摘要: 以“数字金融新原力(The New Force of Digital Finance)”为主题,蚂蚁金服ATEC城市峰会于2019年1月4日在上海如期举办。在ATEC区块链行业研讨会分论坛上,蚂蚁金服区块链BaaS技术总监李书博做了主题为《BaaS入门到精通:区块链技术如此简单》的精彩分享。
Summary: The New Force of Digital Finance, a city summit of ant gold at ATEC, held in Shanghai on 4 January 2019. At the break-out forum of the ATEC sector block chain industry workshop, the technical director of the ants at BaaS made a wonderful sharing on the theme "BaaS entry to mastery: block chain technology is so simple. "
演讲中,李书博首先从技术方面介绍了蚂蚁区块链BaaS平台,随后从实践的角度介绍了客户如何快速地实现上链,最后带领大家一起详细地了解了平台的合作服务流程。
李书博 蚂蚁金服区块链BaaS技术总监
During the presentation, Lee did a technical presentation on the ants block chain BaaS platform, followed by a practical presentation on how clients could quickly achieve the upper chain.
, t_70)
本次直播视频精彩回顾,戳这里!
以下内容根据演讲嘉宾视频分享以及PPT整理而成。 The following is based on the guest video sharing and PPT. 本次的分享主要围绕以下三个方面: This sharing revolves around three main areas: 一、蚂蚁区块链BaaS平台的技术方面 I. Technical aspects of the BaaS platform in the ant block chain 二、蚂蚁区块链BaaS平台的实践方面 II. Practical aspects of the ants block chain BaaS platform 三、蚂蚁区块链BaaS平台的合作流程方面 III. Process of cooperation on the ants block chain BaaS platform 蚂蚁区块链BaaS支撑了众多的区块链业务场景和上链数据流量,其平台背后必然拥有着难以想象的黑科技和先进技术。那么BaaS平台究竟是什么呢?这个问题可以从三个方面进行回答。 1、可以充分利用云计算本身的弹性、高可用性和灵活性; The flexibility, high availability and flexibility of cloud computing per se can be fully utilized; 2、又能充分发挥区块链本身的信任基础设施的能力,比如多方共识、不可篡改、可信。 2. The ability to fully utilize the infrastructure of trust in the block chain itself, such as consensus-building, non-frozen and credible. 其次,BaaS通过云服务输出,有三方面的特点: Secondly, there are three characteristics of BaaS, which is exported through cloud services: 1、它可以作为一种云服务的方式进行输出,这样用户可以根据实际需要来选择; 1. It can be produced as a cloud service so that users can choose according to their actual needs; 2、它可以快速地实现部署使用,从而节省了用户宝贵的时间; 2. It allows rapid deployment, thus saving valuable user time; 3、它可以使用户在业务上和应用上的投入成本达到最小化。借助于BaaS的便捷性和可用性,各种行业的场景和区块链可以进行有效地结合。这样,BaaS就变成一个区块链在各行业解决方案的基础设施,成为了一个可靠的扎实的信任基础。 3 It minimizes the cost of input from users in business and application. With the ease and availability of BaaS, industry scenes and block chains can be effectively combined. In this way, BaaS becomes the infrastructure of a block chain of solutions in industry and a solid foundation for trust. BaaS平台希望与合作伙伴一起构建出一个开放的生态。蚂蚁区块链的核心技术在2017、2018连续两年都是全球专利排名第一,这些核心技术也将秉承着“共享”和“赋能”的理念分享给大家,让大家可以充分利用蚂蚁区块链上的核心技术:如多种隐私安全的解决方案,包括密码学方案及物理隔离的方案,通过高强度的隐私保护,保证用户的业务和隐私安全。此外,平台支持灵活可定制的商业应用,用户可以简单易用地使用区块链技术和BaaS服务。 The BaaS platform wants to build an open ecology with its partners. The core technology of the ant block chain is ranked first globally for two consecutive years, in 2017 and 2018. The core technology will also be shared on the basis of the concepts of “sharing” and “empowerment” so that you can take full advantage of the core technology of the ant block chain: solutions such as multiple privacy security solutions, including cryptology programmes and physical isolation programmes, secure user operations and privacy through high-intensity privacy protection. In addition, the platform supports flexible and customized commercial applications that allow users to use block chain technology and BaaS services easily and easily. 蚂蚁区块链的定位是企业级的联盟链,如下图所示,它的主要目的是去赋能实体经济,为实际的业务和应用赋能。 The location of the ant block chain is an enterprise-level alliance chain, whose main purpose, as shown in the figure below, is to empower the real economy and enable the actual operations and applications. 1、联盟链管理。联盟链的创建以及联盟链的联盟组织的管理,是BaaS的一个基本能力; 1 Alliance chain management. The creation of the Union chain and the management of the coalition organization of the Union chain are a basic capacity of BaaS; 2、身份认证。对于联盟链的每一个参与的企业,都有认证。平台会颁发证书来帮助用户认证自己在联盟链上的身份; The platform issues certificates to help users authenticate their identities in the chain; 3、自动化部署。整个平台对于区块链采用自动化部署的方式。这种方式可以非常快的以低成本方式迅速部署区块链平台,让用户迅速地拥有自己的区块链; 3. Automation of deployment. The entire platform uses automated deployment for block chains. This approach allows for rapid deployment of block-chain platforms in a very rapid and low-cost manner, allowing users to quickly own their block chains; 4、区块链能力。