Patent Application
20170228731
This application for letters patent disclosure document describes inventive aspects that include various novel innovations (hereinafter “disclosure”) and contains material that is subject to copyright, mask work, and/or other intellectual property protection. The respective owners of such intellectual property have no objection to the facsimile reproduction of the disclosure by anyone as it appears in published Patent Office file/records, but otherwise reserve all rights.
The present innovations generally address Guided Target Transactions and Encrypted Transaction Processing and Verification, and more particularly, include 12 Computationally Efficient Transfer Processing and Auditing Apparatuses, Methods and Systems.
As such, the present innovations include (at least) the following distinct areas, including: Electrical Communications with Selective Electrical Authentication of Communications (with a suggested Class/Subclass of 340/5.8); Data Processing Using Cryptography for Secure Transactions including Transaction Verification and Electronic Credentials (with a suggested Class/Subclass of 705/64, 74, 75); and Electronic Funds Transfer with Protection of Transmitted Data by Encryption and Decryption (with a suggested Class/Subclass of 902/2).
However, in order to develop a reader's understanding of the innovations, disclosures have been compiled into a single description to illustrate and clarify how aspects of these innovations operate independently, interoperate as between individual innovations, and/or cooperate collectively. The application goes on to further describe the interrelations and synergies as between the various innovations; all of which is to further compliance with 35 U.S.C. §112.
Bitcoin is the first successful implementation of a distributed crypto-currency. Bitcoin is more correctly described as the first decentralized digital currency. It is the largest of its kind in terms of total market value and is built upon the notion that money is any object, or any sort of record, accepted as payment for goods and services and repayment of debts. Bitcoin is designed around the idea of using cryptography to control the creation and transfer of money. Bitcoin enables instant payments to anyone, anywhere in the world. Bitcoin uses peer-to-peer technology to operate with no central authority. Transaction management and money issuance are carried out collectively by the network via consensus.
Bitcoin is an open source software application and a shared protocol. It allows users to anonymously and instantaneously transact Bitcoin, a digital currency, without needing to trust counterparties or separate intermediaries. Bitcoin achieves this trustless anonymous network using public/private key pairs, a popular encryption technique.
Bitcoin, a cryptographically secure decentralized peer-to-peer (P2P) electronic payment system enables transactions involving virtual currency in the form of digital tokens. Such digital tokens, Bitcoin coins (BTCs), are a type of crypto-currency whose implementation relies on cryptography to generate the tokens as well as validate related transactions. Bitcoin solves counterfeiting and double-spending problems without any centralized authority. It replaces trust in a third-party such as a bank with a cryptographic proof using a public digital ledger accessible to all network nodes in which all BTC balances and transactions are announced, agreed upon, and recorded. Transactions are time-stamped by hashing them into an ongoing chain of hash-based proof-of-work (PoW) forming a record that can't be changed without redoing the entire chain Anonymity is maintained through public-key cryptography by using peer-to-peer (P2P) addresses without revealing user identity.
Bitcoin coin (BTC) is essentially a hashed chain of digital signatures based upon asymmetric or public key cryptography. Each participating Bitcoin address in the P2P network is associated with a matching public key and private key wherein a message signed by private key can be verified by others using the matching public key. A Bitcoin address corresponds to the public key which is a string of 27-34 alphanumeric characters (such as: 1BZ9aCZ4hHX7rnnrt2uHTfYAS4hRbph3UN or 181TK6dMSy88SvjN1mmoDkjB9TmvXRqCCv) and occupies about 500 bytes. The address is not a public key. An Address is a RIPEMD-160 hash of an SHA256 hash of a public key. If that public key hashes (RIPEMD160) to the Bitcoin Address in a previously unclaimed transaction, it can be spent. Users are encouraged to create a new address for every transaction to increase privacy for both sender and receiver. While this creates anonymity for both sender and receiver, however, given irreversibility of transactions, nonrepudiation may be compromised. Addresses can be created using Bitcoin clients or ‘wallets’. The sender uses his or her private key to assign payments to receiver's public key or address. Characters within the address also serve as checksum to validate any typographical errors in typing the address. The private key is the secret key that is necessary to access BTCs assigned to the corresponding public key address. Private keys start with first character ‘1’ or ‘3,’ where ‘1’ implies use of one key while ‘3’ denotes multiple private keys for ‘unlocking’ a payment. Bitcoin addresses and associated private keys are stored in encrypted wallet data files typically backed up offline for security. If a wallet or a private key is lost, related BTCs are then also irretrievably lost.
Appendices and/or drawings illustrating various, non-limiting, example, innovative aspects of the Computationally Efficient Transfer Processing and Auditing Apparatuses, Methods and Systems (hereinafter “CETPA”) disclosure, include:
Generally, the leading number of each citation number within the drawings indicates the figure in which that citation number is introduced and/or detailed. As such, a detailed discussion of citation number 101 would be found and/or introduced in
The Computationally Efficient Transfer Processing and Auditing Apparatuses, Methods and Systems (hereinafter “CETPA”) transforms virtual wallet addresses or fractional order purchase request inputs, via CETPA components (e.g., Virtual Currency Component, Blockchain Component, Transaction Confirmation Component, etc.), into transaction confirmation outputs. The components, in various embodiments, implement advantageous features as set forth below.
Bitcoin transactions are typically posted on a public, distributed ledger called a blockchain. The Bitcoin network stores complete copies of the blockchain on nodes that are distributed around the world. Anyone can install the Bitcoin software on a networked computer to begin running a node. Because the blockchain is public, anyone can see the complete history of Bitcoin transactions and the public addresses that are currently “storing” Bitcoin.
In order to move Bitcoin between public addresses, a user must prove that he owns the sending address that is storing the Bitcoin to be sent, and know the receiving address where the Bitcoin is to be transferred.
Before Bitcoin can be transferred out of a public address, the owner of that address must prove that he owns the address by signing the transaction with the same private key that was used to generate the public address. Upon successfully doing so, the transaction is then broadcast to the Bitcoin network. The network groups transactions into blocks, confirms that the transactions are valid, and adds the block to the blockchain.
Bitcoin as a form of payment for products and services has grown, and merchants have an incentive to accept it because fees are lower than the 2-3% typically imposed by credit card processors. Unlike credit cards, any fees are paid by the purchaser, not the vendor. The European Banking Authority and other authorities have warned that, at present, Bitcoin users are not protected by refund rights or an ability to obtain chargebacks with respect to fraudulent or erroneous transactions. These and other limitations in the previous implementation of Bitcoin are now readily addressed.
One possible non-monetary implementation for the CETPA is as a shared (virtual) ledger used to monitor, track and account for actual people that may go missing. Social media systems could use CETPA as a more secure and flexible way to keep track of people, identities and personas.
Using a CETPA as a way to store the identities will enable broad access to authorized users and can be implemented in a publicly-available way. Each and every addition or deletion to the ledger of identities will be traceable and viewable within the CETPA's Blockchain ledger.
This can be done by defining a few fields, with size and other attributes, publicly sharing the definition and allowing those skilled in the art to access and update, delete, change entries via tracing and auditing.
Implementations such as this could be used, for example with universities or governments and allow greater transparency. For instance, imagine there is a migration of peoples out of one country, say, in response to war or natural disaster. Typically, in historical cases there has been no feasible way to quickly track migrants during their relocation. A non-governmental organization (NGO) could use CETPA to create a Blockchain ledger of all displaced persons and that ledger could be used to track them through resettlement. The ledger could be referenced by individuals who could compare their credentials with those that are encrypted and stored through the ledger at a specific time and date in a Bitcoin-like format.
The CETPA system could also be used for voting in places where there may not be well developed voting tabulation systems and where voting tallies are suspect. For example, it can be used to build a voting system in a developing country. By using the blockchain technology, an immutable ledger is created that records the votes of each citizen. The record would allow for unique identification of each voting individual and allow for tabulation of votes. One could easily tell if people actually voted, for whom they voted, and confirms that no one voted twice. A virtual fingerprinting or other biometrics could be added to the ledger to help avoid fraud, as described herein in more detail with respect to additional embodiments.
CETPA may also be used for Proxy Voting for stocks or Corporations Annual Meetings that have questions put to a vote or for directors. The Blockchain adds transparency, speed and access to the information—and it can be verified and interrogated by many people. Accordingly, no one source needs to be trusted, as anyone in the public can see the ledger.
In underdeveloped areas the transport method could easily be 3G \LTE \ 4G \Mesh Networks with TCP \IP or other protocols used to transport the messages from a remote area, serviced by Mobile phone service—to the cloud where the accessible, shared Blockchain ledgers are maintained and made publicly available.
Implementations for better tracking of usage of resources can be enabled through the CETPA. For example, water meters, electric & gas meters, as well as environmental monitoring devices such as C02 emitter meters can be used to inform enable a Bitcoin-style transaction involving resource usage or pollution emission. Using measurement devices that track the usage of these household resources or industrial pollutants, a Bitcoin-enabled marketplace between individuals, corporations and government entities can be created.
Suppose Alex lives a community or state that taxes greenhouse gases. By using the CETPA, both government waste as well as friction in the financial system can be mitigated. Alex may instantly receive a credit or a surcharge based on his use of resources. Micro transactions, which are not practical today because of the relatively high transaction costs, are easily accommodated as CETPA-enabled transactions, on the other hand, and can be moved daily, hourly or weekly with little transaction overhead.
For example, Alex makes a payment via CETPA that can be placed on the block chain for the tax amount due, but which may not be valid until a certain date (e.g. end of the month). When the transaction becomes valid, Bitcoin-like virtual currency is transferred to the town treasury and the town immediately credits some amount back, based on the meter reading.
Alex may have a $500 carbon surcharge on his taxes today. The monitors on Alex's furnace, his gas meter and electric meter can sum up all his uses resulting in carbon emissions and then net them out—all using the blockchain. Then because the blockchain is accessible by his local town he can get the surcharged reduced by, for example, $250 per year in response to Alex's environmentally friendly actions. Whereas in previous systems, Alex would have had to write out a check and mail it in, now, with CETPA, a simple entry in the blockchain is created, read by the town hall and a corresponding entry is made in the town hall ledger. By moving virtual currency between the two ledgers (could be the same ledger but different accounts) we have “monies” moved without the mailing of a check, without the meter reader coming by, and without the bank processing as in prior systems.
Much like in home uses of CETPA, the CETPA may create a new paradigm for costs and billings of hotels, residences, dormitories, or other housings and lodgings having resources that are metered and billed to its occupants. The Blockchain may be used to track usage of resources such as water, electricity, TV charges, movie rentals, items taken from the refrigerator or mini-bar, heat and room temperature controls and the like. Hotel customers, resident, students or the like residing in individual or mass housing or lodging may then be credited or surcharged for their stay based on Bitcoin-enabled transactions and monitoring of their use of resources.
Monitors can be setup on appliances, heaters, a room-by-room water meter, and the like. The monitors can communicate with each other via Bluetooth, Zigbee, X.10, NFC, Wifi or other known means. Since low power consumption is generally preferred, the monitors may be coordinated by a single device in the room.
Through a hotel's use of CETPA, a client may check in, get a room assignment and receive a virtual key to enter the assigned room. The virtual key may be sent to the client's CETPA ledger, stored on his smartphone or other portable electronic device, and may be used to open the door when the phone is placed in proximity to the hotel room door lock, for example, where the smartphone or other device is Bluetooth or NFC-enabled and is in communication range of a corresponding reader in the room. This reader then connects with each measuring device for TV, heat, room service, water usage, etc. Throughout the client's stay, it tracks when the lights or air conditioning are left on, when in-room movies are rented, water usage for bath, sink and toilet and other chargeable room uses. A hotel client's bill upon check out can be reduced or enhanced with the hotel client's usage. Blockchain technology may also be used to record check-in and check-out times in order to more quickly free up the room to be rented again.
Also, CETPA may be used to enable a seamless checkout process. When a client checks in, a smart contract is created to move Bitcoin-like virtual currency after his checkout date. Since the address that the client provides at the time of check-out might not contain enough funds as it did on check-in, the projected funds for this transaction may remain locked by the CETPA, which can become valid and transferable at a later time, i.e. upon check-out date. The hotel will immediately send credits or debits based on the actual usage of the hotel's amenities.
A consumer focused creation for CETPA could be using a Bluetooth Beacon as a method for determining where to send a payment from a virtual currency wallet. The housekeeper could tag a hotel room with her Bluetooth beacon. A client staying in the room could use their mobile device to pick up that Beacon, receive a virtual id of the housekeeper, and transfer an amount to the virtual id as a tip. In the same manner, the CETPA system could be used for the valet who retrieves the client's car, as well as other service providers at the hotel that may receive gratuities or the like.
Clients could also pay for Pay Per View Movies by Bluetooth/NFC sync and pay using their CETPA wallet.
Currently the Bluetooth Beacon is of a size that does not physically allow all uses, but over time it will shrink in size and allow uses on many devices and many purposes. Paying the housekeeper, the dog walker, the valet, and possibly tipping your waitress. The blockchain technology provides many ways to pay someone without having to even talk to them and without the exchange of cash or credit card number, thus reducing the potential for fraud that commonly results from such transactions presently.
Another implementation of CETPA is transactions involving a high value. For example, two persons which to make a face-to face transaction may meet in proximity of a Bluetooth beacon, where the Bluetooth or NFC chips in their respective electronic devices are matched. CETPA can enable the transaction of a large sum of money and micropayments from the CETPA address of a payer to the CETPA address of the payee via the Bluetooth beacon or NFC reader, while avoiding the transaction fees that may render such transactions traditionally infeasible.
Using alternative, electronic currencies supported by Blockchain technology, individuals can carry all the funds needed in a currency that is not susceptible to local changes—allowing the seller to get paid and transfer his monies back into dollars or another currency.
Another example is using a pre-built device that is used to order small amounts of relatively inexpensive items in a fast and convenient way. CETPA could make these micro transactions feasible. For instance, a product or its packaging could include a button connected via Bluetooth or WiFi, Radio Frequencies or NFC (see, e.g., AMAZON DASH). This button could be re-usable and disposable. Once pushed the button will result in an order to a vendor or fulfillment house for a replacement of the individual product. On the back end, the shipping of the items could be aggregated through new or existing systems.
However, on the payment processing side there is an overhead percentage that must be paid to credit- or debit-payment processing facilities that facilitate a traditional currency-based transaction. When payment is made with virtual currency via CETPA in place of traditional currency transaction, the actual transaction cost is much lower.
Unlike prior Bitcoin implementations, the CETPA also provides a centralized source for transaction processing, clearance and auditing. AS such the operator of the CETPA, for example, may collect transaction fees associated with use of the CETPA network. The operator may also be a guarantor of the accuracy of the transactions, and may reimburse a user in case of fraud or erroneous processing.
The network environment 100 may include a CETPA Server 3701, the functions and components of which described in detail below with respect to
The network environment 100 may further include a CETPA Database 3719, which may be provided to store various information used by the CETPA Server 3701 including client portfolio data, financial transaction data, and any other data as described, contemplated and used herein.
The network environment 100 may further include a Network Interface Server 102, which, for example, enables data network communication between the CETPA Server 3701, Third Party Server(s) 104, wireless beacon 108 and Client Terminal(s) 106, in accordance with the interactions as described herein.
