Blockchain modification method, apparatus, device, and medium

By using chameleon hash private keys and ring signature generation algorithms in a consortium blockchain system, combined with zero-knowledge proofs, the problem that the reliability of message modification depends on user trustworthiness in blockchain modification schemes based on chameleon hashes is solved. This achieves both reliability and anonymity of message modification, ensures that modifications comply with preset policies, and traces the identity of malicious users when necessary.

CN116781277BActive Publication Date: 2026-06-16INDUSTRIAL AND COMMERCIAL BANK OF CHINA
View PDF 2 Cites 0 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
INDUSTRIAL AND COMMERCIAL BANK OF CHINA
Filing Date
2023-06-28
Publication Date
2026-06-16

Smart Images

  • Figure CN116781277B_ABST
    Figure CN116781277B_ABST
Patent Text Reader

Abstract

The present disclosure provides a blockchain modification method, which can be applied to the technical field of blockchain. The method comprises: in the case that a revising user provides a chameleon hash private key, running a collision algorithm of the chameleon hash function to output a collision random number; executing a ring signature generation algorithm to generate a ring signature of the revising user; generating a second zero-knowledge proof for verifying that a modification manner of the new message satisfies a preset message modification strategy; based on the collision random number, an original hash value, the ring signature of the revising user and the second zero-knowledge proof, initiating a message modification application for modifying the original message by using the new message to the consortium chain system; and when the message modification application is verified in the consortium chain system, modifying the original message by using the new message. The present disclosure also provides a blockchain modification device, equipment, storage medium and program product.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This disclosure relates to the field of blockchain technology, and more specifically to a blockchain modification method, apparatus, device, medium, and program product. Background Technology

[0002] To address the issue of unmodifiable errors in existing blockchains, academia and industry have proposed numerous anti-cash-out methods. One mainstream approach is the chameleon hash-based blockchain modification scheme. The idea behind this scheme is to replace the original collision-resistant hash function with a chameleon hash to calculate the hash value of a transaction. This value is stored as a leaf node of a Merkle tree in the blockchain and used as input for calculating the hash chain of the next block. When editing data within a block, a user with a chameleon hash trapdoor can efficiently calculate collisions, revising the data without altering the hash output or disrupting the inter-block connectivity.

[0003] However, in schemes based on chameleon hashing, users with trapdoors can not only modify erroneous or harmful information in the blockchain, but also modify other historical blocks. Thus, if the trapdoor owner is malicious, they can arbitrarily modify historical block information or refuse to modify blocks that should be corrected. This makes the reliability of blockchain content modification dependent on the feasibility of users possessing trapdoors, weakening the reliability of messages within the blockchain. Summary of the Invention

[0004] In view of the above problems, this disclosure provides blockchain modification methods, apparatus, devices, media and program products to improve the reliability of message modification in blockchain.

[0005] A first aspect of this disclosure provides a blockchain modification method applicable to a consortium blockchain system. The method includes: first, with a revising user providing a chameleon hash private key, running a collision algorithm for the chameleon hash function, wherein the inputs are the chameleon hash private key, an original message specified by the revising user, an original hash value corresponding to the original message, an original random number, and a new message specified by the revising user; and outputting a collision random number. Then, based on the ring signature private key provided by the revising user, the public key of the ring member to which the revising user belongs, and the new message, executing a ring signature generation algorithm to generate the revising user's ring signature. Next, generating a second zero-knowledge proof to verify that the modification method of the new message satisfies a preset message modification strategy. Then, based on the collision random number, the original hash value, the revising user's ring signature, and the second zero-knowledge proof, initiating a message modification request to the consortium blockchain system to modify the original message using the new message. Finally, when the message modification request is verified successfully in the consortium blockchain system, modifying the original message using the new message.

[0006] According to an embodiment of this disclosure, after generating the ring signature of the revised user, the method further includes: generating a revised user identity certificate for proving the membership of the revised user based on a random number corresponding to the revised user used in the process of revising the user's ring signature; encrypting the revised user identity certificate using a supervisory encryption public key in the consortium blockchain system to obtain a revised user identity certificate ciphertext; wherein the supervisory encryption private key corresponding to the supervisory encryption public key is kept by a supervisory center in the consortium blockchain system; and attaching the revised user identity certificate ciphertext to the revised user's ring signature.

[0007] According to embodiments of this disclosure, the method further includes: when it is necessary to trace the identity of the revised user, the monitoring center of the consortium blockchain system uses the monitoring encryption private key to decrypt the ciphertext of the revised user's identity certificate to obtain the revised user's identity certificate; and based on the revised user's identity certificate, determining the identity of the revised user.

[0008] According to embodiments of this disclosure, the method further includes the consortium blockchain system verifying the message modification request. Specifically, this includes: first, the validator in the consortium blockchain system runs a verification algorithm to determine the correctness of the chameleon hash by verifying the correspondence between the collision random number, the original random number, and the original hash value. Then, after confirming the chameleon hash is correct, the validity of the ring signature of the revising user in the message modification request is verified. Next, after the ring signature of the revising user is verified as valid, the second zero-knowledge proof is verified. Finally, after the second zero-knowledge proof is verified as valid, the message modification request is determined to have passed verification.

[0009] According to embodiments of this disclosure, the original message is the original message that has not been modified after being uploaded to the consortium blockchain system, or the original message is the message after the last modification.

[0010] According to embodiments of this disclosure, when the original message is an unmodified original message uploaded to the consortium blockchain system, the method further includes writing the original message to the consortium blockchain system before running the collision algorithm of the chameleon hash function. Specifically, this includes: first, generating the original hash value using the chameleon hash function based on the chameleon hash public key, the original message provided by the message writer, and the original random number; then, executing a ring signature generation algorithm to generate the ring signature of the message writer based on the ring signature private key provided by the message writer, the public key of the ring member to which the message writer belongs, and the original message; next, generating a first zero-knowledge proof to verify that the modification method of the original message satisfies the message modification strategy; then, initiating a message writing request to the consortium blockchain system based on the original random number, the original hash value, the ring signature of the message writer, and the first zero-knowledge proof; and finally, writing the original message to the consortium blockchain system when the message writing request is verified successfully.

[0011] According to embodiments of this disclosure, before running the collision algorithm of the chameleon hash function, the method further includes: generating system public parameters based on user-selected security parameters; generating a chameleon hash public key and a chameleon hash private key, as well as a regulatory encryption public key and a regulatory encryption private key based on the public parameters; and disclosing the chameleon hash public key and the regulatory encryption public key in the consortium blockchain system.

