CN114553875B - Asset uplink system and method based on decentralization ID and prophetic machine - Google Patents
Asset uplink system and method based on decentralization ID and prophetic machine Download PDFInfo
- Publication number
- CN114553875B CN114553875B CN202210283177.1A CN202210283177A CN114553875B CN 114553875 B CN114553875 B CN 114553875B CN 202210283177 A CN202210283177 A CN 202210283177A CN 114553875 B CN114553875 B CN 114553875B
- Authority
- CN
- China
- Prior art keywords
- asset
- issuer
- file
- certificate
- registry
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- 238000012795 verification Methods 0.000 claims abstract description 32
- 230000008569 process Effects 0.000 claims abstract description 17
- 230000009471 action Effects 0.000 claims description 7
- 238000004806 packaging method and process Methods 0.000 claims description 3
- 230000001960 triggered effect Effects 0.000 claims description 3
- 230000002776 aggregation Effects 0.000 description 1
- 238000004220 aggregation Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- PCHJSUWPFVWCPO-UHFFFAOYSA-N gold Chemical compound [Au] PCHJSUWPFVWCPO-UHFFFAOYSA-N 0.000 description 1
- 239000010931 gold Substances 0.000 description 1
- 229910052737 gold Inorganic materials 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012804 iterative process Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/27—Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Databases & Information Systems (AREA)
- Physics & Mathematics (AREA)
- Economics (AREA)
- General Business, Economics & Management (AREA)
- Technology Law (AREA)
- Strategic Management (AREA)
- Marketing (AREA)
- Computing Systems (AREA)
- Development Economics (AREA)
- Data Mining & Analysis (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses an asset linking system and method based on a decentralizing ID and a prophetic machine, wherein before the asset is linked, an asset issuer registers in a decentralizing ID registry; when an asset is being linked up, generating an intelligent contract to represent the user's asset; signing the certificate corresponding to the asset by using the private key of the asset issuer; the certificate is attached to the smart contract. When the intelligent contract representing the asset triggers the transaction, the validity of the asset needs to be verified, the under-chain data is acquired through the propulsor, and the transaction operation is continued after the verification result is returned. The invention realizes the asset uplink process by means of the block chain, the prophetic machine and the decentralization ID, thereby realizing the asset-related application, and having the decentralization characteristic.
Description
Technical Field
The invention belongs to the technical field of blockchain, and particularly relates to an asset uplink system and method based on a decentralised ID and a predictor
Background
"asset tokenization" refers to the term that uses blockchain technology to express ownership or rights of an asset as tradable in-chain tokens. While it most commonly refers to the tokenization of financial or alternative assets, such as corporate shares or a certain amount of gold, asset tokenization may be assumed to refer to tokenization of anything, whether of monetary value or not: asset tokenization is therefore one of the most promising use cases of blockchains, with the growing upper limit likely to include almost all human economic activity, from one artwork to one patent to one technician for one hour. The obtained asset token has the advantages of strong fluidity, high participatability, high transparency, high safety, etc.
Blockchains are a deterministic, closed world in which the intelligence uses data generated by the blockchain itself, and cannot acquire real world data, and the blockchain is split from the real world. Prophetic machines are proposed to address the chaining of the data under chains, which write the data under chains into the blockchain in a transactional manner. Prophetic is very important for blockchain ecology because it expands the applicable range of blockchains, making the integration of blockchains with the real world possible.
Kuhle et al propose a blockchain-based commercial aircraft rental asset management system that is composed of four modules, namely asset tokenization, user management, transaction processing, and interaction, but is not detailed for the asset linking module, nor is it compatible with existing asset discoverers or management systems. Yan et al propose a digital asset management system that incorporates an access control model (ABAC) for attribute-based access rights control (Transaction-based Access Control).
Disclosure of Invention
The invention aims to overcome the defects and shortcomings of the prior art and provides an asset linking system and method based on a decentralised ID and a predictor.
