The Maker Audit
The Helium community places a lot of trust in HIP19 approved hardware vendors and grants them the ability to add full mining gateways to the Helium blockchain. These manufacturers, also known as “Makers”, are limited by chain variables and the Onboarding Server as described previously on the Helium blog. The community trusts that the Maker will produce and deliver a real physical Hotspot with approved security methods.
As the network grows, it’s important to put forth a set of guidelines that all Makers should adhere to, for the growth and stability of the Network, but also for the community to understand the progress of each Maker before purchasing products.
The Helium team has been asked by the Decentralized Wireless Alliance (DeWi) to review the hardware that has been presented and wants to provide transparency of our process thus far and it may evolve as more Makers are approved.
EDIT: As of April 2021, the Maker Audit Process has evolved and changed
The new process is below (current as of April 2021). Previous Makers approved before April 2021 are legacied and will not be subject to the new process.
- Submit application
- Hardware audit
- Onboarding server integration
- FCC/CE or other application radio certification
- Community approval
- Pre-orders note: items 2-4 can occur simultaneously
For continuity, the old process is below.
A summary of how a Maker goes from HIP19-approved to market:
- Makers submit a HIP.
- DeWi and Community approve.
- Makers send hardware samples for Audit.
- Once Makers pass hardware audit, they are allowed to proceed to Network Integration.
- The final stage of Network Integration is being able to add Hotspots to the Onboarding Server.
If at any point, a Maker is unable to proceed to the next step, it will be up to the Maker to process refunds to pre-orders. It is important as consumers to be aware of the Maker’s Hotspot status before purchasing.
Audit Status (Current as of January 25, 2021)
Results of the Audit are based on samples provided at start of audit. Consumer discretion is advised.
Before being eligible for sample audit, a vendor must be community approved via HIP19.
A sample representative of final production quality must be sent
Block Syncing Benchmark
The Miner’s data is wiped and the rate at which the device syncs from a specific block height is monitored for roughly an hour. This is to ensure its processor is able to handle syncing the blockchain and load snapshots.
The Miner’s peer book is inspected after roughly an hour; in addition, a direct connection over a LAN is attempted
Radio Configuration File Verification
Insofar as the configuration files are compatible with those used in the Semtech Packet Forwarders, channel configurations are verified to match the configuration required for each region using this utility. The configuration files may be present on the sample but may also be provided digitally.
For each hardware sample provided, an automated gateway-to-gateway test is done over the air to further validate the regional configuration using this utility. When possible, a gateway other than the vendor’s gateway is used is the control.
Alternative Security Audit
When proposing an alternate security model than the ECC608 approach, a Maker may be subject to a third-party verification of their security claims. This may block the conclusion of the audit, however, providing these measures as an enhancement to the ECC608 model will avoid any blocking.
When the ECC608 model is implemented, the provisioning of the ECC608 may be verified using this utility. This proves that the ECC608 is configured in the same way as the original Helium Hotspots. Makers should run the test themselves if they make any changes to this stage of their manufacturing process.
Miner Integration Test
The Miner is queried to verify that it returns the same keys output from the ECC608 utility
Only one of these three methods must be passed to conclude the audit.
Alternative Onboarding Process
When a Maker provides an alternative onboarding process, its integration with the onboarding server shall be tested.
BLE or QR Code Linking with App
Onboarding using the Hotspot App will be tested with a dummy onboarding key to test proper integration.
Linking with Helium Wallet CLI
Onboarding using the Helium Wallet CLI will be tested with a dummy onboarding key to test proper integration.