Blockchain Validation of Rocket Certification

The Rocketry Forum

Help Support The Rocketry Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.

Off Grid Gecko

Well-Known Member
Joined
Mar 23, 2020
Messages
443
Reaction score
212
Location
Southern Missouri
Curious if this would pique anyone's interest, but after a year of building web3 applications I find myself shaking my head at a lot of things around me that could be lightning fast and secure by using blockchain solutions for simple problems.

So, I passed my L2, and I know it's a process, I wasn't planning on ordering 50lbs of L-motors or anything this month, but checking the site anyway. It's one of those things, like why parents have to stay up so late Christmas eve because they know the tikes aren't going to sleep worth a darn.

It would be stupid simple to setup an NAR or Tripoli blockchain protocol that keeps track of cert information for members. Each member could be Identified on the protocol by their TRA or NAR #. Vendors could simply type in their cert # to verify, even give them secure access to an encrypted name or other identifying information so they could verify a certified user.

Advantage? Say you are at the flying field to get your L3, Your two TAPs are there. They witness the flight, check out the rocket, blablabla. But then instead of signing the paper and you mail it in and they send in their stuff, they could pull out their phone with a crypto wallet installed, and each of them could sign off on your L3 attempt right there on the spot. Txn takes about 10s to clear (assuming cell service) and you can call up Chris' Supply before they close for the day to place an order for the next launch.

While this isn't as simple to design as an NFT per say, it's hardly something beyond a basic skill level in blockchain development, and hosting it on a public ledger means that anyone could verify the cert level for that particular member ID. This could even be checked at the range by the RSO when someone new shows up at the launch site.

Tossing this out there to drum up some discussion and see if there's interest in this. I would be more than happy to develop the blockchain program and even help with server access points and stuff like that.
 
Seems to me another question should be if venders/sellers would be ok with trusting blockchain tech to meet their legal requirements when they sell certain products to certain individuals.

Imagine if a seller got into legal trouble b/c they sold something to someone they shouldn't have:

The seller: "Your Honor, I thought they had their Level X certification...the blockchain said so."
The Judge: "The law says you have to do X, Y or Z to verify the buyer has the necessary qualifications and you did A. Therefore, you did not meet your legal obligations to verify the seller and I have no choice but to conclude you're liable."

The above may or may not happen. I'm assuming the law is explicit in how a seller must verify the buyer is eligible to purchase a certain product, but I could be wrong and maybe the law says a seller just has to make a good faith effort to verify the buyer? If this latter situation applies, maybe blockchain tech could work here as sellers won't be too nervous to try something to replace the current system that they already know works (even if it is clunky).
 
Seems to me another question should be if venders/sellers would be ok with trusting blockchain tech to meet their legal requirements when they sell certain products to certain individuals.

Imagine if a seller got into legal trouble b/c they sold something to someone they shouldn't have:

The seller: "Your Honor, I thought they had their Level X certification...the blockchain said so."
The Judge: "The law says you have to do X, Y or Z to verify the buyer has the necessary qualifications and you did A. Therefore, you did not meet your legal obligations to verify the seller and I have no choice but to conclude you're liable."

The above may or may not happen. I'm assuming the law is explicit in how a seller must verify the buyer is eligible to purchase a certain product, but I could be wrong and maybe the law says a seller just has to make a good faith effort to verify the buyer? If this latter situation applies, maybe blockchain tech could work here as sellers won't be too nervous to try something to replace the current system that they already know works (even if it is clunky).
It's an interesting idea, maybe some vendors might chime in. AFAIK they check whatever information you present them during the purchase order against a database with TRA or NAR. Since the certifying organization would have control of the blockchain app, it would be effectively no different from a hosted database except it's more secure and certifiably tamper-proof. There's a log of every single interaction so there would even be a papertrail of who certified which user.

I would be interested to see what they are actually required to do and what kind of papertrail is needed.

Edit: We use blockchain tech for Hospitals to secure HIPPA data, I'm sure there would be little double at far as "security" is concerned. The question is how long before other organizations adapt this technology for their own means. Most of my work the last 6 months has been building secure gates with military grade encryption to keep data away from invalid users.
 
Last edited:
Web of trust is a good fit for problems requiring federated solutions. Not sure these sorts of things make sense for centralized orgs w/ established reciprocity, no cell coverage, and maybe a few hundred transactions a week.
 
Last edited:
Web of trust is a good fit for problems requiring federated solutions. Not sure these shirts of things make sense for centralized orgs w/ established reciprocity, no cell coverage, and maybe a few hundred transactions a week.
That's the beauty of a public ledger with a code execution layer. The cost to entry is incredibly low and if you are savy with the code implementation small tasks like this are a perfect fit. The problem is that right now the only people using it for the most part are NFTs and crowd-funding, but it is capable of so much more, especially if you want fast data validation over a large network (Tripoli operates in several countries).

