#Decentralized Identity
#Smart access control
#Tap to ID: SSI-NFC

Lisk & IoT: Bridging Physical and Digital Worlds with NFC & Blockchain

Caspar Roelofs
min read

Gimly is proud to have been awarded a Lisk Builders Grant, for the development of an exciting proof-of-concept with the Lisk SDK. As previously described in my article on the open source Lisk.Bike project, the Lisk SDK enables JavaScript developers to easily build blockchain applications powered by custom transactions. In this new project, Gimly will be working with Modeneis, Blockchain030, and the Lisk Center Utrecht on a novel approach to securely connecting physical objects and digital blockchains, powered by a Tangem's made-for-blockchain NFC chips.

The nexus of the physical and the digital

The nexus of the physical and the digital is where the immutability of many blockchain solutions finds its greatest challenge. Digital data and digital representations of physical objects may be immutably secured and traced throughout the blockchain. But when the origins or endpoints of these bits and bytes are found in tangible objects, goods, or services in our physical world, there is room for error. Some obvious examples are supply chain and anti-counterfeiting solutions, where digital information pertaining to the production, origin, chain of custody, or shipping conditions is immutably secured in the blockchain. But the challenge remains to ensure that the physical goods that this information is supposed to describe, remain untampered with themselves. But also for self-sovereign identity (SSI) solutions, which are mostly digital, there may be cases where the digital identity needs representation in a physical world. A person that has been digitally granted access to certain goods or services through an SSI application, may still need to present physical proof of rightful control over the digital identity when collecting the goods or services. Even more so when considering use cases not assuming a ubiquity of the smartphone - such as those involving young children, minima, or developing contexts.

Costly and failure-prone remote key management

Some commonly used methods to establish such connections include the use of QR codes, NFC tags, RFID tags, IoT devices such as Bluetooth Low Energy (BLE) or Low Power Wide Area Network (LPWAN) beacons and sensors, and a wide range of other smart devices. These options vary greatly in terms of functionality and security, they all have in common that their role in blockchain solutions most often is a passive one. While they may actively provide identifying or environmental information, the process of securing this information into the immutable blockchain is completed elsewhere and largely outside their control. The management of public/private key pairs required to sign blockchain transactions and permanently secure the data and its source generally is implemented in remote server or cloud service back-ends. The development of such back-ends, but also the continuous maintenance necessary to avert potential system failures resulting for example from protocol upgrades, server downtime, or a change in hardware supplier, consume significant resources. Alternatively; resorting to third-party cloud services or platforms introduces significant costs, third-party trust and potential vendor lock-in.

In blockchain solutions, it is through the control of private keys that ownership, identification, and trust are conveyed. Thus, remote key management systems pose an expensive and laborious affair at best, and a potential security risk at worst. Therefore, moving the key management process closer to the objects of interest would not only save valuable resources, it would add a significant layer of trust to the solution.

Tangem's made-for-blockchain NFC: A novel approach

In this project, we will do this by making use of a new type of microchip, attached directly to a pharmaceutical package – the object in a cold-chain solution.

  • Tangem's build-for-blockchain microchip is an NFC chip with an embedded EAL6+ grade wallet for signing and storing authenticated data, and signing raw or hashed transactions directly from the chip.
  • Data from an IoT temperature + Geolocation sensor will be collected through a mobile NFC host device, and will be signed and securely stored on the chip.
  • The data will be secured in the Lisk blockchain by means of Lisk custom transactions that are signed by the microchip attached to the pharmaceutical package. Here, we will make use of Lisk Supply Chain, and Lisk.Bike open source codes.

Expected lessons

The idea of having objects that sign their own transactions opens up a future for more autonomous solutions, such as packages paying for their own transport and handling, or publicly shared bikes paying for their own maintenance. The microchips used in this project are NFC chips, with obvious close-range limitations, which make these less than ideal for continuous monitoring processes such as described here. For this reason, we may also need to consider an alternative of securing the data upon each change of custody step.

Nevertheless, we expect to gain actionable insights in moving key management processes closer to objects of interests, for potential implementation in wider range technologies such as RFID, BLE, or LPWAN tags and devices. In addition, our practical experience with this novel chip-to-chain technology will open up possible use-cases more suitable for the close-range interaction of NFC - for example in off-line payments, or off-line verification of SSI credentials.

Get engaged

Interested to experiment with this novel build-for-blockchain NFC technology for your own project? Submit a request through the button below, and start building your solution with Gimly and Tangem. Or do you wish to receive updates, or contribute to this Lisk project? Be sure to connect with Gimly on Linked-In and Medium, and keep an eye on Gimly.io.

Simplify Access with Gimly

This demo shows how Gimly Tap to ID technology can be used for a reception-less check-in use case in hospitality.