Search

CN-121984700-A - Target node admittance method and device of block chain domain division architecture

CN121984700ACN 121984700 ACN121984700 ACN 121984700ACN-121984700-A

Abstract

The embodiment of the disclosure provides a target node admittance method, a target node admittance device, electronic equipment and a readable medium of a blockchain domain-dividing architecture. The target node admittance method specifically comprises the steps of realizing centralized management of a plurality of independent domains through a system domain as a global registration center, sending a chain address of a target node to a manager of the target independent domain, enabling the manager to add the chain address to a node list of the target independent domain according to admittance rules of the target independent domain under the condition that the target node is allowed to join the target independent domain, acquiring registration data of the target independent domain, generating an admittance authentication request and sending the admittance authentication request to at least one authentication node in the authentication node list, and executing local initialization and function module configuration to complete admittance of the target node in response to receiving a response result that the admittance authentication request is verified to be successful. The embodiment of the disclosure realizes safe, efficient and controllable access of the target node under the block chain domain architecture.

Inventors

  • Mu changchun
  • DI GANG
  • LV YUAN
  • HU YAJUN
  • HUANG QIN
  • HE MENGWEI

Assignees

  • 中国人民银行数字货币研究所

Dates

Publication Date
20260505
Application Date
20251212

Claims (11)

  1. 1. A target node admission method of a blockchain split domain architecture, wherein the blockchain split domain architecture includes a system domain and a plurality of independent domains, the system domain is used as a global registry for storing and managing registration data of all independent domains, the method comprising: the target node sends the address on the chain to a manager of a target independent domain, so that the manager adds the address on the chain to a node list of the target independent domain under the condition that the target node is allowed to be added to the target independent domain according to an admission rule of the target independent domain; The target node acquires registration data of the target independent domain, wherein the registration data comprises an authentication node list of the target independent domain; The target node generates an admission authentication request and sends the admission authentication request to at least one authentication node in the authentication node list; and the target node executes local initialization and functional module configuration according to the received response result of successful verification of the admission authentication request so as to complete the admission of the target node.
  2. 2. The method of claim 1, wherein the admission rules for the target independent domain are determined based on a governance policy for the target independent domain and a node type of the target node.
  3. 3. The method of claim 1, wherein the target node obtaining registration data for the target independent domain comprises: The target node initiates a full-volume registration data pulling request to the system domain so that the system domain returns aggregation information containing all independent domain registration data; And the target node screens out corresponding registration data according to the target independent domain identifier.
  4. 4. The method of claim 1, wherein the registration data includes metadata and an creation block of an independent domain, the method further comprising: The target node initiates a full metadata pulling request to the system domain so that the system domain returns aggregation information containing metadata of all independent domains; the target node screens out corresponding metadata according to the target independent domain identifier, and acquires an authentication node list of the target independent domain from the metadata; The target node generates an admission authentication request and sends the admission authentication request to at least one authentication node in the authentication node list; And the target node further acquires the generation block and module configuration information of the target independent domain according to the received response result of successful verification of the admission authentication request so as to execute local initialization and function module configuration and complete the admission of the target node.
  5. 5. The method of claim 4, wherein the target node performs local initialization, comprising: Creating an independent data directory for the target independent domain and loading the registration data to initialize an independent world state database.
  6. 6. The method according to claim 4 or 5, wherein the target node performs a local function module configuration, comprising: analyzing the module configuration information, and loading the functional module required by the target independent domain, wherein: the network communication module and the API interface module of the target independent domain are shared with the system domain and other independent domains, and other functional modules of the target independent domain are instantiated and operated independently of the system domain and other independent domains so as to realize state and performance isolation among services; And the network communication module and the API interface module execute logic routing operation according to the corresponding relation between the predefined independent domain identifier and the message queue.
  7. 7. The method of claim 6, wherein the target node continuously listens to a particular message queue according to a predefined correspondence between the independent domain identifier and the message queue, obtains transaction information therefrom, and executes business logic embedded in the transaction.
  8. 8. The method of claim 1, wherein the registration data comprises at least one of a target independent domain identifier, a target independent domain name, an initial list of consensus node addresses, an initial list of participating node addresses, a node admission rule, and a governance policy.
  9. 9. A target node admission apparatus of a blockchain split domain architecture, wherein the blockchain split domain architecture includes a system domain and a plurality of independent domains, the system domain serving as a global registry for storing and managing registration data of all independent domains, the apparatus being applied to the target node, comprising: The sending module is configured to send the address on the chain to a manager of a target independent domain, so that the manager adds the address on the chain to a node list of the target independent domain under the condition that the target node is allowed to be added to the target independent domain according to an admission rule of the target independent domain; The acquisition module is configured to acquire registration data of the target independent domain, wherein the registration data comprises an authentication node list of the target independent domain; an authentication module configured to generate an admission authentication request and send the admission authentication request to at least one authentication node in the authentication node list; And the initialization module is configured to execute local initialization and function module configuration according to the received response result of successful verification of the admission authentication request so as to complete the admission of the target node.
  10. 10. An electronic device, comprising: One or more processors; a storage device communicatively coupled to the one or more processors for storing one or more programs, The one or more programs, when executed by the one or more processors, cause the one or more processors to implement the methods of claims 1-8.
  11. 11. A computer readable medium on which a computer program is stored, characterized in that the program, when being executed by a processor, implements the method according to claims 1-8.

