CN117974141A

CN117974141A - Block chain wallet protection method and device, storage medium and electronic equipment

Info

Publication number: CN117974141A
Application number: CN202410077986.6A
Authority: CN
Inventors: 张中文; 李婷; 刘地军
Original assignee: Alipay Hangzhou Information Technology Co Ltd
Current assignee: Alipay Hangzhou Information Technology Co Ltd
Priority date: 2024-01-18
Filing date: 2024-01-18
Publication date: 2024-05-03

Abstract

In the method for protecting the blockchain wallet provided by the specification, a client corresponding to the blockchain wallet determines a selection interface displayed to a user according to security configuration data received from a server of the blockchain wallet and various different information input by the user, determines security policies according to the selection of the user, and responds to a service request of the user, determines security policies matched with accounts of other participants in the service request in the security policies, and executes the service in the service request according to the matched security policies. According to the method, the security policy is configured by the user, and corresponding service is executed according to the security policy configured by the user, so that each user can configure the security policy in a personalized way according to the requirements, and compared with the use of the uniformly formulated security policy, the security of the blockchain wallet is more flexible, and the security of the blockchain wallet is enhanced.

Description

Block chain wallet protection method and device, storage medium and electronic equipment

Technical Field

The present application relates to the field of computers, and in particular, to a method and apparatus for protecting a blockchain wallet, a storage medium, and an electronic device.

Background

With the development of internet technology, protection of private data is increasingly concerned. In addition to protecting private data by means of machine learning, other means are equally important. With the development of blockchain, the security of blockchain wallet transactions is increasingly receiving attention. Blockchain wallets are a digital asset management tool designed to store, manage and transact digital resources based on blockchain technology. Currently, users perform business on the blockchain through a blockchain wallet in which the user's key is stored. Once an attacker obtains a key from a blockchain wallet of a user through a phishing attack and the like, the key is equivalent to the property of the user, so the blockchain wallet is naturally the object of the attacker attack.

However, the security protection method for the blockchain wallet in the prior art is not flexible enough and is difficult to adapt to the rapidly-changing attack mode. Therefore, the application provides a method for realizing personalized configuration security policy and enhancing the protection of the blockchain wallet.

Disclosure of Invention

The present specification provides a method, apparatus, storage medium, and electronic device for blockchain wallet protection to at least partially address the above-mentioned issues.

The technical scheme adopted in the specification is as follows:

the specification provides a method for protecting a blockchain wallet, which is applied to a client corresponding to the blockchain wallet, and comprises the following steps:

receiving a service request, and determining accounts of other participants in the service request according to the service request;

sending the account to a server of a blockchain wallet, so that the server inquires the attribute of the account;

Receiving an attribute corresponding to the account returned by the server, wherein the attribute characterizes the type of the abnormal business executed by the account;

Determining a security policy matched with the attribute from all security policies preset by a user;

And executing the service corresponding to the service request according to the security policy matched with the attribute.

Optionally, each security policy is preconfigured, which specifically includes:

Sending a security configuration request to the server, and receiving security configuration data returned by the server;

Determining various attributes corresponding to the account of the blockchain according to the security configuration data, wherein the different attributes correspond to different abnormal service types;

For each attribute, determining options displayed in a selection interface of the security policy according to each preset service execution method corresponding to the attribute;

And displaying the selection interface, and responding to the service execution method selected by the user at the selection interface, determining the target execution method corresponding to each attribute respectively as each security policy preconfigured by the user.

Optionally, the service execution method at least includes: interrupting service execution and sending warning information;

executing the service corresponding to the service request according to the security policy matched with the attribute, wherein the method specifically comprises the following steps:

Stopping executing the service corresponding to the service request when the target execution method contained in the security policy matched with the attribute is to interrupt service execution;

and when the target execution method contained in the security policy matched with the attribute is sending warning information, sending the warning information to the user to prompt the user that the service corresponding to the service request has risk.

Optionally, determining accounts of other participants in the service request according to the service request specifically includes:

according to the service request, determining accounts of other participants in the service request and blockchain identifiers corresponding to the accounts;

The account is sent to the server, so that the server inquires the attribute of the account, and the method specifically comprises the following steps:

and sending the account and the blockchain identifier corresponding to the account to the server, so that the server queries the attribute of the account on the blockchain corresponding to the blockchain identifier according to the blockchain identifier.

