We will be continuing our series of deep dives into off chain tech and its viability in various situations. Today we will look into IoT (Internet of Things) and how it blends with Lightning.
Different kinds of IoT
In general, when one thinks of IoT devices, there are two large categories that come to mind:
- Personal devices like Google home, a smart TV, or your Apple Watch.
- Fleets of devices owned by a single entity or company. While there are not yet many examples of large scale deployments, large fleets of self-driving cars managed by companies like Uber etc. are a possibility usually brought up when speaking of this type of IoT.
For now, let's focus on personal devices.
Personal Device Usage
In general, personal IoT devices have the following attributes:
- They are connected to your home's local network.
- They are not updated frequently, if at all.
- They have wide spread access to personal information pertaining to you and other residents in your home.
Because of this, there are a few security considerations to consider when implementing the lightning network on these devices.
- The device should not be fully exposed to the outside Internet, so performing routing actions on the network is not recommended.
- The device must have reliable storage to maintain the channel database as well as store the private keys. Data loss could mean fund loss, so precautions should be taken with backups of both the keys (BIP39 etc.) and the channel database (cloud storage perhaps?)
Hub Based Control
Just as your router is a hub that acts as your gateway to the outside Internet, the way IoT devices in the home interact with the outside Lightning Network should be similar in structure.
Granting Credentials
BTCPay recently added functionality where you can scan a QR code on your instance with a mobile wallet and remote control your lightning node.
A similar model would likely be beneficial to personal IoT devices. For example, the actual lightning node could be embedded within the home router. Alternatively, it could be contained within a specially crafted device that is exposed to the outside Internet, but hardened and frequently auto-updated.
This would allow the device to perform routing 24 hours a day, and receive authenticated requests for sending and receiving payments from the IoT device.
This also has the benefit of allowing for different permissions depending on the device. So one type of device could be used for solely generating payment requests, while another device could be used solely for managing the transaction history and balance.
However, a large drawback is that the centralized device could cause problems when multiple users are using it. A disagreement on who gets what permission for what device might end up with your roommate stealing your Bitcoin.
Other Channel Management Methods
Some other methods of channel management will require a little bit more finesse to handle, and might not be geared toward home devices.
However, these methods are much more viable for fleet based IoT devices, which we will talk about next time.
