ARRANGEMENT OF BLOCKCHAINS WITH A RESTRICTED TRANSACTION

Abstract

A blockchain arrangement configured to simultaneously distribute at least one public transaction and/or a restricted transaction, wherein the disposition includes a plurality of participating nodes and a plurality of validator nodes connected by a telecommunications network; wherein a proponent participant node is configured to send to all the validator nodes the contents of a tx information transaction record, together with the identifier of a particular preconfigured privacy group; to provide the capabilities of anonymity and privacy to the blockchain system that distributes blocks of information transaction records; such that at least one recipient participating node, connected to a blockchain network, is able to decrypt, read, and execute the information transaction record blocks encrypted by the validator or mining nodes of the blockchain network.

Claims

1. A blockchain arrangement configured to distribute simultaneously at least one public transaction and/or a restricted transaction, wherein the disposition includes a plurality of participating nodes (12) and a plurality of validator nodes (13) connected by a telecommunications network (14), characterised by the fact that a proponent participant node (12) is configured to send the contents of a t.sub.x information transaction record to all the validator nodes (13) together with the identifier of a particular preconfigured privacy group.

2. Arrangement according to claim 1, wherein the transaction record of information t.sub.x is encrypted by an encryption module of the sending participant node N.sub.p (12).

3. Arrangement according to claim 2, wherein the receiving validator node (13) is configured to cover the transaction of information t.sub.x encrypted by means of a new transaction of information t.sub.x′; such that the t.sub.x′ information transaction is forced to maintain the same hash identifier as the t.sub.x information transaction.

4. Arrangement according to claim 3, wherein the receiving validator node (13) is configured to mark the encrypted data block with a restricted t.sub.x information transaction, such that only the participating nodes (12) that have the encryption privacy key are configured to read and execute the restricted t.sub.x information transaction.

5. Arrangement according to claim 4, wherein the receiving validator (13) is configured to assemble the encrypted and marked data block to the blockchain to distribute the blockchain to the participating nodes (12) in the particular privacy group of the restricted t.sub.x information transaction, the privacy key is shared by the particular privacy group.

6. Arrangement according to claim 4, wherein the receiving validator node (13) is configured to inform the participating nodes (12) in the particular privacy group of the restricted t.sub.x information transaction that the restricted t.sub.x information transaction is intended for the particular privacy group.

6. Arrangement according to claim 6, wherein the receiving validator node (13) is configured to distribute to the participating nodes (12) the blockchain comprising the data block with encrypted and marked records, wherein the blockchain will consist of 0 to N transactions and at least one restricted t.sub.x information transaction.

8. Arrangement according to claim 1, wherein the receiving validator node (13) is configured to receive a request message for a restricted transaction execution from a participating node, wherein the receiving validator node (13) determines the participating nodes (12) based on the members entered in a particular preconfigured privacy group.

8. Arrangement according to claim 8, wherein the request message for a restricted transaction execution received by the receiving validator node (13), in addition to the transaction data proposed by the proposing participant node (12), comprises the metadata regarding the privacy context for which the restricted transaction is executed.

10. Arrangement according to claim 2, wherein the sending participant node (12) is configured to cover the transaction of information t.sub.x encrypted by means of a new transaction of information t.sub.x′.

Description

BRIEF DESCRIPTION OF THE FIGURES

[0033] A more detailed explanation is given in the following description and is based on the attached figure:

[0034] FIG. 1 shows a blockchain network in a block diagram comprising a plurality of nodes that are connected through a telecommunications network to simultaneously broadcast or propagate public and private information transaction records from a blockchain,

[0035] FIG. 2 shows a diagram of a blockchain network comprising a plurality of nodes that are connected through a telecommunications network to simultaneously broadcast or propagate public and private information transaction records from a blockchain,

[0036] FIG. 3 shows the complete flow from the generation of the restricted transaction to the privacy group, and its inclusion in a block using the consensus mechanism, and the distribution of the block to the other actors,

[0037] FIG. 4 displays the process that a sending node performs to convert a regular transaction T.sub.x into a restricted transaction T.sub.x.sup.p for a privacy group pg.sup.y, and

[0038] FIG. 5 shows the deconstruction process of a restricted transaction in the original transaction.

