CN117688623A - A trusted computing chip based on blockchain - Google Patents

Abstract

This application relates to a trusted computing chip based on blockchain, including an enclave protection module, a smart contract execution device and an encryption module. The enclave protection module is used to build a trusted computing environment on the chip to ensure all data and execution on the chip. The reliability of actions includes but is not limited to the execution of smart contracts, data signatures, collection of sensor data, etc.; the decoding and conversion unit accepts the binary code input from the outside, uses the decoding device to reversely parse the binary code into the contract primitive sequence, and based on The primitive meaning function pre-embedded in the decoding device converts the deanalyzed primitive sequence into the instruction code required by the instruction execution unit. The processing results of the instruction execution unit are handed over to the encryption coprocessor to sign and encrypt the calculation results. The trusted computing chip of this application can effectively ensure the credibility of the chip in the calculation process, and can effectively improve the execution efficiency of all Turing-complete smart contracts for server calls.

Description

A trusted computing chip based on blockchain

This application is a divisional application of a Chinese invention patent application with a filing date of July 1, 2020, an application number of 202010627750.7, and an invention name: “A trusted computing chip based on blockchain”.

Technical field

This application relates to a trusted computing chip based on blockchain, which is suitable for the technical field of blockchain.

Background technique

In recent years, blockchain technology has made continuous progress in application and exploration. As the original blockchain currency, Bitcoin adopts a distributed trusted ledger storage method and can conduct currency transactions without a central server. It has natural advantages in financial currency. The representative project that followed was Ethereum, which developed a Turing-complete virtual engine based on the blockchain distributed storage system, which can compile and run smart contracts on it, thus creating a decentralized trusted system. execute computable programs. The trusted computing unit can be a trusted computing enclave, which provides an application running environment for isolated execution.

On the other hand, with the vigorous development of embedded systems, more and more embedded chips are used in fields such as multimedia, network communications, and video surveillance. Wider use means more potential targets for eavesdropping and attack. Embedded systems, especially those used for blockchain applications, are designed with various security factors in the running state in mind. Generally, the system at runtime is not easy to be broken. The system upgrade process is often accompanied by multiple steps such as interrupting operation, replacing system files, and restarting, which is very likely to provide opportunities for attackers.

Currently, there is no security chip designed for a Turing-complete smart contract virtual engine on the market, which cannot collect data on edge devices and change the status of smart contracts on the blockchain accordingly. At the same time, the chip itself is not a complete blockchain node environment. Because it requires large memory and high power consumption, it cannot integrate nodes.

Contents of the invention

The purpose of this application is to provide a blockchain-based trusted computing chip that can quickly execute or verify the status of smart contracts in a trusted computing environment on edge devices. It can be trusted and called by the server to ensure chip data calculation. and transmission credibility, which facilitates the application of blockchain encryption and trustworthy technologies on edge devices, which can greatly expand the application scenarios of blockchain.

This application relates to a trusted computing chip based on blockchain, including an enclave protection module, a smart contract execution device and an encryption module. The enclave protection module is used to build a trusted computing environment on the chip and protect all the devices on the chip. Data status and execution actions;

The smart contract execution device includes a decoding and conversion unit of contract primitives and an instruction execution unit;

The decoding and conversion unit accepts the binary code input from the outside, uses the decoding device to de-parse the binary code into a sequence of contract primitives, and converts the de-parsed primitives according to the primitive meaning function pre-embedded in the decoding device. Sequence conversion generates instruction codes required by the instruction execution unit;

The encryption module includes an encryption co-processor, and the processing results of the instruction execution unit are handed over to the encryption co-processor to sign and encrypt the calculation results.

Preferably, the instruction execution unit includes a register file and an execution component, and the execution component is connected to the register file and an external memory.

Among them, the execution component includes an instruction reading unit, an instruction decoding unit, an arithmetic and logical operation unit, a memory reading and writing unit, and a register reading and writing unit; the instruction reading unit accepts the output instructions from the decoding and conversion unit of the contract primitive. The code serves as the underlying instruction that needs to be executed. The instruction decoding unit parses the instruction type according to the structural code of the instruction. The arithmetic and logical operation unit performs operations according to the input instruction code and performs integer arithmetic and logical operations by operating at least one register. The memory reading and writing unit operates the memory and reads or modifies the data in the memory. The register reading and writing unit operates the register file and reads or modifies the data of each register in the register file.

