NFT Nixie Technical Deep Dive Part 1
Proof of authenticity for a physical NFT
Summary
This article will go through a technical deep dive of NFT Nixie’s proof of authenticity implementation. The previous article focused on dynamic pricing and other fungible token launch mechanisms, but did not really touch deeply on the underlying technology. Since there is a lot of moving parts to this project, this article will focus solely on the cryptography aspect.
Cryptography Implementation
Elliptical Curve Cryptography
Onboard the physical NFT “Nifty” Nixie clock, there is a special cryptographic coprocessor chip. This chip uses elliptical curve cryptography (ECC) to instantiate a private key which can never be revealed, erased, or modified. No one, not even the creator of the NFT Nixie, will ever know that private key. Even though the private key is locked inside the chip forever, the hardware can still use the chip to provide proof of authenticity using the elliptical curve digital signature algorithm (ECDSA). ECDSA allows the hardware to generate its own signatures originating from the private key. These signatures can be used to verify authenticity of the physical device, as long as the verifying party knows the private key’s corresponding public key.
x509 Certificates
In this application, x509 certificates let you know the corresponding public key is coming from somewhere you can trust.
Each physical NFT Nixie device has its own x509 certificate. Within each certificate the corresponding public key that belongs to the device can be found.
Each device certificate is signed by the same signer certificate authority. Since the corresponding public key is added to each device certificate, all of the public keys are now signed by the same signer certificate authority.
The signer certificate also needs to be trusted. To anchor our trust, we will sign the signer certificate with a root certificate authority and store that root certificate in the blockchain. Blockchain storage allows us to provide a decentralized trust anchor to the root certificate, instead of relying on a 3rd party centralized service.
The thought process of the chain of trust is as follows:
I trust the public key because I trust the device certificate.
I trust the device certificate because I trust the signer certificate.
I trust the signer certificate because I trust the root certificate.
And finally, I trust the root certificate because I trust the blockchain.
Signature Spoofing, Replay Attacks, and Authenticity
Since we can now trust the public key, the next step is to make sure the signature is not fake. To do that, we provide the hardware with a custom message for it to sign. The hardware will return a signature that is generated from the provided message. Since the signature is mathematically calculated from the message, any modification to the signature, message, or public key would cause verification to fail. The signature is also calculated from a unique FIPS qualified random number as well as other unique product identification data. In practice, this system can be used by two parties who want to exchange a physical item and provide proof that the item is legitimate.
Physical Authenticity Check - Example
Bob is selling a “Nifty” NFT Nixie. Alice is interested and wants Bob to prove he actually has the real physical item. To do this, they proceed with the following steps:
Alice gives Bob a secret message to sign.
Bob inputs that message into the NFT Nixie web frontend and asks the device to sign the message.
The NFT Nixie returns a signature and Bob gives it to Alice.
Alice checks if the signature is valid to verify the item is not counterfeit.
NFT Nixie Authentication - Raw Front End Proof of Concept
Full Circle Back To The Blockchain
Bob would have to both 51% attack and successfully socially co-opt the blockchain in order to remove or modify the root certificate authority information. As long as this concept is deployed on a secure blockchain which costs attackers many millions of dollars to attempt to co-opt, it should be pretty robust. Along with that, the blockchain selected should be properly decentralized and have a strong community to protect against social engineering attacks.
A counterfeit manufacturer may be able to reproduce the design, but anyone will be able to see that the counterfeit device is providing a fake message or does not have a valid public key.
NFTs
Non Fungible Tokens can be used to represent ownership of a unique item. Typically, non fungible tokens grant ownership to digital only items, such as digital artwork or digital in-game items.
Physical NFTs
NFTs can also represent ownership of a physical item. A popular example of a “physical NFT” is the Uniswap Unisocks project.
One pair of physical socks represents one digital Unisocks NFT. You can show off your ultra rare unicorn socks by wearing them, but that would probably degrade its value over time. Or, you can show off your Unisocks NFT, which gives you the same social clout but none of that financial degradation. Sounds good in practice, but what happens when counterfeit clothing companies start making fake Unisocks? How would you know that you are purchasing real physical Unisocks? Is Bob going to keep the real pair of socks and send you a fake physical pair?
Metadata for physical NFTs
Within an NFT, we can store all sorts of metadata. For this application, the metadata we want to store in the NFT is the bare minimum amount of cryptographic information needed to prove the authenticity of its corresponding physical device:
Device Public Key
Transaction ID linking to the Root certificate OR the actual root certificate (depends on the amount of metadata available)
Backup link to the Root certificate (example: IPFS) (optional)
Hash of the Root certificate (if linked externally)
NFT Nixie creator’s PGP signature (optional)
Hash of final hardware design file archive (optional)
Note: Base64 conversion should be used to compress the amount of information added to the NFT’s metadata.
By adding the public key and root certificate information to the NFT, we have essentially created a verifiable ownership receipt for the device. Whoever owns the digital NFT can claim ownership of the physical hardware that it is linked to. Just like you can verify the authenticity and origin of the NFT, you can now query the physical device itself to gain the same assurances as its NFT counterpart.
Parallels to the real world
A simple parallel to the real world would be a car title, VIN number, and the car itself. The car title establishes legal ownership of the car. Within the title, there is a VIN number, which links the paper certificate to the physical item. If your name is on the car title, you can match the VIN number on the paper to the VIN number on the car to prove its yours.
Note: Car titles and house deeds are recognized under the law, whereas NFTs have no legal standing and do not give any legal ownership to anything (yet).
