Question about initial connection

[acheronfail]

I’m wondering why this app needs the original Onewheel app in order to connect to the board? I’d like to know more about the technical details of why this is required (so I can investigate removing it).

I’m a software developer so happy to look into it and see if I can improve the situation, but I’d like some more information on it first.

It looks like the “Float Remote” app (iOS) doesn’t have this requirement, so it’s definitely possible to connect without needing this.

[beeradmoore]

Hey @acheronfail , When you turn on your board (depending on the firmware) it may be in a "locked" state where the only thing it will share over BT is the hardware and firmware revisions as well as a unique board token. This token then needs to be swapped for a key, the key is then used on the board and it is "unlocked" and all of its data (at least the ones not removed by FM) will be accessible. This whole process is known as the handshake or BLE handshake.

The process for exchanging a key for a token varies depending on board HW/FW. In most cases the token needs to be sent to FM servers to recieve a key back. On older boards the token can be processed in app and made into a key.

At one point we sent users tokens to FM servers on behalf of users, but FM blocked us within a week. In theory if you can mimic what the official app does correctly you shouldn't get blocked. But blocking users access to FM servers for bad code is not a path we'd like to continue down. Maybe this is what Float Remote is doing? In the past people also removed the BLE handshakre from board with modded firmware, but FM did not take kindly to that.

A workaround we use is if you let FM app unlock the board, disconnect and then reconnct with OWCE again we can keep that connection unlocked. Can easily be blocked in a firmware update.

A longer solution we are currently working on is a tool for a user to extract their own keys and tokens. This can be manually backed up by the user or stored on OWCE servers. When this is eventally live you'll no longer have to swap apps once you have your own token and key.

EDIT: Handshake code starts here if you wanted to see what we do for different boards.

[acheronfail]

Thanks @beeradmoore that's fantastic information!

At one point we sent users tokens to FM servers on behalf of users ... Maybe this is what Float Remote is doing

Float Remote seems to be able to connect offline. And I've also reset it and re-connected while monitoring its network activity, and it doesn't make any network requests - so apparently it can connect to the board without doing the token/key handshake! 🤔 Would really love to know about this (I've emailed the developer, let's see if we find anything out).

A longer solution we are currently working on is a tool for a user to extract their own keys and tokens. This can be manually backed up by the user or stored on OWCE servers. When this is eventally live you'll no longer have to swap apps once you have your own token and key.

I like this workaround - is there anything in progress I can contribute to? Or anything else it all? Keen to help out/contribute/etc. (Motivated by the fear of accidentally updating my OneWheel+ XR - which is hw 4212 and fmw 4152).

[beeradmoore]

Let me know if you hear anything back from them, curious what they are doing if that is the case.

Nothing you can contribute to at the moment, maybe some testing close to launch of that feature.