US20200175207A1 - Verifying integrity of data stored in a consortium blockchain using a public sidechain - Google Patents
Verifying integrity of data stored in a consortium blockchain using a public sidechain Download PDFInfo
- Publication number
- US20200175207A1 US20200175207A1 US16/780,334 US202016780334A US2020175207A1 US 20200175207 A1 US20200175207 A1 US 20200175207A1 US 202016780334 A US202016780334 A US 202016780334A US 2020175207 A1 US2020175207 A1 US 2020175207A1
- Authority
- US
- United States
- Prior art keywords
- data
- digest
- data digest
- blockchain
- data item
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000012795 verification Methods 0.000 claims abstract description 131
- 230000004044 response Effects 0.000 claims abstract description 39
- 238000000034 method Methods 0.000 claims description 62
- 230000008569 process Effects 0.000 description 35
- 238000012545 processing Methods 0.000 description 15
- 238000004590 computer program Methods 0.000 description 12
- 230000006870 function Effects 0.000 description 6
- 230000007246 mechanism Effects 0.000 description 6
- 238000004422 calculation algorithm Methods 0.000 description 5
- 230000015654 memory Effects 0.000 description 5
- 108010001267 Protein Subunits Proteins 0.000 description 4
- 230000008859 change Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 238000007726 management method Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000004075 alteration Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 239000000284 extract Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 238000013515 script Methods 0.000 description 2
- 238000000926 separation method Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000013524 data verification Methods 0.000 description 1
- 230000002427 irreversible effect Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000005065 mining Methods 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 230000001953 sensory effect Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 239000000758 substrate Substances 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000001131 transforming effect Effects 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6236—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database between heterogeneous systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
- G06F21/645—Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0637—Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
-
- H04L2209/38—
Definitions
- DLSs Distributed ledger systems
- DLSs can also be referred to as consensus networks, and/or blockchain networks
- DLSs enable participating entities to securely, and immutably store data.
- DLSs are commonly referred to as blockchain networks without referencing any particular user case.
- Examples of types of blockchain networks can include public blockchain networks, private blockchain networks, and consortium blockchain networks.
- a public blockchain network is open for all entities to use the DLS, and participate in the consensus process.
- a private blockchain network is provided for particular entity, which centrally controls read and write permissions.
- a consortium blockchain network is provided for a select group of entities, which control the consensus process, and includes an access control layer.
- Blockchain is a decentralized and temper-proof distributed data storage technology. User data and contracts are logically operated and stored on the chain in a public manner. In many scenarios, users need to meet privacy protection requirements and do not want their data and logics to be leaked to unauthorized parties.
- Implementations of the present specification include computer-implemented methods for storing and retrieving to-be-verified data associated with nodes of a blockchain network. More particularly, implementations of the present specification are directed to storing a data digest of the to-be-verified data associated with one or more consortium blockchain network nodes using a number of verification nodes, and retrieving the to-be-verified data and the stored data digests.
- actions include storing a data item in a consortium blockchain maintained by a consortium blockchain network; generating a first data digest based on the stored data item; sending the first data digest to verification nodes, so that each verification node cryptographically signs the first data digest and stores its signed first data digest in a public blockchain maintained by a public blockchain network; receiving a request to retrieve the stored data item; in response to receiving the request, retrieving the requested data item from the consortium blockchain; generating a second data digest based on the retrieved data item; sending the second data digest to the verification nodes so that each verification node cryptographically signs the second data digest and returns its signed second data digest; receiving the signed second data digests from the verification nodes; retrieving the signed first data digests from the public blockchain; determining that the signed first data digests match the signed second data digests; and in response to the determining, sending a response to the request to retrieve the stored data item, the response indicating that the stored data item has not changed since it was stored.
- Other implementations include corresponding systems, apparatus, and
- a non-transitory computer-readable storage medium is coupled to one or more computers and configured with instructions executable by the one or more computers to: store a data item in a consortium blockchain maintained by a consortium blockchain network; generate a first data digest based on the stored data item; send the first data digest to verification nodes so that each verification node cryptographically signs the first data digest and stores its signed first data digest in a public blockchain maintained by a public blockchain network; receive a request to retrieve the stored data item; in response to receive the request, retrieving the requested data item from the consortium blockchain; generate a second data digest based on the retrieved data item; send the second data digest to verification nodes so that each verification node cryptographically signs the second data digest and returns its signed second data digest; receive the signed second data digests from the verification nodes; retrieve the signed first data digests from the public blockchain; determine that the signed first data digests match the signed second data digests; and in response to the determine, sending a response to the request to retrieve the stored data item, the response indicating that
- a system includes one or more computers; and one or more computer-readable memories coupled to the one or more computers and configured with instructions executable by the one or more computers to: store a data item in a consortium blockchain maintained by a consortium blockchain network; generate a first data digest based on the stored data item; send the first data digest to verification nodes so that each verification node cryptographically signs the first data digest and stores its signed first data digest in a public blockchain maintained by a public blockchain network; receive a request to retrieve the stored data item; in response to receive the request, retrieving the requested data item from the consortium blockchain; generate a second data digest based on the retrieved data item; send the second data digest to verification nodes so that each verification node cryptographically signs the second data digest and returns its signed second data digest; receive the signed second data digests from the verification nodes; retrieve the signed first data digests from the public blockchain; determine that the signed first data digests match the signed second data digests received; and in response to the determine, sending a response to the request to retrieve the stored data item
- a first feature combinable with any of the following features, wherein the verification nodes are computing devices participating in the public blockchain network.
- a second feature combinable with any of the following features, further includes storing a smart contract in the public blockchain, wherein the smart contract is configured to provide a monetary reward to the verification nodes in response to receiving the requested signed second data digests from the verification nodes.
- a third feature combinable with any of the following features, wherein generating the first data digest includes calculating a hash of the stored data item.
- each verification node is configured to cryptographically sign the first data digest using a private key associated with that verification node.
- a fifth feature combinable with any of the following features, wherein sending the first data digest to the verification nodes includes broadcasting the first data digest to the public blockchain network.
- retrieving the signed first data digests from the public blockchain includes identifying the signed first data digests based on an identifier associated with the stored data item and stored in the public blockchain.
- the present specification also provides one or more non-transitory computer-readable storage media coupled to one or more processors and having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations in accordance with implementations of the methods provided herein.
- the present specification further provides a system for implementing the methods provided herein.
- the system includes one or more processors, and a computer-readable storage medium coupled to the one or more processors having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations in accordance with implementations of the methods provided herein.
- the described blockchain network can be used to verify the integrity of the data stored in the blockchain network. It involves a large number of nodes that can participate in the consensus process, thereby ensuring the integrity of the data.
- the described techniques provide an incentive mechanism based on smart contracts to increase node participation in the public sidechain.
- FIG. 1 depicts an example of an environment that can be used to execute implementations of the present specification.
- FIG. 2 depicts an example of a conceptual architecture in accordance with implementations of the present specification.
- FIG. 3 depicts an example of a system that can be used to execute implementations of the present specification in accordance with implementations of the present specification.
- FIG. 4 depicts an example of a process of storing data in a consortium blockchain network and an associated public sidechain network according to aspects of the present specification.
- FIG. 5 depicts an example of a process of retrieving data from the consortium blockchain network, and verifying retrieved data based on the public sidechain network according to aspects of the present specification.
- FIG. 6 depicts an example of a process that can be executed in accordance with implementations of the present specification.
- FIG. 7 depicts an example of a diagram illustrating modules of an apparatus in accordance with implementations of the specification.
- Implementations of the present specification include computer-implemented methods for storing and retrieving to-be-verified data associated with nodes of a blockchain network. More particularly, implementations of the present specification are directed to storing a data digest of the to-be-verified data associated with one or more consortium blockchain network nodes using a number of verification nodes, and retrieving the to-be-verified data and the stored data digests.
- distributed ledger systems which can also be referred to as consensus networks (e.g., made up of peer-to-peer nodes), and blockchain networks, enable participating entities to securely, and immutably conduct transactions, and store data.
- consensus networks e.g., made up of peer-to-peer nodes
- blockchain networks enable participating entities to securely, and immutably conduct transactions, and store data.
- the term blockchain is used herein to generally refer to a DLS without reference to any particular use case.
- a blockchain is a data structure that stores transactions in a way that the transactions are immutable, and can be subsequently verified.
- a blockchain includes one or more blocks. Each block in the chain is linked to a previous block immediately before it in the chain by including a cryptographic hash of the previous block. Each block also includes a timestamp, its own cryptographic hash, and one or more transactions.
- the transactions, which have already been verified by the nodes of the blockchain network, are hashed and encoded into a Merkle tree.
- a Merkle tree is a data structure in which data at the leaf nodes of the tree is hashed, and all hashes in each branch of the tree are concatenated at the root of the branch.
- This process continues up the tree to the root of the entire tree, which stores a hash that is representative of all data in the tree.
- a hash purporting to be of a transaction stored in the tree can be quickly verified by determining whether it is consistent with the structure of the tree.
- a blockchain is a data structure for storing transactions
- a blockchain network is a network of computing nodes that manage, update, and maintain one or more blockchains.
- a blockchain network can be provided as a public blockchain network, a private blockchain network, or a consortium blockchain network.
- the consensus process is controlled by nodes of the consensus network.
- nodes of the consensus network For example, hundreds, thousands, even millions of entities can cooperate a public blockchain network, each of which operates at least one node in the public blockchain network. Accordingly, the public blockchain network can be considered a public network with respect to the participating entities.
- a majority of entities (nodes) must sign every block in order for the block to be valid, and added to the blockchain (distributed ledger) of the blockchain network.
- Example public blockchain networks include particular peer-to-peer payment networks that leverage a distributed ledger, referred to as blockchain.
- the term blockchain is used to generally refer to distributed ledgers without particular reference to any particular blockchain network.
- a public blockchain network supports public transactions.
- a public transaction is shared with all of the nodes within the public blockchain network, and are stored in a global blockchain.
- a global blockchain is a blockchain that is replicated across all nodes. That is, all nodes are in perfect state consensus with respect to the global blockchain.
- consensus protocols include, without limitation, proof-of-work (POW), proof-of-stake (POS), and proof-of-authority (POA). POW is referenced further herein as a non-limiting example.
- a private blockchain network private blockchain network is provided for a particular entity, which centrally controls read and write permissions.
- the entity controls, which nodes are able to participate in the blockchain network.
- private blockchain networks are generally referred to as permissioned networks that place restrictions on who is allowed to participate in the network, and on their level of participation (e.g., only in certain transactions).
- Various types of access control mechanisms can be used (e.g., existing participants vote on adding new entities, a regulatory authority can control admission).
- a consortium blockchain network is private among the participating entities.
- the consensus process is controlled by an authorized set of nodes, one or more nodes being operated by a respective entity (e.g., a financial institution, insurance company).
- a consortium of ten (10) entities e.g., financial institutions, insurance companies
- the consortium blockchain network can be considered a private network with respect to the participating entities.
- each entity (node) must sign every block in order for the block to be valid, and added to the blockchain.
- at least a sub-set of entities (nodes) e.g., at least 7 entities
- a blockchain is a tamper-proof, shared digital ledger that records transactions in a public or private peer-to-peer network.
- the ledger is distributed to all member nodes in the network, and the history of asset transactions occurring in the network is permanently recorded in the block.
- a node on the blockchain may need to execute computations using various techniques.
- each blockchain is independent, a node of one blockchain cannot communicate with other chains. For example, a node cannot read data from other blockchains or exchange data with other blockchains.
- performing such computations entirely on a blockchain can consume a lot of time and computational resources of the blockchain, if it requires complicated computational logics and protocols.
- implementations of the specification are described in further detail herein in view of the above context. More particularly, and as introduced above, implementations of the specification are directed to providing an off-chain smart contract service capable of operating cross-chain data in a trusted execution environment.
- the described techniques introduce a public auxiliary blockchain (also referred to as a “sidechain”) that is used to verify the integrity of the data stored in the consortium blockchain.
