rounded

Written by: @tlay_io

 

background


TLay Overview


TLay, Trust Layer of DePIN Infrastructure, means the trust layer of DePIN (decentralized physical infrastructure network), and is committed to building a digital trust layer for DePIN infrastructure to promote large-scale cooperation and build a public asset network for real-world assets (RWA). TLay's goal is to improve transparency, real-time and fairness by registering, issuing and running physical world assets locally on the blockchain, thereby enabling large-scale collaboration between machines around the world, and innovatively exploring a more open, interconnected and innovative next-generation distributed digital business and finance.

 

TLay's products integrate core functions, including BoAT3 trusted chips/modules, BoAT3 Lite/Agent SDK, BoAT3 IoT Oracle services and DePIN application chain (Appchain), as well as DePIN MVP startup support. BoAT3 trusted chips/modules are used to quickly convert a variety of IoT devices into devices that support DePIN functions, greatly reducing the difficulty and time cost of implementing DePIN. BoAT3 IoT Oracle is a decentralized oracle built specifically for DePIN scenarios, ensuring that verifiable data generated by DePIN units is reliably recorded on the chain. TLay DePIN application chain is an EVM-compatible application chain that uses a Rollup architecture to achieve high-performance and low-cost data processing. The TLay family simplifies the development process of DePIN and helps developers and startup teams quickly start projects.

 

Introduction to DePIN


DePIN (Decentralized Physical Infrastructure Network) is a new form of infrastructure construction organization based on Web3, which aims to jointly build physical infrastructure networks (such as wireless networks, storage networks, etc.) through large-scale collaboration of the global community.

 

Today, more and more people are devoting themselves to the social practice of building DePIN in order to make real life better. Contributors who participate in the construction of DePIN, as providers of infrastructure services, receive rewards by building and operating physical infrastructure networks. This reward is highly dependent on the accurate measurement of their actual contribution (Proof of Physical Work, or PoPW).

 

Physical Proof of Work (PoPW)


Accurately measuring, reliably reporting, and efficiently verifying the physical work of DePIN units is essential for every DePIN project. A DePIN unit is a facility that performs physical work. For example, for a wireless network unit, PoPW is the number of bytes it transmits; for a solar power unit, PoPW is the amount of energy it generates. Physical work (PW) represents the state or value of some real-world asset. Regardless of the exact measurement standard, DePIN units are typically equipped with IoT devices to measure and report PoPW, which is verified by the network. Unlike blockchain-native data, PoPW is off-chain data, so an IoT oracle is required to securely transmit PoPW to the blockchain for contribution assessment.

 

However, traditional IoT devices often cannot access blockchain services as easily as computers due to constraints in computing power, storage space, networking performance, and power consumption. Take Arkreen's renewable energy data collector as an example. The data collector is used to regularly measure and report energy data, but due to constraints such as cost, it is usually a typical weak device. In such a weak device, it is difficult to install a program like an Ethereum client to pass PoPW to the blockchain as on a computer. The purpose of TLay is to eliminate this gap and realize the transmission of PoPW from IoT devices to the blockchain, thereby bridging real-world assets to the digital world.

 

TLay Overview


The development of BoAT3


BoAT3 (Blockchain of AI Things for Web3) is the latest evolution of the well-known open source project BoAT-X. Since its launch in 2018, BoAT-X has been committed to enabling any IoT device to access blockchain services, so that every IoT device can act as a blockchain oracle. The "X" in the name of BoAT-X means unlimited possibilities. BoAT-X enables the IoT industry to integrate blockchain capabilities, including on-chain identity management (encryption algorithms and keys), verifiable declarations, and transactions on-chain, helping the traditional IoT industry to smoothly evolve into the Web3 era.

 

Most blockchain projects are committed to providing services on the Internet with people as the direct object, while BoAT-X is uniquely focused on the Internet of Things. With the rapid development of the Internet of Things in recent years, it is expected that by 2025, the number of IoT devices will exceed 5 times the global population. The huge number of IoT devices efficiently captures a large amount of data every day, providing data for various applications such as AI training and reasoning. Therefore, the credibility of data is the core of data utilization and monetization.

