Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present inventionIn attached drawing, the technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment isA part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the artEvery other embodiment obtained without creative efforts, shall fall within the protection scope of the present invention.
The embodiment of the present invention provides the work data processing method in a kind of block chain, and Fig. 1 is the flow chart of this method, such asShown in Fig. 1, this method comprises:
Step 101, multiple concurrent job data from different user are received, the multiple concurrent job data are distinguishedIt is verified, each work data includes intelligent contract;
Step 102, in response to being proved to be successful, to work data progress Hash operation generation cryptographic Hash is had verified that, will haveIdentical cryptographic Hash has verified that work data is sent to same packing node;
Step 103, work data generating portion block is had verified that according to the same node that is packaged, to the Partial Block intoRow verifying, the Partial Block includes: block body and Partial Block head, and the block body has recorded the same packing nodeWork data is verified, the Partial Block head records the cryptographic Hash for having verified that work data in the block body;
Step 104, in response to being proved to be successful, the Partial Block being proved to be successful is generated into complete section according to block data structuresBlock, the intact block include: the block body, the Partial Block head and another part block head, described another partBlock head includes: the cryptographic Hash of the previous block of the intact block;
Step 105, corresponding operation is executed according to the work data in the intact block.
Hash operation is carried out by the concurrent job data being proved to be successful that will be received, according to identical cryptographic HashWork data shifts to an earlier date generating portion block, and when being further proved to be successful to Partial Block, generates intact block, and execute phaseOperation is answered, by shifting to an earlier date generating portion block, can solve current block chain lower problem of efficiency when constructing block, thusThe execution performance and efficiency of block catenary system can be improved.
Embodiment for a better understanding of the present invention describes the embodiment of the present invention below based on banking system.
In a step 101, to the multiple concurrent job data (being referred to as transaction data or business datum) pointNot carrying out verifying includes: to carry out simulation test to the intelligent contract in each work data;In response to simulation test result be atFunction, then the intelligent contract in the work data is set up.
In actual operation, the data structure of work data is as shown in Fig. 2, work data includes: intelligence and about 21 and labelWord list 22.
Intelligence and about 21 can be the script for executing specific operation (or transaction), for example, in banking system application, be intoThe script of row accounting processing can specifically include user account and the transaction to be executed (below for opening an account, transfer accounts).
(1) account (acc): client (people or mechanism) can first generate a pair of of private key and public key pair on trusted platform(iKey, pKey), pKey correspond to account, and iKey corresponds to password (being taken care of by client oneself).Since pKey is binary code,It is difficult to and writes, usually pKey is first compressed and is then converted to Base58 coding, the account after conversion is denoted as acc.The processBe it is unidirectional, i.e., acc is easily calculated by pKey, but can not calculate in turn, thus need acc a to pKey contrast mechanisms.Open an account trade script need client provide information: (Open, my_acc, pKey, type, info, Bank_acc), wherein typeThe client that the account is bank itself or bank is identified, info includes customer information (e.g., identification card number, connection cell-phone numberDeng), Bank_acc indicates to open a bank account at which;After auditing to the transaction, account chain just has record: (my_Acc, pKey, type, info, Bank_acc).After executing the transaction, just there is a record in account system: (acc,Amnt=0 ...), wherein amnt=0 indicates that remaining sum is 0.
(2) transfer accounts (Transfer) transaction: client may only provide (Transfer, A_acc, B_acc, amnt), indicateAccount B is given from the A account amnt that transfers accounts, and referred to as transaction application is translated into script are as follows: (Transfer, A_acc ,-amnt;B_acc ,+amnt ...), that is, the remaining sum of A_acc will reduce amnt, and the remaining sum of B_acc will add amnt.
Two transaction (open an account and transfer accounts) above-mentioned can be expressed as following form:
(Open, Bank_acc, -0;My_acc ,+0 ...)
(Deposit, Bank_acc ,-amnt;My_acc ,+amnt ...)
Signature list 22: unsymmetrical key system technology is used, private key signature is usually used, other people are with its public key verifications labelName, signature have the function of anti-tamper and anti-repudiation.
The account for setting client 1 (people or mechanism) corresponds to a pair of of private key and public key to (iKey1, pKey1), signature algorithmIt is then sign1=f (message, iKey1), then band with private key signature to transaction data block for f, transaction data messageUpper signer (to know whom is, and is verified by verifier), then the signature can be expressed as (pKey1, sign1).One friendshipIt easily can be by more idiographs., for example, a deposit transaction has the signature of customer signature (pKey1, sign1), receiving teller(pKey2, sign2) and bank's auditor are signed (pKey3, sign3), and here it is a signature lists.
In embodiments of the present invention, transaction data structure are as follows: [intelligent contract;Signature list], therefore, above-mentioned transaction can tableIt is shown as:
[(Deposit, Bank_acc ,-amnt;My_acc ,+amnt ...);
(pKey1, sign1),
(pKey2, sign2),
(pKey3, sign3)
]
In actual operation, transaction format can be by (intelligent contract) template definition of trading.In signature (pKey, sign)PKey is not necessarily provided by client, and client need to only provide corresponding account, and inquiring " account chain " when being traded by system assembles can be withObtain corresponding pKey.When application is submitted in transaction, the signature of related side can be constantly added, these signatures have: transaction applicationPerson, trade confirmation person (may be multiple), transaction simulation node etc., the trade fair for being unsatisfactory for requiring is dropped.
When transaction data application is completed, that is, when being proved to be successful, can be lined up to multiple transaction data that are proved to be successfulOperation executes step 102 later.
In a step 102, work data, which carries out Hash, to be had verified that the same packing node with Mei Keer tree constructionThe Partial Block head is arranged according to Hash operation result for operation.
In one embodiment, according to having verified that work data and its cryptographic Hash establish database, wherein this has verified thatWork data is dropped after the predetermined time.In this way, operation (transaction) can be prevented to be repeated submission.
