vlad-ns
commented
4 years ago Description: Alice (device owner) delegates access to Bob for certain amount of IOTA tokens which are transferred from Bob wallet to the device.
Steps:
- Alice creates new policy with references to:
- Subject Bob_ID
- Object Device_ID
- Action
- Cost (and currency?)
- request.isPayed flag
- Optional constrains: Time, location..
- Policy is placed on Tangle policy store and synchronised with the device automatically though policy updater mechanism.
- Bob connects to the device and polls all actions that are delegated to him using Access Secure Networking API. Some actions will be locked and require payment transaction to unlock. API also provides wallet ID of the device.
- Bob creates transaction that contains address of the Bob wallet, device wallet and amount of tokens. Transaction is stored on IOTA Tangle.
- Bob notifies device about transaction
- Upon notification from Bob, device verifies transaction on IOTA. Verification is stored in data acquisition plugin.
- PIP contains reference to the payment verification content (request.isPayed) which is used by PDP to calculate policy.
- Each time access request occurs, PDP will check whether policy is payed by checking PIP locally.
bernardoaraujor
oopsmonk
Summary This issue is particularly crucial because this is what actually turns FROST into IOTA Access, and this integration is the backbone of the project.
Description Code under
iota/token-storeis all TypeScript. It performs the role of Token Store on the Cloud with IOTA Hub.On the Embedded side,
embedded/bc/bc_daemon.ccommunicates with this service. It does it mainly via cURL.If the IOTA Token/Seed/PrivKey is the main piece of information that identifies each device, it is important that it is embedded in the device itself (ideally on a secure, tamper-proof storage).
Communcation with the node must be done via CClient calls.
JIRA: AXS-39