|
| 1 | +# W3CP Core: Polkadot-Anchored Device Identity for Real-World Energy Infrastructure |
| 2 | + |
| 3 | +- **Team Name:** Web3 Energy Ltd. |
| 4 | +- **Contact Name:** Y. Boev |
| 5 | +- **Contact Email:** contact@web3-energy.com |
| 6 | +- **Level:** 2 |
| 7 | +- **Total Costs:** 30,000 USD |
| 8 | +- **Payment Address (DOT):** 5HQeazrFTcG6zjgCRu74hUiWRJ2zBAuvV6PXHhUwsgjjHC3u |
| 9 | +- **Payment Address (USDC, Polkadot Asset Hub):** 5HQeazrFTcG6zjgCRu74hUiWRJ2zBAuvV6PXHhUwsgjjHC3u |
| 10 | + |
| 11 | +--- |
| 12 | + |
| 13 | +## Project Overview :page_facing_up: |
| 14 | + |
| 15 | +### Overview |
| 16 | + |
| 17 | +**Tagline:** |
| 18 | +Polkadot-anchored decentralized identities for charge points, vehicles, and energy infrastructure. |
| 19 | + |
| 20 | +**Brief Description:** |
| 21 | +Web3 Energy Ltd. is building W3CP (Web3 Charging Protocol), an identity-first protocol for EV charging and energy infrastructure. |
| 22 | + |
| 23 | +This proposal requests a Level 2 grant to deliver a Polkadot-anchored device identity verification core that enables real-world infrastructure devices to authenticate without centralized allowlists or pre-registration. |
| 24 | + |
| 25 | +--- |
| 26 | + |
| 27 | +### Motivation & Real-World Context |
| 28 | + |
| 29 | +Electric vehicles and charging infrastructure are transitioning from closed ecosystems to **open, heterogeneous networks** involving multiple manufacturers, operators, and jurisdictions. |
| 30 | + |
| 31 | +In this environment: |
| 32 | + |
| 33 | +- Charge points must authenticate without fragile backend allowlists |
| 34 | +- Vehicles must identify themselves across vendors and borders |
| 35 | +- Infrastructure lifecycles span 10–20+ years |
| 36 | +- Regulatory and security requirements continue to increase |
| 37 | + |
| 38 | +**Identity is the missing layer across the entire charging stack — from vehicles and charge points down to embedded meters that must cryptographically sign and attest measured values — while backend systems remain verifiers, not trust anchors.** |
| 39 | + |
| 40 | +Web3 Energy’s core belief is: |
| 41 | + |
| 42 | +- Cars need identities |
| 43 | +- Charge points need identities |
| 44 | +- Independent meters inside charge points need identities to sign and attest measured values |
| 45 | +- Infrastructure needs verifiable, long-lived identities |
| 46 | +- Backends should not be the root of trust |
| 47 | + |
| 48 | +Polkadot provides a uniquely suitable foundation: |
| 49 | + |
| 50 | +- **Native, addressable runtime storage**, enabling deterministic, constant-time verification of identity and attestation state without block scanning or external indexers |
| 51 | +- **Long-term governance and upgradeability**, allowing trust and attestation models to evolve over time without breaking deployed infrastructure |
| 52 | +- **Neutral, non-vendor-controlled trust**, suitable for multi-operator and multi-jurisdiction infrastructure |
| 53 | +- **Strong cryptographic and economic guarantees**, aligned with long-lived physical devices |
| 54 | + |
| 55 | +This foundation allows the project to start with a minimal, production-ready verification model, while enabling more advanced governance-based trust and attester models to be introduced in later phases. |
| 56 | + |
| 57 | +--- |
| 58 | + |
| 59 | +### Current State & Proof of Concept |
| 60 | + |
| 61 | +Web3 Energy already operates a **working proof-of-concept**, including: |
| 62 | + |
| 63 | +- A **publicly accessible backend** implementing the W3CP protocol |
| 64 | +- A **user-facing UI** (public access via Gmail login) |
| 65 | +- A **public charge-point simulator / reference firmware**, implementing the W3CP device handshake |
| 66 | +- A **public W3CP protocol specification** |
| 67 | +- An initial **Polkadot-based identity proof-of-concept deployed on the Westend testnet**, which will be **open-sourced as part of this grant** |
| 68 | + |
| 69 | +In the current PoC: |
| 70 | +- Device identities are available to the backend at connection time |
| 71 | +- Polkadot is used experimentally to anchor and validate identity data |
| 72 | +- Verification logic demonstrates feasibility, but is not yet production-grade |
| 73 | + |
| 74 | +This grant focuses on **strengthening this PoC**, formalizing the identity model, and upgrading it to a **real DID-based verification flow** suitable for mainnet usage. |
| 75 | + |
| 76 | +--- |
| 77 | + |
