A key processing method and device, electronic equipment and readable storage medium
By combining cold wallet and hot wallet modules with cloud-protected nodes, flexible updates to blockchain keys are achieved, solving the problem of the single key generation method in existing technologies and improving key security and adaptability.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- CHINA MOBILE SHANGHAI ICT CO LTD
- Filing Date
- 2021-03-23
- Publication Date
- 2026-06-19
AI Technical Summary
Existing blockchain key generation methods are simplistic and cannot be updated in a timely manner, resulting in low key flexibility and failing to meet the requirements of digital currency development.
By having the cold wallet module and hot wallet module of the blockchain system work together, the key is updated using the list of digital information stored by the cloud-protected node. The cold wallet module generates a second list of digital information and compares it with the first list of digital information to determine whether to update the key.
It enables flexible key updates, improves key security and adaptability, prevents keys from becoming unusable due to changes in user information, and enhances the security of user authentication.
Smart Images

Figure CN115114634B_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of blockchain technology, and in particular to a key processing method, apparatus, electronic device, and readable storage medium. Background Technology
[0002] Blockchain technology is a shared, distributed database technology. In a blockchain, the key is the only data that uniquely proves a user's identity, making key security paramount. Key security is primarily achieved through two typical wallet management methods: hot wallets and cold wallets. Hot wallets are generally smart applications developed by companies providing secure storage solutions for blockchain digital assets, used to store keys and connected to the internet. Cold wallets are typically offline wallets developed by the same companies. Currently, offline cold wallets use a single method for generating keys, and their key storage and update methods do not meet the requirements of digital currency development. Therefore, existing blockchain keys are fixed and lack flexibility. Summary of the Invention
[0003] This invention provides a key processing method, apparatus, device, and readable storage medium to solve the problem of existing keys not being able to be updated in a timely manner.
[0004] To solve the above-mentioned technical problems, the present invention is implemented as follows:
[0005] In a first aspect, the present invention provides a key processing method executed by a blockchain system, the blockchain system comprising an electronic device and a cloud protection node, the electronic device comprising a cold wallet module and a hot wallet module, the method comprising:
[0006] Upon receiving a key update request from the first user, the hot wallet module sends the key update request to the cloud protection node.
[0007] The cloud protection node receives the key update request from the first user sent by the hot wallet module of the electronic device.
[0008] The cloud protection node sends the first information of the first user, which is pre-stored, to the hot wallet module. The first information includes a first list of digital information.
[0009] The hot wallet module obtains first information from the cloud protection node, the first information including a list of first digital information of the first user pre-stored by the cloud protection node;
[0010] The cold wallet module generates a second digital information list and obtains the first digital information list from the hot wallet module;
[0011] The cold wallet module determines whether to update the key based on the first digital information list and the second digital information list.
[0012] Secondly, the present invention provides a key processing method executed by an electronic device, the electronic device comprising a cold wallet module and a hot wallet module, including:
[0013] Upon receiving a key update request from the first user, the hot wallet module retrieves a pre-stored list of the first user's first digital information from the cloud protection node.
[0014] The cold wallet module generates a second digital information list and obtains the first digital information list from the hot wallet module;
[0015] The cold wallet module determines whether to update the key based on the first digital information list and the second digital information list.
[0016] Thirdly, this invention provides a key processing method, executed by a cloud-based protection node, comprising:
[0017] Receives the first user's key update request sent by the hot wallet module of the electronic device;
[0018] Send the first information of the first user, which has been pre-stored, to the hot wallet module;
[0019] The first information includes a first list of digital information.
[0020] Fourthly, the present invention provides a key processing device applied to a blockchain system, the blockchain system including an electronic device and a cloud protection node, the electronic device including a cold wallet module and a hot wallet module, and the key processing device including: a first processor and a first transceiver, wherein:
[0021] The first processor is configured to:
[0022] Upon receiving a key update request from the first user, the hot wallet module sends the key update request to the cloud protection node.
[0023] The first transceiver is used for:
[0024] The cloud protection node receives the key update request from the first user sent by the hot wallet module of the electronic device.
[0025] The cloud protection node sends the first information of the first user, which is pre-stored, to the hot wallet module. The first information includes a first list of digital information.
[0026] The first processor is further configured to:
[0027] The hot wallet module obtains first information from the cloud protection node, the first information including a list of first digital information of the first user pre-stored by the cloud protection node;
[0028] The cold wallet module generates a second digital information list and obtains the first digital information list from the hot wallet module;
[0029] The cold wallet module determines whether to update the key based on the first digital information list and the second digital information list.
[0030] Fifthly, the present invention provides a key processing device applied to an electronic device, the electronic device including a cold wallet module and a hot wallet module, comprising:
[0031] The second processor is used for:
[0032] Upon receiving a key update request from the first user, the hot wallet module retrieves a pre-stored list of the first user's first digital information from the cloud protection node.
[0033] The cold wallet module generates a second digital information list and obtains the first digital information list from the hot wallet module;
[0034] The cold wallet module determines whether to update the key based on the first digital information list and the second digital information list.
[0035] Sixthly, the present invention provides a key processing device for use in cloud-based protection nodes, comprising:
[0036] The second transceiver is used for:
[0037] Receives the first user's key update request sent by the hot wallet module of the electronic device;
[0038] Send the first information of the first user, which has been pre-stored, to the hot wallet module;
[0039] The first information includes a first list of digital information.
