Blockchain-based overseas warehouse nutritional supplement full-link quality traceability method
By introducing a lightweight off-chain semantic repair proxy mechanism and a zero-knowledge commitment algorithm, the problem of limited granularity of on-chain and off-chain event linkage in the quality traceability system of nutritional supplement overseas warehouses is solved, realizing efficient and secure automated error correction and data repair, and improving the system's adaptability and user-friendliness.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- HUADA (MEIZHOU) BIOTECHNOLOGY CO LTD
- Filing Date
- 2026-03-23
- Publication Date
- 2026-06-19
AI Technical Summary
Existing overseas warehouse quality traceability systems for nutritional supplements have limited granularity in linking on-chain and off-chain events, making them unable to flexibly respond to abnormal scenarios and posing risks of high response latency, complex process load, and privacy leaks.
By introducing a lightweight off-chain semantic repair proxy mechanism, the original transaction context data when smart contract verification fails is obtained, structured failure semantic tags are generated, the lightweight proxy registry is used to match the off-chain semantic repair proxy, semantic reasoning is performed in combination with industry knowledge graph, a set of correction values is generated, and privacy encapsulation is performed through zero-knowledge commitment algorithm, and finally verification and recording are performed on the chain.
It significantly improves the ability to automatically analyze and process abnormal events, achieves high-precision and low-overhead automated error correction response, reduces information entropy loss and communication costs, enhances the system's adaptability and operational friendliness, and ensures the transparency and compliance of data governance.
Smart Images

Figure CN122243523A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of blockchain traceability and on-chain and off-chain smart contract collaborative repair technology, and in particular to a blockchain-based method for full-chain quality traceability of nutritional supplements in overseas warehouses. Background Technology
[0002] Currently, the mainstream technologies for overseas warehouse quality traceability systems for nutritional supplements rely on the immutable nature of blockchain data. On-chain smart contracts automatically execute data verification and process management across logistics, warehousing, testing, and supervision. Existing traceability solutions generally employ end-to-end structured transaction records, multi-layered smart contract verification, standardized batch coding, and logistics tracking to achieve transparent data flow and accountability across the international supply chain. Off-chain, modules for data acquisition, format conversion, and business logic restructuring are deployed to assist on-chain smart contracts in achieving compliance verification under high concurrency, multilingual, and multi-regulatory requirements. The collaboration between blockchain and off-chain data processing is an industry trend, with public application scenarios covering drug traceability, food safety, cross-border e-commerce, and customs supervision. Continuous optimization is being implemented around key technologies such as verification accuracy, process automation, and data privacy protection. Existing representative technologies are typically dominated by on-chain smart contracts, such as smart contract rule verification, failure rollback, automatic batch standard identification, and oracle error correction mechanisms. In transaction verification failure scenarios, they mainly rely on on-chain processing, including Boolean failure flags, transaction rollback, batch retries, and manual intervention. Some systems employ strategy-based distribution oracle models, formal verification patches, and asynchronous data comparison to improve off-chain collaboration capabilities, but most face limitations such as high response latency, complex process loads, and privacy leakage risks. For highly sensitive products such as nutritional supplements, industry standards require data structures based on FDA / EFSA batch specifications, GS1 international coding, and cross-border logistics data mapping, compatible with complex semantics such as multilingualism, multiple time zones, and batch traceability. However, the granularity of on-chain and off-chain event linkage is limited, making it difficult to flexibly handle abnormal scenarios. Summary of the Invention
[0003] In order to solve the above-mentioned technical problems, this invention provides a blockchain-based method for end-to-end quality traceability of nutritional supplements in overseas warehouses.
[0004] The technical solution of this invention is implemented as follows: a blockchain-based method for end-to-end quality traceability of nutritional supplements from overseas warehouses, comprising: S1: Obtain the original transaction context data when the smart contract verification fails, parse the input field name, original field value and expected data pattern based on the preset semantic annotation rules, and generate a structured failure semantic label containing failure type identifier and abstract error category; S2: Receive the structured failure semantic tags, perform a matching operation in the locally preset lightweight agent registry according to the error category in the tags, and generate an activation instruction and identity index pointing to the semantic repair agent under a specific chain; S3: Using the activation instruction to call the corresponding off-chain semantic repair agent, the hash-desensitized original input fragment and the structured failure semantic label are used as input, and semantic reasoning is performed based on the built-in industry knowledge graph to generate a set of candidate correction values with confidence ranking. S4: For the set of candidate correction values, a zero-knowledge commitment algorithm is used to encapsulate the data for privacy, and a verifiable repair suggestion summary package is generated by combining the correction basis description; S5: Submit the repair suggestion summary package to the on-chain verification contract, verify the validity of the summary based on the proxy identity whitelist and the scope of the pre-authorized knowledge base, and generate a secondary verification trigger signal; S6: In response to the secondary verification trigger signal, replay the correction logic of the off-chain semantic repair agent in the sandbox environment, confirm the data integrity by comparing the output hash consistency, and generate an anti-tampering confirmation certificate; S7: Write the correction result into the off-chain cache based on the tamper-proof confirmation certificate, and mark the original transaction status as a status identifier that is pending manual review and has been semantically aligned. S8: After detecting the change of the status identifier, extract the current transaction context snapshot and generate a low-interference pop-up prompt instruction, and push it to the operator terminal to complete the closed-loop feedback.
[0005] The blockchain-based method for end-to-end quality traceability of nutritional supplements from overseas warehouses provided by this invention has the following beneficial effects: (1) This invention significantly improves the automatic parsing and closed-loop processing capabilities of abnormal events by introducing a lightweight off-chain semantic repair proxy mechanism. The verification failure itself is modeled as a computable structured semantic signal. Without exposing the original sensitive data, a lightweight labeler deployed at the contract layer automatically extracts key metadata from the failure context—including the name of the error field, expected data pattern, failure type identifier, etc.—and generates abstract semantic tags, enabling the system to "understand" rather than merely "perceive" the error. This design effectively achieves standardized encapsulation and secure propagation of error information, providing an interpretable and routable technical foundation for subsequent off-chain intelligent responses, and significantly reducing information entropy loss and communication costs in cross-domain diagnosis.
[0006] (2) This invention constructs an off-chain semantic repair agent matching and execution system based on error category-driven mechanisms, achieving high-precision, low-overhead automated error correction response. A lightweight agent registry is pre-installed locally on the blockchain node, and the corresponding type of repair agent is dynamically activated based on the received failure semantic tags, such as time normalization agent and code completion agent, avoiding complex cross-chain calls and oracle intervention. The repair agent only receives hash-desensitized input fragments and semantic tags. Without accessing the complete transaction content or private key, it performs semantic reasoning based on the embedded industry knowledge graph (covering FDA / EFSA batch naming rules, GS1 verification logic, and cross-border logistics document mapping relationships) to generate a set of candidate correction values that meet regulatory compliance requirements and are format-compatible, along with confidence ranking and explanation of regulatory basis. The correction result is processed by zero-knowledge commitment to form a verifiable digest, which is submitted to the on-chain contract for execution of a lightweight secondary verification process: replaying the correction logic in a sandbox environment and comparing hash consistency to ensure data integrity and logical immutability. The entire process can achieve trusted semantic alignment without re-executing the original transaction on the blockchain or introducing an external audit module, which significantly shortens the time window from failure to suggestion output. It is especially suitable for actual operation scenarios of overseas warehouses with weak network, high concurrency, and mixed languages.
[0007] (3) This invention enhances the system's adaptability and user-friendliness by constructing a closed-loop architecture of "tag-driven - agent matching - knowledge guidance - verifiable correction". Since the repair suggestion package contains a clear description of the correction basis and a context snapshot, the operator can quickly determine whether to accept the recommended solution in a low-interference pop-up prompt, and retain the final decision-making power when necessary, thus achieving a smooth transition of human-machine collaboration. At the same time, all correction actions are recorded in the off-chain cache and marked with status, supporting post-event traceability and auditing, and ensuring the transparency and compliance of data governance. Attached Figure Description
[0008] Figure 1 The flowchart shows the blockchain-based overseas warehouse nutritional supplement end-to-end quality traceability method of the present invention. Figure 2 This is a sub-flowchart of the blockchain-based overseas warehouse nutritional supplement end-to-end quality traceability method of the present invention; Figure 3 This is another sub-flowchart of the blockchain-based overseas warehouse nutritional supplement end-to-end quality traceability method of the present invention. Detailed Implementation
[0009] Embodiments of the present invention are described in detail below, examples of which are shown in the accompanying drawings, wherein the same or similar reference numerals denote the same or similar elements or elements having the same or similar functions throughout. The embodiments described below with reference to the accompanying drawings are exemplary and are only used to explain the present invention, and should not be construed as limiting the present invention.
