Compared to JZ's patent-awarded private smart contract and private ledger mechanism, this approach does not change the tech stack of the public/consortium blockchain; only a public mediator smart contract is deployed there. This public mediator smart contract can be shared by all private smart contracts of the public/consortium blockchain, or not (e.g. if interaction with public smart contracts before or after the call to the private smart contract is needed).
sequenceDiagram
participant owner
participant sender
participant httpd/msgbus
box public_blockchain
participant mediator
end
box private_stakeholder
participant facilitator
participant executor
participant private_smart_contract
end
owner -->> private_smart_contract: deploy private smart-contract to each stakeholder oob
owner -->> mediator: create(sender_signer_pubk, []stakeholder_pubk, consensus_policy).
sender -->> sender: create cleartext content for tx1
sender -->> sender: generate nonce and symmetric key sk, which will be protected via ECIES (Elliptic Curve Integrated Encryption Scheme)
sender -->> sender: encrypt clear text to ciphertext using sk and nonce
sender -->> sender: generate a ephemeral ecc key pair eph_sk /eph_sk
sender -->> sender: [for each stakeholder with i_pk ] derive kek_i = ECDH(eph_sk, i_pk], use kek_i and nonce_i to (AEAD) encrypt sk+uri into kwrap_i & nonce_i
sender -->> httpd/msgbus: upload ciphertext @ /data/{sha3(ciphertext)}
sender -->> mediator: tx = {sender_cert, sha3(ciphertext), nonce, eph_pk, [kwrap_i, nonce_i]}
mediator -->> mediator: check sender cert, emit PrivateTX_INIT(mediator_addr, sha3(ciphertext))
mediator -->> facilitator: received PrivateTX event
facilitator -->> facilitator: generate kek_i = ECDH(eph_pk, i_sk), use it and nonce_i to decript kwrap_i to get sk+uri
facilitator -->> httpd/msgbus: retrieve ciphertext from uri after stakeholder authentication
facilitator -->> facilitator: using sk to decript ciphertext to get cleartext
facilitator -->> facilitator: create tx2 with cleartext as calldata
facilitator -->> executor: tx2
executor -->> private_smart_contract: execute tx2
executor -->> facilitator: emit per-contract state r/w event locally
facilitator -->> facilitator: create tx3: (sha3(ciphertext), old_state_root, new_state_root))
facilitator -->> mediator: tx3
mediator -->> mediator: after reaching consensus, emit PrivateTX_FINI(mediator_addr, sha3(ciphertext), status)
mediator --> facilitator: receiving PrivateTX_FINI. if YES, do nothing. If NO, continue
facilitator -->> executor: revert effect of tx2
Note (1) : There are as many tx3s as the number of stakeholders (nodes that have the private smart contract deployed). it can be one tx3 if one stakeholder collects result signatures from other stakeholders using out of chain transport and submit on behalf of all stakeholders of the private smart contract; using BLS can make the size of tx3 very small.
Note (2): ZK prover is optional, as each private smart constract has its consensus strategy defined and honored.
Note (3): Sensitive data for private transactions to the private smart contract can be via webservice, httpd, msgbus or other means, and it can be pre-populated to the stakeholders' nodes before a private transaction reaches the stakeholders' nodes. This can apprarently reduce the overall latency of the private transactions.