Skip to content

Documentation of the Bluetooth/BLE devices

Notifications You must be signed in to change notification settings

russtacular/Bluetooth

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
 
 
 
 
 
 

Repository files navigation

Bluetooth/BLE

General information on how BLE is used in Xiaomi's devices.

General context

Xiaomi (and it's many, many sub-brands) uses several wireless protocols for their devices, mainly zigbee (aqara devices), BLE (many "standalone" devices and smartbands/smartwatches from huami and amazfit), and wifi (usually their "biggest" devices such as the vacuum cleaner, and some yeelight devices, basically, what's guaranteed to have enough power at all times)

Xiaomi is known to share it's logistics division with it's sub-OEMs, and also it's "Mi Home" ecosystem. They also seems to share some proprietary protocols, especially in BLE and zigbee.

BLE notes

  • Almost every devices implement a similar (if not the same) firmware upgrade logic, there seems to have differences as some uses Nordic semiconductors' DFU service, and other seems to only mimic parts of it. I guess they started by using Nordic microchips and then expanded, and did reproduce the Nordic's DFU mode to their other devices so they still can share most of the code.
  • Some devices implement authentication, even if it's "optional" as you can still talk to the device for some time (around a minute) before it drops the connection. The authentication is encrypted using a custom JNI, "libblecipher.so". These devices seems to include the Flora plant monitor, the Soocare toothbrush, and the temperature sensor, it isn't excluded that they use the same mechanism in other devices such as the mi bands.
  • Xiaomi does have 3 16b UUIDs, but i've only seen fe95 being used so far.
  • Huami have 2 16b UUIDs used by the mi bands: 0xFEE0 and 0xFEE1

Devices covered (Aka. what's coming sooner or later)

If you have a xiaomi ecosystem device and did reverse engineer it, feel free to contribute. For now, for obvious reasons, i'll focus on some devices i already own:

Device name Device ID Documentation Status
Mi Body Composition Scale huami.health.scale2* Doc Done
Mi toothbrush soocare.toothbrush.m1 Doc Done
Yeelight Bedside lamp yeelink.light.ble1 Doc TODO
Mi LED Desk lamp yeelink.light.lamp1 Doc TODO
Yeelight Candela yeelink.light.mb2grp Doc TODO
Mi Kettle V1 yunmi.kettle.v1 Doc TODO
Temperature/Humidity sensor cleargrass.sensor_ht.dk1 Doc WIP
Flora plant monitor hhcc.plantmonitor.v1 Doc TODO
Mi Band 1 xiaomi.watch.band1 Doc TODO
Mi Band 2 xiaomi.watch.band2 Doc TODO
iHealth Track Blood Pressure Monitor ihealth.bp.550bt Doc WIP

* Guesstimate, it isn't in mi home, but in some other app, of the ecosysteme or OEM's one

And for other protocols?

About

Documentation of the Bluetooth/BLE devices

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%