Wherein, the register file includes a PC instruction counter, and the PC instruction counter guides the index of the read instruction or is modified and set by a jump instruction. The register file also includes control and status registers and computationally reserved registers.

Wherein, the encryption coprocessor provides an asymmetric encryption method, performs asymmetric encryption on the execution result according to the unique identity of the hardware key written inside it, generates a signature and outputs it. The key is randomly written on the trusted computing chip during the manufacturing process to be used for the identity of the trusted computing chip. The key includes an inaccessible private key and a readable key. The public key verified on the server side.

Wherein, the trusted computing chip is divided into a trusted area and an untrusted area; when the trusted computing chip executes a multi-user smart contract, the chip configures respective software and hardware resources for multiple smart contract execution programs in machine mode. , multiple smart contract execution programs in the trusted area are isolated from each other; when there are multi-user trusted smart contracts, one application program among the multiple smart contract execution programs running on the trusted computing chip accesses other When using protected resources of a trusted smart contract program, the corresponding private key or access instructions signed by the private key need to be provided, and the security monitor will verify and arbitrate to determine its access rights to other trusted applications and resources.

Among them, when the trusted computing chip executes a smart contract, each trusted smart contract execution program uses the software and hardware resources allocated by the security monitor to place the application code in the trusted area, access protected physical memory, and call The security monitor allocates processor core resources and writes the execution results of the smart contract into protected physical memory. The security supervisor is responsible for the subsequent processing of the smart contract execution results.

Wherein, the protection mechanism of the trusted computing chip includes physical memory protection, by setting trusted areas and untrusted areas, protecting the physical memory of the chip through direct physical addresses or protecting the physical memory through a virtual memory system; or

The protection mechanism of the trusted computing chip includes processor core protection, software and hardware resource protection, and trust base protection. In machine mode, the processor core resources, software and hardware resources, and trust base that each user program can access are configured. When an exception occurs, , control is transferred to the machine mode for authentication and authorization of access rights.

By introducing hardware instruction sets and hardware acceleration, this application can greatly improve the execution efficiency of smart contracts and effectively reduce power consumption; through a random private key hardware writing method, it ensures that the identity of each chip is unique and cannot be forged. Tampering; through the designed memory protection instructions and enclave memory protection method, the calculation process on the chip is guaranteed to be trustworthy. In the above trusted computing environment, the execution result of the contract is signed and output through the built-in encryption function, which can prevent the data from being forged by a third party during the network transmission process, and the server can also obtain the real information through the preset chip whitelist. The data collected in the edge device or the execution status of the contract.

This application is fully designed with a trusted computing solution in every step from data generation, calculation, memory modification to network transmission. It can apply blockchain technology to edge devices while maximizing the trustworthiness of chip computing. sex. Therefore, the trusted computing chip of this application can effectively ensure the credibility of the chip in the calculation process, and can effectively improve the execution efficiency of all Turing-complete smart contracts for server calls.

Description of the drawings

Figure 1 shows the model structure diagram of the trusted computing chip of this application.

Figure 2 shows the model structure diagram of the smart contract execution device in the trusted computing chip of this application.

Figure 3 shows a model structure diagram of the instruction execution unit in the trusted computing chip of this application.

Figure 4 shows the internal logic diagram of the trusted computing unit of this application.

Detailed ways

In order to make the purpose, technical solutions and advantages of the present application more clear, the embodiments of the present application will be described in detail below with reference to the accompanying drawings. It should be noted that, as long as there is no conflict, the embodiments and features in the embodiments of this application can be arbitrarily combined with each other.

A trusted computing chip based on blockchain according to this application mainly includes three modules, namely an enclave protection module, a smart contract execution device and an encryption module.

