Detailed Description
In order that those skilled in the art will better understand the present application, a technical solution in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present application without making any inventive effort, shall fall within the scope of the present application.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present application and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the application described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements that are expressly listed or inherent to such process, method, article, or apparatus.
Fig. 1 is a schematic flow diagram of a method for cross-chain transaction processing, which may be performed by a cross-chain transaction processing device, and the device may be implemented in software and/or hardware. In a specific embodiment, the apparatus may be implemented in a cross-chain repeater or a source blockchain, both in a cross-chain transaction system that also includes a target blockchain. The following embodiments will be described taking the application of the apparatus in a cross-chain repeater or source blockchain as an example, and referring to fig. 1, the method may specifically include the following steps:
Step 101, receiving a cross-link transaction request sent by a target user device, and determining the original cross-link transaction and the identification information of a target blockchain according to the cross-link transaction request.
Specifically, the target user equipment is one of the user equipment connected with the source blockchain, and a user corresponding to the target user equipment initiates a cross-chain transaction processing request to request the source blockchain to process the cross-chain transaction. The original cross-chain transaction in the cross-chain transaction processing request is the transaction which is completed by the source block chain expected by the user, and the source block chain needs to acquire the content of the original cross-chain transaction to complete the transaction. The identification information of the target blockchain in the cross-chain transaction request is the identification information of the blockchain that the original cross-chain transaction needs to access through the source blockchain and the cross-chain repeater. The source blockchain may determine the original cross-chain transaction according to the cross-chain transaction request in such a manner that if the identification information of the original cross-chain transaction and the target blockchain is directly available in the cross-chain transaction request, the source blockchain directly obtains the identification information of the original cross-chain transaction and the target blockchain. And if the identification information of the original cross-chain transaction and the target blockchain is the encryption information in the cross-chain transaction processing request, decrypting the encrypted identification information of the original cross-chain transaction and the target blockchain according to the user information corresponding to the target user equipment to obtain the identification information of the original cross-chain transaction and the target blockchain.
Step 102, an authentication request is generated according to the identification information of the target blockchain and the source authentication information of the source blockchain, and the authentication request is sent to the cross-chain repeater.
Wherein the authentication request includes identification information of the target blockchain and source authentication information of the source blockchain.
Specifically, the source identity verification information of the source blockchain is preset verification information of the source blockchain and the cross-chain relay, and can represent that the source blockchain is a trusted blockchain. The source blockchain generates an authentication request according to the identification information of the target blockchain and the source authentication information of the source blockchain, wherein the authentication request comprises the identification information of the target blockchain and the source authentication information of the source blockchain. After generating the authentication request, the source blockchain sends the authentication request to the cross-chain repeater.
Step 103, receiving an authentication request sent by a source blockchain.
Specifically, the cross-chain repeater receives an authentication request sent by the source blockchain, wherein the authentication request comprises identification information of the target blockchain and source authentication information of the source blockchain.
Step 104, determining target identity verification information of the target blockchain according to the identification information of the target blockchain.
Specifically, the cross-chain relay is connected with a plurality of blockchains, and each blockchain connected with the cross-chain relay has corresponding authentication information. The cross-chain repeater determines a target blockchain according to the identification information of the target blockchain, thereby determining target identity verification information of the target blockchain.
Step 105, generating a temporary key pair according to the source identity verification information and the target identity verification information, and returning the private key of the temporary key pair to the source blockchain.
Specifically, the cross-chain repeater encrypts by an encryption algorithm according to the source identity verification information and the target identity verification information to generate a temporary key pair, so that the temporary key pair can be used by the source blockchain and the target blockchain. After generating the temporary key pair, the cross-chain relay returns the private key of the temporary key pair to the source blockchain.
And 106, receiving a private key of the temporary key pair returned by the cross-chain relay, encrypting the original cross-chain transaction according to the private key of the temporary key pair to obtain a primary encrypted cross-chain transaction, and transmitting the primary encrypted cross-chain transaction to the cross-chain relay.
Specifically, the source blockchain receives a private key of a temporary key pair returned by the cross-chain repeater, encrypts an original cross-chain transaction by adopting an encryption algorithm according to the private key of the temporary key pair, and obtains an encrypted cross-chain transaction, namely, one-time encrypted cross-chain transaction. The source blockchain sends the primary encryption cross-chain transaction to the cross-chain repeater so that the cross-chain repeater can obtain a secondary encryption cross-chain transaction after performing secondary encryption on the primary encryption cross-chain transaction, and sends the secondary encryption cross-chain transaction to the target blockchain.
The target blockchain determines a public key of the temporary key pair according to the target identity verification information. For example, the manner in which the public key of the temporary key pair is determined may be by the trust certificate of the smart contract target blockchain of the target blockchain resolving the public key of the temporary key pair generated by the cross-chain relay. After the target blockchain obtains the public key of the temporary key pair, the secondary encrypted cross-chain transaction is decrypted by utilizing the public key of the temporary key pair to obtain an original cross-chain transaction, and the original cross-chain transaction is processed. For example, the original cross-chain transaction may be a transaction request, and the target blockchain is allowed to transact after obtaining the transaction request.
