A data product negotiation transaction system based on a trusted data space connector
By using trusted data space connectors and zero-knowledge proof technology, the problems of data trustworthiness and privacy protection in data negotiation transactions are solved, realizing decentralized trusted negotiation transactions and improving the security and traceability of transactions.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- SHANGHAI ELECTRONIC CERTIFICATE AUTHORITY CENT CO LTD
- Filing Date
- 2026-03-13
- Publication Date
- 2026-06-09
Smart Images

Figure CN122179181A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of data negotiation and transaction technology, and more specifically, to a data product negotiation and transaction system and method based on a trusted data space connector. Background Technology
[0002] The data product negotiation and transaction process involves multiple stakeholders, including data providers, data requesters, and intermediary service providers, and encompasses stages such as data product release, order negotiation, transaction completion, and delivery verification. In existing data product negotiation and transaction practices, data products are typically stored across different systems, lacking unified standardized interfaces and secure, reliable transmission channels, leading to numerous problems in the negotiation and transaction process. First, data credibility and privacy protection are difficult to balance. Traditional data product exchange often relies on centralized platforms, which may lead to data leakage or tampering during the uploading and forwarding of data products. Furthermore, all parties involved cannot fully verify the authenticity and validity of the data product's source and content. Secondly, both supply and demand sides lack credible identity and agreement verification mechanisms. Existing transaction models mostly rely on offline contract signing or platform credit endorsement. Once a dispute arises, it is difficult to effectively trace the responsible party and the transaction process, lacking a verifiable foundation of trust. Finally, in traditional transaction processes, the conclusion of agreements and the verification of performance largely rely on manual or centralized system judgments, which cannot form credible and verifiable transaction records, reducing the transparency and regulatory traceability of the transaction process.
[0003] In summary, the existing data negotiation and transaction system has significant shortcomings in areas such as trusted data transmission, identity verification, agreement reaching, and evidence storage and supervision, making it difficult to meet the requirements for security, privacy, and trustworthiness in the circulation of data elements.
[0004] Therefore, there is an urgent need for a reliable data negotiation and transaction scheme that can enable secure interconnection and trusted data exchange between supply and demand parties, while verifying the correctness of the negotiation agreement under the premise of protecting privacy, and providing reliable technical support for the efficient, secure and regulated circulation of data elements. Summary of the Invention
[0005] The purpose of this invention is to provide a data product negotiation and transaction system and method based on a trusted data space connector, which solves the problems of data product transactions relying on centralized platforms, insufficient privacy protection, lack of trusted negotiation and verification mechanisms, and difficulty in tracing the entire transaction process in the prior art.
[0006] To achieve the above objectives, the present invention provides a data product negotiation and transaction system based on a trusted data space connector, comprising: A trusted data identity chain is configured to store digital identity identifiers and verifiable credentials of participants, including suppliers and demanders. A trusted data space is configured to issue and manage verifiable credentials for participants, as well as publish summary information of data products, which is used by demanders to discover and select data products. A supplier connector, deployed on the supplier side, is configured to publish the supplier's data product summary information to the trusted data space; The demand-side connector, deployed on the demand side, is configured to initiate a negotiation transaction request to the data product supplier connector based on data product summary information obtained from the trusted data space. The supplier connector and the demand connector are both trusted data space connectors, used to jointly execute the negotiation transaction process after completing identity authentication based on their respective digital identity identifiers and verifiable credentials, and submit key transaction information to the trusted data identity chain for storage.
[0007] In some embodiments, the negotiation transaction process includes a data product verification process: The demand-side connector generates verification criteria for the availability of the data product and initiates a verification request to the supplier-side connector. The supplier connector generates a zero-knowledge proof based on the internal data of the data product it holds, according to the received verification standard. The demand-side connector performs local verification on the received zero-knowledge proof to confirm that the data product meets the verification criteria, thus completing the data product validity verification.
[0008] In some embodiments, the demand connector has a built-in predefined zero-knowledge proof verification template library: The zero-knowledge proof verification template library includes one or more of the following: data range verification template, statistical feature verification template, logical relationship verification template, and data structure verification template. It is used to generate verification standards for the usability of data products through parameterized configuration.
[0009] In some embodiments, the supplier connector has a built-in circuit template library, which is used to parse the constraints and corresponding template types in the verification standards submitted by the demand connector, extract the corresponding circuit segments from the circuit template library, and logically combine them to form a complete zero-knowledge verification circuit. The supplier connector uses its own data product's internal data as input to run the zero-knowledge verification circuit and generate the corresponding zero-knowledge proof.
[0010] In some embodiments, the negotiation transaction process includes an order negotiation process: The demand connector initiates a negotiation request, including order terms, to the supplier connector based on the summary information of the target data product. The supplier connector and the buyer connector negotiated the order terms in multiple rounds until both parties reached an agreement on all order terms.
[0011] In some embodiments, the negotiation transaction process includes an order signing process: After the order terms are agreed upon and the data product is verified, the supplier connector and the buyer connector each use their own private keys to complete the order signing. After both parties complete the signing, the key order information will be submitted to the Trusted Data Identity Chain for verification.
[0012] In some embodiments, the negotiation transaction process includes a trusted data product transmission process: The supplier connector provides secure data product transmission services to the authenticated customer connector in accordance with the signed order terms. The demand connector receives and applies the data product.
[0013] In some embodiments, the supplier connector carries its own verifiable credentials and submits data product summary information to a trusted data space; The trusted data space verifies the validity of the supplier connector's verifiable credentials and reviews the data product summary information. After the review is passed, the data product summary information is published and displayed.
[0014] In some embodiments, the supplier connector and the customer connector are further configured to perform an initialization process, the initialization process including: The supplier connector and the demand connector respectively complete the initialization configuration and generate local public and private key pairs; The supplier connector and the demand connector apply for registration of digital identity identifiers with the trusted data space based on their own public keys. The trusted data space calls the identity contract deployed on the trusted data identity chain to generate the corresponding digital identity identifiers and store them on the chain. The supplier connector and the demand connector apply for verifiable credentials from the trusted data space based on their own public keys and registered digital identity identifiers. After the trusted data space approves the application, it issues verifiable credentials and calls the identity contract to update the verifiable credentials to the trusted data identity chain, thus completing the on-chain storage of verifiable credentials.
[0015] To achieve the above objectives, this invention provides a data product negotiation and transaction method based on a trusted data spatial connector, comprising the following steps: Step S1: The supplier connector and the demand connector are initialized, and based on the trusted data identity chain and trusted data space, they complete their own digital identity registration and the acquisition and storage of verifiable credentials on the chain. Step S2: The supplier connector publishes the data product summary information to the trusted data space; Step S3: Based on the published summary information, the buyer connector negotiates the order terms with the supplier connector after completing mutual identity verification; In step S4, during the negotiation process, the demand connector generates a verification standard for the availability of the data product, and the supplier connector generates a zero-knowledge proof based on the verification standard to verify the effectiveness of the data product. Step S5: After the order terms are agreed upon and the data product is verified, the supplier connector and the buyer connector sign the order and upload the order information to the blockchain for evidence storage. Step S6: The supplier connector transmits data products to the customer connector.
