Block chain system anonymous red packet robbing method, equipment and storage medium
阅读说明:本技术 一种区块链系统匿名抢红包方法、设备及储存介质 (Block chain system anonymous red packet robbing method, equipment and storage medium ) 是由 马登极 王志文 吴思进 于 2021-09-03 设计创作,主要内容包括:本发明属于计算机技术领域,尤其涉及一种区块链系统匿名抢红包方法、设备及储存介质。本发明提供的方法特别适用于多人抢红包场景下,同时能够有效保护红包接收用户的隐私,令红包发送用户或其他用户都不能查询是谁领取了红包,实现红包的匿名领取。(The invention belongs to the technical field of computers, and particularly relates to a method, equipment and a storage medium for anonymously robbing red envelope for a block chain system. The method provided by the invention is particularly suitable for a scene of robbing the red envelope by multiple persons, and can effectively protect the privacy of the red envelope receiving user, so that the red envelope sending user or other users can not inquire who gets the red envelope, and the anonymous getting of the red envelope is realized.)
1. An anonymous red packet scrambling method for a block chain system is characterized by comprising the following contents:
the block chain system is provided with a red envelope contract, the red envelope contract constructs a withholding address according to a preselected elliptic curve, the withholding address is only provided with a corresponding public key, and the red envelope contract constructs a transaction signature of an anonymous contract based on the withholding address;
the block chain-based anonymous red packet robbing method comprises the following steps:
s1, a red packet sending user locally generates a first random number, calculates a first random number hash corresponding to the first random number, constructs a red packet sending transaction based on the first random number hash, simultaneously generates a red packet ID for the red packet sending transaction based on the red packet contract, and then generates red packet private information, wherein the red packet private information comprises the first random number and the red packet ID, and the red packet sending user publishes the red packet private information; the transaction information of the red packet sending transaction comprises a plaintext of a token total amount contained in the red packet, and the first random number hash corresponds to the token total amount contained in the red packet;
s2, the red envelope contract freezes corresponding number of tokens in the user account of the red envelope sending based on the red envelope sending transaction;
s3, the red packet receiving user obtains the private information of the red packet published by the red packet sending user, a second random number is locally generated, a second random number hash corresponding to the second random number is calculated, and a red packet getting transaction signed by a red packet contract is constructed based on the second random number hash; meanwhile, a red packet receiving user creates a first zero knowledge certificate and sends the first zero knowledge certificate, a second random number hash and a red packet getting transaction to the red packet contract, wherein the first zero knowledge certificate is used for proving that the red packet receiving user obtains the private information of the red packet;
s4, the red envelope contract verifies the first zero knowledge proof, and if the verification is passed, a second random number generated by the red envelope receiving user is registered to the red envelope ID in a hash mode and fed back to the red envelope receiving user;
s5, after the second random number hash registration condition of the red packet ID meets the preset condition, the red packet contract distributes a corresponding number of tokens to the second random number hash according to a preset distribution algorithm, and the red packet receiving transaction is perfected; simultaneously generating a sum marked hash based on the second random number hash and the number of tokens distributed, and feeding back the sum marked hash to the red packet receiving user;
s6, after receiving registration success feedback, a red packet receiving user locally constructs a second zero knowledge certificate and sends the second zero knowledge certificate to the red packet contract, the red packet contract verifies the second zero knowledge certificate, the verification is passed, the red packet contract records a red packet pickup transaction on the block chain, and the red packet receiving user picks and distributes the second random number Hash token; the second zero knowledge proof is used for proving that the red packet receiving user acquires the first random number and the second random number, and the second random number hash is registered on the red packet ID.
2. The method as claimed in claim 1, wherein the red envelope ID is stored in a first merkel tree, and the first merkel tree is used to store the leaf node value of the first merkel tree based on the red envelope contract and the red envelope ID generated based on the red envelope contract in a one-to-one correspondence.
