A union fund special-purpose management system based on multi-role coordination

By generating verifiable hidden sequences and compliance assertions, the union fund management system solves the problems of opaque operations and easily tampered data in multi-role collaborative management, enabling real-time, verifiable supervision and precise auditing, and improving the efficiency and accuracy of supervision.

CN121724786BActive Publication Date: 2026-07-07NANCHANG WEJIA DIGITAL INFORMATION TECHNOLOGY CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
NANCHANG WEJIA DIGITAL INFORMATION TECHNOLOGY CO LTD
Filing Date
2026-02-14
Publication Date
2026-07-07

AI Technical Summary

Technical Problem

In the management of union funds through multi-role collaboration, existing technologies suffer from opaque operational processes, easily tampered data, and a lack of credible audit baselines, making it difficult to achieve simultaneous supervision of the integrity of the fund operation history and the real-time compliance of the total expenditure.

Method used

The multi-role operation collection module generates a set of operation records, the dual-dimensional feature construction module generates verifiable hidden sequences and compliance assertions, the cryptographic proof generates a comprehensive verification proof, and the audit data release module and traceable audit response module enable real-time and verifiable supervision.

Benefits of technology

It enables efficient oversight of the real-time compliance and historical integrity of fund usage, enhancing the timeliness, accuracy, and deterrent effect of oversight. It can quickly confirm compliance without relying on interpersonal trust and conduct targeted in-depth audits when necessary.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN121724786B_ABST
    Figure CN121724786B_ABST
Patent Text Reader

Abstract

This invention relates to the fields of financial management and data security technology, specifically disclosing a special management system for trade union funds based on multi-role coordination. It collects operation instructions from different roles and generates a time-series set of operation records; then processes this set in parallel: generating a verifiable hidden sequence through an irreversible hash chain in the dimension of operation consistency, and generating compliance assertions through obfuscation accumulation and zero-knowledge proofs in the dimension of resource flow; constructing a publicly verifiable comprehensive verification proof based on these two methods; then encrypting and publishing this proof along with de-identified summary data to the audit node; the auditor can verify the overall validity of the proof and initiate precise tracing for suspicious areas, obtaining sub-proofs and targeted disclosure fragments specific to that area; this invention transforms process trust in multi-role collaboration into verifiable technical trust, solving the problems of easily tampered operation history and inefficient post-audit reliance on review in traditional manual management models.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the fields of financial management and data security technology, specifically to a special management system for trade union funds based on multi-role coordination. Background Technology

[0002] The dedicated management of trade union funds is a crucial foundation for ensuring the standardized operation of trade union organizations and safeguarding the rights and interests of workers. Currently, the industry generally adopts a traditional management model based on multi-role offline collaboration. Its typical process relies on manual paper-based document circulation and manual ledger recording: the person in charge initiates the application, which is then approved and signed by different responsible persons in sequence, and finally, the accountant performs manual bookkeeping and accounting, followed by an audit by the fund review committee. This model attempts to achieve checks and balances and dedicated use of funds through role division and signature approval.

[0003] Existing technologies lack the ability to overcome the inherent defects of traditional manual models in multi-role collaborative union fund management scenarios, such as opaque operation processes, easy data tampering, and lack of credible audit baselines, so as to achieve synchronous, efficient, and verifiable technical supervision of "the integrity of fund operation history" and "the real-time compliance of total expenditure". Summary of the Invention

[0004] The purpose of this invention is to provide a management system for dedicated union funds based on multi-role coordination, in order to solve the problems mentioned above.

[0005] The objective of this invention can be achieved through the following technical solutions:

[0006] A management system for dedicated union funds based on multi-role coordination includes:

[0007] The multi-role operation data collection module collects the operation command flow executed sequentially by different roles during the data collection and management process, as well as the associated budget item identifiers, and generates a set of operation records containing time sequence.

[0008] The dual-dimensional feature construction module, based on the set of operation records, extracts continuous operation sequences for the same budget item in the dimension of operation consistency, and generates verifiable hidden sequences that represent the continuity and integrity of operations through irreversible hash chain processing; in the dimension of resource flow, it analyzes the amount changes in the operation instruction stream, and generates compliance assertions that represent the compliance of budget item quota consumption through obfuscated accumulation calculation methods.

[0009] The integrated verification proof generation module, based on verifiable hidden sequences and compliance assertions, constructs a comprehensive verification proof through predetermined cryptographic proof generation methods that can simultaneously prove that the set of operation records has not been tampered with and that all quota consumption has not exceeded the preset subject limit.

[0010] The audit data publishing module publishes the comprehensive verification evidence and the de-identified budget execution summary data to the authorized audit nodes.

[0011] The traceable audit response module responds to verification requests initiated by audit nodes and verifies the validity of the comprehensive verification proof. If the verification passes, the reliability of the budget execution summary data is confirmed. If the verification fails or the audit node initiates a further review request, targeted data tracing and disclosure are carried out based on verifiable hidden sequences and compliance assertions to complete targeted audit verification.