[0016] In some embodiments, the demand-side connector generates verification criteria for the availability of the data product, including: The demand connector selects one or more verification templates from a predefined library of zero-knowledge proof verification templates. The verification conditions of the selected verification template are configured in a parameterized manner to generate structured verification standards.
[0017] In some embodiments, the supplier connector generates a zero-knowledge proof according to the verification criteria, including: The supplier connector parsing and verification standard extracts and combines the corresponding circuit fragments from the local circuit template library to generate a zero-knowledge verification circuit. The zero-knowledge verification circuit is run, taking the internal data of the supplier's data product as input, to generate the zero-knowledge proof.
[0018] In some embodiments, after generating the zero-knowledge verification circuit, the supplier connector generates a proof key and a verification key, and pre-configures the verification key in the demand connector; The demand-side connector uses the verification key to perform local verification of the received zero-knowledge proof.
[0019] The data product negotiation and transaction system and method based on trusted data space connectors provided by this invention constructs a trusted data identity chain and trusted data space as a trust infrastructure. After identity authentication is completed by trusted data space connectors deployed on both the supply and demand sides based on digital identity identifiers and verifiable credentials, the negotiation and transaction process is directly executed and key information is stored on the chain. This realizes a trusted closed loop for the entire process of data products from release, discovery, negotiation, verification to transaction, and builds a decentralized transaction interaction mode. It significantly improves the security, privacy and traceability of data transactions and completely eliminates the dependence on centralized platforms. Attached Figure Description
[0020] The above and other features, properties and advantages of the present invention will become more apparent from the following description taken in conjunction with the accompanying drawings and embodiments, in which the same reference numerals always denote the same features, wherein: Figure 1 A principle block diagram of a data product negotiation and transaction system based on a trusted data space connector according to an embodiment of the present invention is disclosed; Figure 2 The initialization flowchart of a data product negotiation and transaction system based on a trusted data spatial connector according to an embodiment of the present invention is disclosed. Figure 3 A flowchart illustrating the data product listing and order negotiation process of a data product negotiation and transaction system based on a trusted data space connector, according to an embodiment of the present invention, is disclosed. Figure 4 A flowchart of a data product verification process for a data product negotiation and transaction system based on a trusted data spatial connector, according to an embodiment of the present invention, is disclosed. Figure 5 A flowchart illustrating the steps of a data product negotiation and transaction method based on a trusted data space connector according to an embodiment of the present invention is disclosed.
[0021] The meanings of the labels in the figures are as follows: 10 Supplier connectors; 20. Buyer's connector; 30 Trusted Data Space; 40 Trusted Data Identity Chains. Detailed Implementation
[0022] To make the objectives, technical solutions, and advantages of this invention clearer, the invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are for illustrative purposes only and are not intended to limit the invention.
[0023] While some existing technologies offer solutions for negotiating and trading data products, they all have significant shortcomings and fail to meet the requirements for trustworthy, efficient, and privacy-protected transactions.
[0024] For example, Chinese invention patent CN119272286A proposes a trusted data space platform integrating multiple trusted environments and its data usage method, including a trusted data circulation environment, multiple trusted data supply environments, and multiple trusted data usage environments. However, this solution still has many shortcomings. It focuses on the trusted circulation of data at the data sharing and usage level, lacks a mechanism for negotiation and agreement between supply and demand parties before data product transactions, and does not involve the trusted implementation of processes such as price negotiation, agreement signing, and data product verification. At the same time, although it uses blockchain to realize data ownership confirmation and delivery records, it does not store transaction agreements and order contracts on the chain for verifiable traceability. In addition, this solution still relies on a centralized data operation platform to carry out data product listing and trading, which is insufficient in protecting the privacy of data products and has potential trust dependence and single point of failure risks. Specifically, it uploads digital certificates to a centralized platform, and the data needs to be processed through the platform, resulting in weak data security and immutability within the centralized operation platform.
[0025] For example, Chinese invention patent CN118735686A proposes a method, system, and medium for implementing data products based on digital public goods. This solution also has obvious shortcomings. Its core innovation is concentrated on the generation and tokenization of data products, without involving the trusted negotiation and contract execution mechanism between the two parties in the data transaction, lacking a complete closed loop for data transactions, and the digital certificate only realizes storage and identification mapping based on blockchain, without realizing on-chain verification, dynamic permission management, and privacy protection mechanisms.
[0026] In summary, existing patents still suffer from problems in data product generation, order storage, and product transactions, including reliance on centralized platforms, insufficient data privacy protection, lack of data product validity verification, inadequate data negotiation processes, and insufficient traceability throughout the entire process. These issues hinder multi-party collaboration and trustworthy transactions. Therefore, how to achieve decentralization while ensuring data privacy, and to reach highly traceable and secure data product negotiation and transactions, has become an urgent technical problem to be solved.
[0027] To address the shortcomings of existing technologies, this invention provides a data product negotiation and transaction scheme based on a trusted data space connector. This scheme integrates technologies such as trusted data space, blockchain, and zero-knowledge proofs to build a trusted data product negotiation and transaction system that combines data product release, transaction demand negotiation, order signing, and trusted data transmission for data providers and data demanders.
[0028] Figure 1 A schematic diagram of a data product negotiation and transaction system based on a trusted data space connector according to an embodiment of the present invention is disclosed, such as... Figure 1As shown, the present invention proposes a data product negotiation and transaction system based on a trusted data space connector, comprising: Trusted data identity chain 40 is configured to store digital identity identifiers (DIDs) and verifiable credentials (VCs) of participants, including suppliers and demanders; Trusted data space 30 is configured to issue and manage verifiable credentials for participants, as well as publish summary information of data products, which is used by demanders to discover and select data products; Supplier connector 10, deployed on the supplier side, is configured to publish the supplier's data product summary information to the trusted data space; Demand connector 20, deployed on the demand side, is configured to initiate a negotiation transaction request to the supplier connector 10 based on data product summary information obtained from the trusted data space. The supplier connector 10 and the demander connector 20 are both trusted data space connectors, used to jointly execute the negotiation transaction process after completing identity authentication based on their respective digital identity identifiers and verifiable credentials, and submit key transaction information to the trusted data identity chain 40 for evidence storage.
[0029] Specifically, the key transaction information includes at least: the digital identity identifiers of the supplier and the demander participating in the transaction, the order terms agreed upon by both parties (including core transaction information such as data product pricing and usage period), the digital signatures generated by the supplier connector and the demander connector using their respective private keys, and the timestamp reflecting the time the transaction was completed.
[0030] The negotiation and transaction process includes order negotiation, data product verification, order signing, and trusted data product transmission.
[0031] Unlike traditional centralized platforms, this solution achieves direct secure interconnection and protocol collaboration between multiple entities through trusted data space connectors deployed on the supply and demand sides. Each supply and demand side holds a unique blockchain digital identity (DID) and network access credentials (online VC, which can be verified) for identity authentication, access control, and accountability.