Step 107, receiving the primary encrypted cross-chain transaction sent by the source blockchain, and performing secondary encryption on the primary encrypted cross-chain transaction according to the public key of the temporary key pair to obtain a secondary encrypted cross-chain transaction.
The primary encryption cross-chain transaction is obtained by encrypting an original cross-chain transaction by a source blockchain according to a private key of a temporary key pair.
Specifically, the cross-chain repeater receives a primary encryption cross-chain transaction sent by the source blockchain, and performs secondary encryption on the primary encryption cross-chain transaction according to a public key of the temporary key pair to obtain a secondary encryption cross-chain transaction.
Step 108, the secondary encrypted cross-chain transaction is sent to the target blockchain.
Specifically, after obtaining the secondary encryption cross-chain transaction, the cross-chain repeater sends the secondary encryption cross-chain transaction to the target blockchain, so that the target blockchain determines the public key of the temporary key pair according to the target identity authentication information, and processes the original cross-chain transaction obtained by decrypting the secondary encryption cross-chain transaction by using the public key of the temporary key pair.
The method comprises the steps of receiving an authentication request sent by a source blockchain by a cross-chain repeater, wherein the authentication request comprises identification information of a target blockchain and source authentication information of the source blockchain, determining target authentication information of the target blockchain according to the identification information of the target blockchain, generating a temporary key pair according to the source authentication information and the target authentication information, returning a private key of the temporary key pair to the source blockchain, receiving a primary encryption cross-chain transaction sent by the source blockchain, and conducting secondary encryption on the primary encryption cross-chain transaction according to a public key of the temporary key pair to obtain a secondary encryption cross-chain transaction, wherein the primary encryption cross-chain transaction is obtained after the source blockchain encrypts an original cross-chain transaction according to the private key of the temporary key pair, sending the secondary encryption cross-chain transaction to the target blockchain, enabling the target blockchain to determine the public key of the temporary key pair according to the target authentication information, and processing the original cross-chain transaction obtained by decrypting the secondary encryption cross-chain transaction by means of the public key of the temporary key pair. In the scheme of the application, on one hand, the cross-chain transaction is encrypted by using the temporary key pair, so that the cross-chain transaction can be transmitted in the blockchain in the form of encrypted information, and the cross-chain transaction is prevented from being maliciously stolen in the cross-chain process. On the other hand, the cross-chain repeater generates a temporary key pair according to the identity verification information of the source blockchain and the identity verification information of the target blockchain, so that the generation of the temporary key pair can involve the security mechanism problem of the source blockchain and the target blockchain, access control information does not need to be changed in the cross-chain process, the condition of malicious attack in the access control information changing process is avoided, and the security of the cross-chain access process is further improved.
Fig. 2a is another flow chart of the cross-chain transaction processing method provided by the present application, which is applied to a cross-chain repeater, and details a process of generating a temporary key pair by the cross-chain repeater, so as to further illustrate the cross-chain transaction processing method provided by the present application, and as shown in fig. 2a, the method may include the following steps:
Step 201, an authentication request sent by a source blockchain is received.
Step 202, determining the identification information of the source blockchain according to the source identity verification information.
Specifically, the identification information of the source blockchain is identification information of the source blockchain. After receiving the authentication request sent by the source blockchain, the cross-chain repeater determines the identification information of the source blockchain according to the source authentication information in the authentication request.
If the source blockchain is determined to be a trusted blockchain based on the identification information of the source blockchain, step 203 is determined to be executed in step 204.
Specifically, among the plurality of blockchains connected to the cross-chain repeater, there may be a blockchain with a lower degree of trust, and the cross-chain repeater uses the blockchain as an untrusted blockchain and does not process a request sent by the untrusted blockchain. And for the blockchain with higher trust, the blockchain is used as a trusted blockchain in the cross-chain repeater, so that the request sent by the blockchain can be processed. Thus, the cross-chain repeater confirms that the step of determining the target identity verification information of the target blockchain from the identification information of the target blockchain is performed when determining that the source blockchain is a trusted blockchain from the identification information of the source blockchain.
Step 204, determining target identity verification information of the target blockchain according to the identification information of the target blockchain.
Step 205, generating a temporary key pair according to the source identity verification information and the target identity verification information, and returning the private key of the temporary key pair to the source blockchain.
Alternatively, generating a temporary key pair from the source authentication information and the target authentication information may be performed in step 2051.
Step 2051, encrypting the source authentication information and the target authentication information according to a first preset encryption algorithm to generate a temporary key pair.
Specifically, the first preset encryption algorithm may be a preset national encryption SM2 algorithm. The SM2, SM3 and SM4 cryptographic algorithms have higher efficiency than traditional cryptographic algorithms, and have higher encryption strength than traditional cryptographic algorithms, and can be verified simultaneously, thereby being capable of handling concurrent tasks. The cross-chain relay encrypts the source identity authentication information and the target identity authentication information according to the SM2 cryptographic algorithm to generate a temporary key pair, so that the security of cross-chain communication is ensured.