In step 103, carrying out verifying to the Partial Block includes: to have verified that operation number in the Partial BlockIt is verified according to corresponding user identity and corresponding operation enforceability.By the verifying, further operation can be carried outAudit, further increases the execution efficiency of block catenary system.
In actual operation, the block in the predetermined position in block chain can be set to century block Cn, century block C1With first block C of the block chain0Between between be divided into X block, between twoth century block between be divided into X block, n isPositive integer more than or equal to 1, X are the positive integer greater than 1.
When a block is century block CnWhen, it can be according to block C0With Cn-1Between onblock executing operation generate makeIndustry state snapshot;In this way, century block CnAnother part block head further include finger for being directed toward the job state snapshotNeedle.It can trace to obtain operation detail (transaction details) by job state snapshot.
In one embodiment, job state snapshot can be generated with Mei Keer tree construction.
By the job state snapshot, work data and corresponding operation can also be backed up, recovery operation.
The embodiment of the present invention also provides the work data processing unit in a kind of block chain, it is preferable that the device is for realExisting above-mentioned method.Fig. 3 is the structural block diagram of the device, as shown in figure 3, the device includes: work data receiving unit 31, makeesIt is industry data verification units 32, work data transmission unit 33, Partial Block generation unit 34, Partial Block authentication unit 35, completeMain plot block generation unit 36 and job execution unit 37, in which:
Work data receiving unit 31, for receiving multiple concurrent job data from different user, each operation numberAccording to including intelligent contract;
Work data authentication unit 32, for being verified respectively to the multiple concurrent job data;
Work data transmission unit 33, in response to being proved to be successful, to having verified that it is raw that work data carries out Hash operationAt cryptographic Hash, by having verified that with identical cryptographic Hash, work data is sent to same packing node;
Partial Block generation unit 34, for having verified that work data generating portion block according to same packing node,The Partial Block includes: block body and Partial Block head, the block body record it is described it is same be packaged node have verified that workIndustry data, the Partial Block head record the cryptographic Hash for having verified that work data in the block body;
Partial Block authentication unit 35 is specifically used for for verifying to the Partial Block to the Partial BlockIn have verified that the corresponding user identity of work data and corresponding operation enforceability are verified.
Intact block generation unit 36, the portion for being proved to be successful according to block data structures in response to being proved to be successfulBlockette generates intact block, and the intact block includes: the block body, the Partial Block head and another part areaBuild, another part block head include: the cryptographic Hash of the previous block of the intact block;
Job execution unit 37, it is corresponding for being executed according to the intelligent contract of each work data in the intact blockOperation.
After the concurrent job data for being proved to be successful of receiving are carried out Hash operation by work data transmission unit 33,Same node is sent by the work data with identical cryptographic Hash, Partial Block generation unit 34 is according to same node laterWork data shifts to an earlier date generating portion block, and when Partial Block authentication unit 35 is further proved to be successful Partial Block, completeMain plot block generation unit 36 generates intact block, and job execution unit 37 executes corresponding operation, passes through Partial Block generation unit34 shift to an earlier date generating portion block, can solve current block chain lower problem of efficiency when constructing block, so as to improveThe execution performance and efficiency of block catenary system.
Above-mentioned work data authentication unit includes: simulation testing module (not shown), for each work dataIn intelligent contract carry out simulation test, in response to simulation test result be successfully, then the intelligent contract in the work data atIt is vertical.
As shown in figure 4, above-mentioned Partial Block generation unit 34 includes: Hash operation module 341 and the setting of Partial Block headModule 342, in which:
Hash operation module 341, for having verified that work data to the same packing node with Mei Keer tree constructionCarry out Hash operation;
Partial Block head setup module 342, for the Partial Block head to be arranged according to Hash operation result.
As shown in figure 5, above-mentioned apparatus further include: Database unit 38, century block setting unit 39, job stateSnapshot generation unit 40 and backup units 41, in which:
Database unit 38, for according to work data authentication unit 32 have verified that successful work data and itsCryptographic Hash establishes database, wherein this has verified that work data is dropped after the predetermined time.In this way, operation can be prevented(transaction) is repeated submission.
Century block setting unit 39, for setting century block C for the block in the predetermined position in block chainn, generationDiscipline block C1With first block C of the block chain0Between between be divided into X block, between twoth century block between be divided into XBlock, n are the positive integer more than or equal to 1, and X is the positive integer greater than 1.
Job state snapshot generation unit 40, for according to block C0With Cn-1Between onblock executing operation generate makeIndustry state snapshot;When a block is century block, another part block head for being generated in intact block generation unit 36It further include the pointer for being directed toward the job state snapshot.Preferably, job state snapshot generation unit 39 can be with plum gramYour tree construction generates job state snapshot.
Backup units 41, for being backed up according to the job state snapshot to work data and corresponding operation, extensiveMultiple operation.
In actual operation, it single can be arranged or unify setting between above-mentioned each unit, each module, the present inventionIt is without being limited thereto.
Above-mentioned each unit, the specific of each module execute operation, may refer to the description in above method embodiment, herein notIt repeats again.
Embodiment for a better understanding of the present invention is based on block chain building bank core below by taking banking system as an exampleSystem framework.Fig. 6 is the exemplary diagram of the core banking system according to an embodiment of the present invention based on block chain, as shown in fig. 6, shouldCore banking system based on block chain includes: preposition pretreatment unit, access permission control device and accounting processing device, in which:
Preposition pretreatment unit: the validity of block chain processing transaction can be improved in the device, accelerates core banking systemTreatment effeciency.Transaction of the device to needing into accounting processing alliance chain, first carries out the verifying of legitimacy and validity, picksExcept illegal transaction, the success rate of accounting processing alliance chain is improved.At the same time, the transaction passed through for verification, utilizes queue machineSystem, is ranked up the transaction for the system that is submitted to, so that primary common recognition process is handled more transactions, further speed up the place of systemManage speed.In submitting subnet, multiple transaction can be disposed and collect subnet 11, for receiving transaction.When number of transaction reaches certainAfter value, admission control alliance chain will be ranked up and then is submitted to.