In order to achieve the above purpose, the present invention adopts the following technical scheme:
an asset linking system based on a decentralised ID and a propulsor comprises an asset issuer, the propulsor, a decentralised ID registry and an asset intelligent contract;
the predictor is used for acquiring the data under the chain and writing the data into the chain;
a decentralised ID registry for asset ID registration and asset issuer ID registration;
an asset intelligent contract which is preset according to the contract to automatically complete the transaction;
before the asset is uplink, the asset issuer registers a domain in a decentralizing ID registry and generates an identity document, wherein the identity document comprises an asset issuer ID and an asset ID issued by the asset issuer ID, an asset issuer public key and a revocation list;
when a user links up the assets, an asset issuer of the user links up the assets, including generating an intelligent contract, signing an asset evidence file corresponding to the assets by using a private key of the asset issuer, and attaching the asset evidence file to the intelligent contract;
when a smart contract representing an asset triggers a transaction, verifying the validity of the asset, including verifying the asset issuer certificate, verifying a registration authority of the asset issuer certificate, until a trusted authority or root certificate is encountered; after verification is completed, the transaction is continued.
Further, the identification document specifically includes:
for an asset issuer or service provider, its identification document includes an ID, public key information, and revocation list;
for an issued asset, its identification document contains an ID, a contract address, and a certificate, which includes a plurality of certificate attributes, specifically a signature algorithm, creator ID, and signature information.
Further, the system also comprises a distributed file system for storing the identification document.
The invention also includes an asset linking method based on the provided asset linking system, comprising:
before the asset is uplink, the asset issuer registers in the decentralised ID registry;
when an asset is being linked up, generating an intelligent contract to represent the user's asset; signing the certificate corresponding to the asset by using the private key of the asset issuer; the document index of the certification document on the distributed file system is added to the registry.
Further, the asset issuer registers with the decentralised ID registry specifically as:
the asset Issuer needs to register its domain with the decentralised ID registry for the Issuer i ObtainingCorresponding domain Region i And generating a corresponding identification Document i 。
Further, the asset linking process specifically includes:
when a user needs to link up owned assets, the own service provider performs the following operations:
generating corresponding smart contracts to record smart contract Address on behalf of corresponding assets i ;
Signing the asset certificate file with the asset issuer private key:
wherein ,
for the private key of the asset issuer, +.>
Identification is an intelligent contract address i An ID identifier within the asset issuer for the asset;
the asset certification file is updated or added to the registry at the index value of the distributed file system.
Further, when the intelligent contract representing the asset triggers the transaction, the validity of the asset needs to be verified, the under-chain data is obtained through the predictor, and the transaction operation is continued after the verification result is returned; the method comprises the following steps:
s1, a predictor node monitors a blockchain event triggering verification process, wherein key information contained in the event triggered at the moment is as follows: action to be performed, address from addr to send action, and id;
the action is to check the validity of the asset proof file, the trigger address is the contract address of the asset, and the certificate is prevented from being abused for the subsequent verification of the trigger source; ID is the asset's decentralised ID;
s2, searching a corresponding file index address according to the id to a registry,acquiring a corresponding asset certificate plaintext file in a distributed file system according to the file index address asset;
S3, verifying the corresponding file according to the from addr recorded in the event asset If the addresses in the files are consistent, performing step S3 if the addresses are passed;
s4, according to the file asset The file obtains the corresponding proof information including the creator's de-centralized IDID isuuer Then according to ID issuer Obtaining file index and identification file by adopting similar steps issuer In file issuer The file contains public key information of the issuers and an asset revocation list;
if the asset to be checked is in the revocation list, the corresponding public key information is returned if the asset to be checked is successful
S5, if the verification in the step S4 is successful, the public key is needed
The validity of the signature in the asset certification file is checked through the information, and a checking mode is determined according to the type attribute in the signature;
s6, writing the checking result or any failed result in the step S5 back to the block chain system; the brief process assigns callback addresses for packaging the results into transactions and then triggering events.
Further, verifying asset validity specifically includes:
locating to an asset Issuer Issuer based on a proof of contract i Asset issuer attestation properties;
locating the asset issuer identification document and its issuer validity proofing attribute according to the ID of the asset issuer or the corresponding domain; meanwhile, verifying attributes such as a certificate revocation list, a certificate validity period and the like which are issued by an asset issuer;
the verification result is written back to the blockchain through the predictor for subsequent use by the blockchain.
Compared with the prior art, the invention has the following advantages and beneficial effects:
1. the invention realizes the asset uplink process by means of the block chain, the prophetic machine and the distributed ID, thereby realizing the asset-related application, and having the characteristics of decentralization and distribution.
2. The invention can be compatible with the compatible asset issuing system, and only needs the asset issuer to access the asset uplink standard, so that the asset uplink operability and the realizability are strong.
3. The invention provides 2 ideas for removing the weight, and the specific equipment can be identified and removed by utilizing the characteristics of the equipment.