3. The method as claimed in claim 2, wherein the second random number registered in the red packet ID is stored in a second merkel tree, the red packet contract configures a corresponding second merkel tree for each red packet ID generated based on the red packet contract, the red packet ID is in one-to-one correspondence with the second merkel tree, the second merkel tree is used to store all the merkel trees of the hash of the second random number registered in the corresponding red packet ID, and the value of each leaf node of the second merkel tree is in one-to-one correspondence with each hash of the second random numbers registered in the corresponding red packet ID.
4. The method as claimed in claim 3, wherein the red packet contract stores a second root hash corresponding to each red packet ID in a third merkel tree, the second root hash is obtained by computing a root hash of the second merkel tree, the value of each leaf node of the third merkel tree corresponds to the second root hash corresponding to each red packet ID, and the leaf nodes of the third merkel tree are mapped to the leaf nodes of the first merkel tree.
5. The method according to claim 1, wherein the method for anonymously robbing red envelope in a blockchain system, the second zero knowledge proof is constructed based on a preset second zero knowledge proof circuit, the second zero knowledge proof circuit takes the plaintext of the total token amount contained in the first hash, the third hash and the red packet as public input, taking the hash value of the red packet ID, the first Mercker tree path data, the first random number hash, the first random number, the second root hash, the third Mercker tree path data, the second random number, the second Mercker tree path data and the money mark hash as private input, and the third hash is a root hash of the third Mercker tree, and the first Mercker tree path data, the second Mercker tree path data and the third Mercker tree path data are all fed back to the Red envelope receiving user by a Red envelope contract.
6. The anonymous red packet robbing method of the blockchain system according to any one of claims 1 to 5, wherein the red packet sending user publishes the private information of the red packet by a two-dimensional code.
7. A computer device, characterized by one or more processors;
a memory for storing one or more programs,
the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method recited in any of claims 1-6.
8. A storage medium storing a computer program, characterized in that the program, when executed by a processor, implements the method according to any one of claims 1-6.
Technical Field
The invention belongs to the technical field of computers, and particularly relates to a method, equipment and a storage medium for anonymously robbing red envelope for a block chain system.
Background
Along with the intelligent development of science and technology, the functions of mobile phone communication software are more and more complete, when holidays come, more and more people send red packages to relatives and friends through the mobile phone communication software to set off the holiday atmosphere, and many businesses and the like also send red packages to the public in society for the purposes of propaganda, marketing and the like, the red package sending and receiving all have records, the information of a red package receiving user is disclosed, especially in the technical field of block chains, because the trade chain is required to be identified in the block chains, the existing red package sending and receiving schemes are displayed at present, a sender sends the red packages to a contract, the amount is frozen or the number is set, a receiver takes the contract, and the receiver leaves the receiving information, so the privacy of the user is not friendly. Therefore, there is a need for an anonymous red packet preemption method that can protect the privacy of the red packet retriever, for example, in a scenario where the sender discloses red packet information through a public medium and many people preempt the red packet.
Disclosure of Invention
In order to solve the technical problem, the invention provides a method, equipment and a storage medium for anonymously robbing a red envelope by a block chain system, which can protect the privacy of a red envelope retriever.
In order to achieve the purpose, the invention adopts the following technical scheme.