[0010] The following disclosure provides many different embodiments or examples for implementing different structures of the invention. To simplify the disclosure, specific examples of components and arrangements are described below. Of course, these are merely examples and are not intended to limit the invention. Furthermore, reference numerals and / or letters may be repeated in different examples; such repetition is for simplification and clarity and does not in itself indicate a relationship between the various embodiments and / or arrangements discussed.
[0011] like Figure 1 As shown, this invention provides a blockchain-based method for end-to-end quality traceability of nutritional supplements from overseas warehouses, specifically including: S1: Obtain the original transaction context data when the smart contract verification fails, parse the input field name, original field value and expected data pattern based on the preset semantic annotation rules, and generate a structured failure semantic label containing failure type identifier and abstract error category; S2: Receive the structured failure semantic tags, perform a matching operation in the locally preset lightweight agent registry according to the error category in the tags, and generate an activation instruction and identity index pointing to the semantic repair agent under a specific chain; S3: Using the activation instruction to call the corresponding off-chain semantic repair agent, the hash-desensitized original input fragment and the structured failure semantic label are used as input, and semantic reasoning is performed based on the built-in industry knowledge graph to generate a set of candidate correction values with confidence ranking. S4: For the set of candidate correction values, a zero-knowledge commitment algorithm is used to encapsulate the data for privacy, and a verifiable repair suggestion summary package is generated by combining the correction basis description; S5: Submit the repair suggestion summary package to the on-chain verification contract, verify the validity of the summary based on the proxy identity whitelist and the scope of the pre-authorized knowledge base, and generate a secondary verification trigger signal; S6: In response to the secondary verification trigger signal, replay the correction logic of the off-chain semantic repair agent in the sandbox environment, confirm the data integrity by comparing the output hash consistency, and generate an anti-tampering confirmation certificate; S7: Write the correction result into the off-chain cache based on the tamper-proof confirmation certificate, and mark the original transaction status as a status identifier that is pending manual review and has been semantically aligned. S8: After detecting the change of the status identifier, extract the current transaction context snapshot and generate a low-interference pop-up prompt instruction, and push it to the operator terminal to complete the closed-loop feedback.
[0012] Step S1: Obtain the original transaction context data when the smart contract verification fails, and parse the input field names, original field values, and expected data patterns based on preset semantic annotation rules to generate structured failure semantic tags containing failure type identifiers and abstract error categories. Specifically, this includes: S1.1: Obtain the original transaction context data when the smart contract verification fails, and extract the set of input field names, the sequence of original field values, and the definition of expected data patterns that triggered the failure based on the abnormal event listening mechanism, so as to form the original information package of verification failure to be parsed; Regarding the logical position of this sub-step within the main step, its function is to accurately capture the original transaction context information and form a parsing information package that can be used for subsequent semantic annotation and parsing at the instant that smart contract verification fails. Input conditions include the failure event signal issued by the on-chain verification module, the event description object output by the abnormal event listening mechanism, and the original transaction data storage reference bound to the event. Based on the abnormal event listening mechanism, an event subscriber is loaded on the blockchain node side to perform real-time monitoring of the state variable changes in the smart contract verification process, capture the event object triggered by the verification failure and deconstruct the unique event identifier and timestamp; Using the event's unique identifier as a key, access the on-chain transaction storage interface, extract the set of original transaction input field names associated with the identifier, and store the field set in the memory cache as a structured list in conjunction with the transaction metadata parsing format; An on-chain transaction parser is used to perform raw value retrieval on the extracted transaction input field names, access the transaction log in the off-chain cache, extract the raw value sequence of the fields and compare it with the on-chain hash value to ensure that the extracted data is consistent with the blockchain record. The preset data pattern management component is invoked to retrieve the corresponding expected data pattern definition by field name. The pattern definition includes standardized parameters such as data type, regular expression constraints, numerical range, and timestamp format, forming a pattern definition list that corresponds one-to-one with the input field name. The set of field names, the sequence of original field values, and the definition of the expected data pattern are encapsulated into a verification failure original information package according to a unified serialization protocol, and an event timestamp and a unique transaction identifier are attached to ensure the traceability and integrity of the information package in subsequent processing stages. By using a distributed cache synchronization mechanism, the information packet is stored in an off-chain high-speed cache cluster, which is then called by the downstream syntax tree mapping process, thus achieving the standardized acquisition and secure sealing of the original verification failure context data. For example, in the blockchain node for quality traceability of nutritional supplements in overseas warehouses, the abnormal event listening mechanism is configured to listen to the status variable "verify_status" of the contract address "0x9fa...". When its value changes from "pass" to "fail", the event subscriber is triggered. The subscriber captures event ID=98432 with a timestamp of 2024-06-12T08:45:23Z. The system accesses the on-chain transaction storage interface and extracts the original transaction input field name set as ["batch_id","expiry_date","signature"]. The original value sequence of the fields is "AB12345", "2024 / 06 / 12 08:45", "null", which is consistent with the hash value of the on-chain record. The expected data pattern definition includes that batch_id should satisfy the GS1 standard regular expression. The expiry_date should conform to ISO 8601 UTC format. The signature must be a Base64 encoded string and not empty. The system encapsulates the above field set, original values, and pattern definitions into a packet {"event_id":98432,"timestamp":"2024-06-12T08:45:23Z","fields":[{"name":"batch_id","value":"AB12345","pattern":"GS1"},{"name":"expiry_date","value":"2024 / 06 / 12 08:45","pattern":"ISO8601"},{"name":"signature","value":"null","pattern":"Base64"}]} according to the JSON-LD protocol, and stores it in the off-chain cache shard index key="failctx:98432". This processing has a delay in weak network environments. This process is completed internally, ensuring that the context data is complete, verifiable, and has a normalized structure when downstream syntax tree mapping processes are called. S1.2: Perform syntax tree mapping processing on the set of input field names in the original verification failure information package, and convert the field names into standard term indexes based on the preset industry ontology library to generate a standardized field identifier list with unified naming specifications; Perform syntax tree mapping processing on the set of input field names in the original verification failure information package obtained from step S1.1. First, load the node index structure of the pre-set industry ontology library as the mapping reference framework to ensure that the one-to-one correspondence between field names and industry standard terms can be retrieved. The set of input field names is segmented into words according to the character sequence, and an abstract syntax tree structure is constructed based on contextual dependencies to represent the prefixes, core stems and suffixes of the field names in the form of hierarchical nodes. The syntax tree traversal algorithm is invoked to visit nodes sequentially. During the visit, the stem of each syntax node is compared with the standard terminology entries defined in the industry ontology database using a combination of exact and fuzzy matching. The matching similarity is calculated using the Levenshtein distance, calculated using the following formula: in To edit the distance function, Stemming for field names, For standard terminology entries, Indicates the string length. To obtain the maximum character length of the field stem and standard terminology; Matching results with similarity scores higher than a preset threshold are stored in a temporary mapping table and appended with a unique term index code. For nodes that fail to match, a reverse search is performed by calling the synonym mapping table in the ontology library to ensure that all semantic forms of field names can be converted into a uniformly standardized term index. Finally, the matching results of all syntax tree nodes are reorganized into a standardized list of field identifiers according to the original field name set, and output in the form of a structured array for subsequent difference comparison calculations. By using a dual mapping process based on syntax trees and industry ontology libraries, the original set of field names from the previous step is transformed into a standardized list of field identifiers with unified naming conventions and comparable public semantics, thereby achieving the expected technical effect of field semantic consistency in cross-border nutritional supplement warehousing data verification scenarios on the blockchain. For example, in a quality traceability scenario for nutritional supplements in an overseas warehouse, the original verification failure information package contains a set of field names ["batchNum","prodTime","locCode"], whose corresponding standard terms in the industry ontology are "batch number", "production time", and "warehouse location code". After word segmentation and construction of a syntax tree, the stems such as "batch" and "batch number" are matched. Based on the edit distance d("batch","batch number")=5 and len("batch")=5, len("batch number")=2, the similarity is calculated as follows: The result is 0, indicating a match failure. The synonym mapping table is called to identify "batchNum" as "batch number" and assign it index ID=ST001. "prodTime" matches "production time" with a similarity of 0.8, which is higher than the threshold of 0.75, so it is directly assigned index ID=ST002. "locCode" matches "warehouse location code" with a similarity of 0.78, also higher than the threshold, so it is assigned index ID=ST003. Finally, a standardized field identifier list [ST001,ST002,ST003] is output, achieving consistency in field identification. Subsequent difference comparison steps can significantly improve the accuracy of deviation feature extraction and the stability of on-chain semantic annotation based on this. S1.3: The original value sequence of the field is compared with the expected data pattern definition using the standardized field identifier list. Based on the regular expression matching algorithm and data type verification logic, specific deviation features are identified to output the original difference feature vector containing format mismatch or temporal conflict features. S1.4: Perform semantic classification reasoning based on the original difference feature vector, and use the failure type classifier to map the specific deviation features to a predefined abstract error category space to generate a preliminary failure type identifier indicating format mismatch or missing signature domain attributes; S1.5: Perform structured encapsulation processing on the preliminary failure type identifier and the standardized field identifier list, and construct a structured failure semantic label containing failure type identifier and abstract error category based on the JSON-LD serialization protocol to complete the standardized output of verification failure information for downstream modules to call.