[0012] As a further aspect of the present invention: the process for generating the verifiable hidden sequence is as follows:

[0013] Extract the first operation record for any budget item from the operation record set as the initial node, and perform an irreversible hash operation on all fields of the initial node to generate an initial sequence hash value;

[0014] Obtain the next adjacent operation record according to the operation sequence, concatenate the adjacent operation record with the sequence hash value before the corresponding time, perform an irreversible hash operation on the concatenation result again to generate a new sequence hash value; repeat this progressive linking process until the last operation record of the budget item is processed and the final sequence hash value is generated.

[0015] Obtain the start and end timestamps of the operation sequence, bind the final sequence hash value with the two timestamps, and input them into a state accumulator for one-way aggregation processing. The output aggregation result is the verifiable hidden sequence.

[0016] As a further aspect of the present invention: the process of obtaining the compliance assertion is as follows:

[0017] The amount of each operation instruction is parsed from the operation record set, and a perturbation factor randomly selected from a predetermined range is applied to each amount to generate the corresponding amount perturbation value.

[0018] All disturbance values ​​are summed in the order of operation to generate a blinded cumulative value; the range proof of the predetermined interval and the sum of all disturbance factors are combined to generate an interval commitment;

[0019] Based on the blinded cumulative value, the interval commitment, and the preset budget item limit, a zero-knowledge scope verification process is used to generate a proof result that proves the blinded cumulative value has not exceeded the limit without revealing any specific amount or disturbance factor. The proof result is the compliance assertion.

[0020] As a further aspect of the present invention: the construction process of the comprehensive verification proof is as follows:

[0021] The current state hash value of the verifiable hidden sequence and the final proof result of the compliance assertion are compiled together into a compound statement. The compound statement is logically expressed as the integrity of the operation record set and the compliance of the quota consumption are both true.

[0022] Extract all intermediate chain hash values ​​generated during the generation of verifiable hidden sequences as the first evidence set, and extract the generation paths of all perturbation factors and blinding cumulative values ​​generated during the generation of compliance assertions as the second evidence set. Bind the first evidence set and the second evidence set through cryptographic commitment to form structured evidence.

[0023] The compound statement and structured evidence are input into a pre-configured non-interactive proof generation process, which outputs a single, publicly verifiable comprehensive proof through recursive proof combination techniques.

[0024] As a further aspect of the present invention: the formation of structured evidence specifically includes:

[0025] The generation path descriptions of all intermediate chain hash values ​​in the first evidence set and all perturbation factors and blinding cumulative values ​​in the second evidence set are sorted according to predetermined rules and converted into a unified fixed-length data format.

[0026] Using the preprocessed first and second evidence sets as the underlying inputs, a multi-level aggregation structure is constructed through alternating recursive irreversible hash operations.

[0027] The unique output value of the top layer of the hierarchical aggregation structure is calculated as the root hash, and the precise timestamp entropy value corresponding to the root hash is injected into the calculation process to generate a binding identifier with spatiotemporal uniqueness.

[0028] The hierarchical topology summary of the binding identifier and hierarchical aggregation structure is encapsulated with the source declarations of the first and second evidence sets, and the output is structured evidence.

[0029] As a further aspect of the present invention: the step of jointly publishing the comprehensive verification proof and the de-identified budget execution summary data to the authorized audit node specifically includes:

[0030] Before release, interactive verification is performed with the target audit node to confirm the license status; based on the confirmation information of successful verification and the current release timestamp, a one-time encapsulation key is generated through a predetermined key derivation process;

[0031] A one-time encapsulation key is used to jointly encrypt the integrated verification proof and the de-identified budget execution digest data, and a validity lock calculated based on the release time is used to form a time-sensitive encapsulated data packet;

[0032] Time-sensitive encapsulated data packets are transmitted to the target audit node via a protected channel; upon successful delivery, a non-repudiable delivery receipt is generated based on the hash value of the time-sensitive encapsulated data packet, the target node identifier, and the delivery timestamp.

[0033] As a further aspect of the present invention: the formation of the time-sensitive encapsulated data packet specifically includes:

[0034] The integrated verification proof and the de-identified budget execution summary data are serialized and recombined according to a predetermined structure to form a data block to be encrypted; the precise time entropy value corresponding to the one-time encapsulation key and the release time is obtained, and a hybrid entropy source is generated through heterogeneous mixing operation;

[0035] A hybrid entropy source is input into a key expansion process to generate a key expansion factor and a timeliness control parameter; the one-time encapsulated key is strengthened using the key expansion factor to generate the final encryption key;

[0036] Using the final encryption key, the data block to be encrypted is encrypted in a mode that supports authentication encryption to generate the initial ciphertext; the timeliness control parameters are then irreversibly cryptographically bound to the initial ciphertext, and the resulting time-bound ciphertext block is the timeliness encapsulated data packet.