- a public auxiliary blockchain also referred to as a “sidechain”
- the sidechain is public, a large number of nodes can participate in the consensus process, thereby ensuring the integrity of the data in the sidechain.
- a representation of each transaction on the consortium blockchain is stored in the sidechain.
- an attacker in order to alter the data in the consortium blockchain, an attacker must also make a corresponding alteration to the public sidechain. Making such an alteration in the public sidechain will be much more difficult than in the consortium blockchain, due to the number of nodes involved in the consensus process for the public sidechain. In this way, the integrity of the data in the consortium blockchain may be ensured.
- a smart contract can be a computer agreement designed to disseminate, verify, or enforce contracts in an informational manner. Smart contracts allow trusted transactions to be performed without a third-party involvement. These transactions are traceable and irreversible.
- the described techniques can have a variety of applications. For example, during a copyright infringement litigation, the plaintiff needs to provide the court with some type of digital evidence to show the exact time she created the original work. If the digital evidence submitted by the plaintiff is originally stored at a consortium blockchain, it may not be able to meet the required burden of proof, since the court cannot determine that the digital evidence has not been tampered with. To establish an evidentiary record that would be accepted by the court, the plaintiff can store the data evidence using the described techniques through an verification system. At the time of evidence submission, the plaintiff can submit the digital evidence stored at the consortium blockchain, along with copies of digital evidence submitted by the verification nodes. This way, the court will be more likely to recognize the authenticity of the digital evidence because a large number of verification nodes are attesting to the authenticity of the digital evidence.
- FIG. 1 depicts an example of an environment 100 that can be used to execute implementations of the specification.
- the environment 100 enables entities to participate in a blockchain network 102 .
- the environment 100 includes computing devices 106 , 108 , and a network 110 .
- the network 110 includes a local area network (LAN), wide area network (WAN), the Internet, or a combination thereof, and connects web sites, user devices (e.g., computing devices), and back-end systems.
- the network 110 can be accessed over a wired and/or a wireless communications link.
- the network 110 enables communication with, and within the blockchain network 102 .
- the network 110 represents one or more communication networks.
- the computing devices 106 , 108 can be nodes of a cloud computing system (not shown), or can each computing device 106 , 108 be a separate cloud computing system including a number of computers interconnected by a network and functioning as a distributed processing system.
- the computing systems 106 , 108 can each include any appropriate computing system that enables participation as a node in the blockchain network 102 .
- Examples of computing devices include, without limitation, a server, a desktop computer, a laptop computer, a tablet computing device, and a smartphone.
- the computing systems 106 , 108 hosts one or more computer-implemented services for interacting with the blockchain network 102 .
- the computing system 106 can host computer-implemented services of a first entity (e.g., Participant A), such as transaction management system that the first entity uses to manage its transactions with one or more other entities (e.g., other participants).
- a first entity e.g., Participant A
- transaction management system that the first entity uses to manage its transactions with one or more other entities (e.g., other participants).
- the computing system 108 can host computer-implemented services of a second entity (e.g., Participant B), such as transaction management system that the second entity uses to manage its transactions with one or more other entities (e.g., other participants).
- a second entity e.g., Participant B
- the blockchain network 102 is represented as a peer-to-peer network of nodes, and the computing systems 106 , 108 provide nodes of the first entity, and second entity respectively, which participate in the blockchain network 102 .
- FIG. 2 depicts an example of a conceptual architecture 200 in accordance with implementations of the specification.
- the example of a conceptual architecture 200 includes participant systems 202 , 204 , 206 that correspond to Participant A, Participant B, and Participant C, respectively.
- Each participant e.g., user, enterprise
- a single blockchain 216 is schematically depicted within the blockchain network 212 , multiple copies of the blockchain 216 are provided, and are maintained across the blockchain network 212 , as described in further detail herein.
- each participant system 202 , 204 , 206 is provided by, or on behalf of Participant A, Participant B, and Participant C, respectively, and functions as a respective node 214 within the blockchain network.
- a node generally refers to an individual system (e.g., computer, server) that is connected to the blockchain network 212 , and enables a respective participant to participate in the blockchain network.
- a participant corresponds to each node 214 . It is contemplated, however, that a participant can operate multiple nodes 214 within the blockchain network 212 , and/or multiple participants can share a node 214 .
- the participant systems 202 , 204 , 206 communicate with, or through the blockchain network 212 using a protocol (e.g., hypertext transfer protocol secure (HTTPS)), and/or using remote procedure calls (RPCs).
- HTTPS hypertext transfer protocol secure
- RPCs remote procedure calls
- Nodes 214 can have varying degrees of participation within the blockchain network 212 .
- some nodes 214 can participate in the consensus process (e.g., as minder nodes that add blocks to the blockchain 216 ), while other nodes 214 do not participate in the consensus process.
- some nodes 214 store a complete copy of the blockchain 216
- other nodes 214 only store copies of portions of the blockchain 216 .
- data access privileges can limit the blockchain data that a respective participant stores within its respective system.
- the participant systems 202 , 204 , 206 store respective, complete copies 216 ′, 216 ′′, 216 ′′′ of the blockchain 216 .
- a blockchain (e.g., the blockchain 216 of FIG. 2 ) is made up of a chain of blocks, each block storing data.
- Examples of data include transaction data representative of a transaction between two or more participants. While transactions are used herein by way of non-limiting example, it is contemplated that any appropriate data can be stored in a blockchain (e.g., documents, images, videos, audio). Examples of transactions can include, without limitation, exchanges of something of value (e.g., assets, products, services, and currency).
- the transaction data is immutably stored within the blockchain. That is, the transaction data cannot be changed.
- Hashing is a process of transforming the transaction data (provided as string data) into a fixed-length hash value (also provided as string data). It is not possible to un-hash the hash value to obtain the transaction data. Hashing ensures that even a slight change in the transaction data results in a completely different hash value. Further, and as noted above, the hash value is of fixed length. That is, no matter the size of the transaction data the length of the hash value is fixed. Hashing includes processing the transaction data through a hash function to generate the hash value.
- An examples of hash function includes, without limitation, the secure hash algorithm (SHA)-256, which outputs 256-bit hash values.
- Transaction data of multiple transactions are hashed and stored in a block. For example, hash values of two transactions are provided, and are themselves hashed to provide another hash. This process is repeated until, for all transactions to be stored in a block, a single hash value is provided.
- This hash value is referred to as a Merkle root hash, and is stored in a header of the block. A change in any of the transactions will result in change in its hash value, and ultimately, a change in the Merkle root hash.
- Blocks are added to the blockchain through a consensus protocol.
- Multiple nodes within the blockchain network participate in the consensus protocol, and compete to have a block added to the blockchain.
- Such nodes are referred to as miners (or minder nodes).
- POW introduced above, is used as a non-limiting example.
- the miner nodes execute the consensus process to add transactions to the blockchain. Although multiple miner nodes participate in the consensus process, only one miner node can write the block to the blockchain. That is, the miner nodes compete in the consensus process to have their block added to the blockchain.
- a miner node periodically collects pending transactions from a transaction pool (e.g., up to a predefined limit on the number of transactions that can be included in a block, if any).
- the transaction pool includes transaction messages from participants in the blockchain network.
- the miner node constructs a block, and adds the transactions to the block. Before adding the transactions to the block, the miner node checks whether any of the transactions are already included in a block of the blockchain. If a transaction is already included in another block, the transaction is discarded.
- the miner node generates a block header, hashes all of the transactions in the block, and combines the hash value in pairs to generate further hash values until a single hash value is provided for all transactions in the block (the Merkle root hash). This hash is added to the block header.
- the miner also determines the hash value of the most recent block in the blockchain (i.e., the last block added to the blockchain).
- the miner node also adds a nonce value, and a timestamp to the block header. In a mining process, the miner node attempts to find a hash value that meets required parameters. The miner node keeps changing the nonce value until finding a hash value that meets the required parameters.
- Every miner in the blockchain network attempts to find a hash value that meets the required parameters, and, in this way, compete with one another.
- one of the miner nodes finds a hash value that meets the required parameters, and advertises this to all other miner nodes in the blockchain network.
- the other miner nodes verify the hash value, and if determined to be correct, verifies each transaction in the block, accepts the block, and appends the block to their copy of the blockchain. In this manner, a global state of the blockchain is consistent across all miner nodes within the blockchain network.
- the above-described process is the POW consensus protocol.
- Participant A wants to send an amount of fund to Participant B.
- Participant A generates a transaction message (e.g., including From, To, and Value fields), and sends the transaction message to the blockchain network, which adds the transaction message to a transaction pool.
- a transaction message e.g., including From, To, and Value fields
- Each miner node in the blockchain network creates a block, and takes all transactions from the transaction pool (e.g., up to a predefined limit on the number of transaction that can be added to a block, if any), and adds the transactions to the block. In this manner the transaction published by Participant A is added to the blocks of the miner nodes.
- cryptography is implemented to maintain privacy of transactions. For example, if two nodes want to keep a transaction private, such that other nodes in the blockchain network cannot discern details of the transaction, the nodes can encrypt the transaction data.
- Examples of cryptographic methods include, without limitation, symmetric encryption, and asymmetric encryption.
- Symmetric encryption refers to an encryption process that uses a single key for both encryption (generating ciphertext from plaintext), and decryption (generating plaintext from ciphertext). In symmetric encryption, the same key is available to multiple nodes, so each node can en-/de-crypt transaction data.
- Asymmetric encryption uses keys pairs that each include a private key, and a public key, the private key being known only to a respective node, and the public key being known to any or all other nodes in the blockchain network.
- a node can use the public key of another node to encrypt data, and the encrypted data can be decrypted using other node's private key.
- Participant A can use Participant B's public key to encrypt data, and send the encrypted data to Participant B.
- Participant B can use its private key to decrypt the encrypted data (ciphertext) and extract the original data (plaintext). Messages encrypted with a node's public key can only be decrypted using the node's private key.
- Asymmetric encryption is used to provide digital signatures, which enables participants in a transaction to confirm other participants in the transaction, as well as the validity of the transaction.
- a node can digitally sign a message, and another node can confirm that the message was sent by the node based on the digital signature of Participant A.
- Digital signatures can also be used to ensure that messages are not tampered with in transit.
- Participant A is to send a message to Participant B.
- Participant A generates a hash of the message, and then, using its private key, encrypts the hash to provide a digital signature as the encrypted hash.
- Participant A appends the digital signature to the message, and sends the message with digital signature to Participant B.
- Participant B decrypts the digital signature using the public key of Participant A, and extracts the hash. Participant B hashes the message and compares the hashes. If the hashes are same, Participant B can confirm that the message was indeed from Participant A, and was not tampered with.
- FIG. 3 depicts an example of a system 300 that can be used to execute implementations of the present specification in accordance with implementations of the present specification.
- the system 300 includes a consortium blockchain network 302 including nodes 304 a - 304 e maintaining a consortium blockchain 306 .
- the system 300 includes a verification system 316 , an incentive system 320 , and a public sidechain network 352 .
- the public sidechain network 352 includes a plurality of verification nodes 330 , a public blockchain 356 , and public blockchain nodes (e.g., 354 ) maintaining the public blockchain 356 .
- the consortium blockchain network 302 receive requests to store data ( 360 ).
- the nodes 304 a - e store the data in the consortium blockchain 306 according to the mechanisms described above.
- the verification system 316 receives the stored data once it is added to the blockchain 306 (at 362 ).
- the verification system can monitor the consortium blockchain network 302 and determine that the data has been stored once a consensus is reached by the nodes 304 a - e on a chain including the data.
- the verification system 316 is responsible for the interaction between the consortium blockchain network 302 and the public sidechain network 352 .
- the verification system 316 (at 366 ) sends a data digest of the stored data to verification nodes 330 .
- the verification nodes 330 are computing devices participating in the public sidechain network 352 . There may be a large number (e.g., thousands) of verification nodes 330 .
- the verification system 316 may broadcast the data digest to the public sidechain network 352 .