[0013] Step S2: Receive the structured failure semantic tags, perform a matching operation in the locally pre-set lightweight proxy registry according to the error category in the tags, and generate an activation instruction and identity index pointing to a specific off-chain semantic repair proxy. Specifically, this includes: S2.1: Parse the received structured failure semantic tags, extract the encapsulated failure type identifier field and abstract error category field to obtain key index values for subsequent matching logic, and ensure the standardization and usability of input data; S2.2: Access the local pre-built lightweight proxy registry based on the extracted key index key value, and use a hash lookup algorithm to search the proxy metadata directory in the registry to locate the predefined mapping entry that is completely consistent with the current abstract error category. S2.3: Read the associated agent configuration parameters based on the located predefined mapping entries, and verify the running status flag and resource availability indicators of the semantic repair agent under the target chain to confirm that the agent has the execution conditions to respond to the activation command in an instant. S2.4: Using the unique identifier of the target off-chain semantic repair agent that has been confirmed to meet the execution conditions, and combined with the session token of the current transaction context, construct an activation instruction data packet containing call parameters and authorization credentials to generate the final activation instruction and identity index pointing to the specific off-chain semantic repair agent; After receiving the agent configuration parameters and running status flag verification results from step S2.3 as input conditions, and determining that the semantic repair agent under the target chain has the conditions for immediate response execution, the unique identifier of the agent in the registry is extracted and converted into a fixed-length binary identifier to meet the requirements of the subsequent encapsulation protocol. The session token in the current transaction context is used as a session binding parameter. A session security association value bound to the identity code is generated through a session token mapping algorithm to prevent illegal injection from cross-session calls. Based on the type definition of the call parameters, strict parameter serialization operations are performed on error categories, field naming indexes, inference domain constraints, etc., and key-value pair mapping is used to fix the position index of each call parameter in the data packet to achieve a structured call parameter layout. For the authorization credential part, an asymmetric encryption public key system is used to sign the authorization token into a non-repudiable digital signature string, and the signature string is then linked to the call parameter area. The XOR combination is encapsulated in a single permission credential structure to ensure the data integrity of the calling instruction and the consistency of the execution authorization. The call parameter area and the permission credential structure are merged into an activation instruction data packet after being numbered by the protocol layer, aligned in word length, and appended with header metadata. A proxy identity index field is then appended to the end of the data packet to complete the unique identification and binding of the off-chain semantic repair proxy. Through the above chain processing method, the verification results of the previous step are transformed into instruction data that can be directly used to call the proxy execution environment, so as to achieve a seamless activation effect of on-chain and off-chain collaboration. For example, in a scenario where verification of nutritional supplements in an overseas warehouse fails, the target off-chain semantic repair agent's identity identifier is 0x7F3A91B2, the session token length is 128 bits, and the hash value is obtained by performing a SHA-256 digest calculation on the session token. The operation merges the digest value with the permission token signature string to form a permission credential structure. The call parameters include the error category "timestamp format error," the normalized field index [BTCH_NO, PROD_DATE], and the inference domain constraint "FDA batch specification." During encapsulation, the call parameters are laid out in the first 256 bytes of the data packet according to preset index positions. The permission credential structure occupies 64 bytes, the proxy identity index occupies 16 bytes, and the final activation instruction data packet has a total length of 336 bytes. Executing this data packet accurately activates the off-chain time-semantic normalized proxy. After the proxy completes the repair inference call in the sandbox environment, it significantly improves the on-chain and off-chain collaboration efficiency and execution stability in verification failure scenarios.
[0014] like Figure 2 As shown, step S3 involves using the activation instruction to call the corresponding off-chain semantic repair agent, taking the hash-desensitized original input fragment and the structured failure semantic label as input, performing semantic reasoning based on the built-in industry knowledge graph, and generating a set of candidate correction values with confidence ranking. Specifically, this includes: S3.1: Perform ontology mapping parsing on the received structured failure semantic tags to extract target domain constraints containing the ontology of nutritional supplement regulatory terms and the mapping rules of cross-border logistics document fields, thereby constructing a semantic reasoning context environment to guide the subsequent reasoning process; For the received structured failure semantic tags, the tag field parsing is performed by a mapping engine based on industry regulatory semantic ontology, and the failure type identifier and abstract error category field encapsulated in the tag are split into independent logical units; The resulting logical units are bidirectionally matched with a pre-built ontology of regulatory terms for nutritional supplements. Based on a semantic alignment algorithm, the mapping relationship between the regulatory context of the failure type and the standard coding rules is determined. During the matching process, the cross-border logistics document field mapping rules are invoked to convert the transaction field names involved in the tags into standardized field identifiers consistent with the node indexes in the knowledge graph, thereby eliminating the differences in field naming between on-chain and off-chain. The standardized field identifiers are filtered for domain constraints. The attribute constraint set in the terminology ontology is used to extract numerical restrictions, format patterns and time relationship rules related to the current failure type, so as to construct a composite constraint set containing regulatory rules and logistics field entities. The composite constraint set is fused with the label parsing results, and the ontology context building module is used to generate a semantic reasoning context environment containing node semantics, attribute constraints and relational chains, which is used to guide subsequent knowledge graph search algorithms; Through the above mapping and constraint fusion processing, the label parsing results of the previous step are transformed into complete semantic reasoning context data that can be used by the inference engine, thereby achieving precise constraints on the inference path of the off-chain repair agent and adaptation to industry standards. For example, the structured failure semantic tag received in the nutritional supplement overseas warehouse quality traceability system includes the field "batchCode", the failure type is identified as "format mismatch", and the abstract error category is "missing batch number check digit". The parsing engine maps "batchCode" to the regulatory terminology ontology node "GS1 code batch number" and matches it with the field index "BATCH_ID" in the cross-border logistics document mapping rules. The attribute constraint of this node in the ontology is found to be a fixed batch number length of 12 characters with a check digit at the end. Combined with logistics rules, the association between this field and the shipping order record is locked. The constructed semantic reasoning context includes the node "GS1 code batch number", attribute constraints {length=12, last digit=check digit}, and relationship chain {associated with shipping order number, associated with FDA registration entry}. In subsequent knowledge graph retrieval, this context will guide a breadth-first search to locate all nodes conforming to the FDA batch naming specifications, and through formulas... Calculate the retrieval path priority, where The formula represents the total number of candidate nodes, and its result is used to dynamically adjust the search's expansion step size. Through this context-constrained reasoning process, the system significantly improves the consistency between repair candidate values and regulatory standards, and reduces retrieval bias caused by differences in field naming. S3.2: Based on the semantic reasoning context, perform multimodal feature alignment operation on the hash-desensitized original input fragment to generate a standardized data feature vector with industry standard compatibility, providing a unified data representation basis for subsequent accurate retrieval in the industry knowledge graph; S3.3: Utilize the standardized data feature vector to perform a breadth-first semantic path search algorithm in the built-in industry knowledge graph to locate a set of compliance candidate nodes that conform to FDA or EFSA batch naming specifications, thereby obtaining potential semantic correction target objects. For the original input fragments obtained after hash desensitization and the standardized data feature vector, the semantic path index table of FDA and EFSA batch naming specifications is loaded by calling the industry knowledge graph retrieval interface, and a query state initialization structure containing node type, attribute constraints and relation weights is constructed. Based on the query state initialization structure, the node access queue and level limit parameters for breadth-first search are set. The level limit is set to the maximum search level according to the field nesting depth in the batch naming specification. Graph start nodes with a matching degree higher than the preset threshold that are matched with the current standardized data feature vector are added to the initial queue. During the breadth-first path search process, the node matching score is calculated using the mapping relationship between node attribute values and standardized data feature vectors. The formula for calculating the matching score is as follows: in, To match scores, For node relationship weights, For field similarity functions, To standardize data feature fields, For node attribute values; Based on the ranking results of the matching scores, nodes with scores higher than the dynamic threshold are selected to be expanded to the next level of the search queue, and the attribute change history of the node path is recorded during the expansion process for subsequent compliance verification. When the search queue is empty or the level limit is reached, all nodes that meet the FDA or EFSA batch naming specifications are aggregated to form a set of compliant candidate nodes, and path context information is attached to each node in the set. Through the breadth-first semantic path search and score filtering process described above, the standardized data feature vector from the previous step is transformed into a set of compliant candidate nodes containing potential semantic correction target objects, thereby achieving accurate location and semantic correspondence of failed data. For example, for the standardized data feature vector of the batch number field of nutritional supplements, let the field be "LOT_NUMBER" and the corresponding hash-desensitized fragment value be "2024-AB123". Load the industry knowledge graph node set, where the batch naming node attribute in the FDA specification is "YYYY-ABCNNN" with a relation weight of 0.8, and the node attribute in the EFSA specification is "YYYY-ABNNN" with a relation weight of 0.9. When initializing the search queue, add the two types of specification