Embed Size (px)
Citation preview
DAT250 - Advanced Software Technologies
Research project, University of Bergen
27 November 2018
IOTADistributed ledger for micro-transactions
Steffen Sande
Knut Anders Stokke
Mathias S. Grønstad
Contents
1 Motivation and Introduction 1
2 The Iota Technology 32.1 Trinary-hashes, trytes and Transactions . . . . . . . . . . . . . . . . . . . . . 5
3 Demonstrator Prototype 73.1 Overview of the demonstrator and its purpose . . . . . . . . . . . . . . . . . . 73.2 Planning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
3.2.1 Components needed: Pi and sensor . . . . . . . . . . . . . . . . . . . . 73.2.2 What runs on the Pi . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73.2.3 Purpose of MQTT process . . . . . . . . . . . . . . . . . . . . . . . . . 83.2.4 Purpose of PostgreSQL Database . . . . . . . . . . . . . . . . . . . . . 83.2.5 Project Sketch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83.2.6 Implementation Publish data . . . . . . . . . . . . . . . . . . . . . . . 93.2.7 Check Payment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93.2.8 TypeScript . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103.2.9 Promises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
4 Setup and Results 124.1 IOTA wallet and dev-tokens . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124.2 Masked Authenticated Messaging (MAM) . . . . . . . . . . . . . . . . . . . . 124.3 Selling sensor data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
4.3.1 Further setup of the Raspberry Pi . . . . . . . . . . . . . . . . . . . . 144.4 Application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144.5 Seller side . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
5 Conclusions 155.1 The IOTA technology and its maturity . . . . . . . . . . . . . . . . . . . . . . 155.2 Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155.3 Learning Curve . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
List of Figures
1 Historical data of number of installed IoT devices . . . . . . . . . . . . . . . . 32 Directed Acyclic Graph . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 Tangle with weights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 Raspberry Pi with all processes it runs . . . . . . . . . . . . . . . . . . . . . . 85 Simulates the dataflow of our application . . . . . . . . . . . . . . . . . . . . 9
List of Tables
1 Motivation and Introduction
The purpose of this research project was to explore the IOTA technology and to build ademonstrative prototype and application.
IOTA is both a currency and a data transfer framework for the Internet of Things (IoT).Similar to the blockchain protocol, it works as a distributed ledger, but it is based on a differenttechnology called the Tangle. The Tangle promises some advantages over Blockchain, one ofthem being scalability. For instance blockchains like, bitcoin and ethereum slows down whenwith increasing number of transactions, while in theory IOTA will scale and become fasterthe more devices uses it. This is achieved as every node/device that participates in thenetwork also has to verify other transactions. In other words, they contribute to consensusin the network. This is different from other cryptocurrencies, which mostly rely on so-called“miners” to provide consensus by doing a proof of work (PoW). Miners that verify transactionsare typically awarded transaction fees, as well as newly issued tokens for their work. In theIOTA network, every participating device does PoW when they make transactions, whichmakes the feeless system possible. Although one could argue that doing PoW is a form of feein the form of electricity costs of the hashing. IOTA is built for IoT, and promises feeless andsecure micropayments. The distributed ledger they used is called the Tangle and is based onthe data structure directed acyclic graph (DAG). In the Tangle each node is a transaction,and each node must verify two previous transactions. The verifications become the edgesof the graph, attaching each new node to two existing nodes. As opposed to blockchainwhere the verification happens sequentially in blocks, in IOTA it happens in parallel. This iswhat in theory gives the promise of high scalability. IOTA was founded by David Sønstebø,Sergey Ivanchelgo, Dominik Schiener and Serguei Popov in 2015. The IOTA foundation isnon-profit, and is based in Berlin, Germany. Until 2016 the ledger was run on a testnet(a sandbox), and the mainnet was live in 11. July 2016. The IOTA foundation alreadyhas roughly 100 partnerships, including several big names like Volkswagen and Bosch. Ourgoal of this project was to research the IOTA technology and build a simple prototype usingthe IOTA API as a payment framework between two devices: one selling real-time sensordata to the other. To reach our goal we ended up implemented some other technologies aswell; Message Queuing Telemetry Transport (MQTT), Adafruit DHT API, and PostgreSQL.Programming languages used were Javascript and Python. Before building the prototype,we started out by investigating Masked Authenticated Messages (MAM), which is a modulebuilt on top of IOTA allowing for encrypted message streams between authenticated parties.We experimented with MAM first because it was an easy way to use the IOTA technology,and we wanted to see if it was something we could to use for our prototype.