The one or more Client Terminals 106 may be any type of computing device that may be used by Clients 106a to connect with the CETPA Server 3701 over a data communications network. Clients 106a, in turn, may be customers who hold financial accounts with financial or investing institutions, as described further herein.
The Third Party Server(s) 104 may be operated by any other party that is involved in a transaction. Accordingly, the third party server 104 may be any type of computing device described herein as may be operated by a vendor, a payment processor, an individual, a corporation, a government agency, a financial institution, and the like.
The wireless beacon 108 may be any type of wireless transceiver for relaying information between client devices 106 for sending or receiving payment information within a localized geographic area. Accordingly, the wireless beacon 108 may be Bluetooth, Near Field Communication (NFC), WiFi (such as IEEE 802.11) wireless routers, and the like.
The servers and terminals represented in
Virtual currency users manage their virtual currency addresses by using either a digital or paper “wallet.” Wallets let users send or receive virtual currency payments, calculate the total balance of addresses in use, and generate new addresses as needed. Wallets may include precautions to keep the private keys secret, for example by encrypting the wallet data with a password or by requiring two-factor authenticated logins.
Virtual wallets provide the following functionality: Storage of virtual currency addresses and corresponding public/private keys on user's computer in a wallet.dat file; conducting transactions of obtaining and transferring virtual currency, also without connection to the Internet; and provide information about the virtual balances in all available addresses, prior transactions, spare keys. Virtual wallets are implemented as stand-alone software applications, web applications, and even printed documents or memorized passphrases.
Virtual wallets that directly connect to the peer-to-peer virtual currency network include bitcoind and Bitcoin-Qt, the bitcoind GUI counterparts available for Linux, Windows, and Mac OS X. Other less resource intensive virtual wallets have been developed, including mobile apps for iOS and Android devices that display and scan QR codes to simplify transactions between buyers and sellers. Theoretically, the services typically provided by an application on a general purpose computer could be built into a stand-alone hardware device, and several projects aim to bring such a device to market.
Virtual wallets provide addresses associated with an online account to hold virtual currency funds on the user's behalf, similar to traditional bank accounts that hold real currency. Other sites function primarily as real-time markets, facilitating the sale and purchase of virtual currency with established real currencies, such as US dollars or Euros. Users of this kind of wallet are not obliged to download all blocks of the block chain, and can manage one wallet with any device, regardless of location. Some wallets offer additional services. Wallet privacy is provided by the website operator. This “online” option is often preferred for the first acquaintance with a virtual currency system and short-term storage of small virtual currency amounts and denominations.
Any valid virtual currency address keys may be printed on paper, i.e., as paper wallets, and used to store virtual currency offline. Compared with “hot wallets”—those that are connected to the Internet—these non-digital offline paper wallets are considered a “cold storage” mechanism better suited for safekeeping virtual currency. It is safe to use only if one has possession of the printed the paper itself. Every such paper wallet obtained from a second party as a present, gift, or payment should be immediately transferred to a safer wallet because the private key could have been copied and preserved by a grantor.
Various vendors offer tangible banknotes, coins, cards, and other physical objects denominated in bitcoins. In such cases, a Bitcoin balance is bound to the private key printed on the banknote or embedded within the coin. Some of these instruments employ a tamper-evident seal that hides the private key. It is generally an insecure “cold storage” because one can't be sure that the producer of a banknote or a coin had destroyed the private key after the end of a printing process and doesn't preserve it. A tamper-evident seal in this case doesn't provide the needed level of security because the private key could be copied before the seal was applied on a coin. Some vendors will allow the user to verify the balance of a physical coin on their web site, but that requires trusting that the vendor did not store the private key, which would allow them to transfer the same balance again at a future date before the holder of the physical coin.
To ensure safety of a virtual wallet in the CETPA system, on the other hand, the following measures are implemented: wallet backup with printing or storing on flash drive in text editor without connection to Internet; encryption of the wallet with the installation of a strong password; and prudence when choosing a quality service.
When the user's entry comprises a request to create a new account, the CETPA Controller 3701 prepares and transmits a web form and fields for creating a new account (step 425).
Next, at step 430, the user enters any requisite information in the displayed web form fields. Such web form may include fields for entering the user's full name, address, contact information, a chosen username, a chosen password and/or any other useful identification information to associate with the account (step 435). The user's inputs are then prepared for transmission to the CETPA Controller 3701 (step 440). The Client Terminal 106 confirms whether there are more web sections or forms to complete (step 443). If so, the next web section is presented (step 445) and the process returns to step 430 above. Otherwise, the process continues to step 460, where the entered account information is transmitted to the CETPA Controller 3701 for storage in, for example, the maintained Account Database 3719a, as described in more detail later below.
From either step 420 or 460 above, the process continues to step 450, wherein the CETPA Controller 3701 determines whether a login input has been received. If so, the process continues to step 455 below. Otherwise, the process continues to an error handling routine (step 453), wherein the user may be given a limited number of attempts to enter a login input that corresponds to a valid stored investment account. If no valid login is presented within the given number of allowed attempts, the user is denied access to the CETPA Controller 3701.
At step 455, the CETPA Controller 3701 determines whether a valid login input has been received, for example by comparing the received login input to data stored in the CETPA Database 3719. If the received login credentials are valid, the process continues to step 465 below. Otherwise the process returns to step 453 above.
At step 465, when valid login credentials have been received from the Client Terminal 106, the CETPA Controller 3701 retrieves account information appropriate for the user. Next, at step 470, the CETPA Controller 3701 retrieves an options screen template based on the user, and then generates a composite options screen with the user's account information (step 475), which is transmitted to the client terminal 106 for display to a user on a display device thereof (step 480). The user then provides inputs representing options selections (step 485) and the selected option (which may represent commencement of one of the later processes described herein below) may be initiated and presented for display to the user (step 490).
To commence a transaction, the client terminal 106 forwards a wallet identifier message (step 504) to the server 3701. In one embodiment, the CETPA server may have instantiated a CETPA component 3741, which in turn may verify that the wallet identifier is valid. In one embodiment, the CETPA component will determine that the client's 106 unique identifying address matches and is a valid source of sufficient virtual currency and is properly associated with the wallet identifier (e.g., by checking with a blockchain database 3719j, a wallet database 3719n, and/or the like)(step 506). If the wallet identifier is a non-invalid identifier, the CETPA may generate a user interface prompt to allow a user to specify a target for payment proceeds, a selection mechanism for the target (e.g., a person, organization, cause, etc.), an amount to pay (e.g., in various electronic and/or real currencies), an item specification for the transaction (e.g., goods, services, equities, derivatives, etc.). In one embodiment, the CETPA will search a database to determine what target wallets are currently associated with the client terminal 106. For example, in one embodiment, a hotel cleaning employee may have registered a room, or a valet may have registered with a valet parking beacon, etc., and their digital wallet will be retrieved and an address therefrom specified as a target for a transaction. Upon generating the interface (e.g., by retrieving an HTML template from the CETPA database and compositing retrieved information, etc.), the CETPA server 3701 may provide the user's client 106 with an interaction interface message (step 510) (e.g., allowing the user to see the target payment/transaction identifier (e.g., hotel valet, and/or hotel organization name, etc.), specify and amount to pay (e.g., a tip amount), an item for transaction (e.g., a towel), and a mechanism to instantiate the transaction (e.g., a ‘pay’ button) for display (step 512). Upon obtaining inputs for these UI selection mechanisms (step 514), the network device 102 may further on the user's transaction message with selections (step 516) to the CETPA server 3701 for transaction processing by the CETPA component (step 541).
In one embodiment, the client may provide the following example guidance transaction request, substantially in the form of a (Secure) Hypertext Transfer Protocol (“HTTP(S)”) POST message including eXtensible Markup Language (“XML”) formatted data, as provided below:
In one embodiment, the CETPA component 541 may then provide a commit transaction as between the target wallet identifier (e.g., the hotel valet) and the source wallet identifier (e.g., the initiating user 106) and eventually cause a blockchain entry of the transaction to be recorded (step 542). Thereafter, the CETPA server 3701 may provide a confirmation message (step 552) to the client 106 for display (step 555).
An electronic coin may be a chain of digital signatures. Each owner transfers the coin to the next by digitally signing a hash of the previous transaction and the public key of the next owner and adding these to the end of the coin. A payee can verify the signatures to verify the chain of ownership. So, effectively if BTC0 is the previous transaction, the new transaction is:
hash:=H(BTC0,Kp(Owner1))
S(hash,Ks(Owner0)), where
Kp(Owner1) is the public key of the recipient (Owner1)
hash:=H(BTC0,Kp(Owner1)) is the hash of the previous transaction together with the public key of the recipient; and
S(hash,Ks(Owner0)) is the previously computed hash, signed with the private key sender (Owner0).
Principle example of a Bitcoin transaction with 1 input and 1 output only
Previous tx: f5d8ee39a430901c91a5917b9f2dc19d6d1a0e9cea205b009ca73dd04470b9a6
scriptSig: 304502206e21798a42fae0e854281abd38bacd1aeed3ee3738d9e1446618c4571d10 90db022100e2ac980643b0b82c0e88ffdfec6b64e3e6ba35e7ba5fdd7d5d6cc8d25c6b241501
scriptPubKey: OP_DUP OP_HASH160 404371705fa9bd789a2fcd52d2c580b65d35549d
OP_EQUALVERIFY OP_CHECKSIG
The input in this transaction imports 50 denominations of virtual currency from output #0 for transaction number the transaction number starting with character f5d8 . . . above. Then the output sends 50 denominations of virtual currency to a specified target address (expressed here in hexadecimal string starting with 4043 . . . ). When the recipient wants to spend this money, he will reference output #0 of this transaction as an input of his next transaction.
An input is a reference to an output from a previous transaction. Multiple inputs are often listed in a transaction. All of the new transaction's input values (that is, the total coin value of the previous outputs referenced by the new transaction's inputs) are added up, and the total (less any transaction fee) is completely used by the outputs of the new transaction. According to blockchain technology, a transaction is a hash of previous valid transaction strings. Index is the specific output in the referenced transaction. ScriptSig is the first half of a script (discussed in more detail later).
The script contains two components, a signature and a public key. The public key must match the hash given in the script of the redeemed output. The public key is used to verify the redeemer's or payee's signature, which is the second component. More precisely, the second component may be an ECDSA signature over a hash of a simplified version of the transaction. It, combined with the public key, proves the transaction created by the real owner of the address in question. Various flags define how the transaction is simplified and can be used to create different types of payment.
Two consecutive SHA-256 hashes are used for transaction verification. RIPEMD-160 is used after a SHA-256 hash for virtual currency digital signatures or “addresses.” A virtual currency address is the hash of an ECDSA public-key, which may be computed as follows:
Key hash=Version concatenated with RIPEMD-160 (SHA-256 (public key))
Checksum=1st 4 bytes of SHA-256 (SHA-256 (Key hash))
Bitcoin address=Base58Encode (Key hash concatenated with Checksum)
The virtual currency address within a wallet may include an identifier (account number), for example, starting with 1 or 3 and containing 27-34 alphanumeric Latin characters (except, typically: 0, O, I, and 1 to avoid possible confusion). The address can be also represented as the QR-code and is anonymous and does not contain information about the owner. It can be obtained for free, using CETPA.
The ability to transact virtual currency without the assistance of a central registry is facilitated in part by the availability of a virtually unlimited supply of unique addresses, which can be generated and disposed of at will. The balance of funds at a particular address can be ascertained by looking up the transactions to and from that address in the block chain. All valid transfers of virtual currency from an address are digitally signed using the private keys associated with it.
A private key in the context of virtual currency is a secret number that allows denominations of the virtual currency to be spent. Every address within a wallet has a matching private key, which is usually saved in the wallet file of the person who owns the balance, but may also be stored using other means and methods. The private key is mathematically related to the address, and is designed so that the address can be calculated from the private key while, importantly, the reverse cannot be done.
An output contains instructions for sending virtual currency. ScriptPubKey is the second half of a script. There can be more than one output that shares the combined value of the inputs. Because each output from one transaction can only ever be referenced once by an input of a subsequent transaction, the entire combined input value needs to be sent in an output to prevent its loss. If the input is worth 50 coins but one only wants to send 25 coins, CETPA will create two outputs worth 25 coins, sending one to the destination and one back to the source. Any input not redeemed in an output is considered a transaction fee, and whoever operates the CETPA will get the transaction fee, if any.
To verify that inputs are authorized to collect the values of referenced outputs, CETPA uses a custom scripting system. The input's scriptSig and the referenced output's scriptPubKey are evaluated in that order, with scriptPubKey using the values left on the stack by scriptSig. The input is authorized if scriptPubKey returns true. Through the scripting system, the sender can create very complex conditions that people have to meet in order to claim the output's value. For example, it's possible to create an output that can be claimed by anyone without any authorization. It's also possible to require that an input be signed by ten different keys, or be redeemable with a password instead of a key.
CETPA transactions create two different scriptSig/scriptPubKey pairs. It is possible to design more complex types of transactions, and link them together into cryptographically enforced agreements. These are known as Contracts.
An exemplary Pay-to-PubkeyHash is as follows:
scriptPubKey: OP_DUP OP_HASH160<pubKeyHash>OP_EQUALVERIFY OP_CHECKSIG
scriptSig: <sig><pubKey>
An address is only a hash, so the sender can't provide a full public key in scriptPubKey. When redeeming coins that have been sent to an address, the recipient provides both the signature and the public key. The script verifies that the provided public key does hash to the hash in scriptPubKey, and then it also checks the signature against the public key.
Transaction confirmation is needed to prevent double spending of the same money. After a transaction is broadcast to the CETPA network, it may be included in a block that is published to the network. When that happens it is said that the transaction has been mined at a depth of one block. With each subsequent block that is found, the number of blocks deep is increased by one. To be secure against double spending, a transaction should not be considered as confirmed until it is a certain number of blocks deep. This feature was introduced to protect the system from repeated spending of the same coins (double-spending). Inclusion of transaction in the block happens along with the process of mining
The CETPA server 3701 may show a transaction as “unconfirmed” until the transaction is, for example, six blocks deep in the blockchain. Sites or services that accept virtual currency as payment for their products or services can set their own limits on how many blocks are needed to be found to confirm a transaction. However, the number six was specified deliberately. It is based on a theory that there's low probability of wrongdoers being able to amass more than 10% of entire network's hash rate for purposes of transaction falsification and an insignificant risk (lower than 0.1%) is acceptable. For offenders who don't possess significant computing power, six confirmations are an insurmountable obstacle with readily accessible computing technology. In their turn people who possess more than 10% of network power aren't going to find it hard to get six confirmations in a row. However, to obtain such a power would require millions of dollars' worth of upfront investments, which significantly defers the undertaking of an attack. Virtual currency that is distributed by the network for finding a block can only be used after, e.g., one hundred discovered blocks.
Next, the request is transmitted to the CETPA (step 702). In response, the CETPA Component performs a Blockchain lookup Process using the public key and other information provided (step 704).