- the verification nodes 330 upon receiving the data digest, cryptographically sign the data digest using their private key. Each verification node then attempts to store its signed data digest in the public blockchain 356 .
- all signed data digests produced by the verification nodes 330 are stored in the public blockchain 356 .
- a certain number of the signed data digests are stored in the public blockchain 356 and the others are discarded. This number can be a function of the consensus mechanisms used in the public sidechain network 352 .
- the system 300 may also include an incentive system 320 .
- the incentive system 320 may generate a smart contract to be stored in the public blockchain 356 .
- the smart contract may be configured, when executed by the public sidechain network, to provide a monetary reward to verification nodes 330 that participate in the verification of the stored data.
- a verification node 330 that successfully includes its signed data digest in the public blockchain 356 may receive the monetary reward automatically through execution of the smart contract.
- a verification node 330 that participates in the verification of data requested from the consortium blockchain may receive the monetary reward automatically through execution of the smart contract.
- FIG. 4 depicts an example process 400 of storing data in a consortium blockchain network and an associated public sidechain network according to aspects of the present specification.
- a data item is stored in the consortium blockchain network 302 .
- the verification system 316 receives the newly stored data from the consortium blockchain network 302 , such as by communicating with nodes participating in the network.
- the verification system 316 creates a data digest of the newly stored data item.
- the verification system 316 may create the data digest by generating a hash of the stored data item using a hashing algorithm, such as, for example, Secure Hash Algorithm 1 (SHA-1), SHA-256, Rivest-Shamir-Adleman (RSA), or other known algorithms.
- SHA-1 Secure Hash Algorithm 1
- SHA-256 Rivest-Shamir-Adleman
- RSA Rivest-Shamir-Adleman
- the verification system 316 requests verification of the data digest by the verification nodes 330 .
- the verification nodes 330 cryptographically sign the data digest using their private keys.
- the verification nodes 330 store their individual signed data digests in the public blockchain 356 managed by the public sidechain network 352 . As described above, in some implementations, only a certain number of the data digests will be stored in the public blockchain 356 depending on the consensus mechanisms employed by the public sidechain network 352 .
- FIG. 5 depicts an example process of retrieving data from the consortium blockchain network 302 , and verifying retrieved data based on the public sidechain network 352 .
- a request to retrieve data is received by the consortium blockchain network 302 (i.e., by a node participating in the consortium blockchain network). In some implementations, this request may be received by the verification system 316 .
- the verification system 316 retrieves the requested data from the consortium blockchain network 302 , such as by obtaining the requested data from a consensus version of the consortium blockchain 306 .
- the verification system 316 retrieves the signed data digests associated with the requested data from the public sidechain network 352 .
- the signed digests may be retrieved based on an identifier associated with the stored data, such as a timestamp or other identifier stored in the public blockchain 356 along with the signed data digests by the verification nodes 330 .
- the verification system 316 requests signed data digest of the retrieved data from the verification nodes 330 .
- the verification system 316 may create the data digest of the retrieved data using the hashing algorithms described above.
- the verification system 316 sends the data digests to the verification nodes 330 , so that verification nodes 330 can each cryptographically sign the data digest of the retrieved data, and at 530 return their signed version of the data digest to the verification system 316 .
- the verification system 316 compares the signed data digests of the retrieved data received from the verification nodes 330 to the signed data digests retrieved from the public blockchain 356 (which were created when the data was originally stored in the consortium blockchain network, see FIG. 4 ). If the signed data digests of the retrieved data received from the verification nodes 330 match the signed data digests retrieved from the public blockchain 356 , the stored data in the consortium blockchain network 302 has not changed since it was originally stored ( 540 ).
- This process verifies that the requested data has not been changed, because if it has not changed, the value of the signed data digests of the retrieved data produced by the verification nodes 330 will match the previously-stored data digests that were created when the data was originally stored. If the data has changed after being stored in the consortium blockchain, the signed data digests of the retrieved data will not match those that were stored in the public blockchain 356 when the data was originally stored.
- the verification system 316 may only request signed data digests at 520 from the verification nodes that successfully inserted their signed data digests into the public blockchain 356 .
- the verification nodes 330 can each attempt to store a unique identifier (e.g., a public key) identifying the particular node along with the data digest. Only entries that are included in the consensus version of the public blockchain 356 will thus be queried.
- the verification system 316 may only request verification from a particular set of the verification nodes 330 when storing data to the consortium blockchain 306 . In such a case, the verification system 316 may only query the particular set of nodes for signed data digests when verifying that retrieved data from the consortium blockchain 306 has not changed.
- FIG. 6 depicts an example of process 600 that can be executed in accordance with implementations of the present specification.
- the example of process 600 may be performed using one or more computer-executable programs executed using one or more computing devices.
- the description that follows generally describes process 600 in the context of the other figures in this description. However, it will be understood that process 600 may be performed, for example, by any suitable system, environment, software, and hardware, or a combination of systems, environments, software, and hardware, as appropriate.
- various steps of process 600 can be run in parallel, in combination, in loops, or in any order.
- a data item is stored in a consortium blockchain maintained by a consortium blockchain network.
- a first data digest is generated based on the stored data item.
- the first data digest is sent to verification nodes, so that each verification node cryptographically signs the first data digest and stores its signed first data digest in a public blockchain maintained by a public blockchain network.
- the verification nodes are computing devices participating in the public blockchain network.
- each verification node is configured to cryptographically sign the first data digest using a private key associated with that verification node.
- sending the first data digest to the verification nodes includes broadcasting the first data digest to the public blockchain network.
- a request is received to retrieve the stored data item.
- the requested data item is retrieved from the consortium blockchain.
- a second data digest is generated based on the retrieved data item.
- generating the first data digest includes calculating a hash of the stored data item.
- the second data digest is sent to the verification nodes so that each verification node can cryptographically sign the second data digests and return its signed second data digest.
- the signed second data digests are received from the verification nodes.
- the signed first data digests are retrieved from the public blockchain.
- retrieving the signed first data digests from the public blockchain includes identifying the signed first data digests based on an identifier associated with the stored data item and stored in the public blockchain.
- a response is sent to retrieve the stored data item, the response indicating that the stored data item has not changed since it was stored.
- the process 600 further includes storing a smart contract in the public blockchain, wherein the smart contract is configured to provide a monetary reward to the verification nodes in response to receiving the requested signed second data digests from the verification nodes.
- FIG. 7 depicts an example of a diagram illustrating modules of an apparatus 700 in accordance with implementations of the specification.
- the apparatus 700 can be an example implementation for storing and retrieving to-be-verified data associated with nodes of a blockchain network.
- the apparatus 700 can correspond to the implementation shown in FIGS.
- the apparatus 700 includes the following: a storage or storing unit 705 , configured to store a data item in a consortium blockchain maintained a consortium blockchain network; a first generator or generating unit 710 , configured to generate a first data digest based on the stored data item; a first transmitter or transmitting unit 715 , configured to send the first data digest to verification nodes, each verification node configured to cryptographically sign its first data digest and store its signed first data digest in a public blockchain maintained by the public blockchain network; a receiver or a receiving unit 720 , configured to receive a request to retrieve the stored data item; a first retrieving unit 725 , configured to retrieve the requested data item from the consortium blockchain in response to receiving the request; a second generator or generating unit 730 , configured to generate a second data digest based on the retrieved data item; a requestor or requesting unit 735 , configured to request assigned second data digests from the verification nodes and in response to receiving the requested signed second data digests from the verification nodes; a second
- the verification nodes are computing devices participating in the public blockchain network.
- the apparatus 700 further includes the following: a storage or storing sub-unit, configured to store a smart contract in the public blockchain, wherein the smart contract is configured to provide a monetary reward to the verification nodes in response to receiving the requested signed second data digests from the verification nodes.
- the apparatus 700 further includes the following: a calculator or a calculating sub-unit, configured to calculate a hash of the stored data item.
- each verification node is configured to cryptographically sign the first data digest using a private key associated with that verification node.
- the apparatus 700 further includes the following: a broadcasting sub-unit, configured to broadcast the first data digest to the public blockchain network.
- the apparatus 700 further includes the following: an identifier or an identifying sub-unit, configured to identify the signed first data digests based on an identifier associated with the stored data item and stored in the public blockchain.
- the system, apparatus, module, or unit illustrated in the previous implementations can be implemented by using a computer chip or an entity, or can be implemented by using a product having a certain function.
- a typical implementation device is a computer, and the computer can be a personal computer, a laptop computer, a cellular phone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email receiving and sending device, a game console, a tablet computer, a wearable device, or any combination of these devices.
- FIG. 7 is a schematic diagram illustrating an internal functional module and a structure of a consortium blockchain network apparatus.
- An execution body in essence can be an electronic device, and the electronic device includes the following: one or more processors; and a memory configured to store an executable instruction of the one or more processors.
- the one or more processors are configured to store a data item in a consortium blockchain maintained by a consortium blockchain network; generate a first data digest based on the stored data item; send the first data digest to verification nodes, each verification node configured to cryptographically sign the first data digest and store its signed first data digest in a public blockchain maintained by a public blockchain network; receive a request to retrieve the stored data item; in response to receive the request, retrieve the requested data item from the consortium blockchain; generate a second data digest based on the retrieved data item; request signed second data digests from the verification nodes and in response to receive the requested signed second data digests from the nodes; retrieve the signed first data digests from the public blockchain; determine that the signed first data digests from the public blockchain match the signed second data digests received from the verification nodes; and in response to the determine, send a response to the request to retrieve the stored data including the stored data item, the response indicating that the stored data item has not changed since it was stored.
- the verification nodes are computing devices participating in the public blockchain network.
- the one or more processors are configured to store a smart contract in the public blockchain, wherein the smart contract is configured to provide a monetary reward to the verification nodes in response to receiving the requested signed second data digests from the verification nodes.
- the one or more processors are configured to calculate a hash of the stored data item.
- each verification node is configured to cryptographically sign the first data digest using a private key associated with that verification node.
- the one or more processors are configured to broadcast the first data digest to the public blockchain network.
- the one or more processors are configured to identify the signed first data digests based on an identifier associated with the stored data item and stored in the public blockchain.
- Implementations of the subject matter and the actions and operations described in this specification can be implemented in digital electronic circuitry, in tangibly-embodied computer software or firmware, in computer hardware, including the structures disclosed in this specification and their structural equivalents, or in combinations of one or more of them. Implementations of the subject matter described in this specification can be implemented as one or more computer programs, e.g., one or more modules of computer program instructions, encoded on a computer program carrier, for execution by, or to control the operation of, data processing apparatus.
- the carrier may be a tangible non-transitory computer storage medium.
- the carrier may be an artificially generated propagated signal, e.g., a machine-generated electrical, optical, or electromagnetic signal that is generated to encode information for transmission to suitable receiver apparatus for execution by a data processing apparatus.
- the computer storage medium can be or be part of a machine-readable storage device, a machine-readable storage substrate, a random or serial access memory device, or a combination of one or more of them.
- a computer storage medium is not a propagated signal.
- data processing apparatus encompasses all kinds of apparatus, devices, and machines for processing data, including by way of example a programmable processor, a computer, or multiple processors or computers.
- Data processing apparatus can include special-purpose logic circuitry, e.g., an FPGA (field programmable gate array), an ASIC (application specific integrated circuit), or a GPU (graphics processing unit).
- the apparatus can also include, in addition to hardware, code that creates an execution environment for computer programs, e.g., code that constitutes processor firmware, a protocol stack, a database management system, an operating system, or a combination of one or more of them.
- a computer program which may also be referred to or described as a program, software, a software application, an app, a module, a software module, an engine, a script, or code, can be written in any form of programming language, including compiled or interpreted languages, or declarative or procedural languages; and it can be deployed in any form, including as a stand alone program or as a module, component, engine, subroutine, or other unit suitable for executing in a computing environment, which environment may include one or more computers interconnected by a data communication network in one or more locations.
- a computer program may, but need not, correspond to a file in a file system.
