Drafted by the Digital Currency Research Institute of the People ’s Bank of China, the “Security of Financial Distributed Ledger Technology” with the participation of more than 20 institutions including the Science and Technology Department of the People ’s Bank of China, Industrial and Commercial Bank of China, Agricultural Bank of China, Bank of China, China Construction Bank and China Development Bank The Code was issued by the People's Bank of China on February 5, 2020, and implemented on that day. Dr. Gao Chengshi, founding partner of Shanghai Hash Information Technology Partnership and member of the Blockchain Committee of the China Computer Society, conducted the "Financial Distributed Ledger Technical Security Specification" at an online event organized by Gyro Finance on February 28. Learn to read.
1. How should the name of this specification be understood?
We have three points about the full name of this specification-"Technical Security Specification for Financial Distributed Ledgers."
(1) Distributed ledger technology. This specification does not use blockchain, but uses distributed ledger technology. But from the definition given in the standard "Introduction", we can basically determine that this distributed ledger technology is the blockchain. "Introduction" defines distributed ledger technology as "a distributed infrastructure and computing paradigm formed by the highly integrated core technology systems such as cryptographic algorithms, consensus mechanisms, point-to-point communication protocols, and distributed storage." At least up to now, this definition matches the shape of the blockchain, unless a new shape will emerge from the blockchain in the future. As for why the blockchain is not used directly, according to my understanding, the blockchain has not yet reached a consensus definition. If the blockchain is used directly, the next definition of the blockchain is also required, and whether this definition can It is hard to say that it is recognized by the academic industry. This is the first point.
(2) Safety regulations. This specification or standard is only a specification for the technical security aspects of financial distributed ledgers, not a technical specification for financial distributed ledgers, and even less a technical specification for distributed ledgers. Although this is obvious and can be seen literally, it is also misunderstood by many media.
(3) Finance. This specification was proposed by the Digital Currency Research Institute of the Central Bank, under the centralized management of the National Financial Standardization Technical Committee, and issued by the Central Bank. It is a financial industry standard with certain pertinence and limitations. It is not for all blockchain technologies or distributed Security specifications for ledger technology. However, this definition does not mean that this specification has no reference to the security of other blockchain technology systems or distributed ledger technology systems.
2. Why was such a specification introduced at this time?
The "Introduction" has a corresponding explanation, that is, "Implementation of the" 13th Five-Year Plan "for the Development of Information Technology in China's Financial Industry" (printed and issued by Yinfa ﹝ 2017 和 140) and "FinTech Development Plan (2019-2021) (Year) "(printed and issued by Yinfa ﹝ 2019 ﹞ 209)." The release of this specification is of course driven by the above tasks. In addition, "regulating the application of distributed ledger technology in the financial field and improving the information security guarantee capability of distributed ledger technology" is the direct purpose of this specification. I want to talk about three points from a broad perspective.
The first is the rapid development of the blockchain industry . The so-called rapid development includes both the blockchain technology led by enterprises and academia, the innovation of blockchain architecture and the implementation of a large number of blockchain applications, and the rapid adjustment of blockchain policies of various countries and governments at all levels. . For example, China organized a collective study on blockchain at the Central Political Bureau level on October 24 last year. The government work plans of most provinces since the beginning of this year have listed blockchain as a priority. US Securities and Exchange Commission member Hester Peirce proposed the "TOKEN Safe Harbor Proposal" in Chicago on February 6, causing a lot of attention and discussion in the industry. At the same time, the blockchain is also accelerating its penetration into traditional industries. For example, in this epidemic, many media and communities have organized discussions on how the blockchain can help prevent and control the epidemic. In the specific implementation, we have also seen blockchain invoices such as those made by Ali and Tencent.
The second is the lack of security in the blockchain. Because the blockchain uses cryptographic technology and some security measures have been taken in some typical applications such as Bitcoin and Ethereum, most people mistakenly believe that the blockchain can solve security problems from the beginning. But in fact, the development cases of blockchain in recent years have completely broken the illusion that the blockchain system can guarantee security. The corresponding cases not only refer to the loss of cryptocurrency exchanges (in fact, centralized exchanges basically do not use blockchain technology), but also include traditional blockchain systems, such as the Bitcoin system, which were artificially forged due to overflow of integer calculations. Hundreds of billions of bitcoin incidents also include vulnerabilities in various smart contracts.