The lookup results are then sent to client (step 706). The client next transmits a Decryption Process request (step 708). Responsively, a request to select a public key is displayed to the client (step 710) before the decryption process can commence.
Next, at step 712, the user inputs a selection of a stored public key. The selection of the public key is then sent to CETPA (step 714). Responsively, the CETPA Component performs a Key Comparison Request process (step 716). The CETPA then requests the selected public key from the processor of the client 106 (step 718). The client 106 responsively retrieves the selected public key from a memory of the client 106 (step 720). The public key is then transmitted to the CETPA (step 722). The CETPA Component then decrypts the transaction record in the stored blockchain using the public key (step 724). The decryption results are transmitted to the client 106 (step 726), which, in turn, displays the transaction confirmation details to the user 106a on a display of the client 106 or the like (step 728). This auditing process then ends.
Likewise, a seller (i.e., a payee) registers with the system and offers an item for sale locally (step 806). The CETPA may generate a listing for the seller's item that is accessible to other users of the CETPA (step 808). Alternatively, or in addition thereto, the listing may provided at a physical or virtual location other than through the CETPA. The buyer, at any later point, checks the listing and indicates her interest in the item (step 810). The CETPA updates the listing and notifies the seller (step 814). The seller sees the interest and suggests a meeting location to the buyer via the CETPA (step 816). The buyer agrees and notifies the seller via the CETPA (step 812).
Next, the Buyer arrives at the agreed upon location at the designated time (step 817). Using a beacon or NFC, as described herein, or similar means, the CETPA may be able to determine when both parties are in close proximity (step 818) and begin the transaction there-between, for example, on their respective portable electronic devices.
Alternatively, the buyer and seller may determine their proximity directly in any of a variety of manners. For example, the seller may arrive or otherwise be established or open at physical location at a specified time (step 820). Seller takes a picture of some detail of the surroundings and asks buyer to take a similar picture (step 822). The CETPA sends the photo from the seller to the buyer (step 824). The buyer may then locate a detail in the received picture and take a similar picture of the detail (step 826). The buyer sends his/her picture back to the CETPA (step 828). The CETPA responsively sends the photo from the buyer to the seller (step 830). The seller confirms that the picture is similar and locates the buyer at the location (step 832). The handshake may also be repeated in reverse, such that buyer is able to locate the seller in a similar manner to the foregoing (step 834).
When the buyer and seller meet, the seller may then offer the goods for inspection by the buyer (step 836). The buyer then confirms that the item is acceptable (step 838). The seller then sends a virtual currency address from the seller's wallet to the Buyer via the CETPA (step 840). Responsively, the CETPA forwards the address to the buyer (step 842). The buyer then sends the agreed-upon denomination of virtual currency from the buyer's wallet address to the seller's address (step 844). Once the transaction is confirmed, for example, by auditing the CETPA blockchain according to
Continuing from step 1107 above, the payee next provides a destination address corresponding to the seller's wallet for receiving payment of the virtual currency (step 1109). The virtual currency payment may then be made in accordance with
Continuing from step 1207 above, the payee next provides a destination address corresponding to the seller's wallet for receiving payment of the virtual currency (step 1209). The virtual currency payment may then be made in accordance with
Next, the person or item then travels from one location to another (step 1604). The person or item then submits the virtual identifies at a new geographic location (step 1606). Next, at step 1607, the CETPA system determines whether the new location being registered is different from the last registered (i.e., within a different region, state or country). If not, the process ends. Otherwise, when the location is different, the new location is transmitted to the CETPA for recording in the block chain (step 1608). The process then ends.
In non-monetary transactions, a virtual token can convey particularized information using OP Return codes or the like. Such field can place bits of information into the transaction's scriptSig value so that the irreversibility of the blockchain can be used to make that information verifiable at later times. OP_RETURN is a valid opcode to be used in a bitcoin transaction, which allows 80 arbitrary bytes to be used in an unspendable transaction.
An exemplary transaction which has an OP_RETURN in its scriptSig, the hash of which may be for example, a text string such as:
8bae12b5f4c088d940733dcd1455efc6a3a69cf9340e17a981286d3778615684
A command entered into a node of the CETPA, such as:
would yield the following output:
The OP_RETURN code above is represented by the hex value 0x6a. This first byte is followed by a byte that represents the length of the rest of the bytes in the scriptPubKey. In this case, the hex value is 0x13, which means there are 19 more bytes. These bytes comprise the arbitrary less-than-80 bytes one may be allowed to send in a transaction marked by the OP_RETURN opcode.
For purposes of personnel tracking, the virtual currency distributed by the CETPA system may include the following data fields in conjunction with OP Return Code mechanism:
Each person is provided a unique identifier in addition to any government issued documentation associated with the person. The CETPA blockchain database 3719j stores and maintains records from the person's departing country along with a photo, a recording, voiceprint, and/or other biometric identification of person along with the established identifier. At a later date, the CETPA can access the Block Chain publicly, and personnel location can be transparent and tracked.
In an additional example, the 80-byte header containing personnel tracking information recorded in the blockchain may take the following form in an XML-enabled format:
The foregoing exemplary XML datastructure can be represented by the following table of its field names, field types, field sizes and field data:
In a further example, the 80-byte header containing personnel tracking information recorded in the blockchain may take the following form in an XML-enabled format:
The foregoing exemplary XML datastructure can be represented by the following table of its field names, field types, field sizes and field data:
In a still further example, the 80-byte header containing personnel tracking information recorded in the blockchain may take the following form in an XML-enabled format:
The foregoing exemplary XML datastructure can be represented by the following table of its field names, field types, field sizes and field data:
Another useful datastructure for personnel tracking can be represented by the following exemplary table of field names, field types, field sizes and field data (the corresponding XML datastructure is similar to those examples provided in the foregoing):
The foregoing exemplary XML datastructure can be represented by the following table of its field names, field types, field sizes and field data:
Another useful datastructure for accomplishing transactions as described herein can be represented by the following exemplary table of field names, field types, field sizes and field data (the corresponding XML datastructure of which is similar to those examples provided in the foregoing):
Another useful datastructure for accomplishing transactions as described herein can be represented by the following exemplary table of field names, field types, field sizes and field data (the corresponding XML datastructure of which is similar to those examples provided in the foregoing):
Another useful datastructure for accomplishing transactions as described herein can be represented by the following exemplary table of field names, field types, field sizes and field data (the corresponding XML datastructure of which is similar to those examples provided in the foregoing):
Referring to
The foregoing steps 1802-1810 are described in more detail below with respect to
Turning to
Upon login confirmation, the CETPA retrieves the user's current account balances from, for example, Accounts database 3719a and forwards the account information to the client terminal 106 via the data communication network (step 1908). The querying of the database may include a datastructure in the same general form as discussed in the foregoing for other database retrieval requests. The login confirmation and account information is received by client terminal 106 (step 1910) and displayed to the client 106a on a display device of the client terminal 106 (step 1912).
Next, at step 1914, the client 106a using client terminal 106 may request a quote for the current price of an equity. The datastructure of this request is of the same general form as described above for other database queries. The equity quote request is sent to the CETPA by client terminal 106 via the data communications network 100 (step 1916). The quote request is received by the CETPA 3701 via network interface servers 102 (step 1918). The CETPA then forwarded the quote request to third-party trade execution servers 104 to obtain the current market price for the requested equity (step 1920). The trade execution servers 104 receive the quote request and determines the current price from available market data (step 1922). The equity quote is then sent from trade execution servers 104 to the CETPA 3701 via network interface server 102 over the data communication network (step 1924). The CETPA 3701 receives and stores the equity quote, for example in Market Feed database 3719z (step 1926). The CETPA then forwards the equity quote to the client terminal 106 via the data communications network (step 1928). The equity quote is then received by the client terminal 106 (step 1930) and displayed to the client 106a on a display device thereof (step 1932).
Next, at step 2012, the client enters a selection of a transaction or equity purchase amount relating to a target equity to be purchased as part of trade execution request. The trade execution message is sent by the client terminal 106 (step 2014) and then received by the CETPA 3701 via the data communication network 100 and the network interface servers 102 (step 2016). The Order Generation Component 3745 of the CETPA 3701 then processes the transaction, which may include withdrawing funds from the client's account or virtual wallet prior to execution of the trade order (step 2018). Upon successful processing, the Order Placement Component 3746 of the CETPA 3701 sends the trade order to the third party trade execution servers 104 (step 2020). The trade order is received and verified by the servers 104 (step 2022), after which the servers 104 execute the trade order, for example, by placing a corresponding buy/sell order on a market exchange (step 2024). Upon successful execution of the trade order, the trade execution servers 104 transmit a trade confirmation message to the CETPA (step 2026). Once the confirmation message is received (step 2028), the Blockchain component 3743 of the CETPA 3701 commits the transaction to the blockchain (see, e.g., the process of
The exchange and ownership of partial shares is certified via embedding its SHA256 digest in the Bitcoin-like blockchain maintained by the CETPA. This is done by generating a special bitcoin-like transaction that contains and encodes a hash value of the transaction data within an OP_RETURN script stored in the block generated by the CETPA (see
Once the transaction is confirmed, the exchange/ownership is permanently certified and proven to exist at least as early as the time the transaction was entered in the blockchain. If the exchange/ownership of partial shares hadn't existed at the time the transaction entered the blockchain, it would have been impossible to embed its digest in the transaction. This is because of the hash function's property of being “second pre-image resistant.” Embedding some hash and then adapting a future document to match the hash is also impossible due to the inherent pre-image resistance of hash functions. This is why once the CETPA blockchain confirms the transaction generated for the block, its existence is proven, permanently, with no trust required.
Next, at step 2112, the client 106a selects one or more of his/her available public keys via inputs to the client terminal 106. The selection of the public key is transmitted by the client terminal 106 to the CETPA 3701 (step 2114). The CETPA in turn requests the selected public key from the client terminal 106 (step 2118). The client terminal retrieves the selected public key from its internal memory (step 2120) and forwards it to the CETPA (step 2122). The CETPA's Blockchain Component 3743 perform decryption of relevant block chain data with the client's selected public key (step 2124). Transaction confirmations corresponding to the public key are retrieved and sent to the client terminal 106 (step 2126), and are then displayed to a client 106a on a display device thereof (step 2128), after which this instance of an audit process ends.
When a client 106 wants to confirm the transaction's existence at the time-stamped time, the following steps are performed as part of the blockchain lookup:
(i) the transaction's SHA256 digest is calculated.
(ii) A transaction in the CETPA blockchain containing an OP_RETURN output by which the transaction's hash is searched for.
Some online services like COIN SZECRETS or blockchain.info can easily be used to locate OP_RETURN transactions. The existence of a transaction in the blockchain proves that the document existed at the time the transaction got included into a block.
A public key can be computed from a private key, but it is technologically infeasible to compute the private key from a public key. A public key can thus be used to authenticate or confirm the validity of the digital signature. As shown in
The elliptic curve over a finite field Fp, with most popular choice being prime fields GF(p) where all arithmetic is performed modulo a prime p, is the set of all pairs (x, y) ε Fp which fulfill E:
y
2
=x
3
+a·x+b mod p
together with an imaginary point of infinity O, where p>3 is prime, and a, b ε Fp. The cryptographic signatures used in CETPA's blockchain are ECDSA signatures and use the curve ‘secp256k1’ defined over Fp where p=2256−232−977, which has a 256-bit prime order. This choice deviates from National Institute of Standards and Technology (NIST) recommended “FIPS 186-4” standard in that the curve coefficients are different in order to to speed up scalar multiplication and computations of Pollard's rho algorithm for discrete logarithms.
Given ECDSA public-key K, a Bitcoin address is generated using the cryptographic hash functions SHA-256 and RIPEMD-160:
HASH160=RIPEMD-160(SHA-256(K)).
A CETPA address is computed directly from the HASH160 value as illustrated below, where base58 is a binary-to-text encoding scheme:
base58 (0x00∥HASH160 ∥[SHA-256(256(SHA-256(0x00∥HASH160))/2224])
However, ECDSA signatures may be susceptible to the following potential encryption related vulnerabilities and threats: (i) insufficient or poor randomness when the same public key is used for multiple transactions or the same key pair is used to protect different servers owned by the same entity; (ii) an invalid-curve attack in which an attacker obtains multiples with secret scalars of a point on the quadratic twist, e.g. via fault injection if the point doesn't satisfy the correct curve equation (iii) implementation issues such as side-channel attacks, software bugs, design or implementation flaws; (iv) hardness assumptions about number theoretic problems such as integer factorization and discrete logarithms computation in finite fields or in groups of points on an elliptic curve not applying as assumed in specific contexts. Recent recommendations by RSA SECURITY LLC, about withholding use of Dual Elliptic Curve Deterministic Random Bit Generation (or Dual EC DRBG) and the influence of DRBG compromise on consuming applications, such as DSA, also deserve attention.
A transaction is a signed section of data broadcast to the network and collected into blocks. It typically references prior transaction(s) and assigns a specific transaction value from it to one or more recipient addresses. Transactions are recorded in the network in form of files called blocks. Structures of the block and its corresponding blockheader are shown in
The block may contain the following fields as shown: a “Magic No.” field that typically stores a constant and may be limited to 4 bytes in size, a “Block Size” field that typically stores the size in bytes of the current block as a 4 byte value, a “Blockheader” field that is described in more detail below with respect to
A block contains the most recent transactions sent to the network that have not yet been recorded in prior blocks. Each block includes in its blockheader, a record of some or all recent transactions and a reference to the prior block. It also contains the ‘answer’ to a difficult-to-solve mathematical problem related to the verification of transactions for the block. This problem relates to finding factors of a very large integer, which is computationally difficult to solve but thereafter easy to verify by other nodes once factors are found.
The chain of ownership is created by using a timestamp server that creates and widely publishes a hash of a block of items to be time-stamped, with each timestamp including previous timestamps in its hash value. To prevent double-spending, i.e., ensuring that the BTC payer didn't sign an earlier transaction for same BTC or already spent the BTC, a timestamp server is used to maintain a single chronological history in which each transaction was received. This process ensures that at the time of the transaction, the payee knows that majority of nodes agree to having received the current transaction as the first received. Subsequent transactions for the same BTC don't need to be recorded as they are rejected in the verification process.
The block chain makes double spending very difficult as each block is preceded by prior block in chronological order as well as is based upon its hash value. To prevent double-spending, i.e., spending of the same BTC twice, public keys and signatures are published as part of publicly available and auditable block chain. To make it infeasible to falsify the blockchain, proof of work (PoW) is used to make addition of each block very costly.
The CETPA system provides the following benefits. It gives users a publically verifiable proof of purchase with transparency. The CETPA system provides a cost effective mechanism for partial or fractional share purchase, and opens the door to usage of blockchain technology beyond the initial Bitcoin realm
The number of current world-wide Bitcoin transactions is enormous. Currently, there are about one hundred thousand transactions per minute. If a Bitcoin address receives money today and transfers money out three months later, there can be on the order of ten billion transactions that happen in between. Accordingly, tracing of Bitcoin-like virtual currency transactions present extreme computational difficulties, making large-scale monitoring of such transactions virtually impossible. Additionally, while BTC users may be identified by their public keys to the Blockchain and all transactions are identified by their source and/or destination addresses, not all public keys and addresses may be published and identifiable to a particular party.