Access permission control device: being located at audit alliance's chain, and access permission control device carries out the Transaction Information for submitting subnet to submitUniform auditing.For example, alliance's chain can establish blacklist (for user) and white list (for bank), which can be done to account and handed overEasily, it cannot do which transaction carries out admission control.It also will use common recognition algorithm in admission control layer and judge that client uses transactionPermission.If the account in transaction fails to trade by admission control and not can enter accounting processing layer.
Accounting processing device: being located at account alliance chain, belongs to the core function of banking system, realizes account management, andAssets transfer between different accounts.The account alliance chain can be made of alliance's chain 16, in chain an account blockHave recorded the business of one group of (being also possible to multiple groups) assets transfer.For the efficiency for improving accounting processing, accounting processing layer can be introducedCentury block and stateful transaction snapshot.By century block and stateful transaction snapshot, system user can trace to obtain accountTransaction details and remaining sum.
The frame system takes full advantage of the advantages of block chain to carry out the processing of bank core account, while passing through centuryThe methods of block, audit node, improve the efficiency of accounting processing.The standard of core transaction is also realized using block chain in addition to thisEnter control, further increases the accuracy of core accounting processing.
Preposition pretreatment unit, access permission control device and accounting processing device are described in detail individually below.
(1) preposition pretreatment unit
Fig. 7 is the cellular logic schematic diagram of preposition pretreatment unit, as shown in fig. 7, preposition pretreatment unit includes: multipleSubnet 11 is submitted in transaction, for submitting transaction data;And including multiple distribution centres 12 for being packaged node 126, it is used for generating unitBlockette.
It is multiple that the transaction of the embodiment of the present invention submits sub-network that can have.Fig. 8 is that transaction submits the structure of sub-network 11 to showExample diagram, as shown in figure 8, transaction data (for example, intelligent contract) in the sub-network, realize transaction application, confirmation, simulation (that is,Whether true test intelligent contract), the procedure links such as audit, to confirm that the transaction is reasonable, then submitted to transaction " distribution centre "The transaction.The transaction data (Tx) in " distribution centre " is reached containing the signature of each associated nodes of confirmation link, has been got anti-tamperWith the effect of anti-repudiation.
Fig. 9 is the topology example figure in distribution centre 12, as shown in figure 9, passing through first when transaction 121 is submitted to " distribution centre "Transaction line-up device 122 is crossed, is reached using the soft load balancing of route processing and is packaged node 123.Pass through in " distribution centre "Mode can promote the ability of reply transaction high concurrent.In being packaged node 123, generating portion block (or for block half atProduct), it can solve the formation efficiency bottleneck of block chain by parallel generation block semi-finished product.
As shown in figure 9, " distribution centre " includes: transaction line-up device 122, is packaged node 123 and anti-heavy inspection module 124,Wherein:
Transaction line-up device 122, receives the transaction generated parallel, is converted into a serial stream.Similar to MQ (MessageQueue, message queue) middleware.
It is packaged node 123, including is packaged processing module, the serial stream of transaction is generated into " a block semi-finished product " 125, it shouldBlock semi-finished product are the bold portion of data structure, the H (TxS) including block body (transaction data group TxS) and block head, H(TxS) cryptographic Hash for being TxS, is directed toward trading group TxS, and when TxS carrys out tissue with Mei Keer tree, H (TxS) is its root (root).The embodiment of the present invention passes through to construct can be partially separated out parallel in block, formed " block semi-finished product ", mentioned with thisThe formation efficiency of high block chain.
Anti- heavy inspection module 124, is called by packing processing module, and transaction is prevented to be repeated submission.Specifically, establishingThe database of (key=H (Tx), value=Tx), database table meeting periodic cleaning, can be with establishing time window, when in TxTime stamp (timestamp) is more than that the window then abandons, and can prevent from repeating to submit transaction.
Under parallel environment, block chain is to handle conflict by transaction ordering strategy.Ordering strategy has two classes: (1)Transaction is directly linked preamble transaction (pointer mode), i.e., is directly directed toward preamble transaction (e.g., containing pointer in transaction (intelligent contract)Bit coin);(2) transaction indirect association preamble transaction (sortord), i.e., directly not specified preamble is handed in transaction (intelligent contract)Easily, the position by trading in block chain determines its context.The embodiment of the present invention is handed over using transaction indirect association preambleThe easily strategy of (sortord), transaction are ordered as two-stage: level-one is transaction between block, and block has sequencing in chain;TwoGrade is the sequence traded within a block.In the prior art, the sequence traded within a block is usually constructing the progress of block when, butBuilding block inherently fail to parallel progress, because it needs the hash value of previous block head.
From standpoint of efficiency, the business application system of high concurrent can be coped with one group of packing node (e.g., k), and withSoft load balancing makes concurrent transaction balancedly be sent to each packing node and e.g. uses diversification strategies: Tx being traded and is sentThe packing node for being hash (Tx) %k to ID number, guarantees that same packing node is sent in the transaction of identical hash value.
In preprocessing process, number of deals contained by block body can be set as a constant N, in addition, can also set oneTime window generates a block semi-finished product in time window when business low ebb, at this moment, if transaction number less than N, canWith certain sky transaction filling.
From reliability perspectives, each is packaged node and can execute and be packaged physically with one or more hot standby nodesThe identical work of node, only its block semi-finished product is not transmitted to block chain operation subnet, can be used for defeated to the working node of matchingBlock semi-finished product out are tested.
It is packaged the transaction that node receives and all contains signature, therefore transaction content cannot be distorted, transaction can not be increased newly, work as friendshipWhen objective failure easily occurs, trade fair is lost.Loss Rate is easy measured by hot standby node, in actual operation, can be setOne threshold values reaches threshold values and is considered as the node failures, and according to predetermined policy, the node can be replaced by hot standby node.
