CN111641586A

Movatterモバイル変換

Info

Publication number: CN111641586A
Application number: CN202010332330.6A
Authority: CN
Inventors: 王晓亮; 李燕
Original assignee: Hangzhou Rivtower Technology Co Ltd
Current assignee: Hangzhou Rivtower Technology Co Ltd
Priority date: 2020-04-24
Filing date: 2020-04-24
Publication date: 2020-09-08

Abstract

One or more embodiments of the present specification disclose a block chain-based account authority management method and system, where the method includes: the first terminal sends account authority application transaction to the blockchain network based on contract invoking authority owned by the first account; after the use time of the account authority to be applied is verified to be valid and the access password is correct, the blockchain network calls an intelligent contract to process the account authority application transaction; after the approval party applies for approval on account authority, uploading an approval result to a block chain network; and when the approval result is that the approval result is passed, transferring the account authority to be applied to the first account within the using time. Therefore, data storage for the account authority management process is achieved based on the block chain network, distribution and transfer management for the account authority are achieved more effectively and safely, and management of malicious tampering of the account authority is avoided. Moreover, the access certificate has time control, does not need human interference, and is more flexible and convenient.

Description

Account authority management method and system based on block chain

Technical Field

The present invention relates to the field of blockchain technologies, and in particular, to a method and a system for managing account permissions based on a blockchain.

Background

The blockchain is a decentralized and innovative solution for solving the multi-party trust problem by using a distributed book technology, and is a leading-edge technology of the current society.

The traditional centralized system is complex in management of account authority. Taking account authority of staff positions as an example, when the staff positions are mobilized for replacement, registration is generally required to be carried out through an office system, information such as identity cards and company names is filled in for real-name authentication, after 1 to 2 workdays of system administrators are approved, account authority of replacement staff is given through complex operation, and the replacement staff can normally work.

However, current account rights management is not transparent and there may be a risk of malicious tampering of account rights.

Disclosure of Invention

One or more embodiments of the present disclosure are directed to an account authority management method and system based on a blockchain, so as to verify process data of account authority management through a blockchain network, and avoid a risk of malicious tampering.

To solve the above technical problem, one or more embodiments of the present specification are implemented as follows:

in a first aspect, a method for managing account permissions based on a blockchain is provided, where one or more intelligent contracts for managing account permissions are deployed in the blockchain network, and the method includes:

the method comprises the steps that a first terminal sends account authority application transaction to a blockchain network based on contract invoking authority owned by a first account, wherein the account authority application transaction carries an admission certificate distributed to the first account, and the admission certificate records the use time of account authority to be applied and an admission password;

after the account permission use time to be applied is verified to be valid and the access password is correct, the block chain network calls the intelligent contract to process the account permission application transaction;

after the approval party applies for approval for the account authority, uploading an approval result to a block chain network;

and when the approval result is that the approval result is passed, transferring the account authority to be applied to the first account within the using time.

In a second aspect, a system for managing account permissions based on blockchain is provided, where one or more intelligent contracts for managing account permissions are deployed in the blockchain network, and the system includes: the system comprises a first terminal, a block chain network and an approval party;

the first terminal transmits account authority application transaction to a blockchain network based on contract invoking authority owned by a first account, wherein the account authority application transaction carries an admission certificate distributed to the first account, and the admission certificate records the use time of account authority to be applied and an admission password;

In a third aspect, an electronic device is provided, including:

a processor; and

a memory arranged to store computer executable instructions that, when executed, cause the processor to perform part of the method of the first aspect.

In a fourth aspect, a computer-readable storage medium is presented, storing one or more programs which, when executed by an electronic device comprising a plurality of application programs, cause the electronic device to perform some of the methods of the first aspect.

According to the technical scheme provided by one or more embodiments of the specification, data evidence storage of the account authority management process is achieved based on the block chain network, so that allocation and transfer management of the account authority are achieved more effectively and safely, and management of malicious tampering of the account authority is avoided. Moreover, the access certificate has time control, does not need human interference, and is more flexible and convenient.

Drawings

In order to more clearly illustrate one or more embodiments or prior art solutions of the present specification, reference will now be made briefly to the attached drawings, which are needed in the description of one or more embodiments or prior art, and it should be apparent that the drawings in the description below are only some of the embodiments described in the specification, and that other drawings may be obtained by those skilled in the art without inventive exercise.