The CETPA introduced herein includes data structures to simplify transaction recording in the BlockChain, thereby reducing transaction tracing operations to practical computation sizes and making large-scale auditing of billions of transaction easily achievable in a reasonable amount of computing time.
However, in addition to BlockChain storage, which involves encryption, decryption and other computationally-intensive computing operations, the CEPTA may additionally or alternatively include use of graph theory, matrix theory and Bloom filtering to create a record of transactions that are reduced in size as compared to the blockchain recording described above. Accordingly, such record allows for quicker verification and auditing of BTC transactions.
Bitcoin and other digital/virtual currency transactions can have different genres regarding the money movement and the user relations.
Note that the types of transactions illustrated above can be separated by millions of other transactions and millions of other users in like manner. The specially-programmed CETPA system will be able to process a vast plurality of such transactions at a time, with scalability to match the amount of users of the system.
Next, the Matrix Conversion Component 3747 of the CEPTA system 3701 performs graph/matrix conversion of the transaction request (step 2706), as described in detail with respect to
Next, the Bloom Filter component 3748 of the CEPTA system 3701 performs a physical address storage and LIL Update Process (step 2708), as described in more detail with respect to
Upon completion of a transaction, the CETPA system sends a transaction confirmation (step 2710) via the data communications network, which is received by the client 106a (step 2712) and displayed to the user (step 2714).
Thereafter, a third party may request to audit transaction (step 2716). Such a request may come from a financial institution, a government agency, another user or the like, who wishes to audit transactions from the blockchain. Since the encrypted blockchain contents can be computationally intensive to search through directly, especially as the transaction approach magnitudes of millions or billions of transactions in size, the CETPA system 3701 enables auditing of transactions using the LIL storage of transactions described in further detail below.
The audit request is received by the CETPA system 3701 from the data communications network (step 2718). Responsively, the Bloom Filter component 3748 of the CETPA system 3701 performs a Transaction Query process 2720, as described in more detail below with respect to
The process 2800 commences when the CEPTA system receives a transaction request having transaction information (step 2802). Typically, within the context of a digital currency transfer, such transaction information includes at least the following data: a source address (U1) as a source of the funds, a destination address (U2) that is the destination for the funds, the amount of currency to transfer, and the time or timestamp of the transaction. As described previously, the source and destination addresses are typically based on the public keys held within a digital currency wallet of the respective users. In particular, such addresses are, in various embodiments, a RIPEMD-160 hash of an SHA256 hash of a public key. The hash operations and the large number of resulting bits (at least 160 bits) pragmatically guarantees the uniqueness of each address. However, it can be computationally intensive to electronically query and compare a large number of such addresses in the CEPTA system directly.
There are different ways to store graphs in a computer system. The data structure used depends on both the graph structure and the algorithm used for manipulating the graph. Given the description of the transactions in
The distance matrix resembles the adjacency matrix. However, it records not only whether or not two vertices are connected, but if so, then the distance is the weight between the row/columns representing those vertices, rather than entry of a unit value. In a distance matrix, position (i,j) represents the distance between vertices Ui and Uj. The distance is the weight of a path connecting the vertices. In the case of the CETPA, the distance entry will correspond to the amount of a transaction between party Ui and party Uj. The distance matrix is accordingly used to record the money flow, so transactions with the same origin and target are combined, with a transaction timestamp recorded with the transaction amount. Self-Transactions are NOT included in the distance matrix, because there is no amount transacted between two parties. Because of this, all values on the diagonals of a distance matrix stored by the CETPA will be zeros.
In addition to BlockChain storage, which involves encryption, decryption and other computationally-intensive computing operations, the CEPTA may additionally or alternatively include use of graph theory, matrix theory and Bloom filtering to create a record of transactions that are reduced in size as compared to the blockchain recording described above. Accordingly, such record allows for quicker verification and auditing of BTC transactions.
Bitcoin and other digital/virtual currency transactions can have different genres regarding the money movement and the user relations.
Note that the types of transactions illustrated above can be separated by millions of other transactions and millions of other users in like manner. The specially-programmed CETPA system will be able to process a vast plurality of such transactions at a time, with scalability to match the amount of users of the system.
In order to perform such searches quickly, Bloom Filters are used to hash addresses for more computationally feasible storage look up, thus solving a problem that is unique to computerized cryptographic functions. A Bloom filter (see, e.g.,
A Bloom filter needs only a constant number of bits per prospective element, independent from the size of the elements' universe. Both the insertion and look up time complexity are on the magnitude of O(1), according to “big O notation” in mathematics. This means that for increasing data storage, the computational requirements stay at a constant complexity level, rather than, say, increasing with the magnitude of the data storage size or exponentially or linearly, etc. As a result, where the total number of transaction is from, say, one to one billion, it may take only three to five hashing operations or false positive comparisons to add a transaction to a transaction matrix or query a transaction from a list of matrix tuples. Additionally, it is a mathematical property of blockchains that a hashed public key can not be recovered from the generated wallet address by using a reverse hashing algorithm Multiple hash functions may be used to improve computational performance by lowering the false positive rate, but this is not necessarily so. Useful hash functions include known or equivalent encryption hashing functions, such as Murmur Hash or SHA-1. When dealing with large datasets and stored data elements, the possibility that different elements have the same hash value is expected to be extremely rare. Handling mechanisms have many options too, such as performing multiple additional hashes, storing known false positives for stored data elements, and padding data elements with extra binary 0's prior to storage. The Bloom Filter functions will be described in more detail with respect to
Returning to the process 2800, the CETPA system applies a Bloom Filter to the source address (U1) (step 2804) and then determines whether U1 has been previously mapped to a physical address resulting from the application of the Bloom Filter (step 2806). This may be determined by look up within the Physical Address database 3719p. If U1 has not previously been assigned a physical address (i.e., when U1 has never before engaged in a transaction), U1 is assigned to the physical address that may result from application of the Bloom Filter (step 2808), which assigned address is then recorded in the database 3719p in conjunction with U1's cryptocurrency wallet address that is generated from public key.
If on the other hand, U1 has been previously assigned a physical address, the process 2800 continues to apply the Bloom Filter to destination address U2 (step 2810). The CETPA then determines whether U2 has been previously mapped to a physical address resulting from the application of the Bloom Filter (step 2812). This may be determined by Bloom Filter look-up. If the Bloom Filter look-up does not yield U2, the Bloom Filter look-upresult is false, and accordingly no database look up is necessary. If U2 has not previously been assigned a walled address (i.e., when U2 has never before engaged in a transaction using the CETPA system), U2 is assigned to the wallet address that may result from application of the Bloom Filter (step 2814), which assigned address is then recorded in the database 3719p.
Next, the CETPA determines whether U1 entries exist in the column and row entries of a transaction matrix that is used to monitor all transactions occurring via the CETPA (step 2816). If no prior transactions have involved U1 then there will be no existing row, column entry in the transaction matrix, and in such case the CETPA will add a Row/Column Entry based on U1's wallet address (step 2818).
If, on the other hand, U1 entries already exist in the matrix, the process 2800 next determines whether U2 row/column entries exist in the transaction matrix (step 2820). If U2 entries do not exist, the CETPA adds a U2 row/column entry to the transaction distance matrix based on U2's wallet address (step 2822). From step 2820 or 2822 above, the process 2800 then continues to step 2824.
Next, at step 2824, the CETPA determines whether a previous transaction involving both U1 and U2 exist. If no such prior transaction exists, the CETPA will simply add the transaction amount to the U1, U2 row/column in the transaction matrix (step 2828). On the other hand, if prior entries exist in the (row, column) entry corresponding to (U1, U2) in the transaction matrix, the CETPA system will instead update the total transaction amount to include the new transaction amount (step 2826). In various embodiments, the total transaction amount will be the amount of all recorded transactions between U1 and U2. IN additional embodiments, the amount of each individual transaction between U1 and U2, along with the timestamp of each transaction is stored within the value stored in the transaction matrix.
The distance matrix is used to record the transactions that happen between every pair of users that have ever involved in any transactions. However, especially with a huge base of users, there will be a high percentage of the row/column entries in the distance matrix where the value zero, because there exist no transactions between such user pairs. When most of the elements are zero, the matrix is mathematically considered a “sparse matrix.”
Graphs can be represented in a matrix concept. Storage of a matrix can be in different formats. Depending on the characteristics of matrix and storage data structure, matrix operation can be of different complexity.
There exist many ways to electronically store a sparse matrix, such as Dictionary of Keys (DOK), List of Lists (LIL), Coordinate List COO), Compressed Sparse Row (CSR) or Compressed Sparse Column (CSC), as these are known by those of ordinary skill in the art. LIL will be referenced in the examples described herein, although the remaining and other equivalent data structures may likewise be used.
In this embodiment, LIL stores one tuple per list, with each entry containing the row index, the column index and the value. It is a good format for incremental matrix construction, which fits the Bitcoin and virtual or digital currency transaction scenarios where new transactions come frequently and in large numbers. Accordingly, at step 2830, the updated matrix is stored as an updated LIL with the new transaction details. The process 2800 then ends with respect to this individual transaction (step 2832).
Once transactions are stored in the foregoing processes, it becomes computationally efficient to audit and search such transactions, in a manner that is quicker and less resource intensive than searching blockchains directly.
The process 2900 commences when a user 106 enters and transmits via client 106a a Transaction Query including an address corresponding to a user that is, for example, an audit target (step 2902).
Responsively, the CETPA determines whether there is an entry that corresponds to the address (step 2906). The CETPA may do this by applying the address to the Bloom Filter to determine if a wallet address is recorded without actually looking up the database. Alternatively, the CETPA may search the Physical Address database 3719p to determine whether an entry for the wallet address exists. If no entry exists, the process 2900 continues to step 2918 below and the audit result is that the required wallet is not involved in a transaction. Otherwise, the CETPA retrieves the corresponding wallet address and performs a lookup in the LIL (step 2908).
The CETPA next determines whether any transaction record tuples in the LIL include the queried Wallet Address (step 2912). If not, the process continues at step 2918 below. Otherwise, if a corresponding tuple is found, the CETPA instead retrieves the transaction amounts and timestamp values from the corresponding transaction record tuples (step 2914).
Optionally, at step 2916, the CETPA than identifies the appropriate blockchain that was recorded at a time of the transaction identified in the tuple and retrieves the corresponding transactions from the appropriate blockchains by searching using the query target's address (See, e.g., the process described above with respect to
When all transaction information has been retrieved from the blockchain(s), the query results are transmitted by the CETPA to the client for display to the querying user. (step 2918). The process 2900 then ends with respect to the individual query (step 2920).
In accordance with the foregoing,
To trace money flow in the other direction, the matrix M can transposed to a matrix MT, in which for every position (i,j), it shows money flowing into vertex Ui and out of vertex Uj.
As visually represented in
Given the uniqueness of the source and destination addresses, there are many hash algorithms in the field that can be applicable to these requirements. We use Linear Congruential Generators (LCG) here as an example to show how it works. An LCG is an algorithm that yields a sequence of pseudo-randomized numbers calculated with a discontinuous piecewise linear equation. One such useful LCG may be generally defined by the recurrence relation:
x
n+1=(ax+c)mod m
where x is the sequence of values, m is the modulus, a is a multiplier in the range 0<a<m, c is an incremental value in the range 0<=c<m. X0 is the start value or “seed.” The modulo operation, or modulus, finds the remainder after division of one number by another. An LCG of this form can calculate a pre-defined number one or more times to get the targeted value in a single hash operation. It should be appreciated that the LCG can be applied to an address value a sequential number of times to yield a physical address as used herein. Alternatively, or additionally, the LCG can be applied to separate segments of the hashed public key one or more times to yield a physical address.
It should be noted that LCGs are not typically used with cryptographic applications anymore. This is because when a linear congruential generator is seeded with a character and then iterated once, the result is a simple classical cipher that is easily broken by standard frequency analysis. However, since the physical addresses are never broadcast by the CETPA system to any outside party, there is no reason to fear its usage being cracked by hackers or other untrustworthy parties.
The following examples of an application of a Bloom Filter are for illustration purposes. Hashing algorithms that would create a conflict are deliberately chosen so as to show how conflicts are reconciled. With the right choice of hashing functions, conflicts are extremely rare. That's how the search or insertion performance can be nearly as good as O(1). The principles to choose hash functions for a Bloom Filter include: (1) Using multiple independent hash functions (MURMURHASH or SHA-1); (2) Using a cryptographic hash function such as SHA512; and (3) Using two independent hash functions that are then linearly combined.
The size (required number of bits, m) of the bloom filter and the number of hash functions to be used depends on the application and can be calculated using: m=−n*ln(p)/(ln(2)̂2 wherein n is the number of inserted elements and p is a desired (optimized) false positive probability.
This formula will provide the required number of bits m to use for the filter, given the number n of inserted elements in filter and the desired false positive probability p to be achieved. The formula represents that for a given false positive probability p, the length of a Bloom filter in is proportionate to the number of elements being filtered n. The ideal number of hash functions k is then calculates as: k=0.7*m/n
If the values p and n are known for the required application, the above formula will yield the values of m and k, and how to appropriately choose the k hash functions.
As the volume of the data grows and the Bloom Filter false positive probability p grows, n*ln(p) gets bigger and bigger. Additional hash functions are expected to keep the false positive rate low. However, it may still reach a stage that the Bloom Filter needs a renovation—for example, by using a new hash function and re-arranging all the items stored inside. This effort, if needed at all, arises rarely, but can significantly improve the Bloom Filter performance when required.
An example ASCII to Hexidecimal (HEX) conversion table may be as follows:
An exemplary first LCG hashing function and its parameter values may be as follows:
Hash Function 1: x=(a*(decimal element value)+c)mod m let a=5, c=8, m=17 (or other prime number)
For this example, the size of the Bloom Filter is set to be as big as the modulus value m, but this is not required. In practice the modulus is normally a large prime number, but this is not required either. In this example, the Bloom Filter may have seventeen positions, based on the mod value m selected above.
A second exemplary hashing function (which must be independent of the first hashing function above for satisfactory performance), may be as follows:
Hash function #2: x=(add the value of the odd-positioned values in an element) mod m let m=11
Bitcoin wallet addresses, including both “from” and “to”, are represented in the form of Strings. Simplified example strings may be calculated from the first hashing function above as follows:
Hash functions are then used to calculate a corresponding hash in the Bloom Filter for each of these elements.
Accordingly, as a result of the hash functions above, a binary “1” will be stored in positions 11 and 10 of the Bloom filter. A pointer to the element ABM's location in the database may be attached to the Hash2 index and so will be stored in association with position 10.
The following is an example of adding a second element (“BCN”) into the Bloom Filter:
Hash1(BCN)=(5*211+8)mod 17=9
Hash2(BCN)=(value “B”+value “N”)mod 11=1
Accordingly, as a result of the hash functions above, a binary “1” will be stored in positions 9 and 1 of the Bloom filter. A pointer to the element BCN's location in the database may be attached to the Hash2 index and so will be stored in association with position 1.
