A secure payment system and method based on blockchain and smart contract technology

Abstract

The application discloses a kind of safe payment system and method based on block chain and smart contract technology.The system is first initialized;Then enter the payment stage, user will send encrypted transaction intention with its Ethereum address to merchant, merchant decrypts transaction intention and the information obtained is packed into an order information and is stored in IPFS, IPFS generates index information and returns to merchant, and sends to user, user and smart contract interact to carry out payment amount and upload index, and blockchain successfully stores index and returns Transaction_hash to user;Finally, the system enters the stage of receiving goods and withdrawing, user sends Transaction_hash to merchant, merchant requests transaction information from BC, then verifies whether the transaction information is correct, if correct, sends goods to user, user receives goods and interacts with smart contract to verify identity, and modifies logistics status if verification is successful, and third-party payment platform pays the amount to merchant.The application can ensure that information is not leaked and tampered during electronic transaction.

Description

Technical Field

[0001] This invention relates to the fields of blockchain and smart contract technology, and specifically to a secure payment system and method based on blockchain and smart contract technology. Background Technology

[0002] With the continuous development of information technology, the convenience and speed of electronic payment have led to increasing demand, and it has become an indispensable part of people's lives. However, it is worth noting that there are certain risks involved in electronic payment, the most significant of which is the security of personal privacy information. Firstly, during the transaction between the user and the merchant, if the user's transaction information is compromised by an attacker, the transaction data can easily be leaked. Secondly, from the merchant's perspective, after receiving the transaction information from the user, the merchant stores it in their database; if this database is compromised by an attacker, the transaction data can also be easily leaked. Finally, most third-party payment platforms currently use centralized storage for electronic transaction data, and centralized storage makes it difficult to guarantee the security of this data; therefore, third-party payment platforms may also have vulnerabilities.

[0003] Therefore, it can be seen that the current method has technical problems with low security. Summary of the Invention

[0004] This invention provides a secure payment system and method based on blockchain and smart contract technology, which solves or at least partially solves the technical problem of low security in the prior art.

[0005] To address the aforementioned technical problems, the first aspect of this invention provides a secure payment system based on blockchain and smart contract technology, comprising: users, merchants, a third-party payment platform, smart contracts, the InterPlanetary File System (IPS), and a blockchain.

[0006] The user is used to send encrypted transaction intentions and the user's Ethereum address to the merchant; interact with the smart contract and upload the order index information to it, and make payments to the third-party payment platform; receive the storage address of the transaction information and index information corresponding to the order returned by the blockchain and send it to the merchant; and send the identity verification information to the smart contract.

[0007] Merchants decrypt encrypted transaction intentions sent by users, generate orders from the decrypted results, and store them in the InterPlanetary File System (IPS). They receive the index information corresponding to the order from the IPS and send this index information to the user. They verify the transaction amount and address by checking the storage address of the transaction information and index information sent by the user. If the information is correct, they send the goods to the user.

[0008] Third-party payment platforms receive payments from users and make payments to merchants based on the logistics status.

[0009] The smart contract receives the order index information uploaded by the user; it also receives the identity verification information sent by the user, verifies the user's identity, and modifies the corresponding logistics status when the verification is successful.

[0010] InterPlanetary File System (IPS) is used to store encrypted orders generated by merchants, generate index information corresponding to the encrypted orders, and then return it to the merchants.

[0011] Blockchain is used to store index information of orders uploaded by users to smart contracts. When storage is successful, the storage address of the transaction information and index information corresponding to the order is returned to the user. It can also receive requests from merchants to obtain transaction information, perform retrieval based on the transaction information request, and return the retrieval results to the merchants.

[0012] In one implementation, the encrypted transaction intent is encrypted by the user using the merchant's public key generated during system initialization. The user's Ethereum address is generated during system initialization and is used to register a pseudo-user identity.

[0013] In one implementation, the merchant uses the merchant's private key generated during system initialization to decrypt the encrypted transaction intention sent by the user, and packages the decrypted transaction intention together with the transaction amount and goods information into an order.

[0014] Based on the same inventive concept, a second aspect of this invention provides a secure payment method based on blockchain and smart contract technology, comprising:

[0015] The initialization process generates two Ethereum addresses, one for the user and one for the merchant. The Boneh-Franklin encryption scheme is used to obtain key pairs for the user and the merchant. The user's key pair includes the user's public key and private key, and the merchant's key pair includes the merchant's public key and private key.

[0016] Payment steps,

[0017] Users encrypt their transaction intentions using the merchant's public key and send the encrypted transaction intentions along with their account address to the merchant.

[0018] Merchants use their private key to decrypt the encrypted transaction intention, package the decryption result, transaction amount, and goods information into an order, encrypt it, and then store it in IPFS. IPFS generates an index of the encrypted order and returns it to the merchant, who then sends it to the user.