In a first aspect, a block chain system anonymous red packet robbing method is provided, which includes the following steps:
the block chain system is provided with a red envelope contract, the red envelope contract constructs a withholding address according to a preselected elliptic curve, the withholding address is only provided with a corresponding public key, and the red envelope contract constructs a transaction signature of an anonymous contract based on the withholding address;
the block chain-based anonymous red packet robbing method comprises the following steps:
s1, a red packet sending user locally generates a first random number, calculates a first random number hash corresponding to the first random number, constructs a red packet sending transaction based on the first random number hash, simultaneously generates a red packet ID for the red packet sending transaction based on the red packet contract, and then generates red packet private information, wherein the red packet private information comprises the first random number and the red packet ID, and the red packet sending user publishes the red packet private information; the transaction information of the red packet sending transaction comprises a plaintext of a token total amount contained in the red packet, and the first random number hash corresponds to the token total amount contained in the red packet;
s2, the red envelope contract freezes corresponding number of tokens in the user account of the red envelope sending based on the red envelope sending transaction;
s3, the red packet receiving user obtains the private information of the red packet published by the red packet sending user, a second random number is locally generated, a second random number hash corresponding to the second random number is calculated, and a red packet getting transaction signed by a red packet contract is constructed based on the second random number hash; meanwhile, a red packet receiving user creates a first zero knowledge certificate and sends the first zero knowledge certificate, a second random number hash and a red packet getting transaction to the red packet contract, wherein the first zero knowledge certificate is used for proving that the red packet receiving user obtains the private information of the red packet;
s4, the red envelope contract verifies the first zero knowledge proof, and if the verification is passed, a second random number generated by the red envelope receiving user is registered to the red envelope ID in a hash mode and fed back to the red envelope receiving user;
s5, after the second random number hash registration condition of the red packet ID meets the preset condition, the red packet contract distributes a corresponding number of tokens to the second random number hash according to a preset distribution algorithm, and the red packet receiving transaction is perfected; simultaneously generating a sum marked hash based on the second random number hash and the number of tokens distributed, and feeding back the sum marked hash to the red packet receiving user;
s6, after receiving registration success feedback, a red packet receiving user locally constructs a second zero knowledge certificate and sends the second zero knowledge certificate to the red packet contract, the red packet contract verifies the second zero knowledge certificate, the verification is passed, the red packet contract records a red packet pickup transaction on the block chain, and the red packet receiving user picks and distributes the second random number Hash token; the second zero knowledge proof is used for proving that the red packet receiving user acquires the first random number and the second random number, and the second random number hash is registered on the red packet ID.
Preferably, the red envelope ID is stored in a first merkel tree, and the first merkel tree is used for storing the value of the leaf node of the first merkel tree based on a red envelope contract and the red envelope ID generated based on the red envelope contract in a one-to-one correspondence manner.
Preferably, the second random numbers registered on the red packet IDs are stored in a second merkel tree, the red packet contract configures a corresponding second merkel tree for each red packet ID generated based on the red packet contract, the red packet IDs are in one-to-one correspondence with the second merkel trees, the second merkel trees are used for storing all the merkel trees of the hash of the second random numbers registered on the corresponding red packet IDs, and the value of each leaf node of the second merkel trees is in one-to-one correspondence with each hash of the second random numbers registered on the corresponding red packet IDs.
Preferably, the red envelope contract stores a second root hash corresponding to each red envelope ID in a third merkel tree, where the second root hash is obtained by calculating a root hash of the second merkel tree, values of leaf nodes of the third merkel tree correspond to the second root hash corresponding to each red envelope ID in a one-to-one correspondence, and leaf nodes of the third merkel tree are mapped to leaf nodes of the first merkel tree.
Preferably, the second zero knowledge proof is constructed based on a preset second zero knowledge proof circuit, the second zero knowledge proof circuit takes a first root hash, a third root hash and a plaintext of a total token amount contained in a red packet as public input, and takes a hash value of a red packet ID, first merkel tree path data, first random number hash, a first random number, a second root hash, third merkel tree path data, a second random number, second merkel tree path data and a sum label hash as private input, wherein the third root hash is a root hash of the third merkel tree, and the first merkel tree path data, the second merkel tree path data and the third merkel tree path data are all fed back to the red packet receiving user by a red packet contract.
Preferably, the red packet sending user publishes the red packet private information through a two-dimensional code.
In a second aspect, a computer device is provided, comprising one or more processors;
a memory for storing one or more programs,
the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method as described in the first aspect above.
