基于区块链的对账系统设计与实现

电子支付、电子商务、互联网广告、大数据交易等业务,都是由多个主体参与的持续性业务。对账系统是此类业务开展中的重要一环,它保证了各参与方数据一致。区块链技术集成了分布式公共账本及智能合约技术,且本身具有不可伪造、不可篡改的特性,可以满足对账系统的需求。本文讨论了基于区块链技术的对账系统,并给出了依托Bitcoin和Ethereum公链的具体实现。利用区块链特性,对账系统可以实现去中心化对账。相对于中心化对账,该方案不依赖某单一参与者,没有单点故障;对账结果通过区块链存储,结果可追溯、验真;数据根据授权分别存储于公链及私链,保证了数据隐私。     

区块链数据库:一种可查询且防篡改的数据库

随着比特币、以太币等一系列加密货币的兴起,其底层的区块链技术受到越来越广泛的关注.区块链有防篡改、去中心化的特性.以太坊利用区块链技术来构建新一代去中心化的应用平台.BigchainDB将区块链技术与传统的分布式数据库相结合,利用基于联盟投票的共识机制改进传统Pow机制中的节点全复制问题,提高了系统的扩展性与吞吐率.但是现有的区块链系统存储的信息大都是固定格式的交易信息,虽然在每个交易里有数据字段,但是现有的区块链系统并不能经由链上对交易内的数据字段的具体细节进行直接查询.如果想要查询数据字段的具体细节,只能先根据交易的哈希值进行查询,得到该交易的完整信息,然后再检索该交易内的数据信息.数据可操作性低,不具备传统数据库的查询功能.首先提出一种区块链数据库系统框架,将区块链技术应用于分布式数据管理;其次提出一种基于哈希指针的不可篡改索引,根据该索引快速检索区块内数据,以此实现区块链的查询;最后,通过实验测试数据库的读写性能,实验结果表明,所提出的不可篡改索引在保证不可篡改的同时具有较好的读写性能.     

区块链的数据管理技术综述

最近几年,随着加密货币和去中心化应用的流行,区块链技术受到了各行业极大的关注.从数据管理的角度,区块链可以视作是在一个分布式环境下众多不可信节点共同维护且不可篡改的账本.由于节点间相互不可信,区块链通过共识协议,确保数据存储的一致性,实现去中心化的数据管理.针对区块链的安全性以及共识协议,已有诸多工作进行全面的分析.将从数据管理的角度,分析区块链技术与传统数据库下数据管理技术的异同.分布式数据管理的研究已经持续数十年,涵盖了数据存储模式、事务处理机制、查询执行与验证、系统可扩展性等诸多方面,并已有诸多技术广泛应用于实际的分布式数据库中.该类工作往往假定存在中心可信节点或者节点只可能发生崩溃而不存在恶意攻击.然而在区块链环境中,系统设计需考虑不可信节点可能的攻击行为以及拜占庭容错.这给数据管理带来了新的问题与挑战.因此,将梳理并分析国内外有关区块链数据管理的文献,并展望未来的研究方向.     

区块链关键技术的研究进展

区块链是一种将时序数据以链式结构组合而成、以密码学机制保证交易数据不可篡改的分布式账本,是一种新型分布式计算模式与去中心化基础构架。区块链技术具有去中心化、建立信任关系、集体维护、交易公平和透明、不可篡改、可溯源等特征,已成为工业界和学术界的研究热点。介绍了区块链的组成元素,详细阐述了区块链的基本原理、智能合约、共识机制等关键技术,结合金融、物联网、供应链、医疗系统应用场景,讨论了其利用区块链技术的优化方向。总结了区块链技术在安全、效率、隐私保护等方面存在的不足,给出了相应的应对措施。提出了改进共识机制、匿名性和系统吞吐量的有效方法,为区块链技术的进一步发展和完善提供有益的借鉴和指导。     

区块链技术在数字资产安全交易中的应用

针对传统数据资产交易平台依靠中心化的管理机构完成交易过程,不能保证数据资产交易过程中的安全性的弊端,利用区块链技术去中心化、去信任、难以篡改等技术特征.提出了一种基于区块链技术的新型数字资产安全交易方法.首先阐明传统数字资产交易平台的弊端,剖析了区块链技术在数据资产安全交易中的关键技术;其次,分别从数据存储、交易信息加密、验证节点间的共识算法方面提出具体的实施方案;最后,针对数据资产交易过程中的验证节点共识算法进行验证分析,实验结果表明,本文所提出的方法能很好的适用于数字资产安全交易.     