[0019] Users make payments to a third-party payment platform by calling a smart contract and upload the order's index information to the smart contract. The third-party payment platform uses blockchain and smart contract technology to store the order's index information on the blockchain and returns the storage address of the transaction information and index information corresponding to the order to the user.

[0020] In the process of receiving goods and withdrawing cash, the user sends the storage address of the transaction information and index information corresponding to the order to the merchant. The merchant verifies whether the transaction information is correct. If it is correct, the merchant sends the corresponding goods to the user. After receiving the goods, the user interacts with the smart contract to verify the user's identity. If the identity verification is successful, the logistics status is modified and the corresponding amount is paid to the merchant through a third-party payment platform.

[0021] In one implementation, the initialization step includes:

[0022] Third-party payment platforms create smart contracts based on transaction rules;

[0023] Initialize the Ethereum addresses Uaddr and Saddr for the user and merchant respectively;

[0024] The BF identity-based encryption scheme uses a key generator to generate the user's private and public keys, as well as the merchant's private and public keys.

[0025] In one implementation, during the payment process, the user encrypts the transaction intention using the merchant's public key and sends the encrypted transaction intention along with the user's account address to the merchant, including:

[0026] Users encrypt transaction intentions using the merchant's public key, specifically including: the user randomly selecting... Four parameters are set: V, W, T, and r. V, W, and T are used to construct the encrypted transaction intention c′. V is a parameter for verifying message security. W is a parameter used by the merchant to solve for α during decryption. T is a parameter used by the merchant to solve for the plaintext c during decryption. r is a hash value. m Indicate the bit length of the message; calculate r = H3(α,c) and V = r*P in sequence. and Here, {H1,H2,H3,H4} are four secure hash functions: H1:{0,1} * →G1, P is a generator of G1; P pud Q is the system public key. S For the merchant's public key;

[0027] The user will encrypt the transaction intention c ′= (V, W, T) and the user's Ethereum address Uaddr are sent to the merchant.

[0028] In one implementation, during the payment process, the merchant decrypts the encrypted transaction intention using their private key, packages the decrypted result, transaction amount, and goods information into an order, encrypts it, and stores it in IPFS. IPFS then generates an index of the encrypted order and returns it to the merchant, who then sends it to the user. This includes:

[0029] Merchants use the merchant's private key S S Decrypting the encrypted transaction intention c′ specifically includes: calculating calculate Here, m is the decrypted transaction intention. Then, a parameter r′ is set as a hash value, r′=H3(α′,m), and the equation V=r′*P is checked. If it is true, the ciphertext is accepted and m is returned; otherwise, c′ is not accepted.

[0030] Package the transaction amount q and the goods information k into a single order, and use the user's public key Q. U The order is encrypted. The encryption process includes: randomly selecting β∈{0,1} lm Set a hash value t and three parameters O, Q, and D, where O, Q, and D are used to construct the encrypted order information order′, O is the parameter used for verification, Q is the parameter used by the user to solve for β during the order decryption process, and D is the parameter used by the user to obtain the original plaintext order during the order decryption process; calculate t = H3(β, order) and O = t * P in sequence. and The encrypted order is obtained as order′=(O,Q,D), where {H2,H3,H4} are three secure hash functions: P is a generator of G1; P pud Q is the system public key. U For the user's public key;

[0031] Merchants upload the encrypted order to the InterPlanetary File System (IPS), which then returns the corresponding index information for the order.

[0032] The merchant sends the index information corresponding to the order to the user.

[0033] In one implementation, during the payment step, the user initiates a payment operation to a third-party payment platform by invoking a smart contract and uploads the order's index information to the smart contract. The third-party payment platform uses blockchain and smart contract technology to store the order's index information on the blockchain and returns the storage address of the transaction information and index information corresponding to the order to the user, including:

[0034] Users make payments to the third-party payment platform Payment Part by calling the smart contract SC.

[0035] The user uploads the order's index information to the smart contract;

[0036] The smart contract stores the transaction amount paid by the user to the third-party payment platform, the user's Ethereum address Uaddr, and the index together in the blockchain. When the blockchain storage is successful, it hashes the two transactions into a transaction hash. hash Give the smart contract, which contains two Transactions hash These are the transaction information for users paying to third-party payment platforms and the storage address of the index in the blockchain;

[0037] The smart contract returns both transaction hashes to the user and deducts the amount from the user's account.

[0038] The smart contract interacts with the third-party payment platform to transfer the amount paid by the user into the third-party payment platform's account, and the third-party payment platform's account is increased accordingly.

