White Paper
Proof of SIM Protocol
– Introducing web3 souls
Inspired by
“ On today’s Web 2.0, we give away our personal information and our power in order to exist on the Internet. For most cybercitizens, it would be debilitating to be deprived of Gmail, Google search, Google docs, Twitter, Amazon’s services, Apple’s ecosystem, and the various Facebook properties.
The Web is broken — or incomplete — because it has no native constructs for identity or money.
Without a native construct for money, the web turned to advertising as its core business model.
Without a native construct for secure and private identity, the web grew before we could recognize that an advertising technology cancer was growing and killing the patient.”
— Joe Lubin, co-founder of Ethereum [1]
Contents
1. Introduction
The rapid development of mobile internet applications and the sharp rise of smartphone penetration have brought significant changes to people’s lives. However, the current internet is driven by centralized platforms that limit the ecosystem and monetize users’ data with little to no consent. Privacy concerns and data misuse, as well as the risk of being excluded from the centralized system, have created significant adverse social and political effects that result in receding democratic freedoms and rising digital authoritarianism.
We need to rebuild the DNA of the next web3 so that it can grow without the diseases that are spreading in the current cyberspace. A decentralized internet ecosystem i.e. the web3 internet is in its infancy where many startups are created and industrial efforts are being made to transform the current web internet into a user centric system.
A decentralized identity system is likely to become the underlying bedrock for web3, but it would be impossible for pure software algorithms to resolve the social and political complications. Therefore, a protocol for identity consensus that can operate outside of centralized and privately owned platforms has to be built natively that uses the human network where the complications are resolved implicitly. For web2, individuals also need solutions to transform the way they interact with apps and services for online privacy and data sovereignty. Sign-In with Ethereum (SIWE) has defined how Ethereum accounts authenticate with off-chain services by signing a standard message parameterized by scope, session details, and security mechanisms (e.g., a nonce). Adding humanity into the Ethereum account will become even more appealing to web2 service providers.
Soul Bond Tokens (SBT) [2] are amongst the latest innovations of the blockchain to construct the characteristics of a decentralized identity for web3 internet. In order to bootstrap the web3 ecosystem so SBTs can be proliferated and interconnected globally, we need a consensus protocol for issuing an identity SBT which can be available to the majority of the adopters of web3 for building up a scalable decentralized society (DeSoc).
The cellular networks around the world are likely the closes infrastructure to the human network where people are connected with their real world identities. Telcos issue the SIMs or eSIMs to their users mostly with legal verifications and make the SIMs or eSIMs the largest global database of identities, where the web3 identities are to likely be born.
In this white paper, we introduce the Proof of SIM (PoSIM) protocol, as well as the creation of a user sovereign space within the mobile device, where the PoSIM protocol can be initiated to interwork with the Ethereum network for creating the SBT autonomously and transparently as the decentralized identity with economical efficiency. The smart card industry has underpinned the telecom, financial and identity system in the real world. We introduce a DAO system to incorporate the security of smart card production and distribution schemes into the PoSIM protocol to scale up the democracy for building up the decentralized mobile society.
2. Proof of a decentralized identity protocol and challenges
In order to build a robust decentralized identity system, we need to utilize technologies as the substrate and build the system to provide incentives to users.
i.The substrate for generating “human entropies” is by collecting identities in an active mobile device. The substrate should have the following features.
■ Uniqueness — No two people should have the same ID
■ Singularity — Easy to produce once but difficult to produce multiple times
■ Minimal to zero personally identifiable information
■ Easy for humans to produce but difficult for AI to replicat
ii.The incentives drive users to construct the identity and continuously maintain its legitimacy
● Shared vision: A realistic and better web3
● Shared economy: A user centric internet economy where user can protect and monetize their data
● Desire for privacy and anonymity in online spaces and transactions
● Universal Basic Income
● Benefits from the user inclusive data economy of web3
There are many challenges to building a decentralized identity system. A Trilemma [3] exists making a typical decentralized identity system not scalable while also maintaining a user centric internet data economy.