- a computer program can be stored in a portion of a file that holds other programs or data, e.g., one or more scripts stored in a markup language document, in a single file dedicated to the program in question, or in multiple coordinated files, e.g., files that store one or more modules, sub programs, or portions of code.
- the processes and logic flows described in this specification can be performed by one or more computers executing one or more computer programs to perform operations by operating on input data and generating output.
- the processes and logic flows can also be performed by special-purpose logic circuitry, e.g., an FPGA, an ASIC, or a GPU, or by a combination of special-purpose logic circuitry and one or more programmed computers.
- Computers suitable for the execution of a computer program can be based on general or special-purpose microprocessors or both, or any other kind of central processing unit.
- a central processing unit will receive instructions and data from a read only memory or a random access memory or both.
- Elements of a computer can include a central processing unit for executing instructions and one or more memory devices for storing instructions and data.
- the central processing unit and the memory can be supplemented by, or incorporated in, special-purpose logic circuitry.
- a computer will be coupled to at least one non-transitory computer-readable storage medium (also referred to as a computer-readable memory).
- the storage medium coupled to the computer can be an internal component of the computer (e.g., an integrated hard drive) or an external component (e.g., universal serial bus (USB) hard drive or a storage system accessed over a network).
- Examples of storage media can include, for example, magnetic, magneto optical, or optical disks, solid state drives, network storage resources such as cloud storage systems, or other types of storage media.
- a computer need not have such devices.
- a computer can be embedded in another device, e.g., a mobile telephone, a personal digital assistant (PDA), a mobile audio or video player, a game console, a Global Positioning System (GPS) receiver, or a portable storage device, e.g., a universal serial bus (USB) flash drive, to name just a few.
- PDA personal digital assistant
- GPS Global Positioning System
- USB universal serial bus
- implementations of the subject matter described in this specification can be implemented on, or configured to communicate with, a computer having a display device, e.g., a LCD (liquid crystal display) monitor, for displaying information to the user, and an input device by which the user can provide input to the computer, e.g., a keyboard and a pointing device, e.g., a mouse, a trackball or touchpad.
- a display device e.g., a LCD (liquid crystal display) monitor
- an input device by which the user can provide input to the computer e.g., a keyboard and a pointing device, e.g., a mouse, a trackball or touchpad.
- Other kinds of devices can be used to provide for interaction with a user as well; for example, feedback provided to the user can be any form of sensory feedback, e.g., visual feedback, auditory feedback, or tactile feedback; and input from the user can be received in any form, including acoustic, speech, or tactile input.
- a computer can interact with a user by sending documents to and receiving documents from a device that is used by the user; for example, by sending web pages to a web browser on a user's device in response to requests received from the web browser, or by interacting with an app running on a user device, e.g., a smartphone or electronic tablet.
- a computer can interact with a user by sending text messages or other forms of message to a personal device, e.g., a smartphone that is running a messaging application, and receiving responsive messages from the user in return.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- General Engineering & Computer Science (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Power Engineering (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Databases & Information Systems (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Description
- This application is a continuation of U.S. patent application Ser. No. 16/421,357, filed on May 23, 2019, which is a continuation of PCT Application No. PCT/CN2018/122559, filed on Dec. 21, 2018, and each application is hereby incorporated by reference in its entirety.
- Distributed ledger systems (DLSs), which can also be referred to as consensus networks, and/or blockchain networks, enable participating entities to securely, and immutably store data. DLSs are commonly referred to as blockchain networks without referencing any particular user case. Examples of types of blockchain networks can include public blockchain networks, private blockchain networks, and consortium blockchain networks. A public blockchain network is open for all entities to use the DLS, and participate in the consensus process. A private blockchain network is provided for particular entity, which centrally controls read and write permissions. A consortium blockchain network is provided for a select group of entities, which control the consensus process, and includes an access control layer.
- Blockchain is a decentralized and temper-proof distributed data storage technology. User data and contracts are logically operated and stored on the chain in a public manner. In many scenarios, users need to meet privacy protection requirements and do not want their data and logics to be leaked to unauthorized parties.
- Although cryptography can be used to enhance privacy protection for some specific scenario designs, a more versatile and efficient solution is desired to solve existing privacy issues of the blockchain operations.
- Implementations of the present specification include computer-implemented methods for storing and retrieving to-be-verified data associated with nodes of a blockchain network. More particularly, implementations of the present specification are directed to storing a data digest of the to-be-verified data associated with one or more consortium blockchain network nodes using a number of verification nodes, and retrieving the to-be-verified data and the stored data digests.
- In some implementations, actions include storing a data item in a consortium blockchain maintained by a consortium blockchain network; generating a first data digest based on the stored data item; sending the first data digest to verification nodes, so that each verification node cryptographically signs the first data digest and stores its signed first data digest in a public blockchain maintained by a public blockchain network; receiving a request to retrieve the stored data item; in response to receiving the request, retrieving the requested data item from the consortium blockchain; generating a second data digest based on the retrieved data item; sending the second data digest to the verification nodes so that each verification node cryptographically signs the second data digest and returns its signed second data digest; receiving the signed second data digests from the verification nodes; retrieving the signed first data digests from the public blockchain; determining that the signed first data digests match the signed second data digests; and in response to the determining, sending a response to the request to retrieve the stored data item, the response indicating that the stored data item has not changed since it was stored. Other implementations include corresponding systems, apparatus, and computer programs, configured to perform the actions of the methods, encoded on computer storage devices.
- In some implementations, a non-transitory computer-readable storage medium is coupled to one or more computers and configured with instructions executable by the one or more computers to: store a data item in a consortium blockchain maintained by a consortium blockchain network; generate a first data digest based on the stored data item; send the first data digest to verification nodes so that each verification node cryptographically signs the first data digest and stores its signed first data digest in a public blockchain maintained by a public blockchain network; receive a request to retrieve the stored data item; in response to receive the request, retrieving the requested data item from the consortium blockchain; generate a second data digest based on the retrieved data item; send the second data digest to verification nodes so that each verification node cryptographically signs the second data digest and returns its signed second data digest; receive the signed second data digests from the verification nodes; retrieve the signed first data digests from the public blockchain; determine that the signed first data digests match the signed second data digests; and in response to the determine, sending a response to the request to retrieve the stored data item, the response indicating that the stored data item has not changed since it was stored.
- In some implementations, a system includes one or more computers; and one or more computer-readable memories coupled to the one or more computers and configured with instructions executable by the one or more computers to: store a data item in a consortium blockchain maintained by a consortium blockchain network; generate a first data digest based on the stored data item; send the first data digest to verification nodes so that each verification node cryptographically signs the first data digest and stores its signed first data digest in a public blockchain maintained by a public blockchain network; receive a request to retrieve the stored data item; in response to receive the request, retrieving the requested data item from the consortium blockchain; generate a second data digest based on the retrieved data item; send the second data digest to verification nodes so that each verification node cryptographically signs the second data digest and returns its signed second data digest; receive the signed second data digests from the verification nodes; retrieve the signed first data digests from the public blockchain; determine that the signed first data digests match the signed second data digests received; and in response to the determine, sending a response to the request to retrieve the stored data item, the response indicating that the stored data item has not changed since it was stored. These and other implementations may each optionally include one or more of the following features:
- A first feature, combinable with any of the following features, wherein the verification nodes are computing devices participating in the public blockchain network.
- A second feature, combinable with any of the following features, further includes storing a smart contract in the public blockchain, wherein the smart contract is configured to provide a monetary reward to the verification nodes in response to receiving the requested signed second data digests from the verification nodes.
- A third feature, combinable with any of the following features, wherein generating the first data digest includes calculating a hash of the stored data item.
- A fourth feature, combinable with any of the following features, wherein each verification node is configured to cryptographically sign the first data digest using a private key associated with that verification node.
- A fifth feature, combinable with any of the following features, wherein sending the first data digest to the verification nodes includes broadcasting the first data digest to the public blockchain network.
- A sixth feature, combinable with any of the following features, wherein retrieving the signed first data digests from the public blockchain includes identifying the signed first data digests based on an identifier associated with the stored data item and stored in the public blockchain.
- The present specification also provides one or more non-transitory computer-readable storage media coupled to one or more processors and having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations in accordance with implementations of the methods provided herein.
- The present specification further provides a system for implementing the methods provided herein. The system includes one or more processors, and a computer-readable storage medium coupled to the one or more processors having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations in accordance with implementations of the methods provided herein.
- The described blockchain network can be used to verify the integrity of the data stored in the blockchain network. It involves a large number of nodes that can participate in the consensus process, thereby ensuring the integrity of the data. In addition, the described techniques provide an incentive mechanism based on smart contracts to increase node participation in the public sidechain.
- It is appreciated that methods in accordance with the present specification may include any combination of the aspects and features described herein. That is, methods in accordance with the present specification are not limited to the combinations of aspects and features specifically described herein, but also include any combination of the aspects and features provided.
- The details of one or more implementations of the present specification are set forth in the accompanying drawings and the description below. Other features and advantages of the present specification will be apparent from the description and drawings, and from the claims.
-
FIG. 1 depicts an example of an environment that can be used to execute implementations of the present specification. -
FIG. 2 depicts an example of a conceptual architecture in accordance with implementations of the present specification. -
FIG. 3 depicts an example of a system that can be used to execute implementations of the present specification in accordance with implementations of the present specification. -
FIG. 4 depicts an example of a process of storing data in a consortium blockchain network and an associated public sidechain network according to aspects of the present specification. -
FIG. 5 depicts an example of a process of retrieving data from the consortium blockchain network, and verifying retrieved data based on the public sidechain network according to aspects of the present specification. -
FIG. 6 depicts an example of a process that can be executed in accordance with implementations of the present specification. -
FIG. 7 depicts an example of a diagram illustrating modules of an apparatus in accordance with implementations of the specification. - Like reference symbols in the various drawings indicate like elements.
- Implementations of the present specification include computer-implemented methods for storing and retrieving to-be-verified data associated with nodes of a blockchain network. More particularly, implementations of the present specification are directed to storing a data digest of the to-be-verified data associated with one or more consortium blockchain network nodes using a number of verification nodes, and retrieving the to-be-verified data and the stored data digests.
- To provide further context for implementations of the specification, and as introduced above, distributed ledger systems (DLSs), which can also be referred to as consensus networks (e.g., made up of peer-to-peer nodes), and blockchain networks, enable participating entities to securely, and immutably conduct transactions, and store data. The term blockchain is used herein to generally refer to a DLS without reference to any particular use case.
- A blockchain is a data structure that stores transactions in a way that the transactions are immutable, and can be subsequently verified. A blockchain includes one or more blocks. Each block in the chain is linked to a previous block immediately before it in the chain by including a cryptographic hash of the previous block. Each block also includes a timestamp, its own cryptographic hash, and one or more transactions. The transactions, which have already been verified by the nodes of the blockchain network, are hashed and encoded into a Merkle tree. A Merkle tree is a data structure in which data at the leaf nodes of the tree is hashed, and all hashes in each branch of the tree are concatenated at the root of the branch. This process continues up the tree to the root of the entire tree, which stores a hash that is representative of all data in the tree. A hash purporting to be of a transaction stored in the tree can be quickly verified by determining whether it is consistent with the structure of the tree.
- Whereas a blockchain is a data structure for storing transactions, a blockchain network is a network of computing nodes that manage, update, and maintain one or more blockchains. As introduced above, a blockchain network can be provided as a public blockchain network, a private blockchain network, or a consortium blockchain network.
- In a public blockchain network, the consensus process is controlled by nodes of the consensus network. For example, hundreds, thousands, even millions of entities can cooperate a public blockchain network, each of which operates at least one node in the public blockchain network. Accordingly, the public blockchain network can be considered a public network with respect to the participating entities. In some examples, a majority of entities (nodes) must sign every block in order for the block to be valid, and added to the blockchain (distributed ledger) of the blockchain network. Example public blockchain networks include particular peer-to-peer payment networks that leverage a distributed ledger, referred to as blockchain. As noted above, the term blockchain, however, is used to generally refer to distributed ledgers without particular reference to any particular blockchain network.
