Someone asked: brother tree, blockchain can protect the data from tampering, but how can we protect the data on the chain?
This is a good problem. If the data on the blockchain itself is false, then the blockchain data can not be tampered with, which is meaningless.
However, one solution can only solve one problem. The blockchain solution is that the data on the chain can not be tampered with, and the security and credibility of the data under the chain need to be solved by the means under the chain, that is, by some administrative means. For example, if you want to trace the origin of a diamond, you should not try to put a unique mark on the diamond entity, but if all the marks are erased, then the traceability is meaningless. Just like our current express tracking, if someone changes the contents of the box, it is of limited significance to just record the flow direction of the barcode outside the box.
This is not the focus of tree brother’s discussion today. Today we will discuss several ways of data link. Today, we mainly introduce five data link schemes:
1. Content certification
The so-called content storage refers to directly putting the content we want to store into the blockchain. However, as we all know, the storage space on the blockchain is extremely valuable and limited, so these contents are generally not too large. For the simplest example, we have found that applications executed on the blockchain, that is, what we often call “smart contract”, generally do not have very powerful functions, and the programming language used generally has a small amount of compiled code, which is the reason. If the function is not strong, it means that the amount of code is relatively small, and the space occupied by the compiler is relatively small, which is to save the space on the blockchain.
Because of the openness and transparency of the blockchain, the content directly on the blockchain means that the content is public. Therefore, it may be suitable for making some announcements and copyrights, but not suitable for the text of a large amount of content or content with privacy needs.
2. Hash deposit
The so-called hash certificate is to save the hash value of the file content on the chain. The hash value of the file content is also known as the “digital fingerprint” of the file, which can be obtained by hashing the file content. Because the length of the hash value is relatively limited, for example, the hash value of sha256 for a content of tens of thousands of words is only 256 characters, so there is no pressure for the blockchain to store such a length of content on the chain.
We can verify whether the content of the file has been tampered by hashing. For example, we store the hash value of an original text on the blockchain. When we get the file again, we hash the content. If it is consistent with the content stored on the chain, the content is believed to be reliable and has not been tampered. If the hash value is different, the content is considered to have been tampered and is no longer trusted. This is an effective way to prevent software from being maliciously implanted with viruses. A company can put the “digital fingerprint” of its own software into the blockchain. Users can verify whether the digital fingerprint has changed when they download software from different channels. If there is any change, they think that the software may have been implanted with viruses or trojans and it is no longer safe.
However, it is obvious that this scheme can only know whether the file has been tampered with, not only what the original text is.
3. Linked Deposit
Linked certificate storage is equivalent to hash certificate storage, and the URI address of the file is added to it. In this way, the two sets of things “file address + file digital fingerprint” are stored on the blockchain. These two sets can confirm each other. For example, a bank’s security plug-in requires us to download the security plug-in from its official website to use this method.
4. Private deposit
The so-called private certificate storage is to store the data on the blockchain after encryption, which is a strategy to deal with the data on the blockchain is open and transparent. Generally, symmetric encryption is used for data encryption. The so-called symmetric encryption means that the key of encryption and decryption is one. This encryption scheme is relatively simple and fast, and can be suitable for a large number of data encryption.
If your company has some shareholder agreements, or some important things that want to survive for a long time, and are not tampered with, but do not want to let outsiders know, you can use this method to encrypt the data first, and then store it on the blockchain. If you need to read it later, you can download it and decrypt it later.
5. Share privacy
Sharing the private certificate is equivalent to the further development of the private certificate. After the file is encrypted, the encrypted secret key should be encrypted again with asymmetric encryption. In other words, the first encryption of file content is symmetric encryption, and the second encryption of secret key is asymmetric encryption. Asymmetric encryption has two keys: public key and private key.
In the above case, if the agreement between shareholders of the company is connected to the blockchain, and then the secret key is encrypted with its own private key. In this way, other shareholders can use the public key of the encrypted shareholder to decrypt. After getting the symmetric secret key, they can decrypt the symmetric secret key to decrypt the file. Of course, the public key of other shareholders can also be used to encrypt the secret key, so that each shareholder can decrypt the secret key with his own private key.
Summary: there are many data link schemes, which are very flexible. They can change according to different application scenarios. Tree brother just lists several. We look forward to your different plans, which can be shared with us.
Editor in charge: CT