Our first achievement was transmitting and receiving MAM over the Tangle testnet. Theidea was to use the Tangle for both the data and the currency transfer. Although the trans-mission worked, it wasn’t clear if MAM was suitable for selling data in the manner we aimedfor. Therefore, we went away from using the Tangle to transfer data and used MQTT instead.
The next achievement was using the IOTA framework to receive IOTAs, and then auto-matically provide data to the buyer. A Raspberry Pi was set to publish sensor data (humid-ity and temperature) via the MQTT protocol. Only authenticated users in a PostgreSQLdatabase had access to the data stream. We used a script to continually check the Tanglefor IOTA payments to the IOTA wallet belonging to Raspberry Pi. If the script recognizeda valid payment, the username attached to that transaction was granted access to the datastream. The data stream was then sent directly to the user over MQTT (not via the Tangle,
1
because it would cause a delay). The above tests will be explained in detail, and the rest ofthis report will cover:
• The Iota Technology
• Demonstrator Prototype
• Setup and Results
• Conclusions
• References
2
2 The Iota Technology
As the number of connected IoT devices are predicted to more than triple over the nextseven years, it’s important to have a robust and secure framework for data transfer andmicropayments. This is what IOTA aims to provide.
Figure 1: Historical data of number of installed IoT devices
IOTA is a distributed ledger tailored to facilitate a machine to machine economy. Sinceevery node in the network participates in consensus by doing proof of work (PoW), the technol-ogy promises high scalability. Unlike the blockchain protocol, which becomes slower the morepeople that use it, IOTA is designed to become faster the more users it has. This parallelizedvalidation allows for very large throughput, and in theory allows for high scalability. This,and the fact that transactions are feeless, makes it a good candidate for a IoT-framework.The technology also allows for no blocks, and no miners, as all the IOTA tokens that will everexist are already in circulation. There are no blocks either, since IOTA uses a distributed anddecentralised ledger called the Tangle. This ledger is more decentralised than any blockchain,since every node parttakes in consensus. (As a note: the more centralised a ledger is, thefewer units are responsible for its consensus. For example, the current banking system ishighly centralised, which was a reason for why Bitcoin was created). As opposed to IOTA,Bitcoin uses huge mining pools to verify transactions, and the three largest mining pools minealmost 50
3
All verified IOTA-transactions are stored the distributed ledger called the Tangle, whichis based on the data structure Directed Acyclic Graph (DAG).
Figure 2: Directed Acyclic Graph
In the Tangle each node represents a transaction, and each transaction confirms twoprevious transactions by doing PoW. Doing PoW is essentially finding hashes for somethingcalled a nonce, which is a part of each transaction. Once a transaction is verified, it’s officially,and immutably attached to the Tangle. This way the Tangle always grows, and does so inone direction, as newly issued transactions are always attached to the “youngest” nodes. Theoldest transactions will be furthest to the left in 2, and to the very left, we will find the genesistransaction. The genesis transaction is the first transaction issued, and its address containedall IOTA tokens (and all there would ever be). The number of tokens are exactly
333− 1
2= 2, 779, 530, 283, 277, 761 IOTA’s = 2.8 Peta IOTA’s
These tokens were distributed by transactions to other founders. To get a perspective of howlittle one IOTA is, at the time of writing this, one IOTA is worth roughly 0.00000027 USD.Transaction of this magnitude could safely be considered “microtransactions”.
