区块链的合约,区块链合约什么意思

『一』What does contract blockchain mean?

Heshu software blockchain technology is computer technology such as distributed data storage, point-to-point transmission, consensus mechanism, encryption algorithm, etc.
New application model. The so-called consensus mechanism is a mathematical algorithm that establishes trust and obtains rights and interests between different nodes in the blockchain system.
In a narrow sense, blockchain is a
chained data structure that combines data blocks in a sequential manner in chronological order,
and is cryptographically guaranteed An untamperable and unforgeable distributed ledger. Broadly speaking, blockchain technology uses block chain data structures to verify and store data, uses distributed node consensus algorithms to generate and update data, uses cryptography to ensure the security of data transmission and access, and uses automated scripts to A new distributed infrastructure and computing paradigm that uses smart contracts composed of code to program and manipulate data.

『二』What is the role of smart contracts in blockchain technology

Smart contracts are one of the four core technologies in blockchain. This concept was first developed in 1994 In 2016, it was proposed by the well-known cryptologist Nick Szabo, but due to technical and other reasons it has never been implemented. Even today, smart contracts have been used in many applications on the Internet, such as automatic repayment and drone sales. Wait, most of them are limited to smart contracts between individuals and institutions. There are almost no smart contracts between individuals. The reason is the "trust" issue. We will find that as long as we talk about contracts, most of them are unfamiliar. There is this kind of need between people and strangers, and it is also related to money. If we make an agreement without a third party as a guarantee, I will send you the money, but you break the agreement and refuse to acknowledge it. what to do? Therefore, smart contracts have never been popular among individuals. Later, with the emergence of blockchain, people found that blockchain is very consistent with smart contracts, because of many characteristics of blockchain, such as Decentralization, non-tampering of data, etc. can solve the problem of trust between strangers from a technical perspective. This makes the large-scale application of smart contracts possible. The beginning of this stage is marked by the birth of Ethereum. . Based on the blockchain, Ethereum applies smart contract technology. Smart contracts enable Ethereum to achieve more functions. Smart contracts are a very important application, so slowly, smart contracts have become one of the core technologies of the blockchain.