■ Sybil Resistance
■ Self Sovereignty
■ Privacy Preservation
3. Proof of SIM (PoSIM) protocol
A true decentralized identity solution would enable people to maintain full control over their personal data, but the lack of a centralized database of identities would make it difficult to guarantee the unicity and singularity of these identities. While biometrics provide interesting benefits to an identity management system, they are not devoid of any drawbacks. First of all, using biometric data to create a singular and unique identifier obliges individuals to identify themselves as one and only one persona, even when it is not necessary for a particular case, which may present significant privacy issues and irreparable damages if there is data leakage. Moreover, access technologies to biometric are complicated and expensive to be applied for scaling up a global identity system.
There are also attempts using National IDs or Passports for creating a decentralized identity. However, to achieve this, documents must be collected and verified, therefore making it impossible to avoid a 3rd party aggregation of private data, creating another layer of centralization and a single point of weakness for security breaches.
Interoperability and standardization is also important for building a scalable identity system; to provide the system with sufficient flexibility to adapt to the inherently malleable nature of human identity. Nowadays people are connected by the mobile networks which are standardized globally by GSMA (Groupe Speciale Mobile Association). Mobile phone numbers have become the ideal identifier for centralized platforms for identity verification, as mobile phone numbers are becoming scarce resources with legal verification.
Today, phone verification solutions based on SMS OTP are commonly used by internet service providers and have underpinned the web2 ecosystem for user onboarding and authentication. However, frauds such as SMS spoofing and SIM swap show how adopting an external system for a purpose it was not intended for without additional processes introduces risks, these have created damages to the security of financial systems and additionally there is no ownership of the risks. Additionally, privacy issues of giving out mobile phone numbers to centralized platforms are becoming a greater concern.
In web3, there is no trade off for giving away phone numbers, which are directly linked to the real identity of users. The PoSIM protocol leverages the SIM’s capability to generate mobile fingerprints of the mobile device through the PoSIM applet, which is operated within the user sovereign space of the SIM, eSIM, or a secure element within the mobile device. The mobile fingerprint resembles human entropy and are verified by the PoSIM smart contracts on a blockchain network, like Ethereum, for singularity and unicity. A soul bond token (SBT) will be issued autonomously by the PoSIM smart contract to the user wallet when the proofs are verified. The strengths of PoSIM issuing SBT will be described in Section 4.1.
3.1 Mobile fingerprints are comprised of the values below:
● Hash of the ICCID & MSIN from the SIM
● Hash of the IMEI from mobile device
3.2 PoSIM mobile APP
The PoSIM mobile APP performs the following functions:
● APP & SIM binding through OTP
APP & SIM binding is performed by verification of an OTP generated by the SIM hardware, the OTP should be entered into the APP by the user and sent to a relayer that verifies that the mobile APP and the SIM is active within the same mobile device and operated by a real person.
The PoSIM APP is open source in GitHub with both iOS and Android versions.
3.3 PoSIM applet
The PoSIM applet utilizes functions from the SIM Application Toolkit for the SIM-ME interface as defined in 3GPP TS 31.111 [4]
● the work flow
Display of STK menus:
3.4 Relayer
A key requirement for the SIM(UICC) or eSIM(eUICC) in the PoSIM protocol is that the device supports Bearer Independent Protocol ( BIP ). This protocol exists only between the device and the SIM/eSIM and enables a SIM/eSIM to request the device to set up a data session with a BIP node, the Relayer in the PoSIM protocol. This provides a much faster method of access to the SIM/eSIM than SMS without exposing the phone numbers.
BIP comprises of a set of commands specified in the ETSI/3GPP standards which are supported by baseband chip suppliers for smart phones such as Qualcomm, Intel and MediaTech.
The BIP node is part of the cellular network infrastructure for SIM/eSIM issuers (likely the telcos) to manage SIM/eSIM applications. One of the important features of the BIP protocol is that the data connection through the cellular network is established with the BIP node only when the SIM is authenticated by the telco. Therefore, when the BIP node receives data from a particular SIM/eSIM, we conclude that the SIM/eSIM is live.