Every transaction has a weight, which is an integer from 1, 3, 9, ..., 3n, n being an integer.The weight of a transaction says something about the effort put in by its issuing node. Everytransaction also has an accumulative weight, which is the sum of its own weight and the weightof all other transactions that directly or indirectly approves it (meaning every transaction inthe Tangle that has path to it). In this way, the older the transaction, the higher its cumulativeweight.
Figure 3: Tangle with weights
4
As we see in figure 3, the cumulative weights of the nodes are increased when transaction Xis appended to the Tangle. This is a way of showing which transactions are the most importantin the network. For example the genesis transaction will have the largest cumulative weight,since it’s indirectly or directly approved by all other transaction. The transaction X in figure3, which is the newest transaction, has a low cumulative weight and is relatively unimportant.The older a transaction is, the more important it is. The concept of cumulative weight is away to avoid spamming and other forms of attacks.
To join the Tangle, a transaction must approve two previously unapproved transactions,which are called tips. These tips are chosen by doing weighted random walk (a Markov ChainMonte Carlo algorithm) starting at the genesis and ending at a tip. The random walk is biasedtowards reaching tips with larger cumulative weight, so that older, unverified transactions arepreferred against newer transactions.
2.1 Trinary-hashes, trytes and Transactions
IOTA uses a trinary numbering system for their seeds, addresses, hashes etc. Each such stringis made up of letters from the latin alphabet and the number 9
This means the trinary numbering system has 27 characters, which is the number ofpossible combinations of a so called tryte (as opposed to byte). One tryte has consists of 3“trits”, for example -1,1,0 and 0,-1-1 are two trytes corresponding to the characters B andO respectively (according to the trinary numbering system alphabet). All such possible tritsmake up for 27 combinations (3ˆ3), while a byte has 8 bits and 256 combinations. Thismeans that a 81-trytes IOTA seed has 27ˆ81 = 8.71 x 10ˆ115 possible combinations, while incomparison, a Bitcoin address has 2ˆ256 = 1.15 x 10ˆ77 possible combinations.
Due to how its hashing function works, IOTAs trinary hashes always contain 81-trytes(but sometimes it can be 90 trytes including a 9 tryte checksum). The IOTA java API (calledjota) has a TrytesConverter class with a toTrytes function. Here is an example of the thetryte-converter used back and forth on a JSON object containing a username (something weused in our experiments):
1 TrytesConverter converter = new TrytesConverter();
2 System.out.println(converter.toTrytes("{\"username\":\"johndoe\"}"));
3 OUTPUT: ODGAIDGDTCFDBDPCADTCGADBGAYCCDWCBDSCCDTCGAQD
4
5 System.out.println(converter.toString("ODGAIDGDTCFDBDPCADTCGADBGAYCCDWCBDSCCDTCGAQD"));
6 OUTPUT: {"username":"johndoe"}
A transaction consists of many fields in a JSON object. We used an online test-wallet [12]to send and view transaction-objects (you can use it to send 0-IOTA transactions. It’s usefulto know how transactions are structured, since we can extract information which can be pro-cessed in an application. For example, we used the “username” field to check for transactionsfrom authorised users in a database. The following is an example of a transaction sending{”username”:”johndoe”} as a message, which is converted to into trytes in the signature fieldof the transaction object:
1 {
2 "hash": "QDQPBJAMLUC9NKZLEZDNNUEPSXMCPKVVNLCHNKHBX9HK9EAX
3 OSLFTGCUJCSIMVZGQGRJGCA9DCNJUK999",
5
4 "signatureMessageFragment": "ODGAIDGDTCFDBDPCADTCGADBGAYCCDWCBDSC
5 CDTCGAQD",
6 "address": "ITUDVAQILBHLKLTCRWMPRLZKOGJG9E9MNVKEPZGNEPR9GPF9KK
7 PJUAJTAOTJUMFZSVBQNHXD9JQIRXVYC",
8 "value": 0,
9 "obsoleteTag": "DF9999999999999999999999999",
10 "timestamp": 1543304495,
11 "currentIndex": 0,
12 "lastIndex": 0,
