Block-CITE: A Blockchain-Based Crowdsourcing Interactive Trust Evaluation

Abstract

Industrial trademark examination enables users to apply for and manage their trademarks efficiently, promoting industrial and commercial economic development. However, there still exist many challenges, e.g., how to customize a blockchain-based crowdsourcing method for interactive trust evaluation, how to decentralize the functionalities of a centralized entity to nodes in a blockchain network instead of removing the entity directly, how to design a protocol for the method and prove its security, etc. In order to overcome these challenges, in this paper, we propose the Blockchain-based Crowdsourcing Interactive Trust Evaluation (Block-CITE for short) method to improve the efficiency and security of the current industrial trademark management schemes. Specifically, Block-CITE adopts a dual-blockchain structure and a crowdsourcing technique to record operations and store relevant data in a decentralized way. Furthermore, Block-CITE customizes a protocol for blockchain-based crowdsourced industrial trademark examination and algorithms of smart contracts to run the protocol automatically. In addition, Block-CITE analyzes the threat model and proves the security of the protocol. Security analysis shows that Block-CITE is able to defend against the malicious entities and attacks in the blockchain network. Experimental analysis shows that Block-CITE has a higher transaction throughput and lower network latency and storage overhead than the baseline methods.

1. Introduction

In traditional industrial trademark management systems, trademarks are examined by the centralized trademark management center (TMC), a process that will collect the privacy information of applicants. The TMC is a government agency that is responsible for managing industrial trademarks for enterprises. Even if the TMC is honest and trustworthy, it is vulnerable to being attacked by malicious hackers or other intruders, as it centralizes the trademark information together with applicants’ privacy information. Once the TMC is compromised or becomes malicious, all the information of trademarks and applicants’ privacy information may be leaked [1,2]. Thus, the security of industrial trademark management is of essential practical significance.

Recently, more and more organizations and companies select crowdsourcing as a method to solve various problems, especially in the fields of industry and commerce. Crowdsourcing, proposed by Jeff Howe in [3], is a distributed problem solving method calling for solutions publicly. Generally, there are three entities in the human intelligence-based crowdsourcing, which are requesters, workers, and a centralized crowdsourcing system [4]. Each entity has its own obligations and benefits, and all the entities can be briefly defined as follows: Requesters are nodes who receive services from the crowdsourcing system by submitting requests, retrieving solutions, etc. Workers are nodes who solve the tasks assigned by the crowdsourcing system and gain a reward only if the solution is satisfactory. A centralized crowdsourcing system is responsible for scheduling tasks between the requesters and workers. In the proposed scheme, the crowdsourcing technique can help interactive trust evaluation in the smart contract-based blockchain network, as the crowdsourcing system can call for the solutions of trademark examinations which are auto-performed by workers. As such, the security of the blockchain-based interactive trust evaluation can be further enhanced by the crowdsourcing technique.

However, the results returned by workers in the crowdsourcing system may not meet the requirements of requesters, and there also exist some malicious examiners in the blockchain network. Meanwhile, even though the centralized entity is assumed to be trustworthy, it is still vulnerable to being attacked. Fortunately, emerging blockchain technique are able to provide a more secure and efficient decentralized environment for establishing trust among users [5]. Thus, they have attracted keen interest from many researchers in various fields recently.

Most blockchain-based existing works adopt the single-blockchain structure [6,7,8,9] and address the problem of security vulnerability and unbalanced data access, while some frontier researches have began to explore solutions with a double-blockchain structure. Specifically, the access frequency of different types of data varies, in which separately accessing hot and warm data in two blockchain can reduce overhead and improve performance [10]. Notably, the double-chain structure has unique advantages for solving the problem mentioned above. On the one hand, the confidential information is separated from the transparent information, which thus enhances the security of the proposed scheme. On the other hand, frequently accessed data are separated from the infrequently accessed ones, which thus improves the performance of the proposed scheme. Meanwhile, a double-blockchain structure has been applied in many existing works to improve the performance of systems [11,12,13,14,15].

There are still scenario-specific challenges that hinder the direct application of blockchain to secure and efficient crowdsourcing services for trademark examination, forming the following well-defined research gaps: Firstly, most existing crowdsourcing systems for general fields assume that centralized entities are fully trustworthy, but this assumption fails in trademark examination. The reason is that centralized platforms not only face security risks from unnotarized storage of sensitive trademark data but also cannot be completely removed due to regulatory requirements for audit trails. Thus, a critical research gap lies in decentralizing core functions of centralized entities to blockchain nodes while retaining necessary audit capabilities (i.e., an unaddressed need unique to trademark examination). Secondly, designing a crowdsourcing interactive trust evaluation protocol tailored to the dual-blockchain structure for trademark examination constitutes a distinct gap. That is, current trust protocols target either single-blockchain architectures or general crowdsourcing, lacking adaptation to the dual-chain division of “examination tasks” and “credit records” specific to our trademark system. Additionally, formal security proofs for such scenario-specific protocols (e.g., proving resistance to trademark data tampering during trust evaluation) remain an unmet research need, unlike generic blockchain security proofs. Finally, the performance bottleneck of decentralized storage in trademark examination presents a targeted gap. Specifically, unlike general data, trademark data include high-frequency “pending examination materials” and low-frequency “historical registration records,” and existing data separation techniques fail to account for the legal relevance between these two data types (e.g., ensuring that historical records are quickly retrievable for pending examinations). Thus, there is with urgent need for an appropriate separation technique to mitigate performance degradation in decentralized systems.

In order to deal with the challenges mentioned above, this paper proposes the Blockchain-based Crowdsourcing Interactive Trust Evaluation (Block-CITE) scheme. Block-CITE is able to enhance data security, improve system performance, and increase flexibility for crowdsourcing services. Specifically, in Block-CITE, we constructed two blockchains, namely, TaskChain and RepuChain. The reason for designing a dual-blockchain structure in this paper is mainly derived from the observation that the frequently accessed TaskChain should be separated from the infrequently accessed RepuChain. As such, hot and cold data are separated, which improves the performance of the proposed system. TaskChain is responsible for storing the information of trademark examination tasks, while RepuChain is responsible for storing the reputation of the workers. As such, all nodes in the blockchain network witness the requesters’ ownership of their trademark material, ensuring the security of Block-CITE. Moreover, the dual-chain architecture of TaskChain and RepuChain not only separates hot and cold data to optimize performance but also leverages the decentralized nature of blockchain. Specifically, the allocation and execution process of trademark examination tasks in TaskChain is traceable and immutable, avoiding the risks of task tampering or shirking in traditional centralized systems. Meanwhile, RepuChain automatically records the historical behavior data of examiners through smart contracts, forming a decentralized trust evaluation system that provides a reliable basis for subsequent task allocation. Finally, these features are unique blockchain advantages that are difficult to achieve with traditional database designs.

