Cover photo

w3a.io Progress update

TL;DR:

w3a.io is a device that enables fully decentralized Ethereum-based authentication and authorization of physical devices in the real world.

We, a42, are glad to announce that our product has been granted from Ethereum Foundation and deliver our development progress of w3a.io and the derived product from w3a.io, wΞlock, a Web3 smart lock system that enables authentication by NFTs, ENS, and other Smart Contracts.

Summary

  1. A brief explanation of w3a.io

  2. The technology behind

  3. Process Detail

  4. Demo

  5. Future development

  6. Appendix: wξlock, a derived product from w3a.io

A brief explanation of w3a.io

w3a.io is a hardware device with the Ethereum node. It authenticates and authorizes the operations of physical devices through "identity verification by digital signatures" and "verification of usage rights through smart contracts."

The outstanding feature of w3a.io is that w3a.io itself is powered by the Ethereum node, allowing for fully decentralized authentication and authorization of IoT devices. Thus it works without relying on third-party services, such as Ethereum node providers and conventional authentication services.

Moreover, since w3a.io itself is connected to the Internet and its own Ethereum node, users only need to send a signature to w3a.io via Bluetooth LE during the operation, even though the user device, such as a smartphone, is not connected to the Internet.

The technology behind

w3a.io consists of three components:

  1. Hardware device

  2. Software that runs on the hardware device

  3. Smart contract that manages authentication and authorization of devices

For this alpha version, the hardware is selected to be reasonably priced and easily accessible to all, and the smart contract that handles authentication and authorization can be implemented simply.

1. Hardware device

The alpha version of w3a is built on top of Raspberry Pi. Raspberry Pi is one of the most commonly used microcomputers, accessible and affordable to everyone, from large corporations to small businesses, and is suited to one of Ethereum's philosophies: the common good. We believe that our product should also be a common good and that our product should be easy for anyone to build (install). It has sufficient functionalities such as BLE and WiFi to build w3a.io on it. However, some of its features are not suitable for production builds. Therefore, we will consider changing the hardware components of w3a.io for production build in the future.

2. Software that runs on the hardware device

Node.js is the processor software language running on w3a.io because there are a number of helpful Javascript/Typescript libraries regarding Ethereum, such as Ethers.js and Web3.js. As a result, developers can easily understand/modify the w3a.io procedure and get involved in development immediately.

In addition, Ethereum light node is running on Raspberry Pi. Therefore, the Node.js process can quickly check the smart contract state with its own Ethereum node without depending on other Ethereum node service providers, which archives the quick response time.

Node.js has sufficient functionality for the alpha version. Still, we plan to select other languages that can run faster with less memory and CPU for the production version, and we also plan to run full node on w3a.io in the next development phase.

3. Smart contract

w3a.io checks the smart contract's state after the owner's address is verified during the authentication process, which means its smart contract should only hold a simple state such as the users' true/false value. Of course, builders can implement it with more complex logic depending on their business logic. We demonstrated the demo version of alpha w3a.io with a super simple smart contract that holds an allowlist of users.

Process Detail

Phase 1: Identity verification by digital signatures

Phase 1
Phase 1

  • A user device connects w3a.io via Bluetooth LE.

  • The Ethereum Wallet App generates digital signatures, allowing users to verify identities without a traditional authentication server.

  • w3a.io derives the Ethereum wallet address from the digital signature, thereby confirming the address.

Phase 2: Verification of usage rights through smart contracts

Phase 2
Phase 2

  • w3a.io verifies that the Ethereum address derived from the signature data possesses usage rights to the requested device.

  • Since w3a.io itself contains an Ethereum node, it can inspect the data of smart contracts by referring to its node.

  • Once w3a.io confirms the usage rights, it is possible to order the device to operate or return an access token to the user or any services to use the device.

Demo

Play Video

We built the alpha version of w3a.io. In this demo video, we demonstrated:

  1. The user connects their wallet to the operation UI.

  2. The user connects their device (in our demo, it is Mac) to w3a.io via Bluetooth LE

  3. The user initiates an operation order to unlock the door powered by w3a.io

  4. w3a.io verifies the signature and checks the smart contract state, and unlock

  5. The user initiates an operation order to lock the door powered by w3a.io

  6. w3a.io verifies the signature and checks the smart contract state and lock

As w3a.io itself has its own Ethereum node, the response time is incredibly fast, and we used below the simple smart contract for the authentication/authorization management. This simple approach enabled fully decentralized Ethereum-based authentication and authorization of physical devices in the real world.

// SPDX-License-Identifier: MIT
 
 pragma solidity >=0.7.0 <0.9.0;
 
 contract w3aAllowList {
     address public owner;
     mapping(address => bool) public allowed;
 
     constructor () {
         owner = msg.sender;
     }
 
     modifier onlyOwner() {
         require(msg.sender == owner);
         _;
     }
 
     function addUser(address user) public onlyOwner
     {
         allowed[user] = true;
     }
 
     function removeUser(address user) public onlyOwner
     {
         allowed[user] = false;
     }
 }

Future development

We are finalizing the alpha version of w3a.io's hardware components and the smart contract and completing its development to achieve the final milestone of this grant program. We plan to demonstrate our alpha version product in some field tests and get feedback from users. We will publish all the grant program-related programming code on the git repository as soon as we finalize the alpha version.

After the demonstrations of the alpha version, we will move to the development of the next version.

Our next development includes the below milestones:

  • Full node support

  • The case of w3a.io hardware device

  • Hardware selection for beta builds

We believe our implementation will make real-world Ethereum Applications building easier and encourage further Ethereum. At the same time, we are looking to make more use cases of Ethereum in the real world.

If you are interested in joint research or demonstration testing of w3a.io in the real world, don't hesitate to get in touch with us!

Appendix, wξlock, a derived product from w3a.io

Play Video

wΞlock, a derived product from w3a.io, is a Web3 smart lock system that enables authentication by NFTs and other Smart Contracts. For example, you can easily create a place that only those with a particular NFT or ENS can enter.

Because, in this project, we focus on user experiences and utilities of Ethereum in our daily lives, wΞlock currently relies on several trusted points. In particular, our backend server, APIs, and 3rd party smart lock devices themselves. However, we keep improving this product in the long term to make it a fully decentralized service with w3a.io.