Optionally, before determining the security policy matching the attribute from the security policies preconfigured by the user, the method further includes:

Determining, in response to an input operation by a user, abnormality information input by the user, the abnormality information including at least: an external account of the blockchain and an intelligent contract address of the blockchain;

According to each business execution method corresponding to the preset abnormal information, determining options of the business execution method corresponding to the abnormal information displayed in a selection interface of the security policy according to each abnormal information;

Displaying the selection interface, and responding to the service execution method selected by the user on the selection interface to determine the target execution method corresponding to each piece of abnormal information respectively, wherein the target execution method is used as each safety strategy preconfigured by the user

Optionally, determining the options displayed in the selection interface of the security policy according to the preset service execution methods corresponding to the abnormal information specifically includes:

when the abnormal information is an intelligent contract address, accessing the intelligent contract address, and determining each functional interface contained in the intelligent contract;

for each functional interface contained in the intelligent contract, determining options of a service execution method corresponding to the functional interface displayed in a selection interface of the security policy according to preset service execution methods;

displaying the selection interface, and responding to the service execution method selected by the user on the selection interface to determine the target execution method corresponding to each piece of abnormal information, wherein the method specifically comprises the following steps:

and displaying the selection interface, and responding to the service execution method selected by the user at the selection interface, determining the target execution method respectively corresponding to each functional interface contained in the intelligent contract, and taking the target execution method as each security policy preconfigured by the user.

Optionally, the method is applied to a server of a blockchain wallet, the method comprising:

receiving an account sent by a client corresponding to the blockchain wallet;

inquiring and determining the attribute of the account according to the account;

And returning the attribute to the client, so that the client corresponding to the blockchain wallet determines a security policy matched with the attribute according to the attribute and each security policy preset by a user, and executes the service corresponding to the service request according to the security policy matched with the attribute.

Optionally, according to the account, inquiring and determining the attribute of the account specifically includes:

Sending a query request to a blockchain corresponding to the account, and obtaining an account attribute list sent by the blockchain corresponding to the account, wherein the account attribute list comprises accounts for which attack business is executed and attributes corresponding to the accounts;

and matching the account attribute list with the account, and determining the attribute of the account.

Sending a query request and a preset query time node to a blockchain corresponding to the account, and acquiring an account attribute list sent by the blockchain corresponding to the account, wherein the account attribute list comprises accounts for which risk service is executed in the query time node and attributes corresponding to the accounts;

Optionally, the method further comprises:

Sending a query request to each blockchain, acquiring a preset account attribute list of each blockchain, and determining each attribute of an account in each blockchain;

responding to a security configuration request sent by a client corresponding to the blockchain wallet, and taking the account attribute list and each service execution method corresponding to each preset attribute as security configuration data;

And sending the security configuration data to the client corresponding to the blockchain wallet, so that the client corresponding to the blockchain wallet determines options displayed in a selection interface of a security policy according to the security configuration data, and displays the selection interface to a user.

The present specification provides a blockchain wallet protected device applied to a client corresponding to a blockchain wallet, the device comprising:

The service receiving module is used for receiving a service request and determining accounts of other participants in the service request according to the service request;

the sending module is used for sending the account to a server of the blockchain wallet;

the receiving attribute module is used for receiving an attribute corresponding to the account returned by the server, wherein the attribute is used for representing the type of the abnormal business executed by the account;

The determining module is used for determining the security policy matched with the attribute from all security policies preset by a user;

And the execution module is used for executing the service corresponding to the service request according to the security policy matched with the attribute.

The present specification provides a blockchain wallet protected device for application to a server of a blockchain wallet, the device comprising:

the account receiving module is used for receiving accounts sent by the clients corresponding to the blockchain wallets;

The inquiring module is used for inquiring and determining the attribute of the account according to the account;

and the execution service module is used for returning the attribute to the client, so that the client corresponding to the blockchain wallet determines the security policy matched with the attribute according to the attribute and each security policy preset by a user, and executes the service corresponding to the service request according to the security policy matched with the attribute.

The present specification provides a computer readable storage medium storing a computer program which when executed by a processor implements the method of blockchain wallet protection described above.

The present specification provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the above-described blockchain wallet protection method when executing the program.

The above-mentioned at least one technical scheme that this specification adopted can reach following beneficial effect:

In the method for protecting the blockchain wallet provided by the specification, a client corresponding to the blockchain wallet determines a selection interface displayed to a user according to security configuration data received from a server of the blockchain wallet and various different information input by the user, determines security policies according to the selection of the user, and responds to a service request of the user, determines security policies matched with accounts of other participants in the service request in the security policies, and executes the service in the service request according to the matched security policies.

According to the method, the security policy is configured by the user, and corresponding service is executed according to the security policy configured by the user, so that each user can configure the security policy in a personalized way according to the requirements, and compared with the use of the uniformly formulated security policy, the security of the blockchain wallet is more flexible and the security of the blockchain wallet is enhanced.