DESCRIPTION

[0039] In relation to FIG. 1 wherein an environment of a blockchain network, 11, is displayed, wherein a plurality of nodes, participants, 12, and validators or miners, 13, are connected through a telecommunications network, 14, to share and execute transactions distributed within data blocks that are added to a chain of blocks or a blockchain.

[0040] The blockchain is distributed over the telecommunications network, 14, from one validator node, 13, to the rest of nodes, 12, 13, of the blockchain network, 11.

[0041] The telecommunications network, 14, can be a LAN (local area network), wired or wireless, wide area network, WAN, such as an intranet, an extranet, or the Internet, or the like. The telecommunications network, 14, facilitates communications between the nodes, 12, 13, of the blockchain network, 11.

[0042] Nodes 12 and 13 in the blockchain network, 11, are electronic devices similar to a computer running an operating system.

[0043] Nodes 12 and 13 that make up the blockchain network, 11, are configured to execute instructions stored on computer-readable storage media. In addition, all the nodes, 12, 13, run communication protocols to interact with the services and/or content provided by the blockchain network, 11.

[0044] All the nodes, 12, 13, in the blockchain network, 11, have read access to the chain data in their own local copy. Only validator or mining nodes, 13, can issue or create new blocks with public and restricted transaction records.

[0045] One public transaction and/or a restricted transaction, namely, will be transmitted from a participating node 12 to ether validator nodes for its validation and consensus. Once the transaction is validated and agreed, the validator node generates a block of data to add to the blockchain. Each data block includes a hash relative to the immediately preceding data block to prevent modification of the previous information.

[0046] However, if a participating node, 12, proposes a private or restricted transaction, the proposed transaction has to be validated by the majority of the validator or mining nodes, 13. This transaction is transmitted to the validator or mining nodes, 13, through a telecommunications network, 14.

[0047] The receiving validator node, 13, of the restricted transaction execution request determines the participating nodes, 12, according to the members entered m a certain pre-configured privacy group. The request message for executing the restricted transaction also comprises, in addition to the data specific to the proposed transaction, the metadata relating to the privacy context for which the restricted transaction is executed.

[0048] The proposed restricted transaction is transmissible from the receiving validator node, 13, to at least one or more validator nodes, 13, for its validation and consensus. Each validator node, 13, determines whether a transaction is valid and consistent with the other validation nodes, 13, and if it should be integrated into the next block in the chain.

[0049] Therefore, the network, 11, of participating nodes, 12, and validators, 13, maintains and manages the chain of data blocks composed simultaneously by public and/or restricted transactions; such that each node, 12, 13, has access to all the data blocks, whether public or restricted information transaction records, even though only the participating nodes, 12, in the particular privacy group have simultaneous access to the restricted transaction and public transactions.

[0050] A transaction proposed by a participating node, 12, in the blockchain network has a unique identifier that corresponds to the execution of a summary mathematical function such as MD5, a secure hash algorithm, SHA, BLAKE, or other similar hash functions over its binary content. This unique identifier will be called the transaction hash.

[0051] For the initiation of a restricted information transaction, the proponent participant node, 12, privately sends to all the validator nodes, 13, the contents of the information transaction record t.sub.x′, together with the privacy group identifier.

[0052] The validator nodes, 13, execute the information transaction and, once the information transaction has been validated and agreed by a majority of validator nodes, 13, the information transaction record t.sub.x′ is encrypted by an encryption module of the validator node, 13.

[0053] The encrypted information transaction t.sub.x is covered by a new information transaction t.sub.x′; so that the information transaction t.sub.x′ is forced to maintain the same hash identifier as the information transaction t.sub.x. In this manner, the encrypted data block is marked as a restricted information transaction t.sub.x for which only the participating nodes, 12, that have the encrypted privacy key are able to read and execute the restricted information transaction t.sub.x. The above process is carried out by the validator node, 13, encryption module.

[0054] The encrypted and marled data block of the blockchain will be distributed by the validator nodes, 13, of the blockchain network and will comprise 0 to N transactions and at least one information transaction t.sub.x′; that is, a block of data that is encrypted and marked as restricted. The participating nodes, 12, in the t.sub.x privacy group are further informed that t.sub.x′ is a transaction destined for that privacy group.