Third, traditional security specifications have not responded to the security needs of distributed systems such as blockchain. Our country issued the Standard Protection 2.0 standard last year, but Iso 2.0 is mainly based on traditional computing forms, and has made security aspects for general systems and several typical systems, such as cloud computing, mobile Internet, the Internet of Things, and industrial control systems. Norms, but there is no norm for the security of distributed systems such as blockchain.
The reasons for the above aspects, coupled with the fact that the blockchain is inherently closely linked to financial currencies, and at the same time, they are facing the background of the central bank's digital currency DCEP. Therefore, the first blockchain in the financial industry appeared first. Norms in terms of safety are logical.
3. We often use distributed ledgers to describe blockchain systems. What exactly are the similarities and differences between distributed ledgers in the financial field and ordinary distributed ledgers?
Let's first look at the general distributed ledger, that is, the blockchain system in the general sense. According to user types and application scenarios, we usually divide blockchains into public chains, alliance chains, and private chains. The public chain is a non-permissive chain and does not require the approval and consent of any person or organization or node. As long as the consensus mechanism of the public chain is recognized, any person or node can freely enter or exit at any time. The bitcoin system and the Ethereum system that we use more are all public chain systems. There is currently no doubt about the definition of public chain.
Alliance chains and private chains are permission chains and need to be approved to enter or exit. It is generally believed that the alliance chain is used between different enterprises or organizations and faces multiple user groups. Private chains are used within a single enterprise or organization and are targeted at single user groups. But after analysis, we think there are many ambiguities in these two concepts. For example, is the blockchain system running JPM Coin inside the JPMorgan Chase Group a private chain or an alliance chain? This system is generally considered to be an alliance chain because there are still many institutions within the Morgan Group. The same problem also applies to the characterization of Libra systems. However, from another level, although JPM Coin and Libra face different users, in this system, they are both a single type of user, and they are also in a single scenario, which also meets the definition of private chain. Therefore, we redefine the alliance chain and private chain from application scenarios and user types. The private chain is a blockchain system oriented to a single task scenario and oriented to a single user type, while the alliance chain is a block oriented to multi-task scenarios and oriented to different user types Chain system. Therefore, the alliance chain can also be formed by different private chains.
Is the blockchain used in the financial system a public, alliance, or private chain?
To answer this question completely, all possible application scenarios of the financial system must be analyzed and classified. But on the whole, it should be said that various types of blockchain systems will be used in the financial field. From a more open point of view, the current Bitcoin system and Ethereum system are also financial applications, but the financial attributes of Bitcoin and Ethereum have not been officially recognized by most countries. If we apply the blockchain system to clearing and settlement between banks, then this system should be a private chain system according to our definition. If on this basis, plus functions such as lending between banks, then this system becomes an alliance chain system.
Due to the particularity of the application scenario of the financial system, there are some differences between its distributed ledger and general distributed ledger. For example, due to the need for anti-money laundering, blockchain applications for large transactions in the financial sector must implement strict KYC authentication, and it is not possible to allow anonymity. Some key applications of finance in the blockchain system, such as inter-agency transactions, clearing, bills, and loans, must first ensure the robustness and stability of the system, and it is impossible to allow the system to fail.
4. What is the difference between distributed ledger security and security of commonly used systems?
The architecture of this distributed ledger is completely different from the architecture of our commonly used systems. Our commonly used systems, whether it is the previous client-server structure or the ephemeral grid computing, also include the currently widely used cloud computing, mobile Internet, Internet of Things and industrial control systems, which are basically a centralized system, all All tasks are completed under the dispatch of a centralized system. Although there are different distributed structures in the assignment of tasks and the design of the architecture, this distributed structure is more to achieve task coordination. Different nodes have different task divisions of work, and the responsibilities and tasks between nodes are different. .
But the blockchain is highly data redundant, and all nodes have a complete data backup. This kind of redundancy is not only to ensure the reliability of the system, it can even be said that basically it is not data redundancy made to ensure the reliability of the system, but to ensure that the data cannot be tampered with and forged, and that the data is highly transparent and fully shared . Although the design of different blockchain systems differs in the division of labor between nodes, the tasks and responsibilities of most nodes are the same. If the nodes in most blockchain systems are to become super nodes, they need to be competitively generated according to the consensus algorithm, instead of being designated in advance.
