← Back to Main Documentation

Core Systems Index

Plings Identifier System Overview

This document provides a comprehensive overview of the Plings identifier system, explaining the design decisions, use cases, and real-world applications. For technical implementation details, see plings_identifier.md.

Table of Contents

1. Why Plings Identifiers?
2. Physical Identifier Types
3. Design Decisions Explained
4. Use Cases by Actor
5. Real-World Scenarios
6. Implementation Strategy

Why Plings Identifiers?

The Problem

In today’s world, physical objects lack a universal identification system that:

• Works offline without internet connectivity
• Prevents counterfeiting through cryptographic verification
• Scales from personal items to mass manufacturing
• Provides ownership proof and object history
• Enables lost & found functionality globally

The Solution

Plings identifiers solve these problems through:

1. Direct Object Commerce: Objects can receive payments and transfer ownership instantly
2. Cryptographic Security: Every identifier is mathematically verifiable
3. Hierarchical Organization: From manufacturers to individual items
4. Offline Verification: No internet required to verify authenticity
5. Universal Compatibility: Works with QR codes, NFC tags, and future technologies
6. Minimal Data Storage: Only identifiers that use Plings services are stored in the database

Revolutionary Breakthrough: Objects That Sell Themselves

The Plings Innovation: Transform every physical object into an autonomous commerce endpoint

Traditional Shopping:

Find Product → Go to Checkout → Wait in Line → Pay Cashier → Get Receipt

Plings Shopping:

Scan Object → Pay Object → Own Object (instant blockchain ownership)

This fundamental shift from passive identification (GS1/barcodes) to active commerce (Plings) eliminates:

• Checkout counters and POS systems
• Payment terminals and card readers
• Cashiers and checkout staff
• Waiting lines and transaction delays
• Paper receipts and manual processes

Core Architecture Principle: Minimal Data Storage

The Revolutionary Approach

Traditional Systems: Every product identifier must be registered in a central database before use

• Coca-Cola would need to store 2 billion identifiers per day in databases
• Massive storage costs and infrastructure requirements
• Real-time connectivity required during manufacturing
• Database becomes a single point of failure

Plings System: Identifiers are cryptographically generated without database storage

• Coca-Cola generates 2 billion identifiers per day without storing them
• Only identifiers that actually get scanned and use Plings services enter the database
• 99.9% of manufactured identifiers exist only on physical products
• Database contains only meaningful interactions, not bulk manufacturing data

Data Storage Strategy

What Gets Stored ✅

Database Entry Created When:
- Consumer scans can and claims ownership
- Object gets reported lost/stolen
- Manufacturer registers for warranty service
- Retailer integrates for inventory management
- Supply chain partner tracks shipment

What Doesn’t Get Stored ❌

No Database Entry For:
- Manufacturing production runs
- Cans sitting on store shelves unscanned
- Products in warehouses awaiting distribution
- Bulk production batches
- Identifiers never used for any Plings service

Real-World Impact: Coca-Cola Example

Manufacturing Scale: 2 billion cans per day globally

• Generated Identifiers: 2,000,000,000 per day
• Database Entries: ~200,000 per day (0.01% that get scanned)
• Storage Reduction: 99.99% less data storage required

Cost Implications:

• Traditional system: Store 730 billion records per year
• Plings system: Store ~73 million records per year (only active usage)
• 10,000x reduction in database storage requirements

Cryptographic Generation Process

Manufacturing Line Process:
1. Production line generates cryptographic identifier
2. QR code printed on can with identifier
3. Can leaves factory - NO DATABASE ENTRY CREATED
4. Can sits on shelf - NO DATABASE INTERACTION
5. Consumer scans can - DATABASE ENTRY CREATED (first interaction)
6. Consumer claims ownership - FULL OBJECT RECORD CREATED

Business Benefits

For Manufacturers

• No Database Dependency: Generate identifiers without internet connectivity
• Minimal Infrastructure: No need for massive production databases
• Cost Efficiency: Pay only for identifiers that provide actual value
• Scalability: System handles any production volume without database bottlenecks

For Plings Platform

• Sustainable Growth: Database grows with actual usage, not production volume
• Performance: Only meaningful data stored and queried
• Cost Control: Storage and processing costs scale with value, not volume
• Focus on Value: Resources dedicated to user interactions, not bulk storage

For Consumers

• Privacy: Only scanned items tracked, not entire production runs
• Performance: Fast queries on relevant data only
• Selective Participation: Choose which objects to bring into the system

System Scale: How Many Objects Can Plings Identify?

Simple Answer: More Objects Than Exist on Earth

The Numbers:

• 2.1 billion manufacturers maximum (2,147,483,647)
• Unlimited categories per level
• Unlimited product classes per manufacturer
• Unlimited batches per product class
• 4.3 billion instances per batch

Real-World Scale Examples

Global Manufacturing Reality:

Coca-Cola: 2 billion servings per day
→ Plings capacity: 4.3 billion cans per batch per plant
→ Result: Single batch number lasts 6+ years at maximum production

Apple: ~250 million iPhones per year
→ Plings capacity: 4.3 billion phones per model per batch
→ Result: Single batch lasts 17,000+ years at current volume

Amazon: 5 billion packages per year
→ Plings capacity: 4.3 billion packages per category per batch
→ Result: Virtually unlimited even at massive scale

Conservative Calculation:

Realistic Scenario:
- 1000 major manufacturers globally
- 1000 product categories each
- 1000 product classes each  
- 1000 batches per class
- 1000 items per batch

