CN113762955B

CN113762955B - Transaction processing method, device, equipment and machine-readable medium

Info

Publication number: CN113762955B
Application number: CN202010486123.6A
Authority: CN
Inventors: 李欣
Original assignee: Cainiao Smart Logistics Holding Ltd
Current assignee: Cainiao Smart Logistics Holding Ltd
Priority date: 2020-06-01
Filing date: 2020-06-01
Publication date: 2024-04-02
Anticipated expiration: 2040-06-01
Also published as: CN113762955A

Abstract

The embodiment of the application provides a transaction processing method, a transaction processing device, a transaction processing equipment and a machine-readable medium, wherein the transaction processing method comprises the following steps: providing data standard information and intelligent contract information on a coalition chain for a transaction; receiving an operation request for a coalition chain; the operation data corresponding to the operation request is matched with the data standard information; and executing the intelligent contract information corresponding to the operation request. According to the method and the device for processing the transaction, the trust degree of the data in the transaction flow and the matching degree of the data among different parties can be improved, the labor cost can be saved, and further the processing efficiency of the transaction can be improved.

Description

Transaction processing method, device, equipment and machine-readable medium

Technical Field

The present application relates to the field of internet technology, and in particular, to a transaction processing method, a transaction processing device, a device, and a machine readable medium.

Background

With the continuous development of internet technology, cross-border transaction technology has also been rapidly developed. Cross-level transaction flows typically involve multiple parties, such as shippers, consignees, forwarders, rows, shipments, customs clearance lines, customs, docks, national tax authorities, insurance companies, and the like.

In current cross-border transaction flows, multiple parties typically interact point-to-point. For example, data exchange is performed by means of electronic data interchange (EDI, electronic data interchange), electronic mail (email), off-line paper file mailing, and the like. For example, the shipper finds the price of the goods instead of the inquiry, the goods instead orders the cabin to the shipyard, the shipper sends an order notice to the train, the customs clearance to the customs clearance, the receiver sends a purchase insurance request to the insurance company after receiving the shipping notice, and so on.

The information data of transaction, logistics, customs and the like are exchanged through point-to-point interaction of all participants in the flow by means of EDI, email, excel or offline paper file sending mode.

The inventor finds that in the process of implementing the embodiment of the application, the current cross-border transaction flow respectively maintains corresponding data by the participants, so that the data has the problems of lower trust degree and lower matching degree of the data among different participants. In addition, the participants need to communicate repeatedly on line to confirm the processing links, which results in higher manpower communication cost.

Disclosure of Invention

The technical problem to be solved by the embodiment of the application is to provide a transaction processing method, which can improve the trust degree of data and the matching degree of the data among different participants in a transaction flow, can save labor cost and further can improve the transaction processing efficiency.

Correspondingly, the embodiment of the application also provides a transaction processing device, a device and a machine-readable medium, which are used for guaranteeing the implementation and application of the method.

In order to solve the above problems, an embodiment of the present application discloses a transaction processing method, including:

providing data standard information and intelligent contract information on a coalition chain for a transaction;

receiving an operation request for a coalition chain; the operation data corresponding to the operation request is matched with the data standard information;

and executing the intelligent contract information corresponding to the operation request.

reading at least two types of data provided by at least two nodes from the coalition chain for the transaction; the data is matched with data standard information corresponding to the transaction; the alliance chain operation corresponding to the data can trigger intelligent contract information corresponding to the transaction;

validating the transaction according to the at least two data

On the other hand, the embodiment of the application also discloses a transaction processing device, which comprises:

a providing module for providing data standard information and intelligent contract information on a alliance chain for a transaction;

The request receiving module is used for receiving an operation request aiming at the alliance chain; the operation data corresponding to the operation request is matched with the data standard information;

and the contract execution module is used for executing the intelligent contract information corresponding to the operation request.

a reading module for reading at least two kinds of data provided by at least two nodes from the coalition chain for a transaction; the data is matched with data standard information corresponding to the transaction; the alliance chain operation corresponding to the data can trigger intelligent contract information corresponding to the transaction;

and the verification module is used for verifying the transaction according to the at least two types of data.

In yet another aspect, an embodiment of the present application further discloses an apparatus, including:

one or more processors; and

one or more machine-readable media having instructions stored thereon, which when executed by the one or more processors, cause the apparatus to perform one or more of the methods described previously.

In yet another aspect, embodiments of the present application disclose one or more machine-readable media having instructions stored thereon that, when executed by one or more processors, cause an apparatus to perform one or more of the methods described previously.

Embodiments of the present application include the following advantages:

the embodiment of the application utilizes the alliance chain to process the transaction. And a plurality of participants in the transaction process can be respectively used as nodes of the alliance chain to conduct data interaction through the alliance chain. Because a plurality of nodes of the alliance chain jointly maintain the account book, and data in the account book has the characteristics of being non-tamperable and non-counterfeitable, the trust degree of the data in the transaction flow can be improved.

In addition, for the transaction, the embodiment of the application provides the data standard information on the alliance chain, and the data standard information can uniformly prescribe the data in the transaction flow, so that the matching degree of the data among different participants can be improved.

In addition, for transactions, the embodiment of the application provides intelligent contract information on the alliance chain, and executes the intelligent contract information corresponding to the operation request. According to the embodiment of the application, the execution of the intelligent contract information can be triggered according to the operation request aiming at the alliance chain, so that the transaction behavior in the transaction flow is triggered, and further the automatic circulation of the transaction behavior or the processing link is realized. The method and the device can save the operation that the participants repeatedly communicate on line to confirm the processing links, so that the labor cost can be saved, and the processing efficiency of the transaction can be improved.

In addition, according to the embodiment of the application, corresponding source data can be directly obtained from the node according to the write-chain request for the alliance chain triggered by the node, so that the instantaneity and transparency of the data and the convenience of data supervision can be improved.

Drawings

FIG. 1 is a schematic illustration of an application environment of a transaction processing method according to an embodiment of the present application;

FIG. 2 is a schematic diagram of a product architecture of a transaction processing device according to an embodiment of the present application;

FIG. 3 is a schematic diagram of a technical architecture of a transaction processing device according to an embodiment of the present application;

FIG. 4 is an illustration of an access scheme of a transaction processing device of an embodiment of the present application;

FIG. 5 is a flowchart illustrating steps of an embodiment of a method for processing a transaction according to the present application;

FIG. 6 is a flow chart of steps of a second embodiment of a method of processing a transaction according to the present application;

FIG. 7 is a flow chart of steps of a third embodiment of a method of processing a transaction of the present application;

FIG. 8 is a flow chart of steps of an encryption method according to an embodiment of the present application;

FIG. 9 is a flow chart of steps of an encryption method according to an embodiment of the present application;

FIG. 10 is a flow chart of steps of a decryption method according to an embodiment of the present application;

FIG. 11 is a flow chart of steps of a decryption method according to an embodiment of the present application;

FIG. 12 is an application example of a data encryption and decryption method based on a federated chain according to an embodiment of the present application;

FIG. 13 is a block diagram of an embodiment of a transaction processing device of the present application;

FIG. 14 is a block diagram of an embodiment of a transaction processing device of the present application; and

fig. 15 is an exemplary device 1500 that may be used to implement various embodiments described herein.

Detailed Description

In order that the above-recited objects, features and advantages of the present application will become more readily apparent, a more particular description of the invention briefly described above will be rendered by reference to specific embodiments that are illustrated in the appended drawings.

The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all, of the embodiments of the present application. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments in the present application are within the scope of the protection of the present application.

The concepts of the present application are susceptible to various modifications and alternative forms, specific embodiments thereof have been shown by way of example in the drawings and will herein be described in detail. It should be understood, however, that the description herein of specific embodiments is not intended to limit the concepts of the present application to the particular forms disclosed, but on the contrary, the intention is to cover all modifications, equivalents, and alternatives falling within the scope of the present application.