[0012] A second aspect of this disclosure provides a blockchain modification device that can be configured in a consortium blockchain. The device includes: a collision algorithm module, a ring signature module, a zero-knowledge proof module, and a message revision module. The collision algorithm module, when a revision user provides a chameleon hash private key, runs a collision algorithm for the chameleon hash function, including: inputting the chameleon hash private key, an original message specified by the revision user, an original hash value corresponding to the original message, an original random number, and a new message specified by the revision user, and outputting a collision random number. The ring signature module, based on the ring signature private key provided by the revision user, the public key of the ring member to which the revision user belongs, and the new message, executes a ring signature generation algorithm to generate the revision user's ring signature. The zero-knowledge proof module generates a second zero-knowledge proof to verify that the modification method of the new message satisfies a preset message modification strategy. The message revision module is configured to: initiate a message modification request to the consortium blockchain system based on the collision random number, the original hash value, the ring signature of the revising user, and the second zero-knowledge proof; and modify the original message using the new message when the message modification request is verified in the consortium blockchain system.

[0013] According to embodiments of this disclosure, the apparatus further includes an identity verification module. The identity verification module is configured to: after generating the ring signature of the revised user, generate a revised user identity verification document for proving the membership of the revised user based on a random number corresponding to the revised user used in the ring signature process; encrypt the revised user identity verification document using a supervisory encryption public key in the consortium blockchain system to obtain a revised user identity verification ciphertext; wherein the supervisory encryption private key corresponding to the supervisory encryption public key is kept by a supervisory center in the consortium blockchain system; and attach the revised user identity verification ciphertext to the revised user's ring signature.

[0014] According to embodiments of this disclosure, the apparatus further includes a monitoring module. The monitoring module is configured to: when it is necessary to trace the identity of the revised user, the monitoring center of the consortium blockchain system uses the monitoring encryption private key to decrypt the ciphertext of the revised user's identity certificate to obtain the revised user's identity certificate; and based on the revised user's identity certificate, determine the identity of the revised user.

[0015] A third aspect of this disclosure provides an electronic device. The electronic device includes one or more processors and a memory. The memory is used to store one or more programs, wherein when the one or more programs are executed by the one or more processors, the one or more processors perform the methods described above.

[0016] A fourth aspect of this disclosure also provides a computer-readable storage medium having executable instructions stored thereon, which, when executed by a processor, cause the processor to perform the methods described above.

[0017] A fifth aspect of this disclosure also provides a computer program product, including a computer program that, when executed by a processor, implements the above-described method.

[0018] The above one or more embodiments have the following advantages or beneficial effects: they can at least partially solve the problem that the reliability of message modification in blockchain modification schemes based on chameleon hashing heavily depends on the feasibility of users possessing trapdoors. By verifying messages uploaded or revised in the consortium blockchain system using zero-knowledge proofs, the modification method is limited to meet a preset message modification strategy, thus enhancing the reliability of message modification in the blockchain. Moreover, signing messages uploaded or revised in the consortium blockchain system using users' ring signatures not only ensures the anonymity of messages on the consortium blockchain but also limits the scope of modifying users, and the integrity of messages can be guaranteed through signature verification.

[0019] Furthermore, in some embodiments, attaching the ciphertext of identity verification encrypted with the public key of the regulatory center to the ring signature enables the regulatory center of the consortium blockchain system to exercise its review function when necessary, trace malicious users who maliciously upload or modify messages, and further improve the reliability of message modification in the consortium blockchain system. Attached Figure Description

[0020] The foregoing contents, as well as other objects, features, and advantages of this disclosure, will become clearer from the following description of embodiments with reference to the accompanying drawings, in which:

[0021] Figure 1 A schematic diagram illustrates a consortium blockchain system in which a blockchain modification method according to an embodiment of the present disclosure is applied;

[0022] Figure 2 A flowchart illustrating a blockchain modification method according to an embodiment of the present disclosure is shown schematically.

[0023] Figure 3 This schematically illustrates a flowchart of appending ciphertext to a ring signature in a blockchain modification method according to an embodiment of the present disclosure;

[0024] Figure 4 This illustration schematically shows a flowchart of uploading the original message in a blockchain modification method according to another embodiment of this disclosure;

[0025] Figure 5 The implementation flow of a blockchain modification method according to yet another embodiment of this disclosure is illustrated schematically;

[0026] Figure 6 A flowchart illustrating another embodiment of the blockchain modification method of this disclosure is shown schematically;

[0027] Figure 7 A block diagram of a blockchain modification apparatus according to embodiments of the present disclosure is schematically shown; and

[0028] Figure 8 A block diagram schematically illustrates an electronic device suitable for implementing a blockchain modification method according to embodiments of the present disclosure. Detailed Implementation

[0029] The embodiments of the present disclosure will now be described with reference to the accompanying drawings. However, it should be understood that these descriptions are exemplary only and are not intended to limit the scope of the disclosure. In the following detailed description, numerous specific details are set forth to provide a thorough understanding of the embodiments of the present disclosure for ease of explanation. However, it will be apparent that one or more embodiments may be practiced without these specific details. Furthermore, descriptions of well-known structures and techniques are omitted in the following description to avoid unnecessarily obscuring the concepts of the present disclosure.

[0030] The terminology used herein is for the purpose of describing particular embodiments only and is not intended to limit this disclosure. The terms “comprising,” “including,” etc., as used herein indicate the presence of the stated features, steps, operations, and / or components, but do not exclude the presence or addition of one or more other features, steps, operations, or components.

[0031] All terms used herein (including technical and scientific terms) have the meanings commonly understood by those skilled in the art, unless otherwise defined. It should be noted that the terms used herein are to be interpreted in a manner consistent with the context of this specification, and not in an idealized or overly rigid way.

[0032] When expressions such as "at least one of A, B, and C" are used, they should generally be interpreted in accordance with the meaning commonly understood by those skilled in the art (e.g., "a system having at least one of A, B, and C" should include, but is not limited to, systems having only A, only B, only C, A and B, A and C, B and C, and / or systems having A, B, and C, etc.). The terms "first," "second," etc., used herein are for distinction only and have no limiting meaning, and the number of any elements in the accompanying drawings is for illustrative purposes only and not for limitation.

[0033] This disclosure provides a blockchain modification method, apparatus, device, medium, and program product that can be applied to consortium blockchain systems and can effectively modify erroneous information and harmful content in consortium blockchains (such as financial blockchains).