Illustratively, the source blockchain identification information is ib_i, the target blockchain identification information is ib_j, and the source authentication information and the target authentication information are encrypted according to a first preset encryption algorithm to generate a temporary key pair (t_i, t_j).
Step 206, receiving the primary encrypted cross-chain transaction sent by the source blockchain, and performing secondary encryption on the primary encrypted cross-chain transaction according to the public key of the temporary key pair to obtain a secondary encrypted cross-chain transaction.
Alternatively, receiving the one-time encrypted cross-chain transaction sent by the source blockchain may be accomplished by step 2061.
Step 2061, a primary encrypted cross-chain transaction sent by a source blockchain, a hash value of the primary encrypted cross-chain transaction, and signature information of the source blockchain are received.
Specifically, after the source block chain generates a primary encryption cross-chain transaction, a hash value of the primary encryption cross-chain transaction is obtained through calculation, and signature information of the source block chain is generated by signing the hash value. The source blockchain sends the primary encrypted cross-chain transaction, the hash value of the primary encrypted cross-chain transaction and signature information of the source blockchain to the cross-chain repeater, and the cross-chain repeater receives the primary encrypted cross-chain transaction sent by the source blockchain, the hash value of the primary encrypted cross-chain transaction and the signature information of the source blockchain.
Step 207, the secondary encrypted cross-chain transaction is sent to the target blockchain.
Alternatively, after performing step 2061, step 207 may be performed by step 2071.
Step 2071, the second encrypted cross-chain transaction, the hash value of the first encrypted cross-chain transaction, and the signature information of the source blockchain are sent to the target blockchain.
Specifically, the hash value of the twice-encrypted cross-chain transaction and the once-encrypted cross-chain transaction is sent to the target blockchain by the signature information of the source blockchain. The target blockchain verifies the hash value of the once encrypted cross-chain transaction and the signature information of the source blockchain by using a first preset encryption algorithm to obtain a verification result so as to determine whether the source blockchain is a trusted blockchain, and if the source blockchain is the trusted blockchain, the verification result is determined to be verification passing. And after the verification result is that the verification is passed, the target blockchain determines the public key of the temporary key pair according to the target identity verification information, and processes the original cross-chain transaction obtained by decrypting the secondary encrypted cross-chain transaction by using the public key of the temporary key pair.
According to the scheme, the cross-chain repeater determines the identification information of the source blockchain according to the source identity verification information, so that whether the source blockchain is a trusted blockchain is determined, the safety of the cross-chain transaction processing process is further improved, and the cross-chain repeater is prevented from receiving malicious information. The cross-chain repeater sends the secondary encryption cross-chain transaction, the hash value of the primary encryption cross-chain transaction and the signature information of the source blockchain to the target blockchain, so that the target blockchain can verify the source blockchain information conveniently, and the safety of the cross-chain transaction processing process is further improved.
FIG. 3 is another flow chart of the cross-chain transaction method provided by the present application, applied to a source blockchain, for specifying the content of the identification information of the original cross-chain transaction and the target blockchain according to the cross-chain transaction request, so as to further describe the cross-chain transaction method provided by the present application, as shown in FIG. 3, the method may include the following steps:
step 301, receiving a cross-link transaction request sent by a target user equipment.
Optionally, the cross-chain transaction request includes target user identification information, the original cross-chain transaction, and target access information.
Specifically, the source block link receives a cross-link transaction request sent by the target user equipment, where the cross-link transaction request includes target user identification information, an original cross-link transaction, and target access information. The target access information is information of a target blockchain that the cross-chain transaction needs to access.
The third preset encryption algorithm may be a national secret SM3 algorithm. The target user identification information is identification information of the target user, and when the target user performs information registration in the source blockchain, the source blockchain returns to the target user equipment, so that the source blockchain can determine the identity of the target user according to the target user identification information.
Optionally, steps 3011 to 3012 may also be performed before step 301 is performed.
Step 3011, receiving an information registration request sent by a target user equipment.
Wherein the information registration request includes a target user registration public key.
Specifically, the source block link receives an information registration request sent by the target user equipment, where the information registration request includes a target user registration public key. The target user registration public key and the target user registration private key are public keys and private keys of a pair of registration key pairs generated by target user equipment before registration of the target user, and are used for completing registration of the target user.
Step 3012, completing the registration of the target user according to the target user registration public key, and returning the generated target user identification information to the target user equipment.
Specifically, after the source block chain receives the information registration request sent by the target user equipment, the source block chain performs identity registration on the target user. For example, the source blockchain may register the user by using a user registration contract of the source blockchain to generate user identification information capable of characterizing the user identification, and return the generated target user identification information to the target user device.