区块链与可信数据管理:问题与方法

作为支撑比特币实现无中心高可信的账本管理的技术,区块链在金融领域得到了广泛关注.区块链实现了不完全可信环境中的可信数据管理,具有去中心化、防篡改、不可抵赖、强一致和完整性等特性,同时也具有高延迟和低吞吐率的性能问题.在互联网技术发展,新型应用层出不穷的大背景下,借鉴区块链在数字加密货币应用中的成功经验,探索可信数据管理的理论、技术,并设计、实现系统,是学术界所面临的重要问题.本文从可信数据管理角度,介绍区块链相关的技术和研究进展,包括分布式共识、智能合约、数据溯源等,并分析应用对可信数据管理所提的需求和研究挑战.     

基于区块链技术的公平合约交换协议的实现

当前的区块链技术,只在链上实现了“利益”的可信传递,而对应的“责任”传递还未有对应的链上实现,其关键问题是“责任”的载体及“责任”传递的接收确认.只包含“利益”的链上传递,因此,链上建立的信任关系是单向的,无法建立传递发起方对接收方的信任.从线上公平合约交换协议研究出发,给出了无可信第三方的、基于区块链技术的、确定性的线上公平合约交换协议的实现,同时改变了目前交易类型区块链技术的单向信任关系,通过附加协议,在区块链参与节点之间建立了多向信任关系.改造交易类型的区块链数据结构,将交易类型区块链的交易内容转换为待签合约,多方之间发送“转账”交易单,在链内共识协议的控制下,实现多方之间对合约不可抵赖的签名确认.本协议规定：多方在链接的交易单之中完成随机顺序签名确认后,为合约生效的唯一确认.由于区块链交易数据的公开性、不可篡改性和不可否认性,避免了合约任何一方的作弊行为,既保证了合约交换过程的公平性,也保证了合约交换完毕之后的均势.同时,为多方合约提供了实时动态管理功能,包括合约内容的追加、更新和删除.最后讨论了该协议的公平性、隐私性及共识机制的选择问题.     

区块链研究进展综述

区块链是信息互联网向价值互联网转变的重要基石,是现代数字货币体系的可选技术之一.它以密码学技术为基础,通过分布式多节点“共识”机制,可以“完整、不可篡改”地记录价值转移（交易）的全过程.区块链采用的具体技术包括密码学、共识协议、博弈论、数据存储、P2P通信等,是多种已有技术的融合创新.本文从共识协议、安全与隐私保护机制、可扩展性与效率、系统/协议的安全分析与评估等四个方面,对区块链的研究进展进行了概要评述.     

基于智能合约的可信筹款捐助方案与平台

传统筹款捐助平台的集中式管理难以满足高可信机制的需求,筹款信息真假难辨,善款流向不透明。区块链技术的去中心化、数据不可篡改、可溯源、点对点交易等特点为构建可信捐助平台奠定了基础。由此以区块链技术为基础,提出了一种基于以太坊智能合约的捐助方案。首先,将筹款信息和捐款交易事件等存储在以太坊区块链上,并利用保证金机制保证了数据的真实性和可溯性;同时,阐述了该方案的架构模型,提出智能合约算法Donate代替人工操作,防止善款挪用和久未到账问题;最后,通过基于智能合约的可信筹款捐助平台验证了该方案的可行性。将所提平台与传统筹款平台比较分析,证明了该平台能安全有效地防止虚假筹款和善款挪用。     

基于联盟区块链的电动汽车可信充电模型

基于中央服务器的传统架构是过去后台服务搭建的重要解决方案,但随着用户数与应用需求的爆发式增长,该架构对中心节点的计算与存储能力提出了更高的要求,同时也带来了信任危机.分布式系统的一个典型代表-区块链,作为比特币的核心技术,它的不可篡改,可追溯,不可伪造数据等特性使得它在近几年受到广大研究者的广泛关注.本文提出将联盟区块链应用到电动车,充电桩,智能电表,传输电网所组成的充电网络中,利用区块链技术来管理充电记录,以此来保护每一方的利益,为交易纠纷的解决提出一种数据层面的支撑.本文在提出专用联盟区块链的同时,也提出了一种新的适用于电动汽车可信充电模型的共识机制和对应的查询智能合约.实验结果表明所设计的共识机制能在该可信充电网络模型中安全高效的运行,同时也能够满足用户快速查询交易的需求.     