start nodes, perform matching score calculation, and assume the similarity between the standardized field value and the FDA node attribute value... The matching score is then calculated as follows: ≈ Similarly, calculate the EFSA node score ≈ After sorting and expanding the search, the node "2024-AB123" that fully matches the EFSA naming convention attributes was finally located in the third-level search. This node was added to the compliance candidate set and a path context record was attached. The results show that this set can be used for subsequent correction value generation and significantly improves the location speed and matching reliability in weak network environments. S3.4: Apply a Bayesian confidence assessment model to the set of compliance candidate nodes to perform probability calculations, so as to quantify the semantic matching degree between each candidate node and the current failure scenario, thereby outputting a preliminary list of correction schemes with numerical confidence scores. S3.5: Based on the preliminary correction scheme list, perform descending sorting and threshold filtering operations to select the final candidate correction value set with confidence higher than the preset threshold, thereby completing the complete semantic reasoning closed loop from the original failure data to the executable correction suggestion; Based on the input of the preliminary correction scheme list, an ordered data set containing confidence scores and candidate value identifiers is constructed as the execution object for the descending sorting operation; The confidence score field is used as the sorting primary key, and a stable sorting algorithm is called to reorganize the index of the candidate value set in descending order of score, so as to maintain the relative order of the original inference path under the condition of the same score. A threshold filtering function is applied to the sorted set. A preset confidence threshold parameter is set, and the parameter value is dynamically adjusted based on the industry standard fault tolerance coefficient and system risk tolerance. Candidates below the threshold are eliminated based on comparison logic. A segmented filtering strategy is adopted to further verify the semantic consistency of candidate options in the high-confidence segment. The matching degree between the correction value and the regulatory norm is checked based on the mapping relationship of standard nodes in the knowledge graph, so as to eliminate outliers with high scores but semantic conflicts. For candidates that pass the semantic consistency check, a uniqueness determination is performed. Hash fingerprint comparison is used to ensure that there are no duplicate entries in the candidate correction value set, forming the final candidate correction value set that meets the execution conditions. By using descending order sorting and threshold filtering, the preliminary correction scheme of the previous step is transformed into a set of final executable correction suggestions that meet the conditions of industry standard compliance, confidence priority and uniqueness, thus realizing a complete semantic reasoning closed loop from the original failure data to the off-chain repair input. For example, in the scenario of correcting batch numbers in overseas warehouses for nutritional supplements, the initial correction plan list contains 10 candidate batch numbers with a confidence score range of 0.65 to 0.98. Setting the confidence threshold at 0.85 and adjusting the system risk tolerance coefficient at 0.03, the dynamic threshold calculation formula is as follows: in, The filtering threshold is dynamically adjusted. After filtering the sorted set according to this threshold, four candidate values remain. Further verification of FDA approval number specifications is performed based on the knowledge graph node mapping, eliminating one semantically conflicting item, resulting in three candidate values. Hash comparison is used to ensure no duplicates. The final set of candidate correction values is processed with zero-knowledge commitments in the off-chain repair task and then submitted for on-chain verification, significantly improving the accuracy and compliance of the correction.
[0015] Step S4: For the candidate correction value set, a zero-knowledge commitment algorithm is used to perform privacy encapsulation processing on the data, and a verifiable repair suggestion summary package is generated in conjunction with the correction basis description. Specifically, this includes: S4.1: Obtain the set of candidate correction values with confidence ranking and the corresponding industry knowledge graph reasoning path records. Perform discrete logarithmic field blinding calculation on each candidate correction value and its confidence score based on the Pedersen commitment scheme to generate a sequence of zero-knowledge original commitment components containing hidden numerical information and random masking factors. Import the set of confidence ranking candidate correction values and their corresponding industry knowledge graph inference path records from the previous step, load them into structured data objects, and use them as input conditions for privacy encapsulation computation. Based on the parameter definition of the elliptic curve discrete logarithm problem model, the basis points of the commitment scheme are calculated by calling the security parameter generator. with auxiliary base points And establish group operation rules on finite fields; For each numeric field in the candidate correction set, generate a random mask factor from a secure random source. And construct the formula in the curve group according to the Pedersen commitment. Perform group element multiplication and addition operations, where For field values, ensure the computational hiding and binding of the commitment; Each commitment calculation result and its confidence score parameters are encapsulated together into a commitment component tuple, and an index mapping table is used to link it back to the original candidate field identifier, ensuring the traceable binding of the commitment to the semantics of the original data; For the above set of commitment component tuples, perform batch blinding factor superposition verification to ensure that the generation of all random mask factors satisfies the elliptic curve group order constraint condition, and prevent information leakage or mask duplication from causing a decrease in security. By using curve group operations and blinding processing, the candidate correction value set of the previous step is transformed into a sequence of original data commitments with computational hiding and binding, thus realizing the privacy-preserving input required for the zero-knowledge proof stage; For example, in the scenario of batch naming correction for nutritional supplements in overseas warehouses, the set of candidate correction values includes batch number verification code values. and temperature and humidity records The confidence levels are respectively and Commitment Scheme Selection Basis Point with auxiliary base points From elliptic curves Generator, random mask factor They are respectively and In group operations, the batch number commitment is calculated as follows: Temperature and humidity commitment calculation is as follows Both methods employ blinding factor superposition verification to ensure group order legitimacy. The commitment sequence output by this embodiment provides privacy-preserving input in subsequent zero-knowledge proofs, significantly improving the security and reliability of off-chain data repair. S4.2: Receive the sequence of zero-knowledge original commitment components, aggregate the scattered commitment components into a single cumulative commitment value using bilinear mapping pairing technology, and construct a binding relationship by combining the modified SHA-256 hash fingerprint of the description field to output an aggregated commitment structure with data integrity binding; Receive the original data commitment sequence and associated correction basis description text generated in the previous step S4.1 as the data input object for this step; The modified description text is subjected to digest compression processing based on a secure hash algorithm. The SHA-256 algorithm is used to construct a message digest calculation process to convert the description text into a regular fingerprint with fixed length and anti-collision properties. During the summary calculation process, the correction basis description field is used as the message source. After chain-group filling, logical operation and cyclic shift processing, a 256-bit hash output is generated and saved in the form of a regular fingerprint to ensure that the fingerprint maintains a unique mapping relationship with the original text. The rule fingerprint and each commitment element from the original data commitment sequence are input into the Merkle tree construction module, and a tree structure node is generated according to the iterative combination of hash pairs. During the Merkle tree node generation process, the hash value of each element in the commitment sequence is concatenated with the hash value of the rule fingerprint into a binary string, and the parent node identifier is generated through hash operation. This process is iterated until a unique root node hash value is formed. In the construction of the Merkle tree root node, the rule fingerprint is placed at the top level and merged with the commitment sequence to ensure that the root hash simultaneously binds the integrity features of the commitment data and the rule basis. By comparing and verifying hash values, the uniqueness and stability of the root node hash under different computing paths are confirmed, so as to form a composite commitment root hash value containing data integrity verification features. Through the above processing method, the result of the previous step is transformed into a composite commitment root hash that both encapsulates the commitment data and binds the rule basis, thereby achieving the expected technical effect of dual integrity verification on and off the chain. For example, in a nutritional supplement batch correction scenario, the system receives a sequence of original commitments for five candidate correction value commitments generated by S4.1. Each commitment value is the result of an operation on the elliptic curve domain (32 bytes in length), and the associated correction basis is described as "adjusting the timestamp format according to ISO 8601". This description text is then processed using the SHA-256 algorithm to form a regular fingerprint hash value. The calculation formula is as follows: ,in To correct the description string, the hash values of the commitment sequence elements are sequentially compared with... Perform pairing to construct the bottom-level node pairs of the Merkle tree, such as the hash of the first commitment element. and After concatenation, perform SHA-256 operation to generate the parent node hash value. Its formula is expressed as: ,in This represents a binary string concatenation operation. This operation is repeated until all upper-level nodes are constructed, and a composite commitment root hash value is generated at the highest level. This root hash value binds the overall relationship between the committed data and the rule fingerprint. It is used for rapid integrity verification during subsequent on-chain validation, and the experiment was conducted on different node computation paths. The stability demonstrates that the integrated root hash significantly improves consistency verification efficiency and resistance to tampering. S4.3: Perform range proof protocol construction processing on the aggregate commitment structure, and generate a non-interactive zero-knowledge proof string based on the Bulletproofs algorithm, in which the proof candidate correction value is in the compliant numerical range and has not overflowed, so as to form a privacy-protected proof payload containing numerical legality verification logic; Based on the composite commitment root hash value and the proxy identity identifier, the input vector of the zero-knowledge proof circuit is constructed, and the circuit generation interface of the zk-SNARKs protocol is called to generate a logical description file with industry standard ontology constraints. Encode all the numerical fields that need to be verified and their corresponding compliance rules in the candidate correction