A story of birth certificates, commander offices, and profile rooms: all sealed inside a fingernail-sized chip
Both phone chips and robot chips have the eUICC vault. But the robot chip has a permanent ISD-R: the Commander's Office: that accepts push commands by radio. Phones use an app (LPA) instead. Robots are built to obey, not to tap.
The ECASD is the most secure room. Created when the chip is born and never changed. It holds the master trust badge, the robot's secret private key (which never leaves the chip!), and a 32-digit EID fingerprint. This room only opens twice: when receiving keys or changing commanders.
The ISD-R is the Commander's representative living inside every robot chip. It creates profile rooms, switches which one is active, enforces the rulebook (POL1), and relays encrypted messages. But here's the trick: it cannot read what's inside any profile: it only manages the rooms!
Each ISD-P holds one complete Profile: network keys, file system, phonebook, SMS storage, and a rulebook (POL1). A vault can have multiple ISD-P rooms, but only one is active at a time. They're completely isolated: Operator A's profile cannot see Operator B's profile!
The robot's secret key (SK.ECASD.ECKA) is so sensitive that it's generated right on the chip during manufacturing. It never goes over any wire, never appears in any database, and is destroyed if anyone tries to drill into the chip. It's the digital equivalent of a key forged inside the lock!