[0040] In a seventh aspect, the present invention provides an electronic device, including a memory, a processor, and a program or instructions stored in the memory and executable on the processor, wherein the program or instructions, when executed by the processor, implement the steps of the key processing method as described in the first aspect, or implement the key processing method as described in the second aspect, or implement the key processing method as described in the third aspect.
[0041] Eighthly, the present invention provides a readable storage medium on which a program or instructions are stored, which, when executed by a processor, implement the steps of the key processing method as described in the first aspect, or implement the key processing method as described in the second aspect, or implement the key processing method as described in the third aspect.
[0042] In this invention, upon receiving a key update request from a first user, the hot wallet module sends a key update request to a cloud protection node. The cloud protection node receives the key update request from the hot wallet module of the electronic device. The cloud protection node sends pre-stored first information of the first user to the hot wallet module, the first information including a first list of digital information. The hot wallet module retrieves the first information from the cloud protection node, the first information including the pre-stored first list of digital information of the first user. The cold wallet module generates a second list of digital information and retrieves the first list of digital information from the hot wallet module. The cold wallet module determines whether to update the key on the cloud protection node based on the first list of digital information and the second list of digital information. Therefore, the key of this invention can be updated based on the user's key update request, thereby improving the flexibility of key determination. Attached Figure Description
[0043] To more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the description of the embodiments of the present invention will be briefly introduced below. Obviously, the drawings described below are only some embodiments of the present invention. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.
[0044] Figure 1 This is a system architecture diagram of the blockchain provided in the embodiments of the present invention;
[0045] Figure 2 This is a module diagram of a cold wallet module provided in an embodiment of the present invention;
[0046] Figure 3 This is a module diagram of a hot wallet module provided in an embodiment of the present invention;
[0047] Figure 4 This is a flowchart of a key processing method provided in an embodiment of the present invention;
[0048] Figure 5 This is a flowchart illustrating the key generation process of the cold wallet module provided in this embodiment of the invention;
[0049] Figure 6 This is a schematic diagram illustrating the generation of the first Merkle tree hash value corresponding to the first digital information list by the cold wallet module provided in this embodiment of the invention;
[0050] Figure 7 This is a flowchart of another key processing method provided in an embodiment of the present invention;
[0051] Figure 8 This is a flowchart of another key processing method provided in an embodiment of the present invention;
[0052] Figure 9 This is a block diagram of a key processing device provided in an embodiment of the present invention;
[0053] Figure 10 This is a block diagram of another key processing device provided in an embodiment of the present invention;
[0054] Figure 11 This is a block diagram of another key processing device provided in an embodiment of the present invention;
[0055] Figure 12 This is a schematic diagram of the module structure of an electronic device provided in an embodiment of the present invention. Detailed Implementation
[0056] The technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some, not all, of the embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.
[0057] In blockchain, a key is the unique data that proves a user's identity. Users can confirm transactions on the blockchain using their keys, so key security is crucial. If a user's information changes during use, the corresponding key information needs to be updated promptly to prevent the key from becoming unusable due to changes in user information. When a user loses some of the biometric information originally used for authentication, such as fingerprints or facial information changing, the key used for the previous authentication can no longer be generated, thus requiring an update to the user's authentication key to facilitate the transfer of personal assets. However, currently, the key generation method in blockchain is limited, and the key storage and update methods do not meet the requirements of digital currency development. Based on this, this application provides a key processing method.
[0058] It should be understood that the key processing method provided in the embodiments of this application can be applied to, but is not limited to, blockchain.
[0059] For ease of understanding, the following describes some aspects of the embodiments of this application:
[0060] In blockchain, the connections between hot wallet modules, cold wallet modules, third-party authentication platforms, and cloud protection nodes are as follows: Figure 1 As shown.
[0061] In this embodiment, such as Figure 2 As shown, the cold wallet device mainly comprises six modules: a first main control module, a first security encryption module connected to the first main control module, a first display module, a first sensing module, a biometric information acquisition module, and a data processing module. The first main control module is used to construct and sign transactions during transfers, connecting the main functions and information transmission of each module; the first display module displays scanned images and user operations using intelligent identification methods; the first sensing module includes an NFC module and an intelligent identification module, primarily used to connect to the hot wallet module for information request and retrieval; the biometric information acquisition module acquires static and dynamic biometric features from the user and then transmits this information to the data processing module through the first main control module; the data processing module primarily processes the biometric information into a temporary biometric information byte data list (e.g., a first digital information list); the first security encryption module includes a biometric information security encryption / decryption module and a key encryption / decryption module. The biometric information security encryption module primarily processes the temporary biometric information byte data list into a Merck root and encrypts it, while the key encryption / decryption module primarily handles the encryption of the digital currency key, combining the encryption of the Merck root and the key.
[0062] In addition, such as Figure 3 As shown, the hot wallet module mainly comprises six modules: a second main control module, a communication module connected to the second main control module, a second display module, a second scanning and sensing module, an operation module, and a storage module. The second main control module is used to construct and sign transactions during transfers and connects and controls communication between the internal modules of each hot wallet module. The communication module connects the hot wallet module to the network and interacts with the cloud data protection system; its communication interface is used to interface with a third-party authentication center for data requests and interactions. The second display module displays scanned images and user operations using intelligent recognition. The second scanning and sensing module uses intelligent recognition to obtain transaction data in the form of digital tags in the cold wallet module. The operation module is used to obtain user operations. The storage module stores the public key generated by the cold wallet module.