Fig. 1 is a schematic diagram of a system architecture to which an account authority management method based on a block chain is applied.

Fig. 2 is a schematic step diagram of an account authority management method based on a block chain according to an embodiment of the present specification.

Fig. 3 is a flowchart of account permission replacement corresponding to employee positions provided in the embodiment of the present specification.

Fig. 4 is a flowchart of account right replacement control for employee positions according to an embodiment of the present disclosure.

Fig. 5 is a schematic diagram of an account right management system based on a block chain provided by an embodiment of the present specification.

Fig. 6 is a schematic structural diagram of an electronic device provided in an embodiment of the present specification.

Detailed Description

In order to make the technical solutions in the present specification better understood, the technical solutions in one or more embodiments of the present specification will be clearly and completely described below with reference to the accompanying drawings in one or more embodiments of the present specification, and it is obvious that the one or more embodiments described are only a part of the embodiments of the present specification, and not all embodiments. All other embodiments that can be derived by a person skilled in the art from one or more of the embodiments described herein without making any inventive step shall fall within the scope of protection of this document.

First, a system architecture to which the block chain based account authority management method according to the embodiment of the present disclosure is applied is introduced, and it should be understood that the system architecture may be used in various application scenarios related to the field of account authority management, for example, an account authority management scheme that requires account authority transfer and reallocation, such as post replacement and membership replacement. Referring to fig. 1, the system architecture may include: ablockchain network 102, aserving node 104, and aterminal node 106. Besides basic intelligent contracts required by operation and maintenance, intelligent contracts related to account authority management can be deployed in theblockchain network 102. Theservice node 104 may be one or more service terminals, such as an approver for approving the post replacement application, and a manager for validating the membership replacement application. Theend node 106 may be one or more user terminals, e.g., a replacement party applying for post replacement or a replaced party applying for post recovery. It should be understood that the terminal referred to in one or more embodiments of the present specification may specifically be a terminal device, or a client installed on a terminal device.

In the system architecture shown in fig. 1, theservice node 104 and theterminal node 106 are respectively connected to theblockchain network 102, and the verification of the process data of the account authority management transaction requested by theterminal node 106 is realized by using an intelligent contract related to the account authority management and deployed by theblockchain network 102, so as to avoid malicious tampering. The technical means referred to in the present specification will be described in detail below with reference to the following examples.

Example one

Referring to fig. 2, a schematic step diagram of an account authority management method based on a blockchain provided in an embodiment of the present specification, where the account authority management method based on a blockchain may include the following steps:

step 202: the method comprises the steps that a first terminal sends account authority application transaction to a blockchain network based on contract invoking authority owned by a first account, wherein the account authority application transaction carries an admission certificate distributed to the first account, and the use time and an admission password of account authority to be applied are recorded in the admission certificate.

The first account can be a personal account which is applied for by a user registered in a certain enterprise or institution; taking the post replacement as an example, the first account may be a job number allocated by the enterprise for the employee, and the employee may log in and access the enterprise website through the job number and obtain the account authority allocated by the enterprise under the own account to execute the corresponding work. The account authority can be distributed by the enterprise according to the employee post, and can be distinguished from the basic authority of the personal account of the employee.

For example, xiaoming registers an account number in a unit as its job number 0012, and registers the account number in a unit internal system website to view unit internal news and notifications. If the post of xiaoming is a cashier, the account authority of the mingming unit can be the authority set based on the post of cashier, for example, the account authority of handling cash settlement, bank settlement and related accounting of the unit and keeping work such as stock cash, securities, financial seals and related bills.

Taking the membership replacement as an example, the first account may also be a member account number allocated by the institution for the member; the account authority may be a consumption authority such as a coupon generated by the credit of a member in an organization or other behaviors, which is not described herein.

In this embodiment, the contract invoking authority owned by the first account may be assigned by an administrator to invoke an intelligent contract related to account authority management in a blockchain network. The administrator may be a manager of a business or organization, or assigned by an administrative person. Meanwhile, when the administrator allocates contract invoking rights, an admission certificate can be distributed to the first account, wherein the use time of the account rights to be applied and the admission password are recorded in the admission certificate. The usage time of the account permission to be applied for may be specifically a time period from a start time to an end time of the first account having the account permission. The access password may be a password previously assigned by the administrator and agreed upon in the smart contract associated with account rights management, such as a string of characters, or other combination of characters.