The enclave protection module is used to build a trusted computing environment on the chip, supervise and ensure the reliability of all data and execution actions on the chip, including but not limited to the security of data within the chip, information exchange with external software and hardware, etc. This protection module involves the collaborative operation of software and hardware. It mainly ensures the maintenance of memory data during the execution of the chip by designing hardware protection instructions on the chip. It is not allowed to tamper with the memory by bypassing the hardware protection instructions; it is protected by the designed enclave software. This method ensures the stability of memory data during the execution of chip instructions and does not allow other applications to tamper with the memory data used by another application. The data storage status on the chip, including but not limited to cache and registers, is controlled and maintained by this module. The data access actions between the chip and external memory, server, hard disk, etc. are also controlled by this module to build a trusted interactive environment.

Specifically, before the chip executes the application, the security supervisor with higher authority sets the enclave parameters of the application, which involves hardware instructions for setting memory protection parameters. When illegal users access and tamper with the enclave data, they need to access through instructions. Control and Status Register (CSR), this access without authorization will cause an exception interrupt to be sent to the Security Monitor (SM), thus protecting the memory from access and tampering.

The smart contract execution device is supervised by the enclave protection module to ensure that all calculations are trustworthy and safe. Its main function is to parse and execute the smart contract binary code input by the chip. Preferably, a hot-swappable decoding device can be provided, on which a set of underlying instructions of the contract execution module corresponding to the smart contract binary code is stored.

The smart contract execution device consists of two parts, the decoding and conversion unit and the instruction execution unit. The decoding and conversion unit reads the corresponding code of the contract primitive according to the hot-swappable decoding device, and converts it to generate the underlying instruction code required by the execution unit. The instruction execution unit adopts a universal pipeline design and RISC-V simplified instruction set to read, parse and execute the underlying instruction code. Preferably, the instruction execution unit uses 256-bit integer data calculation operations by default and does not support floating point operations, which can greatly accelerate the execution efficiency of instructions and simplify the parsing logic.

The cryptographic module includes a cryptographic coprocessor that provides an asymmetric cryptographic method for signing given input data using a built-in key. On the server side, the data can be verified based on the public key of the chip. It is important to note that this process is not reversible. Under different requirements, the original data may need to be transmitted to the server together with the signature.

The key management method in the encryption module is: during the manufacturing process of the blockchain trusted computing chip, the key used for identity identification is randomly written at the hardware level. The key includes a private key and a public key. The private key is not accessible by other modules, and the public key can be read and used for chip whitelist identification or data verification on the server side. Keys written randomly at the hardware level are a huge improvement in security compared to the traditional hard drive method of storing keys. The hard drive is isolated from the chip, and third parties can steal hard drive data without the permission of the chip. , and the key built into the chip can completely prevent this. In addition, the key is stored on the chip, and its access users can be controlled through permission management. In conjunction with the trusted computing environment built by the previous enclave, it can seamlessly protect the security of the private key on the chip, and no one can read the chip. The unique built-in identification on the chip can only identify the chip identity through the public key. The pairing of public and private keys is asymmetric, that is, the private key can generate the public key, but the public key cannot reverse the private key.

Example

As shown in Figures 1-3, the trusted computing chip 100 of the present application includes an encryption coprocessor 200, an enclave protection module 201 and a smart contract execution device 202. Among them, the smart contract execution device 202 uses the pluggable configured contract primitive decoding device 203 to extend the input binary code contract primitives to the underlying instruction set logic and generate the underlying instruction execution sequence. Configuring different decoding devices for different Turing-complete smart contracts can realize the function of custom loading contract code, which facilitates chip transplantation or smart contract upgrades. The smart contract execution device 202 includes a contract primitive decoding and conversion unit 301 and an instruction execution unit 302.

The decoding and conversion unit 301 accepts the binary code input from the outside of the chip. The binary code is a Turing-complete smart contract code. After compilation, the binary code can be deployed and executed in the virtual engine. The decoding and conversion unit 301 reversely parses the binary code into a contract primitive sequence, and converts the reversely parsed primitive sequence into instructions at the bottom of the chip based on the primitive meaning function pre-embedded in the external hot-swappable decoding device 203 Set expression. Among them, the smart contract designs supported by different virtual engines are different, and the parameter configurations in the corresponding decoding devices will also be different. As long as equivalent contract primitive functions can be designed according to the underlying instructions of the chip.