『三』How to detect the risk level of blockchain smart contracts

With the acceleration of digital transformation in Shanghai, blockchain technology has been widely used in government affairs, finance, logistics, and justice. It has been widely used in many fields. During the application process, not only new business forms and business models have been born, but also many security issues have arisen, so security supervision is particularly important. As one of the important means of supervision, security evaluation has become a focus of many blockchain R&D manufacturers and application companies. This article is of concern to everyoneLet’s talk about some of our exploration and practice in the blockchain compliance security assessment.
1. Blockchain technology evaluation
Blockchain technology evaluation is generally divided into functional testing, performance testing and security evaluation.
1. Functional testing
Functional testing is a test of the basic functions supported by the underlying blockchain system, with the purpose of measuring the capabilities of the underlying blockchain system.
Blockchain functional testing is mainly based on GB/T 25000.10-2016 "System and Software Quality Requirements and Evaluation (SQuaRE) Part 10: System and Software Quality Model", GB/T 25000.51-2016 "System and Software Quality" Requirements and Evaluation (SQuaRE) Part 51: Quality Requirements and Testing Details for Ready to Use Software Products (RUSP)" and other standards to verify whether the software under test meets the requirements of relevant test standards.
Blockchain function testing specifically includes networking methods and communication, data storage and transmission, encryption module availability, consensus function and fault tolerance, smart contract function, system management stability, chain stability, privacy protection, and interoperability , account and transaction types, private key management solutions, audit management and other modules.
2. Performance testing
Performance testing is a type of test implemented and executed to describe the performance-related characteristics of the test object and evaluate it. Most of them are used in project acceptance evaluation to verify the established Whether the technical indicators are completed.
Blockchain performance testing specifically includes high-concurrency stress test scenarios, peak impact test scenarios, long-term stable operation test scenarios, query test scenarios and other modules.
3. Security Assessment
Blockchain security assessment mainly conducts security testing and evaluation of account data, cryptography mechanisms, consensus mechanisms, smart contracts, etc.
The main basis for blockchain security evaluation is "DB31/T 1331-2021 General Requirements for Blockchain Technology Security". You can also refer to standards such as "JR/T 0193-2020 Blockchain Technology Financial Application Assessment Rules" and "JR/T 0184-2020 Financial Distributed Ledger Technology Security Specifications" based on actual testing needs.
Blockchain security assessment specifically includes storage, network, computing, consensus mechanism, cryptography mechanism, timing mechanism, personal information protection, networking mechanism, smart contracts, services and access, etc.
2. Blockchain Compliance Security Assessment
Blockchain compliance security assessment generally includes “Blockchain Information Service Security Assessment”, “Network Security Level Protection Assessment” and “Special Funding Projects” "Acceptance Evaluation" three categories.
1. Blockchain information service security assessment
Blockchain information service security assessment is mainly based on the "Blockchain Information Service Management Regulations" issued by the Cyberspace Administration of China on January 10, 2019 (hereinafter referred to as "Regulations") and refer to the national blockchain standard "Blockchain Information Service Security Specification (Draft for Comments)".
The "Regulations" aim to clarify the information security management responsibilities of blockchain information service providers, standardize and promote the healthy development of blockchain technology and related services, avoid blockchain information service security risks, and serve blockchain information Provide an effective legal basis for the provision, use, management, etc. Article 9 of the "Regulations" states: Blockchain information service providers that develop and launch new products, new applications, and new functions must report to the national and provincial, autonomous region, and municipality Internet Information Offices for security assessment in accordance with relevant regulations.
The "Blockchain Information Service Security Specification" is a construction and preparation project led by the Institute of Information Engineering of the Chinese Academy of Sciences and jointly participated by Zhejiang University, China Electronics Technology Standardization Institute, Shanghai Information Security Evaluation and Certification Center and other units. National standards for evaluating the security capabilities of blockchain information services. The "Blockchain Information Service Security Specification" stipulates the security requirements that blockchain information service providers of alliance chains and private chains should meet, including security technical requirements and security assurance requirements as well as corresponding test and evaluation methods, and is suitable for guiding blockchain Chain information service security assessment and blockchain information service security construction. The security technical requirements and guarantee requirements framework proposed by the standard are as follows:
Figure 1 Blockchain information service security requirements model