In the specific implementation process, transaction submits subnet to trade by route processing and circulates, and is packaged node to audit subnetBroadcast transaction, it is main to broadcast block semi-finished product.
(2) access permission control device
In embodiments of the present invention, the review operations of accounting processing in banking system business are deployed in admission control layer,The main composition of admission control layer is the one or more block chain for being known as audit chain, for auditing to bank transaction, togetherThe business of type requires that audit node 141 shown in Fig. 10 is waited to complete to audit and could execute.The admission control function is by portionIn audit node, it can be the agency of regulatory agency for administration, that is, contain a transaction auditing section in each audit sub-networkPoint, can multiple transaction submit sub-networks to submit block semi-finished product to the same transaction auditing node simultaneously, as shown in Figure 7.ThisA transaction auditing subnet can submit sub-network to provide the audit service of special deal for All Activity.
Here special deal includes the following two kinds:
One, account adjustment class transaction relates generally to open an account, the transaction such as cancellation and account information adjustment.When opening an account, auditWhether subnet need to audit the authenticity of client identity information, if in blacklist, opened an account;When information of adjusting accounts,It needs to verify client identity, it is ensured that client has enough permissions to be adjusted account information.
Two, assets transfer class is traded, and Capital Flow is closed in block catenary system, and e.g., bit coin is by block catenary systemFund (dig mine and send out coin process) itself is generated, then, which constantly circulates in block catenary system.In the embodiment of the present inventionIn, " deposit " cash transaction of bank is similar to block catenary system injection fund.The embodiment of the present invention is by " deposit " under chainCash transaction, which corresponds to, is stored in transaction on chain, e.g., 10000 yuan of client A deposit: (bank account, remaining sum -10000;Client's A accountFamily, remaining sum+10000), bank account balances are zero (when beginning) or negative, that is to say, that bank account is a kind of special accountFamily, it can be negative (loan value for being equivalent to it), in embodiments of the present invention, it is specified that remaining sum total value is zero to keep in systemPerseverance, therefore, system will audit the transaction, and whether previous account is bank account (having lending qualification).
Figure 10 is the audit sub-network structures schematic diagram of admission control layer, and as shown in Figure 10, which includes:
1, audit node 141: two parts of lists of transaction auditing node maintenance: portion is client's blacklist, for controlling clientIt opens an account;Portion is bank's white list, and the account balance in white list can (such as the loan origination account of bank be used for negativeRemaining sum is the amount of the loan that negative number representation has been provided), the deposit for auditing client is traded.
Transaction auditing node is usually provided by regulatory agency (Central Bank), and corresponding entries are submitted by business bank to Central Bank, and holdCapable transaction of opening an account, thus, the list (transaction auditing node) of the business bank is added in systems and increases the quotient in systemsAccount (in the billing and accounting system of block chain) of industry bank etc..
2, safeguard node 142: the network node is connected to transaction auditing subnet, by the maintenance node to above-mentioned two parts of namesSingly it is updated maintenance.For example, increase/deletion blacklist record, increase/deletion white list record.
3, transaction auditing module 1412: when receiving the transaction for submitting node from transaction, which trades and deposits to opening an accountEnter the account in transaction, audited by aforementioned rule, and submit node to return feedback msu message to transaction (containing signature).
4, common recognition algoritic module 143, is mainly responsible for:
(1) the block semi-finished product content in subnet is audited, i.e. submission subnet submits the transaction block semi-finished product to come.AuditBy block semi-finished product can further be submitted to account process layer, form final intact block finished product.If audit does not pass through,Then semi-finished product are dropped in audit subnet, cannot go successively to account process layer.
(2) account management class transaction access audit: 1. each node of transaction auditing subnet is involved in audit, with existing common recognitionAlgorithm is reached common understanding, and the account newly opened is recorded in account chain;2. respectively audit node all submits node to return feedback audit to transactionAs a result, submitting node to determine whether final review passes through according to ballot situation (do not receive feedback is considered as abstention) by transaction;③It knows together the information that algorithm can also be subsidiary according to account opening request, successful account will be opened and be added in white list or blacklist.
(3) assets transfer transaction access audit: each node of transaction auditing subnet is involved in audit, and each node of auditing is all to friendshipEasily node is submitted to return feedback auditing result, submits node to be determined most according to ballot situation (do not receive feedback is considered as abstention) by transactionWhether last instance core passes through.The information of audit may include the following contents:
Can a) client identity, audit client operate the account sent in transaction;
B) the transaction access of account checks account balance for example, needing to judge the amount of money of withdrawal in advance when withdrawing the moneyCan whether sufficient, if remaining sum is negative, whether account be white list, continue remaining sum etc. of overdrawing.
C) online checking can be interconnected by block chain and other outer mechanisms, do further verification to customer information.
(3) accounting processing device
The transaction passed through is audited by audit subnet, accounting processing layer will be entered, complete actual trading processing.At accountManaging layer is made of an account block chain, and the transaction block semi-finished product for submitting subnet to generate are changed into final complete sectionBlock completes transaction by common recognition algorithm.
Figure 11 is the structural schematic diagram of block chain according to an embodiment of the present invention, and as shown in figure 11, which includes:
(1) block chain 131: constituting block chain according to the prior art, contain multiple transaction (intelligent contract) in each block,These intelligent contracts are sorted according to pre-defined rule, each pointer of the block (except first block) containing its preamble block,The characteristics of chain for forming logic is known as block chain, and block chain constantly " is grown to the right ", this data structure, corresponds to traditional bank coreFeel concerned about " the on-line transaction log " of system.