[0032] The connectors in this invention are all deployed on the user side, solely to support direct data flow between users without going through any centralized platform, thus truly achieving decentralized transaction interaction. Simultaneously, the digital identity identifiers (DIDs) and verifiable credentials (VCs) held by the participants are built on blockchain technology. The decentralized nature of blockchain itself ensures that identity data cannot be tampered with; once information is recorded on the chain, it cannot be modified, further enhancing the system's security and privacy protection capabilities.
[0033] During the negotiation phase, supplier connector 10 and buyer connector 20 utilize zero-knowledge proof technology to verify the validity of the data product while protecting the privacy of all parties, ensuring a match between data supply and demand. After the transaction is concluded and the order is signed, the system stores the order contract and key transaction records on the blockchain, forming a fully verifiable and tamper-proof transaction certificate, providing technical support for supervision and post-event auditing.
[0034] This invention proposes a data product negotiation and transaction system based on a trusted data space connector, which enables trusted negotiation and efficient transactions between supply and demand parties while ensuring privacy and security. Data interaction does not need to go through a centralized platform, effectively improving the trust and traceability of data product transactions while ensuring privacy.
[0035] In this embodiment, the data product negotiation and transaction system based on a trusted data space connector provided by the present invention mainly involves five parties. The responsibilities of each party are described in detail below: The demand party (i.e., the data product requester) is responsible for subscribing to the required data product summary information in the trusted data space and submitting specific transaction requirements and data verification standards to the demand party connector. After negotiation, the demand party confirms the negotiation results and completes the order signing. After the order is finalized, the demand party requests the data product. In some embodiments, the data product requester can be an enterprise, institution, or other entity that needs to use data products, and its submitted transaction requirements can be flexibly adjusted according to its own business scenario.
[0036] The demand connector (i.e., the data product demand connector) serves as a trusted computing terminal for data product demanders to participate in data negotiation and transactions. It is responsible for establishing a secure connection with the supplier connector based on the demander's subscription intention; initiating transaction demand negotiation on behalf of the demander; verifying the validity of the supplier's data products using zero-knowledge proof technology; and executing the order contract signing process and related data product transaction processes after successful supply and demand matching.
[0037] The supplier (i.e., the data product provider) is responsible for defining the transaction strategy of the data product, publishing the summary information of the data product to the trusted data space, and conducting the final review and confirmation of the order terms reached by the connector during the negotiation stage. After the order is completed, the data product is sent to the demander.
[0038] The supplier connector (i.e., the data product provider connector) serves as a trusted computing terminal for data suppliers to participate in data negotiation transactions. It is responsible for publishing data product summary information to the trusted data space; responding to negotiation requests from the demand connector; and using zero-knowledge proof technology during the negotiation process to verify the validity of the data product while protecting privacy; and executing order contract signing and on-chain evidence storage operations after reaching an agreement.
[0039] Trusted Data Space provides a decentralized collaborative environment whose functions are strictly limited to identity management, credential issuance, and display of non-confidential data. It is responsible for issuing digital identities and verifiable credentials (VCs) to suppliers and customers, and publishing data product summary information. Unlike traditional platforms, Trusted Data Space only publishes data product summary information; it does not directly list data products or participate in data product transactions within the space.
[0040] It should be noted that both the supplier connector and the demand connector belong to the category of Trusted Data Space Connectors. These connectors are software built upon principles of security, privacy protection, and interoperability, deployed on user-side servers to enable trusted data interaction within a multi-party data ecosystem. Through built-in mechanisms such as identity authentication, access control, and data circulation policy enforcement, they ensure the integrity, confidentiality, and compliance of data during transmission and use, thereby supporting trusted data collaboration between users. Furthermore, the connector structures for the supplier and demand sides are identical, allowing users to participate in transactions as both suppliers and demanders simultaneously, effectively enhancing the system's flexibility and versatility.
[0041] The overall process of this invention includes an initialization process, a data product listing process, and a negotiation and transaction process.
[0042] The initialization process, as a necessary preparatory step for subsequent processes, establishes unique and trusted digital identities and access credentials for transaction participants. The data product listing process involves the supplier connector publishing data product summary information to a trusted data space, allowing suppliers and buyers to discover and select products. The negotiated transaction process presupposes that both parties have completed initialization and passed identity authentication; it specifically includes order negotiation, data product verification, order signing, and a trusted data product transmission process.
[0043] The following sections will elaborate on the initialization process, the data product listing process, and the core negotiation and transaction process, with specific steps outlined below.
[0044] In some embodiments, the supplier connector and the customer connector are further configured to perform an initialization process, the initialization process including: The supplier connector and the demand connector respectively complete the initialization configuration and generate local public and private key pairs; The supplier connector and the demand connector apply for registration of digital identity identifiers with the trusted data space based on their own public keys. The trusted data space calls the identity contract deployed on the trusted data identity chain to generate the corresponding digital identity identifiers and store them on the chain. The supplier connector and the demand connector apply for verifiable credentials from the trusted data space based on their own public keys and registered digital identity identifiers. After the trusted data space approves the application, it issues verifiable credentials and calls the identity contract to update the verifiable credentials to the trusted data identity chain, thus completing the on-chain storage of verifiable credentials.
[0045] The initialization process is a prerequisite for both the supply and demand sides to participate in subsequent negotiations and transactions. Figure 2 The initialization flowchart of a data product negotiation and transaction system based on a trusted data space connector according to an embodiment of the present invention is disclosed, such as... Figure 2 As shown, the initialization process includes steps S101 to S102, and the specific scheme is as follows: S101: Supplier connector and demand connector are initialized, and key pairs (public-private key pairs) are generated locally. Each participant applies to the Trusted Data Space system to register a digital identity (DID) based on the public key. The Trusted Data Space initializes the participant's DID according to the registration information and puts the DID on the Trusted Data Identity Chain.
[0046] To enhance the security of data negotiation transactions between suppliers and consumers, a trusted data identity chain is established, and identity contracts are deployed on the trusted data identity chain. After the connector is initialized, the connector generates a public-private key pair for the user. After the user registers in the trusted data space, the trusted data space system calls the identity contract to generate a DID for the user and uploads the user's DID to the chain.
[0047] In some embodiments, the key pair is generated using an asymmetric encryption algorithm, such as the RSA or SM2 algorithm, to ensure the security and unforgeability of the key.
[0048] Taking the supplier as an example, the supplier connector completes local initialization configuration and generates an asymmetric encryption public-private key pair; the supplier connector sends a DID registration application to the Trusted Data Space with its own public key; after receiving the application, the Trusted Data Space submits a DID generation request to the Trusted Data Identity Chain based on the public key; the Trusted Data Identity Chain calls the deployed identity contract to generate a unique digital identity identifier (DID) for the supplier and stores it on the chain; the Trusted Data Identity Chain returns the generated supplier DID to the Trusted Data Space, and the Trusted Data Space further distributes the supplier DID to the supplier connector.