[0039] In one implementation, the cash withdrawal step specifically includes:

[0040] The user sends the two transaction hashes sent by the smart contract to the merchant;

[0041] Merchants request transaction information from the blockchain based on the received transaction hash. The blockchain retrieves the transaction information based on the storage address of the index information in the transaction hash and returns the transaction amount, the user's Ethereum address, and the order index information to the merchant.

[0042] Merchants verify the transaction amount and Ethereum address returned by the blockchain to confirm the amount paid by the user and whether the account is correct. If the verification is successful, the merchant sends the goods to the user.

[0043] Once the user receives the goods, they enter their identity information to trigger a smart contract for identity verification. The verification information, including the user's pseudo-identity ID, is then sent to the smart contract. U and the user's Ethereum address;

[0044] Once authentication is successful, the user's pseudo-identity ID is modified by invoking a smart contract. U The logistics status is set to {“shipped”}, and the amount is deducted from the third-party payment platform account via smart contract;

[0045] The smart contract sends the amount paid by the third-party payment platform to the merchant, increases the corresponding amount in the merchant's account, and returns the transaction result of the payment from the third-party payment platform to the third-party payment platform.

[0046] Compared with the prior art, the technical effects that the present invention can achieve include:

[0047] This invention provides a secure payment system based on blockchain and smart contract technology, comprising: users, merchants, third-party payment platforms, smart contracts, the InterPlanetary File System (IPFS), and a blockchain. By combining smart contract technology, blockchain technology, and the IPFS system, it achieves efficient storage of transaction information, and the data stored in the blockchain cannot be modified or tampered with. The use of index information bound to CID values ​​further improves the search efficiency of transaction information. The use of Blockchain Encryption (BF) to process transaction information effectively ensures security when sharing transaction information. This invention not only ensures the security of transaction information storage but also guarantees that users, merchants, and third-party payment platforms can securely receive transaction data during the transaction process. Therefore, it improves transaction security. Attached Figure Description

[0048] To more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are some embodiments of the present invention. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.

[0049] Figure 1 The diagram shows the interaction of the secure payment system provided by this invention during the payment phase.

[0050] Figure 2 The diagram shows the interaction between the secure payment system provided by this invention during the cash withdrawal stage. Detailed Implementation

[0051] This invention provides a secure payment system based on blockchain and smart contract technology, mainly to solve three major drawbacks of current electronic payments: users are vulnerable to attackers when sending transaction information to merchants; merchants are vulnerable to attackers when storing transaction information received from users in their databases; and most third-party payment platforms use centralized storage for electronic transaction data.

[0052] To address the aforementioned technical issues, this invention provides a secure payment system and method based on blockchain and smart contract technology. The system primarily includes: users, merchants, a third-party payment platform, smart contracts, IPFS, and a blockchain. The specific steps are as follows: First, the system initializes by obtaining a key pair between the user and the merchant using the Boneh-Franklin (BF) encryption scheme. Next, the system enters the payment phase. The user sends their encrypted transaction intention along with their Ethereum address to the merchant. The merchant decrypts the transaction intention and packages the obtained information into order information, which is then encrypted and stored in IPFS. IPFS generates an index and returns it to the merchant, who in turn sends it to the user. The user interacts with the smart contract to determine the payment amount and upload the index. If the blockchain successfully stores the index, it returns a Transaction_hash to the user. Finally, the system enters the goods receipt and withdrawal phase. The user sends the Transaction_hash to the merchant, who verifies the transaction. If correct, the merchant sends the goods to the user. Upon receiving the goods, the user interacts with the smart contract for identity verification. If verification is successful, the logistics status is updated, and the third-party payment platform pays the merchant the amount.

[0053] This invention combines smart contracts and blockchain technology, employing the BF encryption scheme and using IPFS to store index information more efficiently. This ensures that the index cannot be modified or tampered with on the blockchain, effectively solving the drawbacks of current electronic payments and ensuring that user information is not leaked or tampered with during electronic transactions. To make the objectives, technical solutions, and advantages of the embodiments of this invention clearer, the technical solutions of the embodiments of this invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of this invention, not all embodiments. Based on the embodiments of this invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of this invention.

[0054] Example 1

[0055] This invention provides a secure payment system based on blockchain and smart contract technology, including: users, merchants, third-party payment platforms, smart contracts, the InterPlanetary File System (IPS), and blockchain.

[0056] The user is used to send encrypted transaction intentions and their Ethereum address to the merchant; interact with the smart contract and upload the order index information to it, and make payments to the third-party payment platform; receive the storage address of the transaction information and index information corresponding to the order returned by the blockchain and send it to the merchant; and send the identity verification information to the smart contract.

[0057] Merchants decrypt encrypted transaction intentions sent by users, generate orders from the decrypted results, and store them in the InterPlanetary File System (IPS). They receive the index information corresponding to the order from the IPS and send this index information to the user. They verify the transaction amount and address by checking the storage address of the transaction information and index information sent by the user. If the information is correct, they send the goods to the user.

