This is a small demo application that searches for incoming transactions on a given IOTA address and authorizes a user to receive data on a MQTT broker, depending on the payload of the transaction.

1. Install docker and docker-compose for your OS from here.
2. Clone (git clone https://github.com/joWeiss/MQTT-IOTA-GATEWAY.git) or download this repo.
3. Open the folder in a terminal and start the services with docker-compose up.

The main parts for this demo are the demo.py application and the mosquitto broker. The redis container only serves as a backend for the authorization of clients connecting to the mosquitto broker.

To publish messages on the broker, a client has to connect with valid credentials, i.e. the credentials have to be stored in the ACL backend prior to a connection. It may be useful to define publishers as superusers in mosquitto.conf, e.g.:

# in mosquitto.conf
auth_opt_superusers raspi_1

For the purpose of this demo, the redis container is initialized with a superuser admin and the password mysupersecretpassword. See clients/publisher.sh for a dummy script that connects end sends the current date every second.

To enable the connection with a custom username/password combination, the user has to send a 0-value transaction to the provided IOTA wallet with the following message format:

• "username": The username to connect to the broker
• "password": A PBKDF2 hash of the password the user wants to use to connect. This password can be generated with the file hashing_passwords.py (See file for usage).

{"username": "jonas", "password": "PBKDF2$sha256$901$NWq3cjVMjsrHT+VX$bwGz77L8DoHNAu4rUrAZRYFMGimifkLQ"}

To subscribe to topics on the broker, the user has to send a valid payment to the provided IOTA wallet address prior to any connection attempt. The transaction value has to be a multiple of VALUE_PER_TEN_SECONDS and has to carry a message in JSON format like this:

{"username": "jonas", "topic": "mytopic"}

This allows the user to connect to the broker, e.g.:

• with the applications from the mosquitto-clients package:

#!/bin/bash
$ mosquitto_sub --username jonas --password mysupersecretpassword --topic mytopic --host localhost --port 1883

• with a python implementation:

# see official documentation for paho-mqtt on pypi or github
# for a proper example
from paho.mqtt.client import Client

mqttclient = Client()
mqttclient.username_pw_set(username="jonas", password="mysupersecretpassword")
mqttclient.connect("localhost", port=1883)

The clients/subscriber.sh script is an example for a client that tries to connect to the broker of this demo.

You can configure the following settings:

• in docker-compose.yml:
  • IOTA_NODE: The iota node to connect to (Default: https://potato.iotasalad.org:14265)
  • REDIS_HOST: The redis-backend for the ACL (Default: redis)
  • VALUE_PER_TEN_SECONDS: The amount of IOTA (i) that enables 10 seconds of access (Default: 1)
• as an environment variable:
  • ADDRESS: The receiving IOTA address for payments (Required)

To allow unconfirmed transactions to be processed, add the flag --allow-unconfirmed to the command field in docker-compose.yml:

services:
  iota:
    ...
    command: ["--allow-unconfirmed", "$ADDRESS"]

The following table (from the github.com/jpmens/mosquitto-auth-plug page) shows the different kinds of backends that can be employed with this setup:

1. Topic wildcards (+/#) are not supported
2. Currently not implemented; back-end returns TRUE
3. Dependent on the database used by PSK

If you like the demo and you want to buy me a coffee/beer/drink/whatever, I'm thankful for all donations.

IOTA: QQAVKVQSIBFLQMWDZYMERZIMMT99Y9YSWRWZHLTCDMRWHPEDULQHPMZAMVSPRJJ9POIOJRZIUMVIECXC9AVVDWOWKD

BTC: bc1qsswmasrc3jlhr2z562jlqjyw4cvu8kpu2ju704

BTC (segwit): 393xkxrFuvC4h6o3Y6sPXbwuBdrTqBfxZw