Total Capacity: 1000^5 = 1,000,000,000,000,000 objects
Result: 1 quadrillion unique objects identifiable

Why This Matters:

• No Artificial Limits: Only constrained by BIP32 mathematics, not arbitrary business rules
• Future-Proof: System scales beyond any conceivable manufacturing needs
• Per-Level Scale: Each path component can handle billions of variations
• Nested Multiplication: Total capacity is multiplicative across all levels

Technical Foundation: BIP32 HD Wallet Limits

The scale comes from the BIP32 Hierarchical Deterministic wallet specification:

Component	Technical Limit	Practical Meaning
Manufacturers	2.1 billion	Every company on Earth + 1000x growth
Categories	Unlimited per level	Unlimited product hierarchy depth
Product Classes	Unlimited	Every possible SKU variation
Batches	Unlimited	Production runs for millennia
Instances	4.3 billion per batch	Massive batch sizes supported

Bottom Line: Plings can identify more objects than will ever be manufactured in human history.

Core Value Proposition

Manufacturing Independence:

• Coca-Cola can generate 100 identifiers per second on production lines without internet
• No database connectivity required during manufacturing
• Cryptographic uniqueness guaranteed without central coordination
• Production continues during network outages - no single point of failure

Operational Resilience:

• True manufacturing independence from external systems
• Global production without infrastructure dependencies
• Offline generation enables production in remote facilities
• Zero downtime from database or network issues

Competitive Advantage

Plings vs Traditional Systems: | Aspect | Traditional ID Systems | Plings System | |——–|———————-|—————| | Database Dependency | Every ID must be pre-registered | Generate without database | | Storage Requirements | All manufactured products | Only used identifiers | | Manufacturing Setup | Real-time database connectivity | Independent generation | | Cost Structure | Pay for all production | Pay for actual usage | | Scalability | Database bottlenecks at scale | Unlimited cryptographic generation | | Network Outages | Production stops | Production continues | | Remote Facilities | Requires infrastructure | Works anywhere | | Batch Generation | Sequential database requests | Parallel cryptographic generation |

Design Decisions Explained

1. Why HD Wallet Infrastructure Instead of PKI?

The Question: Why use Hierarchical Deterministic (HD) wallet infrastructure instead of traditional Public Key Infrastructure (PKI)?

The Critical Answer: HD wallets enable direct financial transactions to objects - the most revolutionary capability of Plings.

The Financial Transaction Breakthrough

Traditional PKI Systems: Objects can only be identified and verified HD Wallet Systems: Objects become autonomous economic endpoints that can:

• Receive payments directly via Solana blockchain addresses
• Transfer ownership instantly through NFT smart contracts
• Execute financial transactions without traditional payment infrastructure
• Participate in DeFi as first-class blockchain citizens

How HD Paths Become Solana Addresses

HD Path: "2.G.2.2.2.9j" (Rolex Submariner instance)
Class Pointer: "3K7mX9abDcE" (8-byte/64-bit cryptographic identifier)
HD Derivation: m/44'/501'/1/15/1/1/1/158 (Solana standard)
Result: Ed25519 keypair → Direct Solana address
Capability: Object can receive payments, transfer ownership, execute contracts

Every instanceKey is a native Solana address that enables:

• Vending machines without payment terminals (scan object → pay object)
• Luxury goods with instant authenticity + purchase (scan Rolex → buy Rolex)
• Service marketplaces (scan bike → rent/repair/insure directly)
• Autonomous object commerce (objects sell themselves)

Program Derived Addresses (PDAs) - Security Solution

Problem: If manufacturers control private keys, they could steal payments Solution: Payments go to PDAs controlled by Plings smart contracts

// Payment goes to PDA (secure), not raw HD address (manufacturer controlled)
let payment_address = Pubkey::find_program_address(&[
    b"object_payment",
    "2.G.2.2.2.9j".as_bytes(),     // HD path as seed
    "3K7mX9abDcE".as_bytes(),      // Class pointer as seed
    solana_address.as_bytes()       // Instance address as seed
], &plings_program_id);

Why This Changes Everything

Infrastructure Elimination: No POS systems, card readers, or cashiers needed Universal Compatibility: Works with any Solana wallet globally
Instant Transactions: 400ms payment speed with $0.00025 fees Global Scale: Same system for $1 candy bars and $50M corporate jets

This is why Plings could replace Visa/Mastercard entirely - every physical object becomes a point-of-sale terminal.

Verification Trust Model: Who Can Verify What

Critical Understanding: Hardened Keys Require Private Access

The Fundamental Security Question: Who can cryptographically verify that an object instance is genuinely from a specific manufacturer?

The Answer: Only Plings or the manufacturer itself - external clients cannot independently verify authenticity.

