FOAM is a Proof of Location technology for applications needing secure location services. It enables a handshake between the location service providers and the user, proving the user’s location. Terrestrial radios and time-of-flight algorithms are used to perform localizations, and digital signatures ensure the location data cannot be spoofed. The system is completely independent of satellite-based location services like GPS.
Our previous post, linked below, shared development progress on minting Presence Claims (a.k.a. Location Proofs) on our OP L2 devnet. Minting continues to be tested across Trust Zones in the field! This is a techincal post that looks under the hood at the MVP to describe how the smart contracts interact with the physical world over radio with secure and authenticated communication and a foundation for streamlined transactions.
tldr: FOAM Radios use Ethereum primitives like signatures, hashes, addresses and send transmissions over the air that can be decoded and put onchain by smart contracts. Ethereum transactions are executed over radio.
Decoding ETH Addresses OTA
Proof of Location relies on cryptographic handshakes between radios by way of Over the Air (OTA) transmissions. Zone Anchors and mobile nodes generate public-private key pairs in order to sign payloads transmitted over LoRa. FOAM Zone Anchors currently use LoRa for transmission, as well as an FPGA for timestamps and a software defined radio (SDR) pipeline.
These public-private key pairs are beneficial because they provide an authentication mechanism for radio transmissions through signing and can be used to derive an Ethereum address for payment or triggering smart contracts.
When a mobile node transmits a signed request to be localized over LoRa by a Zone, Zone Anchors receiving that request forward it downstream through a localization pipeline which calculates the position of the mobile node. The calculated position is then submitted to a smart contract along with the original signed request. The contract parses the original signed request and can recover from that signed request the public key of the mobile node which can in turn be used to derive an Ethereum address. In the FOAM MVP this is immediately used for payments. (See our previous post breaking down the FOAM smart contracts)
When a mobile node (user) wants to generate a Proof of Location, a signed request to be localized is constructed. A signed request to be localized contains a number of fields, but the most relevant one to the larger protocol is the fee amount, which communicates to the Zone the amount being offered to compensate the zone in exchange for being localized. In the FOAM MVP the fee is fixed.
As mentioned above, when the contract parses the signed request, it can recover an Ethereum address from that request and additionally, ensure that that address has submitted the funds specified in the fee into an escrow account. Any changes to the request will invalidate the signature, meaning that it will recover to a different Ethereum address.
Replays and Nonce
Another important field in a signed request is a nonce, which increases with each signed transmission. The motivation for this is that LoRa is an over-the-air protocol, which means transmissions can be decoded by any device capable of receiving LoRa transmissions. This poses a threat because a malicious actor could receive a mobile node’s signed request to be localized and then re-transmit it and successfully initiate a localization, so long as they do not change the request in any way. This is known as a replay attack. The nonce helps to prevent replay attacks, because FOAM protocol zones and smart contracts can refuse to operate on requests from a mobile node that have nonce’s that have already been used.
Finally, the signed request to be localized contains a field for arbitrary application data. This is one way in which the protocol becomes a platform for location-based applications, because a mobile node can transmit a signed request to be localized along with some data it would like to associate with that localization - i.e., a reading from an attached sensor, etc.
This concludes our deeper look at the FOAM MVP and how signed radio transmissions make their way onchain, resulting Presence Claim NFT is a “proof of location”, which represents the birth of a new, unlocked primitive for web3 applications - location. Stay tuned for more details and demos of the FOAM MVP!