| 78 | +## Project Details |
| 79 | + |
| 80 | +### Core Concept |
| 81 | + |
| 82 | +The project delivers a **verified connection flow** where: |
| 83 | + |
| 84 | +- A device connects to a backend **without being pre-registered** |
| 85 | +- The backend **does not store a static device allowlist** |
| 86 | +- The device presents a decentralized identity (DID) |
| 87 | +- The backend verifies the DID **in real time against Polkadot** |
| 88 | +- The connection is upgraded to **VERIFIED** only after successful proof |
| 89 | +- Invalid or unknown identities are **explicitly rejected** |
| 90 | + |
| 91 | +Compared to the existing PoC, this grant introduces: |
| 92 | +- A formal DID model |
| 93 | +- Real-time attestation checks |
| 94 | +- Clear separation between backend logic and identity verification |
| 95 | +- A migration path from Westend to Polkadot mainnet |
| 96 | + |
| 97 | +This pattern is applicable beyond EV charging: |
| 98 | +- IoT |
| 99 | +- DePIN |
| 100 | +- Energy infrastructure |
| 101 | +- Industrial systems |
| 102 | + |
| 103 | +--- |
| 104 | + |
| 105 | +### Attesters & Trust Assumptions (Scope Clarification) |
| 106 | + |
| 107 | +For the scope of this grant, **device attestations are assumed to be issued by a small, known set of bootstrap attesters**. |
| 108 | + |
| 109 | +- Attesters are represented by cryptographic keys whose public identifiers are **anchored on Polkadot** |
| 110 | +- The identity sidecar verifies: |
| 111 | + - the device’s cryptographic proof of key ownership |
| 112 | + - the validity of the attestation |
| 113 | + - the presence of the attester reference in on-chain state |
| 114 | +- The backend itself does **not** maintain issuer or device allowlists and derives trust exclusively from on-chain verification results |
| 115 | + |
| 116 | +**Governance mechanisms for permissionless attester admission, registrar workflows, deposits, slashing, or reputation systems are intentionally out of scope for this grant** and are planned as future work once the core verification flow is production-ready. |
| 117 | + |
| 118 | +--- |
| 119 | + |
| 120 | + |
| 121 | +### Architecture (High-Level) |
| 122 | + |
| 123 | +- **Device / Simulator:** Implements W3CP handshake and cryptographic proof |
| 124 | +- **Polkadot Identity Sidecar (Open-Source):** |
| 125 | + - Resolves device DIDs |
| 126 | + - Verifies signatures |
| 127 | + - Validates attestations in real time against Polkadot |
| 128 | +- **Backend (Reference Integration):** |
| 129 | + - Performs live verification |
| 130 | + - Does not maintain a device registry |
| 131 | +- **Demo UI:** Visualizes verified vs rejected connections |
| 132 | + |
| 133 | +The backend trusts **on-chain state**, not its own database. |
| 134 | + |
| 135 | + |
| 136 | + |
| 137 | +--- |
| 138 | + |
| 139 | +### Technology Stack |
| 140 | + |
| 141 | +- **Backend:** Java (Quarkus) |
| 142 | +- **CP-Firmware** Java, open-source |
| 143 | +- **Identity Sidecar:** Node.js, open-source |
| 144 | +- **Frontend:** Web UI (Vue.js, hosted on AWS CloudFront; publicly accessible, Google Auth) |
| 145 | +- **Infrastructure:** AWS |
| 146 | +- **Blockchain:** Polkadot (Westend for proof-of-concept, mainnet-ready design) |
| 147 | +- **Cryptography:** Standard public-key signatures, challenge–response authentication, and cryptographic hashes |
| 148 | + |
| 149 | +No proprietary cryptographic primitives are introduced. |
| 150 | + |
| 151 | + |
| 152 | +--- |
| 153 | + |
| 154 | +## Ecosystem Fit |
| 155 | + |
| 156 | +### Why This Matters to Polkadot |
| 157 | + |
| 158 | +- Demonstrates **real-world device identity usage** in production-like environments |
| 159 | +- Aligns with **DePIN, IoT, and decentralized identity** verticals |
| 160 | +- Creates **tangible Polkadot usage** through on-chain identity anchoring |
| 161 | +- Positions Polkadot as an **invisible but critical infrastructure layer** for physical systems |
| 162 | +- Provides a **practical reference implementation** that can be evaluated, tested, and reused by the foundation and the broader ecosystem |
| 163 | + |
| 164 | +This project is designed to be **actively used, tested, and extended**, not merely demonstrated. |
| 165 | + |
| 166 | + |
| 167 | +--- |
| 168 | + |
| 169 | +## Scope & Deliverables |
| 170 | + |
| 171 | +### Milestone 1 — Polkadot Device Identity Verification Core |
| 172 | +**Duration:** ~6 weeks |
| 173 | +**Cost:** ~$15,000 USD |
| 174 | + |