[0058] Third-party payment platforms receive payments from users and make payments to merchants based on the logistics status.

[0059] The smart contract receives the order index information uploaded by the user; it also receives the identity verification information sent by the user, verifies the user's identity, and modifies the corresponding logistics status when the verification is successful.

[0060] InterPlanetary File System (IPS) is used to store encrypted orders generated by merchants, generate index information corresponding to the encrypted orders, and then return it to the merchants.

[0061] Blockchain is used to store index information of orders uploaded by users to smart contracts. When storage is successful, the storage address of the transaction information and index information corresponding to the order is returned to the user. It can also receive requests from merchants to obtain transaction information, perform retrieval based on the transaction information request, and return the retrieval results to the merchants.

[0062] Currently, electronic payment is widely used in my country. Therefore, society needs to ensure that users' information is not leaked or tampered with during electronic transactions. A secure payment system based on blockchain and smart contract technologies would be very effective.

[0063] The system mainly consists of users, stores, smart contracts (SC), the InterPlanetary File System (IPFS), and the blockchain.

[0064] The User's main task is to encrypt the transaction intention and send the encrypted transaction intention and account address information to the Store, along with the amount required for the payment transaction.

[0065] The Store's primary task is to resolve order issues and provide users with the goods they need. During the payment phase, it decrypts the user's encrypted transaction intent to create an order, and then encrypts and stores the order information in IPFS. During the receipt and withdrawal phase, it verifies the transaction information; if correct, it sends the goods to the user. The Store encrypts and stores order information in IPFS, essentially generating encrypted orders and storing them there.

[0066] SC, stored on the blockchain, serves as a protocol to determine whether to place user and merchant transaction information on the blockchain. During the payment phase, it primarily allows users to pay the transaction amount and upload the CID value index generated by the IPFS system. During the cash withdrawal phase, it mainly verifies the user's identity information; if correct, it updates the logistics status and deducts the amount from the third-party payment platform. The use of CID value binding improves the efficiency of transaction information retrieval.

[0067] IPFS, as a distributed encrypted database, generates a CID value index corresponding to the data when the Store uploads encrypted order information to IPFS, and returns it to the Store, thus enhancing the security of the data during transmission.

[0068] Blockchain addresses the centralization issues of third-party payment platforms, providing a trusted execution environment for smart contracts, supporting programmable contracts, and offering advantages such as immutability, transparent and traceable processes, thus ensuring data security. Its primary task is to store index values ​​uploaded by users.

[0069] The Payment Part, representing the third-party payment platform, primarily acts as a platform for transferring funds between the User and the Store. During the payment phase, it receives money paid by the User and adds it to the account. During the receipt and withdrawal phase, it transfers the money paid by the User during the payment phase to the Store.

[0070] This invention provides a secure payment system based on blockchain and smart contract technology. The ingenious combination of electronic payment and blockchain systems effectively ensures the security of transaction data and payment amounts, preventing the leakage of personal privacy.

[0071] In one implementation, the encrypted transaction intent is encrypted by the user using the merchant's public key generated during system initialization. The user's Ethereum address is generated during system initialization and is used to register a pseudo-user identity.

[0072] In one implementation, the merchant uses the merchant's private key generated during system initialization to decrypt the encrypted transaction intention sent by the user, and packages the decrypted transaction intention together with the transaction amount and goods information into an order.

[0073] Example 2

[0074] Based on the same inventive concept, this embodiment provides a secure payment method based on blockchain and smart contract technology, including:

[0075] The initialization process generates two Ethereum addresses, one for the user and one for the merchant. The Boneh-Franklin encryption scheme is used to obtain key pairs for the user and the merchant. The user's key pair includes the user's public key and private key, and the merchant's key pair includes the merchant's public key and private key.

[0076] Payment steps,

[0077] Users encrypt their transaction intentions using the merchant's public key and send the encrypted transaction intentions along with their account address to the merchant.

[0078] Merchants use their private key to decrypt the encrypted transaction intention, and package the decrypted result (i.e., the user's transaction intention), transaction amount, and goods information into an order, encrypt it, and then store it in IPFS. IPFS generates an index of the encrypted order and returns it to the merchant, who then sends it to the user.

[0079] Users make payments to a third-party payment platform by calling a smart contract and upload the order's index information to the smart contract. The third-party payment platform uses blockchain and smart contract technology to store the order's index information on the blockchain and returns the storage address of the transaction information and index information corresponding to the order to the user.

[0080] In the process of receiving goods and withdrawing cash, the user sends the storage address of the transaction information and index information corresponding to the order to the merchant. The merchant verifies whether the transaction information is correct. If it is correct, the merchant sends the corresponding goods to the user. After receiving the goods, the user interacts with the smart contract to verify the user's identity. If the identity verification is successful, the logistics status is modified and the corresponding amount is paid to the merchant through a third-party payment platform.