In a third aspect, there is provided a storage medium storing a computer program which, when executed by a processor, implements the method as described in the first aspect above.
The method has the advantages that the method is particularly suitable for a scene that a plurality of people grab the red envelope, can effectively protect the privacy of the red envelope receiving user, enables the red envelope sending user or other users not to inquire who gets the red envelope, and realizes the anonymous getting of the red envelope.
Drawings
Fig. 1 is a schematic structural diagram of a computer device according to embodiment 2 of the present invention.
Detailed Description
The invention is described in further detail below with reference to specific embodiments and the attached drawing figures. Those skilled in the art will be able to implement the invention based on these teachings. Moreover, the embodiments of the present invention described in the following description are generally only some embodiments of the present invention, and not all embodiments. Therefore, all other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present invention without any creative effort shall fall within the protection scope of the present invention. Unless otherwise specified, the methods described in the examples of the present invention are all those known to those skilled in the art.
Example 1
The embodiment provides an anonymous red packet robbing method for a block chain system, which includes the following steps:
the block chain system is provided with a red envelope contract, the red envelope contract constructs a withholding address according to a preselected elliptic curve, the withholding address is only provided with a corresponding public key, and the red envelope contract constructs a transaction signature of an anonymous contract based on the withholding address;
the block chain-based anonymous red packet robbing method comprises the following steps:
s1, a red packet sending user locally generates a first random number, calculates a first random number hash corresponding to the first random number, constructs a red packet sending transaction based on the first random number hash, simultaneously generates a red packet ID for the red packet sending transaction based on the red packet contract, and then generates red packet private information, wherein the red packet private information comprises the first random number and the red packet ID, and the red packet sending user publishes the red packet private information; the transaction information of the red packet sending transaction comprises a plaintext of a token total amount contained in the red packet, and the first random number hash corresponds to the token total amount contained in the red packet;
s2, the red envelope contract freezes corresponding number of tokens in the user account of the red envelope sending based on the red envelope sending transaction;
s3, the red packet receiving user obtains the private information of the red packet published by the red packet sending user, a second random number is locally generated, a second random number hash corresponding to the second random number is calculated, and a red packet getting transaction signed by a red packet contract is constructed based on the second random number hash; meanwhile, a red packet receiving user creates a first zero knowledge certificate and sends the first zero knowledge certificate, a second random number hash and a red packet getting transaction to the red packet contract, wherein the first zero knowledge certificate is used for proving that the red packet receiving user obtains the private information of the red packet;
s4, the red envelope contract verifies the first zero knowledge proof, and if the verification is passed, a second random number generated by the red envelope receiving user is registered to the red envelope ID in a hash mode and fed back to the red envelope receiving user;
s5, after the second random number hash registration condition of the red packet ID meets the preset condition, the red packet contract distributes a corresponding number of tokens to the second random number hash according to a preset distribution algorithm, and the red packet receiving transaction is perfected; simultaneously generating a sum marked hash based on the second random number hash and the number of tokens distributed, and feeding back the sum marked hash to the red packet receiving user;
s6, after receiving registration success feedback, a red packet receiving user locally constructs a second zero knowledge certificate and sends the second zero knowledge certificate to the red packet contract, the red packet contract verifies the second zero knowledge certificate, the verification is passed, the red packet contract records a red packet pickup transaction on the block chain, and the red packet receiving user picks and distributes the second random number Hash token; the second zero knowledge proof is used for proving that the red packet receiving user acquires the first random number and the second random number, and the second random number hash is registered on the red packet ID.
Further, the red envelope ID is stored in a first merkel tree, and the first merkel tree is used for storing the value of the leaf node of the first merkel tree based on the red envelope contract and the red envelope ID generated based on the red envelope contract in a one-to-one correspondence manner.
