Blockchain Powered eSIM
DungeoN
0xB563
April 6th, 2023

0.0.8

This is the 8th article/week 8 progress report, the last week of my journey at EthIndia Fellowship 3.0, EIF3.0 building Blockchain Powered eSIM.

Here’s the link of the seventh article of this series in which i explained Everything related to a LPA where all the implementation is happening.

In this article I’m going to present you What “The Blockchain Powered eSIM” is,
A product description,

Are you concerned about trusting your network provider with your personal information and activity log?
Do you want to do more than just communicate with your eSIM?If so, this new product may be just what you need!

Introducing a novel way of using eSIM services that enables users to do more than just communicate, without trusting the network provider. This product is designed to be an alternate product to telecom network providers who already carry eSIM infrastructure and provide eSIM to end-users. The goal is to provide users with a new way of using eSIM services that enables them to do more than just communicate, while also giving them the option to use a network without trusting the network provider.

  • This product is designed to work with existing telecom operators who carry eSIM infrastructure.

  • Users will buy an eSIM from the existing telecom operators by providing their KYC and preferred cryptographic wallet address (if they have one).

  • The product will provide a portal to the telecom operator where the user will provide the above two pieces of information.

  • With this information, the product will generate a unique ZK Identity which will be used for all communication protocols.

  • Once the user authentication is completed, a smart contract will be deployed, which will be the basis for all the transactions and the connectivity to the decentralized ecosystem.

  • By creating this layer, the product disconnects user identification from user activity.

The telecom operators will have the user identity, and the product will have the activity log, thus no party has both, resulting in the removal of the need to trust the telecom operator for user personal information and activity.

Establishing secure connection to device through LPA

The Local Profile Assistant (LPA)

  • The Local Profile Assistant (LPA) is a software component that runs on the device and interacts with the eSIM chip.

  • The LPA will pick the user's ZK identity from the blockchain and store it in a tokenized form on the eUICC module.

  • The LPA will be accompanied by a UI, called LUI, which will be the application that the end-users will interact with to manage their:

    • eSIM Profile,

    • Communication plans, and

    • Blockchain services.

  • The LPA will be responsible for all communication to the device and the OS.
    This will be the layer that brings the eSIM ecosystem to life.

  • The LPA will probe five OS services:

    • Euicc Service,
      The Euicc Service manages eSIM profiles through ISD-R (”Issuer Security Domain Root”) and is responsible for managing and controlling access to other security domains within the secure element.

    • Connectivity Manager,
      The Connectivity Manager will deploy the algorithm that will intercept network traffic, entangle the network traffic with the ZK Identity to establish unique and encrypted connections between users as well as services.

    • Telephony Manager,
      The Telephony Manager provides access to telephony-related information and services on devices.

    • Account Manager,
      The Account Manager will make use of the tokenized ZK identity to establish authentication, which will be used to access all blockchain-based features.

    • Security APIs
      The Security APIs verify that the transactions were initiated or executed by the owner of the smart contract, i . e, the end user.

Establishing secure connection to network

Telecom Network

  • The device sends a request to the eSIM provider to register on a specific network.

    • The request is sent in form of device identifying network credentials.

    • The registration is done by authenticating these network credentials.

  • The eSIM provider then sends a request to the network to allow the device to register on the network.

    • The network operator performs a verification process to ensure that the device is authorized to access the network.

    • By checking the device's IMEI (International Mobile Equipment Identity) number and other identifying information to make sure the device is not stolen or being used for illegal purposes.

  • Once the network has authorized the device, the eSIM provider sends the necessary network credentials to the device, which can then establish a connection to the network.

    • These credentials includes:

      • The network's access code,

      • Encryption keys,

      • And other information needed to establish a connection to the network.

And all these Management of the device's profile and network credentials is done by the LPA,

  • LPA sends a request to the eSIM provider to download the network profile onto the eSIM chip.

  • The eSIM provider then sends the network profile to the LPA, which securely stores the profile on the eSIM chip.

The protocols that are involved in this process are:

  • Remote SIM Provisioning (RSP): This is a standard that enables over-the-air management of eSIMs, allowing them to be programmed remotely by an authorized party, such as the eSIM provider.

  • Subscription Manager Data Preparation (SMDP): This is a server-side system used by the eSIM provider to manage the eSIM profiles and credentials. It communicates with the device's LPA to download and install network profiles.

  • Profile Manager: This is the software component that runs on the device's LPA and manages the eSIM profile and credentials. It communicates with the SMDP to download network profiles and activate them on the eSIM chip.

  • HTTPS (Hypertext Transfer Protocol Secure): This is the protocol used for secure communication between the device, the eSIM provider, and the SMDP. It ensures that all data transmissions are encrypted and secure.

  • GSMA Remote SIM Provisioning Architecture (RSP-A): This is a technical architecture developed by the GSMA (GSM Association) that defines the standards and protocols for remote provisioning of eSIMs.

Blockchain Network

Connection to an Ethereum node to communicate with the Ethereum blockchain network.

  • Choose an Ethereum client implementation that fits in the tech stack.

  • Installing and configuration the Ethereum client

  • Choose a library or tool that supports JSON-RPC communication as the Ethereum network uses the JSON-RPC protocol to communicate with clients.

  • Connect to the Ethereum node by specifying the IP address or domain name of the node and the port number to use.

  • Authentication and authorization the connection before the establishment of communication with the Ethereum network.

I was aiming to build the LPA in this fellowship but failed to do so because i was working on the changes required in the Euicc Manager and Services to couple the users’ EOA wallet with eSIM unique id (EID) and failed to build the target because there were more layers in the LPA including connectivity with users and networks, storing profiles and more.

But because i failed in the implementation, i came to know about different layers and gaining insight simultaneously and final reached at this point where i have all the understanding to make this idea live!

Thanks a lot for following this journey with me,You can find the project details here and
This is the project repo where all the research and development will continue from now on.

Challenges

  • How to fetch user data from the blockchain without internet connectivity?

  • How to make the Security Layer fool proof, the Security APIs?

  • How to establishing a secure connection to blockchain network?

  • How to serve a cryptographic wallet address that has the allowance of connectivity and execution of transactions on multiple blockchain?

  • How to ensure the scalability of the blockchain network while maintaining its security?

  • How to maintain the integrity of smart contracts on the blockchain network?

  • How to ensure interoperability between different blockchain networks?

  • How to handle network congestion on the blockchain network?

  • How to maintain data consistency across the blockchain network?

  • How to ensure regulatory compliance while using a decentralized platform like blockchain?

  • How to prevent fraud and malicious attacks on the blockchain network?

I’m seeking guidance from people of interest to make this project live.

Please reach me out on twitter or linkedIn or email me at arpitxdungeon@gmail.com for discussion or advice related to this topic.

Subscribe to DungeoN
Receive the latest updates directly to your inbox.
Mint this entry as an NFT to add it to your collection.
Verification
This entry has been permanently stored onchain and signed by its creator.
Arweave Transaction
9ZBMwpkkXX1Jxxn…XYK2yFnjr-SOrWw
Author Address
0xB563Fd34a626175…BBE7045b38874E6
Content Digest
Yo4jaoPPJ4VijoF…hoTD4kzJ4P78BMI