value set into a set of constraint polynomials, and declare the dependencies and priorities of each constraint in the circuit structure; The set of constraint polynomials is subjected to R1CS (Rank-1 Constraint System) transformation to map the original compliance logic into a sparse matrix structure that satisfies the zk-SNARKs algorithm. During the circuit parameter generation process, based on the public key and private key pair generated in the trusted initialization phase, the composite commitment root hash value is used as the binding element for input consistency verification, ensuring that the proof generation process is bound to the commitment. The Groth16 algorithm is used to perform polynomial commitment and pairwise computation on the R1CS structure to generate proof components, wherein each pairwise computation step is accompanied by a proxy identity identifier as an additional verification condition to prevent proxy forgery. After the proof is constructed, a zero-knowledge proof certificate is output, which includes proof of circuit constraint satisfaction, verification of commitment value binding, and confirmation of the legality of the proxy identity. The certificate can be used to verify on the chain that the set of candidate correction values meets the preset industry standard ontology constraints without disclosing the specific values. By constructing and binding zero-knowledge proofs, the aggregated commitment structure and proxy identity identifier from the previous step are transformed into proof data that can be publicly verified on the chain without exposing plaintext correction values, thus achieving the expected technical effect of parallel data compliance verification and privacy protection. For example, in a nutritional supplement batch number correction scenario, the batch number field in the candidate correction value set needs to be verified to conform to GS1 encoding rules. Specifically, the first 8 digits of the batch number must be a valid manufacturer code, and the date field must meet the ISO8601 format. When constructing the circuit, the commitment value of this batch number field and the corresponding rules are converted into two R1CS constraints: a manufacturer code verification constraint and a date format verification constraint. The manufacturer code verification constraint can be represented as a logical polynomial of length matching and character set restrictions. For example, length verification can be represented in the following form: Date format validation can be transformed into bit string validity constraints through regular expression pattern matching, and then mapped to: The normalized matching index in the form of, where The length of the date field. When generating proof using the Groth16 algorithm, the input is the root hash value of the polynomial commitment and composite commitment of the two types of constraints mentioned above. The output proof certificate can be verified on-chain to confirm that the batch number field conforms to the GS1 encoding rules and ISO date specifications and does not reveal the actual batch number. The system verification performance is significantly improved in weak network environments, and the on-chain verification overhead is greatly reduced. S4.4: Extract the privacy protection proof payload and the preset proxy identity public key parameters, and use the elliptic curve digital signature algorithm to perform a joint signature operation on the modification basis description text and the commitment root hash to generate a source authentication signature token with non-repudiation characteristics. S4.5: Integrate the source authentication signature token, privacy protection proof payload, and aggregate commitment structure, and perform structured encapsulation processing according to the predefined on-chain interaction data serialization standard to generate a final repair suggestion summary package with verifiability and privacy protection capabilities.
[0016] Step S5: Submit the repair suggestion summary package to the on-chain verification contract, verify the validity of the summary based on the proxy identity whitelist and the scope of the pre-authorized knowledge base, and generate a secondary verification trigger signal. Specifically, this includes: S5.1: Obtain a summary package of repair suggestions containing zero-knowledge commitment encapsulated data and a description of the basis for the repair, and extract the digital signature features and proxy identity identifiers from it based on an asymmetric encryption algorithm to generate a set of identity authentication credentials to be verified; S5.2: Receive the set of identity authentication credentials to be verified, and perform a hash matching operation based on the proxy identity whitelist data structure stored on the chain to generate a legally valid proxy access permission status flag; S5.3: Using the agent access permission status flag as a prerequisite, parse the correction basis description field in the repair suggestion summary package, and perform semantic comparison with the regulatory term ontology within the scope of the pre-authorized knowledge base based on ontology mapping rules to generate a compliance verification pass certificate; The agent access permission status flag generated in step S5.2 is parsed and used as a precondition input for the current sub-step to ensure that the verification logic is executed only within the scope of the legitimate agent identity. The correction basis description field encapsulated in the repair suggestion summary package is formatted and extracted, and a strict parser based on UTF-8 encoding is used to remove non-subject characters and generate a standardized description sequence. The standardized description sequence is semantically parsed using ontology mapping rules, and the included regulatory terms are mapped one by one to the term ontology nodes in the on-chain pre-authorized knowledge base to generate the corresponding ontology index key-value set. By comparing the ontology index key-value set with the index key-value set within the scope of the pre-authorized knowledge base, a set intersection algorithm is used to identify complete matches and partial matches in order to form a semantic matching state matrix. For some matching items in the semantic matching state matrix, call the on-chain semantic extension operator to perform ontology hierarchical reasoning, and perform matching and completion processing between its subclass and parent class nodes until the matching coverage reaches the preset threshold. Through the above matching and completion process, a compliance verification result data structure containing all regulatory terminology ontology matching nodes and their mapping status is generated, and the verification passed attribute is marked on its status bit. By using semantic parsing, matching and reasoning processing, the proxy access permission status flag and the description field of the correction basis in the previous step are transformed into a compliance verification certificate with full ontology matching confirmation, so as to achieve the effect of automatic on-chain verification of the legality of the repair basis. For example, in a nutritional supplement batch traceability scenario, the agent access permit status flag is True, and the correction suggestion summary package specifies the corrected description field as "Using UTC+0 time in accordance with FDA 21 CFR Part 11 Appendix B 3.2". This description field is standardized and mapped to a pre-authorized knowledge base node, matching the ontology index key value FDA_21CFR_Part11_AppendixB_3_2_TimeFormat. The set intersection result confirms a complete match, achieving 100% coverage. In cases of partial matching, such as when the description field only contains "In accordance with FDA 21 CFR", the semantic extension operator is invoked to complete the inference, locating the parent node FDA_21CFR and expanding it to the sub-node of Part 11 Appendix B 3.2, thus increasing the coverage above the threshold. After the matching matrix verification passes, a compliance verification certificate is generated, containing a list of ontology node indexes: FDA_21CFR_Part11_AppendixB_3_2_TimeFormat and its matching status true. In this embodiment, the compliance verification of the output ensures the legality of the modified UTC+0 time in the on-chain smart contract verification logic through the certificate, which significantly improves the reliability and robustness of the automated fault-tolerant processing. S5.4: For the compliance verification certificate, the integrity of the data privacy encapsulation in the digest packet is logically determined by combining the zero-knowledge proof verification algorithm to generate a tamper-proof data integrity confirmation token; S5.5: In response to the tamper-proof data integrity confirmation token, assemble structured instruction data containing transaction context index and proxy identity index based on the event-driven architecture to generate a secondary verification trigger signal for activating the sandbox environment; Event listening is performed on the tamper-proof data integrity confirmation token. The unique identifier of the token and its signature verification status are captured based on the event-driven interface of the on-chain consensus node, and used as the trigger condition for assembling the secondary verification signal. The captured token identifier is associated and matched with the transaction context index extracted in the previous step, and a hash mapping algorithm is used to generate a context reference chain to ensure that the subsequent sandbox execution environment can accurately trace back to the original transaction failure scenario. Access the agent identity index storage area, use the identity index and the public key parameter in the token signature to perform consistency verification, and write the verification result as an access control flag into the security metadata segment of the structured instruction data to prevent unauthorized agents from being activated; The combined key value of transaction context index and proxy identity index is embedded in the structured instruction data, and the encoding process is performed according to the predefined on-chain instruction serialization standard to form a high-density binary instruction payload that can be parsed by the sandbox scheduling module. The on-chain event scheduler is invoked to encapsulate the encoded binary instruction payload in the event message body, while attaching a timestamp and a random nonce value to prevent replay attacks, thus achieving a secure conversion from an anti-tamper token to a secondary verification trigger signal. Through the above processing method, the tamper-proof data integrity confirmation token of the previous step is transformed into structured instruction data with the ability to accurately locate the transaction context and verify the agent identity authorization, so as to realize the secure triggering and verification closed loop from the chain to the sandbox environment. For example, in a cross-border supply chain scenario for nutritional supplement overseas warehouses, the transaction context index is set as a 256-bit SHA-256 hash value, the proxy identity index is set as a 128-bit UUID encoding, and the tamper-proof data integrity confirmation token contains an ECDSA signature verification pass flag. After the on-chain event listening module captures the token identifier, it combines the 256-bit context index and the UUID proxy index to form a 384-bit composite key, and generates a context reference chain through Keccak-512 hash operation. During the public key consistency verification phase, the proxy public key parameter is used to perform elliptic curve signature verification on the token signature to confirm that the signature is valid and the identity is within the whitelist. The structured instruction data is encoded using ASN.1 DER, generating a 512-byte binary instruction payload, and a random nonce value generated by the following formula is appended to the end of the payload: in For the security key pre-set on the chain, This is the UTC timestamp at the time of triggering. The encoded instruction payload is sent to the sandbox scheduling module via the event-driven scheduler. Upon receiving a valid trigger signal, this module successfully activates the corresponding agent's correction logic replay, achieving dual protection of data integrity and identity legitimacy.