13 "bundle":"URILWQAJJVEVQUQFIKRNKCGRPFDZXWAFUUCBBWITA
14 UVZDIITXGFXCCUMZKOZGDSDWGDLTSZLIYNIZSXGZ",
15 "trunkTransaction": "JKMZCKZPQVRANLGVLIGAYBHOUWCWNSERGAMXODAXHM
16 MUSYNBQXHOWRUOXRV9PVTDPKPKS9WPOVIPV9999",
17 "branchTransaction": "OHPWMPWYVZFFNILOCWYMDZBWYHIBAQAJWWVUGNLYAFSP
18 MEQGBGETDHMBHUUWXSLEHBPTGEVK9HZK99999",
19 "tag": "DF9999999999999999999999999",
20 "attachmentTimestamp": 1543304495367,
21 "attachmentTimestampLowerBound": 0,
22 "attachmentTimestampUpperBound": 3812798742493,
23 "nonce": "CBRLAIKHUWUPCMALEHHMKOFE9TL"
24 }
The full descriptive anatomy of a transaction can be found in the IOTA documentation[12].Each such transaction can be in total 2673 trytes, where the signature (payload/message) canbe maximum 2187 trytes. If a transaction is longer than this, it will be split up into multipletransactions and grouped together in a transaction bundle.
6
3 Demonstrator Prototype
3.1 Overview of the demonstrator and its purpose
Our goal with the research project was to investigate and test out the IOTA technology inpractice as a framework for microtransactions. Our prototype achieved this by deliveringa datastream which only authorized users had access to for a fixed amount of time. Thisaccess was granted if a user paid a certain amount of IOTA tokens to the wallet belonging tothe streaming device. The following will mainly discuss the planning and setup for how weimplemented our prototype for selling sensor data. The experiments we did with MAM are asmaller part of the project and will be described in the section Testbed (Setup and Results),where we explain why we moved away from using it further in our prototype.
Though an IoT’s responsibility often is to perform some kind of action, many IoT devicesgather data that might be useful to other IoTs. In our case, we chose the scenario where anIoT provides data streams of sensor data and state information. At least one data streamshould be paid, and one should be free.
We mean this scenario properly shows the practicality of the IOTA technology. In ourimplementation we prioritized to keep the code dealing with the data stream decoupled fromthe code communicating to the Tangle. We knew that if we managed this, and we also gotour prototype up and running, one should easily be able to replace the given data streamswith other (perhaps more useful) data streams.
3.2 Planning
3.2.1 Components needed: Pi and sensor
Planning out our prototype we found that we needed an IoT device and a sensor. We choserespectively a Raspberry Pi and a DHT22 temperature and humidity sensor. A RaspberryPi is often not considered an IoT device by itself but is often the brain of one. For demopurposes, we considered it an IoT device acting as a bridge between the Internet and oursensor. More about these components under Testbed environment.
3.2.2 What runs on the Pi
For our final prototype, we needed the Raspberry Pi to perform four jobs simultaneouslyillustrated in figure 4. It has to host a PostgreSQL database to store user privileges, host aMQTT process as our data stream server, continuously read data from the sensor and publishthem on MQTT-topics, and continuously read the last transactions from the Tangle to see ifaccess should be granted to new users. The figure below shows the processes running on theRaspberry Pi, and is followed by a description of each process.
7
Figure 4: Raspberry Pi with all processes it runs
3.2.3 Purpose of MQTT process
The purpose of the MQTT server was for a client to be able to subscribe to the data streams.A client could then use its terminal process or any software of choice to receive the data.We chose Eclipse Mosquitto as the implementation of MQTT, together with a plugin calledMosquitto-Auth-Plug. This plugin added authentication to the MQTT server. When a clientsubscribed to a MQTT topic, the plugin looked up the user in the PostgreSQL database. Ifthe user didn’t provide correct password or have read permission for the topic, the connectionwas not created.