Drawings
FIG. 1 is a schematic illustration of the process of the present invention;
FIG. 2 is a process of interacting a chaink predictor solution with the present system intelligent contract;
fig. 3 is a proof file sample.
Detailed Description
The present invention will be described in further detail with reference to examples and drawings, but embodiments of the present invention are not limited thereto.
Examples
As shown in FIG. 1, the present invention, an asset linking system based on a decentralised ID and a propulsor, comprises an asset issuer, a propulsor, a decentralised ID registry and an asset intelligence contract;
the predictor is used for acquiring the data under the chain and writing the data into the chain;
a decentralised ID registry for asset ID registration and asset issuer ID registration;
an asset intelligent contract which is preset according to the contract to automatically complete the transaction;
before the asset is uplink, the asset issuer registers a domain in a decentralizing ID registry and generates an identity document, wherein the identity document comprises an asset issuer ID and an asset ID issued by the asset issuer ID, an asset issuer public key and a revocation list;
when a user links up his or her assets, the user's asset issuer (server) links up the assets for it, including generating an intelligent contract, signing the asset certificate corresponding to the asset using the asset issuer private key, and appending the asset certificate to the intelligent contract;
when a smart contract representing an asset triggers a transaction, verifying the validity of the asset, including verifying the asset issuer certificate, verifying a registration authority of the asset issuer certificate, until a trusted authority or root certificate is encountered; after verification is completed, the transaction is continued.
In this embodiment, as shown in fig. 3, the identification document includes:
for an asset issuer (service provider), its identification document mainly includes an ID, public key information, and revocation list (including revoked IDs); the issuer's identification document does not need the root certificate signature similar to CA organization, the issuer who is authorized by the alliance chain members together maintains, for the issuer who needs to be revoked, only need to cut off the mapping from its ID to the decentralised system document index, and this function is maintained by the registry, also by the alliance chain members together;
for the issued asset, the identification document mainly comprises an ID, a contract address and a certificate, wherein the certificate attribute comprises a signature algorithm, a creator ID and signature information.
In this embodiment, the system further includes a distributed file system for storing identification documents.
As shown in table 1 below, the functional main body according to the present embodiment is described.
TABLE 1
In another embodiment, an asset linking method based on the above system is provided, comprising an asset issuer registering at a decentralised ID registry prior to asset linking; the method comprises the following steps:
the asset Issuer needs to register its domain with the decentralised ID registry for the Issuer i Obtaining the corresponding domain Region i And generating a corresponding identification Document i . Identification document style, see distributed ID Standard for W3C drafting (Decentralized Identifiers)
When an asset is being linked up, generating an intelligent contract to represent the user's asset; signing the certificate corresponding to the asset by using the private key of the asset issuer; adding the certification document to the registry in a document index of the distributed file system; the asset is specifically included when it is linked:
when a user needs to chain an owned asset, the facilitator itself performs the following operations:
generating corresponding smart contracts to record smart contract Address on behalf of corresponding assets i The method comprises the steps of carrying out a first treatment on the surface of the The generated intelligence needs to realize a certain standard interface to ensure the unification of the whole system asset contract.
Signing the identification document corresponding to the asset by adopting the private key of the asset issuer:
wherein ,
for the private key of the asset issuer, +.>
Identification is an intelligent contract address i An ID identifier within the asset issuer for the asset; the purpose of including the smart contract address is to prevent other contracts from referencing the same identification document, and to prevent theft.
The asset certification file is updated or added to the registry at the index value of the distributed file system. The documents may be on-chain or off-chain, depending on the system requirements or the implementation of the link.
When intelligent contracts representing the assets trigger transaction, the validity of the assets needs to be verified, the under-chain data is obtained through a prophetic machine, and the transaction operation is continued after a verification result is returned; verifying asset validity specifically includes:
locating to an asset Issuer Issuer based on a proof of contract i Asset issuer attestation properties;
locating the asset issuer identification document and its issuer validity proofing attribute according to the ID of the asset issuer or the corresponding domain; meanwhile, verifying attributes such as a certificate revocation list, a certificate validity period and the like which are issued by an asset issuer; the verification validity can adopt a method similar to a TLS certificate system method to set the root certificate of the whole system to continue verification iteration, and the verification iteration can be returned to the verification result.
The verification result is written into the blockchain through the prophetic machine for subsequent use of the blockchain. In this embodiment, as shown in fig. 2.