[0049] S102: Supplier and demand connectors apply for network access VC from the Trusted Data Space System based on public keys and DIDs. The Trusted Data Space System assembles the network access VC according to the application request and issues it to the supplier and demand connectors (e.g., Figure 2 (As shown on the right), and upload the VCs to the trusted data identity chain.
[0050] Specifically, the Trusted Data Space assembles on-chain VCs for supplier and demand connectors based on public keys and DIDs, and calls identity contracts to update the on-chain VCs.
[0051] Furthermore, the identity contract includes the following fields: User DID, Public Key (encrypted), Enterprise Data, Network Access VC, and Update Time. The Enterprise Data includes information related to the connector's use, such as the legal representative, company name, and unified social credit code, to further verify the legitimate identity of the participants.
[0052] Furthermore, the information of the VC (Verifiable Credential) includes: holder's DID, issuer's DID (Trusted Data Space Administrator DID), holder's public key (encrypted), company name, company credit code, VC validity period, etc. This data can indicate that the holder is a participant in the Trusted Data Space and is qualified to participate in the current Trusted Data Transaction Process.
[0053] Taking the supplier as an example, the supplier connector carries its own public key and the obtained supplier DID to initiate a network access VC application to the Trusted Data Space; the Trusted Data Space assembles the network access VC application request based on the supplier's public key and DID, and submits the VC issuance application to the Trusted Data Identity Chain; after the Trusted Data Identity Chain approves the application, it generates the corresponding network access VC and stores it on the chain; the Trusted Data Identity Chain returns the network access VC to the Trusted Data Space, and the Trusted Data Space further distributes the supplier connector's network access VC to the supplier connector.
[0054] Both suppliers and buyers must bring their on-network VC when participating in a trusted data trading environment. The recipient can parse the sender's digital identity based on the on-network VC. Only when the data identity is valid can the recipient participate in the subsequent data product listing process and order negotiation process.
[0055] After initialization is complete, the supplier connector can execute the data product listing process.
[0056] In some embodiments, the supplier connector carries its own verifiable credentials and submits data product summary information to the trusted data space; The trusted data space verifies the validity of the supplier connector's verifiable credentials and reviews the data product summary information. After the review is passed, the data product summary information is published and displayed.
[0057] Figure 3 A flowchart illustrating the data product listing and order negotiation process of a data product negotiation and transaction system based on a trusted data space connector, according to an embodiment of the present invention, is disclosed. Figure 3As shown, the data product listing process includes step S103, and the specific solution is as follows: S103: The supplier user carries the network access VC and submits the data product summary information to the trusted data space. After receiving it, the trusted data space initiates a network access VC validity verification request to the trusted data identity chain. After verifying that the supplier's network access VC is valid and the data product summary information is approved, the supplier's data product summary information is put on the shelf for publication and display. Then, a notification of successful upload of the data product summary information is returned to the supplier connector.
[0058] In some embodiments, the summary information is pre-configured by the supplier, submitted to the trusted data space, and generated after being reviewed and approved by the administrator. The data product summary information includes: data product name, data product purpose, price, usage examples, precautions, etc. This data can clearly indicate the characteristics of the data product, making it easier for the customer to select based on their own needs.
[0059] Optionally, the trusted data space can be manually reviewed by the administrator to ensure the reasonableness of the data product summary information and whether the supplier's qualifications meet the transaction requirements. Only after the review is passed can the data be listed.
[0060] In some embodiments, the negotiation transaction process includes an order negotiation process: The demand connector initiates a negotiation request, including order terms, to the supplier connector based on the summary information of the target data product. The supplier connector and the buyer connector negotiated the order terms in multiple rounds until both parties reached an agreement on all order terms.
[0061] like Figure 3 As shown, the order negotiation process is the process by which the supply and demand parties reach an agreement on the transaction terms, specifically including steps S104 to S105: S104: The demand connector initiates a request to the trusted data space to view the summary information of the data products. The trusted data space returns the corresponding summary information of the data products to the demand connector. Based on the summary information, the demand connector submits the order quotation information and its own network access VC to the supplier connector, and formally initiates an order negotiation request. The negotiation content may include order terms such as data product quotation, usage duration, and demand entity information. The specific details can be flexibly adjusted according to the business needs of both the supplier and the demand.
[0062] S105: After receiving the order quotation information, the supplier connector initiates a VC validity verification request to the Trusted Data Identity Chain. After successful verification, it reviews the order quotation submitted by the customer and provides feedback to the customer connector on whether it accepts the quotation. If it does not accept the quotation, the customer connector can update the order quotation information and resubmit it. After multiple rounds of negotiation, the order negotiation is completed until the supplier connector accepts the customer's order quotation.
[0063] In one specific embodiment, multi-round negotiation can manifest as follows: the supplier's initial price is 10,000 yuan for 30 days; the buyer's initial price is 9,000 yuan for 40 days. After receiving the initial price, the supplier proposes an adjustment to 9,000 yuan for 30 days; the buyer then updates the price to 10,000 yuan for 40 days, and finally the supplier agrees to the price, completing the negotiation. It should be noted that multi-round negotiation is essentially an interactive process of quoting and acceptance; it doesn't necessarily involve multiple rounds. The price may be accepted immediately, for example, if the quoted price is completely consistent with the initial price, the supplier can accept it directly, and the negotiation can be completed in a single interaction.
[0064] The data product verification process is a core step in ensuring that data products meet the needs of users, and zero-knowledge proof technology is used to achieve a balance between privacy protection and validity verification.
[0065] In some embodiments, the negotiation transaction process includes a data product verification process: The demand-side connector generates verification criteria for the availability of the data product and initiates a verification request to the supplier-side connector. The supplier connector generates a zero-knowledge proof based on the internal data of the data product it holds, according to the received verification standard. The demand-side connector performs local verification on the received zero-knowledge proof to confirm that the data product meets the verification criteria, thus completing the data product validity verification.
[0066] Figure 4 A flowchart of a data product verification process for a data product negotiation and transaction system based on a trusted data spatial connector, according to an embodiment of the present invention, is disclosed. Figure 4 As shown, the data product verification process is divided into three core stages: the demand side generates verification standards, the supplier generates zero-knowledge proofs, and the demand side performs local verification. Specifically, it includes steps S106 to S109: S106: The buyer generates verification standards; In some embodiments, the verification criteria defined by the demander are abstract descriptions of the attributes, quality requirements, or business rules that the data product should meet based on the demander's own business objectives. These include parameterized constraints of types such as data range conditions, threshold requirements, statistical characteristics, logical relationships, and data structures. They are used to express the demander's judgment criteria on the usability of the data product without exposing the demander's real data and internal rules.
[0067] The demand-side connector has a built-in library of predefined zero-knowledge proof verification templates. For example... Figure 4In the illustrated embodiment, the demander accesses a predefined zero-knowledge proof verification template library through the demander connector based on business requirements, and selects an applicable verification template type. The verification template type includes one or more of the following: data range verification template, statistical feature verification template, logical relationship verification template, and data structure verification template. These templates are used to generate verification standards for the usability of data products through parameterized configuration.