3.2.4 Purpose of PostgreSQL Database
The database contained two tables, Account and ACLs (Access Control Lists). The first tablehad user information, such as username, password, and if the user was super user. Super userscould read from and write to all topics, practical for admins and the IoT itself. The ACLstable had a username, topic and rw column showing whether the user had read access, writeaccess, or both to the topic. The table structure was given from the MQTT plugin.
3.2.5 Project Sketch
For a client to be able to subscribe to a MQTT topic, it must first transfer IOTA to thewallet of the IoT with its username and a topic. The IoT sees the incoming transaction andupdates the database to give access to the user for the specified topic. Simultaneously, theIoT publishes data to the MQTT topics. The client can now subscribe to the topic. Figure5 tries to show how the we figured data would flow though our application.
8
Figure 5: Simulates the dataflow of our application
3.2.6 Implementation Publish data
To read and publish data from the sensor we used Python. Python is a widely used pro-gramming language in use with Raspberry Pi, mainly because of all the GPIO and sensorlibrary that exists. The Python script got the current temperature, humidity and time everysecond, and published the data on three separate MQTT data streams. It used the terminalcommand mosquitto pub to publish data using MQTT. To publish temperature=20.5 to thetemp-topic as ”user1” with password ”password”, we wrote this line in Python:
1 subprocess.Popen(["mosquitto_pub", "-t","temp","-u", "user1", "-P", "password",
"-m", str(temperature)], stdout=subprocess.PIPE).communicate()
Which then ran:
1 mosquitto_pub -t temp -u user1 -P password -m "20.5"
in the terminal.
3.2.7 Check Payment
The JavaScript process communicating with the Tangle is what we consider the most impor-tant piece of the demonstrator prototype. It used an IOTA implementation called IOTA.lib.js.
9
The script connects to the PostgreSQL database and a computer node on the “devnet”, atest tangle for development purposes. To connect to the Tangle, we wrote:
1 const iota = new IOTA({provider: "https://nodes.devnet.iota.org/"});
Every five second it fetched all the transactions from the tangle on a specific address byexecuting this line:
1 iota.api.findTransactionObjects({ addresses: [depositAddress] }, ...);
In the callback function it returned an array of transactions. Each transaction had the sendersaddress, the amount of IOTAs, the message string in trytes, and the time of the transaction.We filtered away all old transactions and transactions where the amount of IOTAs was toolow. We then converted the message from tryte string to JSON and read the username andthe topic from the JSON-object. Using this we updated the ACLs table in the database,giving read permission to the specified user for the specified topic. To update the databasewith information from message we wrote:
1 const result = await client.query(
2 "UPDATE acls SET rw = 1 where
3 username = $1::text and
4 topic = $2::text
5 RETURNING *",
6 [message.username, message.topic]
7 );
3.2.8 TypeScript
Although the script was executed as JavaScript, it was written in TypeScript. TypeScriptis a superset of JavaScript that supports static types for all variables and functions[10].TypeScript is transpiled to JavaScript before execution. Writing code with static types hasa significant impact on the development workflow. It enables the developer to use tools thatanalyses the statically typed code, which wouldn’t be possible with plain JavaScript. Someof the useful tools we used with TypeScript was the linter and the refactorer.
Instead of the IOTA API functions returning objects we didn’t know anything about, wecould now derive the type of all the objects. The transaction object for instance had this(simplified) type:
1 interface ITransactionObject {
2 hash: string;
3 address: string;
4 value: number;
5 timestamp: number;
6 nonce: string;
7 state?: boolean;
8 }
10
3.2.9 Promises
Many of the IOTA API functions needed callback functions as arguments. These callbackfunctions are an outdated way to perform asynchronous tasks, and lead easily to unreadablecode. With help from the linter we were able to wrap these functions in promises, whichmakes asynchronous tasks appear synchronous to the developer, which is easier to reasonabout. The wrapper code was hard to derive, but the type system helped us verifying that itwas correct:
1 function promisify<Arg1, Result>(
2 fn: (arg1: Arg1, cb: (err: Error, result: Result) => void)
3 => void,): (arg1: Arg1) => Promise<Result> {
4 return (arg1) =>
5 new Promise<Result>((resolve, reject) =>
6 fn(arg1, (err, result) => (err ? reject(err) : resolve(result))),
7 );
8 }
11
4 Setup and Results
The testbed/sandbox environment offered by IOTA is a separate Tangle called the devnet (re-cently renamed from testnet). As opposed to the mainnet, the devnet uses development-tokenswith no real value. The devnet is separated from the mainnet, so there is no communicationbetween these environments. Besides from using different tokens, in the devnet the proof ofwork is done faster than in the mainnet since the proof of work difficulty is much lower[5], sotransaction time is lower. For our project, the devnet and main net would yield the same re-sults, but we could use dev-tokens instead of real IOTA (which would require getting verifiedon a cryptocurrency exchange, do an international bank wiring and trade tokens).