[0017] Step S6: In response to the secondary verification trigger signal, the correction logic of the off-chain semantic repair agent is replayed in the sandbox environment. Data integrity is confirmed by comparing the output hash consistency, and an anti-tampering confirmation credential is generated. Specifically, this includes: S6.1: Obtain the secondary verification trigger signal and the summary package of repair suggestions to be verified, and build a sandbox execution environment with read-only file system permissions based on containerized isolation technology to generate a secure computing space for carrying the replay logic of the off-chain semantic repair agent; Upon receiving the secondary verification trigger signal generated by step S5 and the repair suggestion summary package to be verified as input conditions, the virtualization resource allocation interface is called based on containerized isolation technology to load the isolated core module with hardware root of trust on the preset security node. The resource scheduler allocates independent CPU execution units, memory page tables and network control permissions to the sandbox execution environment. By using the transaction context index and proxy identity index in the digest package as environment initialization parameters, the file system permissions are configured to read-only mode when constructing the sandbox execution space, and the necessary execution dependencies and runtime libraries are loaded into the isolated environment by mounting a temporary file system, ensuring that all calls to repair the proxy logic do not access the original on-chain transaction data or private key information. Based on the access control list defined by the security policy manager, the system call interface of the sandbox environment is restricted to a predefined whitelist range, and all external network connections and dynamic link library loading behaviors are disabled to prevent malicious code from tampering with the execution path or importing unauthorized resources during replay. The image signature verification module performs digital signature verification on the binary image of the loaded off-chain semantic repair agent to confirm that it comes from an authorized agent developer, and generates an immutable hash fingerprint for the image as an environment state binding parameter after the image is built. By combining the container metadata management interface, the above-mentioned environment state binding parameters and secondary verification trigger signals are written to the sandbox control plane log. At the same time, a runtime monitoring hook is established to record the hash digest of each memory page write event during subsequent logic replay, thereby providing a traceable intermediate state record for data consistency comparison. Through the above processing method, the trigger signal and digest packet of the previous step are transformed into a sandbox execution environment with read-only permissions of the file system, communication isolation, controllable execution path and verifiable source, so as to realize the replayability and tamper-proof capability of off-chain semantic repair logic in a secure computing space. For example, in a failed verification replay scenario for a cross-border nutritional supplement transaction, the secondary verification trigger signal includes the transaction context index value 18273645 and the agent identity index value AGT-009, with a repair suggestion digest package of approximately 5MB. The containerized isolation technology for the security node adopts the Kata Containers kernel isolation mode, allocating 2 CPU cores, 2048MB of memory, and a loopback-only network interface. Read-only permissions for the file system are set via the mount parameter, with mount paths including / usr / lib / agent_runtime and / tmp / sandbox_workdir, both provided by a temporary file system. Access control lists (ACLs) only allow system calls such as open, read, write, hash, and commit, blocking network-related calls such as socket and connect. Image signature verification uses the agent public key AGT-009-PUB to perform elliptic curve digital signature verification, using the formula... in ECDSA signature verification result, This is the verification function for the elliptic curve digital signature algorithm. The hash value of the off-chain semantic repair agent binary image. For the binary image of the off-chain agent, For signature value, The proxy public key is used, and a true verification result indicates a trusted source. The environment state hash fingerprint is generated using SHA-256 with a fixed length of 32 bytes. During execution, memory page write events are recorded with a hash digest every minute for full consistency comparison in S6.5. This configuration can stably maintain the isolation space even in weak network environments, and no unauthorized access will occur when replaying the proxy logic, significantly improving the security and reliability of verification replay under overseas warehouse conditions. S6.2: Receive the activation instruction in the secure computing space, and use the deterministic virtual machine interpreter to load the off-chain semantic repair agent binary code matched by the identity index, so as to reproduce the semantic reasoning execution context that is completely consistent with the original off-chain reasoning; S6.3: Input the hash-desensitized original input fragment and the structured failure semantic label into the semantic reasoning execution context, call the built-in industry knowledge graph reasoning engine to perform candidate correction value reconstruction operation, so as to generate a replay correction result set and the corresponding replay confidence ranking sequence; When the original input fragment, which has been hashed and desensitized, is input along with the structured failure semantic tags into the semantic reasoning execution context, the initialization interface of the loaded off-chain semantic repair agent reasoning engine is invoked to establish a connection session with the built-in industry knowledge graph. Based on the session token verification inference engine's access permission status, the standardized field identifiers in the failed semantic tags are mapped one-to-one with the industry knowledge graph node index table to generate a semantic node search list containing regulatory terms and cross-border logistics field rules. Multimodal data feature extraction is performed on the hash-desensitized original input fragments. The obtained timestamp, batch number and other field contents are converted into numerical and symbolic feature vectors, and the features are normalized according to the node constraints of the search list to meet the semantic matching requirements of FDA or EFSA batch naming specifications. Based on normalized feature vectors, a breadth-first search strategy is applied in the industry knowledge graph to traverse the node relationship path, locate the compliance candidate nodes whose similarity with the feature vectors is higher than a predefined threshold, and use their content as the original component of the correction value candidate set. Applying a Bayesian confidence assessment model to the candidate set, the prior distribution is defined as the statistical characteristics of historically validated samples. The posterior probability score for each candidate value is calculated using the following formula: in is the posterior probability of the candidate correction value. Let be the likelihood probability. For prior probability, For the probability of evidence, Candidate correction values; The candidate set is sorted in descending order by the above probability scoring, and the candidates with scores higher than the system set threshold are selected as the replay correction result set, and the corresponding replay reliability ranking sequence is generated at the same time. Through the above chain processing method, the results of the previous step are transformed into a compliance correction dataset that can be directly used in the sandbox environment for subsequent commitment encapsulation and hash consistency comparison, thereby achieving the integrity technical effect of on-chain and off-chain secondary verification. For example, in a scenario where the batch number format verification for nutritional supplements fails in an overseas warehouse, the hash-desensitized original input fragment contains a batch number field and a timestamp field. The batch number is encoded as a character vector, and the timestamp is represented in UTC milliseconds. Structured failure semantic labels indicate two types of errors: missing batch number check bits and mismatched timestamp format. In the inference execution context, the batch number field is processed to generate a 12-bit symbolic vector, and the timestamp field generates one numerical feature. Based on the FDA batch naming convention node index table, the batch number symbolic vector is normalized to a combination of uppercase letters and numbers conforming to GS1 rules, and the timestamp numerical feature is normalized to a UTC+0 timezone representation in ISO 8601 format. A breadth-first search is performed in the industry knowledge graph to locate the batch number node and time node containing valid check bits and conforming to the timezone offset standard. In the candidate batch number node probability calculation, the prior distribution is assumed to be a historical pass batch number occurrence frequency of 0.8, and the prior distribution to the time node is assumed to be a historical pass time format occurrence frequency of 0.9. Based on the formula, the posterior probability values are calculated: batch number node score is 0.72, and time node score is 0.81. The screening threshold is set to 0.7, therefore both are retained in the replay correction result set, generating a confidence ranking sequence of [time node 0.81, batch number node 0.72]. This set then proceeds to step S6.4 for zero-knowledge commitment encapsulation, ultimately significantly improving the anti-tampering capability in weak network environments during hash consistency comparison. S6.4: Extract the replay correction result set, and use the same zero-knowledge commitment algorithm as the off-chain stage to perform privacy encapsulation processing on the data to generate a replay repair suggestion digest package and calculate its replay data fingerprint hash value; S6.5: Compare the replay data fingerprint hash value with the original data fingerprint hash value in the original repair suggestion summary package, determine the data integrity status based on byte-level consistency verification logic, and generate an anti-tampering confirmation credential containing a verification pass identifier.