Reference in the specification to "one embodiment," "an embodiment," "one particular embodiment," etc., means that a particular feature, structure, or characteristic may be included in the described embodiments, but every embodiment may or may not necessarily include the particular feature, structure, or characteristic. Moreover, such phrases are not necessarily referring to the same embodiment. Further, where a particular feature, structure, or characteristic is described in connection with an embodiment, it is submitted that it is within the purview of one skilled in the art to effect such feature, structure, or characteristic in connection with other ones of the embodiments whether or not explicitly described. In addition, it should be understood that the items in the list included in this form of "at least one of A, B and C" may include the following possible items: (A); (B); (C); (A and B); (A and C); (B and C); or (A, B and C). Likewise, an item listed in this form of "at least one of A, B or C" may mean (A); (C); (A and B); (A and C); (B and C); or (A, B and C).

In some cases, the disclosed embodiments may be implemented as hardware, firmware, software, or any combination thereof. The disclosed embodiments may also be implemented as instructions carried on or stored on one or more transitory or non-transitory machine-readable (e.g., computer-readable) storage media, which may be executed by one or more processors. A machine-readable storage medium may be implemented as a storage device, mechanism, or other physical structure (e.g., volatile or non-volatile memory, a media disc, or other media other physical structure device) for storing or transmitting information in a form readable by a machine.

In the drawings, some structural or methodological features may be shown in a particular arrangement and/or ordering. Preferably, however, such specific arrangement and/or ordering is not necessary. Rather, in some embodiments, such features may be arranged in a different manner and/or order than as shown in the drawings. Furthermore, inclusion of a feature in a particular figure that is not necessarily meant to imply that such feature is required in all embodiments and that, in some embodiments, may not be included or may be combined with other features.

The block chain technology is a brand new network application technology formed by combining the traditional encryption technology and the Internet distributed technology. A blockchain is an inter-organizational blockchain that contains nodes that typically have corresponding physical organizations, such as banks, insurance, securities, business associations, etc., that make up a benefit-related federation that together maintain healthy operation of the blockchain. Multiple nodes of a federation chain typically share a set of blockchain data, i.e., nodes of all federation members within the federation chain share a ledger.

The embodiment of the application can utilize the alliance chain to process the transaction. And a plurality of participants in the transaction process can be respectively used as nodes of the alliance chain to conduct data interaction through the alliance chain. Because a plurality of nodes of the alliance chain jointly maintain the account book, and data in the account book has the characteristics of being non-tamperable and non-counterfeitable, the trust degree of the data in the transaction flow can be improved.

An intelligent contract is a computer protocol that aims to propagate, verify, or execute contracts in an informative manner. The intelligent contract can be corresponding to the triggering condition and the transaction behavior, and the corresponding transaction behavior can be automatically executed under the condition that the related information of the operation request is matched with the triggering condition of the intelligent contract information. For example, after payment by the buyer, the shipping link is triggered. For another example, the buyer triggers an insurance purchasing link after receiving the ship-off notification. For another example, the buyer, after confirming receipt, triggers a transfer link to the seller, and so on.

Referring to fig. 1, there is shown an illustration of an application environment of a transaction processing method according to an embodiment of the present application, where the environment may specifically include: blockchain platform, administrative, node, user, etc.

The blockchain platform provides a safe and stable blockchain infrastructure based on the alliance chain technology and provides unified data standard information, intelligent contract information and a distributed account book.

The supervision side may include: the first node of the alliance chain can be used for making data standard information, service specifications and service standards, can carry out electronic approval of intelligent contract information, and can monitor logic and deployment of the intelligent contract information; and issuing identity information of the federated chain members to the second node.

For example, in a cross-border transaction scenario, a first node may include: customs, tax, outer pipe, etc., the second node may comprise: a logistics CP (Content Provider), customs clearance line, shipyard, wharf, etc.

The nodes are specifically nodes of a federation chain, and the nodes are providers of data on the chain. The nodes can conduct mutual examination of intelligent contract information. After the identity information of the nodes passes verification, a chain can be written or read, and all the nodes can share the account book based on the same data standard information.

The user may correspond to a federated chain member, or may be different from a federated chain member. The user may issue identity information by administration. A user may query the on-chain data based on demand supported by one or more service nodes. For example, customs inquires about transaction information, buyers inquire about commodity information or logistics information, and the like.

In summary, the blockchain platform of the embodiment of the present application may provide services of the federation chain for nodes of the federation chain, so that the nodes of the federation chain obtain unified data standard information, intelligent contract information, and distributed ledgers. In addition, the blockchain platform of the embodiment of the application can also provide a query service for the user so as to provide information of related transaction scenes for the user.

The embodiments of the present application are not limited to a particular transaction scenario. For example, a transaction scenario may relate to a cross-border transaction, which may include: online shopping scenarios, international wholesale scenarios, etc.

Referring to fig. 2, a schematic diagram of a product architecture of a transaction processing device according to an embodiment of the present application specifically includes: a query module 201, a privacy processing module 202, a document processing module 203, a control module 204, and a coalition chain processing module 205.

The query module 201 may provide a query function of transaction related information for internet users. The query function may include: one or more of the following functions: logistics inquiry, commodity inquiry, transaction verification (verifying the authenticity of a transaction), customs inquiry, document inquiry and the like.

The privacy processing module 202 may be used to process privacy information of federation chain members. The processing of the privacy processing module 202 may include, but is not limited to: account processing, rights processing, certificate processing, public and private key management, etc.

Wherein the certificate processing may be used to process digital certificates of federation chain members. The rights handling may handle read and write rights of the federation chain members to the federation chain. Alternatively, the rights processing may include: the security information of the alliance chain members is determined, and the security information can be a security level or a security value and the like.

The document processing module 203 may process documents of the transaction scenario based on the electronic document data criteria. For example, the functions of the document processing module 203 may include, but are not limited to: bill of lading, packing, customs clearance, invoice, origin evidence, trade order, etc.

The control module 204 may be used to maintain the stability of the device. The functions of the control module 204 may include, but are not limited to: read-write chain task processing, log inquiry, monitoring alarm, data report forms, charging management and the like.

The coalition chain processing module 205 can be used to process related transactions of a coalition chain. Such as federation chain applications, tenant management, intelligent contract management, multi-chain interworking management, etc.

The multi-link intercommunication is applied to the situation that the same user joins a plurality of alliance chains and is used for realizing data intercommunication among different alliance chains. Tenant management may include: data isolation between users of different transaction scenarios is achieved at the blockchain platform.

Referring to fig. 3, a schematic diagram of a technical architecture of a transaction processing device according to an embodiment of the present application is shown, which may specifically include: a communication layer 301, an API (application program interface, application Programming Interface) layer 302, a component layer 303, and a storage layer 304.

Among other things, the API layer 302 may provide RPC (remote procedure call) serviced APIs. The communication layer 301 provides an HTTP (hypertext transfer protocol ) interface through the gateway for invocation. For example, the user may invoke the HTTP interface described above via the APP of the participant in the transaction scenario. The above-mentioned parties may include: shipping CP, customs, tax, etc.

The functions of the API layer 302 may include: security privacy protection such as signature verification, parameter verification (verifying the accuracy of fields in transaction data), encryption of sensitive fields, etc.

The functions of the API layer 302 may include: logic services. The logical service may include: asynchronous task scheduling, block encoding and decoding, intelligent contract deployment, and the like. The asynchronous task scheduling specifically comprises the following steps: the intelligent contract is called asynchronously to carry out data reading and writing chains, whether the block is successfully written in or not is checked asynchronously, the asynchronous writing chains are carried out based on the configured digital certificate and public and private keys, and writing chain logs are recorded to the platform, so that whether the writing chains are successful or not is checked by an asynchronous task.

Component layer 303 may use components of HSF (high speed service framework), TDDL (panoblate distributed data layer Taobao Distributed Data Layer), message middleware, etc.

The storage layer 304 may use storage technologies such as MySQL and OSS (object storage service ) to store data.