Illustratively, the user generates a key pair (s_u, p_u) using the cryptographic SM2 algorithm. Where s_u registers the private key for the target user of user u and p_u registers the public key for the target user of user u. The user equipment sends the public key P_u to the source blockchain, and a user registration contract of the source blockchain realizes the registration of the user u in the source blockchain IB_i according to the public key P_u. And after the user registration is successful, the IB_i sends the generated target user identification information Key_u to the user equipment. Through the registration process, the user u establishes a trusted digital identity on IB_i, so that the privacy and the security of the target user in the cross-link interaction process are ensured.
Step 302, determining identification information of a target blockchain according to the target access information, and acquiring an original cross-chain transaction.
For example, the target access information is < SourceChain, destinationChain >, and the blockchain corresponding to SourceChain in the target access information is determined to be the source blockchain ib_i, and the target blockchain identification information corresponding to DestinationChain is determined to be ib_j according to the preset blockchain information. Thus, the identification information of the target blockchain is determined to be ib_j.
Optionally, after performing step 302, steps 3031 to 3032 may also be performed.
Step 3031, it is determined whether the identification information of the target blockchain is consistent with the identification information of the source blockchain.
Specifically, the identification information of the target blockchain is determined in the target access information, and whether the identification information of the target blockchain is consistent with the identification information of the source blockchain is judged. If the identification information of the target blockchain is consistent with the identification information of the source blockchain, the fact that the transaction submitted by the user is not a cross-chain transaction is indicated, the cross-chain processing is not needed, and the source blockchain can complete the processing of the transaction.
Step 3032, if the identification information of the target blockchain is inconsistent with the identification information of the source blockchain, it is determined to execute step 303.
Step 303, an authentication request is generated according to the identification information of the target blockchain and the source authentication information of the source blockchain, and the authentication request is sent to the cross-chain repeater.
Step 304, receiving the private key of the temporary key pair returned by the cross-chain relay, encrypting the original cross-chain transaction according to the private key of the temporary key pair to obtain a primary encrypted cross-chain transaction, and sending the primary encrypted cross-chain transaction to the cross-chain relay.
Optionally, encrypting the original cross-chain transaction according to the private key of the temporary key pair, resulting in a one-time encrypted cross-chain transaction may be implemented by step 3061.
Step 3061, encrypting the original cross-chain transaction according to a second preset encryption algorithm and the private key of the temporary key pair to obtain a primary encrypted cross-chain transaction.
Specifically, after receiving the private key of the temporary key pair, the source blockchain encrypts the original cross-chain transaction according to a second preset encryption algorithm and the private key of the temporary key pair to obtain a one-time encrypted cross-chain transaction.
Optionally, steps 3062 through 3063 may also be performed after one encrypted cross-chain transaction is obtained.
Step 3062, calculating a hash value of the one-time encrypted cross-chain transaction according to a third preset encryption algorithm.
Illustratively, the source blockchain uses the cryptographic SM3 algorithm to calculate a hash value of the primary encrypted cross-chain transaction enc_i_n, resulting in a hash value H (enc_i_n) of the primary encrypted cross-chain transaction as sm3.hash (enc_i_n).
And step 3063, signing the hash value of the once encrypted cross-chain transaction according to the private key of the temporary key pair and a first preset encryption algorithm to obtain signature information of the source blockchain.
Illustratively, the source blockchain signs the hash value H (enc_i_n) of the one-time encrypted cross-chain transaction using SM2 algorithm and private key t_i of the temporary key pair, resulting in signature information sig_i_n of the source blockchain being sm2.sign (t_i, H (enc_i_n)).
Alternatively, after performing steps 3061-3063, sending the one-time encrypted cross-chain transaction to the cross-chain relay may be accomplished by step 3064.
Step 3064, the one-time encrypted cross-chain transaction, the hash value of the one-time encrypted cross-chain transaction, and the signature information of the source blockchain are sent to the cross-chain repeater.
Specifically, the primary encryption cross-chain transaction, the hash value of the primary encryption cross-chain transaction and signature information of the source blockchain are sent to the cross-chain repeater, so that the cross-chain repeater carries out secondary encryption on the primary encryption cross-chain transaction to obtain a secondary encryption cross-chain transaction, and the secondary encryption cross-chain transaction, the hash value of the primary encryption cross-chain transaction and the signature information of the source blockchain are sent to the target blockchain. The target blockchain is used for verifying the hash value of the primary encryption cross-chain transaction and the signature information of the source blockchain according to a first preset encryption algorithm, determining the public key of the temporary key pair according to the target identity verification information after the verification result is that the verification is passed, and processing the original cross-chain transaction obtained by decrypting the secondary encryption cross-chain transaction by using the public key of the temporary key pair.