[0037] As a further aspect of the present invention: the targeted data tracing and disclosure based on verifiable hidden sequences and compliance assertions to complete targeted audit verification specifically includes:

[0038] Upon receiving a review request, the specified traceability range in the request is parsed, and based on the chain structure of the verifiable hidden sequence, the intermediate chain node associated with the corresponding range and its corresponding timestamp interval are located through an iterative backtracking algorithm.

[0039] Based on the located node information, extract the set of partial perturbation factors corresponding to the timestamp interval and their aggregation relationship from the encrypted state saved when generating the compliance assertion, and construct a sub-range proof for the compliance of amount changes within the timestamp interval.

[0040] The hash value, timestamp range identifier, and subrange proof of the intermediate chain node are cryptographically packaged and encapsulated using a session key negotiated with the audit node to generate a targeted disclosure fragment verified by the audit node.

[0041] As a further aspect of the present invention: the construction of a sub-range proof for the compliance of amount changes within a timestamp interval specifically includes:

[0042] Based on the timestamp interval, backtrack the encrypted state tree saved when generating compliance assertions, locate and extract the encrypted perturbation factor slices corresponding to all operations within the timestamp interval and their position proofs in the tree structure.

[0043] Based on the extracted encrypted perturbation factor slices, combined with location proof, the blinded cumulative value and its complete aggregation path evidence for the timestamp interval are reconstructed without decrypting the original perturbation factor.

[0044] The reconstructed timestamp interval blinded cumulative value is cryptographically bound to the location proof, and the global budget upper limit in the original compliance assertion is referenced to generate a verifiable subrange proof through a zero-knowledge subrange verification process.

[0045] The beneficial effects of this invention are:

[0046] (1) Existing technologies rely on the immediate integrity of individual accountants and manual records, leading to a "voucher swamp" in audit supervision, resulting in low efficiency and difficulty in detecting carefully concealed violations. This invention constructs a dual-dimensional feature model to irreversibly solidify the operational flow into a verifiable hidden sequence, transforming monetary compliance into a compliance assertion that does not reveal details, and ultimately generating a non-interactive comprehensive verification proof. This allows any supervisory body (such as the audit committee) to confirm the overall compliance and historical integrity of fund usage within seconds by verifying this cryptographic proof without relying on trust in the operators or reviewing massive amounts of original vouchers. This upgrades post-event, passive, interpersonal trust-based supervision to in-process verifiable, real-time, algorithmic consensus-based supervision, improving the timeliness, accuracy, and deterrent effect of supervision.

[0047] (2) Traditional audits either involve a broad, general review or fail to conduct in-depth investigations due to the inability to pinpoint the issue. This invention, through a structured chain of evidence design, provides "one-click" overall verification while retaining targeted traceability capabilities. When the auditor has doubts about a specific period or matter, they can initiate a review request. The system can quickly locate relevant operational nodes based on verifiable hidden sequences and generate sub-scope proofs that are specific to the scope of the doubt and protect the privacy of other data based on the underlying encrypted state of compliance assertions. This allows in-depth audits to be conducted without exposing all business details, achieving "surgical" precision verification of suspicious issues, improving the targeting and privacy protection level of audits, and resolving the contradiction between full transparency and necessary confidentiality. Attached Figure Description

[0048] The invention will now be further described with reference to the accompanying drawings.

[0049] Figure 1 This is a system block diagram of the present invention. Detailed Implementation

[0050] The technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present invention, and not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.

[0051] Please see Figure 1 As shown, this invention is a special management system for union funds based on multi-role coordination, comprising:

[0052] The multi-role operation data collection module collects the operation command flow executed sequentially by different roles during the data collection and management process, as well as the associated budget item identifiers, and generates a set of operation records containing time sequence.

[0053] The dual-dimensional feature construction module, based on the set of operation records, extracts continuous operation sequences for the same budget item in the dimension of operation consistency, and generates verifiable hidden sequences that represent the continuity and integrity of operations through irreversible hash chain processing; in the dimension of resource flow, it analyzes the amount changes in the operation instruction stream, and generates compliance assertions that represent the compliance of budget item quota consumption through obfuscated accumulation calculation methods.

[0054] The integrated verification proof generation module, based on verifiable hidden sequences and compliance assertions, constructs a comprehensive verification proof through predetermined cryptographic proof generation methods that can simultaneously prove that the set of operation records has not been tampered with and that all quota consumption has not exceeded the preset subject limit.

[0055] The audit data publishing module publishes the comprehensive verification evidence and the de-identified budget execution summary data to the authorized audit nodes.