Upon receiving connection from both the PoSIM APP and the PoSIM applet, the Relayer performs the following functions:
○ Pairing the PoSIM APP data with the PoSIM applet data with the originated IP address
○ Comparing both OTPs from the APP and PoSIM to verify RTT
○ Generating TokenUri
○ Sending transaction to PoSIM smart contracts
3.5 PoSIM smart contracts
● POSAttestor
● Receiving parameters from relayer
○ H(SIM ICCID + SIM MSIN)
○ H(Device IMEI)
○ SIM MCC
○ SIM MNC
○ Merkle leaf, Merkle proof, factory id, and batch id
○ Wallet address
○ Signature
○ TokenUri
● Verification
○ Check if H(SIM ICCID + SIM MSIN), H(Device IMEI) and Merkle leaf have been used before
○ Check if the signature is valid
○ Verify Merkle proof to make sure this SIMask comes from a valid SIM card factory
● Issue PoSIM Token
○ Mint PoSIM Token to owner address with TokenURI.
● PoSIMToken
● A SoulBound Token issued through PoSIM protocol
● Non-transferable
● Revocable
● One account one PoSIM token
● Metadata example:
● SIMMTMgr
★ Storing Merkle root, factory id, and batch id sent from SIM card factories.
★ Providing a Merkle Tree verify function.
3.6 PoSIM Role & Responsibility
3.7 Solving the Trilemma
3.7.1 Self sovereignty:
● SIM or eSIM are standalone security chips that perform security computations. PoSIM provides an open sourced application (Java applet) that can be downloaded to the eSIM or personalized in a regular SIM with telco SIM profiles as a user sovereign space where users can create their web3 wallet with a high level of security that is equivalent to hardware wallets and is interoperable with mobile devices.
3.7.2 Sybil Resistance:
● Mobile fingerprints: IMSI (International Mobile Subscriber Identity) is the unique identity of an authenticated mobile user, which is used by the PoSIM protocol to prevent Sybil attacks. In most instances, legal verification KYC is conducted by the telcos when onboarding users for mobile services. In cases where SIM issuance by the telcos do not require KYC, the weighting of the PoSIM SBT could be lowered and the user identity needs to be further strengthened by more SBTs, such as PoSIM distributor SBT.
● Relayer verification
■ APP & SIM OTP binding to prevent AI & Bot attack
■ Location verification to prevent from unlicensed network attack
● Smart Contract verification
■ Java applet Merkle tree Hash verification
■ ICCID+MSIN Hash verification (blacklist)
■ IMEI Hash verification (blacklist)
■ Signature verification
■ PoSIM SBT Issuance
3.7.3 Privacy Preservation:
All sensitive information is processed within the SIM chip and converted into Hash values before delivery for external verification through secure and encrypted channels. PoSIM SBT is granted by the smart contract after successful verification of the ZK proofs and uniqueness of Hash values.
3.8 Zero-Knowledge PoSIM liveness & PoSIM registration protocol
Registration through PoSIM leans on SIM liveness & Zero-Knowledge Proofs to ascertain:
● Completeness: Within a mobile device, if the SIM is authenticated by the cellular network, the BIP connection will be set up for sending the data to the Relayer. The Relayer is therefore convinced the SIM is live.
● Soundness: Within a mobile device, if the SIM is not authenticated by the cellular network, the BIP connection will fail and the Relayer will not receive the request and no other prover can convince the Relayer that the SIM is live.
● Zero-Knowledge: No information is received by the Relayer except Hash values (inclu. Hash(ICCID || MSIN), Hash(IMEI)) and MCC ||MNC, which are not related to the liveness of the SIM.
For the zero-knowledge protocol described above, the following steps must be performed on the STK (SIM Tool Kits) to enable PoSIM registration:
1.After the SIM is validated and camped on the mobile network, the PoSIM procedure should abstract MCC || MNC (from SIM) and compare with them in LAC || ICCID (from the mobile device) to prevent from roaming attacks.
2.Create a deterministic public/secret key pair based on a secret mnemonic code (no need for verifiable computation), and generate the wallet address based on public key:
pk; sk = Det_KeyPairGen(KDF (mnemonic code))
wallet_address = Det_KeyGen(KDF (pk))
KDF is a cryptographic-based key derivation function.
3.Derive a signature signatureSecretsk
(a) Get Distributor information & the Merkle_tree information.