NFTs As Digital Access Keys
We can require the physical hardware to check that you actually have ownership of the NFT. If you do not have ownership of the NFT, the hardware should be smart enough to disallow use of the product. In theory, this should be easy to implement. However, in practice, it may be possible to hack the hardware in order to work without the NFT. It would be difficult to block a hacker from triggering use of certain parts of a circuit without symmetric cryptography or very robust physical security. Typically, this requires either custom silicon, very carefuly crafted firmware, or vending machine style security. An example of this type of security may be found in printers and print head cartridges. Vendors can lock you into using specific “certified” ink cartridges, because the “counterfeit” ones will not pass the authentication test.
Other potential use cases for NFTs also block this idea. For example, the owner of the physical device may not necessarily be the user. In this case, one would not want to make the NFT an access token as the owner may not be the same as the person who wants to use the physical item. Keep in mind, however, that these facts do not necessarily make this a bad idea, it just complicates the problem further and extends time to market.
In the case of the “Nifty” Nixie, its just a clock. As the designer, I chose NOT to cripple someone from using the clock if, for example, they didnt have access to the internet. Therefore, the NFT Nixie does not check for ownership of the NFT before you can use the device. Its just not necessary for this specific implementation.
NF…C
If NFTs are used as digital access keys, one method of usage is via near field communication (NFC) and a cell phone. The end result should be as easy as Apple Pay, where someone can go up to a physical device, scan it with their phone, and if they claim ownership over the NFT, they are then allowed to use the physical device.
The NFT Nixie Edition 0 does not have NFC and does not require a key for usage. In its simplistic implementation, the owner will access the authentication interface in their web browser over WIFI.
NFT Storage
Using the onboard cryptographic coprocessor, it is also possible for us to store a seed which links to a cryptocurrency wallet. This allows one to figuratively store the associated NFT onboard the actual hardware. As such, it is possible to give the physical device self-custodianship over its own NFT! Once the physical object is stored safely, the new owner can unseal the seed and transfer the NFT to their own wallet.
![5 "Best" Hardware Wallets (2021) - Securities.io](https://substackcdn.com/image/fetch/f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2F04fddca9-cbe8-478d-97d4-d3dfe89fa160_900x525.jpeg "5 "Best" Hardware Wallets (2021) - Securities.io")
In practice, most users will want to have the NFT sent to their wallet as soon as the deal is closed and money changes hands, instead of waiting for both the digital and physical item to arrive via snail mail. However, in some cases, it may be useful for the hardware itself to be its own custodian of the associated NFT.
As of this moment, the NFT storage feature is not programmed into the NFT Nixie Edition 0 firmware, but I will be attempting to build on this concept for future projects.
Physical E-Commerce Trust Factor
The act of buying and selling NFTs that are purely digital is practically instantaneous. When a physical item comes into play, so does an extra trust factor. How does the receiving party trust that I will actually send the physical item? This surely is a problem that must be noted, but is not something for this article to solve. Keep in mind that this problem hasnt stopped companies like Ebay and Etsy from thriving. One solution to this legal challenge is given by a startup company called Mattereum. They provide buyers with almost-gobally accepted legal Ricardian contracts along with the option to purchase legal warranties for the physical item. Simply put, if you buy a NFT representing 1000grams of pure physical Gold, you will want some assurances that the gold is indeed real, pure, and weighs 1000grams. They will also act as custodian of the item and store it safely in their warehouse until it is purchased.
All Together Now
In this article, I have described a novel method to link NFTs to physical items. For items that can easily implement electronics in their solution, this is a great way to provide proof that it is not counterfeit and that the physical item has an authentic link to its digital counterpart. Creating a “digital twin” for the physical item will open up a world of economic possibilities not previously available to the average consumer, such as collateral for borrowing and lending, exposure to a worldwide 24/7 trading market, or even linking your valuable real-life assets to in-game/in-metaverse assets!
The concept is blockchain agnostic. The only thing it needs is a secure blockchain, access to metadata, smart contracts, and a way to implement NFTs. The obvious platform to launch the concept is Ethereum, as all the pieces to the puzzle are already available to implement today. It would also take a massive amount of money to co-opt Ethereum with a 51% attack. Even if the attack was successful, the social consensus of the Ethereum community would probably be too strong to sneak in a new record of history.
I am also open to exploring other platforms as it has been hard to get in touch with practically anyone in the space thus far. Platforms such as Cardano, Polkadot, and Solana, all pique my interest due to their large communities and forward looking development.
The Nifty Nixie
The “Nifty” NFT Nixie is a WIFI enabled Nixie Tube clock. Only 20 are planned to be manufactured and released. It will be the first piece of consumer collectible hardware, to my knowledge, that implements a cryptographic authenticity link between NFTs and physical items. Revision 0 has been built and there were a few mistakes on the circuit board which is forcing me to run a second build. The boards are planned to be completed by the end of this month (June 2021). In the next article I will explore the inner workings of the actual hardware.
Contact Me
For more information on the NFT Nixie product, please visit the website at https://nftnixie.com. To get in touch about the project: Twitter @NFTNixie, nftnixie@protonmail.com, https://discord.gg/Y2WFPKEv. If these ideas really pique your interest and you want to work with me please do not hesitate to contact me! As of right now, this is a hobby project of mine, and I wage-slave full time so I cannot devote my full attention to this project. Feel free to reach out to me if you feel anything in this article is inaccurate, my degree is in electrical engineering, not cryptography!