Virtual asset hosting and paying system and method based on blockchain bottom layerTechnical Field
The invention relates to a blockchain related application technology, in particular to a blockchain asset transfer and payment system and a method thereof, in particular to a virtual asset hosting and payment system based on a blockchain bottom layer.
Background
As the technology of blockchains has emerged in the field of view of everybody since 2009, a large number of public chains have grown, and secure hosting of virtual assets on blockchains has become a ubiquitous problem in digital asset application grounding.
Particularly in the field of virtual asset hosting and payment, merchants need to store private keys of virtual assets on a server for transfer and transaction, the server receives a transfer request, directly generates transaction corresponding to a blockchain through a background program, directly signs the transaction by using the private key stored on the server, and then broadcasts and sends the transaction to a blockchain node. Because the private key is stored on the server, the server is easy to hack in an online environment, cases of illegal hacking and copying of the private key are frequent, and in addition, potential operation and management risks exist for operators in the company. Once a problem occurs, irrecoverable losses will be incurred to the digital asset hosted by the platform.
To solve the above-described security problem, we have invented a virtual asset hosting and payment system and method thereof that can maximally avoid the risk of theft of private keys.
Disclosure of Invention
The invention provides a virtual asset hosting and paying system and a method thereof based on a blockchain bottom layer, which can avoid storing a private key for storing a large amount of funds in an online system, and even if a systematic security problem occurs, most of funds are still secure.
The invention discloses a virtual asset hosting and paying system based on a blockchain bottom layer, which comprises the following components:
the cold wallet operates in the service of an island environment operated by the network isolation system, and the offline environment prohibits any person from illegally approaching, wherein the cold wallet comprises a cold wallet address private key;
The hot wallet is deployed in a public network online environment, the bottom layer is connected with a plurality of public blockchains, and the service system can perform online virtual asset transfer, wherein the hot wallet at least comprises a cold wallet address main public key and a hot wallet address private key;
The main public key is responsible for calculating a recharging address (sub public key) of the user and is used for receiving recharging of the user;
The hot wallet private key, the transaction is signed directly by the hot Bao Si key and broadcast on the blockchain when the user needs to extract his or her assets.
Also included in some embodiments are: collecting orders, namely a data file format; the encryption data format is used for storing transaction information of various blockchains, generating from a hot wallet, verifying the legitimacy of the transaction information in a cold wallet and signing blockchain transactions in the cold wallet; after the signature of the collected order is completed, the collected order is transferred to a hot wallet, the hot wallet performs data validity verification on the collected order, legal transactions in the collected order are broadcasted to a corresponding blockchain, and the process of transferring the asset from the cold wallet to the hot wallet is realized.
Also included in some embodiments are: an encryption order storage unit: a storage device responsible for data exchange of the collected orders in the hot and cold wallets.
Also included in some embodiments are:
Master public/private key: the asymmetric key pair generated by the cryptography technology is determined by using layering, the main public key can calculate infinite sub-public keys, but the sub-private keys cannot be calculated, and the private keys corresponding to all sub-public keys and the public keys corresponding to all sub-public keys can be calculated by using the main private key.
The invention discloses a virtual asset hosting and paying method based on a blockchain bottom layer, which comprises the following steps:
1) Deploying the hot wallet in an online environment, calculating a large number of collection addresses by using a main public key generated by a hierarchical determination cryptography technology in the hot wallet, and using the hot wallet to receive recharging records of funds trusteeship parties, wherein an online system in which the hot wallet is located is responsible for monitoring the recharging records of the addresses through a blockchain;
2) Because the user has a need to extract his/her assets, it is necessary to transfer part of the assets for liquidity from the cold wallet to the private key of the hot wallet, which is responsible for the actual asset extraction transfer;
3) The hot wallet monitors all recharging addresses, can record the corresponding relation between the addresses and the assets in the cold wallet, and generates a collection order for transferring the assets from the cold wallet to the hot wallet according to the corresponding relation between the addresses and the assets when the assets of the cold wallet need to be transferred to the hot wallet, wherein the collection order can be verified and the effectiveness of the collection order can be ensured by using a cryptography technology; at this time, the hot wallet has no cold wallet address private key and cannot sign blockchain transactions, so that an unsigned aggregate order is generated;
4) After the order data is generated, the order data is stored in an encryption storage unit, the order data is transferred to a cold wallet system in an island environment by appointed personnel, the cold wallet system verifies and decrypts the collected order, after signature is executed on all blockchain transactions in the order data, the collected order is repackaged and encrypted, and then the collected order is stored in the encryption order storage unit;
5) The related personnel transfer the signed collection order in the encrypted order storage unit to a hot wallet, the hot wallet decrypts and verifies the collection order, then broadcasts the collection order to a blockchain, and after corresponding transaction is confirmed on the blockchain, all funds in the order are transferred to a private key of the hot wallet, and the hot wallet is responsible for asset extraction transaction of a user.