I wouldn't bring it up if I wasn't sure I could code a solution. Even if the certifier waited till they got home, you could validate instantly.

It basically works like this, the code one the blockchain keeps a ledger of membership #s and a cert is assigned to each of those. For a new member the central authority would create a new user 23555, and attach a cert level: 0.

Optionally, you could like a blockchain public key to it also, so a certifier (prefect or tap) would verify their wallet address with Tripoli and that wallet would be stored on the contract with their number.

vendors could have the same, a separate listing with their verified wallet address.

The bits for a cert flight could be simple or complex, just depends on the desired workflow, but only a certifier could change the setting for another member by adding +1 to their cert level for one and two, and have a special case where two TAPs need to to certify for 3 before it's assigned. This is fairly simple to code.

You could also have a timestamp associated with the account, and whenever a membership fee is paid someone at TRA updates said timestamp. If the timestamp exceeds a certain threshold then the certification can be revoked. Or this could be checked on a monthly, weekly, daily basis (however you wanted).

There's lots more that can be done. The wallet address on file for the user becomes their passport. Only wallets assigned to TAPs can cert a lvl 3 for example

Venders can use their wallet for a quick check of cert level, and an DB of whatever validating info they need can also be locked with elliptic curve encryption which checks that same wallets. Wallets can be a browser plugin, a phone app, or just about anything these days.

I understand that a lot of this isn't well known, even to my customers that hire me to do this kind of stuff. So if there are questions about different pieces of it I'm more than happy to explain how it all works. Possibly even provide some examples if I have them handy.

The only real downside are small transaction fees for making changes to contract info (signing up a new user or certifying a flight), but on a blockchain such as Polygon these might be a penny or two per transaction. Far less than membership dues for the person being certified.
 
This is way over my head but it sure sounds cool for you to be able to do it.
Is definitely easier to explain in person, though I wouldn't recommend looking into the mathematics of elliptic curve encryption unless you want to fry your noodle. Prime numbers have some rather odd features that work well for crypto until quantum computers reach 256bits, then we might need to find something else, haha.
 
I signed a level 3 at Balls and was on the TRA data base in 7 minutes
That has not been my experience with certs, but that's awesome to hear that things can go through that fast. I thought the certification form had to be sent in via snail mail. Maybe it was a misunderstanding on my part and there already is a faster way, just not everyone uses it?
 
That has not been my experience with certs, but that's awesome to hear that things can go through that fast. I thought the certification form had to be sent in via snail mail. Maybe it was a misunderstanding on my part and there already is a faster way, just not everyone uses it?
Snail mail is so last year....just scan and send, the org sends a verification email to the certifier (TAP, Prefect, NAR Advisor, etc), they confirm it...and done. Easy peasy
 
Snail mail is so last year....just scan and send, the org sends a verification email to the certifier (TAP, Prefect, NAR Advisor, etc), they confirm it...and done. Easy peasy
more like so 1995, lol, but whatevs. Me and my dev buddies are exploring new ground in that arena too, as well as social networks and everything else we can dream up. Kinda like exploring what you could do with a website back in 1993.
 
Blockchain is most valuable for data that gets updated fairly often, and requires a high degree of security. Patient data and cryptocurrencies meet that criteria. In the case of the NAR/TRA cert registrations, it really doesn't meet that test... it gets created once, and it might be updated twice, ever, if somebody get to L3.
 
Remind me to get an updated form when I decide to attempt my L3, mine must be out of date. No email at the bottom, lol.
You should always download the most recent form. The form might reflect changes in procedure, such as submitting the form. The form is available online on the certification pages.
Both NAR and Tripoli provide vendors with the means to look up members’ certifications.
During the week, Tripoli certs appear within a day or two, usually; sometimes sooner, as Mark’s post showed. Deb handles them asap, but not 24/7 😁.
 
Last edited:
"If it ain't broke, blockchain won't fix it."

Yeah, I'm a dinosaur. My L1 cert was mailed in (OK, I mailed a check, too). L2 was an emailed picture of my cert form. TRA got both entered into the database fairly quickly. Having a completed form in hand, I could buy what ever motor I was allowed at that level.

Most of the sites around here are out of cell range (OK, it could just be *my* phone), so no internet at sites.

Now get offa my lawn!
 
some launch sites are off grid. and we like it that way.

NAR already has a web based flyer lookup.

https://www.nar.org/nar-hpr-certified-member-search-by-last-name/

between that and our yearly membership cards, I don't really see the need for anything more. indeed, more complex systems are more likely to break at the wrong moment.
 
some launch sites are off grid. and we like it that way.