It should be understood that in this embodiment of the present specification, the first terminal may construct an account permission application transaction based on the admission certificate and send the account permission application transaction to the blockchain network after determining that the first account has the contract invoking permission. The construction of the account authority application transaction may refer to a transaction construction scheme in the existing blockchain network interaction, which is not described herein in detail.

Step 204: and after the validity of the using time of the account permission to be applied is verified and the access password is correct, the block chain network calls an intelligent contract corresponding to the contract calling permission to process the account permission application transaction.

It should be appreciated that one or more intelligent contracts for managing account permissions are deployed in the blockchain network. Meanwhile, when the administrator distributes the admission certificate for the first account, the admission certificate may be agreed in the smart contract.

Then, after the blockchain network receives the transaction, an intelligent contract related to account authority management can be called to verify the use time of the account authority to be applied in the transaction so as to determine whether the use time is valid. Wherein the usage time being valid means that the usage time has not expired, one understanding being: the start time of the usage time has not yet come; another understanding is that: the end time of the usage time has not yet come. The selection may be made according to a usage scenario, and is not limited herein. If the use time is invalid, the first terminal can be informed of errors, and the re-initiation of the account authority application transaction is triggered.

When the validity of the use time is verified, whether the access password is correct or not needs to be verified. During specific implementation, whether the password in the admission certificate agreed in the intelligent contract related to the account authority management based on the block chain network is consistent or not can be used, if so, the verification is correct, otherwise, a processing mode of verifying that the use time is invalid can be adopted to trigger the transaction to be initiated again.

In this embodiment, a management terminal (which may be regarded as a service terminal) outside the blockchain network may be triggered to verify whether the access password is correct, that is, the specific operation of password verification is implemented outside the chain, and the result is uploaded to the chain.

No matter what verification method is adopted, after the account permission use time to be applied is verified to be valid and the access password is correct, the blockchain network calls the intelligent contract corresponding to the contract calling permission to process the account permission application transaction, and particularly some methods in the intelligent contract corresponding to the contract calling permission can be called to process the transaction.

In the embodiment of the present specification, in order to better control and manage the account authority, the plurality of intelligent contracts for managing the account authority may be divided into different categories of intelligent contracts according to the types of the account authority; therefore, intelligent contracts can be set for different company department categories, fine-grained management of account authority is achieved, and control management refinement and strength are improved. Specifically, the blockchain network calls an intelligent contract matched with the current type of the account authority to be applied for processing the account authority application transaction from a plurality of intelligent contracts for managing the account authority.

In order to further realize fine-grained management of account permissions, each intelligent contract in the embodiment of the description is assigned with a level corresponding to the contract invoking permission; in this way, in specific implementation, the blockchain network may select an intelligent contract matched with the current type of the account authority to be applied from the plurality of intelligent contracts for managing the account authority; and calling the intelligent contract with the matched level from the selected intelligent contract based on the contract calling authority to process the account authority application transaction. It should be appreciated that invoking an intelligent contract at a matching level may be invoking an intelligent contract at a level equivalent to the contract invocation authority level. Therefore, the authority control strength is further refined.

Step 206: and after the approval party applies for approval for the account authority, uploading the approval result to the block chain network.

At this time, the blockchain network may notify the outshain approver that the application of the account authority needs to be approved, and it should be understood that the approver may be one or more service terminals having the approval authority. Continuing with the above example, the approver may interface with a director, and when the account right to be applied for is owned by another account, the approver may also interface with the director and a replaced employee. And the party to be examined and approved acquires the account authority application from the block chain network, and uploads the application to the block chain network after the examination and approval are completed.

Step 208: and when the approval result is that the approval result is passed, transferring the account authority to be applied to the first account within the using time.

And when the approval result is that the account authority application transaction fails or consensus is not achieved, the account authority application transaction fails.

And the block chain network performs consensus on the approval results, and can link the chain for storage only when the approval results are all passed and all pass the consensus. Therefore, the account authority applied by the first account is stored and verified on the block chain network, and when the using time arrives, the account authority to be applied is automatically transferred to the first account, namely, the first account has the account authority to be applied in the using time, and once the using time is over, the first account loses the account authority to be applied.