In some embodiments, in step 3) and including: when funds in the private key of the hot wallet are lower or reach a threshold value, the hot wallet generates a collection order for transferring the assets from the cold wallet to the private key of the hot wallet according to the corresponding relation between the addresses and the assets, and the quantity of the assets transferred by the collection order can be ensured as long as the normal funds flow of the online environment can be ensured.
The invention has the beneficial effects that:
After the system and the method of the invention are used, the user directly enters the cold wallet system after recharging, and the private key of the hot wallet only saves a small amount of assets for daily overhead. Even if the online hot wallet presents systematic security problems resulting in loss of the hot wallet private key, the loss is minimized.
Drawings
FIG. 1 is a schematic diagram of a system architecture of the present invention.
Fig. 2 is a schematic diagram of the operational sequence of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention.
Referring to fig. 1, the virtual asset hosting and payment system of the present embodiment includes:
the cold wallet operates in the service of an island environment operated by the network isolation system, and the offline environment prohibits any person from illegally approaching, wherein the cold wallet comprises a cold wallet address private key;
The hot wallet is deployed in a public network online environment, the bottom layer is connected with a plurality of public blockchains, and the service system can perform online virtual asset transfer, wherein the hot wallet at least comprises a cold wallet address main public key and a hot wallet address private key;
The main public key is responsible for calculating a recharging address (sub public key) of the user and is used for receiving recharging of the user;
The hot wallet private key, the transaction is signed directly by the hot Bao Si key and broadcast on the blockchain when the user needs to extract his or her assets.
Collecting orders, namely a data file format; the encryption data format is used for storing transaction information of various blockchains, generating from a hot wallet, verifying the legitimacy of the transaction information in a cold wallet and signing blockchain transactions in the cold wallet; after the signature of the collected order is completed, the collected order is transferred to a hot wallet, the hot wallet performs data validity verification on the collected order, legal transactions in the collected order are broadcasted to a corresponding blockchain, and the process of transferring the asset from the cold wallet to the hot wallet is realized.
An encryption order storage unit: a storage device responsible for data exchange of the collected orders in the hot and cold wallets. Such as a USB device with encrypted access verification.
Master public/private key: an infinite sub-public key can be calculated by using a main public key, but a sub-private key cannot be calculated, and private keys corresponding to all sub-public keys can be calculated by using the main private key.
Deploying the hot wallet in an online environment, calculating a large number of collection addresses by using a main public key generated by a hierarchical determination cryptography technology in the hot wallet, and using the hot wallet to receive recharging records of funds trusteeship parties, wherein an online system in which the hot wallet is located is responsible for monitoring the recharging records of the addresses through a blockchain; because the private key is stored on the server, the server is easy to hack in an online environment, cases of illegal hacking and copying of the private key are frequent, and in addition, potential operation and management risks exist for operators in the company. Once a problem occurs, irrecoverable losses will be incurred to the digital asset hosted by the platform.
Because the user has a need to extract his/her assets, it is necessary to transfer part of the assets for liquidity from the cold wallet to the private key of the hot wallet, which is responsible for the actual asset extraction transfer;
The hot wallet monitors all recharging addresses, can record the corresponding relation between the addresses and the assets in the cold wallet, and generates a collection order for transferring the assets from the cold wallet to the hot wallet according to the corresponding relation between the addresses and the assets when the assets of the cold wallet need to be transferred to the hot wallet, wherein the collection order can be verified and the effectiveness of the collection order can be ensured by using a cryptography technology; at this time, the hot wallet has no cold wallet address private key and cannot sign blockchain transactions, so that an unsigned aggregate order is generated;
After the order data is generated, the order data is stored in an encryption storage unit, the order data is transferred to a cold wallet system in an island environment by appointed personnel, the cold wallet system verifies and decrypts the collected order, after signature is executed on all blockchain transactions in the order data, the collected order is repackaged and encrypted, and then the collected order is stored in the encryption order storage unit;
The related personnel transfer the signed collection order in the encrypted order storage unit to a hot wallet, the hot wallet decrypts and verifies the collection order, then broadcasts the collection order to a blockchain, and after corresponding transaction is confirmed on the blockchain, all funds in the order are transferred to a private key of the hot wallet, and the hot wallet is responsible for asset extraction transaction of a user.
The present invention is not described in detail in the present application, and is well known to those skilled in the art.
The foregoing describes in detail preferred embodiments of the present invention. It should be understood that numerous modifications and variations can be made in accordance with the concepts of the invention by one of ordinary skill in the art without undue burden. Therefore, all technical solutions which can be obtained by logic analysis, reasoning or limited experiments based on the prior art by the person skilled in the art according to the inventive concept shall be within the scope of protection defined by the claims.