[0055] The validator nodes, 13, are enabled upon receipt of the constraint metadata from the participant node, 12, to execute, validate, package, and deliver ail the restricted transactions to the participating nodes, 12, belonging to the privacy group.

[0056] The participating nodes, 12, that wish to perform a restricted information transaction within the privacy group, are configured to decrypt encrypted blocks distributed from the validator nodes, 13, using the corresponding encryption privacy key corresponding to the transaction privacy group.

[0057] The validator nodes, 13, are configured to perform privacy group management tasks such as distributing a set of encryption privacy keys. A privacy key from the set of encryption privacy keys is used by validator nodes, 13, to encrypt proposed information transactions that have to be encrypted and marked as restricted data blocks before being assembled within a block and, later, distributed to all the nodes, 12, in the blockchain network; that is, to nodes, 12, in the privacy group and to all the other nodes in the blockchain network, 11.

[0058] So that a participating node, 12, in the blockchain network can perform a restricted information transaction with at least one specific participating node, 12, in the blockchain network, 11, both participating nodes, 12, in the blockchain network, 11, must belong to the same privacy group.

[0059] All nodes, 12, in the blockchain network, 11, receive each of the data blocks in the existing blockchain, and then, successively, in a continuous way, the blockchain advances.

[0060] Therefore, all nodes, 12, 13, in the blockchain network have the same binary copy of the blockchain stored; namely, distributed record book, ledger, immutable, which includes both the public and private transactions. The participating nodes, 12, and validators 13, of the blockchain network, 11, comprise at least one input-output interface for communication between the different nodes, 12, 13, of the blockchain network, 11, at least one encryption-decryption module, a privacy group store that comprises at least one participating node, 12, and at least one set of encrypted privacy keys and a blockchain store; namely, distributed record book, ledger.

[0061] The privacy group store on the participating nodes, 12, will store only the privacy groups in which the participating, node, 12, is a member. In contrast, the privacy croup store on the validator nodes, 13, will be the result of the superset of the privacy groups of each node, or the privacy groups that can be formed with the n-1 participating nodes, 12, in the blockchain network, 11.

DETAILED DESCRIPTION

[0062] FIG. 2 shows schematically an environment of a blockchain network wherein a plurality of N.sub.p participating nodes and N.sub.v validator or mining nodes, are connected through a telecommunications network R.sub.c to share and execute distributed transactions within data blocks that are added to a single chain of blocks or Blockchain B.sub.c.

[0063] The blockchain is distributed over the R.sub.c telecommunications network from an N.sub.v validator node to the rest of the N.sub.p participating nodes in the network. The R.sub.c telecommunications network can be a LAN, wired or wireless, wide area network, WAN, such as an intranet, an extranet, the internet, or the like. The R.sub.c telecommunications network facilitates communications between the nodes N.sub.v and N.sub.p.

[0064] The N.sub.v and N.sub.p nodes of the Blockchain network are electronic devices such as a computer running an operating system and are configured to execute instructions stored on computer-readable storage media. In addition, all R.sub.v and R.sub.p nodes execute communication protocols to interact with the services and/or content provided by the blockchain network.

[0065] A N.sub.p participating node and an N.sub.v validator node in the blockchain network refers to a physical or legal person who maintains, shares, and operates with its own local copy of the blockchain. namely, a record book or ledger.

[0066] In addition, a member refers to a physical or legal person who performs information transactions and is authorized to access certain information transaction records in the blockchain.

[0067] All R.sub.p nodes in the blockchain network have read access C.sub.B to the chain data in their own local copy. Only the R.sub.v validator or mining nodes can issue or create new E.sub.B blocks with public and restricted transaction records in the B.sub.c blockchain.

[0068] A transaction proposed by an R.sub.p or R.sub.v node in the blockchain network has a unique identifier that corresponds to the execution of a summary mathematical function such as MD5, a secure hash algorithm, SHA, BLAKE or other similar hash functions on its binary content. This unique identifier will be called the transaction hash.

[0069] All members of the blockchain network use a single chain or ledger to potentially distribute and agree on all the information it operates, therefore, no external systems are required to store, either partially or completely, private or restricted information.