(2) account status table 132: for key-value (key-value) database of store transaction implementing result.Correspond to" the account balance table " of traditional bank core system, reacts the current balance of customer account.That is, major key key is unique index keyValue, can be considered that the account ID (account) of client, value are considered as account balance and other states (i.e. value may be a class value),Intelligent contract is constantly run, to constantly update the record of (update) remaining sum.One block is by multiple friendships for having sequenced orderIt is easily formed, the change of account status is block grade, i.e., " will receive a block and change the block to the shadow of account statusRing " it is considered as an affairs.
(3) state snapshot 133: it is a kind of special joint as a part of block chain, reflects some particular moment accountInformation in the state table of family, " end day balance sheet " corresponding to traditional bank core system day terminal hour.Relative to traditional core silver" the end day balance sheet " of row system, account status snapshot has carried out anti-tamper processing, can verify particular moment account status tableCorrectness, Mei Keer tree is established by hash value, and tree root (root) is embedded into the block of this particular moment.
(4) state trajectory 134: aforementioned known, the change of account status is block grade, we record account with a kind of modeAbove-mentioned (key-value) is extended to (key, action, value) by the track of family state change, the meaning are as follows: account key is being heldRemaining sum becomes value after row action, and e.g., (Zhang San, a1,100), (Li Si, b1,100) executes intelligence and about a2=" Zhang SanIt is given to 80 yuan of Li Si ", as a result are as follows: (Zhang San, a2,20), (Li Si, a2,180).Actually it is not necessarily to deposit intelligent contract here,Because there being intelligent contract in block chain, only need to find it here, i.e. action is expressed as being directed toward the intelligence contractPointer (pointer is directed toward block+position of the intelligence contract in the block where the intelligence contract).It is shown in Figure 12Block structure, when TxS carrys out tissue with Mei Keer tree, the pointer for being directed toward block is actually the hash value of the block, intelligencePosition of the contract (transaction) in the block can also use the hash value positioning of transaction.Account status rail is generated according to block chainMark, it is shown in Figure 11, from the point of view of process, it is clear that 1. be 2. performed simultaneously, be 1. only with update (update) side2. formula is in a manner of insertion (insert).
With continued reference to block structure shown in Figure 12, in embodiments of the present invention, block can be divided into non-century block 1311With century block 1312.
As shown in figure 12, the data structure of block is divided into two parts: block head and block body, block body is by one group of transactionTxS (intelligent contract) composition, this group transaction is that order (e.g., structure of arrays or tree are defined by its storage configurationDeng), that is, the transaction in block is orderly.Block head is made of some tamper-proof mechanisms and other data.Anti-tamper machineSystem also provides search mechanism, and here it is the effects that hash value serves as fingerprint and pointer.Pointer in block head has, and: H (TxS) refers toTo trading group TxS (when TxS carrys out tissue with Mei Keer tree, H (TxS) is its root root, 1334 be illustrated in fig. 14 shown below);*PerBlock is directed toward previous block, and * Sate is directed toward account status snapshot (when century block) or is null pointer (when non-century block).Certainly, block head further includes other information, e.g., time time-stamp, position (Cn, k).
Figure 13 is that the schematic diagram of block chain Middle Ages block carries " the three of " special occasion " as shown in figure 13 in block chainIt is angular " block of (account status snapshot), we term it century blocks.
Block chain can be considered as the chain constantly grown to the right, the embodiment of the present invention with certain span (M block,Being somebody's turn to do " M " can be configured according to actual needs, and flexibility is high) carry out cutting from left to right as " century ", it may be assumed that with " Genesis "Block (first block) is denoted as C as starting0, count to the right, until the M+1 block, is defined as the firstth century block C1, thenWith C1It for starting point (being considered as first century block), counts to the right, until the M+1 block, is defined as the secondth century block C2, and withThis, which analogizes, generates century block sequence are as follows: C0, C1, C2, C3... ....First century is [C0,C1), the secondth century was [C1,C2), with thisAnalogize.C1, C2, C3... ..., it is exactly " special occasion " (century block).
Generally, the n-thth century in the embodiment of the present invention: mark [Cn-1,Cn), indicate C in block chainn-1To CnBetweenAll blocks (M), include the former Cn-1But the latter C is not includedn。
CnThe account status snapshot at place is defined as block chain operation (executing intelligent contract above) to CnPreceding account shapeState, and anti-tamper processing has been carried out, account status sections can obtain in two ways: (1) running from [C0, Cn) between instituteThere is intelligent contract;(2) using the account status snapshot of some block as starting point, all intelligence in all centuries are closed after operation in centuryAbout.In general, in a manner of (2) kind, and a nearest snapshot is taken to obtain, it may be assumed that with Cn-1Account status snapshot isPoint runs [Cn-1, Cn) between all intelligent contracts.
When it is a century that we, which define the chain that length is M, M is a constant as system, it is determined that onlineThe data volume for needing to save.The value of M can be estimated by service conditions, it is assumed that certain application plan carries out weekly primary" snapshot ", and data volume weekly about generates 10000 blocks, then M can be with value for 10000.
In embodiments of the present invention, century block is account status correctness synchronous point, between twoth century block, account statusIt may be attacked.In the case where probability under fire is certain, it is believed that network node is destroyed several and time correlation, to protectIt demonstrate,proves common recognition mechanism in the period between twoth century block not fail, under the network environment for having attack, it is necessary to assure M is less than common recognitionThe mechanism failure time.Of course, it is possible to the validity of attack be reduced or eliminated by the safety measure of network environment, to make altogetherKnow the extension of mechanism failure time.
Extreme special case is M=1, and at this moment, account status table, account status snapshot and account status track three can closeOne, i.e. only account status snapshot, and the content recorded is extended to (key, action, value) by (key-value).This canCope with severe network environment security context.Obviously, at this moment efficiency is extremely low, because needing a large amount of hash to calculate.