Through the technical scheme of the specification, the data evidence of the account authority in the management process is stored based on the block chain network, so that the allocation and transfer management of the account authority are more effectively and safely realized, and the management of maliciously tampering the account authority is avoided. Moreover, the access certificate has time control, does not need human interference, and is more flexible and convenient.

Based on the scheme in theabove steps 202 to 208, the allocation management of the account permissions may be, that is, allocating a new type of account permissions to the first account; alternatively, the transfer may be based on existing account permissions, i.e., transferring account permissions from account a to account B.

When the scheme involved in steps 202-208 is account rights transfer, after the account rights are transferred from the second account to the first account, the method may further comprise the step of transferring the account rights from the first account to the second account, i.e. restoring the account rights for the second account. Specifically, after the usage time has elapsed, the method further comprises:

receiving an account authority recovery transaction sent by a second account, wherein the account authority recovery transaction carries an admission certificate distributed to the second account, and the admission certificate records the use time of the account authority to be recovered and an admission password;

after the account permission use time to be recovered is verified to be valid and the access password is correct, the block chain network calls an intelligent contract corresponding to the contract calling permission to process the account permission recovery transaction;

after the examining and approving party passes the examination and approval for the recovery of the account authority, uploading the examination and approval result to a block chain network; it should be noted that, when the account authority is restored, only the notification may be performed through the examination and approval of the leader, without the examination and approval of the original replacement party (i.e., the first account).

And the block chain network distributes and manages the account authority to be recovered based on the approval result and the service time.

It should be understood that the operation of recovering the account permission is similar to the operation of applying for the account permission, and specific implementation ofstep 202 to step 208 may be referred to, and details are not described herein.

In this embodiment of the present specification, if the blockchain network does not receive an account authority application transaction within the usage time, the blockchain network notifies the first account; or the blockchain network does not receive the account authority recovery transaction within the using time, and then notifies the second account. In other words, when the alternative party does not actively apply for the account right of the alternative party within a certain time, a message is initiated to prompt the alternative party to operate in time, and when the alternative party does not apply for the account right yet after the certain time, the message prompts the upper-layer leader and the alternative party, and whether to continue to replace a new alternative party is determined according to the actual situation. Therefore, the progress of the account authority management operation can be promoted in time, the work delay caused by the forgetting of a replacement party is avoided, and the work efficiency is improved.

The account authority management scheme referred to in the present specification is described in detail below by way of specific examples.

Specifically, referring to fig. 3, a flowchart of account permission replacement corresponding to employee positions is shown.

Firstly, whether contract Call authority is allocated to a work account of a replacement employee needs to be judged, and if not, contract Call authority needs to be applied or an administrator needs to be waited for allocating the contract Call authority for a Mingmen account.

If contract Call authority exists, the distributed admission certificate is not expired, and the admission password is correct, an intelligent contract related to account authority management in the block chain network can be called based on the contract Call authority.

And then, the certificate is checked and approved by the upper leader and the replaced staff, and the certificate can be stored after all the certificates pass through the common identification cochain. And after the replacement access time is reached, the replacement staff has the account authority corresponding to the position of the replaced staff, and the replaced staff loses the original position account authority.

It should be understood that when the replaced employee needs to restore the position later, the replaced employee can also obtain the admission certificate of the next restoration position at this time, so as to request the restoration position according to the admission certificate.

Still take account authority replacement of employee post as an example, the scheme mainly relates to a replacement party, a block chain network, a leader and a replaced party; referring to fig. 4, a flow chart of control for supplementing the account authority of the employee post is shown. The control flow comprises the following steps:

step 402: and the replacement party sends the account authority application transaction to the blockchain network.

Step 404: the blockchain network invokes the intelligent contract to process the transaction.

Step 406: and the leader and the replaced party respectively acquire and approve the account authority application.

Step 408: and the leader and the replaced party respectively upload the examination and approval results to the block chain network.

Step 410: and the block chain network links the approval result with the chain certificate.

The details of each step in the control flow may refer to theabove step 202 to step 208.

The replacement party has account rights within the start time-end time period recorded in the admission certificate, while the replaced party does not have account rights. Therefore, the evidence is reserved on the block chain network, and malicious tampering of the account authority is avoided.