[0070] Privacy is achieved through encryption because the members of the blockchain network can only access the details of the information transactions targeted to the privacy groups to which they belong; that is, they are members of at least one or more privacy groups defined in the blockchain network operation.

[0071] The use of summary information algorithms also establishes the immutability of transaction records, thus protecting against possible malicious acts. Data resilience is improved as the encrypted transaction records are stored locally by members.

[0072] FIG. 3 shows the issuing and distribution flow of a restricted transaction from the issuing node to the block distribution of the blockchain containing it B.sub.c.

[0073] The transaction is initiated by the sending node that wishes to send the T.sub.x transaction to the privacy group that consists of node 1 and 2. This transaction be transformed into a T.sub.x.sup.p transaction as detailed later. This T.sub.x.sup.p transaction will be distributed to the set of validator nodes [1 . . . N] that will decrypt the T.sub.x.sup.p transaction in T.sub.x using the decryption key belonging to the privacy group pg.sup.1,2. The T.sub.x transaction is executed and agreed by the set of validator nodes using the selected consensus method. Once this transaction is selected to be included in the block, a block will be created with that transaction, but T.sub.x.sup.p will be included in its private form. It is important to note that this included T.sub.x.sup.p transaction contains all the contents of the original T.sub.x transaction transformed in its private form and not a summary of its contents.

[0074] Finally, block B.sub.N is distributed to all the network participants as well as some special metadata for each participant that includes the relationship between each private transaction and the privacy group for which it is intended.

[0075] Therefore, the blockchain consist of blocks that will contain indiscriminately public and/or restricted, namely private, information transaction records.

[0076] It is important to note that the solution only uses a unique blockchain in which at least two types of information transaction records coexist; these are public information transaction records and/or restricted information transaction records (private and anonymous). Therefore, the blockchain is self-contained for both public and private transactions.

[0077] The encrypted information transaction records can only be decrypted and executed by participating nodes in the blockchain network that hold an encryption privacy key corresponding to the privacy group within which the proposed restricted transaction is performed.

[0078] A privacy group is a subset of nodes in the blockchain network that share at least one encryption privacy key to read the restricted transactions transmitted between nodes in the privacy group.

[0079] A member of the blockchain network can be part of at least one privacy group and at most can belong to as many privacy groups as different member combinations comprise the blockchain network.

[0080] The participating nodes will contain a plurality of encryption privacy keys intended to record restricted information transactions within the privacy groups in which they are included.

[0081] Therefore, any member of the privacy group connected to the blockchain network can access ail the restricted transaction information content contained in the newly created block that is targeted to the privacy groups of which they are a part.

[0082] FIG. 4 shows the process of transforming a T.sub.x transaction into its private T.sub.x.sup.p form initially shown in the first phase of FIG. 2. To do this, each Blockchain node will have a component that will execute two distinct phases: encryption and encapsulation. In the first phase, the original T.sub.x transaction will be encrypted with the K.sub.pg.sup.y encryption key belonging to the pg.sup.y privacy group for which the transaction is intended.

[0083] The result of the encryption phase will be the contents returned from the encryption module of all the T.sub.x content with the K.sub.gp.sup.y key, represented by T.sub.x.sup.enc. This content will be moved to the encapsulation (wrapping) phase in which a transaction is generated whose payload will be the entire contents of T.sub.x.sup.enc, ultimately resulting in the restricted transaction T.sub.x.sup.p.

[0084] This T.sub.x.sup.p transaction will be distributed to the validator nodes for consensus as detail FIG. 2.

[0085] FIG. 5 shows the reverse process that will be executed by any node belonging to the gp.sup.y privacy group and/or validator nodes.

[0086] The participating node will receive the T.sub.x.sup.p transaction and retrieve from the privacy groups that are part of the K.sub.pg.sup.y key associated with the gp.sup.y privacy group. The unwrapping phase wilt be executed first, which will return T.sub.x.sup.enc, which will then be sent to the decryption module together with K.sub.pg.sup.y to decrypt the T.sub.x.sup.enc transaction finally obtain T.sub.x.

[0087] A node that is not a member of the gp.sub.y privacy group will not have the K.sub.pg.sup.y decryption key and, therefore, will not be able to obtain the original content of the T.sub.x transaction and, consequently, will not be able to process it.