[0056] The traceable audit response module responds to verification requests initiated by audit nodes and verifies the validity of the comprehensive verification proof. If the verification passes, the reliability of the budget execution summary data is confirmed. If the verification fails or the audit node initiates a further review request, targeted data tracing and disclosure are carried out based on verifiable hidden sequences and compliance assertions to complete targeted audit verification.

[0057] In the multi-role operation data acquisition module, the operation command flow executed sequentially by different roles during the data acquisition and management process, along with the associated budget item identifiers, generates a time-series set of operation records, specifically including:

[0058] The system captures every operational instruction initiated by different roles in the fund management process in real time. This capture is achieved by monitoring preset application programming interfaces (APIs) or log output ports, ensuring that the instruction content and operation type are fully captured when a role completes an approval, payment, or registration action. The captured instruction content includes, but is not limited to: operation type code, initiating role identifier, the budget item code to which the operation pertains, the amount involved, and the operation's status information.

[0059] Each captured operation instruction is bound to a globally consecutive sequence number, which is assigned by the central coordination unit according to an incremental principle when the instruction is captured. Simultaneously, current time information accurate to milliseconds is obtained from a trusted time source, and this time information, along with the sequence number, is appended to the operation instruction to form an instruction unit with an absolute timing marker.

[0060] Each instruction unit with a time sequence mark is structured and parsed to extract the budget item identifier as the classification basis. Based on the extracted budget item identifier, all instruction units belonging to the same item are grouped into a separate temporary set.

[0061] For each temporary set after aggregation, it is strictly sorted in ascending order according to the sequence number and timestamp carried by the instruction unit. After sorting, the sorted instruction unit sequence and its corresponding budget item identifier are encapsulated to generate a structured set of operation records containing complete time sequence. This set serves as the basic input data for all subsequent processing steps.

[0062] In the dual-dimensional feature construction module, based on the set of operation records, in the dimension of operation consistency, continuous operation sequences for the same budget item are extracted. Through irreversible hash chain processing, a verifiable hidden sequence representing the continuity and integrity of operations is generated. In the dimension of resource flow, the amount changes in the operation instruction stream are analyzed. Through obfuscated accumulation calculations, a compliance assertion representing the compliance of budget item quota consumption is generated, specifically including:

[0063] The generation of a verifiable hidden sequence is achieved through the following steps. First, the first operation record for any monitored budget item is extracted from the operation record set and used as the initial node. All fields of this initial node (including operation type, role identifier, timestamp, amount, and budget item identifier) ​​are serialized and concatenated. The concatenated binary data is then input into a cryptographically secure hash function (e.g., using the SHA-256 standard) for calculation. The resulting fixed-length (256-bit) output value is the hash value of the initial sequence, denoted as [hash value]. This step establishes the starting point of the operation chain for this subject. Next, a progressive linking operation is performed. The next adjacent operation record for this subject is retrieved according to the order in which the operations occurred, and all fields of that record are compared with the latest sequence hash value. (in The hash is concatenated starting from 2 and incrementing. The same hash function is then applied again to the concatenated data to generate a new sequence hash value. This process can be expressed mathematically as: the hash value of the current sequence. Based on the hash value of the previous sequence Compared with current operation log data Joint decision, namely: ;

[0064] in This represents the hash function used. This indicates a data concatenation operation. Repeat this progressive linking process until the last operation record under that budget item has been processed, at which point the final sequence hash value is obtained. ,in This represents the total number of operations under this subject. Finally, spatiotemporal anchoring is performed. The start timestamp of the operation sequence for this subject is obtained. With end timestamp The final sequence hash value and , These three elements are concatenated. The concatenated result is then fed into a state accumulator (e.g., by constructing a Merkle tree, treating multiple such concatenations as leaf nodes, and calculating its root) for one-way aggregation. The output of this state accumulator is a unique aggregate hash value, which is the final verifiable hidden sequence that irreversibly binds the complete chain of operations for a specific subject within a specific time period.

[0065] The compliance assertion is generated through the following steps. First, an amount perturbation value is generated. The original amount corresponding to each operation instruction is parsed from the operation record set and denoted as... ( From 1 to , (Total number of operations processed in this batch). For each original amount. Apply a perturbation factor Each disturbance factor From a pre-defined symmetrical interval: The inner part is randomly selected according to a uniform distribution, among which This is a preset positive boundary value. The corresponding perturbation value is obtained by adding the original amount to the perturbation factor. The calculation relationship is as follows: This step ensures that individual raw amount information is hidden. Next, the blinded cumulative value and the constructed interval commitment are calculated. All generated amount perturbation values ​​are then... The blinding cumulative value is obtained by strictly following the corresponding operation sequence and performing algebraic accumulation. ,Right now: Simultaneously, an interval commitment needs to be generated, which consists of two parts: one is all disturbance factors. algebraic sum Secondly, it is a way to prove each All are taken from the interval Range proofs (e.g., constructed using Pedersen commitments and ring signature techniques) without revealing each The specific value. This interval's commitment and blinding cumulative value. This is used for subsequent verification. Finally, zero-knowledge scope verification is performed to generate assertions. Based on the blinded cumulative value obtained above... The range commitment and the preset upper limit of the budget item. The proof is generated through a zero-knowledge verification process. Specifically, the prover needs to prove to the verifier that, without knowing any of the original amounts... and specific disturbance factors In the case of blinding cumulative value The corresponding total actual expenditure (i.e. (Not exceeding the limit) This proof can be achieved by constructing a zero-knowledge proof protocol that can prove relations. Established, and each The scope constraints are met. The proof that can be independently verified after the protocol is executed constitutes the required compliance assertion.