[0018] Step S7: Based on the tamper-proof confirmation certificate, the correction result is written to the off-chain cache, and the original transaction state is marked as a state identifier awaiting manual review and semantically aligned. Specifically, this includes: S7.1: Obtain the anti-tampering confirmation certificate and the corresponding set of candidate correction values output by the sandbox environment, and perform integrity verification on the digital signature in the anti-tampering confirmation certificate based on the asymmetric encryption signature verification algorithm to generate a legally valid trusted write authorization token to ensure that the data source of subsequent write operations has not been illegally tampered with. S7.2: Receive the trusted write authorization token and the candidate correction value set, use Merkle root hash mapping technology to convert the candidate correction value set into a fixed-length data fingerprint, and combine it with the timestamp sequence number to generate a unique off-chain storage index key, so as to realize the fast location and anti-collision storage of the correction data in the distributed cache system. The trusted write authorization token obtained by S7.1 and the corresponding candidate correction value set are received as input conditions. The authorization token is used to verify the legality of subsequent mapping and storage links, and the candidate correction value set is used as the source data object for generating the data fingerprint. The Merkle tree construction routine is invoked to standardize and encode each terminal field in the candidate correction value set to form a fixed-length leaf node hash. Each leaf node hash is calculated based on SHA-256 to ensure the data integrity verification capability of a single field. The binary Merkle tree recursive aggregation algorithm is adopted to perform hash concatenation operation layer by layer according to the preset left and right child node combination rules. The hash value of the root node is generated through the hash of the parent node until the root node is formed. The root node is the global fingerprint of the candidate correction value set. The current global sequence timestamp is obtained using the timestamp generation module, and a unique binding process is performed by combining it with the root node hash value. The two are then concatenated and input into the index key derivation function. The derivation function generates the off-chain storage index key based on hash compression and random salt value iterative calculation. The unique off-chain storage index key enables rapid location of the candidate correction value set in the distributed cache system, while the fingerprint feature of the root node hash value is combined to complete the anti-collision storage security mechanism. By using Merkle root hash mapping and timestamp binding, the result of the previous step is transformed into a fast-locating and collision-resistant off-chain storage index key, achieving the expected technical effect of efficient writing and secure storage of corrected data. For example, in a quality traceability system for overseas warehouses of nutritional supplements, a trusted write authorization token and a set of candidate correction values containing 16 fields are received. Each field is encoded in UTF-8 and then input into a SHA-256 hash function to generate a 256-bit leaf node hash. A complete binary tree is constructed, with leaf nodes paired sequentially. The parent node hash is calculated as follows: in, For the parent node hash, and These are the hash values of the left and right child nodes, respectively, and the process is iterated globally up to the Merkle root node. Get the current UTC timestamp. Execute the index key derived function: in Store the index key off-chain. The hash value of the Merkle tree root node. The index key is a randomly generated 128-bit salt value. Locating this index key in the distributed cache takes no more than 10 milliseconds, and it avoids hash collisions in high-concurrency storage scenarios, achieving the performance goal of secure and efficient storage of the modified value set. S7.3: Based on the off-chain storage index key, call the high-performance key-value storage engine to serialize and encapsulate the candidate correction value set and correction basis description metadata to generate a persistent data block containing version control information, and write the persistent data block to the specified storage shard of the off-chain cache to complete the physical storage operation of the correction result. S7.4: After detecting that the persistent data block has been successfully written, extract the original transaction serial number and the newly generated data fingerprint, and perform a state bit flipping operation based on the finite state machine transition rules. Update the global state identifier of the original transaction from the verification failure state to the state identifier that is pending manual review and has been semantically aligned, so as to mark that the transaction has completed automatic repair and entered the manual confirmation queue. S7.5: Read the updated, semantically aligned status identifier and off-chain storage index key that are awaiting manual review, construct a structured status change event that includes a transaction context snapshot reference and a comparison of differences before and after the correction, and publish the structured status change event to the operator notification service module through the asynchronous message bus to trigger the subsequent low-interference pop-up prompt process and complete the status synchronization of the entire repair loop. Read the updated, semantically aligned status identifier awaiting manual review and the off-chain storage index key, and use the off-chain cache retrieval module based on the index key to extract the global context snapshot reference of the corresponding transaction; Perform difference analysis processing on the context snapshot reference, input the original data before correction and the set of candidate correction values after correction into the difference comparison algorithm calculation module, and generate a difference comparison result set containing field-level change records, numerical difference matrix and semantic change path; The difference comparison result set is structurally associated with the context snapshot reference to construct a structured state change event object with a unique transaction index, time series label, and correction basis metadata; The state change event object is processed by asynchronous message encapsulation. An event publishing package with anti-duplicate delivery identifier and priority tag is generated using a high-concurrency message queue protocol and routed to the subscription channel of the operator notification service module. The release package includes a persistent data location pointer for the off-chain storage index key mapping, ensuring that the subsequent notification module can quickly locate the transaction context based on the reference pointer, and realize the ability to synchronously call state updates and correct discrepancies. By comparing the differences and using the asynchronous release processing method described above, the anti-tampering confirmation certificate result of the previous step is transformed into a structured state change event for notification services, thereby achieving end-to-end synchronization and closed-loop triggering of transaction status. For example, in a nutritional supplement overseas warehouse quality traceability scenario, the off-chain storage index key is "GS1-BATCH-20240315-UTC0", and the status identifier is updated to "STA-REV-SEMALIGN". The context snapshot reference contains 15 fields, of which 4 fields changed after the correction, and the difference matrix is displayed in the time field. Change to The batch number field is... Complete as The difference comparison algorithm uses field-level hash matching and semantic path mapping to generate a hash verification value for the difference matrix. The calculation is completed within seconds. During message encapsulation, a priority tag "P2" is set, the anti-duplicate delivery flag is "NR-LOCK", and the index key position pointer is bound to the cache partition "PART-07". After receiving the event publishing packet through the notification service module's subscription channel, the retrieval speed of transaction context snapshots can be significantly improved in weak network environments, achieving a substantial improvement in state synchronization response performance. A low-interference pop-up notification is then triggered to the operator terminal within 3 seconds, triggering the subsequent process.
[0019] Step S8: After detecting the change in the status identifier, extract the current transaction context snapshot and generate a low-interference pop-up prompt instruction, which is then pushed to the operator terminal to complete the closed-loop feedback. Specifically, this includes: S8.1: Poll and monitor the semantically aligned state identifiers in the off-chain cache that are awaiting manual review. Based on the state machine transition detection algorithm, identify the jump events of the state identifiers from the initial value to the target value, so as to generate a state change trigger signal containing a unique transaction index and timestamp. S8.2: Using the state change trigger signal as input condition, extract the complete context snapshot of the current transaction based on the distributed ledger data backtracking mechanism. The context snapshot covers the original failure semantic label, candidate correction value set and tamper-proof confirmation certificate, so as to construct a dataset to be displayed containing the basis for full-link correction. S8.3: Filter redundant fields in the dataset to be displayed, calculate key information entropy values based on the UI rendering load optimization algorithm and filter high-weight data items to generate a simplified core correction summary information package, ensuring that the pushed content contains only the minimum necessary information set required for operator decision-making; S8.4: Based on the core correction summary information packet, construct a low-interference pop-up prompt instruction based on the front-end interaction protocol encapsulation specification. The instruction includes pop-up level attributes, automatic disappearance timer parameters, and one-click review button callback address to generate a lightweight interactive control message that meets the transmission requirements of the weak network environment of overseas warehouses. The core correction summary information packet output from the previous sub-step S8.3 is received as input condition. The protocol parser is called according to the stored front-end interaction protocol encapsulation specification to perform structured parsing of the summary information packet, extract key information fields and their data type definitions to determine the control attribute parameters to be encapsulated in the subsequent process. Based on the extracted field attributes, a pop-up hierarchical attribute data object is constructed using an interface hierarchy mapping table. This mapping table predefines the pop-up display order, mask transparency, and interaction locking strategy corresponding to correction prompts of different severity and priority. The logic for generating automatic disappearance timer parameters is executed on the constructed pop-up hierarchical attribute data object. The appropriate visible time interval is calculated using the operator interaction history data of the transaction context to ensure that the prompt information has enough time to remain for manual confirmation in a weak network environment. Combining the unique transaction index and review requirements in the core correction summary information package, the one-click review button configuration module is called to generate a callback address and bind an access token. This access token corresponds to the preset manual review operation interface in the on-chain verification contract. The pop-up hierarchical attribute data object, the automatic disappearance timer parameters, and the one-click review button callback address are assembled into a lightweight interactive control message structure. A field compression algorithm is used to reduce the length of unnecessary metadata, thereby meeting the front-end command transmission delay constraints in the weak network environment of overseas warehouses. By using a combined encapsulation processing method, the result of the previous step is transformed into an interactive control message that combines functional integrity with lightweight data transmission, enabling low-interference pop-up prompts to be visualized and triggered instantly on the operator's end. For example, in an environment where the average network latency of a nutritional supplement overseas warehouse is 180ms and the packet loss rate remains at 3%, the received core correction summary information packet contains 7 high-weight data items and their corresponding types. The protocol parser confirms that it contains key fields such as batch number, timestamp, and signature status. The interface hierarchy mapping table maps this type of correction prompt to a first-level high-priority pop-up, sets the mask transparency to 0.3, and allows background operation. The automatic disappearance timer parameter generation logic is based on the operator's average review time of 15 seconds in the past 30 reviews, estimating the visible time interval to be 20 seconds to ensure sufficient confirmation. The validity period of the access token bound to the callback address is set to 300 seconds to prevent long-term idle invalidation. The lightweight interactive control message structure applies field compression during encapsulation, compressing the original message size from 2.4KB to 1.6KB, meeting the weak network transmission latency constraints and avoiding congestion. Under the same environment, the average loading time of the message generated by this encapsulation specification on the operator terminal is reduced to less than 600ms. The pop-up levels, timers, and review buttons can be displayed stably and trigger the on-chain manual review process, which significantly improves the efficiency of prompt interaction in weak network environments. S8.5: The lightweight interactive control message is pushed to the operator terminal through a secure communication channel. The message queue persistence mechanism ensures reliable delivery of instructions in the scenario of network disconnection and reconnection, so as to render a low-interference pop-up window with context snapshot on the operator terminal interface and complete the closed-loop feedback process.