[0063] See Figure 4 , Figure 4 This invention provides a key processing method executed by a blockchain system. The blockchain system includes an electronic device and a cloud protection node. The electronic device includes a cold wallet module and a hot wallet module. The method includes:
[0064] Step 401: Upon receiving the key update request from the first user, the hot wallet module sends a key update request to the cloud protection node;
[0065] In this embodiment, the hot wallet module can be a smart application that stores keys and is connected to the internet, such as a network-connected computer client, mobile client, website service, dedicated device, or web-based wallet. The cold wallet module can be an offline wallet, such as a computer client, mobile client, website service, or dedicated device without a network connection. This is merely an example and not a limitation; alternatively, in other feasible implementations, the hot wallet module or cold wallet module can be other types of devices.
[0066] In this embodiment, one way the hot wallet module receives a key update request is that the hot wallet module displays a prompt asking if an update is needed, and the first user inputs a key update request based on this prompt. Alternatively, the first user can be understood as actively inputting a key update request through the hot wallet module. This is merely an example and not intended to be limiting.
[0067] Furthermore, in this embodiment of the application, the first digital information list of the first user pre-stored by the cloud protection node may refer to the first digital information list historically generated by the cold wallet module. It should be noted that the hot wallet module sends the first digital information list obtained from the cold wallet module to the cloud protection node, and the cloud protection node stores the first digital information list.
[0068] It's important to note that the electronic device does not update the key while a user's account is executing a contract. Specifically, when the hot wallet module receives a key update request from the first user, it verifies the execution status of the first user's contract. Only after all contracts have been executed does it send a key update request to the cloud protection node, retrieving a pre-stored list of the first user's digital information from the cloud protection node. This prevents situations where currently executing contracts cannot complete transactions due to key changes.
[0069] Step 402: The cloud protection node receives the first user's key update request sent by the hot wallet module of the electronic device;
[0070] Step 403: The cloud protection node sends the first information of the first user, which is pre-stored, to the hot wallet module. The first information includes a list of first digital information.
[0071] Step 404: The hot wallet module obtains the first information from the cloud protection node. The first information includes a list of the first digital information of the first user that is pre-stored by the cloud protection node.
[0072] Step 405: The cold wallet module generates a second list of digital information and obtains the first list of digital information from the hot wallet module;
[0073] Since the cold wallet module is an offline wallet and the hot wallet module is an online wallet, the cold wallet module needs to obtain the first list of digital information from the hot wallet module.
[0074] In this embodiment of the application, the first digital information list may refer to the digital information list historically generated by the cold wallet module, and the second digital information list may refer to the digital information list generated by the cold wallet module at the current moment.
[0075] Step 406: The cold wallet module determines whether to update the key based on the first digital information list and the second digital information list.
[0076] Specifically, when the user corresponding to the second digital information list is the first user, it means that the same user is modifying their personal information. The first digital information list contains the user's personal information before the modification, and the second digital information list contains the personal information used during the modification process to verify whether the current user is the first user.
[0077] In the aforementioned key processing method, upon receiving a key update request from a first user, the hot wallet module sends a key update request to the cloud protection node. The cloud protection node receives the key update request from the hot wallet module of the electronic device. The cloud protection node sends pre-stored first information of the first user to the hot wallet module, the first information including a first list of digital information. The hot wallet module obtains the first information from the cloud protection node, the first information including the pre-stored first list of digital information of the first user. The cold wallet module generates a second list of digital information and obtains the first list of digital information from the hot wallet module. The cold wallet module determines whether to update the key cloud protection node based on the first list of digital information and the second list of digital information. Therefore, the key in this embodiment can be updated based on the user's key update request, thereby improving the flexibility of key determination.
[0078] In some feasible implementations, the cold wallet module determines whether to update the key based on a first digital information list and a second digital information list, including:
[0079] The cold wallet module determines whether the user corresponding to the second digital information list is the first user based on the first digital information list and the second digital information list.
[0080] If the user corresponding to the second digital information list is the first user, the cold wallet module generates a third digital information list corresponding to the first user. The generation time of the third digital information list is later than the generation time of the second digital information list.
[0081] The cold wallet module compares the second and third lists of digital information to obtain the comparison result.
[0082] If the comparison result meets the first condition, the cold wallet module determines the update key;
[0083] The first condition includes: the second and third lists of numerical information contain the same j elements, where j is a positive integer.
[0084] In this implementation, the second digital information list can be the user's personal information generated by the cold wallet module during the key update process. The third digital information is the personal information that the first user needs to update. The cold wallet module can verify whether the user currently modifying the key is the first user based on the second digital information list.
[0085] Specifically, let the first list of digital information be denoted as X. The first list of digital information X includes various biometric information of the first user, such as fingerprint information, facial biometric information, and motion biometric information. Then, the first list of digital information X can be represented as X = {x1, x2, x3, ..., x...} i}. Where, x i This represents the i-th biological information in the first list of digital information, where i can take the values 1, 2, ...
[0086] The hot wallet module obtains the first digital information list X from the cloud protection node and sends the first digital information list X to the cold wallet module.
[0087] The cold wallet module obtains the biometric information of the user currently modifying the key and generates a corresponding second digital information list. It then verifies whether the user in the second digital information list is the same as the first user. If the user is verified as the first user, it is considered that the modification operation was performed by the same user, and the verification is successful, allowing further processing of the subsequent entry of the user's updated personal information. For example, the generated second digital information list is X′, and the second digital information list X′ satisfies X′={x′1,x′2,x′3,…,x′ j When the number of elements in the second numerical information list X′ is greater than or equal to half the number of elements in the first numerical information list X, that is, j is greater than or equal to (i / 2). Where x′ j This represents the j-th biometric information in the second digital information list, where j can take values from 1 to 2. In this embodiment, when the elements in the second digital information list X′ contain more than half of the elements in the first digital information list X′, the user corresponding to the second digital information list X′ is considered the first user, and authentication is successful.
