Research on Privacy Protection of Technology Service Transactions Based on Blockchain and Zero-Knowledge Proof

,


Introduction
The concept of blockchain was first proposed in Bitcoin: A Peer-to-Peer Electronic Cash System published by Satoshi Nakamoto in 2008 [1]. Blockchain technology is mainly composed of distributed storage, consensus mechanism, smart contract, and cryptography. It shows great promise in reducing the drawbacks of traditional centralized platforms and achieving credible data management. As an emerging technology with great potential, blockchain technology has broad application prospects in the fields of digital currency [2], medical care, Internet of Things [3], and supply chain [4].
The privacy protection of blockchain has been one of the research hotspots in recent years. In 2020, literature [5] proposed a decentralized authentication approach based on blockchain to guarantee the trustworthiness of medical data and the privacy of related users. In 2021, literature [6] proposed an anonymous identity authentication scheme to achieve privacy protection and mutual authentication between EV, charging station, and data center. In 2022, literature [7] proposed a blockchain node traceable identity privacy technology scheme based on edge computing, which ensured security and realized privacy protection. However, the above related work only discussed the identity privacy protection of blockchain, without considering the data privacy protection of transactions. Additionally, most of the existing technology service platforms are based on the centralized architecture. The authenticity and originality of the technology service data mainly depend on the trust of the system center or the third-party entities [8][9][10]. Once the system center is no longer trusted, the authenticity and security of the data will be difficult to be guaranteed.
Based on the above research, it is urgent to find a decentralized technology service platform that can meet the requirements of privacy security of users and confidentiality of transaction data. The technology service has high intellectual property attributes. It requires that the specific data of the transaction can be kept confidential while the transaction records are stored in the blockchain. Compared with another zero-knowledge proof technologies, bulletproof has shorter proof length and smaller time complexity. Moreover, it does not rely on trusted setup. So, it can be selected to protect the privacy of transaction data in technology services.
Therefore, this paper uses the blockchain to store digital certificates to achieve identity trustworthy management and introduces bulletproof technology to improve the confidentiality of blockchain transactions. The main contribution of the paper is as follows.
(i) A digital certificate model based on blockchain is proposed to protect the identity privacy of technology service transactions (ii) Introducing bulletproof to realize the privacy protection of technology service transaction data (iii) Privacy, security, and scalability are improved, and storage costs are lower The remainder of this paper is organized as follows: the second section provides a literature review on the use of zero-knowledge proof technology to improve blockchain privacy protection. The third section presents privacy protection scheme of technology service transaction based on bulletproof. The fourth section compares the zeroknowledge proof privacy protection scheme proposed in this paper with other schemes from the perspective of security and privacy and performance. Finally, the fourth section gives the conclusion of this paper.

Related Work
The blockchain itself is a transparent public ledger, and the details of transactions can only be stored after verification by consensus nodes, which shows that the confidentiality of the blockchain itself is a big hidden problem. To improve the confidentiality of blockchain, adding zero-knowledge proof technology is one of the focuses of many researchers in recent years [11][12][13]. Literature [14] adds zeroknowledge proof to the blockchain environment to authenticate members and disclose or anonymize them through decentralized identifiers to solve the privacy problem. Literature [15] proposes an anonymous hidden transaction model based on the blockchain by modifying the original blockchain transaction script and combining with the zeroknowledge proof mechanism, which can effectively protect the transaction user information. Literature [16] designed a digital identity management system using smart contracts and zero-knowledge proof. It adopts the framework of offchain computation and on-chain verification, which effectively prevents the exposure of ownership between user entities and attributes in distributed ledgers, and realizes privacy and security. Literature [17] achieves anonymous identity verification of electric vehicle users by applying zeroknowledge proof to blockchain. Literature [18] proposes a blockchain-based zero-knowledge proof scheme for identity verification by improving the classical zk-SNARK scheme to ensure the authenticity and privacy of uploaded data.
To sum up, most of the privacy protection studies of zero-knowledge proof are about identity anonymization. Few of them are dedicated to the privacy protection of transaction data. The comparison of the zero-knowledge proof researches of blockchain privacy protection are mentioned in Table 1. As shown in the table, bulletproof has the best comprehensive performance. Therefore, this paper selects bulletproof [19] to realize the protection of transaction privacy.