The decoding and conversion unit 301 can count the calculation amount (GAS) required by the contract code consumed by the input code, in order to solve the problem of non-stopping of Turing complete languages. There is no theoretical solution to the problem of non-stop contract code, so this module will preset a maximum GAS value, such as 10 million. After exceeding this maximum value, the decoding and conversion unit will immediately interrupt the decoding process and return an error result. You can pass Set the GAS overflow error register bit to achieve this.

The instruction execution unit 302 adopts a general computing unit (CPU) design and includes a multi-stage pipeline processing module, which can speed up instruction execution time and enhance parallel computing capabilities. In addition, the bottom layer of this unit implements the RISC-V reduced instruction set, which is theoretically a Turing-complete computing device that can handle most of the problems that can be handled by a general-purpose computer. The instruction set mainly includes jump instructions, integer arithmetic operation instructions, register read and write instructions and memory read and write instructions.

The instruction execution unit 302 includes a register file 402 and an execution component. The execution component is connected to the register file 402 and the memory 401, and performs calculations through read and write access to the data interfaces of the register file 402 and the memory 401.

The register file 402 includes the PC instruction counter 400, and may also include control and status registers, calculation reserved registers, etc. (not shown in the figure). The PC instruction counter 400 is used to guide the index of the read instruction or to be modified by a jump instruction. The control and status registers are used to record various statuses of instruction execution, including but not limited to data overflow, interrupt bits, whether the sequence is empty, etc. The calculation reserved register is mainly used for arithmetic and logic operation units to perform fast 256-bit integer data calculations.

The execution component is divided into multiple computing device units to facilitate pipeline parallelization and make full use of the chip's computing power. The module sequence includes an instruction reading unit 403, an instruction decoding unit 404, an arithmetic and logical operation unit 405, a memory reading and writing unit 406, and a register reading and writing unit 407.

Instruction reading unit 403: accepts the output from the decoding and conversion unit of the contract primitive as the underlying instruction that needs to be executed. Preferably, a cache module is provided inside the instruction reading unit, which can accept a large number of instruction sequences at one time to prevent missing instructions.

Instruction decoding unit 404: parses the instruction type according to the structure code of the instruction. Different instruction types may involve inconsistent processing logic in subsequent units. Among them, the jump instruction modifies the value of the PC instruction counter based on the calculation result to implement the logical judgment function of the binary program. This instruction needs to be in the fifth section of the pipeline to know the calculation result. Therefore, four bubbles will appear after the pipeline period, and no instructions are executed. In this embodiment, an advance prediction processing method is used to minimize the ineffective time-consuming caused by jump instructions. By default, the prediction logic of adding one instruction counter (no jump) is used. If a jump occurs, subsequent flashes will be executed. The four input instructions are invalidated, the input results are not processed in any way, the instruction counter is updated, and the execution instruction sequence is updated. The integer arithmetic operation instructions are integer operations, addition, subtraction, multiplication and division. The division operation does not produce remainders and decimals. This is restricted by the virtual engine in Ethereum. The integer arithmetic operation data are all 256 bits. The register read and write instructions will operate the data in the register file, and the memory read and write instructions will operate the memory data, read the memory status or write the execution result.

Arithmetic and logical operation unit 405: This unit is the core component of the instruction execution unit. Its main function is to perform binary arithmetic and logical operations according to the input. By operating at least one register, it can perform integer arithmetic and logical operations, such as addition, subtraction, multiplication (excluding division). ), negation, bit operations, etc. This unit is designed for the underlying electronic logic circuit and usually completes its operation within one clock cycle.

Memory read and write unit 406: This unit mainly operates the memory 401 external to the chip and reads or modifies memory data.

Register read and write unit 407: This unit mainly operates the register file 402, reading or modifying the data of each register in the register file. Because instruction execution may require setting data inside different registers, for example, jump instructions require setting the PC counter, data overflow requires setting the register overflow bit, etc.