Why External Clients Cannot Verify Independently

All HD derivation levels are hardened (' suffix):

m/44'/501'/1'/3'/1255'/2'/5847'/90000'
└────────────────────────────────────┘
    ALL HARDENED - requires private keys

Hardened Derivation Requirement: To derive child keys from any hardened path, you need the private key at that level. External clients don’t have:

• Plings master private key
• Manufacturer private keys
• Plant private keys
• Batch private keys

Verification Authority Hierarchy

Only Two Parties Can Cryptographically Verify:

1. Plings (Master Authority):
   • Has the master key at m/44'/501'/1'
   • Can derive and verify everything in the ecosystem
   • Provides verification-as-a-service to external clients
2. Manufacturer (Brand Authority):
   • Has their manufacturer-level private key (e.g., Coca-Cola has m/44'/501'/1'/3')
   • Can verify their own products only
   • May provide brand-specific verification APIs

External Clients CANNOT Verify:

• No access to private keys needed for hardened derivation
• Must rely on attestation from authorized verifiers
• Cannot independently confirm manufacturer authenticity
• Trust Plings and/or manufacturers as verification authorities

How Client Verification Actually Works

What clients do in practice:

// Client verification flow - relies on trusted authorities
async function verifyManufacturer(path, instanceKey) {
    // Option 1: Ask Plings to verify (most common)
    const plingsVerification = await fetch('/api/plings/verify', {
        method: 'POST',
        body: JSON.stringify({ path, instanceKey })
    });
    
    // Option 2: Ask manufacturer directly (if they provide API)
    const cocaColaVerification = await fetch('https://api.coca-cola.com/verify', {
        method: 'POST',
        body: JSON.stringify({ path, instanceKey })
    });
    
    // Client CANNOT verify the full cryptographic chain independently
    return plingsVerification.json();
}

Real-World Example: Coca-Cola Can Authentication

Scenario: Consumer wants to verify a Coca-Cola can is authentic

Path: 2.3j.4.5Q.3L8z (Coca-Cola → Atlanta → Batch 5847 → Can 90000) Class Pointer: 2rt5KqL9mXw (8-byte/64-bit cryptographic identifier)

Client Process:

1. Parse Path: Extracts manufacturer ID 3 → “Coca-Cola”
2. Verify Class Pointer Cryptographically: Can independently verify 2rt5KqL9mXw using Coca-Cola’s public key
3. Extract Path-to-Pointer: Uses 2.3j.4.5Q (everything before batch.instance)
4. Generate Expected Pointer: SHA256(coca_cola_pubkey + “:” + “2.3j.4.5Q”)[:8] → base58 encode
5. Compare Pointers: Expected vs provided 2rt5KqL9mXw → ✅ MATCH = Authentic class
6. Optional Full Verification: For complete HD chain, query Plings API if needed
7. Result: “✅ Cryptographically verified Coca-Cola product, class authenticated offline”

Dual-Layer Authentication: Class Pointer + HD Verification

Layer 1: Class Pointer Authentication (Offline)

• Product Class Verification: Cryptographically prove manufacturer authorized this product class
• Zero Dependencies: Works without internet using only manufacturer public keys
• POS System Friendly: Instant verification at point of sale
• Anti-Counterfeiting: Impossible to forge without manufacturer’s private key

Layer 2: Full HD Chain Verification (API-Based)

• Instance Authenticity: Verify specific item derivation using complete HD path
• Plings Authority: Master key access enables full cryptographic validation
• Complete Assurance: Both class and instance verified end-to-end
• Business Integration: Detailed audit trails and verification services

Why Both Layers Matter:

• Offline Capability: Class pointer enables instant anti-counterfeiting checks
• Complete Verification: HD chain provides full instance-level authenticity
• Flexible Implementation: Apps can choose verification depth based on use case
• Network Resilience: Core verification works even when APIs are unavailable

Enhanced Trust Network Architecture

Plings (Master Authority)
├── Verifies: Complete HD chains + class pointers
├── Authority: Master key access + manufacturer public keys
├── Services: Full verification API + public key distribution
└── Trust: Ecosystem coordinator + crypto verification

Manufacturers (Brand Authorities)  
├── Verifies: Own products via class pointer + optional HD chains
├── Authority: Ed25519 keypairs for class pointer generation
├── Services: Class pointer generation + optional verification APIs
└── Trust: Brand authenticity + cryptographic proof

External Clients (Enhanced Capabilities)
├── Verifies: Class pointers independently (offline)
├── Authority: Manufacturer public keys (distributed)
├── Services: Offline anti-counterfeiting + verification consumers
└── Trust: Cryptographic math + Plings/manufacturers for HD chains

POS Systems (New Capability)
├── Verifies: Class pointers for instant product authentication
├── Authority: Pre-loaded manufacturer public keys
├── Services: Offline pricing + fraud detection
└── Trust: Mathematical proof + cached verification results

Implementation Implications

For App Developers:

• Class Pointer Verification: Implement offline verification using manufacturer public keys
• Fallback Strategy: Use Plings API for complete HD chain verification when needed
• Performance Optimization: Cache manufacturer public keys and verification results
• Offline Capability: Design UX to work with class pointer verification when APIs unavailable
• Verification Levels: Offer users choice between fast offline vs complete online verification

For Manufacturers:

• Key Management: Securely generate and store Ed25519 keypairs for class pointer creation
• Public Key Distribution: Coordinate with Plings for public key distribution to POS systems
• Class Pointer Strategy: Design path structures that create meaningful class pointers
• Optional APIs: Decide whether to provide own verification APIs beyond class pointers
• Migration Planning: Transition from legacy dash-marker system to class pointer architecture

For POS System Operators:

• Public Key Updates: Regularly sync manufacturer public keys from Plings network
• Offline Verification: Implement class pointer verification for instant anti-counterfeiting
• Product Pricing: Link class pointers to internal SKU/pricing systems
• Fraud Detection: Flag products with invalid class pointers for manual review
• Fallback Procedures: Handle unknown class pointers gracefully with API lookup

For End Users:

• Verification Indicators: Look for “cryptographically verified” vs “API verified” badges
• Offline Confidence: Understand that class pointer verification works without internet
• Verification Depth: Know the difference between class authentication vs full instance verification
• Trust Signals: Learn to recognize legitimate verification vs fake claims

Frequently Asked Questions

Q: Can I verify products without internet access? A: Yes! Class pointer verification works completely offline using manufacturer public keys. You can cryptographically verify that a manufacturer authorized a specific product class without any network connection.