It will be appreciated that the HTTP interfaces, components and storage techniques shown in fig. 3 are merely alternative embodiments, and that in fact, embodiments of the present application are not limited to specific communication interfaces, components and storage techniques.

Referring to fig. 4, a schematic illustration of an access scheme of a transaction processing device according to an embodiment of the present application is shown. The processing device can deploy an internal machine room and an external machine room, the internal machine room processes structured first data, and the external machine room processes streaming second data, wherein the first data and the second data can correspond to matched data, the first data is structured data, and the second data is encrypted streaming data.

The internal machine room may provide an HTTP interface through the gateway to communicate with the participants to join the participants into the federation chain. For example, a CA (certificate authority ) authority may be given to the participant, after which an access notification is sent to the participant.

In the embodiment of the application, the participant accesses the transaction device of the embodiment of the application to become a node of the alliance chain. The corresponding access manner may include: access through gateway exposed APIs, or SDK (software development kit) access through blockchain.

Method embodiment one

Referring to fig. 5, a flowchart illustrating steps of a first embodiment of a transaction processing method according to the present application may specifically include the following steps:

step 501, providing data standard information and intelligent contract information on a alliance chain for a transaction;

step 502, receiving an operation request for a coalition chain; the operation data corresponding to the operation request is matched with the data standard information;

step 503, executing the intelligent contract information corresponding to the operation request.

In step 501, data standard information and smart contract information may be provided on a coalition chain for the context of a transaction.

The data standard information can uniformly prescribe the data in the transaction flow, so that the matching degree of the data among different participants can be improved.

In an alternative embodiment of the present application, the nodes of the federation chain may include: and the first node is used for providing the data standard information and the intelligent contract information. The first node may be a supervising node of the federation chain, which may formulate data standard information and intelligent contract information.

In another alternative embodiment of the present application, the nodes of the federation chain may include: and the second node is used for auditing the intelligent contract information provided by the first node. The audited smart contract information will be stored for use in subsequent processing flows.

In an alternative embodiment of the present application, the receiving the operation request for the coalition chain includes: and converting to obtain a corresponding read chain request according to the query request for the transaction information.

The query request may include: logistics inquiry, commodity inquiry, transaction verification (verifying the authenticity of a transaction), customs clearance inquiry, document inquiry and the like.

In step 502, an operation request may be used to operate on a federated chain, which may include: a read chain request, or a write chain request, etc.

The operation data corresponding to the operation request is matched with the data standard information, and consistent data can be provided for a plurality of nodes. Optionally, the method may further include: and matching the operation data corresponding to the operation request with the data standard information, if the matching is successful, executing a subsequent flow, otherwise, returning corresponding error prompt information.

In step 503, execution of the intelligent contract information may be triggered according to the operation request for the federation chain, so as to trigger the transaction behavior in the transaction flow, thereby implementing automatic circulation of the transaction behavior or the processing link

In an optional embodiment of the present application, before the performing the intelligent contract information corresponding to the operation request, the method may further include: and matching the related information of the operation request with the triggering condition of the intelligent contract information to obtain the intelligent contract information corresponding to the operation request.

Optionally, the related information may include: the operation requests corresponding operation data and/or related nodes and/or related events.

The operation data is data for requesting reading and writing. The relevant node may be the node that triggered the operation request. For example, node a triggers a write chain request for operation data a, and the relevant nodes for operation data a may include node a. The related events may characterize events corresponding to the operational data. For example, the operation data B is a "credit and debit ticket", and the related event of the operation data B may include a "create ticket" event. As another example, the operation data C is "bill", and then the related event of the operation data C may include a "create bill" event or the like.

The triggering condition of the intelligent contract information may be determined by the first node and/or the second node of the federation chain. For example, a first node formulates a trigger condition, a second node reviews the trigger condition, and so on.

In an optional embodiment of the present application, before the performing the intelligent contract information corresponding to the operation request, the method may further include: and authenticating the requester corresponding to the operation request, and if the authentication is passed, executing the intelligent contract information corresponding to the operation request. The requestor may include: a requesting node or requesting user, etc.

In an optional embodiment of the present application, if the operation request is a write chain request, before executing the intelligent contract information corresponding to the operation request, the method further includes: encrypting the operation data by using the symmetric key to obtain ciphertext data; encrypting the symmetric key by using a public key of a preset alliance chain member to obtain an encrypted symmetric key; generating associated data between the identification of the preset alliance chain member and the encryption symmetric key; uploading the ciphertext data and the association data to a blockchain.

According to the embodiment of the application, the public key of the preset alliance chain member is utilized to encrypt the symmetric key, and the association data between the identification of the preset alliance chain member and the encrypted symmetric key is provided, so that the preset alliance chain member has the capabilities of decrypting the encrypted symmetric key and accessing the corresponding data. The preset coalition chain members may be specified by a data provider who wishes one or more coalition chain members to see data, and corresponding association data may be provided for the one or more coalition chain members. Whereas for non-preset coalition chain members (members other than preset coalition chain members), they do not have the ability to decrypt encrypted symmetric keys and access corresponding data. The embodiment of the application can enable the data to be accessed by the preset alliance chain members but not by the non-preset alliance chain members, so that the data can be isolated from the non-preset alliance chain members, the privacy data can be protected, and the safety of the data can be improved.

In an optional embodiment of the present application, if the operation request is a read chain request, before executing the intelligent contract information corresponding to the operation request, the method may further include: reading ciphertext data and associated data in a block chain according to the read chain request; the above-mentioned association data includes: presetting an identifier and an encryption symmetric key of a alliance chain member; and decrypting the encrypted symmetric key by utilizing the private key of the target alliance chain member to obtain the symmetric key.

The embodiment of the application provides the associated data between the identification of the preset alliance chain member and the encrypted symmetric key, so that the preset alliance chain member can decrypt the encrypted symmetric key by using the private key of the preset alliance chain member to access the corresponding data. According to the embodiment of the application, the non-preset alliance chain members can obtain the decryption failure result, so that the data can be accessed by the preset alliance chain members but not by the non-preset alliance chain members, the data can be isolated from the non-preset alliance chain members, the privacy data can be further protected, and the safety of the data can be improved.

In an alternative embodiment of the present application, the method may further include: reading at least two types of data provided by at least two nodes from the coalition chain for the transaction; and verifying the transaction according to the at least two data.

According to the embodiment of the application, the transaction is verified according to at least two types of data, and the authenticity of the transaction can be verified. For example, the transaction order, the logistics order, and the logistics follow-up order may be verified to verify the authenticity of the transaction.

In this embodiment of the present application, optionally, if the operation request is a write chain request, the corresponding operation data may be stored in the federation chain, and after the storing is completed, a data uplink notification may be sent to the requester.

In this embodiment of the present application, optionally, if the operation request is a read chain request, the corresponding operation data may be read on the coalition chain, and the corresponding operation data may be sent to the requester.

In summary, according to the transaction processing method provided by the embodiment of the application, for the transaction, the data standard information is provided on the alliance chain, and the data standard information can uniformly prescribe the data in the transaction flow, so that the matching degree of the data among different participants can be improved.

Method embodiment II

Referring to fig. 6, a flowchart illustrating steps of a second embodiment of a transaction processing method of the present application may specifically include the following steps:

step 601, for a transaction, reading at least two types of data provided by at least two nodes from a federation chain; the data is matched with data standard information corresponding to the transaction; the alliance chain operation corresponding to the data can trigger intelligent contract information corresponding to the transaction;

step 602, verifying the transaction according to the at least two data.

The method embodiment shown in FIG. 6 may be performed by the blockchain platform side or by a node of the federated chain. For example, if the third node has the authority to read the data of multiple nodes, the third node may execute the method, and the third node may be a supervisory node. Specifically, the content of the same field in at least two kinds of data can be matched, and a corresponding verification result is obtained according to the matching result.