分布式账本系统性能优化技术综述

分布式账本作为分布式数据管理的体系架构,通常在多节点之间通过共识机制来共同维护数据记录,可将数据所有权、传播过程、交易链条等相关信息完整全面地记录在分布的账本中,并在数据产生、流动的整个生命周期中,保证数据的不可篡改、不可抵赖,为确权、维权、审计提供背书.区块链是一种典型实现.随着数字货币、数据资产交易等数字经济新应用的发展,分布式账本技术得到了越来越广泛的关注,但系统性能是其大规模落地应用的一个主要瓶颈,账本性能优化成为产业界和学术界一个研究热点.从账本体系结构、数据结构、共识机制和消息通讯4个方面,系统地调研分析了分布式账本性能优化的主要方法、关键技术和代表性的解决方案.     

基于DAG的分布式账本共识机制研究

自2008年比特币出现以来,研究学者相继提出了多种分布式账本技术,其中,区块链是当前分布式账本最主要的实现形式之一.但当前区块链中存在一个核心问题:可扩展性瓶颈.具体而言,区块链的吞吐量严重不足,且其交易确认也较为缓慢,这些因素极大地限制了它的实际应用.在此背景下,基于DAG(有向无环图)的分布式账本因其具有高并发特性,有望突破传统区块链中的性能瓶颈,从而受到了学术界和产业界越来越多的关注和研究.在基于DAG的分布式账本中,最为核心和关键的技术是其共识机制,为此,对该关键技术进行了系统深入的研究.首次从共识形态出发将现有基于DAG的分布式账本分为以下3类:基于主干链的DAG账本;基于平行链的DAG账本;基于朴素DAG的账本.在此基础上,对不同类型的共识机制本质原理及特性进行了深入阐述,并从不同层面对它们进行了详细的对比分析.最后,指出基于DAG的共识机制研究中存在的问题与挑战,并给出进一步的研究方向.     

区块链隐私保护研究与实践综述

基于区块链的分布式账本，集成了非对称加密体系、P2P网络、共识算法、智能合约等多种技术，保证事务记录的一致性和不可篡改性.但是，区块链技术中的账本共享机制也带来了隐私威胁，用户身份、账户地址、交易内容等信息的隐私保护成为研究的关注点.讨论了区块链系统中的隐私威胁；着重分析了地址混淆、信息隐藏、通道隔离等3类隐私保护机制，详细介绍各类机制的原理、模型、特征及实现技术；最后探讨了实际应用中，区块链隐私保护技术在系统性能和可扩展性方面的挑战和发展方向.     

A Secure Framework for Blockchain Transactions Protection

One of the most extensively used technologies for improving the security of IoT devices is blockchain technology. It is a new technology that can be utilized to boost the security. It is a decentralized peer-to-peer network with no central authority. Multiple nodes on the network mine or verify the data recorded on the Blockchain. It is a distributed ledger that may be used to keep track of transactions between several parties. No one can tamper with the data on the blockchain since it is unchangeable. Because the blocks are connected by hashes, the transaction data is safe. It is managed by a system that is based on the consensus of network users rather than a central authority. The immutability and tamper-proof nature of blockchain security is based on asymmetric cryptography and hashing. Furthermore, Blockchain has an immutable and tamper-proof smart contract, which is a logic that enforces the Blockchain’s laws. There is a conflict between the privacy protection needs of cyber-security threat intelligent (CTI) sharing and the necessity to establish a comprehensive attack chain during blockchain transactions. This paper presents a blockchain-based data sharing paradigm that protects the privacy of CTI sharing parties while also preventing unlawful sharing and ensuring the benefit of legitimate sharing parties. It builds a full attack chain using encrypted threat intelligence and exploits the blockchain’s backtracking capacity to finish the decryption of the threat source in the attack chain. Smart contracts are also used to send automatic early warning replies to possible attack targets. Simulation tests are used to verify the feasibility and efficacy of the suggested model.     

ShadowEth: Private Smart Contract on Public Blockchain

Blockchain is becoming popular as a distributed and reliable ledger which allows distrustful parties to transact safely without trusting third parties. Emerging blockchain systems like Ethereum support smart contracts where miners can run arbitrary user-defined programs. However, one of the biggest concerns about the blockchain and the smart contract is privacy, since all the transactions on the chain are exposed to the public. In this paper, we present ShadowEth, a system that leverages hardware enclave to ensure the confidentiality of smart contracts while keeping the integrity and availability based on existing public blockchains like Ethereum. ShadowEth establishes a confidential and secure platform protected by trusted execution environment (TEE) off the public blockchain for the execution and storage of private contracts. It only puts the process of verification on the blockchain. We provide a design of our system including a protocol of the cryptographic communication and verification and show the applicability and feasibility of ShadowEth by various case studies. We implement a prototype using the Intel SGX on the Ethereum network and analyze the security and availability of the system.     