[0088] Furthermore, the cold wallet module generates a third digital information list X″, where the third digital information list satisfies X″={x″1,x″2,x″3…x″} k}, where x″ k This represents the k-th biometric information in the third digital information list, where k can be 1, 2, ... . When the third digital information list X″ contains j identical elements to the second digital information list X′, the cold wallet module determines the update key. This prevents personal information from being tampered with after successful user authentication, ensuring the security of the key update process.
[0089] Specifically, the cold wallet module generates a new key based on the third digital information list X″. This way, if the first user loses some information from the original first digital information list used for authentication for some reason, the key can be updated promptly based on the third digital information list, ensuring the security of user information.
[0090] In the above implementation, during the key update process, the cold wallet module compares the second digital information list X′ with the first digital information list X to verify whether the key was modified by the same user. As a variation, in other feasible implementations, the module can also directly compare the third digital information list X″ to verify whether the key was modified by the same user. For example, when the third digital information list X″ contains N identical elements to the first digital information list X (where N is a positive integer), the cold wallet module verifies that the key was modified by the same user and determines the updated key. This is merely an example and not a limitation.
[0091] In some feasible implementations, before the hot wallet module sends a key update request to the cloud protection node upon receiving a key update request from the first user, the method further includes:
[0092] The cold wallet module generates the first list of digital information;
[0093] The cold wallet module generates a first Merkle tree hash value corresponding to the first digital information list. The first Merkle tree hash value is used to verify whether the first digital information list has been tampered with.
[0094] The hot wallet module sends the first list of digital information obtained from the cold wallet module and the first Merkle tree hash value to the cloud protection node.
[0095] In this embodiment, the steps of the cold wallet module generating a first digital information list and generating a key based on the first digital information list are as follows: Figure 5 As shown.
[0096] The cold wallet module acquires the biometrics of the first user, including but not limited to the user's fingerprints, facial features, or motion signatures. The hot wallet module acquires the user's real-name registration information and obtains the aforementioned biometrics from the cold wallet module. The hot wallet module then encrypts the biometrics and real-name registration information and transmits them via a secure network transmission channel to a third-party identity authentication platform to verify whether the biometrics acquired by the cold wallet module and the real-name registration information acquired by the hot wallet module belong to the same user.
[0097] It should be noted that in this implementation, a third-party identity authentication platform can connect to the hot wallet module as a third-party external interface. The third-party identity authentication platform should have the capability to verify real-name information. When the hot wallet module sends an identity verification request to the third-party identity authentication platform through a secure transmission channel, it verifies whether the real-name authentication and biometric features match the user's real-name identity. Based on the verification result, it returns a judgment identification code to the hot wallet module. If the judgment code indicates that the biometric features and real-name registration information belong to the same user, the hot wallet module continues to execute subsequent steps, thus providing a more comprehensive security system.
[0098] Furthermore, the hot wallet module sends a verification success message to the cold wallet module. After receiving the message, the cold wallet module first obtains the first biometric information input by the user. This first biometric information includes static biometric information and dynamic biometric information. In this embodiment, the static biometric information can be the user's fingerprint, palm print, facial information, and iris information. The dynamic biometric information can be the user's behavioral and voice information, including but not limited to facial information such as blinking, shaking the head, nodding, or a specific action of the user. This is only an example and is not a limitation. Alternatively, the first biometric information can be other types of information, as long as it contains the biometric characteristics used to verify identity information. However, no matter how it is changed, it is within the scope of protection of the embodiments of this application.
[0099] Then, the cold wallet module converts the acquired first biometric information into corresponding digital biometric information. For example, fingerprint information is converted into digital biometric information x1, facial information is converted into digital biometric information x2, and so on, forming a list X of first digital information corresponding to the first biometric information, where X = {x1, x2, x3, ..., x...} i}
[0100] Furthermore, the cold wallet module performs pairwise XOR operations on each element in the first digital information list X to obtain a string of bytes Y. This is only an example and not a limitation; alternatively, in other feasible implementations, pairwise AND operations can also be performed on each element in the first digital information list X.
[0101] The cold wallet module performs cryptographic security verification on the aforementioned byte Y. This verification can employ existing methods and will not be elaborated upon. If the security verification of byte Y passes, the cold wallet module performs a hash operation (Secure Hash Algorithm, SHA256) on byte Y to obtain a 256-bit string. If this 256-bit string is less than the constant value defined by the order of the elliptic curve used by Bitcoin, this 256-bit string is used as the key, and key generation is considered successful.
[0102] Furthermore, the cold wallet module generates a public key corresponding to the aforementioned key. The steps for generating the public key are as follows: The cold wallet module performs an elliptic curve transform on the aforementioned key to generate a 65-byte array, and converts this 65-byte array into a hexadecimal string as the public key.
[0103] After generating the above key and public key, as follows Figure 6 As shown, the cold wallet module performs a Merckle Tree hash algorithm operation on the generated first digital information list to form a first Merckle Tree hash value corresponding to the first digital information list. In this embodiment, the first Merckle Tree hash value is used to verify whether the first digital information list has been tampered with. The cold wallet module stores the aforementioned key and sends the aforementioned public key, the aforementioned first digital information list, and the aforementioned first Merckle Tree hash value to the hot wallet module. Information transmission between the hot wallet module and the cold wallet module can be achieved through smart identification or NFC transmission. This is only an example and is not intended to be limiting.
