阅读说明：本技术 一种交易费代扣的隐私交易方法、设备及储存介质 (Private transaction method, equipment and storage medium for transaction fee withholding ) 是由 马登极 王志文 吴思进 于 2021-08-02 设计创作，主要内容包括：本发明属于计算机技术领域,尤其涉及一种交易费代扣的隐私交易方法、设备及储存介质,基于混淆因子等方法将交易金额彻底隐藏,只有知道该金额对应私钥的人才知道金额的真实数值,可以令区块链上的任何一个节点在不知道交易的具体金额的情况下验证交易。同时,基于特殊的代扣地址代扣交易费,特殊地址的签名需要验证签名,验证过程为验证交易的正确性。(The invention belongs to the technical field of computers, and particularly relates to a private transaction method, equipment and a storage medium for transaction fee deduction. Meanwhile, the transaction fee is deducted based on the special deduction address, the signature of the special address needs to be verified, and the verification process is to verify the correctness of the transaction.)

1. A privacy transaction method for transaction fee withholding is characterized by comprising the following steps:

s100, a transaction initiator selects an elliptic curve, one generation point on the elliptic curve is selected as a general generation point (H), another generation point on the elliptic curve is selected as a fixed generation point (G), the transaction initiator generates a corresponding transaction private key for each unspent transaction output participating in the transaction, meanwhile, the transaction initiator generates a corresponding transaction private key for change making output, a transaction receiver generates a corresponding transaction private key for transfer storage output, the transaction private key for transfer storage output is used as a receiver confusion factor, and the transaction private keys are random values;

s200, the transaction initiator and the transaction receiver generate transaction public keys corresponding to the transaction private keys by carrying out elliptic curve multiplication on the transaction private keys generated by the transaction initiator and the transaction receiver based on the universal generation points;

s300, the transaction initiator generates confusion values corresponding to the unspent transaction output and the change output based on the unspent transaction output and the change output and the corresponding transaction private key, the fixed generation point and the universal generation point, the transaction receiver generates confusion values corresponding to the received amount based on the received amount and the corresponding transaction private key, the fixed generation point and the universal generation point, and the corresponding transaction private key of each transaction output in the commitment is used as a confusion factor; meanwhile, the block chain system generates a transaction fee through a preset transaction fee deduction contract, and a transaction initiator generates a confusion value corresponding to the transaction fee based on the transaction fee, a transaction fee confusion factor, a fixed generation point and a universal generation point, wherein the address corresponding to the transaction fee is a contract deduction address generated by the transaction fee deduction contract, and the transaction fee confusion factor is 0;

the confusion value corresponding to each transaction output satisfies the following formula:

C＝v*G+r*H

wherein C is a confusion value, v is the actual amount of the transaction, r is a confusion factor, G is a fixed generation point, H is a general generation point, and the formula is suitable for multiplication and addition and subtraction rules of an elliptic curve;

meanwhile, the confusion factors of the non-cost transaction output, the transfer deposit output and the change output satisfy the following relations:

rs＝rr+rc

wherein rs is the sum of all confusion factors output by the uneconomic transaction, rr is the confusion factor output by the transfer storage, and rc is the confusion factor output by the change giving;

s400, the transaction initiator generates a transaction input confusion value based on all the confusion values of the unspent transaction outputs participating in the transaction, generates a transaction output confusion value based on the confusion value of the transfer deposit output, the confusion value of the change output and the transaction fee confusion value, and writes the transaction input confusion value and the transaction output confusion value into the transaction information;

and s500, generating a transaction signature based on the contract deduction address by the transaction deduction contract, submitting the transaction information and the transaction to a blockchain system, verifying the deduction signature by the blockchain system, transferring the transaction fee into the deduction address of the transaction fee deduction contract by verification, and storing the transaction passing verification in the blockchain system.

2. The private transaction method of transaction fee deduction according to claim 1, wherein the deduction address of the transaction fee deduction contract is constructed based on one point on the elliptic curve and generates a corresponding public key.

3. The private transaction method for deduction of transaction fee according to claim 1, wherein the verification method of the deduction signature is to verify the correctness of the transaction in advance based on the transaction information for the deduction contract.