Further, the second random numbers registered on the red packet IDs are stored in a second merkel tree, the red packet contract configures a corresponding second merkel tree for each red packet ID generated based on the red packet contract, the red packet IDs are in one-to-one correspondence with the second merkel trees, the second merkel trees are used for storing all the merkel trees of the hash of the second random numbers registered on the corresponding red packet IDs, and the value of each leaf node of the second merkel trees is in one-to-one correspondence with each hash of the second random numbers registered on the corresponding red packet IDs.
Further, the red envelope contract stores a second root hash corresponding to each red envelope ID in a third merkel tree, where the second root hash is obtained by calculating a root hash of the second merkel tree, values of leaf nodes of the third merkel tree correspond to the second root hash corresponding to each red envelope ID in a one-to-one manner, and leaf nodes of the third merkel tree are mapped corresponding to leaf nodes of the first merkel tree.
Further, the second zero knowledge proof is constructed based on a preset second zero knowledge proof circuit, the second zero knowledge proof circuit takes a plaintext of a total token amount contained in a first root hash, a third root hash and a red packet as a public input, and takes a hash value of a red packet ID, first merkel tree path data, first random number hash, a first random number, a second root hash, third merkel tree path data, a second random number, second merkel tree path data and an amount label hash as a private input, wherein the third root hash is the root hash of the third merkel tree, and the first merkel tree path data, the second merkel tree path data and the third merkel tree path data are fed back to a red packet receiving user by a red packet contract.
Further, the red packet sending user publishes the red packet private information through a two-dimensional code.
The principle of the above technical scheme is that a red packet receiving user proves that the red packet receiving user knows a first random number of a red packet ID through a first zero knowledge proof, a uxto account model is usually adopted in block chain transaction, therefore, once a red packet contract locks a corresponding number of tokens in a red packet sending user account, an unspent transaction output corresponding to the token is locked, and the unspent transaction output needs a plaintext of the first random number and a private key signature of the account, in the above scheme, the red packet sending user generates a red packet sending transaction signature for the transaction, so that the plaintext acquiring the first random number can use the unspent transaction output of the corresponding part, and therefore, the red packet receiving user proves that the red packet receiving user knows the first random number of the red packet ID through constructing the first zero knowledge proof, so as to acquire the right of using the red packet sending user to freeze the unspent transaction output. On the other hand, the red packet receiving user establishes a red packet receiving transaction based on the anonymous contract, and adopts the signature based on the withholding contract address as the transaction signature, so that the red packet receiving user does not need to sign the token in the received red packet, and all addresses corresponding to the received transaction signature are withholding contract addresses, the red packet receiving user receiving address cannot be recorded on a block chain, the privacy of the red packet receiving user is further protected, the verification principle of the signature based on the withholding contract address lies in the accuracy of pre-verification of the transaction and the certification, and meanwhile, the withholding of the transaction fee is realized.