In the embodiment of the application, under the condition of being executed by the third node, the third node can be subjected to reading authentication, after the reading authentication passes, the private key of the third node is utilized to decrypt at least two kinds of data, and the transaction is verified according to plaintext data obtained through decryption.

Method example III

Referring to fig. 7, which is a flowchart illustrating steps of a third embodiment of a transaction processing method of the present application, a transaction scenario corresponding to fig. 7 may include: the method shown in fig. 7 may specifically include the following steps:

s1, inquiring a plate quotation to achieve a transaction by a buyer and a seller;

s2, creating a trade bill by a trade platform;

step S3, aiming at the operation of creating the transaction list, the blockchain platform carries out the following processing:

step S31, writing authentication;

step S32, data encryption;

step S33, executing intelligent contracts;

step S34, storing a transaction list;

step S35, sending a trade order uplink notice;

s4, creating a logistics list by the logistics platform; note that the operation of creating the ticket may be an operation automatically triggered by the smart contract in step S33.

Step S5, aiming at the operation of creating the logistics list, the blockchain platform carries out the following processing:

step S51, writing authentication;

step S52, data encryption;

step S53, executing intelligent contracts;

step S54, storing a logistics list;

step S55, sending a logistics list uplink notification;

s6, executing a bill following operation by the commodity replacing CP; note that the operation of creating the ticket may be an operation automatically triggered by the smart contract of step S53.

Step S7, aiming at the documentary operation, the blockchain platform performs the following processing:

step S71, writing authentication;

step S72, data encryption;

step S73, executing intelligent contracts;

step S74, the calcaneus data are saved;

step S75, transmitting a follow-up data uplink notification;

s8, the customs clearance line generates a customs clearance bill; the operation of generating the customs clearance bill may be an operation automatically triggered by the smart contract in step S73.

Step S9, aiming at the operation of generating the primrose grass list, the block chain platform carries out the following processing:

step S91, reading authentication;

step S92, decrypting the data;

step S93, executing intelligent contracts;

and step S10, the customs clearance bank performs transaction verification, specifically, the transaction bill, the logistics bill and the follow-up bill data are verified to verify the authenticity of the transaction.

And S11, when the transaction verification is passed and/or the seller confirms the customs clearance bill, generating a formal customs clearance bill.

It should be noted that the embodiment of the method shown in fig. 7 is only used as an example of a transaction process, and those skilled in the art may actually use other transaction processes according to practical application requirements, for example, in a case that a node of the federation chain includes customs, the customs clearance sheet data may be linked for tax refund, and so on.

Method example IV

The fourth embodiment of the method describes an encryption process of operation data corresponding to the write-chain request.

Referring to fig. 8, a flowchart illustrating steps of an encryption method according to an embodiment of the present application may specifically include:

step 801, encrypting operation data by using a symmetric key to obtain ciphertext data;

step 802, encrypting the symmetric key by using a public key of a preset alliance chain member to obtain an encrypted symmetric key;

step 803, generating association data between the identification of the preset alliance chain member and the encryption symmetric key;

step 804, uploading the ciphertext data and the association data to a blockchain.

In step 801, a symmetric key may be randomly generated and the operation data is encrypted using the symmetric key. The embodiment of the application can adopt a symmetric encryption algorithm, and the operation data is encrypted by using a symmetric key, wherein the symmetric encryption algorithm can comprise: DES (data encryption standard ), AES (advanced encryption standard, advanced Encryption Standard), and the like.

The operational data in step 801 may correspond to all or a portion of the transaction data. For example, embodiments of the present application may utilize symmetric keys to encrypt transaction data. As another example, embodiments of the present application may encrypt a preset field in transaction data using a symmetric key. The preset field may be a sensitive field in the transaction data, such as a name, a phone number, etc., to protect the private information of the user. It will be appreciated that, those skilled in the art may determine the preset field according to actual application requirements, and the embodiment of the present application is not limited to a specific preset field.

In an optional embodiment of the present application, the encrypting the operation data by using the symmetric key may specifically include: encrypting a preset field in transaction data by using a first symmetric key to obtain first ciphertext data; and encrypting the first ciphertext data by using a second symmetric key to obtain second ciphertext data.

In another optional embodiment of the present application, the encrypting the operation data by using the symmetric key may specifically include: and encrypting the transaction data by using the third symmetric key to obtain third ciphertext data.

In step 802, the preset coalition chain members may be specified by the data provider, and it may be understood that the operation request may include: presetting information of alliance chain members.

If the data provider wishes for one or more coalition chain members to see the operational data, the one or more coalition chain members can be determined to be preset coalition chain members so that the preset coalition chain members have the ability to decrypt the encrypted symmetric key. Whereas for non-preset coalition chain members (members other than preset coalition chain members), they do not have the ability to decrypt encrypted symmetric keys. For example, if the data provider is party a, it may take party a, party B and party C as preset federation chain members, so that party a, party B and party C have the ability to decrypt the encrypted symmetric key, and thus can enable party a, party B and party C to access the corresponding operation data in the blockchain.

In an application example of the present application, the coalition chain member corresponding to the transaction scenario may include: sellers, buyers, trading platforms, partners (logistics institutions), national institutions (customs, tax authorities), etc. For one federated chain member, it is typically desirable for the preset federated chain member to view the corresponding operational data, while the non-preset federated chain member is not desirable to view the corresponding operational data. For example, customs or tax authorities wish the trading platform and buyer to view corresponding trading data, while not wish the seller and partner to view corresponding operating data; thus, a customs or tax office may determine the corresponding preset coalition chain members for the operational data. Similarly, other alliance chain members can determine the preset alliance chain members corresponding to the operation data according to the actual application requirements.

Of course, the preset coalition chain members may be specified by the transaction processing device, and the embodiment of the present application does not limit the specific preset coalition chain members and the determination manners thereof.

The preset alliance chain members are obtained according to the security information of the alliance chain members. The security information may be a security level or a security value, etc. For example, the security level may include: high-level, medium-level, low-level, etc., then for the transaction data, the high-level and medium-level coalition chain members can be used as preset coalition chain members; for the preset field in the transaction data, the advanced alliance chain member can be used as the preset alliance chain member. It can be appreciated that, those skilled in the art may determine the preset coalition chain member according to the actual application requirement, and the specific determination manner of the preset coalition chain member in the embodiment of the present application is not limited.

In this embodiment, optionally, the preset coalition chain member may include: the data provider corresponds to the federated chain members, and/or the data provider specifies the federated chain members.

The embodiment of the application can encrypt the symmetric key by utilizing the public key corresponding to the alliance chain member corresponding to the data provider, so that the data provider can obtain the capability of decrypting at any time and obtaining the plaintext data.

The embodiment of the application can encrypt the symmetric key by utilizing the public key corresponding to the alliance chain member appointed by the data provider, so that the alliance chain member appointed by the data provider can acquire the capability of decrypting and acquiring the plaintext data at any time.

In the embodiment of the application, the public keys of a plurality of alliance chain members can be provided in the scope of the alliance chain, in other words, the public keys of a plurality of alliance chain members are public in the scope of the alliance chain. Therefore, the embodiment of the application can encrypt the symmetric key by using the public key of the preset alliance chain member.

It should be noted that a symmetric key may correspond to at least one preset coalition chain member. If one symmetric key corresponds to a plurality of preset alliance chain members, the symmetric key can be encrypted by using public keys of the preset alliance chain members respectively. For example, the plurality of preset coalition chain members includes: party a, party B and party C may encrypt the symmetric key according to the public key of party a to obtain encrypted symmetric key a. Similarly, the encrypted symmetric key B may be obtained according to the public key of the party B, and the encrypted symmetric key C may be obtained according to the public key of the party C.

Alternatively, the embodiment of the application may encrypt the symmetric key by adopting an asymmetric encryption algorithm. The asymmetric encryption algorithm may include: RSA (proposed by Ron Rivest, adi Shamir, leonard Adleman), ECDSA (elliptic curve signature algorithm, elliptic Curve Digital Signature Algorithm), etc., it is to be understood that embodiments of the present application are not limited to a particular asymmetric encryption algorithm.