 

Blockchain is a trusted way for multiple parties to ensure data authenticity and record the activities that generate data, but this is not easy for IoT. The performance of most IoT devices is much weaker than people think. For example, in many Web3 projects for IoT, Raspberry Pi is used. Although Raspberry Pi is much weaker than a computer, it is already one of the most powerful IoT devices. In most large-scale IoT applications, the performance of IoT devices is often much weaker than Raspberry Pi. How to connect large-scale IoT devices with strong or weak performance to blockchain is the challenge that BoAT-X is trying to solve.

 

The basic approach to solving this challenge is to tailor the most necessary functions of the blockchain wallet and port them to the key components of the IoT device. Over the past five years, the BoAT-X framework (a multi-chain IoT blockchain wallet) has supported mainstream IoT chips and modules, especially those with demanding resource constraints. By covering these chips and modules, BoAT can enable most IoT devices equipped with these chips or modules to roam in the new world of blockchain.

 

Now, BoAT has further expanded from the device side to the IoT oracle for DePIN.

 

DePIN Oracle for PoPW


BoAT3 IoT Oracle is a DePIN oracle for PoPW. It provides a set of hardware and software for DePIN projects involving IoT devices, cloud services, and blockchain services to generate, report, and verify proof of physical work.

 

PoPW process in DePIN system


A typical PoPW process is as follows:

 

1. The DePIN unit performs some physical work (e.g., renewable energy generation) and produces power generation data.

 

2. Among these data, there may be some non-PoPW application data (e.g., low battery alert) that is sent directly to the dApp backend (purple path), which is beyond the scope of this article.

 

3. At the same time, the DePIN unit generates a PoPW that packages together the working data (e.g., temperature and humidity). The wallet in the DePIN unit holds the unique device encryption key and signs the PoPW. The signed PoPW is then sent to the IoT oracle along the blue path in the figure.

 

4. The IoT oracle verifies the signed PoPW based on the device credentials registered in the DID. If the verification passes, the verified PoPW is sent to the blockchain and dApp, following the green path.

 

5. Once the verified PoPW is sent to the blockchain, dApps can further process based on these PoPW (for example, reward participating DePIN units based on the PoPW workload).

 

BoAT3 Concept and Challenges


BoAT3 IoT Oracle focuses on a common requirement of the DePIN project, namely the PoPW protocol, that is, how to smoothly and securely pass PoPW from diverse IoT devices to the blockchain. It solves several key needs:

 

  • Active data feeding: Most blockchain oracles are passively triggered by smart contracts to request off-chain servers (data sources) to provide valuable information, while BoAT3 IoT oracles mostly work in active feeding mode. This is consistent with the typical behavior of most IoT devices, which usually actively send data to the backend at a certain time interval or when triggered by an event. In addition, depending on the network topology (such as LoRa network) and energy-saving strategies, some IoT devices are in sleep mode most of the time and can only receive control commands when they wake up and upload data. Therefore, usually, IoT devices actively transmit PoPW to the blockchain through BoAT3 IoT oracle.

 

  • Flexible blockchain capability support: The diversity of IoT devices means that flexible methods are needed to securely generate and report proof of physical work (PoPW). Unlike powerful servers, the capabilities of IoT devices vary greatly, ranging from lightweight microcontrollers (MCUs) running at only tens of MHz and with only tens of kB of memory, to more powerful devices such as Raspberry Pi, and Android-based smart modules running at over 1GHz with multiple CPU/GPU cores. TLay provides blockchain-enabled chips and modules as well as software development kits (SDKs) for IoT devices to meet the chain needs of different types of IoT devices.

 

  • Managing device identity: For most decentralized applications (dApps), users are usually anonymous unless they bind their blockchain identity (address) to their real-life identity (e.g., social media account). However, this is not the case for DePIN units. Device identity verification (KYD, i.e., "Know Your Device") is a necessary step in the DePIN network to verify the physical workload of each DePIN unit. Only by trustlessly managing the identity of IoT devices can we ensure that only registered IoT devices can generate valid PoPWs.

 

  • Separation of PoPW Verification and Workload Evaluation: BoAT3 IoT Oracle verifies each PoPW report by verifying the signature of the PoPW. Each valid IoT device has a registered identity, and only untampered PoPWs from authentic DePIN units can be verified. Since the physical work (PW) depends on the specific DePIN project, the evaluation of the PW is separated from the verification of the PoPW. This allows the BoAT3 IoT Oracle to focus on the standardized verification of the authenticity of the PoPW, while leaving the evaluation of various PWs (based on the verified PoPW) to the dApp.