The following is an example of adding a third element (“BAM”) into the Bloom filter:
Hash1(BAM)=(5*208+8)mod 17=11
Hash2(BAM)=(value“B”+value “M”)mod 11=0
Accordingly, as a result of the hash functions above, a binary “1” should be stored in positions 11 and 0 of the Bloom filter, however, the position 11 is already populated with a binary 1 from the entry of the element ABM above. A pointer to the element ABM's location in the database may be attached to the Hash2 index and so will be stored in association with position 11.
The following is an example of conflict handling with a Bloom filter. Suppose there is an entry of an element X which results in Hash1(X)=10 and Hash2(X)=1. This creates a conflict with the entry of the previous elements above, since positions 1 and 10 have been previously occupied. There are many ways to handle this conflict. The first way is to add an additional independent hash function to generate a third value and using the third value as the index to the pointer for the storage of element X in the database. The second way is to pad the conflicted value to the existing value in storage.
The following is an example of a Bloom Filter look-up function of a fourth element Y in which Hash1(Y)=3 and Hash2(Y)=10. Since, according to the foregoing element entries and results, there is no “1” stored in position 3, there is 100% certainty that this element does not exist at all in the database.
The following is an example of false positive handling that may be encountered with use of a Bloom filter. For a lookup of an element T, assume that Hash1(T)=10 and Hash2(T)=1. This of course conflicts with the previous entries above for which positions 10 and 1 of the Bloom filter were occupied. Accordingly, the results of this search yields a false positive. In such case, the data is retrieved according to the pointer stored in position 1 (being the result of Hash2). From the foregoing elements, the element BCN is stored in conjunction with position 1 and this element does not match the queried element T. The lookup query may then continue in accordance with the selected manner of conflict handling (i.e., by preforming a third hash function and looking for the data pointer stored win conjunction with the resulting value, or by looking in the padded field stored at position 1 of the Bloom filter.
According to the foregoing, during look-up, one or more hashing function are used to determine the existence of an element. If all bits corresponding to the hashes are turned on to be true, it may mean the element is in the database, or it is a false positive. But if any of the bit corresponding to the hashes is false, it means the element definitely does not exist in the database. In a large database of values, and particularly in real-world examples where much larger elements will be encountered, the use of a Bloom Filter greatly reduces the number of calculations needed to determine the presence or absence of a given element, resulting in computational efficiency.
Turning now to
In various embodiments, the value in the tuple is not a numerical number to denote the amount of money in one transaction. It is instead a structure of an <amount, timestamp> pair. Transactions happening at different times can be separated from each other more readily in this manner, and used for precise tracing. The transactions between in between U1 and U2 in
The innovation proposed a solution to trace BTC or other virtual or digital currency blockchain transactions in optimal computational efficiency. The storage is in the magnitude of O(n), where n is the number of total transactions, and therefore linear growth. The time complexity is in the magnitude of O(1), and therefore uses a constant-size lookup table. Once one transaction is identified as problematic, the entire money flow is completely traceable in optimal computational complexities, and therefore can be used to facilitate the prevention and prosecution of fraudulent transactions, such as money laundry, that may be attempted by users of the CETPA system.
Typically, users, which may be people and/or other systems, may engage information technology systems (e.g., computers) to facilitate information processing. In turn, computers employ processors to process information; such processors 3703 may be referred to as central processing units (CPU). One form of processor is referred to as a microprocessor. CPUs use communicative circuits to pass binary encoded signals acting as instructions to enable various operations. These instructions may be operational and/or data instructions containing and/or referencing other instructions and data in various processor accessible and operable areas of memory 3729 (e.g., registers, cache memory, random access memory, etc.). Such communicative instructions may be stored and/or transmitted in batches (e.g., batches of instructions) as programs and/or data components to facilitate desired operations. These stored instruction codes, e.g., programs, may engage the CPU circuit components and other motherboard and/or system components to perform desired operations. One type of program is a computer operating system, which, may be executed by CPU on a computer; the operating system enables and facilitates users to access and operate computer information technology and resources. Some resources that may be employed in information technology systems include: input and output mechanisms through which data may pass into and out of a computer; memory storage into which data may be saved; and processors by which information may be processed. These information technology systems may be used to collect data for later retrieval, analysis, and manipulation, which may be facilitated through a database program. These information technology systems provide interfaces that allow users to access and operate various system components.
In one embodiment, the CETPA controller 3701 may be connected to and/or communicate with entities such as, but not limited to: one or more users from peripheral devices 3712 (e.g., user input devices 3711); an optional cryptographic processor device 3728; and/or a communications network 3713.
Networks are commonly thought to comprise the interconnection and interoperation of clients, servers, and intermediary nodes in a graph topology. It should be noted that the term “server” as used throughout this application refers generally to a computer, other device, program, or combination thereof that processes and responds to the requests of remote users across a communications network. Servers serve their information to requesting “clients.” The term “client” as used herein refers generally to a computer, program, other device, user and/or combination thereof that is capable of processing and making requests and obtaining and processing any responses from servers across a communications network. A computer, other device, program, or combination thereof that facilitates, processes information and requests, and/or furthers the passage of information from a source user to a destination user is commonly referred to as a “node.” Networks are generally thought to facilitate the transfer of information from source points to destinations. A node specifically tasked with furthering the passage of information from a source to a destination is commonly called a “router.” There are many forms of networks such as Local Area Networks (LANs), Pico networks, Wide Area Networks (WANs), Wireless Networks (WLANs), etc. For example, the Internet is generally accepted as being an interconnection of a multitude of networks whereby remote clients and servers may access and interoperate with one another.
The CETPA controller 3701 may be based on computer systems that may comprise, but are not limited to, components such as: a computer systemization 3702 connected to memory 3729.
A computer systemization 3702 may comprise a clock 3730, central processing unit (“CPU(s)” and/or “processor(s)” (these terms are used interchangeable throughout the disclosure unless noted to the contrary)) 3703, a memory 3729 (e.g., a read only memory (ROM) 3706, a random access memory (RAM) 3705, etc.), and/or an interface bus 3707, and most frequently, although not necessarily, are all interconnected and/or communicating through a system bus 3704 on one or more (mother)board(s) 3702 having conductive and/or otherwise transportive circuit pathways through which instructions (e.g., binary encoded signals) may travel to effectuate communications, operations, storage, etc. The computer systemization may be connected to a power source 3786; e.g., optionally the power source may be internal. Optionally, a cryptographic processor 3726 may be connected to the system bus. In another embodiment, the cryptographic processor, transceivers (e.g., ICs) 3774, and/or sensor array (e.g., accelerometer, altimeter, ambient light, barometer, global positioning system (GPS) (thereby allowing CETPA controller to determine its location), gyroscope, magnetometer, pedometer, proximity, ultra-violet sensor, etc.) 3773 may be connected as either internal and/or external peripheral devices 3712 via the interface bus I/O 3708 (not pictured) and/or directly via the interface bus 3707. In turn, the transceivers may be connected to antenna(s) 3775, thereby effectuating wireless transmission and reception of various communication and/or sensor protocols; for example the antenna(s) may connect to various transceiver chipsets (depending on deployment needs), including: Broadcom BCM4329FKUBG transceiver chip (e.g., providing 802.11n, Bluetooth 2.1+EDR, FM, etc.); a Broadcom BCM4752 GPS receiver with accelerometer, altimeter, GPS, gyroscope, magnetometer; a Broadcom BCM4335 transceiver chip (e.g., providing 2G, 3G, and 4G long-term evolution (LTE) cellular communications; 802.11ac, Bluetooth 4.0 low energy (LE) (e.g., beacon features)); a Broadcom BCM43341 transceiver chip (e.g., providing 2G, 3G and 4G LTE cellular communications; 802.11 g/, Bluetooth 4.0, near field communication (NFC), FM radio); an Infineon Technologies X-Gold 618-PMB9800 transceiver chip (e.g., providing 2G/3G HSDPA/HSUPA communications); a MediaTek MT6620 transceiver chip (e.g., providing 802.11a/ac/b/g/n, Bluetooth 4.0 LE, FM, GPS; a Lapis Semiconductor ML8511 UV sensor; a maxim integrated MAX44000 ambient light and infrared proximity sensor; a Texas Instruments WiLink WL1283 transceiver chip (e.g., providing 802.11n, Bluetooth 3.0, FM, GPS); and/or the like. The system clock typically has a crystal oscillator and generates a base signal through the computer systemization's circuit pathways. The clock is typically coupled to the system bus and various clock multipliers that will increase or decrease the base operating frequency for other components interconnected in the computer systemization. The clock and various components in a computer systemization drive signals embodying information throughout the system. Such transmission and reception of instructions embodying information throughout a computer systemization may be commonly referred to as communications. These communicative instructions may further be transmitted, received, and the cause of return and/or reply communications beyond the instant computer systemization to: communications networks, input devices, other computer systemizations, peripheral devices, and/or the like. It should be understood that in alternative embodiments, any of the above components may be connected directly to one another, connected to the CPU, and/or organized in numerous variations employed as exemplified by various computer systems.
The CPU comprises at least one high-speed data processor adequate to execute program components for executing user and/or system-generated requests. The CPU is often packaged in a number of formats varying from large supercomputer(s) and mainframe(s) computers, down to mini computers, servers, desktop computers, laptops, thin clients (e.g., Chromebooks), netbooks, tablets (e.g., Android, iPads, and Windows tablets, etc.), mobile smartphones (e.g., Android, iPhones, Nokia, Palm and Windows phones, etc.), wearable device(s) (e.g., watches, glasses, goggles (e.g., Google Glass), etc.), and/or the like. Often, the processors themselves will incorporate various specialized processing units, such as, but not limited to: integrated system (bus) controllers, memory management control units, floating point units, and even specialized processing sub-units like graphics processing units, digital signal processing units, and/or the like. Additionally, processors may include internal fast access addressable memory, and be capable of mapping and addressing memory beyond the processor itself; internal memory may include, but is not limited to: fast registers, various levels of cache memory (e.g., level 1, 2, 3, etc.), RAM, etc. The processor may access this memory through the use of a memory address space that is accessible via instruction address, which the processor can construct and decode allowing it to access a circuit path to a specific memory address space having a memory state. The CPU may be a microprocessor such as: AMD's Athlon, Duron and/or Opteron; Apple's A series of processors (e.g., A5, A6, A7, A8, etc.); ARM's application, embedded and secure processors; IBM and/or Motorola's DragonBall and PowerPC; IBM's and Sony's Cell processor; Intel's 80X86 series (e.g., 80386, 80486), Pentium, Celeron, Core (2) Duo, i series (e.g., i3, i5, i7, etc.), Itanium, Xeon, and/or XScale; Motorola's 680X0 series (e.g., 68020, 68030, 68040, etc.); and/or the like processor(s). The CPU interacts with memory through instruction passing through conductive and/or transportive conduits (e.g., (printed) electronic and/or optic circuits) to execute stored instructions (i.e., program code) according to conventional data processing techniques. Such instruction passing facilitates communication within the CETPA controller and beyond through various interfaces. Should processing requirements dictate a greater amount speed and/or capacity, distributed processors (e.g., see Distributed CETPA below), mainframe, multi-core, parallel, and/or super-computer architectures may similarly be employed. Alternatively, should deployment requirements dictate greater portability, smaller mobile devices (e.g., Personal Digital Assistants (PDAs)) may be employed.
Depending on the particular implementation, features of the CETPA may be achieved by implementing a microcontroller such as CAST's R8051XC2 microcontroller; Intel's MCS 51 (i.e., 8051 microcontroller); and/or the like. Also, to implement certain features of the CETPA, some feature implementations may rely on embedded components, such as: Application-Specific Integrated Circuit (“ASIC”), Digital Signal Processing (“DSP”), Field Programmable Gate Array (“FPGA”), and/or the like embedded technology. For example, any of the CETPA component collection (distributed or otherwise) and/or features may be implemented via the microprocessor and/or via embedded components; e.g., via ASIC, coprocessor, DSP, FPGA, and/or the like. Alternately, some implementations of the CETPA may be implemented with embedded components that are configured and used to achieve a variety of features or signal processing.
Depending on the particular implementation, the embedded components may include software solutions, hardware solutions, and/or some combination of both hardware/software solutions. For example, CETPA features discussed herein may be achieved through implementing FPGAs, which are a semiconductor devices containing programmable logic components called “logic blocks”, and programmable interconnects, such as the high performance FPGA Virtex series and/or the low cost Spartan series manufactured by Xilinx. Logic blocks and interconnects can be programmed by the customer or designer, after the FPGA is manufactured, to implement any of the CETPA features. A hierarchy of programmable interconnects allow logic blocks to be interconnected as needed by the CETPA system designer/administrator, somewhat like a one-chip programmable breadboard. An FPGA's logic blocks can be programmed to perform the operation of basic logic gates such as AND, and XOR, or more complex combinational operators such as decoders or mathematical operations. In most FPGAs, the logic blocks also include memory elements, which may be circuit flip-flops or more complete blocks of memory. In some circumstances, the CETPA may be developed on regular FPGAs and then migrated into a fixed version that more resembles ASIC implementations. Alternate or coordinating implementations may migrate CETPA controller features to a final ASIC instead of or in addition to FPGAs. Depending on the implementation all of the aforementioned embedded components and microprocessors may be considered the “CPU” and/or “processor” for the CETPA.
The power source 3786 may be of any standard form for powering small electronic circuit board devices such as the following power cells: alkaline, lithium hydride, lithium ion, lithium polymer, nickel cadmium, solar cells, and/or the like. Other types of AC or DC power sources may be used as well. In the case of solar cells, in one embodiment, the case provides an aperture through which the solar cell may capture photonic energy. The power cell 3786 is connected to at least one of the interconnected subsequent components of the CETPA thereby providing an electric current to all subsequent components. In one example, the power source 3786 is connected to the system bus component 3704. In an alternative embodiment, an outside power source 3786 is provided through a connection across the I/O 3708 interface. For example, a USB and/or IEEE 1394 connection carries both data and power across the connection and is therefore a suitable source of power.
Interface bus(ses) 3707 may accept, connect, and/or communicate to a number of interface adapters, conventionally although not necessarily in the form of adapter cards, such as but not limited to: input output interfaces (I/O) 3708, storage interfaces 3709, network interfaces 3710, and/or the like. Optionally, cryptographic processor interfaces 3727 similarly may be connected to the interface bus. The interface bus provides for the communications of interface adapters with one another as well as with other components of the computer systemization. Interface adapters are adapted for a compatible interface bus. Interface adapters conventionally connect to the interface bus via a slot architecture. Conventional slot architectures may be employed, such as, but not limited to: Accelerated Graphics Port (AGP), Card Bus, (Extended) Industry Standard Architecture ((E)ISA), Micro Channel Architecture (MCA), NuBus, Peripheral Component Interconnect (Extended) (PCI(X), PCI Express, Personal Computer Memory Card International Association (PCMCIA), and/or the like.
Storage interfaces 3709 may accept, communicate, and/or connect to a number of storage devices such as, but not limited to: storage devices 3714, removable disc devices, and/or the like. Storage interfaces may employ connection protocols such as, but not limited to: (Ultra) (Serial) Advanced Technology Attachment (Packet Interface) ((Ultra) (Serial) ATA(PI)), (Enhanced) Integrated Drive Electronics ((E)IDE), Institute of Electrical and Electronics Engineers (IEEE) 1394, fiber channel, Small Computer Systems Interface (SCSI), Universal Serial Bus (USB), and/or the like.