Regarding the public input and the private input which are proved by the second zero knowledge, the plaintext of the total token amount contained in the first hash, the third hash and the red packet of the public input are public information, the first hash and the third hash are calculated for the red packet contract and can be checked by all persons, the plaintext of the total token amount contained in the red packet exists in the red packet sending transaction, all persons can obtain the plaintext after the red packet sending transaction is executed, in the private input, the hash value of the red packet ID can be obtained by the first Merck tree in the red packet private information published by the red packet sending user after the red packet sending transaction is executed, the hash value of the red packet ID can be calculated certainly as long as the red packet receiving user obtains the red packet private information published by the red packet sending user, the first hash can be easily calculated by combining the first Merck tree path data fed back by the contract, and the red packet private information comprises the first Merck tree, the first Mercker tree path data can be easily extracted from the first Mercker tree, theoretically, the first Mercker tree path data should be consistent with the first hash which is input publicly, and if the first Mercker tree path data is not consistent with the first hash, the first Mercker tree path data indicates that a red packet receiving user does not acquire red packet private information published by a packet sending user and cannot receive a red packet; similarly, the first random number is also the content of the red packet private information, and the hash of the first random number and the first random number are also used for verifying whether the red packet receiving user acquires the red packet private information published by the sending user; the second root hash and the third Merck tree path data are used for verifying whether a second random number hash provided by a red packet receiving user is registered on a red packet ID, the second root hash and the third Merck tree path data are second root hash and third Merck tree path data fed back by a red packet contract received by the red packet receiving user, the third Merck tree is constructed by the red packet contract, the second zero knowledge proof circuit can request the red packet contract to calculate other data required by the third root hash based on the second root hash and the third Merck tree path data, the second zero knowledge proof circuit calculates the third root hash again, and if the third root hash and the third Merck tree path data are consistent, the second random number hash provided by the red packet receiving user is indeed registered on the red packet ID; the second random number and the second merkel tree path data are used for verifying whether the second random number provided by the user is accurate or not, the corresponding second random number hash can be calculated through the second random number, then the root hash of the second merkel tree is obtained according to the second merkel tree path data, the calculation is completed in a zero knowledge proving circuit, the zero knowledge proving circuit compares the calculated root hash of the second merkel tree with the root hash of the second merkel tree calculated by a red envelope contract, and if the root hash is consistent, the second random number hash corresponding to the second random number provided by the user for receiving the red envelope is really the data on the second merkel tree. From the above, the zero knowledge proof ensures that the red packet receiving user knows the first random number and provides an effective second random number, and also ensures that the second random number hash corresponding to the second random number is registered on the red packet ID, and simultaneously ensures that the red packet ID is indeed one of the red packet IDs generated by the red packet sending user.
Example 2
A computer device, the device comprising: one or more processors; memory for storing one or more programs that, when executed by the one or more processors, cause the one or more processors to perform the method of embodiment 1.
A storage medium storing a computer program which, when executed by a processor, implements the method as described in embodiment 1 above.
Fig. 1 is a schematic structural diagram of an apparatus provided in this embodiment.
As shown in fig. 1, as another aspect, the present application also provides a computer apparatus 500 including one or more Central Processing Units (CPUs) 501 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)502 or a program loaded from a storage section 508 into a Random Access Memory (RAM) 503. In the RAM503, various programs and data necessary for the operation of the apparatus 500 are also stored. The CPU501, ROM502, and RAM503 are connected to each other via a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.
The following components are connected to the I/O interface 505: an input portion 506 including a keyboard, a mouse, and the like; an output portion 507 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage portion 508 including a hard disk and the like; and a communication section 509 including a network interface card such as a LAN card, a modem, or the like. The communication section 509 performs communication via a network such as the internet, and the processing driver 510 is also connected to the I/O interface 505 as necessary. A removable medium 511 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 510 as necessary, so that a computer program read out therefrom is mounted into the storage section 508 as necessary.
In particular, according to the embodiments disclosed in the present application, the method described in the above embodiment 1 may be implemented as a computer software program. For example, embodiments disclosed herein include a computer program product comprising a computer program tangibly embodied on a machine-readable medium, the computer program comprising program code for performing the method described in any of the embodiments above. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 509, and/or installed from the removable medium 511.
As yet another aspect, the present application also provides a computer-readable storage medium, which may be the computer-readable storage medium included in the apparatus of the above-described embodiment; or it may be a separate computer readable storage medium not incorporated into the device. The computer readable storage medium stores one or more programs for use by one or more processors in performing the methods described herein.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units or modules described in the embodiments of the present application may be implemented by software or hardware. The described units or modules may also be provided in a processor, for example, each of the described units may be a software program provided in a computer or a mobile intelligent device, or may be a separately configured hardware device. Wherein the designation of a unit or module does not in some way constitute a limitation of the unit or module itself.
The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention herein disclosed is not limited to the particular combination of features described above, but also encompasses other arrangements formed by any combination of the above features or their equivalents without departing from the spirit of the present application. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.