Hello !
I got bad time figuring out how we can prevent a Malicious device to corrupt our thread Network and only allow our device to connect to this mesh network.
I am working on a project where we have 10 Full Thread Device (FTD) scattered across a large perimeter and hundreds of Sleepy End Devices (SED).
All the SED are transmitting to only one of these FTD (that we call the Gateway), no need for internet access in our case.
We are not using the NCP and raspberry pi border router as our SED do not need to connect to internet but only to this Gateway.
So far, our experiments went well, we did not test with hundreds of node but with couple of tens on a large area (200m x 200m).
For practicality, we cannot manually add (commission) each of these SEDs one by one, but require them to connect automatically to the network using a secret (auto-commissioning).
Instead, we need them to have a secret (for now hardcoded) PSKc (in thread) that we will use for the commissioning and get the MasterKey.
My question arises when I try to understand how we can implement this secret and more precisely, how it is implemented in the COAP example.
In the Coap example, we can see that we set the Pan ID and the channel but we do not see any use (or definition) of the PSKc, the Thread Pre Shared Key used to get the network MasterKey.
I spent several day searching for this. I read the whole Thread specification, but do not see how the commissioning is implemented within the Nordic SDK (which is great btw!).
Could you please explain me how the Coap example implements this shared secret and allow only the devices running the example to connect together ?
(or guide me toward explanations or code on the openThread github maybe 
)
Thanks a lot,
Max