Drawings

The accompanying drawings, which are included to provide a further understanding of the specification, illustrate and explain the exemplary embodiments of the present specification and their description, are not intended to limit the specification unduly. In the drawings:

FIG. 1 is a schematic flow diagram of a blockchain wallet protection provided in the present specification;

FIG. 2 is a schematic flow diagram of a blockchain wallet protection provided in the present specification;

FIG. 3 is a schematic diagram of attribute types of an account of a blockchain provided in the present specification;

FIG. 4 is a schematic diagram of a selection interface for security policies provided in the present description;

FIG. 5 is a schematic diagram of an interaction process of a blockchain wallet protection method provided in the present specification;

FIG. 6 is a schematic diagram of a blockchain wallet protection device provided in the present description;

FIG. 7 is a schematic diagram of a blockchain wallet protection device provided in the present specification;

fig. 8 is a schematic view of an electronic device corresponding to fig. 1 provided in the present specification.

Detailed Description

For the purposes of making the objects, technical solutions and advantages of the present specification more apparent, the technical solutions of the present specification will be clearly and completely described below with reference to specific embodiments of the present specification and corresponding drawings. It will be apparent that the described embodiments are only some, but not all, of the embodiments of the present specification. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are intended to be within the scope of the present application based on the embodiments herein.

The following describes in detail the technical solutions provided by the embodiments of the present specification with reference to the accompanying drawings.

Fig. 1 is a flowchart of a method for protecting a blockchain wallet provided in the present specification, where the method is applied to a client corresponding to the blockchain wallet, and specifically includes the following steps:

s100: and receiving a service request, and determining accounts of other participants in the service request according to the service request.

The blockchain wallet protection method provided in the present disclosure is implemented by a client corresponding to a blockchain wallet and a server of the blockchain wallet, where fig. 1 is a schematic flow diagram of a main body not executed by the client corresponding to the blockchain wallet, and therefore, in steps S00-S104, the protection flow is illustrated by executing the protection flow by the client corresponding to the blockchain wallet (hereinafter referred to as a client for short). Blockchain wallets are a digital asset management tool designed to store, manage and transact digital resources based on blockchain technology. In particular, in embodiments provided herein, the blockchain wallet may be used to support cross-chain transactions between digital resources of different blockchains, and a user's blockchain wallet may correspond to processing transactions for accounts on multiple different blockchains.

Typically, the client may receive a service request sent by a common node of the blockchain, so as to execute a corresponding service according to the service request. But there is a risk potential for the party initiating the service request, for example: the party recently participates in the illegal service, or the party steals the assets of other users through a phishing attack and the like, or the party frequently initiates invalid service requests to manufacture garbage flow and the like … …. To protect the user's assets in the blockchain, business transactions with such risk accounts should be avoided as much as possible.

Specifically, in one or more embodiments of the present disclosure, the client may receive a service request sent by the consensus node. Based on the service request, accounts of other participants of the service request and public keys of the other participants are determined. And then, carrying out signature verification on the abstract carrying the service data in the service request according to the public key, and after the signature verification is passed, determining that the service request is a normal service request and executing the subsequent steps. Of course, if the signature verification is not passed, the service request is described as an abnormal service request, and the client may stop executing the service corresponding to the service request. Typically, the service requests in the blockchain are implemented in the form of transaction services. Thus, in general, the service corresponding to the service request is executed by at least two parties together, and it can be seen that the other parties of the service request described in the present specification participate in the account corresponding to the service request except for the account managed and maintained by the client. The other party may be one or more, and the application will be described later in the context of the service request involving only one other party for convenience of description.

After determining that the service request is a normal service request, accounts of other participants in the service request can be determined, so that in a subsequent step, according to the accounts, matched security policies of the other participants are determined, and whether the other participants have risks can be determined through the matched security policies. And, the matched security policy has a service execution method preset by the user, and the client can automatically determine how to execute the service.

When a service is executed, the service information generally includes an account address of an account, and a specific account is determined based on the account address. To simplify the description, accounts are used throughout this specification.

S101: and sending the account to a server of the blockchain wallet, so that the server queries the attribute of the account.

S102: and receiving an attribute corresponding to the account returned by the server, wherein the attribute characterizes the type of the abnormal business executed by the account.

In the embodiment of the present specification, a security policy corresponding to the attribute needs to be determined according to the attribute of the account, and according to the security policy, the service in the service request is executed. Therefore, after the client receives the service request and determines the account of the other party, the attribute of the account needs to be determined first. And the attributes of each account are not stored at the client, but rather are stored at the server of the blockchain wallet, the client may send the account to the server of the blockchain wallet when determining the attributes of the account, the attributes of the account being determined by the server of the blockchain wallet.

Wherein the attribute refers to the type of the account marked by the server of the blockchain browser and having risk, or the type of the abnormal business executed by the account in the blockchain.

Specifically, when the account is an attacker account, since the attacker account directly threatens the asset security of other users, the attacker account is tagged by a server of a browser of a blockchain where the attacker account is located, and the tag is an attribute of the account in general.

For example, a server of a certain blockchain browser adds a label explloit to an account corresponding to the identified attacker, and stores the label explloit in a local area of the server of the blockchain browser, so that the server of the blockchain wallet can determine that the account carrying the explloit label is the attacker account by querying the server of the blockchain browser.