| 175 | +**Deliverables:** |
| 176 | +- Extension of the existing PoC into a **formal DID-based identity model** |
| 177 | +- Polkadot identity sidecar (open-source reference attester) |
| 178 | +- Real-time on-chain verification and attestation checks |
| 179 | +- Verified connection flow (unauthenticated → verified / rejected) |
| 180 | +- Charge-point simulator implementing the upgraded W3CP identity handshake |
| 181 | +- Protocol documentation and trust-model explanation |
| 182 | + |
| 183 | +--- |
| 184 | + |
| 185 | +### Milestone 2 — Demo, Documentation & Developer Experience |
| 186 | +**Duration:** ~6 weeks |
| 187 | +**Cost:** ~$15,000 USD |
| 188 | + |
| 189 | +**Deliverables:** |
| 190 | +- **Public Demo UI** |
| 191 | + - Visualizes device connection attempts |
| 192 | + - Shows real-time identity verification outcomes |
| 193 | + - Allows anyone to experiment end-to-end |
| 194 | + |
| 195 | +- **Public HOW-TO Documentation** |
| 196 | + - How the **W3CP protocol** works |
| 197 | + - How devices perform DID-based identity handshakes |
| 198 | + - How the Polkadot identity sidecar verifies identities and attestations |
| 199 | + - How to migrate from testnet-based PoCs to mainnet-ready setups |
| 200 | + |
| 201 | +- **Open-Source Components** |
| 202 | + - Charge-point firmware simulator / reference implementation |
| 203 | + - Polkadot identity sidecar |
| 204 | + - Stateless |
| 205 | + - Unauthenticated |
| 206 | + - Backend-agnostic |
| 207 | + - Reusable by other projects |
| 208 | + |
| 209 | +The backend itself is **publicly accessible and testable**, but its internal implementation is **not part of the open-source deliverables**. |
| 210 | +It serves as a **reference integration of the W3CP protocol**, demonstrating how decentralized identity verification can be embedded into real backend systems. |
| 211 | + |
| 212 | +--- |
| 213 | + |
| 214 | +## Explicitly Out of Scope (Context & Rationale) |
| 215 | + |
| 216 | +The following activities are **intentionally out of scope for this grant**, but are **actively ongoing and financed through other means**: |
| 217 | + |
| 218 | +- Commercial backend and frontend product development |
| 219 | +- Integration and pilot discussions with charge-point vendors |
| 220 | +- Integration and pilot discussions with vehicle manufacturers |
| 221 | +- Secure hardware modules, certifications, and manufacturing |
| 222 | +- OCPP protocol extensions |
| 223 | +- Payments, wallets, and settlement logic |
| 224 | + |
| 225 | +These activities are **essential for real-world adoption** and are being pursued in parallel. |
| 226 | +This grant **explicitly focuses on the Polkadot-based identity layer**, which must remain **open, reusable, and ecosystem-facing**. |
| 227 | + |
| 228 | +--- |
| 229 | + |
| 230 | +## Why This Split Is Intentional |
| 231 | + |
| 232 | +Real-world infrastructure adoption requires **both**: |
| 233 | + |
| 234 | +1. **Open, neutral infrastructure primitives** |
| 235 | + (Polkadot-anchored decentralized identity) |
| 236 | + |
| 237 | +2. **Commercial execution and market integration** |
| 238 | + (vendors, pilots, operations, compliance) |
| 239 | + |
| 240 | +This grant funds **(1)**, while **(2)** ensures that the work leads to **real-world usage** rather than isolated experiments. |
| 241 | + |
| 242 | +This reflects how infrastructure is built and adopted in practice. |
| 243 | + |
| 244 | +--- |
| 245 | + |
| 246 | +## Team :busts_in_silhouette: |
| 247 | + |
| 248 | +**Web3 Energy Ltd.** is a company focused on building real-world energy and EV charging infrastructure software. |
| 249 | +The team combines backend engineering, protocol design, and deep domain knowledge of charging systems and identity. |
| 250 | + |
| 251 | +- **Company Website:** https://web3-energy.com |
| 252 | +- **GitHub Organization:** https://github.com/web3-energy |
| 253 | + |
| 254 | +We are happy to provide live demos, walkthroughs, or additional context in a call if helpful during the review process. |
| 255 | + |
| 256 | + |
| 257 | +## Final Note |
| 258 | + |
| 259 | +This project is intentionally pragmatic. |
| 260 | + |
| 261 | +It does not attempt to solve everything at once. |
| 262 | +It demonstrates how Polkadot’s decentralized identity stack can be applied to real-world infrastructure, connecting on-chain identity with physical devices in a concrete, testable, and extensible manner. |
| 263 | + |
0 commit comments