IoTrix

Overview: This project is an IoT-based secure communication system that leverages blockchain technology and cryptographic algorithms to ensure reliable, tamper-proof, and private data transmission between IoT devices.

Problem Statement : The rapid growth of IoT devices has introduced significant challenges around security, scalability, and trust. Existing IoT systems typically rely on centralized client–server models, which create single points of failure, expose the network to cyberattacks, and make them vulnerable to data breaches and manipulation. Such centralized frameworks limit scalability and reduce resilience, leaving IoT ecosystems fragile in real-world deployments.

Solution : To address these issues, our project proposes a blockchain-enabled peer-to-peer transaction system that removes central dependencies and ensures trustless, verifiable, and tamper-resistant data exchange. By combining decentralized routing with cryptographic security, this approach creates a transparent, secure, and scalable framework for IoT communication, safeguarding devices against attacks while supporting large-scale deployments.

Key features

1. Blockchain-Backed Decentralized Routing : A blockchain ledger stores hashes and transaction proofs of IoT communications, enabling a decentralized routing system that ensures immutability, fault tolerance, and the elimination of single points of attack.
2. Cryptographic Security : The system employs advanced cryptographic algorithms, such as BLAKE3 and Elliptic Curve Cryptography (ECC), to secure all stages of communication. These algorithms provide strong authentication for IoT devices, enable encrypted and tamper-resistant routing of data, and protect the network from unauthorized access or malicious interference. ​​3. Deployment : The project has been deployed on Fluence, where the server is distributed across different VMs.This ensures scalability and resilience, allowing the system to handle multiple IoT devices without bottlenecks.

Working :

1. IoT Device Packet Creation The process begins with IoT devices generating data packets. Each packet includes fields such as source IP, destination IP, timestamp, sequence number, and payload. Before transmission, the payload is hashed using BLAKE3, and then signed with a BLS signature, ensuring authenticity and preventing tampering.
2. Validation and Forwarding through Nodes Once the packet enters the network, it is received by a router node . Each node validates the packet by verifying the BLS signature. If valid, it adds its own identifier to the packet and forwards it toward the next node This hop-by-hop forwarding creates a chain of trust, where every node is accountable, and the path can later be audited. Invalid packets are dropped immediately, maintaining security.
3. Root Packet Detection and Collection Some packets are flagged as root packets based on their hash value falling under a threshold (noted as “Root packet mode collected” ). These root packets are important because they serve as inputs for block creation. Nodes collect these special packets while continuing to route normal packets across the network.
4. Block Node and Blockchain Recording A block node collects multiple root packets. When enough are gathered, it creates a block header containing the Merkle root of the collected packets, the aggregated BLS signatures, timestamps, and source/destination metadata. This block is then added to the Ethereum blockchain . The blockchain ensures immutability, transparency, and auditability of all IoT communication logs.
5. Smart Contract for Incentives Once a block is finalized, the Smart Contract (noted in the figure) automatically distributes rewards. The packet’s recorded hop list determines which routers participated. Each participating node receives tokens, ensuring fair compensation and incentivizing active participation in packet forwarding.
6. Deployment on Fluence with Multi-VM Setup In deployment, the IoT routing system runs across six servers on different VMs using Fluence. Each VM acts as a router or block node depending on its role. By running on separate VMs across multiple locations, the system benefits from cluster computing: if one VM fails, the others continue routing, and packets still find their way to the destination. This provides fault tolerance, scalability, and geo-distribution. Even if a server in one location stops, routing adapts, and the blockchain continues recording transactions without interruption.

How it’s made

We built this project using a combination of Node.js, JavaScript, Solidity, and Hardhat. Node.js and JavaScript were used to implement the IoT routing logic, handle packet validation, and connect devices to the network. Solidity smart contracts were developed to define verification rules and transaction recording, while Hardhat provided a local testnet environment for compiling, testing, and deploying these contracts before linking them into the full architecture.

Most of the heavy computation in our system—such as BLS (Boneh–Lynn–Shacham) signature aggregation and BLAKE3 hashing—is performed off-chain. This design ensures the IoT devices, which are resource-constrained, do not get overloaded with cryptographic tasks. Instead, these computations are distributed across multiple nodes hosted on Fluence, a decentralized cloud platform.

We specifically chose Fluence because it is CPU-based, making it well-suited for the cryptographic operations our project relies on. Since BLS and BLAKE3 are CPU-friendly and not GPU-intensive, this perfectly aligned with Fluence’s computational model. By deploying across multiple virtual machines (VMs) on Fluence, we enabled nodes in different geographic locations to validate and route IoT packets simultaneously.

This setup brings two critical benefits:

Cluster computing & fault tolerance – Even if one VM or server fails, other VMs continue computation, ensuring the IoT network remains functional without downtime.

Geo-distributed validation – By spreading nodes across regions, IoT packet routing is faster, more resilient, and harder to attack, compared to a centralized client-server system.

In practice, IoT devices generate data packets, which are signed and validated by nearby nodes. The cryptographic proofs are then computed on Fluence VMs, ensuring secure and decentralized off-chain verification. Once validated, the transaction metadata is passed to the blockchain, where the smart contract finalizes integrity checks and stores the result immutably.

This hybrid model of local IoT packet handling, off-chain cryptographic computation on Fluence, and blockchain-backed verification gave us both the efficiency to scale and the security to ensure trustless IoT communication