Asset validity verification is an iterative process that first verifies whether the issuer's certificate, which the asset certificate has, is legitimate and then verifies whether the issuer's identity certificate authority attributes are legitimate, in turn verifying until a root certificate or trusted authority is encountered.
The asset proof file may be stored in an under-chain distributed file system, and the validity is verified by the predictor node, so that the predictor node may intentionally forge the calculation result and get a high interest rate, and the predictor node honest problem is guaranteed by the predictor system, for example, in the chainlink predictor solution, honest actions are performed by using the guide nodes such as multi-layer network aggregation, reward and punishment mechanism, and the like.
Further describing the asset issuer as a domain name server, the domain name server issues an asset as a domain name, then the following procedure exists for asset uplink:
step S1, a DNS server needs to de-centralize an ID registration center to create a domain belonging to the DNS server, and if the DNS server registers the domain as DID: dns, the subsequent ID starting from this domain will be resolved to the service provider for interpretation and verification. The creation process logic ensures that the domain is unique and not duplicated. The creation of submitted content includes basic information such as an index of an identification document under a distributed file system, an issuer, and the like, and public key information of a domain name service provider is contained in the identification document.
Step S2, the domain name asset owned by the user needs to be uplink, and is assumed to be example.com, firstly, the decentralization ID of the asset needs to be generated according to the unique determination rule of the domain name service provider, and one simple implementation is that after the domain name is attached to the service provider domain, the unique ID is composed as DID: dns: example.
Step S3, an intelligent contract representing the asset needs to be created, the intelligent contract can be created by a service provider instead, after the intelligent contract is created, the intelligent contract is still in a created state and cannot be used, and subsequent initialization operation needs to be completed. The created contract Address is Address i 。
S4, generating an identification document for the asset contract; adding a pair Address to an identity document attribute representing an asset using a private key of a domain name service provider i Is a signature of (a).
Step S5, uploading the identification document to a distributed file system, such as IPFS, to obtain a document unique index i 。
Step S6, indexing the file into index i Setting up to the asset intelligent contract, setting up the tradable state, and finishing initialization. The intelligent contracts representing domain name assets are tradable at this point.
The above is the uplink process using the de-centralized ID system and the predictor, which is mainly used in verifying asset validity during the transaction. The following is the asset validity verification process during the transaction:
step S1, the verification process is completed by means of a propulsor, the distributed file system index is provided to the propulsor contract, and the propulsor contract is used for notifying the off-link monitoring equipment of the related verification event. For the chaink predictor solution and the ethernet network, the verification request may also be triggered with a stability library provided by the chaink.
Step S2, after the predictor node monitors the verification request, the identity document needs to be obtained according to the index of the distributed file system, for example, for IPFS, the index is a hash value. After the file is obtained, preliminary verification is needed, whether the contract address triggering the verification is consistent with the identification document is checked, and the next signature verification is performed after the contract address triggering the verification is passed.
And step S3, verifying whether the signature meets the requirement. The domain to which the issuer belongs needs to be obtained from the decentralised ID in the file, such as DID: dns, based on the file index of the identification document, using the public key information in the document, verifies whether the asset's document is legitimate, and of course, also verifies whether the issuer's document is legitimate and the issuer's list of revoked certificates issued on the blockchain. After completion, the verification result needs to be written back to the blockchain.
S4, writing the result back to the block chain; and packaging the result data into a transaction writing block and calling a callback method of the asset contract.
The asset linking process is characterized in that an asset issuer is required to sign an asset identification document, and the identification document contains a unique intelligent address, so that signed identification can not be abused; while different issuers have different ID fields, so that the asset will not repeat between different issuers, under existing asset management systems, the asset of one issuer must contain a unique ID that can be used as an identifier under a field of the decentralised ID. The method can be compatible with the existing asset issuing ID system, and each issuer can solve the problem of the uplink repeatability of the asset by only ensuring that the assets subordinate to the issuer cannot be repeated and the problem of repeated signature of the same asset.