Example two

Referring to fig. 5, for the account right management system based on a block chain provided in the embodiment of the present specification, taking account right management in post replacement as an example, the system 500 may include:

afirst terminal 502, ablockchain network 504, and anapprover 506; wherein one or more intelligent contracts for managing account permissions are deployed in the blockchain network;

thefirst terminal 502 sends an account permission application transaction to theblockchain network 504 based on a contract invoking permission owned by a first account, wherein the account permission application transaction carries an admission certificate distributed to the first account, and the admission certificate records the use time and the admission password of an account permission to be applied;

after the account permission use time to be applied is verified to be valid and the access password is correct, theblock chain network 504 calls the intelligent contract to process the account permission application transaction;

after theapprover 506 approves the account authority application, the approval result is uploaded to theblock chain network 504;

when the approval result is passed, theblockchain network 504 transfers the account authority to be applied to the first account within the use time.

In a specific implementation manner of the embodiment of the present specification, the plurality of intelligent contracts for managing account permissions are divided into different categories of intelligent contracts according to types of the account permissions;

when theblock chain network 504 invokes an intelligent contract corresponding to the contract invocation authority to process the account authority application transaction, the block chain network is specifically configured to:

and calling an intelligent contract matched with the current account authority type to be applied to process the account authority application transaction from the intelligent contract corresponding to the contract calling authority.

In a specific implementation manner of the embodiment of this specification, when the intelligent contract matching with the current type of the account right to be applied is called from the plurality of intelligent contracts for managing the account right to process the account right application transaction, theblockchain network 504 is specifically configured to:

selecting an intelligent contract matched with the current account authority type to be applied from the intelligent contracts for managing the account authority;

and calling the intelligent contract with the matched level from the selected intelligent contract based on the contract calling authority to process the account authority application transaction.

In another specific implementation manner of the embodiment of the present specification, after the usage time elapses, theblock chain network 504 is further configured to: receiving an account authority recovery transaction sent by a second account, wherein the account authority recovery transaction carries an admission certificate distributed to the second account, and the admission certificate records the use time of the account authority to be recovered and an admission password; and the number of the first and second groups,

after the account permission use time to be recovered is verified to be valid and the access password is correct, theblock chain network 504 calls an intelligent contract corresponding to the contract calling permission to process the account permission recovery transaction; and the number of the first and second groups,

after theapproval party 506 passes the approval for the recovery of the account authority, uploading the approval result to a block chain network; and the number of the first and second groups,

theblockchain network 504 performs allocation management on the account authority to be recovered based on the approval result and the usage time.

In another specific implementation manner of the embodiment of the present specification, theblockchain network 504 is further configured to notify the first account when an account authority application transaction is not received within the usage time; alternatively, theblockchain network 504 is further configured to notify the second account when the account right recovery transaction is not received within the usage time.

EXAMPLE III

Fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present specification. Referring to fig. 6, at a hardware level, the electronic device includes a processor, and optionally further includes an internal bus, a network interface, and a memory. The Memory may include a Memory, such as a Random-Access Memory (RAM), and may further include a non-volatile Memory, such as at least 1 disk Memory. Of course, the electronic device may also include hardware required for other services.

The processor, the network interface, and the memory may be connected to each other via an internal bus, which may be an ISA (Industry Standard Architecture) bus, a PCI (peripheral component interconnect) bus, an EISA (Extended Industry Standard Architecture) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one double-headed arrow is shown in FIG. 6, but that does not indicate only one bus or one type of bus.

And the memory is used for storing programs. In particular, the program may include program code comprising computer operating instructions. The memory may include both memory and non-volatile storage and provides instructions and data to the processor.

The processor reads the corresponding computer program from the non-volatile memory into the memory and then runs the computer program, and forms various execution devices for executing the method shown in fig. 2 on a logic level. And a processor executing the program stored in the memory and specifically configured to perform some of the steps of the method shown in fig. 2.

The method disclosed in the embodiment of fig. 2 in this specification can be applied to a processor or implemented by a processor. The processor may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or instructions in the form of software. The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components. The methods, steps, and logic blocks disclosed in one or more embodiments of the present specification may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with one or more embodiments of the present disclosure may be embodied directly in hardware, in a software module executed by a hardware decoding processor, or in a combination of the hardware and software modules executed by a hardware decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in a memory, and a processor reads information in the memory and completes the steps of the method in combination with hardware of the processor.

