CPC G06Q 20/3829 (2013.01) [G06Q 20/0658 (2013.01); G06Q 20/38215 (2013.01); G06Q 20/401 (2013.01); G06Q 20/4016 (2013.01); H04L 9/50 (2022.05)] | 17 Claims |
1. A method for managing user authorization for blockchain-based transactions by a plurality of entities in a consortium via a negative certificate, the method comprising:
receiving, by a negative certificate management circuit of a negative certificate authority computing system from an entity computing system associated with a first entity of the plurality of entities in the consortium, an authorization restriction associated with an untrusted user and an IP address of the entity computing system, the authorization restriction comprising a first restriction collection and a second restriction collection, the first restriction collection associated with the first entity and a second entity of the plurality of entities, the second restriction collection associated with the first entity and not associated with the second entity;
generating, by the negative certificate management circuit, a negative certificate for the untrusted user, the negative certificate comprising a first pointer to the first restriction collection, a second pointer to the second restriction collection, and an untrusted user identifier identifying the untrusted user, wherein a digital signature management circuit of the negative certificate authority computing system signs the negative certificate;
generating, by the contributor management circuit of the negative certificate authority computing system, a private key, a public key, and a unique cryptographically generated address associated with the first entity, the unique cryptographically generated address generated based on the public key and the IP address of the entity computing system;
storing, by the contributor management circuit, the public key associated with the first entity in a contributor vault and the unique cryptographically generated address in a secure contributor record;
verifying, by the digital signature management circuit, at least a portion of the unique cryptographically generated address matches the IP address of the entity computing system;
signing, by the digital signature management circuit, at least one restriction of the first restriction collection using a private key associated with the first entity;
determining, by the negative certificate management circuit, that at least a threshold number from the plurality of entities in the consortium approved the authorization restriction;
receiving, by a transaction clearance management circuit of the negative certificate authority computing system, a requested blockchain transaction from a pre-validation pool associated with a blockchain, the blockchain transaction comprising a verification attribute corresponding to at least one aspect of the blockchain transaction;
determining, by the transaction clearance management circuit and based on the first pointer, the second pointer, and at least one of the verification attribute or the untrusted user identifier of the negative certificate, that the requested blockchain transaction is associated with the untrusted user; and
in response to determining that the requested blockchain transaction violates at least one of the first restriction collection or the second restriction collection, writing, by the transaction clearance management circuit, the requested blockchain transaction to a quarantine blockchain communicatively coupled to the transaction clearance management circuit, the quarantine blockchain different from the blockchain.
|