[0020] The technical solution of the present invention has been described above with reference to the preferred embodiments shown in the accompanying drawings. However, it will be readily understood by those skilled in the art that the scope of protection of the present invention is obviously not limited to these specific embodiments. Without departing from the principles of the present invention, those skilled in the art can make equivalent changes or substitutions to the relevant technical features, and the technical solutions after these changes or substitutions will all fall within the scope of protection of the present invention.
[0021] The above description is merely a preferred embodiment of the present invention and is not intended to limit the invention. Various modifications and variations can be made to the present invention by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and rules of the present invention should be included within the scope of protection of the present invention.
Claims
1. A blockchain-based method for end-to-end quality traceability of nutritional supplements from overseas warehouses, characterized in that: Includes the following steps: S1: Obtain the original transaction context data when the smart contract verification fails, and parse the input field name, original field value and expected data pattern based on the preset semantic annotation rules to generate structured failure semantic tags; S2: Receive the structured failure semantic tag, perform a matching operation in the local preset agent registry according to the error category in the tag, and generate an activation instruction and identity index pointing to the semantic repair agent of a specific chain; S3: Using the activation instruction, the corresponding off-chain semantic repair agent is invoked to perform semantic reasoning on the hash-desensitized original input fragment and the structured failure semantic label based on the built-in industry knowledge graph, and a set of candidate correction values is generated. S4: Perform privacy encapsulation processing on the candidate correction value set, and generate a repair suggestion summary package in combination with the correction basis description; S5: Submit the repair suggestion summary package to the on-chain verification contract, verify the validity of the summary based on the proxy identity whitelist and the scope of the pre-authorized knowledge base, and generate a secondary verification trigger signal; S6: In response to the secondary verification trigger signal, replay the correction logic of the off-chain semantic repair agent in the sandbox environment, confirm the data integrity by comparing the output hash consistency, and generate an anti-tampering confirmation certificate; S7: Write the correction result into the off-chain cache based on the tamper-proof confirmation certificate, and mark the original transaction status as a status identifier that is pending manual review and has been semantically aligned.
2. The blockchain-based method for end-to-end quality traceability of nutritional supplements in overseas warehouses according to claim 1, characterized in that, Following step S7, the following is also included: S8: After detecting the change of the status identifier, extract the current transaction context snapshot and generate a low-interference pop-up prompt instruction, and push it to the operator terminal to complete the closed-loop feedback.
3. The blockchain-based method for end-to-end quality traceability of nutritional supplements in overseas warehouses according to claim 1, characterized in that, The structured failure semantic tags include failure type identifiers and abstract error categories.
4. The blockchain-based method for end-to-end quality traceability of nutritional supplements in overseas warehouses according to claim 1, characterized in that, Step S2 further includes: The received structured failure semantic tags are parsed to extract the failure type identifier field and the abstract error category field. A key index value is generated by hashing the data and then the key index value is used to access the local pre-built lightweight proxy registry to locate the proxy mapping entry that matches the current abstract error category. Finally, an activation instruction data packet containing call parameters and permission credentials is generated.
5. The blockchain-based method for end-to-end quality traceability of nutritional supplements in overseas warehouses according to claim 1, characterized in that, Step S3 specifically includes: The received structured failure semantic tags are processed by ontology mapping parsing to extract target domain constraints and construct a semantic reasoning context environment; Based on the semantic reasoning context, a multimodal feature alignment operation is performed on the hash-desensitized original input fragment to generate a standardized data feature vector. The standardized data feature vectors are used to perform a breadth-first semantic path search in the built-in industry knowledge graph to locate the set of compliance candidate nodes and obtain potential semantic correction target objects. A Bayesian confidence assessment model is applied to the set of compliance candidate nodes to perform probability calculations, and a preliminary list of correction schemes with numerical confidence scores is output. Based on the preliminary correction scheme list, a descending sort and threshold filtering operation is performed to select the final candidate correction value set whose numerical confidence score is higher than a preset threshold.
6. The blockchain-based method for end-to-end quality traceability of nutritional supplements in overseas warehouses according to claim 5, characterized in that, The target domain constraints include the ontology of regulatory terminology for nutritional supplements and the field mapping rules for cross-border logistics documents.
7. The blockchain-based method for end-to-end quality traceability of nutritional supplements in overseas warehouses according to claim 1, characterized in that, Step S4 specifically includes: Obtain the set of candidate correction values with confidence ranking and the corresponding industry knowledge graph reasoning path records. Based on the Pedersen commitment scheme, perform discrete logarithmic domain blinding calculation on each candidate correction value and its confidence score to generate a zero-knowledge original commitment component sequence. Receive the sequence of zero-knowledge original commitment components, aggregate the scattered commitment components into a single cumulative commitment value, and construct a binding relationship by combining the SHA-256 hash fingerprint of the modified basis description field, and output the aggregated commitment structure; The aggregate commitment structure is processed by the range proof protocol construction process to generate a non-interactive zero-knowledge proof string in which the candidate correction value is within the compliant numerical range and no overflow occurs, forming a privacy-preserving proof payload. Extract the privacy protection proof payload and the pre-set proxy identity public key parameters, perform a joint signature operation on the modified basis description text and the commitment root hash, and generate a source authentication signature token; The source authentication signature token, the privacy protection proof payload, and the aggregate commitment structure are integrated and structured according to a predefined on-chain interaction data serialization standard to generate a repair suggestion summary package.
8. The blockchain-based method for end-to-end quality traceability of nutritional supplements in overseas warehouses according to claim 7, characterized in that, The zero-knowledge original commitment component sequence contains hidden numerical information and a random masking factor.
9. The blockchain-based method for end-to-end quality traceability of nutritional supplements in overseas warehouses according to claim 1, characterized in that, Step S5 specifically includes: Obtain the repair suggestion summary package, extract the digital signature features and proxy identity identifiers from it based on the asymmetric encryption algorithm, and generate a set of identity authentication credentials to be verified. Receive the set of identity authentication credentials to be verified, perform a hash matching operation based on the proxy identity whitelist data structure stored on the chain, and generate a proxy access permission status flag; Using the agent access permission status flag as a prerequisite, the correction basis description field in the repair suggestion summary package is parsed, and the correction basis description field is semantically compared with the regulatory terminology ontology within the scope of the pre-authorized knowledge base to generate a compliance verification pass certificate. For the compliance verification certificate, a zero-knowledge proof verification algorithm is used to logically determine the integrity of the data privacy encapsulation in the digest packet, and a tamper-proof data integrity confirmation token is generated. In response to the tamper-proof data integrity confirmation token, structured instruction data is assembled based on an event-driven architecture to generate a secondary verification trigger signal.
10. The blockchain-based method for end-to-end quality traceability of nutritional supplements in overseas warehouses according to claim 9, characterized in that, The structured instruction data includes a transaction context index and a proxy identity index.