[0104] The hot wallet module stores the aforementioned public key and sends the first list of digital information obtained from the cold wallet module and the first Merkle tree hash value to the cloud protection node.
[0105] In this implementation, the cloud protection node includes multiple server nodes. When the cloud protection node receives the first digital information list and the first Merkle tree hash value, it generates a second Merkle tree hash value corresponding to the first digital information list. Then, it determines whether the first and second Merkle tree hash values are the same. If they are the same, it indicates that the first digital information list has not been tampered with during transmission; otherwise, it indicates that the first digital information list has been tampered with during transmission. If the second and first Merkle tree hash values are the same, a storage field is generated. This storage field includes the first Merkle tree hash value, the first digital information list, and parameters of the server nodes. The parameters of the server nodes can be obfuscated characters provided by the server nodes, and each server node has a different obfuscated character. During storage, the storage field can be stored in one server node or multiple server nodes, depending on the storage space of each server node, which will not be elaborated here.
[0106] In some feasible implementations, when the hot wallet module receives a key update request from the first user, the method further includes:
[0107] Upon receiving a key update request from the first user, the hot wallet module retrieves the first Merkle tree hash value from the cloud protection node.
[0108] The cold wallet module generates a third Merkle tree hash value corresponding to the first list of digital information obtained from the hot wallet module;
[0109] The cold wallet module determines whether to update the key based on the first and second digital information lists, including:
[0110] If the third Merkle tree hash value is the same as the first Merkle tree hash value obtained from the hot wallet module, determine whether to update the key based on the first digital information list and the second digital information list.
[0111] It should be noted that the first digital information list may be maliciously tampered with during the process of being sent from the cloud protection node to the hot wallet module. That is, the first digital information list sent by the cloud protection node to the hot wallet module may differ from the first digital information list received by the hot wallet module. Therefore, in this embodiment, the cold wallet module generates a third Merkle tree hash value corresponding to the first digital information list obtained from the hot wallet module, and compares the third Merkle tree hash value with the first Merkle tree hash value. If the third Merkle tree hash value is the same as the first Merkle tree hash value, it is considered that the first digital information list has not been tampered with during the process of being sent from the cloud protection node to the hot wallet module. See also Figure 7 , Figure 7This invention provides a key processing method executed by an electronic device, which includes a cold wallet module and a hot wallet module, such as... Figure 1 As shown, the method includes the following steps:
[0112] Step 701: Upon receiving a key update request from the first user, the hot wallet module retrieves a pre-stored list of the first user's first digital information from the cloud protection node.
[0113] Step 702: The cold wallet module generates a second list of digital information and obtains the first list of digital information from the hot wallet module.
[0114] Step 703: The cold wallet module determines whether to update the key based on the first digital information list and the second digital information list.
[0115] In some feasible implementations, the cold wallet module determines whether to update the key based on a first digital information list and a second digital information list, including:
[0116] The cold wallet module generates a third digital information list, and the generation time of the third digital information list is earlier than the generation time of the second digital information list;
[0117] The cold wallet module determines whether the user corresponding to the third digital information list is the first user based on the first digital information list and the third digital information list;
[0118] If the user corresponding to the third digital information list is the first user, the cold wallet module compares the second and third digital information lists to obtain the comparison result.
[0119] If the comparison result meets the first condition, the cold wallet module determines the update key;
[0120] The first condition includes:
[0121] The second and third lists of numerical information contain the same j elements, where j is a positive integer.
[0122] In some feasible implementations, before the hot wallet module obtains the pre-stored list of the first user's first digital information from the cloud protection node upon receiving a key update request from the first user, the method further includes:
[0123] The cold wallet module generates the first list of digital information;
[0124] The cold wallet module generates a first Merkle tree hash value corresponding to the first digital information list. The first Merkle tree hash value is used to verify whether the first digital information list has been tampered with.
[0125] The hot wallet module sends the first list of digital information obtained from the cold wallet module and the first Merkle tree hash value to the cloud protection node.
[0126] In some feasible implementations, when the hot wallet module receives a key update request from the first user, the aforementioned key processing method further includes:
[0127] Upon receiving a key update request from the first user, the hot wallet module retrieves the first Merkle tree hash value from the cloud protection node.
[0128] The cold wallet module generates a third Merkle tree hash value corresponding to the first list of digital information obtained from the hot wallet module;
[0129] In the above steps, the cold wallet module determines whether to update the key based on the first digital information list and the second digital information list, including:
[0130] If the third Merkle tree hash value is the same as the first Merkle tree hash value obtained from the hot wallet module, determine whether to update the key based on the first digital information list and the second digital information list.
[0131] Optionally, the cold wallet module generates a first list of digital information, including:
[0132] The cold wallet module obtains the biometric information of the first user, which includes static biometric information and dynamic biometric information, and the static biometric information and the dynamic biometric information are different types of biometric information of the first user.
[0133] The cold wallet module converts the static biometric information into first digital biometric information and the dynamic biometric information into second digital biometric information.
[0134] The cold wallet module generates the first digital information list based on the first digital biometric information and the second digital biometric information.
[0135] Optionally, the cold wallet module includes a first sensing submodule, and the hot wallet module includes a second sensing submodule. The cold wallet module and the hot wallet module transmit information based on the first sensing submodule and the second sensing submodule.
