PassLfix uses Ethereum Android to securely interact with the Blockchain
In our very first blog post we introduced Ethereum Android — a mobile platform aimed at Android developers and businesses to enrich their applications with Blockchain technology.
A quick recap: as powerful as Blockchain technology is, it is still quite complex to grasp and the paradigm shift from centralization to decentralization makes it even more complex to write software that makes use of Blockchain technology. Our platform’s purpose is it to alleviate some of this complexity and make sure that everything Blockchain related — e.g. authentication, creation and interaction of smart contracts — is done in a highly secure but still frictionless manner. An Android developer just has to include our library to make his app securely interact with every Ethereum based Blockchain.
Now we’d like to show you a project that uses our platform for its mobile client app.
PassLfix — Peer-to-peer package delivery
PassLfix combines smart contracts and IoT sensors to create an ‘Internet of Objects’. To be more specific, it uses the fact that most people have a smartphone and that a significant part of them travel regularly to create a decentralized delivery service. Some peer-to-peer delivery services already exist (Roadie, Grabr or PiggyBee), however, there is always the trust factor involved: who will pay if my package gets lost or damaged? Normally, trust has to be established by a big company that assures that you get reimbursed in case something goes wrong. PassLfix aims to create a genuinely decentralized peer-to-peer delivery service backed by Blockchain technology.
They have collaborated with Streamr and us to create a first prototype which consists of a mobile client for Android and a web interface. Streamr already described the web application in their blog post.
We will now give some insights about the mobile application part.
For the prototype we used our sample app as scaffolding:
As you can see, we list every step of the delivery process where a smartphone is involved, from authentication to receiving the package.
The sole focus was to provide the necessary functionality. No effort was done in terms of UI so it just consists of a stack of buttons.
Use case 1 — verifying the package content before sending
In case of an eventual damaging of the package during the delivery process, a picture of the unsealed open package is taken before sending it away.
This picture is encrypted and uploaded to IPFS. Its IPFS hash is then signed by the Ethereum identity and is sent to the Streamr platform.
The idea behind that is that in case of disputes the image can act as proof that the package content has been tampered with.
In this use case Ethereum Android receives the unsigned message from the prototype app and signs it using the private key.
Use case 2 — Connecting to the Bean and sending sensor data to Streamr
If somebody would want to send a very expensive dry-aged steak for instance, it is crucial that the cooling chain is not interrupted, i.e. the temperature never exceeds a certain value. He can do that by setting up an insurance with the courier.
Before the delivery starts courier and sender agree on:
- one hour delivery
- temperature never more than 2 degree Celsius
This is put in a smart contract together with a fee which is then acting as an automated delivery insurance.
If the sensor emits a temperature higher than the threshold or if the courier does not deliver the parcel in time the insurance is automatically payed out.
PassLfix uses Beans — small, programmable Bluetooth-devices — to track and send live data from inside the package. The standard Bean already comes with a built-in temperature sensor which is perfect for our purpose.
The screenshot below shows how the prototype app is pairing with the Bean, which is then subsequently transmitting temperature data:
PassLfix is a typical project where our platform comes in handy. It is a native Android application, which can directly interact with low-level hardware features such as the Bean SDK without any abstraction layer in between.
For further reading about the benefits of using native applications we recommend this article.
Use case 3 — Interaction with a delivery contract
As mentioned above, every delivery has its own associated smart contract on the Blockchain. Every process step that changes the state of the contract — e.g. send, take, deliver, and receive — need to be done via a signed transaction from either the sender, the courier, or the recipient of the package.
Here the PassLfix app just needs to request Ethereum Android to prepare the transaction. The platform then does all the paperwork to turn the request into the accepted format (e.g. RLP-Encoding) and asks the user if he wants to sign the transaction.
There are two ways to get the transaction signed:
Option 1: Hot wallet, i.e. the Private Key is on the device
If the user decides to store the Private Key of his Ethereum identity on the device, he can directly sign the transaction and submit it to the Blockchain.
Of course the Private Key is not just saved openly somewhere on the device. We use our encryption framework ‘Secure Container Connect’ (Seccoco) to create a multilevel security layer.
To be more specific, you can think of Ethereum Android as a completely secure, hermetic environment, which uses hybrid encryption on top of Android’s own keystore to provide maximum security on the inside. Every connection to the Blockchain is only done via trusted endpoints using certificate pinning and end-to-end encryption.
Option 2: Cold wallet, i.e. the Private Key is not on the device
In case the user does not want to store his Private Key on the device, we’ve added the keyless mode a few months ago, which lets you sign transactions externally.
When activated, Ethereum Android only prepares the unsigned transaction and offers the user the option to sign it externally.
We’ve designed this in a very generic way, to support as many external signing methods as possible.
After having signed the transaction externally, the user then imports it back into Ethereum Android and submits the signed transaction to the Blockchain, triggering the smart contract.
We hope that these use cases provide you with a good overview about the project and that you share our excitement about the prototype. It can act as the fundament for completely new forms of delivery services and has definitely a huge potential to improve already existing logistics processes.
You may want to follow PassLfix to receive the newest project updates and you can read more about our platform here.
