Disclosed herein are system, method, and computer program product embodiments for issuing assets and/or asset tokens using zero-knowledge proofs (“ZKPs”). An issuance system may receive a command to issue an asset. The issuance system may determine that issuing the assets would not violate administrator-defined or network-defined rules that may govern the types of assets and/or the quantity of assets that the issuance system may issue. The issuance system may then issue the assets and generate a ZKP corresponding to the issuance and indicating adherence to the rules while concealing information related to the asset token, such as the types of assets and/or quantity of assets. The issuance system may publish the ZKP to a blockchain so that verifier nodes may confirm that the issuance system adhered to the rules while still preventing access to the underlying issuance information.

Systems and methods for secure resource management are provided. A secure resource management system includes a resource record repository, such as a secure database or a blockchain, for storing resource records for resources. The resource records contain information of resource providers, information of resource users having a right to obtain resources, and resource transaction histories. Responsive to a request to verify an authorized user of a resource, the secure resource management system further queries the resource record repository, retrieves the resource record, determines the resource user currently having a right to obtain the resource as the authorized user of the resource, and transmits the verification result in response to the request. The verification result identifies the authorized user of the resource and can be used to grant access to the resource by the authorized user.

Methods, systems, and apparatus, including computer programs encoded on computer storage media, for digital asset buyback. One of the methods includes: obtaining a request for buying back a digital asset from a first blockchain account, the request comprising a quantity of the digital asset; identifying, based on the request, a blockchain contract that is deployed on the blockchain and that corresponds to the digital asset; generating a blockchain transaction for transferring the quantity of the digital asset from the first blockchain account to a second blockchain account associated with digital asset buyback, wherein the blockchain contract comprises a restriction prohibiting transfer of the digital asset out of the second blockchain account; and sending, to a blockchain node for adding to the blockchain, the blockchain transaction for transferring the quantity of the digital asset from the first blockchain account to the second blockchain account.

A payment method by a processing server to process payment that is independently performed between a user equipment and a payment channel server is provided. The method includes: generating, by the processing server, a payment order bound to a merchant order generated by a merchant device by determining a corresponding item ID, of a service and/or a product for purchase, that is registered with the payment channel server, the merchant order corresponding to the service and/or the product provided by the merchant device; obtaining, by the processing server, a payment voucher corresponding to the payment order; matching, by the processing server, based on the payment voucher, the merchant order bound to the payment order; and transmitting, by the processing server to the merchant device, based on the matched merchant order, a service/product providing notification for providing the service and/or the product to the user equipment.

A method including receiving, by a server computer, a request message from a token requestor computer on behalf of a user device. The request message comprising a first current token tracking value and a first function index value. The server computer can determine a second function index value. The server computer can then compare the first function index value to the second function index value. If the first function index value and the second function index value match, the server computer can determine a function based on the first function index value and a stored function table associated with the user device. The server computer can then determine a second current token tracking value based on the function, then compare the first current token tracking value to the second current token tracking value. The server computer can generate a response message in response to the comparing.

Minting a physical computing device based on unique key generation, wherein the key generation is configured to create a private-public key pair. In implementations, the key pair may be generated upon initialization of the physical computing device, such that the physical computing device is minted with the key pair. The key pair may be utilized as a token for supply-chain billings, payments, auditing, etc. associated with the physical computing device.

The present disclosure relates to the field of identity generation and verification systems and discloses a system and a method for generation and verification of identity of a subject associated with an organization. The system comprises an identity generation tool, an identity verification tool, and a validating server. The identity generation tool is installed in a first electronic device associated with the subject and is configured to generate an ephemeral identity instance for the subject based on its association record, a digital signature of the association record, and a one-time token. The identity verification tool is installed in a second electronic device associated with the verifier and is configured to receive the identity instance and verify the association record of subject using the digital signature. The validating server is configured to verify the validity status of the association record.

This specification provides method for auditing authenticity of cross-border resource transfers, device, and electronic equipment. The method is implemented on a client device, and comprises: obtaining cross-border resource transfer information initiated by an initiator of a cross-border resource transfer; obtaining, in response to the cross-border resource transfer information, identification information corresponding to proof information that is stored in a blockchain and corresponds to the cross-border resource transfer information; generating a cross-border resource transfer request based on the cross-border resource transfer information and the identification information; and sending, to an auditor of cross-border resource transfers, the cross-border resource transfer request, causing the auditor to perform, based on the proof information that is stored in the blockchain and corresponds to the identification information, an authenticity verification on the cross-border resource transfer information.

Embodiments described herein provide cryptographic techniques to enable a recipient of a signed message containing encrypted data to verify that the signer of the message and the encryptor of the encrypted data are the same party, or at the least, have joint possession of a common set of secret cryptographic material. These techniques can be used to harden an online payment system against interception and resigning of encrypted payment information.

The present invention relates to a system for transfer of fund from a user to an entity. The user may be associated with a user computing device and the entity may be associated with an entity device. The entity device may include a secure element embedded within the entity device such that the secure element may enable short range communication with the user computing device or physical card for a secure and contactless fund transfer. The system may include a simple and convenient mode of the contactless fund transfer such as, for example, a tap-to-x transaction model, tap-to-pay for fund transfer, and tap-to-go for transit/access. Each operation pertaining to the fund transfer may be processed through the entity device that ultimately connects to a service provider. The secure element enables the fund transfer to be secure, authentic and confidential.