In an optional embodiment of the present application, the encrypting the symmetric key specifically includes: encrypting the first symmetric key by using a public key of a first preset alliance chain member to obtain a first encrypted symmetric key; and encrypting the second symmetric key by using the public key of the second preset alliance chain member to obtain a second encrypted symmetric key. Wherein the first preset coalition chain member and the second preset coalition chain member may be the same or different. For example, the first preset coalition chain member includes: party a and party B, the second preset coalition chain member comprising: participant a, participant B, participant C, etc.

In step 803, the identification of the preset coalition chain member may be used to uniquely identify the preset coalition chain member. The identification of the preset coalition chain members may include: user account number, user device information, etc.

In the case that one symmetric key corresponds to a plurality of preset coalition chain members, corresponding association data can be generated for the plurality of preset coalition chain members, respectively. For example, party a corresponds to associated data a, party B corresponds to associated data B, party C corresponds to associated data C, and so on.

According to one embodiment, the symmetric key comprises: in the case of the first symmetric key and the second symmetric key, the associated data may include:

the first associated data corresponding to the first encryption symmetric key; and

and the second associated data corresponding to the second encryption symmetric key.

According to another embodiment, the symmetric key comprises: in the case of the third symmetric key, the associated data may include: and third associated data corresponding to the third symmetric key.

Alternatively, the above-mentioned associated data may be key-value pair (key-value) data. The key may be an identifier, and the value may be an encryption symmetric key. For example, the association data may include: { party a: encrypt symmetric key a, party B: encrypt symmetric key B }, etc.

The embodiment of the application can write the associated data into a data body, and the data body can be in a JSON (JS object numbered musical notation, javaScript Object Notation) format. The data body may include: nested key-value pair data.

The keys in the first layer key pair data in the data volume may characterize the data type. The value in the first layer key pair data may include: and the second-layer key value pair data corresponds to the associated data.

An example of a data body may be: { second key content key: { second identification: second encrypted symmetric key, first key content key: { first identification: first encryption symmetric key }. The second identifier is specifically an identifier of a second preset alliance chain member, and the first identifier is specifically an identifier of a first preset alliance chain member. The second key content key and the first key content key represent different encryption modes, the second key content key representation is encrypted by using the public key of the second identifier, and the first key content key representation is encrypted by using the public key of the first identifier.

In step 804, the ciphertext data and the associated data are uploaded to a blockchain, so that a preset coalition chain member can read the ciphertext data and decrypt the ciphertext data.

The embodiment of the application can write the ciphertext data and the associated data into a data body and upload the data body to the block chain.

An example of a data body may be: { operation data ciphertext content key: { second ciphertext data }, second key content key: { second identifier; second encrypted symmetric key, first key content key: { first identity, first encryption symmetric key } }.

Method embodiment five

The fifth embodiment of the method describes an encryption process of operation data corresponding to the write-chain request.

Referring to fig. 9, a flowchart illustrating steps of an encryption method according to an embodiment of the present application may specifically include:

step 901, encrypting a preset field in operation data by using a first symmetric key to obtain first ciphertext data;

step 902, encrypting the first ciphertext data by using a second symmetric key to obtain second ciphertext data;

step 903, encrypting the first symmetric key by using a public key of a first preset alliance chain member to obtain a first encrypted symmetric key;

step 904, encrypting the second symmetric key by using the public key of the second preset alliance chain member to obtain a second encrypted symmetric key;

step 905, generating first association data between the identification of the first preset coalition chain member and the first encryption symmetric key, and generating second association data between the identification of the second preset coalition chain member and the second encryption symmetric key;

step 906, uploading the second ciphertext data, the first association data, and the second association data to a blockchain.

The embodiment of the application can carry out multi-layer encryption on the operation data so as to carry out full-plaintext, partial-plaintext or full-ciphertext sharing on the operation data aiming at different alliance chain members.

Assuming that the first preset alliance chain member corresponds to a first range and the second preset alliance chain member corresponds to a second range, the alliance chain members in the first range and the second range are hit, and the full plaintext of the operation data can be seen; alliance chain members that hit the second range but miss the first range may see a portion of the plaintext of the operational data, which may include: plaintext excluding a preset field in the operation data; the full ciphertext of the operational data may be seen by the coalition chain members that miss the second range.

Method example six

The sixth embodiment of the method describes a decryption process of the operation data corresponding to the read chain request.

Referring to fig. 10, a flowchart illustrating steps of a decryption method according to an embodiment of the present application may specifically include:

step 1001, reading ciphertext data and associated data in a blockchain; the association data may include: presetting an identifier and an encryption symmetric key of a alliance chain member;

step 1002, decrypting the encrypted symmetric key by using the private key of the target alliance chain member to obtain the symmetric key.

At least one step included in the method of the embodiment of the present application may be performed by a data access party, where the data access party may correspond to any member or any node of a federation chain, and it is understood that the embodiment of the present application is not limited to a specific implementation of the method shown in fig. 10.

In step 1002, a target federated chain member may be a federated chain member corresponding to a data party, which may characterize the federated chain members logged on the node. The target coalition chain member may be the same as or different from the preset coalition chain member.

Under the condition that the target alliance chain member is the same as the preset alliance chain member, a target encryption symmetric key corresponding to the target alliance chain member can be obtained from the associated data according to the identification of the target alliance chain member; and decrypting the target encryption symmetric key by using the private key of the target alliance chain member to obtain a result of successful decryption.

In the case that the target coalition chain member is different from the preset coalition chain member, the target encryption symmetric key corresponding to the target coalition chain member cannot be obtained. In this case, the private key of the target alliance chain member is used to decrypt any encrypted symmetric key in the associated data, and a decryption failure result is obtained.

In an alternative embodiment of the present application, the method may further include: and if the decryption of the encrypted symmetric key is successful, decrypting the ciphertext data by using the symmetric key. It can be understood that if the decryption of the encrypted symmetric key fails, the process ends.

In an optional embodiment of the present application, in a case of single-layer encryption, the decrypting the encrypted symmetric key specifically includes: and decrypting the third encrypted symmetric key by using the private key of the target alliance chain member to obtain a third symmetric key.

Optionally, the method may further include: and if the decryption of the third encryption symmetric key is successful, decrypting the third ciphertext data by using the third symmetric key to obtain plaintext data.

In another alternative embodiment of the present application, where multi-layer encryption is employed, the decrypting the encrypted symmetric key includes: and decrypting the second encrypted symmetric key by using the private key of the target alliance chain member to obtain a second symmetric key.

Optionally, the method may further include: and if the decryption of the second encryption symmetric key is successful, decrypting the second ciphertext data by using the second symmetric key to obtain the first ciphertext data. The first ciphertext data may include: presetting a field ciphertext.

In order to decrypt the preset field ciphertext in the first ciphertext data, the method may further include: acquiring a preset field ciphertext from the first ciphertext data; and decrypting the first encrypted symmetric key by utilizing the private key of the target alliance chain member to obtain the first symmetric key.

Optionally, the method may further include: and if the decryption of the first encryption symmetric key is successful, decrypting the preset field ciphertext by using the first symmetric key to obtain a preset field plaintext.

In summary, according to the decryption method of the embodiment of the present application, the association data between the identifier of the preset coalition chain member and the encrypted symmetric key is provided, so that the preset coalition chain member can decrypt the encrypted symmetric key by using its private key to access the corresponding data. According to the embodiment of the application, the non-preset alliance chain members can obtain the decryption failure result, so that the data can be accessed by the preset alliance chain members but not by the non-preset alliance chain members, the data can be isolated from the non-preset alliance chain members, the privacy data can be further protected, and the safety of the data can be improved.

Method embodiment seven

The seventh embodiment of the method describes a decryption process of the operation data corresponding to the read chain request.