Q: What’s the difference between class pointer and full HD verification? A: Class pointer verification proves the product class is authentic (e.g., “genuine IKEA BILLY bookcase”). Full HD verification additionally proves the specific instance derivation chain. Most use cases only need class verification.

Q: What if Plings is down? A: Class pointer verification continues working offline. Manufacturers may also provide backup verification APIs. Basic product information can be extracted from paths even without verification.

Q: How do I know the verification is trustworthy? A: Class pointer verification uses mathematical proof (SHA-256 + Ed25519), so you can verify the cryptography yourself. Full HD verification relies on Plings and manufacturers staking their reputation on accuracy.

Q: Could this be fully decentralized? A: Class pointers ARE decentralized - anyone can verify them with public keys. Full HD verification requires private keys that manufacturers must control to prevent unauthorized product creation. This hybrid approach balances decentralization with manufacturer control.

Q: Do I need to trust Plings for basic verification? A: No! Class pointer verification requires only manufacturer public keys and cryptographic math - no trust in Plings required. You only need to trust Plings for advanced features like complete HD chain verification.

Physical Identifier Types

Plings identifiers can be embedded in various physical mediums, each optimized for specific use cases, environments, and requirements. The choice of identifier type depends on factors such as object size, durability needs, scanning convenience, and cost constraints.

QR Codes - Primary Implementation

Overview: QR codes are the primary identifier type for Plings due to their universal smartphone compatibility and optimal data density for URL storage.

Technical Specifications

Data Capacity: Up to 4,296 alphanumeric characters
Plings URL Size: ~65 characters (optimal for small QR codes)
Minimum QR Size: 21x21 modules (smallest QR code)
Error Correction: Level L (7% recovery) to Level H (30% recovery)
Print Resolution: 300 DPI minimum for reliable scanning

Size Optimization Strategy

Critical Requirement: QR codes must be as small as possible while maintaining scannability

URL Optimization Examples:
Original: https://plings.io/scan?identifier=<64-char-key>&path=2.2.2.2.2
Optimized: https://s.plings.io?t=q&p=2.2.2.2&cp=4K7mX9abDcE&i=<solana_address>

Note: New format includes cryptographic class pointer verification (+11 chars) but gains offline authentication
QR Impact: Allows smaller module size and better error correction

Object Size Guidelines

| Object Size | QR Dimensions | Module Size | Use Case Examples | |————-|—————|————-|——————-| | Large (>30cm) | 25mm x 25mm | 1.0mm | Appliances, furniture, vehicles | | Medium (10-30cm) | 15mm x 15mm | 0.6mm | Electronics, tools, books | | Small (3-10cm) | 10mm x 10mm | 0.4mm | Jewelry, watches, medications | | Tiny (<3cm) | 8mm x 8mm | 0.3mm | Components, tags, labels |

Durability Considerations

Indoor Use: Standard paper/vinyl stickers
Outdoor Use: UV-resistant materials, laminated protection
Industrial: Laser etching, anodized aluminum, ceramic printing
Extreme: Chemical-resistant, temperature-resistant materials

NFC Tags - Enhanced Proximity Detection

Overview: Near Field Communication (NFC) tags provide convenient tap-to-scan functionality and can store additional data beyond the Plings URL.

Technical Specifications

Frequency: 13.56 MHz (High Frequency)
Communication Range: 1-4cm (intentionally short for security)
Data Capacity: 96 bytes (NTAG213) to 924 bytes (NTAG216)
Standards: ISO 14443 Type A, NFC Data Exchange Format (NDEF)
Power: Passive (no battery required)
Lifespan: 10,000+ read/write cycles, 10+ years data retention

NFC Advantages Over QR Codes

| Feature | NFC | QR Code | |———|—–|———| | Convenience | Tap to scan | Camera alignment required | | Speed | Instant read | 1-2 second scan time | | Privacy | Close proximity required | Visible from distance | | Additional Data | Store 900+ bytes locally | URL only | | Durability | Hidden inside objects | Surface-visible | | Cost | $0.10-0.50 per tag | $0.01-0.05 per sticker |

Implementation Examples

Embedded NFC Use Cases:
- Jewelry: Inside watch case, ring band, pendant
- Electronics: Under battery cover, inside device housing
- Appliances: Behind removable panels, inside control units
- Vehicles: Dashboard compartments, glove boxes
- Clothing: Sewn into garment tags, button replacements

NFC Data Structure

{
  "primary_url": "https://s.plings.io?t=n&p=2.2.2.2.2&cp=4K7mX9abDcE&i=<solana_address>",
  "offline_data": {
    "manufacturer": "IKEA",
    "model": "LACK Table",
    "batch": "1.158",
    "verification_hash": "sha256_hash"
  },
  "backup_urls": [
    "https://backup1.plings.io/scan/...",
    "https://backup2.plings.io/scan/..."
  ]
}

RFID Tags - Long-Range and Inventory Management

Overview: Radio Frequency Identification (RFID) tags enable longer-range scanning and bulk inventory management capabilities.