Network interfaces 3710 may accept, communicate, and/or connect to a communications network 3713. Through a communications network 3713, the CETPA controller is accessible through remote clients 106 (e.g., computers with web browsers) by users 106a. Network interfaces may employ connection protocols such as, but not limited to: direct connect, Ethernet (thick, thin, twisted pair 10/100/1000/10000 Base T, and/or the like), Token Ring, wireless connection such as IEEE 802.11a-x, and/or the like. Should processing requirements dictate a greater amount speed and/or capacity, distributed network controllers (e.g., see Distributed CETPA below), architectures may similarly be employed to pool, load balance, and/or otherwise decrease/increase the communicative bandwidth required by the CETPA controller. A communications network may be any one and/or the combination of the following: a direct interconnection; the Internet; Interplanetary Internet (e.g., Coherent File Distribution Protocol (CFDP), Space Communications Protocol Specifications (SCPS), etc.); a Local Area Network (LAN); a Metropolitan Area Network (MAN); an Operating Missions as Nodes on the Internet (OMNI); a secured custom connection; a Wide Area Network (WAN); a wireless network (e.g., employing protocols such as, but not limited to a cellular, WiFi, Wireless Application Protocol (WAP), I-mode, and/or the like); and/or the like. A network interface may be regarded as a specialized form of an input output interface. Further, multiple network interfaces 3710 may be used to engage with various communications network types 3713. For example, multiple network interfaces may be employed to allow for the communication over broadcast, multicast, and/or unicast networks.
Input Output interfaces (I/O) 3708 may accept, communicate, and/or connect to user, peripheral devices 3712 (e.g., input devices 3711), cryptographic processor devices 3728, and/or the like. I/O may employ connection protocols such as, but not limited to: audio: analog, digital, monaural, RCA, stereo, and/or the like; data: Apple Desktop Bus (ADB), IEEE 1394a-b, serial, universal serial bus (USB); infrared; joystick; keyboard; midi; optical; PC AT; PS/2; parallel; radio; touch interfaces: capacitive, optical, resistive, etc. displays; video interface: Apple Desktop Connector (ADC), BNC, coaxial, component, composite, digital, Digital Visual Interface (DVI), (mini) displayport, high-definition multimedia interface (HDMI), RCA, RF antennae, S-Video, VGA, and/or the like; wireless transceivers: 802.11a/ac/b/g/n/x; Bluetooth; cellular (e.g., code division multiple access (CDMA), high speed packet access (HSPA(+)), high-speed downlink packet access (HSDPA), global system for mobile communications (GSM), long term evolution (LTE), WiMax, etc.); and/or the like. One typical output device may include a video display, which typically comprises a Cathode Ray Tube (CRT) or Liquid Crystal Display (LCD) based monitor with an interface (e.g., DVI circuitry and cable) that accepts signals from a video interface, may be used. The video interface composites information generated by a computer systemization and generates video signals based on the composited information in a video memory frame. Another output device is a television set, which accepts signals from a video interface. Typically, the video interface provides the composited video information through a video connection interface that accepts a video display interface (e.g., an RCA composite video connector accepting an RCA composite video cable; a DVI connector accepting a DVI display cable, etc.).
Peripheral devices 3712 may be connected and/or communicate to I/O and/or other facilities of the like such as network interfaces, storage interfaces, directly to the interface bus, system bus, the CPU, and/or the like. Peripheral devices may be external, internal and/or part of the CETPA controller. Peripheral devices may include: antenna, audio devices (e.g., line-in, line-out, microphone input, speakers, etc.), cameras (e.g., gesture (e.g., Microsoft Kinect) detection, motion detection, still, video, webcam, etc.), dongles (e.g., for copy protection, ensuring secure transactions with a digital signature, and/or the like), external processors (for added capabilities; e.g., crypto devices 3728), force-feedback devices (e.g., vibrating motors), infrared (IR) transceiver, network interfaces, printers, scanners, sensors/sensor arrays and peripheral extensions (e.g., ambient light, GPS, gyroscopes, proximity, temperature, etc.), storage devices, transceivers (e.g., cellular, GPS, etc.), video devices (e.g., goggles, monitors, etc.), video sources, visors, and/or the like. Peripheral devices often include types of input devices (e.g., cameras).
User input devices 3711 often are a type of peripheral device 3712 (see above) and may include: card readers, dongles, finger print readers, gloves, graphics tablets, joysticks, keyboards, microphones, mouse (mice), remote controls, security/biometric devices (e.g., fingerprint reader, iris reader, retina reader, etc.), touch screens (e.g., capacitive, resistive, etc.), trackballs, trackpads, styluses, and/or the like.
It should be noted that although user input devices and peripheral devices may be employed, the CETPA controller may be embodied as an embedded, dedicated, and/or monitor-less (i.e., headless) device, wherein access would be provided over a network interface connection.
Cryptographic units such as, but not limited to, microcontrollers, processors 3726, interfaces 3727, and/or devices 3728 may be attached, and/or communicate with the CETPA controller. A MC68HC16 microcontroller, manufactured by Motorola Inc., may be used for and/or within cryptographic units. The MC68HC16 microcontroller utilizes a 16-bit multiply-and-accumulate instruction in the 16 MHz configuration and requires less than one second to perform a 512-bit RSA private key operation. Cryptographic units support the authentication of communications from interacting agents, as well as allowing for anonymous transactions. Cryptographic units may also be configured as part of the CPU. Equivalent microcontrollers and/or processors may also be used. Other commercially available specialized cryptographic processors include: Broadcom's CryptoNetX and other Security Processors; nCipher's nShield; SafeNet's Luna PCI (e.g., 7100) series; Semaphore Communications' 40 MHz Roadrunner 184; Sun's Cryptographic Accelerators (e.g., Accelerator 6000 PCIe Board, Accelerator 500 Daughtercard); Via Nano Processor (e.g., L2100, L2200, U2400) line, which is capable of performing 500+MB/s of cryptographic instructions; VLSI Technology's 33 MHz 6868; and/or the like.
Generally, any mechanization and/or embodiment allowing a processor to affect the storage and/or retrieval of information is regarded as memory 3729. However, memory is a fungible technology and resource, thus, any number of memory embodiments may be employed in lieu of or in concert with one another. It is to be understood that the CETPA controller and/or a computer systemization may employ various forms of memory 3729. For example, a computer systemization may be configured wherein the operation of on-chip CPU memory (e.g., registers), RAM, ROM, and any other storage devices are provided by a paper punch tape or paper punch card mechanism; however, such an embodiment would result in an extremely slow rate of operation. In a typical configuration, memory 3729 will include ROM 3706, RAM 3705, and a storage device 3714. A storage device 3714 may be any conventional computer system storage. Storage devices may include: an array of devices (e.g., Redundant Array of Independent Disks (RAID)); a drum; a (fixed and/or removable) magnetic disk drive; a magneto-optical drive; an optical drive (i.e., Blueray, CD ROM/RAM/Recordable (R)/ReWritable (RW), DVD R/RW, HD DVD R/RW etc.); RAM drives; solid state memory devices (USB memory, solid state drives (SSD), etc.); other processor-readable storage mediums; and/or other devices of the like. Thus, a computer systemization generally requires and makes use of memory.
The memory 3729 may contain a collection of program and/or database components and/or data such as, but not limited to: operating system component(s) 3715 (operating system); information server component(s) 3716 (information server); user interface component(s) 3717 (user interface); Web browser component(s) 3718 (Web browser); database(s) 3719; mail server component(s) 3721; mail client component(s) 3722; cryptographic server component(s) 3720 (cryptographic server); the CETPA component(s) 3735; and/or the like (i.e., collectively a component collection). These components may be stored and accessed from the storage devices and/or from storage devices accessible through an interface bus. Although non-conventional program components such as those in the component collection, typically, are stored in a local storage device 3714, they may also be loaded and/or stored in memory such as: peripheral devices, RAM, remote storage facilities through a communications network, ROM, various forms of memory, and/or the like.
The operating system component 3715 is an executable program component facilitating the operation of the CETPA controller. Typically, the operating system facilitates access of I/O, network interfaces, peripheral devices, storage devices, and/or the like. The operating system may be a highly fault tolerant, scalable, and secure system such as: Apple's Macintosh OS X (Server); AT&T Plan 9; Be OS; Google's Chrome; Microsoft's Windows 7/8; Unix and Unix-like system distributions (such as AT&T's UNIX; Berkley Software Distribution (BSD) variations such as FreeBSD, NetBSD, OpenBSD, and/or the like; Linux distributions such as Red Hat, Ubuntu, and/or the like); and/or the like operating systems. However, more limited and/or less secure operating systems also may be employed such as Apple Macintosh OS, IBM OS/2, Microsoft DOS, Microsoft Windows 2000/2003/3.1/95/98/CE/Millennium/Mobile/NT/Vista/XP (Server), Palm OS, and/or the like. Additionally, for robust mobile deployment applications, mobile operating systems may be used, such as: Apple's iOS; China Operating System COS; Google's Android; Microsoft Windows RT/Phone; Palm's WebOS; Samsung/Intel's Tizen; and/or the like. An operating system may communicate to and/or with other components in a component collection, including itself, and/or the like. Most frequently, the operating system communicates with other program components, user interfaces, and/or the like. For example, the operating system may contain, communicate, generate, obtain, and/or provide program component, system, user, and/or data communications, requests, and/or responses. The operating system, once executed by the CPU, may enable the interaction with communications networks, data, I/O, peripheral devices, program components, memory, user input devices, and/or the like. The operating system may provide communications protocols that allow the CETPA controller to communicate with other entities through a communications network 3713. Various communication protocols may be used by the CETPA controller as a subcarrier transport mechanism for interaction, such as, but not limited to: multicast, TCP/IP, UDP, unicast, and/or the like.
An information server component 3716 is a stored program component that is executed by a CPU. The information server may be a conventional Internet information server such as, but not limited to Apache Software Foundation's Apache, Microsoft's Internet Information Server, and/or the like. The information server may allow for the execution of program components through facilities such as Active Server Page (ASP), ActiveX, (ANSI) (Objective-) C (++), C# and/or .NET, Common Gateway Interface (CGI) scripts, dynamic (D) hypertext markup language (HTML), FLASH, Java, JavaScript, Practical Extraction Report Language (PERL), Hypertext Pre-Processor (PHP), pipes, Python, wireless application protocol (WAP), WebObjects, and/or the like. The information server may support secure communications protocols such as, but not limited to, File Transfer Protocol (FTP); HyperText Transfer Protocol (HTTP); Secure Hypertext Transfer Protocol (HTTPS), Secure Socket Layer (SSL), messaging protocols (e.g., America Online (AOL) Instant Messenger (AIM), Application Exchange (APEX), ICQ, Internet Relay Chat (IRC), Microsoft Network (MSN) Messenger Service, Presence and Instant Messaging Protocol (PRIM), Internet Engineering Task Force's (IETF's) Session Initiation Protocol (SIP), SIP for Instant Messaging and Presence Leveraging Extensions (SIMPLE), open XML-based Extensible Messaging and Presence Protocol (XMPP) (i.e., Jabber or Open Mobile Alliance's (OMA's) Instant Messaging and Presence Service (IMPS)), Yahoo! Instant Messenger Service, and/or the like. The information server provides results in the form of Web pages to Web browsers, and allows for the manipulated generation of the Web pages through interaction with other program components. After a Domain Name System (DNS) resolution portion of an HTTP request is resolved to a particular information server, the information server resolves requests for information at specified locations on the CETPA controller based on the remainder of the HTTP request. For example, a request such as http://123.124.125.126/myInformation.html might have the IP portion of the request “123.124.125.126” resolved by a DNS server to an information server at that IP address; that information server might in turn further parse the http request for the “/myInformation.html” portion of the request and resolve it to a location in memory containing the information “myInformation.html.” Additionally, other information serving protocols may be employed across various ports, e.g., FTP communications across port 21, and/or the like. An information server may communicate to and/or with other components in a component collection, including itself, and/or facilities of the like. Most frequently, the information server communicates with the CETPA database 3719, operating systems, other program components, user interfaces, Web browsers, and/or the like.
Access to the CETPA database may be achieved through a number of database bridge mechanisms such as through scripting languages as enumerated below (e.g., CGI) and through inter-application communication channels as enumerated below (e.g., CORBA, WebObjects, etc.). Any data requests through a Web browser are parsed through the bridge mechanism into appropriate grammars as required by the CETPA. In one embodiment, the information server would provide a Web form accessible by a Web browser. Entries made into supplied fields in the Web form are tagged as having been entered into the particular fields, and parsed as such. The entered terms are then passed along with the field tags, which act to instruct the parser to generate queries directed to appropriate tables and/or fields. In one embodiment, the parser may generate queries in standard SQL by instantiating a search element with the proper join/select commands based on the tagged text entries, wherein the resulting command is provided over the bridge mechanism to the CETPA as a query. Upon generating query results from the query, the results are passed over the bridge mechanism, and may be parsed for formatting and generation of a new results Web page by the bridge mechanism. Such a new results Web page is then provided to the information server, which may supply it to the requesting Web browser.
Also, an information server may contain, communicate, generate, obtain, and/or provide program component, system, user, and/or data communications, requests, and/or responses.
Computer interfaces in some respects are similar to automobile operation interfaces. Automobile operation interface elements such as steering wheels, gearshifts, and speedometers facilitate the access, operation, and display of automobile resources, and status. Computer interaction interface elements such as check boxes, cursors, menus, scrollers, and windows (collectively and commonly referred to as widgets) similarly facilitate the access, capabilities, operation, and display of data and computer hardware and operating system resources, and status. Operation interfaces are commonly called user interfaces. Graphical user interfaces (GUIs) such as the Apple's iOS, Macintosh Operating System's Aqua; IBM's OS/2; Google's Chrome (e.g., and other web browser/cloud based client OSs); Microsoft's Windows varied UIs 2000/2003/3.1/95/98/CE/Millennium/Mobile/NT/Vista/XP (Server) (i.e., Aero, Surface, etc.); Unix's X-Windows (e.g., which may include additional Unix graphic interface libraries and layers such as K Desktop Environment (KDE), mythTV and GNU Network Object Model Environment (GNOME)), web interface libraries (e.g., ActiveX, AJAX, (D)HTML, FLASH, Java, JavaScript, etc. interface libraries such as, but not limited to, Dojo, jQuery(UI), MooTools, Prototype, script.aculo.us, SWFObject, Yahoo! User Interface, any of which may be used and) provide a baseline and means of accessing and displaying information graphically to users.
A user interface component 3717 is a stored program component that is executed by a CPU. The user interface may be a conventional graphic user interface as provided by, with, and/or atop operating systems and/or operating environments such as already discussed. The user interface may allow for the display, execution, interaction, manipulation, and/or operation of program components and/or system facilities through textual and/or graphical facilities. The user interface provides a facility through which users may affect, interact, and/or operate a computer system. A user interface may communicate to and/or with other components in a component collection, including itself, and/or facilities of the like. Most frequently, the user interface communicates with operating systems, other program components, and/or the like. The user interface may contain, communicate, generate, obtain, and/or provide program component, system, user, and/or data communications, requests, and/or responses.