[0068] For different verification template types, the corresponding verification conditions are filled in through parameterized configuration: Furthermore, the data range validation template is used to verify whether data fields are within a specified range; the statistical feature validation template is used to verify whether statistical feature functions such as the mean, median, or distribution characteristics of the dataset meet the set conditions; the logical relationship validation template is used to verify whether the logical constraints between data fields are valid; and the data structure validation template is used to verify whether the data pattern, field type, or relational structure meets expectations.
[0069] Based on the above parameterized configuration, a structured verification standard for the availability of data products is generated. The demand connector initiates a data product verification request to the supplier connector based on this verification standard.
[0070] This verification standard is used to verify whether a supplier's data product meets the customer's business requirements without exposing the customer's actual input data or the internal structure of the supplier's data product.
[0071] S107: Supplier generates zero-knowledge verification circuit; Upon receiving a verification request, the supplier connector maps the verification logic to a corresponding zero-knowledge verification circuit based on the verification standards submitted by the customer and the attributes of its own data product. This enables the supplier to build provable verification logic without disclosing the specific content of the data product.
[0072] In some embodiments, the supplier connector has a built-in circuit template library, which is used to parse the constraints and corresponding template types in the verification standards submitted by the customer connector, extract the corresponding circuit segments from the circuit template library, and logically combine them to form a complete zero-knowledge verification circuit.
[0073] In some embodiments, the specific generation process of the zero-knowledge verification circuit includes the following steps: First, the supplier parses the various constraints in the verification request. and corresponding template types ; Then, based on the template type, the corresponding circuit fragment is extracted from the circuit template library. and the template parameters provided by the customer Injecting circuit segments, namely: ; in, Template parameters (range, threshold, logical formula, etc.) are provided by the customer.
[0074] Finally, the circuit segments are combined according to the verification logic relationships set by the customer to form a complete zero-knowledge verification circuit. The supplier connector is based on a complete circuit. and supplier private data This allows the generation of zero-knowledge proofs. .
[0075] Zero-knowledge verification circuits are computational models that represent verification logic in a circuit form. Their core purpose is to verify data constraints without revealing private data content. This circuit maps the verification criteria defined by the client (such as data range conditions, statistical characteristics, logical relationships, and data structure consistency) into computable constraint modules. Each module processes the client's private inputs through arithmetic and Boolean operations and outputs the verification result. By combining multiple modules to form a complete verification circuit, it ensures that verification only calculates the true content of the data product within the circuit. Externally, only the verification result itself is available, and the specific values, distributions, or other sensitive information of the client's data cannot be inferred. This achieves a balance between the verifiability of the data product's internal attributes and complete privacy protection.
[0076] Zero-knowledge proof is a cryptographic computational model that encodes the verification logic into a directed acyclic graph composed of arithmetic and Boolean gates. During execution, this model only exposes the public input parameters and the final verification result; the internal processing of the provider's private data remains completely invisible, thus achieving ultimate privacy protection. The physical implementation of this model primarily relies on CPUs and GPUs for computation; optionally, using dedicated FPGA / ASIC chips can significantly improve the proof generation speed.
[0077] In some embodiments, the supplier connector generates a completely new zero-knowledge verification circuit each time. This is because the current circuit is generated based on a preset template, parameter instantiation, and dynamic combination. By slightly adjusting any part of the process (such as the parameter values in the dynamic combination or the order of module combination), a completely different circuit structure can be generated, which helps to further improve the security of the verification process and reduce the risk of being maliciously cracked.
[0078] The underlying logic of the circuit is implemented using composable arithmetic and Boolean operation units. Each circuit segment corresponds to a verifiable constraint module. By combining input parameters and supplier private data, the constraint conditions are verified and calculated, forming a standardized mathematical expression that can be executed in a zero-knowledge environment.
[0079] The mathematical implementation of the circuit segment for data range verification can be represented as follows: ; in, For the individual data items that need to be verified, This is the lower bound of the definition of the data. This is the upper limit defined for this data.
[0080] Furthermore, the circuit segment for statistical feature verification is implemented to process the supplier's private input. The weighted summation or counting operation is performed through arithmetic and comparison gates within the circuit to determine whether the threshold condition set by the demand side is met. The corresponding expression is: ; in, These are statistical functions, such as mean, median, and distribution ratio. Set a threshold for the demand side.
[0081] Furthermore, the circuit segment for verifying logical relationships uses Boolean gates to calculate complex logical expressions, the corresponding expressions being: ; in, , , This refers to the corresponding fields of the supplier's data or intermediate calculation results generated during the calculation process.
[0082] Furthermore, the data structure verification circuit segment uses a dedicated circuit module to verify whether the data field type and schema meet the constraints. The corresponding expression is:
[0083] This expression is a universal conjunction logical judgment that requires all data fields to pass both type validation and pattern validation before the entire structure consistency verification is considered successful.
[0084] in, , is a collection of supplier data fields; Field types defined for the demand side Pattern constraints The set, i.e. ; To determine the field Is the data type equal to the field type? (e.g., int, string, bool); Used to determine fields Does the value conform to the given pattern rules? (Such as regular expressions, enumeration values, length limits, etc.).
[0085] Finally, the complete zero-knowledge verification circuit. It can be represented as a function of logical combinations of circuit segments, and the corresponding expression is:
[0086] in, Input the demand-side template parameters and public constraints.
[0087] S108: Supplier generates zero-knowledge proof
[0088] The zero-knowledge verification circuit generated by the supplier connector. It uses its own internal private data from its data products as input to generate corresponding zero-knowledge proofs. and zero-knowledge proof Send to the demand connector, zero-knowledge proof It outputs only the minimal validation results, without including any original content of the supplier data.
[0089] In some embodiments, supplier private data w is raw data held by the supplier that it does not wish to disclose (such as sensitive fields in a user credit scoring service, such as income, debt, and historical repayment records). The supplier uses zero-knowledge proofs to demonstrate to the demander that the data product meets the verification criteria without revealing any specific values.
[0090] For example, if the data product is a user credit scoring service, the private data w includes sensitive fields such as the user's income, debt, and historical repayment records. The supplier can prove to the demand side with zero-knowledge proof that "the user's credit score is ≥700" without disclosing any specific value.
[0091] In some embodiments, after generating the zero-knowledge verification circuit, the supplier connector performs a trusted setup process to generate a key pair: a proof key. and verification key Among them, the proof key Used by the supplier to generate zero-knowledge proof π. They are then pre-distributed and fixed in the customer's connector, corresponding to It contains the encoding of public parameters and public inputs for subsequent local verification by the demand side.
[0092] S109: Local verification by the buyer; Customer connectors utilize zero-knowledge verification circuits Corresponding public verification parameters and verification key Zero-knowledge proofs submitted by the supplier Perform local verification and execute the local verification algorithm. Output a Boolean verification result: if the verification is valid, it means that the supplier's data product strictly meets the business verification conditions set by the customer; if it is invalid, the data product has failed the verification.
[0093] Optional, local verification algorithm This is a cryptographic verification algorithm based on bilinear pairing.