Illustratively, the source blockchain sends the primary encrypted cross-chain transaction enc_i_n, the hash value H (enc_i_n) of the primary encrypted cross-chain transaction, and the signature information sig_i_n of the source blockchain to the cross-chain relay, which applies the public key t_j of the temporary key pair to secondarily encrypt the primary encrypted cross-chain transaction enc_i_n, and sends the secondarily encrypted cross-chain transaction, the hash value of the primary encrypted cross-chain transaction, and the signature information of the source blockchain to the target blockchain. The target blockchain verifies the signature information sig_i_n of the source blockchain and the hash value H (enc_i_n) of the one-time encrypted cross-chain transaction using the cryptographic SM2 algorithm, thereby verifying the security of the source blockchain. After the verification of the source blockchain security is passed, determining the public key T_j of the temporary key pair according to the target identity verification information, and decrypting the secondary encrypted cross-chain transaction by utilizing the public key of the temporary key pair to obtain and process the original cross-chain transaction t_u_n.
The method comprises the steps of receiving a cross-link transaction processing request sent by target user equipment by a source block link, determining original cross-link transaction and identification information of a target block link according to the cross-link transaction processing request, generating an authentication request according to the identification information of the target block link and source authentication information of the source block link, and sending the authentication request to a cross-link repeater, wherein the authentication request comprises the identification information of the target block link and the source authentication information of the source block link, receiving a private key of a temporary key pair returned by the cross-link repeater, encrypting the original cross-link transaction according to the private key of the temporary key pair, obtaining primary encrypted cross-link transaction, sending the primary encrypted cross-link transaction to the cross-link repeater, obtaining secondary encrypted cross-link transaction after the primary encrypted cross-link transaction is secondarily encrypted by the cross-link repeater, and sending the secondary encrypted cross-link transaction to the target block link, wherein the target block link is used for determining a public key of the temporary key pair according to the target authentication information, and processing the original cross-link transaction obtained by the temporary key pair through the temporary key pair. In the scheme of the application, the source blockchain carries out identity authentication on the identity of the target user so as to determine that the target user is a registered user in the source blockchain, thereby further improving the safety of cross-chain transaction processing. The information included in the cross-link transaction processing request sent by the target user equipment is the information encrypted by the target user equipment according to a plurality of preset encryption algorithms, so that the initial security of the cross-link transaction is improved. The source block chain establishes a hash value of the once encrypted cross-chain transaction and signature information of the source block chain, and sends the hash value of the once encrypted cross-chain transaction and the signature information of the source block chain to the cross-chain relay, and the cross-chain relay forwards the hash value and the signature information of the source block chain to the target block chain, so that the target block chain can verify the source block chain information conveniently, and the safety of the cross-chain transaction processing process is further improved.
FIG. 4 is a schematic diagram of a cross-chain transaction device according to the present application, which is suitable for executing the cross-chain transaction method according to the present application, and is configured as a cross-chain repeater in a cross-chain transaction system, where the cross-chain transaction system further includes a source blockchain and a target blockchain. As shown in fig. 4, the apparatus may specifically include:
And the authentication request receiving module 401 is configured to receive an authentication request sent by the source blockchain, where the authentication request includes identification information of the target blockchain and source authentication information of the source blockchain.
The verification information determining module 402 is configured to determine target identity verification information of the target blockchain according to the identification information of the target blockchain.
And the key pair generating module 403 is configured to generate a temporary key pair according to the source authentication information and the target authentication information, and return a private key of the temporary key pair to the source blockchain.
The secondary encryption module 404 is configured to receive a primary encrypted cross-chain transaction sent by the source blockchain, and perform secondary encryption on the primary encrypted cross-chain transaction according to the public key of the temporary key pair to obtain a secondary encrypted cross-chain transaction, where the primary encrypted cross-chain transaction is obtained after the source blockchain encrypts an original cross-chain transaction according to the private key of the temporary key pair.
And a cross-chain transaction sending module 405, configured to send the twice-encrypted cross-chain transaction to the target blockchain, so that the target blockchain determines a public key of the temporary key pair according to the target identity verification information, and processes the original cross-chain transaction obtained by decrypting the twice-encrypted cross-chain transaction with the public key of the temporary key pair.
In one embodiment, the verification request receiving module 401 is further configured to determine, after receiving the authentication request sent by the source blockchain, identification information of the source blockchain according to the source authentication information, and if the source blockchain is determined to be a trusted blockchain according to the identification information of the source blockchain, determine to execute the step of determining target authentication information of the target blockchain according to the identification information of the target blockchain.
In one embodiment, the key pair generating module 403 is specifically configured to encrypt the source authentication information and the target authentication information according to a first preset encryption algorithm to generate the temporary key pair.
In an embodiment, the secondary encryption module 404 is specifically configured to receive the primary encrypted cross-chain transaction sent by the source blockchain, the hash value of the primary encrypted cross-chain transaction, and the signature information of the source blockchain, and the cross-chain transaction sending module 405 is specifically configured to send the secondary encrypted cross-chain transaction, the hash value of the primary encrypted cross-chain transaction, and the signature information of the source blockchain to the target blockchain, so that the target blockchain verifies the hash value of the primary encrypted cross-chain transaction and the signature information of the source blockchain by using the first preset encryption algorithm, and determine the public key of the temporary key pair according to the target identity verification information after the verification result is verification, and process the original cross-chain transaction obtained by decrypting the secondary encrypted cross-chain transaction by using the public key of the temporary key pair.
