Skip to main content

Data-Only Onboarding



Wi-Fi networks onboarded to Helium are eligible to earn HNT for handling carrier traffic.

At this time, only Helium Mobile traffic is rewardable on networks onboarded through self-serve tooling. If you are interested in handling other carrier traffic through your commercial or other high-traffic deployment, please use the Helium Plus program.

Considerations for Entity Creation

Each Mobile network onboard will represent a single pin on the coverage map, regardless of how many Hotspots (APs) it may contain. The entity representing this network will also hold any rewards earned from data transfer until they are claimed. When considering entity creation, try to constrain the scope of the onboarded deployment to the size of one building or smaller.

Self-serve onboards will be counted as a single Hotspot in Helium Network metrics. Networks onboarded through the Helium Plus program carry additional metadata which represents the total number of Hotspots in a given deployment. For large network deployments, please use the Helium Plus program.

Prepare Wallet

Download and configure the Helium Wallet CLI with a new or existing Solana account. The following steps require Helium Wallet CLI 2.1.1 or newer.

Onboarding a new Wi-Fi Network requires a token fee per network or location. Ensure the account has these minimum balances.

TokenAmount
Data Credits100,000 ($1.00)Mobile entity onboarding cost.
MOBILE$1.00Mobile entity onboarding cost.
SOL~0.005Solana blockchain fees and NFT creation.1

Create and Onboard Data-Only Hotspot

The process for creating a Data-Only Hotspot begins by generating the Hotspot key and then creating and onboarding the Rewardable Entity NFT using the Helium Wallet CLI.

Create the Hotspot key by creating an onboarding token:

Generate an onboarding token.
helium-wallet hotspots add mobile token

The token command will return a response looking like this:

Example generated entity and token.
{
  "hotspot": {
    "key": "14WaYzPtgvs3sranGNBxTSj9d4f36J6c6mjRWKqRwDr8NirmrmL",
    "name": "recumbent-menthol-porcupine"
  },
  "token": "CmUSIQHOP/T3SOWXnjrAZXyJ5CWmQChywBmpyigcLjNVr+nMJSONJexLDs1m61BLVetCqcXla0DmOWZVUORYBn4ya9gv0jy8pz8Av4JgnZzrJlp/9bskEZ4lIYjQVObuwh+54DlTAQ=="
}

Onboard the created Hotspot using the given token:

Use the "token" value along with the Hotspot's physical latitude and longitude to assert its location to the network. A utility such as latlong.net is helpful for looking up coordinates.

Onboard the Rewardable Entity (Hotspot)
helium-wallet hotspots add mobile onboard <TOKEN> --lat=37.779930 --lon=-122.387906 --commit

Here, <TOKEN> represents the token generated in step 1. The command prompts for the CLI wallet password, signs the transaction, and submits it to the blockchain. A result will print as a successful transaction hash.

If any errors are returned during the onboarding, double check token balances and retry the onboarding transaction.

Hotspot RADIUS Certificates

The last step is to create the certificates for the Hotspot. Certificates are created uniquely for each onboard.

helium-wallet hotspots add mobile cert <HOTSPOT_KEY> --nas-id xx:xx:xx:xx:xx --address "South Beach Yacht Club, 899 2nd St, San Francisco, CA 94107"

<HOTSPOT_KEY> is the key from first step (e.g. 14Wa...mrmL).

--nas-id must match the NAS-ID being broadcast from the SSID. Use a MAC address from the onboarded network as the NAS-ID.

--address should best represent the installed location of the network. If a business, include the business name. If residential, a street address is sufficient.

This command will create the Hotspot certs and save them in the active directory.

Certificate response delivered from the CLI command.
{
  "expiration": "2028-02-21T23:10:51Z",
  "private_key": "14WaYzPtgvs3sranGNBxTSj9d4f36J6c6mjRWKqRwDr8NirmrmL.pk",
  "certificate": "14WaYzPtgvs3sranGNBxTSj9d4f36J6c6mjRWKqRwDr8NirmrmL.cer",
  "ca_chain": "data-only.ca"
}

When the cert command is executed with both the NAS-ID and address, any existing certificates for the specified Hotspot are retrieved. Should certificate files already exist in the active directory, the command returns an error; the --force flag may be used to overwrite existing files.

Footnotes

  1. At the time of writing, onboarding required 0.003778 SOL; however, the fee will fluctuate based on network conditions.