(b) Generate an OTP
(c) Get ICCID & IMSI from SIM
(d) Get IMEI from mobile device
signatureSecretsk = PKCS_Sign (MCC || MNC || Hash(ICCID || MSIN) || Hash (IMEI) || wallet_address || Hash(Merkle_tree_Path) || Merkle_tree_Leaf || Merkle_tree_Factor_ID || Merkle_tree_Batch_ID; sk)
4.Send the Registration Message Reg_message to verifier via BIP connection
Reg_message = Distributor_name || Distributor_address || MCC || MNC || Hash(ICCID || MSIN) || Hash(IMEI) || Block_chain_index || wallet_address || Merkle_tree_Path || Merkle_tree_Leaf || Merkle_tree_Factor_ID || Merkle_tree_Batch_ID|| signatureSecretsk || OTP
5.The verifier verifies the validity of the signature signatureSecretsk
6.The verifier verifies the validity of Merkle_tree information, Hash(ICCID||MSIN), Hash(IMEI) by using information obtained from a wallet.
This registration protocol claims:
● When the Registration Message is delivered via BIP, it demonstrates that the SIM is authenticated by the network and therefore fulfills the claims of Completeness and Soundness of the registration of the PoSIM process.
● All personal information used in the registration is through Hashes (Hash(ICCID || MSIN), Hash(IMEI)) and therefore irrecoverable and provides no additional information about the real world identity of the user (Zero-Knowledge)
● Prevention against roaming attacks: The only checks tied to the physical world are simple comparisons of the MCC || MNC against the LAC to prevent PoSIM registrations using the roaming network.
4. Interconnecting on-chain and off-chain identities
4.1 PoSIM is an on-chain contract issuing SBT-based identity – the schelling point of SBTs
Just like the first sentence of “Decentralized Society: Finding the web3’s Soul”[2]: "web3 today centers around expressing transferable, financialized assets, rather than encoding social relationships of trust. Yet many core economic activities-such as uncollateralized lending and building personal brands-are built on persistent, non-transferable relationships….". This is why SBT wants to explore the concept of "identity" as a necessary condition of "contract", so as to fundamentally solve various problems caused by the absence of the "identity" system in Ethereum.
In the conceptual system of SBT, a Soul account can have multiple different SBTs; and the humanized "personality identity" is the appropriate role to represent the Soul account. Therefore, how to generate a Soul account that conforms to web3 in a decentralized society is a very important topic, and a Soul account itself should have a SBT with the following characteristics:
● Personalization SBT
● Uniqueness
● Decentralization (Implicit centralization)
● Zero personally identifiable information
● Difficult for AI to replicate / Prevent deep fake
● Prevent Sybil attack
● Easy to produce once by human, but difficult to produce twice by AI and software
● Anarcho-intervention / Anarcho-capitalism,…etc.
We can use these characteristics as axes on a Radar chart [5] (the following figure shown as an example) to evaluate the generated Soul account.
Figure. Evaluation Radar chart for PoSIM by In-depth interview
(average of 21 experts)
In the game of generating a focal SBT for soul accounts, the proposed PoSIM SBT aims to become the Schelling Point when individuals conduct transactions in P2P and P2M space, such as sending friend requests or registering to a website. The proliferation of SBTs will require a bootstrapped SBT as the soul account which carries the basic characteristic of members within the community — the proof of person-hood. This is the most challenging task in the web3 world, but also where PoSIM presents the best likelihood. Using the PoSIM SBT as a basis, the rest of the SBTs correlate to paint a complete picture to reflect the personality of the person behind the identity.
4.2 PoSIM bridges on-chain SBT to off-chain W3C DID[7] (with VC[8])
The research article -- SBT: the Key to Unlock the Future of DeSoc[9], claims that projects that use SBTs as identification directly treat the SBTs only as credentials for identification, but they could also contain other credentials, such as KYC. In this regard, on the topic of decentralized identity, SBTs overlap considerably with W3C’s DID (with VC), which together could be considered as a new solution for generic DID.
