HIP 72: Secure Concentrators

[vincenzospaghetti]

HIP 72: Secure Concentrators

• Author(s) @dinocore
• Start Date: Oct 1, 2022
• Category: Technical
• Original HIP PR: HIP draft - Secure Concentrators #484
• Additional PR to adjust rewards: Modify Secure Concentrator reward factor to 1.25x #497
• Tracking Issue: HIP 72: Secure Concentrators #489

Summary

In this HIP, we propose a new type of IoT network actor: the Secure Concentrator Card (SCC). Secure Concentrator Card is similar to standard LoRaWAN concentrator cards, but with an additional Secure Microcontroller Unit (SMCU) and onboard GPS receiver. The SMCU digitally signs LoRa data packets as they are received from the radio. In this way, packet data and its corresponding metadata (RSSI, Frequency, GPS location, and time) can be verified to be authentic.

Motivation

Today's Helium Hotspot has a large security flaw. Anyone can modify the software running on a hotspot and generate fake LoRa packets. This is a big problem because PoC rewards are based on these packets. The new Secure Concentrator Card solves this problem by digitally signing packets in hardware. Secure Concentrators make it prohibitively difficult to game the PoC system by also utilizing tamper-resistant design elements (routed traces, hard-cured potting material, etc). The end result is a more secure Physical Root of Trust for the Helium IoT system and fair PoC earnings for all.

The proposed SCC design allows existing Helium miners to upgrade by swapping out existing concentrator cards with the new secure card. In addition, SCC would enable the DIY community to build their own hardware, greatly increasing the diversity and proliferation of hotspots.

Rendered View

https://github.com/helium/HIP/blob/main/0072-secure-concentrators.md

[vincenzospaghetti]

New PR adjusting the rewards from 3x to 1.25x was submitted by the author @dinocore1.

Please be aware of this change here: #497

[shawaj]

What are the next steps to move this forward?

[vincenzospaghetti]

@shawaj - we are still discussing the HIP over in #hip-73-secure-concentrators in Discord.

The high-level update:

• Great conversation between the author and the community - will continue to be presented at Community or Governance Calls as needed.
• Community feedback has been considered and implemented (rewards decrease).
• Going to be presented in front of the Manufacturing Compliance Committee (MCC) in the next couple of weeks.

I see no reason this is not going to go to a vote. It just needs some more eyes on it and questions answered about implementation (hence MCC).

Join the convo if you have not, or post questions here!

[vincenzospaghetti]

Update on HIP 72 - This will be presented to the MCC on Dec 19th. At that time, MCC will determine any flaws, challenges, and remaining questions, and provide some form of acceptance or denial (meaning, the Author needs to go back and make some edits before going to a vote).

[vincenzospaghetti]

Update on HIP 72 (1/4/2023)- This HIP was presented to the MCC on Dec 19th. There are three key responsibilities the MCC needs to answer:

1. How will they approve SCC Manufacturers, and how does this affect their current audit process
2. How will they manage the firmware keys
3. How will they manage firmware updates

And what resources do they need to support this work if they can assume it.

[waveform06]

The vote for HIP 72 is live and will end in approximately 5 days
https://realms.heliumvote.com/dao/iot/proposal/E3LHMo2Ke59vFUH5gMjtUSQoSHokodHujkNqPu5GwfYr

[waveform06]

The HIP 72 failed to obtain super majority approval despite getting 61.2% of the vote and has been defeated
https://realms.heliumvote.com/dao/iot/proposal/E3LHMo2Ke59vFUH5gMjtUSQoSHokodHujkNqPu5GwfYr