Privacy Protection Scheme of Technology
Service Transaction Based on Zero-Knowledge Proof 3.1. Design of Technology Service Architecture Based on Alliance Chain. Alliance chain refers to the blockchain used within a certain group or organization, which has certain restrictions and requirements on participating organizations and units. It not only realizes the functions of blockchain distributed ledger, consensus algorithm, and antitampering but also achieves the access mechanism. Exactly, technology service transactions are generally carried out between enterprises or schools and enterprises, and not all of them have bookkeeping rights. In the meantime, they have high property rights and high requirements for privacy and confidentiality, which are highly compatible with the alliance chain. Therefore, this paper selects the alliance chain as the underlying blockchain and uses the CA agency to review the identity information of technology service users as the access mechanism of the technology service platform to ensure the credibility of the transaction identities. It also uses the digital certificates to authenticate the identity of both parties in technology services when users conduct technology service transactions, while adding Pedersen commitment and zero-knowledge proof encrypts and verifies the specific information of the transaction. In order to solve the problem of single point of failure in the traditional technology service-centralized system and ensure that only legitimate users have the right to use the platform functions, the distributed decentralization and high reliability of blockchain are used to manage the trusted identity authentication of the roles of technology service demander, technology service provider, and technology service platform. The identity authentication management model based on the alliance chain in this study is shown in Figure 1, which mainly consists of ordinary users, CA agency, regulator, and blockchain. First, ordinary users are divided into technology service providers and demanders and upload their respective information to the regulator, which is responsible for auditing the identity information uploaded by ordinary users. It initially verifies whether the uploaded information is complete and whether the data format is correct and then uploads the audited user information to the CA agency. Then, the CA agency conducts a second 3.2. Technology Service Privacy Protection Scheme. To achieve transaction security and privacy protection between the technology service provider and the technology service demander in the technology service system, this study integrates blockchain, technology service user, smart contract, and zero-knowledge proof to construct a privacy protection scheme for technology services. As shown in Figure 2, the blockchain-based zero-knowledge proof privacy protection scheme for technology services consists of CA organization, technology service demanders, technology service providers, smart contract, and blockchain. The functions are as follows: (1) CA: issue digital certificates to users (2) Technology service demanders: publish technology service demand (3) Technology service providers: provide technology services and make reasonable use of the technology services they own for profit (4) Smart contract: preset trigger conditions to judge the correctness of zero-knowledge proof (5) Blockchain: the alliance chain is adopted to realize the trusted identity management of the technology service platform, and zero-knowledge verification of transaction information across the network using consensus algorithms to achieve transaction storage on the chain The blockchain-based technology service privacy protection scheme is shown in Figure 2. First, the technology service platform distributes digital certificates to each successfully registered user for identity authentication, and both sides of the technology service transaction verify the authenticity of each other's identity through the digital certificates. Then, the peer-to-peer technology service transaction is carried out in the blockchain network, and the specific data of the transaction is packaged and encrypted after the transaction is completed. After that, both parties (the prover) of the technology service transaction use Pedersen promise to hide the transaction data. Then, use the bulletproof algorithm to generate zero-knowledge proof and sent it to the smart contract, which verifies the authenticity of the commitment and the legitimacy of the transaction data. Finally, if the verification is passed, the transaction is successful, and a new block is generated. Otherwise, the transaction fails.

Zero-Knowledge Proof Realizes Transaction Privacy Protection
3.3.1. Pedersen Commitment. Pedersen commitment is a perfectly hidden, computationally bound commitment protocol that meets the needs of confidential transactions (CT). When the two parties of the technology service conduct a transaction, the transaction data is replaced with the Pedersen commitment without displaying the specific information of the transaction. Other nodes cannot artificially modify the transaction data in the Pedersen commitment, because only the original value when constructing the Pedersen commitment can satisfy the mathematical operations involved. The detailed steps for hiding the transaction data of the technology services using Pedersen commitments are as follows.  Pedersen commitment has two phases, commitment generation and commitment disclosure. The commitment generation process is to input a plain text value v and a random blinding factor r, and then, a commitment Com to v can be returned. The commitment verification process is to verify whether the commitment Com is truly bound to the value v it claims to be bound to. The commitment generation and verification process is shown in Figure 3.

Bulletproof.
Pedersen commitment can only hide the transaction value without any restriction on the arithmetic result, while technology services require a nonnegative transaction result. Therefore, this paper introduces bulletproof to prove that the promised transaction data is within the allowable range without revealing any information. Bulletproof, as a relatively advanced noninteractive zeroknowledge proof technique in recent years, its biggest feature is that it provides native support for submitted values such as Pedersen commitments and public keys and can perform scope proofs in this general zero-knowledge proof framework without requiring installing large and complex elliptic curve arithmetic in it.
The zero-knowledge proof mechanism based on blockchain using bulletproof to achieve privacy of technology service transactions is shown in Figure 4, which is divided into three main parts: client, proof generation phase, and proof verification phase. The transaction is initiated by the client, and the transaction data of the tech service user is hidden using Pedersen commitment, denoted as comðr, vÞ. In the meantime, adding zero-knowledge rangeproof ensures the legitimacy of transaction data. Then, the relevant promises and proofs are sent to the smart contract, which can verify the correctness of the transaction. Finally, the successfully verified transaction data are deposited into a new block for on-chain storage.