Description

Target node admittance method and device of block chain domain division architecture Technical Field The disclosure relates to the technical field of blockchains, in particular to a target node access method, a target node access device, an electronic device and a readable medium of a blockchain domain architecture. Background With the development of blockchain technology, more and more enterprises and organizations begin to build federated chain platforms to support trusted collaboration across organizations. However, in practical applications, it is difficult for a single chain structure to satisfy diversified service requirements. For example, banks may be involved in multiple business scenarios such as credit, supply chain finance, cross-border payments, etc. if all businesses are deployed on the same chain, this can lead to (1) resource contention and performance bottlenecks. The multiple services share the same consensus engine, storage space and network bandwidth, which is easy to cause resource contention and influence the overall performance. (2) data isolation is difficult. The data between different businesses may have sensitivity difference, and if there is no effective isolation mechanism, sharing the same account book may cause data leakage or illegal access. (3) the complexity of treatment increases. All services share a set of governance rules, and it is difficult to formulate flexible admission policies and entitlement control mechanisms for specific services. (4) extensibility is limited. As the number of services grows, the single-chain architecture is difficult to laterally expand, limiting the flexibility and maintainability of the system. The block chain domain architecture can solve the problems, but the addition of the block chain domain architecture still faces a plurality of challenges when a domain division system of a new node is adopted, including disordered access of the nodes caused by lack of standardized access flow among different independent domains, incapability of directly multiplexing treatment strategies of each independent domain due to strong autonomy of each independent domain, manual configuration of a large number of parameters in a traditional mode, and the like, which is not beneficial to automatic deployment. Therefore, a target node admission mechanism that can achieve security, flexibility and scalability is needed. Disclosure of Invention The embodiment of the disclosure provides a target node admittance method, a target node admittance device, an electronic device and a readable medium of a blockchain domain division architecture, which realize a safe, efficient and controllable node admittance mechanism and are suitable for a large-scale multi-service blockchain system. In order to achieve the technical purpose, the embodiment of the disclosure adopts the following technical scheme: In a first aspect, an embodiment of the present disclosure provides a target node admittance method of a blockchain split domain architecture, where the blockchain split domain architecture includes a system domain and a plurality of independent domains, and the system domain is used as a global registry and is used to store and manage registration data of all the independent domains, and the method includes: The target node sends the address on the chain to a manager of the target independent domain, so that the manager adds the address on the chain to a node list of the target independent domain according to the admission rule of the target independent domain under the condition that the target node is allowed to be added to the target independent domain; The method comprises the steps that a target node obtains registration data of a target independent domain, wherein the registration data comprises an authentication node list of the target independent domain; the target node generates an admission authentication request and sends the admission authentication request to at least one authentication node in the authentication node list; And the target node executes local initialization and functional module configuration according to the response result of successful verification of the received access authentication request so as to complete the access of the target node. In some possible embodiments, the admission rules of the target independent domain are determined according to the governance policies of the target independent domain and the node type of the target node. In some possible embodiments, the target node obtains registration data of the target independent domain, including: the target node initiates a full registration data pulling request to the system domain so that the system domain returns aggregation information containing all independent domain registration data; the target node screens out the corresponding registration data according to the target independent domain identifier. In some possible implementations, the registration data includes metadata an