In actual operation, the hash value H=hash (A) of data block A has preferable " dispersion " property (that is, data block is notSame then hash value difference), the minor change of A enables to H to have a greater change.Therefore, H not only can be used as A fingerprint but also canUsing as A pointer (key-value pair<H, A>major key).Using this characteristic, it is fast that we can establish anti-tamper account statusAccording to steps are as follows (1)-(3):
(1) rectify card account status: the above account status snapshot starts, and the intelligence run in block chain hereafter is closedAbout, update account status table with data at this time (former account status table may be tampered).
(2) account status data is packaged
Simplest method is that account status data is broken into a packet A (e.g., account status to be exported simultaneously from databaseSequence), then, calculate H=hash (A), and H is embedded into century block, shown in Figure 12.
It is said from using angle, it may be to requirement (e.g., the account or difference of different regulatory requirements of some classification of account accThe client etc. in area), at this point, account status data will be packaged into N number of data packet: each data are surrounded by a number ID,Such as 1331 in Figure 14, the account status data in packet is sorted by account.As shown in figure 14, account status snapshot is constructedMei Keer tree: data packet successively calculates hash value, such as 1332,1333,1334, until generating a hash as leaf nodeValue, the referred to as tree root (root) of Mei Keer tree, root is embedded into century block (shown in Figure 12).
The Mei Keer tree is published to the whole network with century block together, receives verifying, reaches common understanding.The Mei Keer tree is as blockThe inalienable part of chain.Realize account status snapshot can not tamper: block chain can not be distorted --- > centuryThe leaf of block can not be distorted --- > root can not be distorted --- > Mei Keer tree can not be distorted.Meanwhile it also achieving in snapshotThe retrieval of account status: the leaf of tree is found according to the classification ID of account, then finds needs in the ordering data of leafData.
(3) account status snapshot is submitted to see 133 institutes in Figure 12 that is, by account status snapshot " insertion " into block chainShow.
It is that " snapshot " that frequency carries out can be considered as " schedule backup " of the block chain network overall situation with " century ", each network sectionPoint can also freely carry out oneself " irregularly backup ", e.g., at certain non-century block (e.g., century midpoints), do above-mentionedThe 1st, 2 steps, or only do step 3.
In embodiments of the present invention, when network receives block, the intelligent contract in the block can be executed successively to updateBilling and accounting system.Therefore, it trades in billing and accounting system and successively executes, that is, transaction is once enter chain (block chain), then it is in transaction sequencePosition determine that, as shown in figure 15, transaction arrange from left to right.In order to facilitate understanding, an example is given below, it is as followsFor three related transaction:
A: Zhang San is stored in 1000 yuan, and former remaining sum is 0
B: Zhang San turns 800 yuan to Li Si
C: Zhang San is to 600 yuan of Wang Wuzhuan
(1), when these three transaction order be ABC when, then these three transaction execution orders from left to right, such as Figure 15 instituteShow and 1. 2. 3. (neglects the execution of other unrelated transaction here), then the A that trades success, B success, C service fail (Sorry, your ticket has not enough value).But transaction B and C can be transferred through the simulation test in preposition pretreatment unit because, A exchange block reception after, Zhang SanThere are 1000 yuan, due to concurrency, trades B and C almost while submitting and (being packaged in a block).
(2), when the order of these three transaction is BAC, then B service fail (Sorry, your ticket has not enough value) of trading, A success, C success.
The embodiment of the present invention is to safeguard account system by executing intelligent contract, has the feature that one, block chainIn transaction successively execute, since trading order secures, thus implementing result is also fixed, that is, executes N again to block chainTime, account result is all consistent after executing every time.Although two, the transaction in block chain all have passed through simulation test and (test and do not pass throughBe dropped), but be possible to service fail, this is because there are concurrency fight for situation.That is, related side in block chainThe intelligent contract all signed, it is possible to execute failure, the reason of sequence is similar to " can not keep out factor ".If three, being packagedNode " is done evil ", then the transaction that the transaction in block chain is likely to be wash sale or has been tampered, this is easy to by block chainVerifying node penetrated, that is, although it in block chain, it will not be performed.The execution traded in block chain whether atFunction does not go to be identified because block chain be it is anti-tamper, go mark be exactly altered data.But whether transaction execution is successful canTo be reflected in system of account, Successful Transaction can be tracked in account status track.The implementing result traded in block chain, InIt embodies, can be inquired by following three kinds of modes in account system:
1. account status table, real-time but not anti-tamper, safety is based on network and database environment, in adverse circumstancesUnder, the confidence level of data can be increased with the data comparison of multiple nodes;
2. nearest snapshot, non real-time but anti-tamper;
3. the block chain of nearest snapshot+later, real-time and anti-tamper, but sequentially to execute to contract in block chain.
The block chain mechanism that the embodiment of the present invention is established, compared with general block chain, it is easy to accomplish the recovery of account state, byThere is no snapshot in general block chain, all transaction can only be reset from the Genesis BOB(beginning of block) of block chain to restore account;And thisInventive embodiments only need to be by nearest account status snapshot, in addition the block chain after the snapshot, so that it may restore account shapeState table, so as to so that system of account operates normally." nearest snapshot+block chain " later this is to transport system of account normallyCapable MDS minimum data set, thus can only retain this MDS minimum data set online, remainder data can be transferred to offline.
In one embodiment, the tool that independent backup can be provided and restored.Figure 16 is backup and recovery device knotStructure schematic diagram, as shown in figure 16, which includes: data backup and cleaning modul 121 and accounting data recovery module 122,In:
Data backup and cleaning modul 121: the purpose of backup and cleaning is reduced under the premise of not influencing system operationOnline data, to improve system performance.From the above analysis, online data only need nearest account status snapshot andBlock chain after the snapshot can meet system service requirement.Therefore, the data before the snapshot can be carried out backup andCleaning, primarily directed to block chain and account status track data.