4. A computer device, characterized by one or more processors;

a memory for storing one or more programs,

the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method recited in any of claims 1-3.

5. A storage medium storing a computer program, characterized in that the program, when executed by a processor, implements the method according to any one of claims 1-3.

Technical Field

The invention belongs to the technical field of computers, and particularly relates to a private transaction method, equipment and a storage medium for a transaction fee withholding.

Background

The blockchain is a novel decentralized protocol, digital currency transactions or other data can be safely stored, information cannot be forged or falsified, and transaction confirmation on the blockchain is completed by all nodes on the blockchain together. The traditional block chain based on utxo (un transaction output) confirms and records all transaction behaviors by using a distributed database composed of a plurality of nodes in the whole P2P network, except that private information of transaction parties is encrypted, anyone can inquire balance of each transaction or a certain address through a public interface, all transaction data are public and transparent, for some commercial institutions, the address is easily known by people after a period of time, so that the wealth situation is disclosed to the public, for many commercial institutions, the wealth situation belongs to commercial secrets, the existing privacy scheme generally cannot hide the transfer amount of a user, only the transfer amount is confused among a plurality of transfer amounts, and the outside cannot determine which is the real transfer amount.

Disclosure of Invention

In order to solve the technical problem, the invention provides a private transaction method, equipment and a storage medium for transaction fee withholding, which can shield the real transfer amount.

In order to achieve the purpose, the invention adopts the following technical scheme:

in a first aspect, a private transaction method for deduction of transaction fees is provided, which includes the following steps:

s100, a transaction initiator selects an elliptic curve, one generation point on the elliptic curve is selected as a general generation point (H), another generation point on the elliptic curve is selected as a fixed generation point (G), the transaction initiator generates a corresponding transaction private key for each unspent transaction output participating in the transaction, meanwhile, the transaction initiator generates a corresponding transaction private key for change making output, a transaction receiver generates a corresponding transaction private key for transfer storage output, the transaction private key for transfer storage output is used as a receiver confusion factor, and the transaction private keys are random values;

s200, the transaction initiator and the transaction receiver generate transaction public keys corresponding to the transaction private keys by carrying out elliptic curve multiplication on the transaction private keys generated by the transaction initiator and the transaction receiver based on the universal generation points;

s300, the transaction initiator generates confusion values corresponding to the unspent transaction output and the change output based on the unspent transaction output and the change output and the corresponding transaction private key, the fixed generation point and the universal generation point, the transaction receiver generates confusion values corresponding to the received amount based on the received amount and the corresponding transaction private key, the fixed generation point and the universal generation point, and the corresponding transaction private key of each transaction output in the commitment is used as a confusion factor; meanwhile, the block chain system generates a transaction fee through a preset transaction fee deduction contract, and a transaction initiator generates a confusion value corresponding to the transaction fee based on the transaction fee, a transaction fee confusion factor, a fixed generation point and a universal generation point, wherein the address corresponding to the transaction fee is a contract deduction address generated by the transaction fee deduction contract, and the transaction fee confusion factor is 0;

the confusion value corresponding to each transaction output satisfies the following formula:

C＝v*G+r*H

wherein C is a confusion value, v is the actual amount of the transaction, r is a confusion factor, G is a fixed generation point, H is a general generation point, and the formula is suitable for multiplication and addition and subtraction rules of an elliptic curve;

meanwhile, the confusion factors of the non-cost transaction output, the transfer deposit output and the change output satisfy the following relations:

rs＝rr+rc

wherein rs is the sum of all confusion factors output by the uneconomic transaction, rr is the confusion factor output by the transfer storage, and rc is the confusion factor output by the change giving;

s400, the transaction initiator generates a transaction input confusion value based on all the confusion values of the unspent transaction outputs participating in the transaction, generates a transaction output confusion value based on the confusion value of the transfer deposit output, the confusion value of the change output and the transaction fee confusion value, and writes the transaction input confusion value and the transaction output confusion value into the transaction information;

and s500, generating a transaction signature based on the contract deduction address by the transaction deduction contract, submitting the transaction information and the transaction to a blockchain system, verifying the deduction signature by the blockchain system, transferring the transaction fee into the deduction address of the transaction fee deduction contract by verification, and storing the transaction passing verification in the blockchain system.