[0034] Specifically, the blockchain modification scheme of this disclosure is constructed based on zero-knowledge proofs that satisfy a preset message modification policy, verifiable ring signatures, and chameleon hashes that resist key leakage. The addition and proof of the message modification policy are intended to limit the permissible modification segments in the message, preventing the loss and tampering of important information. When a user in the consortium blockchain system discovers an error or malicious information in a transaction that needs modification, a member of the signature ring set by the data owner performs the revision operation. The revising user first uses their hash trapdoor to find a collision random number, then uses their own ring member private key to generate a ring signature for the new message, and encrypts the identity verification of the signature using the public key of the consortium blockchain system's monitoring center (hereinafter referred to as the monitoring center's encrypted public key) to achieve accountability.

[0035] It should be noted that the blockchain modification methods, apparatus, devices, media, and program products determined in the embodiments of this disclosure can be used in the financial field, or in any field other than the financial field. This disclosure does not limit the application field.

[0036] Figure 1A schematic diagram of a consortium blockchain system applying a blockchain modification method according to an embodiment of the present disclosure is shown.

[0037] like Figure 1 As shown, the consortium blockchain system 100 may include multiple nodes (e.g., 101-108 in the example diagram). These multiple nodes 101-108 can communicate with each other. Each node corresponds to one or more databases, and these multiple nodes can form a globally distributed, collaboratively operating database storage system. Any node can perform read and write operations in its corresponding database, and other nodes will synchronize according to a certain mechanism, thereby achieving complete data consistency in the databases corresponding to all nodes in the consortium blockchain system 100.

[0038] In the consortium blockchain system 100, there can be multiple regulatory center nodes. Other nodes need to obtain authorization from the regulatory center nodes to join or leave the network. Only the regulatory center nodes can package transactions to generate new blocks. All regulatory center nodes jointly manage the blockchain and maintain the healthy operation of the consortium blockchain system 100.

[0039] The blockchain modification method of this disclosure can be executed by a consortium blockchain system 100 for modifying error information and malicious content in blocks within the consortium blockchain system 100. Accordingly, the blockchain modification apparatus, device, medium, and program product of this disclosure can be installed in various nodes of the consortium blockchain system 100 (such as each of nodes 101 to 108 or a regulatory center node).

[0040] The following will be based on Figure 1 The described alliance connection system 100, through Figures 2-6 The blockchain modification method according to embodiments of this disclosure will be described in detail. It should be noted that the sequence numbers of each operation in the following methods are for descriptive purposes only and should not be considered as indicating the execution order of the operations. Unless explicitly stated otherwise, the method does not need to be executed in the exact order shown.

[0041] Figure 2 A flowchart illustrating a blockchain modification method according to an embodiment of the present disclosure is shown.

[0042] like Figure 2 As shown, the blockchain modification method according to this embodiment may include operations S210 to S250.

[0043] First, in operation S210, when the revising user provides a Chameleon Hash private key, the collision algorithm of the Chameleon Hash function is run, and a collision random number is output. When the revising user provides a Chameleon Hash private key, it can be determined that the revising user is a user with a hash trapdoor, thus allowing the Chameleon Hash function's collision algorithm to be run.

[0044] Specifically, when running the collision algorithm of the Chameleon Hash function, the inputs are the Chameleon Hash private key, the original message specified by the user for revision, the original hash value and the original random number corresponding to the original message, and the new message specified by the user for revision, and the output is the collision random number.

[0045] Chameleon hash functions are also known as trapdoor hashes. Users with a trapdoor can effectively calculate hash collisions, meaning they can change the input message content while maintaining the original hash value. When the trapdoor is unknown, chameleon hashes also satisfy the traditional collision resistance property (i.e., different input messages result in different output hash values). Therefore, they can be applied to scenarios such as clean signatures and editable blockchains.

[0046] In this embodiment of the disclosure, the user with the trapdoor runs the collision algorithm of the chameleon hash function, which can generate a collision random number corresponding to the new message. After performing chameleon hash calculation on the new message using the collision random number, the resulting hash value is the original hash value mentioned above, thus providing the precondition for modifying the original message using the new message in the consortium blockchain system 100.

[0047] Then, in operation S220, based on the ring signature private key provided by the revised user, the public key of the ring member to which the revised user belongs, and the new message, the ring signature generation algorithm is executed to generate the revised user's ring signature. The revised user's ring signature is used to sign the new message. Through ring signature, the anonymity of the revised user in the consortium blockchain system 100 is guaranteed.

[0048] Simultaneously, in operation S230, a second zero-knowledge proof is generated to verify that the modification method of the new message satisfies the preset message modification strategy. According to embodiments of this disclosure, the original message has also passed the zero-knowledge proof verification, and its modification method also satisfies the message modification strategy.

[0049] Next, in operation S240, based on the collision random number, the original hash value, the revised user's ring signature, and the second zero-knowledge proof, a message modification request is sent to the consortium blockchain system 100 to modify the original message using the new message.

[0050] Finally, in operation S250, when the message modification request is verified in the consortium blockchain system 100, the original message is modified using the new message.

[0051] Specifically, the process of verifying a message modification request in a consortium blockchain system can be as follows: First, the validators in consortium blockchain system 100 run a verification algorithm to determine the correctness of the chameleon hash by verifying the correspondence between the collision random number, the original random number, and the original hash value. Then, after confirming the chameleon hash is correct, the validity of the ring signature of the revising user in the message modification request is verified. When the revising user's ring signature is verified as valid, it indicates that the new message is complete and tamper-proof. Next, the second zero-knowledge proof is verified. After the second zero-knowledge proof is verified, it can be determined that the modification method of the new message meets the predetermined modification method, such as modifying only certain fragments of content in the new message. If all the above verifications pass, the message modification request is deemed verified. In consortium blockchain system 100, when all nodes (such as nodes 101-108) or multiple supervisory center nodes reach a consensus on their respective verification results according to the consensus mechanism and the verification is passed, the original message can be modified by the new message in the consortium blockchain.

[0052] Figure 3 The flowchart illustrating the appending of identity verification ciphertext to a ring signature in a blockchain modification method according to an embodiment of the present disclosure is shown.

[0053] Combination Figure 2 and Figure 3 While generating the ring signature in operation S220, identity verification ciphertext can be generated through operations S221 to S223, and this identity verification ciphertext can be attached to the ring signature.

[0054] Specifically, in operation S221, a revised user identity certificate is generated based on the random number corresponding to the revised user used in the process of revising the user's ring signature. This certificate is used to prove the revised user's membership.

[0055] Then, in operation S222, the supervisory encryption public key in the consortium blockchain system 100 is used to encrypt the revised user identity certificate to obtain the revised user identity certificate ciphertext; wherein, the supervisory encryption private key corresponding to the supervisory encryption public key is kept by the supervisory center in the consortium blockchain system 100.