Data recovery module 122: accounting data recovery module is used in new engine or old machine hard disk corruptions, is needed extensiveMultiple (if being lost) or rebuild the local account system (e.g., by distrust after external attack).The module, which is realized, restores accountFamily state table only needs two steps: first nearest account status snapshot being imported into database, forms account when snapshotState;Then the transaction in block chain after resetting the snapshot.When the account status snapshot or block thereafter of present networks nodeWhen chain lacks, it can be obtained by the P2P network of the block chain.
To sum up, the transaction based on block chain core banking system shown in fig. 6 executes process and includes the following steps:
Step 1: transaction pretreatment S1
S11, transaction, which enters, submits subnet, which realizes whether transaction application, confirmation, simulation (test intelligent contractSet up), audit etc. procedure links, to confirm that the transaction is reasonable, then submit the transaction to transaction " distribution centre ".
S12, " distribution centre " receive transaction, convert one for received parallel transaction by transaction line-up device firstA serial stream is similar to the middleware of MQ (message queue), reaches using the soft load balancing of route processing and is packaged sectionPoint.
S13 is packaged node for the serial stream of transaction and is built into one " block semi-finished product ", including block body (trading groupTxS) and the H of block head (TxS), H (TxS) are directed toward trading group TxS, and when TxS carrys out tissue with Mei Keer tree, H (TxS) is itRoot.Also, anti-molality block is called, transaction is prevented to be repeated submission.
Step 2: admission control handles S2
S21 submits sub-network to submit block semi-finished product to audit subnet, which is alliance's chain, and audit subnet is logicalThe mechanism such as black, white list are crossed, are audited using common recognition double of finished product block of algorithm.If audit does not pass through, semi-finished product blockIt is dropped in audit subnet, account process layer cannot be gone successively to.Transaction auditing node or transaction auditing subnet turn assetsThe legitimacy and enforceability for moving class business carry out access verification, keep the function of accounting processing layer purer, more efficient.
Step 3: accounting processing handles S3
S31, the transaction that the audit by auditing subnet passes through, eventually enters into accounting processing alliance chain.
The transaction received is ranked up processing by S32.
S33 executes transaction, and at a certain specific time point, makees " snapshot " to account status, and prevent " snapshot "Distort processing, algorithm is finally completed transaction by knowing together.
S34 forms (" M " can be configured according to actual needs, and flexibility is high) setting century block after M block.
As seen from the above description, it by establishing preposition pretreatment unit, is partially separated what can be constructed parallel in blockOut, " block semi-finished product " are formed, being somebody's turn to do " block semi-finished product " can be improved the formation efficiency of block chain, also, pass through distribution centreMode can promote the ability of reply transaction high concurrent.By establish trade access permission control device, can be used for account management andThe identification for access of trading, admission control layer are responsible for auditing legitimacy, the validity of transaction, and refusal is unsatisfactory for execution conditionTransaction.So that the transaction that accounting processing layer receives, is all by admission control, is reliable.By above-mentioned eachDevice can make block chain technology and the suitability of banking system demand more preferable, so as to promoted the performance of application system withEfficiency.
Figure 17 is the schematic diagram of electronic equipment according to an embodiment of the present invention.Electronic equipment shown in Figure 17 is general dataProcessing unit comprising general computer hardware structure includes at least processor 1701 and memory 1702.Processor1701 and memory 1702 connected by bus 1703.Memory 1702 is suitable for one or more that storage processor 1701 can be performedItem instruction or program.One or more instruction or program are executed by processor 1701 to realize the operation number in above-mentioned block chainThe step of according to processing method.
Above-mentioned processor 1701 can be independent microprocessor, be also possible to one or more microprocessor set.The order that processor 1701 is stored by executing memory 1702 as a result, thereby executing embodiment present invention as described aboveMethod flow realize the processing for data and the control for other devices.Above-mentioned multiple components are connected to by bus 1703Together, while by said modules display controller 1704 and display device and input/output (I/O) device 1705 are connected to.It is defeated that input/output (I/O) device 1705 can be mouse, keyboard, modem, network interface, touch-control input device, body-sensingEnter device, printer and other devices well known in the art.Typically, input/output (I/O) device 1705 by input/Output (I/O) controller 1706 is connected with system.
Wherein, memory 1702 can store component software, such as operating system, communication module, interactive module and answerUse program.Above-described each module and application program both correspond to complete one or more functions and in inventive embodimentsOne group of executable program instructions of the method for description.
The embodiment of the present invention also provides a kind of computer readable storage medium, is stored thereon with computer program, the calculatingThe step of when machine program is executed by processor to realize the work data processing method in above-mentioned block chain.
In conclusion the embodiment of the invention provides alliance's block chain application schemes based on account status, suitable for relating toAnd the block chain transaction system of ownership of assets transfer class application, particularly suitable for banking system.Relative to existing areaBlock chain application system, the embodiment of the present invention have the advantage that
1, the embodiment of the invention provides a kind of realization sides based on block chain for replacing traditional core banking system completelyThe chain (being added in a manner of " opening an account ") can be added in case, each business bank in the form of alliance, form (the centre of the regulatory agency containing lidRow) He Duojia business bank core banking system.
2, there is very strong analogy and amalgamation in the system concept, be easily achieved building block chain engineering construction,It should be readily appreciated that and be easy to verify.
3, distribution centre mode improves the ability of reply transaction high concurrent, and parallel generation block semi-finished product strategy solves existingThere is the formation efficiency bottleneck of block chain.
4, the embodiment of the present invention combines the feature of block chain and banking treatment process, by account management and assetsThe access audit of transfer transactions is extracted to be completed in an independent block chain, so that the layout of system is more reasonable, treatment effeciencyIt is higher.
5, transaction auditing node or transaction auditing subnet carry out the legitimacy and enforceability of assets transfer class businessAccess verification, keeps the function of accounting processing layer purer, more efficient.
6, at a certain specific time point, " snapshot " is made to account status, and anti-tamper processing is made to " snapshot ", is based onNearest " snapshot " can be updated account status, verify, and significantly reduce the search range of data, improve systemEfficiency.