Referring to fig. 11, a flowchart illustrating steps of a decryption method of the present application may specifically include the following steps:

step 1101, reading second ciphertext data and associated data in a blockchain; the association data may include: first and second associated data; the first association data specifically includes: the identification of the first preset alliance chain member and the first encryption symmetric key; the second association data specifically includes: the identification of the second preset alliance chain member and the second encryption symmetric key;

step 1102, decrypting the second encrypted symmetric key by using the private key of the target alliance chain member to obtain a second symmetric key;

step 1103, decrypting the second ciphertext data by using the second symmetric key to obtain the first ciphertext data;

step 1104, obtaining a preset field ciphertext from the first ciphertext data;

step 1105, decrypting the first encrypted symmetric key by using the private key of the target alliance chain member to obtain a first symmetric key;

step 1106, decrypting the ciphertext of the preset field by using the first symmetric key to obtain a plaintext of the preset field.

The embodiment of the application can carry out multi-layer decryption on the transaction data so as to access the transaction data in full plaintext, partial plaintext or full ciphertext aiming at different alliance chain members.

In the embodiment of the application, first decryption is performed on the second ciphertext data to obtain first ciphertext data. The second symmetric key corresponding to the first decryption can be obtained by decrypting the second encrypted symmetric key according to the private key of the target alliance chain member. Specifically, the target second encryption symmetric key corresponding to the target alliance chain member can be obtained from the second associated data according to the identification of the target alliance chain member, and the target second encryption symmetric key is decrypted according to the private key of the target alliance chain member.

The first ciphertext data may include a preset field ciphertext, and the embodiment of the present application may perform second decryption on the preset field ciphertext to obtain a preset field plaintext. The second decryption corresponding first symmetric key may be obtained by decrypting the first encrypted symmetric key according to the private key of the target alliance chain member. Specifically, a target first encryption symmetric key corresponding to the target alliance chain member can be obtained from the first associated data according to the identification of the target alliance chain member, and the target first encryption symmetric key is decrypted according to the private key of the target alliance chain member.

The embodiment of the application can provide a list of preset fields, and the target alliance chain member can see the names of the preset fields, but needs to obtain the contents of the preset fields through second decryption.

It should be noted that, the decryption in step 1102 and step 1105 may include: decryption success or decryption failure. If decryption fails, the flow may end.

For a better understanding of the embodiments of the present application, referring to fig. 12, an application example of a data encryption and decryption method based on a federated chain of the embodiments of the present application is shown, where a blockchain may include a plurality of blockchain nodes, including: participant a, participant B, participant C, and participant D correspond to blockchain nodes, respectively.

Participant a may correspond to a trading platform for providing trading data plaintext { 'name:' James ', product:' MP3', phone:' 123456 }. Party a may send a write chain request to the blockchain platform, which may include: the transaction data plaintext and the information of preset alliance chain members.

The blockchain platform may learn the public keys respectively corresponding to party a, party B, party C, and party D.

The blockchain platform may encrypt the transaction data plaintext in multiple layers.

Wherein the first layer encryption is sensitive field encryption. The list of sensitive fields is: name, phone. The symmetric key may be randomly generated, the sensitive field encrypted with the symmetric key, the symmetric key encrypted with the public keys of party a and party B, respectively, and the mapping between the identity and the encrypted symmetric key, referred to as first mapping data, generated for party a and party B, respectively. After the first layer encryption, first encrypted data can be obtained: { 'name': ', product': 'MP3', phone ':' }.

The second layer of encryption is transaction data encryption. The symmetric key may be randomly generated, the first encrypted data is encrypted with the symmetric key, the symmetric keys are encrypted with the public keys of party a, party B and party C, respectively, and the mapping between the identification and the encrypted symmetric key, referred to as second mapping data, is generated for party a, party B and party C, respectively. After the second layer encryption, second encrypted data can be obtained: * ***********************.

Transaction data for blockchain platform participant a, the data uploaded to the blockchain may include: second encrypted data, first mapped data, and second mapped data.

Participant B, participant C, and participant D may send read chain requests, respectively, to the blockchain platform, assuming first, second, and third read chain requests.

For the first read-chain request, the private key of the party B can be used to decrypt the encrypted symmetric key in the second mapping data and the first mapping data, so that two-layer decryption can be realized to obtain all transaction plaintext.

For the second read-chain request, the private key of the party C can be utilized to decrypt the encrypted symmetric key in the second mapping data, so that the second-layer decryption can be realized to obtain partial transaction plaintext; while the sensitive fields are not visible to the participants.

For the third read-chain request, the encrypted symmetric key in the second mapping data cannot be decrypted using the private key of party D, so it cannot decrypt any data and only gets the full transaction ciphertext.

It will be appreciated that the two-layer encryption and two-layer decryption shown in fig. 12 are only alternative embodiments, and in fact, embodiments of the present application may perform two or more layers of encryption and two or more layers of decryption on the plaintext of the transaction data.

In an alternative embodiment of the present application, the multi-layer encryption may be an N-layer encryption, which may include: front (N-1) layer encryption and nth layer encryption.

Wherein, the encryption of the front (N-1) layer is used for encrypting the fields, and the fields corresponding to the front (N-1) layer can respectively comprise: a first layer field, a second layer field, a third layer field …, an (N-1) th field, and the like. Alternatively, the field corresponding to the previous (N-1) layer may be determined according to security. Generally, the higher the security, the higher the number of layers of the corresponding field. Optionally, the security of the i-th layer field is higher than the security of the (i+1) -th layer field, so that the number of encryption layers of the i-th layer field is greater than that of the (i+1) -th layer field, that is, the field with higher security can be encrypted with more layers, and the security of layered encryption is improved. Wherein N, i can be a natural number greater than 0.

The N-th layer encryption is used for encrypting data corresponding to the encrypted field. Similar to the second layer encryption process shown in fig. 12, the interfaces are not described in detail herein.

In another alternative embodiment of the present application, the multi-layer encryption may include: a plurality of pairs of encryption, wherein a pair of encryption may in turn comprise: field encryption and data encryption, the first layer encryption shown in fig. 12 corresponds to field encryption, and the second layer encryption shown in fig. 12 corresponds to data encryption. The embodiment of the application can repeatedly execute the first-layer encryption and the second-layer encryption shown in fig. 12 so as to improve the security of data.

It is understood that the encryption of different layers may correspond to the same or different preset coalition chain members, and will not be described herein.

In addition, it can be understood that the multi-layer decryption is the inverse of the multi-layer encryption, and the multi-layer decryption can be performed according to the multi-layer encryption logic, which is not described herein.

It should be noted that, for simplicity of description, the method embodiments are shown as a series of acts, but it should be understood by those skilled in the art that the embodiments are not limited by the order of acts described, as some steps may occur in other orders or concurrently in accordance with the embodiments. Further, those skilled in the art will appreciate that the embodiments described in the specification are all preferred embodiments and that the acts referred to are not necessarily required by the embodiments of the present application.

The embodiment of the application also provides a transaction processing device.

Referring to fig. 13, a block diagram illustrating an embodiment of a transaction processing device according to the present application may specifically include the following modules:

a providing module 1301 for providing data standard information and intelligent contract information on a coalition chain for a transaction;

A request receiving module 1302 for receiving an operation request for a federation chain; the operation data corresponding to the operation request is matched with the data standard information;

the contract execution module 1303 is configured to execute the intelligent contract information corresponding to the operation request.

Optionally, the nodes of the federation chain may include: and the first node is used for providing the data standard information and the intelligent contract information.

Optionally, the nodes of the federation chain may include: and the second node is used for auditing the intelligent contract information provided by the first node.

Optionally, the apparatus may further include:

and the matching module is used for matching the related information of the operation request with the triggering condition of the intelligent contract information before the intelligent contract information corresponding to the operation request is executed, so as to obtain the intelligent contract information corresponding to the operation request.