[0066] In the comprehensive verification proof generation module, based on the verifiable hidden sequence and compliance assertion, and through predetermined cryptographic proof generation methods, a comprehensive verification proof is constructed that simultaneously proves that the set of operation records has not been tampered with and that all credit consumption has not exceeded the preset subject limit. Specifically, this includes:

[0067] The construction of a comprehensive verification proof begins with the compilation of a compound statement. This involves combining the current state hash of the verifiable hidden sequence (i.e., the final aggregate hash) with the final proof result of the compliance assertion. The logical meaning of this combination is defined as a compound statement, the core of which is: all operation records associated with a specific budget item have remained intact since their creation and have not been tampered with in any way; simultaneously, the total cumulative expenditure of all funds related to this item has not exceeded the pre-set budget limit for that item. Both statements must be true simultaneously; this compound statement is the logical objective that the subsequent proof generation process needs to verify.

[0068] Next, structured evidence is generated and bound. First, the hash values ​​of each intermediate chain generated during the generation of the aforementioned verifiable hidden sequence are extracted and arranged in the order of generation to form the first evidence set. Second, all perturbation factors used in the generation of compliance assertions and the complete computational path record from the original amount to the final blinded cumulative value are extracted. This record must be able to reproduce the intermediate results of each step, forming the second evidence set. Then, the first and second evidence sets are bound together using cryptographic commitment. The specific binding process is as follows: all data items in the two evidence sets are sorted according to a predetermined unified rule (e.g., in ascending order by timestamp or sequence number), and each data item is converted into a fixed-length byte array format. The two processed sets of data are used as initial inputs, and a multi-level aggregation structure is constructed through an alternating recursive irreversible hash operation. The structure is constructed as follows: First, the initial data of the first and second evidence sets are hashed independently to obtain first-level digest values. Then, these two first-level digest values ​​are concatenated and hashed again to obtain second-level digest values. This process can be performed recursively, using the output of the previous level as part of the input for the next level, until a unique top-level output value, called the root hash, is finally produced. During the calculation of this root hash, the current timestamp data, accurate to nanoseconds, is injected as an additional input parameter (entropy value), thus making the generated root hash value strongly correlated with a specific point in time, forming a spatiotemporally unique binding identifier. Finally, this binding identifier, a brief description of the hierarchical relationship of the above multi-layered aggregation structure (e.g., the total number of layers, the hashing algorithm used in each layer), and a description of the sources of the first and second evidence sets are encapsulated together to form the final structured evidence.

[0069] Finally, non-interactive proof generation is performed. The compiled composite statement and the generated structured evidence are input into a pre-configured non-interactive proof generation process. This process operates based on recursive proof combination techniques. Specifically, it first generates a basic cryptographic proof for each sub-statement covered by the composite statement (i.e., the operational integrity statement and the quota compliance statement) and its corresponding evidence fragment. Then, through recursive proof combination techniques, these basic proofs for different sub-statements are combined and compressed into a single, compact proof object. The key to this technique is that the combination process can maintain the original verifiable attributes of each basic proof and ultimately output an independent and complete proof file, which is the comprehensive verification proof. An important characteristic of this proof is that it is "non-interactive" and "publicly verifiable," meaning that any verifier only needs this proof file, the relevant public parameters (such as the budget item limit and the public commitment value), and the composite statement itself to independently complete the verification without multiple rounds of interaction with the proof generator.

[0070] In the audit data publishing module, comprehensive verification evidence and de-identified budget execution summary data are published together to authorized audit nodes, specifically including:

[0071] The first step involves performing node permission verification and generating a one-time encapsulation key. Before actual data transmission, the initiator needs to conduct an interactive verification dialogue with the target audit node. This dialogue, based on pre-shared credentials or digital certificates, confirms the audit node's current valid data reception permission status through a challenge-response protocol. Upon receiving a successful verification confirmation message from the other party, and combining it with the current precise publication timestamp obtained from a trusted time service, a predetermined key derivation process is triggered. This process takes specific fields from the confirmation message and the binary representation of the publication timestamp as input, and through a series of continuous, irreversible cryptographic hash operations, derives a key material of a specific length that is used only for this publication task—the one-time encapsulation key.

