Cluster Onboarding

When a new device is initialized, it generates a brand new private cluster. In order for it to be useful as a communication device, you must either oboard other devices to its new private cluster, or an existing device (root) must onboard this new device to its existing cluster. This is a one-time process (per device) that happens wirelessly. The video below shows the no-longer-used BLE method. A more secure LoRa-based onboarding process has been built and will be the version utilized in the next prototype.

During onboarding, the following steps happen:

New device initiates desire to be onboarded through BLE or LoRa. The newer process is LoRa based, and both devices switch to a dedicated onboarding frequency.

• Existing device, if put in ‘onboarding mode’ (user manually chooses this), receives the request, and the process begins.

• New device sends its public key and alias to the cluster root via BLE or LoRa.

• Cluster root does the following:

  • Adds the device’s public key to the root truststore

  • Assigns a cluster address to the new device

  • Assigns a “license” to the new device. The license is a root-signed “document” that is stored by the new device, which it can use to negotiate trust with any other devices that exist on the cluster now or in the future.

  • Provides info about the cluster, including LoRa frequency, cluster alias, other trusted devices’ public keys/alias’, cluster symmetric keys, current time, and a few other important details.

  • After that, the newly onboarded device reboots and defaults to using this new cluster every time it turns on.