[0056] Next, in operation S223, the revised user's identity verification ciphertext is attached to the revised user's ring signature.

[0057] The ring signature used in messages uploaded to the consortium blockchain system 100 includes ciphertext of the reviser's identity verification. When it is necessary to trace the identity of the reviser, the monitoring center of the consortium blockchain system 100 uses the monitoring encryption private key to decrypt the ciphertext of the reviser's identity verification, obtaining the reviser's identity verification, and then can determine the identity of the reviser based on the reviser's identity verification.

[0058] In one embodiment, the original message is the original message uploaded to the consortium blockchain system 100 without modification, thus the above... Figure 2 and Figure 3 The method flow shown represents the first modification of the original message. In another embodiment, the original message is the message after the last modification, thus the above... Figure 2 and Figure 3 The method flow shown is a further modification of the message after the previous modification. This means that after the original message is uploaded to the consortium blockchain system 100, it can be modified again through the above... Figure 2 and Figure 3 The method flow shown has been modified multiple times. For example, when a message modification is found to be malicious, users of the monitoring center of the consortium blockchain system 100 can use the above... Figure 2 and Figure 3 The method flow shown is corrected.

[0059] When the original message is the original message that has not been modified after being uploaded to the consortium blockchain system 100, the method further includes writing the original message to the consortium blockchain system 100 before running the collision algorithm of the chameleon hash function in the above-mentioned operation S210. In one embodiment, the process of writing the original message to the consortium blockchain system 100 can be referred to Figure 4 The illustration.

[0060] Figure 4 The flowchart illustrating the uploading of the original message in a blockchain modification method according to another embodiment of this disclosure is shown.

[0061] like Figure 4 As shown, writing the original message to the consortium blockchain system 100 may include operations S410 to S450.

[0062] First, in the S410 operation, based on the Chameleon hash public key, the original message provided by the message writer, and the original random number, the Chameleon hash function is used to generate the original hash value.

[0063] The user uploading the message can be any user in the consortium blockchain system 100. When uploading a message to the consortium blockchain system 100, the message writer can find the Chameleon Hash public key from the consortium blockchain system 100, then select a raw random number, specify the message to be uploaded (i.e., the original message), and the Chameleon Hash function can generate the raw hash value corresponding to the original message.

[0064] Then, in operation S420, based on the ring signature private key provided by the message writer, the public key of the ring member to which the message writer belongs, and the original message, the ring signature generation algorithm is executed to generate the ring signature of the message writer.

[0065] At the same time, in S430, a first zero-knowledge proof can be generated to verify that the modification of the original message satisfies the message modification policy.

[0066] Next, in operation S440, based on the original random number, the original hash value, the ring signature of the message writer user, and the first zero-knowledge proof, a message writing request to write the original message is initiated to the consortium blockchain system 100.

[0067] Finally, in operation S450, when the message write request is verified successfully in the consortium blockchain system 100, the original message is written into the consortium blockchain system 100. The process of verifying the message write request in operation S450 is similar to the process of verifying the message revision request in operation S250, requiring verification of the correspondence between the original random number, the original hash value, and the original message; the validity of the ring signature of the message writer; and the first zero-knowledge proof.

[0068] Messages written into the consortium blockchain system 100 in this way satisfy the collision resistance of chameleon hash and have the possibility of being modified by users who own chameleon hash trapdoors. At the same time, message modifications must be made in accordance with the predetermined message modification strategy, which improves the reliability of message modifications in the consortium blockchain 100.

[0069] Figure 5 The implementation flow of a blockchain modification method according to yet another embodiment of this disclosure is illustrated.

[0070] like Figure 5 As shown, the process includes three stages: the first stage is when the message writing user uploads the original message in the consortium blockchain system 100; the second stage is when the revision user with the trapdoor modifies the original message into a new message in the consortium blockchain system 100; and the third stage is when the monitoring center in the consortium blockchain system 100 reviews the identity of the message writing user or revision user, etc.

[0071] The hash function used in the consortium blockchain system 100 is specifically the chameleon hash function. The chameleon hash function is also known as a trapdoor hash. Users with a trapdoor can effectively calculate hash collisions, change the input message content, and maintain the hash value. When the trapdoor is unknown, the chameleon hash also satisfies the traditional collision resistance property, thus it can be applied to scenarios such as clean signatures and editable blockchains.

[0072] The Chameleon hash function consists of the following four algorithms:

[0073] System generation algorithm: Input security parameters, output system common parameters;

[0074] Key generation algorithm: Input common parameters, the algorithm outputs the chameleon hash public key and trapdoor key;

[0075] Hash generation algorithm: Input the public key of the chameleon hash, the message, and a random number, and output the hash value of the chameleon;

[0076] Collision generation algorithm: Input the trapdoor key of the chameleon hash, the message, the random number, and the new message. The algorithm outputs a collision random number that satisfies the condition.

[0077] The Chameleon hash function satisfies the following security requirements: (1) Collision resistance: Given the Chameleon hash public key, any two pairs of messages and random numbers, where is computationally infeasible. (2) Trapdoor collision resistance: Given a Chameleon hash trapdoor, for a given message and random number, collision random numbers can be efficiently calculated.

[0078] Figure 6 A flowchart illustrating another embodiment of the blockchain modification method of this disclosure is shown.

[0079] like Figure 6 As shown, the blockchain modification method of this embodiment may include operations S10 to S50. Combined with... Figure 5 In operations S10 to S50: Operation S10 pertains to preparatory work during the formation of the consortium blockchain system 100; operation S20 pertains to... Figure 5 The first stage described in the text, operation S30 belongs to Figure 5 The second stage described in the text, operation S50 belongs to Figure 5 The third stage described in the text, while operation S40 belongs to the verification process before data is uploaded to the blockchain, can be... Figure 5 It is invoked in all three stages described in the text.

[0080] Combination Figure 5 and Figure 6 The specific details are as follows.

[0081] First, in S10: select security parameters and generate publicly available system parameters.

[0082] Specifically, generating publicly available system parameters includes the following operations S11 to S12.

[0083] S11. The creator of the consortium blockchain system 100 selects a security parameter k, selects a group G with order q and generator g for the key center, and selects a hash function H. Then, the system public parameter pp = (G, q, g, H) is output.

[0084] S12. Input the public parameter pp generated in S11, and output the Chameleon Hash public key and the regulatory encryption public key in the consortium blockchain system 100.

[0085] Specifically, firstly, the creator of the consortium blockchain system 100 selects a random number x and calculates the chameleon hash public key as pk.CH The value of h = g x The corresponding chameleon hash private key sk CH The value of is x.