EDALoCo: Enhancing the accessibility of blockchains through a low-code approach to the development of event-driven applications for smart contract management

Blockchain is a cutting-edge technology based on a distributed, secure and immutable ledger that facilitates the registration of transactions and the traceability of tangible and intangible assets without requiring central governance. The agreements between the nodes participating in a blockchain network are defined through smart contracts. However, the compilation, deployment, interaction and monitoring of these smart contracts is a barrier compromising the accessibility of blockchains by non-expert developers. To address this challenge, in this paper, we propose a low-code approach, called EDALoCo, that facilitates the development of event-driven applications for smart contract management. These applications make blockchain more accessible for software developers who are non-experts in this technology as these can be modeled through graphical flows, which specify the communications between data producers, data processors and data consumers. Specifically, we have enhanced the open-source Node-RED low-code platform with blockchain technology, giving support for the creation of user-friendly and lightweight event-driven applications that can compile and deploy smart contracts in a particular blockchain. Additionally, this platform extension allows users to interact with and monitor the smart contracts already deployed in a blockchain network, hiding the implementation details from non-experts in blockchain. This approach was successfully applied to a case study of COVID-19 vaccines to monitor and obtain the temperatures to which these vaccines are continuously exposed, to process them and then to store them in a blockchain network with the aim of making them immutable and traceable to any user. As a conclusion, our approach enables the integration of blockchain with the low-code paradigm, simplifying the development of lightweight event-driven applications for smart contract management. The approach comprises a novel open-source solution that makes data security, immutability and traceability more accessible to software developers who are non-blockchain experts.     

基于Fabric区块链技术的电力企业人资信息化系统研究

针对现有技术中电力企业人资管理落后、效率低下的问题,借助于新型的区块链技术,提出了新型的电力企业人资信息化系统.该系统以Hyperledger Fabric(分布式账本)技术为依托,融合了共识算法、加密算法、数字资产交互、信息共享、数据传递、智能合约和身份认证等技术,构建出包括数据层、网络层、共识层、激励层和智能合约层的底层数据架构,并采用椭圆曲线函数实现对人力资源数据的加密、计算,又对人资数据信息的共享方法进行了说明.试验结果表明,该系统的数据共享能力强,加密性能好.     

On the adoption of blockchain for business process monitoring

Being the blockchain and distributed ledger technologies particularly suitable to create trusted environments where participants do not trust each other, business process management represents a proper setting in which these technologies can be adopted. In this direction, current research work primarily focuses on blockchain-oriented business process design, or on execution engines able to enact processes through smart contracts. Conversely, less attention has been paid to study if and how blockchains can be beneficial to business process monitoring. This work aims to fill this gap by (1) providing a reference architecture for enabling the adoption of blockchain technologies in business process monitoring solutions, (2) defining a set of relevant research challenges derived from this adoption, and (3) discussing the current approaches to address the aforementioned challenges.

     

Decentralized data access control over consortium blockchains

Blockchain is an emerging data management technology that enables people in a collaborative network to establish trusted connections with the other participants. Recently consortium blockchains have raised interest in a broader blockchain technology discussion. Instead of a fully public, autonomous network, consortium blockchain supports a network where participants can be limited to a subset of users and data access strictly controlled. Access control policies should be defined by the respective data owner and applied throughout the network without requiring a centralized data administrator. As a result, decentralized data access control (DDAC) emerges as a fundamental challenge for such systems. However, we show from a trust model for consortium collaborative networks that current consortium blockchain systems provide limited support for DDAC. Further, the distributed, replicated nature of blockchain makes it even more challenging to control data access, especially read access, compared with traditional DBMSes. We investigate possible strategies to protect data from being read by unauthorized users in consortium blockchain systems using combinations of ledger partitioning and encryption strategies. A general framework is proposed to help inexperienced users determine appropriate strategies under different application scenarios. The framework was implemented on top of Hyperledger Fabric to evaluate feasibility. Experimental results along with a real-world case study contrasted the performance of different strategies under various conditions and the practicality of the proposed framework.