Specifically, when the account executes illegal services, such as illegal services that destroy market order, the account is at risk of being blocked at any time, and if the user interacts with the account, the same risk is faced. In this case, after receiving the account sent by the client, the server of the blockchain wallet may send a query request to the consensus node to obtain a record of all the services in which the account participates in a preset query time node; and when the service record backup of the consensus node exists in the server of the blockchain browser, a query request is sent to the server of the blockchain browser, and the records of all the services participated in by the account in the preset query time node are obtained. And the server of the blockchain wallet inquires whether the account participates in the abnormal service in a preset inquiry time node in the record according to the type of the preset abnormal service.

For example, tornado Cash is a virtual currency mixer, and when a user uses Tornado Cash to conduct business, the source of the business cannot be traced, and based on this feature, some lawless persons may utilize Tornado Cash to conduct illegal business. The server of the blockchain wallet may preset Tornado Cash, and other risky item names similar to Tornado Cash, as types of abnormal traffic, and when the account is queried to participate in Tornado Cash in a preset query time node in the record, the account may be regarded as an account related to illegal traffic.

In the embodiment of the present disclosure, the number of attributes of the accounts in each blockchain may be one or more, and the number of attributes of the accounts in each blockchain is not specifically limited in the present disclosure.

S103: and determining the security policy matched with the attribute from the security policies preset by the user.

In the embodiment of the present disclosure, the user may pre-configure each security policy, and after the client receives the attribute of the account returned by the server of the blockchain wallet, the attribute is matched with each security policy. In each security policy, the number of security policies matching the attribute may be 0, 1, or a plurality of security policies.

When the number of security policies matched with the attribute is 0, that is, the security policies matched with the attribute are not available, the account is safe, and the user can conduct business exchange with the account; when the number of the security policies matched with the attribute is 1, executing the service in the service request according to the matched security policies; when the security policies matched with the attribute are plural, the security policy of the attribute is determined according to the method in S104, and the service in the service request is executed according to the security policy of the attribute.

The security policy of the attribute comprises the attribute and a service execution method of the attribute configured by a user, wherein the service execution method is preset for the client, for example, the service execution method comprises interrupting service execution and sending warning information, and the user selects according to the requirement.

In addition to the above two service execution methods corresponding to the attributes, there may be more or other service execution methods, and the service execution method corresponding to each attribute may be preset according to the actual situation, which is not particularly limited in this specification.

S104: and executing the service corresponding to the service request according to the security policy matched with the attribute.

Assuming that in the security policy matched with the attribute, when the service execution method of the attribute is to interrupt service execution, the client side stops executing the service corresponding to the service request; when the service execution method of the attribute is to send warning information, the warning information is sent to the user to prompt the user that the service corresponding to the service request has risk, and the user selects whether to continue the service corresponding to the service request.

In the embodiment of the present disclosure, the user may pre-configure each security policy, and the specific method is: and sending a security configuration request to the server, and receiving security configuration data returned by the server. The security configuration data is the label type of the account of each blockchain, the label can be the name of an item in illegal business participated by the account, the name of the blockchain marked by the account, and the security configuration data can be updated. The tag type is the attribute type of the account of each blockchain, for example, three types of tag types of the account in the blockchain 1 are a, b and c respectively; the label types of the accounts in the block chain 2 are two, namely d and e; there are four types of labels for accounts in blockchain 3, f, g, h, i respectively, etc., as shown in fig. 3. The security configuration data is a summary of each blockchain account tag type. According to the security configuration data, various attributes corresponding to accounts of each blockchain can be determined, different attributes correspond to different abnormal service types, for each attribute, options displayed in a selection interface of a security policy are determined according to a preset service execution method corresponding to the attribute, the selection interface is displayed, and a target execution method corresponding to each attribute is determined as each security policy preset by the user in response to the service execution method selected by the user in the selection interface. For example, for the a-class account, the b-class account and the c-class account in the blockchain 1, the service execution methods selected by the user are interruption, warning and interruption respectively; for the class d account and class e account in the blockchain 2, the service execution method selected by the user is warning and warning respectively; for the f-class account, the g-class account, the h-class account and the i-class account in the blockchain 3, the service execution methods selected by the user are interruption, warning and warning respectively, and then the security policies are shown in fig. 4.

Specifically, the security configuration request may be sent by the client to the server of the blockchain wallet when the user logs in the client for the first time, so that each security policy configuration is completed before the user makes a transaction with other users for the first time. The security configuration data may be updated, and if the security configuration data is updated, but the security policy configured by the user stored in the client is not updated along with the update of the security configuration data, the user may make business exchange with some accounts that are seemingly normal and actually at risk, which increases the risk of transaction.