4.1 IOTA wallet and dev-tokens
To send and receive transactions via the Tangle one must have an IOTA wallet with associatedaddresses. There are two official IOTA wallets; the Trinity wallet and the IOTA light wallet.The light wallet is a stateless wallet, meaning no information is stored on your computer buteverything is retrieved from the Tangle. The Trinity wallet, on the other hand, is statefuland thus stores some information locally on your computer. Being released summer 2018, itis the newest and most advanced of the two. It also allows users to add messages with thetransactions, something we needed for out demonstration, as the username for the buyer isattached to the transaction as a JSON string. In addition, the Trinity wallet allows you tohave several accounts on a single wallet, something that was quite convenient since we coulddo the sending/receiving (buying/selling) on the same computer. To create an account, onemust first generate a random 81 tryte seed. This is done within the Trinity wallet by anentropy function which gathers random data based on user input. The generated seed can beused to access your wallet from anywhere, such as if you want to open it on another device.Therefore, the seed is the private key used to access all IOTA tokens on its wallet, and it mustbe kept secret. For our purposes, we only used development tokens which have no real value.We received 1000i (i representing the smallest currency, one IOTA dev-token) by contactinganother developer on one of IOTA’s discussion channels on Discord. The wallet also had to beconfigured to the devnet by adding the devnet node: https://nodes.devnet.iota.org:443/
4.2 Masked Authenticated Messaging (MAM)
Our first demonstration of the IOTA framework was sending and receiving Masked Authen-ticated Messages via the Tangle. MAM is a module built on top of IOTA, and is a formof encrypted messages, which can be confirmed to know sender is an authenticated device .A stream of MAMs are all associated in a chain, as each message carries a reference to thepreceding one. Each of these messages is encrypted and stored securely onto the Tangle, andonly authorized devices can retrieve and decode that information. A chain of messages has a“root” in trytes, which can be used by a received to listen to the message stream. Testing outthe MAM module serves a couple of purposes. First and foremost, it demonstrates that wecan publish and retrieve useful information from the Tangle. Furthermore, this informationcan only be accessed by authorized users, and requires the “root”, and also a sidekey if thesecurity level is set higher.
We found a tutorial on the internet for setting up the Raspberry Pi and sending MAMover the Tangle[11], as well a a Javascript library. It contained a setup for sensor readings
12
which we used. This library contained javascript files for publishing and receiving MAM, sowe didn’t need to do much changes there. For some reason we had to change the node fromhttps://nodes.testnet.iota.org:443/ to https://nodes.devnet.iota.org:443/ to beable to publish MAMs to the Tangle. Once everything was setup, publishing and receivingsensor data via the Tangle was straight forward from the terminal:
Publishing sensor data as MAM to the Tangle:
1 pi@raspberrypi:~/dht11-raspi3 $ node mam_sensor.js
2 json= {temp: 21.0 C, humidity: 63.0 %}
3 Root:
BOPK9RIHTDCLJOVZWUJHUAQALHMZOXPIHRMYEZJNWTSS9BCP9BTUMRNEUDUJULEDZGMMFTFYTVZSUGLKK
4 Address:
OEBEOHOJQNAJLYKDFDX9YYIQHOHKOKHAKBTXOWQEMMCVKLRVXBLQEUXEBAHFXWVFTDGAKMFWQPSJWRKLF
Retrieving MAM from the Tangle (using root):
1 Mathias-MacBook-Pro-2:dht11-raspi3 mathiasgronstad$ node mam_receive.js
BOPK9RIHTDCLJOVZWUJHUAQALHMZOXPIHRMYEZJNWTSS9BCP9BTUMRNEUDUJULEDZGMMFTFYTVZSUGLKK
2 dateTime: 26/11/2018 07:10:46, data: {temp: 21.0 C, humidity: 63.0 %}
Note that the data payload is in JSON format, something which makes it easier to work with.For example, in the next part of the project, we extract the username field of JSON-messagesand use it to check against a database of authorized users.
