ObjectID: Digital Identity for Real Objects

ObjectID is designed to provide a digital identity for real-world objects. By assigning a unique identifier, the lifecycle of an object can be tracked at every stage. The real object can be an individual valuable item or a batch of products. In the latter case, ObjectID represents the production lot, and every product in the lot shares the same identifier. To understand how the system works and its benefits, it is crucial to first grasp what an “ObjectID” is.

What is an ObjectID?

Technically, an ObjectID is a Move Object, a digital entity created on a blockchain that operates Virtual Machine Move smart contracts.

In simpler terms, an ObjectID operates like a database record, identified by a unique ID and containing named fields with flexible values. Unlike conventional databases where users can modify any accessible records, ObjectIDs are governed by predefined smart contract rules, ensuring that only designated users have permission to interact with specific objects.

An ObjectID is a digital object stored on the IOTA blockchain and managed by a Move smart contract.

Objects vs. Tokens

Traditional blockchains are designed to handle tokens. IOTA, however, manages Move Objects created by smart contracts. If needed, a smart contract can create objects with token-like properties, making them transferable and tradable via wallets.

In contrast, ObjectIDs are non-transferable objects, meaning they cannot be speculated upon because they lack an owner.

Since ObjectIDs have no owner, they do not have a public/private key pair for signing transactions. This enhances security: operations on ObjectIDs can only be performed if the user meets application-specific credential requirements, rather than merely possessing a private key.

Being stored on the IOTA distributed ledger, ObjectIDs are always accessible for verification—either through public IOTA nodes or a private node for added security.

Lifecycle Tracking

To effectively track an object’s lifecycle, ObjectIDs store all essential details about the real object and can register events.

An event is another Move Object that is owned by the ObjectID itself, specifically linked to the ID of the ObjectID it references.

Since ObjectIDs lack private keys, event data is tamper-proof. Only the smart contract can modify an ObjectID’s events, and only if the requester possesses the appropriate application credentials.

There is no limit to the number of events that can be recorded, enabling a complete history of an ObjectID.

The creation timestamp of an ObjectID is provided by the blockchain with millisecond precision. This makes it impossible to fabricate a false history for a product, as events cannot be artificially condensed into a short timeframe—if a real production process takes months, events cannot be recorded just minutes apart.

Geolocation

One of the ObjectID fields allows storing the geographical position of the real object. A mobile app enables authorized users to update this information.

Validation

One of the most challenging problems in the digital world is preventing unauthorized duplication and distribution of digital objects. Blockchain technology solves this by assigning a unique ID to each digital entity.

ObjectID extends this benefit to real-world objects, allowing anyone to verify whether a physical item matches its digital identity.

 

ObjectID Validation

One of the most challenging problems in the digital world is preventing unauthorized duplication and distribution of digital objects. Blockchain technology solves this by assigning a unique ID to each digital entity.

ObjectID extends this benefit to real-world objects, allowing anyone to verify whether a physical item matches its digital identity.

The Verification Process:

  1. The creator of the real object registers their address via the ObjectID dApp.

  2. This address is stored in the domain name (DNS) used to publish product information.

  3. The ID of the smart contract used to create ObjectIDs is also published.

  4. This connection between semi-anonymous blockchain data and DNS records allows verification that an ObjectID was created by the legitimate owner of the corresponding real-world object.

Since the smart contract automatically detects the creator’s address when generating an ObjectID, it is impossible to create an ObjectID with a falsified creator address.

Preventing Counterfeiting

A counterfeiter might attempt to create their own smart contract to manipulate ObjectID data. However, this is prevented because:

  • Objects created by a smart contract have an immutable link to that contract.

  • It is always possible to verify whether an ObjectID was created using the correct smart contract published in the official DNS.

Additionally, since an ObjectID is simply an alphanumeric sequence, bad actors might try to attach a legitimate ObjectID to a counterfeit real-world product.

This cannot be fully prevented, but it can be easily detected using geolocation. By scanning an ObjectID with the mobile app or reading its QR code, users can compare the authentic object’s location with their own. A significant location mismatch strongly indicates that the ObjectID has been cloned and applied to a fake product.

By leveraging ObjectID, businesses and consumers can confidently authenticate, track, and secure real-world objects using blockchain technology.

 

How can I integrate ObjectID into my production process?

For identifying products manufactured in small series, the simplest and most cost-effective solution is likely to manually create ObjectIDs using the dApp.

However, if integration with information systems is required, a “headless” version of the dApp is available, which exposes REST API. A client-side server is set up so that only the client can manage the private keys used by the software to interact with the smart contract.