Therefore, in order to improve the security of the blockchain wallet, the security configuration request can be sent periodically according to a preset period, and when the security configuration data is updated, the server of the blockchain wallet sends updated security configuration information to the client after receiving the security configuration request; when the security configuration data is not updated, the server of the blockchain wallet just sends a preset symbol indicating that the security configuration data is not updated to the client after receiving the security configuration request. Or the server of the blockchain wallet monitors various attributes corresponding to the accounts of the blockchain, namely monitors the safety configuration data, when the safety configuration data is monitored to be updated, the server of the blockchain wallet sends a request to be queried to the client, and the client sends the safety configuration request to the server of the blockchain wallet after receiving the request to be queried to acquire updated safety configuration data.

In the embodiment of the present disclosure, the client may be used in only one blockchain, and may of course also support the traffic between different blockchains. The representation of different blockchains for the abnormal task type may not be exactly the same. At this time, the blockchain where the account is located cannot be determined only according to the account, and thus the attribute of the account cannot be determined. Therefore, when the client receives the service request, not only the accounts of other participants in the service request, but also the blockchain identifier corresponding to the accounts need to be determined. And sending the account and the blockchain identification corresponding to the account to a server of the blockchain wallet, so that the server queries the attribute of the account on the blockchain corresponding to the blockchain identification according to the blockchain identification.

When the server of the blockchain wallet determines the attribute of the account, if the account corresponds to a plurality of attributes, one attribute can be determined randomly in the plurality of attributes to be used as the attribute of the account; the attribute with the highest risk level can be selected from the plurality of attributes according to the risk level of each attribute, and the attribute is taken as the attribute of the account, for example, two attributes corresponding to the account are respectively an attacker attribute and a garbage flow attribute, and obviously, the attacker attribute is taken as the attribute of the account if the risk level of the attacker attribute is higher. Besides sending a security configuration request to a server of the blockchain wallet by the client to acquire security configuration data so as to enable a user to configure a security policy, the client can also input abnormal information according to requirements and determine the security policy according to the abnormal information and each service execution method corresponding to the preset abnormal information.

Specifically, according to each service execution method corresponding to preset abnormal information, for each abnormal information, determining an option of the service execution method corresponding to the abnormal information displayed in a selection interface of a security policy, displaying the selection interface, and determining a target execution method corresponding to each abnormal information respectively in response to the service execution method selected by the user in the selection interface as each security policy preset by the user. Wherein the exception information includes at least an external account of the blockchain and an intelligent contract address of the blockchain. For example, the external account is (Externally Owned Accounts, EOA).

When the client sends a security configuration request to the server of the blockchain wallet to acquire security configuration data and enable a user to configure a security policy, the service execution method corresponding to each attribute is preset by the server of the blockchain wallet, and the service execution method corresponding to each attribute can be different. However, when the user inputs the abnormal information according to the requirement and the client determines the security policy according to the abnormal information and each service execution method corresponding to the preset abnormal information, the service execution method corresponding to each abnormal information is consistent.

When the abnormal information is the intelligent contract address, the intelligent contract address is accessed, and each functional interface contained in the intelligent contract is determined, wherein the functional interface is an interface capable of calling codes in the intelligent contract, and different functional interfaces can call codes in different parts in the intelligent contract to realize different functions. For each functional interface included in the intelligent contract, according to each preset service execution method, determining an option of the service execution method corresponding to the functional interface displayed in the selection interface of the security policy, displaying the selection interface, setting labels for each functional interface in order that a user can know the functions corresponding to each functional interface, and displaying the labels to the user. And responding to the service execution method selected by the user at the selection interface, and determining the target execution method respectively corresponding to each functional interface contained in the intelligent contract as each security policy preconfigured by the user.

Fig. 2 is a flowchart of a method for protecting a blockchain wallet provided in the present specification, where the method is applied to a server of the blockchain wallet, and specifically includes the following steps:

S200: and receiving the account sent by the client corresponding to the blockchain wallet.

The execution subject of the blockchain wallet protection method provided in the present specification may be a client corresponding to the blockchain wallet, or may be a server of the blockchain wallet, and in step S200-S202, the blockchain wallet protection method provided in the present specification is described with the server of the blockchain wallet as the execution subject.

In the present embodiment, it is necessary to determine the attributes of the accounts of other participants in the accepted service request to determine how the service of the service request is performed. And the client cannot determine the attributes of the account, after the client receives the account, the account is sent to the server of the blockchain wallet to determine the attributes of the account.

S201: and inquiring and determining the attribute of the account according to the account.

After the server of the blockchain wallet receives the account, determining the blockchain corresponding to the account, sending a query request to the blockchain to acquire an account attribute list, and determining the attribute of the account through the account attribute list.

The account attribute list acquired by the server of the blockchain wallet can be a list of accounts which execute attack business and attributes corresponding to the accounts, or can be an account which execute risk business in a preset inquiry time node and the attributes corresponding to the accounts.