The brief processes of the trademark examination in the proposed scheme, Block-CITE, are as follows: A requester ${\mathcal{R}}_i$ first makes a deposit and sends a trademark application request to the TMC, together with the encrypted trademark material. Malicious nodes are penalized by forfeiting their deposits, and their behaviors are also recorded by the blockchain. Meanwhile, the hash of the material is appended to TaskChain by ${\mathcal{R}}_i$, in order to prevent denial by the TMC. Upon receiving the request, the TMC selects a qualified worker ${\mathcal{W}}_j$ according to the reputation in RepuChain and generates the corresponding task information. Then, the task information is publicized by being appended to TaskChain. The TMC assigns the task to ${\mathcal{W}}_j$ by sending the materials to ${\mathcal{W}}_j$. After receiving the task, ${\mathcal{W}}_j$ has to finish the trademark examination for ${\mathcal{R}}_i$ before the deadline. Upon finishing the task, ${\mathcal{W}}_j$ packs the result into a solution and send it to the TMC. Meanwhile, the hash of the solution is also appended to TaskChain by ${\mathcal{W}}_j$, in order to prevent denial by the TMC. According to the situation of task completion, the TMC calculates the reward for ${\mathcal{W}}_j$ and compensation for ${\mathcal{R}}_i$ and appends them to TaskChain. Afterwards, the TMC sends the result in the solution to ${\mathcal{R}}_i$. Finally, the TMC and ${\mathcal{R}}_i$ score the reputation for ${\mathcal{W}}_j$, and the reputation is appended to RepuChain. As such, participants can perceive the malicious behaviors of all entities in Block-CITE, including the TMC.

The main contributions of this paper are summarized as follows:

• We propose a Blockchain-based Crowdsourcing Interactive Trust Evaluation (Block-CITE) scheme, which operates in a decentralized way. Unlike previous works, Block-CITE is able to guarantee security by allowing users to take part in the blockchain-based crowdsourcing service without revealing their true identities and storing the hash value of trademark materials and examination results to the blockchain. As such, the ownership of anonymous users for their trademark materials can be guaranteed.
• A concrete scheme is presented in this work, and smart contract are utilized for performing the whole process of the proposed scheme, Block-CITE. As such, the functions of crowdsourcing for trademark examination can be realized without trusting any centralized entity.
• A detailed security analysis of Block-CITE is undertaken in this paper. Specifically, we conduct a simulation on the well-known 51% attack in the blockchain network, and we also provide a theoretical proof of blockchain security. Both the simulation result and the theoretical proof of security show that Block-CITE is secure enough for industrial trademark examination.

The remainder of this paper is organized as follows: Section 2 discusses related works on crowdsourcing and blockchain techniques. Section 3 introduces the preliminaries of bilinear pairing, blockchain, and smart contracts. Section 4 presents the proposed blockchain-based crowdsourcing trademark examination scheme and its security properties. Section 5 provides the security analysis. Section 6 presents simulations and results. Section 7 concludes this paper.

2. Related Works

Crowdsourcing is able to solve problems with some intelligence based on less overhead, and it is widely used in tasks that are different for computers or individuals to finish, such as audio translation, image tagging, etc. In this section, we have reviewed some state-of-the-art works in three primary research domains: centralized crowdsourcing systems, distributed crowdsourcing systems, and blockchain-based crowdsourcing systems.

2.1. Centralized Crowdsourcing Solutions

There exist several crowdsourcing systems that have been developed in a centralized way, such as UpWork, WAZE, and Freelancer. Zhang et al. [16] proposed a reputation-based incentive mechanism to address the false-reporting and free-riding attacks in crowdsourcing. Ni et al. [17] examined the architecture and applications of centralized fog-based vehicular crowdsensing in terms of security, privacy, and fairness. Zhang et al. [18] proposed two centralized mechanisms to tackle free riding and false reporting in crowdsourcing. To ensure that large mobile crowdsensing can more effectively handle sensing tasks for achieving certain coverage under certain constraints, Lu et al. proposed a centralized data-driven crowd worker selection method in mobile crowdsourcing for the industrial IoT [19]. Ma et al. proposed a dynamic sub-cluster privacy-preserving aggregation approach operating in a centralized manner for crowdsourcing industrial virtual areas balancing data benefits and privacy security [20]. However, centralized crowdsourcing solutions may suffer from security issues, e.g., sybil attack and privacy leakage.

2.2. Distributed Crowdsourcing Solutions

Zhang et al. proposed a distributed crowdsourcing system in the delay-tolerant network, aiming at completing a computation task in a collaborative way and achieving the minimal makespan [21]. Yang et al. concentrated on load balancing in a distributed model and proposed a task allocation scheme using social relationships in a crowdsourcing system [22]. Cheung et al. proposed a distributed and asynchronous task selection method in mobile crowdsourcing [23]. Wang et al. proposed a distributed truthful incentive mechanism in mobile crowdsourcing in which auctions can be performed on mobile devices locally [24]. To protect location privacy, Li et al. presented an online crowdsourcing task assignment method in a fully distributed way [25]. Xu et al. proposed a distributed spatial crowdsourcing method to guarantee the scalability and the quality of services (low time latency, etc.) for spatial crowdsourcing systems [26]. However, most of the existing distributed solutions do not actually make the functions of a centralized entity distributed, which is inconsistent with the requirements in our idea.