[0086] Meanwhile, the creators of the consortium blockchain system 100 can input a security parameter k, run the public key generation algorithm of the regulatory center, and calculate the regulatory center's encrypted public key pk. enc and the regulatory center's encrypted private key sk enc .

[0087] Then, in the consortium blockchain system 100, the chameleon hash public key and the regulatory center public key pk = (pk enc , pk CH The private keys corresponding to the Chameleon Hash public key and the regulatory center public key are kept by an authoritative institution (such as multiple regulatory center nodes) in the consortium blockchain system 100.

[0088] Among them, the Chameleon Hash public key and the Chameleon Hash private key are used when calculating hash values ​​through the Chameleon Hash function, and the regulatory center encryption public key and the regulatory center encryption private key are used to encrypt and decrypt messages written to the consortium blockchain system 100, or to encrypt and decrypt user identity certificates in the consortium blockchain system 100.

[0089] Then in S20: Based on the system public parameters generated in S10, the original hash value corresponding to the original message m to be written is calculated using the chameleon hash function, and a ring signature of the message writer is generated. A first zero-knowledge proof satisfying the preset message modification strategy is also calculated, and then an application is made to write the original message m into the consortium blockchain. Specifically, after the verification algorithm in S40 verifies the application to write the original message m, the original message m is written.

[0090] Specifically, S20 includes the following operations S21 to S26.

[0091] S21. Input the chameleon hash public key h = g output from S12. x The original message m to be uploaded is written with a user-selected random number r. The Chameleon hash function is used to calculate e = H(L), generating the original hash value H = g corresponding to the original message m. H(m) (g e h) r .

[0092] S22. Input the publicly available system parameters pp = (G, q, g, H) and generate the message written to the user's own private key.

[0093] Specifically, in the consortium blockchain system, 100 selects a prime number p, the message writer selects a random number S as their private key, and outputs their public key g. s .

[0094] S23, The message is written to the user to execute the ring signature generation algorithm.

[0095] First, a symmetric encryption key is generated using k = H1(m). Then, a random number V is selected, and simultaneously, a random number (α) is selected for each ring member i in the ring where the message is written to the user. i ,β i ), and calculate z i =f i (α i ,β i ).

[0096] S24, The message is written to the user using the z generated for all ring members in S23. i Solve the ring signature equation C k,v (z1, z2, ..., z i , ..., z s = v. Here, assuming the message writer is member s in the ring, the trapdoor permutation function publicly available on the consortium blockchain system 100 is then used to obtain... The output message is written to the user's ring signature σ=(v,(α1,β1),(α2,β2),...(α s ,β s )) and attach the user's identity verification π=g to the ring signature. s k .

[0097] S25. To prevent the signer's identity from being leaked, the generated identity certificate π is encrypted using the public key of the monitoring center from S12, ENC(pk). enc ,π), and obtain the ciphertext c for identity verification.

[0098] S26. To ensure that the original message m to be uploaded in S21 satisfies the preset message modification strategy δ, generate the following first zero-knowledge proof a:

[0099] FS.NIPIOK{m,δ i , π: δ i (m i )=1∧φ(δ1,...,δ n )∧ENC(pk enc ,π)}.

[0100] Next, in S30: based on the original hash value corresponding to the original message m generated in S20, revise the user-provided Chameleon Hash private key, apply its own ring membership, calculate the hash collision, generate a collision random number, and apply to modify the original message m using the new message m' in the consortium blockchain system 100. Specifically, after successful verification using the verification algorithm in S40, the original message m is modified using the new message m'.

[0101] Specifically, S30 may include the following operations S31 to S34.

[0102] S31. The modified user with the trapdoor runs the collision algorithm of the Chameleon Hash function and outputs the collision random number corresponding to the new message m'.

[0103] Specifically, when running the collision algorithm of the Chameleon hash function, the input Chameleon hash private key sk is... CH The original hash value, the original random number r, and the new message m′ calculated in S21 above are used to calculate the collision random number g. r′ =g r g [H(m )-H(m′) / x+e ].

[0104] S32. Revise the user's private key, referring to steps S22-S24 above, generate the revised user's ring signature, and attach the revised user's identity verification π′.

[0105] S33. To prevent the signer's identity from being leaked, the public key of the monitoring center in S12 is used to encrypt the generated revised user identity certificate π′ using ENC(pk). enc ,π′), thus obtaining the revised user identity verification ciphertext c′.

[0106] S34. Referring to step S26, generate a second zero-knowledge proof α′ for the new message m′ to prove that the modification method of the new message m′ satisfies the message modification strategy δ.

[0107] According to the embodiments of this disclosure, before uploading data to the consortium blockchain system 100 in S20 or S30, it needs to go through the verification process in S40. That is, whether it is the original message m being uploaded to the chain in S20 or the new message m' being uploaded to the chain in S30, it must go through the consensus verification of multiple nodes in the consortium blockchain system 100 according to the verification process in S40. Only after the verification is passed can the data be uploaded to the chain.

[0108] Specifically, in S40: verification of data before it is uploaded to the blockchain in the consortium blockchain system 100. This involves using a chameleon hash public key and ring member public keys to verify the correctness and integrity of the hash value and ring signature corresponding to the uploaded message. S40 can specifically include S41 to S43.

[0109] S41. First, the verifier obtains the message m (or m') to be uploaded, the hash value corresponding to the message to be uploaded, and the first zero-knowledge proof (or the second zero-knowledge proof) from S20 (or S30). Then, the verifier runs the verification algorithm.

[0110] Specifically, when revising the original message m by modifying the user-uploaded modified message m', the verification algorithm first calculates F = H / g. H(m) Then through verification (g r g e To determine the correctness of the Chameleon hash, we need to determine whether h,F) is a Diffif-Hellman tuple.

[0111] S42. If step S41 passes the verification, then verify the validity of the ring signature. Specifically, for each ring member, the verifier calculates z. i =f i (α i ,β i The encryption key is obtained by hashing the message to be uploaded, and then the following equation is verified: C k,v (z1, z2, ..., z s =v, in order to verify the correctness of the signature.

[0112] S43. Verify the first zero-knowledge proof (or the second zero-knowledge proof) to verify whether the message to be uploaded satisfies the predetermined message modification strategy.

[0113] According to embodiments of this disclosure, operation S50 may be included after operation S20 and / or operation S30.

[0114] In S50: The monitoring center calls the verification algorithm of S40 to verify the hash value corresponding to the message uploaded to the consortium blockchain system 100, and decrypts the ciphertext of the signature user's identity certificate through the monitoring center's encrypted public key, thereby tracing the identity of the malicious modifier.