 

  • Multi-chain adaptability: A prosperous DePIN ecosystem should cover multiple dApps running on different blockchains. As an infrastructure, BoAT3 IoT Oracle extends its flexibility by introducing customizable dApp connectors on oracle nodes. This allows DePIN projects to customize how PoPW is delivered to their blockchains and smart contracts.

 

  • IoT Platform Integration: While PoPW is a key message generated by IoT devices, IoT data is not just PoPW. BoAT3 IoT Oracle can be integrated into IoT platforms to handle both PoPW and non-PoPW data in a scalable manner.

 

  • Privacy protection: Privacy protection is one of the cornerstones of the DePIN project. If the original PoPW contains sensitive information, it must be encrypted before leaving the IoT device. The BoAT3 IoT oracle integrates a confidential computing environment and zero-knowledge proof (ZKP) technology to allow sensitive data to be processed in a trusted environment and generate a ZKP proof of the authenticity of the result.

 

  • Decentralized Oracle Nodes: BoAT3 IoT Oracle is a decentralized oracle. Any qualified oracle service provider can register its service endpoint on the chain. The specific terms of service are determined by each service provider. Through these efforts, BoAT3 IoT Oracle is able to help DePIN projects enter the market quickly and securely. It provides all the tools required by DePIN projects to build their digital MRV (measurement, reporting and verification) capabilities.

 

DePIN Application Chain


For the DePIN project, the underlying blockchain infrastructure must meet several key requirements:

 

  • Performance and cost: DePIN projects typically involve tens of thousands or even millions of IoT devices, generating a large number of transactions per reward cycle. Therefore, the blockchain must provide high performance, strong security, and low cost. Modular blockchain solutions like Rollup meet these requirements well, making them a wise choice to support DePIN projects.

 

  • Storage requirements: PW and PoPW data are usually large in size, and some even need to be retained for a long time. Therefore, this data is usually stored off-chain and remains accessible without being censored. Decentralized storage solutions such as Filecoin, Arweave, Kwil, or cloud storage are suitable choices to ensure that the data is fully open to the community and prevent data tampering.

 

  • Cross-chain services: Collaboration between different DePIN projects is essential to provide convenient user services. Since these projects may run on different blockchains, trusted cross-chain services are needed to facilitate seamless collaboration between them.

 

In view of the above needs, TLay incorporates the DePIN application chain based on Rollup.

 

TLay Architecture Analysis


IoT devices integrated into DePIN units


BoAT3's IoT device integration is an extension of BoAT's indirect mode of operation. IoT devices integrate with the BoAT3 Lite SDK to create their own blockchain wallets and work with the BoAT3 IoT oracle nodes. Background on the indirect approach can be found on BoAT-EdgeDocs.

 

BoAT3 Lite SDK

 

BoAT3 Lite SDK is a C-language lightweight blockchain wallet software development kit designed for embedded devices. It manages the device wallet, enabling IoT devices to generate and sign PoPWs and transmit them to the BoAT3 IoT Oracle node for verification. Most IoT devices are resource constrained, with limited computing power, storage capacity, and connection bandwidth, making it difficult to run Node.js and other blockchain SDKs. The BoAT3 Lite SDK is highly optimized for such resource-constrained embedded systems, enabling devices to generate and report PoPWs.

 

BoAT3 Lite SDK supports many popular IoT chips and modules. It also provides a high level of security by adopting Trusted Execution Environment (TEE), Secure Element (SE) or SIM card (for cellular communication).

 

There is a list of IoT chips and modules that have BoAT integration. We will update this list regularly and work hard to support more chips and module models. In addition, if you need to connect the BoAT3 IoT Oracle to your IoT platform, we also provide BoAT3 Agent SDKs written in high-level languages ​​​​such as Java and Golang.

 

BoAT3 Trusted Chips and Modules

 

BoAT3 trusted chips and modules are IoT hardware components driven by the BoAT3 Lite SDK. In addition to normal connectivity capabilities, they are also able to generate and report PoPW to BoAT3 IoT Oracle nodes via the BoAT3 Lite SDK.