2.3. Blockchain-Based Crowdsourcing Solutions

Blockchain-based crowdsourcing solutions have been widely utilized to solve insider threats and free-riding or false-reporting issues for industrial applications. Hasan et al. designed a concrete, public-sector DID/KYC framing that one can reference when justifying permissioning choices and compliance in government workflows [27]. AlSobeh et al. use smart contracts and on-chain logic and support the claim that correctness and safety of blockchain workflows benefit from formal modeling/model checking [28]. AlSobeh et al. support runtime observation/monitoring and systematic validation of dynamic protocol paths [29]. Harasees et al. emphasize off-chain encrypted payloads, edge/fog custody, and end-to-end privacy [30]. Regarding security techniques of blockchain applied in crowdsourcing, Li et al. proposed a blockchain-based decentralized framework for crowdsourcing to improve security and availability for users [31]. In terms of trust techniques of blockchain applied in crowdsourcing, Zou et al. proposed a consensus protocol named Proof-of-Trust to deal with inappropriate behaviors derived from the crowdsourcing service networks [32]. Regarding privacy techniques of blockchain applied in crowdsourcing, Yang et al. proposed a blockchain-based privacy protection crowdsourcing system in order to protect the location privacy of staff and increase the success rate of assigned tasks [33]. To ensure crowdsourcing task privacy with transparent and distributed storage, Tong et al. proposed a parallel crowdsourcing method named CHChain in a hybrid blockchain structure [34]. Fu et al. proposed a blockchain-based crowdsourcing scheme with reputation and incentives to resist the security risk derived from the central server and malicious behavior among participants [35]. To avoid the privacy leakage risk derived from untrusted third parties effectively, Wang et al. developed a T-LGEB mechanism based on the blockchain architecture for mobile crowdsourcing systems [36]. Liao et al. proposed a blockchain-based crowdsourcing method to protect the confidentiality of crowdsourcing tasks in transmission and reduce energy consumption of mobile devices for optimizing task assignment [7]. Different from the solutions mentioned above, Block-CITE adopts a double-blockchain structure and smart contracts to enhance security and improve the performance of crowdsourcing interactive trust evaluation services.

3. Preliminaries

3.1. Bilinear Pairing

Let $\mathbb{G}$ be a Gap Diffie–Hellman (GDH) group, and ${\mathbb{G}}_T$ be the other multiplicative cyclic group of prime order p. The bilinear pairing can be described as a map $e:\mathbb{G}\times \mathbb{G}\to {\mathbb{G}}_T$, and it has the following properties:

• Equation $e(x^u,y^v)=e{(x,y)}^{uv}$ holds, where $x,y\in \mathbb{G}$ and $u,v\in {\mathbb{Z}}_p$.
• In polynomial time, there exists an efficient algorithm to compute the bilinearty equation.
• $e(x,y)\ne 1$, in the case where g is a generator of $\mathbb{G}$.

3.2. Blockchain

Blockchain is a well-known backbone technique of Bitcoin which was proposed by Nakamoto in [37]. Recently, it has widely attracted the interest of researchers and engineers in both academia and industry. It now plays an important role in many research fields, because of its characteristics of immutability, transparency, decentralization, etc. In the P2P-based blockchain network, nodes with sufficient computational power can compete for the right to generate a new block as a miner by solving the mathematical puzzle in the consensus mechanism. And the miner can pack the transactions dealt in a consensus epoch into a new block and append the new block to the blockchain.

Generally, there are three kinds of blockchains, which are public blockchains, consortium blockchains, and private blockchains. A public blockchain is maintained by all nodes in the P2P network, in which each node is able to check and verify transactions and take part in the consensus process. Both Bitcoin and Ethereum are classical applications of public blockchains. A consortium blockchain is maintained by some parties, and the nodes with authority can be selected in advance. And the partnerships are usually business to business; for example, multiple banks can build a consortium blockchain to improve security for cross-bank transactions. A private blockchain is owned and controlled by a single entity, which means that not every node can take part in the private blockchain. No matter the type of blockchain, all of them have advantages. Researchers and developers can choose the appropriate type of blockchain based on their requirements.

The blockchain type in the proposed scheme, Block-CITE, is a public blockchain with the Proof-of-Work consensus mechanism, and the simple procedure is as follows: Each node in the blockchain network can issue a transaction and broadcast it to the network. Nodes with sufficient computation power can compete for the right to generate a new block as the miners. The miners collect the transactions in a consensus epoch and then pack the transactions into a block. After a miner generates a new block successfully, the miner broadcasts the new block in the blockchain network. Once they receive the new block, all nodes in the network check the block’s validity and append the new block to the blockchain. Afterwards, the miner can obtain a reward for generating the new block.

3.3. Smart Contract

Smart contracts, proposed by Nick Szabo, have become a hot spot in research because of blockchain 2.0 [38]. Blockchain-based smart contracts are promising in the field of industry and commerce, and they are able to promote many industrial and commercial sectors in various ways. There are two famous platforms supporting smart contracts based on blockchain, namely, Ethereum [39] and Hyperledger [40]. A smart contract stored on the blockchain is a tiny auto-executable program that formulates rights and obligations for participants. Meanwhile, blockchain techniques can provide a secure, decentralized environment for implementing smart contracts. Thus, without a trustworthy third party, a smart contract is able to execute a trusted contract over the public P2P network.

4. Block-CITE: A Blockchain-Based Crowdsourcing Interactive Trust Evaluation Method

4.1. Overview

This paper aims to design a decentralized crowdsourcing system with security, reliability, and efficiency for interactive trust evaluation. As can be seen in Figure 1, taking industrial trademark examination as an example, there are three entities in the proposed scheme, which are the trademark management center, the requester, and the worker. The trademark management center (TMC) is a government agency that is in charge of managing industrial and commercial trademarks for enterprises. Requester nodes, denoted by $\mathcal{R}=\{{\mathcal{R}}_1,{\mathcal{R}}_2,\dots ,{\mathcal{R}}_i,\dots \}$, are nodes with demands for trademark examination to obtain trademark rights. Worker nodes, denoted by $\mathcal{W}=\{{\mathcal{W}}_1,{\mathcal{W}}_2,\dots ,{\mathcal{W}}_j,\dots \}$, are nodes with certain skills in trademark examination that get paid. Miner nodes can be any requester nodes or worker nodes with sufficient computation power to solve the math puzzles of the consensus mechanism.

Before taking part in the proposed system, each node has to make a deposit, because it can efficiently resist sybil attacks, DDoS attacks, false-reporting attacks, and free-riding attacks. Additionally, storing the hashes of task information and reputation information on TaskChain and RepuChain can also resist malicious behaviors, because nobody can deny any behavior that has been recorded on the blockchain. In order to obtain satisfactory crowdsourcing results, the TMC only selects workers whose reputation value is above a dynamically adjusted threshold value. The threshold value is similar to the difficulty number in the Proof-of-Work (PoW) consensus mechanism, which is a system parameter.

As shown in Figure 2, there are two blockchains in Block-CITE, namely, TaskChain and RepuChain. TaskChain stores information about trademark examination tasks, including the anonymous identity of requesters and workers, information about tasks, etc. RepuChain stores the reputation of workers, which is scored by the requesters and the TMC. As blockchain is a decentralized ledger, it is not wise to store too many data on it. We store the hash value of trademark materials on blockchain instead of the materials themselves.

4.2. The Protocol of Block-CITE

The protocol of the proposed scheme can be defined as ∏ = ($Initialization$, $Requesting$, $Receiving$, $Submitting$, $Mining$, $Reward$), and the notations for the protocol are shown in

Table 1. Notations for Protocol.

