Device Models and Artifact Applicability

A device model describes a product you manufacture: how a unit of that kind is identified and provisioned, and which descriptor tags apply to it. Models live in ThingMake. Software artifacts and auto-assignment rules are defined outside TrustMint; TrustMint provisioning does not install firmware, OS images, drivers, or applications.

A model has its own identity

Every model has a stable model id (its identity), addressed as frn:<account>:thingmake:model/<id>. You reference a model — from a device instance, from a provisioning flow — by that id.

A model also carries a vid:pid descriptor (a vendor id and a product id, USB-style). This is a match tag that lives on the device wire, not the model’s identity: software reads vid:pid to decide what to load, and it is deliberately non-unique — a product family, its submodels, and similar models can share a vid or a vid:pid. Your platform VID is assigned once per account:

POST /api/v1/thingmake/vendors        # → { "vid": "v0001", ... }
POST /api/v1/thingmake/models         # { "pid": "rb-100", "device_class": "...",
                                       #   "provisioning_method": "certificate", ... }

The model read surface returns the public descriptor only — vendor secrets you supply (signing keys, CA material, credentials) are stored server-side and never returned or shared.

Artifact Applicability Is Descriptor Metadata

ThingMake may store descriptor-to-artifact applicability metadata for UI and API consistency, but it does not own artifact authoring or device delivery. The load-bearing delivery path is the OTA/bootstrap system; TrustMint sees the device descriptor and the model, not an explicit software-install operation.

The applicability surface declares the set of vid:pid descriptors an external artifact id applies to:

POST /api/v1/thingmake/software
# { "artifact_id": "...", "version": "1.2.0", "kind": "driver",
#   "applies_to": [ {"vid":"v0001","pid":"rb-100"}, {"vid":"v0001","pid":"rb-200"} ] }

To find the software applicable to a model, resolve by its descriptor:

GET /api/v1/thingmake/models/{id}/software     # bundles whose applies_to matches the model's vid:pid

ThingMake only references artifact ids and descriptor targets. Delivery to devices is handled by the OTA/bootstrap path and remains separate from TrustMint enrollment and provisioning.

Provisioning by model

When a unit references a model, provisioning is governed by the model’s declared provisioning_methodauto, symmetric_key, certificate, and none complete without any factory backend; webhook delegates to a model-scoped factory service you register for (registrar_id, model_id, role). See registration and the state machine.

Sharing a model to another factory

Mint a recipient-bound deeplink and let another factory import your model’s public descriptor only (never the vendor secret). The imported copy is a new model with its own id; the originating vid is preserved as provenance, so OEM-manufactured units still carry the origin.

POST /api/v1/thingmake/models/{id}/share    # { "recipient_account_id": "...", "ttl_seconds": 86400 }
POST /api/v1/thingmake/models/import        # { "deeplink_token": "..." }  (called by the recipient)