- In general, a public blockchain network supports public transactions. A public transaction is shared with all of the nodes within the public blockchain network, and are stored in a global blockchain. A global blockchain is a blockchain that is replicated across all nodes. That is, all nodes are in perfect state consensus with respect to the global blockchain. To achieve consensus (e.g., agreement to the addition of a block to a blockchain), a consensus protocol is implemented within the public blockchain network. Examples of consensus protocols include, without limitation, proof-of-work (POW), proof-of-stake (POS), and proof-of-authority (POA). POW is referenced further herein as a non-limiting example.
- In general, a private blockchain network private blockchain network is provided for a particular entity, which centrally controls read and write permissions. The entity controls, which nodes are able to participate in the blockchain network. Consequently, private blockchain networks are generally referred to as permissioned networks that place restrictions on who is allowed to participate in the network, and on their level of participation (e.g., only in certain transactions). Various types of access control mechanisms can be used (e.g., existing participants vote on adding new entities, a regulatory authority can control admission).
- In general, a consortium blockchain network is private among the participating entities. In a consortium blockchain network, the consensus process is controlled by an authorized set of nodes, one or more nodes being operated by a respective entity (e.g., a financial institution, insurance company). For example, a consortium of ten (10) entities (e.g., financial institutions, insurance companies) can operate a consortium blockchain network, each of which operates at least one node in the consortium blockchain network. Accordingly, the consortium blockchain network can be considered a private network with respect to the participating entities. In some examples, each entity (node) must sign every block in order for the block to be valid, and added to the blockchain. In some examples, at least a sub-set of entities (nodes) (e.g., at least 7 entities) must sign every block in order for the block to be valid, and added to the blockchain.
- A blockchain is a tamper-proof, shared digital ledger that records transactions in a public or private peer-to-peer network. The ledger is distributed to all member nodes in the network, and the history of asset transactions occurring in the network is permanently recorded in the block. Prior to participating in a transaction, a node on the blockchain may need to execute computations using various techniques. Under current solutions, because each blockchain is independent, a node of one blockchain cannot communicate with other chains. For example, a node cannot read data from other blockchains or exchange data with other blockchains. In addition, even if a node does not need data from other blockchains to execute a computation, performing such computations entirely on a blockchain can consume a lot of time and computational resources of the blockchain, if it requires complicated computational logics and protocols.
- Implementations of the specification are described in further detail herein with reference to a consortium blockchain network, which is public among the participating entities. It is contemplated, however, that implementations of the specification can be realized in any appropriate type of blockchain network.
- Implementations of the specification are described in further detail herein in view of the above context. More particularly, and as introduced above, implementations of the specification are directed to providing an off-chain smart contract service capable of operating cross-chain data in a trusted execution environment.
- Specifically, the described techniques introduce a public auxiliary blockchain (also referred to as a “sidechain”) that is used to verify the integrity of the data stored in the consortium blockchain. Because the sidechain is public, a large number of nodes can participate in the consensus process, thereby ensuring the integrity of the data in the sidechain. A representation of each transaction on the consortium blockchain is stored in the sidechain. Thus, in order to alter the data in the consortium blockchain, an attacker must also make a corresponding alteration to the public sidechain. Making such an alteration in the public sidechain will be much more difficult than in the consortium blockchain, due to the number of nodes involved in the consensus process for the public sidechain. In this way, the integrity of the data in the consortium blockchain may be ensured. In addition, the described techniques provide an incentive mechanism based on smart contracts to increase node participation in the public sidechain. A smart contract can be a computer agreement designed to disseminate, verify, or enforce contracts in an informational manner. Smart contracts allow trusted transactions to be performed without a third-party involvement. These transactions are traceable and irreversible.
- The described techniques can have a variety of applications. For example, during a copyright infringement litigation, the plaintiff needs to provide the court with some type of digital evidence to show the exact time she created the original work. If the digital evidence submitted by the plaintiff is originally stored at a consortium blockchain, it may not be able to meet the required burden of proof, since the court cannot determine that the digital evidence has not been tampered with. To establish an evidentiary record that would be accepted by the court, the plaintiff can store the data evidence using the described techniques through an verification system. At the time of evidence submission, the plaintiff can submit the digital evidence stored at the consortium blockchain, along with copies of digital evidence submitted by the verification nodes. This way, the court will be more likely to recognize the authenticity of the digital evidence because a large number of verification nodes are attesting to the authenticity of the digital evidence.
- Aside from the above-discussed example, the described techniques can benefit many other applications that make use of the blockchain technology.
-
FIG. 1 depicts an example of anenvironment 100 that can be used to execute implementations of the specification. In some examples, theenvironment 100 enables entities to participate in ablockchain network 102. Theenvironment 100 includescomputing devices network 110. In some examples, thenetwork 110 includes a local area network (LAN), wide area network (WAN), the Internet, or a combination thereof, and connects web sites, user devices (e.g., computing devices), and back-end systems. In some examples, thenetwork 110 can be accessed over a wired and/or a wireless communications link. In some examples, thenetwork 110 enables communication with, and within theblockchain network 102. In general thenetwork 110 represents one or more communication networks. In some cases, thecomputing devices computing device - In the depicted example, the
computing systems blockchain network 102. Examples of computing devices include, without limitation, a server, a desktop computer, a laptop computer, a tablet computing device, and a smartphone. In some examples, thecomputing systems blockchain network 102. For example, thecomputing system 106 can host computer-implemented services of a first entity (e.g., Participant A), such as transaction management system that the first entity uses to manage its transactions with one or more other entities (e.g., other participants). Thecomputing system 108 can host computer-implemented services of a second entity (e.g., Participant B), such as transaction management system that the second entity uses to manage its transactions with one or more other entities (e.g., other participants). In the example ofFIG. 1 , theblockchain network 102 is represented as a peer-to-peer network of nodes, and thecomputing systems blockchain network 102. -
FIG. 2 depicts an example of aconceptual architecture 200 in accordance with implementations of the specification. The example of aconceptual architecture 200 includesparticipant systems blockchain network 212 provided as a peer-to-peer network including a number ofnodes 214, at least some of which immutably record information in ablockchain 216. Although asingle blockchain 216 is schematically depicted within theblockchain network 212, multiple copies of theblockchain 216 are provided, and are maintained across theblockchain network 212, as described in further detail herein. - In the depicted example, each
participant system respective node 214 within the blockchain network. As used herein, a node generally refers to an individual system (e.g., computer, server) that is connected to theblockchain network 212, and enables a respective participant to participate in the blockchain network. In the example ofFIG. 2 , a participant corresponds to eachnode 214. It is contemplated, however, that a participant can operatemultiple nodes 214 within theblockchain network 212, and/or multiple participants can share anode 214. In some examples, theparticipant systems blockchain network 212 using a protocol (e.g., hypertext transfer protocol secure (HTTPS)), and/or using remote procedure calls (RPCs). -
Nodes 214 can have varying degrees of participation within theblockchain network 212. For example, somenodes 214 can participate in the consensus process (e.g., as minder nodes that add blocks to the blockchain 216), whileother nodes 214 do not participate in the consensus process. As another example, somenodes 214 store a complete copy of theblockchain 216, whileother nodes 214 only store copies of portions of theblockchain 216. For example, data access privileges can limit the blockchain data that a respective participant stores within its respective system. In the example ofFIG. 2 , theparticipant systems complete copies 216′, 216″, 216′″ of theblockchain 216. - A blockchain (e.g., the
blockchain 216 ofFIG. 2 ) is made up of a chain of blocks, each block storing data. Examples of data include transaction data representative of a transaction between two or more participants. While transactions are used herein by way of non-limiting example, it is contemplated that any appropriate data can be stored in a blockchain (e.g., documents, images, videos, audio). Examples of transactions can include, without limitation, exchanges of something of value (e.g., assets, products, services, and currency). The transaction data is immutably stored within the blockchain. That is, the transaction data cannot be changed. - Before storing in a block, the transaction data is hashed. Hashing is a process of transforming the transaction data (provided as string data) into a fixed-length hash value (also provided as string data). It is not possible to un-hash the hash value to obtain the transaction data. Hashing ensures that even a slight change in the transaction data results in a completely different hash value. Further, and as noted above, the hash value is of fixed length. That is, no matter the size of the transaction data the length of the hash value is fixed. Hashing includes processing the transaction data through a hash function to generate the hash value. An examples of hash function includes, without limitation, the secure hash algorithm (SHA)-256, which outputs 256-bit hash values.
- Transaction data of multiple transactions are hashed and stored in a block. For example, hash values of two transactions are provided, and are themselves hashed to provide another hash. This process is repeated until, for all transactions to be stored in a block, a single hash value is provided. This hash value is referred to as a Merkle root hash, and is stored in a header of the block. A change in any of the transactions will result in change in its hash value, and ultimately, a change in the Merkle root hash.
- Blocks are added to the blockchain through a consensus protocol. Multiple nodes within the blockchain network participate in the consensus protocol, and compete to have a block added to the blockchain. Such nodes are referred to as miners (or minder nodes). POW, introduced above, is used as a non-limiting example.
- The miner nodes execute the consensus process to add transactions to the blockchain. Although multiple miner nodes participate in the consensus process, only one miner node can write the block to the blockchain. That is, the miner nodes compete in the consensus process to have their block added to the blockchain. In further detail, a miner node periodically collects pending transactions from a transaction pool (e.g., up to a predefined limit on the number of transactions that can be included in a block, if any). The transaction pool includes transaction messages from participants in the blockchain network. The miner node constructs a block, and adds the transactions to the block. Before adding the transactions to the block, the miner node checks whether any of the transactions are already included in a block of the blockchain. If a transaction is already included in another block, the transaction is discarded.
- The miner node generates a block header, hashes all of the transactions in the block, and combines the hash value in pairs to generate further hash values until a single hash value is provided for all transactions in the block (the Merkle root hash). This hash is added to the block header. The miner also determines the hash value of the most recent block in the blockchain (i.e., the last block added to the blockchain). The miner node also adds a nonce value, and a timestamp to the block header. In a mining process, the miner node attempts to find a hash value that meets required parameters. The miner node keeps changing the nonce value until finding a hash value that meets the required parameters.
- Every miner in the blockchain network attempts to find a hash value that meets the required parameters, and, in this way, compete with one another. Eventually, one of the miner nodes finds a hash value that meets the required parameters, and advertises this to all other miner nodes in the blockchain network. The other miner nodes verify the hash value, and if determined to be correct, verifies each transaction in the block, accepts the block, and appends the block to their copy of the blockchain. In this manner, a global state of the blockchain is consistent across all miner nodes within the blockchain network. The above-described process is the POW consensus protocol.
- A non-limiting example is provided with reference to
FIG. 2 . In this example, Participant A wants to send an amount of fund to Participant B. Participant A generates a transaction message (e.g., including From, To, and Value fields), and sends the transaction message to the blockchain network, which adds the transaction message to a transaction pool. Each miner node in the blockchain network creates a block, and takes all transactions from the transaction pool (e.g., up to a predefined limit on the number of transaction that can be added to a block, if any), and adds the transactions to the block. In this manner the transaction published by Participant A is added to the blocks of the miner nodes. - In some blockchain networks, cryptography is implemented to maintain privacy of transactions. For example, if two nodes want to keep a transaction private, such that other nodes in the blockchain network cannot discern details of the transaction, the nodes can encrypt the transaction data. Examples of cryptographic methods include, without limitation, symmetric encryption, and asymmetric encryption. Symmetric encryption refers to an encryption process that uses a single key for both encryption (generating ciphertext from plaintext), and decryption (generating plaintext from ciphertext). In symmetric encryption, the same key is available to multiple nodes, so each node can en-/de-crypt transaction data.