Ideally, in the future, each Soul user should have a unique decentralized identity with many secure, non-transferable credentials under this identity, each reflecting an aspect of the user’s experience, skill, qualifications, etc. (This Soul-related identity can also be an address, or a collection of multiple addresses)
The proposed PoSIM not only generates an identification type SBT, but also provides the SDK and an operating environment for generating W3C DID (with VC).
More details will be published in future related white papers.
5. The deadlock of the current web3 development – web2.5
● Due to the lack of a native social identity system, the current development of web3 is stuck in web2.5, where 3rd party risk can not be avoided and another layer of centralization is once again created.
● Unlock the Internet Data Economy
The vision of the PoSIM protocol is to transform the internet to include all the individuals into the data economy. Our first goal is to enable an Ethereum wallet for all users to use as the preferred method for universal logins for both existing centralized platforms as well as the decentralized web3 internet.
6. DAO
web3 is all about building community. The PoSIM protocol incorporates the security of smart cards into the decentralized Ethereum network for enrolling community members through the mobile network. We are empowering individuals, through the disciplined identities used in the mobile network system, to create their decentralized identities to utilize the transparency and openness of blockchain technologies. Through the existing mobile infrastructure, PoSIM could be the protocol to implement the largest DAO community represented and driven by real world users. In order to augment the real mobile society, a DAO based on PoSIM protocol will facilitate the off-chain management of the logistic schemes.
● Security audit of SIM production sites, considering PCI, EMV and SAS certification as the prerequisites. The production of PoSIM hardware wallet will adopt security baselines from PCI SSC programs covering the PCI CP and PCI DSS requirements. These programs set stringent physical and logical security requirements for compliance by entities involved in the ecosystem of PoSIM to ensure Data preparation of Merkle tree is secure within the production sites, where Merkle proofs are securely personalized to the SIM hardware without leakage.
● PoSIM smart contract development and maintenance
● Approvals for Merkle Roots registration to smart contract
● SIM chip hardware specification and roadmap of PoSIM applet
● Mobile APP development and maintenance
● Management of DAO tokens
● User onboarding
● PoSIM SBT life cycle management
User onboarding includes different business models for partnerships and technologies for hardware implementations in order to embrace the majority of mobile users with the greatest user onboarding journey.
6.1 Partnership with MNO/MVNOs
In web2, the internet was decoupled from the cellular networks with dominant OTT (Over The Top) services and, before we realized, it has grown to be intertwined with advertising and technologies that decoupled the telcos and end users from the internet data economy, regardless of the huge investment telcos has made for the licenses and building up of the high speed mobile internet. However, in web3, telcos can gain control with the PoSIM protocol.
M-Pesa is an prominent example and one of the earliest successful mobile payment service driven by Vodafone using SIM cards and has been in service since 2007. With telcos’ capacity in providing connectivity and compliance to domestic governance, web3 is potentially the next era where telcos can play important roles for embracing the majority of users by gardening the decentralized web3.
The PoSIM team includes veteran members from the telco and SIM vendor industry, who are senior executives in the mobile ecosystem and active in GSMA working groups. We are committed in promoting web3 and blockchain technologies that bring synergies to the mobile network ecosystem.
Telcos play not only key roles for user KYC but also massive user onboarding, as well as a trusted entity for compliance.
Nowadays telcos are providing both eSIM or plastic SIM to the users. PoSIM supports both eSIM and plastic SIM by providing the Java applet which is compatible with the eSIM chip as well as the plastic SIM.
● Data preparation for eSIM
An eSIM (embedded-SIM) is a form of programmable SIM card that is embedded directly into a device. Instead of an integrated circuit located on a removable universal integrated circuit card (UICC), typically made of PVC, an eSIM consists of a Java Card operating system installed onto an eUICC chip permanently attached to a device. The Java Card operating system is capable of performing cryptographic APIs that are required by PoSIM protocol through the PoSIM Java Applet. The PoSIM Java Applet is open source and licensed to Telcos for eSIM download to user devices.
The Merkle Root of eSIM productions is registered to the smart contract with multi-signatures by both the partnered operator and DAO.
● Data preparation for plastic SIM
The Merkle Root of plastic SIM productions is registered to the smart contract with multi-signatures by both the partnered operator and DAO.