The device comprises a cross-chain repeater, a cross-chain server and a cross-chain server, wherein the cross-chain repeater receives an authentication request sent by a source block chain, the authentication request comprises identification information of a target block chain and source authentication information of the source block chain, the target authentication information of the target block chain is determined according to the identification information of the target block chain, a temporary key pair is generated according to the source authentication information and the target authentication information, a private key of the temporary key pair is returned to the source block chain, a primary encryption cross-chain transaction sent by the source block chain is received, the primary encryption cross-chain transaction is secondarily encrypted according to a public key of the temporary key pair, the primary encryption cross-chain transaction is obtained after the source block chain encrypts an original cross-chain transaction according to the private key of the temporary key pair, the secondary encryption cross-chain transaction is sent to the target block chain, the target block chain is enabled to determine the public key of the temporary key pair according to the target authentication information, and the primary encryption cross-chain transaction obtained by decrypting the secondary encryption cross-chain transaction is processed. In the scheme of the application, on one hand, the cross-chain transaction is encrypted by using the temporary key pair, so that the cross-chain transaction can be transmitted in the blockchain in the form of encrypted information, and the cross-chain transaction is prevented from being maliciously stolen in the cross-chain process. On the other hand, the cross-chain repeater generates a temporary key pair according to the identity verification information of the source blockchain and the identity verification information of the target blockchain, so that the generation of the temporary key pair can involve the security mechanism problem of the source blockchain and the target blockchain, access control information does not need to be changed in the cross-chain process, the condition of malicious attack in the access control information changing process is avoided, and the security of the cross-chain access process is further improved.
FIG. 5 is another schematic diagram of a cross-chain transaction device according to the present application, which is adapted to execute the cross-chain transaction method according to the present application, and a source blockchain configured in a cross-chain transaction system, where the cross-chain transaction system further includes a cross-chain repeater and a target blockchain. As shown in fig. 5, the apparatus may specifically include:
the processing request receiving module 501 is configured to receive a cross-link transaction request sent by a target user equipment, and determine, according to the cross-link transaction request, identification information of an original cross-link transaction and target blockchain.
And the verification request sending module 502 is configured to generate an authentication request according to the identification information of the target blockchain and the source authentication information of the source blockchain, and send the authentication request to the cross-chain repeater, where the authentication request includes the identification information of the target blockchain and the source authentication information of the source blockchain.
The primary encryption module 503 is configured to receive a private key of a temporary key pair returned by the cross-chain relay, encrypt the original cross-chain transaction according to the private key of the temporary key pair, obtain a primary encrypted cross-chain transaction, and send the primary encrypted cross-chain transaction to the cross-chain relay, so that the cross-chain relay performs secondary encryption on the primary encrypted cross-chain transaction to obtain a secondary encrypted cross-chain transaction, and sends the secondary encrypted cross-chain transaction to the target blockchain, where the target blockchain is configured to determine a public key of the temporary key pair according to the target identity verification information, and process the original cross-chain transaction obtained by decrypting the secondary encrypted cross-chain transaction with the public key of the temporary key pair.
In an embodiment, the cross-link transaction request includes target user identification information, initial encryption information, target user signature information, hash values of the initial encryption information and target access information, and the processing request receiving module 501 is specifically configured to determine, according to the target access information, identification information of an original cross-link transaction and identification information of a target blockchain, and perform signature verification on the target user signature information and hash values of the initial encryption information according to a target user registration public key and a first preset encryption algorithm, where the target user registration public key is information sent by the target user when the source blockchain is registered, and decrypt, if the signature verification result is that signature verification passes, the initial encryption information according to the target user identification information and a second preset encryption algorithm, to obtain the original cross-link transaction.
In one embodiment, the processing request receiving module 501 is further configured to determine whether the identification information of the target blockchain is consistent with the identification information of the source blockchain before performing signature verification on the target user signature information and the hash value of the initial encryption information according to the target user registration public key and the first preset encryption algorithm, and determine to perform signature verification on the target user signature information and the hash value of the initial encryption information according to the target user registration public key and the first preset encryption algorithm if the identification information of the target blockchain is inconsistent with the identification information of the source blockchain.
In one embodiment, the apparatus further includes a registration module, configured to receive an information registration request sent by a target user device before the processing request receiving module 501 receives a cross-link transaction request sent by the target user device, where the information registration request includes the target user registration public key, complete registration of the target user according to the target user registration public key, and return the generated target user identification information to the target user device.
In an embodiment, the initial encryption information is obtained after the target user equipment encrypts the original cross-link transaction according to the second preset encryption algorithm and the target user identification information, the hash value of the initial encryption information is obtained by the target user equipment calculating the hash value of the initial encryption information according to a third preset encryption algorithm, and the target user signature information is obtained by the target user equipment signing the hash value of the initial encryption information according to a target user registration private key and the first preset encryption algorithm.
