Skip to main content

Tier-1

This page delineates a procedure to affirm the integrity and origin of machine-generated data within a blockchain network, emphasizing "Machine-Origin Authentication" as Tier 1 verification in a Decentralized Physical Infrastructure Network (DePIN).

System Overview

The process involves the following steps:

  • Registration: The machine gets registered on the blockchain using a unique identifier.

  • Data Generation & Signing: The machine generates data, signs it, and sends the hash to the blockchain.

  • Data Storage: The hash gets stored on the blockchain.

  • Data Retrieval & Verification: Any party retrieves and verifies the data's validity from the blockchain.

Prerequisites

  • Node.js environment setup.

  • Installed @polkadot/api, @polkadot/util, @polkadot/util-crypto, and @peaq-network/sdk packages for blockchain interaction.

  • A seeds.json file containing the seeds for the owner's and the machine's accounts.

1. Registration (Machine-Origin Authentication)

The machine is registered on the blockchain by the owner, creating a digital identity that serves as the foundation for Tier 1 verification.


// import necessary libraries
import { Sdk } from "@peaq-network/sdk";
import Keyring from "@polkadot/keyring";
import fs from "fs/promises";

const register = async () => {
const seeds = JSON.parse(await fs.readFile("seeds.json", "utf8"));
const ownerSeed = seeds.owner;
const machineSeed = seeds.machine;

const sdkInstance = await Sdk.createInstance({
baseUrl: "wss://wsspc1-qa.agung.peaq.network",
seed: ownerSeed,
});

const keyring = new Keyring({ type: "sr25519" });
const machinePair = keyring.addFromUri(machineSeed);

// Register the machine's DID
await sdkInstance.did.create(
{ name: `did:peaq:${machinePair.address}`, address: machinePair.address },
(result) => {
// handle result
}
);
};

register();

2. Data Generation & Signing (Direct Device Data)

The machine directly generates data, signs it using its secure private key, ensuring that the data is authentic and has not been altered. This constitutes a Tier 1 level of trust.

NOTE

Data signing is an internal process of the machine. Here is a hypothetical code snippet to illustrate this step.


// Hypothetical snippet for data generation and signing
import { generateKeyPair } from "./utils.js";
import { hexToU8a, u8aToHex } from "@polkadot/util";
import { cryptoWaitReady } from "@polkadot/util-crypto";

// Simulated machine data generation and signing
const generateAndSignData = async (machineSeed) => {
await cryptoWaitReady();
const machineKeypair = generateKeyPair(machineSeed);
const data = "Machine-generated data";
const dataHex = u8aToHex(JSON.stringify(data));
const signature = machineKeypair.sign(hexToU8a(dataHex));

return { dataHex, signature: u8aToHex(signature) };
};



3. Data Storage (Immutable Ledger Entry)

Signed data is stored on the blockchain, providing an immutable record that can be publicly verified, which is consistent with the principles of Tier 1 verification


// import necessary libraries and functions
import fs from "fs/promises";
import { generateKeyPair, makeExtrinsicCall } from "./utils.js";
import { hexToU8a, u8aToHex } from "@polkadot/util";
import { cryptoWaitReady } from "@polkadot/util-crypto";

const store = async () => {
await cryptoWaitReady();
const seeds = JSON.parse(await fs.readFile("seeds.json", "utf8"));
const machineSeed = seeds.machine;
const machineKeypair = generateKeyPair(machineSeed);
const dataHex = u8aToHex(JSON.stringify("test-data"));
const signature = u8aToHex(machineKeypair.sign(hexToU8a(dataHex)));

const payload = {
data: dataHex,
signature: signature,
};

// Serialize payload into hex format for storage
const payloadHex = u8aToHex(JSON.stringify(payload));

await makeExtrinsicCall(
"peaqStorage",
"addItem",
[machineKeypair.address, payloadHex],
true,
machineKeypair
);
};

store();


4. Data Retrieval & Verification (Trust Verification)

Any network participant can retrieve the data and verify its authenticity using the public key associated with the machine's digital identity. This verification step confirms the Tier 1 status of the data.


// import necessary libraries and functions
import fs from 'fs/promises';
import { hexToU8a } from '@polkadot/util';
import { signatureVerify } from '@polkadot/util-crypto';
import { getStorage, generateKeyPair } from './utils.js';
const verifyData = async (publicKey, dataHex, signatureHex) => {
const dataU8a = hexToU8a(dataHex);
const signatureU8a = hexToU8a(signatureHex);

return signatureVerify(dataU8a, signatureU8a, publicKey).isValid;
};

const verify = async () => {
const seeds = JSON.parse(await fs.readFile('seeds.json', 'utf8'));
const machineSeed = seeds.machine;
const machineKeypair = generateKeyPair(machineSeed);

const itemType = 'your_item_type_here';
const storedDataHex = await getStorage(itemType);

if (!storedDataHex) {
throw new Error('Data not found.');
}

const { data: dataHex, signature: signatureHex } = JSON.parse(hexToU8a(storedDataHex).toString());

const isValid = await verifyData(machineKeypair.publicKey, dataHex, signatureHex);

if (isValid) {
console.log('Data verified successfully.');
} else {
console.log('Verification failed.');
}
};

verify();

Conclusion

The system described here provides a secure method for registering machines and verifying the origin and integrity of their data using cryptographic signatures. This approach aligns with Tier 1 verification in DePIN projects, ensuring the highest level of trust in the data's direct origin and secure transmission.

Additional Considerations

  • Ensure that all key pairs and sensitive information are handled securely.

  • Conduct thorough testing in a controlled environment before deploying to production.

  • Always keep up to date with the SDK and API documentation from the blockchain network you're working with.

Developers should refer to the official documentation of the Polkadot.js API and the specific blockchain network for detailed instructions and best practices.


Building upon the established structure of "Machine Data Verification on Blockchain," we will now introduce the concept of Tier 2 verification, termed "Pattern Matching Validation." This tier involves validating data that may not originate directly from the device but is relevant to existing devices within the network. The verification in this tier is accomplished by comparing incoming data patterns against known patterns from devices already registered in the system.