Frequency Bands and Applications

| Band | Frequency | Range | Applications | |——|———–|——-|————–| | LF | 125-134 KHz | 10-30cm | Animal tracking, access control | | HF | 13.56 MHz | 30cm-1m | Payment cards, library books | | UHF | 860-960 MHz | 1-10m | Retail inventory, supply chain |

Technical Specifications by Type

Passive UHF RFID (Most Common for Plings):
Frequency: 902-928 MHz (US), 865-868 MHz (EU)
Read Range: 1-10 meters depending on antenna and power
Data Capacity: 96-512 bits (typically 96-bit EPC)
Power: Harvested from reader radio waves
Cost: $0.05-0.20 per tag in volume
Lifespan: 20+ years in normal conditions

RFID Integration Strategy

RFID in Plings System:
- EPC Code: Contains compressed Plings path
- User Memory: Stores full URL and verification data
- TID: Unique tag identifier for anti-cloning
- Reserved: Access passwords and kill passwords

Example EPC Structure:
96-bit EPC = 8-bit header + 28-bit company + 24-bit item + 36-bit serial
Maps to: Manufacturer.Category.Class.Batch.Instance

Advantages for Specific Use Cases

Bulk Inventory Scanning:
- Read 100+ tags simultaneously
- No line-of-sight required
- Works through packaging materials
- Automated conveyor belt sorting

Asset Tracking:
- Long-range location updates
- Automated check-in/check-out
- Real-time position monitoring
- Integration with existing RFID infrastructure

Shortcodes - Human-Readable Backup

Overview: 4-character alphanumeric codes provide manual entry option when scanning technologies fail or are unavailable.

Format Specification

Character Set: Base58 (A-Z, a-z, 1-9, excluding easily confused: 0, O, I, l)
Total Characters: 58 (26 uppercase + 26 lowercase + 6 numbers)
Code Length: 4 characters
Total Combinations: 58^4 = 11,316,496 unique codes
Source: First 4 characters of Base58-encoded Solana address
Mixed Case: Provides superior visual pattern recognition for humans

Generation Algorithm

def generate_shortcode(instance_key: str) -> str:
    """
    Generate 4-character shortcode from Solana address (instance key)
    
    Benefits:
    - Direct relationship to full identifier
    - Optimal collision resistance (58^4 = 11.3M combinations)
    - Mixed case enhances visual pattern recognition
    - Simple O(1) extraction, no complex hashing
    - Inherits cryptographic randomness from HD wallet derivation
    """
    # Extract first 4 characters from Base58-encoded Solana address
    # Mixed case provides visual variety for faster human recognition
    return instance_key[:4]

Human Readability Advantages

Why Mixed Case is Superior for Visual Recognition:

1. Pattern Recognition: Mixed case creates distinctive visual “shapes” that the human eye processes faster
   • 3EWv vs 3EWV - mixed case provides more visual variety
   • Similar to how we read words by overall shape, not individual letters
2. Error Detection: Case variation provides additional verification cues
   • P4q2 is visually distinct and easier to verify than P4Q2
   • Transcription errors are more easily caught with mixed case
3. Natural Reading: Aligns with normal text patterns humans are trained to recognize
   • Eyes are optimized for mixed case from reading text
   • Capital-only text requires more cognitive effort to process

Examples:

Base58 Mixed Case: 3EWv, 53Gn, 77pu, 6VBc, 9UMm
Base32 Uppercase:  3EWV, 53GN, 77PU, 6VBC, 9UMM

The mixed case versions are significantly easier to:
- Read aloud accurately
- Distinguish visually 
- Remember temporarily
- Verify for correctness

Use Case Examples

Phone Support:
Customer: "I'm looking at my drill but can't scan the code"
Support: "Can you read me the 4-character code below the QR?"
Customer: "3EWv" (note the mixed case)
Support: "Found it - DEWALT 20V Drill, purchased March 2024"

Manual Entry Scenarios:
- Damaged QR codes or NFC tags
- Poor lighting conditions
- Camera/NFC not working on device
- Verbal communication over phone
- Text-based systems and databases

Multi-Identifier Strategies

Overview: High-value or security-critical objects can combine multiple identifier types for enhanced protection and redundancy.

Anti-Counterfeiting Approach

Luxury Watch Implementation:
Primary: Laser-etched micro-QR on case back
Secondary: NFC chip embedded in crown mechanism  
Tertiary: RFID tag inside dial (hidden from casual view)
Backup: Shortcode engraved on movement
Verification: All identifiers must resolve to same object

Redundancy Benefits

| Scenario | Primary Fails | Secondary Active | Result | |———-|—————|——————|———| | QR Damaged | Laser etching worn | NFC still functional | Seamless authentication | | NFC Dead | Chip malfunction | QR code readable | Continued operation | | No Smartphone | Cannot scan QR/NFC | Manual shortcode entry | Human backup process | | Bulk Scanning | QR too slow | RFID batch read | Inventory efficiency |

Public vs Hidden Identifiers

Overview: Plings supports both publicly visible identifiers and hidden/protected identifiers for different security and access scenarios.

