Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

SPOQchain: Platform for Secure, Scalable, and Privacy-Preserving Supply Chain Tracing and Counterfeit Protection

Moritz Finke, Alexandra Dmitrienko, Jasper Stang

TL;DR

SPOQchain addresses counterfeit risk and privacy concerns in global supply chains by combining batch-based, on-demand product publication with off-chain storage and PUF-based identification. It introduces a permissioned blockchain framework with a flexible system model, ring-signature anonymity, and storage-system access controls to protect sensitive lifecycle data while enabling traceability and originality verification. The core contribution is a Go-based implementation atop Hyperledger Sawtooth, plus Android tooling and two storage backends, demonstrating substantial efficiency gains (lower transaction volume and storage) and an informal security/privacy evaluation. The work supports diverse product identification technologies and interoperable tracing suitable for initiatives like the Digital Product Passport, significantly improving scalability, privacy, and anti-counterfeiting capabilities in real-world supply chains.

Abstract

Product lifecycle tracing is increasingly in the focus of regulators and producers, as shown with the initiative of the Digital Product Pass. Likewise, new methods of counterfeit detection are developed that are, e.g., based on Physical Unclonable Functions (PUFs). In order to ensure trust and integrity of product lifecycle data, multiple existing supply chain tracing systems are built on blockchain technology. However, only few solutions employ secure identifiers such as PUFs. Furthermore, existing systems that publish the data of individual products, in part fully transparently, have a detrimental impact on scalability and the privacy of users. This work proposes SPOQchain, a novel blockchain-based platform that provides comprehensive lifecycle traceability and originality verification while ensuring high efficiency and user privacy. The improved efficiency is achieved by a sophisticated batching mechanism that removes lifecycle redundancies. In addition to the successful evaluation of SPOQchain's scalability, this work provides a comprehensive analysis of privacy and security aspects, demonstrating the need and qualification of SPOQchain for the future of supply chain tracing.

SPOQchain: Platform for Secure, Scalable, and Privacy-Preserving Supply Chain Tracing and Counterfeit Protection

TL;DR

SPOQchain addresses counterfeit risk and privacy concerns in global supply chains by combining batch-based, on-demand product publication with off-chain storage and PUF-based identification. It introduces a permissioned blockchain framework with a flexible system model, ring-signature anonymity, and storage-system access controls to protect sensitive lifecycle data while enabling traceability and originality verification. The core contribution is a Go-based implementation atop Hyperledger Sawtooth, plus Android tooling and two storage backends, demonstrating substantial efficiency gains (lower transaction volume and storage) and an informal security/privacy evaluation. The work supports diverse product identification technologies and interoperable tracing suitable for initiatives like the Digital Product Passport, significantly improving scalability, privacy, and anti-counterfeiting capabilities in real-world supply chains.

Abstract

Product lifecycle tracing is increasingly in the focus of regulators and producers, as shown with the initiative of the Digital Product Pass. Likewise, new methods of counterfeit detection are developed that are, e.g., based on Physical Unclonable Functions (PUFs). In order to ensure trust and integrity of product lifecycle data, multiple existing supply chain tracing systems are built on blockchain technology. However, only few solutions employ secure identifiers such as PUFs. Furthermore, existing systems that publish the data of individual products, in part fully transparently, have a detrimental impact on scalability and the privacy of users. This work proposes SPOQchain, a novel blockchain-based platform that provides comprehensive lifecycle traceability and originality verification while ensuring high efficiency and user privacy. The improved efficiency is achieved by a sophisticated batching mechanism that removes lifecycle redundancies. In addition to the successful evaluation of SPOQchain's scalability, this work provides a comprehensive analysis of privacy and security aspects, demonstrating the need and qualification of SPOQchain for the future of supply chain tracing.
Paper Structure (36 sections, 2 equations, 10 figures, 4 tables, 1 algorithm)

This paper contains 36 sections, 2 equations, 10 figures, 4 tables, 1 algorithm.

Table of Contents

  1. Introduction
  2. Background
  3. Blockchain
  4. puf
  5. Optical puf
  6. Electronic puf
  7. Design
  8. Requirements
  9. Key Design Features
  10. System Model
  11. Product- and Batch-based Tracing
  12. Product Identification
  13. User-centric Privacy Controls
  14. Blockchain
  15. Storage
  16. ...and 21 more sections

Figures (10)

  • Figure 1: Product-wise (left) and batch-based (right) management of the lifecycle of a batch (B) of products (P).
  • Figure 2: SPOQchain System Model
  • Figure 3: Asset, user, and storage entries in SPOQchain.
  • Figure 4: Exemplary product lifecycle (blue timeline) with restricted view on past and future events for different actors.
  • Figure 5: Asset verification.
  • ...and 5 more figures