 

While the BoAT3 Lite SDK can be flexibly ported to almost any IoT hardware, this requires expertise in both blockchain and embedded/IoT domains. To shorten time to market, TLay works with partners to provide IoT chips and modules that already have the BoAT3 Lite SDK integrated. DePIN projects can choose these components and immediately have PoPW reporting capabilities. As a result, developers can focus on the business itself instead of dealing with SDK porting issues on various IoT hardware.

 

As standard hardware components, BoAT3 trusted chips and modules can speed up the large-scale deployment of DePIN projects by more than 10 times compared to adapting to various hardware one by one. In fact, the application fields and hardware forms of DePIN devices are very fragmented. BoAT3 trusted chips and modules are just common components that can be used in various DePIN devices. Through them, IoT devices can easily obtain PoPW capabilities.

 

BoAT3 IoT Oracle Architecture


The architecture of BoAT3 IoT oracle is as follows

 

BoAT3 IoT Oracle Architecture

 

Includes the following components:

 

  • Data Validator: The Validator verifies the trustworthiness of the Proof of Physical Work (PoPW) measured and reported by the IoT device. The signature and device identity of the PoPW is registered in the DID and verified against it. Once verified, the PoPW is passed to the Rules Engine for distribution.

 

  • Rule Engine: The Rule Engine is a distributor that distributes the verified PoPW to the corresponding connectors based on the DePIN project and the physical model of PoPW.

 

  • Connectors: Connectors are virtual machine instances that allow plugins to be loaded and executed as JavaScript modules to customize the processing of PoPW flows. DePIN projects can write their own JavaScript modules to process PoPW and adapt them to the blockchains and smart contracts they run.

 

  • Confidential computing environment and zero-knowledge proof (ZKP): A confidential computing environment is an isolated execution environment that can process sensitive data. In data applications, the valuable information is often the information extracted from the data, not the original data itself. If the PoPW contains sensitive information (such as personal information), the plaintext PoPW should be encrypted before it can be sent from the IoT device. The encrypted PoPW must be sent to the confidential computing environment to be decrypted, and the data is analyzed and processed using a pre-set algorithm to extract the required information. This extracted information is called a physical work claim. Physical Work Claim generally has sensitive information removed and can be released in plaintext outside the confidential computing environment, while the original data containing sensitive information will not be transmitted in plaintext. ZK Prover can work with the confidential computing environment to prove that the Physical Work Claim is indeed calculated by the agreed original data and the agreed algorithm. As a result, users can realize the value of data with the help of confidential computing environment and zero-knowledge proof without revealing the original data containing privacy.

 

DePIN application chain and on-chain services


DePIN application chain architecture

 

TLay’s DePIN application chain architecture

Based on Rollup technology, it is divided into the following key levels:

 

  • Ethereum Mainnet (Layer 1, L1): As Layer 1, Ethereum Mainnet provides the security and trust of the entire system and is responsible for the availability and settlement of Layer 2 (L2) data.

 

  • Rollup Layer 2 (L2): This layer adopts popular optimistic Rollup or zero-knowledge Rollup (such as Optimism, Arbitrum, and Polygon CDK) to provide high security and trust at a lower cost. However, due to its reliance on the data availability of the Ethereum mainnet, the performance and cost efficiency of L2 may not be sufficient to support the large-scale implementation of the DePIN project.

 

Many public service contracts serving the DePIN utility will be deployed on this layer, ranging from unified economic models to trustless cross-chain operations and decentralized identifier (DID) services. The L2 layer is the center of on-chain activities, enabling the DePIN project to interact with diverse on-chain ecosystems such as decentralized exchanges (DEX) and lending platforms. Miners on TLay Layer 3 can transfer their rewards to L2 to convert them into stablecoins.

 

  • TLay Layer 3 (L3): As Layer 3, this layer adopts OP or ZK Rollup, Layer 2 as the settlement layer, and uses a third-party data availability (DA) service. Its security and trust are inherited from Layer 2. By adopting a third-party DA service, its performance is no longer limited by the Block Gas Limit of Ethereum L1, which further reduces costs and improves performance. The performance and fees of L3 are sufficient to support the large-scale implementation of the DePIN project.

