Skip to main content

Technology Overview

Tokentagged is more than just an NFC sticker linked to a website. It is a comprehensive Physical-to-Digital Bridge built on bank-grade hardware security and decentralized blockchain verification.

This section of the documentation provides a deep dive into the technical mechanics that allow physical objects to hold digital assets securely.

The Architecture

Our system is built on three pillars: Secure Hardware, Application Interface, and Smart Contracts.

Core Components

1. The Hardware (Secure Element)

At the heart of every Tokentag is the NXP SmartMX3 P71D321, a CC EAL 6+ certified secure microcontroller. Unlike standard NDEF tags, this chip:

  • Generates private keys internally (they never leave the device).
  • Executes cryptographic operations (hashing and signing) on-board.
  • Runs specialized Java Card Applets (Core, NDEF, U2F).

➡️ Read more: Hardware Specs & Applets

2. The Trust Chain

How do you know a tag is genuine and not a clone? We utilize a Two-Stage Supply Chain Attestation:

  1. Root Attestation: Proves the chip was initialized by Tokentagged.
  2. Card Attestation: Proves the user's wallet key is derived from a genuine Master Key.
  3. User Entropy: The final private key is derived using a "Chain Code" (passphrase) provided by the user, ensuring even the manufacturer cannot access the wallet.

➡️ Read more: Trust Chain & Key Gen

3. Nonce Control (Anti-Fraud)

To enable physical handover of assets (like a Crypto Swap-Card) without the risk of the previous owner keeping a copy of the key or pre-signing a theft transaction, we implemented Nonce Control.

  • The chip tracks the highest signed Nonce.
  • The blockchain tracks the current Nonce.
  • If Chip Nonce > Chain Nonce, the card warns of potential hidden transactions.

➡️ Read more: Nonce Control & Handover

4. Smart Contract Integration

Our Solidity smart contracts (ERC-1155) are designed to interact directly with the hardware signatures.

  • Minting: The hardware is permanently locked to a specific collection address ("Write-Once") during the minting process.
  • Verification: The verifyTokentag function allows for on-chain proof of presence using ecrecover to validate the chip's signature against its ID.
  • Token Structure: We use a split-bit ID system to manage NFTs, Fungible Tokens (FT), and Semi-Fungible Tokens (SFT) within the same contract.

➡️ Read more: Minting Process | Verification Process

Where to Start?

If you are a developer or a technical auditor, we recommend reading in the following order:

  1. Hardware Specs: Understand the physical capabilities.
  2. Trust Chain: Understand how keys are generated securely.
  3. Minting: See how the physical and digital are linked.
  4. Verification: Learn how we prove authenticity on-chain.