NAR already has a web based flyer lookup.

https://www.nar.org/nar-hpr-certified-member-search-by-last-name/

between that and our yearly membership cards, I don't really see the need for anything more. indeed, more complex systems are more likely to break at the wrong moment.
Indeed, that's why I do what I do. I take unneccessary complexity and reduce it to a transparent system that works seemlessly and openly in many cases. In this case my own observations about the process were wrong from the narrow scope of one set of eyes, and I saw something that was needlessly overcomplicated for what it was that could be simplified. My brain automatically latches on to inefficiencies that I see in the world now and if I can make them faster, more secure, etc then I'll eventually pipe up and float the idea.
In this case I just need to do as Steve suggested and download a new form before I prep for a cert flight. :)
 
Indeed, that's why I do what I do. I take unneccessary complexity and reduce it to a transparent system that works seemlessly and openly in many cases. In this case my own observations about the process were wrong from the narrow scope of one set of eyes, and I saw something that was needlessly overcomplicated for what it was that could be simplified. My brain automatically latches on to inefficiencies that I see in the world now and if I can make them faster, more secure, etc then I'll eventually pipe up and float the idea.
In this case I just need to do as Steve suggested and download a new form before I prep for a cert flight. :)
For Tripoli most cert forms are simply scanned or more likely photographed with a cellphone camera and emailed. There’s a limited number of people who can sign a certification in Tripoli and at least so far security hasn’t seemed to be a problem (not that we’re complacent; we always ask what can go wrong).
 
For Tripoli most cert forms are simply scanned or more likely photographed with a cellphone camera and emailed. There’s a limited number of people who can sign a certification in Tripoli and at least so far security hasn’t seemed to be a problem (not that we’re complacent; we always ask what can go wrong).
Agreed. There's trust already built into the system so what I had dreamed up in my head last night would scale perfectly. Everyone knows who the TAPs are and it would be simple to reach out and get a public key for their wallet from them. Setting up a wallet is simple. And the whole design could be streamlined and catered to perform this simple task and the website adapted easily to simply read the cert level from the blockchain for any member and display it on their card.

My main bullet point was speed, but it sounds like I just would have been better off printing a new form instead of what came in my kit when I got my membership. Like I said, I'm always on the lookout for things I can make better. I've written code that pretty well does away with the need for 2-factor authentication on websites (which I find annoying as hell), access gates for physical locations using verification sent from the phone of authorized persons, etc.

While my collegues are sometimes too busy playing NFT, I'm always on the lookout for ways that blockchain can actually improve bits of everyday life for normal people that aren't into trading crypto and perpetually studying and learning. If I see a hole I can fill, even if I don't have the whole story and I'm wrong, I'm likely to mention it.
 
If you use blockchain to validate HIPPA data, what do you use for the real HIPAA data? ;)
Hospitals use proprietary internal blockchains to handle data storage. That's not my dept but I know a dev team in India that has been working on medical blockchains for years and worked with them on a web3 project. Let's just say there are some differences in the formulation, theory, and design, but from what I understand the patient data is encrypted and stored on the blockchain and made available to those with the right "key" to decrypt it.
 
Sorry, I work in IT for a medical device/pharma company and was just poking fun at HIPPA vs HIPAA. I go through mandatory HIPAA training every 12 months. Nearly everyone uses HIPPA which doesn't exist. HIPAA is the correct acronym for the law.

https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act
To be on-topic, my personal feeling is that a web3 type solution for submitting cert paperwork is a solution in search of a problem. email or SMS to HQ for a database update within minutes is beyond what 99% of membership needs.
 
Sorry, I work in IT for a medical device/pharma company and was just poking fun at HIPPA vs HIPAA. I go through mandatory HIPAA training every 12 months. Nearly everyone uses HIPPA which doesn't exist. HIPAA is the correct acronym for the law.

https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act
To be on-topic, my personal feeling is that a web3 type solution for submitting cert paperwork is a solution in search of a problem. email or SMS to HQ for a database update within minutes is beyond what 99% of membership needs.
In light of the responses on this post (thanks everyone by the way) I'm inclined to agree. There are some little boosts that are possible but not necessary with swapping to web3 but negligible unless our user base doubles or tripples or we want to build investment capital into the system in "web3" kind of way.
Thanks for the correction, I worked at a hospital for a couple months years ago when it was being introduced and signed the papers at the doctors office but it's not a top of mind acronym for me.

My misunderstanding about the new processes in place prompted this thread.
 
There is an email at bottom of form to send.
I have a number to text
Yep; take picture of cert form, open email, select TRA cert email address, attach photo of signed cert paperwork, and send email---done.

Mark, where did you find the number to text?
 
Last edited:
Mark is a personal friend, and because of that, just so happens to have my cell phone number.

There is no official Tripoli cell phone, there is no official way to text questions or other information to Tripoli.

Deb's and my cell numbers are not to be shared by the very few Tripoli members who have them.

-Kevin
 
Mark is a personal friend, and because of that, just so happens to have my cell phone number.

There is no official Tripoli cell phone, there is no official way to text questions or other information to Tripoli.

Deb's and my cell numbers are not to be shared by the very few Tripoli members who have them.

-Kevin
Too late, I had them added to the universal certification form.
 
Back
Top