Optionally, if the operation request is a write chain request, the apparatus may further include:

The data encryption module is used for encrypting the operation data by utilizing the symmetric key before executing the intelligent contract information corresponding to the operation request so as to obtain ciphertext data;

the key encryption module is used for encrypting the symmetric key by utilizing a public key of a preset alliance chain member so as to obtain an encrypted symmetric key;

the association generation module is used for generating association data between the identification of the preset alliance chain member and the encryption symmetric key;

and the uploading module is used for uploading the ciphertext data and the associated data to a blockchain.

Optionally, the data encryption module may include:

the first data encryption module is used for encrypting a preset field in the operation data by using the first symmetric key so as to obtain first ciphertext data;

and the second data encryption module is used for encrypting the first ciphertext data by using the second symmetric key so as to obtain second ciphertext data.

Optionally, the key encryption module may include:

the first key encryption module is used for encrypting the first symmetric key by utilizing the public key of the first preset alliance chain member so as to obtain a first encrypted symmetric key;

And the second key encryption module is used for encrypting the second symmetric key by using the public key of the second preset alliance chain member so as to obtain a second encrypted symmetric key.

Optionally, the preset coalition chain member is obtained according to security information of the coalition chain member.

Optionally, if the operation request is a read chain request, the apparatus may further include:

the reading module is used for reading ciphertext data and associated data in the block chain according to the read chain request before the intelligent contract information corresponding to the operation request is executed; the association data may include: presetting an identifier and an encryption symmetric key of a alliance chain member;

and the key decryption module is used for decrypting the encrypted symmetric key by utilizing the private key of the target alliance chain member so as to obtain the symmetric key.

Optionally, the apparatus may further include:

and the data decryption module is used for decrypting the ciphertext data by using the symmetric key if the decryption of the encrypted symmetric key is successful.

Optionally, the key decryption module may include:

and the first key decryption module is used for decrypting the second encrypted symmetric key by utilizing the private key of the target alliance chain member so as to obtain the second symmetric key.

Optionally, the apparatus may further include:

and the first data decryption module is used for decrypting the second ciphertext data by using the second symmetric key if the decryption of the second encryption symmetric key is successful, so as to obtain the first ciphertext data.

Optionally, the apparatus may further include:

the field ciphertext obtaining module is used for obtaining a preset field ciphertext from the first ciphertext data;

and the second key decryption module is used for decrypting the first encrypted symmetric key by utilizing the private key of the target alliance chain member so as to obtain the first symmetric key.

Optionally, the apparatus may further include:

and the second data decryption module is used for decrypting the preset field ciphertext by using the first symmetric key if the decryption of the first encrypted symmetric key is successful, so as to obtain the preset field plaintext.

Alternatively, the request receiving module 1302 may include:

and the inquiry receiving module is used for converting the inquiry request aiming at the transaction information into a corresponding read chain request.

Optionally, the apparatus may further include:

a reading module for reading at least two kinds of data provided by at least two nodes from the coalition chain for a transaction;

Optionally, the preset coalition chain member may include: the data provider corresponds to the federated chain members, and/or the data provider specifies the federated chain members.

Referring to fig. 14, there is shown a block diagram of an embodiment of a transaction processing device of the present application, which may specifically include the following modules:

a reading module 1401 for reading at least two kinds of data provided by at least two nodes from the coalition chain for a transaction; the data is matched with data standard information corresponding to the transaction; the alliance chain operation corresponding to the data can trigger intelligent contract information corresponding to the transaction;

a verification module 1402, configured to verify the transaction according to the at least two types of data.

In this specification, each embodiment is described in a progressive manner, and each embodiment is mainly described by differences from other embodiments, and identical and similar parts between the embodiments are all enough to be referred to each other.

The specific manner in which the various modules perform the operations in the apparatus of the above embodiments have been described in detail in connection with the embodiments of the method, and will not be described in detail herein.

Embodiments of the present application may be implemented as a system or apparatus configured as desired using any suitable hardware and/or software. Fig. 15 schematically illustrates an exemplary device 1500 that may be used to implement various embodiments described above in this application.

For one embodiment, fig. 15 illustrates an exemplary device 1500, the device 1500 may include: one or more processors 1502, a system control module (chipset) 1504 coupled to at least one of the processors 1502, a system memory 1506 coupled to the system control module 1504, a non-volatile memory (NVM)/storage 1508 coupled to the system control module 1504, one or more input/output devices 1510 coupled to the system control module 1504, and a network interface 1512 coupled to the system control module 1504. The system memory 1506 may include: instructions 1562, the instructions 1562 being executable by the one or more processors 1502.

The processor 1502 may include one or more single-core or multi-core processors, and the processor 1502 may include any combination of general-purpose or special-purpose processors (e.g., graphics processors, application processors, baseband processors, etc.). In some embodiments, the device 1500 can be configured as a server, a target device, a wireless device, etc. as described in embodiments of the present application.

In some embodiments, the apparatus 1500 may include one or more machine-readable media (e.g., system memory 1506 or NVM/storage 1508) having instructions and one or more processors 1502, in combination with the one or more machine-readable media, configured to execute the instructions to implement the modules included in the foregoing apparatus to perform the actions described above in embodiments of the present application.

The system control module 1504 of one embodiment may include any suitable interface controllers for providing any suitable interfaces to at least one of the processors 1502 and/or any suitable devices or components in communication with the system control module 1504.

The system control module 1504 for one embodiment may include one or more memory controllers to provide an interface to the system memory 1506. The memory controller may be a hardware module, a software module, and/or a firmware module.

The system memory 1506 for one embodiment may be used to load and store data and/or instructions 1562. For one embodiment, the system memory 1506 may include any suitable volatile memory, such as, for example, a suitable DRAM (dynamic random Access memory). In some embodiments, the system memory 1506 may include: double data rate type four synchronous dynamic random access memory (DDR 4 SDRAM).

The system control module 1504 for one embodiment may include one or more input/output controllers to provide interfaces to the NVM/storage 1508 and the input/output device(s) 1510.

The NVM/storage 1508 of one embodiment may be used to store data and/or instructions 1582. NVM/storage 1508 may include any suitable nonvolatile memory (e.g., flash memory, etc.) and/or may include any suitable nonvolatile storage device(s), such as one or more Hard Disk Drives (HDDs), one or more Compact Disc (CD) drives, and/or one or more Digital Versatile Disc (DVD) drives, etc.

NVM/storage 1508 may include a storage resource that is physically part of the apparatus on which device 1500 is installed, or it may be accessed by the apparatus without being part of the apparatus. For example, NVM/storage 1508 may be accessed over a network via network interface 1512 and/or through input/output devices 1510.

The input/output device(s) 1510 of one embodiment may provide an interface for the device 1500 to communicate with any other suitable device, the input/output device 1510 may include communication components, audio components, sensor components, and the like.

The network interface 1512 of an embodiment may provide an interface for the apparatus 1500 to communicate over one or more networks and/or with any other suitable devices, and the apparatus 1500 may communicate wirelessly with one or more components of a wireless network in accordance with any of one or more wireless network standards and/or protocols, such as accessing a wireless network based on a communication standard, such as WiFi (wireless fidelity ), 2G or 3G or 4G or 5G, or a combination thereof.

For one embodiment, at least one of the processors 1502 may be packaged together with logic of one or more controllers (e.g., memory controllers) of the system control module 1504. For one embodiment, at least one of the processors 1502 may be packaged together with logic of one or more controllers of the system control module 1504 to form a System In Package (SiP). For one embodiment, at least one of the processors 1502 may be integrated on the same new product as the logic of one or more controllers of the system control module 1504. For one embodiment, at least one of the processors 1502 may be integrated on the same chip with logic of one or more controllers of the system control module 1504 to form a system on a chip (SoC).