[0072] The second step involves constructing a time-sensitive encapsulated data packet. First, the comprehensive verification document to be released and the processed budget execution summary data are serialized and reassembled. The processed summary data has all identifiers directly associated with specific individuals or departments removed. The two are concatenated according to a predefined byte arrangement structure (e.g., writing the data block length first, then the data block content) to form a complete data block to be encrypted. Then, encryption preparation is performed. The one-time encapsulation key generated in the first step is obtained, and the current release timestamp is read again and converted into a high-precision value as the time entropy value. These two inputs are processed through a heterogeneous hybrid operation: the binary sequence of the one-time encapsulation key and the binary sequence of the time entropy value are bitwise XORed, the result is then concatenated with the reversed sequence of the two, and finally, a one-way hash is performed on the concatenated whole; the output is called the hybrid entropy source. Next, key strengthening and time-sensitivity parameter generation are performed. A hybrid entropy source is input into a key expansion process that employs a cryptographic key derivation function, outputting two independent values: a key expansion factor to enhance the strength of the original key, and a timeliness control parameter to control the data's validity period. The original one-time encapsulation key is cryptographically transformed using the key expansion factor (e.g., by inputting both into a pseudo-random function) to generate a stronger final encryption key. Finally, encryption and timeliness binding are performed. Using the final encryption key, the entire block of data to be encrypted is encrypted using an authentication-enabled encryption mode (e.g., Galois / counter mode) to generate initial ciphertext. Then, the timeliness control parameter is irreversibly cryptographically bound to the initial ciphertext by concatenating the two, calculating their message authentication code, and appending this code to the initial ciphertext, forming a complete data unit—the timeliness-encapsulated data packet. The inherent logic of this data packet ensures that it can only be successfully decrypted and verified within a specific time window calculated based on the publication time.

[0073] The third step involves completing secure transmission and generating a delivery credential. The time-sensitive encapsulated data packet generated in the second step is sent to the verified target audit node via a network channel with transport layer security protection. After confirming that the data packet has been successfully delivered to the receiving server, the sender generates a non-repudiable delivery receipt. The specific process for generating the receipt is as follows: First, the cryptographic hash value of the time-sensitive encapsulated data packet is calculated as its unique fingerprint. Then, combined with the unique identifier of the target audit node and the timestamp indicating successful delivery of the data packet, this information is used as input to perform a digital signature operation using the sender's private key. The resulting digitally signed file is the delivery receipt. Any party can use the sender's public key to verify the authenticity of the receipt, thereby confirming that a specific data packet was sent to a specific node at a specific time.

[0074] In the traceable audit response module, the system responds to verification requests initiated by audit nodes and verifies the validity of the comprehensive verification proof. If the verification passes, the reliability of the budget execution summary data is confirmed. If the verification fails or the audit node initiates a further review request, targeted data tracing and disclosure are performed based on verifiable hidden sequences and compliance assertions to complete targeted audit verification, specifically including:

[0075] The first step is to parse the review request and locate the nodes in the chain of evidence. Upon receiving a request from an audit node that includes a specific review scope, the request is first parsed to extract the explicitly specified traceability conditions, which are represented as a time range or a set of specific business operation identifiers. Based on the chained data structure corresponding to the generated verifiable hidden sequence, an iterative backtracking algorithm is initiated. This algorithm starts with the final state hash value representing the complete operation history and backtracks backward level by level according to the hash pointers of the preceding nodes recorded by each node. During the backtracking process, the timestamps or business identification information associated with each node are compared until the starting and ending nodes that match the scope specified in the review request are located, thereby identifying one or more associated intermediate chain nodes and precisely defining the timestamp interval corresponding to that scope.

[0076] The second step involves constructing a sub-range proof of expenditure compliance for a specific time interval. Based on the timestamp interval determined in the first step, the encrypted state tree saved when the compliance assertion was initially generated is retrieved. This encrypted state tree uses the timestamps of all original operations as indexed leaf nodes, and each leaf node contains the encrypted form of the perturbation factor used in the corresponding operation. By traversing this tree, all leaf nodes falling within the specified timestamp interval are located and extracted; this node data is called "encrypted perturbation factor slices." Simultaneously, "location proofs" that can prove the correctness of these slice positions are obtained from the tree structure, namely a series of path hash values ​​from the leaf nodes to the root of the tree. Subsequently, based on these encrypted slices and their location proofs, without performing decryption, all leaf nodes located within the specified timestamp interval are extracted from the encrypted state tree. Each node stores the ciphertext obtained after additive homomorphic encryption of the corresponding operation perturbation factor. Next, based on the inherent property of this encryption algorithm, that is, performing a specific operation on two ciphertexts can yield a ciphertext that is the sum of the corresponding plaintexts, this operation is performed on all the extracted ciphertexts in sequence. By continuously executing this superposition operation on the ciphertexts, a single, new ciphertext is finally generated. The plaintext corresponding to this ciphertext after decryption is the sum of all these perturbation factors within the time interval. Finally, the previously disclosed blinded cumulative value covering all operations is subtracted from the newly calculated interval perturbation factor sum (which needs to be converted to homomorphic operation) at the ciphertext level. Thus, without decrypting any individual data, an encrypted "blinded cumulative value" representing only the original total expenditure within the time interval is obtained, and complete computation path evidence is generated. Finally, this blinded cumulative value for the interval is cryptographically bound to the location proof, referencing the global budget account limit already disclosed in the original compliance assertion. A new, independent proof is generated by performing a "zero-knowledge sub-range verification process." This proof demonstrates to the verifier that, within the specified time interval, the true total amount of all expenditures (hidden in the blinded cumulative value) does not exceed the total budget limit for that account, and that this conclusion relies on a perturbation factor constrained by the global commitment, without revealing the specific amount of any individual expenditure within the interval.