System reliability and availability are also called system robustness or robustness. Because all actions on the blockchain must be authenticated by the user's signature, the blockchain system has a stronger behavior that cannot be denied. All data on the blockchain will be protected from tampering through technical means such as time stamps and hash functions.In addition, it will be difficult to tamper with the data through multi-party authentication and consensus mechanisms, so the blockchain has better data integrity. But because the data on the blockchain needs to keep a complete backup on all nodes, and the data needs to be recognized and certified by other nodes, the data on the blockchain has worse data confidentiality. Once the data is on the chain, it is difficult to change, so the data on the blockchain has worse controllability.
But this comparison is not entirely absolute. We know that all current blockchain systems are still built on the operating system and TCP / IP network protocols. If the entire system is paralyzed due to viruses or hacking attacks, then the blockchain system may also be paralyzed. Of course this is a more extreme situation.
The different architectures lead to different security threats between blockchain systems and our commonly used systems. Different architectures also correspond to different application scenarios, so whether it is technical means or business needs, the security measures and security measures that the two need to take should also be different.
5. In this Standard document, what do you think are the most noteworthy points? why?
We have summarized the characteristics of 6 aspects.
In the first aspect, this specification is based on the third-level security standard in level protection 2.0 .
The level protection 2.0 standard is a mandatory network security standard in our country. The level protection 1.0 standard was formulated in 2008 based on our country's independent trusted computing theory. In recent years, the trusted computing theory has been fully developed under the leadership of Academician Shen Changxiang. In this context, the level protection 2.0 standard was revised last year. carry out.
The level protection 2.0 standard divides security protection capabilities into five levels from low to high. The third level of security protection capability is defined as "should be able to protect against malicious attacks from externally organized teams, threat sources with richer resources, more severe natural disasters, and other significant levels of harm under a unified security policy The main resource damage caused by the threat can be found and monitored in a timely manner and deal with security incidents. After being damaged, it can quickly recover most of its functions. "
From the perspective of the classification of financial infrastructure operating environments and networks, it is appropriate to position this standard security level as three. In an open and collaborative international environment, the financial infrastructure operating environment and network security generally do not face malicious attacks from hostile organizations at the national level or with such rich resources, but they may face from organized teams and have more Malicious attacks launched by threat sources of resources, such as underworld forces, transnational money laundering organizations, etc. In addition, the higher the security level positioning, the higher the construction and maintenance costs, and the less convenient it is to use. Therefore, the security level should not be positioned as a high level without restriction.
In order to fully understand the "Technical Security Specifications for Financial Distributed Ledgers", it is also necessary to do science popularization under the level protection 2.0 standard.
Section 5.3 of the Level 2.0 Protection Standard states that "due to different business objectives, different technologies, and different application scenarios, different levels of protection objects will appear in different forms. The form of expression may be called basic information network, information Systems (including systems using mobile internet and other technologies), cloud computing platforms / systems, big data platforms / systems, Internet of Things, industrial control systems, etc. Different levels of protection objects face different threats, and security protection requirements will also vary There are differences. In order to facilitate the realization of commonality and personalized protection of different levels and different forms of level protection objects, the level protection requirements are divided into security general requirements and security extension requirements.
"General security requirements are proposed for common protection requirements. Regardless of the form in which the level protection objects appear, the corresponding general security requirements shall be achieved according to the security protection level; security expansion requirements are proposed for individual protection requirements, and shall be The specific technology used or the specific application scenario selectively realizes the security expansion requirements. The security general requirements and security expansion requirements together constitute the security requirements for the objects of level protection. "
The level protection 2.0 standard proposes security expansion requirements for cloud computing, mobile Internet, Internet of Things, and industrial control systems, but it does not propose corresponding personalized expansion requirements for the security of distributed ledger systems such as blockchain. Therefore, the introduction of the Technical Specification for Financial Distributed Ledgers this time can also be regarded as a supplement and improvement to the level protection 2.0 standard.
In the second aspect, this security specification is comprehensive , covering the basic hardware, basic software, cryptographic algorithms, node communications, ledger data, consensus protocols, smart contracts, identity management, 12 aspects including privacy protection, regulatory support, operation and maintenance requirements, and governance mechanisms. Security is both a technical issue and a management issue. Without good management, it is impossible to ensure the security of networks and information even with advanced security technologies. From the perspective of covered content, the security of consensus protocols and smart contracts are rarely covered by traditional security specifications, and are extremely important for blockchain systems. The communication of nodes and the security of ledger data in the distributed ledger technology are obviously different from the traditional communication methods and data security. In addition, identity management is an important content in traditional security, but it is missing in our widely used public chain system, but identity management is essential for applications in the financial field.