Preferably, the withholding address of the transaction fee withholding contract is constructed based on one point on the elliptic curve, and a corresponding public key is generated.

Preferably, the verification method of the deduction-replacing signature is that the deduction-replacing contract verifies the correctness of the transaction in advance based on the transaction information.

In a second aspect, a computer device is provided, comprising one or more processors;

a memory for storing one or more programs,

the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method of any of the first aspects as described above.

In a third aspect, there is provided a storage medium storing a computer program which, when executed by a processor, performs the method of any one of the first aspects described above.

The invention has the advantages that the transaction amount can be perfectly hidden, only a person who knows the amount corresponding to the private key knows the real value of the amount, meanwhile, any node on the block chain can verify the transaction under the condition that the specific amount of the transaction is not known, meanwhile, the transaction fee is deducted based on the special deduction address, the signature of the special address needs to be verified, and the verification process is to verify the correctness of the transaction.

Drawings

Fig. 1 is a schematic structural diagram of a computer device according to embodiment 3 of the present invention.

Detailed Description

The invention is described in further detail below with reference to specific embodiments and the attached drawing figures. Those skilled in the art will be able to implement the invention based on these teachings. Moreover, the embodiments of the present invention described in the following description are generally only some embodiments of the present invention, and not all embodiments. Therefore, all other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present invention without any creative effort shall fall within the protection scope of the present invention.

In the present invention, unless otherwise explicitly specified and limited, terms such as "verify", "generate", "transmit", "encrypt", and the like, should be understood in a broad sense, and specific meanings of the above terms in the present invention may be understood by those of ordinary skill in the art according to specific situations.

Example 1

The embodiment provides a private transaction method for transaction fee withholding, which comprises the following steps: s100, a transaction initiator selects an elliptic curve, one generation point on the elliptic curve is selected as a general generation point (H), another generation point on the elliptic curve is selected as a fixed generation point (G), the transaction initiator generates a corresponding transaction private key for each unspent transaction output participating in the transaction, meanwhile, the transaction initiator generates a corresponding transaction private key for change making output, a transaction receiver generates a corresponding transaction private key for transfer storage output, the transaction private key for transfer storage output is used as a receiver confusion factor, and the transaction private keys are random values;

s200, the transaction initiator and the transaction receiver generate transaction public keys corresponding to the transaction private keys by carrying out elliptic curve multiplication on the transaction private keys generated by the transaction initiator and the transaction receiver based on the universal generation points;

s300, the transaction initiator generates confusion values corresponding to the unspent transaction output and the change output based on the unspent transaction output and the change output and the corresponding transaction private key, the fixed generation point and the universal generation point, the transaction receiver generates confusion values corresponding to the received amount based on the received amount and the corresponding transaction private key, the fixed generation point and the universal generation point, and the corresponding transaction private key of each transaction output in the commitment is used as a confusion factor; meanwhile, the block chain system generates a transaction fee through a preset transaction fee deduction contract, and a transaction initiator generates a confusion value corresponding to the transaction fee based on the transaction fee, a transaction fee confusion factor, a fixed generation point and a universal generation point, wherein the address corresponding to the transaction fee is a contract deduction address generated by the transaction fee deduction contract, and the transaction fee confusion factor is 0;

the confusion value corresponding to each transaction output satisfies the following formula:

C＝v*G+r*H

wherein C is a confusion value, v is the actual amount of the transaction, r is a confusion factor, G is a fixed generation point, H is a general generation point, and the formula is suitable for multiplication and addition and subtraction rules of an elliptic curve;

meanwhile, the confusion factors of the non-cost transaction output, the transfer deposit output and the change output satisfy the following relations:

rs＝rr+rc

wherein rs is the sum of all confusion factors output by the uneconomic transaction, rr is the confusion factor output by the transfer storage, and rc is the confusion factor output by the change giving;

s400, the transaction initiator generates a transaction input confusion value based on all the confusion values of the unspent transaction outputs participating in the transaction, generates a transaction output confusion value based on the confusion value of the transfer deposit output, the confusion value of the change output and the transaction fee confusion value, and writes the transaction input confusion value and the transaction output confusion value into the transaction information;

and s500, generating a transaction signature based on the contract deduction address by the transaction deduction contract, submitting the transaction information and the transaction to a blockchain system, verifying the deduction signature by the blockchain system, transferring the transaction fee into the deduction address of the transaction fee deduction contract by verification, and storing the transaction passing verification in the blockchain system.

