Minting Process

The minting process at Tokentagged is not just about creating a token on the blockchain; it is the moment where the physical hardware is cryptographically and permanently bound to a specific Smart Contract Collection.

This process ensures that a Tokentag cannot be "re-used" for a different fake collection once it has been initialized.

Process Overview

The minting workflow consists of three distinct phases that occur within a single user interaction (the "Tap"):

1. Activation (if required): Deriving the wallet keys.
2. Hardware Locking (NFC Write): Permanently storing the Collection Address on the chip.
3. On-Chain Minting: Submitting the proof to the Ethereum Blockchain.

1. Activation Check

Before minting, the Web App checks if the tag is already activated (i.e., has a derived private key). If not, the Trust Chain Activation is performed first.

• See Trust Chain & Key Gen for details.

2. Hardware Locking (The "Link")

To prevent a tag from being used to mint counterfeit NFTs on unauthorized contracts, the Tokentag hardware enforces a Write-Once policy for the contract association.

1. Transmission: The Web App sends the address of the target Collection Smart Contract to the tag via NFC.
2. Storage: The tag writes this address into a specific, protected memory sector.
3. Locking: The tag permanently locks this memory sector. This action is irreversible.

Hardware Binding

Once a Tokentag receives a Collection Address, it is physically impossible to change it. The tag can no longer be used for other collections.

3. Cryptographic Signing

The Web App requests a signature from the tag to authorize the minting transaction. The tag constructs a hash based on the current context and signs it with its unique Card Key.

The signed data includes:

• Token ID: Derived from the tag's public key.
• Operator: The wallet address of the user minting the item.
• Collection Address: The address stored in the tag (ensuring the link).
• Chain ID & Blockhash: For replay protection.

4. Smart Contract Execution

The final step is the transaction on the Ethereum blockchain. The mintTokentag function in Tokentagged.sol orchestrates the validation and creation.

Function Signature

function mintTokentag(
    uint256 tokenId, 
    string memory tokenURI, 
    uint256 amount, 
    address royaltyReceiver, 
    uint96 royaltyFraction, 
    uint blocknumber, 
    uint8 v, bytes32 r, bytes32 s, 
    bytes memory cardAttestation, 
    bytes memory attestation
)

Validation Logic

The Smart Contract performs strict checks before minting:

1. Signature Verification (_verifySignature):

   • Reconstructs the message hash using the contract's own address (address(this)).
   • Recovers the signer address using ecrecover.
   • Crucial Check: Validates that the recovered signer matches the tokenId (which contains the Tag ID). This proves the hardware authorized this specific contract.

2. Attestation Verification (_authorizeTokentag):

   • Calls the SignerRegistry to verify the attestation and cardAttestation.
   • Ensures the chip is a genuine Tokentag manufactured by us.

3. Supply Check:

   • Ensures the token hasn't been minted before (for NFTs).

Result

If all checks pass, the token is minted to the user's wallet (_msgSender()), and the metadata URI is set. The physical object now has a verifiable digital twin.