蚂蚁区块链技术能力的输出目前主要在两个方面,一方面是存证平台,针对区块链的存证场景实现一个在性能上的优化的区块链平台。另一方面是智能合约平台,提供可编程的智能合约运行环境的区块链平台; 4. Block chain capability. The output of the technical capabilities of the ant block chain is currently based on two main aspects: on the one hand, a documented platform that optimizes the performance of the block chain against a documented scene of the block chain. On the other hand, a smart contract platform that provides a programmed smart contract operating environment for the block chain; and, on the other hand, on the other hand, on the one hand, on the other hand, on the other hand, on the one hand, on the other hand, on the other hand, on the other hand, on the other hand, on the other hand, on the other hand, on the other hand, on the other hand, on the other hand, on the other. 5、业务配置。在业务配置中,对于不同的场景,不同的业务,其数据的配置和属性都是完全不同的,区块链也对这方面的灵活性提出了更多的要求。在业务配置方面,通过平台提供了数据配置能力来帮助大家配置面向业务的语义; 5. Business configurations. In business configurations, data configurations and attributes are completely different for different scenarios, different operations, and block chains impose additional requirements for flexibility in this regard. In business configurations, the platform provides data configuration capabilities to help configure business-oriented semantics; 6、开发支持。区块链对于各个场景的应用都需要创新,也需要技术上的开发。平台会提供完备的技术开发相关组件,帮助用户落地最佳实践,拓展更多场景。 6. Development support. Block chains require innovation and technological development for each scenario. 从平台优势来看,蚂蚁区块链BaaS有五大优势: In terms of platform advantages, the ants block chain BaaS has five main advantages: 1、性能高、高可靠性。不仅有存证场景的两万五TPS的处理能力,平台也有高可靠和高容错; 1. High performance, high reliability. Not only is there the capacity to handle 25,000 TPS in a documented scenario, but the platform also has high reliability and high tolerance for error; 2、信任隐私保护。平台不仅在区块链层实现了非常高的隐私保护能力,在BaaS服务层也提供了相应的对于企业身份的认证的能力; Trust privacy protection. The platform has achieved a very high level of privacy protection not only in the block chain, but also in the BaaS service level, which provides a corresponding ability to authenticate the identity of the business; 3、简单易用。减少区块链投入的成本,减少区块链使用的门槛,使用户不需要了解区块链很深的细节也能利用区块链的能力赋能应用业务; 3. Simple and easy to use. Reduce the cost of block chain input, reduce the threshold for block chain use, and enable users to apply the enabling operations without having to know the details of block chain depth; 4、跨网络。区块链有一个相对来说深入人心的特点——去中心化。BaaS在跨网络、跨不同云的平台上以及跨公有云和用户IT环境的场景下,提供了相应的支撑和自动化的部署能力; 4. Cross-networks. The block chain has a relatively deep-rooted feature -- de-centralization. BaaS provides a supporting and automated deployment capability in the context of a cross-network, a platform across different clouds and a cross-public cloud and user IT environment; 5、云上的网络安全。平台充分利用了阿里云和蚂蚁金融云这样的金融级的云平台能力(如VPC网络)来保证区块链网络安全。 5. Network security on clouds. The platform makes full use of the ability of cloud platforms (such as the VPC network) at the financial level, such as the Ali Clouds and Ants Financial Clouds, to secure the network of block lines. 1、底层是基础底座 BaaS Core,基于对主机以及容器实现了灵活支持的云平台,实现跨平台的灵活运行和部署。对于可信硬件,即基于阿里云的神龙服务器提供相应的硬件服务,可以提供一个高可靠高隐私保护的TEE。除了最早推出的存证平台以外,还会逐步推出智能合约平台以及跨链服务。在区块链的未来中,单链或者一条链存在自身的局限性,未来对于区块链建立信任的基础设施、信任的生态,跨链技术将成为其中非常重要的一环。目前BaaS平台上也正在对跨链服务做相应的支撑,通过跨链服务,平台实现了内部的互联互通,同时也可以通过智能合约和跨链服务对于外部的互联网上的可信数据源进行访问。而且BaaS平台各方面的能力,从管理层面、安全隐私层面、证书、密钥、部署方面都有相应的功能和支撑。 1 The bottom level is Base Base Base Base BaaS Core, which operates and deploys flexibly across platforms on the basis of a cloud platform with flexible support for the mainframe and the container. The corresponding hardware service for credible hardware, namely the Dragon server based on the Ali Cloud, provides a high level of reliability and privacy protection of TEE. In addition to the first documented platform, smart contract platforms and cross-chain services are gradually being introduced. In the future of the block chain, there are limitations to a single chain or chain, and in the future, cross-chain technology will be an essential part of the infrastructure for building trust in the block chain, a trusted ecology. 2、向上一层 BaaS Plus,把底层的服务和能力封装、服务化,开放为标准化的接口,提供给合作伙伴们一起来接入和使用。