2. Network security level protection evaluation
The main basis for network security level protection evaluation includes "GB/T 22239-2019 Basic Requirements for Network Security Level Protection" and "GB/T 28448-2019 Network Security Level Protection Evaluation Requirements".
As an emerging information technology, the application system built by blockchain is also an object of level protection and needs to be evaluated for level protection in accordance with regulations. The general requirements for level protection security evaluation are applicable to the evaluation of the infrastructure part of the blockchain, but currently there are no specific security requirements for the blockchain. Therefore, the expansion requirements for blockchain security evaluation still need to be further explored and studied.
3. Special fund project acceptance evaluation
According to the relevant regulations of the Municipal Economic and Information Technology Commission, information technology special fund projects are required to issue a safety evaluation report during project acceptance. The acceptance evaluation of blockchain application projects will be carried out in accordance with Shanghai’s latest blockchain local standard "DB31/T 1331-2021 General Requirements for Blockchain Technology Security".
3. Exploration and practice of blockchain security assessment
1. Standard preparation
Shanghai Assessment Center actively participates in the preparation of blockchain standards. Led by the Shanghai Evaluation Center, Suzhou Tongji Blockchain Research Institute Co., Ltd., Shanghai Qiyin Information Technology Co., Ltd., Shanghai Moheng Network Technology Co., Ltd., the First Research Institute of Telecommunications Science and Technology and other units participated in the preparation of the blockchain local standard " DB31/T 1331-2021 "General Requirements for Blockchain Technology Security" was officially released in December 2021 and will be officially implemented on March 1 this year. The blockchain national standard "Blockchain Information Service Security Specification", which the Shanghai Assessment Center participated in the preparation of, is in the stage of soliciting opinions.
At the same time,The assessment center also participated in the compilation of primary and intermediate textbooks for blockchain engineering technicians organized by the Ministry of Human Resources and Social Security and led by Tongji University, and was responsible for compiling the chapter "Testing the Blockchain System".
2. Project Practice
In recent years, the Shanghai Assessment Center has conducted a large number of blockchain security assessment practices based on relevant technical standards, including grade protection assessment, information service security assessment, project security assessment, etc. In the evaluation practice, the main security issues discovered are as follows:
Table 1 Blockchain is mainly a security issue
Serial number
Evaluation items
Problem description
1
Consensus Algorithm
The consensus algorithm uses Kafka or Raft consensus and does not support Byzantine fault tolerance or tolerate malicious node behavior.
2
On-chain data
On-chain sensitive information is not encrypted, and all data on the chain can be accessed through the query interface or blockchain browser.
3
Cryptographic Algorithm
The random numbers used in the cryptographic algorithm do not meet the randomness requirements of GB/T 32915-2016.
4
Node Protection
For the alliance chain, security protection measures failed to be configured for the area where the node server is located.
5
Communication transmission
When communicating between nodes, the blockchain and upper-layer applications, no secure information transmission channel has been established.
6
Consensus Algorithm
The number of nodes deployed in the system is small, and sometimes the number of fault-tolerant nodes required by the consensus algorithm is not even reached.
7
Smart Contract
The operation of the smart contract is not monitored, and problems that arise during the operation of the smart contract cannot be discovered and dealt with in a timely manner.
8
Services and Access
Upper-layer applications have access control flaws such as unauthorized and unauthorized access, leading to business confusion and data leakage.
9
Smart Contract
Smart contract coding is not standardized. When an error occurs in the smart contract, the smart contract freezing function is not provided.
10
Smart Contract
The running environment of smart contracts is not isolated from the outside, and there is a risk of external attacks.
3. Tool Application
When the evaluation center organized and compiled the "DB31/T 1331-2021 General Requirements for Blockchain Technology Security", it has considered the connection needs with the graded protection evaluation. The "infrastructure layer" security in DB31/T 1331 is consistent with the relevant requirements of the secure physical environment, secure communication network, security area boundary, secure computing environment, security management center, etc. of level protection, "protocol layer security", "extension layer" "Security" more reflects the unique security protection requirements of the blockchain.
The evaluation center is organizing and writing blockchain evaluations based on the relevant security requirements of DB31/T 1331.Expanding the requirements, the relevant results will be applied to the network security level protection assessment tool - Assessment Expert. By then, evaluation institutions using the "Evaluation Expert" software will be able to carry out blockchain security evaluations accurately, standardly and efficiently, discover blockchain security risks, and put forward corresponding rectification suggestions