[0136] It should be noted that this embodiment is an implementation of an electronic device corresponding to the above method embodiments. Therefore, the relevant descriptions in the above method embodiments can be referred to, and the same beneficial effects can be achieved. To avoid repetition, further details will not be provided here.
[0137] Please see Figure 8 This application also provides a key processing method, executed by a cloud protection node, comprising:
[0138] Step 801: Receive the key update request from the first user sent by the hot wallet module of the electronic device;
[0139] Step 802: Send the pre-stored first user's first information to the hot wallet module;
[0140] The first information includes a first list of digital information. In some feasible implementations, before receiving the key update request from the first user sent by the hot wallet module of the electronic device, the above-mentioned key processing method further includes:
[0141] Receive a first list of digital information and a first Merkle tree hash value sent by the hot wallet module. The first Merkle tree hash value is used to verify whether the first list of digital information has been tampered with.
[0142] Generate a second Merkle tree hash value corresponding to the first list of numerical information;
[0143] If the second Merck tree hash value is the same as the first Merck tree hash value, a storage field is generated based on the first Merck tree hash value, the first digital information list, and the parameters of the server node of the cloud protection node.
[0144] In some feasible implementations, after receiving a key update request from the hot wallet module of the electronic device for the first user and before sending a pre-stored list of the first user's first digital information to the hot wallet module, the method further includes:
[0145] Retrieve the first list of numeric information based on the stored fields.
[0146] In some feasible implementations, the first information also includes a first Merkle tree hash value.
[0147] It should be noted that this embodiment is an implementation of the cloud protection node corresponding to the above method embodiments. Therefore, the relevant descriptions in the above method embodiments can be referred to, and the same beneficial effects can be achieved. To avoid repetition, further details will not be provided here.
[0148] See Figure 9 . Figure 9 This embodiment provides a key processing device 900 applied to a blockchain system. The blockchain system includes an electronic device and a cloud protection node. The electronic device includes a cold wallet module and a hot wallet module. The key processing device includes a first processor and a first transceiver, wherein:
[0149] The first processor 901 is used for:
[0150] Upon receiving a key update request from the first user, the hot wallet module sends the key update request to the cloud protection node.
[0151] The first transceiver 902 is used for:
[0152] The cloud protection node receives the key update request from the first user sent by the hot wallet module of the electronic device.
[0153] The cloud protection node sends the first information of the first user, which is pre-stored, to the hot wallet module. The first information includes a first list of digital information.
[0154] The first processor 901 is further configured to:
[0155] The hot wallet module obtains first information from the cloud protection node, the first information including a list of first digital information of the first user pre-stored by the cloud protection node;
[0156] The cold wallet module generates a second digital information list and obtains the first digital information list from the hot wallet module;
[0157] The cold wallet module determines whether to update the key based on the first digital information list and the second digital information list.
[0158] The aforementioned key processing device 900 can achieve the following: Figure 1-6 The various implementations of the key processing method shown above can be referred to in the relevant descriptions of the above method embodiments, and the same beneficial effects can be achieved. To avoid repetition, they will not be described again here.
[0159] See Figure 10 . Figure 10 This embodiment provides a key processing device 1000, applied to an electronic device, which includes a cold wallet module and a hot wallet module, comprising:
[0160] The second processor 1001 is used for:
[0161] Upon receiving a key update request from the first user, the hot wallet module retrieves a pre-stored list of the first user's first digital information from the cloud protection node.
[0162] The cold wallet module generates a second digital information list and obtains the first digital information list from the hot wallet module;
[0163] The cold wallet module determines whether to update the key based on the first digital information list and the second digital information list.
[0164] The aforementioned key processing device can achieve the following: Figure 7 The various implementations of the key processing method shown above can be referred to in the relevant descriptions of the above method embodiments, and the same beneficial effects can be achieved. To avoid repetition, they will not be described again here.
[0165] See Figure 11 This application also provides a key processing device 1100, applied to a cloud protection node, comprising:
[0166] First transceiver 1101, used for:
[0167] Receives the first user's key update request sent by the hot wallet module of the electronic device;
[0168] Send the first information of the first user, which has been pre-stored, to the hot wallet module;
[0169] The first information includes a first list of digital information.
[0170] The aforementioned key processing device can achieve the following: Figure 8 The various implementations of the key processing method shown above can be referred to in the relevant descriptions of the above method embodiments, and the same beneficial effects can be achieved. To avoid repetition, they will not be described again here.
[0171] The key processing device in this application embodiment can be a device, or a component, integrated circuit, or chip in a terminal. The device can be a mobile electronic device or a non-mobile electronic device. For example, mobile electronic devices can be mobile phones, tablets, laptops, PDAs, in-vehicle electronic devices, wearable devices, ultra-mobile personal computers (UMPCs), netbooks, or personal digital assistants (PDAs), etc., while non-mobile electronic devices can be servers, network-attached storage (NAS), personal computers (PCs), televisions (TVs), ATMs, or self-service machines, etc. This application embodiment does not impose specific limitations.
[0172] Optional, such as Figure 12As shown, this application embodiment also provides an electronic device 1200, including a processor 1201, a memory 1202, and a program or instructions stored in the memory 1202 and executable on the processor 1201. When the program or instructions are executed by the processor 1201, they implement the various processes of the above method embodiments and achieve the same technical effects. To avoid repetition, they will not be described again here.
[0173] It should be noted that the electronic devices in the embodiments of this application include the mobile electronic devices and non-mobile electronic devices described above.
