Page 215 - 《软件学报》2025年第10期
P. 215
软件学报 ISSN 1000-9825, CODEN RUXUEW E-mail: jos@iscas.ac.cn
2025,36(10):4612−4627 [doi: 10.13328/j.cnki.jos.007311] [CSTR: 32375.14.jos.007311] http://www.jos.org.cn
©中国科学院软件研究所版权所有. Tel: +86-10-62562563
*
面向联盟链的智能合约行为可信验证机制
张建标 1,2 , 康 双 1,2 , 张兆乾 3 , 刘德田 1,2
1
(北京工业大学 计算机学院, 北京 100124)
2
(可信计算北京市重点实验室, 北京 100124)
3
(中国长江三峡集团有限公司 科学技术研究院, 北京 100038)
通信作者: 张建标, E-mail: zjb@bjut.edu.cn
摘 要: 针对联盟链系统中恶意攻击者利用智能合约中的安全漏洞带来的行为不可信问题, 提出一种面向联盟链
的智能合约行为可信验证机制对合约行为完整性进行可信验证. 首先以系统调用作为最小行为单元, 以基于系统
调用的行为序列描述历史行为状态, 然后在确保合约代码发布和执行环境可信的前提下, 在合约运行时根据预期
行为规则进行可信验证, 最后对该机制进行了理论分析, 并在 Hyperledger Fabric 环境下进行实验评估. 结果表明,
该方法能够有效实现对智能合约行为的可信验证, 能够保障智能合约生命周期内的行为可信.
关键词: 联盟链; 智能合约; 可信验证; 主动度量
中图法分类号: TP311
中文引用格式: 张建标, 康双, 张兆乾, 刘德田. 面向联盟链的智能合约行为可信验证机制. 软件学报, 2025, 36(10): 4612–4627. http://
www.jos.org.cn/1000-9825/7311.htm
英文引用格式: Zhang JB, Kang S, Zhang ZQ, Liu DT. Trusted Verification Mechanism of Smart Contract Behaviour for Consortium
Blockchain. Ruan Jian Xue Bao/Journal of Software, 2025, 36(10): 4612–4627 (in Chinese). http://www.jos.org.cn/1000-9825/7311.
htm
Trusted Verification Mechanism of Smart Contract Behaviour for Consortium Blockchain
1,2
3
1,2
ZHANG Jian-Biao , KANG Shuang , ZHANG Zhao-Qian , LIU De-Tian 1,2
1
(College of Computer Science, Beijing University of Technology, Beijing 100124, China)
2
(Beijing Key Laboratory of Trusted Computing, Beijing 100124, China)
3
(Institute of Science and Technology, China Three Gorges Corporation, Beijing 100038, China)
Abstract: To address the issue of untrustworthy behaviors resulting from malicious attackers exploiting security vulnerabilities within
smart contracts in the consortium blockchain system, this study introduces a trusted verification mechanism of smart contract behavior for
consortium blockchain to conduct trusted verification for contract behavior integrity. Firstly, the proposed approach takes the system call as
the smallest behavior unit and describes the historical behavioral state with the behavior sequence based on system calls. Subsequently, on
the premise of ensuring the trustworthiness of contract code release and the execution environment, it performs trusted verification
according to predefined behavioral rules during contract execution. Finally, a theoretical analysis of this mechanism is carried out, and an
experimental evaluation is conducted in the Hyperledger Fabric environment. Results demonstrate that the proposed method can effectively
achieve the trusted verification of smart contract behavior and ensure the credibility of behavior within the life cycle of smart contracts.
Key words: consortium blockchain; smart contract; trusted verification; active measurement
区块链是一种去中心化的分布式数字账本, 具有不可篡改、透明、可追溯的特性 [1] . 智能合约作为部署在区
块链上能够根据条件自动执行的计算机代码 [2] , 扩展了区块链的功能. 特别是在联盟链领域, 智能合约可以支持金
融、股票、电网、医疗等多种业务场景 [3−6] . 联盟链是介于公有链和私有链之间的一种折中方案, 具有弱中心化、
* 基金项目: 北京市自然科学基金 (M21039)
收稿时间: 2023-10-17; 修改时间: 2024-04-01; 采用时间: 2024-10-28; jos 在线出版时间: 2025-04-30
CNKI 网络首发时间: 2025-05-06