The execution component calls the above five modules in sequence, and in the rising segment of each clock cycle, reads the instructions in the instruction cache to the instruction fetch unit according to the index in the PC counter. The instruction decoding unit, arithmetic and logical operation unit, memory reading and writing unit, and register reading and writing unit respectively read the processing results of the previous unit. During the falling portion of the clock cycle, each unit will output the execution results. The above constructs a multi-stage pipeline structure, which can fully utilize the chip hardware performance and reduce excessive energy consumption losses.

Finally, the processing result of the instruction execution unit 302 is handed over to the encryption coprocessor 200 to sign the calculation result. The encryption coprocessor 200 asymmetrically encrypts the execution result based on the unique identification of its internal hardware key, generates a signature, and outputs it. Preferably, the encryption coprocessor 302 can configure whether to hand over the input execution results to the output together to facilitate possible metadata requirements in different application scenarios.

As shown in Figure 4, the trusted computing unit involved in this application is described by module 600. This module is divided into 3 working modes: user mode, administrator mode and machine mode. Among them, 601 and 602 are user mode, 603 and 604 are administrator mode, and 605 is machine mode. The trusted computing unit divides the chip into two areas, one is the untrusted area 601 and 603, and the other is the trusted area 602 and 604. The trusted computing chip of this application restricts users, codes and programs in the untrusted area to only access their own software and hardware resources.

Within a trusted computing chip, hardware provides security primitives and interfaces. Assign the smallest responsibility to the trusted software component (such as bootloader, SM) with the highest authority, that is, let it only be responsible for the trusted area. At the same time, the remaining applications are divided into trusted applications and untrusted applications, and trusted applications are pushed to the trusted area. The memory, instructions, and software and hardware resources involved are protected by a protection mechanism to prevent untrusted applications from being illegal. access. The trusted computing chip first enters the machine mode, enjoys the highest operating authority, configures the entire software and hardware system, loads the user smart contract execution program corresponding to the smart contract execution device, allocates the physical protected memory (PMP) required by the program and other protected Protected hardware resources.

When the blockchain smart contract trusted computing chip executes a multi-user smart contract, the chip configures respective software and hardware resources for multiple smart contract execution programs in machine mode. Among the multiple smart contract execution programs in the trusted area 602 They cannot access each other and are isolated from each other. At the same time, other untrusted applications cannot access protected content such as programs and memory data in these trusted areas.

When there is a multi-user trusted smart contract, one of the multiple smart contract execution programs running on the trusted computing chip of the blockchain smart contract, application 0 to application N, accesses other trusted smart contract programs. When resources are protected, the corresponding private key or access instructions signed by the private key need to be provided, and the security monitor (SM) 605 will verify and arbitrate to determine its access to one or more other trusted applications and resources. permissions.

When the blockchain smart contract trusted computing chip executes smart contracts, each trusted smart contract execution program uses the software and hardware resources allocated by SM to place the application code in the trusted area, access protected physical memory, and call SM Allocate processor core resources and write the execution results of the smart contract into protected physical memory. The security supervisor is responsible for further subsequent processing such as distribution and broadcast of the smart contract execution results.

The protection mechanism of trusted applications includes the physical memory protection of the trusted computing chip of the blockchain smart contract. Untrusted users, codes and programs can only access their own memory, allowing machine mode to specify users in each user mode. code, and the physical memory that the program can access. Any illegal cross-border access will cause an exception, and the control at this time is transferred to the machine mode for access permission authentication and authorization. In the physical memory protection mechanism, by setting the trusted area and the untrusted area, the chip physical memory can be protected through direct physical address, and the physical memory can also be protected through the virtual memory system. When using a virtual memory system, the addresses in the chip are all virtual addresses. To access physical memory, the virtual address must be converted into a real physical address through an address conversion unit.

The trusted application protection mechanism of the smart contract trusted computing chip also includes processor core protection 606, software and hardware resource protection 607, and trust base protection 608. In machine mode, configure the processor core resources and software that each user program can access. Hardware resources and trust base. Any illegal cross-border access will cause an exception, and the control at this time is transferred to the machine mode for access permission authentication and authorization.