Symbol	Meaning
n	Total number of nodes in the blockchain network
M	Plaintext of the trademark material
$M_E$	Ciphertext of the trademark material
$m_i$	ith data block of M
$e_i$	Encrypted data block of $m_i$
${\tau }_i$	Digital signature of $e_i$
${\Phi }_i$	Set of ${\tau }_i$
$Info$	Information of a trademark application
$t_i$	ith task of trademark application
$Tasks$	Set of $t_i$
${\mathcal{R}}_i$	ith requester
${\mathcal{W}}_i$	ith worker
$s_i$	Solution of the ith task
$Solutions$	Set of $s_i$
$tas{k}_{\mathrm{on}}$	Number of tasks finished in time
$tas{k}_{\mathrm{over}}$	Number of tasks finished over time
$Payment$	Payment that a task needs to pay
$Rep{u}_r$	Reputation of the worker scored by the requester
$Rep{u}_{\mathrm{TMC}}$	Reputation of the worker scored by the TMC
$b{c}_{head}$	Head of the block at the current epoch
$nonce$	Random number in the blockhead at the current epoch

.

4.2.1. $Initialization(k,g,\alpha ,KeyGen(·),\mathcal{H}(·))\to \left\{SysPar{a}_i\right\}$

Based on elliptic curve cryptography [41,42], each user generates a random key pair $(sp{k}_i,ss{k}_i)\leftarrow KeyGen\left(1^k\right)$ for a digital signature by a bilinear pairing, where k is a random integer. Let g be the generator of the group $\mathbb{G}$. Each user selects a random $\alpha$ in ${\mathbb{Z}}_p$ and calculates $v\leftarrow g^{\alpha }$. As such, the private key of the user is $s{k}_i=(\alpha ,ss{k}_i)$, and the public key of the user is $p{k}_i=(v,sp{k}_i)$. Then, each user generates $add{r}_i\leftarrow \mathcal{H}(p{k}_i\left|\right|\phi )$ as the exclusive address for anonymous communication in the blockchain network, where $1\le i\le n$ and $\mathcal{H}\left(\right)$ is a secure hash function. Moreover, $\phi$ is randomly chosen by the user as a private number and $\phi \in {\mathbb{Z}}_p$. Specifically, $\phi$ is derived from a BIP-39 mnemonic and secured within a hardware security module (HSM) or a trusted execution environment (TEE) on the user’s device, aligning with standard HD wallet practices. This ensures $\phi$ never exposes the full private key hierarchy. Thus, the system parameters for the i-th node can be defined as $SysPar{a}_i=\{p{k}_i,s{k}_i,sp{k}_i,ss{k}_i,add{r}_i,\mathcal{H}\left(\right)\}$.

4.2.2. $Requesting(SysPar{a}_i,M,p{k}_{\mathrm{TMC}})\to \{M_E,{\Phi }_i,h_i\}$

The i-th requester ${\mathcal{R}}_i$ ($1\le i\le n$) encrypts the trademark materials M to $M_E$ by using the public key $p{k}_{\mathrm{TMC}}$ of the TMC and uploads the encrypted materials to the TMC. Specifically, the requester divides M into data blocks $m_j$ ($0<j\le b$, where b is the number of data blocks) with fixed size and encrypts the blocks by using $p{k}_{\mathrm{TMC}}$. Note that $M=\{m_1,m_2,\dots ,m_j,\dots ,m_b\}$ and $M_E=\{e_1,e_2,\dots ,e_j,\dots ,e_b\}$. Then, ${\mathcal{R}}_i$ signs the encrypted data blocks with its $ss{k}_i$ and generates the digital signature ${\tau }_j$, where $0<j\le b$. Note that ${\Phi }_i$ is the set of ${\tau }_j$, i.e., ${\Phi }_i=\{{\tau }_1,{\tau }_2,\dots ,{\tau }_j,\dots ,{\tau }_b\}$. Meanwhile, ${\mathcal{R}}_i$ calculates the hash value of the encrypted materials $M_E$ by $h_i\leftarrow \mathcal{H}\left(M_E\right)$ and uploads $h_i$ to the blockchain. Notably, regarding off-chain storage, we will clarify that mutual evidence ME is stored on a decentralized storage network (IPFS) and the access path is a content identifier (CID). As such, all nodes in the blockchain network can detect whether the encrypted materials stored on the TMC are complete or correct.

4.2.3. $Receiving(M_E,s{k}_{\mathrm{TMC}},sp{k}_i,{\Phi }_i)\to \{Info,Tasks\}$

Once the TMC receives $M_E$, it verifies ${\Phi }_i$ by $sp{k}_i$ of ${\mathcal{R}}_i$ and decrypts $M_E$ to M by its private key $s{k}_{\mathrm{TMC}}$. The TMC generates the information set $Info=\{taskFee,deposit,{\mathcal{W}}_{ID},{\mathcal{R}}_{ID}\}$ for the requester, where ${\mathcal{W}}_{ID}$ and ${\mathcal{R}}_{ID}$ are the IDs of ${\mathcal{W}}_k$ and ${\mathcal{R}}_i$. Then, the TMC calculates the trademark examination fee $taskFee$ and selects a worker ${\mathcal{W}}_k$ according to the worker’s reputation score. ${\mathcal{W}}_k$ submits a deposit $deposit={\displaystyle \frac{taskFee}{2}}$ to the TMC. Finally, the TMC generates the task set $Tasks=\{t_1,t_2,\dots ,t_t,\dots \}$ and appends $Tasks$ to the blockchain, in which $t_t=\{taskID,taskFee,taskDL,taskHash,taskRV,taskTime,taskStatus\}$. Note that $taskDL$ is the deadline of $t_t$, $taskRV$ is the reputation value of ${\mathcal{W}}_j$, and $taskTime$ is the submission time of $t_t$.

4.2.4. $Submitting(M,Tasks)\to \left\{Solutions\right\}$

The TMC encrypts the trademark materials M by the public key of ${\mathcal{W}}_k$. Then, ${\mathcal{W}}_k$ receives and decrypts the materials after paying $deposit$ to the TMC. After finishing the trademark examination, the worker encrypts the solution by the TMC’s public key and returns the solution to the TMC. Note that $Solutions=\{s_1,s_2,\dots ,s_t,\dots \}$, where $s_t=\{solutionID,taskID,result,{\mathcal{W}}_{ID},solutionT,solutionST\}$. $solutionT$ is the time in which ${\mathcal{W}}_k$ returns $s_t$, and $solutionST$ is the status of $s_t$ (i.e., whether the solution is received, verified, or passed). Finally, ${\mathcal{W}}_k$ appends solutions $s_t$ together with hash values $h_t\leftarrow \mathcal{H}\left(s_t\right)$ to the blockchain.