- Asymmetric encryption uses keys pairs that each include a private key, and a public key, the private key being known only to a respective node, and the public key being known to any or all other nodes in the blockchain network. A node can use the public key of another node to encrypt data, and the encrypted data can be decrypted using other node's private key. For example, and referring again to
FIG. 2 , Participant A can use Participant B's public key to encrypt data, and send the encrypted data to Participant B. Participant B can use its private key to decrypt the encrypted data (ciphertext) and extract the original data (plaintext). Messages encrypted with a node's public key can only be decrypted using the node's private key. - Asymmetric encryption is used to provide digital signatures, which enables participants in a transaction to confirm other participants in the transaction, as well as the validity of the transaction. For example, a node can digitally sign a message, and another node can confirm that the message was sent by the node based on the digital signature of Participant A. Digital signatures can also be used to ensure that messages are not tampered with in transit. For example, and again referencing
FIG. 2 , Participant A is to send a message to Participant B. Participant A generates a hash of the message, and then, using its private key, encrypts the hash to provide a digital signature as the encrypted hash. Participant A appends the digital signature to the message, and sends the message with digital signature to Participant B. Participant B decrypts the digital signature using the public key of Participant A, and extracts the hash. Participant B hashes the message and compares the hashes. If the hashes are same, Participant B can confirm that the message was indeed from Participant A, and was not tampered with. -
FIG. 3 depicts an example of asystem 300 that can be used to execute implementations of the present specification in accordance with implementations of the present specification. - As illustrated in
FIG. 3 , thesystem 300 includes aconsortium blockchain network 302 including nodes 304 a-304 e maintaining aconsortium blockchain 306. Thesystem 300 includes averification system 316, anincentive system 320, and apublic sidechain network 352. Thepublic sidechain network 352 includes a plurality ofverification nodes 330, apublic blockchain 356, and public blockchain nodes (e.g., 354) maintaining thepublic blockchain 356. - In operation, the consortium blockchain network 302 (i.e., the nodes 304 a-e) receive requests to store data (360). The nodes 304 a-e store the data in the
consortium blockchain 306 according to the mechanisms described above. Theverification system 316 receives the stored data once it is added to the blockchain 306 (at 362). For example, the verification system can monitor theconsortium blockchain network 302 and determine that the data has been stored once a consensus is reached by the nodes 304 a-e on a chain including the data. - In some implementations, the
verification system 316 is responsible for the interaction between theconsortium blockchain network 302 and thepublic sidechain network 352. In operation, the verification system 316 (at 366) sends a data digest of the stored data toverification nodes 330. In some implementations, theverification nodes 330 are computing devices participating in thepublic sidechain network 352. There may be a large number (e.g., thousands) ofverification nodes 330. In some cases, theverification system 316 may broadcast the data digest to thepublic sidechain network 352. Theverification nodes 330, upon receiving the data digest, cryptographically sign the data digest using their private key. Each verification node then attempts to store its signed data digest in thepublic blockchain 356. In some implementations, all signed data digests produced by theverification nodes 330 are stored in thepublic blockchain 356. In some cases, a certain number of the signed data digests are stored in thepublic blockchain 356 and the others are discarded. This number can be a function of the consensus mechanisms used in thepublic sidechain network 352. - The
system 300 may also include anincentive system 320. In some implementations, theincentive system 320 may generate a smart contract to be stored in thepublic blockchain 356. The smart contract may be configured, when executed by the public sidechain network, to provide a monetary reward toverification nodes 330 that participate in the verification of the stored data. For example, averification node 330 that successfully includes its signed data digest in thepublic blockchain 356 may receive the monetary reward automatically through execution of the smart contract. In some cases, averification node 330 that participates in the verification of data requested from the consortium blockchain (seeFIG. 5 , below) may receive the monetary reward automatically through execution of the smart contract. -
FIG. 4 depicts anexample process 400 of storing data in a consortium blockchain network and an associated public sidechain network according to aspects of the present specification. - At 405, a data item is stored in the
consortium blockchain network 302. At 410, theverification system 316 receives the newly stored data from theconsortium blockchain network 302, such as by communicating with nodes participating in the network. At 415, theverification system 316 creates a data digest of the newly stored data item. For example, theverification system 316 may create the data digest by generating a hash of the stored data item using a hashing algorithm, such as, for example, Secure Hash Algorithm 1 (SHA-1), SHA-256, Rivest-Shamir-Adleman (RSA), or other known algorithms. - At 420, the
verification system 316 requests verification of the data digest by theverification nodes 330. In response, at 425, theverification nodes 330 cryptographically sign the data digest using their private keys. At 430, theverification nodes 330 store their individual signed data digests in thepublic blockchain 356 managed by thepublic sidechain network 352. As described above, in some implementations, only a certain number of the data digests will be stored in thepublic blockchain 356 depending on the consensus mechanisms employed by thepublic sidechain network 352. -
FIG. 5 depicts an example process of retrieving data from theconsortium blockchain network 302, and verifying retrieved data based on thepublic sidechain network 352. At 505, a request to retrieve data is received by the consortium blockchain network 302 (i.e., by a node participating in the consortium blockchain network). In some implementations, this request may be received by theverification system 316. - At 510, the
verification system 316 retrieves the requested data from theconsortium blockchain network 302, such as by obtaining the requested data from a consensus version of theconsortium blockchain 306. At 515, theverification system 316 retrieves the signed data digests associated with the requested data from thepublic sidechain network 352. In some cases, the signed digests may be retrieved based on an identifier associated with the stored data, such as a timestamp or other identifier stored in thepublic blockchain 356 along with the signed data digests by theverification nodes 330. - At 520, the
verification system 316 requests signed data digest of the retrieved data from theverification nodes 330. Theverification system 316 may create the data digest of the retrieved data using the hashing algorithms described above. At 525, theverification system 316 sends the data digests to theverification nodes 330, so thatverification nodes 330 can each cryptographically sign the data digest of the retrieved data, and at 530 return their signed version of the data digest to theverification system 316. - At 535, the
verification system 316 compares the signed data digests of the retrieved data received from theverification nodes 330 to the signed data digests retrieved from the public blockchain 356 (which were created when the data was originally stored in the consortium blockchain network, seeFIG. 4 ). If the signed data digests of the retrieved data received from theverification nodes 330 match the signed data digests retrieved from thepublic blockchain 356, the stored data in theconsortium blockchain network 302 has not changed since it was originally stored (540). - This process verifies that the requested data has not been changed, because if it has not changed, the value of the signed data digests of the retrieved data produced by the
verification nodes 330 will match the previously-stored data digests that were created when the data was originally stored. If the data has changed after being stored in the consortium blockchain, the signed data digests of the retrieved data will not match those that were stored in thepublic blockchain 356 when the data was originally stored. - In some cases, the
verification system 316 may only request signed data digests at 520 from the verification nodes that successfully inserted their signed data digests into thepublic blockchain 356. For example, theverification nodes 330 can each attempt to store a unique identifier (e.g., a public key) identifying the particular node along with the data digest. Only entries that are included in the consensus version of thepublic blockchain 356 will thus be queried. - In some cases, the
verification system 316 may only request verification from a particular set of theverification nodes 330 when storing data to theconsortium blockchain 306. In such a case, theverification system 316 may only query the particular set of nodes for signed data digests when verifying that retrieved data from theconsortium blockchain 306 has not changed. -
FIG. 6 depicts an example ofprocess 600 that can be executed in accordance with implementations of the present specification. In some implementations, the example ofprocess 600 may be performed using one or more computer-executable programs executed using one or more computing devices. For clarity of presentation, the description that follows generally describesprocess 600 in the context of the other figures in this description. However, it will be understood thatprocess 600 may be performed, for example, by any suitable system, environment, software, and hardware, or a combination of systems, environments, software, and hardware, as appropriate. In some implementations, various steps ofprocess 600 can be run in parallel, in combination, in loops, or in any order. - At 602, a data item is stored in a consortium blockchain maintained by a consortium blockchain network.
- At 604, a first data digest is generated based on the stored data item.
- At 606, the first data digest is sent to verification nodes, so that each verification node cryptographically signs the first data digest and stores its signed first data digest in a public blockchain maintained by a public blockchain network. In some implementations, the verification nodes are computing devices participating in the public blockchain network. In some implementations, each verification node is configured to cryptographically sign the first data digest using a private key associated with that verification node. In some implementations, sending the first data digest to the verification nodes includes broadcasting the first data digest to the public blockchain network.
- At 608, a request is received to retrieve the stored data item.
- At 610, in response to receiving the request, the requested data item is retrieved from the consortium blockchain.
- At 612, a second data digest is generated based on the retrieved data item. In some implementations, generating the first data digest includes calculating a hash of the stored data item.
- At 614, the second data digest is sent to the verification nodes so that each verification node can cryptographically sign the second data digests and return its signed second data digest.
- At 616, the signed second data digests are received from the verification nodes.
- At 618, the signed first data digests are retrieved from the public blockchain. In some implementations, retrieving the signed first data digests from the public blockchain includes identifying the signed first data digests based on an identifier associated with the stored data item and stored in the public blockchain.
- At 620, it is determined that the signed first data digests match the signed second data digests.
- At 622, in response to the determining, a response is sent to retrieve the stored data item, the response indicating that the stored data item has not changed since it was stored.
- In some implementations, the
process 600 further includes storing a smart contract in the public blockchain, wherein the smart contract is configured to provide a monetary reward to the verification nodes in response to receiving the requested signed second data digests from the verification nodes. - Referring to
FIG. 7 ,FIG. 7 depicts an example of a diagram illustrating modules of anapparatus 700 in accordance with implementations of the specification. Theapparatus 700 can be an example implementation for storing and retrieving to-be-verified data associated with nodes of a blockchain network. The apparatus 700 can correspond to the implementation shown inFIGS. 3-5 , and the apparatus 700 includes the following: a storage or storing unit 705, configured to store a data item in a consortium blockchain maintained a consortium blockchain network; a first generator or generating unit 710, configured to generate a first data digest based on the stored data item; a first transmitter or transmitting unit 715, configured to send the first data digest to verification nodes, each verification node configured to cryptographically sign its first data digest and store its signed first data digest in a public blockchain maintained by the public blockchain network; a receiver or a receiving unit 720, configured to receive a request to retrieve the stored data item; a first retrieving unit 725, configured to retrieve the requested data item from the consortium blockchain in response to receiving the request; a second generator or generating unit 730, configured to generate a second data digest based on the retrieved data item; a requestor or requesting unit 735, configured to request assigned second data digests from the verification nodes and in response to receiving the requested signed second data digests from the verification nodes; a second retrieving unit 740, configured to retrieve the signed first data digests from the public blockchain; a determining unit 745, configured to determine that the signed first data digests from the public blockchain match the signed second data digests received from the verification nodes; a second transmitter or transmitting unit 750, configured to send a response to the request to retrieve the stored data including the stored data item in response to the determining, the response indicating that the stored data item has not changed since it was stored. - In an optional implementation, the verification nodes are computing devices participating in the public blockchain network.
- In an optional implementation, the
apparatus 700 further includes the following: a storage or storing sub-unit, configured to store a smart contract in the public blockchain, wherein the smart contract is configured to provide a monetary reward to the verification nodes in response to receiving the requested signed second data digests from the verification nodes. - In an optional implementation, the
apparatus 700 further includes the following: a calculator or a calculating sub-unit, configured to calculate a hash of the stored data item. - In an optional implementation, each verification node is configured to cryptographically sign the first data digest using a private key associated with that verification node.
- In an optional implementation, the
apparatus 700 further includes the following: a broadcasting sub-unit, configured to broadcast the first data digest to the public blockchain network. - In an optional implementation, the
apparatus 700 further includes the following: an identifier or an identifying sub-unit, configured to identify the signed first data digests based on an identifier associated with the stored data item and stored in the public blockchain. - The system, apparatus, module, or unit illustrated in the previous implementations can be implemented by using a computer chip or an entity, or can be implemented by using a product having a certain function. A typical implementation device is a computer, and the computer can be a personal computer, a laptop computer, a cellular phone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email receiving and sending device, a game console, a tablet computer, a wearable device, or any combination of these devices.
- For an implementation process of functions and roles of each unit in the apparatus, references can be made to an implementation process of corresponding steps in the previous method. Details are omitted here for simplicity.