『四』区What is the role of smart contracts in blockchain technology

The code is the law, no one can tamper with it, and everything is executed automatically.
@ Blockchain God Tucao

『五』The principle of blockchain smart contract

The principle of smart contract is the link between points, which exists in physics And digital space exists in the real world and the virtual world. It may exist in a certain space or in two different spaces. There is a natural link between these two empty links and they are distributed. There is no The existence of centralization.

A smart contract is a computer protocol designed to communicate, verify or execute contracts in an information-based manner. Smart contracts allow trusted transactions to be made without third parties, which are traceable and irreversible. The concept of smart contracts was first proposed by Nick Szabo in 1995.

The purpose of smart contracts is to provide a method of security that is superior to traditional contracts and to reduce other transaction costs associated with contracts.

『Lu』 The essential characteristics of blockchain smart contracts

The essential characteristics of blockchain smart contracts: decentralization.

Some of the main advantages of using smart contracts include greater efficiency when processing documents. This is thanks to its ability to employ a fully automated process that does not require any human involvement, as long as the requirements listed in the smart contract code are met.

The result is that time is saved, costs are reduced, transactions are more accurate and cannot be changed. Additionally, smart contracts remove any third-party interference, further enhancing the decentralization of the network.

(6) Blockchain Function 20 Contract Extended Reading:

Smart contracts can only use digital assets, and problems will arise when connecting real assets and the digital world. Finally and most importantly, smart contracts lack legal supervision and are only subject to the obligations agreed in the code. The lack of legal regulation may lead some users to be wary of transacting online, especially if it is significant.

The advantages of using smart contracts are more efficient processing of transactions, irreversible, secure transactions and fully automated processes. On the other hand, the disadvantages are the lack of legal supervision, human errors and difficulties in implementation.

『撒』 What is the role of smart contracts in Jinwowo blockchain technology?

Chongqing Jinwowo analyzes the role of smart contracts in blockchain technology as follows:
Smart contracts are jointly formulated by multiple users in the blockchain and can be used for any transaction between users. It is clear in the agreementThe rights and obligations of each transaction party are clarified, and procedures are compiled to stipulate the conditions for triggering automatic execution of the contract.
After being uploaded to the blockchain, smart contracts can realize direct control of public welfare projects through code contracts. Donations can be used or projects executed according to the conditions set by the program. This not only ensures that the donations are earmarked for special use, but also improves the quality of the project. The authenticity and credibility of the project also make the project execution traceable and enhance the credibility of the charity.

『8』 What is the smart contract in Jinwowo blockchain technology?

Chongqing Jinwowo analyzes the smart contracts in blockchain technology as follows:
Smart A contract is a contract that uses computer language instead of legal language to record the terms.
Smart contracts can be automatically executed by a computing system. If the blockchain is a database, smart contracts are the application layers that enable blockchain technology to be applied to reality.
Contracts in the traditional sense are generally not directly related to the computer code that executes the contents of the contract. Paper contracts are in most cases archived, while software enforces the terms of the contract written in computer code.
Potential benefits of smart contracts include reducing the costs of contract signing, execution and supervision

『九』 What is the ERC20 token standard in the blockchain

RC20 token The standard (ERC20 Token Standard) is a specification for creating tokens through Ethereum. According to the ERC20 specification, a smart contract can be written to create an "interchangeable token". It is not mandatory, but by following this standard, the tokens created can interact with numerous exchanges, wallets, etc., and it is now generally accepted by the industry.

The ERC20 token standard was first proposed by Ethereum developer Fabian Vogelsteler in the open source community. Later, Ethereum founder Vitalik (known as "V God") wrote the first The first version of the document was called "Standardized_Contract_APIs" at the time.

Smart contracts can be written following the ERC20 token standard. The token methods it needs to implement include: optional name, symbol, decimals, and required balanceOf, transfer, transferFrom, approve, and allowance. The event responses it needs to implement include Transfer and Approve

In addition to ERC20, the most popular token standards in Ethereum are ERC721. Unlike ERC20, ERC721 is a non-fungible token standard (NFT).

ERC20 tokens are fungible and homogeneous, while ERC721 tokens are non-fungible and non-fungible; ERC20 tokens areIt can be divided and subdivided infinitely, but the minimum unit of ERC721 token is 1 and cannot be divided and subdivided.

In June 2018, ERC721 was finally officially accepted by the Ethereum community and became the final standard. The previously popular cryptokitties followed the ERC721 standard.

The Xueshuo Innovation Blockchain Technology Workstation under Lianqiao Education Online is the only "blockchain technology" approved by the "Smart Learning Workshop 2020- Xueshuo Innovation Workstation" carried out by the School Planning and Construction Development Center of the Ministry of Education of China. Professional” pilot workstation. The professional base is based on providing students with diversified growth paths, promoting the reform of the training model integrating professional degree research, production, and research, and building an applied and compound talent training system.