Public Identifiers

Characteristics:
- Visible on object surface
- Scannable by anyone
- Provide basic object information
- Enable lost & found functionality
- Support ownership claims

Use Cases:
- Consumer products
- Personal belongings
- Retail inventory
- Public art installations

Hidden Identifiers

Characteristics:
- Concealed inside objects
- Require disassembly or special tools to access
- Provide administrative functions
- Enable ownership transfer
- Support warranty claims

Implementation Examples:
- Under battery covers
- Inside protective cases
- Behind removable panels
- Embedded in object structure
- Special UV-visible inks

One-Time-Use (OTP) Identifiers

Security Model:
- Generate single-use authentication codes
- Expire after first scan or time limit
- Prevent replay attacks
- Enable secure ownership transfer

Applications:
- High-value asset transfers
- Warranty activation
- Administrative access
- Security-critical operations

Identifier Selection Matrix

Choose the optimal identifier type based on object characteristics and use requirements:

Object Type	Primary	Secondary	Reason
Consumer Electronics	QR Code	NFC	Universal scanning + convenience
Jewelry/Watches	Micro-QR	NFC	Size constraints + premium feel
Industrial Equipment	QR Code	RFID	Durability + bulk inventory
Retail Inventory	QR Code	RFID	Cost efficiency + automation
Personal Items	QR Sticker	Shortcode	Simplicity + backup
High-Value Assets	Multiple	All types	Security + redundancy
Vehicles	QR Code	NFC + RFID	Multiple access points
Pharmaceuticals	Micro-QR	NFC	Regulation compliance + security

Implementation Guidelines

Cost Optimization

Volume Pricing (per 10,000 units):
QR Stickers: $0.01-0.05 (vinyl/paper)
NFC Tags: $0.10-0.50 (depending on memory)
RFID Tags: $0.05-0.20 (passive UHF)
Shortcode: $0.00 (printed with existing labels)

ROI Calculation:
Higher-cost identifiers justified by:
- Convenience improvement
- Security requirements  
- Operational efficiency gains
- Brand differentiation value

Environmental Considerations

Indoor Applications:
- Standard materials sufficient
- Focus on cost optimization
- Aesthetic integration important

Outdoor/Industrial:
- UV-resistant materials required
- Temperature cycling resistance
- Chemical/solvent resistance
- Impact and abrasion protection

Extreme Environments:
- Aerospace: Radiation resistance
- Marine: Salt water corrosion protection
- Automotive: Heat cycling, vibration
- Medical: Sterilization compatibility

For detailed technical implementation of each identifier type, see Plings Identifier Technical Specification.

2. Why Full Paths Are Essential

The Question: Why do we need paths like “1.2.1.2.1.3” instead of just a unique identifier?

The Answer: Full paths enable critical functionality:

Offline Manufacturer Verification

Path: 2.3.2.2.3
Class Pointer: 4K7mX9abDcE (8-byte/64-bit cryptographic identifier)
Breakdown:
- 3: IKEA (manufacturer, base58 encoded from 2)
- 2: Furniture division
- 2: LACK table model (class identifier)
- 2: Batch
- 3: Instance #3

Why it matters: Anyone can verify this is genuinely from IKEA without internet

Supply Chain Integrity

• Problem: Counterfeit products claiming to be from major brands
• Solution: Path + class pointer cryptographically proves manufacturer origin
• Example: A “2.3.x.x.x” path + class pointer can ONLY be generated by IKEA’s private key

Organizational Hierarchy

• Manufacturing: IKEA → Furniture → Tables → Model → Instance
• Retail: Store → Department → Shelf → Product
• Personal: Home → Room → Container → Item

Audit and Compliance

• Batch Tracking: Path “2.1.2.1000-2000” identifies production batch
• Recall Management: Quickly identify affected items by path prefix
• Quality Control: Track issues to specific production lines

2. When Are Class Keys Important?

Class Keys (AnchorKeys) are crucial in these scenarios:

High-Value Items

Scenario: Luxury watch authentication
- Class Key: Proves it's a genuine Rolex Submariner
- Path: Identifies specific production batch
- Instance Key: Unique to this exact watch
Result: Complete authentication chain

Safety-Critical Products

Scenario: Medical device verification
- Class Key: Confirms device model and specifications
- Path: Traces to certified manufacturing facility
- Instance Key: Links to specific device history
Result: Patient safety through verification

Warranty and Service

Scenario: Appliance warranty claim
- Class Key: Identifies product model and features
- Path: Confirms manufacturing date and location
- Instance Key: Links to purchase and service history
Result: Automated warranty validation

When Class Keys Are NOT Needed:

• Personal Items: Your labeled storage boxes
• Generic Tags: “Property of” stickers
• Temporary Labels: Event badges, parking permits

3. URL Format Rationale

Why URLs instead of just cryptographic strings?

Universal Accessibility

• Anyone can scan with any smartphone
• No app required for basic functionality
• Instant redirection to web interface
• Familiar user experience

Progressive Enhancement

1. No App: Basic web page with object info
2. With App: Full functionality and offline features
3. Manufacturer App: Custom brand experience

Lost & Found Economics

• Problem: Billions in lost items annually
• Solution: Every scan can reconnect owner with item
• Incentive: Finder rewards, shipping integration

Use Cases by Actor

End Consumers

Personal Organization

Emma's Garage Organization:
- Scans generic Plings tag on storage box
- Associates with "Christmas Decorations"
- Sets location: "Garage, Left Wall, Top Shelf"
- Next year: Scan any decoration to find the box

Product Authentication

Online Marketplace Purchase:
- Buyer scans QR code on designer bag
- Plings verifies: Genuine Louis Vuitton
- Shows: Manufacturing date, retail history
- Confirms: Not reported stolen
- Result: Confident purchase