In one embodiment, the primary encryption module 503 is specifically configured to encrypt the original cross-chain transaction according to the second preset encryption algorithm and the private key of the temporary key pair to obtain a primary encrypted cross-chain transaction, the primary encryption module 503 is further configured to calculate a hash value of the primary encrypted cross-chain transaction according to the third preset encryption algorithm, sign the hash value of the primary encrypted cross-chain transaction according to the private key of the temporary key pair to obtain source blockchain signature information, the primary encryption module 503 is configured to send the primary encrypted cross-chain transaction to the cross-chain repeater to cause the cross-chain repeater to obtain a secondary encrypted cross-chain transaction after the primary encrypted cross-chain transaction is encrypted according to the private key of the temporary key pair to obtain a primary encrypted cross-chain transaction, and send the secondary encrypted cross-chain transaction to the target blockchain, the hash chain is used to obtain the primary blockchain and the source blockchain signature information, the target blockchain is used for verifying the hash value of the primary encryption cross-chain transaction and the signature information of the source blockchain according to the first preset encryption algorithm, determining the public key of the temporary key pair according to the target identity verification information after verification results are verification passing, and processing the original cross-chain transaction obtained by decrypting the secondary encryption cross-chain transaction by using the public key of the temporary key pair.
The device comprises a source block chain, a target block chain, a temporary key pair and a cross-chain relay, wherein the source block chain receives a cross-chain transaction processing request sent by target user equipment, determines original cross-chain transactions and identification information of the target block chain according to the cross-chain transaction processing request, generates an authentication request according to the identification information of the target block chain and source authentication information of the source block chain, and sends the authentication request to the cross-chain relay, the authentication request comprises the identification information of the target block chain and the source authentication information of the source block chain, a private key of the temporary key pair returned by the cross-chain relay is received, the original cross-chain transactions are encrypted according to the private key of the temporary key pair, the primary encrypted cross-chain transactions are obtained, the primary encrypted cross-chain transactions are sent to the cross-chain relay, the secondary encrypted cross-chain transactions are obtained after the cross-chain relay conducts secondary encryption on the primary encrypted cross-chain transactions, and the secondary encrypted cross-chain transactions are sent to the target block chain, and the target block chain is used for determining a public key of the temporary key pair according to the target authentication information, and processing the original cross-chain transactions obtained by the temporary key pair. In the scheme of the application, the source blockchain carries out identity authentication on the identity of the target user so as to determine that the target user is a registered user in the source blockchain, thereby further improving the safety of cross-chain transaction processing. The information included in the cross-link transaction processing request sent by the target user equipment is the information encrypted by the target user equipment according to a plurality of preset encryption algorithms, so that the initial security of the cross-link transaction is improved. The source block chain establishes a hash value of the once encrypted cross-chain transaction and signature information of the source block chain, and sends the hash value of the once encrypted cross-chain transaction and the signature information of the source block chain to the cross-chain relay, and the cross-chain relay forwards the hash value and the signature information of the source block chain to the target block chain, so that the target block chain can verify the source block chain information conveniently, and the safety of the cross-chain transaction processing process is further improved.
The application also provides an electronic device, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor realizes the cross-chain transaction processing method provided by any embodiment when executing the program.
The application also provides a computer readable medium having stored thereon a computer program which when executed by a processor implements the cross-chain transaction method provided by any of the above embodiments.
Referring now to fig. 6, a schematic diagram of an electronic device 600 suitable for use in implementing the present application is shown. The electronic device shown in fig. 6 is only an example and should not impose any limitation on the functionality and scope of use of the present application.
As shown in fig. 6, the electronic device 600 includes a Central Processing Unit (CPU) 601, which can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 602 or a program loaded from a storage section 608 into a Random Access Memory (RAM) 603. In the RAM 603, various programs and data required for the operation of the electronic apparatus 600 are also stored. The CPU 601, ROM 602, and RAM 603 are connected to each other through a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
Connected to the I/O interface 605 are an input section 606 including a keyboard, a mouse, and the like, an output section 607 including a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, a speaker, and the like, a storage section 608 including a hard disk, and the like, and a communication section 609 including a network interface card such as a LAN card, a modem, and the like. The communication section 609 performs communication processing via a network such as the internet. The drive 610 is also connected to the I/O interface 605 as needed. Removable media 611 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is installed as needed on drive 610 so that a computer program read therefrom is installed as needed into storage section 608.
In particular, according to embodiments of the present disclosure, the processes described above with reference to flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method shown in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication portion 609, and/or installed from the removable medium 611. The above-described functions defined in the system of the present application are performed when the computer program is executed by a Central Processing Unit (CPU) 601.