One of the reason we went away from publishing MAM sensor data to the tangle is thatdoing PoW takes time, and thus causes some lag (up to several minutes). If a buyer wantssensor data real-time, it would be more suitable to subscribe to a direct datastream, althoughit might be less secure than using MAM. One such technology, which is tailored for IoTdevices is MQTT, which is what we chose for the next part of the project.
Another reason we went away from using MAM was problem with user-authentication.As we understood the MAM technology, once a user knows the root (and possibly sidekey) ofthe publisher, he can access the would chain of MAMs published by that node. We wanted tosell sensor data on a time-based scale, for example 1 IOTA per hour, something which MAMdidn’t seem to be suitable for. In addition, using the Tangle for data storage is very ineffective.
Let’s for example take 100 kB, which amounts to about100, 000 ∗ 8
3× ln 2
ln 3= 168, 248 trytes.
As one transaction contains 2673 trytes (2187 of which are payload), a 100kB transactionmessage would require about 77 transaction objects. How long time the PoW takes dependshighly on the machine doing the work, but can typically be in the range 10-30 seconds[13], arange consistent with our experiments. Using 20 seconds pr transaction, it would take around77*20s = 26 minutes to upload 100kB to the Tangle.
4.3 Selling sensor data
As we went away from MAM we had to consider other technologies that could distribute thesensor data. We came across one tutorial[1] which talked about many of the things we wantedto achieve, so we based the following work on what we found. In addition to the configurationalready done, we had to setup MQTT with authorization and a database on the RaspberryPi.
13
4.3.1 Further setup of the Raspberry Pi
A full guide to how we got the Raspberry Pi up and running is found at our GitHub: https://github.com/knutanderss/iota-research-project.
In short, after installing PostgresSQL on the Pi, we initilized a PostgreSQL database byrunning run setup.sh. This is a script we wrote that basically creates two tables in a databaseMosquitto with a user Postgres that has owner rights. With the database up and running wejust had to download Mosquitto and Mosquitto-auth-plug. With some configuration it wasready.
4.4 Application
With everything ready, only running the application was left. Our application focused onthe seller side of things and works as a pure IoT device, while we had to do the buyer sidemanually. This is mainly because of the time constraint of this project and is not a becauseof the technology.
4.5 Seller side
We ran the Raspberry Pi as we stated in the planning section of the report and we managedto get these results.
Costumer John Doe tried to get information that was public and he got it.Costumer John Doe tried to get information that was not public and did not receive
anything.Costumer John Doe payed IOTA and included his username and the topic in the message
part of the transaction and therefore he got access to the requested topic.Now the information was from a sensor that only gives humidity and temperature, but
this could easily be placed on a geographical location that would make even this informationvaluable.
14
5 Conclusions
5.1 The IOTA technology and its maturity
Our simple prototype demonstrated that the IOTA could possibly be used as a frameworkfor microtransactions. This however does conclude that the technology can in fact deliver onits promises to facilitate a machine to machine economy on a large scale. The technology isstill in its infancy and the IOTA foundation has gotten critique for issues with scalability andthe ease of possible spam-attacks due to its feeless nature.