[0174] This application embodiment also provides a readable storage medium storing a program or instructions that, when executed by a processor, implement the above-described functionality. Figures 1 to 6 The various processes or implementations of the method embodiments Figure 7 The various processes or implementations of the method embodiments Figure 8 The various processes in the method embodiments can achieve the same technical effect, and will not be described again here to avoid repetition.
[0175] Through the above description of the embodiments, those skilled in the art can clearly understand that the methods of the above embodiments can be implemented by means of software plus necessary general-purpose hardware platforms. Of course, they can also be implemented by hardware, but in many cases the former is a better implementation method. Based on this understanding, the technical solution of the present invention, in essence, or the part that contributes to the prior art, can be embodied in the form of a software product. This computer software product is stored in a storage medium (such as ROM / RAM, magnetic disk, optical disk), and includes several instructions to cause a terminal (which may be a mobile phone, computer, server, air conditioner, or network device, etc.) to execute the methods described in the various embodiments of the present invention.
[0176] The embodiments of the present invention have been described above with reference to the accompanying drawings. However, the present invention is not limited to the specific embodiments described above. The specific embodiments described above are merely illustrative and not restrictive. Those skilled in the art can make many other forms under the guidance of the present invention without departing from the spirit and scope of the claims, and all of these forms are within the protection scope of the present invention.
Claims
1. A key processing method performed by a blockchain system, characterized by, The blockchain system includes electronic devices and cloud protection nodes, the electronic devices include cold wallet modules and hot wallet modules, and the method includes: Upon receiving a key update request from the first user, the hot wallet module sends the key update request to the cloud protection node. The cloud protection node receives the key update request from the first user sent by the hot wallet module of the electronic device. The cloud protection node sends the first information of the first user, which is pre-stored, to the hot wallet module. The first information includes a first list of digital information. The hot wallet module obtains first information from the cloud protection node, the first information including a list of first digital information of the first user pre-stored by the cloud protection node; The cold wallet module generates a second digital information list and obtains the first digital information list from the hot wallet module; The cold wallet module determines whether to update the key based on the first digital information list and the second digital information list.
2. The key processing method according to claim 1, characterized in that, The cold wallet module determines whether to update the key based on the first digital information list and the second digital information list, including: The cold wallet module determines whether the user corresponding to the second digital information list is the first user based on the first digital information list and the second digital information list; When the user corresponding to the second digital information list is the first user, the cold wallet module generates a third digital information list corresponding to the first user. The generation time of the third digital information list is later than the generation time of the second digital information list. The cold wallet module compares the second digital information list and the third digital information list to obtain a comparison result; If the comparison result satisfies the first condition, the cold wallet module determines the update key; The first condition includes: the second list of digital information and the third list of digital information contain the same j elements, where j is a positive integer.
3. The key processing method according to claim 1, characterized in that, Before the hot wallet module sends the key update request to the cloud protection node upon receiving the key update request from the first user, the method further includes: The cold wallet module generates the first list of digital information; The cold wallet module generates a first Merkle tree hash value corresponding to the first digital information list. The first Merkle tree hash value is used to verify whether the first digital information list has been tampered with. The hot wallet module sends the first list of digital information obtained from the cold wallet module and the first Merkle tree hash value to the cloud protection node.
4. The key processing method according to claim 3, characterized in that, Upon receiving a key update request from the first user, the method further includes: Upon receiving a key update request from the first user, the hot wallet module obtains the first Merck tree hash value from the cloud protection node. The cold wallet module generates a third Merkle tree hash value corresponding to the first list of digital information obtained from the hot wallet module; The cold wallet module determines whether to update the key based on the first digital information list and the second digital information list, including: If the third Merkle tree hash value is the same as the first Merkle tree hash value obtained from the hot wallet module, determine whether to update the key based on the first digital information list and the second digital information list.
5. The key processing method according to claim 1, characterized in that, The cold wallet module generates a first list of digital information, including: The cold wallet module obtains the biometric information of the first user, which includes static biometric information and dynamic biometric information, and the static biometric information and the dynamic biometric information are different types of biometric information of the first user. The cold wallet module converts the static biometric information into first digital biometric information and the dynamic biometric information into second digital biometric information. The cold wallet module generates the first digital information list based on the first digital biometric information and the second digital biometric information.
6. The key processing method according to claim 1, characterized in that, The cold wallet module includes a first sensing submodule, and the hot wallet module includes a second sensing submodule. The cold wallet module and the hot wallet module transmit information based on the first sensing submodule and the second sensing submodule.
7. A key processing method, executed by an electronic device, said electronic device comprising a cold wallet module and a hot wallet module, characterized in that, include: Upon receiving a key update request from the first user, the hot wallet module obtains first information from the cloud protection node. The first information includes a list of the first user's first digital information pre-stored by the cloud protection node. The cold wallet module generates a second digital information list and obtains the first digital information list from the hot wallet module; The cold wallet module determines whether to update the key based on the first digital information list and the second digital information list.
8. The key processing method according to claim 7, characterized in that, The cold wallet module determines whether to update the key based on the first digital information list and the second digital information list, including: The cold wallet module determines whether the user corresponding to the second digital information list is the first user based on the first digital information list and the second digital information list; When the user corresponding to the second digital information list is the first user, the cold wallet module generates a third digital information list corresponding to the first user. The generation time of the third digital information list is later than the generation time of the second digital information list. The cold wallet module compares the second digital information list and the third digital information list to obtain a comparison result; If the comparison result satisfies the first condition, the cold wallet module determines the update key; The first condition includes: the second list of digital information and the third list of digital information contain the same j elements, where j is a positive integer.