A Web browser component 3718 is a stored program component that is executed by a CPU. The Web browser may be a conventional hypertext viewing application such as Apple's (mobile) Safari, Google's Chrome, Microsoft Internet Explorer, Mozilla's Firefox, Netscape Navigator, and/or the like. Secure Web browsing may be supplied with 128 bit (or greater) encryption by way of HTTPS, SSL, and/or the like. Web browsers allowing for the execution of program components through facilities such as ActiveX, AJAX, (D)HTML, FLASH, Java, JavaScript, web browser plug-in APIs (e.g., FireFox, Safari Plug-in, and/or the like APIs), and/or the like. Web browsers and like information access tools may be integrated into PDAs, cellular telephones, and/or other mobile devices. A Web browser may communicate to and/or with other components in a component collection, including itself, and/or facilities of the like. Most frequently, the Web browser communicates with information servers, operating systems, integrated program components (e.g., plug-ins), and/or the like; e.g., it may contain, communicate, generate, obtain, and/or provide program component, system, user, and/or data communications, requests, and/or responses. Also, in place of a Web browser and information server, a combined application may be developed to perform similar operations of both. The combined application would similarly affect the obtaining and the provision of information to users, user agents, and/or the like from the CETPA enabled nodes. The combined application may be nugatory on systems employing standard Web browsers.
A mail server component 3721 is a stored program component that is executed by a CPU 3703. The mail server may be a conventional Internet mail server such as, but not limited to: dovecot, Courier IMAP, Cyrus IMAP, Maildir, Microsoft Exchange, sendmail, and/or the like. The mail server may allow for the execution of program components through facilities such as ASP, ActiveX, (ANSI) (Objective-) C (++), C# and/or .NET, CGI scripts, Java, JavaScript, PERL, PHP, pipes, Python, WebObjects, and/or the like. The mail server may support communications protocols such as, but not limited to: Internet message access protocol (IMAP), Messaging Application Programming Interface (MAPI)/Microsoft Exchange, post office protocol (POPS), simple mail transfer protocol (SMTP), and/or the like. The mail server can route, forward, and process incoming and outgoing mail messages that have been sent, relayed and/or otherwise traversing through and/or to the CETPA. Alternatively, the mail server component may be distributed out to mail service providing entities such as Google's cloud services (e.g., Gmail and notifications may alternatively be provided via messenger services such as AOL's Instant Messenger, Apple's iMessage, Google Messenger, SnapChat, etc.).
Access to the CETPA mail may be achieved through a number of APIs offered by the individual Web server components and/or the operating system.
Also, a mail server may contain, communicate, generate, obtain, and/or provide program component, system, user, and/or data communications, requests, information, and/or responses.
A mail client component 3722 is a stored program component that is executed by a CPU 3703. The mail client may be a conventional mail viewing application such as Apple Mail, Microsoft Entourage, Microsoft Outlook, Microsoft Outlook Express, Mozilla, Thunderbird, and/or the like. Mail clients may support a number of transfer protocols, such as: IMAP, Microsoft Exchange, POP3, SMTP, and/or the like. A mail client may communicate to and/or with other components in a component collection, including itself, and/or facilities of the like. Most frequently, the mail client communicates with mail servers, operating systems, other mail clients, and/or the like; e.g., it may contain, communicate, generate, obtain, and/or provide program component, system, user, and/or data communications, requests, information, and/or responses. Generally, the mail client provides a facility to compose and transmit electronic mail messages.
A cryptographic server component 3720 is a stored program component that is executed by a CPU 3703, cryptographic processor 3726, cryptographic processor interface 3727, cryptographic processor device 3728, and/or the like. Cryptographic processor interfaces will allow for expedition of encryption and/or decryption requests by the cryptographic component; however, the cryptographic component, alternatively, may run on a conventional CPU. The cryptographic component allows for the encryption and/or decryption of provided data. The cryptographic component allows for both symmetric and asymmetric (e.g., Pretty Good Protection (PGP)) encryption and/or decryption. The cryptographic component may employ cryptographic techniques such as, but not limited to: digital certificates (e.g., X.509 authentication framework), digital signatures, dual signatures, enveloping, password access protection, public key management, and/or the like. The cryptographic component will facilitate numerous (encryption and/or decryption) security protocols such as, but not limited to: checksum, Data Encryption Standard (DES), Elliptical Curve Encryption (ECC), International Data Encryption Algorithm (IDEA), Message Digest 5 (MD5, which is a one way hash operation), passwords, Rivest Cipher (RC5), Rijndael, RSA (which is an Internet encryption and authentication system that uses an algorithm developed in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman), Secure Hash Algorithm (SHA), Secure Socket Layer (SSL), Secure Hypertext Transfer Protocol (HTTPS), Transport Layer Security (TLS), and/or the like. Employing such encryption security protocols, the CETPA may encrypt all incoming and/or outgoing communications and may serve as node within a virtual private network (VPN) with a wider communications network. The cryptographic component facilitates the process of “security authorization” whereby access to a resource is inhibited by a security protocol wherein the cryptographic component effects authorized access to the secured resource. In addition, the cryptographic component may provide unique identifiers of content, e.g., employing and MD5 hash to obtain a unique signature for an digital audio file. A cryptographic component may communicate to and/or with other components in a component collection, including itself, and/or facilities of the like. The cryptographic component supports encryption schemes allowing for the secure transmission of information across a communications network to enable the CETPA component to engage in secure transactions if so desired. The cryptographic component facilitates the secure accessing of resources on the CETPA and facilitates the access of secured resources on remote systems; i.e., it may act as a client and/or server of secured resources. Most frequently, the cryptographic component communicates with information servers, operating systems, other program components, and/or the like. The cryptographic component may contain, communicate, generate, obtain, and/or provide program component, system, user, and/or data communications, requests, and/or responses.
The CETPA database component 3719 may be embodied in a database and its stored data. The database is a stored program component, which is executed by the CPU; the stored program component portion configuring the CPU to process the stored data. The database may be a conventional, fault tolerant, relational, scalable, secure database such as MySQL, Oracle, Sybase, etc. may be used. Additionally, optimized fast memory and distributed databases such as IBM's Netezza, MongoDB's MongoDB, opensource Hadoop, opensource VoltDB, SAP's Hana, etc. Relational databases are an extension of a flat file. Relational databases consist of a series of related tables. The tables are interconnected via a key field. Use of the key field allows the combination of the tables by indexing against the key field; i.e., the key fields act as dimensional pivot points for combining information from various tables. Relationships generally identify links maintained between tables by matching primary keys. Primary keys represent fields that uniquely identify the rows of a table in a relational database. Alternative key fields may be used from any of the fields having unique value sets, and in some alternatives, even non-unique values in combinations with other fields. More precisely, they uniquely identify rows of a table on the “one” side of a one-to-many relationship.
Alternatively, the CETPA database may be implemented using various standard data-structures, such as an array, hash, (linked) list, struct, structured text file (e.g., XML), table, and/or the like. Such data-structures may be stored in memory and/or in (structured) files. In another alternative, an object-oriented database may be used, such as Frontier, ObjectStore, Poet, Zope, and/or the like. Object databases can include a number of object collections that are grouped and/or linked together by common attributes; they may be related to other object collections by some common attributes. Object-oriented databases perform similarly to relational databases with the exception that objects are not just pieces of data but may have other types of capabilities encapsulated within a given object. If the CETPA database is implemented as a data-structure, the use of the CETPA database 3719 may be integrated into another component such as the CETPA component 3735. The CETPA database may likewise be stored in the Blockchain or similar format. Also, the database may be implemented as a mix of data structures, objects, and relational structures. Databases may be consolidated and/or distributed in countless variations (e.g., see Distributed CETPA below). Portions of databases, e.g., tables, may be exported and/or imported and thus decentralized and/or integrated.
In one embodiment, the database component 3719 includes several tables 3719a-h:
An accounts table 3719a includes fields such as, but not limited to: an accountID, accountOwnerID, accountContactID, assetIDs, deviceIDs, paymentIDs, transactionIDs, userIDs, accountType (e.g., agent, entity (e.g., corporate, non-profit, partnership, etc.), individual, etc.), accountCreationDate, accountUpdateDate, accountName, accountNumber, routingNumber, linkWalletsID, accountPrioritAccaountRatio, accountAddress, accountState, accountZIPcode, accountCountry, accountEmail, accountPhone, accountAuthKey, accountIPaddress, accountURLAccessCode, accountPortNo, accountAuthorizationCode, accountAccessPrivileges, accountPreferences, accountRestrictions, and/or the like;
A users table 3719b includes fields such as, but not limited to: a userID, userSSN, taxID, userContactID, accountID, assetIDs, deviceIDs, paymentIDs, transactionIDs, userType (e.g., agent, entity (e.g., corporate, non-profit, partnership, etc.), individual, etc.), namePrefix, firstName, middleName, lastName, nameSuffix, DateOfBirth, userAge, userName, userEmail, userSocialAccountID, contactType, contactRelationship, userPhone, userAddress, userCity, userState, userZlPCode, userCountry, userAuthorizationCode, userAccessPrivilges, userPreferences, userRestrictions, and/or the like (the user table may support and/or track multiple entity accounts on a CETPA);
An devices table 3719c includes fields such as, but not limited to: deviceID, sensorIDs, accountID, assetIDs, paymentIDs, deviceType, deviceName, deviceManufacturer, deviceModel, deviceVersion, deviceSerialNo, devicelPaddress, deviceMACaddress, device_ECID, deviceUUID, deviceLocation, deviceCertificate, deviceOS, appIDs, deviceResources, deviceSession, authKey, deviceSecureKey, walletAppinstalledFlag, deviceAccessPrivileges, devicePreferences, deviceRestrictions, hardware_config, software_config, storage_location, sensor_value, pin_reading, data_length, channel_requirement, sensor_name, sensor_model_no, sensor_manufacturer, sensor_type, sensor_serial_number, sensor_power_requirement, device_power_requirement, location, sensor_associated_tool, sensor_dimensions, device_dimensions, sensor_communications_type, device_communications_type, power_percentage, power_condition, temperature_setting, speed_adjust, hold_duration, part_actuation, and/or the like. Device table may, in some embodiments, include fields corresponding to one or more Bluetooth profiles, such as those published at https://www.bluetooth.org/en-us/specification/adopted-specifications, and/or other device specifications, and/or the like;
An apps table 3719d includes fields such as, but not limited to: appID, appName, appType, appDependencies, accountID, deviceIDs, transactionID, userID, appStoreAuthKey, appStoreAccountID, appStoreIPaddress, appStoreURLaccessCode, appStorePortNo, appAccessPrivileges, appPreferences, appRestrictions, portNum, access_API_call, linked_wallets_list, and/or the like;
An assets table 3719e includes fields such as, but not limited to: assetID, accountID, userID, distributorAccountID, distributorPaymentID, distributorOnwerID, assetOwnerID, assetType, assetSourceDeviceID, assetSourceDeviceType, assetSourceDeviceName, assetSourceDistributionChannelID, assetSourceDistributionChannelType, assetSourceDistributionChannelName, assetTargetChannelID, assetTargetChannelType, assetTargetChannelName, assetName, assetSeriesName, assetSeriesSeason, assetSeriesEpisode, assetCode, assetQuantity, assetCost, assetPrice, assetValue, assetManufactuer, assetModelNo, assetSerialNo, assetLocation, assetAddress, assetState, assetZlPcode, assetState, assetCountry, assetEmail, assetlPaddress, assetURLaccessCode, assetOwnerAccountID, subscriptionIDs, assetAuthroizationCode, assetAccessPrivileges, assetPreferences, assetRestrictions, assetAPI, assetAPIconnectionAddress, and/or the like;
A payments table 3719f includes fields such as, but not limited to: paymentID, accountID, userID, paymentType, paymentAccountNo, paymentAccountName, paymentAccountAuthorizationCodes, paymentExpirationDate, paymentCCV, paymentRoutingNo, paymentRoutingType, paymentAddress, paymentState, paymentZIPcode, paymentCountry, paymentEmail, paymentAuthKey, paymentIPaddress, paymentURLaccessCode, paymentPortNo, paymentAccessPrivileges, paymentPreferences, payementRestrictions, and/or the like;
An transactions table 3719g includes fields such as, but not limited to: transactionID, accountID, assetIDs, deviceIDs, paymentIDs, transactionIDs, userID, merchantID, transactionType, transactionDate, transactionTime, transactionAmount, transactionQuantity, transactionDetails, productsList, productType, productTitle, productsSummary, productParamsList, transactionNo, transactionAccessPrivileges, transactionPreferences, transactionRestrictions, merchantAuthKey, merchantAuthCode, and/or the like;
An merchants table 3719h includes fields such as, but not limited to: merchantID, merchantTaxID, merchanteName, merchantContactUserID, accountID, issuerID, acquirerID, merchantEmail, merchantAddress, merchantState, merchantZIPcode, merchantCountry, merchantAuthKey, merchantIPaddress, portNum, merchantURLaccessCode, merchantPortNo, merchantAccessPrivileges, merchantPreferences, merchantRestrictions, and/or the like;
An ads table 3719i includes fields such as, but not limited to: adID, advertiserID, adMerchantID, adNetworkID, adName, adTags, advertiserName, adSponsor, adTime, adGeo, adAttributes, adFormat, adProduct, adText, adMedia, adMediaID, adChannelID, adTagTime, adAudioSignature, adHash, adTemplateID, adTemplateData, adSourceID, adSourceName, adSourceServerIP, adSourceURL, adSourceSecurityProtocol, adSourceFTP, adAuthKey, adAccessPrivileges, adPreferences, adRestrictions, adNetworkXchangeID, adNetworkXchangeName, adNetworkXchangeCost, adNetworkXchangeMetricType (e.g., CPA, CPC, CPM, CTR, etc.), adNetworkXchangeMetricValue, adNetworkXchangeServer, adNetworkXchangePortNumber, publisherID, publisherAddress, publisherURL, publisherTag, publisherIndustry, publisherName, publisherDescription, siteDomain, siteURL, siteContent, siteTag, siteContext, sitelmpression, siteVisits, siteHeadline, sitePage, siteAdPrice, sitePlacement, sitePosition, bidID, bidExchange, bidOS, bidTarget, bidTimestamp, bidPrice, bidlmpressionID, bidType, bidScore, adType (e.g., mobile, desktop, wearable, largescreen, interstitial, etc.), assetID, merchantID, deviceID, userID, accountID, impressionID, impressionOS, impressionTimeStamp, impressionGeo, impressionAction, impressionType, impressionPublisherID, impressionPublisherURL, and/or the like.
A blockchain table 3719j includes fields such as, but not limited to: block(1) . . . block(n). The blockchain table 1819j may be used to store blocks that form blockchains of transactions as described herein.
A public key table 3719k includes fields such as, but not limited to: accountID, accountOwnerID, accountContactID, public_key. The public key table 1819k may be used to store and retrieve the public keys generated for clients of the CETPA system as described herein.
