Self-Sovereign Machine Identities (SSMIs) are digital identities that enable vehicles, machines, robots and devices to identify themselves with each other, with people and with their environment. What makes them special is that they’re decentralized identities; they enable direct, peer-to-peer identification and interaction without being dependent on centralized third-parties.
In case you’re wondering why machines need their own self-sovereign identities, check out our article on Self-Sovereign Identity for Machines, here.
Self-Sovereign Machine Identities (SSMIs) are the critical first foundation block for a decentralized machine economy, or what we at peaq call the Economy of Things. The Economy of Things is a fully digital and decentralized economy wherein machines of all kinds provide goods and services to other machines and to people. Before being able to provide or consume any good or service, trust between the interacting entities must be established. SSMIs establish this trust by enabling decentralized identification, authentication and verification.
peaq has been working with decentralized identifiers (DIDs) for machines since 2019, leveraging them for various machine economy use cases with Fortune 100 companies, such as for secure data center access with NTT. We’re now publicly releasing our decentralized machine identity method for use on the peaq network.
Self-Sovereign Machine IDs are multifaceted, made up of a unique combination of characteristics, attributes and properties that distinguish one machine from another. peaq’s machine identity can be broken down into two main components; Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs).
- Decentralized Identifiers (DIDs) enable the identification of a machine by giving it a unique identifier
- Verifiable Credentials (VCs) refer to attributes of a machine such as rights, certificates, roles or capabilities. They are issued and revoked by so-called Credential Issuers (CIs). Credential Issuers are trusted authorities in the peaq network or other Web3 networks that the peaq network is interoperable with.
In order to maximise security and privacy, while enabling pseudonymity and anonymity, only a hash that represents the credential and its validity is recorded on the blockchain, not the credential itself. The credential remains the property of the machine and can only be read with the permission of the machine or the machine’s owner or operator.
Machine IDs serve to enable three major functions in the Economy of Things. These are;
- Machine Identification
- Verification of Credentials
The infrastructure that machines exist on today is a fragmented landscape of centralised platforms powered by machine operators or manufacturers that exist as ‘walled gardens’ - closed off to one another. Vehicles, machines, robots and devices which exist on these platforms are only visible and accessible to other machines on the same centralized platform.
On today’s infrastructure it is not possible for machines to interact with one another in a peer-to-peer manner, thus hindering them to independently provide goods and services to one another or to people. By assigning machines a Self Sovereign Machine Identity, they can join an open digital ecosystem which enables them to be visible and identifiable to all other machines and people.
Authentication serves to establish whether a machine really is the machine it claims to be. In order to do that, a cryptographic challenge must be completed. The process is straight-forward and relies on reading the Machine’s Decentralised Identifier (DID) and establishing a peer-to-peer (direct) connection with it. As the DID contains the public key of the machine on the blockchain, we know that it is legitimate.
A cryptographic challenge can then be proposed to the machine. This is done by taking any random numeric value between 1 and 10 million and encrypting it with the public key of the machine as obtained from the DID document. The machine shall add 10 to the received value and return the result by signing it with its private key. To make the process safe against potential replay attacks, a random salt value should be transmitted from either side in request/response messages.
Verification of Credentials
Attributes of a machine which it can present come in the form of Verifiable Credentials (VCs). VCs can be independently verified by another machine or person wanting to consume a good or service from the machine.
An example for such an attribute would be a credential that states who owns the machine and therefore enables the consumer to verify if that entity or person is a trusted party on the peaq network or another Web3 network that peaq is interoperable with.
Verification of SSMI credentials happens when authorities that are trusted by peaq network participants sign them. This signature can be validated through the public key of the signing authority to establish trust.
peaq is working alongside multiple consortia, such as GAIA-X MoveID and MOBI, to continuously improve peaq ID and proactively participate in the process of standardizing machine identification in Web3.
The GAIA-X MoveID consortium is part of GAIA-X, established by the European Union to create a sovereign data infrastructure for Europe. The MoveID project is tasked with establishing the standards for sovereign identities and data sharing for mobility in Europe. The project is being delivered by 18 partners from mobility, academia and Web3, and includes projects such as Ocean Protocol, Fetch.ai and peaq. The consortium is led by Bosch, and works with industry partners such as Continental, Airbus and Denso.
peaq also recently joined MOBI (Mobility Open Blockchain Initiative), the largest blockchain-focused mobility consortium. MOBI aims to build the new economy of movement, and brings together many of the world’s largest mobility manufacturers and suppliers such as BMW, Ford, GM, Renault, IBM, Hitachi and ZF, as well as startups, governments, NGOs, transit agencies, insurers, toll road providers, smart city leaders, and technology companies to create Web3 standards and build Web3 mobility solutions.
peaq has also started integrating with other Web3 networks to enable various decentralized solutions, applications and functions for machines in the The Economy of Things. By means of these integrations peaq aims to enable machines to, for example, trade and exchange data on decentralized data marketplaces, or maximise returns on machine economy investments via yield farming protocols. All with the goal to provide the best possible infrastructure for the Web3 machine economy to emerge and flourish. To achieve that, peaq will run for parachain on Polkadot and the peaq network will support EVM and WASM smart contracts to coexist and therefore enable the collaboration and interoperability with projects from the Polkadot and Ethereum ecosystems.
peaq ID enables a machine to exist in the machine economy and therefore creates the basis for any machine-to-machine or machine-to-person interaction. Peaq ID sits beside Role-Based Access Control (RBAC) and payment, as one of the three core functions that peaq provides for the community and enterprise consortia to create decentralized applications (dApps) for the Economy of Things.
Taking mobility as an example, some of the Economy of Things dApps that are enabled using peaq ID’s Self Sovereign Machine Identity function are Electric Vehicle Charging, Parking, Vehicle Sharing and Zoning.
We look forward to seeing how entrepreneurs and developers will use peaq’s functions, network economics and developer tools to power the Economy of Things, dApp by dApp, across all machine domains, and enable a decentralized machine economy that works for the world.
Want to build the Economy of Things?
· We’re hiring across the board, from engineering to communications. Join us in building the Economy of Things.
· Want to stay in the loop? Visit our website and join the conversation on our channels.