The computer readable medium shown in the present application may be a computer readable signal medium or a computer readable storage medium, or any combination of the two. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples of a computer-readable storage medium may include, but are not limited to, an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present application, however, the computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, with the computer-readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The modules and/or units described in the present application may be implemented in software or in hardware. The described modules and/or units may also be provided in a processor, for example, as a processor applied to a cross-chain repeater in a cross-chain transaction system that also includes a source blockchain and a target blockchain, including an authentication request receiving module, an authentication information determining module, a key pair generating module, a secondary encryption module, and a cross-chain transaction transmitting module. Or may be described as a processor applied to a source blockchain in a cross-chain transaction system that also includes a cross-chain repeater and a target blockchain, including a processing request receiving module, an authentication request sending module, and a one-time encryption module. The names of these modules do not constitute a limitation on the module itself in some cases.
As a further aspect, the invention also provides a computer readable medium which may be comprised in the device described in the above embodiments or may be present alone without being fitted into the device. The computer readable medium carries one or more programs which, when executed by one of the devices, cause the device to:
The method comprises the steps of receiving an authentication request sent by a source blockchain, wherein the authentication request comprises identification information of a target blockchain and source authentication information of the source blockchain, determining target authentication information of the target blockchain according to the identification information of the target blockchain, generating a temporary key pair according to the source authentication information and the target authentication information, returning a private key of the temporary key pair to the source blockchain, receiving a primary encryption cross-chain transaction sent by the source blockchain, and conducting secondary encryption on the primary encryption cross-chain transaction according to a public key of the temporary key pair to obtain a secondary encryption cross-chain transaction, wherein the primary encryption cross-chain transaction is obtained after the source blockchain encrypts an original cross-chain transaction according to the private key of the temporary key pair, sending the secondary encryption cross-chain transaction to the target blockchain, enabling the target blockchain to determine the public key of the temporary key pair according to the target authentication information, and processing the primary encryption cross-chain transaction obtained by decrypting the secondary encryption cross-chain transaction through the public key of the temporary key pair.
Or the computer-readable medium carries one or more programs which, when executed by a device, cause the device to:
The method comprises the steps of receiving a cross-link transaction processing request sent by target user equipment, determining original cross-link transaction and identification information of a target blockchain according to the cross-link transaction processing request, generating an authentication request according to the identification information of the target blockchain and source authentication information of a source blockchain, and sending the authentication request to a cross-link repeater, wherein the authentication request comprises the identification information of the target blockchain and the source authentication information of the source blockchain, receiving a private key of a temporary key pair returned by the cross-link repeater, encrypting the original cross-link transaction according to the private key of the temporary key pair, obtaining primary encrypted cross-link transaction, sending the primary encrypted cross-link transaction to the cross-link repeater, obtaining secondary encrypted cross-link transaction after the primary encrypted cross-link transaction is secondarily encrypted by the cross-link repeater, and sending the secondary encrypted cross-link transaction to the target blockchain, wherein the target blockchain is used for determining a public key of the temporary key pair according to the target authentication information, and processing the original cross-link transaction obtained by decrypting the secondary encrypted cross-link transaction by the temporary key pair.
According to the technical scheme, the cross-chain repeater receives an authentication request sent by a source block chain, wherein the authentication request comprises identification information of a target block chain and source authentication information of the source block chain, determines target authentication information of the target block chain according to the identification information of the target block chain, generates a temporary key pair according to the source authentication information and the target authentication information, returns a private key of the temporary key pair to the source block chain, receives a primary encryption cross-chain transaction sent by the source block chain, and carries out secondary encryption on the primary encryption cross-chain transaction according to a public key of the temporary key pair to obtain a secondary encryption cross-chain transaction, wherein the primary encryption cross-chain transaction is obtained after the source block chain encrypts an original cross-chain transaction according to the private key of the temporary key pair, sends the secondary encryption cross-chain transaction to the target block chain, enables the target block chain to determine the public key of the temporary key pair according to the target authentication information, and processes the original cross-chain transaction obtained by decrypting the secondary encryption cross-chain transaction by the public key of the temporary key pair. In the scheme of the application, on one hand, the cross-chain transaction is encrypted by using the temporary key pair, so that the cross-chain transaction can be transmitted in the blockchain in the form of encrypted information, and the cross-chain transaction is prevented from being maliciously stolen in the cross-chain process. On the other hand, the cross-chain repeater generates a temporary key pair according to the identity verification information of the source blockchain and the identity verification information of the target blockchain, so that the generation of the temporary key pair can involve the security mechanism problem of the source blockchain and the target blockchain, access control information does not need to be changed in the cross-chain process, the condition of malicious attack in the access control information changing process is avoided, and the security of the cross-chain access process is further improved.
Embodiments of the present application also provide a computer program product comprising a computer program which, when executed by a processor, implements a method of cross-chain transaction processing as provided by any of the embodiments of the present application.
Computer program product in the implementation, the computer program code for carrying out operations of the present application may be written in one or more programming languages, including an object oriented programming language such as Java, smalltalk, C ++ and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computer (for example, through the Internet using an Internet service provider).
It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps described in the present application may be performed in parallel, sequentially, or in a different order, so long as the desired results of the technical solution of the present application are achieved, and the present application is not limited herein.
The above embodiments do not limit the scope of the present application. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives can occur depending upon design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present application should be included in the scope of the present application.