[0077] The third step involves generating and delivering a targeted audit disclosure fragment. This combines the hash values ​​of the key intermediate chain nodes identified in the first step, the timestamp interval identifiers determined in the second step, and the sub-range proofs generated in the second step. These are then integrated into a single logical unit using a cryptographic packaging format (e.g., serialization with length prefix encoding). This logical unit is then encrypted using a session key temporarily negotiated with the requesting audit node during the current session. Encryption employs an authentication-enabled mode to ensure data confidentiality and integrity. The resulting encrypted data packet is the "targeted disclosure fragment," which is returned to the audit node that initiated the review request via a secure channel. After decrypting the fragment using the session key, the audit node can verify the authenticity of the data source on the public operational chain using the node hash values, confirm the range using the timestamp interval identifiers, and independently verify the validity of the sub-range proofs. This allows for precise and in-depth auditing of specific points of suspicion, without exposing any other business details outside the scope.

[0078] The working principle of this invention is as follows: First, a multi-role operation acquisition module captures and serializes all operation instructions from different roles in the fund management process in real time, generating a set of operation records with time-series markers and budget item classifications. Then, a dual-dimensional feature construction module processes this set in parallel: In the operation consistency dimension, by performing irreversible hash chaining on consecutive operation records of the same item, a verifiable hidden sequence bound to a time range is generated to verify the integrity of historical operations; in the resource flow dimension, by adding random perturbations to expenditure amounts and performing obfuscation accumulation, combined with zero-knowledge proof technology, a compliance assertion is generated that proves the total expenditure did not exceed the budget limit without revealing any individual expenditure amount. The comprehensive verification proof generation module then compiles the aforementioned hidden sequence and compliance assertion into a compound statement and generates a non-interactive, publicly verifiable comprehensive verification proof based on all intermediate evidence. The audit data publishing module is responsible for securely sending this proof, along with anonymized summary data, to authorized audit nodes after strict node authentication and time-sensitive encryption encapsulation. Finally, the traceable audit response module can not only verify the validity of the comprehensive proof, but also generate precise sub-scope proofs for specific time intervals or operational scopes and make targeted disclosures based on the evidence encapsulated in the hidden sequence and assertions when a request for in-depth review is received, thereby achieving efficient and minimal targeted audit verification.

[0079] The foregoing has provided a detailed description of one embodiment of the present invention, but this description is merely a preferred embodiment and should not be construed as limiting the scope of the invention. All equivalent variations and modifications made within the scope of the claims of this invention should still fall within the patent coverage of this invention.