[0081] The overall process of this invention mainly includes three steps: initialization, payment, and receipt and withdrawal (stages). The components include: User, Store, Smart Contract SC, Third-Party Payment Platform (Payment Part), InterPlanetary File System (IPFS), and Blockchain. Before proceeding with the overall process, the system must first initialize. The main operations are as follows: First, the third-party payment platform (Payment Part) creates the smart contract SC according to the transaction rules. Next, the system initializes two Ethereum addresses, Uaddr and Saddr, which serve as the account addresses for User and Store, respectively. Finally, the key is extracted using BF's identity-based encryption scheme. Next comes the payment stage. The user sends a transaction intention to the merchant, who packages the transaction intention into an order and stores it encrypted. Using smart contracts and blockchain technology, the information is stored and processed. The user then pays the amount to a third-party payment platform. Finally, in the delivery and withdrawal stage, the user sends the storage address of the transaction information and index information corresponding to the order to the merchant. The merchant verifies the information. If the verification is successful, the merchant sends the winning goods to the user. At the same time, the user's identity is verified through a smart contract. If the identity verification is successful, the logistics status is modified, and the corresponding amount is paid to the merchant through the third-party payment platform.

[0082] In one implementation, the initialization step includes:

[0083] Third-party payment platforms create smart contracts based on transaction rules;

[0084] Initialize the Ethereum addresses Uaddr and Saddr for the user and merchant respectively;

[0085] The BF identity-based encryption scheme uses a key generator to generate the user's private and public keys, as well as the merchant's private and public keys.

[0086] Specifically, using the Boneh-Franklin (BF) identity-based encryption scheme, the key generator PKG generates public parameters {e, P, P}. pud Let H1, H2, H3, H4} and the master key s. G1×G1→G T It is a bilinear mapping, G1 is a cyclic additive group of order p, and G T It is a cyclic multiplicative group of order p; P is a generator of G1; P pud The system public key is calculated from s and P; {H1, H2, H3, H4} are four secure hash functions: H1: {0, 1} * →G1, l m Indicates the bit length of the message; {0,1}* It is a bit string of arbitrary length; It is l m Bit string; Z p It is a complete residual system modulo p; Z * p It is a simplified residue system modulo p; s is from Z * p The element randomly selected from the list is a random number.

[0087] The specific encryption steps are as follows: First, PKG will randomly select s∈Z * p Calculate P pud =s*P, then key extraction is performed, and User and Store use their Ethereum addresses to register a pseudo-identity ID in SC respectively. U and ID S ID at this time U The logistics status is defined as {"empty", "not shipped"}. The User's private key is calculated using PKG. U =s*Q U The public key is Q. U =H1(ID) U The private key for Store is S. S =s*Q S The public key is Q. S =H1(ID) S ).

[0088] In one implementation, during the payment process, the user encrypts the transaction intention using the merchant's public key and sends the encrypted transaction intention along with the user's account address to the merchant, including:

[0089] Users encrypt transaction intentions using the merchant's public key, specifically including: the user randomly selecting... Four parameters are set: V, W, T, and r. V, W, and T are used to construct the encrypted transaction intention c′. V is a parameter for verifying message security. W is a parameter used by the merchant to solve for α during decryption. T is a parameter used by the merchant to solve for the plaintext c during decryption. r is a hash value. m Indicate the bit length of the message; calculate r = H3(α,c) and V = r*P in sequence. and Here, {H1,H2,H3,H4} are four secure hash functions: H1:{0,1} * →G1, P is a generator of G1; P pud Q is the system public key. S For the merchant's public key;

[0090] The user sends the encrypted transaction intention c′=(V,W,T) and the user's Ethereum address Uaddr to the merchant.

[0091] Specifically, parameter V is mainly used to verify the security of the message, W is mainly used by the Store to solve α during the decryption process, and T is mainly used to perform XOR operation during the Store decryption process to obtain the plaintext c (i.e. the original transaction intention).

[0092] Please see Figure 1 This is an interactive block diagram of the secure payment system provided by the present invention during the payment stage.

[0093] In one implementation, during the payment process, the merchant decrypts the encrypted transaction intention using their private key, packages the decrypted result, transaction amount, and goods information into an order, encrypts it, and stores it in IPFS. IPFS then generates an index of the encrypted order and returns it to the merchant, who then sends it to the user. This includes:

[0094] Merchants use the merchant's private key S S Decrypting the encrypted transaction intention c′ specifically includes: calculating calculate Here, m is the decrypted transaction intention. Then, a parameter r′ is set as a hash value, r′=H3(α′,m), and the equation V=r′*P is checked. If it is true, the ciphertext is accepted and m is returned; otherwise, c′ is not accepted.