[0094] In some embodiments, the buyer's local verification of the zero-knowledge proof submitted by the supplier refers to the buyer's connector performing an independent, complete, and tamper-proof mathematical verification process on the supplier's proof results using publicly available verification parameters corresponding to the circuit, without obtaining any data content from the supplier. This verification only determines whether the proof meets the business conditions defined in the verification template, without involving the recalculation or reproduction of the supplier's data, nor exposing the buyer's business logic or input parameters, thereby ensuring the credibility, independence, and privacy protection of the verification process.
[0095] In some embodiments, the local verification algorithm It is not generated temporarily during verification, but rather integrated with the zero-knowledge verification circuit. A deterministic verification procedure is generated and deployed in the demand-side connector. After receiving π, the demand side calls the locally stored vk and its own publicly held parameter x to perform the verification operation and output a Boolean result. This process does not rely on the supplier's participation, does not access any private data, and can be completed in constant time, thus achieving efficient, independent, verifiable, and privacy-preserving verification.
[0096] In some embodiments, the negotiation transaction process includes an order signing process: After the order terms are agreed upon and the data product is verified, the supplier connector and the buyer connector each use their own private keys to complete the order signing. After both parties complete the signing, the key order information will be submitted to the Trusted Data Identity Chain for verification.
[0097] The order signing process is a crucial step in ensuring that transactions are non-repudiable and tamper-proof, specifically step S110: S110: After the zero-knowledge proof verification is successful, the buyer confirms the result and completes the order signing through the connector; subsequently, the supplier connector also completes the signing step according to the negotiated terms. The order signing process is completed by both connectors using their respective private keys. After the order is signed, the supplier connector submits the order to the blockchain for notarization to ensure that the transaction is non-repudiable and tamper-proof.
[0098] In some embodiments, an order signing contract is deployed on a trusted data identity chain for order signing agreements reached between the supplier and the buyer. Furthermore, the order signing contract includes the following fields: supplier DID, buyer DID, order metadata (encrypted), supplier signature, buyer signature, order status, and timestamp.
[0099] The order metadata consists of encrypted order information, including order number, transaction terms, supplier, buyer company name, legal representative name, etc.; the order status includes three types: pending signing, buyer has signed, and supplier has signed.
[0100] Both the supply and demand parties complete the order signing using their respective private keys, ensuring that the signing process is non-repudiable. After the contract is stored on the blockchain, the order information becomes tamper-proof and traceable, providing a reliable basis for subsequent supervision and auditing.
[0101] In some embodiments, the negotiation transaction process includes a trusted data product transmission process: The supplier connector provides secure data product transmission services to the authenticated customer connector in accordance with the signed order terms. The demand connector receives and applies the data product.
[0102] The trusted transmission process for data products is the final step in the transaction, specifically step S111: S111: After the order is signed, the supplier connector will provide data product transmission services to the buyer connector. The buyer can then use the data products for further applications after receiving the data.
[0103] In some embodiments, the supplier connector may use encrypted transmission methods (such as SSL / TLS protocol) to transmit data products, further ensuring the integrity and confidentiality of the data products during transmission.
[0104] To more clearly understand the data product verification process of this invention, the following example, using a specific application scenario of bank credit assessment data procurement, provides a concrete illustration of the entire process, including verification standard construction, zero-knowledge verification circuit generation, zero-knowledge proof generation, and local verification. Figure 4 The verification process shown is completely consistent.
[0105] In some embodiments, the buyer is a bank that wants to purchase user credit assessment data products from a third-party credit agency (the supplier) for loan approval assessment.
[0106] The supplier possesses a large amount of users' private data, such as age, savings, monthly income, address, workplace, and loan repayment records. This data must absolutely not be disclosed directly to banks. Banks need to verify whether the data product meets risk control requirements without accessing users' private data.
[0107] To address the risk control verification requirements under the premise of privacy protection, this invention utilizes zero-knowledge proof technology to achieve effective verification without data leakage between the two parties. The specific process is as follows: The bank accesses a pre-configured zero-knowledge proof verification template library through the demand-side connector, selects four types of verification templates based on risk control objectives, completes parameterized configuration, and finally generates a structured verification standard. The specific steps are as follows: S201 Data Range Validation Configuration: Select the data range validation template, specify the age field, and parameterize the value range as [25, 80], indicating that "the applicant's age should be between 25 and 80 years old"; S202 Statistical Feature Verification Configuration: Select the statistical feature verification template, select the statistical function as mean (average value), define the field mean_income (average monthly income), and parameterize the threshold to ≥8000, indicating that "the applicant's average monthly income in the past year needs to be greater than 8000". S203 Logical Relationship Verification Configuration: Select the logical relationship verification template and define the logical expression as has_overdue==false (no overdue loan), which means "the applicant should not have any overdue loan records"; S204 Data Structure Validation Configuration: Define the type and pattern constraints of data fields: the field age is an integer (int), mean_income is a floating-point number (float), and has_overdue is a boolean number (bool), which means that "the data must contain the above fields and the data types must match".
[0108] The demand-side connector serializes the above four types of templates and corresponding parameters into a structured verification standard, and formally initiates a data product verification request to the supplier connector. This process only transmits the structured verification standard, including the template type and parameters, without exposing the bank's risk control rules details or the supplier's privacy data.
[0109] After receiving the verification standard, the supplier connector extracts and combines the corresponding circuit fragments from the built-in circuit template library based on the template type and parameters to generate a complete zero-knowledge verification circuit. The specific process is as follows: S301 Analytical Verification Standard: Supplier Connector Analytical Structured Verification Standard, identifying four types of constraints and their corresponding template types: , , , ; in, For data range validation template, This serves as a template for validating statistical features. This is a template for validating logical relationships. This is a template for validating data structures. S302 Extracting Circuit Fragments: Extracts the corresponding circuit fragment from the circuit template library based on the template type. And inject the parameters provided by the customer. The corresponding expression is: ; Among them, data range segments Inject the corresponding parameters Generate a range verification circuit, implemented as follows: ; Statistical feature fragments Inject the corresponding parameters Generate a range verification circuit, implemented as follows: ; Logical relationship fragments Inject the corresponding parameters Generate logic verification circuit to achieve ; Data Structure Fragments Inject the corresponding parameters Generate a structure verification circuit to achieve .
[0110] S303 Combinatorial Complete Circuit: Combines various circuit segments according to verification logic relationships to form a complete zero-knowledge verification circuit. ,in, Input the demand-side template parameters and public constraints. w This includes provider privacy data (such as age, mean income, has overdue, etc.).
[0111] S304 Supplier generates zero-knowledge proof: The supplier connector executes the trusted setup process to generate the proof key. and verification key :in It is held by the supplier and used to generate zero-knowledge proofs; It is pre-distributed and embedded in the demand connector. Subsequently, the supplier connector uses the privacy data w as input to run the complete verification circuit. Generate zero-knowledge proofs Zero-knowledge proof Send to the demand connector.
[0112] In this process, the supplier only transmits proof π to the demander without disclosing any privacy data details, thus achieving the privacy protection goal of "verification results are provable, and original data is unknown".