When the account attribute list is an account of the attack service and a list of attributes corresponding to the account, matching the received account with the account attribute list, if the matching is successful, proving that the account is an attacker account, and determining the attributes of the account successfully matched with the account in the account attribute list as the attributes of the account. In addition to attack services, the account attribute list may further include other types of risk accounts in the blockchain, labels marked on the risk accounts by the blockchain, and attributes corresponding to the risk accounts, for example, a garbage flow account, where the account is used for throwing garbage flow to other users, if the account is successfully matched with the garbage flow account in the account attribute list, it is proved that the account is used for throwing garbage flow, and the attribute of the garbage flow account in the account attribute list is determined to be the attribute of the account.

When the account attribute list is an account with risk service executed in a preset query time node and an attribute corresponding to the account, matching the received account with the account attribute list, if the matching is successful, proving that the account is an account with risk service executed in the preset query time node, and determining the attribute of the account which is successfully matched with the account in the account attribute list as the attribute of the account, wherein the query time node can be preset according to actual conditions. For example, the query time node is half a year ago to the current time, and the blockchain queries an account for which the risk service has been executed for half a year after receiving the query request of the blockchain wallet. An account that has been at risk for half a year, but has not been at risk for the last half a year, may be considered to be at low risk, and users may conduct business with that type of account.

S202: and returning the attribute to the client, so that the client corresponding to the blockchain wallet determines a security policy matched with the attribute according to the attribute and each security policy preset by a user, and executes the service corresponding to the service request according to the security policy matched with the attribute.

After determining the attribute of the account, returning the attribute to the client, matching the attribute with a security policy preset by a user stored in the client, determining the security policy matched with the attribute, and executing the service corresponding to the service request according to the matched security policy, wherein the specific method of pre-configuring the security policy is described in S104.

Based on the blockchain wallet protection method shown in fig. 1 and fig. 2, after receiving a service request, a client determines accounts of other participants, sends the accounts to a server of the blockchain wallet to determine attributes of the accounts, determines a security policy corresponding to the attributes according to the attributes and a security policy preset by a user, and executes the service in the service request according to the security policy. The user personalized configuration security policy is realized, and the security of the blockchain wallet is improved.

Fig. 5 is a schematic diagram of an interaction process of a blockchain wallet protection method provided in the present specification, wherein the upper left side in fig. 5 shows a consensus node, a client receives a service request sent by the consensus node, after receiving the service request, the client determines accounts of other participants in the service request, sends the accounts to a server of a blockchain wallet, and the server of the blockchain wallet queries attributes of the accounts. After receiving the query request of the client, the server of the blockchain wallet can send the query request to the blockchain server or the consensus node to acquire an account attribute list; and the method can also directly send a query request to the blockchain server to acquire an account attribute list when the blockchain server synchronizes the service records of the consensus node. The server of the blockchain wallet determines the attribute of the account according to the account attribute list and returns the attribute to the client.

The client receives a service request that is sent by a node of the blockchain, typically the nearest node to the client. The client receives the service request and then determines accounts of other participants, and sends the accounts to a server of the blockchain wallet to determine the attribute of the accounts. The server of the blockchain wallet cannot directly determine the attribute of the account according to the account, but sends a query request to each blockchain after receiving the account, obtains an account attribute list of each blockchain, and determines the attribute of the account according to the account attribute list. After determining the attribute, returning the attribute to the client, and determining a security policy corresponding to the attribute by the client according to a security policy preset by a user and the attribute, and executing the service corresponding to the service request.

When a user configures a security policy in advance, the client sends a security configuration request to a server of the blockchain wallet, receives security configuration data returned by the server of the blockchain wallet, determines various attributes corresponding to accounts of the blockchain wallet according to the security configuration data, determines options displayed in a selection interface of the security policy according to a preset service execution method corresponding to each attribute for each attribute, displays the selection interface, and determines target execution methods corresponding to each attribute respectively in response to the service execution method selected by the user in the selection interface as each security policy pre-configured by the user, wherein different attributes correspond to different abnormal service types.

The above methods of blockchain wallet protection provided for one or more embodiments of the present specification also provide corresponding blockchain wallet protection devices based on the same ideas, as shown in fig. 6 and 7.

Fig. 6 is a schematic diagram of a blockchain wallet protection device provided in the present disclosure, where the device is applied to a client corresponding to a blockchain wallet, and specifically includes:

A service receiving module 601, configured to receive a service request, and determine accounts of other participants in the service request according to the service request;

a sending module 602, configured to send the account to a server of a blockchain wallet, so that the server queries an attribute of the account;

a receiving attribute module 603, configured to receive an attribute corresponding to the account returned by the server, where the attribute is used to characterize an abnormal service type executed by the account;

A determining module 604, configured to determine, from among security policies preconfigured by a user, a security policy matching the attribute;

And the executing module 605 is configured to execute the service corresponding to the service request according to the security policy matched with the attribute.