[0095] Package the transaction amount q and the goods information k into a single order, and use the user's public key Q. U The order is encrypted. The encryption process includes: randomly selecting β∈{0,1} lm Set a hash value t and three parameters O, Q, and D, where O, Q, and D are used to construct the encrypted order information order′, O is the parameter used for verification, Q is the parameter used by the user to solve for β during the order decryption process, and D is the parameter used by the user to obtain the original plaintext order during the order decryption process; calculate t = H3(β, order) and O = t * P in sequence. and The encrypted order is obtained as order′=(O,Q,D), where {H2,H3,H4} are three secure hash functions: P is a generator of G1; P pud Q is the system public key. U For the user's public key;

[0096] Merchants upload the encrypted order to the InterPlanetary File System (IPS), which then returns the corresponding index information for the order.

[0097] The merchant sends the index information corresponding to the order to the user.

[0098] Specifically, whether V = r′ * P holds true is determined by checking if the product of r′ and P calculated by the merchant using a hash function is equal to the parameter V in the received encrypted transaction intention. If they are equal, it means that the values ​​of m and c, r′ and r, and α′ and α are the same. In this case, the ciphertext is accepted and message m is returned; otherwise, c′ is not accepted. O is mainly used for verification, checking whether t has changed during the user's decryption process to ensure that the information has not been tampered with and is transmitted securely. Q is mainly used by the user to calculate β during the decryption process, and D is mainly used by the user to calculate the plaintext order (the original order) during the decryption process.

[0099] In one implementation, during the payment step, the user initiates a payment operation to a third-party payment platform by invoking a smart contract and uploads the order's index information to the smart contract. The third-party payment platform uses blockchain and smart contract technology to store the order's index information on the blockchain and returns the storage address of the transaction information and index information corresponding to the order to the user, including:

[0100] Users make payments to the third-party payment platform Payment Part by calling the smart contract SC.

[0101] The user uploads the order's index information to the smart contract;

[0102] The smart contract stores the transaction amount paid by the user to the third-party payment platform, the user's Ethereum address Uaddr, and the index together in the blockchain. When the blockchain storage is successful, it hashes the two transactions into a transaction hash. hash Give the smart contract, which contains two Transactions hash These are the transaction information for users paying to third-party payment platforms and the storage address of the index in the blockchain;

[0103] The smart contract returns both transaction hashes to the user and deducts the amount from the user's account.

[0104] The smart contract interacts with the third-party payment platform to transfer the amount paid by the user into the third-party payment platform's account, and the third-party payment platform's account is increased accordingly.

[0105] Specifically, when the blockchain stores the order index information, if the storage is successful, it returns the storage address of the corresponding transaction information and index information to the user. The transaction information and storage address are returned in the form of a transaction hash. The transaction information includes the transaction amount.

[0106] In one implementation, the cash withdrawal step specifically includes:

[0107] The user sends the two transaction hashes sent by the smart contract to the merchant;

[0108] Merchants request transaction information from the blockchain based on the received transaction hash. The blockchain retrieves the transaction information based on the storage address of the index information in the transaction hash and returns the transaction amount, the user's Ethereum address, and the order index information to the merchant.

[0109] Merchants verify the transaction amount and Ethereum address returned by the blockchain to confirm the amount paid by the user and whether the account is correct. If the verification is successful, the merchant sends the goods to the user.

[0110] Once the user receives the goods, they enter their identity information to trigger a smart contract for identity verification. The verification information, including the user's pseudo-identity ID, is then sent to the smart contract. U and the user's Ethereum address;

[0111] Once authentication is successful, the user's pseudo-identity ID is modified by invoking a smart contract. U The logistics status is set to {“shipped”}, and the amount is deducted from the third-party payment platform account via smart contract;

[0112] The smart contract sends the amount paid by the third-party payment platform to the merchant, increases the corresponding amount in the merchant's account, and returns the transaction result of the payment from the third-party payment platform to the third-party payment platform.

[0113] Please see Figure 2 This is an interactive flowchart of the secure payment system provided by the present invention during the cash withdrawal stage.

[0114] Specifically, the system verifies the amount paid by the user and the correctness of the account, which is generated based on the user's Ethereum address. If the account is incorrect, the merchant will not ship the goods.

[0115] When authentication is successful, the user's pseudo-identity ID is modified by calling a smart contract. U The system will change the shipping status from "not shipped" to "shipped." Once the status change is complete, the system will automatically deduct the amount from the Payment Part account. If authentication fails, the User's shipping status will not be changed.

