摘要: 电子商务平台在支付签名、订单隐私保护、履约存证、售后仲裁与监管取证等环节中长期处理高敏感数据与高价值密钥。首先，针对电子商务中平台集中持密带来的密钥滥用、内部越权与单点失效等问题，本文提出一种将秘密共享与可验证透明日志融合的关键数据保护机制，使高价值密钥材料以碎片形式分布式存储并以阈值方式协同使用，同时以不可篡改的审计证据链提升事后可追责性。其次，构建覆盖订单支付、退款仲裁、商家结算与合规取证的统一体系架构，给出密钥生成、碎片协同用密、证据追加写入与可验证审计的一体化协议，并以承诺一致性机制约束恶意节点或不一致分发。最后，在统一威胁模型下，从机密性、完整性、可用性与可审计性四类目标出发，补充安全性分析与性能评估方法，量化阈值、节点可用性与日志证明长度对业务时延与故障模式的影响，为电子商务构建“分布式信任与可验证治理”的安全基础设施提供有效路径。

Abstract: E-commerce platforms have long handled highly sensitive data and high-value cryptographic keys in processes such as payment signing, order privacy protection, fulfillment evidence preservation, after-sales arbitration, and regulatory forensics. First, to address risks arising from centralized key custody in e-commerce—such as key misuse, insider privilege abuse, and single points of failure—this paper proposes a critical data protection mechanism that integrates secret sharing with verifiable transparency logs. High-value key material is stored in a distributed manner as shares and used collaboratively under a threshold scheme, while a tamper-evident audit evidence chain enhances ex post accountability. Second, we build a unified architecture covering order payments, refund arbitration, merchant settlement, and compliance forensics, and present an integrated protocol suite for key generation, cooperative threshold key usage, append-only evidence logging, and verifiable auditing, together with a commitment-consistency mechanism to constrain malicious participants or inconsistent distribution. Finally, under a unified threat model, we supplement security and performance evaluation methods from four objectives—confidentiality, integrity, availability, and auditability—and quantify how the threshold, node availability, and log proof length affect service latency and failure modes, providing an effective path toward security infrastructure for “distributed trust and verifiable governance” in e-commerce.