KILT in Action — The dena Blockchain Pilot Project
Updated on 15 November, 2022 — link to report summary in English added.
Introduction by Ingo Rübe, Founder of KILT Protocol
The project on machine identities led by dena, the German federal energy agency, was finished successfully. KILT served as a core partner in this project by supplying the machine identities and demonstrating the utility of a blockchain protocol in a highly regulated environment like the energy sector. This was an important milestone for us: DIDs and Verifiable Credentials and KILT in general are ready for large scale, institutional use cases that fulfil requirements from regulators. Blockchain technology is finding its way into industry!
Also of note: During the project we deployed a complete KILT node on a Raspberry Pi-based smart meter, demonstrating the efficiency of Parity Substrate-based blockchains.
Blog Post by Majella Horan, Lead Writer for KILT Protocol
dena has released a report on its pilot project on digital machine identities as the basic building block for an automated energy system. KILT was part of the project, providing decentralized machine identities registered on the KILT blockchain and showing how blockchain technology can be used inside a highly-regulated environment.
KILT collaborated on this initiative with industry leaders from the energy sector, the digital economy and science including Energy Web Foundation, Parity Technologies, EnBW, e-on, Riddle & Code, Oli-Systems, and 50 Hertz.
dena Project: Background
Government agencies and industry are increasingly looking to blockchain solutions to help achieve effective and compliant digitalization. The modern energy industry faces challenges in coordinating an increasing number of energy-producing and energy-consuming devices in the grid infrastructure, from energy plants to electric vehicles, heat pumps and storage systems.
dena launched the Future Energy Lab pilot project in 2019 to explore these issues. The goal was to create a Blockchain Machine Identity Ledger (BMIL), a decentralized digital registry that aimed to coordinate and connect devices and energy plants across the German energy system.
The project incorporated the current smart meter gateway technology, and required creating uniform digital identities for energy systems. It was designed as a three-pronged pilot project to demonstrate the technical, economic and regulatory feasibility of three variants:
- Storing the identity characteristics directly at the smart meter gateway
- Storing the identity characteristics directly on the device
- Storing the identity characteristics in the cloud
All variants needed to meet governmental standards of data security and protection, scalability and privacy in a cost-effective way.
KILT Protocol was integrated for the first two variants, with the identities to be generated and stored directly on the devices.
Digital Machine Identities with KILT
As context for the KILT integration with dena, it’s important to understand KILT’s identity framework, which has two key components:
- A decentralized identifier (DID), which uniquely identifies an entity or device (as a fingerprint does for humans), and
- Verifiable, revocable credentials that are confirmed by trusted parties (“Attesters”).
In this way, a digital identity can be built for people, machines, services and anything that identities can be built on.
Standardized digital identities for machines form the basic building block for an automated and reliable energy system. For this pilot project with dena, the machine identities each contained:
- A decentralized identifier (DID), which uniquely identified the device, and
- The characteristics, attributes or properties that made this machine different from others. These were attached to the DID in the form of digital certificates, or verifiable credentials (VCs). These credentials show the static and dynamic properties of the device.
KILT is pleased to be part of the dena Future Energy Lab project, making a practical and effective contribution to current energy challenges and showing how blockchain technology can be used in a highly regulated, real-world environment.
The following is a technical description of the project including the technical integration of KILT.
dena Project: Summary
The BMIL pilot project aimed to close an important gap that is currently a barrier to implementing a real-time energy economy using the smart meter gateway and blockchain technology: the lack of digital identities for energy systems.
One of the key elements was to agree on and test uniform digital identity standards, namely DIDs and verifiable credentials.
The DID enables end-to-end encryption between digital agents, allowing data to be exchanged between participants and systems without the need for a centralized data silo by establishing a Blockchain Machine Identity Ledger (BMIL) that allows assets to register their identity (their unique DID and verifiable credentials).
These digital, self-sovereign and decentralized device identities were set up and either stored and anchored on the device itself, or via a digital twin in the cloud, depending on the variant.
Transmission of the digital identity was implemented in regular operation via the smart gateway infrastructure and could be linked to the BMIL through the installation of a BMIL-compatible smart meter.
dena Project: KILT Integration
The integration of the KILT Protocol into the BMIL project is summarized here, using the example of the device-centric identity management in conjunction with a dedicated Controllable Local System (CLS) device, the OLI Box. The integration was the same for both variants.
As the goal was to achieve a high degree of decentralization, the identities were stored directly on the respective devices and anchored on the KILT blockchain.
In the first step, the private/public key pair is generated on the box. The OLI box’s crypto chip provides the random input for generating the key pair to establish the necessary security and connect the keypair to the box.
Then the identifier or DID is generated on the device and anchored on the blockchain. The DID document is signed by the box in order to link it to the DID, and is then stored in the DID store.
Through the claimer application, the credential workflow is implemented on the OLI box. It implements the claiming of properties, the requesting of a credential, the storing of an issued credential on the box, and the sharing of credentials with the verifiers. It can either share the whole credential, or only single attributes via selective disclosure, if the verifier does not need to know the whole credential.
To ensure privacy, the credentials are not stored on the blockchain. Credentials remain with the device (the OLI box) and are only anchored on the blockchain as a hash representing the data by the issuer of the credential. The anchored credential on the blockchain does not allow any conclusions to be drawn about the content and owner of the credential. Via the hash, only verifiers to which the credentials were disclosed can check the validity of that credential on the blockchain.
The different actors, e.g., the application of the Energy Web Foundation to prequalify device identities for different use cases through VC-based role assignment and others, communicate with each other via the KILT messaging service using encrypted messages.
dena Project: Conclusions
Digital identities built around DIDs and verifiable credentials provide the new standards needed for identity for governmental projects going forward. This standardization ensures uniformity, contributes to efficiency and security, and allows system services to be provided and called up fully automatically.
Future research will build on these findings and create services and applications to increase energy efficiency.
KILT is a blockchain identity protocol for issuing self-sovereign, verifiable credentials and DIDs, providing practical, secure identity solutions for enterprises and consumers.