[0113] S305: The customer's connector receives the zero-knowledge proof. Then, combined with the publicly available verification parameters they possess. and pre-configured verification key Execute local verification algorithm Verification complete.
[0114] Taking the Groth16 protocol, commonly used in the field of zero-knowledge proofs, as an example, the local verification algorithm... At its core is a mathematical comparison operation based on elliptic curve bilinear pairing, used to determine whether a set of undisclosed private data exists. This makes the privacy data Under the condition that all constraints set by the demand side are met, the constructed zero-knowledge verification circuit can pass. If the comparison result is valid, the verification algorithm returns "true", indicating that the supplier's data product does indeed meet all the availability requirements proposed by the buyer; otherwise, it returns "false", indicating that the data product has failed the verification and the buyer can refuse to purchase the data product.
[0115] As can be seen from the above examples, the data product negotiation and transaction system based on the trusted data space connector proposed in this invention can effectively verify the availability of data products without disclosing the privacy data of both the supply and demand sides through zero-knowledge proof technology. At the same time, it combines blockchain technology to realize identity authentication and order storage, and realizes decentralized transaction interaction through the trusted data space connector, effectively solving the defects of the existing technology and improving the security, privacy and traceability of data product transactions.
[0116] Based on the aforementioned data product negotiation and transaction system based on a trusted data space connector, this invention also proposes a data product negotiation and transaction method based on a trusted data space connector.
[0117] Figure 5 A flowchart illustrating the steps of a data product negotiation and transaction method based on a trusted data spatial connector according to an embodiment of the present invention is disclosed, as follows: Figure 5 As shown, the data product negotiation and transaction method based on a trusted data spatial connector proposed in this invention includes the following steps: Step S1: The supplier connector and the demand connector are initialized, and based on the trusted data identity chain and trusted data space, they complete their own digital identity registration and the acquisition and storage of verifiable credentials on the chain. Step S2: The supplier connector publishes the data product summary information to the trusted data space; Step S3: Based on the published summary information, the buyer connector negotiates the order terms with the supplier connector after completing mutual identity verification; Step S4: During the negotiation process, the demand connector generates a verification standard for the availability of the data product, and the supplier connector generates a zero-knowledge proof based on the verification standard to verify the effectiveness of the data product. Step S5: After the order terms are agreed upon and the data product is verified, the supplier connector and the buyer connector sign the order and upload the order information to the blockchain for evidence storage. Step S6: The supplier connector transmits data products to the customer connector.
[0118] In some embodiments, the demand-side connector generates verification criteria for the availability of the data product, including: The demand connector selects one or more verification templates from a predefined library of zero-knowledge proof verification templates. The validation conditions of the selected template are filled in using a parameterized method to generate structured validation criteria.
[0119] In some embodiments, the supplier connector generates a zero-knowledge proof according to the verification criteria, including: The supplier connector parsing and verification standard extracts and combines corresponding circuit fragments from the local circuit template library to dynamically generate zero-knowledge verification circuits. The zero-knowledge verification circuit is run, and the zero-knowledge proof is generated by taking the internal data of the supplier's data product as input.
[0120] In some embodiments, after generating the zero-knowledge verification circuit, the supplier connector generates a proof key and a verification key, and pre-configures the verification key in the demand connector; The demand-side connector uses the verification key to perform local verification of the received zero-knowledge proof.
[0121] Although the methods described above are illustrated and depicted as a series of actions for the sake of simplicity, it should be understood and appreciated that these methods are not limited by the order of the actions, as some actions may occur in a different order and / or concurrently with other actions from the illustrations and descriptions herein or not illustrated and described herein but which may be understood by those skilled in the art, according to one or more embodiments.
[0122] Given that the data product negotiation and transaction method based on a trusted data space connector described in this invention is constructed based on the architecture and working principle of the aforementioned system embodiments, the method embodiments and system embodiments correspond to each other. Therefore, any aspects not detailed in the method embodiments can be understood by referring to the relevant descriptions in the system embodiments; similarly, any aspects not detailed in the system embodiments can also be understood by referring to the descriptions in the method embodiments. Those skilled in the art can fully implement all the technical solutions of this invention after reading the system embodiments and method embodiments in conjunction with them.
[0123] This invention provides a data product negotiation and transaction system and method based on a trusted data spatial connector, which has the following beneficial effects: 1) Construct a complete data product transaction process to achieve credible negotiation and agreement between supply and demand parties: Incorporate the entire process of negotiation, data product verification and order contract signing into a credible design to ensure the transparency and security of the transaction process, effectively overcoming the technical defects of existing technologies that lack pre-transaction negotiation and product verification mechanisms; 2) Achieve on-chain evidence storage and verifiable traceability of transaction agreements and order contracts: Contract texts, verification results and transaction terms generated by the supply and demand parties during the negotiation and signing process can be stored on the blockchain. The results of each stage can be verified independently, which fundamentally solves the problems of lack of credible traceability and susceptibility to tampering of agreements and contracts in existing technologies. 3) Enhance the privacy and security of data products: By introducing zero-knowledge proof technology and dynamic circuit generation mechanism, suppliers can generate verifiable proofs without disclosing data content, and customers can complete the verification without exposing business inputs; at the same time, combined with decentralized data space connectors, multi-role collaboration is realized, completely eliminating the dependence on centralized platforms and significantly enhancing the privacy and security of data transactions.
[0124] As indicated in this application and claims, unless the context clearly indicates otherwise, the words "a," "an," "an," and / or "the" are not specifically singular and may include plural forms. Generally speaking, the terms "comprising" and "including" only indicate the inclusion of explicitly identified steps and elements, which do not constitute an exclusive list, and the method or apparatus may also include other steps or elements.
[0125] Those skilled in the art will understand that information, signals, and data can be represented using any of a variety of different techniques and skills. For example, the data, instructions, commands, information, signals, bits, symbols, and chips described throughout the above description can be represented by voltage, current, electromagnetic waves, magnetic fields or magnetic particles, light fields or optical particles, or any combination thereof.
[0126] Those skilled in the art will further appreciate that the various illustrative logic blocks, modules, circuits, and algorithm steps described in conjunction with the embodiments disclosed herein can be implemented as electronic hardware, computer software, or a combination of both. To clearly illustrate this interchangeability between hardware and software, the various illustrative components, blocks, modules, circuits, and steps are described above in a generalized manner in terms of their functionality. Whether such functionality is implemented as hardware or software depends on the specific application and the design constraints imposed on the overall system. Those skilled in the art may implement the described functionality in different ways for each specific application, but such implementation decisions should not be construed as departing from the scope of the invention.
[0127] The various illustrative logic modules and circuits described in conjunction with the embodiments disclosed herein may be implemented or performed using a general-purpose processor, a digital signal processor (DSP), an application-specific integrated circuit (ASIC), a field-programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein. The general-purpose processor may be a microprocessor, but in alternatives, it may be any conventional processor, controller, microcontroller, or state machine. The processor may also be implemented as a combination of computing devices, such as a combination of a DSP and a microprocessor, multiple microprocessors, one or more microprocessors cooperating with a DSP core, or any other such configuration.