[0116] This invention provides a secure payment system and method based on blockchain and smart contract technology. During the payment phase, the user encrypts their transaction intention and sends it along with their Ethereum address to the merchant. Upon receiving the transaction intention, the merchant decrypts it, packages the information into an order form, and then encrypts and stores this order information in IPFS. IPFS re-encrypts the encrypted order and returns the resulting index information to the merchant, who then sends the information to the user. This effectively ensures the security of transaction data transmission. The combination of smart contracts and blockchain technology allows for more efficient storage of index information, ensuring that the index cannot be modified or tampered with on the blockchain. Furthermore, the use of the BF encryption scheme, which inherently includes signature encryption, tightly links the user's public key to their identity. Therefore, both the user and the merchant must encrypt the data before sending transaction data to the merchant and before sending order data to IPFS. This ensures the authenticity and validity of the transaction data, protects user transaction data security, and prevents information leakage.

[0117] It should be understood that any parts not described in detail in this specification belong to the prior art.

[0118] It should be understood that the above description of the preferred embodiments is quite detailed, but it should not be considered as a limitation on the scope of protection of this invention. Those skilled in the art, under the guidance of this invention, can make substitutions or modifications without departing from the scope of protection of the claims of this invention, and all such substitutions or modifications fall within the scope of protection of this invention. The scope of protection of this invention should be determined by the appended claims.

Claims

1. A secure payment method based on blockchain and smart contract technology, characterized in that, This is achieved through a secure payment system, which includes: users, merchants, third-party payment platforms, smart contracts, the InterPlanetary File System (IPS), and blockchain. The user is used to send encrypted transaction intentions and their Ethereum address to the merchant; interact with the smart contract to upload the order index information and make payments to the third-party payment platform; receive the storage address of the transaction information and index information corresponding to the order returned by the blockchain and send it to the merchant; and send the identity verification information to the smart contract. Merchants decrypt encrypted transaction intentions sent by users, generate orders from the decrypted results, and store them in the InterPlanetary File System (IPS). They receive the index information corresponding to the order from the IPS and send this index information to the user. They verify the transaction amount and address by checking the storage address of the transaction information and index information sent by the user. If the information is correct, they send the goods to the user. Third-party payment platforms receive payments from users and make payments to merchants based on the logistics status. The smart contract receives the order index information uploaded by the user; it also receives the identity verification information sent by the user, verifies the user's identity, and modifies the corresponding logistics status when the verification is successful. InterPlanetary File System (IPS) is used to store encrypted orders generated by merchants, generate index information corresponding to the encrypted orders, and then return it to the merchants. Blockchain is used to store index information of orders uploaded by users to smart contracts. When storage is successful, the storage address of the transaction information and index information corresponding to the order is returned to the user. It can also receive requests from merchants to obtain transaction information, perform retrieval based on the transaction information request, and return the retrieval results to the merchants. Secure payment methods include: The initialization process generates two Ethereum addresses, one for the user and one for the merchant. The Boneh-Franklin encryption scheme is used to obtain key pairs for the user and the merchant. The user's key pair includes the user's public key and private key, and the merchant's key pair includes the merchant's public key and private key. Payment steps, Users encrypt their transaction intentions using the merchant's public key and send the encrypted transaction intentions along with their account address to the merchant. Merchants use their private key to decrypt the encrypted transaction intention, package the decrypted result, transaction amount, and goods information into an order, encrypt it, and then store it in IPFS. IPFS generates an index of the encrypted order and returns it to the merchant, who then sends it to the user. Users make payments to a third-party payment platform by calling a smart contract and upload the order's index information to the smart contract. The third-party payment platform uses blockchain and smart contract technology to store the order's index information on the blockchain and returns the storage address of the transaction information and index information corresponding to the order to the user. In the process of receiving goods and withdrawing cash, the user sends the storage address of the transaction information and index information corresponding to the order to the merchant. The merchant verifies whether the transaction information is correct. If it is correct, the corresponding goods are sent to the user. After receiving the goods, the user interacts with the smart contract to verify the user's identity. If the identity verification is successful, the logistics status is modified and the corresponding amount is paid to the merchant through a third-party payment platform. The initialization step uses the Boneh-Franklin encryption scheme to obtain a key pair between the user and the merchant, including: Key generator randomly selected ,calculate The key is extracted, and the user and merchant each register a pseudo-identity in the smart contract using their Ethereum address. and The user's private key is calculated using a key generator. The public key is The merchant's private key is The public key is ,in, It is a complete residual system modulo p. For a safe hash function, for A generator, It is a cyclic additive group of order p. For the system public key, For the user's fake identity, This is a fake identity for the merchant; the steps for receiving goods and withdrawing cash include: The user sends the two transaction hashes sent by the smart contract to the merchant; Merchants request transaction information from the blockchain based on the received transaction hash. The blockchain then retrieves the transaction information based on the storage address of the index information in the transaction hash, including the transaction amount, the user's Ethereum address, and the order index information. Return to the merchant; Merchants verify the transaction amount and Ethereum address returned by the blockchain to confirm the amount paid by the user and whether the account is correct. If the verification is successful, the merchant sends the goods to the user. Once the user receives the goods, they enter their identity information to trigger a smart contract for identity verification. The verification information, including the user's pseudo-identity, is then sent to the smart contract. and the user's Ethereum address; Once authentication is successful, the user's pseudo-identity is modified by invoking a smart contract. Logistics status The amount is deducted from the third-party payment platform account through a smart contract; The smart contract sends the amount paid by the third-party payment platform to the merchant, increases the corresponding amount in the merchant's account, and returns the transaction result of the payment from the third-party payment platform to the third-party payment platform.