The electronic device may also execute the method of fig. 2 and implement the functions of the corresponding apparatus in the embodiment shown in fig. 2, which are not described herein again in this specification.

Of course, besides the software implementation, the electronic device of the embodiment of the present disclosure does not exclude other implementations, such as a logic device or a combination of software and hardware, and the like, that is, the execution subject of the following processing flow is not limited to each logic unit, and may also be hardware or a logic device.

Example four

This specification embodiment also proposes a computer readable storage medium storing one or more programs, the one or more programs comprising instructions, which when executed by a portable electronic device comprising a plurality of application programs, are capable of causing the portable electronic device to perform the method of the embodiment shown in fig. 2.

In short, the above description is only a preferred embodiment of the present disclosure, and is not intended to limit the scope of the present disclosure. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present specification shall be included in the protection scope of the present specification.

The system, apparatus, module or unit illustrated in one or more of the above embodiments may be implemented by a computer chip or an entity, or by an article of manufacture with a certain functionality. One typical implementation device is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.

Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.

The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.

Claims

1. A method for account rights management based on blockchain, one or more intelligent contracts for managing account rights being deployed in a blockchain network, the method comprising:

2. The method of claim 1, wherein the plurality of intelligent contracts for managing account permissions are divided into different categories of intelligent contracts by account permission type;

the block chain network calls an intelligent contract corresponding to the contract calling authority to process the account authority application transaction, and the method specifically comprises the following steps:

and the block chain network calls an intelligent contract matched with the current type of the account authority to be applied to process the account authority application transaction from the plurality of intelligent contracts for managing the account authority.

3. The method of claim 1, each intelligent contract being assigned a level corresponding to the contract invocation authority;

the block chain network invokes an intelligent contract matched with the current account authority type to be applied to process the account authority application transaction from the plurality of intelligent contracts for managing the account authority, and specifically includes:

the block chain network selects an intelligent contract matched with the current account authority type to be applied from the intelligent contracts for managing the account authority;

4. The method of any of claims 1-3, further comprising, after the use time has elapsed:

after the examining and approving party passes the examination and approval for the recovery of the account authority, uploading the examination and approval result to a block chain network;

5. The method of claim 4, further comprising:

if the block chain network does not receive account authority application transaction within the using time, notifying the first account; or,

and if the blockchain network does not receive the account authority recovery transaction within the using time, notifying the second account.

6. A blockchain based account rights management system, the blockchain network having one or more smart contracts deployed therein for managing account rights, the system comprising: the system comprises a first terminal, a block chain network and an approval party;

7. The system of claim 6, wherein the plurality of intelligent contracts for managing account permissions are divided into different categories of intelligent contracts by account permission type;

when the block chain network invokes an intelligent contract corresponding to the contract invoking permission to process the account permission application transaction, the block chain network is specifically configured to:

and calling an intelligent contract matched with the current to-be-applied account authority type from the intelligent contracts for managing the account authority to process the account authority application transaction.

8. The system of claim 7, wherein the blockchain network, when invoking an intelligent contract matching a current type of account permission to be applied from among the plurality of intelligent contracts for managing account permissions to process the account permission application transaction, is specifically configured to:

9. The system of any of claims 6-8, the blockchain network further to, after the usage time has elapsed: receiving an account authority recovery transaction sent by a second account, wherein the account authority recovery transaction carries an admission certificate distributed to the second account, and the admission certificate records the use time of the account authority to be recovered and an admission password; and the number of the first and second groups,

after the account permission use time to be recovered is verified to be valid and the access password is correct, the block chain network calls an intelligent contract corresponding to the contract calling permission to process the account permission recovery transaction; and the number of the first and second groups,

after the examining and approving party passes the examination and approval for the recovery of the account authority, uploading the examination and approval result to a block chain network; and the number of the first and second groups,

and the block chain network carries out distribution management on the account authority to be recovered based on the approval result and the service time.

10. The system of claim 9, wherein the blockchain network is further configured to notify the first account when an account permission application transaction is not received within the usage time; or,

the blockchain network is further used for notifying the second account when the account authority recovery transaction is not received within the using time.