Optionally, the determining module 604 is specifically configured to send a security configuration request to the server, and receive security configuration data returned by the server; determining various attributes corresponding to the account of the blockchain according to the security configuration data, wherein the different attributes correspond to different abnormal service types; for each attribute, determining options displayed in a selection interface of the security policy according to each preset service execution method corresponding to the attribute; and displaying the selection interface, and responding to the service execution method selected by the user at the selection interface, determining the target execution method corresponding to each attribute respectively as each security policy preconfigured by the user.

the determining module 604 is specifically configured to execute, according to a security policy matched with the attribute, a service corresponding to the service request, and specifically includes: stopping executing the service corresponding to the service request when the target execution method contained in the security policy matched with the attribute is to interrupt service execution; and when the target execution method contained in the security policy matched with the attribute is sending warning information, sending the warning information to the user to prompt the user that the service corresponding to the service request has risk.

Optionally, the service receiving module 601 is specifically configured to determine, according to the service request, accounts of other participants in the service request and blockchain identifiers corresponding to the accounts;

The sending module 602 is specifically configured to send the account and a blockchain identifier corresponding to the account to the server, so that the server queries, according to the blockchain identifier, an attribute of the account on a blockchain corresponding to the blockchain identifier.

Optionally, the receiving attribute module 603 is further configured to determine, in response to an input operation of a user, anomaly information input by the user before determining, from security policies preconfigured by the user, a security policy matching the attribute, where the anomaly information includes at least: an external account of the blockchain and an intelligent contract address of the blockchain; according to each business execution method corresponding to the preset abnormal information, determining options of the business execution method corresponding to the abnormal information displayed in a selection interface of the security policy according to each abnormal information; and displaying the selection interface, and responding to the service execution method selected by the user at the selection interface to determine the target execution method corresponding to each piece of abnormal information respectively, wherein the target execution method is used as each safety strategy preconfigured by the user.

Optionally, the receiving attribute module 603 is specifically configured to, when the anomaly information is an intelligent contract address, access the intelligent contract address, and determine each functional interface included in the intelligent contract; for each functional interface contained in the intelligent contract, determining options of a service execution method corresponding to the functional interface displayed in a selection interface of the security policy according to preset service execution methods;

The receiving attribute module 603 is specifically configured to display the selection interface, and determine, in response to a service execution method selected by the user at the selection interface, a target execution method corresponding to each functional interface included in the intelligent contract, as each security policy preconfigured by the user.

Fig. 7 is a schematic diagram of a blockchain wallet protection device provided in the present disclosure, where the device is applied to a server of a blockchain wallet, and specifically includes:

The account receiving module 701 is configured to receive an account sent by a client corresponding to the blockchain wallet;

a query module 702, configured to query and determine an attribute of an account according to the account;

And the execution service module 703 is configured to return the attribute to the client, so that the client corresponding to the blockchain wallet determines a security policy matched with the attribute according to the attribute and each security policy preset by the user, and execute the service corresponding to the service request according to the security policy matched with the attribute.

Optionally, the query module 702 is specifically configured to send a query request to a blockchain corresponding to the account, obtain an account attribute list sent by the blockchain corresponding to the account, where the account attribute list includes an account on which an attack service is executed and an attribute corresponding to the account; and matching the account attribute list with the account, and determining the attribute of the account.

Optionally, the execution service module 703 is further configured to send a query request to each blockchain, obtain a preset account attribute list of each blockchain, and determine each attribute of an account in each blockchain; responding to a security configuration request sent by a client corresponding to the blockchain wallet, and taking the account attribute list and each service execution method corresponding to each preset attribute as security configuration data; and sending the security configuration data to the client corresponding to the blockchain wallet, so that the client corresponding to the blockchain wallet determines options displayed in a selection interface of a security policy according to the security configuration data, and displays the selection interface to a user.

The present specification also provides a computer readable storage medium storing a computer program operable to perform the method of blockchain wallet protection provided in fig. 1 above.

The present specification also provides a schematic structural diagram of the electronic device shown in fig. 8. At the hardware level, the interface matching device includes a processor, an internal bus, a network interface, a memory, and a nonvolatile memory, as described in fig. 8, but may also include hardware required by other services. The processor reads the corresponding computer program from the non-volatile memory into the memory and then runs to implement the blockchain wallet protection method described above with respect to fig. 1. Of course, other implementations, such as logic devices or combinations of hardware and software, are not excluded from the present description, that is, the execution subject of the following processing flows is not limited to each logic unit, but may be hardware or logic devices.

