EID Slot and Lock Code

[samueleforconi]

Hi, as per Eddystone GATT spec, an Eddystone beacon could be configured to not use a Lock Code, by setting the Lock State characteristic to 0x02: UNLOCKED AND AUTOMATIC RELOCK DISABLED.

My question is: with the Lock State characteristic set to 0x02 UNLOCKED AND AUTOMATIC RELOCK DISABLED, could it be possible for a user to configure an Adv Slot as an EID Slot?

If the answer is YES, reading the EID Identity Key characteristic what would give as a result? The GATT spec says that the EID Identity Key characteristic contains the encrypted EID Identity Key but if the beacon doesn't have a Lock Code how does it encrypt this value?

[mashbridge]

Good point. Perhaps we should specify that a default lock code is required when the configuration GATT service is implemented. The same problem would arise with factory reset too, since it's not reasonable to perform that without first proving that you're the "owner" of the device.

[scottjenson]

I agree on specifying a default lock code. Just to clarify though, the beacon shouldn't be required to ship in a 'locked state' as that makes it significantly harder to initially use. Before deployment, of course, the beacon should be locked.

[mashbridge]

We've tried to keep as much of the core specification as possible agnostic w/r/t deployment requirements, but I'll add the requirement of a default lock state to the manufacturer guidelines at the top of the document. (In looking at early samples from manufacturers most have chosen to ship the devices in a locked state. Of the couple that come unlocked, I haven't seen any that didn't have a code, and our validation tests enforce that it's present and can be changed.)

[samueleforconi]

Hi, according to this, the default Lock Code should also be used when a user is trying to set a new Lock Code on a beacon that is currently in the 0x02 Lock State, is it right?

The default Lock Code will be choosen by the beacon manufacturer? If YES, each manufacturer will have a custom (maybe different) default Lock Code and only their configuration apps will know how to treat these situations (this is just to say that it will be difficult to have a single app able to configure the Eddystone GATT completely).

[mashbridge]

A general utility app (such as Nordic's nRF Master Control Panel or the Beacon Tools iOS and Android apps) must ask the user to enter the lock code. It's a little ungainly asking a human to type in 32 hex characters, but at least it can be cached and reused, unless the user wants to change it to something else.