In various embodiments, device 1500 may include, but is not limited to: a desktop computing device or a mobile computing device (e.g., a laptop computing device, a handheld computing device, a tablet, a netbook, etc.), among others. In various embodiments, device 1500 may have more or fewer components and/or different architectures. For example, in some embodiments, device 1500 may include one or more cameras, keyboards, liquid Crystal Display (LCD) screens (including touch screen displays), non-volatile memory ports, multiple antennas, graphics chips, application Specific Integrated Circuits (ASICs), and speakers.

Wherein if the display comprises a touch panel, the display screen may be implemented as a touch screen display to receive input signals from a user. The touch panel includes one or more touch sensors to sense touches, swipes, and gestures on the touch panel. The touch sensor may sense not only the boundary of a touch or slide action, but also the duration and pressure associated with the touch or slide operation.

The embodiment of the application also provides a non-volatile readable storage medium, where one or more modules (programs) are stored, where the one or more modules are applied to an apparatus, and the apparatus may be caused to execute instructions (instructions) of each method in the embodiment of the application.

In one example, an apparatus is provided, comprising: one or more processors; and instructions in one or more machine-readable media stored thereon, which when executed by the one or more processors, cause the apparatus to perform a method as in an embodiment of the present application, the method may comprise: the method shown in fig. 2 or fig. 3 or fig. 4 or fig. 5 or fig. 6 or fig. 7 or fig. 8.

One or more machine-readable media are also provided in one example, having instructions stored thereon that, when executed by one or more processors, cause an apparatus to perform a method as in an embodiment of the present application, the method may comprise: the method shown in fig. 2 or fig. 3 or fig. 4 or fig. 5 or fig. 6 or fig. 7 or fig. 8.

The specific manner in which the operations of the respective modules are performed in the apparatus of the above embodiments has been described in detail in the embodiments related to the method, and will not be described in detail herein, but only with reference to the portions of the description related to the embodiments of the method.

Embodiments of the present application are described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

While preferred embodiments of the present embodiments have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the embodiments of the present application.

Finally, it is further noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

The foregoing has outlined a transaction processing method, a transaction processing device, an apparatus, and a machine readable medium in which the principles and embodiments of the present application have been described in detail, and specific examples have been applied herein to assist in understanding the method and core ideas of the present application; meanwhile, as those skilled in the art will have modifications in the specific embodiments and application scope in accordance with the ideas of the present application, the present description should not be construed as limiting the present application in view of the above.

Claims

1. A method of processing a transaction, comprising:

executing intelligent contract information corresponding to the operation request;

the operation request is a write chain request, and before the intelligent contract information corresponding to the operation request is executed, the method further comprises:

encrypting a preset field in transaction data by using a first symmetric key to obtain first ciphertext data; encrypting the first ciphertext data by using a second symmetric key to obtain second ciphertext data; the transaction data corresponds to a full plaintext; the first ciphertext data corresponds to a partial plaintext; the second ciphertext data corresponds to a full ciphertext; encrypting the first symmetric key by using a public key of a first preset alliance chain member to obtain a first encrypted symmetric key; encrypting the second symmetric key by using the public key of the second preset alliance chain member to obtain a second encrypted symmetric key; generating association data between the identification of the first preset alliance chain member and the first encryption symmetric key, and between the identification of the second preset alliance chain member and the second encryption symmetric key; and uploading the associated data to a blockchain.

2. The method of claim 1, wherein the nodes of the federation chain comprise: and the first node is used for providing the data standard information and the intelligent contract information.

3. The method of claim 2, wherein the nodes of the federation chain comprise: and the second node is used for auditing the intelligent contract information provided by the first node.

4. The method of claim 1, wherein prior to said executing the smart contract information corresponding to the operation request, the method further comprises:

and matching the related information of the operation request with the triggering condition of the intelligent contract information to obtain the intelligent contract information corresponding to the operation request.

5. The method of claim 4, wherein the related information comprises: the operation requests corresponding operation data and/or related nodes and/or related events.

6. The method of claim 1, wherein the first preset coalition chain member or the second preset coalition chain member is derived based on security information of the coalition chain members.

7. The method according to any one of claims 1 to 4, wherein the operation request is a read chain request, and before the executing the smart contract information corresponding to the operation request, the method further comprises:

reading ciphertext data and associated data in a block chain according to the read chain request; the association data includes: presetting an identifier and an encryption symmetric key of a alliance chain member;

and decrypting the encrypted symmetric key by utilizing the private key of the target alliance chain member to obtain the symmetric key.

8. The method of claim 7, wherein the method further comprises:

and if the decryption of the encrypted symmetric key is successful, decrypting the ciphertext data by using the symmetric key.

9. The method of claim 7, wherein decrypting the encrypted symmetric key comprises:

and decrypting the second encrypted symmetric key by using the private key of the target alliance chain member to obtain a second symmetric key.

10. The method according to claim 9, wherein the method further comprises:

and if the decryption of the second encryption symmetric key is successful, decrypting the second ciphertext data by using the second symmetric key to obtain the first ciphertext data.

11. The method according to claim 10, wherein the method further comprises:

acquiring a preset field ciphertext from the first ciphertext data;

and decrypting the first encrypted symmetric key by utilizing the private key of the target alliance chain member to obtain the first symmetric key.

12. The method of claim 11, wherein the method further comprises:

and if the decryption of the first encryption symmetric key is successful, decrypting the preset field ciphertext by using the first symmetric key to obtain a preset field plaintext.

13. The method of any of claims 1 to 4, wherein the receiving an operation request for a federation chain comprises:

and converting to obtain a corresponding read chain request according to the query request for the transaction information.

14. The method according to any one of claims 1 to 4, further comprising:

reading at least two types of data provided by at least two nodes from the coalition chain for the transaction;

and verifying the transaction according to the at least two data.

15. The method of claim 1, wherein the first or second preset coalition chain members comprise: the data provider corresponds to the federated chain members, and/or the data provider specifies the federated chain members.

16. A method of processing a transaction, the method comprising:

verifying the transaction according to the at least two data;

wherein the reading at least two types of data provided by at least two nodes from the federation chain comprises: reading second ciphertext data and associated data in the blockchain; the association data includes: presetting an identifier of a alliance chain member, a first encryption symmetric key and a second encryption symmetric key; decrypting the second encrypted symmetric key with the private key of the target coalition chain member to obtain a second symmetric key; if the decryption of the second encryption symmetric key is successful, decrypting the second ciphertext data by using the second symmetric key to obtain the first ciphertext data; transaction data corresponds to full plaintext; the first ciphertext data corresponds to a partial plaintext; the second ciphertext data corresponds to a full ciphertext; acquiring a preset field ciphertext from the first ciphertext data; and decrypting the first encrypted symmetric key by utilizing the private key of the target alliance chain member to obtain the first symmetric key.

17. A transaction processing device, the device comprising:

the contract execution module is used for executing intelligent contract information corresponding to the operation request;

the operation request is a write chain request, and before the intelligent contract information corresponding to the operation request is executed, the device is further configured to encrypt a preset field in the transaction data by using a first symmetric key to obtain first ciphertext data; encrypting the first ciphertext data by using a second symmetric key to obtain second ciphertext data; the transaction data corresponds to a full plaintext; the first ciphertext data corresponds to a partial plaintext; the second ciphertext data corresponds to a full ciphertext; encrypting the first symmetric key by using a public key of a first preset alliance chain member to obtain a first encrypted symmetric key; encrypting the second symmetric key by using the public key of the second preset alliance chain member to obtain a second encrypted symmetric key; generating association data between the identification of the first preset alliance chain member and the first encryption symmetric key, and between the identification of the second preset alliance chain member and the second encryption symmetric key; and uploading the associated data to a blockchain.

18. A transaction processing device, the device comprising:

the verification module is used for verifying the transaction according to the at least two types of data;

19. An electronic device, comprising:

one or more processors; and

one or more machine readable media having instructions stored thereon, which when executed by the one or more processors, cause the electronic device to perform the method of one or more of claims 1-16.

20. One or more machine readable media having instructions stored thereon that, when executed by one or more processors, cause an apparatus to perform the method of one or more of claims 1-16.