4.2.5. $Reward(Tasks,Solutions)\to \{Rewards,Compens\}$

The workers pay the deposits every time they receive a task. If the worker does not finish the task within the specified time, the TMC does not pay the task fee or refund the deposit. When the task deadline is reached, the reward is $tas{k}_{\mathrm{on}}\times taskFee$, and the deposit that needs to be returned is ${\displaystyle \frac{tas{k}_{\mathrm{on}}\times taskFee}{2}}$, where $tas{k}_{\mathrm{on}}$ is the number of finished tasks and $tas{k}_{\mathrm{over}}$ is the number of unfinished tasks. Additionally, the compensation $Compens$ to the requester should be ${\displaystyle \frac{tas{k}_{\mathrm{over}}\times taskFee}{2}}$. Finally, the TMC appends $h_{t_r}\leftarrow \mathcal{H}\left(Rewards\right)$ and $h_{t_c}\leftarrow \mathcal{H}\left(Compens\right)$ for task $t_t$ to the blockchain.

4.2.6. $Mining(nonce,b{c}_{head})\to \{Repus,block\}$

The TMC allows requesters to score the examination results as $Rep{u}_r$, and the TMC also scores the results as $Rep{u}_{\mathrm{TMC}}$. Then, the scores are publicized by being uploaded to the blockchain as workers’ reputation $Repus=\{Rep{u}_r,Rep{u}_{\mathrm{TMC}}\}$. Finally, the reputation $Repus$ of workers can be updated on the blockchain by the miner. Specifically, the miner in a consensus epoch gathers the information of the crowdsourcing task, the reputation of workers, the hashes of trademark material, etc., during the epoch. $nonce$ is a random number in the blockhead $b{c}_{head}$, and the miner enumerates $nonce$ to obtain a hash value h by $h\leftarrow \mathcal{H}\left(nonce\right|\left|b{c}_{head}\right)$. Once h is satisfied with the difficulty requirement of the consensus mechanism (e.g., the number of leading 0s of the Proof-of-Work consensus mechanism), the miner can issue a new $block$ containing the gathered information.

4.3. Smart Contracts for Block-CITE

In order to formalize the Block-CITE protocol, we provide the algorithm of smart contracts for Block-CITE so that readers can understand the details of Block-CITE clearly and easily. There are 5 algorithms, which are Initialization, Requesting, Receiving, Submitting, and Reward Paying. These smart contracts are issued to the blockchain and automatically run by the nodes. All the contracts and the results are also recorded on the blockchain.

4.3.1. Initialization Contract

As shown in Algorithm 1, this contract initializes the system parameters for each node, in which requesters and workers can take part in the system anonymously without being assigned any identity. Specifically, the requesters and workers can generate their key pairs for encryption and digital signing locally. They can also communicate with each other through the P2P network wallet address in the blockchain. The address of each node is produced by generating the hash with the public key and a random integer. This is more secure than traditional industrial trademark examination schemes, because the address does not include any information about the nodes.

Algorithm 1 Initialization.

Input: random integer k, group generator g, random integer $\alpha$, key generation function $KeyGen\left(\right)$, secure hash function $\mathcal{H}\left(\right)$ Output:  $SysPar{a}_i$ Begin 1: There are n nodes in the blockchain network; 2: if the i-th node is unregistered then 3:      ($sp{k}_i$, $ss{k}_i$) ←$KeyGen\left(1^k\right)$; 4:      $v\leftarrow g^{\alpha }$; 5:      $s{k}_i$ = ($\alpha$, $ss{k}_i$); 6:      $p{k}_i$ = (v, $sp{k}_i$); 7:      $add{r}_i\leftarrow \mathcal{H}(p{k}_i\left|\right|\phi )$ and $\phi \in {\mathbb{Z}}_p$; 8:      $SysPar{a}_i=\{p{k}_i,s{k}_i,sp{k}_i,ss{k}_i,add{r}_i,\mathcal{H}\left(\right)\}$; 9: else 10:     go final; 11: end if 12: release $p{k}_i$, $sp{k}_i$, $add{r}_i$ to the blockchain network; 13: final; 14: return  $SysPar{a}_i$ End

4.3.2. Requesting Contract

As shown in Algorithm 2, this contract allows requesters to launch requests to the TMC for trademark examinations. Specifically, the requesters encrypt the trademark materials by $p{k}_{\mathrm{TMC}}$ and sign the encrypted materials with their private key for a digital signature. Then, the requesters hash the encrypted materials and append the hash values to TaskChain.

Algorithm 2 Requesting.

Input: System parameter $SysPar{a}_i$, plaintext of trademark material M, public key of TMC $p{k}_{\mathrm{TMC}}$ Output: Ciphertext of trademark material $M_E$, the set of digital signature ${\Phi }_i$, hash value h Begin 1: There are b data blocks of M; 2: $M=\{m_1,m_2,\dots m_j,\dots ,m_b\}$; 3: Requester ${\mathcal{R}}_i$ lauch a request to TMC; 4: $M_E\leftarrow M$ by $p{k}_{\mathrm{TMC}}$; 5: $ss{k}_i\leftarrow SysPar{a}_i$; 6: for  $0<j<b$  do 7:       $e_j\leftarrow m_j$ by $p{k}_{\mathrm{TMC}}$; 8:       ${\tau }_j\leftarrow e_j$ by $ss{k}_i$; 9:       ${\mathcal{R}}_i$ append ${\tau }_j$ to ${\Phi }_i$; 10: end for 11: $M_E=\{e_1,e_2,\dots e_j,\dots ,e_b\}$; 12: $\mathcal{H}\left(\right)\leftarrow SysPar{a}_i$ 13: $h_i\leftarrow \mathcal{H}\left(M_E\right)$; 14: ${\mathcal{R}}_i$ appends $h_i$ and ${\Phi }_i$ to blockchain; 15: ${\mathcal{R}}_i$ uploads $M_E$ to the TMC; 16: final; 17: return $M_E$, ${\Phi }_i$, $h_i$ End

4.3.3. Receiving Contract

As shown in Algorithm 3, this contract allows the TMC to create trademark examination tasks for requests from the requesters and assign the tasks to the qualified workers appropriately. Specifically, the TMC can verify the digital signature of the encrypted materials by the public signature key of requesters and decrypt the material by its own private key $s{k}_{\mathrm{TMC}}$. Then, the TMC generates the task set according to the information of the requesters and workers and append the task information to TaskChain. Finally, according to the task information, the TMC sends the trademark materials encrypted by the public key of the selected worker.