2. The secure payment method based on blockchain and smart contract technology as described in claim 1, characterized in that, The encrypted transaction intent is encrypted by the user using the merchant's public key generated during system initialization. The user's Ethereum address is generated during system initialization and is used to register a pseudo-user identity.

3. The secure payment method based on blockchain and smart contract technology as described in claim 1, characterized in that, Merchants use the private key generated during system initialization to decrypt the encrypted transaction intention sent by the user, and then package the decrypted transaction intention together with the transaction amount and goods information into an order.

4. The secure payment method based on blockchain and smart contract technology as described in claim 1, characterized in that, The initialization steps include: Third-party payment platforms create smart contracts based on transaction rules; Initialize the Ethereum addresses for users and merchants separately. and ; The BF identity-based encryption scheme uses a key generator to generate the user's private and public keys, as well as the merchant's private and public keys.

5. The secure payment method based on blockchain and smart contract technology as described in claim 1, characterized in that, During the payment process, the user encrypts the transaction intent using the merchant's public key and sends the encrypted transaction intent along with the user's account address to the merchant, including: Users encrypt transaction intentions using the merchant's public key, specifically including: the user randomly selecting... Set four parameters , , , ,in , , Used to form the encrypted transaction intention , Parameters used to verify the security of messages. Solving problems for merchants during the decryption process The parameters, Deciphering plaintext during the merchant's decryption process The parameters, For a hash value, Indicate the bit length of the message; calculate sequentially. , , and ,in, Four safe hash functions: , , , , for A generator; For the system public key, For the merchant's public key; The user will encrypt the transaction intention and the user's Ethereum address Send it to the merchant along with the product.

6. The secure payment method based on blockchain and smart contract technology as described in claim 1, characterized in that, During the payment process, the merchant uses its private key to decrypt the encrypted transaction intention, packages the decrypted result, transaction amount, and goods information into an order, encrypts it, and stores it in IPFS. IPFS then generates an index of the encrypted order and returns it to the merchant, who then sends it to the user. This includes: Merchants use the merchant's private key encrypted transaction intentions Decryption specifically includes: calculation ,calculate ,in As the decrypted transaction intention, a parameter is then set. As a hash value, And check the equation Check if the condition is met; if so, accept the ciphertext and return. Otherwise, I will not accept it. ; Transaction amount and cargo information Packaged into one order and using the user's public key right Encryption is performed, and the encryption process includes: randomly selecting... Set a hash value and three parameters , , ,in , , Used to construct encrypted order information , These are the parameters used for testing. Solving the problem for users during the order decryption process. The parameters, To obtain the parameters of the original plaintext order during the order decryption process for the user; calculate sequentially. , , and ; received the encrypted order ,in, Three safe hash functions: , , , for A generator; For the system public key, For the user's public key; Merchants will encrypt orders Uploaded to the InterPlanetary File System (IPS), the IPS returns the index information corresponding to the order. ; Merchants will provide the index information corresponding to the orders. Send to the user.

7. The secure payment method based on blockchain and smart contract technology as described in claim 1, characterized in that, During the payment process, the user initiates a payment transaction with a third-party payment platform by invoking a smart contract, and uploads the order's index information to the smart contract. The third-party payment platform uses blockchain and smart contract technology to store the order's index information on the blockchain and returns the storage address of the transaction information and index information corresponding to the order to the user, including: Users make payments to the third-party payment platform Payment Part by calling the smart contract SC. The user will index the order information. Upload to smart contract; The smart contract will record the transaction amount paid by the user to the third-party payment platform and the user's Ethereum address. as well as Both transactions are stored together in the blockchain. Once the blockchain successfully stores the data, it hashes the two transactions. Give the smart contracts, two of which These are transaction information for users paying to third-party payment platforms. Storage address in the blockchain; The smart contract returns both transaction hashes to the user and deducts the amount from the user's account. The smart contract interacts with the third-party payment platform to transfer the amount paid by the user into the third-party payment platform's account, and the third-party payment platform's account is increased accordingly.

Images