3868                                Journal of Software  软件学报 Vol.31, No.12, December 2020

         Abstract:    The current blockchain technology only realizes the credible transmission of “interests” in the network, and the corresponding
         “responsibility” transmission has not been implemented. The key scientific questions are what is the carrier of “responsibility” and how
         the receipt of the “responsibility” is confirmed. Only the “interest” is passed on the blockchain network. Therefore, this status quo causes
         the trust relationship established on the blockchain to be one-way, and it is impossible to establish the trust of the originator to the receiver.
         This paper presents the realization of deterministic fair contract signing protocol based on blockchain technology without trusted third
         party, which changes the one-way trust relationship of the transaction blockchain technology and establishes a multi-way trust relationship
         between the nodes participating in the blockchain through an additional protocol. The transaction content in blockchain is replaced by the
         contract to be  signed,  then,  conduct “transfer” transactions between  multiple parties, to  achieve  multi-party  sign the  contract in the
         random order. It is the only confirmation that the contract is effective when multiple parties complete the sequential signature among the
         linked tickets.  Due  to the openness, tampering,  and non-repudiation of  the blockchain  transaction data,  the  cheat of  any party  in the
         contract is avoided, the fairness of the contract exchange process is guaranteed, and the balance between multiple parties is completed
         after the contract exchange. At the same time, this protocol provides real-time, dynamic management of multi-party contracts, including
         the  addition, renewal  and deletion of  contract  content. Finally, the paper discusses  the  fairness, privacy  and  the  choice of blockchain
         consensus.
         Key words:    fair contract signing protocol; blockchain; two-way trust; contract renewal; privacy


         1    引   言

         1.1   公平合约交换协议

             在社会生活中涉及多方经济利益及法律责任的数据,最终呈现为多种形式的合约(保险合同、银行存单等).
         在以纸质材料为存证要素时,通常情况下,利益和责任各方相互留存纸质材料作为存证是可行的,因为纸质材料
         包含了各方的签名、指纹、印章、身份证复印件等内容,并且在线下可以保证双方同时公平获得对方签署的纸
         质合约,这样即可作为具有法律效力的存证数据.在数字化深入发展的今天,只有将纸质合约电子化、数字化、
         去纸化,才能利用目前信息技术和大数据技术优势,提高存证数据管理的效率.
             涉及“多方利益及责任”的合约数据数字化之后,通过 PKI/CA 体系的非对称密钥数字签名机制,可以实现对
         合同内容的安全加密传输及单方确认签字;通过单向哈希摘要算法,可以验证合约数据的完整性,并能提高数字
         签名的效率.除此之外,确保电子合约的公平交换协议(fair contract signing protocol,简称 FCSP)是实现线上电子
         合约签署的必要条件.公平交换协议指的是:双方通过网络相互发送经过己方数字签名的合约数据,合约内容对
         双方来说都是公平的(公平是指合约内容即包括双方的“利益”,也包括双方的“责任”),数字签名都是可由对方验
         证的.在双方互不信任的情况,合约的交换过程要保证公平性,也就是说,不管交换过程成功与否(可能网络故障
         意外终止交换过程、也可能某一方恶意终止交换过程),都应该使得交换的双方处于均势.如果合约签署交换过
         程正常进行,双方都能得到各自所需的数据(对方的数字签名);如果交易过程异常终止(包括协议某一方的恶意
         终止),任何一方(包括恶意终止的一方)都不占优势.公平合约交换协议要解决的不仅仅是节点异常或网络异常
         的行为,而是要解决任何一方作弊时(为了逃避合约“责任”,或是为了获得不公平“利益”),在被诚实的一方举证
         后,经过第三方仲裁,都不能否认诚实方的合约利益,也不能否认己方的合约责任.实现公平合约交换协议,可以
         划分为两种类型:(1)  有可信第三方(trusted third party,简称 TTP)的实现方式;(2)  无可信第三方的实现方式.
         1.2   区块链技术
                         [1]
             近年,以比特币 为代表的数字货币实践获得广泛关注,数字货币的底层技术平台是区块链(blockchain)技
         术,区块链的核心协议可以概括为以下几个技术术语的组合:P2P 网络、基于非对称密钥机制的签名验证、全网
         共同遵守的当前时间段交易信息共识、基于单向 HASH 算法的交易历史链式数据结构,这在中本聪的论文
         《Bitcoin: a peer-to-peer electronic cash system》进行了详细的描述.区块链的出现,解决了数字货币的两大问题:
         双重支付问题以及拜占庭将军问题             [2−7] .区块链技术在去中心化的金融、保险、支付、公证等领域有广阔的应
         用前景.当前,区块链技术的设计初衷与应用推广方面矛盾日益突出,鉴于此,国内外的学者在区块链基础架构、