[0115] Specifically, S50 may include S51 and S52.

[0116] S51, the monitoring center uses the monitoring center's encrypted private key sk corresponding to the monitoring center's encrypted public key. enc Decrypt the ciphertext of the identity verification generated in S25 and S33 to obtain the identity verification g of the signer. s k =DEC(sk enc c), through The random number α corresponding to the signing user among the ring members used in the process of generating the ring signature is calculated. s This allows us to identify the person who signed the uploaded message.

[0117] S52, Based on the random number α s The value allows the monitoring center to locate the message uploader, A. s If the message is maliciously modified, then the uploader A can be identified. s This refers to a malicious user within the consortium blockchain system 100.

[0118] In this embodiment of the disclosure, ring signatures are used to ensure the anonymity of message uploads or revisions.

[0119] At the same time, attaching the ciphertext of identity verification encrypted with the public key of the regulatory center to the ring signature allows the regulatory center of the consortium blockchain system to exercise its review function and trace malicious users who maliciously upload or modify messages when necessary.

[0120] Furthermore, in this embodiment, messages uploaded or revised to the consortium blockchain system are verified using zero-knowledge proofs to ensure that message modifications meet a predetermined message modification strategy. This limits the methods of message modification and enhances the reliability of message modification in the blockchain.

[0121] Based on the aforementioned blockchain modification method applied to consortium blockchain systems, this disclosure also provides a blockchain modification device configured in a consortium blockchain system. The following will be combined with... Figure 7 The device 700 is described in detail.

[0122] Figure 7 A block diagram of a blockchain modification device 700 according to an embodiment of the present disclosure is shown schematically.

[0123] like Figure 7 As shown, according to some embodiments of this disclosure, the device 700 may include a collision algorithm module 710, a ring signature module 720, a zero-knowledge proof module 730, and a message revision module 740. According to other embodiments of this disclosure, the device 700 may further include at least one of an identity verification module 750, a monitoring module 760, a message writing module 770, and a verification module 780. The device 700 may be configured in the consortium blockchain system 100, for example, deployed in each node of the consortium blockchain system 100, for performing reference... Figures 2-6 The blockchain modification method described herein.

[0124] The collision algorithm module 710 is used to run a collision algorithm for the chameleon hash function when the user-provided chameleon hash private key is revised. This includes: inputting the chameleon hash private key, revising the original message specified by the user, the original hash value corresponding to the original message and the original random number, and revising the new message specified by the user, and outputting a collision random number. In one embodiment, the collision algorithm module 710 can perform the operation S210 described above.

[0125] The ring signature module 720 can be used to generate a ring signature for the revising user by executing a ring signature generation algorithm based on the ring signature private key provided by the revising user, the public key of the ring member to which the revising user belongs, and the new message during the process of the revising user modifying the original message with a new message. In one embodiment, the ring signature module 720 can perform the operation S220 described above.

[0126] The zero-knowledge proof module 730 can be used to generate a second zero-knowledge proof to verify that the modification method of the new message satisfies a preset message modification strategy during the process of revising an original message modified by a user using a new message. In one embodiment, the zero-knowledge proof module 730 can perform the operation S230 described above.

[0127] The message revision module 740 is used to: initiate a message modification request to the consortium blockchain system based on the collision random number, the original hash value, the ring signature of the revising user, and the second zero-knowledge proof; and modify the original message using the new message when the message modification request is verified and approved in the consortium blockchain system. In one embodiment, the message revision module 740 can perform the operations S240 and S250 described above.

[0128] The identity verification module 750, during the process of modifying an original message using a new message, after generating the ring signature of the revising user, generates a revised user identity certificate based on the random number corresponding to the revising user used in the ring signature process. Then, it encrypts the revised user identity certificate using the supervisory public key in the consortium blockchain system to obtain the ciphertext of the revised user identity certificate. Finally, it appends the ciphertext of the revised user identity certificate to the ring signature of the revising user. In one embodiment, the identity verification module 750 can perform operations S221 to S223 as described above.

[0129] The monitoring module 760 can be used to, after a message is uploaded to the consortium blockchain system, when it is necessary to trace the identity of the revised user, the monitoring center of the consortium blockchain system uses the monitoring encryption private key to decrypt the ciphertext of the revised user's identity certificate, obtain the revised user's identity certificate, and then determine the identity of the revised user based on the revised user's identity certificate.

[0130] The message writing module 770 is used to write the original message to the consortium blockchain system. Specifically, when writing a message rather than modifying a message in the consortium blockchain system, the ring signature module 720 can be called to generate the ring signature of the message writer, and the zero-knowledge proof module 730 can be called to generate the first zero-knowledge proof corresponding to the written original message.

[0131] Specifically, the ring signature module 720 can also be used to generate a ring signature for the message writer by executing a ring signature generation algorithm based on the ring signature private key provided by the message writer, the public key of the ring member to which the message writer belongs, and the original message.

[0132] The zero-knowledge proof module 730 can also be used to generate a first zero-knowledge proof to verify that the modification of the original message satisfies the message modification policy.

[0133] Accordingly, the message writing module 770 can be used to: firstly, generate an original hash value using the Chameleon hash function based on the Chameleon hash public key, the original message provided by the message writing user, and the original random number; then, initiate a message writing application to the consortium blockchain system based on the original random number, the original hash value, the ring signature of the message writing user, and the first zero-knowledge proof; finally, when the message writing application is verified in the consortium blockchain system, write the original message in the consortium blockchain system.

[0134] The verification module is used to verify requests to be uploaded to the consortium blockchain system, such as message modification requests or message write requests. Specifically, the message revision module 740 or the message write module 770 needs to call the verification module 780 to verify the uploaded message during the process of uploading a new message or the original message to the consortium blockchain system. Validators with verification qualifications in the consortium blockchain system run the verification module 780 to perform consensus verification on the message modification request or message write request, and only after the verification is successful will the message be uploaded to the blockchain.

[0135] For example, when the message revision module 740 calls the verification module 780 to verify the message modification request, the verification module 780 can determine the correctness of the chameleon hash by verifying the correspondence between the collision random number, the original random number, and the original hash value. After determining that the chameleon hash is correct, it verifies the validity of the ring signature of the revising user in the message modification request. After the ring signature of the revising user is verified to be valid, it verifies the second zero-knowledge proof. After the second zero-knowledge proof is verified to be valid, it determines that the message modification request has been verified.