- Because an apparatus implementation basically corresponds to a method implementation, for related parts, references can be made to related descriptions in the method implementation. The previously described apparatus implementation is merely an example. The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one position, or may be distributed on a number of network units. Some or all of the modules can be selected based on actual demands to achieve the objectives of the solutions of the specification. A person of ordinary skill in the art can understand and implement the implementations of the present application without creative efforts.
-
FIG. 7 is a schematic diagram illustrating an internal functional module and a structure of a consortium blockchain network apparatus. An execution body in essence can be an electronic device, and the electronic device includes the following: one or more processors; and a memory configured to store an executable instruction of the one or more processors. - The one or more processors are configured to store a data item in a consortium blockchain maintained by a consortium blockchain network; generate a first data digest based on the stored data item; send the first data digest to verification nodes, each verification node configured to cryptographically sign the first data digest and store its signed first data digest in a public blockchain maintained by a public blockchain network; receive a request to retrieve the stored data item; in response to receive the request, retrieve the requested data item from the consortium blockchain; generate a second data digest based on the retrieved data item; request signed second data digests from the verification nodes and in response to receive the requested signed second data digests from the nodes; retrieve the signed first data digests from the public blockchain; determine that the signed first data digests from the public blockchain match the signed second data digests received from the verification nodes; and in response to the determine, send a response to the request to retrieve the stored data including the stored data item, the response indicating that the stored data item has not changed since it was stored.
- Optionally, the verification nodes are computing devices participating in the public blockchain network.
- Optionally, the one or more processors are configured to store a smart contract in the public blockchain, wherein the smart contract is configured to provide a monetary reward to the verification nodes in response to receiving the requested signed second data digests from the verification nodes.
- Optionally, the one or more processors are configured to calculate a hash of the stored data item.
- Optionally, each verification node is configured to cryptographically sign the first data digest using a private key associated with that verification node.
- Optionally, the one or more processors are configured to broadcast the first data digest to the public blockchain network.
- Optionally, the one or more processors are configured to identify the signed first data digests based on an identifier associated with the stored data item and stored in the public blockchain.
- Implementations of the subject matter and the actions and operations described in this specification can be implemented in digital electronic circuitry, in tangibly-embodied computer software or firmware, in computer hardware, including the structures disclosed in this specification and their structural equivalents, or in combinations of one or more of them. Implementations of the subject matter described in this specification can be implemented as one or more computer programs, e.g., one or more modules of computer program instructions, encoded on a computer program carrier, for execution by, or to control the operation of, data processing apparatus. The carrier may be a tangible non-transitory computer storage medium. Alternatively, or in addition, the carrier may be an artificially generated propagated signal, e.g., a machine-generated electrical, optical, or electromagnetic signal that is generated to encode information for transmission to suitable receiver apparatus for execution by a data processing apparatus. The computer storage medium can be or be part of a machine-readable storage device, a machine-readable storage substrate, a random or serial access memory device, or a combination of one or more of them. A computer storage medium is not a propagated signal.
- The term “data processing apparatus” encompasses all kinds of apparatus, devices, and machines for processing data, including by way of example a programmable processor, a computer, or multiple processors or computers. Data processing apparatus can include special-purpose logic circuitry, e.g., an FPGA (field programmable gate array), an ASIC (application specific integrated circuit), or a GPU (graphics processing unit). The apparatus can also include, in addition to hardware, code that creates an execution environment for computer programs, e.g., code that constitutes processor firmware, a protocol stack, a database management system, an operating system, or a combination of one or more of them.
- A computer program, which may also be referred to or described as a program, software, a software application, an app, a module, a software module, an engine, a script, or code, can be written in any form of programming language, including compiled or interpreted languages, or declarative or procedural languages; and it can be deployed in any form, including as a stand alone program or as a module, component, engine, subroutine, or other unit suitable for executing in a computing environment, which environment may include one or more computers interconnected by a data communication network in one or more locations.
- A computer program may, but need not, correspond to a file in a file system. A computer program can be stored in a portion of a file that holds other programs or data, e.g., one or more scripts stored in a markup language document, in a single file dedicated to the program in question, or in multiple coordinated files, e.g., files that store one or more modules, sub programs, or portions of code.
- The processes and logic flows described in this specification can be performed by one or more computers executing one or more computer programs to perform operations by operating on input data and generating output. The processes and logic flows can also be performed by special-purpose logic circuitry, e.g., an FPGA, an ASIC, or a GPU, or by a combination of special-purpose logic circuitry and one or more programmed computers.
- Computers suitable for the execution of a computer program can be based on general or special-purpose microprocessors or both, or any other kind of central processing unit. Generally, a central processing unit will receive instructions and data from a read only memory or a random access memory or both. Elements of a computer can include a central processing unit for executing instructions and one or more memory devices for storing instructions and data. The central processing unit and the memory can be supplemented by, or incorporated in, special-purpose logic circuitry.
- Generally, a computer will be coupled to at least one non-transitory computer-readable storage medium (also referred to as a computer-readable memory). The storage medium coupled to the computer can be an internal component of the computer (e.g., an integrated hard drive) or an external component (e.g., universal serial bus (USB) hard drive or a storage system accessed over a network). Examples of storage media can include, for example, magnetic, magneto optical, or optical disks, solid state drives, network storage resources such as cloud storage systems, or other types of storage media. However, a computer need not have such devices. Moreover, a computer can be embedded in another device, e.g., a mobile telephone, a personal digital assistant (PDA), a mobile audio or video player, a game console, a Global Positioning System (GPS) receiver, or a portable storage device, e.g., a universal serial bus (USB) flash drive, to name just a few.
- To provide for interaction with a user, implementations of the subject matter described in this specification can be implemented on, or configured to communicate with, a computer having a display device, e.g., a LCD (liquid crystal display) monitor, for displaying information to the user, and an input device by which the user can provide input to the computer, e.g., a keyboard and a pointing device, e.g., a mouse, a trackball or touchpad. Other kinds of devices can be used to provide for interaction with a user as well; for example, feedback provided to the user can be any form of sensory feedback, e.g., visual feedback, auditory feedback, or tactile feedback; and input from the user can be received in any form, including acoustic, speech, or tactile input. In addition, a computer can interact with a user by sending documents to and receiving documents from a device that is used by the user; for example, by sending web pages to a web browser on a user's device in response to requests received from the web browser, or by interacting with an app running on a user device, e.g., a smartphone or electronic tablet. Also, a computer can interact with a user by sending text messages or other forms of message to a personal device, e.g., a smartphone that is running a messaging application, and receiving responsive messages from the user in return.
- This specification uses the term “configured to” in connection with systems, apparatus, and computer program components. For a system of one or more computers to be configured to perform particular operations or actions means that the system has installed on it software, firmware, hardware, or a combination of them that in operation cause the system to perform the operations or actions. For one or more computer programs to be configured to perform particular operations or actions means that the one or more programs include instructions that, when executed by data processing apparatus, cause the apparatus to perform the operations or actions. For special-purpose logic circuitry to be configured to perform particular operations or actions means that the circuitry has electronic logic that performs the operations or actions.
- While this specification contains many specific implementation details, these should not be construed as limitations on the scope of what is being claimed, which is defined by the claims themselves, but rather as descriptions of features that may be specific to particular implementations. Certain features that are described in this specification in the context of separate implementations can also be realized in combination in a single implementation. Conversely, various features that are described in the context of a single implementations can also be realized in multiple implementations separately or in any suitable subcombination. Moreover, although features may be described above as acting in certain combinations and even initially be claimed as such, one or more features from a claimed combination can in some cases be excised from the combination, and the claim may be directed to a subcombination or variation of a subcombination.
- Similarly, while operations are depicted in the drawings and recited in the claims in a particular order, this should not be understood as requiring that such operations be performed in the particular order shown or in sequential order, or that all illustrated operations be performed, to achieve desirable results. In certain circumstances, multitasking and parallel processing may be advantageous. Moreover, the separation of various system modules and components in the implementations described above should not be understood as requiring such separation in all implementations, and it should be understood that the described program components and systems can generally be integrated together in a single software product or packaged into multiple software products.
- Particular implementations of the subject matter have been described. Other implementations are within the scope of the following claims. For example, the actions recited in the claims can be performed in a different order and still achieve desirable results. As one example, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some cases, multitasking and parallel processing may be advantageous.
Claims (20)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US16/780,334 US10691835B1 (en) | 2018-12-21 | 2020-02-03 | Verifying integrity of data stored in a consortium blockchain using a public sidechain |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2018/122559 WO2019072301A2 (en) | 2018-12-21 | 2018-12-21 | Verifying integrity of data stored in a consortium blockchain using a public sidechain |
US16/421,357 US10552641B2 (en) | 2018-12-21 | 2019-05-23 | Verifying integrity of data stored in a consortium blockchain using a public sidechain |
US16/780,334 US10691835B1 (en) | 2018-12-21 | 2020-02-03 | Verifying integrity of data stored in a consortium blockchain using a public sidechain |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/421,357 Continuation US10552641B2 (en) | 2018-12-21 | 2019-05-23 | Verifying integrity of data stored in a consortium blockchain using a public sidechain |
Publications (2)
Publication Number | Publication Date |
---|---|
US20200175207A1 true US20200175207A1 (en) | 2020-06-04 |