Claims

1. A special management system for trade union funds based on multi-role coordination, characterized in that, include: The multi-role operation data collection module collects the operation command flow executed sequentially by different roles during the data collection and management process, as well as the associated budget item identifiers, and generates a set of operation records containing time sequence. The two-dimensional feature construction module extracts continuous operation sequences for the same budget item from the operation record set. Starting from the first operation record, it performs an irreversible hash operation on all fields to obtain an initial sequence hash value. Then, it concatenates the sequence hash value of the next operation record with the sequence hash value of the previous moment and performs another irreversible hash operation, and so on until the last operation record to obtain the final sequence hash value. Finally, it binds the final sequence hash value with the start and end timestamps of the operation sequence and inputs it into a state accumulator for aggregation processing, outputting a verifiable hidden sequence that is bound to the item and time period and can represent the integrity of the operation history. The amount of each operation instruction is parsed from the operation record set. A perturbation factor randomly selected from a predetermined range is applied to each amount to generate an amount perturbation value. All amount perturbation values ​​are accumulated according to the operation time sequence to obtain a blinded cumulative value. The range proof of the predetermined range and the sum of all perturbation factors together constitute the range commitment. Based on the blinded cumulative value, the range commitment, and the preset budget item limit, a compliance assertion that proves the blinded cumulative value has not exceeded the limit is generated through a zero-knowledge range verification process. The integrated verification proof generation module compiles the current state hash value of the verifiable hidden sequence and the proof result of the compliance assertion into a compound statement. The compound statement requires that the integrity of the operation record set and the compliance of the quota consumption are both met simultaneously. Extract all intermediate chain hash values ​​generated during the generation of verifiable hidden sequences as the first evidence set, and extract all perturbation factors and blinded cumulative value generation paths generated during the generation of compliance assertions as the second evidence set. The data items in the first and second evidence sets are processed through alternating recursive irreversible hashing operations, with the precise time value of the generation time injected as an additional input during the transformation process. A multi-level aggregation structure is constructed, the top-level output value of the aggregation structure is calculated as the binding identifier, and the binding identifier, the hierarchical relationship summary of the aggregation structure, and the source declaration of the evidence set are encapsulated into structured evidence. The compound statement and structured evidence are input into a pre-configured non-interactive proof generation process, which outputs an independent, publicly verifiable comprehensive proof through a recursive proof combination technique. The audit data publishing module publishes the comprehensive verification evidence and the de-identified budget execution summary data to the authorized audit nodes. The traceable audit response module responds to verification requests initiated by audit nodes and verifies the validity of the comprehensive verification proof. If the verification passes, the budget execution summary data is confirmed to be reliable; if the verification fails or the audit node initiates a further review request, targeted data tracing and disclosure will be carried out based on verifiable hidden sequences and compliance assertions to complete the targeted audit verification.

2. The special management system for trade union funds based on multi-role coordination as described in claim 1, characterized in that, The step of publishing the comprehensive verification proof along with the de-identified budget execution summary data to the authorized audit nodes specifically includes: Before release, interactive verification is performed with the target audit node to confirm the license status; based on the confirmation information of successful verification and the current release timestamp, a one-time encapsulation key is generated through a predetermined key derivation process; A one-time encapsulation key is used to jointly encrypt the integrated verification proof and the de-identified budget execution digest data, and a validity lock calculated based on the release time is used to form a time-sensitive encapsulated data packet; Time-sensitive encapsulated data packets are transmitted to the target audit node via a protected channel; upon successful delivery, a non-repudiable delivery receipt is generated based on the hash value of the time-sensitive encapsulated data packet, the target node identifier, and the delivery timestamp.

3. The special management system for trade union funds based on multi-role coordination as described in claim 2, characterized in that, The formation of the time-sensitive encapsulated data packet specifically includes: The integrated verification proof and the de-identified budget execution summary data are serialized and recombined according to a predetermined structure to form a data block to be encrypted; the precise time entropy value corresponding to the one-time encapsulation key and the release time is obtained, and a hybrid entropy source is generated through heterogeneous mixing operation; A hybrid entropy source is input into a key expansion process to generate a key expansion factor and a timeliness control parameter; the one-time encapsulated key is strengthened using the key expansion factor to generate the final encryption key; Using the final encryption key, the data block to be encrypted is encrypted in a mode that supports authentication encryption to generate the initial ciphertext; the timeliness control parameters are then irreversibly cryptographically bound to the initial ciphertext, and the resulting time-bound ciphertext block is the timeliness encapsulated data packet.

4. The special management system for trade union funds based on multi-role coordination as described in claim 1, characterized in that, The aforementioned data tracing and disclosure are based on verifiable hidden sequences and compliance assertions to complete targeted audit verification, specifically including: Upon receiving a review request, the specified traceability range in the request is parsed, and based on the chain structure of the verifiable hidden sequence, the intermediate chain node associated with the corresponding range and its corresponding timestamp interval are located through an iterative backtracking algorithm. Based on the located node information, extract the set of partial perturbation factors corresponding to the timestamp interval and their aggregation relationship from the encrypted state saved when generating the compliance assertion, and construct a sub-range proof for the compliance of amount changes within the timestamp interval. The hash value, timestamp range identifier, and subrange proof of the intermediate chain node are cryptographically packaged and encapsulated using a session key negotiated with the audit node to generate a targeted disclosure fragment verified by the audit node.

5. A special management system for trade union funds based on multi-role coordination as described in claim 4, characterized in that, The construction of the sub-range proof for the compliance of amount changes within the timestamp interval specifically includes: Based on the timestamp interval, backtrack the encrypted state tree saved when generating compliance assertions, locate and extract the encrypted perturbation factor slices corresponding to all operations within the timestamp interval and their position proofs in the tree structure. Based on the extracted encrypted perturbation factor slices, combined with location proof, the blinded cumulative value and its complete aggregation path evidence for the timestamp interval are reconstructed without decrypting the original perturbation factor. The reconstructed timestamp interval blinded cumulative value is cryptographically bound to the location proof, and the global budget upper limit in the original compliance assertion is referenced to generate a verifiable subrange proof through a zero-knowledge subrange verification process.