Cluster Onboarding
When a new device is initialized, it generates a brand new private cluster. In order for it to be useful as a communication device, you must either oboard other devices to its new private cluster, or an existing device (root) must onboard this new device to its existing cluster. This is a one-time process (per device) that happens wirelessly. The video below shows the no-longer-used BLE method. A more secure LoRa-based onboarding process has been built and will be the version utilized in the next prototype.
During onboarding, the following steps happen:
New device initiates desire to be onboarded through BLE or LoRa. The newer process is LoRa based, and both devices switch to a dedicated onboarding frequency.
Existing device, if put in ‘onboarding mode’ (user manually chooses this), receives the request, and the process begins.
New device sends its public key and alias to the cluster root via BLE or LoRa.
Cluster root does the following:
Adds the device’s public key to the root truststore
Assigns a cluster address to the new device
Assigns a “license” to the new device. The license is a root-signed “document” that is stored by the new device, which it can use to negotiate trust with any other devices that exist on the cluster now or in the future.
Provides info about the cluster, including LoRa frequency, cluster alias, other trusted devices’ public keys/alias’, cluster symmetric keys, current time, and a few other important details.
After that, the newly onboarded device reboots and defaults to using this new cluster every time it turns on.