Algorithm 3 Receiving.

Input: Ciphertext of the trademark material $M_E$, private key of the TMC $s{k}_{\mathrm{TMC}}$, public signature key of the requester $sp{k}_{\mathcal{R}}$, the set of digital signature $\Phi$ Output: Transactions information $Info$, the set of tasks $Tasks$ Begin 1: TMC verifies ${\Phi }_i$ by $sp{k}_i$ of ${\mathcal{R}}_i$; 2: $M\leftarrow M_E$ by $s{k}_{\mathrm{TMC}}$; 3: TMC calculates the trademark examination fee $taskFee$; 4: TMC selects a worker ${\mathcal{W}}_j$ according to ${\mathcal{W}}_j$’s reputation; 5: $Info=\{taskFee,deposite,{\mathcal{W}}_{ID},{\mathcal{R}}_{ID}\}$; 6: $deposite= taskFee/2$; 7: ${\mathcal{W}}_j$ submits $deposite$ to TMC; 8: TMC generate $t_t=\{taskID,taskFee,taskDL,taskHash,taskRV,taskTime,taskStatus\}$; 9: $Tasks=\{t_1,t_2,\dots ,t_t,\dots \}$; 10: final; 11: return $Info$, $Tasks$ End

4.3.4. Submitting Contract

As shown in Algorithm 4, this contract allows workers to submit their examination results to the TMC before the deadline of the tasks. Specifically, the workers receive the encryted materials and decrypt the material by their own private key. Once the workers finish the trademark examination, they generate solutions including the results for the tasks. Then, the workers encrypt the solutions by $p{k}_{\mathrm{TMC}}$ and return the solutions to the TMC. Finally, the workers append the solutions to the blockchain together with the hash values of the solutions.

Algorithm 4 Submitting.

Input: Plaintext of the trademark material M, the set of task $Tasks$ Output: the set of solution $Solutions$ Begin 1: TMC encrypts M to $M_E$ by the public key of ${\mathcal{W}}_k$; 2: ${\mathcal{W}}_k$ pays $deposite$ to TMC; 3: ${\mathcal{W}}_k$ receives and decrpyts $M_E$ to get M; 4: ${\mathcal{W}}_k$ finishes the trademark examination; 5: ${\mathcal{W}}_k$ generates $s_t=\{solutionID,taskID,result,{\mathcal{W}}_{ID},solutionT,solutionST\}$; 6: $Solutions=\{s_1,s_2,\dots ,s_t,\dots \}$; 7: final; 8: return  $Solutions$ End

4.3.5. Reward Paying Contract

As shown in Algorithm 5, this contract allows the TMC to pay the rewards or refund the deposits to workers or requesters. Specifically, the TMC computes the rewards for workers and compensation for requesters according to the situation of task completion. Then, the TMC calculates the hash values $h_{t_r}$ of rewards and $h_{t_c}$ of compensations. Finally, the TMC appends $h_{t_r}$ and $h_{t_c}$ to TaskChain.

Algorithm 5 Reward Paying.

Input: The set of task $Tasks$, the set of solution $Solutions$ Output: Rewards to worker $Rewards$, compensation to requester $Conpens$ Begin 1: for $t_t$ in $Tasks$ do 2:       if $t_t$ is finished in time then 3:            $tas{k}_{\mathrm{on}}$ + 1; 4:       else 5:            $tas{k}_{\mathrm{over}}$ + 1; 6:       end if 7: end for 8: $Reward\leftarrow tas{k}_{\mathrm{on}}\times taskFee$; 9: $deposite\leftarrow {\displaystyle \frac{tas{k}_{\mathrm{on}}\times taskFee}{2}}$; 10: $Conpens\leftarrow {\displaystyle \frac{tas{k}_{\mathrm{over}}\times taskFee}{2}}$; 11: final; 12: return $Rewards$, $Conpens$ End

5. Security Analysis

In this section, we provide the security analysis of the proposed scheme.

5.1. Setup

Similar to existing works on blockchain systems, this study divides time into consecutive epochs in the proposed scheme [31,43]. The generation of a new block means the start of the new epoch and the end of the previous epoch. The transactions among nodes occur continuously and independently at a constant average rate. Both TaskChain and RepuChain are public chains and adopt the PoW mechanism as the consensus mechanism. In this section, we provide a security analysis of the PoW-based blockchain network in the proposed scheme. The security analysis is applicable to both TaskChain and RepuChain.

All nodes in the blockchain network only recognize the longest chain as the valid chain, and the probability of nodes generating a new block is proportional to their computation power (e.g., hashing power in a PoW-based blockchain network). As such, the attacker who owns more than half of the computation power can launch a 51% attack (widely accepted in [1]) to forge the longest chain.

Considering the extreme situation in the proposed scheme, we assume that the attacker owns more than half of the computation power in the blockchain network. Let z be the number of blocks by which the attacker lags behind the longest chain. We provide a simulation of the probability that the attacker can catch up to the longest chain with different computation power rates. As shown in Figure 3, with the decrease in the computation rate of the attacker (i.e., from 95% to 51%), the probability of attackers catching up to the longest chain drops sharply. For example, when $z=6$ and the computation rate of the attacker is 51%, the probability is 0.0004%. However, z is actually much larger than 6, and the computation rate of the attacker is much less than 51% in reality. Thus, the PoW consensus mechanism is secure enough for the proposed scheme.

5.2. Threat Model

All nodes in the proposed scheme are assumed to be honest but curious, and they attempt to obtain extra information of other nodes whenever there is a chance. Thus, requesters, workers, and the TMC are considered to be semi-trusted. Malicious requesters and workers have different goals, aiming at maximizing their own profits. The proposed scheme considers the extreme situation whereby all nodes (including requesters and workers) in the proposed scheme can participate in mining. The malicious entities and their malicious behaviors in Block-CITE are introduced as follows.

5.2.1. Malicious Requesters

Malicious requesters can launch a false-reporting attack [18] by making a false report on purpose, to obtain the results without losing their deposits. However, the hashes of the task and reputation are stored on the blockchain with a timestamp. Thus, the proposed scheme, Block-CITE with blockchain, is able to resist malicious requesters efficiently.

5.2.2. Malicious Workers

Malicious workers can launch a free-riding attack [18] by obtaining rewards without any effort. Specifically, malicious workers may return a random result directly without doing anything. However, the TMC and requesters check and score the results from the worker, and the hashes of the results are also stored on the blockchain. Free-riding behaviors lead to the loss of deposits for a malicious worker. Thus, the proposed scheme, Block-CITE with blockchain, is able to resist malicious workers efficiently.