 

Due to the large number of DePIN projects, a single L3 chain may not be able to support all projects, so there may be multiple L3 chains running in parallel. They can achieve cross-chain collaboration across projects through trustless cross-chain contracts located on Layer 2.

 

The smart contracts of the DePIN project as well as the DID contracts and other contracts that directly serve the DePIN project will be deployed at this layer.

 

  • Data Availability (DA) Service: Use third-party DA services such as Celestia or EigenDA, which use data availability sampling (DAS) technology to ensure that the hosted data is fully accessible to the community, thereby avoiding data withholding attacks, which is an important guarantee for Rollup security. Using third-party DA services can prevent the consumption of Ethereum L1 Gas, thereby greatly expanding the throughput of the chain.

 

  • Data storage service: PW (Physical Work) or PoPW (Proof of Physical Work) data is the basis for the distribution of rewards in the DePIN project. To ensure the security and traceability of these data, they are usually stored off-chain and remain completely open. Data storage services can use decentralized storage solutions such as Filecoin and Arweave, as well as cloud storage. In order to ensure the accessibility of data and prevent data withholding, a challenge process is required to ensure access to the data.

 

On-chain services

 

TLay provides a series of on-chain services to support the operation and management of the DePIN project:

 

  • Decentralized Identifiers (DID) and Device Registration: Each IoT device needs to register an identity in the DePIN ecosystem. Unlike many Web3 projects that only care about digital signatures, the DePIN project not only verifies signatures, but also authenticates that the data and signatures come from registered IoT devices.

 

  • Oracle Node Registry: The Oracle Node Registry is an on-chain registry that lists eligible BoAT3 IoT oracle service providers. Any provider that meets the necessary criteria can set up a BoAT3 IoT oracle node.

 

  • Access Authorization: Access authorization allows DePIN projects to define rules for accessing the BoAT3 IoT oracle. For example, DePIN projects can determine which addresses can update the JavaScript code in the corresponding connector.

 

  • Zero-Knowledge Verifier (ZK Verifier): Zero-Knowledge Verifier is a library that allows smart contracts to verify zero-knowledge proofs (ZK Proofs) generated by the ZK Prover in the BoAT3 IoT Oracle node.

 

  • PoPW attestation service: As the default dApp attestation service, the BoAT3 IoT oracle has this service built in. Any IoT device can attest PoPW by calling this service, where the data is stored in decentralized storage and its fingerprint (e.g. hash value) is permanently stored on the blockchain.

 

  • Thing Model: A Thing Model is a custom data structure defined for an IoT device to report its PoPW. Any PoPW must follow a Thing Model defined by the DePIN project.

 

Developer Guide

 

Step 1: Determine the IoT network topology

 

The IoT network is usually a multi-layer star network. IoT devices (endpoints) connect to the IoT gateway, which in turn connects to the Internet or an internal network. Determining the specific configuration of the network topology requires consideration of multiple factors, including device capabilities, connection technology, routing configuration, business strategy, and regulatory requirements.

 

First, the location of the data trust anchor must be determined. The trust anchor is the starting point of the trust chain and is usually located where the data can be signed with a unique key.

 

 

Ideally, an IoT device should measure the physical workload (PW), package the measured PW into a PoPW, and sign the PoPW with its unique device key. This places the trust anchor in the IoT device, which is the point in the PoPW path closest to the source of the data. However, in some cases, the IoT device cannot sign the PoPW, which may be due to technical issues, business reasons, or both. Therefore, there are two more options to place the trust anchor: one is on the field gateway device, and the other is on the IoT platform on the cloud.

 

Regardless of where the anchor is placed, the anchor should generate and report the PoPW to the BoAT3 IoT Oracle node.

 

Step 2: Choose an IoT integration solution

 

If the trust anchor is placed on the IoT device or field gateway device, there are two integration options: software solution and hardware solution.

 

  • Software Solution: Port the BoAT3 Lite SDK to the target IoT device. The BoAT3 Lite SDK is a lightweight blockchain wallet SDK written in C, which is very suitable for running on IoT hardware. However, the C language is not cross-platform, which means that additional development work is inevitably required and embedded hardware and software skills are required to port the SDK.

 

  • Hardware solution: Choose a BoAT3 trusted module or BoAT3 trusted chip that has integrated the BoAT3 Lite SDK. Communication modules or chips are key components of IoT devices. Choosing supported models can avoid SDK porting issues.