Further, the withholding address of the transaction fee withholding contract is constructed based on one point on the elliptic curve, and a corresponding public key is generated.

Further, the verification method of the deduction-replacing signature is that the deduction-replacing contract verifies the correctness of the transaction in advance based on the transaction information.

The verification of the transaction is based on the zero sum rule, namely if the input is equal to the output, the transaction is proved to have no illegal pass certificate produced and the existing pass certificate is not consumed, so that the legality of the transaction can be proved as long as the transaction input confusion value and the transaction output confusion value are verified to be equal, the information disclosed by the transaction is the confusion value after confusion, any information about both parties of the transaction cannot be deduced backwards, the good protection is realized, and the verification process does not need to know the actual amount of any transaction or the corresponding private key thereof. The trade fee withholding contract also verifies the trade in advance according to the method, confirms the correctness of the trade amount and the correctness of the trade information, then generates a signature for the trade and transfers the trade fee to a withholding address, and seen from a trade transfer record, a signer of the trade is a special contract withholding address, the cost, the output address and the amount of the trade are hidden, the privacy of a user cannot be leaked, the trade fee based on the special withholding address is preferably fixed and non-zero, the real-time trade fee generated by an unfixed user and a system is easy to come in and go out to cause poor user experience, the trade fee withholding method is combined with a privacy trade method, the address of a transfer user can be well protected, the trade fee is deducted, and the trade fee requirement of a block chain system is compatible.

Example 2

A computer device, the device comprising: one or more processors; memory for storing one or more programs that, when executed by the one or more processors, cause the one or more processors to perform the method of embodiment 1.

A storage medium storing a computer program which, when executed by a processor, implements the method as described in embodiment 1 above.

Fig. 1 is a schematic structural diagram of an apparatus provided in this embodiment.

As shown in fig. 1, as another aspect, the present application also provides a computer apparatus 500 including one or more Central Processing Units (CPUs) 501 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)502 or a program loaded from a storage section 508 into a Random Access Memory (RAM) 503. In the RAM503, various programs and data necessary for the operation of the apparatus 500 are also stored. The CPU501, ROM502, and RAM503 are connected to each other via a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.

The following components are connected to the I/O interface 505: an input portion 506 including a keyboard, a mouse, and the like; an output portion 507 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage portion 508 including a hard disk and the like; and a communication section 509 including a network interface card such as a LAN card, a modem, or the like. The communication section 509 performs communication via a network such as the internet, and the processing driver 510 is also connected to the I/O interface 505 as necessary. A removable medium 511 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 510 as necessary, so that a computer program read out therefrom is mounted into the storage section 508 as necessary.

In particular, according to the embodiments disclosed in the present application, the method described in the above embodiment 1 may be implemented as a computer software program. For example, embodiments disclosed herein include a computer program product comprising a computer program tangibly embodied on a machine-readable medium, the computer program comprising program code for performing the method described in any of the embodiments above. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 509, and/or installed from the removable medium 511.

As yet another aspect, the present application also provides a computer-readable storage medium, which may be the computer-readable storage medium included in the apparatus of the above-described embodiment; or it may be a separate computer readable storage medium not incorporated into the device. The computer readable storage medium stores one or more programs for use by one or more processors in performing the methods described herein.

The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.

The units or modules described in the embodiments of the present application may be implemented by software or hardware. The described units or modules may also be provided in a processor, for example, each of the described units may be a software program provided in a computer or a mobile intelligent device, or may be a separately configured hardware device. Wherein the designation of a unit or module does not in some way constitute a limitation of the unit or module itself.

The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention herein disclosed is not limited to the particular combination of features described above, but also encompasses other arrangements formed by any combination of the above features or their equivalents without departing from the spirit of the present application. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.