Patching a Dragino Lora Gateway

It’s Chinese-made OpenWrt hardware, and with OTR:

  • You don’t rely on proprietary cloud or packet forwarders (TTN, LoRaWAN, AliCloud)
  • MAC filtering and CID logging makes every device accountable
  • Can run watchdog scripts to detect tampering or routing anomalies
  • Can bridge LoRa + BLE + Wi-Fi into a single, verifiable chain of custody

A Dragino ( example LG01-P) becomes:

🔰 RoleCapability
LoRa-to-OTR RelayTrusted CID bridge, not public LoRaWAN
MAC FirewallBlocks unknown MACs, enforces device auth
Encrypted CID ForwarderCan encrypt payloads (via AES or Curve25519) before handoff
OTA-Wallet-AwareTied to Edge or cold wallet, logs activity for audit and staking
Border GatewayConnects field nodes → Validator Pi → Air-gapped cloud or offline ops

“Secure, repurpose, and harden low-trust foreign hardware into sovereign comm infrastructure.”

the “example LG01-P Lite Validator Patch” including:

  • mac_router.py
  • requirements.txt (lean)
  • ota_node.whl (warning: lite mode only)
  • firewall_hardener.sh – blocks outbound DNS, WAN, etc.
  • validator_config.json – minimal

Example Components for the Dragino LG01P OTR Validator Node

1. Core Runtime:

  • ota-node.whl — OTR logic (wallet sync, CID logger, MAC auth)
  • mac_router.py — Trusted MAC routing
  • claim_dashboard.html + claim_replay_service.py — Validator claim UI

2. LoRa Bridge Modules:

  • lora_bridge_relay.py — Listens to LoRa UART/SPI and rebroadcasts CID+wallet logs over Wi-Fi or Ethernet
  • wifi_bridge_client.py — Sends CID payloads to internal relay (or Edge GUI/localhost)
  • Auto log to IPFS and optionally SafeSignal

3. Security Layer:

  • otar_key_manager.py — AES-256 key provisioning, synced over IPFS or QR
  • aes_encryptor.py — Payload encryption module
  • config_fetcher_ipfs.py — Pulls safe configs over IPFS at boot

4. API & Admin Tools (FastAPI-based):

  • /device/verify
  • /wallet/receive/:address
  • /cid/push
  • /bridge/status
  • /alias/resolve
  • /claim/submit
  • /proof/log

5. Field Ops Tools:

  • publish_terminal_state.py — IPFS-push of current config + proof
  • btc_listener.py — Optional BTC confirmation-to-CID relay

6. Networking Setup:

  • Auto-bridge mode: LoRa <-> WiFi or LoRa <-> Ethernet
  • Systemd services for:
    • LoRa startup
    • Wallet CID logger
    • QR relay scanner (optional)
  • Static fallback IP + QR for headless boot

/otr_validator/
├── core/
│ ├── ota-node.whl
│ ├── mac_router.py
│ ├── config_fetcher_ipfs.py
│ ├── otar_key_manager.py
│ └── aes_encryptor.py
├── bridges/
│ ├── lora_bridge_relay.py
│ ├── wifi_bridge_client.py
│ ├── cellular_cid_uplink.py
│ └── bt_mesh_monitor.py
├── api/
│ ├── fastapi_app.py
│ ├── routes/
│ │ └── (all endpoint .py files)
├── proof/
│ └── publish_terminal_state.py
├── web/
│ ├── claim_dashboard.html
│ └── /dev/index.html
└── system/
├── systemd/ (auto start services)
└── logs/

Relay Modules (LoRa, BLE, Wi-Fi)

  • relay_bridge.py – central dispatcher for all protocol events
  • lora_listener_dragino.py – listens to LoRa events via UART/SPI/GPIO (Dragino-specific)
  • ble_listener.py – listens for nearby CID/BLE messages
  • wifi_sync_relay.py – watches for HTTP/IPFS relay and device CID check-ins
  • proof_logger.py – logs Proof of Relay + Proof of Authentication events
  • mac_whitelist.json – trusted device registry for access control

Translator + Message API

  • language_translator.py – inline CID translator using offline model or fallback API
  • reward_assigner.py – ties translation, relay, or validation action to OTA rewards
  • /translate API – POST raw message + language → get translated + CID-wrapped response
  • /relay API – submit raw CID or message payload for protocol-specific rebroadcast

Rewards + Wallet API

  • /reward/distribute – triggers wallet transfer on valid relay or translation
  • /wallet/balance/:mac – view wallet tied to MAC/Edge address
  • /wallet/export-usb – export cold backup of wallet to USB (Thetis compatible)

Router & Sync API

  • /relay/status – current active channels (LoRa, BLE, Wi-Fi)
  • /router/mac-lookup – resolve device or validator from MAC
  • /router/route-cid – push CID through best available path
  • /proof/verify – confirm CID was relayed/authenticated by trusted validator

  • publish_terminal_state.py – IPFS snapshot of current state
  • btc_listener.py – optional BTC CID audit trigger (if used as vending relay)
  • config_fetcher_ipfs.py – pull validator config from IPFS on boot

Edge SDK Integration Points

Wallet Operations

  • edge_wallet_panel.py – embedded overlay for wallet balance, TX, and cold export
  • /wallet/export-usb – cold key export directly compatible with Edge Wallet backup
  • /wallet/balance/:mac – resolves wallet via MAC address (Edge style)
  • /wallet/receive and /wallet/send – REST routes matching Edge SDK format

Alias + MAC Registry Support

  • MAC address to wallet alias mapping works with /alias/register, /alias/resolve, etc.
  • Automatically checks trusted MAC via mac_whitelist.json — mirrors Edge’s trusted device paradigm

API Compatibility with Edge Plugin
All API endpoints in the Dragino patch are formatted to be usable by Edge Wallet plugin modules, especially:

  • CID viewer
  • reward claim
  • validator state broadcast
  • QR launcher tools

Fallback Modes

If Edge Wallet SDK is offline or disconnected, fallback to local FastAPI endpoint: http://localhost:8080/wallet/...

Docs: /docs, /openapi.json auto-generated in the bundle
No cloud required – will auto-run via systemd on Dragino Pi once flashed.

Sample Node