Realization of Technology Service Transaction Process.
The realization process of technology service transaction based on blockchain and zero-knowledge proof designed in this paper is shown in Figure 5. The specific steps for the realization of technology service transactions are as follows.
(Step 1) The information m 0 consists of the Pedersen commitment comðr 0 , v 0 Þ of the initial amount of the technology service demander p i and the scope proof rangeproof (v 0 ) generated by bulletproof. The demander of the technology service r i initiates a transaction request with the transaction amount of v 1 from the technology service provider p j (Step 2) After receiving the transaction request, the technology service provider first confirms

Wireless Communications and Mobile Computing
whether the identity of the counterparty is correct by checking the digital certificate of the demander of the technology service p i and then generates a random number, and then, the transaction commitment then generates a random number r 1 . After that, it sends the information m 1 consisting of the transaction commitment comðr 1 , v 1 Þ and rangeproof (v 1 ) generated by bulletproof to the demander of technology services p i (Step 3) After receiving the reply, the demander of technology services p i calculates the current account balance v 2 = v 0 − v 1 and generates a random number r 2 = r 0 − r 1 . Then, it composes the generated Pedersen commitment comðr 2 , v 2 Þ and the scope proof rangeproof (v 2 ) into a message m 2 . Meanwhile, it sends the three parts of information input1, output1, and output2 generated by m 0 and m 1 and m 2 to the smart contract for verification (Step 4) The smart contract checks the correctness of the transaction. It mainly includes the following aspects: whether the input is consistent with the initial balance before the account transaction; whether the range proof of the transaction output is correct; whether the sum of the input of the transaction is equal to the sum of the transaction outputs, that is, whether it is satisfied comðr 0 , v 0 Þ = comðr 1 , v 1 Þ + comðr 2 , v 2 Þ (Step 5) If the smart contract checks out, it will broadcast this transaction to the whole network, and other nodes of the blockchain will conduct consensus verification. If the verification is passed, the packaged and encrypted technology service transaction data will be stored in a new block, and the transaction will be completed. Otherwise, the transaction fails As a result, the transaction information seen by other nodes of the blockchain exists in the form of commitment proof, and no plaintext of any transaction data is disclosed in the whole process, which shows that user privacy is protected in the transaction.

Analysis and Evaluation
Based on the above description, this section is mainly about analysis and experiment. It mainly analyzes security and privacy. The client operating environment is Ubuntu 16.04 (64 bit), Intel Core i5-1135G7@2.40 GHz, 16 G RAM. This experiment uses the underlying platform of Hyperleger Fabric for testing and GO language for programming language.

Security and Privacy Analysis.
First of all, the identity authentication mechanism of the traditional technology service platform based on centralized management has the risk of privacy leakage. In this paper, the alliance chain is used to manage the identity of technology service users by using the issuance of digital certificates as the access mechanism of the technology service platform. The digital certificates is stored on the blockchain to prevent loss and tampering, effectively avoiding the single point of failure problem in the traditional identity authentication method. Secondly, the transaction data in the scheme proposed in this paper are stored in the block in the form of committed values. Users other than both sides of the transaction will not know the specific transaction information, thus ensuring the privacy of the transaction. The Pedersen commitment used in the scheme provides the privacy of the transaction data by introducing a random blinding factor r. Even if the privacy data v remains unchanged, the final commitment Com will change with r. Moreover, since the Pedersen commitment is based on the elliptic curve discretization problem, it is almost impossible to reverse the known commitment Com and elliptic curve points G and H to solve for the data v and r, thus providing the steganography of the transaction data. Finally, the scope proof of hidden transaction information is achieved by adding bulletproof, where the verifier can verify the legitimacy of the transaction data through zeroknowledge proofs, but cannot obtain the secret value according to the commitment and known parameters.
It can be seen that the access mechanism of the alliance chain ensures that the users of technology services who join are authentic and trustworthy, thereby guaranteeing the security of transactions between the technology service users. The addition of bulletproof can hide the specific transaction information of both parties of the technology service transaction, which can effectively prevent the leakage of transaction information, thus guaranteeing the privacy of technology service transactions.

Performance
Analysis. The performance of the scheme in this paper is mainly compared and analyzed with the scheme of literatures [16][17][18][20][21][22]. Performance parameters mainly refer to literature [23]. As shown in Table 2  5 Wireless Communications and Mobile Computing mainly compares privacy, scalability, on-chain computability, and storage overhead. It can be seen that the scheme proposed in this paper does not sacrifice its scalability while improving privacy. Moreover, it can reduce the storage cost.

Conclusions
This paper is based on the issue of blockchain privacy security. The zero-knowledge proof technology in various blockchains and its corresponding scheme applications are described. To solve the problem of transaction privacy in technology services, this paper proposes a privacy protection scheme for technology service transaction based on blockchain and bulletproof. The blockchain stores digital certifi-cates to ensure the identity privacy of technology service users. At the same time, bulletproof is introduced into blockchain technology service transactions to hide the specific information of transaction data. Finally, the comparative analysis shows that the proposed scheme has the advantages of strong privacy, scalability, and low storage cost.
In the future work, it is necessary to fully apply zeroknowledge proof to the blockchain platform to improve the privacy and security of the blockchain. Although the performance of the bulletproof used in this paper is optimized relative to other zero-knowledge proof methods, the verification operation of its smart contract is relatively complicated, and there is still a problem of high computational cost in application. Therefore, future work will focus on improving the algorithm of bulletproof to meet the needs of efficient verification of blockchain smart contracts.

Data Availability
The data used to support the finding of this study are included within the article.

Conflicts of Interest
The authors declare that there is no conflict of interest regarding the publication of this paper.