6.2 Partnership with smartphone device makers
eSIMs has become a GSMA standard that is supported by the latest high end smartphones. We will pursue the opportunity to partner with smartphone device markers to include PoSIM as a default capability of the eSIM chip of the smartphones, where the device makers will be included into the PoSIM token economic system and able to interconnect their own web3 gardens into the PoSIM global community.
6.3 Distribution of hardware solutions
In the web3 context, we are empowering individuals. We want to build the SIM that is ubiquitously available to individuals for enabling the self-custody wallet, which is one of the underlying principles of what makes the natively constructed identities and money significant. As the underlying technology for web3, blockchain’s crucial innovation is a decentralized ledger, secured with cryptography, that ensures integrity, immutability, and no single point of vulnerability in the network. However, one remaining area of vulnerability is the private keys associated with ownership. If those private keys are lost or stolen, any associated coins or assets are lost forever. Many people have inadvertently erased their private bitcoin keys, and the associated bitcoins have essentially disappeared. In other cases, thieves have hacked into centralized exchanges, stolen private keys, and irretrievably transferred the assets. When the wallet is associated with identity, the vulnerability becomes a greater issue.
The web3 internet needs an enhanced self-custody product which should be highly secure, user friendly, low cost and interoperable with their phones. In addition to partnering with the mobile ecosystem players, the PoSIM team has developed MNO/MVNO agnostic hardware solutions, which are distributed with hardware wallet capabilities as a removable secure element for cold wallet and Airgap products.
The features of SIM hardware wallet have the following features:
● Compatible with most of the mobile devices
● Open source software (Java SIM applet)
● NIST FIPS Level-3 certified operating system[6]
● EAL 5+ hardware certification
The hardware wallet SIM come with two form factors:
● A thin film SIM that can be add on to any existing active SIMs in order to onboard the existing mobile phone users
● A regular sized SIM with eSIM capability to onboard new users with new mobile subscription
Production Process of PoSIM hardware wallet
1.SIMask
2.Plastic SIM
3.eSIM
7. Unlicensed mobile network
For networks that are not licensed by the local government, their network code will be excluded from the licensed network, so validators may consider and approve these identities according to their own policy, possibly with less weighted significance. In case the IMSI information provided by an unlicensed network impersonates the identity of a licensed network code, the unlicensed network may face punishment from local government based on local regulation. The PoSIM foundation reserves the rights for claiming damages and losses incurred as a result of actions of the fake network.
8. Regarding IMSI privacy
IMSI is a unique global identifier for the mobile subscriber defined by GSMA. The identifier can be considered to be sensitive personal information which can be traced to a specific mobile phone user. The IMSI is consisted of:
✔ MCC (Mobile Country Code), specifying the country where the SIM is issued
✔ MNC (Mobile Network Code), specifying the Network Operator of the issuer of the SIM
✔ MSIN, the unique serial number given by the network operator.
In 5G specification, IMSI privacy has been defended by encrypting the MSIN information when it's being transferred in the radio network.
In PoSIM, the MSIN is converted into a Hash value by the SIMask hardware once it’s read from the SIM, therefore the privacy of real IMSI is ensured.
9. Regarding IoT SIM
IoT devices can also be significant to the web3 ecosystem, such as vehicles and fleets that are to be included in an ESG system where proofs can be shared on the blockchains to ensure its record and immutability. We will include PoSIM for the IOT space in future deployment.
10. Conclusion
web3, though still in its infancy, has already stunned the world in less than a decade with its unprecedented flexibility and possibility and the creativity of its participants in providing a parallel system of finance. Conventional techniques are already being innovated and adopted in the web3 context, such as public key cryptography, smart contracts, multi-party computing, proof of work and proof of stake. However, such innovations are still not sufficient to facilitate the infrastructure of web3 identity, which involves highly complex social and political connections and relations that are beyond the capabilities of pure mathematics and technology. Starting with SBT, one of the latest innovations in this space, the PoSIM protocol incorporates and uses the mobile network as a starting point for a trustless ecosystem that is already interconnected and augments the web3 system as a decentralized mobile society. The PoSIM protocol has also incorporated smart card technology to facilitate the move for embedded security for self-custory on the path to massive decentralization. The security of the smart card production process is ensured in the banking and telecommunication systems through strict auditing such as EMV and SAS at the manufacturing sites, the security for transactions and identities is built on solid foundations and this same bases is where the Merkle proofs and Merkle Hashes of the PoSIM protocol will be secured and managed in the real world.