The third aspect is the distinctive national secret characteristics . Cryptography is the "life gate" and "lifeline" of our party and country. Cryptography is a particularly important cause of the party and the country. On October 26, 2019, the Fourteenth Meeting of the Standing Committee of the 13th National People's Congress passed the "Cryptography Law of the People's Republic of China". President Xi Jinping signed a presidential decree to promulgate it, and it will be implemented on January 1, 2020. At the same time, the formulation and revision of supporting regulations such as the Commercial Password Management Regulations are also on the agenda. Financial distributed ledger technology is the standard specification of our country's financial industry. In order to safeguard national sovereignty and interests, we must definitely promote the use of national secret algorithms. It is worth noting that in addition to using more asymmetric cryptographic algorithms and hash functions in the blockchain, the specification also uses block ciphers and stream ciphers, and the latest ring signature, group signature, and homomorphic encryption technologies have also been obtained. application.
The fourth aspect is the emphasis on privacy protection. From the provisions of the relevant chapters, we can speculate how DCEP will achieve the unity of identity authenticity and anonymous transactions in the future. For example, in Section 14.3.3, “encryption of at least one of the transaction content information and the information of the transaction party”; “should ensure that participants and auditors have the ability to decrypt and verify encrypted information”; “should ensure that except for transaction participants and Outside the auditor, no other person can obtain any other information from the encrypted information ";" should ensure that anyone can verify the validity and correctness of the encrypted information ". In addition, 14.3.4 “Information is verified by the transaction verification node” also has corresponding provisions. In other words, privacy protection is the privacy of the parties and auditors, but other people or nodes must also have the ability to verify the validity and correctness of the information.
This undoubtedly puts forward relatively high technical requirements. To this end, the section 14.4 "Technical Requirements for Privacy Protection" specifically proposes that "Privacy protection technologies and methods include authentication and authorization, local broadcasting, digest storage, change identification, obfuscation technology and zero-knowledge proof, group signature, ring signature, homomorphic encryption And other algorithm combinations. "
In addition, Section 13.7 "Identity Authentication" requires that "anonymous authentication methods for distributed ledger systems using anonymous authentication should be anonymous, unforgeable and unlinkable." Section 3.29 defines “unlinkability” as “anonymous identification produced by the same user during multiple transactions and cannot be restored to the same user”. This is a technical requirement for anonymous identity from another level. Of course, there are other requirements in this area.
The fifth aspect is support for strong supervision . 15.2 The “System Supervision” section requires that the financial distributed ledger system “should support the access of supervisory agencies to meet the requirements of information auditing and disclosure”; “should support the supervisory activities of the supervisory authority, including but not limited to setting supervisory rules, and Transaction records, on-demand query, analysis of specific business data, etc. ";" Should support regulators to access the underlying data to achieve penetrating supervision. " 15.3 The "Information Management" section requires that "the restoration of the user's real identity and related transaction information in the anonymous identification shall be supported, and the KYC management shall be strengthened in cooperation with the transaction review". In other words, once the transaction is considered problematic, the regulator can immediately restore the user's true identity.
15.5 The “Transaction Intervention” section requires “should be equipped with functions such as restricting transaction rights, freezing accounts, and providing supervisors with technical means for transaction intervention”. The current public chain-based trading system does not have this capability. In addition, the requirements in Section 17.3.2 "Intervention Mechanism" are also provided.
The sixth aspect is reliability or availability requirements . As mentioned earlier, the blockchain system itself has strong reliability and availability, but due to the importance of the responsibilities it assumes, the financial distributed ledger must ensure its reliability and availability. A financial system that is an important infrastructure, once there are reliability or availability problems, it means that the financial order is halted. Although information technology has been highly developed, in recent years, exchange downtime has also occurred frequently in the world. Therefore, the requirements for the reliability and availability of financial distributed ledgers are spread throughout the specification, including physical hardware settings, redundant node settings, requirements for consensus mechanisms and smart contracts, and the integrity, consistency, and effectiveness of the ledger data. The requirements of the degree of redundancy and redundancy, the requirements of the integrity of the node communication and so on.
6. Some people think that the "Standard" released this time will accelerate the development of central bank digital currency and blockchain supply chain finance. What is your opinion on this?
The central bank's digital currency is the underlying infrastructure of the financial system. This specification is the infrastructure for the operation of the financial distributed ledger system. It can even expand the scope and is the infrastructure for the operation of the financial system. This specification is the underlying technical security specification for building financial applications using distributed ledger technology. With this specification, the shortcomings in the construction and operation of financial distributed ledger systems can be avoided. Therefore, the release of this specification will definitely increase the speed of the development of central bank digital currencies.