In the 90 s of the 20 th century, improvements to one technology could clearly be distinguished as improvements in hardware (e.g., improvements to circuit structures such as diodes, transistors, switches, etc.) or software (improvements to the process flow). However, with the development of technology, many improvements of the current method flows can be regarded as direct improvements of hardware circuit structures. Designers almost always obtain corresponding hardware circuit structures by programming improved method flows into hardware circuits. Therefore, an improvement of a method flow cannot be said to be realized by a hardware entity module. For example, a programmable logic device (Programmable Logic Device, PLD) (e.g., field programmable gate array (Field Programmable GATE ARRAY, FPGA)) is an integrated circuit whose logic functions are determined by user programming of the device. A designer programs to "integrate" a digital system onto a PLD without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Moreover, nowadays, instead of manually manufacturing integrated circuit chips, such programming is mostly implemented with "logic compiler (logic compiler)" software, which is similar to the software compiler used in program development and writing, and the original code before being compiled is also written in a specific programming language, which is called hardware description language (Hardware Description Language, HDL), but HDL is not just one, but a plurality of kinds, such as ABEL(Advanced Boolean Expression Language)、AHDL(Altera Hardware Description Language)、Confluence、CUPL(Cornell University Programming Language)、HDCal、JHDL(Java Hardware Description Language)、Lava、Lola、MyHDL、PALASM、RHDL(Ruby Hardware Description Language), and VHDL (Very-High-SPEED INTEGRATED Circuit Hardware Description Language) and Verilog are currently most commonly used. It will also be apparent to those skilled in the art that a hardware circuit implementing the logic method flow can be readily obtained by merely slightly programming the method flow into an integrated circuit using several of the hardware description languages described above.

The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer readable medium storing computer readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, application SPECIFIC INTEGRATED Circuits (ASICs), programmable logic controllers, and embedded microcontrollers, examples of controllers include, but are not limited to, the following microcontrollers: ARC 625D, atmel AT91SAM, microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic of the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller in a pure computer readable program code, it is well possible to implement the same functionality by logically programming the method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers, etc. Such a controller may thus be regarded as a kind of hardware component, and means for performing various functions included therein may also be regarded as structures within the hardware component. Or even means for achieving the various functions may be regarded as either software modules implementing the methods or structures within hardware components.

The system, apparatus, module or unit set forth in the above embodiments may be implemented in particular by a computer chip or entity, or by a product having a certain function. One typical implementation is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.

For convenience of description, the above devices are described as being functionally divided into various units, respectively. Of course, the functions of each element may be implemented in one or more software and/or hardware elements when implemented in the present specification.

It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.

Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.

It will be appreciated by those skilled in the art that embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, the present specification may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present description can take the form of a computer program product on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.

The description may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The specification may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.

In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for system embodiments, since they are substantially similar to method embodiments, the description is relatively simple, as relevant to see a section of the description of method embodiments.

The foregoing is merely exemplary of the present disclosure and is not intended to limit the disclosure. Various modifications and alterations to this specification will become apparent to those skilled in the art. Any modifications, equivalent substitutions, improvements, etc. which are within the spirit and principles of the present description are intended to be included within the scope of the claims of the present application.

Claims

1. A method of blockchain wallet protection, the method being applied to a client corresponding to a blockchain wallet, the method comprising:

determining a security policy matching the attribute from among security policies pre-configured for the blockchain wallet;

2. The method of claim 1, wherein each security policy is preconfigured, and specifically comprises:

and displaying the selection interface, and determining target execution methods corresponding to the attributes respectively in response to the service execution methods selected by the user at the selection interface, wherein the target execution methods are used as the security policies preconfigured by the user.

3. The method of claim 2, the service execution method at least comprises: interrupting service execution and sending warning information;

4. The method of claim 1, determining accounts of other participants in the service request according to the service request, specifically comprising:

5. The method of claim 1, further comprising, prior to determining a security policy matching the attribute from among the security policies preconfigured by the user:

And displaying the selection interface, and responding to the service execution method selected by the user at the selection interface to determine the target execution method corresponding to each piece of abnormal information respectively, wherein the target execution method is used as each safety strategy preconfigured by the user.

6. The method of claim 5, wherein the determining the options displayed in the selection interface of the security policy according to the preset service execution methods corresponding to the anomaly information specifically comprises:

7. A method of blockchain wallet protection, the method applied to a server of a blockchain wallet, the method comprising:

receiving an account sent by a client corresponding to the blockchain wallet;

inquiring and determining the attribute of the account according to the account, wherein the attribute characterizes the type of the abnormal business executed by the account;

8. The method of claim 7, wherein the querying and determining the attribute of the account based on the account comprises:

9. The method of claim 7, wherein the querying and determining the attribute of the account based on the account comprises:

10. The method of claim 7, the method further comprising:

11. A blockchain wallet-protected device for application to a corresponding client of a blockchain wallet, the device comprising:

The sending module is used for sending the account to a server of the blockchain wallet, and the server inquires the attribute of the account;

12. A blockchain wallet-protected device for application to a server of a blockchain wallet, the device comprising:

13. A computer readable storage medium storing a computer program which, when executed by a processor, implements the method of any one of the preceding claims 1-10.

14. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of any of the preceding claims 1-10 when the program is executed.