Staex: Data Sharing for IoT
2024-06-17
Staex Internet of Data - Web3 IoT data infrastructure.
With the support of peaq, Staex completed a groundbreaking project about Web3 IoT data infrastructure with a stable economy. The goal of this project was to create decentralized real-time broadcasting software which can be run on IoT devices, giving device owners the possibility to share their data. This also allows for other people to find useful data and gather it from devices and sensors.
In this article, we want to share how we achieved such a goal utilizing Staex and peaq networks.
peaq DIDs
First of all, we built a data marketplace to add the following functionality to our system:
- 1. IoT device owners can publish which data they have and how to gather it.
- 2. People can search for particular data and how to collect it.
To accomplish this task we used peaq DIDs and the provisioner. peaq DIDs provide a decentralized identity (aligned with the W3C specifications) for all network participants. The provisioner is a software written by the Staex team to run on IoT devices, managing everything related to the Internet of Data system’s operation.
When an IoT device owner starts the provisioner on a device, they specify details about the device and sensors in the provisioner configuration file: data type (temperature, speed), location (name or GPS coordinates), pricing, and any additional information.
The provisioner requests actual on-chain information from the peaq DID pallet and compares it with the information from the configuration file. The provisioner then decides to create or update some on-chain information to ensure it is up to date. You can find the source code for how this works here.
Simultaneously, Staex has its own peaq DIDs indexer software that listens for all on-chain events related to the peaq DID pallet and saves them to an SQL database. As all DID updates are stored in the SQL database, users can browse through them via a user interface that requests any information via HTTP API with filtering to find particular devices, sensors, or types of data. You can find the source code for how this works here.
All software written for this project is in Rust. We have implemented a peaq network client in Rust to interact with it. Our client can work with peaq DID, peaq RBAC, and some Substrate related functionality like blocks and events scanning, as well as token transfers. The source code is located here.
Broadcasting
IoT device owners can choose any protocol or program for real-time broadcasting of their data: message queue, database, HTTP server, etc…. The provisioner is agnostic to IoT sensors or broadcast programs.
The device owner should use or write their own program to read data from sensors. This program should then send data to a broadcast program. Alternatively, the program for reading data sensors and the broadcasting program can be united. We have implemented our own program that generates data from sensors and broadcasts that data using the MQTT protocol. The source code is located here.
At the same time, the provisioner, through managing an operating system child process, is responsible for keeping the broadcasting program up and running. In case of an error or update, it will be restarted automatically. To achieve this, the provisioner spawns a separate operating system child process and monitors it. If the child process exits for any reason, the provisioner will try to restart the program. The source code is located here.
Staex Public Network
To ensure real-time broadcasting is secure and allows granular access control by the owner, we want to introduce the Staex Public Network.
The Staex Public Network is a zero-trust network that is the backbone for today’s Internet of Things. It is an Internet overlay that hides the real IP addresses of devices, uses public keys as addresses, and prohibits any traffic by default. Staex provides end-to-end encryption and trust at the network level. It automates the process of making IoT devices part of the network (port forwarding and DNAT).
Through the child process scheme, the provisioner starts the Staex MCC node and manages its lifetime. The Staex MCC establishes secure and reliable communication with other Staex MCC nodes. To make this work, it is necessary to start a Staex MCC node on the client side as well. Source code is located here.
peaq RBAC
The RBAC pallet within the peaq network operates as a decentralized system for role-based access control. This enables users to create roles and permissions. Accordingly granting or withdrawing access to resources based on the defined roles and permissions.
When an IoT device owner wants to grant access to another person, they can use the provisioner command-line interface. The IoT device owner needs to know the DID of the person to whom they want to give access. By executing this command, the provisioner adds a new DID to the IoT device owner’s RBAC group. Once the transaction is completed, the provisioner receives a new notification and adds a new rule to the Staex MCC node configuration to grant access. After this, the person can start gathering data from the IoT device or sensor.
It is worth mentioning that the IoT device owner does not need to execute the command on the device. It can be executed from anywhere. The provisioner on the device just needs to receive a notification from the peaq network about the successful transaction and event.
Before sharing, the provisioner gets the RBAC group name, permission, and roles from the configuration file and synchronizes everything within the peaq RBAC pallet to ensure it is up to date. Communication with the peaq network is done though the same Rust client. The source code is located here.
Schemas
Conclusion
In simple terms, the Staex team has simplified the Web3 onboarding process, making it easier for IoT device owners to share their useful data with some profit. It also allows others to find and use this data transparently, securely, and easily for their personal or research purposes.
Staex is a secure public network for IoT devices that can not run a VPN such as smart meters, IP cameras, and EV chargers. Staex encrypts legacy protocols, reduces mobile data usage, and simplifies building networks with complex topologies through its unique multi-hop architecture. Staex is fully zero-trust meaning that no traffic is allowed unless specified by the device owner which makes it more secure than even some private networks. With this, Staex creates an additional separation layer to provide more security for IoT devices on the Internet, also protecting other Internet services from DDoS attacks that are usually executed on millions of IoT machines.
To stay up to date subscribe to our newsletter, follow us on LinkedIn and Twitter for updates and subscribe to our YouTube channel.
See also
Cell towers EMF certification process with Web3 Foundation
2024-06-14
In this article we discuss how we achieved automated and transparent way for cell towers EMF certification.
Staex latest release features tunnels as the ultimate network isolation tool
2024-06-04
The tunnels force network traffic to go through them. Any network packets that try to bypass tunnels are dropped. If no tunnels are defined, no network traffic is allowed.
Public network for IoT devices
2024-02-23
Staex public network is a zero trust network that is the backbone for the today's’ demand of the Internet of Things. In this article we discuss why we are creating such a network and how it can be useful to anyone dealing with IoT devices.