Patent Pending

ObjectID is awaiting patent publication. The claims that have been declared are as follows:

  1. A decentralized computer system for the assignment, management, and verification of an inviolable digital identity associated with a real product, characterized in that:

    the creation of the identity is conditional upon cryptographically verifiable proof of control of an Internet domain by the entity requesting product identity registration.

  2. The system according to claim 1, wherein the product identity is exclusively created by a distributed smart contract on a public blockchain, configured to:

    a) accept only requests signed by valid digital identities (DID);

    b) verify that such identities are linked to a web domain via a Domain Linked Verifiable Credential (DLVC) compliant with the W3C standard.

  3. The system according to any of the preceding claims, wherein the product identity comprises:

    • a unique identifier;

    • a reference to the manufacturer’s DID;

    • a link to the Internet domain controlled by the manufacturer;

    • a set of essential metadata and modifiable metadata;

    • a section dedicated to the geo-referencing of the product;

    • and a space for the immutable registration of events in the product’s life cycle.

  4. The system according to any of the preceding claims, wherein the product identity is represented in machine-readable format (QR code, NFC tag, URI, or similar), containing a public link for access to blockchain data, and wherein the comparison between the recorded geographical position of the product and the user’s current position allows for the identification of potential cloning frauds.

  5. The system according to any of the preceding claims, wherein each event associated with the product’s life cycle (maintenance, transfer, technical intervention, change of ownership) is registrable via the same smart contract, and is immutably associated with the product’s original identity.

  6. The system according to any of the preceding claims, wherein authorized operations on a product’s identity are limited to two roles:

    • the owner (initially the manufacturer), who can update the location, transfer ownership, or assign an agent,

    • the agent, authorized by the owner to update the location or register events,

      and wherein fields can be configured to selectively limit the agent’s permissions or block further modification of geo-location.

  7. The system according to any of the preceding claims, wherein the identity of the owner or agent can be verified in real-time through the exchange of a message signed with the private key associated with their DID, and successfully validated only if the signature matches the public key registered in the subject’s DID document.

  8. The system according to any of the preceding claims, wherein all functional components (DID identities, smart contracts, event and identity storage) are distributed on a public blockchain infrastructure, without the use of centralized servers or external databases, ensuring:

    • data immutability,

    • universal and replicated access,

    • absence of single points of vulnerability,

    • and non-recurring operational costs.

  9. Use of the ObjectID system according to any of claims 1 to 8, to guarantee the authenticity, traceability, and correct management of special or hazardous waste, wherein:

    • each waste unit or container is assigned a non-forgeable digital identity via smart contract;

    • every relevant event (production, storage, transport, treatment, disposal) is immutably recorded;

    • geo-location is updated at each transfer of responsibility;

    • and the verification of the waste’s identity, origin, and movement is publicly accessible via blockchain, without the need for intermediaries or centralized systems.

  10. Use of the ObjectID system, according to any of claims 1 to 8, to guarantee the authenticity and traceability of pharmaceuticals and medical devices, wherein the digital identity of each package or component is associated with the verifiable identity of the manufacturer and updated along the distribution chain up to the patient, with registration of critical events such as transport, storage, and administration.

  11. Use of the ObjectID system, according to any of claims 1 to 8, for the certification of the origin, sustainability, and environmental composition of agricultural, food, or industrial products, wherein the recorded data includes events, operators, and environmental parameters collected during production and handling, as well as any connected credits or certifications (e.g., carbon footprint, organic, PGI, etc.).

  12. Use of the ObjectID system, according to any of claims 1 to 8, for the management of used or refurbished goods, wherein the product’s identity allows for the registration of the number of use cycles, repairs performed, any replacements, and enables the new buyer to verify the product’s provenance and technical history, ensuring transparency.

  13. Use of the ObjectID system, according to any of claims 1 to 8, for the certification of the identity of critical components intended for use in regulated sectors (aerospace, defense, automotive, nuclear), wherein the creation of the digital identity and the registration of installation, test, and maintenance events ensures regulatory compliance, traceability, and documentary integrity of the components.

  14. Use of the ObjectID system, according to any of claims 1 to 8, to enable smart objects (IoT) to autonomously manage their digital identity and record operational events, firmware updates, transfers of control, and secure messages to other devices or users, without the need for centralized servers or third-party services.

  15. Use of the ObjectID system, according to any of claims 1 to 8, for the notarization and certification of the history of unique works or collection items (artworks, musical instruments, design objects), wherein every change of ownership, physical movement, or relevant event is immutably recorded on the blockchain, ensuring transparency and prevention of counterfeiting.