Confidential consortium blockchain
Term DefinitionBlockchainA distributed database that uses cryptography to link and protect a growing list of data records (called "blocks").Consortium blockchainA blockchain network in which participants need permission to join, typically used in enterprise environments.Validator (VN)A node in a consortium blockchain that is responsible for verifying and processing transactions.Trusted Execution Environment (TEE)A secure area in a processor that provides isolated execution and integrity protection for code and data.TEE AttestationA mechanism used to authenticate code running in a TEE.Blockchain Master Key (BMK)A key used to encrypt blockchain data and available only within the TEE.Public Blockchain Key (BPK)A public key used to verify the integrity of blockchain data.Blockchain Private Key (BSK)A private key corresponding to the BPK that is used to sign blockchain data.MemberAn authorized participant in a consortium blockchain with voting rights and network management privileges.ParticipantAn entity authorized by a member to submit transactions but without voting rights.Smart ContractA code stored on the blockchain that is automatically executed when certain conditions are met.Consensus ProtocolA mechanism used in a consortium blockchain to ensure that all nodes agree on the state of the blockchain. Ethereum is an open source blockchain platform that supports smart contracts and decentralized applications. OFOF Framework is a confidential consortium blockchain framework that allows the use of any blockchain protocol and provides confidentiality guarantees. M of N encryption is an encryption scheme that requires M keys out of N keys to decrypt data, used to protect BMK. Static analysis is the process of examining code to identify potential problems or vulnerabilities without executing the code, used to enforce confidentiality design patterns.
Short answer questions
What is a consortium blockchain and how does it differ from a public blockchain?
What role does a validator (VN) play in a consortium blockchain?
How does a trusted execution environment (TEE) enhance the security of a blockchain?
What is the purpose of TEE authentication?
What is the blockchain master key (BMK) used for? How is it generated and protected?
What are the main advantages of the OFOF framework?
How is transaction confidentiality achieved in the OFOF network?
What aspects of Ethereum smart contracts may pose confidentiality risks?
How can confidentiality issues in smart contracts be addressed in the OFOF Ethereum environment?
How can confidentiality design patterns be enforced in the OFOF network?
Answer to the short answer question
A consortium blockchain is a permissioned blockchain network that is typically used in an enterprise environment. Unlike a public blockchain (where anyone can join and participate), a consortium blockchain provides control over participants and is more suitable for scenarios that require data privacy and trust.
Validation nodes (VNs) are responsible for verifying and processing transactions in a consortium blockchain. They execute the blockchain protocol code and consensus mechanisms to ensure that all nodes agree on the state of the blockchain.
A trusted execution environment (TEE) is a secure area within a processor that provides isolated execution and integrity protection for code and data. By running blockchain code within a TEE, it can be protected from malware and unauthorized access, thereby enhancing security.
The purpose of TEE certification is to verify that the code running in the TEE is indeed the expected code and has not been tampered with. This ensures a foundation for trust between nodes in a blockchain network.
The blockchain master key (BMK) is used to encrypt blockchain data and is only available within the TEE. It is usually generated by combining keys from multiple members and protected using a MofN encryption scheme to ensure that only authorized nodes can decrypt the data.
The main advantages of the OFOF framework include: supporting arbitrary blockchain protocols and consensus mechanisms, providing strong transaction confidentiality, efficient transaction processing, and flexible member management.
The OFOF network implements transaction confidentiality by encrypting transaction data with BMK. Only authorized nodes with the corresponding keys can decrypt and access transaction content.
The following aspects in Ethereum smart contracts may pose confidentiality risks: public state variables, event logs visible to all participants, and lack of access control mechanisms.
In the OFOF Ethereum environment, the confidentiality problem of smart contracts is solved by using getter functions to control access to state variables, limiting the visibility of event logs, and implementing identity-based access control in smart contracts.
The OFOF network can enforce confidentiality design patterns through static analysis or other code inspection mechanisms. Verify that the smart contract code complies with predefined confidentiality rules before deployment to ensure that sensitive data is protected.