这样用户在基础资源上的投入可以大大减少,同时接入业务的耗时也会大大降低。截止到目前为止,平台已经推出了可信存证、可信时间、通用溯源等服务,也会在未来逐步推出像用户连接、安全可靠的云上密钥管理以及实名认证和应用管理等服务。 To date, the platform has put in place services such as credible documentation, credible time, generic traceability, and, in the future, services such as user connections, secure cloud key management, and real name authentication and application management. 3、再向上,蚂蚁区块链实现了几十个应用场景。在应用场景落地的实际应用都会沉淀形成一层标准的应用解决方案模板,从而方便用户在自己的应用中借鉴其它类似场景的平台能力。 3 Upwards, the ant block chain achieves dozens of applications. The practical application of the application site will sink into a standard application solution template that allows users to learn from other similar scenarios in their application. 在上文中主要介绍了蚂蚁区块链BaaS平台的技术方面,接下来将从实践的方面来介绍如何使用BaaS平台迅速地把应用接入区块链,即迅速地实现业务上链。从使用场景和流程上来看,会涉及到两类角色,如下图所示: The technical aspects of the ants block chain BaaS platform are described above, followed by practical aspects of the use of the BaaS platform for rapid access to the application block chain, i.e. rapid operational uplinks. From the use scene and process, two types of actors are involved, as shown in the figure below: 1、联盟成员。联盟成员可以申请加入区块链,从平台获取身份和认证的证书。用户进而会得到开发的组件,去开发自己的应用,同时平台会向用户提供整个区块链浏览器和运行状态监控。 1. Alliance members can apply to join a block chain to obtain identification and authentication certificates from the platform. Users will then get the components developed to develop their own applications, while the platform will provide users with a whole block chain browser and active status monitoring. 2、联盟管理员。它拥有较大的权限,可以创建一个联盟链,也可以创建一个新的联盟,还可以管理邀请联盟成员(例如邀请其他的合作企业加入到自己的联盟、审核申请等)。 2 Alliance Administrators. It has greater authority to create a chain of alliances, or a new union, and can also manage the invitation to Alliance members (e.g. invite other cooperative enterprises to join their own union, review applications, etc.). 1、生成个人身份。由于平台不会保存用户的私钥,用户可以放心地把公钥上传到平台上面来,并下载认证的证书; 1. Generates a personal identity. As the platform does not save the user's private key, the user can safely upload the public key to the platform and download the certified certificate; 2、访问新手引导的测试体验链。用户借此可以快速看到蚂蚁区块链的全貌,通过浏览器了解平台的运行情况和交易的数目,运行示例代码向平台发起交易。 对于应用来讲,具体包括三个层面的工作,如下图所示: For applications, it specifically includes three levels of work, as shown in the figure below: 1、开发智能合约,由智能合约去实现应用的核心功能,即链上的逻辑; 1. Development of smart contracts, whereby the core functions of the application, i.e. chain logic, are performed; 2、开发业务应用去对接区块链服务; 2. Development of business applications to dock block chain services; 3、当用户开发完业务应用以后,会希望应用在联盟内进行一个分享。对于区块链而言,可以是一个联盟机构组织创建一个应用,然后通过平台的进行应用分享,从而可以让更多的联盟参与者迅速地利用或者使用这种应用模式,进而构建出自己的业务和服务。 3. For a block chain, a coalition organization could create an application, which could then be shared through the platform, allowing more coalition participants to quickly use or use the application model to build their own operations and services. 其中区块链存证接口的模型结构如下图所示。区块链存证的结构十分基础和简单,但它却具有非常广泛的应用范围,在双11的时候,基于区块链的溯源服务能够支撑1.5亿的商品流转,因此区块链存证赋能的溯源业务也能够体现区块链存证的强大能力。具体来说,存证服务可以分为两类,一类是明文存证,一类是隐私存证。对于链上的数据加密,平台推荐使用一次一密的模式,这种方式既保证了加密的安全性,也有非常好的性能。 The model structure of the chain interface of the blocks is shown in the figure below. The structure of the chain of blocks is very basic and simple, but it has a very broad range of applications. At two times, the retrospective service based on the chain of blocks = 150 million commodities can support the flow of goods, so that the trace operation of the chain of blocks = 150 million can also reflect the strong capability of the chain of blocks. Specifically, the service of the certificate can be divided into two categories, one of which is explicit, and one of which is a privacy certificate. For data encryption on the chain, the platform recommends the use of a detailed model that secures both the encrypted security and the very good performance of the grid 对于合作的服务和流程,从需求对接包括方案的设计,开发、实践以及测试生产环节的搭建到最终业务的上线,总共预计有三个月的时间,其具体流程如下图所示。 For cooperative services and processes, a total of three months are expected from the demand-to-demand interface, including the design of the programme, development, practice and testing of the production chain to the end line, as shown in the graph below.