US10691835B1 US10691835B1 (en) | 2020-06-23 |
Family
ID=66100041
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/421,357 Active US10552641B2 (en) | 2018-12-21 | 2019-05-23 | Verifying integrity of data stored in a consortium blockchain using a public sidechain |
US16/780,334 Active US10691835B1 (en) | 2018-12-21 | 2020-02-03 | Verifying integrity of data stored in a consortium blockchain using a public sidechain |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/421,357 Active US10552641B2 (en) | 2018-12-21 | 2019-05-23 | Verifying integrity of data stored in a consortium blockchain using a public sidechain |
Country Status (11)
Country | Link |
---|---|
US (2) | US10552641B2 (en) |
EP (2) | EP3571825B1 (en) |
JP (1) | JP6690066B2 (en) |
KR (1) | KR102153845B1 (en) |
CN (1) | CN111566649B (en) |
ES (1) | ES2870657T3 (en) |
PH (1) | PH12019501741A1 (en) |
PL (1) | PL3571825T3 (en) |
SG (1) | SG11201906830XA (en) |
TW (1) | TWI714179B (en) |
WO (1) | WO2019072301A2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TWI752562B (en) * | 2020-07-22 | 2022-01-11 | 重量科技股份有限公司 | Blockchain data standardization equipment and its operating system |
Families Citing this family (36)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108694189B (en) * | 2017-04-07 | 2022-01-21 | 微软技术许可有限责任公司 | Management of commonly owned database systems |
US10963542B2 (en) * | 2019-05-13 | 2021-03-30 | Advanced New Technologies Co., Ltd. | Blockchain-based image processing method and apparatus |
CN111066019B (en) * | 2019-05-15 | 2023-05-16 | 创新先进技术有限公司 | Processing data elements stored in a blockchain network |
CN110300167B (en) * | 2019-06-28 | 2020-07-31 | 京东数字科技控股有限公司 | Service information processing method and device based on block chain and readable storage medium |
CN110474884B (en) * | 2019-07-24 | 2024-04-23 | 北京百度网讯科技有限公司 | Ethernet network system, communication method, communication equipment and computer readable storage medium |
WO2021017008A1 (en) * | 2019-08-01 | 2021-02-04 | Advanced New Technologies Co., Ltd. | Shared blockchain data storage based on error correction code |
CN110457926A (en) * | 2019-08-13 | 2019-11-15 | 重庆邮电大学 | It is a kind of industry Internet of Things in based on data encryption storage data sharing method |
EP3779755B1 (en) * | 2019-08-14 | 2023-09-13 | Fujitsu Limited | A computer-implemented method for cross-chain-interoperability |
CN110602096B (en) | 2019-09-12 | 2021-07-13 | 腾讯科技(深圳)有限公司 | Data processing method, device, storage medium and equipment in block chain network |
JP7322621B2 (en) * | 2019-09-17 | 2023-08-08 | 富士通株式会社 | Transaction recording device, transaction recording method, and transaction recording program |
US20210099312A1 (en) * | 2019-09-27 | 2021-04-01 | Cypherium Blockchain Inc. | Systems and methods for selecting and utilizing a committee of validator nodes in a distributed system |
US11196570B2 (en) * | 2019-10-07 | 2021-12-07 | Accenture Global Solutions Limited | Cryptologic blockchain interoperability membership system |
US11593316B2 (en) * | 2019-10-16 | 2023-02-28 | International Business Machines Corporation | Database snapshot for managing state synchronization |
JP7384044B2 (en) * | 2020-01-16 | 2023-11-21 | 富士通株式会社 | Verification method, verification device and verification program |
SG11202012921XA (en) | 2020-02-14 | 2021-01-28 | Alipay Hangzhou Inf Tech Co Ltd | Data authorization based on decentralized identifiers |
CN111327623A (en) * | 2020-02-28 | 2020-06-23 | 上海哈世科技有限公司 | Alliance link information transmission method, device, equipment and storage medium |
CN111339116A (en) * | 2020-02-29 | 2020-06-26 | 中央财经大学 | Block chain-based method for sharing open bank data |
CN111404962B (en) * | 2020-03-26 | 2022-06-24 | 杭州复杂美科技有限公司 | Federation link point data transmission method, equipment and storage medium |
CN111464310B (en) * | 2020-03-30 | 2023-06-13 | 烟台海颐软件股份有限公司 | Method for realizing mixed chain of alliance chain and Polkadat chain |
CN111460400B (en) * | 2020-03-31 | 2024-06-18 | 腾讯科技(深圳)有限公司 | Data processing method, device and computer readable storage medium |
CN111639122B (en) * | 2020-04-08 | 2023-04-18 | 广东中科智能区块链技术有限公司 | Public chain fused alliance chain excitation scheme and device |
CN111565185B (en) * | 2020-04-29 | 2023-05-12 | 陈议尊 | Information abstract supply and demand transaction method and system based on time division multiplexing |
CN111614739B (en) * | 2020-05-08 | 2023-06-23 | 中国信息通信研究院 | Network measurement data storage method, device and system |
CN111756545A (en) * | 2020-05-29 | 2020-10-09 | 中山大学深圳研究院 | Contract authentication method based on block chain digital signature technology |
CN111968000B (en) * | 2020-07-09 | 2022-03-08 | 南京邮电大学 | Intelligent agricultural data monitoring and automatic control method based on double-chain mechanism |
CN112035894A (en) * | 2020-07-20 | 2020-12-04 | 江苏傲为控股有限公司 | Electronic evidence trusteeship system |
CN111917748B (en) * | 2020-07-22 | 2022-10-11 | 上海飞博激光科技股份有限公司 | Intelligent laser remote control system and method based on IPFS + alliance chain |
CN111881486B (en) * | 2020-07-23 | 2024-06-14 | 中国工商银行股份有限公司 | Multi-party data backup method, device and system based on block chain |
CN112783973A (en) * | 2020-12-31 | 2021-05-11 | 中国人民银行数字货币研究所 | Method for determining data integrity, related device and data integrity protection system |
CN113037753B (en) * | 2021-03-09 | 2022-02-01 | 电子科技大学 | Encrypted data sharing method with privacy protection based on block chain |
CN113141271B (en) * | 2021-04-20 | 2022-09-20 | 国网上海市电力公司 | Transformer substation equipment configuration file version management method based on alliance chain |
CN113360458B (en) * | 2021-06-05 | 2023-05-26 | 湖南大学 | Distributed file storage sharing system based on alliance chain |
CN113761578A (en) * | 2021-09-10 | 2021-12-07 | 马治国 | Document true checking method based on block chain |
IT202200011387A1 (en) * | 2022-05-30 | 2023-11-30 | Traent S R L | Single story public verification consisting of private records |
IT202200011378A1 (en) * | 2022-05-30 | 2023-11-30 | Traent S R L | Verification of acceptance of data shared between a plurality of nodes |
WO2023250073A1 (en) * | 2022-06-22 | 2023-12-28 | Visa International Service Association | System, method, and computer program product for preventing miner extractable value (mev) attacks in a blockchain network |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160292672A1 (en) * | 2015-03-31 | 2016-10-06 | Nasdaq, Inc. | Systems and methods of blockchain transaction recordation |
US20170011460A1 (en) * | 2015-07-09 | 2017-01-12 | Ouisa, LLC | Systems and methods for trading, clearing and settling securities transactions using blockchain technology |
US20170177855A1 (en) * | 2015-12-22 | 2017-06-22 | Thomson Reuters Global Resources | Methods and systems for identity creation, verification and management |
Family Cites Families (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2011188029A (en) * | 2010-03-04 | 2011-09-22 | Fujitsu Ltd | Digital signature device, digital signature method, and computer program |
WO2015106285A1 (en) * | 2014-01-13 | 2015-07-16 | Yago Yaron Edan | Verification method |
KR101735708B1 (en) * | 2016-02-02 | 2017-05-15 | 주식회사 코인플러그 | Method and server for providing notary service with respect to file and verifying the recorded file by using the notary service |
JP6648555B2 (en) * | 2016-02-29 | 2020-02-14 | 富士ゼロックス株式会社 | Information processing device and program |
EP3439231A4 (en) * | 2016-03-31 | 2019-11-13 | Bitflyer, Inc. | Private node, processing method for private node, and program for same |
US10713731B2 (en) * | 2016-07-22 | 2020-07-14 | Nec Corporation | Method for secure ledger distribution and computer system using secure distributed ledger technology |
KR101841566B1 (en) | 2016-10-11 | 2018-05-04 | 주식회사 코인플러그 | Method for issuing, using, refunding, settling and revocating electric voucher using updated status of balance database by respective blocks in blockchain, and server using the same |
US10361853B2 (en) * | 2016-10-12 | 2019-07-23 | Bank Of America Corporation | Automated data authentication and service authorization via cryptographic keys in a private blockchain |
KR101837166B1 (en) * | 2016-10-26 | 2018-03-09 | 주식회사 코인플러그 | Method for issuing and paying money using updated status of balance database by respective blocks in blockchain, and server using the same |
US10554746B2 (en) * | 2016-11-14 | 2020-02-04 | International Business Machines Corporation | Decentralized immutable storage blockchain configuration |
US10447480B2 (en) * | 2016-12-30 | 2019-10-15 | Guardtime Sa | Event verification receipt system and methods |
CN111724150B (en) * | 2017-03-28 | 2023-11-24 | 创新先进技术有限公司 | Service request processing method and device |
US10581621B2 (en) * | 2017-05-18 | 2020-03-03 | International Business Machines Corporation | Enhanced chaincode analytics provenance in a blockchain |
US10663303B2 (en) * | 2017-06-12 | 2020-05-26 | Panasonic Intellectual Property Management Co., Ltd. | System and method for dynamically authenticating map data using blockchains |
CN107292621B (en) * | 2017-06-22 | 2020-10-27 | 丁江 | Method and node for determining authority and storing certificate of mass data |
CN107342867B (en) * | 2017-07-07 | 2020-10-09 | 深圳和信安达科技有限公司 | Signature verification method and device |
US10810683B2 (en) * | 2017-11-21 | 2020-10-20 | General Electric Company | Hierarchical meta-ledger transaction recording |
CN108092982B (en) * | 2017-12-22 | 2020-10-23 | 广东工业大学 | Data storage method and system based on alliance chain |
US11210369B2 (en) * | 2018-01-19 | 2021-12-28 | Nasdaq, Inc. | Systems and methods of digital content certification and verification using cryptography and blockchain |
CN108924130B (en) * | 2018-07-02 | 2021-05-07 | 上海达家迎信息科技有限公司 | Block data verification method, device, equipment and storage medium |
-
2018
- 2018-12-21 PL PL18866464T patent/PL3571825T3/en unknown
- 2018-12-21 JP JP2019540397A patent/JP6690066B2/en active Active
- 2018-12-21 ES ES18866464T patent/ES2870657T3/en active Active
- 2018-12-21 KR KR1020197022198A patent/KR102153845B1/en active IP Right Grant
- 2018-12-21 SG SG11201906830XA patent/SG11201906830XA/en unknown
- 2018-12-21 EP EP18866464.3A patent/EP3571825B1/en active Active
- 2018-12-21 CN CN201880004802.6A patent/CN111566649B/en active Active
- 2018-12-21 WO PCT/CN2018/122559 patent/WO2019072301A2/en unknown
- 2018-12-21 EP EP21161622.2A patent/EP3849133B1/en active Active
-
2019
- 2019-05-23 US US16/421,357 patent/US10552641B2/en active Active
- 2019-07-22 TW TW108125801A patent/TWI714179B/en active
- 2019-07-26 PH PH12019501741A patent/PH12019501741A1/en unknown
-
2020
- 2020-02-03 US US16/780,334 patent/US10691835B1/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160292672A1 (en) * | 2015-03-31 | 2016-10-06 | Nasdaq, Inc. | Systems and methods of blockchain transaction recordation |
US20170011460A1 (en) * | 2015-07-09 | 2017-01-12 | Ouisa, LLC | Systems and methods for trading, clearing and settling securities transactions using blockchain technology |
US20170177855A1 (en) * | 2015-12-22 | 2017-06-22 | Thomson Reuters Global Resources | Methods and systems for identity creation, verification and management |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TWI752562B (en) * | 2020-07-22 | 2022-01-11 | 重量科技股份有限公司 | Blockchain data standardization equipment and its operating system |
Also Published As
Publication number | Publication date |
---|---|
JP2020511809A (en) | 2020-04-16 |
PH12019501741A1 (en) | 2020-06-01 |
EP3571825A2 (en) | 2019-11-27 |
WO2019072301A2 (en) | 2019-04-18 |
US10552641B2 (en) | 2020-02-04 |
TW202025664A (en) | 2020-07-01 |
PL3571825T3 (en) | 2021-08-16 |
SG11201906830XA (en) | 2019-08-27 |
EP3849133B1 (en) | 2022-07-13 |
CN111566649A (en) | 2020-08-21 |
CN111566649B (en) | 2023-06-27 |
KR20200079218A (en) | 2020-07-02 |
EP3571825B1 (en) | 2021-03-10 |
ES2870657T3 (en) | 2021-10-27 |
US20190278944A1 (en) | 2019-09-12 |
TWI714179B (en) | 2020-12-21 |
EP3849133A1 (en) | 2021-07-14 |
WO2019072301A3 (en) | 2019-10-31 |
KR102153845B1 (en) | 2020-09-09 |
US10691835B1 (en) | 2020-06-23 |
EP3571825A4 (en) | 2020-01-01 |
JP6690066B2 (en) | 2020-04-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10691835B1 (en) | Verifying integrity of data stored in a consortium blockchain using a public sidechain | |
EP3563329B1 (en) | Off-chain smart contract service based on trusted execution environment | |
US11132676B2 (en) | Parallel execution of transactions in a blockchain network | |
US10911461B2 (en) | Parallel execution of transactions in a blockchain network based on smart contract whitelists | |
US11354656B2 (en) | Smart contract whitelists | |
US10917249B2 (en) | Processing data elements stored in blockchain networks | |
JP6921266B2 (en) | Verifying the integrity of the data stored on the consortium blockchain using the public sidechain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FEPP | Fee payment procedure |
Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
AS | Assignment |
Owner name: ADVANTAGEOUS NEW TECHNOLOGIES CO., LTD., CAYMAN ISLANDS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:ALIBABA GROUP HOLDING LIMITED;REEL/FRAME:053743/0464 Effective date: 20200826 |
|
AS | Assignment |
Owner name: ADVANCED NEW TECHNOLOGIES CO., LTD., CAYMAN ISLANDS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:ADVANTAGEOUS NEW TECHNOLOGIES CO., LTD.;REEL/FRAME:053754/0625 Effective date: 20200910 |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 4 |