Figure. Conceptual Diagram of the PoSIM protocol
PoSIM is the most likely protocol to build up the largest web3 community in the world. ETID tokens are issued to the community members and partners to proliferate the economy system within the community and supply chain of hardware and eSIM subscription service..
1. For wallet app provider to onboard PoSIM users to secure their wallet with PoSIM hardware wallet
2. For MNO/MVNOs to onboard PoSIM users to subscribe their service with plastic SIMs or eSIMs
3. For web3 companies to onboard PoSIM users to receive Airdrops, soul drops and NFTs
4. For web2 & web3 companies to onboard PoSIM users for Login & Registration
5. For SIM manufacturers to register the Merkle proofs on chain
6. For users to subscribe eSIM services.
ETID will be distributed to PoSIM SBT holders through multiple rounds. Based on the GSM network framework, the network location can be identified, and ETID will be distributed to PoSIM SBT holders in different network locations. The number of eligible PoSIM SBT holders in the first round is about 0.006% of the early majority population within any specific network location, and each eligible PoSIM SBT holder in the first round will receive 24 ETID, among which 8% will be allocated to the distributor who distributes hardware wallet SIM if applicable. We expect the number of eligible PoSIM SBT holders in each successive round will increase by 80%, while the amount of ETID to be distributed to each holder in each round will be reduced by 32%. We aim to reach out to 1.4b population, which we deem is enough to cover early majority stage in an innovative adoption. Registration of merkle root will require ETID payment to smart contract at 0.8 ETID per SIM.
11. Roadmap
I. Genesis (2019-2022)
✔ PoSIM applet specification and development
✔ NIST FIPS Level 3 certification for PoSIM
✔ PoSIM smart contract development
✔ Wallet Duet launch for secure communications
II. Exodus (May 2022 – 2023)
✔ PoSIM applet open source
✔ PoSIM hardware Distribution to make self-custody mainstream
✔ Airdrop to early adopters for bootstrapping PoSIM ecosystem
✔ Build communities for PoSIM
III. Revelation (2023-2025)
✔ Engage MNO/MVNO partners for Masses adoptions
✔ Engage Phone Makers for SE integration
✔ Engage Advertising partners
✔ Engage Gaming partners
IV. Eden (2025 onward)
✔ Inclusion and expansions
12. References
[1] ConsenSys, “Joe Lubin’s Speech from Devcon5: How We Get to a Decentralized web”, Oct. 11, 2019, https://media.consensys.net/joe-lubins-full-speech-from-devcon-5-how-we-get-to-a-decentralized-world-wide-web-1f83b35b2a0c
[2] E. Glen Weyl, Puja Ohlhaver, Vitalik Buterin, “Decentralized Society: Finding web3’s Soul”, May 2022
[3] Maciek, “Decentralized identity trilemma”, Aug. 13, 2018, https://maciek.blog/dit/
[4] 3GPP TS 31.111, “Universal Subscriber Identity Module (USIM), Application Toolkit (USAT)”, https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=1807
[5] Radar chart wiki (https://en.wikipedia.org/wiki/Radar_chart) & “How to Use Radar Chart for Competitive Analysis?” (https://www.visual-paradigm.com/tutorials/how-to-use-radar-chart-for-competitive-analysis/)
[6]https://csrc.nist.gov/projects/cryptographic-module-validation-program/Certificate/3441; https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3441.pdf
[7] W3C Recommendation, “Decentralized Identifiers (DIDs) v1.0”, July 2022, https://www.w3.org/TR/did-core/
[8] W3C Recommendation, “Verifiable Credentials Data Model v1.1”, March 2022, https://www.w3.org/TR/vc-data-model/
[9] Huobi Research, “SBT: the Key to Unlock the Future of DeSoc”, Dec. 2022, https://medium.com/huobi-research/sbt-the-key-to-unlock-the-future-of-desoc-c94d926e1add