[0128] The steps of the methods or algorithms described in conjunction with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of both. The software module may reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, removable disk, CD-ROM, or any other form of storage medium known in the art. An exemplary storage medium is coupled to a processor such that the processor can read and write information to / from the storage medium. In an alternative, the storage medium may be integrated into the processor. The processor and storage medium may reside in an ASIC. The ASIC may reside in a user terminal. In an alternative, the processor and storage medium may reside as discrete components in the user terminal.
[0129] The above embodiments are provided for those skilled in the art to implement or use the present invention. Those skilled in the art can make various modifications or changes to the above embodiments without departing from the inventive concept of the present invention. Therefore, the protection scope of the present invention is not limited to the above embodiments, but should be the maximum scope that conforms to the innovative features mentioned in the claims.
Claims
1. A data product negotiation and transaction system based on a trusted data spatial connector, characterized in that, include: A trusted data identity chain is configured to store digital identity identifiers and verifiable credentials of participants, including suppliers and demanders. A trusted data space is configured to issue and manage verifiable credentials for participants, as well as publish summary information of data products, which is used by demanders to discover and select data products. A supplier connector, deployed on the supplier side, is configured to publish the supplier's data product summary information to the trusted data space; The demand-side connector, deployed on the demand side, is configured to initiate a negotiated transaction request to the supplier connector based on data product summary information obtained from the trusted data space. The supplier connector and the demand connector are both trusted data space connectors, used to jointly execute the negotiation transaction process after completing identity authentication based on their respective digital identity identifiers and verifiable credentials, and submit key transaction information to the trusted data identity chain for storage.
2. The data product negotiation and transaction system based on a trusted data spatial connector according to claim 1, characterized in that, The negotiation and transaction process includes a data product verification process: The demand-side connector generates verification criteria for the availability of the data product and initiates a verification request to the supplier-side connector. The supplier connector generates a zero-knowledge proof based on the internal data of the data product it holds, according to the received verification standard. The demand-side connector performs local verification on the received zero-knowledge proof to confirm that the data product meets the verification criteria, thus completing the data product validity verification.
3. The data product negotiation and transaction system based on a trusted data spatial connector according to claim 1 or 2, characterized in that, The demand-side connector has a built-in predefined zero-knowledge proof verification template library: The zero-knowledge proof verification template library includes one or more of the following: data range verification template, statistical feature verification template, logical relationship verification template, and data structure verification template. It is used to generate verification standards for the usability of data products through parameterized configuration.
4. The data product negotiation and transaction system based on a trusted data spatial connector according to claim 1 or 2, characterized in that, The supplier connector has a built-in circuit template library, which is used to parse the constraints and corresponding template types in the verification standards submitted by the customer connector, extract the corresponding circuit segments from the circuit template library, and combine them logically to form a complete zero-knowledge verification circuit. The supplier connector uses its own data product's internal data as input to run the zero-knowledge verification circuit and generate the corresponding zero-knowledge proof.
5. The data product negotiation and transaction system based on a trusted data spatial connector according to claim 1, characterized in that, The negotiation and transaction process includes an order negotiation process: The demand connector initiates a negotiation request, including order terms, to the supplier connector based on the summary information of the target data product. The supplier connector and the buyer connector negotiated the order terms in multiple rounds until both parties reached an agreement on all order terms.
6. The data product negotiation and transaction system based on a trusted data spatial connector according to claim 1, characterized in that, The negotiation and transaction process includes an order signing process: After the order terms are agreed upon and the data product is verified, the supplier connector and the buyer connector each use their own private keys to complete the order signing. After both parties complete the signing, the key order information will be submitted to the Trusted Data Identity Chain for verification.
7. The data product negotiation and transaction system based on a trusted data spatial connector according to claim 1, characterized in that, The negotiation and transaction process includes a trusted data product transmission process: The supplier connector provides secure data product transmission services to the authenticated customer connector in accordance with the signed order terms. The demand connector receives and applies the data product.
8. The data product negotiation and transaction system based on a trusted data spatial connector according to claim 1, characterized in that, The supplier connector carries its own verifiable credentials and submits the data product summary information to the trusted data space; The trusted data space verifies the validity of the supplier connector's verifiable credentials and reviews the data product summary information. After the review is passed, the data product summary information is published and displayed.
9. The data product negotiation and transaction system based on a trusted data spatial connector according to claim 1, characterized in that, The supplier connector and the customer connector are also configured to perform an initialization process, which includes: The supplier connector and the demand connector respectively complete the initialization configuration and generate local public and private key pairs; The supplier connector and the demand connector apply for registration of digital identity identifiers with the trusted data space based on their own public keys. The trusted data space calls the identity contract deployed on the trusted data identity chain to generate the corresponding digital identity identifiers and store them on the chain. The supplier connector and the demand connector apply for verifiable credentials from the trusted data space based on their own public keys and registered digital identity identifiers. After the trusted data space approves the application, it issues verifiable credentials and calls the identity contract to update the verifiable credentials to the trusted data identity chain, thus completing the on-chain storage of verifiable credentials.
10. A data product negotiation and transaction method based on a trusted data spatial connector, implemented using the data product negotiation and transaction system based on a trusted data spatial connector as described in any one of claims 1 to 9, characterized in that, Includes the following steps: Step S1: The supplier connector and the demand connector are initialized, and based on the trusted data identity chain and trusted data space, they complete their own digital identity registration and the acquisition and storage of verifiable credentials on the chain. Step S2: The supplier connector publishes the data product summary information to the trusted data space; Step S3: Based on the published summary information, the buyer connector negotiates the order terms with the supplier connector after completing mutual identity verification; In step S4, during the negotiation process, the demand connector generates a verification standard for the availability of the data product, and the supplier connector generates a zero-knowledge proof based on the verification standard to verify the effectiveness of the data product. Step S5: After the order terms are agreed upon and the data product is verified, the supplier connector and the buyer connector sign the order and upload the order information to the blockchain for evidence storage. Step S6: The supplier connector transmits data products to the customer connector.
11. The data product negotiation and transaction method based on a trusted data spatial connector according to claim 10, characterized in that, The verification criteria for the availability of the data product generated by the demand-side connector include: The demand connector selects one or more verification templates from a predefined library of zero-knowledge proof verification templates. The verification conditions of the selected verification template are configured in a parameterized manner to generate structured verification standards.
12. The data product negotiation and transaction method based on a trusted data spatial connector according to claim 10, characterized in that, The supplier connector generates a zero-knowledge proof according to the verification standard, including: The supplier connector parsing and verification standard extracts and combines the corresponding circuit fragments from the local circuit template library to generate a zero-knowledge verification circuit. The zero-knowledge verification circuit is run, taking the internal data of the supplier's data product as input, to generate the zero-knowledge proof.
13. The data product negotiation and transaction method based on a trusted data spatial connector according to claim 12, characterized in that, After generating the zero-knowledge verification circuit, the supplier connector generates a proof key and a verification key, and pre-configures the verification key in the demand connector. The demand-side connector uses the verification key to perform local verification of the received zero-knowledge proof.