9. The key processing method according to claim 7, characterized in that, Before the hot wallet module obtains the pre-stored list of the first user's first digital information from the cloud protection node upon receiving a key update request from the first user, the method further includes: The cold wallet module generates the first list of digital information; The cold wallet module generates a first Merkle tree hash value corresponding to the first digital information list. The first Merkle tree hash value is used to verify whether the first digital information list has been tampered with. The hot wallet module sends the first list of digital information obtained from the cold wallet module and the first Merkle tree hash value to the cloud protection node.
10. The key processing method according to claim 9, characterized in that, Upon receiving a key update request from the first user, the method further includes: Upon receiving a key update request from the first user, the hot wallet module obtains the first Merck tree hash value from the cloud protection node. The cold wallet module generates a third Merkle tree hash value corresponding to the first list of digital information obtained from the hot wallet module; The cold wallet module determines whether to update the key based on the first digital information list and the second digital information list, including: If the third Merkle tree hash value is the same as the first Merkle tree hash value obtained from the hot wallet module, determine whether to update the key based on the first digital information list and the second digital information list.
11. The key processing method according to claim 7, characterized in that, The cold wallet module generates a first list of digital information, including: The cold wallet module obtains the biometric information of the first user, which includes static biometric information and dynamic biometric information, and the static biometric information and the dynamic biometric information are different types of biometric information of the first user. The cold wallet module converts the static biometric information into first digital biometric information and the dynamic biometric information into second digital biometric information. The cold wallet module generates the first digital information list based on the first digital biometric information and the second digital biometric information.
12. The key processing method according to claim 7, characterized in that, The cold wallet module includes a first sensing submodule, and the hot wallet module includes a second sensing submodule. The cold wallet module and the hot wallet module transmit information based on the first sensing submodule and the second sensing submodule.
13. A key processing method, executed by a cloud-based protection node, characterized in that, include: Receives the first user's key update request sent by the hot wallet module of the electronic device; Send the first information of the first user, which has been pre-stored, to the hot wallet module; The first information includes a first digital information list, which is obtained by the cold wallet from the hot wallet. The cold wallet is used to determine whether to update the key based on the first digital information list and a second digital information list. The second digital information list is generated by the cold wallet module.
14. The key processing method according to claim 13, characterized in that, Before receiving the key update request from the first user sent by the hot wallet module of the electronic device, the method further includes: The system receives the first digital information list and the first Merkle tree hash value sent by the hot wallet module. The first Merkle tree hash value is used to verify whether the first digital information list has been tampered with. Generate a second Merck tree hash value corresponding to the first list of digital information; If the second Merck tree hash value is the same as the first Merck tree hash value, a storage field is generated based on the first Merck tree hash value, the first digital information list, and the parameters of the server node of the cloud protection node.
15. The key processing method according to claim 14, characterized in that, After receiving the key update request from the hot wallet module of the electronic device and before sending the pre-stored first digital information list of the first user to the hot wallet module, the method further includes: Based on the stored fields, obtain the first list of digital information.
16. The key processing method according to claim 13, characterized in that, The first information also includes the first Merck tree hash value.
17. A key processing device applied to a blockchain system, the blockchain system including an electronic device and a cloud protection node, the electronic device including a cold wallet module and a hot wallet module, the key processing device comprising: A first processor and a first transceiver, wherein: The first processor is configured to: Upon receiving a key update request from the first user, the hot wallet module sends the key update request to the cloud protection node. The first transceiver is used for: The cloud protection node receives the key update request from the first user sent by the hot wallet module of the electronic device. The cloud protection node sends the first information of the first user, which is pre-stored, to the hot wallet module. The first information includes a first list of digital information. The first processor is further configured to: The hot wallet module obtains first information from the cloud protection node, the first information including a list of first digital information of the first user pre-stored by the cloud protection node; The cold wallet module generates a second digital information list and obtains the first digital information list from the hot wallet module; The cold wallet module determines whether to update the key based on the first digital information list and the second digital information list.
18. A key processing device applied to an electronic device, the electronic device comprising a cold wallet module and a hot wallet module, characterized in that, include: The second processor is used for: Upon receiving a key update request from the first user, the hot wallet module retrieves a pre-stored list of the first user's first digital information from the cloud protection node. The cold wallet module generates a second digital information list and obtains the first digital information list from the hot wallet module; The cold wallet module determines whether to update the key based on the first digital information list and the second digital information list.
19. A key processing device, applied to a cloud-based protection node, characterized in that, include: The second transceiver is used for: Receives the first user's key update request sent by the hot wallet module of the electronic device; Send the first information of the first user, which has been pre-stored, to the hot wallet module; The first information includes a first digital information list, which is obtained by the cold wallet from the hot wallet. The cold wallet is used to determine whether to update the key based on the first digital information list and a second digital information list. The second digital information list is generated by the cold wallet module.
20. An electronic device, characterized in that, It includes a memory, a processor, and a program or instructions stored in the memory and executable on the processor, wherein when the program or instructions are executed by the processor, they implement the steps of the key processing method as described in any one of claims 1-6, or implement the steps of the key processing method as described in any one of claims 7-12, or implement the steps of the key processing method as described in any one of claims 13-16.
21. A readable storage medium, characterized in that, The readable storage medium stores a program or instructions that, when executed by a processor, implement the steps of the key processing method as described in any one of claims 1-6, or implement the steps of the key processing method as described in any one of claims 7-12, or implement the steps of the key processing method as described in any one of claims 13-16.