The smart contract execution process designed in this application, the protection methods and mechanisms when the smart contract is executed in the trusted computing chip, and the characteristics and requirements of the chip design involved in the execution of the smart contract by the trusted computing chip are as described above. The subject matter of this patent application. This application can integrate the blockchain virtual engine function in the edge device, so that the smart contract results can be quickly and efficiently executed or verified in the real environment and uploaded to the blockchain. In addition, the enclave protocol design of the chip ensures the credibility of data calculation in the device. The encryption co-processor of this application can ensure the validity of data during network transmission and prevent third-party devices from stealing information or forging false information in the middle. data to the server.

Although the embodiments disclosed in the present application are as above, the described contents are only used to facilitate the understanding of the present application and are not intended to limit the present application. Any skilled person in the technical field to which this application belongs can make any modifications and changes in the form and details of the implementation without departing from the spirit and scope disclosed in this application. However, the scope of patent protection of this application shall not The scope defined by the appended claims shall prevail.

Claims (10)

1. A smart contract execution device, including a decoding and conversion unit of contract primitives and an instruction execution unit, characterized in that the decoding and conversion unit accepts an externally input binary code and uses a decoding device to reversely parse the binary code out of the contract Primitive sequence, and according to the primitive meaning function pre-embedded in the decoding device, the reversely parsed primitive sequence is converted into the instruction code required by the instruction execution unit. 2. The smart contract execution device according to claim 1, wherein the decoding device is an external hot-swappable contract primitive decoding device. 3. The smart contract execution device according to claim 2, characterized in that the contract primitive decoding device in a pluggable configuration is used to extend the input binary code contract primitives to the underlying instruction set logic and generate the underlying instruction execution sequence. . 4. The smart contract execution device according to any one of claims 1 to 3, characterized in that the instruction execution unit includes a register file and an execution component, and the execution component is connected to the register file and an external memory. connect. 5. The smart contract execution device according to claim 4, wherein the execution component includes an instruction reading unit, an instruction decoding unit, an arithmetic and logical operation unit, a memory reading and writing unit, and a register reading and writing unit; wherein, The instruction reading unit receives the output instruction code from the decoding and conversion unit of the contract primitive as the underlying instruction that needs to be executed, The instruction decoding unit parses the instruction type according to the instruction's structure code, The arithmetic and logical operation unit performs operations according to the input instruction code, and performs shaping arithmetic and logical operations by operating at least one register, The memory reading and writing unit operates the memory and reads or modifies the data in the memory, The register reading and writing unit operates the register file and reads or modifies the data of each register in the register file. 6. The smart contract execution device according to claim 4, wherein the register file includes a PC instruction counter, and the PC instruction counter guides the index of the read instruction or is modified by a jump instruction. 7. The smart contract execution device according to claim 6, wherein the register file further includes a control and status register and a calculation reserved register. 8. A trusted computing chip based on blockchain, characterized by including an enclave protection module and a smart contract execution device. The enclave protection module is used to build a trusted computing environment on the chip and protect all data on the chip. status and execution actions, the smart contract execution device is the smart contract execution device according to any one of claims 1-7. 9. The trusted computing chip according to claim 8, further comprising an encryption module, the encryption module includes an encryption co-processor, the encryption co-processor provides an asymmetric encryption method, according to its internal writing The execution result is asymmetrically encrypted using the unique identity of the hardware key, and a signature is generated and output. The key includes an inaccessible private key and a public key that can be read for server-side verification. 10. The trusted computing chip according to claim 9, characterized in that the trusted computing chip is divided into a trusted area and an untrusted area; When the trusted computing chip executes a multi-user smart contract, the chip configures respective software and hardware resources for multiple smart contract execution programs in machine mode, and the multiple smart contract execution programs in the trusted area are isolated from each other; When there is a multi-user trusted smart contract, when an application program among the multiple smart contract execution programs running on the trusted computing chip accesses the protected resources of other trusted smart contract programs, it needs to provide the corresponding private key. Or the access instructions signed by the private key are verified and arbitrated by the security monitor to determine its access rights to other trusted applications and resources.