7, backup and Restoration Mechanism are provided, backup saves the memory space of network node, improves system effectiveness, andThe calamity for restoring then to enhance system is standby, the characteristics such as fault-tolerant.
All the embodiments in this specification are described in a progressive manner, same and similar portion between each embodimentDividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for hardware+For program class embodiment, since it is substantially similar to the method embodiment, so being described relatively simple, related place is referring to sideThe part of method embodiment illustrates.
It is above-mentioned that this specification specific embodiment is described.Other embodiments are in the scope of the appended claimsIt is interior.In some cases, the movement recorded in detail in the claims or step can be come according to the sequence being different from embodimentIt executes and desired result still may be implemented.In addition, process depicted in the drawing not necessarily require show it is specific suitableSequence or consecutive order are just able to achieve desired result.In some embodiments, multitasking and parallel processing be also canWith or may be advantageous.
Although this application provides the method operating procedure as described in embodiment or flow chart, based on conventional or noninvasiveThe labour for the property made may include more or less operating procedure.The step of enumerating in embodiment sequence is only numerous stepsOne of execution sequence mode, does not represent and unique executes sequence.It, can when device or client production in practice executesTo execute or parallel execute (such as at parallel processor or multithreading according to embodiment or method shown in the drawings sequenceThe environment of reason).
System, device, module or the unit that above-described embodiment illustrates can specifically realize by computer chip or entity,Or it is realized by the product with certain function.It is a kind of typically to realize that equipment is computer.Specifically, computer for example may be usedThink personal computer, laptop computer, vehicle-mounted human-computer interaction device, cellular phone, camera phone, smart phone, individualDigital assistants, media player, navigation equipment, electronic mail equipment, game console, tablet computer, wearable device orThe combination of any equipment in these equipment of person.
The terms "include", "comprise" or its any other variant in this specification embodiment are intended to nonexcludabilityInclude so that include a series of elements process, method, product or equipment not only include those elements, but alsoIncluding other elements that are not explicitly listed, or further include for this process, method, product or equipment intrinsic wantElement.In the absence of more restrictions, being not precluded in process, method, product or the equipment for including the element alsoThere are other identical or equivalent elements.
For convenience of description, it is divided into various modules when description apparatus above with function to describe respectively.Certainly, implementing thisThe function of each module can be realized in the same or multiple software and or hardware when specification embodiment, it can also be by realityShow the module of same function by the combination realization etc. of multiple submodule or subelement.Installation practice described above is onlySchematically, for example, the division of the unit, only a kind of logical function partition, can there is other draw in actual implementationThe mode of dividing, such as multiple units or components can be combined or can be integrated into another system, or some features can be ignored,Or it does not execute.Another point, shown or discussed mutual coupling, direct-coupling or communication connection can be by oneThe indirect coupling or communication connection of a little interfaces, device or unit can be electrical property, mechanical or other forms.
It is also known in the art that other than realizing controller in a manner of pure computer readable program code, it is completeEntirely can by by method and step carry out programming in logic come so that controller with logic gate, switch, specific integrated circuit, programmableLogic controller realizes identical function with the form for being embedded in microcontroller etc..Therefore this controller is considered one kindHardware component, and the structure that the device for realizing various functions that its inside includes can also be considered as in hardware component.OrPerson even, can will be considered as realizing the device of various functions either the software module of implementation method can be hardware againStructure in component.
The present invention be referring to according to the method for the embodiment of the present invention, the process of equipment (system) and computer program productFigure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructionsThe combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programsInstruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produceA raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for realThe device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spyDetermine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates,Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram orThe function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that countingSeries of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer orThe instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram oneThe step of function of being specified in a box or multiple boxes.
In a typical configuration, calculating equipment includes one or more processors (CPU), input/output interface, netNetwork interface and memory.
Memory may include the non-volatile memory in computer-readable medium, random access memory (RAM) and/orThe forms such as Nonvolatile memory, such as read-only memory (ROM) or flash memory (flash RAM).Memory is computer-readable mediumExample.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any methodOr technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data.The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), movesState random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasableProgrammable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM),Digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or other magnetic storage devicesOr any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, it calculatesMachine readable medium does not include temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
It will be understood by those skilled in the art that the embodiment of this specification can provide as the production of method, system or computer programProduct.Therefore, in terms of this specification embodiment can be used complete hardware embodiment, complete software embodiment or combine software and hardwareEmbodiment form.Moreover, it wherein includes computer available programs that this specification embodiment, which can be used in one or more,Implement in the computer-usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) of codeThe form of computer program product.
This specification embodiment can describe in the general context of computer-executable instructions executed by a computer,Such as program module.Generally, program module includes routines performing specific tasks or implementing specific abstract data types, journeySequence, object, component, data structure etc..This specification embodiment can also be practiced in a distributed computing environment, in these pointsCloth calculates in environment, by executing task by the connected remote processing devices of communication network.In distributed computing ringIn border, program module can be located in the local and remote computer storage media including storage equipment.
In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically showThe description of example " or " some examples " etc. means specific features, structure, material or spy described in conjunction with this embodiment or examplePoint is contained at least one embodiment or example of this specification embodiment.In the present specification, to the signal of above-mentioned termProperty statement be necessarily directed to identical embodiment or example.Moreover, particular features, structures, materials, or characteristics describedIt may be combined in any suitable manner in any one or more of the embodiments or examples.In addition, without conflicting with each other, thisThe technical staff in field can be by the spy of different embodiments or examples described in this specification and different embodiments or examplesSign is combined.
The foregoing is merely the embodiments of this specification embodiment, are not limited to this specification embodiment.It is rightFor those skilled in the art, this specification embodiment can have various modifications and variations.It is all in this specification embodimentAny modification, equivalent replacement, improvement and so within spirit and principle, the right that should be included in this specification embodiment are wantedWithin the scope of asking.