[0136] Accordingly, when the message writing module 770 calls the verification module 780 to verify the message writing application, the verification module 780 can be used to determine the correctness of the hash value by verifying the correspondence between the original random number, the original message and the original hash value. After determining that the hash value is correct, it verifies the validity of the ring signature of the message writing user in the message writing application. After the ring signature of the message writing user is verified to be valid, it verifies the first zero-knowledge proof. After the first zero-knowledge proof is verified to be valid, it determines that the message writing application has been verified.

[0137] According to embodiments of this disclosure, any and multiple modules among the collision algorithm module 710, ring signature module 720, zero-knowledge proof module 730, message revision module 740, identity verification module 750, monitoring module 760, message writing module 770, and verification module 780 can be combined into one module, or any one of these modules can be split into multiple modules. Alternatively, at least some of the functionality of one or more of these modules can be combined with at least some of the functionality of other modules and implemented in one module. According to embodiments of this disclosure, at least one of the collision algorithm module 710, ring signature module 720, zero-knowledge proof module 730, message revision module 740, identity verification module 750, monitoring module 760, message writing module 770, and verification module 780 can be at least partially implemented as hardware circuits, such as field-programmable gate arrays (FPGAs), programmable logic arrays (PLAs), systems-on-a-chip, systems-on-a-substrate, systems-on-package, application-specific integrated circuits (ASICs), or any other reasonable means of integrating or packaging circuits, or implemented in software, hardware, or firmware, or in any suitable combination of any of these three implementation methods. Alternatively, at least one of the collision algorithm module 710, ring signature module 720, zero-knowledge proof module 730, message revision module 740, identity verification module 750, monitoring module 760, message writing module 770, and verification module 780 can be at least partially implemented as computer program modules, which can perform corresponding functions when the computer program module is run.

[0138] Figure 8 A block diagram schematically illustrates an electronic device suitable for implementing a blockchain modification method according to embodiments of the present disclosure.

[0139] like Figure 8As shown, an electronic device 800 according to an embodiment of this disclosure includes a processor 801, which can perform various appropriate actions and processes according to a program stored in a read-only memory (ROM) 802 or a program loaded from a storage portion 808 into a random access memory (RAM) 803. The processor 801 may include, for example, a general-purpose microprocessor (e.g., a CPU), an instruction set processor and / or an associated chipset and / or a special-purpose microprocessor (e.g., an application-specific integrated circuit (ASIC)), etc. The processor 801 may also include onboard memory for caching purposes. The processor 801 may include a single processing unit or multiple processing units for performing different actions of the method flow according to an embodiment of this disclosure.

[0140] RAM 803 stores various programs and data required for the operation of electronic device 800. Processor 801, ROM 802, and RAM 803 are interconnected via bus 804. Processor 801 performs various operations of the method flow according to embodiments of the present disclosure by executing programs in ROM 802 and / or RAM 803. It should be noted that the programs may also be stored in one or more memories other than ROM 802 and RAM 803. Processor 801 may also perform various operations of the method flow according to embodiments of the present disclosure by executing programs stored in said one or more memories.

[0141] According to embodiments of this disclosure, the electronic device 800 may further include an input / output (I / O) interface 805, which is also connected to a bus 804. The electronic device 800 may also include one or more of the following components connected to the I / O interface 805: an input section 806 including a keyboard, mouse, etc.; an output section 807 including a cathode ray tube (CRT), liquid crystal display (LCD), etc., and a speaker, etc.; a storage section 808 including a hard disk, etc.; and a communication section 809 including a network interface card such as a LAN card, modem, etc. The communication section 809 performs communication processing via a network such as the Internet. A drive 810 is also connected to the I / O interface 805 as needed. A removable medium 811, such as a disk, optical disk, magneto-optical disk, semiconductor memory, etc., is installed on the drive 810 as needed so that computer programs read from it can be installed into the storage section 808 as needed.

[0142] This disclosure also provides a computer-readable storage medium, which may be included in the device / apparatus / system described in the above embodiments; or it may exist independently and not assembled into the device / apparatus / system. The computer-readable storage medium carries one or more programs that, when executed, implement the method according to the embodiments of this disclosure.

[0143] According to embodiments of this disclosure, the computer-readable storage medium may be a non-volatile computer-readable storage medium, such as including, but not limited to: portable computer disks, hard disks, random access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), portable compact disk read-only memory (CD-ROM), optical storage devices, magnetic storage devices, or any suitable combination thereof. In this disclosure, the computer-readable storage medium may be any tangible medium that contains or stores a program that can be used by or in conjunction with an instruction execution system, apparatus, or device. For example, according to embodiments of this disclosure, the computer-readable storage medium may include ROM 802 and / or RAM 803 and / or one or more memories other than ROM 802 and RAM 803 described above.

[0144] Embodiments of this disclosure also include a computer program product comprising a computer program containing program code for performing the methods shown in the flowchart. When the computer program product is run on a computer system, the program code is used to cause the computer system to implement the methods provided in the embodiments of this disclosure.

[0145] When the computer program is executed by the processor 801, it performs the functions defined in the system / apparatus of this disclosure embodiments. According to embodiments of this disclosure, the systems, apparatuses, modules, units, etc., described above can be implemented by computer program modules.

[0146] In one embodiment, the computer program may rely on a tangible storage medium such as an optical storage device or a magnetic storage device. In another embodiment, the computer program may also be transmitted and distributed in the form of signals over a network medium, and may be downloaded and installed via the communication section 809, and / or installed from a removable medium 811. The program code contained in the computer program can be transmitted using any suitable network medium, including but not limited to: wireless, wired, etc., or any suitable combination thereof.

[0147] In such an embodiment, the computer program can be downloaded and installed from a network via communication section 809, and / or installed from removable medium 811. When the computer program is executed by processor 801, it performs the functions defined in the system of this disclosure embodiment. According to embodiments of this disclosure, the systems, devices, apparatuses, modules, units, etc., described above can be implemented by computer program modules.

[0148] According to embodiments of this disclosure, program code for executing the computer programs provided in embodiments of this disclosure can be written in any combination of one or more programming languages. Specifically, these computational programs can be implemented using high-level procedural and / or object-oriented programming languages, and / or assembly / machine languages. Programming languages ​​include, but are not limited to, languages ​​such as Java, C++, Python, "C", or similar programming languages. The program code can execute entirely on the user's computing device, partially on the user's device, partially on a remote computing device, or entirely on a remote computing device or server. In cases involving remote computing devices, the remote computing device can be connected to the user's computing device via any type of network, including a local area network (LAN) or a wide area network (WAN), or it can be connected to an external computing device (e.g., via the Internet using an Internet service provider).