5.2.3. Malicious Miners

Miners in a blockchain network can be any nodes with sufficient computation power, and miners try to obtain more benefits because they have the opportunity to generate a new block. Specifically, malicious miners can fork a longer chain by launching a 51% attack or collude with other malicious workers or requesters to interfere with the execution of smart contracts. Moreover, the simulation of security analysis in Section 5.1 and Figure 3 has shown that Block-CITE with the PoW consensus mechanism is secure enough. Thus, the proposed scheme, Block-CITE with blockchain, is able to resist malicious miners with an overwhelming probability.

5.3. Blockchain Security

In this subsection, we provide the formal security analysis of the proposed scheme, Block-CITE. The notations for the security analysis can be seen in

Table 2. Notations for Security Analysis.

Symbol	Meaning
n	Number of total nodes
$ϵ$	Percentage of malicious nodes
s	Probability of a miner providing a PoW solution
$\lambda$	Average time latency to accept the new block for a miner
z	Number of blocks that malicious node lags behind the longest chain
c	Computation times in a round
T	Current time
P	Computation power of honest nodes
Q	Computation power of malicious nodes
$P_h$	Probability of honest nodes generating a new block
L	Lower bound of the probability that honest nodes generate the new block in a round
$\widehat{P}$	Number of blocks mined by honest nodes
$\widehat{Q}$	Number of blocks mined by malicious blocks

.

Theorem 1.

For any time t, the probability that the malicious nodes generate a new block and fork the blockchain in Block-CITE is at most $e^{-{\left(\frac{\theta }{\lambda }\right)}^2(T-t)}$.

Proof. 

Assume that there are totally n nodes in the blockchain network and the percentage of malicious nodes is $ϵ$. In the proposed scheme, the probability s of a miner (no matter whether honest or malicious) providing a PoW solution follows the exponential distribution, as transactions occur continuously and independently at a constant average rate. The probability s can be represented as follows:

$$s=1-e^{-\frac{\theta }{\lambda }},$$

(1)

where $\lambda$ is the average time latency for a miner to accept the new block and $\theta$ is the expiry time for the miner to accept the new block. Additionally, the probability of a miner providing a PoW solution (i.e., generate a new block) is proportional to the computing power (i.e., hashing power) of the miner. Let c be the computation times of all nodes in an epoch; then, the computation power of an honest node can be presented as follows:

$$P=(1-ϵ)ncs.$$

(2)

And the computational power of malicious nodes can also be represented as follows:

$$Q=ϵncs.$$

(3)

When an honest node becomes the miner, it only accepts one new block in an epoch, no matter how many new blocks are generated in the epoch. However, when a malicious node becomes the miner, it withholds the new blocks instead of broadcasting them to the blockchain network. As such, according to Equations (1)–(3), the probability of honest nodes generating a new block can be presented as follows:

$$\begin{array}{cc}\hfill P_h& =1-{(1-s)}^{(1-ϵ)ns}\hfill \\ \hfill & =1-e^{-\frac{\theta }{\lambda }(1-ϵ)n(1-e^{-\frac{\theta }{\lambda }})}.\hfill \end{array}$$

(4)

Assume that L is the lower bound of the probability that honest nodes generate a new block in an epoch. That is, at any time t, the equation

$$P_h=1-e^{-\frac{\theta }{\lambda }(1-ϵ)n(1-e^{-\frac{\theta }{\lambda }})}\ge L.$$

(5)

holds, according to Equation (4). Let $\widehat{P}$ denote the number of blocks mined by honest nodes and $\hat{Q}$ denote the number of blocks mined by malicious nodes. We have the following equation based on Equation (5):

$$\widehat{P}=P_h·c\ge L·c.$$

(6)

According to the Chernoff bounds [44], we have the following equations:

$$Pr[\widehat{Q}\ge {\displaystyle \frac{\theta }{\lambda }}(1+{\displaystyle \frac{\theta }{\lambda }})Q·(T-t)]\le e^{-{(\frac{\theta }{\lambda })}^2(T-t)},$$

(7)

$$Pr[\widehat{P}\le (1+{\displaystyle \frac{\theta }{\lambda }})P·(T-t)]\le e^{-{(\frac{\theta }{\lambda })}^2(T-t)}.$$

(8)

According to Equations (6)–(8), we have the following equation under overwhelming probability:

$$\begin{array}{cc}\hfill \widehat{P}& \ge (1+{\displaystyle \frac{\theta }{\lambda }})P·(T-t)\hfill \\ \hfill & \ge (1+{\displaystyle \frac{\theta }{\lambda }})L·(T-t)\hfill \\ \hfill & >{\displaystyle \frac{\theta }{\lambda }}(1+{\displaystyle \frac{\theta }{\lambda }})Q·(T-t)\hfill \\ \hfill & >\widehat{Q}.\hfill \end{array}$$

(9)

Finally, it can be concluded that the probability for the chain maintained by malicious nodes catching up with the chain maintained by honest nodes is exponentially small in t. □

6. Performance Analysis

In this section, we provide performance analysis in terms of average transaction throughput, average transaction delay, and storage overhead for the proposed scheme.

6.1. Setup

Experiments were conducted on a workstation running a Windows 10 system with Intel(R) Core(TM) i7-8700 CPU @ 3.20 GHz, 16 GB of RAM, a 256 GB SSD, and a 1 TB HDD. Referring to the existing works on blockchain simulation framework in [45,46], etc., we implemented the prototype of the proposed scheme, Block-CITE, and baselines by using the Python programming language, version 3.8, in the PyCharm IDE of the 2020.1.3 Community Edition. Moreover, Block-CITE adopts SHA-256 for hashing and ECDSA with the secp256k1 curve for digital signatures. SHA-256 balances security and efficiency for transaction hashing, while ECDSA reduces on-chain storage via compact keys.

The experimental methodology in this section is similar to that described in the existing works [45,46], etc. Specifically, the experiments were conducted based on Hyperledger Fabric with Docker, in which we implemented the baselines of trademark examinations (a) with double blockchains (the proposed scheme, Block-CITE) and with a single blockchain, (b) with blockchain (the proposed scheme, Block-CITE), and without blockchain. Furthermore, we provide the performance analysis of the above baselines in terms of average transaction throughput, average transaction latency, and storage overhead. Each of the experimental results was averaged over 10 random instances, focusing on the trademark examination processes, with the same hyperparameters (i.e., the generation rate of transactions, the maximum size of the transactions pool, etc.), and the trademark in the experiments adopted a uniformly formatted image in a 2 MB (2048 KB) size. Moreover, the number of transactions, requesters, and workers was set to be the same in each round of the experiment.

The proposed protocol is blockchain-agnostic, and its core mechanisms (e.g., dual-chain data separation and smart contract-based trust evaluation) are designed to be adaptable to both public (PoW/PoS) and permissioned (e.g., Fabric) blockchains, with platform-specific components (e.g., consensus and access control) being modularly adjustable. The reason is that enterprise-level trademark examination requires strict access control to protect sensitive trademark data like original design drafts, efficient consensus, and regulatory compliance, all of which align with Fabric’s permissioned architecture, endorsement policy, and privacy features, making it more suitable for real-world enterprise deployment than public blockchains.

6.2. Transaction Throughput

Transaction throughput per second (TPS) is an essential indicator of the performance of blockchain-based systems. The TPS of Block-CITE is the ratio of the transaction number to the processing time for the transaction. We conducted two experiments on the average transaction throughput in the range of [50, 500] with 50 intervals and in the range of [500, 6000] with 500 intervals. As shown in Figure 4, the proposed scheme, Block-CITE with double blockchains, outperforms the trademark examination scheme with a single blockchain in terms of TPS. The TPS of Block-CITE is higher than that of the trademark examination scheme with a single blockchain by 63.1372% and 64.708% on average in the ranges of [50, 500] and [500, 6000], respectively.

The TPS of the baseline with a single-blockchain structure is more stable than that of the baseline with a double-blockchain structure, because the two blockchains (i.e., TaskChain and RepuChain) rely on each other. Specifically, the TMC needs to query the reputation of workers on RepuChain before creating a task for a requester, and both the TMC and the requester need to score the reputation of the worker after the task is finished and recorded on TaskChain. In the double-blockchain structure, the transaction number of each blockchain is lower than that in the single-blockchain structure. As such, under the premise of the same number of transactions, the time for backtracking transaction records in the double-blockchain structure will be less than that in the single-blockchain structure. Moreover, less time means that more transactions can be dealt with in a time interval, which means that the transaction throughput will be higher. Thus, the time for backtracking transaction records in Block-CITE with double blockchains will be much less than that in the trademark examination scheme with a single blockchain.

6.3. Transaction Delay

Network delay is also an essential indicator for a blockchain-based system, and the average transaction delay is the network delay per transaction in the blockchain network. The transaction delay of a transaction in this section is the summary of creation time, reception time, and insertion time of the transaction. We first conduct a simulation of average transaction delay in terms of the double-blockchain structure (i.e., the proposed scheme, Block-CITE) and the single-blockchain structure. Then we also further explore the average transaction delay in the larger blockchain network with at least 500 nodes and at most 6000 nodes. As shown in Figure 5, Block-CITE with double blockchains outperforms the trademark examination scheme with a single blockchain in terms of average transaction delay. And the TPS of Block-CITE is lower than that of the trademark examination scheme with a single blockchain by 63.6611% and 64.7193% on average in the ranges of [50, 500] with 50 intervals and [500, 6000] with 500 intervals, respectively.

The average transaction delay of the single-blockchain structure is still more stable than that of the double-blockchain structure. However, Block-CITE with a double-blockchain structure has lower transaction latency, because the double-blockchain structure diverts the network traffic of task information and reputation information. In the trademark examination scheme with a single-blockchain structure, the network traffic of the task information and reputation information is generated at the same time, which leads to a higher transaction delay. Moreover, the time for backtracking transaction records (i.e., task records and reputation records) in Block-CITE with a double-blockchain structure is lower than that in the single-blockchain structure. As the number of transactions in two blockchains is less than that in one blockchain, the transactions are divided into two parts and stored in two blockchains. In addition, the generation of a task needs to query the reputation values on RepuChain, while the evaluation of the reputation values requires to completion of the task in TaskChain. Thus, the diversion of network traffic and the less backtracking time (i.e., the faster transaction query speed) can efficiently reduce the transaction delay.

6.4. Storage Overhead

As the blockchain is a decentralized ledger, the storage overhead will influence the performance significantly. The trademark image in the simulation is in a uniform format, while the storage overhead in Block-CITE indicates the additional storage space generated during the trademark examination process. As shown in Figure 6, Block-CITE with blockchain outperforms the centralized trademark examination scheme without blockchain in terms of storage overhead. Specifically, the storage overhead of Block-CITE is lower than that of the centralized trademark examination scheme without blockchain by 42.6606% in the range of [500, 5000] with 500 intervals, on average.

The storage overhead of Block-CITE is derived from the decentralized storage of the double blockchains, while the storage overhead of the centralized trademark examination scheme is derived from the centralized storage of the TMC. In Block-CITE, each node keeps a local copy of TaskChain and RepuChain and stores information (including the hash values) about the tasks and reputation. In the centralized trademark examination scheme without blockchain, the TMC has to centrally store the information of identities for all nodes, the information of tasks, and the information of workers’ reputation. The reason why Block-CITE has a lower storage overhead than the scheme without blockchain is mainly because all the nodes in the centralized trademark examination have to communicate with the centralized TMC, which leads to additional information for the TMC and nodes. Finally, the performance improvement is significant, as the extract overhead can be ignored, although the additional implementation complexity or operational overhead of the double-blockchain structure is higher than that of the single-blockchain structure.

7. Conclusions

This paper proposes the Blockchain-based Crowdsourcing Interactive Trust Evaluation (Block-CITE) method with two blockchains, namely, TaskChain and RepuChain. In Block-CITE, requesters make a deposit and launch a request to the TMC for a trademark application. The TMC selects qualified workers according to their reputation and generates task information. The TMC sends the trademark materials to the workers, and the workers have to return solutions before the deadline. After the TMC receives the solutions, the TMC sends the results to the requesters and computes the reward for the workers and compensation for the requesters. According to the situation of task completion, the TMC and the requesters can score the reputation of the workers. Moreover, all hashes of task information and the reputation of workers are stored on TaskChain and RepuChain, respectively, as proofs to prevent malicious behaviors. Then, a detailed security analysis is presented by conducting a simulation on the 51% attack in the blockchain network and providing a theoretical proof of blockchain security. Finally, several experiments were conducted on industrial trademark examination schemes with blockchain or without blockchain, with a single blockchain or with a double blockchain. Experimental results show that Block-CITE outperforms other baselines in transaction throughput, transaction delay, and storage overhead. Last but not least, based on the promising results of Block-CITE, future work will focus on designing a more efficient cross-chain communication protocol to further reduce the operational overhead introduced by the dual-blockchain architecture.