It should also be noted that in this specification, terms such as "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (7)
1. An asset linking system based on a decentralizing ID and a prophetic machine is characterized by comprising an asset issuer, the prophetic machine, a decentralizing ID registry and an asset intelligent contract;
the predictor is used for acquiring the data under the chain and writing the data into the chain;
a decentralised ID registry for asset ID registration and asset issuer ID registration;
an asset intelligent contract which is preset according to the contract to automatically complete the transaction;
before the asset is uplink, the asset issuer registers a domain in a decentralizing ID registry and generates an identity document, wherein the identity document comprises an asset issuer ID and an asset ID issued by the asset issuer ID, an asset issuer public key and a revocation list;
when a user links up the assets, an asset issuer of the user links up the assets, including generating an intelligent contract, signing an asset evidence file corresponding to the assets by using a private key of the asset issuer, and attaching the asset evidence file to the intelligent contract;
when a smart contract representing an asset triggers a transaction, verifying the validity of the asset, including verifying an asset issuer certificate, verifying a registration authority of the asset issuer certificate, until a trusted authority or root certificate is encountered; after verification is completed, continuing to conduct transaction;
when intelligent contracts representing the assets trigger transaction, the validity of the assets needs to be verified, the under-chain data is obtained through a prophetic machine, and the transaction operation is continued after a verification result is returned; the method comprises the following steps:
s1, a predictor node monitors a blockchain event triggering verification process, wherein key information contained in the event triggered at the moment is as follows: action to be performed, address from addr to send action, and id;
the action is to check the validity of the asset proof file, the trigger address is the contract address of the asset, and the certificate is prevented from being abused for the subsequent verification of the trigger source; ID is the asset's decentralised ID;
s2, searching a corresponding file index address according to the id, and acquiring a corresponding asset certificate plaintext file in the distributed file system according to the file index address asset ;
S3, verifying the corresponding file according to the from addr recorded in the event asset If the addresses in the files are consistent, performing step S4 if the addresses are passed;
s4, according to the file asset The file obtains the corresponding proof information including the creator's de-centralized IDID isuuer Then according to ID issuer Obtaining file index and identification file by adopting similar steps issuer In file issuer The file contains public key information of the issuers and an asset revocation list;
if the asset to be checked is in the revocation list, the corresponding public key information is returned if the asset to be checked is successful
S5, if the verification in the step S4 is successful, the public key is needed
The validity of the signature in the asset certification file is checked through the information, and a checking mode is determined according to the type attribute in the signature;
s6, writing the checking result or any failed result in the step S5 back to the block chain system; the brief process assigns callback addresses for packaging the results into transactions and then triggering events.
2. The asset linking system based on decentralised ID and propulsor of claim 1, wherein the identification document specifically comprises:
for an asset issuer or service provider, its identification document includes an ID, public key information, and revocation list;
for an issued asset, its identification document contains an ID, a contract address, and a certificate, which includes a plurality of certificate attributes, specifically a signature algorithm, creator ID, and signature information.
3. The asset linking system based on a decentralised ID and predictor as claimed in claim 1, further comprising a distributed file system for storing identification documents.
4. A method of asset linking based on an asset linking system as claimed in any one of claims 1 to 3, comprising:
before the asset is uplink, the asset issuer registers in the decentralised ID registry;
when an asset is being linked up, generating an intelligent contract to represent the user's asset; signing the certificate corresponding to the asset by using the private key of the asset issuer; the document index of the certification document on the distributed file system is added to the registry.
5. The asset linking method of claim 4, wherein the asset issuer registration at the decentralised ID registry is specifically:
the asset Issuer needs to register its domain with the decentralised ID registry for the Issuer i Obtaining the corresponding domain Region i And generating a corresponding identification Document i 。
6. The asset linking method according to claim 5, wherein the asset linking specifically comprises:
when a user needs to link up owned assets, the own service provider performs the following operations:
generating corresponding smart contracts to record smart contract Address on behalf of corresponding assets i ;
Signing the asset certificate file with the asset issuer private key:
wherein ,
for the private key of the asset issuer, +.>
Identification is an intelligent contract address i An ID identifier within the asset issuer for the asset;
the asset certification file is updated or added to the registry at the index value of the distributed file system.