Lost & Found

Ski Resort Scenario:
- Child loses glove with Plings tag
- Finder scans QR code
- System notifies parent
- Arrange pickup at lost & found
- Optional: Finder reward

Retail Operations

Inventory Management

Store Opening Routine:
- Scan display items
- System shows: Current vs expected location
- Identifies: Misplaced items
- Suggests: Optimal arrangement
- Tracks: Shrinkage patterns

Customer Service

Product Information:
- Customer scans item
- Sees: Specifications, price, reviews
- Gets: Complementary products
- Checks: Stock in other sizes/colors
- Accesses: Assembly instructions

Loss Prevention

Security Integration:
- Exit scanners detect Plings tags
- Check: Purchase status
- Alert: Unpaid items
- Log: Movement patterns
- Identify: Theft hotspots

Manufacturers

Quality Control

IKEA Production Line:
Path: 1.2.1.2.1.1001-2000 (Batch 1001-2000)
- Each LACK table gets sequential identifier
- Quality issues traced to specific batch
- Recall notices target affected paths
- Warranty claims auto-validated

Brand Protection

Anti-Counterfeiting:
- Official products: Valid IKEA path (2.x.x.x)
- Counterfeits: Cannot generate valid path
- Customs: Scan to verify imports
- Consumers: Instant authentication

Supply Chain

Distribution Tracking:
- Factory: Creates items with paths
- Warehouse: Scans on receipt
- Transport: Updates location
- Store: Confirms delivery
- Customer: Registers purchase

Organizations

Asset Management

University Equipment:
- IT assigns Plings tags to laptops
- Path: 50.1.1.x (University.IT.Laptops)
- Tracks: Location, user, maintenance
- Automates: Annual inventory
- Manages: Depreciation

Access Control

Secure Facility:
- Employee badges with Plings NFC
- Path indicates: Department, clearance level
- Doors verify: Path cryptographically
- Log: All access attempts
- Work offline: During network outage

Real-World Scenarios

Scenario 1: Flea Market Find

Actor: Sarah, vintage collector Object: Old camera claiming to be Leica

Without Plings:

• Relies on seller’s word
• Risks buying counterfeit
• No proof of authenticity
• No history available

With Plings:

1. Scans vintage Plings tag (added by previous owner)
2. Sees: “Leica M3, manufactured 1962”
3. Verifies: Cryptographic proof of Leica origin
4. Reviews: Ownership history, service records
5. Negotiates: Based on verified information
6. Purchases: With confidence

Scenario 2: Apartment Move

Actor: Tom, moving to new city Challenge: Organizing and tracking boxes

Implementation:

1. Packing: Applies generic Plings stickers to boxes
2. Labeling: Scans each, assigns contents
3. Loading: Movers scan, confirm pickup
4. Transit: Track last-scanned location
5. Delivery: Verify all boxes arrived
6. Unpacking: Scan box, see contents list
7. Storage: Update locations in new home

Benefits:

• Never lose a box
• Insurance claims backed by scan records
• Find specific items without opening boxes
• Share access with movers temporarily

Scenario 3: Tool Library

Actor: Community Makerspace Challenge: Tool lending and tracking

System Design:

Path Structure: 75.1.x.x
- 75: Makerspace Organization
- 1: Tool category
- x: Tool type (drill, saw, etc.)
- x: Individual tool

Features:
- Members scan to borrow
- Automatic due date reminders
- Usage statistics per tool
- Maintenance scheduling
- Loss prevention

User Flow:

1. Member scans drill
2. System shows: Available, last maintained
3. Scan member card to check out
4. Return reminder after 3 days
5. Next member sees: In use by John until Friday

Scenario 4: Medicine Cabinet Safety

Actor: Family with children Concern: Medicine security and expiration

Setup:

• Parents tag all medicines
• Set “restricted” flag on prescriptions
• Add expiration dates

Daily Use:

• Child scans: “Access restricted - get parent”
• Parent scans: Shows dosage, warnings
• Monthly: Alert for expiring medicines
• Emergency: Paramedics scan for allergies

Scenario 5: Retail Innovation

Store: Sporting goods chain Innovation: Try-before-buy program

Implementation:

1. Customer selects ski equipment
2. Scans items to “check out” for weekend
3. Items linked to customer account
4. Return Monday or auto-purchase
5. All tracked via Plings paths

Benefits:

• Reduced theft (items traceable)
• Increased sales (try before buy)
• Customer data (usage patterns)
• Inventory optimization

Scenario 6: Beverage Manufacturing at Scale

Actor: Coca-Cola Company Challenge: Global supply chain tracking and anti-counterfeiting at massive scale Production Reality: 1.8-2.2 billion servings per day globally

Path Structure: 3.2.1.2.x.x

Path: 1.3.2.1.2.5847.1
HD Derivation: m/44'/501'/1/3/2/1/2/5847/1
Breakdown:
- 3: Coca-Cola (manufacturer ID)
- 2: Producer delegation (hardened)
- 1: Atlanta bottling plant
- 2: Classic Coca-Cola product class
- 5847: Production batch (15-minute production run)
- 1: Individual can #1

Production Scale Realities:

• 360,000 cans per hour per production line (100 cans per second)
• Multiple lines per plant: 10+ production lines at major facilities
• Continuous flow manufacturing: Materials continuously in motion
• Daily identifier needs: Millions of unique paths per large facility
• Global coordination: 10,000+ Coca-Cola drinks consumed per second worldwide

