TLS and centralised Public Key Infrastructure were built for the web, humans connecting to servers, not for fleets of machines talking continuously with no human in the loop. As Industrial IoT scales to millions of devices, traditional PKI strains: certificate authorities become single points of failure, revocation is slow, and one compromised node can threaten the whole system. This piece makes the case for Brontide, the Lightning Network's encrypted handshake, as a better fit for machine-to-machine communication: decentralised trust, channel graphs standing in for certificate authorities, and identity backed by economic stake rather than a single signing party. It walks through the limits of conventional PKI at industrial scale, how Brontide and Instant Karma PKI reframe the problem, and why borrowing trust from a payments network might be what securing industrial machines needs.
Writing
Essays, papers, notes, and references.
A place for longer pieces, formal work, and useful written records.
TLS and centralised Public Key Infrastructure were built for the web, humans connecting to servers, not for fleets of machines talking continuously with no human in the loop. As Industrial IoT scales to millions of devices, traditional PKI strains: certificate authorities become single points of failure, revocation is slow, and one compromised node can threaten the whole system. This piece makes the case for Brontide, the Lightning Network's encrypted handshake, as a better fit for machine-to-machine communication: decentralised trust, channel graphs standing in for certificate authorities, and identity backed by economic stake rather than a single signing party. It walks through the limits of conventional PKI at industrial scale, how Brontide and Instant Karma PKI reframe the problem, and why borrowing trust from a payments network might be what securing industrial machines needs.
“IoT” hides a fault line. Consumer IoT, smart homes, wearables, connected cars, optimises for convenience. Industrial IoT optimises for efficiency, safety, and uptime, running factories, energy grids, and healthcare where a failure is not an inconvenience but a danger to life. They share the name and almost nothing else: devices, networks, security models, scalability, and regulatory weight all diverge sharply. This piece draws the line clearly, comparing the two across purpose, hardware, security risk, data complexity, networking, and cost, and argues that conflating them leads to bad decisions in both directions: consumer-grade thinking applied to industrial systems that can hurt people, and industrial caution wasted on a doorbell. Whether you are smartening a home or securing a plant, the first move is knowing which world you are in.