Does the blockchain supply chain finance use the blockchain system to carry the supply chain finance, or is it the supply chain finance in the blockchain field? But no matter what, it is not clear that this specification has a direct connection with the development of blockchain supply chain finance.
7. At present, there are many blockchain standards, but they are relatively broad technical standards. They have not reached the level of product standards. Are there any shortcomings in the development of blockchain standards? As far as the standards released this time, there are What are the better places and what are the disadvantages?
This question depends on how to understand the concept of product. What if the blockchain is the underlying infrastructure itself? Then technical standards must be the core of product standards. If the product refers to using the blockchain to carry other applications, or simply referred to as the blockchain application, then it is certainly still far from the standard, because after all, mature blockchain applications are still relatively rare.
Back to this question. During the collective study on October 24 last year, the Central Political Bureau also emphasized the issue of the development of blockchain standards. We generally understand standards as norms, but if we want to occupy the first-mover advantage and supremacy of the industry internationally, then standards cannot be limited to general norms, but more importantly, levels and capabilities.
Specific to this standard, good places or characteristics, we have answered above. The introduction of this standard has a strong necessity and timeliness. The formulation of the entire standard also reflects a very high professional standard, but there are still some individual Deficiency or regret.
In the first aspect, the security methods and technical means adopted by this specification are still the traditional centralized methods. The blockchain itself is a distributed architecture with strong decentralization or decentralization (decentralization or decentralization is not inconsistent with business logic-based management), and in recent years secure multi-party computing, zero-knowledge proof, etc. The theory and technology have also made great progress and have ideal applications in distributed systems, but they have not been adopted and reflected in the specifications.
For example, in the "Key Management" section, the specification recommends the use of secret sharing, that is, a complete key is split into several different parts, and then stored or transmitted separately. This approach seems to enhance security, but it brings new difficulties to both management and technical support. Currently, distributed key generation and distributed signature verification based on secure multi-party computing have achieved relatively good engineering effects, and dynamic threshold schemes can also be implemented. It is regrettable that these new technological developments have not been adopted into the specification.
The second aspect is some details. From the specific content of the specification, the term "smart contract code storage" in Section 7.6 is inaccurate. It should be ABI or BIN, which is the binary form after the code is compiled. But it is also possible that the specification implies a requirement for code. The wallet is an extremely important part of the blockchain system, but it is not reflected in this specification. It may also be that the author of the specification believes that the wallet belongs to an independent application component, not the account book technology itself. This specification also lacks security specifications for smart contract compilers and SDKs, and these contents also play a more important role in ensuring the overall security of the system.
8. What attitude do companies and ordinary individuals need to pay attention to?
Chapter 1 "Scope" of the specification has already stated that "this standard applies to institutions engaged in the construction of distributed ledger systems or service operations in the financial field." Therefore, the promulgation of this standard has little relationship with ordinary individuals and ordinary enterprises, but it is too big for institutions that are preparing to engage in or carry out financial system construction or financial service operations through blockchain technology.
There are a few small places to draw your attention to. One is that this specification itself is a recommended industry standard, not a mandatory industry standard. The second is that the classification of this specification is the basic operating environment and network, that is, this specification is oriented to The security specifications of all financial distributed ledger technologies should have more targeted security specifications for different segments or different application levels in the future.
In addition, this specification also stated in the "Introduction" section that "at the stage when the distributed ledger technology form is still plastic, it is necessary to formulate security specifications for key technologies so that financial institutions can deploy and maintain systems in accordance with appropriate security requirements to avoid The emergence of security shortcomings, which provide business guarantee capabilities and information security risk constraint capabilities for large-scale application of distributed ledger technology, has formed a good promotion effect on industrial applications. "In my opinion, this phrase means the exploratory significance of the current specification. Greater than the actual landing significance.
Therefore, the possible future development of this specification, one is to be further tested in practice, to obtain revision opportunities, how much, and in which direction to revise if there is a certain application test, both relying on security technology, especially distributed The development of security technology also depends on the preferences of competent authorities and formulators, but it should eventually become a mandatory industry standard. Second, on top of this specification, a series of distributed applications for specific applications or specific types of financial fields will be formed. Ledger technical security specifications; Third, most of the content of this specification may be incorporated into the level protection 2.0 standard, becoming an example of a security specification for distributed ledger technology.