7. The asset linking method of claim 4, wherein verifying asset validity comprises:
locating to an asset Issuer Issuer based on a proof of contract i Asset issuer attestation properties;
locating the asset issuer identification document and its issuer validity proofing attribute according to the ID of the asset issuer or the corresponding domain; meanwhile, verifying attributes such as a certificate revocation list, a certificate validity period and the like which are issued by an asset issuer;
the verification result is written back to the blockchain through the predictor for subsequent use by the blockchain.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210283177.1A CN114553875B (en) | 2022-03-22 | 2022-03-22 | Asset uplink system and method based on decentralization ID and prophetic machine |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210283177.1A CN114553875B (en) | 2022-03-22 | 2022-03-22 | Asset uplink system and method based on decentralization ID and prophetic machine |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114553875A CN114553875A (en) | 2022-05-27 |
| CN114553875B true CN114553875B (en) | 2023-06-16 |
Family
ID=81665871
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210283177.1A Active CN114553875B (en) | 2022-03-22 | 2022-03-22 | Asset uplink system and method based on decentralization ID and prophetic machine |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114553875B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109523375A (en) * | 2017-09-20 | 2019-03-26 | 成都高新信息技术研究院 | A kind of decentralization transaction in assets method and system |
| CN112465320A (en) * | 2020-11-18 | 2021-03-09 | 国网江苏省电力有限公司盐城供电分公司 | Virtual power plant transaction management method based on block chain technology |
| CN112507360A (en) * | 2020-12-10 | 2021-03-16 | 浙商银行股份有限公司 | Block chain data uplink method and device based on threshold signature and prediction machine |
| CN114025014A (en) * | 2021-10-29 | 2022-02-08 | 北京恒安嘉新安全技术有限公司 | Asset detection method and device, electronic equipment and storage medium |
-
2022
- 2022-03-22 CN CN202210283177.1A patent/CN114553875B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109523375A (en) * | 2017-09-20 | 2019-03-26 | 成都高新信息技术研究院 | A kind of decentralization transaction in assets method and system |
| CN112465320A (en) * | 2020-11-18 | 2021-03-09 | 国网江苏省电力有限公司盐城供电分公司 | Virtual power plant transaction management method based on block chain technology |
| CN112507360A (en) * | 2020-12-10 | 2021-03-16 | 浙商银行股份有限公司 | Block chain data uplink method and device based on threshold signature and prediction machine |
| CN114025014A (en) * | 2021-10-29 | 2022-02-08 | 北京恒安嘉新安全技术有限公司 | Asset detection method and device, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114553875A (en) | 2022-05-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12008561B2 (en) | System for verification of pseudonymous credentials for digital identities with managed access to personal data on trust networks | |
| Syed et al. | A comparative analysis of blockchain architecture and its applications: Problems and recommendations | |
| CN109189962B (en) | License service implementation system based on block chain | |
| US11314891B2 (en) | Method and system for managing access to personal data by means of a smart contract | |
| US20210250353A1 (en) | Decentralized identities for access to multiple computing resource systems | |
| US20200169546A1 (en) | Systems, methods, and apparatuses for seeding community sidechains with consent written onto a blockchain interfaced with a cloud based computing environment | |
| US11645632B2 (en) | System and method for a decentralized portable information container supporting privacy protected digital information credentialing, remote administration, local validation, access control and remote instruction signaling utilizing blockchain distributed ledger and container wallet technologies | |
| CN108701276B (en) | System and method for managing digital identities | |
| US20190236562A1 (en) | Systems, methods, and apparatuses for implementing document interface and collaboration using quipchain in a cloud based computing environment | |
| CN110569658B (en) | User information processing method and device based on blockchain network, electronic equipment and storage medium | |
| TW202025045A (en) | Invoice reimbursement method and device based on block chain and electronic device | |
| CN113297625B (en) | Data sharing system and method based on block chain and electronic equipment | |
| CN108898389A (en) | Based on the content verification method and device of block chain, electronic equipment | |
| CN108960825A (en) | Electric endorsement method and device, electronic equipment based on block chain | |
| CN113269639A (en) | Business processing method, device, equipment and medium based on block chain intelligent contract | |
| Kwame et al. | V-chain: A blockchain-based car lease platform | |
| CN115277122A (en) | Cross-border data flow and supervision system based on block chain | |
| WO2022206439A1 (en) | Method and apparatus for providing cross-chain message | |
| CN111915308A (en) | Transaction processing method of blockchain network and blockchain network | |
| US20210012447A1 (en) | Method and System for Processing Firearm-Related Data | |
| Faroug et al. | Blockchain-based solutions for effective and secure management of electronic health records | |
| Singh et al. | A digital asset inheritance model to convey online persona posthumously | |
| CN113037827B (en) | Voting method based on block chain, self-organization management method and computer equipment | |
| CN112350863B (en) | Decentralized access control method and system based on transaction | |
| CN116961876A (en) | Virtual resource management method, device, equipment and storage medium for blockchain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |