[feat] ticket transfer history, 양도 이력 기록

* feat: ticket transfer history, 양도 이력 기록

* feat: ticket양도 기능 테스트코드 추가

* feat: 티켓 양도 이력 무결성 검증을 위한 merkle root계산 로직 구현

* feat: merkle 수동 검증용 service구현, 엔드포인트는 의도적으로 추가하지 않음

Author: gksdud1109

backend/src/main/java/com/back/api/ticket/service/MerkleAnchorService.java

@@ -0,0 +1,72 @@
+package com.back.api.ticket.service;
+
+import java.util.List;
+
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import com.back.domain.ticket.entity.TicketTransferHistory;
+import com.back.domain.ticket.repository.TicketTransferHistoryRepository;
+import com.back.global.utils.MerkleUtil;
+
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+
+/**
+ * 티켓 양도 이력 Merkle Root 검증 서비스
+ *
+ * 블록체인의 핵심 원리(위변조 감지)를 차용하여
+ * 데이터 무결성 검증 기능을 제공합니다.
+ *
+ * 사용 시나리오:
+ * - 문제 발생 시 특정 티켓의 양도 이력 무결성 검증
+ * - Loki에 기록된 Merkle Root와 현재 DB 상태 비교
+ *
+ * 프로덕션 환경 / 추가 구현 시에 해당 서비스 활용해서 양도 이력 검증 구현
+ */
+@Service
+@RequiredArgsConstructor
+@Slf4j
+public class MerkleAnchorService {
+
+	private final TicketTransferHistoryRepository transferHistoryRepository;
+
+	// 특정 티켓의 현재 Merkle Root 계산
+	@Transactional(readOnly = true)
+	public String computeTicketMerkleRoot(Long ticketId) {
+		List<TicketTransferHistory> histories =
+			transferHistoryRepository.findByTicketIdOrderByTransferredAtDesc(ticketId);
+
+		if (histories.isEmpty()) {
+			return "";
+		}
+
+		List<String> hashes = histories.stream()
+			.map(TicketTransferHistory::computeHash)
+			.toList();
+
+		return MerkleUtil.buildRoot(hashes);
+	}
+
+	/**
+	 * 특정 티켓의 Merkle Root 검증
+	 * Loki에 기록된 expectedRoot와 현재 DB 상태 비교
+	 *
+	 * @param expectedRoot Loki에서 가져온 예상 Merkle Root
+	 */
+	@Transactional(readOnly = true)
+	public boolean verifyTicketHistory(Long ticketId, String expectedRoot) {
+		String currentRoot = computeTicketMerkleRoot(ticketId);
+
+		boolean isValid = currentRoot.equals(expectedRoot);
+
+		if (!isValid) {
+			log.warn("[MERKLE_VERIFY_FAILED] ticketId={}, expected={}, actual={}",
+				ticketId, expectedRoot, currentRoot);
+		} else {
+			log.info("[MERKLE_VERIFY_SUCCESS] ticketId={}, root={}", ticketId, currentRoot);
+		}
+
+		return isValid;
+	}
+}

backend/src/main/java/com/back/api/ticket/service/TicketService.java

@@ -13,14 +13,17 @@
 import com.back.domain.event.repository.EventRepository;
 import com.back.domain.ticket.entity.Ticket;
 import com.back.domain.ticket.entity.TicketStatus;
+import com.back.domain.ticket.entity.TicketTransferHistory;
 import com.back.domain.ticket.repository.TicketRepository;
+import com.back.domain.ticket.repository.TicketTransferHistoryRepository;
 import com.back.domain.user.entity.User;
 import com.back.domain.user.repository.UserRepository;
 import com.back.global.error.code.CommonErrorCode;
 import com.back.global.error.code.EventErrorCode;
 import com.back.global.error.code.TicketErrorCode;
 import com.back.global.error.exception.ErrorException;
 import com.back.global.observability.metrics.BusinessMetrics;
+import com.back.global.utils.MerkleUtil;
 
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
@@ -34,6 +37,7 @@
 public class TicketService {
 
 	private final TicketRepository ticketRepository;
+	private final TicketTransferHistoryRepository transferHistoryRepository;
 	private final UserRepository userRepository;
 	private final EventRepository eventRepository;
 	private final SeatService seatService;
@@ -220,6 +224,42 @@ public void transferTicket(Long ticketId, Long userId, String targetNickname) {
 		User target = userRepository.findByNickname(targetNickname)
 			.orElseThrow(() -> new ErrorException(TicketErrorCode.TRANSFER_TARGET_NOT_FOUND));
 
+		Long fromUserId = ticket.getOwner().getId();
+
+		// 양도 처리
 		ticket.transferTo(target);
+
+		// 양도 이력 저장
+		TicketTransferHistory history = TicketTransferHistory.record(ticketId, fromUserId, target.getId());
+		transferHistoryRepository.save(history);
+
+		// Merkle Root 앵커링 (Loki로 전송됨)
+		anchorTransferHistory(ticketId, history);
+
+		log.debug("[Ticket Transfer] ticketId={}, from={}, to={}", ticketId, fromUserId, target.getId());
+	}
+
+	/**
+	 * 양도 이력 Merkle Root 앵커링
+	 * 블록체인의 핵심 원리(위변조 감지)를 차용하여
+	 * 외부 로그 시스템(Loki)에 앵커링
+	 */
+	private void anchorTransferHistory(Long ticketId, TicketTransferHistory latestHistory) {
+		List<TicketTransferHistory> histories =
+			transferHistoryRepository.findByTicketIdOrderByTransferredAtDesc(ticketId);
+
+		List<String> hashes = histories.stream()
+			.map(TicketTransferHistory::computeHash)
+			.toList();
+
+		String merkleRoot = MerkleUtil.buildRoot(hashes);
+
+		// 구조화된 로그 - Loki에서 파싱 가능 (외부 앵커)
+		log.info("[MERKLE_ANCHOR] ticketId={}, root={}, count={}, latestHash={}",
+			ticketId,
+			merkleRoot,
+			histories.size(),
+			latestHistory.computeHash()
+		);
 	}
 }

backend/src/main/java/com/back/domain/ticket/entity/TicketTransferHistory.java

@@ -0,0 +1,95 @@
+package com.back.domain.ticket.entity;
+
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.time.LocalDateTime;
+import java.time.format.DateTimeFormatter;
+
+import com.back.global.entity.BaseEntity;
+
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.Index;
+import jakarta.persistence.Table;
+import lombok.AccessLevel;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+@Entity
+@Table(
+	name = "ticket_transfer_history",
+	indexes = {
+		@Index(name = "idx_transfer_history_ticket_id", columnList = "ticket_id")
+	}
+)
+@Getter
+@NoArgsConstructor(access = AccessLevel.PROTECTED)
+public class TicketTransferHistory extends BaseEntity {
+
+	@Id
+	@GeneratedValue(strategy = GenerationType.IDENTITY)
+	private Long id;
+
+	@Column(name = "ticket_id", nullable = false)
+	private Long ticketId;
+
+	@Column(name = "from_user_id", nullable = false)
+	private Long fromUserId;
+
+	@Column(name = "to_user_id", nullable = false)
+	private Long toUserId;
+
+	@Column(name = "transferred_at", nullable = false)
+	private LocalDateTime transferredAt;
+
+	@Builder
+	private TicketTransferHistory(Long ticketId, Long fromUserId, Long toUserId) {
+		this.ticketId = ticketId;
+		this.fromUserId = fromUserId;
+		this.toUserId = toUserId;
+		this.transferredAt = LocalDateTime.now();
+	}
+
+	// 양도 이력 기록
+	public static TicketTransferHistory record(Long ticketId, Long fromUserId, Long toUserId) {
+		return TicketTransferHistory.builder()
+			.ticketId(ticketId)
+			.fromUserId(fromUserId)
+			.toUserId(toUserId)
+			.build();
+	}
+
+	/**
+	 * Merkle Tree용 SHA-256 해시 생성
+	 * 데이터 무결성 검증을 위한 해시값 계산
+	 */
+	public String computeHash() {
+		String data = String.join(":",
+			String.valueOf(ticketId),
+			String.valueOf(fromUserId),
+			String.valueOf(toUserId),
+			transferredAt.format(DateTimeFormatter.ISO_LOCAL_DATE_TIME)
+		);
+
+		try {
+			MessageDigest digest = MessageDigest.getInstance("SHA-256");
+			byte[] hashBytes = digest.digest(data.getBytes(StandardCharsets.UTF_8));
+			return bytesToHex(hashBytes);
+		} catch (NoSuchAlgorithmException e) {
+			throw new RuntimeException("SHA-256 algorithm not available", e);
+		}
+	}
+
+	private String bytesToHex(byte[] bytes) {
+		StringBuilder sb = new StringBuilder();
+		for (byte b : bytes) {
+			sb.append(String.format("%02x", b));
+		}
+		return sb.toString();
+	}
+}

backend/src/main/java/com/back/domain/ticket/repository/TicketTransferHistoryRepository.java

@@ -0,0 +1,12 @@
+package com.back.domain.ticket.repository;
+
+import java.util.List;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+
+import com.back.domain.ticket.entity.TicketTransferHistory;
+
+public interface TicketTransferHistoryRepository extends JpaRepository<TicketTransferHistory, Long> {
+
+	List<TicketTransferHistory> findByTicketIdOrderByTransferredAtDesc(Long ticketId);
+}

backend/src/main/java/com/back/global/error/code/CommonErrorCode.java

@@ -26,7 +26,11 @@ public enum CommonErrorCode implements ErrorCode {
 	RECAPTCHA_TOKEN_MISSING(HttpStatus.BAD_REQUEST, "reCAPTCHA 토큰이 누락되었습니다."),
 
 	// ===== 서버 내부 오류 =====
-	INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR, "서버 내부 오류가 발생했습니다.");
+	INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR, "서버 내부 오류가 발생했습니다."),
+
+	// ===== Merkle Tree 관련 =====
+	MERKLE_TOO_MANY_LEAVES(HttpStatus.BAD_REQUEST, "처리할 데이터가 너무 많습니다."),
+	MERKLE_BUILD_FAILED(HttpStatus.INTERNAL_SERVER_ERROR, "Merkle Tree 생성에 실패했습니다.");
 
 	private final HttpStatus httpStatus;
 	private final String message;

backend/src/main/java/com/back/global/utils/MerkleUtil.java

@@ -0,0 +1,129 @@
+package com.back.global.utils;
+
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.ArrayList;
+import java.util.List;
+
+import com.back.global.error.code.CommonErrorCode;
+import com.back.global.error.exception.ErrorException;
+
+/**
+ * Merkle Tree 유틸리티 클래스
+ * 티켓 양도 이력의 무결성 검증을 위한 Merkle Root 계산
+ */
+public final class MerkleUtil {
+
+	/**
+	 * 최대 처리 가능한 리프 노드 수 (메모리 보호)
+	 * 10,000개 = log2(10000) ≈ 14 레벨, 충분히 안전
+	 */
+	public static final int MAX_LEAVES = 10_000;
+
+	/**
+	 * 무한루프 방지용 최대 반복 횟수
+	 * log2(MAX_LEAVES) + 여유분
+	 */
+	private static final int MAX_ITERATIONS = 20;
+
+	private MerkleUtil() {
+		// 유틸리티 클래스 - 인스턴스화 방지
+	}
+
+	// 해시 리스트로부터 Merkle Root 계산
+	public static String buildRoot(List<String> hashes) {
+		if (hashes == null || hashes.isEmpty()) {
+			return "";
+		}
+
+		if (hashes.size() == 1) {
+			return hashes.get(0);
+		}
+
+		if (hashes.size() > MAX_LEAVES) {
+			throw new ErrorException(CommonErrorCode.MERKLE_TOO_MANY_LEAVES);
+		}
+
+		List<String> currentLevel = new ArrayList<>(hashes);
+		int iterations = 0;
+
+		// root가 나올때까지 반복 (무한루프 방지)
+		while (currentLevel.size() > 1) {
+			if (++iterations > MAX_ITERATIONS) {
+				throw new ErrorException(CommonErrorCode.MERKLE_BUILD_FAILED);
+			}
+			currentLevel = buildNextLevel(currentLevel);
+		}
+
+		return currentLevel.get(0);
+	}
+
+	/**
+	 * 현재 레벨에서 다음 레벨의 해시들을 계산
+	 * 홀수 개인 경우 마지막 해시를 복제하여 짝수로 맞춤
+	 */
+	private static List<String> buildNextLevel(List<String> currentLevel) {
+		List<String> nextLevel = new ArrayList<>();
+
+		// 홀수인 경우 마지막 요소 복제
+		if (currentLevel.size() % 2 != 0) {
+			currentLevel.add(currentLevel.get(currentLevel.size() - 1));
+		}
+
+		for (int i = 0; i < currentLevel.size(); i += 2) {
+			String left = currentLevel.get(i);
+			String right = currentLevel.get(i + 1);
+			String combined = sha256(left + right);
+			nextLevel.add(combined);
+		}
+
+		return nextLevel;
+	}
+
+	// SHA-256 해시 계산
+	public static String sha256(String input) {
+		try {
+			MessageDigest digest = MessageDigest.getInstance("SHA-256");
+			byte[] hashBytes = digest.digest(input.getBytes(StandardCharsets.UTF_8));
+			return bytesToHex(hashBytes);
+		} catch (NoSuchAlgorithmException e) {
+			throw new RuntimeException("SHA-256 algorithm not available", e);
+		}
+	}
+
+	private static String bytesToHex(byte[] bytes) {
+		StringBuilder sb = new StringBuilder();
+		for (byte b : bytes) {
+			sb.append(String.format("%02x", b));
+		}
+		return sb.toString();
+	}
+
+	/**
+	 * 특정 데이터가 Merkle Root에 포함되어 있는지 검증
+	 * (Merkle Proof 검증 - 선택적 구현)
+	 *
+	 * @param leafHash 검증할 리프 해시
+	 * @param proof    Merkle Proof (형제 해시들의 경로)
+	 * @param root     검증 대상 Merkle Root
+	 * @return 검증 성공 여부
+	 */
+	public static boolean verify(String leafHash, List<ProofNode> proof, String root) {
+		String currentHash = leafHash;
+
+		for (ProofNode node : proof) {
+			if (node.isLeft()) {
+				currentHash = sha256(node.hash() + currentHash);
+			} else {
+				currentHash = sha256(currentHash + node.hash());
+			}
+		}
+
+		return currentHash.equals(root);
+	}
+
+	// Merkle Proof 노드
+	public record ProofNode(String hash, boolean isLeft) {
+	}
+}