Batch Strategy for Scale:

Time-Based Batching (15-minute runs):
1.3.2.1.2.5847.1-90000    → 15-min batch (90,000 cans)
1.3.2.1.2.5848.1-90000    → Next 15-min batch
1.3.2.1.2.5849.1-90000    → Next 15-min batch

Daily Production Example:
Plant produces 3.6M cans/day = 40 batches of 90,000 cans
Requires path allocation: 1.3.2.1.2.5847 through 1.3.2.1.2.5886

Implementation at Scale:

1. High-Speed Production: QR codes printed inline at 100 cans/second
2. Batch Management: 15-minute production runs for quality control
3. Automatic Path Allocation: System pre-allocates daily batch ranges
4. Quality Gates: Automated scanning at packaging checkpoints
5. Distribution Tracking: Pallet-level scanning for logistics

Supply Chain Benefits:

• Precision Recall: “All cans from 1.3.2.1.2.5847.* (15-min window)”
• Quality Control: Immediate batch isolation for any detected issues
• Anti-Counterfeiting: Cryptographically impossible to forge paths
• Production Analytics: Real-time efficiency tracking per line
• Regulatory Compliance: Complete audit trail for food safety

Path Registry Implications:

• Massive Path Allocation: Single plant needs 14,600+ batch paths per year
• Real-time Registration: Batch paths allocated minutes before production
• Global Coordination: Prevent path conflicts across 200+ countries
• Performance Requirements: Path validation must complete in milliseconds

Product Variations at Scale:

Atlanta Plant (simultaneous production):
1.3.2.1.1.5847.x → Diet Coke line (50,000 cans/batch)
1.3.2.1.2.5847.x → Classic Coke line (90,000 cans/batch)  
1.3.2.1.3.5847.x → Sprite line (70,000 cans/batch)
1.3.2.1.4.5847.x → Fanta line (40,000 cans/batch)

Mexico City Plant (same timeframe):
1.3.2.2.2.5847.x → Classic Coke (different facility)

Consumer Experience:

• Scan can → “Atlanta plant, Line 2, 2:15 PM batch, Can #45,832”
• Promotional campaigns targeting specific production timeframes
• Recycling rewards with production facility routing
• Instant authenticity verification against counterfeit products

---

⚠️ CRITICAL: Private Key Operations and Trust

When Private Keys Are Needed

While basic identifier verification and scanning work without private keys, certain advanced operations require cryptographic signatures:

✅ Safe Private Key Operations

1. Payment Recovery: When Program Derived Address (PDA) fails, recover stuck funds
2. Warranty Claims: Manufacturer signs warranty validations during warranty period
3. Supply Chain Verification: Manufacturing proof, quality control (pre-sale only)

❌ Dangerous Private Key Operations

1. Object Retirement: Marking objects as “destroyed” after sale
2. Ownership Transfer: Using private keys to “transfer” ownership
3. Unlimited IoT Autonomy: Permanent manufacturer control over user devices

The Trust Challenge

The Problem: HD wallet architecture allows multiple parties to derive private keys:

• Plings (master key holder)
• Manufacturer (via delegation)
• Plant/Facility (via manufacturer delegation)

Trust Issue: Even after ownership transfer, supply chain participants retain technical ability to perform cryptographic operations on behalf of objects.

Critical Principle: Key Access ≠ Ownership Rights

Example Trust Violation:
1. Consumer buys smartwatch from Chinese factory
2. 3 years later in Sweden, factory uses private key to mark watch as "retired"
3. Consumer's valuable watch now appears worthless in apps
4. Consumer has no recourse

Implementation Guidelines

For Current Development:

• Implement only safe operations with temporal and scope validation
• DO NOT implement owner-equivalent operations without owner consent
• Respect trust boundaries between supply chain authority and ownership rights

Required Reading:

• HD Wallet Trust Boundaries - Implementation guidelines and security boundaries
• Private Key Use Cases Analysis - Detailed risk assessment

---

Implementation Strategy

Phase 1: Foundation (Current)

• ✅ Basic identifier generation
• ✅ Path registry system
• ✅ Manufacturer architecture
• 🔄 Core use case implementation

Phase 2: Scale (Next)

• Production manufacturer integration
• Retail pilot programs
• Consumer mobile apps
• Lost & found network

Phase 3: Ecosystem (Future)

• API marketplace
• Third-party integrations
• Industry standards adoption
• Global verification network

Key Takeaways

For Developers

• Paths enable offline verification and hierarchy
• Class Keys prove product authenticity
• URLs ensure universal accessibility
• Cryptography prevents counterfeiting

For Business

• Brand Protection through uncounterfeitable identifiers
• Supply Chain visibility and traceability
• Customer Trust via transparent authentication
• New Services like automated warranties

For Consumers

• Instant Shopping without checkout lines or cashiers
• Authenticity verification for purchases
• Organization tools for personal items
• Lost & Found recovery system
• Service Access (rent, repair, insure) directly from objects
• Transparency in product history and ownership

---

This document explains WHY the Plings identifier system is designed as it is. For technical implementation details, see plings_identifier.md. For what happens when identifiers are scanned, see scan-event-system.md. For specific use cases, see /docs/use-cases/.

Last Updated: Sun 27 Jul 2025 08:40:00 CEST - CRITICAL: Added private key operations trust model and security considerations. Added implementation guidelines for safe vs. dangerous private key operations.