The IOTA technology is not yet mature. It was created in 2015 and the mainnet was livein 2016. The Tangle still uses something called the Coordinator, which is controlled by theIOTA Foundation. The purpose of the Coordinator is to maintain consensus in early stages byissuing milstone transactions which verify other transactions. IOTA has also gotten critiqueon this, since it constitutes a more centralized system, even though the coordinator is just atemporary entity that is planned to be removed[6]. Although IOTA has several competitors,such as IOTW[9], IOTex[8], Walton Chain[14] and IoT Chain[7], it has the largest marketcap of such technologies in the cryptocurrency market space[3].
5.2 Documentation
We found the documentation for developing with IOTA-based application quite scarce. Eventhough they offer APIs in several major programming languages, such as Java and Javascripton Github[4], there are little detailed examples on how to get started with these. They doprovide relatively detailed documentation about the IOTA technology on their website andin their whitepaper. This seems quite impressive at first glance, but as software-engineers wewould like to see more detailed explanation on how to create applications using the technology.Although we didn’t find everything we hoped for in their documentation, IOTA has a helpfulonline community. On their Discord chat groups we could ask specific questions and get helpwith nitty gritty details regarding implementation. We also received our dev-tokens from onemember. We also found a couple of blog posts [11, 2] describing some projects developed. Weused these to get us started.
5.3 Learning Curve
The IOTA API is offered in several common programming languages, and using it is fairlyeasy once you’re familiar with it. The API functionality is accessed easily with simple lines ofcodes, but we found it a bit difficult to get started, as there were very few thorough examplesto look at. This is a natural consequence of IOTA being a new technology with few projectsbeing developed, something that will likely improve in the future as the technology maturesand more developers look into it.
15
References
[1] anonymous. Raspberry Pi Humidity Software Installation and Testing. url: https:
//tutorials-raspberrypi.com/raspberry-pi-measure-humidity-temperature-
dht11-dht22 (visited on 20/11/2018).
[2] Benjamin Cabe. Monetizing IoT Data Using IOTA. url: https://blog.benjamin-cabe.com/2017/12/21/monetizing-iot-data-using-iota (visited on 24/11/2018).
[3] CoinMarketCap. Top 100 Cryptocurrencies. url: https://coinmarketcap.com/ (vis-ited on 27/11/2018).
[4] IOTA foundation. IOTA - GitHub. url: https://github.com/iotaledger (visited on27/11/2018).
[5] Iota foundation. Devnet-Developer Network. url: https://docs.iota.org/introduction/networks/devnet (visited on 19/11/2018).
[6] David Hundeyin. IOTA Outlines Plans for Killing Off its Centralized ‘Coordinator’.url: https://www.ccn.com/iota- outlines- plans- for- killing- off- its-
centralized-coordinator (visited on 27/11/2018).
[7] IoTChain. IoT Chain. url: https://iotchain.io (visited on 27/11/2018).
[8] IOTEX. IoTeX - A privacy-centric blockchain platform that is fast, flexible and Internetof Things (IoT) friendly. url: https://iotex.io (visited on 27/11/2018).
[9] IoTw. IOTW, A Scalable Blockchain - Proof of Assignment Protocol. url: https :
//iotw.io/#1533072670180-72bdb20c-4efa (visited on 27/11/2010).
[10] Microsoft. TypeSctipt. url: https://www.typescriptlang.org/ (visited on 27/11/2018).
[11] Mobilefish.com. IOTA. url: https://www.mobilefish.com/developer/iota/iota_quickguide_raspi_mam.html (visited on 23/11/2018).
[12] Mobilefish.com. Online Iota Wallet. url: https://www.mobilefish.com/services/cryptocurrency/iota_wallet.html (visited on 22/11/2018).
[13] Thomas Pease. Decoding the Tangle. url: https://medium.com/konfid-io-blockchain-reports/iota-report-decoding-the-tangle-part-4-4-939543ac0050 (visited on24/11/2018).
[14] Waltonchain. To create a business ecosystem integrating blockchain with IoT. url:https://www.waltonchain.org (visited on 27/11/2018).
16
