility evaluation method|

---

CN112989319B|2021-05-12|2021-08-31|支付宝信息技术有限公司|Method, device, electronic equipment and storage medium for realizing trusted computing|

---

CN112948153B|2021-05-14|2021-08-10|支付宝信息技术有限公司|Method and device for message cross-link transmission|

法律状态:
2021-04-06| B25A| Requested transfer of rights approved|Owner name: ADVANTAGEOUS NEW TECHNOLOGIES CO., LTD. (KY) |

---

2021-04-27| B25A| Requested transfer of rights approved|Owner name: ADVANCED NEW TECHNOLOGIES CO., LTD. (KY) |

---

2021-10-19| B350| Update of information on the portal [chapter 15.35 patent gazette]|

优先权:

---

申请号 | 申请日 | 专利标题

---

PCT/CN2018/120887|WO2019072297A2|2018-12-13|2018-12-13|Off-chain smart contract service based on trusted execution environment|

---