A private key table 3719l includes fields such as, but not limited to: ownerID, OwnertContact, private_key. The private keys held here will not be the private keys of registered users of the CETPA system, but instead will be used to authentic transactions originating from the CETPA system.
An OpReturn table 3719m includes fields such as, but not limited to: transactionID, OpReturn_Value1 . . . OpReturn_Value80; where each OpReturn Value entry stores one byte in the OpReturn field for the purposes described above.
A wallet table 3719n includes fields such as, but not limited to: an accountID, accountOwnerID, accountContactID, transactionIDs, SourceAddress(1) . . . SourceAddress(n), BalanceAddress(1) . . . Balance address(n). The wallet table 1819n may be used to store wallet information as described in the foregoing.
Hash functions table 3719o stores the hash functions that may be used by the Bloom Filter component 3748, and may include fields such as: hashFunction1, hashFunction2 . . . hashFunction(n).
Physical Address table 3719p stores the physical address generated by Bloom filter application to source and destination addresses in a transaction, and accordingly may include the following fields: publickey, physicalAddress.
The transaction distance matrix representing all transactions undertaken via the CETPA are stored in a LIL or similar format, and accordingly the LIL table 3719q may include the following fields: sourceAddress, destinationAddress, transactionValueTimestampTuple.
A market_data table 3719z includes fields such as, but not limited to: market_data_feed_ID, asset_ID, asset_symbol, asset_name, spot_price, bid_price, ask_price, and/or the like; in one embodiment, the market data table is populated through a market data feed (e.g., Bloomberg's PhatPipe, Consolidated Quote System (CQS), Consolidated Tape Association (CTA), Consolidated Tape System (CTS), Dun & Bradstreet, OTC Montage Data Feed (OMDF), Reuter's Tib, Triarch, US equity trade and quote market data, Unlisted Trading Privileges (UTP) Trade Data Feed (UTDF), UTP Quotation Data Feed (UQDF), and/or the like feeds, e.g., via ITC 2.1 and/or respective feed protocols), for example, through Microsoft's Active Template Library and Dealing Object Technology's real-time toolkit Rtt.Multi
In one embodiment, the CETPA database 3719 may interact with other database systems. For example, employing a distributed database system, queries and data access by search CETPA component may treat the combination of the CETPA database, an integrated data security layer database as a single database entity (e.g., see Distributed CETPA below).
In one embodiment, user programs may contain various user interface primitives, which may serve to update the CETPA. Also, various accounts may require custom database tables depending upon the environments and the types of clients the CETPA may need to serve. It should be noted that any unique fields may be designated as a key field throughout. In an alternative embodiment, these tables have been decentralized into their own databases and their respective database controllers (i.e., individual database controllers for each of the above tables). Employing standard data processing techniques, one may further distribute the databases over several computer systemizations and/or storage devices. Similarly, configurations of the decentralized database controllers may be varied by consolidating and/or distributing the various database components 3719a-z. The CETPA may be configured to keep track of various settings, inputs, and parameters via database controllers.
The CETPA database may communicate to and/or with other components in a component collection, including itself, and/or facilities of the like. Most frequently, the CETPA database communicates with the CETPA component, other program components, and/or the like. The database may contain, retain, and provide information regarding other nodes and data.
The component 3735 is a stored program component that is executed by a CPU. In one embodiment, the CETPA component incorporates any and/or all combinations of the aspects of the CETPA that was discussed in the previous figures. As such, the CETPA affects accessing, obtaining and the provision of information, services, transactions, and/or the like across various communications networks. The features and embodiments of the CETPA discussed herein increase network efficiency by reducing data transfer requirements the use of more efficient data structures and mechanisms for their transfer and storage. As a consequence, more data may be transferred in less time, and latencies with regard to transactions, are also reduced. In many cases, such reduction in storage, transfer time, bandwidth requirements, latencies, etc., will reduce the capacity and structural infrastructure requirements to support the CETPA's features and facilities, and in many cases reduce the costs, energy consumption/requirements, and extend the life of CETPA's underlying infrastructure; this has the added benefit of making the CETPA more reliable. Similarly, many of the features and mechanisms are designed to be easier for users to use and access, thereby broadening the audience that may enjoy/employ and exploit the feature sets of the CETPA; such ease of use also helps to increase the reliability of the CETPA. In addition, the feature sets include heightened security as noted via the Cryptographic components 3720, 3726, 3728 and throughout, making access to the features and data more reliable and secure
The CETPA transforms virtual wallet addresses or fractional order purchase request inputs, via CETPA components (e.g., Virtual Currency Component, Blockchain Component, Transaction Confirmation Component), into transaction confirmation outputs.
The CETPA component enabling access of information between nodes may be developed by employing standard development tools and languages such as, but not limited to: Apache components, Assembly, ActiveX, binary executables, (ANSI) (Objective-) C (++), C# and/or .NET, database adapters, CGI scripts, Java, JavaScript, mapping tools, procedural and object oriented development tools, PERL, PHP, Python, shell scripts, SQL commands, web application server extensions, web development environments and libraries (e.g., Microsoft's ActiveX; Adobe AIR, FLEX & FLASH; AJAX; (D)HTML; Dojo, Java; JavaScript; jQuery(UI); MooTools; Prototype; script.aculo.us; Simple Object Access Protocol (SOAP); SWFObject; Yahoo! User Interface; and/or the like), WebObjects, and/or the like. In one embodiment, the CETPA server employs a cryptographic server to encrypt and decrypt communications. The CETPA component may communicate to and/or with other components in a component collection, including itself, and/or facilities of the like. Most frequently, the CETPA component communicates with the CETPA database, operating systems, other program components, and/or the like. The CETPA may contain, communicate, generate, obtain, and/or provide program component, system, user, and/or data communications, requests, and/or responses.
A Login Component 3741 is a stored program component that is executed by a CPU. In various embodiments, the Login Component 3741 incorporates any and/or all combinations of the aspects of logging into the CETPA that was discussed above with respect to
A Virtual Currency Transaction Component 3742 is a stored program component that is executed by a CPU. In various embodiments, the Virtual Currency Transaction Component 3742 incorporates any and/or all combinations of the aspects of the CETPA that was discussed above with respect to
A Blockchain Component 3743 is a stored program component that is executed by a CPU. In one embodiment, the Blockchain Component 3743 incorporates any and/or all combinations of the aspects of the CETPA that was discussed in the previous figures.
A Transaction Confirmation Component 3744 is a stored program component that is executed by a CPU. In one embodiment, the Transaction Confirmation Component 3744 incorporates any and/or all combinations of the aspects of the CETPA that was discussed above with respect to
An Order Generation Component 3745 and an Order Placement Component 3746 provide the functionalities as listed above for the CETPA.
The structure and/or operation of any of the CETPA node controller components may be combined, consolidated, and/or distributed in any number of ways to facilitate development and/or deployment. Similarly, the component collection may be combined in any number of ways to facilitate deployment and/or development. To accomplish this, one may integrate the components into a common code base or in a facility that can dynamically load the components on demand in an integrated fashion. As such a combination of hardware may be distributed within a location, within a region and/or globally where logical access to a controller may be abstracted as a singular node, yet where a multitude of private, semiprivate and publically accessible node controllers (e.g., via dispersed data centers) are coordinated to serve requests (e.g., providing private cloud, semi-private cloud, and public cloud computing resources) and allowing for the serving of such requests in discrete regions (e.g., isolated, local, regional, national, global cloud access).
The component collection may be consolidated and/or distributed in countless variations through standard data processing and/or development techniques. Multiple instances of any one of the program components in the program component collection may be instantiated on a single node, and/or across numerous nodes to improve performance through load-balancing and/or data-processing techniques. Furthermore, single instances may also be distributed across multiple controllers and/or storage devices; e.g., databases. All program component instances and controllers working in concert may do so through standard data processing communication techniques.
The configuration of the CETPA controller will depend on the context of system deployment. Factors such as, but not limited to, the budget, capacity, location, and/or use of the underlying hardware resources may affect deployment requirements and configuration. Regardless of if the configuration results in more consolidated and/or integrated program components, results in a more distributed series of program components, and/or results in some combination between a consolidated and distributed configuration, data may be communicated, obtained, and/or provided. Instances of components consolidated into a common code base from the program component collection may communicate, obtain, and/or provide data. This may be accomplished through intra-application data processing communication techniques such as, but not limited to: data referencing (e.g., pointers), internal messaging, object instance variable communication, shared memory space, variable passing, and/or the like. For example, cloud services such as Amazon Data Services, Microsoft Azure, Hewlett Packard Helion, IBM Cloud services allow for CETPA controller and/or CETPA component collections to be hosted in full or partially for varying degrees of scale.
If component collection components are discrete, separate, and/or external to one another, then communicating, obtaining, and/or providing data with and/or to other component components may be accomplished through inter-application data processing communication techniques such as, but not limited to: Application Program Interfaces (API) information passage; (distributed) Component Object Model ((D)COM), (Distributed) Object Linking and Embedding ((D)OLE), and/or the like), Common Object Request Broker Architecture (CORBA), Jini local and remote application program interfaces, JavaScript Object Notation (JSON), Remote Method Invocation (RMI), SOAP, process pipes, shared files, and/or the like. Messages sent between discrete component components for inter-application communication or within memory spaces of a singular component for intra-application communication may be facilitated through the creation and parsing of a grammar. A grammar may be developed by using development tools such as lex, yacc, XML, and/or the like, which allow for grammar generation and parsing capabilities, which in turn may form the basis of communication messages within and between components.
For example, a grammar may be arranged to recognize the tokens of an HTTP post command, e.g.:
where Value1 is discerned as being a parameter because “http://” is part of the grammar syntax, and what follows is considered part of the post value. Similarly, with such a grammar, a variable “Value1” may be inserted into an “http://” post command and then sent. The grammar syntax itself may be presented as structured data that is interpreted and/or otherwise used to generate the parsing mechanism (e.g., a syntax description text file as processed by lex, yacc, etc.). Also, once the parsing mechanism is generated and/or instantiated, it itself may process and/or parse structured data such as, but not limited to: character (e.g., tab) delineated text, HTML, structured text streams, XML, and/or the like structured data. In another embodiment, inter-application data processing protocols themselves may have integrated and/or readily available parsers (e.g., JSON, SOAP, and/or like parsers) that may be employed to parse (e.g., communications) data. Further, the parsing grammar may be used beyond message parsing, but may also be used to parse: databases, data collections, data stores, structured data, and/or the like. Again, the desired configuration will depend upon the context, environment, and requirements of system deployment.
For example, in some implementations, the CETPA controller may be executing a PHP script implementing a Secure Sockets Layer (“SSL”) socket server via the information server, which listens to incoming communications on a server port to which a client may send data, e.g., data encoded in JSON format. Upon identifying an incoming communication, the PHP script may read the incoming message from the client device, parse the received JSON-encoded text data to extract information from the JSON-encoded text data into PHP script variables, and store the data (e.g., client identifying information, etc.) and/or extracted information in a relational database accessible using the Structured Query Language (“SQL”). An exemplary listing, written substantially in the form of PHP/SQL commands, to accept JSON-encoded input data from a client device via a SSL connection, parse the data to extract variables, and store the data to a database, is provided below:
Also, the following resources may be used to provide example embodiments regarding SOAP parser implementation:
and other parser implementations:
all of which are hereby expressly incorporated by reference.
In order to address various issues and advance the art, the entirety of this application for Computationally Efficient Transfer Processing and Auditing Apparatuses, Methods and Systems (including the Cover Page, Title, Headings, Field, Background, Summary, Brief Description of the Drawings, Detailed Description, Claims, Abstract, Figures, Appendices, and otherwise) shows, by way of illustration, various embodiments in which the claimed innovations may be practiced. The advantages and features of the application are of a representative sample of embodiments only, and are not exhaustive and/or exclusive. They are presented only to assist in understanding and teach the claimed principles. It should be understood that they are not representative of all claimed innovations. As such, certain aspects of the disclosure have not been discussed herein. That alternate embodiments may not have been presented for a specific portion of the innovations or that further undescribed alternate embodiments may be available for a portion is not to be considered a disclaimer of those alternate embodiments. It will be appreciated that many of those undescribed embodiments incorporate the same principles of the innovations and others are equivalent. Thus, it is to be understood that other embodiments may be utilized and functional, logical, operational, organizational, structural and/or topological modifications may be made without departing from the scope and/or spirit of the disclosure. As such, all examples and/or embodiments are deemed to be non-limiting throughout this disclosure. Also, no inference should be drawn regarding those embodiments discussed herein relative to those not discussed herein other than it is as such for purposes of reducing space and repetition. For instance, it is to be understood that the logical and/or topological structure of any combination of any program components (a component collection), other components, data flow order, logic flow order, and/or any present feature sets as described in the figures and/or throughout are not limited to a fixed operating order and/or arrangement, but rather, any disclosed order is exemplary and all equivalents, regardless of order, are contemplated by the disclosure. Similarly, descriptions of embodiments disclosed throughout this disclosure, any reference to direction or orientation is merely intended for convenience of description and is not intended in any way to limit the scope of described embodiments. Relative terms such as “lower,” “upper,” “horizontal,” “vertical,” “above,” “below,” “up,” “down,” “top” and “bottom” as well as derivative thereof (e.g., “horizontally,” “downwardly,” “upwardly,” etc.) should not be construed to limit embodiments, and instead, again, are offered for convenience of description of orientation. These relative descriptors are for convenience of description only and do not require that any embodiments be constructed or operated in a particular orientation unless explicitly indicated as such. Terms such as “attached,” “affixed,” “connected,” “coupled,” “interconnected,” and similar may refer to a relationship wherein structures are secured or attached to one another either directly or indirectly through intervening structures, as well as both movable or rigid attachments or relationships, unless expressly described otherwise. Furthermore, it is to be understood that such features are not limited to serial execution, but rather, any number of threads, processes, services, servers, and/or the like that may execute asynchronously, concurrently, in parallel, simultaneously, synchronously, and/or the like are contemplated by the disclosure. As such, some of these features may be mutually contradictory, in that they cannot be simultaneously present in a single embodiment. Similarly, some features are applicable to one aspect of the innovations, and inapplicable to others. In addition, the disclosure includes other innovations not presently claimed. Applicant reserves all rights in those presently unclaimed innovations including the right to claim such innovations, file additional applications, continuations, continuations in part, divisions, and/or the like thereof. As such, it should be understood that advantages, embodiments, examples, functional, features, logical, operational, organizational, structural, topological, and/or other aspects of the disclosure are not to be considered limitations on the disclosure as defined by the claims or limitations on equivalents to the claims. It is to be understood that, depending on the particular needs and/or characteristics of a individual and/or enterprise user, database configuration and/or relational model, data type, data transmission and/or network framework, syntax structure, and/or the like, various embodiments of the CETPA, may be implemented that enable a great deal of flexibility and customization. For example, aspects of the may be adapted for monetary and non-monetary transactions. While various embodiments and discussions of the have included Guided Target Transactions and Encrypted Transaction Processing and Verification, however, it is to be understood that the embodiments described herein may be readily configured and/or customized for a wide variety of other applications and/or implementations.