 

If the trust anchor is placed on the IoT platform, no IoT integration is required. The IoT platform should integrate the BoAT3 Agent SDK, which is written in high-level languages ​​such as Java and Golang.

 

Step 3: Select PoPW verification mode

 

In different application scenarios, two PoPW (Physical Proof of Work) verification modes can be selected: plaintext PoPW and privacy-preserving PoPW to meet various needs.

 

Plaintext PoPW

 

In the plaintext PoPW scenario, PoPW is the raw data of some physical work.

 

Plaintext PoPW process

 

Plaintext PoPW process:

 

1. The IoT device measures the physical work and signs it with the device key.

2. The signed PoPW is sent in plaintext to the BoAT3 IoT Oracle node.

3. The data validator verifies the authenticity of the PoPW and then passes it to the rule engine.

4. The rule engine selects the corresponding connector and processes the verified plaintext PoPW.

5. The DePIN project’s custom plugin runs in the connector instance and passes the verified plaintext PoPW to the dApp.

6. dApp rewards DePIN units based on physical work.

 

Privacy-preserving PoPW

 

In the privacy-preserving PoPW scenario, PoPW is the encrypted data, and the Physical Work Claim is the calculation result of certain non-sensitive information extracted from the original data of the physical work.

 

Privacy-preserving PoPW process

 

Privacy-preserving PoPW process:

 

1. The IoT device measures the physical workload and encrypts it before signing it with the device key.

2. The encrypted PoPW is sent to the BoAT3 IoT oracle node.

3. The data validator verifies the signature of the encrypted PoPW and passes it to the rule engine.

4. The rules engine selects the corresponding connector to process the encrypted PoPW.

5. The DePIN project’s custom plugin runs in the connector instance, injecting the encrypted PoPW into the Confidential Computation Enclave.

6. In the confidential computing environment, the PoPW is decrypted and the physical workload statement is calculated through the algorithm within the environment, and a zero-knowledge proof (ZKP) is generated.

7. The physical work statement and its ZKP are sent to the dApp.

8. dApp verifies ZKP and rewards DePIN units based on physical workload claims.

 

Step 4: Prepare the connector plugin

 

To support multiple blockchains and smart contracts, the connector is a customizable JavaScript script that allows developers to define how to handle the verified PoPW. This includes at least reporting the PoPW to the dApp's smart contract. In addition, the PoPW can be stored in decentralized storage for later use. Developers can decide the specific behavior by writing their own plugin code.

 

in conclusion

 

The emerging DePIN ecosystem requires an IoT oracle and a high-performance, low-cost application chain to pass the physical proof of work contributed by the DePIN unit to the smart contract. Unlike other Web3 projects that mostly provide services directly to people, the DePIN unit is based on IoT devices. In this track, opportunities and challenges coexist.

 

Technically, the BoAT3 IoT oracle solves the diversity of IoT devices within the DePIN unit through the BoAT3 Lite SDK and the BoAT3 trusted chip and module with built-in blockchain wallet, enabling IoT devices to generate and report PoPW to the oracle node. The oracle node verifies the authenticity of the PoPW and passes it to the on-chain smart contract of the dApp through a connector customized by the DePIN project. The dApp rewards the DePIN unit based on the physical workload. For PoPW containing sensitive information, confidential computing environments and zero-knowledge proofs are involved to generate a verifiable physical work statement so that the dApp can evaluate the reward for the DePIN unit.

 

TLay accelerates the development of the DePIN project by standardizing PoPW generation, reporting, and verification protocols. Bitcoin, as we all know, has Proof of Work (PoW) built into its consensus method, but for DePIN applications, physical work (PW) is usually a benefit external to the blockchain. The application chain or smart contract of the DePIN project cannot directly measure PW, but requires the help of IoT devices and oracles to know PW. TLay not only provides the DePIN project with software to implement these protocols, but also provides key IoT hardware components, enabling the digital measurement, reporting, and verification (dMRV) mechanism based on trusted PoPW to be realized, thereby meeting the needs of various hardware forms of DePIN units in different fields and promoting the rapid growth of the DePIN project.

 

In summary, TLay securely and reliably transfers the PoPW of the physical world to the digital world of blockchain, establishing a trust layer for the DePIN infrastructure.