首先,它是一个开放式平台。有别于单一的区块链技术,蚂蚁区块链BaaS平台是基于云平台开放的区块链技术,这样做有两个方面的好处:
, which is based on two open-sector technology platforms, which are based on an open-line platform of S-a.
在企业级的联盟链场景下,蚂蚁区块链BaaS的功能包括以下几个方面:
lazy" in the business-level landscape, including the following:
下图是蚂蚁区块链BaaS技术框架图,其架构主要分为三层:
below:
平台在产品的设计上更简单易用,如下图所示。在初次使用时,平台会提供一个新手引导和开放的测试体验链,这样便于刚刚注册的用户去了解区块链。当用户有了一些基础方面的能力、或者对蚂蚁区块链的联盟链以及组织方式有了一定程度的了解之后,就可以创建组建自己的联盟、创建属于自己的联盟链,同时可以在此基础上开发相应的应用和服务,并能在整个联盟内部进行分享。新手引导中只包含几步:
那么蚂蚁区块链BaaS平台提供什么样的链呢?下图所示是蚂蚁区块链整个框架和架构。具体分成三类,分别是存证平台、合约平台和跨链平台。在平台底层有虚拟机进行支撑。往上包括智能合约方面的设计、密码学安全和隐私保护,都有相应的自研的核心技术。再向上对于整个联盟的系统治理、合约开发的工具,从模板、系统合约以及各类的合约,蚂蚁区块链都有很好的支撑。依托蚂蚁金服的生态,与多方安全计算、IoT等结合,提供更加多样化的服务。
接下来的一个步骤是组建联盟。对于用户而言,如何从无到有地组建一个联盟呢?事实上,用户可以通过平台创建多个联盟,通过联盟管理每个联盟企业。同时对于联盟有管理权限的链进行环境配置,也就是由联盟的管理者进行配置和管理。用户组建好自己的联盟之后,就可以创建联盟内部的链,可以是多条链。区块链的应用与任何行业的应用都是类似的,包括生产环境下的、测试环境下的、QA环境下的、开发环境下的。同样对于链的目的来说,有的是为了开发、有的是为了测试、有的是为了生产。基于这个考虑,在一个联盟内会提供给用户不同的链。
当用户创建链以后,可以完成对链的基础规格选择,不同的规格也支持不同的性能。用户通过平台完成创建链之后,可以申请加入这个链,同时下载各个组件和工具。当基础资源以及联盟完成创建以后,最核心的、也是最重要的一步是开发应用,而这也是大家使用区块链的目的。
在平台中有两类最佳的实践,一类是智能合约,一类是存证服务。平台提供了轻量级的客户端,用户能够通过SDK或者REST迅速接入区块链的智能合约层或者访问区块链平台。对于存证服务,平台提供了相应的业务视图,可以作为传统应用和区块链存证服务之间的缓存,也可以进行线下的数据分析。
provides two best practices on the platform, one of which is a smart contract and one of which is a documented service.
而业务数据格式接口如下图所示,对于不同场景的应用,其业务数据格式也不一样。尤其是在联盟内,用户需要进行协商,以达成一致的配置。而平台对此提供了非常简单的配置能力,方便用户的数据在链上进行有效的流转。
除了以上的能力以外,在存储方面,平台充分和阿里云和金融云的存储能力。对于不同类型的数据采用NAS,云盘或本地磁盘提供存储。在安全上,除了传输层的安全,所有传输层网络层都实现双向的加密;对于数据层的安全和账本层的应用也有很好的支持,可以通过智能合约对数据进行加密。
倘若对于一些标准场景和已经有最佳实践的标准案例,所花费的时间将会大大缩短。在本次区块链创新大赛上也会通过蚂蚁区块链BaaS提供丰富的区块链能力,希望能与大家一起来共创区块链的未来!
点击阅读更多,查看更多详情
发表评论