[0149] The flowcharts and block diagrams in the accompanying drawings illustrate the architecture, functionality, and operation of possible implementations of systems, methods, and computer program products according to various embodiments of this disclosure. In this regard, each block in a flowchart or block diagram may represent a module, segment, or portion of code containing one or more executable instructions for implementing a specified logical function. It should also be noted that in some alternative implementations, the functions indicated in the blocks may occur in a different order than those indicated in the drawings. For example, two consecutively indicated blocks may actually be executed substantially in parallel, and they may sometimes be executed in reverse order, depending on the functions involved. It should also be noted that each block in a block diagram or flowchart, and combinations of blocks in a block diagram or flowchart, may be implemented using a dedicated hardware-based system that performs the specified function or operation, or using a combination of dedicated hardware and computer instructions.

[0150] Those skilled in the art will understand that the features described in the various embodiments and / or claims of this disclosure can be combined and / or combined in various ways, even if such combinations or combinations are not explicitly described in this disclosure. In particular, the features described in the various embodiments and / or claims of this disclosure can be combined and / or combined in various ways without departing from the spirit and teachings of this disclosure. All such combinations and / or combinations fall within the scope of this disclosure.

[0151] The embodiments of this disclosure have been described above. However, these embodiments are for illustrative purposes only and are not intended to limit the scope of this disclosure. Although various embodiments have been described above, this does not mean that the measures in the various embodiments cannot be used advantageously in combination. The scope of this disclosure is defined by the appended claims and their equivalents. Various substitutions and modifications can be made by those skilled in the art without departing from the scope of this disclosure, and all such substitutions and modifications should fall within the scope of this disclosure.

Claims

1. A blockchain modification method applied to a consortium blockchain system, the method comprising: When the revising user provides a Chameleon Hash private key, the collision algorithm of the Chameleon Hash function is run, including: inputting the Chameleon Hash private key, the original message specified by the revising user, the original hash value and the original random number corresponding to the original message, and the new message specified by the revising user, and outputting a collision random number; Based on the ring signature private key provided by the revising user, the public key of the ring member to which the revising user belongs, and the new message, a ring signature generation algorithm is executed to generate the ring signature of the revising user; Generate a second zero-knowledge proof to verify that the modification method of the new message satisfies a preset message modification strategy; Based on the collision random number, the original hash value, the ring signature of the revising user, and the second zero-knowledge proof, a message modification request is initiated to the consortium blockchain system to modify the original message using the new message; and When the message modification request is verified in the consortium blockchain system, the original message is modified using the new message.

2. The method according to claim 1, wherein, After generating the ring signature of the revised user, the method further includes: Based on the random number corresponding to the revised user used in the process of revising the user's ring signature, a revised user identity certificate is generated to prove the revised user's membership identity; The revised user identity certificate is encrypted using the supervisory encryption public key in the consortium blockchain system to obtain the revised user identity certificate ciphertext; wherein, the supervisory encryption private key corresponding to the supervisory encryption public key is kept by the supervisory center in the consortium blockchain system; and The revised user's identity verification ciphertext is attached to the ring signature of the revised user.

3. The method according to claim 2, wherein, The method further includes: When it is necessary to trace the identity of the revised user, the monitoring center of the consortium blockchain system uses the monitoring encryption private key to decrypt the ciphertext of the revised user's identity certificate, thus obtaining the revised user's identity certificate; and Based on the revised user identity verification, the identity of the revised user is determined.

4. The method according to claim 1, wherein, The method further includes the consortium blockchain system verifying the message modification request, specifically including: In the consortium blockchain system, the validators run a verification algorithm to determine the correctness of the chameleon hash by verifying the correspondence between the collision random number, the original random number, and the original hash value. After confirming that the Chameleon hash is correct, verify the validity of the ring signature of the revising user in the message modification request; After the revised user's ring signature verification is valid, verify the second zero-knowledge proof; and After the second zero-knowledge proof is verified, the message modification request is confirmed to be verified.

5. The method according to claim 1, wherein, The original message is the original message that has not been modified after being uploaded to the consortium blockchain system, or the original message is the message after the last modification.

6. The method according to claim 5, wherein, When the original message is an unmodified original message uploaded to the consortium blockchain system, before running the collision algorithm of the chameleon hash function, the method further includes writing the original message to the consortium blockchain system, specifically including: Based on the Chameleon hash public key, the original message provided by the message writer, and the original random number, the original hash value is generated through the Chameleon hash function; Based on the ring signature private key provided by the message writing user, the public key of the ring member to which the message writing user belongs, and the original message, a ring signature generation algorithm is executed to generate the ring signature of the message writing user; Generate a first zero-knowledge proof to verify that the modification method of the original message satisfies the message modification strategy; Based on the original random number, the original hash value, the ring signature of the message writer, and the first zero-knowledge proof, a message writing request to write the original message is initiated to the consortium blockchain system; and When the message writing application is verified in the consortium blockchain system, the original message is written in the consortium blockchain system.

7. The method according to any one of claims 1 to 6, wherein, Before running the collision algorithm of the chameleon hash function, the method further includes: Generate publicly available system parameters based on user-selected security parameters; Generate a Chameleon Hash public key and a Chameleon Hash private key, as well as a regulatory encryption public key and a regulatory encryption private key, based on the aforementioned public parameters; and The Chameleon Hash public key and the Regulatory Encryption public key are disclosed in the consortium blockchain system.

8. A blockchain modification device, configured in a consortium blockchain system, the device comprising: The collision algorithm module is used to run the collision algorithm of the chameleon hash function when the revising user provides the chameleon hash private key. The module includes: inputting the chameleon hash private key, the original message specified by the revising user, the original hash value and the original random number corresponding to the original message, and the new message specified by the revising user, and outputting a collision random number. The ring signature module is used to execute a ring signature generation algorithm to generate the ring signature of the revised user based on the ring signature private key provided by the revised user, the public key of the ring member to which the revised user belongs, and the new message; The zero-knowledge proof module is used to generate a second zero-knowledge proof to verify that the modification method of the new message satisfies a preset message modification strategy; The message revision module is used to: initiate a message modification request to the consortium blockchain system based on the collision random number, the original hash value, the ring signature of the revising user, and the second zero-knowledge proof; and modify the original message using the new message when the message modification request is verified in the consortium blockchain system.

9. An electronic device, comprising: One or more processors; Memory, used to store one or more programs. When the one or more programs are executed by the one or more processors, the one or more processors perform the method according to any one of claims 1 to 7.

10. A computer-readable storage medium having stored thereon computer program instructions that, when executed by a processor, implement the method of any one of claims 1 to 7.

11. A computer program product comprising computer program instructions that, when executed by a processor, implement the method of any one of claims 1 to 7.