The "Human-in-the-loop" Protocol

The iuth protocol is built on a fundamental security assertion: Private keys capable of arbitrary asset transfer must never reside solely on an edge device.

Instead of giving robots full autonomy, iuth implements a Request-Response Protocol. The robot acts as a "Builder" of transactions, while the human acts as the "Signer."

The 4-Step Authorization Lifecycle

The protocol follows a strict linear flow for every sensitive action (financial or high-security access).

Step 1: Intent Generation (The Robot)

The Managed Device identifies a need based on its environmental sensors or internal logic.

  • Example: "Battery at 10%. Detected Tesla Supercharger. Cost estimate: $15."

  • Action: The robot constructs a Partially Signed Transaction (Packet) or a Solana Action payload. It includes metadata: Target (Charger ID), Amount ($15), Timestamp, and Context (Photo of charger).

Step 2: Transmission (The Link)

The robot transmits this intent to the owner's Controller Node (iuth App).

  • Transport: Encrypted P2P channel (e.g., Libp2p) or an on-chain event stream.

  • UX Format: The request is rendered as a "Blink" (Blockchain Link)—a rich, interactive card displayed in the user's feed.

Step 3: Verification (The Human)

The Controller Node receives the request and filters it through the Local Policy Engine.

  • Scenario A (Auto-Approval): If the request matches a pre-set rule (e.g., Allow charging < $20), the app automatically signs it in the background.

  • Scenario B (Manual Approval): The app triggers a Push Notification. The user views the card ("Robot #1 needs $15") and taps [Approve].

Step 4: Execution (The Network)

Once signed by the Master Key (or a delegated high-privilege key), the transaction is broadcast to the Solana cluster.

  • Finality: The blockchain validates the signature.

  • Trigger: The successful transaction emits an event that the physical charging station listens to, unlocking the power flow.

Protocol Sequence Diagram

The following diagram details the cryptographic handshake:

코드 스니펫

sequenceDiagram
    autonumber
    participant Bot as Robot (Edge)
    participant App as iuth App (Owner)
    participant Chain as Solana Cluster
    
    Note over Bot: 1. Construct Transaction Instruction
    Bot->>Bot: Create Instruction (Transfer $15)
    Bot->>App: Send Transaction Payload (Unsigned)
    
    Note over App: 2. Human Verification
    App->>App: Verify Payload Integrity
    App-->>User: Display Approval UI
    User->>App: Biometric Confirmation (FaceID)
    
    Note over App: 3. Signing
    App->>App: Sign with Master Private Key
    App->>Chain: Broadcast Signed Transaction
    
    Note over Chain: 4. Settlement
    Chain->>Chain: Deduct Balance & Update State
    Chain-->>Bot: Confirmation (Slot #12345)

Handling Latency & Connectivity

Robots often operate in environments with unstable internet. The protocol supports Asynchronous Authorization:

  1. Pre-Authorization: The user can sign a "Time-Bound Spending Allowance" (e.g., valid for 1 hour) before the robot enters a dead zone.

  2. Offline Queuing: The robot queues requests locally. Once connectivity is restored, the iuth App processes the batch (Bulk Approval).

PreviousTethered Identity SystemNextSecurity Model

Last updated